CMPT 371

© Janice Regan, CMPT 128, 2007-20121

CMPT 371Data Communications and Networking

Network LayerAddressing and forwarding (classful, CIDR, IPv4)

© Janice Regan, 2007-2012 2

Identifying Hosts An IP address is associated with a network interface

(for example ethernet card) attached to a host or router. A host/router with more than one network interface will

have more than one IP address. In fact a router needs more than one network interface so it can receive a packet on one interface and send it on another interface

A host is identified by one IP address. It has one interface to a single network

A multi-homed host (may or may not be a router) or a router has multiple IP addresses and usually connects to multiple networks. Each network interface connected to the

host/router has a unique IP address


Internet addresses: IPv4 32 bit global internet (IP) address is used to uniquely

identify a particular network interface connected to a particular host as a destination for communication

Globally applicable and globally unique Expressed a series of 32 binary digits

10000000 00001011 00000011 00011111 Also expressed in dotted decimal notation

Binary digits are separated into four groups of eight digits

Each group of 8 digits are translated to a decimal number

The decimal number are separated by dots (periods)

Example address above becomes 128.11.3.31


Structure of an IP address Each IP address is split into two parts

(netid, hostid) to identify the host and the network to which the host is connected

The netid (network address or prefix) identifies the network to which the host belongs.

The number of bits dedicated to the netid will determine the number of possible networks.

The hostid identifies the particular host (network interface for a multi homed host)

The number of bits dedicated to the hostid will determine the possible number of hosts on the network


Prefix notation: IP addresses To indicate the length of the prefix

associated with a particular IP address use the notation 178.23.214.0/22 ⇨ prefix with n=22

binary digits 178.23.214.0/24 ⇨ prefix with n=24

binary digits The prefix consists of the first n binary digits

of the address The prefix often indicates the netid of a

network. If it does then 232-n indicates the number of possible hosts in the network (or subnet)


Network address or Network prefix Netid (network address) non zero: hostid all 0’s

never assigned as the source or destination address of an IP packet, or as the address or a single host/router

Used in forwarding tables and documentation to refer to all hosts on a particular network

A network address is assigned to the network itself, not to an individual host or router

The network address defines the network to the rest of the internet

If an IP address has a netid corresponding to the address of a particular network then that the IP address is the address of a host on that particular network


Sample Networks

223.12.1.1

223.12.2.5

223.12.3.254

223.12.8.1

223.12.8.33

223.12.8.88

223.12.0.0/22223.12.8.0/24

223.12.11.251223.12.11.2223.12.10.21

223.12.10.0/23


“this” address Netid (network address) zero: hostid

nonzero Interpreted as hostid on “this” network

0.0.0.0 “this” host when network address is also

unknown Used only when booting a host that does

not know its own IP address (usually a diskless host)


Broadcast address Network broadcast addresses are valid only as a

destination directed broadcast: broadcast to all stations on the local

network from anywhere reached by the internet netid is network address for the network hostid all 1’s A security risk for denial of service attacks, by default directed

broadcast is disabled limited broadcast or local network broadcast:

broadcast to all stations on the local network from within that local network netid and hostid all 1’s. May be used when node starts to establish its IP address

© Janice Regan, 2007-2012 10

Loopback address Address used to send packets from one

process to another through the local interface within a host Packets sent to the loopback address will not

leave the local host, they will never be sent onto any network

Packets sent to the loopback address will pass through the local interface (lo)

Available loopback addresses 127.0.0.0 to 127.255.255.254, usually use 127.0.0.1

© Janice Regan, 2007-2012 11

Private or Non-Routable addresses Some addresses are reserved for use on local networks

that are not connected to the Internet Routers do not consider these addresses to be valid

Internet addresses, and will not route a packet to any of them

These addresses may be used on private internets not directly connected to the Internet.

