View
27
Download
0
Category
Tags:
Preview:
DESCRIPTION
CMPT 371. Data Communications and Networking Network Layer Addressing and forwarding ( classful , CIDR, IPv4 ) . Identifying Hosts. An IP address is associated with a network interface (for example ethernet card) attached to a host or router. - PowerPoint PPT Presentation
Citation preview
© Janice Regan, CMPT 128, 2007-20121
CMPT 371Data Communications and Networking
Network LayerAddressing and forwarding (classful, CIDR, IPv4)
© Janice Regan, 2007-2012 2
Identifying Hosts An IP address is associated with a network interface
(for example ethernet card) attached to a host or router. A host/router with more than one network interface will
have more than one IP address. In fact a router needs more than one network interface so it can receive a packet on one interface and send it on another interface
A host is identified by one IP address. It has one interface to a single network
A multi-homed host (may or may not be a router) or a router has multiple IP addresses and usually connects to multiple networks. Each network interface connected to the
host/router has a unique IP address
© Janice Regan, 2007-2012 3
Internet addresses: IPv4 32 bit global internet (IP) address is used to uniquely
identify a particular network interface connected to a particular host as a destination for communication
Globally applicable and globally unique Expressed a series of 32 binary digits
10000000 00001011 00000011 00011111 Also expressed in dotted decimal notation
Binary digits are separated into four groups of eight digits
Each group of 8 digits are translated to a decimal number
The decimal number are separated by dots (periods)
Example address above becomes 128.11.3.31
© Janice Regan, 2007-2012 4
Structure of an IP address Each IP address is split into two parts
(netid, hostid) to identify the host and the network to which the host is connected
The netid (network address or prefix) identifies the network to which the host belongs.
The number of bits dedicated to the netid will determine the number of possible networks.
The hostid identifies the particular host (network interface for a multi homed host)
The number of bits dedicated to the hostid will determine the possible number of hosts on the network
© Janice Regan, 2007-2012 5
Prefix notation: IP addresses To indicate the length of the prefix
associated with a particular IP address use the notation 178.23.214.0/22 ⇨ prefix with n=22
binary digits 178.23.214.0/24 ⇨ prefix with n=24
binary digits The prefix consists of the first n binary digits
of the address The prefix often indicates the netid of a
network. If it does then 232-n indicates the number of possible hosts in the network (or subnet)
© Janice Regan, 2007-2012 6
Network address or Network prefix Netid (network address) non zero: hostid all 0’s
never assigned as the source or destination address of an IP packet, or as the address or a single host/router
Used in forwarding tables and documentation to refer to all hosts on a particular network
A network address is assigned to the network itself, not to an individual host or router
The network address defines the network to the rest of the internet
If an IP address has a netid corresponding to the address of a particular network then that the IP address is the address of a host on that particular network
© Janice Regan, 2007-2012 7
Sample Networks
223.12.1.1
223.12.2.5
223.12.3.254
223.12.8.1
223.12.8.33
223.12.8.88
223.12.0.0/22223.12.8.0/24
223.12.11.251223.12.11.2223.12.10.21
223.12.10.0/23
© Janice Regan, 2007-2012 8
“this” address Netid (network address) zero: hostid
nonzero Interpreted as hostid on “this” network
0.0.0.0 “this” host when network address is also
unknown Used only when booting a host that does
not know its own IP address (usually a diskless host)
© Janice Regan, 2007-2012 9
Broadcast address Network broadcast addresses are valid only as a
destination directed broadcast: broadcast to all stations on the local
network from anywhere reached by the internet netid is network address for the network hostid all 1’s A security risk for denial of service attacks, by default directed
broadcast is disabled limited broadcast or local network broadcast:
broadcast to all stations on the local network from within that local network netid and hostid all 1’s. May be used when node starts to establish its IP address
© Janice Regan, 2007-2012 10
Loopback address Address used to send packets from one
process to another through the local interface within a host Packets sent to the loopback address will not
leave the local host, they will never be sent onto any network
Packets sent to the loopback address will pass through the local interface (lo)
Available loopback addresses 127.0.0.0 to 127.255.255.254, usually use 127.0.0.1
© Janice Regan, 2007-2012 11
Private or Non-Routable addresses Some addresses are reserved for use on local networks
that are not connected to the Internet Routers do not consider these addresses to be valid
Internet addresses, and will not route a packet to any of them
These addresses may be used on private internets not directly connected to the Internet.
