View
269
Download
8
Tags:
Embed Size (px)
Citation preview
Chapter 5Network Layer
CIS 81 Networking Fundamentals
Rick Graziani
Cabrillo College
Last Updated: 3/9/2008
2
This Presentation
For a copy of this presentation and access to my web site for other CCNA, CCNP, and Wireless resources please email me for a username and password. Email: [email protected] Web Site: www.cabrillo.edu/~rgraziani
3
Note
This presentation is not in the order of the book or online curriculum. This presentation also contains information beyond the curriculum.
Network Layer Overview
5
Network Layer
IPv4
6
Application Header + data
IP Header
0 15 16 31 4-bit
Version 4-bit
Header Length
8-bit Type Of Service (TOS)
16-bit Total Length (in bytes)
16-bit Identification
3-bit Flags
13-bit Fragment Offset
8 bit Time To Live
TTL
8-bit Protocol
16-bit Header Checksum
32-bit Source IP Address
32-bit Destination IP Address
Options (if any)
Data
7
IP
IP
IP IP
8
Focus on Transport LayerIP
IP
9
Network Layer
The Network layer (Layer 3) provides services to exchange the data over the network between identified end devices.
Layer 3 uses four basic processes: Addressing Encapsulation Routing Decapsulation
0 15 16 31 4-bit
Version 4-bit
Header Length
8-bit Type Of Service (TOS)
16-bit Total Length (in bytes)
16-bit Identification
3-bit Flags
13-bit Fragment Offset
8 bit Time To Live
TTL
8-bit Protocol
16-bit Header Checksum
32-bit Source IP Address
32-bit Destination IP Address
Options (if any)
Data
10
Addressing
0 15 16 31 4-bit
Version 4-bit
Header Length
8-bit Type Of Service (TOS)
16-bit Total Length (in bytes)
16-bit Identification
3-bit Flags
13-bit Fragment Offset
8 bit Time To Live
TTL
8-bit Protocol
16-bit Header Checksum
32-bit Source IP Address
32-bit Destination IP Address
Options (if any)
Data
172.16.3.10192.168.100.99 Source IP = 192.168.100.99
Destination IP = 172.16.3.10
Destination IP = 192.168.100.99
Source IP = 172.16.3.10
Source IP Address Destination IP Address
More later!
11
DataHTTP Header
TCP Header
IP Header
Data Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
IP PacketData Link Header
Data Link Trailer
DataHTTP Header
TCP Header
IP Header
Data Link Header
Data Link Trailer
Encapsulation and Decapsulation
12
Decapsulation
When the packet arrives at the destination host and is processed at Layer 3.
The host examines the destination address to verify that the packet was addressed to this device.
If the address is correct, the packet is decapsulated by the Network layer and the Layer 4 PDU contained in the packet is passed up to the appropriate service at Transport layer.
Application Header + data
13
Routing
Routers examine Layer 3 Destination IP addresses to forward packets. Search their routing tables for a match with a network address. Send the packet on to the next-hop router. Last router in path forwards the router to the host matching the
Destination IP address of the packet.
0 15 16 31 4-bit
Version 4-bit
Header Length
8-bit Type Of Service (TOS)
16-bit Total Length (in bytes)
16-bit Identification
3-bit Flags
13-bit Fragment Offset
8 bit Time To Live
TTL
8-bit Protocol
16-bit Header Checksum
32-bit Source IP Address
32-bit Destination IP Address
Options (if any)
Data
172.16.3.10192.168.100.99
Source IP = 192.168.100.99
Destination IP = 172.16.3.10
14
Network Layer Protocols
The Internet Protocol (IPv4 and IPv6) is the most widely-used Layer 3 data carrying protocol and will be the focus of this course.
15
IPv4 basic characteristics:
16
Connectionless
IP packets are sent without notifying the end host that they are coming. TCP: A connection-oriented protocol does requires a connection to be
established prior to sending TCP segments. UDP: A connectionless protocol does not require a session to be
established.
