A Novel Packet Marking Scheme for IP Traceback

Network Working Group S. Symington Request for Comments: 1667 MITRE Corporation Category: Informational D. Wood MITRE Corporation M. Pullen George Mason University August 1994 Modeling and Simulation Requirements for IPngStatus of this MemoThis memo provides information for the Internet community. This memo does not specify an Internet standard of any kind. Distribution ofthis memo is unlimited.AbstractThis document was submitted to the IETF IPng area in response to RFC 1550. Publication of this document does not imply acceptance by the IPng area of any ideas expressed within. Comments should besubmitted to the big-internet@munnari.oz.au mailing list.Executive SummaryThe Defense Modeling and Simulation community is a major user ofpacket networks and as such has a stake in the definition of IPng.This white paper summarizes the Distributed Interactive Simulationenvironment that is under development, with regard to its real-timenature, scope and magnitude of networking requirements. Therequirements for real-time response, multicasting, and resourcereservation are set forth, based on our best current understanding of the future of Defense Modeling and Simulation.1. IntroductionThe Internet Engineering Task Force (IETF) is now in the process ofdesigning the Next Generation Internet Protocol (IPng). IPng isexpected to be a driving force in the future of commercial off-the-shelf (COTS) networking technology. It will have a major impact onwhat future networking technologies are widely available, costeffective, and multi-vendor interoperable. Applications that haveall of their network-layer requirements met by the standard features of IPng will be at a great advantage, whereas those that don’t willhave to rely on less-widely available and more costly protocols that may have limited interoperability with the ubiquitous IPng-based COTS products.Symington, Wood & Pullen [Page 1]This paper is intended to serve as input to the IPng design effort by specifying the network-layer requirements of Defense Modeling andSimulation (M&S) applications. It is important that the M&S community make its unique requirements clear to IPng designers so thatmechanisms for meeting these requirements can be considered asstandard features for IPng. The intention is to make IPng’s benefits of wide COTS availability, multi-vendor interoperability, and cost-effectiveness fully available to the M&S community.2. Background: Overview of Distributed Interactive SimulationThe Defense Modeling and Simulation community requires an integrated, wide-area, wideband internetwork to perform Distributed InteractiveSimulation (DIS) exercises among remote, dissimilar simulationdevices located at worldwide sites. The network topology used incurrent M&S exercises is typically that of a high-speed cross-country and trans-oceanic backbone running between wideband packet switches, with tail circuits running from these packet switches to variousnearby sites. At any given site involved in an exercise, there may be several internetworked local area networks on which numeroussimulation entity hosts are running. Some of these hosts may beexecuting computer-generated semi-automated forces, while others may be manned simulators. The entire system must accommodate delays and delay variance compatible with human interaction times in order topreserve an accurate order of events and provide a realistic combatsimulation. While the sites themselves may be geographically distant from one another, the simulation entities running at different sites may themselves be operating and interacting as though they are inclose proximity to one another in the battlefield. Our goal is that all of this can take place in a common network that supports allDefense modeling and simulation needs, and hopefully is also sharedwith other Defense applications.In a typical DIS exercise, distributed simulators exchangeinformation over an internetwork in the form of standardized protocol data units (PDUs). The DIS protocols and PDU formats are currentlyunder development. The first generation has been standardized asIEEE 1278.1 and used for small exercises (around 100 hosts), anddevelopment of a second generation is underway. The currentCommunications Architecture for DIS specifies use of Internetprotocols.The amount, type, and sensitivity level of information that must beexchanged during a typical DIS exercise drives the communicationsrequirements for that exercise, and depends on the number and type of participating entities and the nature and level of interaction among those entities. Future DIS exercises now in planning extend tohundreds of sites and tens of thousands of simulation platforms Symington, Wood & Pullen [Page 2]worldwide. For example, an exercise may consist of semi-automated and individual manned tank, aircraft, and surface ship simulatorsinteracting on pre-defined geographic terrain. The actual locationsof these simulation entities may be distributed among sites locatedin Virginia, Kansas, Massachusetts, Germany, and Korea. The PDUs that are exchanged among simulation entities running at these sites mustcarry all of the information necessary to inform each site regarding everything relevant that occurs with regard to all other sites thathave the potential to affect it within the simulation. Suchinformation could include the location of each entity, its direction and speed, the orientation of its weapons systems, if any, and thefrequency on which it is transmitting and receiving radio messages.If an entity launches a weapon, such as a missile, a new entityrepresenting this missile will be created within the simulation andit will begin transmitting PDUs containing relevant information about its state, such as its location, and speed.A typical moving entity would generate between one and two PDUs persecond, with typical PDU sizes of 220 bytes and a maximum size of1400 bytes, although rates of 15 PDUs/second and higher are possible. Stationary entities must generate some traffic to refresh receivingsimulators; under the current standard this can be as little as 0.2PDUs per second. Compression techniques reducing PDUs size by 50% or more are being investigated but are not included in the current DISstandard.With so much information being exchanged among simulation entities at numerous locations, multicasting is required to minimize networkbandwidth used and to reduce input to individual simulation entities so that each entity receives only those PDUs that are of interest to it. For example, a given entity need only receive informationregarding the location, speed and direction of other entities thatare close enough to it within the geography of the simulation that it could be affected by those entities. Similarly, an entity need notreceive PDUs containing the contents of radio transmissions that are sent on a frequency other than that on which the entity is listening. Resource reservation mechanisms are also essential to guaranteeperformance requirements of DIS exercises: reliability and real-time transmission are necessary to accommodate the manned simulatorsparticipating in an exercise.M&S exercises that include humans in the loop and are executed inreal-time require rapid network response times in order to providerealistic combat simulations. For DIS, latency requirements between the output of a PDU at the application level of a simulator and input of that PDU at the application level of any other simulator in thatexercise have been defined as:Symington, Wood & Pullen [Page 3]- 100 milliseconds for exercises containing simulated unitswhose interactions are tightly coupled- 300 milliseconds for exercises whose interactions are nottightly coupled [2].The reliability of the best-effort datagram delivery servicesupporting DIS should be such that 98% of all datagrams are delivered to all intended destination sites, with missing datagrams randomlydistributed [3].While these numbers may be refined for some classes of simulationdata in the future, latency requirements are expected to remain under a few hundred milliseconds in all cases. It is also required thatdelay variance (jitter) be low enough that smoothing by buffering the data stream at the receiving simulator does not cause the statedlatency specifications to be exceeded.There are currently several architectures under consideration for the M&S network of the future. Under fully distributed models, allsimulation entities rely directly on the network protocols formulticasting and are therefore endowed with much flexibility withregard to their ability to join and leave multicast groupsdynamically, in large numbers.In some cases, the M&S exercises will involve the transmission ofclassified data over the network. For example, messages may containsensitive data regarding warfare tactics and weapons systemscharacteristics, or an exercise itself may be a rehearsal of animminent military operation. This means the data communications used for these exercises must meet security constraints defined by theNational Security Agency (NSA). Some such requirements can be met in current systems by use of end-to-end packet encryption (E3) systems. E3 systems provide adequate protection from disclosure and tampering, while allowing multiple security partitions to use the same networksimultaneously.Currently the M&S community is using the experimental Internet Stream protocol version 2 (ST2) to provide resource reservation andmulticast. There is much interest in converting to IPv4 multicast as it becomes available across the COTS base, but this cannot happenuntil IPv4 has a resource reservation capability. The RSVP workongoing in the IETF is being watched in expectation that it willprovide such a capability. Also some tests have been made of IPv4multicast without resource reservation; results have been positive,now larger tests are required to confirm the expected scalability of IPv4 multicast. But issues remain: for security reasons, some M&Sexercises will require sender-initiated joining of members to Symington, Wood & Pullen [Page 4]multicast groups. In addition, it is not clear that IPv4 multicastwill be able to make use of link-layer multicast available in ATMsystems, which the M&S community expects to use to achieve theperformance necessary for large exercises.3. M&S Requirements for IPngThe identified network-layer service requirements for M&Sapplications are set forth below in three major categories: real-time response, multicast capability, and resource reservation capability.All of these capabilities are considered to be absolute requirementsfor supporting DIS as currently understood by the M&S community,except those specifically identified as highly desirable. Bydesirable we mean that the capabilities are not essential, but theywill enable more direct or cost-effective networking solutions.It is recognized that some of the capabilities described below may be provided not from IPng but from companion protocols, e.g. RSVP andIGMP. The M&S requirement is for a compatible suite of protocolsthat are available in commercial products.a. Real-time ResponseDIS will continue to have requirements to communicate real-timedata, therefore the extent to which IPng lends itself toimplementing real-time networks will be a measure of its utilityfor M&S networking. The system-level specifications for the DISreal-time environment are stated in Section 2 above.b. MulticastingM&S requires a multicasting capability and a capability formanaging multicast group membership. These multicastingcapabilities must meet the following requirements:- Scalable to hundreds of sites and, potentially, to tens ofthousands of simulation platforms.- It is highly desirable that the network-layer multicastingprotocol be able to use the multicasting capabilities oflink-level technologies, such as broadcast LANs, Frame Relay,and ATM.- The group management mechanics must have the characteristicsthat thousands of multicast groups consisting of tens ofthousands of members each can be supported on a given networkand that a host should be able to belong to hundreds of multicast groups simultaneously.Symington, Wood & Pullen [Page 5]- Multicast group members must be able to be added to or removedfrom groups dynamically, in less than one second, at rates ofhundreds of membership changes per second. It is not possibleto predict what special cases may develop, thus this requirement is for all members of all groups.- The network layer must support options for both sender- andreceiver-initiated joining of multicast groups.c. Resource ReservationThe M&S community requires performance guarantees in supportingnetworks. This implies that IPng must be compatible with acapability to reserve bandwidth and other necessary allocations in a multicast environment, in order to guarantee network capacityfrom simulator-to-simulator across a shared network for theduration of the user’s interaction with the network. Such aresource reservation capability is essential to optimizing the use of limited network resources, increasing reliability, anddecreasing delay and delay variance of priority traffic,especially in cases in which network resources are heavily used.The resource reservations should be accomplished in such a waythat traffic without performance guarantees will be re-routed,dropped, or blocked before reserved bandwidth traffic is affected. In addition, it would be highly desirable for the resourcereservation capability to provide mechanisms for:- Invoking additional network resources (on-demand capacity)when needed.- The network to feed back its loading status to the applications to enable graceful degradation of performance.4. References[1] Cohen, D., "DSI Requirements", December 13, 1993.[2] Final Draft Communication Architecture for DistributedInteractive Simulation (CADIS), Institute for Simulation andTraining, Orlando, Florida, June 28, 1993.[3] Miller, D., "Distributed Interactive Simulation NetworkingIssues", briefing presented to the ST/IP Peer Review Panel, MITLincoln Laboratory, December 15, 1993.[4] Pate, L., Curtis, K., and K. Shah, "Communication ServiceRequirements for the M&S Community", September 1992.Symington, Wood & Pullen [Page 6][5] Pullen, M., "Multicast Network Architecture for DIS, briefingpresented to the Networks Infrastructure Task Force", GeorgeMason University, C3I Center/Computer Science, November 10, 1993, revised November 11, 1993.5. Authors’ AddressesSusan SymingtonMITRE Corporation7525 Colshire DriveMcLean, VA 22101-3481Phone: 703-883-7209EMail: susan@David WoodMITRE Corporation7525 Colshire DriveMcLean, VA 22101-3481Phone: 703-883-6394EMail: wood@J. Mark PullenComputer ScienceGeorge Mason UniversityFairfax, VA 22030Phone: 703-993-1538EMail: mpullen@Symington, Wood & Pullen [Page 7]。

