Chapter5 IP

Computer Networks

Computer Networks Prof. Lin Weiguo

College of Computing Copyleft © 2003~2015 [email protected]

http://icourse.cuc.edu.cn/computernetworks/

Attention l  The materials below are available for use by others.

Instructors are welcome to use them in their own courses, download them to their own class' web site, or modify them to suit. However, you must acknowledge the source of the original and not attempt to place your own copyright on this material.

l  Thanks to：

5/19/15 [email protected] 3

http://authors.phptr.com/tanenbaumcn4/

[email protected] 4

Roadmap Introduction

Physical Layer

Data Link Layer

Transport Layer

Network Layer

Medium Access Sublayer

Application Layer

5/19/15

The Network Layer

Chapter 5

What you will learn:

l  5.1 Network layer design issues l  5.2 Routing algorithms l  5.3 Congestion control algorithms l  5.4 Quality of service l  5.5 Internetworking l  5.6 The Networking layer in the internet 5/19/15 [email protected] 6

The Network Layer is concerned about getting packets from source to destination, no matter how many hops it may take. It’s all about routing . The network layer is the lowest layer that deals with end-to-end transmission.

5.5 Internetworking

•  How networks differ •  How networks can be connected •  Tunneling •  Internetwork routing •  Packet fragmentation


Internetworking

•  internet: –  connection of two or more networks

•  The Internet, the more generic term, is made up of a hodgepodge of different hardware and protocols.

•  Multiple networks and multiple network types (protocols) are a fact of life. •  Ethernet, satellite networks, cable networks,

telephone networks, powerlines 5/19/15 [email protected] 8

Why many different networks

l  Heterogeneity is fact of life. l  Many different networks exist, including PANs,

LANs, MANs, and WANs. l  Ethernet, 802.11, xDSL, Mobile networks…

l  Metcalfe's law l  The value of a network is proportional to the

square of the number of connected users of the system (n2).

l  There always will be an incentive to combine smaller networks.


How Networks Differ

Some of the many ways networks can differ in the network layer.


How Networks can be Connected

l  Two basic choices: l  Build devices that translate or convert packets

from each kind of network into packets for each other network.

l  By adding a layer of indirection and building a common layer on top of the different networks.

l  In either case, the devices are placed at the boundaries between networks.


The Philosophy

l  The classic solution for all problems in computer science is to


“add one level of indirection”

An idea for a universal “internet” packet

l  Cerf and Kahn’s idea (1974). They were awarded the 2004 Turing Award.

l  IP: a common layer to hide the differences of existing networks.

l  IP provides a universal packet format that all routers recognize and that can be passed through almost every network. l  Telephone networks, sensor networks, mobile

networks. 5/19/15 [email protected] 13

Internetworking Devices 1.  Repeaters, hubs (physical layer)

l  Just move the bits from one wire to another. 2.  Bridges and Switches (data link layer)

l  Only with minor protocol translation in the process, e.g. 10,100,1000Mbps Ethernet switches.

3.  Routers (network layer) –  They can connect two networks (fully aware of

different network technologies).


Interconnect dissimilar networks

(a) A packet crossing different networks. (b) Network and link layer protocol processing.


fragments

Frames


a) 802.11 Frame

b)MPLS Frame

c) Ethernet Frame

Network Protocol Operations


Difference between routed case and switched case l  An essential difference between the switched

(or bridged) case and the routed case is this: l  With a switch (or bridge), the entire frame is

transported on the basis of its MAC address. With a router, the packet is extracted from the frame and the IP address in the packet is used for deciding where to send it. Switches do not have to understand the network layer protocol being used to switch packets. Routers do.


Router vs Switch Internetworking

l  Using bridges to join different types of LANs is difficult. l  Translating frames from one LAN into frames from

another LAN did not work well. l  Today, bridges are predominantly used to

connect the same kind of network at the link layer.

l  Routers connect different networks at the network layer.


Multiprotocol Routers l  But internetworking only works when there is a

common network layer. l  Besides IP, were IPX, SNA, and Apple Talk. l  IPv4, IPv6

l  A router that can handle multiple network protocols is called a multiprotocol router. l  But networks with different networks protocols are

tough to translate between. This is rarely attempted. l  Tunneling is a common special case


Tunneling

l  Tunneling is a special case between two same-type networks across intervening foreign network(s). l  The whole packet is encapsulated in the protocol

of the foreign network to be crossed, and then restored on the other side.

l  This avoids, totally, trying to translate the packet.


Tunneling

Tunneling a packet from Paris to London. 5/19/15 [email protected] 22

Tunneling Analogy

Tunneling a car from France to England.


Problems of Internetwork Routing

l  The networks may internally use different routing algorithm.

l  The network operators may have different ideas about what is a good path through the network.

l  One operator may not want another operator to even know the details of the paths in its network.

l  Finally, the internet may be much larger than any of the networks that comprise it. It may therefore require routing algorithms that scale well by using a hierarchy, even if none of the individual networks need to use a hierarchy.


Two level Internetwork Routing Algorithm l  Within each network, an intradomain or interior

gateway protocol is used for routing. l  It might be LS or DV.

l  Across the networks that make up the internet, an interdomain or exterior gateway protocol (BGP, Border Gateway Protocol) is used.

l  The networks may all use different intradomain protocols. But they must use the same interdomain protocols.


AS (Autonomous System)

l Since each network is operated independently of all the others, it is often referred to as an AS (Autonomous System).


Routing Policy l  In the Internet, a large determining factor is the

business arrangements between ISPs: l  Each ISP may charge or receive money from the other

ISPs for carrying traffic l  If internetwork routing requires crossing international

boundaries, various laws may suddenly come into play.

l  All of these nontechnical factors are wrapped up in the concept of a routing policy that governs the way ASes select the routes that they use.