17
Best Effort Service (unreliable)
The mission of Layer 3 is to transport the packets between the hosts while placing as little burden on the network as possible. Speed over reliability
Layer 3 is not concerned with or even aware of the type of data contained inside of a packet. This responsibility is the role of the upper layers as required.
Unreliable: IP does not have the capability or responsibility to manage, and recover from, undelivered or corrupt packets. TCP’s responsibility at the end-to-end hosts
18
Responsibility of the OSI Data Link layer to take an IP packet and prepare it for transmission over the communications medium.
Transport of IP packets is not limited to any particular medium. In some cases a router will need to split up a packet when
forwarding it from one media to a media with a smaller MTU. fragmenting the packet or fragmentation.
Media Independent
19
TCP MSS = 1460
Data = 1460 octets
20 octets 20 octets 1460 octets
1500 octets
Determining TCP MTU Typically, an end system uses the "outgoing interface MTU" minus 40 as its
reported MSS. For example, an TCP over IP over Ethernet MSS value is 1460 (1500 - 40 =
1460). When a host (usually a PC) initiates a TCP session with a server, it negotiates
the TCP segment size by using the maximum segment size (MSS) option field in the TCP SYN packet. (curriculum say IP segment).
The value of the MSS field is determined by the maximum transmission unit (MTU) configuration on the host.
The default Ethernet MTU value for a PC is 1500 bytes. (curriculum says MSS)
TCP MSS defines the maximum size of the data in the TCP segment.
Ethernet MTU defines the maximum size of the data in the Ethernet frame.
The host using Ethernet, MTU of 1500 octets so I will set my MSS to 1460.
20
IP Header
IP Destination Address 32-bit binary value that represents the packet destination
Network layer host address. IP Source Address
32-bit binary value that represents the packet source Network layer host address.
21
When a packet is first generated a value is entered into the TTL field. Originally, the TTL field was the number of seconds, but this was difficult to
implement and rarely supported. Now, the TTL is now set to a specific value which is then decremented by each
router.
IP’s TTL – Time To Live field
22
IP’s TTL – Time To Live field
If the router decrements the TTL field to 0, it will then drop the packet (unless the packet is destined specifically for the router, I.e. ping, telnet, etc.).
Common operating system TTL values are: UNIX: 255 Linux: 64 or 255 depending upon vendor and version Microsoft Windows 95: 32 Other Microsoft Windows operating systems: 128
Decrement by 1, if 0 drop the packet.
23
http://www.switch.ch/docs/ttl_default.htmlTTL Overview - Disclaimer:The following list is a best effort overview of some widely used TCP/IP stacks. The information was provided by vendors and
many helpful system administrators. We would like to thank all these contributors for their precious help ! SWITCH cannot, however, take any responsibility that the provided information is correct. Furthermore, SWITCH cannot be made liable for any damage that may arise by the use of this information.
+-------------------------------+-------+---------+---------+| OS Version |"safe" | tcp_ttl | udp_ttl |+-------------------------------+-------+---------+---------+ AIX n 60 30 DEC Pathworks V5 n 30 30 FreeBSD 2.1R y 64 64 HP/UX 9.0x n 30 30 HP/UX 10.01 y 64 64 Irix 5.3 y 60 60 Irix 6.x y 60 60 Linux y 64 64 MacOS/MacTCP 2.0.x y 60 60 OS/2 TCP/IP 3.0 y 64 64 OSF/1 V3.2A n 60 30 Solaris 2.x y 255 255 SunOS 4.1.3/4.1.4 y 60 60 Ultrix V4.1/V4.2A n 60 30 VMS/Multinet y 64 64 VMS/TCPware y 60 64 VMS/Wollongong 1.1.1.1 n 128 30 VMS/UCX (latest rel.) y 128 128 MS WfW n 32 32 MS Windows 95 n 32 32 MS Windows NT 3.51 n 32 32 MS Windows NT 4.0 y 128 128
Assigned Numbers (RFC 1700, J. Reynolds, J. Postel, October 1994):
IP TIME TO LIVE PARAMETER
The current recommended default time to live (TTL) for the Internet Protocol (IP) is 64.
