Upload
phungdung
View
218
Download
0
Embed Size (px)
Citation preview
G Fairhurst, http://www.erg.abdn.ac.ukTheInternetProtocolSuite
The Network Layer (IP)
The Interface Layers (e.g. Ethernet)
Routing between networks
Transport (TCP, UDP, and applications)
G Fairhurst, http://www.erg.abdn.ac.ukWhat is the Internet?
1969 Start of Internet project1983 ! 214 hosts (50 in Arpanet ; 164 in MilNet)1990! 200,000 hosts (start of “Internet”)1995! 7 M hosts (30 M users)1997 22.5 M hosts (50 M users)2004 250 M hosts (798 M users ; 1/6 world population)2008 ???
One current estimate:! 2,300 M Telephones! 1,340 M Mobile phones ! 600 M PCs
Time to get a market of 50 Million People: Radio took 38 years TV took 13 years The Internet took 4 years
– Once opened to the general public
G Fairhurst, http://www.erg.abdn.ac.ukCommercial worth of Internet
Statistics from the IITF Report released on April 15, 1998 The Emerging Digital Economyhttp://www.ecommerce.gov/emerging.htm
InternetProtocol
Transport
Transport
Applications
Physical Layer
Links
Middleware
G Fairhurst, http://www.erg.abdn.ac.ukInternet Protocol Stack
G Fairhurst, http://www.erg.abdn.ac.ukIP Protocol Stack
IP
IP under everything emailwebVoIP
TVoIP
chatirc
ftp
IP on everythingEthernetFibre 3G
G Fairhurst, http://www.erg.abdn.ac.ukThe Power of IP
Layering of ProtocolsEnd-to-End Principle! decouple transmission from application! networks (IS) do not care what they carry! hosts (ES) do not care how it gets thereIP-hosts can control how they use the network
Profound impact on regulation
FTP
Ethernetdriver
server
FTP
Ethernetdriver
client
Middleware
IP
Enet Enet
InternetProtocol
Transport
Transport
Applications
Physical Layer
Links
“above the wire and below the application”
Middleware
G Fairhurst, http://www.erg.abdn.ac.ukSome Internet Players People expect Internet connectivity
“By the year 2016, no one under the age of forty will remember a world without personal computer. The
average twenty year old will find it hard to imagine a time when there wasn't any email to check or Web
sites to visit.”– George Christian, 2006.
G Fairhurst, http://www.erg.abdn.ac.uk
0
10000
20000
30000
40000
2008 2009 2010 2011 2012 2013
Web/EmailFile SharingInternet GamingInternet VoiceInternet Video to PCInternet Video to TVAmbient Video (webcams)
G Fairhurst, http://www.erg.abdn.ac.uk
Video/Multimedia is Important!
G Fairhurst, http://www.erg.abdn.ac.uk
IP AppliancesG Fairhurst, http://www.erg.abdn.ac.uk
InternetProtocol
The Connection-Less Network Service
The 20 byte IP Packet Header
IP Network Layer Addresses
Name Resolution (name to IP Address)
G Fairhurst, http://www.erg.abdn.ac.ukMessages (large blocks of data) are split into smaller pieces, called “Packets”
Each packet (PDU) has:
A header (known as the PCI)! Well-defined format! Destination address , source address, type, ...
