Unformatted text preview: Computer Networks 2
The Network Layer in the Internet February 13, 2012 Veton Kpuska 1 The Network Layer in the Internet At the Network Layer Internet can be viewed as collection of sub networks or Autonomous Systems (ASes). Properties: There is no real structure, Various Network components held together via a number of Backbones. A sketch of quasihierarchical organization of the Internet is depicted in following figure:
Veton Kpuska 2 Regional Networks are attached to those backbones. University LAN's, Company LAN's, and Internet Providers are connected to Regional Networks. Highbandwidth lines, and Fast Routers February 13, 2012 The Network Layer in the Internet The Internet is an interconnected collection of many networks February 13, 2012 Veton Kpuska 3 The Network Layer in the Internet Network Layer Protocol is the glue that holds the whole Internet together. This protocol is called IP (Internet Protocol). IP: Is designed from the beginning with internetworking in mind. Its job is to provide: A besteffort (i.e., not guaranteed) way to transport datagrams from source to destination. Connectivity in spite the fact these machines can be on the same network or there are other networks in between them. February 13, 2012 Veton Kpuska 4 The Network Layer in the Internet Communication in the Internet: The transport layer takes data streams and breaks them up into datagrams. In the previous sketch an example can be depicted where the packet originating at host 1 has to traverse six networks to get to the destination host 2. Note that in practice it takes much more then six.
Veton Kpuska 5 Each datagram is transmitted through the Internet, possibly being fragmented into smaller units. In the destination machine they are reassembled by the network layer into the original datagram. This datagram is handed over to transport layer. Datagrams can be up to 64 Kbytes each, but in practice they usually are not more than 1500 bytes (they fit in one Ethernet frame). February 13, 2012 The IP Protocol Format of datagrams is a starting point to study the network layer in the internet: IP datagram consists of: Header: Header, and Text part. Header format: 20byte fixed part Variable length optional part. February 13, 2012 Veton Kpuska 6 The IP Protocol Transmitted in BigEndian format: bit order is from lefttoright, with the high order bit of the Version field proceeding the rest. (Note Motorola uses bigendian order while Intel littleendian order). Version field keeps track of which version of the protocol the datagrams are using. Due to variability of the header size, a field header, IHL, is provided to specify the length of the header in 32 bit (4 bytes) words. Conversion is required on all littleendian machines in transmission and reception. Note that for some options, for example one that records the route a packet has taken, 40 bytes is not nearly enough, thus making this option useless. Minimal value of IHL is 5 (no options present) Maximal value of IHL is 15 (limits the header to 15*4 bytes = 60 bytes => Options field length = 40 bytes). February 13, 2012 Veton Kpuska 7 The IP Protocol The Type of Service: It is intended to specify different classes of service: Various combinations of reliability and speed are possible. Examples: It is contained in the field of 6 bits: Digitized voice: fast delivery dominates over accurate delivery. File transfer: errorfree transmission is more important then fast transmission. Precedence field specifies priority (07). Flag bits allowed the host to specify what requirements are most important ( First three bits (from left to right) specify Precedence filed, and Three flags: D, T, and R. Delay, Throughput, or Reliability Theoretically those flags and Precedence level would allow routers to make choices between for example: In practice routers ignore type of service field all together. Satellite link with high throughput and high delay, and Leased line with low throughput and low delay. February 13, 2012 Veton Kpuska 8 The IP Protocol IETF (Internet Engineering Task Force) allowed slight change in the usage/definition of Type of Service field. Six bits are now used to indicate which of the service classes discussed earlier each packet belongs to. Total length field includes everything in the datagram: Header + Data. Maximum length 216 = 65,535. Future gigabit networks will require larger datagrams. Identification field is needed to allow the destination host to determine which datagram a newly arrived fragment belongs to. All fragments of the same datagram contain identical identification field value. February 13, 2012 Veton Kpuska 9 The IP Protocol DF Don't Fragment field. It is used to indicate to the router not to fragment the datagram when destination can not put the datagram together from received fragments . MF More Fragment field. All fragments with exception to the last one have this bit set. It is used to indicate when the last fragment of a datagram has arrived. Fragment Offset. Specifies where this fragment belongs in the datagram. All fragments except the last one in a datagram must be a multiple of 8 bytes (elementary fragment unit). Time to Live. Limits packets lifetime. 13 bits => max of 8192 fragments per datagram. It is supposed to count time in seconds, allowing a maximum lifetime of 255 sec. In practice it just counts hops. When it hits zero the packet is discarded and a warning packet is sent back to the source host. February 13, 2012 Veton Kpuska 10 The IP Protocol Protocol Field: When Network Layer has assembled a complete datagram it needs to know what to do with it. This field specifies which transport process to give it to: Numbering of protocols is global. Assigned numbers can be located at www.iana.org
