1 / 61

Chapter 4 Network Layer

Chapter 4 Network Layer. Part 2: IP: Internet Protocol. Computer Networking: A Top Down Approach 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009. . 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol

karan
Télécharger la présentation

Chapter 4 Network Layer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 4Network Layer Part 2: IP: Internet Protocol Computer Networking: A Top Down Approach 5th edition. Jim Kurose, Keith RossAddison-Wesley, April 2009. Network Layer

  2. 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6 4.5 Routing algorithms Link state Distance Vector Hierarchical routing 4.6 Routing in the Internet RIP OSPF BGP 4.7 Broadcast and multicast routing Chapter 4: Network Layer Network Layer

  3. Host, router network layer functions: • ICMP protocol • error reporting • router “signaling” • IP protocol • addressing conventions • datagram format • packet handling conventions • Routing protocols • path selection • RIP, OSPF, BGP forwarding table The Internet Network layer Transport layer: TCP, UDP Network layer Link layer physical layer Network Layer

  4. 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6 4.5 Routing algorithms Link state Distance Vector Hierarchical routing 4.6 Routing in the Internet RIP OSPF BGP 4.7 Broadcast and multicast routing Chapter 4: Network Layer Network Layer

  5. IP protocol version number (4 bits) 32 bits total datagram length (bytes) (this field is 16 bits) header length ( in bytes)(4 bits) type of service head. len ver length fragment offset “type” of data flgs 16-bit identifier for fragmentation/ Reassembly; see next slide max number remaining hops (decremented by 1 at each router; die at 0) upper layer time to live header checksum 32 bit source IP address 32 bit destination IP address upper layer protocol to deliver payload to; value of 6 = TCP, 17 = UDP E.g. timestamp, record route taken, specify list of routers to visit. Options (if any) data (variable length, typically a TCP or UDP segment) IP datagram format 16 bits, so max data is 65,535 bytes. Typical size is 1,500bytes how much overhead with TCP? • 20 bytes of TCP • 20 bytes of IP (no options) • = 40 bytes + app layer overhead Network Layer

  6. Header checksum • Used by routers • Computed by treating each 2 bytes in the header as a number and sum these using 1s complement. • Store in the checksum field • Router computes header checksum for each IP datagram • Discard datagram if checksum is wrong • Checksum must be recomputed and stored again at every router; TTL and maybe options fields change Network Layer

  7. Header checksum • Why are there checksums at both TCP and IP level? • IP only check IP header, TCP/UDP checksum entire TCP/UDP segment • TCP/UDP do not have to run on IP (eg could run on ATM) Network Layer

  8. network links have MTU (max.transfer size) - largest possible link-level frame. different link types, different MTUs* large IP datagram divided (“fragmented”) within net one datagram becomes several datagrams “reassembled” only at final destination IP header bits used to identify, order related fragments IP Fragmentation & Reassembly fragmentation: in: one large datagram out: 3 smaller datagrams reassembly *Example: Ethernet up to 1,500 bytes, some wide-area links up to 576 Problem: different links from host-to-host may by diff types! Network Layer

  9. length =1500 length =4000 length =1040 length =1500 ID =x ID =x ID =x ID =x fragflag =1 fragflag =1 fragflag =0 fragflag =0 offset =370 offset =185 offset =0 offset =0 One large datagram becomes several smaller datagrams IP Fragmentation and Reassembly Example • 4000 byte datagram • MTU = 1500 bytes If one fragment is lost,,IP discards all fragments 1480 bytes in data field offset = multiple of 8 bytes so 1480/8 = 185 ID: set by sending host IP layer; typically increments ID num for each datagram it sends. Last fragment sent has flag field set to 0 to indicate it’s the last fragment; all other fragments have flag set to 1 Network Layer

  10. Fragmentation costs • Complicates routers and end systems • DoS attacks: Attacker sends series of bizarre fragments • Jolt2 attack: attacker sends a stream of small fragments to target host. None has offset of 0. Target collapses as it attempts to rebuild datagrams. • Another attack: send overlapping fragments. OS can crash attempting to reassemble. • IP v6 has no fragments. • Fragmentation animation: http://www.awl.com/kurose-ross Network Layer

  11. Fragmentation animation • See: http://wps.aw.com/aw_kurose_network_4/63/16303/4173752.cw/index.html Network Layer

  12. 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6 4.5 Routing algorithms Link state Distance Vector Hierarchical routing 4.6 Routing in the Internet RIP OSPF BGP 4.7 Broadcast and multicast routing Chapter 4: Network Layer Network Layer