A payload (known as the SDU)! A piece of the data to be communicated
IP Packets
139.133.1.2 139.133.1.3 139.133.10.7
139.133.204.18
Internet AddressesG Fairhurst, http://www.erg.abdn.ac.uk
129.23.5.9 Addresses of End SystemsG Fairhurst, http://www.erg.abdn.ac.uk
0 15 16 31
data
options (if any)32-bit destination IP address
32-bit source IP address16-bit header checksum
13-bit fragment offsetflags16-bit total length ToS/DSCPIHL4
16-bit identificationTTL protocol
20 bytes
IP Header
RFC 791
G Fairhurst, http://www.erg.abdn.ac.ukArranged in four levels:! Core Routers (No user networks connected)! Distribution Routers (Regional networks)! Access Routers (Internet Service Providers)! Home / Corporate networks
Internet Architecture
Name Resolution Name and Addresses
Flat v. Hierarchical Structures
The DNS
Mail to: [email protected]
I need to send to:abdn.ac.uk
139.133.1.2 139.133.1.3 139.133.10.7
139.133.204.18
Internet AddressesG Fairhurst, http://www.erg.abdn.ac.uk
G Fairhurst
Organisation of Names and Addresses
There are two ways of identifying a computer, using: ! A name! A network address
Names and addresses may be organised using:! A flat structure! A hierarchical structure
Organisation of names and addresses
G Fairhurst
Flat Structure
National Insurance Number
NZ 341865 B
Batch of numbersallocated to an officeSerial number
Number indicates issuingoffice and nothing aboutindividual
Flat StructureG Fairhurst
Lon171
Abdn1224
27 49
2201
Man1212
root
The Telephone Numbering System
Albania355
UK44
Uganda256
USA1
Zim263
2497
Country
Area
Exchange
Subscriber Line
ITU E.164
ITU Telephone Numbering System
bbc abdn ed
www erg cs
geographic domains generic domains
ukus edu org com
ieeeacco
The Domain name Service TreeG Fairhurst, http://www.erg.abdn.ac.uk
G Fairhurst
Hierarchical! ! ! ! ! ! Flat
Easy to remember! ! ! ! Difficult to remember
Abbreviated name possible! No unique abbreviations
Easy to find location of name! Only uniquely identifies
Difficult to change location!! Easy to change location
Locally administer names! ! Names allocated centrally
Flat v Hierarchical Structure
e.g. telephone no.PostcodeIP name (DNS)
e.g. social security no.IP address
Flat v Hierarchical Structure Internet Email
Mail to: [email protected]
I need to send to:abdn.ac.uk
139.133.1.2 139.133.1.3 139.133.10.7
139.133.204.18
G Fairhurst, http://www.erg.abdn.ac.ukEvolution of the DNS
Most systems still also have a “/etc/hosts”and some also use a LAN name server
A single file ! /etc/hosts (in unix) ! entered by person setting-up computer
A central file (at internic.arpa)! downloaded to /etc/hosts (using ftp)
A distributed database ! clients send a request (query) ! a dns sends a response (resolution)
G Fairhurst, http://www.erg.abdn.ac.uk
client needs to resolve a “name” to an “address”to communicate to destination
DNSServer
DNS StubResolver
DNS StackG Fairhurst, http://www.erg.abdn.ac.uk
Internet Email: dns query
Mail to: [email protected] need to send to:abdn.ac.uk
139.133.1.2
139.133.204.18dns stub resolver
“abdn.ac.uk”is 139.133.204.18
G Fairhurst, http://www.erg.abdn.ac.uk
local dns server
Internet Email: dns response
I need to send to:abdn.ac.uk
139.133.1.2
139.133.204.18dns stub resolver
“abdn.ac.uk”is 139.133.204.18
G Fairhurst, http://www.erg.abdn.ac.uk
local dns server
Sending the Email
Mail to: [email protected]
139.133.1.2
139.133.204.18dns stub resolver
local dns server
Mail to:139.133.204.18
G Fairhurst, http://www.erg.abdn.ac.ukRecursive Lookup
I need to send to:abdn.ac.uk
139.133.204.18dns stub resolver
local dns server
“abdn.ac.uk”is Y
“abdn.ac.uk”is 139.133.204.18
G Fairhurst, http://www.erg.abdn.ac.ukRecursion asks server to do what is needed to resolve
(recursion-bit set)
“uk.ac”is X
(referrals without recursion-bit set)“uk”is W
DNS Client Cache
DNS Client Request
Cache entryout of date?