TCP (Transmission Control Protocol) UDP (User Datagram Protocol), etc. Header Checksum. Verifies the header only. Source Address and Destination Address. Indicate Network Number and Host number (more details later). Options Field. This field was designated to provide an escape to allow subsequent versions of the protocol to: Option Fields are variable length. Each begins with a: Include information not present in the original design, Allow experimentation with and try outs of new ideas, and Avoid allocating header bits for the information that is rarely needed. 1byte code identifying the option. Followed by 1byte option length with some options, and One or more data bytes. It is padded to a multiple of four bytes. Original options are given in the next table. Current complete and uptodate list is available at www.iana.org/assignements/ipparameters February 13, 2012 Veton Kpuska 11 The IP Protocol Some of the IP options: February 13, 2012 Veton Kpuska 12 The IP Protocol Security. Strict Source Routing. In theory, a military router might sue this field to specify not to route through certain countries the military considers to be "bad guys". In practice this field is ignored. Gives the complete path from source to destination as a sequence of IP addresses. The datagram is required to follow that exact route. Requires a packet to traverse the list of routers specified, and in the order specified. It is allowed to pass through other routers on the way. Useful to avoid certain countries. Directs routers to append their IP address to the option field. When the ARPANET was first set up, no packet ever passed through more than nine router, so 40 bytes of option was ample. Now this size is to small. Directs routers to also record a 32bit time stamp. This option is mostly for debugging. Loose Source Routing. Record Route. Timestamp. February 13, 2012 Veton Kpuska 13 IP Addresses Every Host and Router on the Internet has an IP address. IP addresses are 32 bits long. IP address encodes device work number and host number. I principle this combination should be unique; i.e., no two machines on the Internet should have the same IP address. They are used in the Source address and Destination address fields of IP packets. IP address refers to a network interface and not to a host. IP addresses were divided into five categories (see following figure). Depicted allocation has come to be called Classful Addressing. Note that it is no longer used but there may be numerous reference to it in literature. If host is connected to two networks it must have two IP addresses. February 13, 2012 Veton Kpuska 14 IP Addresses IP Address Format February 13, 2012 Veton Kpuska 15 IP Addresses Class A, B, C and D formats allow for up to : Class E, that has addresses that begin with 1111 is reserved for future use. Over 500,000 networks are now connected to the Internet, and the number grows every year. Network numbers are managed by a nonprofit corporation called ICANN (Internet Corporation for Assigned Names and Numbers) to avoid conflicts. ICANN has delegated parts of the address space to various regional authorities, which in turn give out IP addresses to ISPs and other companies. 128 networks with 16 million host each 16384 networks with up to 64K hosts, or 2 million networks (e.g., LAN's) with up to 256 host each. February 13, 2012 Veton Kpuska 16 IP Addresses Network addresses are typically written in dotted decimal notation. In this format each of the 4 bytes is written in decimal from 0 to 255. Lowest IP address: 0.0.0.0 and highest is 255.255.255.255 Values 0 and 1 (in signed binary notation, i.e., all 1's) have special meanings as depicted in the following figure. 0 means this network or this host. 1 means all hosts on the indicated network. February 13, 2012 Veton Kpuska 17 IP Addresses IP address 0.0.0.0 is used by hosts when they are being booted. The IP addresses with 0 as network number refer to the current network. The address consisting of all 1s allows broadcasting on the local network, typically a LAN. This convention is used to allow machines to refer to their own network without knowing its number. However, they have to know its class to know how many 0's to include. The addresses with a proper network number and all 1s in the host field allow machines to send broadcast packets to distant LANs anywhere in the Internet. Note Network administrations can disable this feature. All addresses of the form 127.xx.yy.zz are reserved for loop back testing. Packets sent to that address are not put out onto the wire; they are processed locally and treated as incoming packets. February 13, 2012 Veton