Causes of Packet Fragmentation l  Each network or link imposes some maximum size

on its packets. These limits have various causes, among them: l  Hardware (e.g., the size of an Ethernet frame). l  Operating system (e.g., all buffers are 512 bytes). l  Protocols (e.g., the number of bits in the packet length

field). l  Compliance with some (inter)national standard. l  Desire to reduce error-induced retransmissions to some

level. l  Desire to prevent one packet from occupying the channel

too long.


Avoid Packet Fragmentation?

l  The smallest packet size on a path is called the Path MTU (Path Maximum Transmission Unit).

l  It is easier said than done: l  A source does not usually know the path a packet

will take through the network to a destination. l  Even if the source did know the path MTU,

packets are routed independently in a connectionless network such as the Internet which may change the path.


Fragmentation l  Allow routers to break up packets into

fragments, sending each fragment as a separate network layer packet.

l  Packet-switching networks have trouble putting the fragments back together again. l  Two opposing strategies:

l  Transparent Fragmentation l  non-Transparent Fragmentation.


Fragmentation

(a) Transparent fragmentation. (b) Nontransparent fragmentation.


Transparent Fragmentation l  Transparent Fragmentation

l  With transparent fragmentation, end hosts (sender and receiver) are unaware that fragmentation has taken place.

l  An enter router fragments a packet, and the exit router on the same network reassembles the fragments back into the original packet.

l  Drawbacks l  the exit router must know when it has received all the pieces . l  All fragments must exit via the same router, some performance

may be lost. l  Fragments buffer needed. l  The overhead for a packet required to repeatedly fragmented and

reassembled passing through a series of small-packet networks.


Non-Transparent Fragmentation l  Non-Transparent Fragmentation:

l  As before, routers fragment packets when needed. Routers along the path do not reassemble. Destination hosts perform re-assembly (if needed).

l  The main advantage is that it requires routers to do less work. IP works this way.

l  Downsides are: l  it requires every host to be able to do reassembly l  Overhead of carrying along small segments lasts until

destination (because each fragment must have a header ). l  A whole packet is lost if any of its fragments are lost.


Approach of Numbering l  A complete design requires that the fragments be

numbered in such a way that the original data stream can be reconstructed.

l  Give every fragment: l  a packet number (carried on all packets) l  An absolute byte offset within the packet l  A flag indicating whether it is the end of the packet


Numbering the fragments

Fragmentation when the elementary data size is 1 byte. (a) Original packet, containing 10 data bytes. (b) Fragments after passing through a network with maximum packet size of

8 payload bytes plus header. (c) Fragments after passing through a size 5 gateway.


Path MTU Discovery

l  If a router receives a packet that is too large, an error packet(ICMP [Type 3, Code 4] message containing its MTU) returns to the source, and drops the packet, the source uses the information inside to refragment the packet that are small enough for the router to handle.

l  If a router further down the path has an even smaller MTU, the process is repeated.


5.6 The Network Layer in the Internet

•  The IP Version 4 Protocol •  IP Addresses •  IPv6 •  Internet Control Protocols •  Label Switching and MPLS •  OSPF – The Interior Gateway Routing Protocol •  BGP – The Exterior Gateway Routing Protocol •  Internet Multicasting •  Mobile IP


Design Principles for Internet l  TOP 10 Principles (RFC 1958)

l  Make sure it works. l  Keep it simple. l  Make clear choices. l  Exploit modularity. l  Expect heterogeneity. l  Avoid static options and parameters. l  Look for a good design; it need not be perfect. l  Be strict when sending and tolerant when receiving. l  Think about scalability. l  Consider performance and cost.


Collection of networks (ASes)

The Internet is an interconnected collection of many networks. 5/19/15 [email protected] 39

IP (Internet Protocol) l  AS (Autonomous System)

–  At network layer, the Internet can be viewed as a collection of networks or ASes that are interconnected.

l  The glue that holds the whole Internet together is the network layer protocol, IP –  provide a best-efforts (unreliable, connectionless)

way to transport datagrams from source to destination, without regard to whether these machines are on the same network or whether there are other networks in between them.


Communication in the Internet l  The transport layer takes data streams and breaks

them up into IP packets. In theory, packets can be up to 64 Kbytes each, but in practice they are usually not more than 1500 bytes (one Ethernet frame).

l  IP routers forward each packet through the Internet, possibly being fragmented into smaller units as it goes.

l  When all the pieces finally get to the destination machine, they are reassembled by the network layer into the original datagram.

l  This datagram is then handed to the transport layer, which gives it to the receiving process.


TCP/IP Protocol Stack


FTP, Telnet, HTTP,…

TCP, UDP

IP, ICMP,IGMP,ARP,RARP

Defined by other standard. Ethernet, 802.11, …

Application Layer

Transport Layer

Network Layer

Host-to-Network Layer

Hourglass of the Internet Architecture


email WWW phone...

SMTP HTTP RTP...

TCP UDP…

IP

ethernet PPP…

CSMA async sonet...

copper fiber radio...

Mid-Life Crisis

5/19/15 [email protected]

44

email WWW phone...

SMTP HTTP RTP...

TCP UDP…

IP4 IP6

ethernet PPP…

CSMA async sonet...

copper fiber radio...