第38卷　第6期2004年6月　西　安　交　通　大　学　学　报J OU RNAL OF XI′AN J IAO TON G UN IV ERSIT YVol.38　№6J un.2004一种改进的单速率三色标记器安智平1,张德运1,高　磊1,丁会宁2(1.西安交通大学电子与信息工程学院,710049,西安;2.西安交通大学西北网络中心,710049,西安)摘要:提出了一种改进的单速率三色标记算法.该算法用两个上三角矩阵表示标记器之间的令牌借用关系,在某一个标记器对应的数据流(或者聚合流)空闲时,能够把多余的令牌按照一定的概率借用给需要令牌的数据流;在某个数据流繁忙时,若发现自己目前的令牌不足,就向原来借用自己令牌的数据流索还一定的令牌.该算法能在区分服务环境下对确保传输的分组丢弃优先级进行标记.仿真结果表明,相对于原来的单速率三色标记算法,该算法能够提供较高的吞吐量.关键词:服务质量;区分服务;标记器中图分类号:TP393　文献标识码:A　文章编号:0253-987X(2004)06-0595-04Improved Single R ate Three Color MarkerA n Zhi pi ng1,Zhang Deyun1,Gao L ei1,Di ng Hui ni ng2(1.School of Electronics and Information Engineering,Xi′an Jiaotong University,Xi′an710049,China;2.Northwest Network Center,Xi′an Jiaotong University,Xi′an710049,China)Abstract:An improved Sr TCM(single rate three color marker)algorithm in which the borrow relation between two upper triangle matrices’markers is applied is proposed for marking packets in Diff Serv network.When the data flow(or aggregated flows)of a corresponding marker is idle,it permits to lend it’s superfluous tokens to other busy flows according to certain probability.When the data flow is busy,if it found itself that the tokens are not enough,it can take back some of tokens that has been lent to the other flows before.This algorithm can be used to drop the priority of the mark to assure forwarding packets in Diff Serv network.The simulation results indicate that the proposed algorithm provides higher throughput than the original Sr TCM.K eyw ords:quality of service;Dif f Serv;m arker 近年来,IETF提出了两种QoS服务模型:集成服务(Int Serv)和区分服务(Diff Serv)[1,2].由于路由器需要保存每一个数据流的状态,因此集成服务扩展性很差.相比较而言,区分服务对数据流采用先分类聚集再提供服务的方法来实现数据流的可预测性传输,它对QoS的支持粒度决定于传输服务的分级层次,各网络节点中存储的状态信息数量也正比于服务级别的数量,因此区分服务具有良好的可扩展性[3,4].在区分服务模型中有两类路由器:边界路由器和核心路由器.边界路由器处于不同的区分服务域之间,它们要保证进入一个区分服务域的流量符合区分服务区间达成的服务等级约定(SLA).该路由器首先对分组进行分类聚合处理,然后根据流量调节约定(TCA)对分组进行标记与整形.核心路由器只需要根据分组头中带有的标记来提供不同的转发服务.在标记的过程中,由度量器对每一个聚合流进行度量,然后根据约定的业务量描述对分组进行标记,即标记服务种类和优先级.收稿日期:2003-08-03.　作者简介:安智平(1972～),男,博士生;张德运(联系人),男,教授,博士生导师.　基金项目:国家“八六三”面向网络的实时多任务操作系统资助项目(863-306-ZT05-02-4).1　单速率三色标记器单速率三色标记器(Sr TCM)能够度量IP分组流,并把分组标记为绿色、黄色或红色.如果到达的分组未超过承诺突发尺寸,则把它标记为绿色;如果超过了承诺突发尺寸而未超过超额突发尺寸,则把它标记为黄色;否则,标记为红色[5].单速率三色标记器可以用在网络入口处来管制服务.单速率三色标记器有两种工作模式:色盲模式和感色模式.在色盲模式下,假定所有的分组都是未经标记的.在感色模式下,假定所有输入的分组已经被标记为绿色、黄色或红色.配置单速率三色标记器时要指定3个参数:承诺信息速率R C、承诺突发尺寸S C和超额突发尺寸S E.其中,S C和S E要大于0,并且至少应该大于等于最大的分组长度.标记器的行为由它的模式和令牌速率均为R C 的两个令牌桶C和E决定.令牌桶C的深度为S C,令牌桶E的深度为S E.令牌桶C和令牌桶E最初是满的,也就是说T(C)=S C,T(E)=S E(T(X)表示令牌桶X中的令牌数).之后,每1/R C s到达一个令牌,如果令牌桶C未满,则把该令牌放入令牌桶C中;如果令牌桶C已满而令牌桶E未满,则把该令牌放入令牌桶E中;否则,丢弃该令牌.当在时刻t到达了一个大小为B字节的分组F,可按照下面的算法步骤对该分组进行标记.(1)色盲模式:IF((T(C)—B)≥0)THENM(F)←GREENT(C)←T(C)-BEL SE IF((T(E)—B)≥0)THENM(F)←YELLOWT(E)←T(E)-BEL SEM(F)←REDEND IF其中,M(F)表示分组F的标记颜色,RED、YEL2 LOW和GREEN分别表示红色、黄色和绿色.(2)感色模式:IF((T(C)—B)≥0)&&(M(F)= GREEN)THENM(F)←GREENT(C)←T(C)-B EL SE IF((T(E)—B)≥0)&&((M(F) =GREEN)||(M(F)=YELLOW))THEN M(F)←YELLOW T(E)←T(E)-BEL SE M(F)←REDEND IF对于确保传输的每一跳行为,分组的标记颜色可以对应为分组的丢弃优先级.在单速率三色标记器中,由于各个标记器独立地处理自己的数据流,如果某个数据流暂时空闲,那么它的令牌就会被丢弃,而这时可能会导致数据流比较繁忙却无足够的令牌可用,由此造成网络带宽的浪费.因此,需要对该算法进行改进.2　改进的单速率三色标记器为了避免浪费暂时不需要的令牌,本文允许空闲数据流将令牌借给其他数据流使用.用两个n×n(n表示标记器的个数)的上三角矩阵A和B表示不同的标记器之间的令牌借用情况.A[i,j]表示标记器i的令牌桶C借用了标记器j的令牌桶C的令牌数量;B[i,j]表示标记器i的令牌桶E借用了标记器j的令牌桶E的令牌数量.A[i,j]和B[i, j]的元素都是整数,如果元素的值大于0,表示标记器i借用了标记器j的A[i,j]个令牌;如果小于0,表示标记器j借用了标记器i的|A[i,j]|个令牌.假定系统中目前有n个标记器,每一个标记器分别对应于一个数据流(单个流或者聚合流),标记器i的承诺信息速率为R C[i],令牌桶分别为C[i]和E[i],相对应的承诺突发尺寸和超额突发尺寸分别为S C[i]和S E[i].对于所有的标记器,令牌桶在最初都是满的,也就是说T(C[i])=S C[i],T(E[i])=S E[i],i= 1,…,n.之后,T(C[i])会每秒钟增加R C[i]次,每次增加1,最大不超过S C[i].在增加令牌前,如果发现令牌桶C[i]已满,则把该令牌按照一定的概率借给其他的标记器的令牌桶C使用.为了防止某个数据流为了获得额外的令牌而总是以较高的速率发送,限制它借用的令牌不能超过它自己的令牌桶深度.标记器i的C令牌桶借用令牌数的计算式为L(C[i])=∑i-1j=1A[j,i]-∑nj=i+1A[i,j](1) 标记器i的E令牌桶借用的令牌数的计算式为695西　安　交　通　大　学　学　报 第38卷　L (E[i ])=∑i -1j =1B [j ,i ]-∑nj =i +1B [i ,j ](2) 假如当前的令牌要放入令牌桶C[m ],但是该令牌桶已满,而相对应的令牌桶E[m ]未满,也就是说T (C[m ])=S C [m ]且T (E[m ])<S E [m ],那么就以概率P E =1-T (E[m ])S E [m ](3)把该令牌放入该标记器的令牌桶E 内,以(1-P E )的概率将该令牌借用给其他的标记器.确定把令牌借用给其他标记器后,再以概率p C (i )=S C [i ]-T (C[i ])∑k ∈{x|L (C[x ])<S C[x ]}(S C [k ]-T (C[k ]))i ∈{x |L (C[x ])<S C [x ]}(4)放入令牌桶C[i ]中.假如按式(4)的计算结果把该令牌最终放入了标记器i 的令牌桶C 中,那么需要更新矩阵A 的值,更新公式为A [m ,i ]=A [m ,i ]+1,　m <i A [i ,m ]=A [i ,m ]-1,　m >i(5)如果T (E[m ])=S E [m ],说明令牌桶E[m ]也是满的;集合{x |L (C [x ])<S C [x ]}为空,说明目前所有标记器的C 令牌桶都是满的,因此需要把该令牌借给某个标记器的E 令牌桶,并以概率p E (i )=S E [i ]-T (E[i ])∑k ∈{x|L (E[x ])<S E[x ]}(S E [k ]-T (E[k ]))i ∈{x |L (E[x ])<S E [x ]}(6)把该令牌放入令牌桶E[i ]中.假如按式(6)的计算结果把该令牌最终放入了标记器i 的令牌桶E 中,那么需要更新矩阵B 的值,更新公式为B [m ,i ]=B [m ,i ]+1,　m <i B [i ,m ]=B [i ,m ]-1,　m >i(7)如果所有的令牌桶获得该令牌的概率都是0,就表示要么其余标记器的令牌桶E 已经借用了过多的令牌,要么令牌桶已经满了,就只有丢弃该令牌.当一个大小为B 字节的分组F 到达标记器i 且等待标记时,首先要对令牌桶进行借用调整,调整的步骤如下.(1)检查令牌桶C [i ]中是否有足够的令牌数,如果是,说明不需要调整,转步骤(7);否则继续.(2)检查令牌桶C[i ]借出的令牌数加上目前的令牌数是否是足够的,如果不够,转步骤(4);否则继续.(3)对令牌桶C[i ]的令牌数进行调整,然后转步骤(7).(4)检查令牌桶E[i ]是否有足够的令牌数,如果是,转步骤(7);否则继续.(5)检查令牌桶E[i ]借出的令牌数加上目前的令牌数是否是足够的,如果是,转步骤(6);否则转步骤(7).(6)对令牌桶E[i ]的令牌数进行调整.(7)调整结束.对令牌桶C[i ]的调整,实际上就是收回C[i ]原来借出的令牌,也就是从原来借了C[i ]令牌的令牌桶中拿出一些令牌再放回令牌桶C[i ]中.具体的归还数量按照原来借用数量的比例分配,如果某个令牌桶目前的令牌数量少于它借用的数量,那么它暂不参与令牌的调整.如果所有的令牌桶都没有足够的令牌参与调整,就跳过令牌调整操作.令牌桶C[k ]应该归还的令牌数量为Z (C[k ])=L (C[k ])∑j ∈{x|L (P[x ])<T (C[x ])}L (C[j ])(B -T (C[i ])),　k ∈{x |L (P[x ])<T (C[x ])}(8)按照式(8)的计算结果,从令牌桶C[k ]中拿出一定量的令牌放入令牌桶C[i ],并按A [k ,i ]=A [k ,i ]+Z (C[k ]),　k <iA [i ,k ]=A [i ,k ]-Z (C[k ]),　k >i (9)更新矩阵A ,这样就完成了对令牌桶C 的调整.令牌桶E 的调整过程与令牌桶C 的调整过程相类似.令牌桶调整结束后,再对分组进行标记,标记的过程与原单速率三色标记算法相同.3　仿真试验与分析IETF 在RFC2957中定义了4类转发行为,即AF1、AF2、AF3和AF4,每一类中又定义了3种丢弃优先级别[6].下面在OPN ET8环境下的仿真试验中,分别用改进的标记算法和原来的单速率三色标记算法对分组进行优先级标记,红色、黄色和绿色分别对应丢弃的优先级别的高、中和低.仿真模型如图1所示,其中的4个客户端分别对应一个数据流,边界路由器对数据流分组进行标记,核心路由器负责根据标记对分组转发.核心路由器的转发能力为10Mb/s .客户1～客户4的数据分别是以平均速率为400kb/s 、600kb/s 、1Mb/s 和2Mb/s 的UDP 视795　第6期 安智平,等:一种改进的单速率三色标记器图1　改进的单速率三色标记器仿真模型频流.表1是没有背景流量时,采用原始标记算法和改进标记算法得到的流量数据.表2是在核心路由器上加了一个4Mb/s的背景流量后得到的流量数据.从表1和表2可知,不论是在轻载还是重载情况下,改进的算法都能够获得较高的吞吐量.在没有背景流量时,数据流编号4获得了超过R C的流量,这是因为核心路由器比较空闲,标记为高丢弃优先级的分组也可转发.从表2可知,当核心路由器繁忙时(有背景流量时),即使客户4仍然以高于R C的速率发送分组,但获得的流量没有超过R C,这说明改进的算法虽然允许令牌借用,但仍然表1　无背景流量时的流量数据数据流编号f/kb・s-1R C/kb・s-1R′C/kb・s-1f orig/kb・s-1f impr/kb・s-1 140040048037239126006007205615783100010001200922962420001500180016231742 注:f为原始流量;R C为承诺信息速率;R′C为承诺峰值速率;f orig为原始标记算法下的流量;f impr为改进的标记算法下的流量.表2　有背景流量时的流量数据数据流编号f/kb・s-1R C/kb・s-1R′C/kb・s-1f orig/kb・s-1f impr/kb・s-1 140040048030635426006007204425283100010001200732840420001500180010871317 注:f为原始流量;R C为承诺信息速率;R′C为承诺峰值速率;f orig为原始标记算法下的流量;f impr为改进的标记算法下的流量.能够防止恶意数据流使用过多的带宽.4　结　论本文描述了一种改进的单速率三色标记算法.该算法能够在一个数据流或者聚合流空闲时把令牌分发给令牌不够用的数据流;当该数据流突发时,如果令牌不够用,可以收回以前分发给其他数据流的令牌.该算法通过动态调整令牌可减少令牌的浪费,提高数据流的吞吐量,从而提高了网络的利用率.通过仿真试验验证了该算法不论是在轻载时还是重载时,都能提供较高的吞吐量.参考文献:[1]　Beherr L.Multimedia networks issues and challenges[J].Computer,1995,28(4):68～69.[2]　Stallings W.High2speed networks and Internet:perfor2mance and quality of service[M].Beijing:China Ma2 chine Press,2002.485～491.[3]　RFC1633-1994,Integrated services in the Internet ar2chitecture:an overview[S].[4]　RFC2475-1998,An architecture for differentiated ser2vices[S].[5]　RFC2697-1999,A single rate three color marker[S].[6]　RFC2957-1999,Assured forwarding PHB group[S].(编辑　苗　凌)895西　安　交　通　大　学　学　报 第38卷　。