Kpuska 18 Subnets All host in a network must have the same network number. This property of IP addressing can cause problems as networks grow. The problem is the rule that a single class A, B, or C address refers to one network, not to a collection of LANs. A small change was made to the addressing system to deal with this problem. Solution: allow a network to be split into several parts for internal use but still act like a single network to the outside world. Example of a typical University Campus Network: February 13, 2012 Veton Kpuska 19 Subnets A campus network consisting of LANs for various departments. February 13, 2012 Veton Kpuska 20 Subnets In the literature, the parts of the network (in the example before Ethernets) are called subnets. How does the main router know which subnet (Ethernet) to use to deliver a packet? This definition conflicts with "subnet" to mean the set of all routers and communication lines in a network. Maintain a table that associates each host (in the campus) to its corresponding router. Problems: Instead of having a single class B address with 14 bits for the network number and 16 bits for the host number, some bits are taken away from the host number to indicate subnet number. Example: University with 35 departments it could use 6bit subnet number and a 10 bit host number allowing 26=64 Ethernets each with a maximum of 2102=1022 hosts. To implement subnetting, main router needs a subnet mask. Large table (65,536 entries) Significant amount of manual maintenance in adding, moving, and removing hosts. It indicates the split between network + subnet number and host as shown in the next figure. February 13, 2012 Veton Kpuska 21 Subnet Mask Subnet masks are also written in dotted decimal notation, with the addition of a slash followed by the number of bits in the network + subnet part. In the example bellow subnet mask can be written as: Alternate notation is /22 to indicate that the subnet mask is 22 bits long. A class B network subnetted into 64 subnets 255.255.252.0 February 13, 2012 Veton Kpuska 22 Subnets Outside the network the subnetting is not visible, so allocating a new subnet does not require contacting ICANN or changing any external databases. Following the same example one could use IP addresses for subnet:
1. 2. 3. In binary notation: 220.127.116.11 18.104.22.168 22.214.171.124, and so on. 1. 2. 3. Note that "|" is used to indicate division of subnet number from host number. 6 bits to the right of | are subnet numbers and 10bits to the right of | are host numbers. 10000010 00110010 000001|00 00000001 10000010 00110010 000010|00 00000001 10000010 00110010 000011|00 00000001 February 13, 2012 Veton Kpuska 23 Subnets Processing of IP packets (by a router). Each router has a table listing: 1. Some number of (network, 0) IP addresses, and 2. Some number of (thisnetwork, host) IP addresses. First kind contains information on how to get to distant networks Second kind tells how to get to local hosts. Associated with each table is the network interface to use to reach the destination. February 13, 2012 Veton Kpuska 24 Subnets When a packet arrives: Its destination address is looked up in the routing table. Each router thus has to keep track of other networks and local hosts and not (network, host) pars, thus reducing the size of the routing table significantly. If the packet is for a distant network packet is forwarded to the next router as specified in the table. If it is a local host it is sent directly to the destination. If the network is not present, the packet is forwarded to a default router with more extensive tables. February 13, 2012 Veton Kpuska 25 Subnets When subnetting is introduced, the routing tables were changed by introducing entries of the form: Router on subnet k knows only how t get to all other subnets and also how to get to all the host on the subnet k. Thus it does not have to deal with the hosts on the other subnets. That is all that needs to be done is to have each router do a Boolean AN with the network's subnet mask to get rid of the host number and look up the resulting address in its tables. (thisnetwork, subnet, 0), and (thisnetwork, thissubnet, host). Example: Subnetting reduces router table space by creating a threelevel hierarchy consisting of network, subnet and host. packet addressed to: 126.96.36.199 ANDed with the subnet mask at the main router with the subnet mask 255.255.252.0/22 to give the address 188.8.131.52 This address is looked up in the routing tables to find out which output line to use to get to the router for subnet 3. February 13, 2012 Veton Kpuska 26 CIDR Classless InterDomain Routing IP it is running out of addresses 1987 Prediction: Internet might grow to 100,000 networks. 