In Local Cache? No
Yes
No
Yes
Use cachedvalue
Fetch value fromDNS server
Store in Cache
DNS Client Cache
DNS Cache
I need to send to:abdn.ac.uk
139.133.204.18dns stub resolver
dns cache“abdn.ac.uk”is 139.133.204.18
G Fairhurst, http://www.erg.abdn.ac.uk
dns cache“abdn.ac.uk”is 139.133.204.18
local dns server
DNS Records have various types:
MX records used for Mail Exchange
mail.abdn.ac.uk 3600 IN MX 500 backup.abdn.ac.ukmail.abdn.ac.uk 3600 IN MX 5 mailserver.abdn.ac.ukmail.abdn.ac.uk 3600 IN MX 10 mailserver1.abdn.ac.uk
Email uses the lowest numbered reachable mail server
Other formats also use the DNS:
http://www.abdn.ac.ukftp://ftp.abdn.ac.uksip://[email protected]
DNS RecordsG Fairhurst, http://www.erg.abdn.ac.uk
Browser/Application sends name to resolver (DNS client)Resolver checks own cache (local files, etc)If not resolved, contacts DNS Server
(resolver knows this IP address)If not resolved, contacts root DNS server (.)
May redirect to other server(s)Resolver given 1 or more addresses
(resolver caches the answer for some time)Browser/Application given lowest numbered server
DNS ResolutionG Fairhurst, http://www.erg.abdn.ac.uk
G Fairhurst
A name is a symbol - designed for human readingAn address is a data structure understood by a networkOrganisation may be hierarchical or flat
A name server provides a service to change betweennetwork addresses and network names
To know who's who on the Internet a computer must know the address of a name server
Naming & Addressing - SummaryNaming & Addressing: SummaryG Fairhurst, http://www.erg.abdn.ac.uk
Interface Layers (L1 & L2)
Encapsulation for Ethernet
Address Resolution Protocol (arp)
G Fairhurst, http://www.erg.abdn.ac.uk
Addresses allocated to network as an address block! e.g. Aberdeen University allocated 139.133.x.x
Each System (ES or IS):! One (or more) unique IP address per NIC ! All addresses start with the same address prefix! e.g. 139.133.1.5, 139.133.208.1
IP LANsG Fairhurst, http://www.erg.abdn.ac.uk
G Fairhurst, http://www.erg.abdn.ac.uk
Operating SystemKernel
le0 le1 lo0
EthernetDriver
Loop-BackDriver
EthernetController
EthernetController
UniqueInterface
Name
InterfaceSoftware
Physical Layer
Hardware
Network Layer
IP Interfaces
IP address 1 IP address 2
IP address 3
G Fairhurst, http://www.erg.abdn.ac.uk
Sometimes a host doesnʼt know its IP address Quite common for dial-up, ADSL, etc ....
Internet Service Provider allocates an IP address (or pool of IP addresses)
Hosts request an IP address using DHCP (Dynamic Host Configuration Protocol)Send their MAC address, receive an IP address
Addresses may be loaned (for some time)or static assigned to a specific MAC address
Dynamic Host Configuration ProtocolG Fairhurst, http://www.erg.abdn.ac.uk
Addresses allocated to network as an address block! e.g. Aberdeen University allocated 139.133.x.x/16! i.e. addresses start with the same address prefix! e.g. 139.133.1.5, 139.133.208.1
Each System (ES or IS):! One (or more) unique IP address per NIC
IP Address AllocationG Fairhurst, http://www.erg.abdn.ac.uk
G Fairhurst, http://www.erg.abdn.ac.uk
What happens if you join a new network?! Could configure IP address by hand
... but in practice need a better way
! DHCP allows this to be done automatically
Senders know:! MAC source address (may look in NIC ROM)Senders use DHCP to find their own IP addresses
This is automatic when end system connects to LAN
DHCP ServerG Fairhurst, http://www.erg.abdn.ac.uk
DHCP Example
Unicast:Client requests use
