View
12
Download
0
Category
Preview:
Citation preview
Network Layer Protocols and Internet Protocol (IP)
Suguru Yamaguchi Nara Institute of Science and Technology
1 2011 Network Information 1 / 05
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 2
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 3
2011 Network Information 1 / 05 4
OSI 7 Layer Reference Model
Application
Presentation
Session
Transport
Network
Data Link
Physical
NFS
XDR
Sun RPC
TCP
IP
IEEE802.3
Ethernet Coax
ES (End System) ES (End System)
Upper Layer Protocol
IS (Intermediate System)
Physical connection Physical connection
Connecting heterogeneous datalinks
2011 Network Information 1 / 05 5
Network
Gateway
The gateway forwards IP packets as an intermediate system according to the routing structure. Connecting directory with datalink in same network.
2011 Network Information 1 / 05 6
TCP/IP as a Layered Protocol Architecture
Physical
Network Interface
IP
TCP
Application
Physical
Network Interface
IP
TCP
Application
Physical
Network Interface
IP
IP realizes the end-to-end communication
2011 Network Information 1 / 05 7
TCP/IP as a Layered Protocol Architecture
② The layer upper to the IP protocol defines the service. Thereby, it does not matter what comes below the datalink layer.
①Service relationship is defined by service provider.
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 8
Node identification
2011 Network Information 1 / 05 9
• Globally unique address space • Address space and delegation of authority • Network identification and host identification • Address class
Address class Address space that delegates authority to the layers
Identifying network Identifying host
0xDD 0xA3 0x4A 0x7F
163.221.74.127/24
163 221 74 127
Network area is 24 bits
Prefix length
例) IPv4 address
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 10
11
Node aggregation: from efficiency perspectives 163.221/16 163.221.52/24 163.221.127.0/21 ... Prefix length = Binary tree level Simple expression → Fast and memory-saving → Especially in relay node...
2011 Network Information 1 / 05
Address aggregation Aggregating contiguous network blocks
12
Host 00 Network Number
24
Host 01 Network Number
Host 10 Network Number
Host 11 Network Number
C
C
C
C
Prefix
22
4C
2011 Network Information 1 / 05
Address aggregation
13
0 1 2 3 12345678 90123456 78901234 56789012 [1] 192.32. 0.0/20 : 11000000.00100000.0000---- -------- [2] 192.24.34.0/23 : 11000000.00011000.0010001- -------- [3] 192.24.32.0/23 : 11000000.00011000.0010000- --------
[4] 192.24.16.0/20 : 11000000.00011000.0001---- -------- [5] 192.24. 0.0/21 : 11000000.00011000.00000--- -------- [6] 192.24. 8.0/22 : 11000000.00011000.000010-- -------- [7] 192.24.12.0/22 : 11000000.00011000.000011-- --------
0 1 2 3 12345678 90123456 78901234 56789012 [1] 192.32. 0.0/20 : 11000000.00100000.0000---- -------- [8] 192.24.32.0/22 : 11000000.00011000.001000-- -------- [4] 192.24.16.0/20 : 11000000.00011000.0001---- --------
[5] 192.24. 0.0/21 : 11000000.00011000.00000--- -------- [9] 192.24. 8.0/21 : 11000000.00011000.00001--- --------
Aggregate; [2] + [3] = [8] (.34/23 + .32/23) [6] + [7] = [9] (.8/22 + .12/22)
2011 Network Information 1 / 05
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 14
15
End-to-end packet delivery
Network Layer “Cloud”. Hosts are present at the cloud edge. Identified uniquely by IPv4 address.
Network Layer
163.221.5.5
163.221.4.4
163.221.3.3
2011 Network Information 1 / 05
16
Graph representation of networks datalink layer
• Network Layer l Arbitrary topology l Any difference with bridges? What if we label the graph...
2011 Network Information 1 / 05
17
Hierarchy perspective: who carries the ladder?