10.0.0.0/8 10.0.0.0 to 10.255.255.255 172.16.0.0/12 172.16.0.0 to 172.31.255.255 192.168.0.0/16 192.168.0.0 to 192.168.255.255

© Janice Regan, 2007-2012 12

Allocating addresses to networks Have considered some addresses reserved for

particular purposes. How are the remainder of the addresses in the IP

address space allocated to networks? Originally, the IPv4 protocol originally separated

addresses into different classes, allowing for particular numbers of networks in each class. The addressing was know as classful addressing

Later, when the number of networks began to exceed the available network addresses an extended solution was needed. The solutions implemented were Long term solution: new version of the IP protocol IPv6 Short term solution classless addressing or CIDR

© Janice Regan, 2007-2012 13

Classful addressing

© Janice Regan, 2007-2012 14

Classful Addressing: forwarding The original forwarding algorithms depended on each

network having a network address that was either a Class A, B, C, D, or E address.

Each network would have one entry in the forwarding table of each router. The entry would indicate the network address of the destination

network and the interface on the present router through which the packet should be sent to reach that destination network.

The incoming packets destination address would be compared to all entries (of the correct class) in the forwarding table to determine the correct forwarding table entry and hence the interface through which the packet should be forwarded

© Janice Regan, 2007-2012 15

Why Subnets? Large networks were difficult to administer and needed

some internal structure to simplify their administration. Allow arbitrary complexity of internetworked LANs within

organization (with same external netid) Many LANs all with the same external netid Each LAN with its own local subnetid

Insulate overall internet from growth of network numbers and routing complexity Site looks like a single network to rest of the internet

© Janice Regan, 2007-2012 16

How to use Subnet Masks A site (with 1 or more routers connecting it to the internet)

using a single netid has several local LANs. The site administrator must decide how many LANs are/ may be

needed within the installation (the single netid). If M LANs are needed then choose N such that M<2N-2

Each LAN assigned subnet id between 1 and M, this is added to the network address to give the subnet address

Host portion of address partitioned into subnet number and host number, The N higher order bits are the subnet number.

Local routers route within subnetted network Subnet mask indicates which bits are subnet number and

which are host number

© Janice Regan, 2007-2012 17

Subnetting: Example

133.12.168.33

133.12.160.0/19

133.12.0.0/16

Internet

133.12.128.0/19

133.12.64.0/19

133.12.159.252133.12.138.23133.12.128.21

133.12.66.1 133.12.75.52 133.12.94.25

133.12.191.254133.12.162.29

© Janice Regan, 2007-2012 18

Subnetting example (1) The site illustrated has one router connecting it to the

internet. The netid of that router as seen from the internet is a class

B network address, 133.12.0.0/24 The local network behind the router consists of several

different internal networks The site administrator for these networks must decide how many

subnets are / may be needed within the installation (the single netid).

For this example up to 6 networks are needed 6 LANs, choose N such that 6<2N , N=3, M=2N=8 First 3 of the 16 bits available for hostid will be used to indicate

which subnet the host belongs to leaving 13 bits for the hostid

© Janice Regan, 2007-2012 19

Subnetting example (2) Each LAN assigned subnet id between 1 and M=8, this is

added to the network address to give the subnet address The three subnets illustrated are

Subnet 2, (64, binary 01000000), 133.12.64.0-133.12.95.255 Subnet 4 (128, binary 10000000), 133.12.128.0-133.12.159.255 Subnet 5 (160, binary 10100000), 133.12.160.0-133.12.191.255

Host portion of address partitioned into subnet number and host number, The 3 highest order bits are the subnet number, the remaining 13 bits are for the host id (5 bits in the octet shown above plus the 8 bits in the final octet)

© Janice Regan, 2007-2012 20

Subnetting example (3) Subnet mask indicates which bits are

subnet number and which are host number, for this example the subnet mask will be

11111111 11111111 11100000 00000000

The local router will use the subnet mask to determine which subnet an incoming packet is destined for