100,000 network was connected in 1996. There are over 2 billion of addresses Organizing them in classes wastes millions of them. Particular problem is class B network. Class A network with 16 million addresses is to big for most organizations. Class C with 256 addresses is too small. Class B with 65,536 addresses is just right. February 13, 2012 Veton Kpuska 27 CIDR In reality class B is far to large for most organizations (more than half of class B networks have less than 50 hosts). In retrospect class C network should have been allocated 10 bits (instead of 8 bits) for the host number that would allow 1022 (10242: all 0 and 1 special usage addresses) which would give half a million addresses that would have been just right for most organizations instead of 65,536 as is the case for class B. In 1987 nobody predicted that internet will become a mass market communication system rivaling the telephone network. On the other hand if 20 bits were allocated to the class B network number, another problem would have emerged: the routing table explosion. Routers view the IP address space as a twolevel hierarchy with network numbers and host numbers. Routers do not have to know all the hosts but they do have to know all the networks. If half a million class C networks were in use, every router in the entire Internet would need a table with half a million entries, one per network, telling which line to use to get to that network. Various routing algorithms require each router to transmit its tables periodically (e.g., distance vector protocols). Expensive solution for critical routers that keep the tables in static RAM on I/O boards. A more serious problem is that complexity of various algorithms relating to management of the tables grows faster than linear. Finally, the worse problem is that router software and firmware was designed at a time when the Internet had 1000 connected networks and thus design choices made then are far from optimal in current conditions. Larger the tables, greater the likelihood that some parts will get lost. Loss of data or corrupt data leads to routing instabilities. February 13, 2012 Veton Kpuska 28 CIDR One solution would require to have a deeper hierarchy in routing. IP address contain a country, state/province, city network address and host field. Each router would only need to know how to get to each country, the states/provinces in its own country, the cities in that state/province, and the networks in its city. This solution would require more than 32 bits for IP addresses and would use addresses inefficiently (Liechtenstein would have as many bits as the United States). Some solutions solve one problem but create the other. February 13, 2012 Veton Kpuska 29 CIDR Basic idea behind Classless InterDomain Routing CIDR is to allocate the remaining IP addresses in variable sized blocks without regard to CLASSES. Dropping the classes makes forwarding more complicated. Original class based algorithm: 4 bit class number is extracted from the copy of packet IP address. 16 way branch sorts packets into: A, B, C, and D, E (if supported) class. 8, 16, or 24 bit network number is masked. The network number is then looked up in the A, B, and C table (typically A and B is indexed while C is hashed) Corresponding outgoing line form the entry that was found is looked up and used to forward the packet. A 8 cases, B 4 cases, C 2 cases, and D,E 1 case. February 13, 2012 Veton Kpuska 30 CIDR CIDR Algorithm Single Routing table entry is extended to 32 bits for all networks. Table consists of array of: IP address Subnet mask Outgoing line, triplet Destination IP address is extracted. Matching masked Destination IP address with table entries. If multiple matches then longest mask is used. 1. 2. 3. February 13, 2012 Veton Kpuska 31 CIDR Commercial Routers use custom VLSI chips with these algorithms embedded in hardware. Example: Million of addresses available starting at 184.108.40.206 Cambridge University needs 2048 addresses => Oxford University asks for 4096 addresses => 220.127.116.11 18.104.22.168 Mask 255.255.248.0 University of Edinburgh asks for 1024 addresses => 22.214.171.124 126.96.36.199 Mask 255.255.240.0 188.8.131.52 184.108.40.206 Mask 255.255.252.0 February 13, 2012 Veton Kpuska 32 CIDR Example February 13, 2012 Veton Kpuska 33 CIDR Example Routing tables all over the world are now updated with the three assigned entries. Each entry contains a base address and a subnet mask. Entries in binary are: C: 11000010 00011000 00000000 0000000 11111111 11111111 11111000 0000000 E: 11000010 00011000 00001000 0000000 11111111 11111111 11111100 0000000 O: 11000010 00011000 00010000 0000000 11111111 11111111 11110000 0000000 February 13, 2012 Veton Kpuska 34 CIDR Example Packet addressed to 220.127.116.11 (binary =>) 11000010 00011000 00010001 00000100 1. ANDed with Cambridge Univ. Mask: 1. ANDed with Edinburgh Univ. Mask: 11000010 00011000 00010000 00000000 Does not match Cambridge Univ. base address. 11000010 00011000 00010000 00000000 Does not match Edinburgh Univ. base address. 11000010 00011000 00010000 00000000 Does match Oxford Univ. base address.
Veton Kpuska 35 1. ANDed with Oxford Univ. Mask: February 13, 2012 CIDR Example From a Router in Omaha, Nebraska that has only 4 outgoing lines: Minneapolis New York Dallas Denver When Router there gets the three new entries => determines that it can combine all three entries into a single aggregate entry: 18.104.22.168/19 with a binary address and submask as follows: A: 11000010 00000000 00000000 00000000 M: 11111111 11111111 11100000 00000000 This entry will send all packets to New York. In addition aggregation reduces table size.
