CS249i is an advanced networking course that covers how the Internet has evolved and operates today. Topics include modern Internet topology and routing practices, recently introduced network protocols, popular content delivery strategies, and pressing privacy, security, and abuse challenges. The course consists of a mixture of lectures, guest talks, and investigative projects where students analyze how the Internet operates in practice.
Lecture: Mon/Wed 3:00–4:20 PM. 200-205. Lectures will not be recorded.
Instructor: Zakir Durumeric
Office Hours: Monday 4:30–5:00 PM, or by appointment. Gates 432.
Course Assistants: Kimberly Ruth and Gerry Wan.
Office Hours: Thursday 4:00–5:00pm (Kimberly), or by appointment. Gates 434.
Prerequisites: This is an advanced networking course and we assume that students have a basic understanding of networking, including protocols like Ethernet, IP, and TCP, as well as routing concepts and socket programming. Students should first take Stanford CS 144, EE 284, or equivalent. For a refresher, consider "Computer Networking: A Top-Down Approach" by J. Kurose and K. Ross or "Computer Networks: A Systems Approach" by L. Peterson and B. Davie. Projects will be implemented in Go.
Communication: We use Ed for announcements and discussion. Students can submit anonymous feedback at any time.
Submissions: All course assignments should be submitted through Gradescope. Enrollment code: 6G62E6.
The tentative schedule and readings for the class are below:
Course introduction. BGP, ASN, and ISP refresher. Transit vs. Peering.
Tier 1 Definition. Who are the Tier 1s? IXPs. Peering Policies. Transit costs.
No class.
Internet Topology Evolution, increased role of cloud and last mile providers. Netflix–Comcast dispute. Content Centralization.
MPLS, Remote Peerings, RPKI, BGP hijacking, Blackholing, BGP Communities
[Gautam Akiwate] DNS, DNSSEC, Load Balancing, DNS Failure Modes. EDNS. Problems.
[Gautam Akiwate] Ecosytem Players (Registrars, Registrant, Registry). Security. Attacks.
IPv4 vs. IPv6. Deep dive on IPv6. IP Allocation Patterns, MAC rotation. L3-L4 Privacy.
HTTP/1.x, HTTP/2
QUIC, HTTP/3, Third-party content, Regulation (GDPR)
[Gerry Wan] Mobile, Satellite, Last-mile Residential technology. Internet access/inequity. 5G.
IANA, RIRs, ICANN. IPv4 Open Market, Pricing, and Sales. .org dispute.
No class.
[Kimberly Ruth] What Internet security problems still plague us? Where do attacks originate?
WebPKI. Certificates. Certificate Transparency. Let’s Encrypt and ACME Protocol
HTTPS, Lessons from TLS 1.0–1.2, TLS 1.3, HPKP, and HSTS.
[Deepak Kumar] ⚠️ Remote Zoom Lecture! What does global censorship look like? How is content censored?
[Liz Izhikevich] ⚠️ Remote Zoom Lecture! Mechanics of CDN: multicast, anycast, POPs, protocols
This course is composed of lecture and discussion, several empirical projects, and a final exam. Please start on projects as soon as possible after assignment. Several projects require running long-running processes to collect data and simply cannot be run at the last minute. Grading will be based on the following components.
Project 1: Routing and Topology [pdf] (25%)
Students will BGP peer onto the public-Internet using a
software-router (GoBGP). From there, students will analyze the
routing table they receive to understand real-world peering
relationships, determine the Tier-1 providers on the Internet, and
understand where BGP/MPLS is used.
Assigned 1/12. Parts 1-2 due 1/26, Part 3 due 2/2.
Project 2: Web and Content Delivery [pdf] (25%)
Students will orchestrate a headless web browser to visit the top
websites on the Internet. From there, students will document the
services and resources that make up popular websites, ultimately
uncovering the technology providers that make up the modern web.
Assigned 2/9. Parts 1-2 due 2/18, Parts 3-4 due 2/23.
Project 3: Internet Security [pdf] (25%)
The third project will consist of three parts: (1) analyzing data
from a series of honeypots to uncover real-world scanning behavior, (2) analyze
Censys Internet scan data to understand real-world service
deployment, and (3) analyze certificate authorities found in
Public Certificate Transparency servers to understand what
organizations we trust to sign certificates for websites.
Assigned 2/26. Parts 1-2 due 3/8, Part 3 due 3/15.
Final Exam (25%)
There will be a final exam that covers material taught in the class, guest speakers, and techniques from the course projects. The exam will take place via Gradescope during the Registrar assigned slot: Tuesday, March 19 at 8:30 AM. The exam will be open-note, no Internet. An alternative exam will be available only for students who have a conflicting exam, which will take place on Monday, March 18 at 8:30 AM.
Course projects should be completed in pairs (two students) that submit a single write up. Students should submit all assignments through Gradescope by 11:59PM on the day of each deadline. Project grades will be reduced by 10% every 24 hours late after the project deadline (e.g., max score is 90% for project submitted 1 hour late, 80% 25 hours late). Regrade requests must be submitted at most three days after grades are released. It is an honor code violation to consult solutions from previous offerings of the course.