Safe: TCP and UDP initial TTL values should be set to a "safe" value of at least 60 today.
24
The idea behind the TTL field is that IP packets can not travel around the Internet forever, from router to router.
Eventually, the packet’s TTL which reach 0 and be dropped by the router, even if there is a routing loop somewhere in the network.
IP’s TTL – Time To Live field
Decrement by 1, if 0 drop the packet.
25
IP’s Protocol Field
Protocol field enables the Network layer to pass the data to the appropriate upper-layer protocol.
Example values are: 01 ICMP 06 TCP 17 UDP
26
IP’s ToS Field
Type-of-Service is used to determine the priority of each packet. Enables Quality-of-Service (QoS) mechanism for high priority traffic such
as; VoIP Streaming video
For ToS to be used: Hosts set ToS field (can be an intermediary device such as a switch) Routers must be configured to examine ToS
27
IP Fragmentation
A router may have to fragment a packet when forwarding it from one medium to another medium that has a smaller MTU. If Don’t Fragment flag set, it will not fragment packet, but discard it.
Fragment Offset field and More Fragments flag is used to reconstruct the packet at the destination host.
Data = 1480 bytesIP
Data = 500IP
Data = 480IP
IP Packet Fragments
Original IP Packet
IP Header = 20 bytes
Data = 500IP
Data = 500L2 L2
28
IP Fragmentation
When fragmentation occurs, it does not get reconstructed until it reaches the host. This takes processing time. Fragment Offset field identifies the order
IP Packet
IP Packet
IP Packet
IP Packet
IP Packet
IP Packet
IP Packet
IP Packet
IP Packet
IP PacketIP Packet
Network link with larger MTU
Network link with smaller MTU
Network link with larger MTU
29
Path MTU Discovery
Path MTU Discovery (Not discussed here, but is important) RFC 1191 (RFC1191) Path MTU Discovery and Filtering ICMP
Marc Slemko Link on CIS 81 web page
30
Other IPv4 fields
Version - Contains the IP version number (4) Header Length (IHL) - Specifies the size of the packet header. Packet Length - This field gives the entire packet size, including header and
data, in bytes. Identification - This field is primarily used for uniquely identifying fragments
of an original IP packet Header Checksum - The checksum field is used for error checking the
packet header. Options - There is provision for additional fields in the IPv4 header to
provide other services but these are rarely used.
Host and Network Addresses
32
IP Addresses – First look
Host IP addresses are IP addresses assigned to end devices such as: Client computers Server computers Printers Router interfaces
Note: the /16 refers to the subnet mask, which will be discussed later. Note: Intermediary devices such as a switch may have an IP address to allow
the network administrator to Telnet to the device for remote management.
Kiwi Airliners - Network Address 172.16.0.0/16
172.16.10.100/16
172.16.10.55/16
172.16.10.3/16
172.16.20.77/16
172.16.20.96/16
172.16.20.103/16
172.16.30.39/16
172.16.30.10/16
172.16.30.111/16
172.16.40.123/16
172.16.40.51/16
172.16.40.29/16
172.16.1.1/16
33
IP Addresses – First look
Host IP addresses are members of a group of addresses call the Network Address
IANA (Internet Assigned Numbers Authority) have the responsibility to allocate network addresses.
A company or individual needing a network addresses typically goes to their ISP
ISPs then allocate network addresses to their customers. More detail in the next chapter.
Kiwi Airliners - Network Address 172.16.0.0/16
172.16.10.100/16
172.16.10.55/16
172.16.10.3/16
172.16.20.77/16
172.16.20.96/16
172.16.20.103/16
172.16.30.39/16
172.16.30.10/16
172.16.30.111/16
172.16.40.123/16
172.16.40.51/16
172.16.40.29/16
172.16.1.1/16
34
IP Addresses – First look
Default Gateway A router which is used to forward packets out of the network. This is a host IP address on the router.