Veton Kpuska 36 February 13, 2012 NAT Network Address Translation Is way to get around the problem of lack of IP addresses. ISP with /16 (class B) addresses can accommodate 64k (65,534) hosts. Temporary solution NAT Network Address Translation If ISP has more then 64k customers it can dynamically assign an IP address to a computer when it calls up (dial up connection). When session is terminated the IP address is reassigned to another user. This strategy works for home users with dialup connection but it fails for Broadband (Cable and ADSL) or business users. Long term solution is migration of IPv6 (128bit addresses). February 13, 2012 Veton Kpuska 37 NAT Network Address Translation Basic Idea: To make this scheme work three ranges of IP addresses have been declared as private. Each Company is assigned a single IP address (or at most small number of them) for internet traffic. Within the company every computer gets a unique IP address, which is used to route internal traffic. When packet exits the company to ISP and address translation takes place. Internally they can be used as seen appropriate. The only rule is that no packets containing these addresses may appear on the Internet itself. Three reserved ranges are: 10.0.0.0 172.16.0.0 192.168.0.0 10.255.255.255/8 172.31.255.255/12 192.168.255.255/16 (16,777,216 hosts) (1,048,576 hosts) (65,546 hosts) February 13, 2012 Veton Kpuska 38 NAT Network Address Translation Sending packets from the network with NAT: Getting packet from outside world to NAT based network: NAT box converts internal IP source address (10.0.0.1) to true address (22.214.171.124) NAT box is combined with a firewall. Source Port Field (designed to be used for TCP or UDP transmissions) can be used to identify the source. Whenever source address is replaced by the company's IP address by NAT the TCP/UDP source port field is replaced by an index into the NAT box's 65,536entry translation table. This table entry contains the original IP address and the original source port. Both the IP and TCP/UDP header checksums are recomputed and inserted into the packet. Placement and operation of NAT box When a packet arrives at the NAT box from the ISP, the Source port in the TCP/UDP header is extracted and used as in index into the NAT box's mapping table. From the located table entry, internal IP address and original TCP Source port are extracted, and inserted into the packet. Checksums are recomputed and inserted into the packet. The packet is then passed to company server for delivery. It is necessary to replace Source Port because connections from two machines (e.g., 10.0.0.1 and 10.0.0.2) may both happen to use the same port (e.g., 5000) so the Source port alone is not enough to identify the sending process. February 13, 2012 Veton Kpuska 39 NAT Network Address Translation 1. 2. The same NAT solution can be applied to Broadband networks (ADSL and Cable). This solution however, is regarded as breaking fundamental principles of Layered Network Organization: NAT violates architectural model of IP which states that every IP address uniquely identifies a single machine worldwide. NAT changes Internet from a connectionless network to a kind of connectionoriented network. 1. 2. 3. 4. 5. NAT violates the most fundamental rule of protocol layering: layer k may not make any assumptions about what layer k+1 has put into the payload field. This principle is there to keep layers independent. If TCP is later upgraded to TCP2 with different header layout NAT will fail. The idea of independence of layers is to ensure that changes in one layer do not affect other layers. NAT destroys this independence. Processes on the Internet are not required to use TCP or UDP. If a user on machine A decides to use a new transport protocol to communicate with a user on the machine B, introduction of NAT box will cause this application to fail because NAT will not be able to locate TCP Source Port correctly. Some applications insert IP addresses in the body of the text like FTP (File Transfer Protocol) or Internet Telephony. The receiver extracts these addresses and uses them. However, since NAT does not know about these addresses it cannot replace them, so any attempt to sue them on the remote side will fail. It may be possible to patch NAT every time a new application or standard comes along (e.g., like H.323 for Internet telephony) but doing this for every new application comes along is not a good idea. Since TCP Source port field has only 16bits it can only be used for up to 64k machines. Finally by introducing NAT, (a hack) that temporarily fixes the problem of lack of IP addresses, it only delays implementation of the real solution and transition of IPv6, and this is a bad think. NAT box must maintain information (mapping) for each connection passing through it. Having the network maintain connection sate is a property of connectionoriented network. If NAT box crashes and its mapping table is lost, all its TCP connections are destroyed. In the absence of NAT router crashes have no real effect on the network. (The sending process times out and resends all unacknowledged packets). With NAT the Internet becomes as vulnerable as a circuitswitched network. February 13, 2012 Veton Kpuska 40 Internet Control Protocols It serves to monitor closely the operation of the Internet. Internet Control Message Protocol (ICMP) Address Resolution Protocol (ARP) Reverse Address Resolution Protocol (RARP) Bootstrap Protocol (BOOTP) Dynamic Host Configuration Protocol (DHCP). February 13, 2012 Veton Kpuska 41 ICMP The Internet Control Message Protocols Unexpected events are reported by ICMP. The same protocol is used to test the Internet. A dozen types of types of ICMP messages are defined more important of which are presented in the table bellow: February 13, 2012 Veton Kpuska 42 ARP The Address Resolution Protocol Data link layer does not understand IP addresses and thus those can not be used at that level. LAN Interface hardware uses only LAN addresses. How does IP address get mapped onto data link layer such as Ethernet? Answer of this question using following example:
Veton Kpuska 43 February 13, 2012 ARP The Address Resolution Protocol Small University with several class C (now /24) networks Two Ethernet Networks of Each machine on an Ethernet has a unique (48bit) address labeled E1E6. Each machine on the ring has an FDDI (Fiber Distributed Data Interface) ring address labeled F1F3. CS (IP: 126.96.36.199) and, EE (IP: 188.8.131.52) Departments both Connected to a campus backbone ring (IP: 184.108.40.206) February 13, 2012 Veton Kpuska 44 ARP The Address Resolution Protocol 1. 2. 3. 4. Scenario 1: Host 1 ([email protected]) sends a packet to a user on Host 2.
