Baran’s proof: a distributed mesh with just 3–4 links per node survives heavy attack. A centralized hub (star topology) does not — destroy the center, destroy the network.

This is the binding constraint that shapes everything: the network must function without any central point of control.

Two minutes with a partner: Evaluate four topologies — star, ring, full mesh, irregular mesh — on three dimensions:

What goes wrong?

• A packet arrives every ~0.3 ms (at 50 Kbps with 200-byte packets)
• Route computation takes tens of milliseconds (exchange tables, run Bellman-Ford)
• While computing, the IMP stops forwarding — packets queue and drop

The problem: two tasks with different timescales are coupled in one machine.

Two minutes: How would you fix this? What would you separate?

This pattern — separating concerns that operate at different timescales so each can evolve independently — is called disaggregation.

It creates an interface (the table). Change the routing algorithm → forwarding is unaffected. Speed up forwarding hardware → routing is unaffected. But: the table can be stale. That’s the cost of every disaggregation — the interface can degrade.

Quick recall: does anyone remember the Bellman-Ford equation?

\[d(v) = \min_{u \in \text{neighbors}(v)} \left[ c(v,u) + d_u(v) \right]\]

“My cost to X = minimum over all neighbors of (link cost to neighbor + neighbor’s advertised cost to X).”

Heart’s insight: run Bellman-Ford live, every 128 ms. Each IMP sends its full distance table to every neighbor. Each neighbor recomputes. After enough rounds, every IMP converges to the shortest path.

Round 1: Each IMP receives neighbors' tables, recomputes
┌──────────┬─────────┬─────────┬─────────┐
│          │ to UCLA │ to UCSB │ to Utah │
├──────────┼─────────┼─────────┼─────────┤
│ SRI      │ 1       │ 1       │ 1       │
│ UCLA     │ 0       │ 1       │ 2 (via SRI) │
│ UCSB     │ 1       │ 0       │ 2 (via SRI) │
│ Utah     │ 2 (via SRI) │ 2 (via SRI) │ 0  │
└──────────┴─────────┴─────────┴─────────┘

Converged in one round. On a 4-node network, this is elegant. On a 60-node network in 1978, it broke catastrophically.

Why it seems reasonable: long queue → packets wait longer → high delay → avoid this link.

Why it fails:

• Light load: all queues empty, all costs ≈ 0 — the IMP has no basis to prefer any path
• Heavy load: “best” path fills → cost rises → traffic shifts to alternate → original drains → cost drops → traffic shifts back → oscillation

The E-M-B diagnosis: Environment (true link quality) → Measurement (queue snapshot — honest but misleading) → Belief (distance vector — built from misleading proxies).

Compare to TCP’s bufferbloat from Lecture 2: same structure, different gap. TCP’s measurement is delayed (ACKs arrive late). DV’s measurement is a bad proxy (queue length ≠ delay). Both produce belief ≠ environment.

Two minutes: Trace what happens next. UCLA asks UCSB “how far to Utah?” — UCSB’s table says cost 2. What does UCLA conclude? What does UCSB conclude next round? Where do packets go?

In 1969, there was no TTL — no mechanism to kill looping packets. IMPs used “tenacious forwarding”: hold the packet until the next hop acknowledges. Looping packets consumed IMP memory and link bandwidth until the routing tables eventually converged — or didn’t.

TTL was introduced with IP in 1981 (RFC 791) specifically to bound packet lifetime in a best-effort network.

Which E-M-B layer broke? (Show fingers: 1 = environment, 2 = measurement, 3 = belief)

Measurement. The neighbor’s advertisement IS the measurement signal — and it carries stale belief disguised as fresh data. Your own outdated information echoes back through your neighbor.

Two minutes: How would you fix this? What information would you share instead?

Every IMP now has the full topology graph. UCLA runs Dijkstra, sees Utah is unreachable, sets cost = ∞. One round. Correct answer. No echo.

Why no echo? UCSB’s advertisement is now “my link to SRI is up” — a direct measurement of its own wire. It is no longer “my cost to Utah is 2” — a processed belief hiding which path it uses. Measurement comes from the environment, not from another node’s belief.

This is disaggregation applied again: separate what you measure (link probes) from what you compute (shortest paths). Same principle Heart used for forwarding vs. routing — now applied to fix the measurement corruption that caused count-to-infinity.

If you’ve taken 176A, you know RIP and OSPF. Here’s how they connect to what we just learned:

RIP inherited the count-to-infinity problem. OSPF fixed it — the same way McQuillan did.

We already know why: Baran’s constraint. The network must survive attack. A central route computer is a single point of failure.

But what does distributed placement cost?

The constraint forced the placement. Survivability demanded distribution, even at the cost of convergence time and temporary inconsistency. When we study WiFi, a different constraint (licensed spectrum) forces the opposite placement — centralized scheduling.

Different systems. Different constraints. Same three patterns. That’s what makes them principles.