  13. IP address: 32-bit identifier for host, router interface interface: connection between host/router and physical link router’s typically have multiple interfaces host typically has one interface IP addresses associated with each interface 223.1.1.2 223.1.2.1 223.1.3.27 223.1.3.1 223.1.3.2 223.1.2.2 IP Addressing: introduction NAT’s discussed later 223.1.1.1 223.1.2.9 223.1.1.4 223.1.1.3 223.1.1.1 = 11011111 00000001 00000001 00000001 223 1 1 1 IPv4 address = 32 bits = 232 ≈ 4 billion addresses Network Layer

  14. IP address: subnet part (high order bits) host part (low order bits) What’s a subnet ? device interfaces with same subnet part of IP address can physically reach each other without intervening router Subnets Subnet: a network with no routers (e.g., ethernet) 223.1.1.1 223.1.2.1 223.1.1.2 223.1.2.9 223.1.1.4 223.1.2.2 223.1.1.3 223.1.3.27 subnet 223.1.3.2 223.1.3.1 network consisting of 3 subnets Network Layer

  15. Recipe To determine the subnets, detach each interface from its host or router, creating islands of isolated networks with interfaces terminating the end points of the isolated networks. Each isolated network is called a subnet. 223.1.1.0/24 223.1.2.0/24 223.1.3.0/24 Any host on this net must have address 223.1.1.xxx Subnets Subnet mask: /24 (leftmost 24 bits define the subnet address) Network Layer

  16. How many? Subnets 223.1.1.2 223.1.1.1 223.1.1.4 223.1.1.3 6 223.1.7.0 223.1.9.2 223.1.9.1 223.1.7.1 223.1.8.1 223.1.8.0 223.1.2.6 223.1.3.27 223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2 Network Layer

  17. host part subnet part 11001000 0001011100010000 00000000 200.23.16.0/23 IP addressing: CIDR CIDR:Classless InterDomain Routing • The internet’s address assignment strategy • subnet portion of address of arbitrary length • address format: a.b.c.d/x, where x is # bits in subnet portion of address • The x bits are called the prefix or network prefix Network Layer

  18. host part subnet part 11001000 0001011100010000 00000000 200.23.16.0/23 IP addressing: CIDR CIDR:Classless InterDomain Routing • An organization is assigned a block of contiguous addresses with a common prefix • The prefix (leading x bits) are only part of address considered by routers outsie the organization. • Remaining bits (32-x) distinguish among thedevices within the organization. • These bits may (or may not) also be subnetted Network Layer

  19. host part subnet part 11001000 0001011100010000 00000000 200.23.16.0/23 IP addressing: classes classful addressing • Used before CIDR • Three classes (A, B, C) of 8, 16, or 24 bits respectively • Problem: not very flexible. Class C subnet could accommodate only up to 28 or 254 (2 addresses were reserved for special uses) devices! • Class B subnets could accommodate 65,634 hosts (too large for most small businesses) Network Layer

  20. host part subnet part 11001000 0001011100010000 00000000 200.23.16.0/23 IP addressing: classes broadcasting • Special address 255.255.255.255 • When a host sends a datagram with this address, it is received by all hosts on the subnet. • Routers optionally forward message into neighboring subnets (but usually don’t) Network Layer

  21. IP addresses: how to get one? Q: How does network get subnet part of IP addr? A: gets allocated portion of its provider ISP’s address space ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20 Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23 ... ….. …. …. Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23 Network Layer

  22. Example • ISP: Fly-by-Night-ISP advertises to outside world that it should be sent any datagrams whose first 20 address bits match 200.23.26.0/20 • There are 8 organizations using FbN-ISP each with own subnet • Address aggregation (or route aggregation or route summarization) Network Layer

  23. 200.23.16.0/23 200.23.18.0/23 200.23.30.0/23 200.23.20.0/23 . . . . . . Hierarchical addressing: route aggregation Hierarchical addressing allows efficient advertisement of routing information: Organization 0 Organization 1 “Send me anything with addresses beginning 200.23.16.0/20” Organization 2 Fly-By-Night-ISP Internet Organization 7 “Send me anything with addresses beginning 199.31.0.0/16” ISPs-R-Us • FbN-ISP buys ISPs-R-Us which owns 199.31.0.0/16 Network Layer

