1 / 49

The Network Layer

The Network Layer. 14-740: Fundamentals of Computer Networks Credit: Bill Nace. traceroute. Network Layer IP: Internet Protocol IP Addressing ICMP. Network Layer. Mission: Provide logical connection between hosts for use in transport layer

kristalw
Télécharger la présentation

The Network Layer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Network Layer 14-740: Fundamentals of Computer Networks Credit: Bill Nace

  2. traceroute • Network Layer • IP: Internet Protocol • IP Addressing • ICMP

  3. Network Layer • Mission: Provide logical connection between hosts for use in transport layer • Requires data-link layer to connect adjacent hosts • Architecturally: Connects variety of transport protocols (UDP, TCP, ...) to a variety of data-link protocols • Remember the hourglass?

  4. Network Layer • Move a packet from sending host to receiving host • On sending side, encapsulate segment into packets • Transmit the packet through the network • Network layer protocols exist on all routers (and hosts) for this purpose • On receiving side, deliver packets to transport layer

  5. Key Functions • Routing (Control Plane) • Determine end-to-end paths taken by packets • Creates a forwarding table • Involves all routers in a network • Uses routing algorithms • Forwarding (Data Plane) • Move packets from router’s incoming interface to appropriate outgoing interface • An action in a single router • Uses a forwarding table • Connection Setup • Some networks (not IP) need state initialization at routers

  6. Routing is the process of creating and maintaining forwarding tables • Forwarding uses the table to determine the output link for each packet

  7. Network Connections? • Network Layer can be: • Connectionless (Datagram, Packet Switched) • Connection-oriented (Circuit Switched) • Fundamentally different from Transport-layer • which was app-to-app, not host-to-host • which was implemented in the end hosts • not in the routers • One or the other -- not a service choice

  8. Datagram Networks • Commonly called “Packet-switched” • No call setup at network layer • routers hold no state about connections • no network-level concept of “connection”

  9. Packets are forwarded using address of the destination host Packets are forwarded independently Packets between same source-dest pair may take different paths

  10. Datagram Addressing • Each end-host has unique address • Forwarding table maps addresses to outgoing link • As address range is generally huge, rows of the table list ranges, not individual hosts Datagram Forwarding Table

  11. Circuit Switched Network • Requires connection setup • Defines / reserves a network path • Places state in all routers in the path • Teardown phase returns state resources

  12. VC Addressing • At call-setup time, each link of a path is given a VC# (address) • Router looks up incoming VC# to determine outgoing link • Router changes VC# in packet to outgoing VC# before sending the packet • Why have different VC#s? Why not have each path use the same VC# throughout? • Global coordination tough and expensive VC Forwarding Table

  13. traceroute • Network Layer • IP: Internet Protocol • IP Addressing • ICMP

  14. IP Components • IP Protocol • Datagram format • Packet handling conventions • Addressing conventions • Routing Protocols • to fill Forwarding table • ICMP Protocol • Error reporting, router signaling

  15. IP Standard • IPv4 first (and only) widely deployed • Defined in RFC 791 (1981) • IPv6 replacement • RFC 2460 (1998) • Proposed replacement • Questionable adoption rate • IPv9: See RFC 1606

  16. Datagram Format • Version specifies IPv4 • Header length (in 32-bit words) • 5 + options length • Type of Service • Vision: Provide differentiated service levels • Datagram length (Header + data) • Theoretical max of 65535 • Generally 1500 or less

  17. Datagram Format (2) • ID, Flags, Offset: Used for fragmentation at router • Hmm ... not allowed in IPv6 • Time-to-Live • Decremented at each router • Datagram dropped if zero • Protocol • Used by receiver to determine which transport protocol should get packet

  18. Datagram Format (3) • Header checksum • Calculated same as UDP • Calculated only on header • Must be recomputed at each router. Why? • Why do both UDP/TCP and IP need to do checksum calculations? • Time-to-live changes • Other protocols may be involved ( UDP over IPX )

  19. Datagram Format (4) • Options • Not often used • Problematic for router • Don’t a priori know data offset • Variable processing time from packet to packet • Data • Encapsulated TCP/UDP segment • ICMP data

  20. IP Fragmentation • Datagram may be too big for link-layer • Remember MTU? • Each link along the path may have different MTU • What does a router do if outbound MTU is too small for a datagram? Max Transmission Unit

  21. Fragmentation Fields • Identifier: Unique value, same for all fragments, generated by fragmenting router • Flags • DF: Don’t Fragment (drop datagram) • MF: More Fragments (1 in all except last fragment) • Evil Bit: See RFC 3514 • Offset of the fragment from beginning of the original unfragmented datagram (13 bits) • Measured in 8-byte units

  22. ID is same for all fragments Incoming 1500 byte packet, outbound MTU = 536 Offset is measured in 8 byte multiples Original payload data broken in multiples of 8 20 byte IP header Example

  23. Fragmentation Issues • Reassembly done at end-host • Want to offload as much as possible from routers • If a fragment is lost, all fragments of that datagram are discarded • Fragmentation facility complicates design of routers and end-hosts • Not included in IPv6