of the address
Unicast:DHCP serversends an offer
with details andan IP address to use
DHCPServerClient
Broadcast:Client sends
DHCP discoverwith own
MAC address
Unicast:DHCP serveracknowledges
request and providesa lease for some period
G Fairhurst, http://www.erg.abdn.ac.uk
Clients broadcast to LAN to Discover DHCP server- includes own MAC address & “Magic Cookie”
One or more DHCP Server responds with a DHCP Offer:IP address that may be used;IP Subnet mask; IP address of default router; IP address of DNS server; IP address of DHCP server;“Magic Cookie” - nonce to identify request at server
Client responds to ONE server with a DHCP Request
Server responds with a DHCP AcknowledgmentValue used only for a specified period (lease interval)
DHCP Protocol
G Fairhurst, http://www.erg.abdn.ac.uk
PayloadPAD
MACCRC
MACSource
6B 4B
MACDestination
MACType
2) Insert own MAC address (from PROM)1) Insert MAC address of destination (use arp)
3) Insert payload type code (0x800 for IP)4) Insert up to 1500 B payload (e.g. IP packet)
7) Prefix 8B preamble (including SFD)
5) Add padding if frame less than 60B (excl CRC)6) Calculate 32 bit CRC over the frame (signature)
Ethernet MAC Frame
6B 2B
G Fairhurst, http://www.erg.abdn.ac.uk
MTU! Largest IP datagram (packet) which may be sent
IP packet (datagram) size 68-65535 B! Typically 1500B today using IPv4! Min MTU 1280 B using IPv6 [RFC 2460]
Fragmentation provided by senderLarger transport packets are fragmented to MTU.
Maximum Transfer Unit (MTU)
IP Datagram
MTU
MediumAccessControl
Transmission Control
Framing
IP
L1 (PL)
L2 (DL)
L3 (NL)
ARP
Other NL
G Fairhurst, http://www.erg.abdn.ac.ukIP Interfaces
ARP needed to set the destination MAC address
G Fairhurst, http://www.erg.abdn.ac.uk
All systems connected to the Internet have a unique IP address
Systems know (or find out from DHCP) their IP address
Systems know the IP address of the destination(or find it out from the DNS)
Systems know their own MAC address(or can look in the NIC ROM)
No obvious way of determining destination MAC address - We will call the Next Hop IP address the Target-IP
Address Resolution Protocol (arp)G Fairhurst, http://www.erg.abdn.ac.uk
A B C
Where is C?
Broadcast: Who is C?
Unicast: I am Cmy addressis XXXXXX
ARP Request (send A -> C)
Not me,ignore thequery
arpmessage Padding Ethernet
CRCEthernetheader
14B 28B 4B18B
Ether Type = 0x806
Target IP
A has a packet to send to C
G Fairhurst, http://www.erg.abdn.ac.ukARP Example
Broadcast:arp who-is target-ip tell me Unicast:
arp target-ip is 08:00:20:1b:d4:90Unicast:
Application storedIP packet sent
with target MAC address
Application sends
Target IPQuerier
IP
ARP triggered,packet stored
G Fairhurst, http://www.erg.abdn.ac.uk0 15 16 318
Hardware Type Protocol TypeHLEN PLEN Operation
Sender HA (octets 0-3)Sender HA (octets 4-5) Sender IP (octets 0-1)
Sender !P (octets 2-3) Target HA (octets 0-1)Target HA (octets 2-5)Target !P (octets 0-3)
operation! ! message
! 1! ! ARP request! 2! ! ARP reply! [3! ! RARP request - ignore this]! [4! ! RARP reply - ignore this]
ARP/RARP Packet
RFC 826
Ether Type = 0x806
G Fairhurst, http://www.erg.abdn.ac.uk
otherprotocolsN
IP inputIP output
demuxEthernet
frame type
ARP
dest =
local IP?
destinationin arp cache?
Y
Y
NN
dest =
broadcast?
Ycopy
loopback
Ethernet
Ethernet Driver
Ether Type = 0x806Ether Type
= 0x800
Ether Type = 0x800
Ether Type = 0x806
Packetsstored awaitingarp cache entry
G Fairhurst, http://www.erg.abdn.ac.uk
Where are my friends?