  24. Example • Now FbN-ISP wants to transfer Organization 1 to ISPs-R-Us. • Problem: Organization 1’s IP are outside of ISPs-R-Us address block • Don’t want to make Org 1 change all it’s addresses! • Solution: ISPs-R-Us will advertise more addresses. • Also advertise 200.23.28.0/23 • Since 200.23.28.0/23 is a longer prefix than 200.23.16.0/20, when routers see 200.23.28.0 they will send to ISPs-R-Us Network Layer

  25. 200.23.16.0/23 200.23.18.0/23 200.23.30.0/23 200.23.20.0/23 . . . . . . Hierarchical addressing: more specific routes ISPs-R-Us has a more specific route to Organization 1 Organization 0 “Send me anything with addresses beginning 200.23.16.0/20” Organization 2 Fly-By-Night-ISP Internet Organization 7 “Send me anything with addresses beginning 199.31.0.0/16 or 200.23.18.0/23” ISPs-R-Us Organization 1 Network Layer

  26. IP addressing: the last word... Q: How does an ISP get block of addresses? A: ICANN: Internet Corporation for Assigned Names and Numbers • allocates addresses • manages DNS • assigns domain names, resolves disputesICANN • allocates addresses to regional internet registries (e.g., ARIN, RIPE, APNIC, and LACNIC) Network Layer

  27. IP addresses: how to get one? Q: How does an ISP get IP addresses? • ISP gets a set of IP addresses from a local Internet registry (LIR) or national Internet registry (NIR), or from their appropriate Regional Internet Registry (RIR) • ISP is allocated an address block, e.g., 200.23.16.0/20 • ISP could then divides its address block into small contiguous blocks and sells these • Example: could divide its block into 8 equal sized contiguous address blocks (subnet is underlined): ISP’s block 200.23.16.0/20 11001000 00010111 00010000 00000000 Organization 0 200.23.16.0/23 11001000 00010111 00010000 00000000 Organization 1 200.23.18.0/23 11001000 00010111 00010010 00000000 Organization 2 200.23.20.0/23 11001000 00010111 00010100 00000000 … Organization 7 200.23.30.0/23 11001000 00010111 00011110 00000000 Network Layer

  28. IP addresses: how to get one? Q: How does a host get IP address? • hard-coded by system admin in a file • Windows: control-panel->network->configuration->tcp/ip->properties • UNIX: /etc/rc.config • Routers are also hard-coded with a network management system • DHCP:Dynamic Host Configuration Protocol: dynamically get address from as server • “plug-and-play” Network Layer

  29. DHCP: Dynamic Host Configuration Protocol Goal: allow host to dynamically obtain its IP address from network server when it joins network • Can renew its lease on address in use • Can configure server to give a host the same address each time it connects • Allows reuse of addresses (only hold address while connected an “on”) • Support for mobile users who want to join network (more shortly) Network Layer

  30. DHCP: Dynamic Host Configuration Protocol Example: • Student carries laptop from dorm room to library to Williams 309. • In each location may connect to a different subnet and will need a new IP address Example: • ISP has 2,000 customers but at most only 400 are connected at one time • Only needs a block of 512 addresses (e.g., a block of the form a.b.c.c/23) • Each time host joins, assign an unused IP; when a host leaves, put it’s IP into a pool of free addresses Network Layer

  31. DHCP: Dynamic Host Configuration Protocol DHCP overview: • Client-server protocol • Could have a DHCP server for each subnet • or a DHCP relay agent (typically a router) that sends request to a DHCP server that it knows Network Layer

  32. E B A DHCP client-server scenario 223.1.2.1 DHCP 223.1.1.1 server 223.1.1.2 223.1.2.9 223.1.1.4 223.1.2.2 arriving DHCP client needs address in this network 223.1.1.3 223.1.3.27 223.1.3.2 223.1.3.1 Router acts as relay agent for subnets 223.1.1.x and 223.1.3.x Network Layer

  33. DHCP: Dynamic Host Configuration Protocol DHCP overview: • host broadcasts “DHCP discover” msg [optional] UDP packet to port 67.using broadcast address 255.255.255.255 (source address 0.0.0.0). • DHCP server responds with “DHCP offer” msg [optional] using broadcast address 255.255.255.255 • This message contains a transaction ID of the received discover message • Also contains the proposed IP address for the client, the network mask • and an IP address lease time (amt of time the IP address is valid; hours to days) • host requests IP address: “DHCP request” msg • Echos back the received configuration parameters • The host may have received an offer from several servers; must choose 1 • DHCP server sends address: “DHCP ack” msg • Address is now confirmed! There is also a mechanism for lease renewal! Network Layer

