The Modern Internet

Stanford CS 249i, Fall 2021

CS249i is an advanced networking course that covers how the Internet has evolved and operates today. Topics include modern Internet topology and routing practices, recently introduced network protocols, popular content delivery strategies, and pressing privacy, security, and abuse challenges. The course consists of a mixture of lecture, guest talks, and investigative projects where students will analyze how Internet operates in practice.

Course Information

Lecture: Mon/Wed 1:30–2:50 PM. Via Zoom.

Instructor: Zakir Durumeric
Office Hours: Monday 3:00–4:00 PM, or by appointment. Gates 280.

Course Assistant: TBA. Office hours by appointment.

Prerequisites: This course assumes a basic understanding of networking topics, including protocols like Ethernet, IP, and TCP, as well as routing concepts and socket programming. This is not an introductory networking course and students should first take Stanford CS 144, EE 284, or equivalent. For a refresher, consider "Computer Networking: A Top-Down Approach" by J. Kurose and K. Ross or "Computer Networks: A Systems Approach" by L. Peterson and B. Davie. Projects will be implemented in Go.

Communication: We use Ed for announcements and discussion. Students can submit anonymous feedback at any time.

Submissions: All course assignments should be submitted through Gradescope. Enrollment code: TBA.


The tentative schedule and readings for the class are below:

9/14  Introduction and Internet Players

Course introduction. Quick BGP, ASN refresher. Tier 1 Definition. Who are the Tier 1s? IXPs. Transit vs. Peering. Peering Policies, transit costs.

9/16  Internet Topology Evolution

Evolution of Internet Topology, increased role of cloud and last mile providers. Submarine links. Netflix– Comcast dispute. Content Centralization.

9/21  Modern Routing Practices

BGP, MPLS, Private Peerings, RPKI, BGP hijacking, Black- holing, BGP Communities, ASNs

9/23  Host and Network Addressing

IPv4 vs. IPv6. Deep dive on IPv6. IP Allocation Patterns, Fake MACs. MAC rotation.

9/28  Internet Governance

IANA, RIRs, ICANN. IPv4 Open Market, Pricing, Sales

9/30  Last-Mile Internet Access

Mobile, Satellite, Last-mile Residential technology. Inter- net access/inequity.

10/5  Guest Speaker (TBA)

10/7  Modern DNS

DNS, DNSSEC, Load Balancing, DNS Failure Modes. EDNS.

10/12  Content Delivery Strategies

Mechanics of CDN: multicast, anycast, POPs, protocols

10/14  Video Encoding and Delivery

10/19   Guest Speaker—Delivery

10/21  Modern Web Protocols

HTTP/2, HTTP/3. (g)QUIC. Pipelining. gRPC.

10/26  Websites, Content, and Ads

GDPR, Third-party assets, Ads, Real time bidding. SPA, Server Push, WASM, WebAuthn.

10/28 Encryption and Trust

HTTPS, Lessons from TLS 1.0–1.2, TLS 1.3, HPKP, HSTS, Certificate Transparency. Let’s Encrypt and ACME Protocol

11/2  eCrime, Bulletproof hosting, Spam

11/4   Attacks, DDoS, Internet Scanning

11/9  Middleboxes and Death of End-to-End

11/11   Guest Speaker—Censorship

11/16  Messaging and Privacy

Snowden Revelations. Ubiquitous Encryption. Signal + MPLS. imessage attacks.

11/18  Student Choice of Topic

Attendance required. No assigned reading.

Course Structure

This course is composed of lecture and discussion, several empirical projects, and a final exam. Grading will be based on the following components. Students should submit all reports through Gradescope by 11:59PM on the day of each deadline.

Project 1: Routing and Topology (25%)

Students will BGP peer onto the public-Internet using a software-router (GoBGP). From there, students will analyze the routing table they receive to understand real-world peering relationships, determine the Tier-1 providers on the Internet, and understand where BGP/MPLS is used. [more information]

Project 2: Web and Content Delivery (25%)

While reading a few formative papers helps demonstrate how a subfield started, it oftentimes leaves us wondering how the area has evolved. To fill this gap, pairs of students will read 3-4 more recent papers and provide a 20 minute presentation about the current state of a research area at the start of one class. [more information]

Project 3: Security, Privacy, and Abuse (25%)

The third project will consist of three parts: (1) analyzing data from a series of honeypots and a large passive network telescope to uncover DDoS attacks and real-world scanning behavior, (2) analyze Censys Internet scan data to understand real-world service deployment, and (3) analyze certificate authorities found in Public Certificate Transparency servers to understand what organizations we trust to sign certificates for websites. [more information]

Final Exam (25%)

There will be a short final exam that covers material taught in the class, guest speakers, and techniques from the three course projects.