This preview shows page 1. Sign up to view the full content.
Unformatted text preview: Data and Computer Communications Communications
Chapter 18 – Internet Protocols Protocols Eighth Edition by William Stallings Lecture slides by Lawrie Brown Internet Protocols Internet Protocols
The map of the London Underground, which The can be seen inside every train, has been called a model of its kind, a work of art. It presents the underground network as a geometric grid. The tube lines do not, of course, lie at right angles to one another like the streets of Manhattan. Nor do they branch off at acute angles or form perfect oblongs. perfect —King Solomon's Carpet. Barbara Vine (Ruth Rendell) Protocol Functions Protocol have a small set of functions that form basis of all protocols all encapsulation fragmentation and reassembly connection control ordered delivery flow control error control addressing multiplexing transmission services Encapsulation Encapsulation data usually transferred in blocks called Protocol Data Units (PDUs) called Data have three categories of control have categories address error-detecting code protocol control encapsulation is addition of control information to data of have many examples of PDU’s in previous chapters e.g. TFTP, HDLC, frame relay, ATM, AAL5, LLC, IEEE 802.3, IEEE 802.11 IEEE Fragmentation and Reassembly Reassembly protocol exchanges data between two entities protocol data lower-level protocols may need to break data up into -level smaller blocks, called fragmentation blocks, for various reasons network only accepts blocks of a certain size more efficient error control & smaller retransmission units error retransmission fairer access to shared facilities smaller buffers smaller buffers smaller buffers more interrupts & processing time disadvantages PDUS and Fragmentation PDUS Connection Control Connection have connectionless data transfer where each PDU treated independently iinvolves a logical association, or connection, nvolves established between entities established preferred (even required) for lengthy data exchange preferred for or if protocol details are worked out dynamically or protocol connection establishment data transfer connection termination and connection-oriented data transfer three phases occur for connection-oriented three Phases of Connection Oriented Transfer Oriented Connection Establishment Connection entities agree to exchange data agree typically, one station issues connection request may involve central authority may central receiving entity accepts or rejects (simple) may include negotiation syntax, semantics, and timing both entities must use same protocol may allow optional features must be agreed Data Transfer and Termination Termination both data and control information both exchanged exchanged data flow and acknowledgements may be data in one or both directions in one side may send termination request one may or central authority might terminate Sequencing Sequencing used by many, but not all, connection-oriented protocols protocols e.g. HDLC, IEEE 802.11 connection-oriented protocols include some way connection-oriented of identifying connection of have PDUs numbered sequentially have sequentially each side tracks seq numbers in and out each side to support three main functions ordered delivery llow control error control Ordered Delivery Ordered risk PDUs may arrive out of order require PDU order must be maintained require be hence number PDUs sequentially easy to reorder received PDUs use finite sequence number field sequence numbers repeat modulo maximum number max sequence number greater than max max number of PDUs that could be outstanding number TCP/IP Concepts TCP/IP Flow Control Flow receiving entity limits amount / rate of data sent simplest protocol is stop-and-wait more efficient protocols use concept of credit amount of data sent without acknowledgment network traffic control buffer space application overflow must be implemented in several protocols Error Control Error to guard against loss or damage iimplemented as separate error detection and mplemented retransmission functions retransmission sender inserts error-detecting code in PDU receiver checks code on incoming PDU if error, discard iif transmitter doesn’t get acknowledgment in f reasonable time, retransmit reasonable enables receiver to detect and possibly correct errors enables and can use an error-correction code performed at various protocol layers Addressing Addressing addressing level addressing scope connection identifiers addressing mode Addressing Level Addressing level in architecture where entity is named have a unique address for each intermediate and end system usually a network-level address to route PDU e.g. IP address or internet address e.g. OSI - network service access point (NSAP) e.g. network e.g. TCP/IP port e.g. OSI service access point (SAP) at destination data must routed to some process must Addressing Scope Addressing global address which identifies unique system identifies unambiguous synonyms permitted system may have more than one global address global applicability enables internet to route data between any two systems enables MAC address on IEEE 802 network and ATM host address enables network to route data units through network network need unique address for each interface on network only relevant for network-level addresses port or SAP above network level is unique within system Connection Identifiers Connection is used by both entities for future transmissions advantages: reduced overhead since smaller routing using a fixed route tagged by connection ID multiplexing of multiple connections use of state information Addressing Mode Addressing address usually refers to single system individual or unicast address multiple simultaneous recipients for data broadcast for all entities within domain multicast for specific subset of entities can refer to more than one system for Multiplexing Multiplexing multiple connections into single system e.g. frame relay, can have multiple data link have connections terminating in single end system connections e.g. multiple TCP connections to given system e.g. to have multiple higher level connections over a have single lower level connection single have single higher level connection built on have multiple lower level connections upward multiplexing downward multiplexing downward multiplexing Transmission Services Transmission may have additional services to entities: priority on connection basis or message basis priority or quality of service
