1 / 108

Lecture 14 Review of TCP/IP Internetworking

Lecture 14 Review of TCP/IP Internetworking. Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Path. Frame. Server Host. Client Host. Trunk Link. Access Link. Server Host. Mobile Client Host. Frame Organization. Frame.

efia
Télécharger la présentation

Lecture 14 Review of TCP/IP Internetworking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Lecture 14Review of TCP/IPInternetworking

  2. Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path Path Frame Server Host Client Host Trunk Link Access Link Server Host Mobile Client Host

  3. Frame Organization Frame Trailer Data Field Header Other Header Field Destination Address Field Message Structure

  4. 1 2 3 4 5 6 Station A Station B Station C Station D Switching Decision Switch receives A frame, sends It back out Based on Destination Address Switch Frame with Station C In the destination Address field

  5. An Internet • An internet is two or more individual switched networks connected by routers Switched Network 1 Router Switched Network 3 Switched Network 2

  6. An Internet Multiple Networks Connected by Routers Path of a Packet is its Route Single Network Routers Packet Route Single Network

  7. The Internet The global Internet has thousands of networks Network Webserver Software Browser Packet Packet Router Route Router Router Packet

  8. Frames and Packets Frame 1 Carrying Packet in Network 1 Packet Router A Frame 2 Carrying Packet in Network 2 Switch Client PC Frame 3 Carrying Packet in Network 3 Packet Switch Router B Server

  9. Frames and Packets • Like passing a shipment (the packet) from a truck (frame) to an airplane (frame) at an airport. Receiver Shipper Same Shipment Airport Airport Truck Truck Airplane

  10. TCP/IP Standards • Origins • Defense Advanced Research Projects Agency (DARPA) created the ARPANET • An internet connects multiple individual networks • Global Internet is capitalized • Internet Engineering Task Force (IETF) • Most IETF documents are requests for comments (RFCs) • Internet Official Protocol Standards: List of RFCs that are official standards

  11. TCP/IP Standards • Hybrid TCP/IP-OSI Architecture • Combines TCP/IP standards at layers 3-5 with • OSI standards at layers 1-2 TCP/IP OSI Hybrid TCP/IP-OSI Application Application Application Presentation Session Transport Transport Transport Internet Network Internet Subnet Access: Use OSI Standards Here Data Link Data Link Physical Physical

  12. TCP/IP Standards • OSI Layers • Physical (Layer 1): defines electrical signaling and media between adjacent devices • Data link (Layer 2): control of a frame through a single network, across multiple switches Physical Link Frame Switched Network 1 Data Link

  13. TCP/IP Standards • Internet Layer • Governs the transmission of a packet across an entire internet. Path of the packet is its route Packet Switched Network 1 Router Switched Network 3 Route Switched Network 2

  14. TCP/IP Standards • Frames and Packets • Frames are messages at the data link layer • Packets are messages at the internet layer • Packets are carried (encapsulated) in frames • There is only a single packet that is delivered from source to destination host • This packet is carried in a separate frame in each network

  15. Router 1 Router 2 Router 3 Internet and Transport Layers Transport Layer End-to-End (Host-to-Host) TCP is Connection-Oriented, Reliable UDP is Connectionless Unreliable Client PC Server Internet Layer (Usually IP) Hop-by-Hop (Host-Router or Router-Router) Connectionless, Unreliable

  16. TCP/IP Standards • Internet and Transport Layers • Purposes • Internet layer governs hop-by-hop transmission between routers to achieve end-to-end delivery • Transport layer is end-to-end (host-to-host) protocol involving only the two hosts

  17. TCP/IP Standards • Internet and Transport Layers • Internet Protocol (IP) • IP at the internet layer is unreliable—does not correct errors in each hop between routers • This is good: reduces the work each router along the route must do

  18. TCP/IP Standards • Transport Layer Standards • Transmission Control Protocol (TCP) • Reliable and connection-oriented service at the transport layer • Corrects errors • User Datagram Protocol (UDP) • Unreliable and connectionless service at the transport layer • Lightweight protocol good when catching errors is not important

  19. HTML and HTTP at the Application Layer Hypertext Transfer Protocol (HTTP) Requests and Responses Webserver 60.168.47.47 Client PC with Browser 123.34.150.37 Hypertext Markup Language (HTML) Document or Other File (jpeg, etc.)