The default gateway IP address is typically a host IP address which is on the same network as the host itself.
The host only has to be aware of: Its own network address Default gateway IP address to reach all devices outside its own network
Network Address 172.16.0.0
172.16.10.100/16
172.16.10.55/16
172.16.10.3/16172.16.1.1/16
ISP
Internet
Network Address 192.168.1.0/30
192.168.1.2/30
192.168.1.1/30
35
IP Addresses – First look
All hosts in the same network will typically have the same default gateway IP address.
Network Address 172.16.0.0
172.16.10.100/16
172.16.10.55/16
172.16.10.3/16172.16.1.1/16
ISP
Internet
Network Address 192.168.1.0/30
Gateway: 172.16.1.1
Gateway: 172.16.1.1
Gateway: 172.16.1.1
192.168.1.2/30
192.168.1.1/30
36
Confirming IP Address, Default GatewayC:\> ipconfig
Windows IP ConfigurationEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 172.16.10.100 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 172.16.1.1
Root# ifconfigeth0 Link encap:Ethernet HWaddr 00:0F:20:CF:8B:42 inet addr:172.16.1.100 Bcast:172.16.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2472694671 errors:1 dropped:0 overruns:0 frame:0 TX packets:44641779 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1761467179 (1679.8 Mb) TX bytes:2870928587 (2737.9 Mb) Interrupt:28
Linux: netstat –rn for default gateway information.
37
Subnets
Networks can be subdivided into subnets. This provides for several benefits which we will discuss later. Networks can be grouped based on factors that include:
Geographic location, Purpose, Ownership
Kiwi Airliners - Network Address 172.16.0.0/16
172.16.10.100/24
172.16.10.55/24
172.16.10.3/24
172.16.20.77/24
172.16.20.96/24
172.16.20.103/24
172.16.30.39/24
172.16.30.10/24
172.16.30.111/24
172.16.40.123/24
172.16.40.51/24
172.16.40.29/24172.16.1.1/24
172.16.10.1/24 172.16.20.1/24 172.16.30.1/24 172.16.40.1/24
172.16.10.0/24 172.16.20.0/24 172.16.30.0/24 172.16.40.0/24
A Quick Look at Routing
39
Routing – First Look
Routers know about: Directly connected networks (C):
Network addresses of its interfaces Remote networks
Static routes Dynamic Routing Protocol (R = RIP)
192.168.1.254/24
C 192.168.2.0/24 is direction connected, FastEthernet0/1
Network 192.168.2.0/24
Network 192.168.1.0/24
40
Routers know about: Directly connected networks (C):
Network addresses of its interfaces When a router is configured with the IP address/mask on an interface the
router knows that it has an interface which is part of that network. This is just like a host that is configured with an IP address/mask. (coming)
192.168.1.254/24
C 192.168.2.0/24 is direction connected, FastEthernet0/1
Network 192.168.2.0/24
Network 192.168.1.0/24
Routing – First Look
41
Routers learn about remote networks using: Static routes Dynamic Routing Protocol (R = RIP)
Routes in a routing table have three main features: Destination network Next-hop Metric
192.168.1.254/24
C 192.168.2.0/24 is direction connected, FastEthernet0/1
Network 192.168.2.0/24
Network 192.168.1.0/24
Routing – First Look
42
Static routes Manually entered by the administrator
Dynamic Routing protocols Routers automatically learn about remote networks Ex: RIP, EIGRP, OSPF, IS-IS, BGP
192.168.1.254/24
C 192.168.2.0/24 is direction connected, FastEthernet0/1
Network 192.168.2.0/24
Network 192.168.1.0/24
Routing – First Look
43
Host Routing Table
Hosts also have a local routing table. Usually only contains:
Its own network address (directly connected network) Default gateway IP address
Hosts usually do not have remote networks in their routing tables
netstat –r
or
route print
Chapter 5Network Layer
CIS 81 Networking Fundamentals
Rick Graziani
Cabrillo College
Last Updated: 3/9/2008