Protocol Data Unit Encapsulation

TCP/IP over Ethernet 5/19/15 [email protected] 45

Application

TCP

IP

Ethernet Driver

Ethernet Transmission

Line

Ethernet Header

IP Header

TCP Header

Application Data

Ethernet Trailer

14 Bytes 4 Bytes 20 Bytes 20 Bytes Variable Length 46 to 1500Bytes

IP Header

TCP Header

Application Data

TCP Header

Application Data

Application Header User Data

User Data

Application Message

TCP Segment

IP Packet (Datagram)

Ethernet Frame

Network Byte Order l  One problem that often arises is that different machines

represent integers in different ways: l  Big Endian machines such as IBM and Sun-SPARC

computers store the most significant byte of a 32-bit integer in the lowest memory address of the word (e.g. to the left). l  The integer 0x01020304 is laid out in memory as bytes 0x01, 0x02,

0x03, and 0x04. l  Little Endian machines such as the Intel Processor store the

most significant byte at the highest address. l  The integer 0x01020304 is laid out in memory as bytes 0x04, 0x03,

0x02, 0x01. l  As with all network protocols, the standards specify the meanings

of all bits in each field, right down to the bit and byte order. l  The Internet defines a network Big Endian standard byte order

that is used when referring to the fields of Internet datagrams.


The IP Datagram Format

The IPv4 (Internet Protocol) header. 5/19/15 [email protected] 47

The IP Datagram Format 1.  Version number (4-bits):

l  The current dominating protocol version is 4. l  IPv6 is the future.

2.  IHL: Header length (4-bits): l  Length of the datagram header (excluding data) in 32-bit

words. l  The minimum length is 5 words = 20 bytes, but can be up

to 15 words if options are used. l  In practice, the length field is used to locate the start of

the data portion of the datagram.


The IP Datagram Format l  Differentiated services(8-bits):

l  Originally, it was called the Type of Service field. l  It was and still is intended to distinguish between different

classes of service. l  Digitized voice, file transfer …

l  A hint to the routing algorithms as to what type of service we desire. But in practice, routers ignore the TOS field in IPv4.

l  IETF has changed the field slightly to accommodate differentiated services. l  Top 6 bits are used to mark the packet with its service class. l  The bottom 2 bits are used to carry explicit congestion notification

information.


The IP Datagram Format 4.  Total length (16-bits): Max=65535 bytes

l  Total length of the IP datagram (in bytes), including data and header. The size of the data portion of the datagram is the total length minus the size of the header.

5.  Identification l  Allow the destination host to determine which

datagram a newly arrived fragment belongs to. All the fragments of a datagram contain the same Identification value.


The IP Datagram Format 6.  Unused (1 bit) 7.  DF (Don't Fragment , 1bit )

l  It is an order to the routers not to fragment the datagram. Originally, it was intended to support hosts incapable of putting the pieces back together again. Now it is used as part of the process to discover the path MTU. By marking the datagram with the DF bit, the sender knows it will either arrive in one piece, or an error message will be returned to the sender.

8.  MF (More Fragments, 1bit) l  All fragments except the last one have this bit set. It is needed

to know when all fragments of a datagram have arrived.


The IP Datagram Format 9.  Fragment offset (13 bits)

l  The offset tells where in the current packet this fragment belongs.

l  All fragments except the last one in a datagram must be a multiple of 8 bytes, the elementary fragment unit. Since 13 bits are provided, there is a maximum of 8192 fragments per datagram, supporting a max packet length up to the limit of the Total length field.


Example of Fragmentation


Identification = x Offset = 0 0 0 Start of Header

Rest of Header

1400 bytes of data


Rest of Header

512 bytes of data


Rest of Header

512 bytes of data


Rest of Header

376 bytes of data

》


10.  TTL (Time to Live, 8 bits) l  A counter that is decremented by each gateway. l  Should this hopcount reach 0, discard the

datagram. l  Originally, the time-to-live field was intended to

reflect real time (up to 255 sec). l  In practice, it is now a hopcount. l  The time-to-live field squashes looping packets.


Note: TCP/IP and NBT configuration parameters for Windows XP àhttp://support.microsoft.com/kb/314053/en-us

The IP Datagram Format 11.  Protocol (8-bits):

l  What type of data the IP datagram carries (e.g., TCP, UDP, etc.).

l  Needed by the receiving IP to know the higher level service that will next handle the data.

l  The numbering of protocols is global across the entire Internet (www.iana.org ).

l  ICMP:1 00000001 l  IGMP:2 00000010 l  TCP :6 00000110 l  UDP :17 00010001 l  OSPF:89 01011001


The IP Datagram Format 12.  Header Checksum (16-bits):A checksum of the IP header ONLY.

l  The IP checksum is computed as follows: l  Treat the data as a stream of 16-bit words (appending a 0 byte if needed). l  Compute the 1's complement sum of the 16-bit words. Take the 1's complement

of the result. l  This checksum is much weaker than the CRCs we have studied. l  But, it has the property that the order in which the 16-bit words are

summed is irrelevant. l  We can place the checksum in a fixed location in the header, set it to

zero, compute the checksum, and store its value in the checksum field.

l  On receipt of a datagram, the computed checksum calculated over the received packet should be zero.

l  Check summing only the header reduces the processing time at each gateway, but forces transport layer protocols to perform error detection (if desired).

l  The header must be recalculated at every router since the time_to_live field is decremented.


The IP Datagram Format 13. Source address (32-bits):

l  Original sender's address. This is an IP address, not a MAC address.

14. Destination address (32-bits): l  Datagram's ultimate destination.

The IP embedded datagram contains the source of the original sender (not the forwarding gateway) and the destination address of the ultimate destination.


The IP Datagram Format 15.  IP Options

l  IP datagrams allow the inclusion of optional, varying length fields that need not appear in every datagram. We may sometimes want to send special information, but we don't want to dedicate a field in the packet header for this purpose.

l  The Options fields is padded out to a multiple of four bytes. Options start with a 1-byte option code, followed by zero or more bytes of option data.