Subnet mask255.255.224.0

Host id

net mask 255.255.0.0

© Janice Regan, 2007-2012 21

Using network masks Consider that the packet to be forwarded has IP

address 133.12.138.23 10000101 00001100 10001010 00010111

The netmask of the network is 255.255.224.0 11111111 11111111 00000000 00000000

AND IP address and netmask to give Netid 133.12.0.0

© Janice Regan, 2007-2012 22

Using subnet masks Network 133.12.0.0 is broken into smaller subnets by

the adminstrator for that network The adminstrator for 133.12.0.0 defines a Subnet mask

255.255.224.0 11111111 11111111 11100000 00000000 Masks 3 additional bits to create 23=8

subnets AND with IP address to give subnetwork

address 133.12.128.0 The final 13 bits are reserved for hostid on

each subnet Out example IP has hostid 01010 00010111

Subnetting The subnet address of the zero subnet (subnet

id all zero) is the same as the network address for the entire network.

The broadcast address of the all 1’s subnet (subnet id all zero) is the same as the broadcast address of the entire network

For many years these networks were not used to avoid these ambiguities.

They can be used in most cases

© Janice Regan, 2007-2012 23

© Janice Regan, 2007-2012 24

Problems with classful Large networks were difficult to administer and needed some

internal structure to simplify their administration. (solution subnetting)

With the explosive growth of the Internet Class B networks were in short supply. Many organizations wanted more addresses than a class C

address could supply but not as many as a class B address would give.

Giving multiple class C addresses was one solution but it had its own problems, increasing the load on the network due to routing (one table entry for each class C network)

Short term solution CIDR, NAT long term solution IPv6

© Janice Regan, 2007-2012 25

Classless InterDomain Routing CIDR (also called supernetting) Permits allocation of the

remaining IP addresses in blocks more closely matched to user needs (any prefix not just 8, 16, 24)

Makes forwarding algorithms more complex (cannot sort by class to simplify forwarding, to many prefixes)

Addresses are allocated based on a base address and a prefix, for example 202.25.8.0/22 202.25.8.0 is the first allocated address or the network address The prefix indicates the netmask. A prefix of 22 indicates 22 1’s

followed by 10 (32-22) 11111111 11111111 11111100 00000000,

© Janice Regan, 2007-2012 26

CIDR: Example for EngCO EngCO has been allocated a block of addresses

196.74.0.0/17 (2(32-17)=32768 addresses)

196.74.4.0 to 196.74.127.255 The subnets EngCO has already allocated are196.74.32.0 to 196.74.35.255 (196.74.32.0/22) 232-22 =1024 addresses, netmask 255.255.252.0 (22 1 bits)196.74.16.0 to 196.74.23.255 (196.74.16.0/21) 232-21 =2048 addresses, netmask 255.255.248.0 (21 1 bits)196.74.48.0 to 196.74.63.255 (196.74.48.0/20) 232-20=4096 addresses, netmask 255.255.240.0 (20 1 bits)

Addresses for hosts Consider the network 196.74.48.0/20

232-20=4096 addresses Netmask 255.255.240.0 (20 1 bits) Addresses 196.74.48.0 to 196.74.63.255 Network address 196.74.48.0 cannot be used for a

host because it is the network address Network broadcast address is 196.74.63.255, so this

address cannot be used for a host So only 232-20 - 2=4096-2=4094 addresses can be

used for hosts

© Janice Regan, 2007-2012 27

© Janice Regan, 2007-2012 28

Allocated / available space 0 indicates address 196.74.0.0 12 indicates address 196.74.12.0

10240 4 8 12 16 20 24 28 32 36 40 44 48

02048

4096

1024

52 56 60 64

2048

4096

196.74.16.0/21

196.74.32.0/22

196.74. 48.0/20

0 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60 64

0 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60 64

The network address must fall on a 2N boundary where 32-N is the prefix of the network.