Datalink Layer Datalink Layer
Network Layer From datalink layer to network layer: Native to datalink layer Ex: LLC/SNAP, NLPID From network layer
to datalink layer: Native to network layer Ex) ARP (IPv4) ND (IPv6)
2011 Network Information 1 / 05
18
Network to datalink: Address Resolution Protocol: ARP(1)
A → B: “M” – a → all stations: “where is B” – b → a: “B is at b” – a → b: “A → B: “M””
A B C a b c Data-link layer
Network layer
RFC826
2011 Network Information 1 / 05
19
Network to datalink: the case of routed networks : ARP(2)
A → C: “M” – a → all stations: “where is R” – r → a: “R is at r” – a → r: “A → C: “M””
l r → all stations: “where is C” l c → r: “C is at c” l r → c: “A → C: “M””
A B a b
C D c d
R r
Data-link layer Network layer
2011 Network Information 1 / 05
20
Network to datalink: the case of bridged networks : ARP(3)
A → C: “M” – a → all stations: “where is C” – c → a: “C is at a” – a → c: “A → C: “M””
A B a b
C D c d
T t
Data-link layer Network layer
2011 Network Information 1 / 05
21
Datalink to network layer Several network layer protocols are multiplexed to a
single datalink layer. Multiplexing, de-multiplexing
IPv4 IPv6 ....
Ethernet
IPv4 IPv6 ....
Ethernet Datalink
Network
?
2011 Network Information 1 / 05
Ethernet, IEEE802.3, 802.2LLC, …
2011 Network Information 1 / 05 22
Dst addr Src addr Type FCS DATA (variable)
Length FCS DATA (variable)
Length FCS DATA (variable)
DSAP SSAP CTL DATA (variable) FCS
Protocol ID Type DATA (variable) FCS
6 6 2
1 1 1
2 3
4
(head is 0xFFFF)
Ethernet2
IEEE802.3 (Length < 0x05DC)
IEEE802.3 Raw
IEEE802.2 LLC
SNAP
23
Datalink to network: De-multiplexing with LLC(2):
Source SAP Address Information
1
Control
1 or 2 bytes
Destination SAP Address Source SAP Address
I/G
7 bits 1
C/R
7 bits 1
I/G = Individual or group address C/R = Command or response frame
Destination SAP Address
1 byte
SAP address examples: 06 IP packet E0 Novell IPX FE OSI packet AA SubNetwork Access protocol (SNAP)
2011 Network Information 1 / 05
24
De-multiplexing with LLC/SNAP
MAC Header FCS
AA AA 03 LLC PDU 1 1 1
Information SNAP Header
Type ORG
SNAP PDU
3 2
2011 Network Information 1 / 05
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 25
Implementing the communication model Unicast
– Peer to Peer communication – Source and destination address allocation
– Example p.16, 17, 18 is Unicast
Broadcast
Multicast
26 2011 Network Information 1 / 05
Broadcast – Sending to all hosts running in the same transmission medium
(datalink). • Broadcast communication availability depends on the datalink. • Many datalinks do not support broadcast communication.
– Does not guarantee a perfect broadcast. • Passive hosts will not receive the broadcast. • Processing received data depends on the processes run by
receiving hosts.
IP broadcast Link-layer broadcast
27 2011 Network Information 1 / 05
28
Bootstrapping with broadcast Broadcast communication in multi-access
network – It is absolutely necessary to resolve address from
network layer to datalink layer. – Automatic configuration is absolutely necessary.
A B C a b c Data-link layer
Network layer
• Bootstrap A: l a → all stations:
“who is router” l r → a:
“router R is at r”
R r
2011 Network Information 1 / 05
Selective broadcasting Multicast
– Multi-point to Multi-point communication – Selective broadcasting
– Membership • If host is not a member, it won’t be able to listen to
communications within the group. – Membership management – Group Management
IP multicast Link-layer multicast
29 2011 Network Information 1 / 05
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 30
31
What if...?
Application
Presentation
Session
Transport
Network
Data Link
Physical
physical connection
Application
Presentation
Session
Transport
Network
Data Link
Physical
→ Failure isolation and Failure recovery 2011 Network Information 1 / 05
32
Failure isolation: ICMP
Failure occuring below the datalink layer →Dropping a Packet
In the case a packet did not reach its destination – Destination Unreachable – Returning to the source address.