  34. DHCP discover src : 0.0.0.0, 68 dest.: 255.255.255.255,67 yiaddr: 0.0.0.0 transaction ID: 654 DHCP client-server scenario arriving client DHCP server: 223.1.2.5 DHCP offer src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 654 Lifetime: 3600 secs DHCP request src: 0.0.0.0, 68 dest:: 255.255.255.255, 67 yiaddrr: 223.1.2.4 transaction ID: 655 Lifetime: 3600 secs time DHCP ACK src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 655 Lifetime: 3600 secs Network Layer

  35. DHCP: more than IP address DHCP can return more than just allocated IP address on subnet: • address of first-hop router for client • name and IP address of DNS sever • network mask (indicating network versus host portion of address) Network Layer

  36. DHCP UDP IP Eth Phy DHCP UDP IP Eth Phy DHCP DHCP DHCP DHCP DHCP DHCP DHCP DHCP DHCP DHCP DHCP: example • connecting laptop needs its IP address, addr of first-hop router, addr of DNS server: use DHCP • DHCP request encapsulated in UDP, encapsulated in IP, encapsulated in 802.1 Ethernet 168.1.1.1 • Ethernet frame broadcast (dest: FFFFFFFFFFFF) on LAN, received at router running DHCP server router (runs DHCP) • Ethernet demux’ed to IP demux’ed, UDP demux’ed to DHCP Network Layer

  37. DHCP UDP IP Eth Phy DHCP UDP IP Eth Phy DHCP DHCP DHCP DHCP DHCP DHCP DHCP DHCP DHCP DHCP: example • DCP server formulates DHCP ACK containing client’s IP address, IP address of first-hop router for client, name & IP address of DNS server • encapsulation of DHCP server, frame forwarded to client, demux’ing up to DHCP at client • client now knows its IP address, name and IP address of DSN server, IP address of its first-hop router router (runs DHCP) Network Layer

  38. DHCP: wireshark output (home LAN) reply Message type: Boot Reply (2) Hardware type: Ethernet Hardware address length: 6 Hops: 0 Transaction ID: 0x6b3a11b7 Seconds elapsed: 0 Bootp flags: 0x0000 (Unicast) Client IP address: 192.168.1.101 (192.168.1.101) Your (client) IP address: 0.0.0.0 (0.0.0.0) Next server IP address: 192.168.1.1 (192.168.1.1) Relay agent IP address: 0.0.0.0 (0.0.0.0) Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Server host name not given Boot file name not given Magic cookie: (OK) Option: (t=53,l=1) DHCP Message Type = DHCP ACK Option: (t=54,l=4) Server Identifier = 192.168.1.1 Option: (t=1,l=4) Subnet Mask = 255.255.255.0 Option: (t=3,l=4) Router = 192.168.1.1 Option: (6) Domain Name Server Length: 12; Value: 445747E2445749F244574092; IP Address: 68.87.71.226; IP Address: 68.87.73.242; IP Address: 68.87.64.146 Option: (t=15,l=20) Domain Name = "hsd1.ma.comcast.net." Message type: Boot Request (1) Hardware type: Ethernet Hardware address length: 6 Hops: 0 Transaction ID: 0x6b3a11b7 Seconds elapsed: 0 Bootp flags: 0x0000 (Unicast) Client IP address: 0.0.0.0 (0.0.0.0) Your (client) IP address: 0.0.0.0 (0.0.0.0) Next server IP address: 0.0.0.0 (0.0.0.0) Relay agent IP address: 0.0.0.0 (0.0.0.0) Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Server host name not given Boot file name not given Magic cookie: (OK) Option: (t=53,l=1) DHCP Message Type = DHCP Request Option: (61) Client identifier Length: 7; Value: 010016D323688A; Hardware type: Ethernet Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Option: (t=50,l=4) Requested IP Address = 192.168.1.101 Option: (t=12,l=5) Host Name = "nomad" Option: (55) Parameter Request List Length: 11; Value: 010F03062C2E2F1F21F92B 1 = Subnet Mask; 15 = Domain Name 3 = Router; 6 = Domain Name Server 44 = NetBIOS over TCP/IP Name Server …… request Network Layer

  39. DHCP • Advantage: no setting IP addresses by hand! • Disadvantage: Cannot maintain a TCP connection to a remote application when move from one subnet to another • The IP address will change • Why is this a problem with TCP? Hint: think about sockets. • A recent extension to IP (mobile IP) solves this problem. Network Layer