32 bit IP target address
ARP/DHCP Packet32 bit
IP source address
Who am I?
48 bit Ether hardware address
48 bit Ether hardware address
RFC 2131
G Fairhurst, http://www.erg.abdn.ac.uk
ARP: ----- ARP/RARP Frame -----ARP: Hardware type = 1ARP: Protocol type =0x0800 (IP)ARP: Length of hardware address = 6 bytesARP: Length of protocol address = 4 bytesARP: Opcode 0x0001 (ARP Request)ARP: Sender's hardware address = 8:0:20:b:b0:83ARP: Sender's protocol address = 10.0.0.17, dentARP: Target hardware address = ? (0xffff ffff ffff)ARP: Target protocol address = 10.0.0.80, (0x8b85 cc50)
!
gordon -> dent ARP R 10.0.0.80, gordon is 8:0:20:96:10:1a
dent -> (broadcast) ARP C Who is 10.0.0.80, gordon ?
ARP Packet
ARP
0x806
G Fairhurst, http://www.erg.abdn.ac.uk
EthernetDriver
Incomingframe
ICMP IGMP
Ethernet Frame TypeIndicates how to demux
IP Protocol TypeIndicates how to demux
Transport Protocols
Protocol Demultiplexing
IP
0x800
G Fairhurst, http://www.erg.abdn.ac.uk
Senders know:! IP source address (may use DHCP)! IP destination address (may use DNS)
.... and hence the Target-IP of the next-hop system! MAC source address (may look in NIC ROM)Senders use arp to find Target-IPʼs MAC addressesAn arp cache is needed to prevent overload!!The arp cache is also updated by any queryThe arp cache entries expire after a fixed periodIt is automatic when each packet is sent
arp Summary
G Fairhurst, http://www.erg.abdn.ac.uk
012
...
6
...
17
...
255
345
3
2
3
1
3
IP Protocol
Type Byte
012345
inetsw[ ]ip_proto[ ]
Received IP Packet
Pointersto handlersfor transportprotocols
Table of pointers to entry in tableof IP protocols
Goto inetsw[ip_proto[packet[protocol]]];
IPUDPTCP
IP (raw)ICMPIGMP
IP Protocol Demux (Structures)G Fairhurst, http://www.erg.abdn.ac.uk
gresley:arp -amilliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0
ARP Example
The cache consists of a table of address and bindingsThere are currently two entries
Use the “arp -a” command to examine ARP cache.
G Fairhurst, http://www.erg.abdn.ac.ukARP Example
gresley:ping 139.133.207.111PING 139.133.207.111 (139.133.207.111): 56 data bytes64 bytes from 139.133.207.111: icmp_seq=0 ttl=60 time=1.732 ms...
gresley:ping 139.133.207.222PING 139.133.207.222 (139.133.207.222): 56 data bytesping: sendto: Host is downping: wrote 139.133.207.222 64 chars, ret=-1...
Each time a packet is made, arp is triggered as necessary to find the target-IPʼs mac address.Packets sent to 139.133.207.111 were received and generate replies.Packets sent to 139.133.207.222 generate no replies, we can assume this address is not in use.
Use the “ping” command to send test packets
G Fairhurst, http://www.erg.abdn.ac.ukgresley:arp -amilliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0
ARP Example
gresley:ping 139.133.207.111PING 139.133.207.111 (139.133.207.111): 56 data bytes64 bytes from 139.133.207.111: icmp_seq=0 ttl=60 time=1.732 ms...
gresley:ping 139.133.207.222PING 139.133.207.222 (139.133.207.222): 56 data bytesping: sendto: Host is downping: wrote 139.133.207.222 64 chars, ret=-1...
gresley:arp -amilliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0 erg2-printer.erg.abdn.ac.uk (139.133.207.111) at 0:10:83:ba:c0:a5 on en0 ? (139.133.207.222) at (incomplete) on en0 [ethernet]
The arp cache has two new entries:139.133.207.111 has MAC: 0:10:83:ba:c0:a5139.133.207.222 did not respond (no cache entry)
G Fairhurst, http://www.erg.abdn.ac.uk
Two 10 Mbps Ethernet LANs are connected by a bridge. When monitoring LAN A for 1 minute, 40 arp requests are observed and 30 arp responses.(a) Calculate the Utilisation for the arp packets for LAN A.(b) Give two reasons why there are fewer responses than queries.