Chapter 5 The Link Layer and Local Area Network1．A ( ) protocol is used to move a datagram over an individual link.A application-layerB transport-layerC network-layerD link-layer2．The units of data exchanged by a link-layer protocol are called ( ).A datagramsB framesC segmentsD messages3．Which of the following protocols is not a link-layer protocol? ( )A EthernetB PPPC HDLCD IP4．In the following four descriptions, which one is not correct? ( )A link-layer protocol has the node-to-node job of moving network-layer datagrams over a single link in the path.B The services provided by the link-layer protocols may be different.C A datagram must be handled by the same link-layer protocols on the different links in the path.D The actions taken by a link-layer protocol when sending and receiving frames include error detection, flow control and random access.5．Which of the following services can not offered by a link-layer protocol? ( )A congestion controlB Link AccessC Error controlD Framing6．( ) protocol serves to coordinate the frame transmissions of the many nodes when multiple nodes share a single broadcast link.A ARPB MACC ICMPD DNS7．In the following four descriptions about the adapter, which one is not correct? ( )A The adapter is also called as NIC.B The adapter is a semi-autonomous unit.C The main components of an adapter are bus interface and the link interface.D The adapter can provide all the link-layer services.8．Consider CRC error checking approach, the four bit generator G is 1011, and suppose that the data D is 10101010, then the value of R is().A 010B 100C 011D 1109．In the following four descriptions about random access protocol, which one is not correct? ( )A In slotted ALOHA, nodes can transmit at random time.B In pure ALOHA, if a frame experiences a collision, the node will immediately retransmit it with probability p.C The maximum efficiency of a slotted ALOHA is higher than a pure ALOHA.D In CSMA/CD, one node listens to the channel before transmitting.10．In the following descriptions about MAC address, which one is not correct? ( )A The MAC address is the address of one node ' s adapter.B No two adapters have the same MAC address.C The MAC address doesn ' t change no matter where the adapter goes.D MAC address has a hierarchical structure.11．The ARP protocol can translate ( ) into ( ). ( )A host name, IP addressB host name, MAC addressC IP address, MAC addressD broadcast address, IP address12．The value of Preamble field in Ethernet frame structure is ( )A 10101010 10101010 ……10101010 11111111B 10101011 10101011 ……10101011 10101011C 10101010 10101010 …… 10101010 10101011D 10101010 10101010 …… 10101010 1010101013．There are four steps in DHCP, the DHCP server can complete ().A DHCP server discoveryB DHCP server offersC DHCP requestD DHCP response14．In CSMA/CD, the adapter waits some time and then returns to sensing the channel.In the following four times, which one is impossible? ( )A 0 bit timesB 512 bit timesC 1024 bit timesD 1028 bit times1 5．The most common Ethernet technologies are 10BaseT and 100BaseT. “10”and “ 100” indic(ate).A the maximum length between two adaptersB the minimum length between two adaptersC the transmission rate of the channelD the transmission rate of the node16．The principal components of PPP include but not( ).A framingB physical-control protocolD network-layer protocol17．In the following four options, which service can not be provided by switch? ( ) A filteringB self-learningC forwardingD optimal routing18．In the following four services, which one was be required in PPP? ( )A packet framingB error detectionC error correctionD multiple types of link19．The ability to determine the interfaces to which a frame should be directed, and then directing the frame to those interfaces is( ).A filteringB forwardingC self-learningD optimal routing20．In ( ) transmission(s), the nodes at both ends of a link may transmit packets at the same time.A full-duplexB half-duplexC single-duplexD both full-duplex and half-duplex21．Consider the data D is 01110010001, if use even parity checking approach, the parity bitis(①),if use odd parity check ing approach, the parity bit is(②).() A ①0 ②1B ①0 ②0C ①1 ②1D ①1 ②022．In the following four descriptions about parity checks, which one is correct? ( ) A Single-bit parity can detect all errors.B Single-bit parity can correct one errors.C Two-dimensional parity not only can detect a single bit error, but also can correct that error.D Two-dimensional parity not only can detect any combination of two errors, but also can correct them.23．MAC address is ( ) bits long.A 32B 48C 128D 6424．Wireless LAN using protocol ( ).A IEEE 802.3B IEEE 802.4C IEEE 802.5D IEEE 802.1125．The following protocols are belonging to multiple accessprotocols except for ( ).A channel partitioning protocolsC random access protocolsD taking-turns protocols26．Which of the following is not belonging to channel partitioning protocols? ( )A CSMAB FDMC CDMAD TDM27．In the following four descriptions about CSMA/CD, which one is not correct?( )A A node listens to the channel before transmitting.B If someone else begins talking at the same time, stop talking.C A transmitting node listens to the channel while it is transmitting.D With CSMA/CD, the collisions can be avoided completely.28．( ) provides a mechanism for nodes to translate IP addressesto link-layer address.A IPB ARPC RARPD DNS29．A MAC address is a ( )address.A physical-layerB application-layerC link-layerD network-layer30．Which of the following is correct? ( )A No two adapters have the same MAC address.B MAC broadcast address is FF-FF-FF-FF-FF-FF.C A portable computer with an Ethernet card always has the same MAC address, no matter where the computer goes.D All of the above31．In the following four descriptions, which one is not correct? ( )A ARP resolves an IP address to a MAC address.B DNS resolves hostnames to IP addresses.C DNS resolves hostnames for hosts anywhere in the Internet.D ARP resolves IP addresses for nodes anywhere in the Internet.32．In the LAN, ( )protocol dynamically assign IP addresses to hosts. A DNSB ARPC DHCPD IP33.DHCP protocol is a four-step process①DHCP request.② DHCP ACK.③DHCP server discovery.® DHCP server offer(s). The correct seque nee is ()A ①②③④B ③②①④C ③④①②D ①④③②34.In the Ethernet frame structure, the CRC field is ( )bytes.A 2B4C 8D 3235.In the Ethernet frame structure, the Data field carries the ( ).A IP datagramB segmentC frameD message36.In the following four descriptions, which one is not correct? ( )A Ethernet uses baseband transmission.B All of the Ethernet technologies provide connection-oriented reliable service to the network layer.C The Ethernet 10Base2 technology uses a thin coaxial cable for the bus.D The Ethernet 10BaseT technology uses a star topology.37.Ethernet 's multiple access protoc(ol is).A CDMAB CSMA/CDC slotted ALOHAD token-passing protocol38.In the following four descriptions about CSMA/CD, which one is not correct? ( )A An adapter may begin to transmit at any time.B An adapter never transmits a frame when it sensesthat some other adapter is transmitting.C A transmitting adapter aborts its transmission as soon as it detects that another adapter is also transmitting.D An adapter retransmits when it detects a collision.39.Which of the following descriptions about CSMA/CD is correct? ( )A No slots are used.B It uses carrier sensing.C It uses collision detection.D All of the above.40.The Ethernet 10BaseT technology uses( )as its physical media.A fiber opticsB twisted-pair copper wireC coaxial cableD satellite radio channel41．For 10BaseT, the maximum length of the connection between an adapter and the hub is ( )meters.A 100B 200C 500D 1042．A ( )is a physical-layer device that acts on individual bits rather than on frames. A switchC routerD gateway43．A hub is a ( )device that acts on individual bits rather than on frames. A physical-layerB link-layerC network-layerD ransport-layer44．A switch is a( )device that acts on frame.A physical-layerB link-layerC network-layerD transport-layer45．In the following four descriptions, which one is not correct? ( )A Switches can interconnect different LAN technologies.B Hubs can interconnect different LAN technologies.C There is no limit to how large a LAN can be when switches are used to interconnect LAN segments.D There is restriction on the maximum allowable number of nodes in a collision domain when hubs are used to interconnect LAN segments.46．The ability to determine whether a frame should be forwarded to some interface or should just be dropped is ( ).A filteringB forwardingC self-learningD optimal routing47．Which of the following devices is not a plug and play device? ( )A hubB routerC switchD repeater48．Which of the following devices is not cut-through device? ( )A hubB routerC switchD repeater49．In the following four descriptions, which one is not correct? ( )A Switches do not offer any protection against broadcast storms.B Routers provide firewall protection against layer-2 broadcast storms.C Both switches and routers are plug and play devices.D A router is a layer-3 packet switch, a switch is a layer-2 packet switch.50．Which device has the same collision domain? ( )A HubB SwitchC Router51．IEEE802.2 protocol belong to ( )layerA networkB MACC LLCD physical52．IEEE802.11 protocol defines ( )rules.A Ethernet BusB wireless WANC wireless LAND Token Bus53．In data link-layer, which protocol is used to share bandwidth? ( )A SMTPB ICMPC ARPD CSMA/CD54．When two or more nodes on the LAN segments transmit at the same time, there will be a collision and all of the transmitting nodes well enter exponential back-off, that is all of the LAN segments belong to the same( ).A collision domainB switchC bridgeD hub55．( )allows different nodes to transmit simultaneously and yet have their respective receivers correctly receive a sender ' s encoded data bits.A CDMAB CSMAC CSMA/CDD CSMA/CA56 ．Because there are both network-layer addresses (for example, Internet IP addresses)and link-layer addresses(that is, LAN addresses),there is a need to translate between them. For the Internet, this is the job of ( ).A RIPB OSPFC ARPD IP57．PPP defines a special control escape byte,( ). If the flag sequence, 01111110 appears anywhere in the frame, except in the flag field, PPP precedes that instance of the flag pattern with the control escape byte.A 01111110B 01111101C 10011001D 1011111058．The device ( ) can isolate collision domains for each of the LAN segment.B switchC hubD NIC59．In the following four descriptions about PPP, which one is not correct? ( )A PPP is required to detect and correct errors.B PPP is not required to deliver frames to the link receiver in the same order in which they were sent by the link sender.C PPP need only operate over links that have a single sender and a single receiver.D PPP is not required to provide flow control.60．In the PPP data frame, the( ) field tells the PPP receivers the upper-layer protocol to which the received encapsulated data belongs.A flagB controlC protocolD checksum61．PPP' s lin-kcontrol protocols (LCP) accomplish ( ).A initializing the PPP linkB maintaining the PPP linkC taking down the PPP linkD all of the above62．The PPP link always begins in the ( ) state and ends in the ( ) state. ( )A open, terminatingB open, deadC dead, deadD dead, terminating63．For( ) links that have a single sender at one end of the link and a single receiver at the other end of the link.A point-to-pointB broadcastC multicastD all of the above64．With ( )transmission, the nodes at both ends of a link may transmit packets at the same time.A half-duplexB full-duplexC simplex( 单工)D synchronous65．With ( ) transmission, a node can not both transmit and receive at the same time. A half-duplexB full-duplexC simplex( 单工)D synchronous66．Which of the following functions can 't be implemented i(n th) e NIC?A encapsulation and decapsulationB error detectionC multiple access protocolD routing67．Which of the following four descriptions is wrong? ( )A The bus interface of an adapter is responsible for communication with the adapter ' s parent node.B The link interface of an adapter is responsible for implementing the link-layer protocol.C The bus interface may provide error detection, random access functions.D The main components of an adapter are the bus interface and the link interface.68．For odd parity schemes, which of the following is correct? ( )A 011010001B 111000110C 110101110D 00011011069．( )divides time into time frames and further divides each time frame into N time slots.A FDMB TMDC CDMAD CSMA70．With CDMA, each node is assigned a different ( )A codeB time slotC frequencyD link71．Which of the following four descriptions about random accessprotocol is not correct? ( )A A transmission node transmits at the full rate of the channelB When a collision happens, each node involved in the collision retransmits at once.C Both slotted ALOHA and CSMA/CD are random access protocols.D With random access protocol, there may be empty slots.72 ．PPP defines a special control escape byte 01111101. If the data is b1b201111110b3b4b5, the value is( )after byte stuffing.A b1b20111110101111110b3b4b5B b1b20111111001111101b3b4b5C b5b4b30111111001111101b2b1D b5b4b30111110101111110b2b173．MAC address is in ( ) of the computer.A RAMB NICC hard diskD cache74．Which of the following is wrong? ( )A ARP table is configured by a system administratorB ARP table is built automaticallyC ARP table is dynamicD ARP table maps IP addresses to MAC addresses75．NIC works in ( )layer.A physicalB linkC networkD transport76．In LAN, if UTP is used, the common connector is( ).A AUIB BNCC RJ-45D NNI77．The modem' s function(s) is(are() ).A translates digital signal into analog signalB translates analog signal into digital signalC both translates analog signal into digital signal and translates digital signal into analog signalD translates one kind of digital signal into another digital signal78．( )defines Token-Ring protocol.A IEEE 802.3B IEEE 802.4C IEEE 802.5D IEEE 802.279．( )defines Token-Bus protocol.A IEEE 802.3B IEEE 802.4C IEEE 802.5D IEEE 802.280．( ) defines CSMA/CD protocol.A IEEE 802.3B IEEE 802.4C IEEE 802.5D IEEE 802.281．The computer network that concentrated in a geographical area, such as in a building or on a university campus, is ( )A a LANB a MANC a WAND the Internet82．The MAC address is ( ) bits long.A 32B 48C 128D 25683．Which of the following four descriptions about MAC addresses is wrong? ( )A a MAC address is burned into the adapter ' s ROMB No two adapters have the same addressC An adapter ' s MAC address is dynamicD A MAC address is a link-layer address84．Which of the following four descriptions about DHCP is correct? ( )A DHCP is C/S architectureB DHCP uses TCP as its underlying transport protocolC The IP address offered by a DHCP server is valid foreverD The DHCP server will offer the same IP address to a host when the host requests an IP address 85．The ( )field permits Ethernet to multiplex network-layer protocols.A preambleB typeC CRCD destination MAC address86．For 10BaseT, the maximum length of the connection between an adapter and the hub is ( ) meters.A 50B 100C 200D 50087．An entry in the switch table contains the following information excepts for ( )A the MAC address of a nodeB the switch interface that leads towards the nodeC the time at which the entry for the node was placed in the tableD the IP address of a nodeA nswers:1 〜5DBDCA 6 〜10BDAAD 11 〜15 CCBDD 16-20 BDCBA 21-25 DCBDB26-30ADBCD 31 〜35DCCBA 3670 BBDDB 41-45 ABABB 46-50 ABBCA51 〜55CCDAA 56-60CBBAC 61 "5 DCABA 66-70 DCBBA 71-75 BAB AB76-80 CCCBA 81~g5ABCBB86-87BD88. Consider the 4-bit generator , G is 1001, and suppose that D has the value 101110000. What is the value of R?1010 1001 110 0001100 1010 1001OilR 89. Consider the following graph of the network. Suppose Host A will send a datagram to Host B, HostA run OICQ on port 4000, HostB run OICQ on port 8000.All of ARP tables are up to date. Enu merate all the steps whe n message“ Hellosent from host A to host B. Host A192.168.0.2/24 1111-2222-AAAA1010110111 0(0 0 01001~ 1HostB192.169.1.2/241111-2222-BBBB Router RSwitch S1192.168.0.3/245555-6666^7777E1192.166.1.3/245555-6666^8888Switch S289.host A application-layer Hellohost A transport-layer: 4000 8000 Hellohost A met work-1 aver 192.168.0.2 192.168.1.2J4000 8000 Hellohost A link-layer: 5555-6666-7777 1111-22 22-AAAA 192.16802 192.168 4000 5000 Hello FCS(CRC)router R El: 1111-2222-BBBB 5 5 55-6666-88 88 192.168.0.2 192.168.1.2 4000 8000 Hello FCS(CRC)host B network-layer 192.168.0.2 1 92.168.1.2 4000 8000 HellohostB transport-layer 4000 8000 Hellohost B application-lay er Hello。