  40. NAT: Network Address Translation • Problem: • In your home you have several computers, laptops, mobile phones, networked game-boys, X-Boxes, tablets, even a networked refridgerator. • What if the ISP has already allocated the contiguous portions of the SOHO network’s current address range? • Solution: NAT Network Layer

  41. NAT: Network Address Translation rest of Internet local network (e.g., home network) 10.0.0/24 10.0.0.1 10.0.0.4 10.0.0.2 138.76.29.7 10.0.0.3 Datagrams with source or destination in this network have 10.0.0/24 address for source, destination (as usual) (devices get their IP from a DHCP server running within the router!) All datagrams leaving local network have same single source NAT IP address: 138.76.29.7, different source port numbers (so the router does not look like a “router” but as a single device) Network Layer

  42. NAT realms • RFC 1918 reserves 3 portions of the IP address space for private networks or realms • A realm with private addresses • Refers to a network whose addresses only have meaning to devices within that network • One of these realms is 10.0.0.0/8 • Private realms may use the address space 10.0.0/24 • These addresses are not known to the world, only within the realm Network Layer

  43. NAT: Network Address Translation • Motivation: local network uses just one IP address as far as outside world is concerned: • range of addresses not needed from ISP: just one IP address for all devices • can change addresses of devices in local network without notifying outside world • can change ISP without changing addresses of devices in local network • devices inside local net not explicitly addressable, visible by outside world (a security plus). Network Layer

  44. NAT: Network Address Translation Implementation: NAT router must: • outgoing datagrams:replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #) . . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr. • remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair • incoming datagrams:replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table Network Layer

  45. 2 4 1 3 S: 138.76.29.7, 5001 D: 128.119.40.186, 80 S: 10.0.0.1, 3345 D: 128.119.40.186, 80 1: host 10.0.0.1 sends datagram to 128.119.40.186, 80 2: NAT router changes datagram source addr from 10.0.0.1, 3345 to 138.76.29.7, 5001, updates table S: 128.119.40.186, 80 D: 10.0.0.1, 3345 S: 128.119.40.186, 80 D: 138.76.29.7, 5001 NAT: Network Address Translation NAT translation table WAN side addr LAN side addr 138.76.29.7, 5001 10.0.0.1, 3345 …… …… 10.0.0.1 10.0.0.4 10.0.0.2 138.76.29.7 10.0.0.3 4: NAT router changes datagram dest addr from 138.76.29.7, 5001 to 10.0.0.1, 3345 3: Reply arrives dest. address: 138.76.29.7, 5001 Network Layer

  46. NAT: Network Address Translation • 16-bit port-number field: • 60,000 simultaneous connections with a single LAN-side address! • NAT is controversial: • routers should only process up to layer 3 • Messes with application servers running within the lan • violates end-to-end argument • NAT possibility must be taken into account by app designers, eg, P2P applications • Must use a hack to get around this (connection reversal) • address shortage should instead be solved by IPv6 Network Layer

  47. NAT traversal problem • client wants to connect to server with address 10.0.0.1 • server address 10.0.0.1 local to LAN (client can’t use it as destination addr) • only one externally visible NATted address: 138.76.29.7 • solution 1: statically configure NAT to forward incoming connection requests at given port to server • e.g., (123.76.29.7, port 2500) always forwarded to 10.0.0.1 port 25000 10.0.0.1 Client ? 10.0.0.4 138.76.29.7 NAT router Network Layer

  48. NAT traversal problem • solution 2: Universal Plug and Play (UPnP) Internet Gateway Device (IGD) Protocol. Allows NATted host to: • learn public IP address (138.76.29.7) • add/remove port mappings (with lease times) i.e., automate static NAT port map configuration 10.0.0.1 IGD 10.0.0.4 138.76.29.7 NAT router Network Layer

  49. 10.0.0.1 NAT router NAT traversal problem • solution 3: relaying (used in Skype) • NATed client establishes connection to relay • External client connects to relay • relay bridges packets between to connections 2. connection to relay initiated by client 1. connection to relay initiated by NATted host 3. relaying established Client 138.76.29.7 Network Layer

  50. 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6 4.5 Routing algorithms Link state Distance Vector Hierarchical routing 4.6 Routing in the Internet RIP OSPF BGP 4.7 Broadcast and multicast routing Chapter 4: Network Layer Network Layer

More Related