BRIDGELAN A LAN B
ARP QuestionG Fairhurst, http://www.erg.abdn.ac.uk
Two 10 Mbps Ethernet LANs are connected by a bridge. When monitoring LAN A for 1 minute, 40 arp requests are observed and 30 arp responses.
Calculate the Utilisation for the arp packets for LAN A.
Size of ARP request/Response is =8+14+28+4 (less than minimum Enet PDU) => 8+64 B= (70/60) x 8x72/107x100 % = 0.007%
ARP Question
Give two reasons why there may be fewer responses than queries.
(1) Some arp requests fail to complete (IP addr not used)(2) Some arp requests may have been sourced on LAN B and correspond to an IP address on LAN B. The response would not travel across the bridge.
001a 2f52 4841 000a 95cf ea5e 0806 00010800 0604 0002 000a 95cf ea5e 8b85 cf98001a 2f52 4841 8b85 cf40
G Fairhurst, http://www.erg.abdn.ac.ukARP Packet
G Fairhurst, http://www.erg.abdn.ac.uk
Routing (L3)
Role of routers
Subnet mask
Default router
G Fairhurst, http://www.erg.abdn.ac.uk
TheInternet
emps139.133.7.10
sysc139.133.7.110
isi.edu128.9.0.32
The Internet
G Fairhurst, http://www.erg.abdn.ac.uk
RelayingMedia conversionIP SegmentationRoutingQuality of ServiceManagementSecurity
Role of Routers
RFC 1812
G Fairhurst, http://www.erg.abdn.ac.ukBridges v Routers
Bridges/SwitchesSeparate work group trafficImprove LAN performance
CheapWork at MAC Layer (mostly self configuring)Form one IP network (broadcast domain at L2)
RoutersConnect networksControl traffic flow between networks
More expensiveWork at Network Layer (e.g.IP)Connect different IP networksNeed configuration
G Fairhurst, http://www.erg.abdn.ac.uk
End Systems send packet to an IP addressknow nothing about the network toplogy
About An IP Network
Routers use IP address to forward packetsknow nothing about ʻconversationsʼ
G Fairhurst, http://www.erg.abdn.ac.uk
A) Local Network
B) Remote Network
Should the Local Network be used?
or
Should a router be used?
Selecting a Route
H0 H1
R0
G Fairhurst, http://www.erg.abdn.ac.uk0 15 16 31
data
options (if any)32-bit destination IP address
32-bit source IP address16-bit header checksum
13-bit fragment offsetflags16-bit total length ToS/DSCPIHL4
16-bit identificationTTL protocol
20 bytes
IP Header
RFC 791
ES and routers always examine the IP destination address
G Fairhurst, http://www.erg.abdn.ac.uk
IP Address
IP address! ! ! ! 139.133.7.110
netmask !! ! ! ! 0xffffff00 (255.255.255.0)
network ID! ! ! ! 139.133.7.0
net mask 1 11 1111 1 1 11 1111 1 1 11 1111 1 0 00 0000
0
network id host id
IP Subnet Mask
RFC 950
Block of addresses (32768 in this case)
ES need to know the network netmaskAll systems in a subnet must share same subnet mask
G Fairhurst, http://www.erg.abdn.ac.ukIP Subnet Mask
Subnet mask often writtenas a ʻ/ʼ followed by number of 1s in the mask