Some of the IP options (but rarely used). www.iana.org/assignments/ip-parameters


5-54

/* Definitions for internet protocol version 4. Per RFC 791, September 1981.*/ typedef struct iPHDR { #if MY_BYTE_ORDER == LITTLE_ENDIAN

unsigned char ip_hl:4; /* header length */ unsigned char ip_v:4; /* version */

#else unsigned char ip_v:4; /* version */ unsigned char ip_hl:4; /* header length */

#endif unsigned char ip_tos; /* type of service */ unsigned short ip_len; /* total length */ unsigned short ip_id; /* identification */ unsigned short ip_off; /* fragment offset field */ unsigned char ip_ttl; /* time to live */ unsigned char ip_p; /* protocol */ unsigned short ip_sum; /* checksum */ unsigned int ip_src; /* source address */ unsigned int ip_dst; /* destination address */

} IPHDR; /* Udp protocol header. Per RFC 768, September, 1981. */ typedef struct uDPHDR {

unsigned short uh_sport; /* source port */ unsigned short uh_dport; /* destination port */ unsigned short uh_ulen; /* udp length */ unsigned short uh_sum; /* udp checksum */

};


/* TCP header. Per RFC 793, September, 1981.*/ typedef struct tCPHDR {

unsigned short th_sport; /* source port */ unsigned short th_dport; /* destination port */ unsigned int th_seq; /* sequence number */ unsigned int th_ack; /* acknowledgement number */

#if MY_BYTE_ORDER == BIG_ENDIAN unsigned char th_off:4; /* data offset */ unsigned char th_x2:4; /* (unused) */

#else /* MY_BYTE_ORDER == LITTLE_ENDIAN*/ unsigned char th_x2:4; /* (unused) */ unsigned char th_off:4; /* data offset */

#endif unsigned char th_flags;

#define TH_FIN 0x01 #define TH_SYN 0x02 #define TH_RST 0x04 #define TH_PUSH 0x08 #define TH_ACK 0x10 #define TH_URG 0x20

unsigned short th_win; /* window */ unsigned short th_sum; /* checksum */ unsigned short th_urp; /* urgent pointer */

}; #define ETHER_ADDR_LEN 6 typedef struct ether_header {

unsigned char ether_dhost[ETHER_ADDR_LEN]; unsigned char ether_shost[ETHER_ADDR_LEN]; unsigned short _t ether_type;

};


ETHER: ----- Ether Header ----- ETHER: ETHER: Packet 6 arrived at 19:01:50.38 ETHER: Packet size = 97 bytes ETHER: Destination = 0:0:c:7:ac:61, Cisco ETHER: Source = 0:1:af:4:4e:fb, ETHER: Ethertype = 0800 (IP) ETHER: IP: ----- IP Header ----- IP: IP: Version = 4 IP: Header length = 20 bytes IP: Type of service = 0x00 IP: xxx. .... = 0 (precedence) IP: ...0 .... = normal delay IP: .... 0... = normal throughput IP: .... .0.. = normal reliability IP: Total length = 83 bytes IP: Identification = 40273 IP: Flags = 0x4 IP: .1.. .... = do not fragment IP: ..0. .... = last fragment IP: Fragment offset = 0 bytes IP: Time to live = 60 seconds/hops IP: Protocol = 6 (TCP) IP: Header checksum = 08ea IP: Source address = 203.8.22.89, neva-msc IP: Destination address = 173.6.10.2, 173.6.10.2 IP: No options IP:


TCP: ----- TCP Header ----- TCP: TCP: Source port = 23 TCP: Destination port = 65379 TCP: Sequence number = 4232267917 TCP: Acknowledgement number = 1875103595 TCP: Data offset = 20 bytes TCP: Flags = 0x18 TCP: ..0. .... = No urgent pointer TCP: ...1 .... = Acknowledgement TCP: .... 1... = Push TCP: .... .0.. = No reset TCP: .... ..0. = No Syn TCP: .... ...0 = No Fin TCP: Window = 24820 TCP: Checksum = 0x4392 TCP: Urgent pointer = 0 TCP: No options TCP: TELNET: ----- TELNET: ----- TELNET: TELNET: "Using device /dev/iprb (promiscuous mode)\r\n" TELNET: 0: 0000 0c07 ac61 0001 af04 4efb 0800 4500 .....a....N...E. 16: 0053 9d51 4000 3c06 08ea cb08 1659 ad06 .S.Q@.<......Y.. 32: 0a02 0017 ff63 fc43 488d 6fc3 cf6b 5018 .....c.CH.o..kP. 48: 60f4 4392 0000 5573 696e 6720 6465 7669 `.C...Using devi 64: 6365 202f 6465 762f 6970 7262 2028 7072 ce /dev/iprb (pr 80: 6f6d 6973 6375 6f75 7320 6d6f 6465 290d omiscuous mode). 96: 0a .


Each IPv4 Address is unique

•  Addresses consist of 32-bit identifiers. Internet software translates names into addresses and addresses into names; lower protocol layers always uses addresses rather than names.

•  Address encodes its network number and host number. The combination is unique: in principle, no two machines on the Internet have the same IP address.


Addresses Assignment l  Network numbers are managed by a nonprofit

corporation called ICANN (Internet Corporation for Assigned Names and Numbers) to avoid conflicts. In turn, ICANN has delegated parts of the address space to various regional authorities, which then dole out IP addresses to ISPs and other companies.

l  February 3, 2011, IDG news: l  The end of IPv4 (Internet Protocol version 4)

addresses was announced in a ceremony in Miami on Thursday morning.