计算机网络追踪溯源技术一、产生背景：计算机网络是计算机技术和通信技术开展到一定程度相结合的产物，Internet 的出现更是将网络技术和人类社会生活予以严密的结合。

随着网络技术的飞速开展，越来越多的传统运作方式正在被低耗、开放、高效的分布式网络应用所替代，网络已经成为人们日常生活中不可缺少的一部分。

但是，随之而来基于网络的计算机攻击也愈演愈烈，尤其是DDoS攻击，攻击者利用网络的快速和广泛的互联性，使传统意义上的平安措施根本丧失作用，严重威胁着社会和国家的平安；而且网络攻击者大都使用伪造的IP 地址，使被攻击者很难确定攻击的位置，从而不能施行有针对性地防护策略。

这些都使得逆向追踪攻击源的追踪技术成为网络主动防御体系中的重要一环，它对于最小化攻击的当前效果、威慑潜在的网络攻击都有着至关重要的作用。

二、DDoS攻击原理：但是准确定位攻击源并非易事,因为攻击者对远程计算机或网络进展攻击时, 通常采用两种手段来隐藏自己的真实地址: 伪造报文I P源地址和间接攻击。

因特网中有许多主机提供代理效劳或存在平安破绽, 这些主时机被攻击者作为“跳板〞对目的发动攻击, 从受害主机只能看到“跳板〞地址, 而无法获得攻击主机地址。

其攻击模型为：(attacter) (stepping stone)(zombie) (reflecter) (victim)图1 网络攻击模型它涉及到的机器包括攻击者、受害者、跳板、僵尸机器、反射器等。