Find IP address for host 2 (e.g., eagle.cs.uni.edu) using Domain Name System [DNS] that returns IP address for host 2 (220.127.116.11) Upper layer software (e.g., application) builds a packet with 18.104.22.168 in the Destination Address field and hands it over to IP software for transmission. IP software will determine (via a table lookup) that the address of that destination is on its network. IP software needs to map this IP address to destination's Ethernet address: 1. At this point host 1 Have a configuration file in the system that maps IP addresses onto Ethernet addresses. (Problem with keeping files up to date; also it is error prone and time consuming operation). Or better solution: Host 1 broadcast a packet onto the Ethernet requesting information who owns IP address 22.214.171.124. The host 2 responds with its Ethernet address (E2). The protocol used for asking destinations Ethernet address and getting the reply is called ARP (Address Resolution Protocol). Builds Ethernet frame addressed to E2, Puts the IP packet in the payload field, Dumps the packet onto Ethernet. Detects this frame, Recognizes it is addressed to itself, Extracts the IP packet from the payload and passes it to the IP software, IP software validates that it is correctly addressed and processes it. 1. Ethernet board of Host 2 Number of optimizations are possible by cashing the information in both host 1 and host2 (e.g., all hosts in the Ethernet network). February 13, 2012 Veton Kpuska 45 ARP The Address Resolution Protocol Scenario 2: Host 1 sends a packet to a user on Host 4 (126.96.36.199). 1. 1. Using ARP will fail because host 4 will not see broadcast from host 1. Two solutions: Proxy ARP: CS router could be configured to respond to ARP request for network 188.8.131.52: Following Steps are conducted in either case:
1. 2. Host 1 immediately determine that the destination is on a remote network and send all such traffic to a default Ethernet address that handles all remote traffic (e.g., in this case E3). Host 1 packs the IP packet into the payload of an Ethernet frame addressed to E3. CS E3 Router uses this IP address to lookup the next router (184.108.40.206) Host 1 will make an ARP cashed entry of (220.127.116.11, E3) and send all traffic for host 4 to local router. 1. 2. 3. Inserts the packet into payload field of an FDDI frame addressed to F3 and puts it on the ring. EE Router removes that packet from the payload field and delivers it to IP software. IP software recognized that the packet needs to be send to 18.104.22.168 If it does not know the FDDI address of that router, it broadcasts an ARP packet onto the ring thus obtaining FDDI address F3 of the router. 1. Ethernet board of Host 4 If its (22.214.171.124) Ethernet address, E6, is not cashed ARP is used to obtain this information. Builds the Ethernet frame addressed to Et, Puts the IP packet in the payload field, Sends the packet over the Ethernet. Detects this frame, Recognizes it is addressed to itself, Extracts the IP packet from the payload and passes it to the IP software, IP software validates that it is correctly addressed and processes it. February 13, 2012 Veton Kpuska 46 Ethernet to IP Address Mapping RARP, BOOTP, and DHCP RARP Reverse Address Resolution Protocol Broadcast Ethernet address of a newlybooted device requesting its IP address. RARP server sends back corresponding IP address. Disadvantage RARP protocol uses destination address of all 1s (limited broadcasting) to reach RARP server => an RARP sever is needed on each network. Alternate Bootstrap Protocol (BOOTP) that unlike RARP uses UDP messages, which are forwarded over routers (i.e., does not require special server). Problem BOOTP requires manual configuration of tables mapping IP address to Ethernet address. DHCP Dynamic Host Configuration Protocol: It allows both manual IP address assignment and automatic assignment. It is based on the idea of a special server that assigns IP addresses to hosts asking for one. Since DHCP server may not be reachable by broadcasting, a DHCP realy agent is needed on each LAN. February 13, 2012 Veton Kpuska 47 IPv6 New version of IP from current IPv4 that alleviates the problems of this implementation. In the early years Internet was primarily used by: With the explosion of interest started in mid 1990's it started to be used by different group of people, especially people with different requirements: Universities, Hightech Industry, and Government (DOD). Wireless portables connected to home bases, Impeding convergence of the computer, communication, and entertainment industries: Every telephone, Every TV set, Those circumstances require evolution current IPv4 to a more flexible IP standard. Will become Internet Node, producing a billion machines used for audio and video on demand. February 13, 2012 Veton Kpuska 48 IPv6 IETF in 1990 started work on a new version of IP. Its major goals were:
1. 2. 3. 4. 5. 6. 7. 8. 9. Support billions of hosts, even with inefficient address space allocation. Reduce the size of the routing tables. Simplify the protocol, to allow routers to process packets faster. Provide better security (authentication and privacy) than current IP. Pay more attention to type of service, particularly for realtime data. Aid multicasting by allowing scopes to be specified. Make it possible for a host to roam without changing its address. Allow the protocol to evolve in the future. Permit the old and new protocols to coexist for years. February 13, 2012 Veton Kpuska 49 IPv6 IPv6 adopted from Deering and Francis proposals called SIPP (Simple Internet Protocol Plus). IPv6 is not compatible with IPv4 but it is compatible with other auxiliary Internet protocols: TCP, UDP, ICMP, OSPF, BGP, and DSN. Major Improvements of IPv6: 1. Longer Addresses = 16 Bytes long (practically unlimited supply of Internet addresses) 2. Simplification of the header to 7 fields (from previously 13 in IPv4). 3. Better support for options. 4. Big advance in security. 5. More attention to quality of service.