  20. TCP/IP Standards • Application Layer • To govern communication between application programs, which may be written by different vendors • Document transfer versus document format standards • HTTP / HTML for WWW service • SMTP / RFC 822 (or RFC 2822) in e-mail • Many application standards exist because there are many applications

  21. TCP/IP and OSI Architectures: Recap TCP/IP OSI Hybrid TCP/IP-OSI Application Application Application Presentation Session Transport Transport Transport Internet Network Internet Subnet Access: Use OSI Standards Here Data Link Data Link Physical Physical Note: The Hybrid TCP/IP-OSI Architecture is used on the Internet and dominates internal corporate networks.

  22. IP Packet 0100 IP Version 4 Packet Bit 0 Bit 31 Version (4 bits) Header Length (4 bits) Diff-Serv (8 bits) Total Length (16 bits) Identification (16 bits) Flags Fragment Offset (13 bits) Time to Live (8 bits) Protocol (8 bits) 1=ICMP, 6=TCP, 17=TCP Header Checksum (16 bits) Source IP Address (32 bits) Destination IP Address (32 bits) Options (if any) Padding Data Field

  23. IP Packet • Version • Has value of four (0100) • Time to Live (TTL) • Prevents the endless circulation of mis-addressed packets • Value is set by sender • Decremented by one by each router along the way • If reaches zero, router throws packet away

  24. IP Packet • Protocol Field • Identifies contents of data field • 1 = ICMP • 6 = TCP • 17 =UDP IP Data Field ICMP Message IP Header Protocol=1 IP Data Field TCP Segment IP Header Protocol=6 IP Data Field UDP Datagram IP Header Protocol=17

  25. IP Packet • Header checksum to check for errors in the header only • Faster than checking the whole packet • Stops bad headers from causing problems • IP Version 6 drops eve this checking • Address Fields • 32 bits long, of course • Options field(s) give optional parameters • Data field contains the payload of the packet.

  26. Layer Cooperation Through Encapsulation on the Source Host Application Process HTTP Message Encapsulation of HTTP message in data field of a TCP segment Transport Process HTTP Message TCP Hdr Encapsulation of TCP segment in data field of an IP packet Internet Process HTTP Message TCP Hdr IP Hdr

  27. Layer Cooperation Through Encapsulation on the Source Host Internet Process HTTP Message TCP Hdr IP Hdr Encapsulation of IP packet in data field of a frame Data Link Process DL Trlr HTTP Message TCP Hdr IP Hdr DL Hdr Physical Process Converts Bits of Frame into Signals

  28. Layer Cooperation Through Encapsulation on the Source Host Note: The following is the final frame for supervisory TCP segments: DL Trlr TCP Hdr IP Hdr DL Hdr

  29. Layer Cooperation Through Decapsulation on the Destination Host Application Process HTTP Message Decapsulation of HTTP message from data field of a TCP segment Transport Process HTTP Message TCP Hdr Decapsulation of TCP segment from data field of an IP packet Internet Process HTTP Message TCP Hdr IP Hdr

  30. Layer Cooperation Through Decapsulation on the Destination Host Internet Process HTTP Message TCP Hdr IP Hdr Decapsulation of IP packet from data field of a frame Data Link Process DL Hdr HTTP Message TCP Hdr IP Hdr DL Hdr Physical Process Converts Signals into the Bits of the Frame

  31. Vertical Communication on Router R1 A Internet Layer Process Router R1 Packet Port 1 DL Port 2 DL Port 3 DL Port 4 DL Decapsulation Frame PHY PHY PHY PHY • Notes: • Router R1 receives frame from Switch X2 in Port 1. • Port 1 DL process decapsulates packet. • Port 1 DL process passes packet to internet process. Switch X2

  32. Vertical Communication on Router R1 B Internet Layer Process Router R1 Packet Port 1 DL Port 2 DL Port 3 DL Port 4 DL Encapsulation Frame PHY PHY PHY PHY • Internet process sends packet out on Port 4. • DL Process on Port 4 encapsulates packet in a PPP frame. • DL process passes frame to Port 4 PHY. Router 2