攻击者(Attacker Host)指发起攻击的真正起点,也是追踪溯源希望发现的目的。

被攻击者(Victim Host)指受到攻击的主机,也是攻击源追踪的起点。

跳板机(Stepping Stone)指已经被攻击者危及,并作为其通信管道和隐藏身份的主机。

僵尸机(Zombie)指已经被攻击者危及,并被其用作发起攻击的主机。

反射器(Reflector)指未被攻击者危及,但在不知情的情况下参与了攻击。

学校组织活动帮助新生适应环境英语作文全文共6篇示例，供读者参考篇1A New Adventure at My SchoolMy name is Lily and I'm 9 years old. Last month, I started at a new elementary school. I was really nervous because I didn't know anybody and everything was unfamiliar. But my teachers and the older students helped me adjust through lots of fun activities. It ended up being an exciting adventure!In the few weeks before school started, my mom and I went to the school's Open House. We got to meet my teacher Mrs. Roberts and see my classroom. Mrs. Roberts gave us a tour and showed us around the whole school building. She pointed out the library, computer lab, cafeteria, gymnasium, and playgrounds. Getting to see everything ahead of time helped me feel more comfortable on my first day.On the very first day, we had a special assembly for all the new students. The principal welcomed us and introduced the teachers and staff members. Then some 5th graders put on a hilarious skit about the school rules and expectations. It was sofunny that none of us new kids felt scared anymore! After that, we broke into small groups led by student ambassadors from the older grades. My group leader Jessica showed us around the building again and answered any questions we had.The first few weeks, we had mixers and icebreakers in our classrooms to help everyone get to know each other. We played games like Two Truths and a Lie and Would You Rather. We also had to introduce ourselves and share some fun facts. I learned that my friend Emma has a pet rabbit and Carlos' favorite food is tacos. Mrs. Roberts made sure none of us felt left out.At recess and lunch, the student ambassadors hung out with us newbies. They invited us to join them at the playground games and showed us where everything was in the cafeteria. I was really shy at first but soon made lots of new friends. The older kids were all so nice and helpful!In September, the school held a Fall Festival that all the families attended. There were games, prizes, food trucks, a dunk tank, and even a petting zoo! My parents and I had a blast. We went with some of my new friends and their families so I got to know everyone better. I particularly enjoyed the cake walk.Another thing I loved was joining the School Ambassadors Club. This is a group of older students who help plan events andmentor the new kids. We meet every week to come up with ideas for mixers, drives, and community service projects. It's really built up my confidence.Some of the fun things we've done so far are putting together Halloween goodie bags for a children's hospital, hosting a multicultural potluck lunch, and running a canned food drive contest between classrooms. Coming up, we're planning a talent show fundraiser for a local animal shelter. I can't wait!As an ambassador, I particularly enjoy being a peer buddy to some of the new kindergarten students. We eat lunch together once a week, read stories aloud, and just spend time playing and talking. Seeing the school through their eyes makes me appreciate even more how much the older kids helped me adjust when I was new.The best event so far was definitely the School篇2My First Weeks at Sunnydale ElementaryHi there! My name is Jamie and I'm a fourth grader at Sunnydale Elementary School. I just started here a couple weeks ago after my family moved to this town over the summer. I waspretty nervous about starting at a brand new school where I didn't know anyone. But the teachers and older kids at Sunnydale did a lot of really cool activities to help the new students like me feel welcome and adjust to our new environment. Let me tell you all about it!On the very first day, we new kids got to go to the auditorium and the principal gave us a warm welcome. She told us all about the great facilities and awesome clubs and sports teams that Sunnydale has. Then we got to go on a tour led by some eighth graders who showed us around the whole school. They pointed out where all the classrooms, cafeteria, gym, library, art room, music room, and other important places were. I loved getting that sneak peek before my first day in class!After the tour, we went back to the auditorium and got divided into small groups. Each group had a couple eighth grade mentors assigned to them. The mentors were really nice and made an effort to get to know each of us newbies. We played some icebreaker games where we had to say our name, what grades we were in, and some fun facts about ourselves. I was pretty shy at first, but the mentors did a great job of making everyone feel comfortable and open up.My favorite part was when the mentors taught us some quirky hand shakes, sayings, and inside jokes that are popular at Sunnydale Elementary. Things like the super complicated secret handshake that all the cool kids do. And weird phrases like "going noodling" which just means getting water from the drinking fountain. Learning those kinds of silly customs made me feel like I was getting the insider scoop on how to fit in. The mentors made a big deal about initiating us new kids into the Sunnydale Way. It was kind of dorky, but also really fun!The next couple days, we had sessions in smaller groups with a counselor where we got to talk about any fears or worries we had about starting at a new school. I was pretty anxious about things like finding my way around, making friends, dealing with bullies, and keeping up with the schoolwork. But the counselor did a lot of role playing exercises that showed us ways to handle those types of situations. She also told us we could always come to her office if we had any problems adjusting.Another thing Sunnydale does that's awesome is the New Student Lunch Bunches. Basically, they have separate lunch tables set aside just for us new kids during the first few weeks of school. Not only does it make it easier to start making friends with other newbies, but they also have some really cool fifth andsixth graders hosting the lunch bunches who make sure everyone feels welcome. They lead super fun activities and icebreaker games during lunch to help us get to know each other while we eat. My favorite was when we had to stand up and say three weird facts about ourselves, and then everyone else had to guess which two were lies. I totally stumped the group when I told them I have a pet lizard that sleeps in my bed!Once we got settled in a bit, Sunnydale had us check out some of the after school clubs and activities they offer. I signed up for art club, math club, and to be a safety patrol kid who helps younger students cross the street safely. Getting involved in those clubs has helped me make a ton of new friends who have similar interests. The older kids who run the clubs have been really nice and willing to explain things or give me advice. My art club mentors have given me so many helpful pointers on drawing and how to use different materials.The safety patrol supervisors taught us patrollers all kinds of important hand signals and strategies for keeping the kids safe when they're coming or going from school. I felt so grown up and responsible when they had us practice using the stop signs and whistles. My little sister is going to think I'm the coolest kid ever when she sees me out there patrolling! Math club has beenawesome too. We get to play lots of fun math games and puzzles that make learning super engaging. The high school math team members come and help out at the meetings, which has made algebra and fractions seem a lot less scary and intimidating.Overall, you can tell that Sunnydale Elementary really goes out of their way to create an environment where new students don't feel so anxious, alone, or like outsiders. Between the new student orientation, mentors, counselors, and getting involved in clubs, they make an effort to make everyone feel welcomed and included. I've made so many new friends already and I'm starting to feelright at home here at good ol' Sunnydale Elementary. I'm so glad my family moved to this neighborhood so I got the opportunity to experience such an awesome school community. Thanks for reading, and here's to many more great adventures!篇3My First Weeks at a New SchoolHi, my name is Emma and I just started at a new elementary school this year. It was really scary at first because I didn't know anybody and everything was brand new. But my school did some really cool things to help me and the other new kids feelwelcome and get used to our new environment. Let me tell you all about it!In the weeks before school started, my mom got a big packet of information from the school in the mail. It had maps of the building, guides on where to go on the first day, tips for parents on helping kids transition, and even a little activity book just for students! The activity book had mazes, word searches, and coloring pages all themed around the school and making friends. Completing those little activities really helped get me excited instead of nervous.Then, a few days before the first day of class, the school hosted a "New Student Orientation" event. My mom and I went to the school, toured all the classrooms, met my teacher Mrs. Palmer, and I even got to see my desk and locker! Mrs. Palmer was so nice and made me feel really welcomed. She told me all about fun projects we'd be doing, like the science fair and the annual school play. Getting to see everything ahead of time made it feel much less scary when I actually started.On my very first day, I was pretty nervous waiting for the bus. But when I got to school, there were bright orange signs and paths marking where new students should go. Some nice 5th graders who were "New Student Ambassadors" met us at theentrance and walked us to the auditorium. In the auditorium, the principal gave a fun presentation with jokes to help everyone feel relaxed. Then we played some get-to-know-you games with music and dancing to start making friends. It was a great way to have fun while learning about the school rather than just sitting and listening.That first week, we had things called "Transition Activities" built into our schedule to keep helping us get adjusted. We had an assembly where older students did a silly sketch explaining all the school rules and procedures in a funny way to help us remember. We also had time for group games and activities designed to practice skills like learning our locker combos, finding our classrooms, and navigating the cafeteria line. My favorite was the scavenger hunt around the whole building to get familiar with where everything is located.Another awesome thing my school did was pair up each new student with a "Buddy" who was an older student. My buddy's name was Jake and he was so nice! He took me under his wing and showed me around. I could ask him any questions I had, whether it was where a certain classroom was or what club to join. Whenever I felt lost or overwhelmed those first few weeks, Icould go to Jake and he would help me out. It was so reassuring having my very own guide!Speaking of clubs, my school had a "Clubs Fair" one afternoon where we could walk around and learn about all the different activities we could join. There were booths for art club, drama club, computer club, sports teams, and more. The older kids running the booths were so welcoming and excited to tell us all about their clubs. I ended up joining art club and made some new friends with other new students who joined too!Throughout that first month, we had sessions during our counseling periods called "New Student Meetups." We would all get together without any of the older kids and talk about whatever was on our minds related to starting at a new school. How were we feeling? What was going well and what was still confusing? We could ask questions, share concerns, or just listen to others' experiences. It was nice having that safe space with Ms. Jackson, our counselor, to have open conversations.Even after that initial transition period of a few weeks, my school kept finding ways to make sure we were adjusting well. They had после school tutoring programs if anyone needed extra academic help getting caught up. And there were monthly sessions for parents to come learn about the curriculum and askquestions. So not only were they supporting us students, but our families too.Overall, I'm so glad my school did all these things to help the new students feel welcomed and accepted. That first step of changing schools was definitely still hard, but their programs made the process so much smoother. Instead of being scared and lonely those first few weeks, I was able to make friends, get comfortable in my new environment, and settle in pretty easily. I'm really appreciative of how much work my school put into the transition - it showed they truly cared about the new students. Now I barely remember being that shy new kid! Thanks to the orientation, ambassadors, buddy program, and all the other efforts, I quickly felt at home at my school. I'm proud to be a student here and can't wait for many more great years!