© Janice Regan, 2007-2012 29

EngCo’s networks To Internet

To Internet

Router0

196.74.16.0/21

196.74.32.0/22 196.74.48.0/20

196.74.0.0/18

eth3

eth0

eth1eth2

30© Janice Regan, 2007-2012

A sample forwarding table: Router 0

Network address Gateway Genmask Metric Iface196.74.16.0 * 255.255.248.0 0 Eth2196.74.32.0 * 255.255.252.0 0 Eth1196.74.48.0 * 255.255.240.0 0 Eth30.0.0.0 * 0.0.0.0 0 Eth0

© Janice Regan, 2007-2012 31

Hierarchical addressing: 1 CIDR is a hierarchical addressing

approach Groups of networks can be aggregated to

appear as a single network to more distant routers

Entries that appear to be a single network to a particular router may in fact be aggregations of many smaller networks

© Janice Regan, 2007-2012 32

Hierarchical addressing: 2 CIDR (RFC 1518, 1519)

Points out that CIDR replaces both sub and super netting, so long as addresses are assigned in blocks with size equal to an integer power of 2 network and host portions are readily separated with a mask

IANA (the organization in charge of administering distribution of IP addresses) has three regional registries ARIN: North America RIPE: Europe APNIC: Asia LACNIC: South America

Each of these registries was given a large block of addresses

© Janice Regan, 2007-2012 33

Hierarchical addressing: 3 Each of the regional registries grants

blocks of addresses to each country in its region

Each country may grant addresses on a regional basis within the country

Each country or region of a country will grant addresses to large IP providers and or companies for their networks

These providers or companies apportion addresses to their users

34© Janice Regan, 2007-2012

A sample forwarding table: Router 0

Routers outside EngCo will see the networks EngCo’s networks as a single network.

To reach EngCo they may have a single entry for Destination 196.74.0.0 with netmask 255.255.192.0 and gateway set to the address of the router that sits between ABCEngCo’s networks and the internet.(router 0)

More distant routers may aggregate this entry with others to form a single entry

Destination Gateway Genmask Metric Iface196.74.16.0 * 255.255.248.0 0 Eth2196.74.32.0 * 255.255.252.0 0 Eth1196.74.48.0 * 255.255.240.0 0 Eth30.0.0.0 * 0.0.0.0 0 Eth0

© Janice Regan, 2007-2012 35

EngCo’s networks To Internet

To Internet

Router0

196.74.16.0/21

196.74.32.0/22 196.74.48.0/20

196.74.0.0/18

eth3

eth0

eth1eth2

Router1

© Janice Regan, 2007-2012 36

Aggregation of networks 64*256=16384=232-14 196.74.0.0/18

10240 4 8 12 16 20 24 28 32 36 40 44 48

1024

52 56 60 64

196.74.16.0/21 196.74.32.0/22 196.74. 48.0/20

10240 4 8 12 16 20 24 28 32 36 40 44 48

1024

52 56 60 64

196.74.0.0/18

© Janice Regan, 2007-2012 37

CIDR: Routing and aggregation In order to reduce the size of forwarding tables

aggregation is used. Networks in a given region/location are aggregated into a larger network for the purpose of forwarding.

The three networks at EngCo might be aggregated into one router table entry

196.74.0.0/18 in routers (like router 1) outside of EngCo

In more distant routers the above entry might be aggregated into a still larger single entry, for example

196.0.0.0/8

© Janice Regan, 2007-2012 38

The IPv4 forwarding algorithm

1. Extract the IP destination address from the packet2. For each forwarding table entry use the mask

(bitwise AND the mask with the destination IP address) to extract the prefix from the destination address and compare it to the prefix in the table. Remember any entries that match

3. Choose the matching entry with the longest prefix match

4. If there is no match send a routing error back to the source

Forwarding example Consider that router A has the forwarding table on the

next slide. A packet with IP destination address 198.53.2.7

arrives at the router A For each entry (row) in the forwarding table

bitwise AND the destination address with the netmask Compare the result to the network address in that row If they match remember that the row matched