Example IPv4 Addresses

•  IP address: 32-bit identifier for host, router interface

•  Interface: connection between host/router and physical link –  router’s typically

have multiple interfaces

–  host may have multiple interfaces

–  IP addresses are associated with each interface


223.1.1.1

223.1.1.2

223.1.1.3

223.1.1.4 223.1.2.9

223.1.2.2

223.1.2.1

223.1.3.2 223.1.3.1

223.1.3.27

223.1.1.1 = 11011111 00000001 00000001 00000001

223 1 1 1

Dotted Decimal Notation

l  Network addresses, which are 32-bit numbers, are usually written in dotted decimal notation. In this format, each of the 4 bytes is written in decimal, from 0 to 255. l  For example, the 32-bit hexadecimal address

C0290614 is written as 192.41.6.20. l  The lowest IP address is 0.0.0.0 and the highest

is 255.255.255.255.


IP prefix l  Each 32-bit address is comprised of a variable-length

network portion in the top bits and a host portion in the bottom bits.

l  The network portion has the same value for all hosts on a single network. This means that a network corresponds to a contiguous block of IP address space. This block is called a prefix.

l  Prefixes are written by giving the lowest IP address in the block and the size of the block. By convention, it is written after the prefix IP address as a slash followed by the length in bits of the network portion.


Example prefix and Subnet Mask


Subnet mask can be ANDed with the IP address to extract only the network portion.

IP prefix: 128.208. 0 .0 / 24 An IP prefix and a subnet mask.

Subnet Mask: 255.255.255.0

Pros and Cons for Hierarchy

l  Pros l  Routers can forward packets based on only the

network portion of the address, as long as each of the networks has a unique address block. This makes the routing table much smaller.

l  Cons l  The IP address of a host depends on where it is

located in the network. l  The hierarchy is wasteful of addresses unless it is

carefully managed. 5/19/15 [email protected] 70

Subnets (RFC 917,950) l  The solution is to allow the block of addresses to

be split into several parts for internal use as multiple networks, while still acting like a single network to the outside world.

l  This is called subnetting and the networks (such as Ethernet LANs) that result from dividing up a larger network are called subnets.


Subnetting example


Splitting an IP prefix into separate networks with subnetting.

EE: 10000000 11010000 00xxxxxx xxxxxxxx 128.208.0.0 /18 Null: 10000000 11010000 010xxxxx xxxxxxxx 128.208.64.0 /19 ART: 10000000 11010000 011xxxxx xxxxxxxx 128.208.96.0 /19 CS: 10000000 11010000 1xxxxxxx xxxxxxxx 128.208.128.0 /17

Properties of a subnet

l  ART Dept.: 128.208.96.0/19 l  Mask: 255.255.224.0 l  Subnet address: 128.208.96.0 l  Broadcast address: 128.208.127.255 l  First host address: 128.208.96.1 l  Last Host address: 128.208.127.254 l  Number of hosts: 213 - 2


Prefix:10000000 11010000 011xxxxx xxxxxxxx 128.208.96.0 /19 Mask: 11111111 11111111 11100000 00000000 255.255.224.0

Determining the subnetwork for incoming packets

l  Destined for which department? l  Match ( DEST_address && subnet_mask ) with each

department’s prefix. Mask Prefix

EE: 255.255.192.0 128.208.0.0 /18 ART: 255.255.224.0 128.208.96.0 /19

CS: 255.255.128.0 128.208.128.0 /17

Destination Address from incoming packet:128.208.2.151 EE: 128.208.2.151 && 255.255.192.0/18 = 128.208.0.0 ART: 128.208.2.151 && 255.255.224.0/19 = 128.208.0.0 CS: 128.208.2.151 && 255.255.128.0/17 = 128.208.0.0


Subnets example l  Consider two addresses 128.208.66.6/19 and

128.208.98.8/19 Are they on the same network? NO.

l  128.208.64 and 128.208.96 are distinct (sub)networks. l  When sending data to 128.208.98.8, local gateways first

route datagrams to the (sub)network 128.208.96.0 rather than 128.208.64.0

l  To the outside world, there is only a single network 128.208 5/19/15 [email protected] 75

Subnet 1: 10000000 11010000 010|00010 00000100 128.208. 64.0 Subnet 2: 10000000 11010000 011|00010 00001000 128.208. 96.0 NetMask: 11111111 11111111 111|00000 00000000

Determining the subnetwork for outgoing packets l  Destined for Local or Remote Network?

l  Extract the destination address DEST from the datagram.

l  If ( ( Network_interface_address && subnet_mask ) == ( DEST && subnet_mask ) ) l  Local Network, Send directly

l  Else l  Remote Network, Send to default router

Host Address:128.208.2.151/18, Dest:130.50.15.6 128.208.2.151 && 255.255.192.0 = 128.208.0.0

130.50.15.6 && 255.255.192.0 = 130.50.0.0 5/19/15 [email protected] 76

Routing table explosion l  Routers in ISPs and backbones in the middle of the

Internet must know which way to go to get to every network and no simple default will work. These core routers are said to be in the default-free zone of the Internet.

l  The Internet now contains millions networks. This can make a very large routing table.

l  In addition, routing algorithms require each router to exchange information about the addresses it can reach with other router. The larger the tables, the more information needs to be communicated and processed.


Route aggregation

l  To reduce routing table size l  Routers at different locations can know about a

given IP address as belonging to prefixes of different sizes.

l  So a router can combine multiple small prefixes into a single larger prefix. This process is called route aggregation (Auto Summary).

l  The resulting larger prefix is sometimes called a supernet, to contrast with subnets as the division of blocks of addresses.


CIDR – Classless InterDomain Routing (RFC 4632) l  Routing table consists of triples of

(IP address, subnet mask, outgoing line) l  When a packet comes in, its destination IP address is

first extracted. Then (conceptually) the routing table is scanned entry by entry, masking the destination address and comparing it to the table entry looking for a match.

l  It is possible that multiple entries (with different subnet mask lengths) match, in which case the longest mask is used (longest matching prefix). Thus, if there is a match for a /20 mask and a /24 mask, the /24 entry is used.