篇4A New School, A New Adventure!Hi there! My name is Jamie and I'm a 4th grader at Oakwood Elementary School. This year was a really big change for me because I started at a brand new school. I was pretty nervous at first because I didn't know anyone and everything was unfamiliar. But my new school did some really awesome activities to help allthe new kids like me feel welcome and get settled in. Let me tell you all about it!The first thing they did was have a "New Student Orientation" a few days before school started. My mom and I went to the school and got to meet the principal, some teachers, and other new families. They gave us a tour of the entire building so I could see where my classroom would be, as well as the cafeteria, gymnasium, library, and other important places. Seeing it ahead of time made it way less scary on the first day.At orientation, we also got to learn about some of the really cool clubs, sports teams, and after-school activities that the school offers. I was really excited to hear about the art club, science explorers, and basketball team. The teachers running those activities were there to tell us more about them. I already knew I wanted to join art club for sure!Another awesome thing they did was assign each new student to a "buddy family." This was a family who had been at the school before who could answer any questions we had. My buddy family had a daughter in 5th grade named Emily. Emily's mom emailed my mom before school started to introduce themselves. She offered to answer any questions and said Emilywould show me around on the first day. I thought that was so nice!Finally, when the first day of school arrived, there were lots of activities planned to make it fun and help everyone get to know each other. In the morning, we had a big welcome assembly where we got to meet the principal, hear the school song, and learn about all the great things happening that year. Lots of energetic teachers and bright decorations really amped up the excitement.Then, we broke into smaller groups to play some icebreaker games and make name tents. My teacher had us go around and say our name, one fun fact about ourselves, and what we were looking forward to that year. I got to know the other kids in my class and we did a scavenger hunt around the school to help us locate important places like the nurse, main office, etc.At lunch, there were special activities in the cafeteria and organized games out on the playground so both new and returning kids could mingle and meet new friends in a relaxed environment. I got to play four square, jump rope, and hula hoop with some boys in another 4th grade class. It was a blast!After school that day, they had a Welcome Bash for new families. It was a fun little carnival set up out on the field withgames, snacks, a bouncy house, and even a DJ! My parents and little brother came and we all had such a great time. I entered the dance contest and won a prize! It was the perfect way to end my very first day.The activities kept going all throughout that first week and month too. We had meetings to learn about clubs and activities, time in class to make friends, and the teachers made sure to do lots of fun get-to-know-you games. It was such a nice way to transition into a new school.By the time September was over, I felt completely comfortable at Oakwood. I had made lots of new friends, knew my way around really well, and was super involved in art club and student council. I'm so grateful my school put in that extra effort for the new kids. What could have been a scary experience turned into an exciting adventure thanks to all the welcoming activities!So if you're ever the new kid somewhere, I hope your school does amazing things like Oakwood did for me. Starting fresh can actually be really fun when you have that support system. And try to be a buddy yourself for others who are new! A friendly face can make all the difference.Switching schools is a big deal, but doing things to make it exciting and get everyone involved makes it a wonderful experience. I'm so happy at Oakwood and can't wait for all the adventures this year will bring! Thanks for reading about my new school story. Now it's time for me to go draw in art club. See you later!篇5The First Few Weeks at My New SchoolWhen I first started at Oakwood Elementary, I was really nervous. It was a brand new school for me and I didn't know anyone there. My mom told me not to worry though, that I would make friends quickly. She said the teachers and staff were really nice and would help me get settled in. Still, I was pretty quiet those first few days.My old school didn't have a lot of the cool things Oakwood had. We didn't have a computer lab, a big playground, or a cafeteria with so many different food choices. Oakwood just seemed so big and overwhelming at first. I was afraid I would get lost trying to find my classrooms or struggle to make new friends.Luckily, Oakwood had a few activities planned for new students like me to help us adjust. The first one was a tour of the whole school led by some 5th graders. They showed us where everything was - the library, gym, music room, art room, cafeteria, and all the classroom hallways. Getting to see it all beforehand made me feel a lot more comfortable when classes actually started.They also had us play some "get to know you" games in the gym to meet other new kids. We went around introducing ourselves and saying what our favorite subjects and hobbies were. I met a girl named Emily who loved reading just like me. We hit it off right away and started sitting together at lunch. Having a friend made the transition so much easier.Another cool thing they did was having high school mentors come for a few hours. They were older students who had gone to Oakwood when they were younger. Each new student got assigned a mentor to talk to us and answer any questions. Mine was named Jacob and he was really nice and funny. He told me all about the awesome field trips, assemblies, and after-school clubs Oakwood has. It got me excited to experience those things. By the end, I didn't feel so nervous anymore.Something else that helped a ton were the little tours some teachers gave of their classrooms and introductions to what we'd be learning. Ms. Roberts, who was my math teacher, showed us all the manipulatives, games, and interactive websites we'd use to make learning math more fun and hands-on. In Mr. Davies's science class, he had us do a safe, simple experiment on the first day. It was a great way to see how engaging his lessons would be.Of course, getting to know my new classmates during those first couple weeks was important too. We did lots of icebreakers and activities to learnnames, birthdays, interests, and other basics about each other. My teacher sat us in temporary desk arrangements that mixed up students from last year, so we'd be forced to make new friends. It worked because I started chatting with Ryan and Samantha who seem really cool.probably the best event of all was the Welcome Back BBQ and Carnival that Oakwood holds for all students and families at the end of the first week. There were games like the cakewalk and balloon pop, obstacle courses, raffles, and of course lots of tasty food. My parents and I had a blast and it felt like a fun celebration for making it through those first few nerve-wracking days. I remember thinking "I'm going to really like it here!"Now, over a month into the school year, I feel totally comfortable at Oakwood. I've made lots of new friends, I know my way around the building, and my classes are going well. The transition has been pretty much seamless thanks to all those welcoming activities. I'm having such a great time exploring the clubs, trying out for sports teams, and taking advantage of the awesome resources here. Oakwood has felt like a second home in no time!Looking back, I'm really glad my school put so much thought and effort into making new students like me feel included right from the start. Those first impressions make such a big difference. It showed me that Oakwood is a caring, supportive community. With the staff's help, I've been able to dive right in, get involved, and have an amazing start to my year at my new school!篇6School Activities Help New Students Feel at HomeHi there! My name is Timmy and I'm a 4th grader at Oakwood Elementary School. I want to tell you all about the super fun activities our school does to help new students like me feel right at home when they first arrive. It can be really scarystarting at a brand new school where you don't know anyone, but the teachers and older kids here make it a whole lot easier!When I transferred to Oakwood from my old school last year, I was really nervous on my first day. Everything was unfamiliar - the building, the faces, the routines. But as soon as I walked through the front doors, there were these awesome 5th graders called "Ambassador Buddies" waiting to greet all the new kids. They welcomed us with big smiles and helped us find our classrooms and lockers. My Ambassador Buddy's name was Jake and he was super nice. He showed me around the whole school and taught me stuff like where the cafeteria and bathrooms were. Jake made me feel a lot calmer and less scared about being the new kid.Another really cool thing Oakwood does is have a "New Student Welcome Party" at the end of the first week of school. All the new kids get together to play games, eat snacks, and get to know each other. The principal gives a speech about how we're now part of the Oakwood family. Then each new student introduces themselves and says what they're most excited or nervous about. It felt good to meet other kids who were just as new as me and a little unsure of everything. By the end of the party, I had made a few new friends!But the absolute best thing Oakwood does is their "New Student Mentorship Program." Basically, every new student gets paired up with a 4th or 5th grade mentor for the whole year. Your mentor is there to answer any questions you have, help you get used to the routines, and make sure you're doing okay in general. Having a mentor is like having a mini-helper follow you around when you're new. My mentor was this really sweet 5th grade girl named Emily. She checked in with me every single day that first month to see if I needed help with anything - finding the classroom, working on an assignment, opening my locker combo, you name it. Emily introduced me to her friends at lunch and recess so I instantly had kids to hang out with. I felt so much better having her by my side while I adjusted.There are also lots of after-school clubs and activities open to new students right away. I joined Art Club where we got to do all sorts of fun crafts and paintings. Getting involved helped me make new friends who liked the same things as me. The Art Club was awesome because it was a relaxed environment where I could bond with other kids over our shared love of being creative and crafty.Whenever there are school events like dances, performances, or field trips, the new student mentors and Ambassador Buddiesalways make sure to involve the new kids so nobody feels left out. We get reminders about signing up and the older students make an effort to hang out with us at the events so we're not just standing around alone. The mentors and Ambassadors really go above and beyond to integrate the new students.Overall, I'm just so grateful for all the energy and attention Oakwood puts into their new student programs. That first year at a new school can be pretty overwhelming, but they make you feel so welcomed and supported every step of the way. Thanks to the Ambassador Buddies, New Student Welcome Party, mentors, clubs, and inclusive events, I was able to settle in, make friends, and grow confident in my new environment way quicker than I would have on my own. Oakwood's awesome new student activities turned a potentially scary new beginning into an exciting adventure. I went from being a nervous new kid to a happy, socially adjusted, and proud Oakwood student in just a few months' time. Other schools could definitely learn a thing or two from Oakwood about how to help new students adjust!。