/8 11111111 00000000 00000000 00000000/9 11111111 10000000 00000000 00000000/10 11111111 11000000 00000000 00000000 /11 11111111 11100000 00000000 00000000 /12 11111111 11110000 00000000 00000000
/16 11111111 11111111 00000000 00000000/20 11111111 11111111 11110000 00000000/24 11111111 11111111 11111111 00000000/28 11111111 11111111 11111111 11110000
/29 11111111 11111111 11111111 11111000/30 11111111 11111111 11111111 11111100/31 11111111 11111111 11111111 11111110
G Fairhurst, http://www.erg.abdn.ac.uk
Finding the network ID! Convert IP address to hex (or binary)! Convert netmask to hex (or binary)! Perform logical AND between the two
Example:
! IP address 139.131. 63. 53&!netmask 255.255. 0 . 0! host id is: 139.131. 0 . 0/16
Finding the Network ID G Fairhurst, http://www.erg.abdn.ac.uk
Identifying the Destination Network (1)Local network calculation
local IP address ! ! !139.133.7.110local network mask ! !255.255.255.0 local net +subnet id ! !139.133.7.0
dest IP address ! ! !139.133.7.10local network mask ! !255.255.255.0 dest net +subnet id ! !139.133.7.0
Remote network calculation
Compare
Match, thereforeuse local network
dest IP address ! ! !129.105.2.6local network mask ! !255.255.255.0 dest net +subnet id ! !129.105.2.0
Remote network calculation
G Fairhurst, http://www.erg.abdn.ac.ukIdentifying the Destination Network (2)Local network calculation
local IP address ! ! !139.133.7.110local network mask ! !255.255.255.0 local net +subnet id ! !139.133.7.0
Compare
Differ, usea router
G Fairhurst, http://www.erg.abdn.ac.ukEscaping from the LAN
Where is Z?
Sender forms packet withdestination address of Zand sends to Local Router
router forwardspacket on a link
Router understands the best linkto route a packet towards Z
Finding the Broadcast Address G Fairhurst, http://www.erg.abdn.ac.uk
Broadcast address = the network ID + all 1ʼs host ID
Finding the broadcast address! Convert IP address to hex (or binary)! Convert netmask to hex (or binary)! Perform logical OR of the inverted netmask
Example:netmask 255.255. 0 . 0
! IP address 139.131. 63. 53 OR 0 . 0 .255.255! host id is: 139.131.255.255
G Fairhurst, http://www.erg.abdn.ac.uk
IP broadcast uses network addresswith a subnet value of all 1ʼs
To all systems in an IP network
Always sent using MAC broadcast
IP Broadcast
H0 H1
R0
ARP not needed
Routers neverforward
IP broadcastRouting (L3)
Routes
Traceroute
Routing Protocols
G Fairhurst, http://www.erg.abdn.ac.ukNetwork Layer Processing (IP)
IPIn
IPOut
Transport
SVC Man Routing SVC
NetInterface
NetworkLayer
Interface(Link, Physical)
Application software(and layers 5-7)Transport Layer
End System Stack
G Fairhurst, http://www.erg.abdn.ac.ukNetwork Layer Processing (IP)
IPIn
IPOut
IPIn
IPOut
IPIn
IPOut
IPForward
Transport
SVC Man Routing SVC
Control Plane
NetInterface
NetInterface
Data Plane(switching/forwarding fabric)
Interfaces
Routing Table
Services (application software)
TTL--
TTL=0?