  24. Security Issues • Fragmentation can be used to DOS • Jolt2 Attack: send many small fragments, but no offset=0 • ... or trigger OS crash • Send overlapping / unaligned fragments • Many OSes are vulnerable

  25. traceroute • Network Layer • IP: Internet Protocol • IP Addressing • ICMP

  26. Address Properties • Global uniqueness to identify hosts • Ethernet addresses are globally unique, why not use it in the Internet? • They are flat, no structure to aid routing • First 24 bits identify the manufacturer, but do not relate with network topology • Hierarchical Addresses • Network / Subnet part, Host part • Necessary for Internet to scale to large number of hosts

  27. IP Addresses • Very familiar 32-bit numbers • Written as 4 decimal numbers (8 bits each) separated by a period • “dotted decimal” notation • Ranges set aside for: • VPNs (10.x.x.x) • Non-routable (192.168.x.x) • Multi-cast (224.x.x.x - 239.x.x.x) • Broadcast (255.255.255.255)

  28. Map of IP Addresses xkcd.com/195

  29. Prefix notation • Some # bits of IP address are significant • Example: specifying ranges • List IP address with /## specifying number of bits which matter • What is range of subnet 128.2.101.64/26? • 32-26 bits is 6 free bits or 64 addresses • Last octet is 01XX XXXX • 128.2.101.64 - 128.2.101.127

  30. Example 2 • A router connects 3 subnets • Each subnet must have prefix 223.1.17.0/24 • Subnet 1 supports up to 125 interfaces • Subnet 2 and 3 up to 60 interfaces • What should the 3 network addresses be? • 1 gets 223.1.17.0/25 (last octet 0XXX XXXX) • 2 gets 223.1.17.128/26 (last octet 10XX XXXX) • 3 gets 223.1.17.192/26 (last octet 11XX XXXX)

  31. Forwarding Table • Recall: • Forwarding table maps addresses to outgoing link • As address range is generally huge, rows of the table list ranges, not individual hosts Datagram Forwarding Table

  32. Prefix Matching • No need to enumerate all possibilities or to do range matching in Forwarding Table • List a variable length prefix for each range • Match the leading bits of destination address to the longest listed prefix • Longest matching prefix rule • Ex: 11001000 00010111 00011000 10101010 Datagram Forwarding Table • Send on link 1 (also matches link 2)

  33. Classless Interdomain Routing • Subnet portion of address can be of arbitrary length • Address format a.b.c.d/x, where x is any value 0-32 • Reaction to Classful addressing from the “early days” • Subnets could only have x=8,16,24

  34. Route Aggregation: CIDR allows for more flexible collections of subnet addresses Can use a single prefix to mean many subnets Example: ISPs get big block, allocate to customer organizations Route Aggregation

  35. Very efficient route advertisement CIDR Routing Benefits

  36. Flexibly handles organizational changes CIDR Routing Benefits

  37. Graph from Geoff Houston’s presentation to RIR http://www.ripe.net/ripe/meetings/ripe-49/presentations/ripe49-plenary-bgp.pdf IPv4 Routing Table Size

  38. Available at bgp.potaroo.net Up-to-date Data

  39. traceroute • Network Layer • IP: Internet Protocol • IP Addressing • ICMP

  40. ICMP • Internet Control Message Protocol • RFC 792 (1981) • Used for error messages and some routing information • Basis of ping and traceroute

  41. ICMP Mechanics • Single IP packet • No reliability (like UDP) • 5 simple fields (plus padding) • Encapsulated in IP data field • Type / Code fields specify message meaning • 8,0 is ECHO REQUEST • 0,0 is ECHO REPLY • ID / Sequence fields used in ECHO REPLY

  42. Error Messages • Type 3 is Destination Unreachable • Further codes for • Network unreachable • Host unreachable • Fragmentation required, but can’t • + 13 others • Type 4 is Source Quench • Designed for Congestion Control messages from network to host ➙ rarely used today

  43. Sample ICMP Type/Codes

  44. traceroute use of ICMP • traceroute sends UDP segments (in sets of 3) • nth segment has TTL of n • destination port is “unlikely” to be in use • When router discards any packet because TTL is zero • replies with ICMP TIME EXCEEDED • Type 11, Code 0 • When request reaches host, reply is a ICMP PORT UNREACHABLE packet (Type 3, Code 3)

  45. What Layer? Is ICMP a Network-layer Protocol? • Messages used for communication between routers and end-hosts • Messages sent in an IP packet • Just like a UDP segment • Messages require special processing by the IP layer software on each router

  46. Ping DUP? • Based on what you know of ICMP, how can a duplicate occur?

  47. Lesson Objectives • Now, you should be able to: • describe the mission, scope, addressing mechanism, data types and responsibilities of the Network Layer • describe the differences that would result from a connectionless or connection-oriented network • explain IPv4, including advantages/disadvantages, datagram format, and packet-handling operations at each router

  48. You should be able to: • calculate the packets that result from an IPv4 fragmentation scenario, including size, id, flags and offset fields • calculate IPv4 address ranges from prefix notation and be able to apply the longest matching prefix rule to forwarding decisions • apply route aggregation to prefix scenarios • describe ICMP, including packet format, use of type/code fields for ping, traceroute, and error situations

More Related