• e.g. minimum throughput or maximum delay threshold threshold security mechanisms, restricting access mechanisms, these depend on underlying transmission these system and lower-level entities system Internetworking Terms Internetworking communications Network internet the Internet the intranet End System (ES) Intermediate System (IS) bridge router Requirements of Internetworking Internetworking link between networks routing and delivery of data between routing processes on different networks processes accounting services and status info independent of network architectures Network Architecture Features Features addressing packet size access mechanism timeouts error recovery status reporting routing user access control connection based or connectionless Architectural Approaches Architectural connection oriented virtual circuit datagram PDU’s routed independently from source ES PDU’s to dest ES through routers and networks to share common network layer protocol, e.g. IP below have network access on each node connectionless Connectionless Internetworking Internetworking advantages flexibility robust no unnecessary overhead not guaranteed delivery not guaranteed order of delivery
• packets can take different routes unreliable reliability is responsibility of next layer up (e.g. TCP) IP Operation Operation Design Issues Design routing datagram lifetime fragmentation and re-assembly error control flow control The Internet as a Network Network Routing Routing ES / routers maintain routing tables indicate next router to which datagram is sent static static dynamic source specifies route to be followed can be useful for security & priority source routing route recording Datagram Lifetime Datagram datagrams could loop indefinitely consumes resources transport protocol may need upper bound on transport lifetime of a datagram lifetime Time To Live field in IP when lifetime expires, datagram discarded simplest is hop count or time count can mark datagram with lifetime can Fragmentation and Re-assembly Re-assembly may have different packet sizes on networks along path used by datagram at destination
• packets get smaller as data traverses internet issue of when to re-assemble intermediate re-assembly
• • • need large buffers at routers buffers may fill with fragments all fragments must go through same router IP Fragmentation IP IP re-assembles at destination only uses fields in header Data Unit Identifier (ID)
• identifies end system originated datagram Data length
• length of user data in octets Offset
• position of fragment of user data in original datagram • in multiples of 64 bits (8 octets) More flag
• indicates that this is not the last fragment Fragmentation Example Fragmentation Dealing with Failure Dealing re-assembly may fail if some fragments re-assembly get lost get need to detect failure re-assembly time out assigned to first fragment to arrive iif timeout expires before all fragments arrive, f discard partial data discard if time to live runs out, kill partial data use packet lifetime (time to live in IP) Error Control Error no guaranteed delivery router should attempt to inform source if router packet discarded source may modify transmission strategy may inform high layer protocol need datagram identification see ICMP in next section Flow Control Flow allows routers and/or stations to limit rate allows of incoming data of limited in connectionless systems send flow control packets to request send reduced flow reduced see ICMP in next section Internet Protocol (IP) v4 Internet IP version 4 defined in RFC 791 part of TCP/IP suite two parts specification of interface with a higher layer
• e.g. TCP specification of actual protocol format and specification mechanisms mechanisms will (eventually) be replaced by IPv6 IP Services IP Primitives functions to be performed form of primitive implementation dependent Send - request transmission of data unit Deliver - notify user of arrival of data unit used to pass data and control info Parameters IP Parameters IP source & destination addresses protocol type of Service identification don’t fragment indicator time to live data length option data user data IP Options IP security source routing route recording stream identification timestamping IPv4 Header IP Header Fields (1) Header Version currently 4 IP v6 - see later in 32 bit words including options Internet header length DS/ECN (was type of service) total length of datagram, in octets Header Fields (2) Header Identification sequence number identify datagram uniquely with addresses / protocol More bit Don’t fragment Flags Fragmentation offset Time to live Protocol Next higher layer to receive data field at destination Header Fields (3) Header Header checksum reverified and recomputed at each router 16 bit ones complement sum of all 16 bit words in 16 header header set to zero during calculation Source address Destination address Options Padding to fill to multiple of 32 bits long Data Field Data carries user data from next layer up integer multiple of 8 bits long (octet) max length of datagram (header plus data) max is 65,535 octets is IPv4 Address Formats IPv4 IP Addresses - Class A IP start with binary 0 all 0 reserved 01111111 (127) reserved for loopback range 1.x.x.x to 126.x.x.x all allocated IP Addresses - Class B IP start with binary 10 range 128.x.x.x to 191.x.x.x second octet also included in network second address address 214 = 16,384 class B addresses all allocated IP Addresses - Class C IP start with binary 110 range 192.x.x.x to 223.x.x.x second and third octet also part of network second address address 221 = 2,097,152 addresses nearly all allocated see IPv6 Subnets and Subnet Masks Subnets allows arbitrary complexity of internetworked allows LANs within organization LANs iinsulate overall internet from growth of network nsulate numbers and routing complexity numbers site looks to rest of internet like single network each LAN assigned subnet number host portion of address partitioned into subnet host number and host number number local routers route within subnetted network subnet mask indicates which bits are subnet subnet number and which are host number number Subnet Mask Calculation Subnet