Example A set of IP address assignments.


Routing Table: Address Mask C: 11000010 00011000 00000000 00000000 11111111 11111111 11111000 00000000 E: 11000010 00011000 00001000 00000000 11111111 11111111 11111100 00000000 O: 11000010 00011000 00010000 00000000 11111111 11111111 11110000 00000000 Dest:194.24.17.4 11000010 00011000 00010001 00000100 matches Oxford network

Aggregation of IP prefixes


Aggregate entry l  When the router gets the three new entries

l  194.24.0.0 /21 194.24.00000000.0 /21 l  194.24.8.0 /22 194.24.00001000.0 /22 l  194.24.16.0/20 194.24.00010000.0 /20

l  it notices that it can combine all three entries into a single aggregate entry 194.24.0.0/19

l  Aggregation is heavily used throughout the Internet to reduce the size of the router tables.


11000010 00011000 00000000 00000000 11111111 11111111 11100000 00000000

Longest Matching Prefix l  Prefixes are allowed to overlap. The rule is that packets

are sent in the direction of the most specific route. Or the longest matching prefix that has the fewest IP addresses


Longest matching prefix routing at the New York router.

Classful Addressing


Class A : 128 networks with 16 million hosts each Class B : 16,384 networks with up to 64K hosts each Class C: 2 million networks (e.g., LANs) with up to 256 hosts each

Special IP addresses.

Special IP addresses.


Route print on Windows l  C:\>route print

IPv4 Route Table ================================================================ Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 222.31.76.254 222.31.76.155 30 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 222.31.76.0 255.255.255.0 On-link 222.31.76.155 286 222.31.76.155 255.255.255.255 On-link 222.31.76.155 286 222.31.76.255 255.255.255.255 On-link 222.31.76.155 286 ================================================================ Persistent Routes: None


Show ip route on a router


The routing table of Podres

http://sysop.com.cn/document/routing_tcp_ip_v1/toc.html

Dynamic IP Address

l  For home customers with dial-up connections, one way around the IP address problem is to dynamically assign an IP address to a computer when it calls up and logs in and take the IP address back when the session ends. l  But customers expect to be on-line continuously l  ADSL or Internet over cable services (permanent

IP address and monthly flat rate charge )


NAT – Network Address Translation (RFC 3022)

l  The basic idea behind NAT is to assign each company a single IP address (or at most, a small number of them) for Internet traffic. Within the company, every computer gets a unique IP address, which is used for routing intramural traffic. However, when a packet exits the company and goes to the ISP, an address translation takes place.


Reserved IP Ranges l  Three ranges of IP addresses have been declared

as private. Companies may use them internally as they wish. The only rule is that no packets containing these addresses may appear on the Internet itself.


10.0.0.0 – 10.255.255.255 / 8 (16,777,216 hosts) 172.16.0.0 – 172.31.255.255 / 12 (1,048,576 hosts) 192.168.0.0 – 192.168.255.255/16 (65,536 hosts)

NAT Box

Placement and operation of a NAT box. 5/19/15 [email protected] 91

“Reply” problem with NAT

l  when the reply comes back, so how does the NAT box know which address to replace it with?

l  If there were a spare field in the IP header, that field could be used to keep track of who the real sender was, but only 1 bit is still unused.

l  In principle, a new option could be created to hold the true source address, but doing so would require changing the IP code on all the machines on the entire Internet to handle the new option.


TCP/UDP ports l  most IP packets carry either TCP or UDP

payloads l  both of these have headers containing a

source port and a destination port l  The ports are 16-bit integers that indicate

where the TCP connection begins and ends. These ports provide the field needed to make NAT

work.


Source Port and Destination Port l  When a process wants to establish a TCP connection with a

remote process, it attaches itself to an unused TCP port on its own machine. This is called the source port and tells the TCP code where to send incoming packets belonging to this connection.

l  The process also supplies a destination port to tell who to give the packets to on the remote side.

l  Ports 0–1023 are reserved for well-known services. l  For example, port 80 is the port used by Web servers, so remote

clients can locate them. l  Each outgoing TCP message contains both a source port and a

destination port. l  Together, these ports serve to identify the processes using the

connection on both ends.


Mapping Source Port l  Using the Source port field, we can solve our mapping problem.

Whenever an outgoing packet enters the NAT box, the 10.x.y.z source address is replaced by the company's true IP address. In addition, the TCP Source port field is replaced by an index into the NAT box's 65,536-entry translation table.

l  This table entry contains the original IP address and the original source port.

l  Finally, both the IP and TCP header checksums are recomputed and inserted into the packet.

l  It is necessary to replace the Source port because connections from machines 10.0.0.1 and 10.0.0.2 may both happen to use port 5000, for example, so the Source port alone is not enough to identify the sending process.


An analogy of NAT

l  Imagine a company with a single main telephone number. When people call the main number, they reach an operator who asks which extension they want and then puts them through to that extension. The main number is analogous to the company's IP address and the extensions on both ends are analogous to the ports.