10.0.0.0/8 10.0.0.0 to 10.255.255.255 172.16.0.0/12 172.16.0.0 to 172.31.255.255 192.168.0.0/16 192.168.0.0 to 192.168.255.255
© Janice Regan, 2007-2012 12
Allocating addresses to networks Have considered some addresses reserved for
particular purposes. How are the remainder of the addresses in the IP
address space allocated to networks? Originally, the IPv4 protocol originally separated
addresses into different classes, allowing for particular numbers of networks in each class. The addressing was know as classful addressing
Later, when the number of networks began to exceed the available network addresses an extended solution was needed. The solutions implemented were Long term solution: new version of the IP protocol IPv6 Short term solution classless addressing or CIDR
© Janice Regan, 2007-2012 13
Classful addressing
© Janice Regan, 2007-2012 14
Classful Addressing: forwarding The original forwarding algorithms depended on each
network having a network address that was either a Class A, B, C, D, or E address.
Each network would have one entry in the forwarding table of each router. The entry would indicate the network address of the destination
network and the interface on the present router through which the packet should be sent to reach that destination network.
The incoming packets destination address would be compared to all entries (of the correct class) in the forwarding table to determine the correct forwarding table entry and hence the interface through which the packet should be forwarded
© Janice Regan, 2007-2012 15
Why Subnets? Large networks were difficult to administer and needed
some internal structure to simplify their administration. Allow arbitrary complexity of internetworked LANs within
organization (with same external netid) Many LANs all with the same external netid Each LAN with its own local subnetid
Insulate overall internet from growth of network numbers and routing complexity Site looks like a single network to rest of the internet
© Janice Regan, 2007-2012 16
How to use Subnet Masks A site (with 1 or more routers connecting it to the internet)
using a single netid has several local LANs. The site administrator must decide how many LANs are/ may be
needed within the installation (the single netid). If M LANs are needed then choose N such that M<2N-2
Each LAN assigned subnet id between 1 and M, this is added to the network address to give the subnet address
Host portion of address partitioned into subnet number and host number, The N higher order bits are the subnet number.
Local routers route within subnetted network Subnet mask indicates which bits are subnet number and
which are host number
© Janice Regan, 2007-2012 17
Subnetting: Example
133.12.168.33
133.12.160.0/19
133.12.0.0/16
Internet
133.12.128.0/19
133.12.64.0/19
133.12.159.252133.12.138.23133.12.128.21
133.12.66.1 133.12.75.52 133.12.94.25
133.12.191.254133.12.162.29
© Janice Regan, 2007-2012 18
Subnetting example (1) The site illustrated has one router connecting it to the
internet. The netid of that router as seen from the internet is a class
B network address, 133.12.0.0/24 The local network behind the router consists of several
different internal networks The site administrator for these networks must decide how many
subnets are / may be needed within the installation (the single netid).
For this example up to 6 networks are needed 6 LANs, choose N such that 6<2N , N=3, M=2N=8 First 3 of the 16 bits available for hostid will be used to indicate
which subnet the host belongs to leaving 13 bits for the hostid
© Janice Regan, 2007-2012 19
Subnetting example (2) Each LAN assigned subnet id between 1 and M=8, this is
added to the network address to give the subnet address The three subnets illustrated are
Subnet 2, (64, binary 01000000), 133.12.64.0-133.12.95.255 Subnet 4 (128, binary 10000000), 133.12.128.0-133.12.159.255 Subnet 5 (160, binary 10100000), 133.12.160.0-133.12.191.255
Host portion of address partitioned into subnet number and host number, The 3 highest order bits are the subnet number, the remaining 13 bits are for the host id (5 bits in the octet shown above plus the 8 bits in the final octet)
© Janice Regan, 2007-2012 20
Subnetting example (3) Subnet mask indicates which bits are
subnet number and which are host number, for this example the subnet mask will be
11111111 11111111 11100000 00000000
The local router will use the subnet mask to determine which subnet an incoming packet is destined for
Subnet mask255.255.224.0
Host id
net mask 255.255.0.0
© Janice Regan, 2007-2012 21
Using network masks Consider that the packet to be forwarded has IP
address 133.12.138.23 10000101 00001100 10001010 00010111
The netmask of the network is 255.255.224.0 11111111 11111111 00000000 00000000
AND IP address and netmask to give Netid 133.12.0.0
© Janice Regan, 2007-2012 22
Using subnet masks Network 133.12.0.0 is broken into smaller subnets by
the adminstrator for that network The adminstrator for 133.12.0.0 defines a Subnet mask
255.255.224.0 11111111 11111111 11100000 00000000 Masks 3 additional bits to create 23=8
subnets AND with IP address to give subnetwork
address 133.12.128.0 The final 13 bits are reserved for hostid on
each subnet Out example IP has hostid 01010 00010111
Subnetting The subnet address of the zero subnet (subnet
id all zero) is the same as the network address for the entire network.