  33. Site Connection to an ISP Internet Backbone 1. Frame for This Data Link Site Network 2. Packet Carried in ISP Carrier Frame ISP Border Firewall Packet Packet Packet 4. Data Link Between Site and ISP (Difficult to Attack) 3. Packet Carried in Site Frame ISP Router 5. Normally, Only the Arriving Packet is Dangerous—Not the Frame Fields

  34. Internet Protocol (IP) • Basic Characteristics • There were already single networks, and many more would come in the future • Developers needed to make a few assumptions about underlying networks • So they kept IP simple

  35. Internet Protocol (IP) • Connection-Oriented Service and Connectionless Service • Connection-oriented services have distinct starts and closes (telephone calls) • Connectionless services merely send messages (postal letters) • IP is connectionless

  36. IP Packet PC Internet Process First Router Internet Process IP Packet Connectionless Packets Sent in Isolation Like Postal Letters Unreliable No Error Correction Discarded by Receiver if Error is Detected Leaves Error Correction to Transport Layer Reduces the Cost of Routers

  37. Internet Protocol (IP) • IP is Unreliable (Checks for Errors but does not Correct Errors) • Not doing error correction at each hop between switches reduces switch work and so switch cost • Does not even guarantee packets will arrive in order

  38. Internet Protocol (IP) • Hierarchical IP Addresses • Postal addresses are hierarchical (state, city, postal zone, specific address) • Most post offices have to look only at state and city • Only the final post offices have to be concerned with specific addresses

  39. Hierarchical IP Address Network Part (not always 16 bits) Subnet Part (not always 8 bits) Host Part (not always 8 bits) Total always is 32 bits. 128.171.17.13 The Internet UH Network(128.171) CBA Subnet (17) Host 13 128.171.17.13

  40. Internet Protocol (IP) • Hierarchical IP Addresses • 32-bit IP addresses are hierarchical (Figure 3-15) • Network part tells what network host is on • Subnet part tells what subnet host is on within the network • Host part specifies the host on its subnet • Routers have to look only at network or subnet parts, except for the router that delivers the packet to the destination host

  41. Internet Protocol (IP) • Hierarchical IP Addresses • 32-bit IP addresses are hierarchical • Total is 32 bits; part sizes vary • Network mask tells you the size of the network part (Figure 3-16) • Subnet mask tells you the length of the network plus subnet parts combined

  42. IP Address Masking with Network and Subnet Masks

  43. IP Address Masking with Network and Subnet Masks

  44. IP Address Spoofing 1. Trust Relationship 3. Server Accepts Attack Packet Trusted Server 60.168.4.6 Victim Server 60.168.47.47 2. Attack Packet Spoofed Source IP Address 60.168.4.6 Attacker’s Identity is Not Revealed Attacker’s Client PC 1.34.150.37

  45. Internet Protocol (IP) • IP Addresses and Security • IP address spoofing: Sending a message with a false IP address (Figure 3-17) • Gives sender anonymity so that attacker cannot be identified • Can exploit trust between hosts if spoofed IP address is that of a host the victim host trusts

  46. Internet Protocol (IP) • IP Addresses and Security • LAND attack: send victim a packet with victim’s IP address in both source and destination address fields and the same port number for the source and destination. In 1997, many computers, switches, routers, and even printers, crashed when they received such a packet.

  47. LAND Attack Based on IP Address Spoofing From: 60.168.47.47:23 To: 60.168.47.47:23 Attacker 1.34.150.37 Victim 60.168.47.47 Port 23 Open Crashes Source and Destination IP Addresses are the Same Source and Destination Port Numbers are the Same

  48. Internet Protocol (IP) • Other IP Header Fields • Protocol field: Identifies content of IP data field • Firewalls need this information to know how to process the packet

  49. Internet Protocol (IP) • Other IP Header Fields • Time-to-Live field • Each router decrements the TTL value by one • Router decrementing TTL field to zero discards the packet

  50. Internet Protocol (IP) • Other IP Header Fields • Time-to-Live field • Router also sends an error advisement message to the sender • The packet containing this message reveals the sender’s IP address to the attacker • Traceroute uses TTL to map the route to a host (Figure 3-19) • Tracert on Windows machines

More Related