44 CHAPTER 2 Network Implementation Models does OS protection get tossed out of the window? Answers to these tantalizing questions are postponed to Chapter 6. 2.5 SUMMARY This chapter is best sampled based on the reader's needs. Structurally, the chapter works its way through four abstraction levels that affect performance: hardware, architecture, operating systems, and protocols. Viewing across abstraction levels is helpful because packet-processing speeds can be limited by transistor paths implementing packet processing, by architectural limits such as bus speeds, by OS abstraction overheads such as system calls, and finally even by protocol mechanisms. Several examples, which look ahead to the rest of the book, were described to show that performance can be improved by understanding each abstraction level. Designers that consider all four abstraction levels for each problem will soon be lost in detail. However, there are a few important performance issues and major architectural decisions for which simultaneous understanding of all abstraction levels is essential. For example, the simple models given in this chapter can allow circuit designers, logic designers, architects, microcoders, and software protocol implementors to work together to craft the architecture of a world-class router. They can also allow operating system designers, algorithm experts, and application writers to work together to design a world-class Web server. As link speeds cross 40 Gbps, such interdisciplinary teams will become even more important. This need is alluded to by Raymond Kurzweil in a different context [Kur]: There's another aspect of creativity. We've been talking about great individual contrib- utors, but when you're creating technology it's necessarily a group process, because technology today is so complex that it has to be interdisciplinary. . . . And they're all essentially speaking their own languages, even about the same concepts. So we will spend months establishing our common language. . . . I have a technique to get people to think outside the box: I'll give a signal-processing problem to the linguists, and vice versa, and let them apply the disciplines in which they've grown up to a completely different problem. The result is often an approach that the experts in the original field would never have thought of. Group process gives creativity a new dimension. With fields like hardware implementation and protocol design replacing signal processing and linguistics, Kurzweil's manifesto reflects the goal of this chapter. 2.6 EXERCISES 1. TCP Protocols and Denial-of-Service Attacks: A common exploit for a hacker is to attempt to bring down a popular service, such as Yahoo, by doing a denial-of-service (DOS) attack. A simple DOS attack that can be understood using the simple TCP model of Figure A.1 is TCP Syn-Flooding. In this attack, the hacker sends a number of SYN packets to the chosen destination D (e.g., Yahoo) using randomly chosen source addresses. D sends back a SYN-ACK to the supposed source S and waits for a response. If S is not an active IP address, then there will be no response from S. Unfortunately, state for S is kept in a pending connection queue at D until D finally times out S. By periodically sending bogus connection attempts pretending to be from different sources,