The broadcast address of the all 1’s subnet (subnet id all zero) is the same as the broadcast address of the entire network
For many years these networks were not used to avoid these ambiguities.
They can be used in most cases
© Janice Regan, 2007-2012 23
© Janice Regan, 2007-2012 24
Problems with classful Large networks were difficult to administer and needed some
internal structure to simplify their administration. (solution subnetting)
With the explosive growth of the Internet Class B networks were in short supply. Many organizations wanted more addresses than a class C
address could supply but not as many as a class B address would give.
Giving multiple class C addresses was one solution but it had its own problems, increasing the load on the network due to routing (one table entry for each class C network)
Short term solution CIDR, NAT long term solution IPv6
© Janice Regan, 2007-2012 25
Classless InterDomain Routing CIDR (also called supernetting) Permits allocation of the
remaining IP addresses in blocks more closely matched to user needs (any prefix not just 8, 16, 24)
Makes forwarding algorithms more complex (cannot sort by class to simplify forwarding, to many prefixes)
Addresses are allocated based on a base address and a prefix, for example 202.25.8.0/22 202.25.8.0 is the first allocated address or the network address The prefix indicates the netmask. A prefix of 22 indicates 22 1’s
followed by 10 (32-22) 11111111 11111111 11111100 00000000,
© Janice Regan, 2007-2012 26
CIDR: Example for EngCO EngCO has been allocated a block of addresses
196.74.0.0/17 (2(32-17)=32768 addresses)
196.74.4.0 to 196.74.127.255 The subnets EngCO has already allocated are196.74.32.0 to 196.74.35.255 (196.74.32.0/22) 232-22 =1024 addresses, netmask 255.255.252.0 (22 1 bits)196.74.16.0 to 196.74.23.255 (196.74.16.0/21) 232-21 =2048 addresses, netmask 255.255.248.0 (21 1 bits)196.74.48.0 to 196.74.63.255 (196.74.48.0/20) 232-20=4096 addresses, netmask 255.255.240.0 (20 1 bits)
Addresses for hosts Consider the network 196.74.48.0/20
232-20=4096 addresses Netmask 255.255.240.0 (20 1 bits) Addresses 196.74.48.0 to 196.74.63.255 Network address 196.74.48.0 cannot be used for a
host because it is the network address Network broadcast address is 196.74.63.255, so this
address cannot be used for a host So only 232-20 - 2=4096-2=4094 addresses can be
used for hosts
© Janice Regan, 2007-2012 27
© Janice Regan, 2007-2012 28
Allocated / available space 0 indicates address 196.74.0.0 12 indicates address 196.74.12.0
10240 4 8 12 16 20 24 28 32 36 40 44 48
02048
4096
1024
52 56 60 64
2048
4096
196.74.16.0/21
196.74.32.0/22
196.74. 48.0/20
0 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60 64
0 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60 64
The network address must fall on a 2N boundary where 32-N is the prefix of the network.
