Slides About Systems

Slides About Systems

Duke Systems Network Servers: URIs, HTTP, RPC Jeff Chase Duke University Heap manager Hours spent for 90+ points: 4, 4, 5, 6, 6, 8, 10, 10, 10, 10, 12, 20, 20+, 24, 40, 65 If it were a contest, winners are: 13 students: 92-93% success rate on canned test

Tyler Nisonoff: consumes half the CPU as runner up, 92% Ben Berg Tamara Silbergleit Ang Li Kuang Han Matthew Tse MacOS X tiny heap MacOS X small heap Heap manager: lessons

Real heap managers are more complex: They maintain multiple free lists for different size blocks. And possibly different data structures for different size blocks. Be sure that you understand why. Debugging takes a lot of time and doesnt teach you much and forces you to sit in front of a computer which is unhealthy and painful and frustrating when you could be outside in sunlight and fresh air. Thought question: what do you wish we had told you? End-to-end application delivery Where is your application? Where is your data?

Where is your OS? Cloud and Software-as-a-Service (SaaS) Rapid evolution, no user upgrade, no user data management. Agile/elastic deployment on virtual infrastructure. Services service RPC content provider

GET (HTTP) etc. Clients initiate connection and send requests. Server listens for and accepts clients, handles requests, sends replies

Networking endpoint port operations advertise (bind) listen connect (bind) close channel binding connection

node A write/send read/receive node B Some IPC mechanisms allow communication across a network. E.g.: sockets using Internet communication protocols (TCP/IP). Each endpoint on a node (host) has a port number. Each node has one or more interfaces, each on at most one network. Each interface may be reachable on its network by one or more names. E.g. an IP address and an (optional) DNS name.

A simple, familiar example GET /images/fish.gif HTTP/1.1 URL URIs and URLs [image: msdn.microsoft.com] Android content providers: URIs Define the provider's authority string, its content URIs, and column names.To avoid conflicts with other providers, you

should use Internet domain ownership (in reverse) as the basis for Android package namesdefine your provider authority as an extension of the name of the package containing [it] Developers usually create content URIs from the authority by appending paths that point to individual tables By convention, providers offer access to a single row in a table by accepting a content URI with an ID value for the row at the end of the URI. [images from http://www.tutos-android.com/contentprovider-android] Taking it to the net The network stack NFS

NFS (files) (files) HTTP HTTP (web) (web) SMTP SMTP (email) (email)

SSH SSH (login) (login) RPC RPC Applications Abstraction UDP UDP

Transport (L4) TCP TCP Network packet (L3) IP IP Ethernet Ethernet

ATM ATM PPP PPP Interfaces RPC call return return

call Client stub Server stub send recv send recv

RPC: Language Integration Stubs link with the client/server code to hide the boundary crossing. Marshal arguments/results Propagate exceptions Binding: need some way to name the server Stubs are auto-generated from an Interface Description Language (IDL) file. RPC Execution How is this different from a local procedure

call? How is it different from a system call? The network stack, simplified Internet client host Internet server host Client User code Server

TCP/IP Kernel code TCP/IP Sockets interface (system calls) Hardware interface (interrupts) Network adapter

Hardware and firmware Global IP Internet Network adapter Web services HTTP is the standard for web systems. GET, PUT, POST, DELETE Various standards and styles layer above it.

The Android content provider URI form is in the style of REST, as used in popular SaaS frameworks. Whats important is that the URI/URL authority always has the info to bind a channel to the server. Translate domain name to an IP address and port using DNS service (later). The URI path is interpreted by the server: it may encode the name of a file on the server, or a program entry point and arguments, or Web-oriented architecture

CRUD TCP/IP connection socket Client socket TCP byte-stream connection (128.2.194.242, 208.216.181.15) Client host address

128.2.194.242 Server Server host address 208.216.181.15 [adapted from CMU 15-213] TCP/IP connection Client socket address 128.2.194.242:51213

Client Server socket address 208.216.181.15:80 Connection socket pair (128.2.194.242:51213, 208.216.181.15:80) Client host address 128.2.194.242 Server (port 80) Server host address

208.216.181.15 Note: 80 is a well-known port associated with Web servers Note: 51213 is an ephemeral port allocated by the kernel [adapted from CMU 15-213] TCP/IP Ports What port number to connect to? We have to agree on well-known ports for common services Look at /etc/services

Ports 1023 and below are reserved This port abstraction is an Internet Protocol (L4) concept. Source/dest port is named in every packet. Kernel looks at port to demultiplex incoming traffic. Clients need a return port, but it can be an ephemeral port assigned dynamically by the kernel. Packet demultiplexing WebServer Flow Create ServerSocket TCP socket space

connSocket = accept() read request from connSocket 128.36.232.5 128.36.230.2 state: listening address: {*.6789, *.*} completed connection queue: sendbuf: recvbuf:

state: established address: {128.36.232.5:6789, 198.69.10.10.1500} sendbuf: recvbuf: read local file write file to connSocket close connSocket state: listening address: {*.25, *.*}