NAT Problems l  NAT violates the architectural model of IP. l  NAT breaks the end-to-end connectivity model of the Internet, which

says that any host can send a packet to any other host at any time. l  NAT changes the Internet from a connectionless network to a peculiar

kind of connection-oriented network. l  NAT violates the most fundamental rule of protocol layering. l  Processes on the Internet are not required to use TCP/UDP. l  Some applications use multiple TCP/IP connections or UDP ports in

prescribed ways. l  Since the TCP Source port field is 16 bits, at most 65,536 machines

can be mapped onto an IP address


IP Version 6 Goals •  Support billions of hosts •  Reduce routing table size •  Simplify protocol •  Better security •  Attention to type of service •  Aid multicasting •  Roaming host without changing address •  Allow future protocol evolution •  Permit coexistence of old, new protocols. . . 5/19/15 [email protected] 98

The Main IPv6 Header

The IPv6 fixed header (40 bytes required). 5/19/15 [email protected] 99

Fields l  Version (4 bits) : bit sequence 0110 l  Diff. Service(8 bits) l  Flow Label (20 bits)

l  Originally created for giving real-time applications special service. l  Payload Length (16 bits)

l  The size of the payload in octets, including any extension headers. The length is set to zero when a Hop-by-Hop extension header carries a Jumbo Payload option.

l  Next Header (8 bits) l  Specifies the type of the next header. This field usually specifies the transport layer protocol

used by a packet's payload. When extension headers are present in the packet this field indicates which extension header follows.

l  Hop Limit (8 bits) : Replaces the time to live field of IPv4 l  Source Address (128 bits) l  Destination Address (128 bits) 5/19/15 [email protected] 100

IPv6 Address l  An IPv6 address is represented by 8 groups of 16-bit

hexadecimal values separated by colons (:). l  For example:

2001:0db8:85a3:0000:0000:8a2e:0370:7334 l  The hexadecimal digits are case-insensitive. l  An IPv6 address can be abbreviated with the following

rules: l  Omit leading zeroes in a 16-bit value. l  Replace one group of consecutive zeroes by a double colon.

2001:db8:85a3:::8a2e:370:7334


Extension Headers

IPv6 extension headers. 5/19/15 [email protected] 102

Type 0

60 43 44 51 50

Sample Extension Headers

The hop-by-hop extension header for large datagrams (jumbograms).


Without special options, a payload must be less than 64KB. With a Jumbo Payload option (in a Hop-By-Hop Options extension header), the payload must be less than 4 GB.

Hdr Ext Len Options : TLV-coded.

Extension Headers for Routing

The extension header for routing. 5/19/15 [email protected] 104

Transition From IPv4 To IPv6 l  Not all routers can be upgraded simultaneous

•  no “flag days” •  How will the network operate with mixed IPv4 and

IPv6 routers? l  Two proposed approaches:

•  Dual Stack: some routers with dual stack (v6, v4) can “translate” between formats

•  Tunneling: IPv6 carried as payload in IPv4 datagram among IPv4 routers


Internet Control Protocols

l  ICMP l  the Internet Control Message Protocol

l  ARP l  the address Resolution Protocol

l  DHCP l  the Dynamic Host Configuration Protocol


Please refer to Lab PPTs

Label Switching and MPLS l  MPLS adds a label in front of each packet, and

forwarding is based on the label rather than on the destination address.


Transmitting a TCP segment using IP, MPLS, and PPP.

Layer 2.5 protocol

l  MPLS falls between the IP network layer protocol and the PPP link layer protocol. l  It is not really a layer 3 protocol because it

depends on IP or other network layer addresses to setup label paths.

l  It is not really a layer 2 protocol either because it forwards packets across multiple hops, not a single link.


Real protocols do not always fit neatly into our ideal layered protocol model.

IP Packet Forwarding


Forwarding an IP packet through an MPLS network

LER LSR

IGP in the Internet

l  RIP -- original Internet IGP l  Distance vector protocol based on the Bellman-Ford

algorithm inherited from the ARPANET l  It works well in small systems l  Suffered from the count-to-infinity problem and generally

slow convergence

l  Link state protocol – May 1979 l  OSPF – standardized in 1990, IETF

l  Version 2, 1998 (RFC 2328) l  IS-IS : ISO version


OSPF-Open Shortest Path First l  The requirements used when designing OSPF

included: l  Had to be "Open" - published in the literature. l  Had to support a number of "distance" metrics, including

physical length, delay, capacity, etc. l  Had to be dynamic, able to adapt to changing topologies. l  Had to support "type of service" - able to change routing

behavior based on frame characteristics. l  Had to do load balancing; able to use multiple routes rather

than one at a time. l  Had to support hierarchical systems so that no one router

needed to understand the entire flat network. l  Had to provide some kind of security.


Networks supported l  OSPF supports three kinds of networks:

1.  Point to point lines between two routers. 2.  Multiaccess networks with broadcasting (LANs). 3.  Multiaccess networks without broadcasting

(packet switched WANs ).

[Here a multiaccess network is one that has multiple routers, each of which can talk to all the other routers. This is a common LAN/WAN property.]


(a) An autonomous system

OSPF AS


The Graph representation


(b) A graph representation of (a). A serial connection between two routers is represented by a pair of arcs, one in each direction. Their weights may be different. A multiaccess network is represented by a node for the network itself plus a node for each router.

OSPF Areas l  Divides an AS into numbered areas l  Area is a network or a set of contiguous

networks. l  Areas do not overlap but need not be

exhaustive, that is, some routers may belong to no area.

l  Routers that lie wholly within an area are called internal routers.

l  An area is a generalization of a subnet. Outside an area, its topology and details are not visible.


OSPF Backbone Area

l  Every AS has a backbone area, called area 0. l  The routers in this area are called backbone

routers l  All areas are connected to the backbone l  Each router that is connected to two or more

areas is called an area border router. It must also be part of the backbone.

l  As with other areas, the topology of the backbone is not visible outside the backbone.


Stub Area l  The job of an area border router is to summarize

the destinations in one area and to inject this summary into the other areas to which it is connected.

l  If there is only one border router out of an area, even the summary does not need to be passed. Routes to destinations out of the area always start with the instruction “go to the border router”. This kind of area is called a stub area.