© Janice Regan, 2007-2012 29
EngCo’s networks To Internet
To Internet
Router0
196.74.16.0/21
196.74.32.0/22 196.74.48.0/20
196.74.0.0/18
eth3
eth0
eth1eth2
30© Janice Regan, 2007-2012
A sample forwarding table: Router 0
Network address Gateway Genmask Metric Iface196.74.16.0 * 255.255.248.0 0 Eth2196.74.32.0 * 255.255.252.0 0 Eth1196.74.48.0 * 255.255.240.0 0 Eth30.0.0.0 * 0.0.0.0 0 Eth0
© Janice Regan, 2007-2012 31
Hierarchical addressing: 1 CIDR is a hierarchical addressing
approach Groups of networks can be aggregated to
appear as a single network to more distant routers
Entries that appear to be a single network to a particular router may in fact be aggregations of many smaller networks
© Janice Regan, 2007-2012 32
Hierarchical addressing: 2 CIDR (RFC 1518, 1519)
Points out that CIDR replaces both sub and super netting, so long as addresses are assigned in blocks with size equal to an integer power of 2 network and host portions are readily separated with a mask
IANA (the organization in charge of administering distribution of IP addresses) has three regional registries ARIN: North America RIPE: Europe APNIC: Asia LACNIC: South America
Each of these registries was given a large block of addresses
© Janice Regan, 2007-2012 33
Hierarchical addressing: 3 Each of the regional registries grants
blocks of addresses to each country in its region
Each country may grant addresses on a regional basis within the country
Each country or region of a country will grant addresses to large IP providers and or companies for their networks
These providers or companies apportion addresses to their users
34© Janice Regan, 2007-2012
A sample forwarding table: Router 0
Routers outside EngCo will see the networks EngCo’s networks as a single network.
To reach EngCo they may have a single entry for Destination 196.74.0.0 with netmask 255.255.192.0 and gateway set to the address of the router that sits between ABCEngCo’s networks and the internet.(router 0)
More distant routers may aggregate this entry with others to form a single entry
Destination Gateway Genmask Metric Iface196.74.16.0 * 255.255.248.0 0 Eth2196.74.32.0 * 255.255.252.0 0 Eth1196.74.48.0 * 255.255.240.0 0 Eth30.0.0.0 * 0.0.0.0 0 Eth0
© Janice Regan, 2007-2012 35
EngCo’s networks To Internet
To Internet
Router0
196.74.16.0/21
196.74.32.0/22 196.74.48.0/20
196.74.0.0/18
eth3
eth0
eth1eth2
Router1
© Janice Regan, 2007-2012 36
Aggregation of networks 64*256=16384=232-14 196.74.0.0/18
10240 4 8 12 16 20 24 28 32 36 40 44 48
1024
52 56 60 64
196.74.16.0/21 196.74.32.0/22 196.74. 48.0/20
10240 4 8 12 16 20 24 28 32 36 40 44 48
1024
52 56 60 64
196.74.0.0/18
© Janice Regan, 2007-2012 37
CIDR: Routing and aggregation In order to reduce the size of forwarding tables
aggregation is used. Networks in a given region/location are aggregated into a larger network for the purpose of forwarding.
The three networks at EngCo might be aggregated into one router table entry
196.74.0.0/18 in routers (like router 1) outside of EngCo
In more distant routers the above entry might be aggregated into a still larger single entry, for example
196.0.0.0/8
© Janice Regan, 2007-2012 38
The IPv4 forwarding algorithm
1. Extract the IP destination address from the packet2. For each forwarding table entry use the mask
(bitwise AND the mask with the destination IP address) to extract the prefix from the destination address and compare it to the prefix in the table. Remember any entries that match
3. Choose the matching entry with the longest prefix match
4. If there is no match send a routing error back to the source
Forwarding example Consider that router A has the forwarding table on the
next slide. A packet with IP destination address 198.53.2.7
arrives at the router A For each entry (row) in the forwarding table
bitwise AND the destination address with the netmask Compare the result to the network address in that row If they match remember that the row matched
© Janice Regan, 2007-2012 39
© Janice Regan, 2007-2012 40
A sample IPv4 forwarding table
Network address Gateway netmask Metric Iface