completed connection queue: sendbuf: recvbuf: Discussion: what does step do and how long does it take? Server listens on a socket struct sockaddr_in socket_addr; sock = socket(PF_INET, SOCK_STREAM, 0); int on = 1; setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof on); memset(&socket_addr, 0, sizeof socket_addr); socket_addr.sin_family = PF_INET;

socket_addr.sin_port = htons(port); socket_addr.sin_addr.s_addr = htonl(INADDR_ANY); if (bind(sock, (struct sockaddr *)&socket_addr, sizeof socket_addr) < 0) { perror("couldn't bind"); exit(1); } listen(sock, 10); Accept loop while (1) { int acceptsock = accept(sock, NULL, NULL); char *input = (char *)malloc(1024*sizeof (char)); recv(acceptsock, input, 1024, 0); int is_html = 0;

char *contents = handle(input,&is_html); free(input); send response close(acceptsock); } Send HTTP/HTML response const char *resp_ok = "HTTP/1.1 200 OK\nServer: BuggyServer/1.0\n"; const char *content_html = "Content-type: text/html\n\n"; send(acceptsock, resp_ok, strlen(resp_ok), 0); send(acceptsock, content_html, strlen(content_html), 0); send(acceptsock, contents, strlen(contents), 0); send(acceptsock, "\n", 1, 0); free(contents);

Anatomy of an HTTP Transaction unix> telnet www.aol.com 80 Trying 205.188.146.23... Connected to aol.com. Escape character is '^]'. GET / HTTP/1.1 host: www.aol.com Client: open connection to server Telnet prints 3 lines to the terminal Client: request line Client: required HTTP/1.1 HOST header

Client: empty line terminates headers. HTTP/1.0 200 OK Server: response line MIME-Version: 1.0 Server: followed by five response headers Date: Mon, 08 Jan 2001 04:59:42 GMT Server: NaviServer/2.0 AOLserver/2.3.3 Content-Type: text/html Server: expect HTML in the response body Content-Length: 42092 Server: expect 42,092 bytes in the resp body Server: empty line (\r\n) terminates hdrs Server: first HTML line in response body

... Server: 766 lines of HTML not shown. Server: last HTML line in response body Connection closed by foreign host. Server: closes connection unix> Client: closes connection and terminates [CMU 15-213] A Short Quiz: HTTPS/SSL 1. What is the most important advantage of symmetric crypto (DES) relative to asymmetric crypto (RSA)? 2. What is the most important advantage of asymmetric

crypto relative to symmetric crypto? 3. What is the most important limitation/challenge for asymmetric crypto with respect to security? 4. Why does SSL change ciphers during the handshake? 5. How does SSL solve the key distribution problem for symmetric crypto? 6. Is key exchange vulnerable to man-in-the-middle attacks?

Recently Viewed Presentations

  • Keeping Children Safe in Early Care and Education

    Keeping Children Safe in Early Care and Education

    Cut food in small pieces. ¼ inch or smaller (infants) ½ inch or smaller (toddlers) For children with teeth, food selection should be different. If the child has his/her molars, it's a good indication that the child will be able...
  • Women in the History of The First Congregational Church of ...

    Women in the History of The First Congregational Church of ...

    Women in the History of The First Congregational Church of Greenwich (pre 1990) A talk given January 20, 2016 by Pat Larrabee, church Historian. Women in our stained glass windows. Women on our Staff. Music. Church Secretaries
  • Perkutánní Léčba Maligní Obstrukční Žloutenky

    Perkutánní Léčba Maligní Obstrukční Žloutenky

    Perivaskulárně „čistý tuk" (hallo), „stranding", venózní přeplnění, retrakce mesenteria, kalcifikace, časti „poddiagnostikované" Desmoidní tumor Agresivní fibromatózní tumor
  • AMERICAN PHYSIOLOGICAL SOCIETY EDUCATION COMMITTEE Refresher Course 2002:

    AMERICAN PHYSIOLOGICAL SOCIETY EDUCATION COMMITTEE Refresher Course 2002:

    AMERICAN PHYSIOLOGICAL SOCIETY EDUCATION COMMITTEE Refresher Course 2002: Recent Advances in Neuroscience Stem Cells, Growth Factors and Neurodegeneration
  • Gifting Using Gifting to discover the power of

    Gifting Using Gifting to discover the power of

    Title: No Slide Title Author: Manulife Emplyee Last modified by: Polla Bilodeau Created Date: 7/22/1999 3:30:36 PM Document presentation format: On-screen Show
  • IPR Protection in India - ibef.org

    IPR Protection in India - ibef.org

    IPR Protection in India Structure of the Presentation An Overview -The IP Laws of India & its TRIPS Compliance The IP Offices in India Nodal Agencies & Facilitation agencies The Road Ahead An Overview -The IP Laws of India &...
  • Cryptography K-12 Partner School Initiative

    Cryptography K-12 Partner School Initiative

    With billions of dollars being lost , the need for business to invent in cyber security is essential for all companies. Even big companies like JPMorgan Chase, Home Depot, Target are at high risk from the intruders. Ultimately , all...
  • Noclar - Ifac

    Noclar - Ifac

    A right (vs. a duty) to override confidentiality to serve the public interest. A less prescriptive approach to the guidance. No limitation on the type of reportable non-compliance. Two separate thresholds for actions. Understand the matter if it is other...