RFC792
failure
ICMP Destination Unreachable
2011 Network Information 1 / 05
33
Failure isolation: ICMP(2) End-to-end reachability verification, faulty section
judgement. – Echo Request, Echo Reply
Application Presentation
Session Transport Network
Data Link Physical
Application Presentation
Session Transport Network
Data Link Physical
2011 Network Information 1 / 05
Network Layer Features Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 34
Connecting heterogeneous datalinks Because of heterogeneity...
– Address architecture is different→Resolving with ARP. – Multiplexing method is different→Resolving with LLC/SNAP
– Transmission speed is different • →Resolving with buffer
– Maximum Transmission Unit (MTU) size is different • →Fragmentation
35 2011 Network Information 1 / 05
36
Connecting heterogeneous datalinks: fragmentation and reassembly Fragmentation :
– Fragmenting a packet and keeping fragments within a maximum frame length.
Reassembly: – Reconstructing the fragmented packet at the destination node.
MTU = 1520 MTU = 9128
2011 Network Information 1 / 05
37
Implementing Fragmentation and Reassembly: IPv4 Header Flags = {0, MF, DF} Fragment offset: 13 bits
8 31 0 4 16
Ver.
Option (if any)
IHL Type of Service Total Length (in Octet)
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
2011 Network Information 1 / 05
Conclusion Basic model Node identification Node aggregation End-to-end Packet delivery Broadcast・Multicast
Failure isolation and Failure recovery Connecting heterogeneous datalinks
2011 Network Information 1 / 05 38
Road to IPv6
39 2011 Network Information 1 / 05
40
Ongoing growth
Active BGP FIB entries @ AS65000, Feb. 2010, Source: BGP Reports, available online. At http://bgp.potaroo.net/ 2011 Network Information 1 / 05
Problem Drastic growth of Internet
– address depletion and drastic growth of routes
– New adaptation field, New requirement
Urgent problem – Address and Route F Route Aggregation
Radical solution F New IP protocol – IPv6
41 2011 Network Information 1 / 05
Technical Criteria for Choosing IPng (RFC1726)
Five basic principles – Simple structure – Single protocol – Applicable for a long time. – Used widely – Cooperative anarchy (preserve the
decentralized and decoupled nature of the Internet)
42 2011 Network Information 1 / 05
Technical Criteria for Choosing IPng (RFC1726)
Scale – End systems number is over 1012 – Distinct networks number is over 109
Topology flexibility – Not assuming a specific network topology.
Tough service – Network service, routing and network control
Transition plan – Easy transition plan from IPv4
Media (link) independent
43 2011 Network Information 1 / 05
Technical Criteria for Choosing IPng (RFC1726)
Configuration – Auto-configuration
Publication of specifications – RFC Standard track
Other features – Security – Mobile host and network – Multicast
44 2011 Network Information 1 / 05
SeIecting IPng: History
1991 Draft is publicly announced by IAB. 1992 IPng section meeting starts discussion.
– TUBA(TCP and UDP over Bigger Address) – CATNIP(Common Architecture for the Internet) – SIPP(Simple Internet Protocol Plus)
1994 Decision to base the specification on SIPP. 1995 Decision of an IPv6 specification.
45 2011 Network Information 1 / 05
IPv6
46 2011 Network Information 1 / 05
Difference between IPv6 and IPv4
Expansion of the address space – from 32bit to 128bit.
• 32bit 4,294,967,296 (4billion) • 128bit
340,282,366,920,938,463,463,374,607,431,768,211,456
Address architecture – Hierarchic structure – Introduction of the concept of scope – Clear definition of address classes
Multicast Standardization – Discontinuation of broadcast
47 2011 Network Information 1 / 05
Difference between IPv6 and IPv4(cont.)
Able to deal with high-speed networks – Simplified header format
• Suppression of unused fields • Static length • Discontinuation of checksums • Discontinuation of IP header options
– Discontinuation of en-route packet fragmentation
48
Router HOST HOST
2011 Network Information 1 / 05
Difference between IPv6 and IPv4(cont.)