198.53.147.0 198.53.1.254 255.255.255.0 1 Eth0
198.16.28.0 * 255.255.252.0 0 Eth0
198.16.24.0 * 255.255.240.0 0 Eth1
198.55.0.0 198.55.1.2 255.255.192.0 1 Eth0
127.0.0.0 * 255.0.0.0 0 Lo
0.0.0.0 198.251.1.1 0.0.0.0 0 Eth2
ROUTER A
© Janice Regan, 2007-2012 41
Using a netmask to extract netid Destination IP address 198.55.2.7 converted to binary
11000110 00110101 00000010 00000111 Netmask of first row 255.255.255.0 converted to binary
11111111 11111111 11111111 00000000 AND IP address and Netmask
11000110 00110111 00000010 0000011111111111 11111111 11111111 0000000011000110 00110111 00000010 00000000
Convert result of and to dotted decimal to get the network address 198.55.2.0 does not match network address in the forwarding table entry
© Janice Regan, 2007-2012 42
Using a netmask to extract netid Repeat for each successive row, no match until row 4 Netmask of 4th row 255.255.192.0 converted to binary
11111111 11111111 11000000 00000000 AND IP address and Netmask
11000110 00110101 00000010 0000011111111111 11111111 11000000 0000000011000110 00110101 00000000 00000000
Convert result of and to dotted decimal to get the network address 198.55.0.0 matches the network address in the forwarding table entry
No more matches after row 4
Forwarding: using chosen entry Once a particular entry (row) in the forwarding
table has been selected Extract the gateway address for the entry, 198.55.1.2,
this is the address of the next host/router along the path to the destination. This Ethernet address of this host/router will be the next hop destination of the Ethernet packet containing this IP datagram.
Extract the interface, ETH0, this tells the IP stack which interface (Ethernet card) to send the IP datagram through to reach the next hop gateway or destination
© Janice Regan, 2007-2012 43
A second example: same table The next packet has an IP destination address
196.16.30.138 AND this IP destination address with the mask
in row 2 and you will get the network address in row 2
AND this IP destination address with the mask in row 3 and you will get the network address in row 3
WHAT HAPPENS WHEN 2 ROWS MATCH?
© Janice Regan, 2007-2012 44
Second Example: longest match WHAT HAPPENS WHEN 2 ROWS MATCH? Consider each of the matching entries.
Determine how many bits of the destination IP match the network address of each matching forwarding table entry.
For row 2 mask is 255.255.252.0, or 22 matching digits For row 3 mask is 255.255.240.0, or 20 matching digits Choose the entry with the “longest” match, that is the longest
mask. Choose row 2. To optimize the process, entries in the forwarding table are placed
in order, starting with the longest masks and continuing with successively shorter matches.
Ordering the entries means the first matching entry is the “longest” match
© Janice Regan, 2007-2012 45
Historic network: aggregation Some blocks of addresses were allocated using classfull
addressing Consider a block of addresses that was allocated to company B
Assume that for CIDR these addresses indicate that Company B is in Canada
But Company B is actually in Europe Company B received its block of addresses when classfull
addressing was being used. Of course Company B does not want to change it address block Company B’s address block 196.74.4.0/22 falls within the
address block 196.74.0.0/17 EngCo’s allocation was actually 196.74.0.0/17 except for
196.74.4.0/22© Janice Regan, 2007-2012 46
© Janice Regan, 2007-2012 47
Return: Aggregation of networks 64*256=16384=232-14 196.74.0.0/18
10240 4 8 12 16 20 24 28 32 36 40 44 48
1024
52 56 60 64
196.74.16.0/21 196.74.32.0/22 196.74. 48.0/20
10240 4 8 12 16 20 24 28 32 36 40 44 48
1024
52 56 60 64
196.74.0.0/18
Company B’s block of addresses
© Janice Regan, 2007-2012 48
CIDR: Routing and aggregation The three networks at EngCo might be aggregated into
one forwarding table entry 196.74.0.0/18 in routers (like router 1) outside of EngCo
But company B’s allocation is inside this aggregated block
How can we use the aggregated range if it contains other networks?