Veton Kpuska 50 February 13, 2012 Main IPv6 Header The IPv6 Fixed Header February 13, 2012 Veton Kpuska 51 Main IPv6 Header Version Field (4bits) Traffic Class (8bits) 4 for IPv4 and 6 for IPv6 Testing for version wastes a few instructions many implementations are likely to embedded this test in data link layer and forward the packed directly to correct network layer handles. This violates the design principle of independent layers. ("Do it right" vs. "Make it fast" camps). It is designated to distinguish between packets with different realtime requirements. Experiments underway to determine how best it can be used for multimedia delivery. It is also still experimental but will be used to allow a source and destination to set up a pseudoconnection with particular properties and requirements. For example if a stream of packets from one process on a source host to another process on a certain destination has stringent delay requirements (e.g., IP telephony), thus it requires a reserved bandwidth. The flow can be set up in advance utilizing this field; when a packet with a nonzero Flow Label shows up, all routers can loop it up in internal tables to see what kind of special treatment it requires. Flows are thus an attempt to have both kinds of connections: the flexibility of datagram subnet and the guarantees of a virtualcircuit subnet. Each flow is designated by:
1. 2. 3. Flow Label (20 bits) Source address Destination address, and Flow number This arrangement allows for multiple active flows from the same pair of source and destination. In addition if two different flows with the same flow number arrive at the same router they can be distinguished by source and destination addresses. February 13, 2012 Veton Kpuska 52 Main IPv6 Header Payload Length Next header Tells how many bytes follow the 40byte header. Header could be simplified because of this field that allows for (optional) additional headers that are used to provide extra information. At a moment there are 6 extension headers. It is used to keep packets from living forever. 16 Byte size of address fields was reached as a compromise between various proposals (8Byte, 16Byte, 20 Byte and Variable length address field). 2128 addresses 3x1038 7x1023 IP addresses per square meter (larger then Avogadro's number) In practice address spaces may not be used efficiently (same as telephone numbers: 212 area code of Manhattan is nearly full while area code 307 of Wyoming is nearly empty) New notation: 8 groups of 4 hexadecimal digits with colons between the groups: Hop Limit Source Address and Destination Address Optimized notation: 8000:0000:0000:0000:0123:4567:89AB:CDEF Leading zeros within the group can be omitted. One or more groups of 16 zero bits can be replaced by a pair of colons: IPv4 addresses can be written as a pair of colons and an old dotted decimal number: 8000::123:4567:89AB:CDEF ::126.96.36.199 February 13, 2012 Veton Kpuska 53 Main IPv6 Header Information not included in IPv6 compared to IPv4: Fields related to Fragmentation. Checksum field. February 13, 2012 Veton Kpuska 54 IPv6 Extension Headers Some headers are fixed format; others contain variable number of variable length fields. Current defined types are given in the table bellow: February 13, 2012 Veton Kpuska 55 IPv6 Extension Headers Variable Length fields are encoded as a (Type, Length, Value) tuple. Type 1 byte field telling which option this is. First 2 bits tell routers (that do not know) how to process the option. Some of the choices what to do are: Length 1 byte field. Specifies the length of the field in number of bytes. Value is any information required up to 255 bytes. Skip this option Discard Packet Discard Packet and send back an ICMP (Internet Control Message Protocol) packet. Discard Packet without sending multicast ICMP packet. February 13, 2012 Veton Kpuska 56 Main IPv6 Header HopbyHop Header It is used for information that all routers along path must examine. Currently, one option has been defined: support of datagrams exceeding 64K. The hopbyhop extension header for large datagrams (jumbograms) February 13, 2012 Veton Kpuska 57 IPv6 Extension Headers: HopbyHop Header Next Header: 1 Byte field that specifies kind of the next header. Payload length in the fixed header is set to zero. Next 2 bytes indicate that this option defines Datagram size (code 194) and that the size info is a 4byte number. Last 4bytes give the size of the datagram. Veton Kpuska 58 February 13, 2012 IPv6 Extension Headers: Destination Option: is intended for fields that need only be interpreted by destination host. Routing Header: Lists one or more routers that must be visited on the way to destination. Fragment Header: The header holds the datagram identifier, fragment number, and a bit telling whether more fragments will follow. Note that in IPv6 only host can fragment a packet. Since Routers are not charged to do this it simplifies their work and thus makes routing faster. Authentication header: provides a mechanism to ensure identity of the sender by the receiver. Encrypted Security Payload: It makes it possible for sending the encrypted package so that intended recipient can read it. These header specify cryptographic techniques to accomplish decryption. February 13, 2012 Veton Kpuska 59 Controversial Issues Regarding IPv6 Address Length (16 Bytes) Hop Limit Field (limits the number to 255). Maximum Packet Size: 32 Hops are Common now and 10 year from now 255 may not be enough. 