Link layer and network layer address resolution – ARP -> NDP (Neighbor Discovery Protocol) – Unreachability detection
Security – IPsec as a standard
Flexibility – IP extension header
• MobileIPv6 • IPsec
49 2011 Network Information 1 / 05
NDP(Neighbor Discovery Protocol) NDP features
– Prefix Discovery – Address Autoconfiguration – Next-hop determination – Neighbor Unreachability – Duplicate Address Detection
Implementations – Multicast – Implementing as a ICMP and Having a following packet type
• Router Solicitation • Router Advertisement • Neighbor Solicitation • Neighbor Advertisement • Redirect
2011 Network Information 1 / 05 50
NDP First, A is link local address. a→all stations : “where is R” r→a : “R is at r” a→r : “I’m a” r→a : “a is A and gateway is r”
2011 Network Information 1 / 05 51
A B a b
R r
Data-link layer Network layer
Differences between NDP and ARP ARP
– To get a data-link layer address from network layer address.
In NDP, This feature is implement as a one of NDP functions. – Address Resolution
2011 Network Information 1 / 05 52
IPv4 Header
53
Ver HL TOS Total Length
Identification Flag Fragment Offset
TTL Protocol Header Checksum
Source Address
Destination Address
Options Padding
IPv4
Fields in gray are suppressed or renamed in IPv6.
2011 Network Information 1 / 05
IPv6 ヘッダ
54
Ver Traffic Class Flow Label
Payload Length Next Header Hop Limit
Source Address
Destination Address
IPv6
• Fields in red are renamed from IPv4 specifications
• Packet length has been fixed
2011 Network Information 1 / 05
IPv6 - Internet’s True Form
Expansion of address space – Restoration of the End-to-End model
Aggregatable address system Features that accommodate new requirements
– Multicast – Security – Auto-configuration
Auto-configuration – Standardization of an automatic address configuration system – Network renumbering
55 2011 Network Information 1 / 05
IPv6 Address Expression
Expressing 128 bits in hexadecimal Splitting every 4 digits using “:”
– 3ffe:501:100c:e320:2e0:18ff:fe98:936d
Allowing to skip consecutive “0” sequence – 3ffe:0501:100c:e320:0000:0000:0000:0001 →
3ffe:501:100c:e320::0001
56 2011 Network Information 1 / 05
IPv6 Address Structure
Separating network prefix and interface ID. – Network prefix (Upper 64 bits)
• For the moment allocation based on an aggregatable address system. – Host ID (Lower 64 bits)
• EUI-64 • In the case of Ethernet, decision based on MAC address
57 2011 Network Information 1 / 05
IPv6 Address Structure (cont.)
58
Interface ID
64bit 64bit
Network Prefix
IPv6 : 2001:218:1800::/48 IPv4 : 45.0.0.0/8
2001:218:1800:e100::/64 2001:218:1800:e200::/64 45.0.1.0/24
2011 Network Information 1 / 05
Address Class
Unicast Address – Assigned to a single interface.
Multicast Address
– Assigned to several interfaces and delivered to all these interfaces.
59 2011 Network Information 1 / 05
Address Class (cont.)
Loopback Address – Expressing oneself address ::1
IPv4 compatibility address – ::IPv4 address – ::203.178.142.1 – Address used for auto-tunnelling
IPv4-mapped address – ::ffff:IPv4 address – ::ffff:203.178.142.1 – Address expression to show a node implements IPv4 only
60 2011 Network Information 1 / 05
Format Prefix
Usage Prefix Occupation Reserved 0000 0000 1/256 Unassigned 0000 0001 1/256 Reserved for NSAP Allocation 0000 001 1/128 Reserved for IPX Allocation 0000 010 1/128 Unassigned 0000 011 1/128 Unassigned 0000 1 1/32 Unassigned 0001 1/16 Aggregatable Global Unicast Address 001 1/8
Unassigned 010 1/8 Unassigned 011 1/8 Unassigned 100 1/8 Unassigned 101 1/8
61 2011 Network Information 1 / 05
Format Prefix (cont.)