A novel approach to translymphaticchemotherapy targeting sentinel lymph nodes of patients with oral cancer using intra-arterial chemotherapy -preliminary studyJunkichi Yokoyama *,Shin Ito,Shinichi Ohba,Mitsuhisa Fujimaki and Katsuhisa IkedaIntroductionThe sentinel lymph node (SLN)is defined as the lymph node that firstly receives lymphatic drainage from the primary cancer [1].The SLN is thought to be the first possible micrometastatic site via lymphatic drainage from the primary cancer.Thus,the pathological status of the SLN can predict the status of all regional lymph nodes.If the SLN is recognized as being negative forcancer metastasis,unnecessary dissection may be avoided and a positive prognosis achieved.This SLN concept is well established in the treatment of patients with several types of solid carcinomas,such as mela-noma and breast cancer [2-4].The SLN concept has revolutionized the approach to surgical staging of both the melanoma and breast cancer,and these techniques can benefit patients by preventing various complications due to unnecessary prophylactic dissection when the SLN is negative for cancer metastasis.Recently,the SLN concept has been extended to many other solid tumors,*Correspondence:*******************.jpDepartment of Otolaryngology,Head and Neck Surgery,Juntendo University School of Medicine,Tokyo,JapanYokoyama et al .Head &Neck Oncology 2011,3:42/content/3/1/42©2011Yokoyama et al;licensee BioMed Central Ltd.This is an Open Access article distributed under the terms of the Creative Commons Attribution License (/licenses/by/2.0),which permits unrestricted use,distribution,and reproduction in any medium,provided the original work is properly cited.including head and neck cancers[5,6].In this study,we consider a newly developed translymphatic chemother-apy procedure targeting the SLN using intra-arterial chemotherapy for oral cancer to improve prognosis and to preserve significant organs[7-9].ObjectiveEvaluate CDDP concentrations in SLNs and non-SLNs. Determine the usefulness of translymphatic chemother-apy targeting SLNs in patients with oral cancer using intra-arterial chemotherapy.Method and PatientsFive patients with tongue cancer(T3N0M0)were trea-ted by intra-arterial chemotherapy as neoadjuvant che-motherapy from November2010to June2011.After a week of chemotherapy,surgical treatment including par-tial resection of the tongue and neck dissection was per-formed.Intra-arterial chemotherapy was administeredat50mg/m2of CDDP either one or two times weekly. CT-angiography confirmed that the areas of tongue can-cer were stained and that lymph nodes were not stained (Figure1).Five mg of ICG was administered via a cathe-ter positioned in the lingual artery at the beginning of the surgery(Figure2).SNLs were detected by ICG fluorescence imaging(Photodynamic Eye,Hamamatsu Photonics)and non-SNLs were detected in two subman-dibular lymph nodes located near the tongue cancer. These were monitored as controls.In order to measure CDDP concentrations,0.1g of each of the SLNs and the two non-SLNs were resected and the rests of each of the SLNs were examined intraoperatively by means of routine frozen pathological examination.The CDDP concentrations were measured by atomic absorption analysis.A conventional method of identifying SLNs using radioactive injection was also performed the day before surgery.The pre-treatment characteristics of the patients are shown in table1.Patients’informed consent was obtained prior to treat-ment,and this study was approved by the Human Ethics Review Committee of Juntendo University.The difference between the two groups CDDP con-centrations were tested by Student’s t-test and Wil-coxon test.;p values<0.05were considered to indicate significance.ResultsDetection of SLNs were clearly demonstrated by ICG fluorescence imaging(Figure3,4).The mean number of SLNs was5.6(3-8).ICG fluorescence imaging showed a greater number of SLNs in our intra-arterial infusion than seen when injecting radiocolloid intratumor(mean 3.4).SLNs detected by ICG fluorescence imaging included all of the SLNs detected by the conventional radioactive method.Histopathological examination was performed for29 SLNs and90non-SLNs(Table1).All5patients with his-topathologically verified metastasis in their SLNs demon-strated positive results in ICG fluorescence imaging.No false negative cases were identified within each SLN basin. However,of the7metastatic lymph nodes,one was not identified by means of conventional methods.The mean CDDP concentrations of SLNs and non-SNLs were1.2μg/g and0.35μg/g respectively.TheFigure1CT-angiography infusing the lingual artery.CT-angiography confirmed the stained tongue cancer(a and b) indicated by triangls.There was no staining in any lymph nodes(c and d)indicated by arrowheads.Arrows represent the catheter inserted in the lingual artery.Figure2Tongue cancer after injection of ICG.a:tongue cancer, b:tongue cancer with ICG fluorescence imaging.CDDP concentration of SLNs was significantly higher than non-SLNs.The mean CDDP concentration of ton-gue cancer was2.3μg/g.No hematological complications were caused by intra-arterial chemotherapy.All patients are alive with no evi-dence of disease and are able to consume food as they were able to before surgery.DiscussionChemoradiation therapy has significantly enhanced the preservation of important organs in the treatment of head and neck cancer.However,because of severe mucositis and low sensitivity to chemotherapy,tongue cancer has not been treated by chemoradiation as often as other sites of head and neck cancer[10].CDDP is a most promising drug for the treatment of head and neck cancers.To increase the CDDP concentration in tongue cancer resistant to chemotherapy we have adopted intra-arterial chemotherapy for the treatment of advanced tongue cancer.This procedure has resulted in a positive prognosis and good organ preservation[7,9]. We found that the administration of CDDP to the pri-mary tongue cancer has a powerful effect on the pri-mary cancer as well as occult neck metastasis.As a result,we have hypothesized that intra-arterial chemotherapy for the treatment of primary tongue cancer,also results in translymphatic chemotherapy to control the subclinical metastatic tumor in SLNs.The schema of translymphatic chemotherapy is illustrated in Figure5.This schema shows that CDDP adminis-tered to the primary tongue cancer moves selectively to SLNs via lymphatic canals.CDDP is accumulated in the SNLs and results in a high CDDP concentration in the pared with the 2.3μg/g CDDPTable1Patients characteristicscases site age M/F TNM No of SLNs by radiocolloid No of SLNs by ICG No of non-SLNs 1tongue34M T3N0M034112tongue57F T3N0M03(FN)6213tongue37M T3N0M036144tongue63M T3N0M046165tongue59M T3N0M04728Mean50 3.4 5.618FN:False Negative,LN:Lymph nodeIntraoperative navigation surgery using ICG fluorescence imaging.Number(1~5)means SLNs.a and b represent represent level III and IV dissection.concentration measured within the tongue cancer,the mean CDDP concentration measured in SLNs was recorded at1.2μg/g.However,the difference between the CDDP concentrations of SLNs and tongue cancer was significant.In our preliminary study,all SLNs were detected by ICG fluorescence imaging infused via the lingual artery in5cT3N0tongue cancer patients.The number of SLNs resulting from intra-arterial infusion was greater than could be seen when by means of conventionalspecimens.a:Rt side represents the caudal side.Number(1~7)represents SLNs.b:level I,c:level II and III,injection to the intratumor.This is because ICG was administered to the lingual artery and ICG spread throughout half of the tongue(Figure2).ICG moved via lymphatic canals from half of the tongue including the tongue cancer.Even in micrometastatic SLNs,an affer-ent lymphatic sometimes occluded by micrometastatic cancer based on sentinel navigation or CT lymphograpy [11].In our examination,we also did not detect a meta-static SLN by conventional methods due to occlusion of afferent lymphatics from the tongue cancer(Figure6).It contained CDDP as high as1.68μg/g.This was because, each lymph node has several afferent lymphatics and ICG or CDDP could move to micrometastatic SLN via several other afferent lymphatics in the case of intra-arterial infusion.CDDP was released continuously from the primary tongue cancer via the translymphatic canal for a period of over more than one week.CDDP was selectively accumulated in SLNs and continued to effect micrometastasis in SLNs over a long period.After a per-iod of several weeks,the CDDP concentrations between the primary cancer and SLNs gradually will become the same and maintained equilibrium.Our intra-arterial chemotherapy is suspected to contribute not only to pri-mary organ preservation,but also to a positive prognosis by controlling the metastatic SLNs.Preservation of patients quality of life in advanced cT3N0tongue cancer is achieved by means of intra-arterial chemotherapy and through targeting SLN metastasis with translympha-tic chemotherapy.We believe that ICG fluorescence imaging is very useful for navigation surgery as there appear to be no limitations.An additional reason for difficulties in detecting SLNs was the close proximity of the primary tumor to the lymph node basin.This caused difficulties for both preoperative lymphoscintigraphy and intraoperative radi-olocalization,because of the well described phenomena of“shine-through’’radioactivity and scatter from the primary site[4].Specifically,it was particularly difficult to detect SLNs on the floor of the mouth in any other sites of head and neck cancers[12,13].In order to avoid the influence of‘shine-through’we firstly resected the close primary tumor before sentinel mapping.However, it was difficult to completely avoid the influence of ‘shine-through’after resection of the primary tumor.As for ICG fluorescence imaging,SLNs were clearly detected even in close proximity to the primary tumor and‘shine-through’could be avoided.The ICG fluores-cence imaging procedure demonstrated better success rates of detecting SLNs for patients with tumors in the floor of the mouth than the radioactivity method. Further studies will be required to verify the effective-ness and safety of intra-arterial chemotherapy as a method of lymphatic chemotherapy for the treatment of occult lymph node metastatsis.Our results suggest that a drug delivery system based on the SLN concept should be developed for local chemotherapy targeting SLNs in patients with cN0oral cancer,for whom there is poten-tial for metastasis in SLNs.Further investigations may lead to the development of a new minimally invasive multimodal therapy targeting both the primary tumor and SLNs in the near future. ConclusionOur study verified the possibility that intra-arterial che-motherapy may be effective not only for organ preserva-tion therapy,but also serve as an efficient procedure for translymphatic chemotherapy targeting SLNs in patients with oral cancer through the use of ICG fluorescence imaging.The CDDP concentrations recorded in SLNs were significantly higher than in non-SNLs.This novel drug delivery system is feasible for trans-lymphatic chemotherapy targeting SLNs in patients with cT3N0oral cancer with the possibility of occult metas-tasis in SLNs.AcknowledgementsThis research was funded in part by a Grant for Clinical Cancer Research from the Ministry of Health,Labor,and Welfare of Japan.Authors’contributionsJY and SI prepared and edited this manuscript.SO and MF contributed to the collection of data.KI performed the statistical analysis.JY and KI gave final approval for this version of the manuscript.All authors read and approved the final manuscriptCompeting interestsThe authors declare that they have no competing interests.Received:2August2011Accepted:19September2011Published:19September 2011Figure6A metastatic SLN not detected by the conventional method.a:left side low power magnification.b:right side high power magnification.This lymph node contained CDDP as high as 1.68μg/g.References1.Morton DL,Wen DR,Wong JH,Economou JS,Cagle LA,Storm FK,Foshag LJ,Cochran AJ:Technical details of intraoperative lymphaticmapping for early stage melanoma.Arch Surg1992,127:392-399.2.Giuliano AE,Kirgan DM,Guenther JM,Morton DL:Lymphatic mapping andsentinel Lymphadene-ctomy for breast cancer.Ann Surg1994,220:391-401.3.Morton DL,Thompson JF,Essner R,Elashoff R,Stern SL,Nieweg OE,Roses DF,Karakousis CP,Mozzillo N,Reintgen D,Wang HJ,Glass EC,Cochran AJ:Validation of the accuracy of intraoperative lymphaticmapping and sentinel lymphadenectomy for early-stage melanoma:amulticenter trial.Multicenter Selective Lymphadenectomy Trial Group.Ann Surg1999,230:453-463.4.Krag D,Weaver D,Ashikaga T,Moffat F,Klimberg VS,Shriver C,Feldman S,Kusminsky R,Gadd M,Kuhn J,Harlow S,Beitsch P:The sentinel node inbreast cancer-a multicenter validation study.N Engl J Med1998,339:941-946.5.Rinaldo A,Devaney KO,Ferlito A:Immunohistochemical studies in theidentification of lymph node micrometastases in patients withsquamous cell carcinoma of the head and neck.ORL J Otorhinolaryngol Relat Spec2004,66:38-41.6.De Cicco C,TrifiròG,Calabrese L,Bruschini R,Ferrari ME,Travaini LL,Fiorenza M,Viale G,Chiesa F,Paganelli G:Lymphatic mapping to tailorselective lymphadenectomy in cN0tongue carcinoma:beyond thesentinel node concept.Eur J Nucl Med Mol Imaging2006,33:900-5.7.Yokoyama Junkichi:Present role and future prospect of superselectiveintra-arterial infusion chemotherapy for head and neck cancer.Jpn JChemother2002,29:169-175.8.Shiga Kiyoto,Yokoyama Junkichi,Hashimoto Sho,Saijo S,Tateda M,Ogawa T,Watanabe M,Kobayashi T:Combined therapy aftersuperselective arterial cisplatin infusion to treat maxillary squamous cell carcinoma.Otolaryngol Head and Neck Surg2007,136:1003-1009.9.Robbins KT:The evolving role of combined modality therapy in headand neck cancer.Arch Otolaryngol Head Neck Surg2000,126:265-269. 10.Hanna E,Alexiou M,Morgan J,Badley J,Maddox AM,Penagaricano J,Fan CY,Breau R,Suen J:Intensive chemoradiotherapy as a primarytreatment for organ preservation in patients with advanced cancer ofthe head and neck:efficacy,toxic effects,and limitations.ArchOtolaryngol Head Neck Surg2004,130:861-7.11.Matsuzuka T,Kano M,Ogawa H,Miura T,Tada Y,Matsui T,Yokoyma S,Suzuki Y,Suzuki M,Omori K:Sentinel node mapping for node positiveoral cancer:potential to predict multiple ryngoscope2008, 118:646-9.12.Civantos F,Zitsch R,Bared A:Sentinel node biopsy in oral squamous cellcarcinoma.J Surg Oncol2007,96:330-6.13.Ross GL,Soutar DS,MacDonald DG,Shoaib T,Camilleri I,Roberton AG,Sorensen JA,Thomsen J,Grupe P,Alvarez J,Barbier L,Santamaria J,Poli T, Massarelli O,Sesenna E,Kovács AF,Grünwald F,Barzan L,Sulfaro S,Alberti F:Sentinel node biopsy in head and neck cancer:preliminaryresults of a multicenter trial.Ann Surg Oncol2004,11:690-6.。