© Janice Regan, 2007-2012 39

© Janice Regan, 2007-2012 40

A sample IPv4 forwarding table

Network address Gateway netmask Metric Iface

198.53.147.0 198.53.1.254 255.255.255.0 1 Eth0

198.16.28.0 * 255.255.252.0 0 Eth0

198.16.24.0 * 255.255.240.0 0 Eth1

198.55.0.0 198.55.1.2 255.255.192.0 1 Eth0

127.0.0.0 * 255.0.0.0 0 Lo

0.0.0.0 198.251.1.1 0.0.0.0 0 Eth2

ROUTER A

© Janice Regan, 2007-2012 41

Using a netmask to extract netid Destination IP address 198.55.2.7 converted to binary

11000110 00110101 00000010 00000111 Netmask of first row 255.255.255.0 converted to binary

11111111 11111111 11111111 00000000 AND IP address and Netmask

11000110 00110111 00000010 0000011111111111 11111111 11111111 0000000011000110 00110111 00000010 00000000

Convert result of and to dotted decimal to get the network address 198.55.2.0 does not match network address in the forwarding table entry

© Janice Regan, 2007-2012 42

Using a netmask to extract netid Repeat for each successive row, no match until row 4 Netmask of 4th row 255.255.192.0 converted to binary

11111111 11111111 11000000 00000000 AND IP address and Netmask

11000110 00110101 00000010 0000011111111111 11111111 11000000 0000000011000110 00110101 00000000 00000000

Convert result of and to dotted decimal to get the network address 198.55.0.0 matches the network address in the forwarding table entry

No more matches after row 4

Forwarding: using chosen entry Once a particular entry (row) in the forwarding

table has been selected Extract the gateway address for the entry, 198.55.1.2,

this is the address of the next host/router along the path to the destination. This Ethernet address of this host/router will be the next hop destination of the Ethernet packet containing this IP datagram.

Extract the interface, ETH0, this tells the IP stack which interface (Ethernet card) to send the IP datagram through to reach the next hop gateway or destination

© Janice Regan, 2007-2012 43

A second example: same table The next packet has an IP destination address

196.16.30.138 AND this IP destination address with the mask

in row 2 and you will get the network address in row 2

AND this IP destination address with the mask in row 3 and you will get the network address in row 3

WHAT HAPPENS WHEN 2 ROWS MATCH?

© Janice Regan, 2007-2012 44

Second Example: longest match WHAT HAPPENS WHEN 2 ROWS MATCH? Consider each of the matching entries.

Determine how many bits of the destination IP match the network address of each matching forwarding table entry.

For row 2 mask is 255.255.252.0, or 22 matching digits For row 3 mask is 255.255.240.0, or 20 matching digits Choose the entry with the “longest” match, that is the longest

mask. Choose row 2. To optimize the process, entries in the forwarding table are placed

in order, starting with the longest masks and continuing with successively shorter matches.

Ordering the entries means the first matching entry is the “longest” match

© Janice Regan, 2007-2012 45

Historic network: aggregation Some blocks of addresses were allocated using classfull

addressing Consider a block of addresses that was allocated to company B

Assume that for CIDR these addresses indicate that Company B is in Canada

But Company B is actually in Europe Company B received its block of addresses when classfull

addressing was being used. Of course Company B does not want to change it address block Company B’s address block 196.74.4.0/22 falls within the

address block 196.74.0.0/17 EngCo’s allocation was actually 196.74.0.0/17 except for

196.74.4.0/22© Janice Regan, 2007-2012 46

© Janice Regan, 2007-2012 47

Return: Aggregation of networks 64*256=16384=232-14 196.74.0.0/18

10240 4 8 12 16 20 24 28 32 36 40 44 48

1024

52 56 60 64

196.74.16.0/21 196.74.32.0/22 196.74. 48.0/20

10240 4 8 12 16 20 24 28 32 36 40 44 48

1024

52 56 60 64

196.74.0.0/18

Company B’s block of addresses

© Janice Regan, 2007-2012 48

CIDR: Routing and aggregation The three networks at EngCo might be aggregated into

one forwarding table entry 196.74.0.0/18 in routers (like router 1) outside of EngCo

But company B’s allocation is inside this aggregated block

How can we use the aggregated range if it contains other networks?