Binary Representation IP address Subnet mask Bitwise AND of address and mask (resultant network/subnet number) Subnet number Host number 11000000.11100100.00010001 .00111001 11111111.11111111.11111111 .11100000 11000000.11100100.00010001 .00100000 Dotted Decimal 188.8.131.52 255.255.255.224 184.108.40.206 11000000.11100100.00010001 .001 00000000.00000000.00000000 .00011001 1 25 Routing Using Subnets Routing ICMP ICMP Internet Control Message Protocol RFC 792 (get it and study it) transfer of (control) messages from transfer routers and hosts to hosts routers feedback about problems e.g. time to live expired hence not reliable encapsulated in IP datagram ICMP Message Formats ICMP Common ICMP Messages Common destination unreachable time exceeded parameter problem source quench redirect echo & echo reply timestamp & timestamp reply address mask request & reply Address Resolution Protocol (ARP) (ARP) need MAC address to send to LAN host manual included in network address use central directory use address resolution protocol ARP (RFC 826) provides dynamic ARP IP to ethernet address mapping ethernet source broadcasts ARP request destination replies with ARP response IP Versions IP IP v 1-3 defined and replaced IP v4 - current version IP v5 - streams protocol IP v6 - replacement for IP v4 during development it was called IPng (IP during Next Generation) Next Why Change IP? Why Address space exhaustion two level addressing (network and host) wastes space network addresses used even if not connected growth of networks and the Internet extended use of TCP/IP single address per host requirements for new types of service IPv6 RFCs IPv6 RFC 1752 - Recommendations for the IP Next RFC Generation Protocol Generation requirements PDU formats addressing, routing security issues RFC 2460 - overall specification RFC 2373 - addressing structure many others IPv6 Enhancements IPv6 expanded 128 bit address space improved option mechanism most not examined by intermediate routes dynamic address assignment increased addressing flexibility anycast & multicast labeled packet flows support for resource allocation IPv6 IPv6 PDU (Packet) (Packet) Structure Structure IP v6 Header IP IP v6 Flow Label IP related sequence of packets needing special handling identified by src & dest addr + flow label router treats flow as sharing attributes e.g. path, resource allocation, discard requirements, e.g. accounting, security accounting, buffer sizes, different forwarding precedence, different buffer quality of service quality may treat flows differently alternative to including all info in every header have requirements on flow label processing IPv6 Addresses IPv6 128 bits long assigned to interface single interface may have multiple unicast single addresses addresses three types of addresses: unicast - single interface address anycast - one of a set of interface addresses multicast - all of a set of interfaces IPv6 Extension Headers IPv6 Hop-by-Hop Options Hop-by-Hop must be examined by every router if unknown discard/forward handling is specified next header header extension length options Pad1 PadN Jumbo payload Router alert Fragmentation Header Fragmentation fragmentation only allowed at source no fragmentation at intermediate routers node must perform path discovery to find node smallest MTU of intermediate networks smallest set source fragments to match MTU otherwise limit to 1280 octets header includes fragment offset more fragments bit identification Routing Header Routing list of one or more intermediate nodes to visit header includes Next Header Header extension length Routing type Segments left initial destination address is first on list current destination address is next on list final destination address will be last in list Type 0 routing provides a list of addresses Destination Options Header Destination carries optional info for destination node format same as hop-by-hop header Virtual Private Networks Virtual set of computers interconnected using an set insecure network insecure e.g. linking corporate LANs over Internet using encryption & special protocols to using provide security provide to stop eavesdropping & unauthorized users proprietary solutions are problematical hence development of IPSec standard IPSec IPSec RFC 1636 (1994) identified security need encryption & authentication to be IPv6 but designed also for use with current IPv4 applications needing security include: branch office connectivity remote access over Internet extranet & intranet connectivity for partners electronic commerce security IPSec Scenario IPSec IPSec Benefits IPSec provides strong security for external traffic resistant to bypass below transport layer hence transparent to below applications applications can be transparent to end users can provide security for individual users if can needed needed IPSec Functions IPSec Authentication Header for authentication only for combined authentication/encryption for manual or automated Encapsulating Security Payload (ESP) a key exchange function VPNs usually need combined function see chapter 21 Summary Summary basic protocol functions internetworking principles connectionless internetworking IP IPv6 IPSec ...
View Full Document
This note was uploaded on 04/06/2011 for the course EE 5363 taught by Professor Kang during the Spring '09 term at NYU Poly.
- Spring '09