IP追踪技术摘要：IP协议的设计使得确定IP包源地址很困难。

而拒绝服务攻击是因特网安全领域中最难的课题，攻击者能够将自己的身份隐藏于合法的用户中，或者欺骗源数据包的地址。

本文介绍和分析了文献中已有的不同IP追踪技术，探究了可以用来标记包和追踪的IPv4报头，深入分析了这些追踪技术，比如link testing ，packet marking，ICMP floodback以及package logging。

本文还介绍了这几种技术的比较方法。

关键词：DoS；IP追踪；Packet Marking,；Link Testing,；Packet Logging1 引言在过去十年里，因特网的使用呈爆炸式的增长。

最近的研究显示，现在的美国，每三个人中就有一个因为个人活动和商业需要使用因特网。

随着使用因特网的人数增加，一些非法活动数量也呈指数增长，这些使用因特网的非法活动包括窃取数据、身份盗用等（一般的网络犯罪）。

Network forensics对网络事件进行取证、记录和分析，以发现可以作为呈堂证供的关于安全攻击源的信息。

本文阐述了可以可靠判定包源的IP追踪技术，即帮助调查员确定具有攻击性IP包的真正源位置。

本文对IP追踪技术进行了综述，这些技术可以使受害者通过攻击流量确定攻击包的网络路径，并且不需要因特网服务提供商(ISPs)的交互操作支持。

伪装攻击可以通过欺骗链路层（使用不同的MAC地址，而不是原始MAC地址）、网络层（使用不同的源IP地址）、传输层（使用不同的TCP/IP端口）、应用层（使用不同的email地址）产生。

如图1，攻击V节点，可以从源A1、A2进行。

攻击路径C为A1、R1、R4、R7、R9、V是一条连通的通路，V是被攻击对象，IP追踪问题可以定义为：给定V的IP地址，找出攻击源A1、A2，并且确定攻击的线路C。

追溯到攻击源A1、A2的攻击路线重建不是一个简单的过程，因为在TCP/IP协议栈的不同层都可以进行欺骗以及中间宿主称为被攻破的主机，称为stepping-stone，它又可以作为攻击者通信的管道。

计算机网络英文题库(附答案) chapter 41. What is the purpose of the Network Layer in the OSI Model?The Network Layer, also known as the fourth layer in the OSI Model, is responsible for the logical addressing and routing of data packets between different networks. Its purpose is to enable the transfer of data between devices that may be located on different networks.2. What are the main functions of the Network Layer?The Network Layer performs the following main functions:•Logical Addressing: The Network Layer assigns logical addresses to devices, allowing them to be uniquelyidentified on a network. This is done using protocols suchas IP (Internet Protocol).•Routing: The Network Layer determines the optimal path for data packets to be transmitted from thesource to the destination. It uses routing algorithms andprotocols to make routing decisions and manage networktraffic.•Packet Switching: The Network Layer breaks data into smaller packets and adds control information to eachpacket. These packets are then transmitted independently over the network and reassembled at the destination.•Congestion Control: The Network Layer is responsible for managing network congestion andpreventing network resources from becomingoverwhelmed. It uses techniques such as traffic shapingand packet prioritization to ensure efficient and reliabledata transmission.•Network Interoperability: The Network Layer enables different types of networks to interconnect andcommunicate with each other. It provides mechanisms to facilitate the exchange of data between networks withdifferent protocols and technologies.3. What is IP addressing?IP addressing refers to the assignment and use of unique logical addresses, called IP addresses, to devices connected to an IP network. IP addresses are used by the Network Layer to identify and locate devices on a network.An IP address is a 32-bit binary number, typically represented in a dotted decimal notation (e.g., 192.168.0.1). It consists of two parts: the network part and the host part. The network part identifies the specific network to which the device is connected, while the host part identifies the individual device on that network.There are two types of IP addresses: IPv4 (32-bit) and IPv6 (128-bit). IPv4 is the most widely used addressing scheme and provides approximately 4.3 billion unique addresses. IPv6 is the next generation IP addressing scheme, designed to address the limitations of IPv4 and provide a significantly larger address space.4. What is routing? How does it work?Routing is the process of determining the optimal path for data packets to be transmitted from the source to the destination across a network. It is a key function of the Network Layer.When a device wants to send data to a destination device, it determines the destina tion’s IP address. It then consults its routing table, which contains information about the network topology and available paths. The routing table helps the device identify the next hop, which is the next device that will receive the data packet and forward it towards the destination.The routing table is populated through various methods, such as static routing (manually configured routes) and dynamic routing (automatically updated routes based on routing protocols). Routing protocols, such as RIP (Routing Information Protocol) and OSPF (Open Shortest Path First), are used to exchange information between routers and ensure accurate routing decisions.Routers use routing algorithms and metrics to calculate the best path for data packets. These algorithms consider factors such as the number of hops, link speeds, and network congestion to determine the most efficient route. Once the next hop is determined, the data packet is forwarded to that device, and the process is repeated until the packet reaches its destination.5. What is packet switching? How does it differ from circuit switching?Packet switching is a method of data transmission in which data is divided into smaller packets and transmitted independently over a network. It is the primary mode of transmission used in modern computer networks, including the Internet.In packet switching, data is broken into packets, each containing a portion of the original data and control information. Each packet is then labeled with the source and destination IP addresses. These packets are transmitted individually over the network and can take different paths to reach the destination. At the destination, the packets are reassembled to reconstruct the original data.Packet switching differs from circuit switching, which was commonly used in traditional telephone networks. In circuit switching, a dedicated communication path, known as a circuit, is established between the source and destination for the duration of the communication session. The entire message is transmitted along this dedicated circuit, without being divided into smaller units. This approach requires the reservation of network resources for the entire duration of the communication, even if no data is being transmitted.Packet switching offers several advantages over circuit switching, including better resource utilization, improved network efficiency, and the ability to handle variable network conditions. It allows multiple devices to share the same network resources and adapt to changing traffic patterns. Additionally, packet switching enables the transmission ofdiverse data types, such as voice, video, and text, over the same network.ConclusionThe Network Layer plays a crucial role in computer networks by facilitating the logical addressing, routing, and interconnectivity of devices across networks. It provides essential functions such as IP addressing, routing, packet switching, congestion control, and network interoperability. Understanding the concepts and principles of the Network Layer is vital for effective network design, management, and troubleshooting.This chapter has covered the purpose of the Network Layer, its main functions, IP addressing, routing, and packet switching. By grasping these concepts, you are now well-equipped to navigate the complexities of computer networks and ensure efficient data transmission.Keep learning and exploring the fascinating world of computer networking!。