© Janice Regan, 2007-2012 49

CIDR: Routing and aggregation What entries do we need in the forwarding table so that

company B gets its segments EngCo gets only the segments addressed to it

Need two entries One entry for Company B, one entry for EngCo Company B’s entry has a “longer” match A packet to company B matches both entries, but will be forwarded

using the entry with the “longer” match (company B) A packet to company A will match only EngCo’s aggregated entry

Network address

Gateway netmask Metric Iface

196.74.4.0 198.74.41 255.255.252.0 0 Eth0198.74.0.0 * 255.255.240.0 0 Eth1

Allocating assigned block When a user or organization is assigned a block

of IP addresses how are those addresses assigned to the hosts and networks that are part of that organization. Can be assigned manually and permanently using

static routing Can be assigned dynamically, address given to a

particular host for a particular length of time using DHCP (Dynamic Host Configuration Protocol)

© Janice Regan, 2007-2012 50

DHCP The System Administrator can configure how addresses

from the allocated address blocks are assigned to hosts Addresses can be divided into blocks for smaller sub-

networks within the site being administered Each sub-network can be give a range of addresses

A host in the sub-network can be configured to request an address DHCP can give a lease on an address (reply to the request). A

lease grants use of an address for a specified period of time. Later the host can request to extend the lease if necessary Alternately a host can be configured to use a specific address

permanently (a static address)

© Janice Regan, 2007-2012 51

Initial configuration: transitions 1

© Janice Regan, 2007-2012 52

Select Initialize

RequestBound

Broadcast DCHPDISCOVER

Receive DHCPOFFER

Select OfferBroadcast DHCPREQUEST

Receive DHCPACK

Receive DHCPNACKOr Lease Expires

© Janice Regan, 2006 53

Initial configuration: 1 A DHPDISCOVER message is broadcast so it reaches

all DHCP servers on the attached network (or that can be reached through a DHCP relay client) IP: source address 0.0.0.0 (host does not yet

know it’s IP address), IP destination address (local broadcast)

255.255.255.255 UDP : source port 68, destination port 67 Your address (yiaddr) 0.0.0.0, not yet

assigned Transaction ID 1234 (identifies exchange)


© Janice Regan, 2007-2012 54

Select Initialize

RequestBound


Receive DHCPOFFER


Receive DHCPACK



Initial configuration: 2 Each DHCP server on the local network (or reached

through a DHCP relay client) finds an IP address and offers that address to the host in a DHCPOFFER message your address is set to the offered IP address IP: source address is the address of the replying

server IP: destination address is the new your

address (the address offered to the host requesting an address)

UDP : source port 67, destination port 68 Transaction ID 1234 (matches

DHCPDISCOVER) Proposed lease time for provided IP address


© Janice Regan, 2007-2012 56

Select Initialize

RequestBound


Receive DHCPOFFER


Receive DHCPACK



Initial configuration: 3 The client chooses a server from received offer messages (usually

takes the first) The client broadcasts a DHCPREQUEST including

The your IP address offered by the chosen server The least time suggested by the chosen server A new transaction ID ( for the exchange beginning with this

datagram say 1125 Destination IP address and port (67) of the server chosen Source IP address 0.0.0.0 (still haven’t confirmed the IP

address that has been offered) and port (68) Other servers (whose offers were not chosen) receive the

DHCPREQUEST and then know that they have not been chosen and can release the IP address they offered back to the pool of addresses that can be offered by the server..


© Janice Regan, 2007-2012 58

Select Initialize

RequestBound


Receive DHCPOFFER


Receive DHCPACK



Initial configuration: 4 The chosen server receives the DHCPREQUEST and

knows the client has chosen the IP address it offered The chosen server places the address and configuration

information into its database and replies to the client with a DHCPACK containing the following information The lifetime of the lease The transaction id (matches id of the

DHCPREQUEST) The destination IP (IP of the chosen DHCP

server) and port (68) The source IP address (just assigned) and

port (67)

Documents

CMPT 371