© Janice Regan, 2007-2012 49
CIDR: Routing and aggregation What entries do we need in the forwarding table so that
company B gets its segments EngCo gets only the segments addressed to it
Need two entries One entry for Company B, one entry for EngCo Company B’s entry has a “longer” match A packet to company B matches both entries, but will be forwarded
using the entry with the “longer” match (company B) A packet to company A will match only EngCo’s aggregated entry
Network address
Gateway netmask Metric Iface
196.74.4.0 198.74.41 255.255.252.0 0 Eth0198.74.0.0 * 255.255.240.0 0 Eth1
Allocating assigned block When a user or organization is assigned a block
of IP addresses how are those addresses assigned to the hosts and networks that are part of that organization. Can be assigned manually and permanently using
static routing Can be assigned dynamically, address given to a
particular host for a particular length of time using DHCP (Dynamic Host Configuration Protocol)
© Janice Regan, 2007-2012 50
DHCP The System Administrator can configure how addresses
from the allocated address blocks are assigned to hosts Addresses can be divided into blocks for smaller sub-
networks within the site being administered Each sub-network can be give a range of addresses
A host in the sub-network can be configured to request an address DHCP can give a lease on an address (reply to the request). A
lease grants use of an address for a specified period of time. Later the host can request to extend the lease if necessary Alternately a host can be configured to use a specific address
permanently (a static address)
© Janice Regan, 2007-2012 51
Initial configuration: transitions 1
© Janice Regan, 2007-2012 52
Select Initialize
RequestBound
Broadcast DCHPDISCOVER
Receive DHCPOFFER
Select OfferBroadcast DHCPREQUEST
Receive DHCPACK
Receive DHCPNACKOr Lease Expires
© Janice Regan, 2006 53
Initial configuration: 1 A DHPDISCOVER message is broadcast so it reaches
all DHCP servers on the attached network (or that can be reached through a DHCP relay client) IP: source address 0.0.0.0 (host does not yet
know it’s IP address), IP destination address (local broadcast)
255.255.255.255 UDP : source port 68, destination port 67 Your address (yiaddr) 0.0.0.0, not yet
assigned Transaction ID 1234 (identifies exchange)
Initial configuration: transitions 2
© Janice Regan, 2007-2012 54
Select Initialize
RequestBound
Broadcast DCHPDISCOVER
Receive DHCPOFFER
Select OfferBroadcast DHCPREQUEST
Receive DHCPACK
Receive DHCPNACKOr Lease Expires
© Janice Regan, 2006 55
Initial configuration: 2 Each DHCP server on the local network (or reached
through a DHCP relay client) finds an IP address and offers that address to the host in a DHCPOFFER message your address is set to the offered IP address IP: source address is the address of the replying
server IP: destination address is the new your
address (the address offered to the host requesting an address)
UDP : source port 67, destination port 68 Transaction ID 1234 (matches
DHCPDISCOVER) Proposed lease time for provided IP address
Initial configuration: transitions 2
© Janice Regan, 2007-2012 56
Select Initialize
RequestBound
Broadcast DCHPDISCOVER
Receive DHCPOFFER
Select OfferBroadcast DHCPREQUEST
Receive DHCPACK
Receive DHCPNACKOr Lease Expires
© Janice Regan, 2006 57
Initial configuration: 3 The client chooses a server from received offer messages (usually
takes the first) The client broadcasts a DHCPREQUEST including
The your IP address offered by the chosen server The least time suggested by the chosen server A new transaction ID ( for the exchange beginning with this
datagram say 1125 Destination IP address and port (67) of the server chosen Source IP address 0.0.0.0 (still haven’t confirmed the IP
address that has been offered) and port (68) Other servers (whose offers were not chosen) receive the
DHCPREQUEST and then know that they have not been chosen and can release the IP address they offered back to the pool of addresses that can be offered by the server..
Initial configuration: transitions 2
© Janice Regan, 2007-2012 58
Select Initialize
RequestBound
Broadcast DCHPDISCOVER
Receive DHCPOFFER
Select OfferBroadcast DHCPREQUEST
Receive DHCPACK
Receive DHCPNACKOr Lease Expires
© Janice Regan, 2006 59
Initial configuration: 4 The chosen server receives the DHCPREQUEST and
knows the client has chosen the IP address it offered The chosen server places the address and configuration
information into its database and replies to the client with a DHCPACK containing the following information The lifetime of the lease The transaction id (matches id of the
DHCPREQUEST) The destination IP (IP of the chosen DHCP
server) and port (68) The source IP address (just assigned) and
port (67)
Recommended