65535 Hops is far to long. In the future more and more direct links will be built making it possible to get from one country to the other in half a dozen hops at most. If it takes more than 125 hops to get to international gateway then something is wrong with the national backbones. Supercomputer community requested packets in excess of 64KB. Argument against Large packet size: When 1MB packet hits a 1.5 Mbps T1 line that packet will tie the line up for 5 seconds producing a noticeable delay for interactive users sharing the line. Compromise: Removal of Checksum: Normal packets are limited to 64 KB For large packets hopbyhop extension header can be used. Analogy with "A car without a breaks" (it can be made faster but safety becomes an issue). If an application really cares about integrity it will have a checksum in transport layer so having one in Network Layer (in addition to data link layer) is redundant and thus is unnecessary. February 13, 2012 Veton Kpuska 60 Controversial Issues Regarding IPv6 Mobile Hosts: If a portable computer flies halfway around the world, can it continue operating at the destination with the same IP6 address? or Does it have to use a scheme with home agents and foreign agents? Mobile hosts also introduce asymmetries into the routing system. Security: Small computer can receive a powerful signal put out by a large stationary router. Stationary router can not hear the feeble signal put out by mobile host. Consequently a proposal was put out that required explicit support for mobile hosts into IPv6. This effort failed because the lack of consensus. Where should be placed? Network Layer becomes a standard service that all applications can use without any advance planning. Argument against it is that secure applications generally want nothing less then endtoend encryption (source application does encryption and destination does decryption). Anything less then that it would put user at the situation to depend on potentially buggy implementations of network layer over which he has no control. Response to this argument would be that applications can just refrain from using the IP security features and do the job themselves. Rejoinder of the response then is: why then one should pay the price for IP security and its maintenance if this capability is not used or disabled. Additional concern that relates to where should one put the security features is the fact that many countries have stringent export laws concerning cryptography. Some (notably France and Iraq) also restrict its use domestically so that people cannot have secrets from police. Consequently IP implementation that used a cryptographic system strong enough to be of much value could not be exported from the United States (and other countries) to customers worldwide. Hawing to maintain two sets of software one for domestic use and one for export is something that computer vendors oppose. February 13, 2012 Veton Kpuska 61 SUMMARY Network Layer Provides Services to Transport Layer. Its primary function is to route packets from the source to destination. Service can be based on Virtual circuits: Datagrams: Routing decision is made when the virtual circuit is set up prior to data packets being transmitted. Routing decision is made for each individual packet. Routing Algorithms can be based on: Static Algorithms: Dynamic Algorithms: Shortest Path Routing and Flooding Distance Vector Routing, and Link State Routing. Important topic in Routing are: Hierarchical Routing Routing for Mobile Hosts Broadcast Routing Multicast Routing, and Routing in peertopeer networks. February 13, 2012 Veton Kpuska 62 SUMMARY Issues Regarding Quality of Service: Congestion: Avoidance: Congestion Resolution Proper Design of the Network Techniques: Retransmission Policy Cashing Flow Control, etc. Choke Packets send back Load can be shed, etc. Guaranteed Specified Quality of Service Requirements Methods used to achieve those goals: Internet Buffering at the client Traffic Shaping Resource Reservation Admission Control Variety of Protocols related to the networks layer:
Data Transport Protocol: IP Control Protocols Routing Protocols ARP, RARP OSPF BGP New version of IP protocol required IPv6. February 13, 2012 Veton Kpuska 63 ...
View Full Document
This note was uploaded on 02/11/2012 for the course ECE 5535 taught by Professor Staff during the Spring '10 term at FIT.
- Spring '10
- Computer Networks