AS boundary router

l  It injects routes to external destinations on other ASes into the area.

l  The external routes then appear as destinations that can be reached via the AS boundary router with some cost.

l  An external route can be injected at one or more AS boundary routers.


Relation


The relation between ASes, backbones, and areas in OSPF.

Link state algorithm

l  Uses a link-state algorithm within an area. l  Each router has the same link state database

and runs the same shortest path algorithm to calculate the shortest path from itself to every other router in the area

l  Distances are calculated based on length, or other properties.


OSPF Routes

l  Three kinds of routes l  Intra-area l  Inter-area routing in 3 steps

1.  go from the source to the backbone 2.  go across the backbone to the destination area 3.  go to the destination.

l  Inter-AS


OSPF step 1 l  When a router boots, it sends HELLO messages on

all of its point-to-point lines and multicasts them on LANs to the group consisting of all the other routers. On WANs, it needs some configuration information to know who to contact. From the responses, each router learns who its neighbors are. Routers on the same LAN are all neighbors.


OSPF step 2

l  Exchanging information between adjacent routers l  To avoid having every router on a LAN talk to

every other router on the LAN, one router is elected as the designated router.

l  Designated router is said to be adjacent to all the other routers on its LAN, and exchanges information with them.


OSPF step 3 l  Link State Update

l  Each router periodically floods LINK STATE UPDATE messages to each of its adjacent routers. This message gives its state and provides the costs used in the topological database.

l  The flooding msges are acknowledged, to make them reliable.

l  Routers also send these messages when a line goes up or down or its cost changes.

l  Either partner can request link state information from the other one by using LINK STATE REQUEST msg.

l  All these msges are sent as raw IP packets 5/19/15 [email protected] 124

OSPF step 4 l  Using flooding, each router informs all the other

routers in its area of its neighbors and costs. This information allows each router to construct the graph for its area(s) and compute the shortest path. The backbone area does this too.

l  In addition, the backbone routers accept information from the area border routers in order to compute the best route from each backbone router to every other router. This information is propagated back to the area border routers, which advertise it within their areas. Using this information, a router about to send an inter-area packet can select the best exit router to the backbone.


OSPF Packet Header Format

OSPF Message Type

l  The five types of OSPF messages.

Value Type Description 1 Hello Used to discover who the neighbors are 2 Database Description Announces which updates the sender has 3 Link State Request Requests information from the partner 4 Link State Update Provides the sender’s costs to its neighbors 5 Link State Ack Acknowledges link State update


BGP – The Exterior Gateway Routing Protocol

l  BGP: Border Gateway Protocol l  BGP is the current Exterior Gateway Routing

Protocol ( EGP ) used. l  Routing between Ases (Interdomain routing). l  BGP can take into account politics, security and

economic issues.


BGP Policies l  Policies are typically manually configured into each

BGP router (or included using some kind of script). They are not part of the protocol itself

l  A few examples of routing constraints are: 1.  No commercial traffic for educational network 2.  Never put Iraq on route starting at Pentagon 3.  Choose cheaper network 4.  Choose better performing network 5.  Don’t go from Apple to Google to Apple


Routing Policies


Routing policies between four Autonomous Systems

Peering

BGP Fundamental (v4, RFC 4271) l  BGP is a form of distance vector protocol, but

quite unlike most others such as RIP. l  Policies instead of minimum distance is used l  Path vector protocol: Instead of maintaining just the

cost to each destination, each BGP router keeps track of the path used. The path consists of the next hop router and the sequence of ASes, or AS path, that the route followed.

l  Pairs of BGP routers communicate with each other by establishing TCP connections. l  Reliable communication l  Hides all the details of the network


BGP Route AD

5/19/15 [email protected] 132 Propagation of BGP route advertisements

Internet Multicasting l  IP supports one-to-many communication, or multicasting,

using class D IP addresses. l  Each class D address identifies a group of hosts. 28 bits

are available for identifying groups, so over 250 million groups can exist.

l  The range of addresses 224.0.0.0/24 is reserved for multicast on the local network. Some examples are: l  224.0.0.1 all systems on a LAN l  224.0.0.2 all routers on a LAN l  224.0.0.5 all OSPF on a LAN l  224.0.0.251 all DNS servers on a LAN


IGMP, RFC 3376 l  IGMP (Internet Group Management Protocol) is used

when a routing protocol is needed l  A process asks its host to join/leave a specific group l  Each host keeps track of which groups it’s processes

belong to. l  About once a minute, each multicast router sends a

query packet to all the hosts on its LAN(using the local multicast address of 224.0.0.1) asking them to report back on the groups to which hey currently belong.

l  Each host sends back response for all the class D addresses it is interested in.


PIM

l  Any of several multicast routing protocols may be used to build multicast spanning trees that give paths from senders to all of the members of the group

l  The main protocol that are used within an AS is PIM (Protocol Independent Multicast).


Mobile IP Goals 1.  Mobile host use home IP address anywhere. 2.  No software changes to fixed hosts 3.  No changes to router software, tables 4.  Packets for mobile hosts – restrict detours 5.  No overhead for mobile host at home.


References l  Cisco Certified Network Associate Study Guide,

6th Edition, by Todd Lammle, Wiley, 2007 l  Routing TCP/IP, Volume 1 (2nd Edition) (CCIE

Professional Development) by Jeff Doyle and Jennifer Carroll (Hardcover - Oct 19, 2005)

l  Routing TCP/IP, Volume II (CCIE Professional Development) by Jeff Doyle and Jennifer DeHaven Carroll (Hardcover - April 11, 2001)


END OF CHAPTER 5


Documents

Chapter5 IP