Usage Prefix Occupation Unassigned 110 1/8 Unassigned 1110 1/16 Unassigned 1111 0 1/32 Unassigned 1111 10 1/64 Unassigned 1111 110 1/128 Unassigned 1111 1110 0 1/512 Link-Local Unicast Address 1111 1110 10 1/1024 Multicast Address 1111 1111 1/256
Unassigned is dealt with as Unicast from now on.
62 2011 Network Information 1 / 05
Concept of Scope
Global address – Valid single address used in the whole Internet
Link-Local address – Address valid only at the link scope – fe80::1
63 2011 Network Information 1 / 05
Concept of Scope (cont.)
64
HOST HOST
Organization
Router
HOST
Link-local
Link-local
Global
Organization
2011 Network Information 1 / 05
Aggregatable Address System
65
n Address assignment following the network topology
FP TLA ID RE NLA ID SLA ID Interface ID 3 13 13 6 13 16 64
FP Format Prefix RE Reserved TLA ID Top-Level Aggregation Identifier NLA ID Next-Level Aggregation Identifier SLA ID Site-Level Aggregation Identifier
FP TLA ID RE NLA ID SLA ID Interface ID 3 13 8 24 16 64
sub-TLA
RFC2374
RFC2450
2011 Network Information 1 / 05
Address Assignment
66
APNIC
WIDE
NAIST USM
2001:200::/29 - 2001:3f8::/29
2001:200::/35
2001:200:16a::/48 2001:200:703::/48
TLA ID
sub-TLA
NLA ID
2011 Network Information 1 / 05
TLA (Top Level Aggregator)
67
TLA ID RE
3 13 8 24
NLA ID FP
TLA ID
3 13 13 19
NLA ID FP SubTLA ID
Previous assignment
Current assignment
n Assigned from RIRs (ARIN, RIPE, APNIC) n /29 address space
2011 Network Information 1 / 05
ISPs and organizations acquire addresses from TLA Enabling to set a subnet From /35 to /48 address spaces
NLA (Next Level Aggregator)
68
TLA ID RE
3 13 8 24
NLA ID FP
TLA ID NLA ID FP SubTLA ID
Previous assignment
3 13 13 19 2011 Network Information 1 / 05
Current assignment
SLA (Site Level Aggregator)
Organizations acquire addresses from NLA. From /49 to /64 address spaces
69
TLA ID NLA ID FP SubTLA ID
3 13 13 19 16
SLA ID
2011 Network Information 1 / 05
Address auto-configuration: Ethernet and IPv6 addresses
The interface part is automatically generated using the MAC address.
EUI-64 – 00:e0:18:98:93:6d (MAC address) →
2001:200:16a:e320:2e0:18ff:fe98:936d
70 2011 Network Information 1 / 05
Another Unicast Address
Link Local Address – Address valid at the link scope
fe80::2e0:18ff:fe98:936d
71
1111111010 10 bits 64 bits
00000.........0000 56 bits
interface Id
2011 Network Information 1 / 05
Multicast Address
72
11111111 8 bits 112 bits
flgs scope
4 4
group ID
0 reserved 1 node-local scope 2 link-local scope 5 site-local scope 8 organization-local scope E global scope F reserved
0000 permanent(defined)address 0001 temporary address
2011 Network Information 1 / 05
Defined Multicast Address
FF00:0:0:0:0:0:0:0 reserved FF01:0:0:0:0:0:0:0 reserved : FF0F:0:0:0:0:0:0:0 reserved FF01:0:0:0:0:0:0:1 All IPv6 nodes address (node-local) FF02:0:0:0:0:0:0:1 All IPv6 nodes address (link-local) FF01:0:0:0:0:0:0:2 All IPv6 routers address (node-local) FF02:0:0:0:0:0:0:2 All IPv6 routers address (link-local) FF02:0:0:0:0:0:0:C DHCP servers / relay agents FF02:0:0:0:0:1:x:x Solicited-Node address
73 2011 Network Information 1 / 05
Conclusion
IPv6: Internet Protocol refactored – Bigger address space – Aggregation – Multicast – Auto-configuration
Topics not covered here: – Extensible headers – Security – Mobility – Path MTU discovery – Anycast – Transition
74 2011 Network Information 1 / 05
Recommended