TTL=64
Intermediate System Stack
NetInterface
NetInterface
G Fairhurst, http://www.erg.abdn.ac.uk
Router Architecture1995 Single CPU designForwarding (data plane) Routing (control plane) and were closely linkedNetwork Interfaces standard NICʼsMost routers did both on the same CPU (PC-like)
2005 Separate Forwarding EngineForwarding (data plane) in hardware and Routing Interfaces optimised for forwarding(control plane) in a local CPU in same “box”
2010 Independent Forwarding EngineForwarding (data plane) in hardware and Routing (control plane) in a possibly separate box
Forwarding Plane
SVC Man Routing
NetInterface
NetInterface
NetInterface
G Fairhurst, http://www.erg.abdn.ac.uk
PC Router Architecture
Control Plane
Single CPU design
Standard NICʼsLimited services:RoutingManagementAAA, etc
Forwarding Plane
SVC ManRoutingSVC
NetInterface
NetInterface
NetInterface
G Fairhurst, http://www.erg.abdn.ac.ukMultiservice Router Architecture
Control Plane
Control Plane
Multiple CPU design
Custom InterfacesMany services:Multi-protocol RoutingManagement, DHCP,AAA, VoIP,Web servers, Load balancing,Firewalls, NAT,Intrusion Detection
NetInterface
IPIn
IPForward
Transport
Routing
Routing Table
Routing Process
IPIn
IPOut
NetInterface
IPIn
IPOut
IPForward
Transport
Routing
NetInterface
Routing Table
IPOut
G Fairhurst, http://www.erg.abdn.ac.uk
Route to zeno.ksc.nasa.gov (128.159.1.155),30 hops max, 40 byte packets
1 milliways-erg (10.0.0.64) ! ! ! 2 ms 1 ms 1 ms 2 139.133.210.1 (139.133.210.1) !! ! 7 ms 7 ms 7 ms 3 abdn-gw.abdn.ac.uk (139.133.7.6) ! ! 3 ms 3 ms 3 ms 4 smds-gw.ulcc.ja.net (193.63.203.33) ! 17 ms 16 ms 15 ms 5 nsn-gw.ulcc.ac.uk (128.86.1.3) ! ! ! 16 ms 17 ms 16 ms 6 128.161.165.1 (128.161.165.1) !! ! 96 ms 123 ms 147 ms 7 GSFC6.NSN.NASA.GOV (192.100.13.6) !98 ms 115 ms 146 ms 8 128.161.44.4 (128.161.44.4) ! ! ! 178 ms 189 ms 154 ms 9 MSFC1.NSN.NASA.GOV (192.100.14.1) 170 ms 178 ms 175 ms10 KSC.NSN.NASA.GOV (128.161.30.27) ! 192 ms 316 ms 168 ms11 192.150.33.1 (192.150.33.1) ! ! ! 192 ms 205 ms 213 ms12 128.159.215.239 (128.159.215.239) ! 172 ms 172 ms 193 ms13 163.205.253.254 (163.205.253.254) ! 330 ms 222 ms 269 ms
14 zeno.ksc.nasa.gov (128.159.1.155) ! 220 ms 377 ms 177 ms
Route to zeno.ksc.nasa.gov
G Fairhurst, http://www.erg.abdn.ac.uk
194.247139.133
194.81
146.97
193.63
195.66
194.159
158.152
195.11
Web browser www.test.globalweb.co.ukWeb server
abdn.ac.uk
abman.net.uk
ja.net
linx-gw.ja.net
router.demon.net
scotland.net
18 hops in total over 9 domains (7 intermediate)
Route to globalweb.ac.ukG Fairhurst, http://www.erg.abdn.ac.uk
1 milliways (139.133.204.64) 2.831 ms 2.077 ms 2.167 ms 2 gw34.abdn.ac.uk (139.133.34.1) 4.828 ms 4.955 ms 4.865 ms 3 gwkccs.abdn.ac.uk (139.133.7.4) 16.989 ms 15.510 ms 5.331 ms 4 aclarke-gw.abman.net.uk (194.81.60.94) 7.769 ms 5.545 ms 5.734 ms 5 146.97.250.17 (146.97.250.17) 9.785 ms 12.061 ms 9.347 ms 6 146.97.37.29 (146.97.37.29) 13.904 ms 16.689 ms 11.144 ms 7 pos9-0.edin-scr.ja.net (146.97.35.61) 11.492 ms 16.527 ms 21.450 ms 8 pos0-0.leed-scr.ja.net (146.97.33.26) 18.450 ms 27.231 ms 19.766 ms 9 pos2-0.lond-scr.ja.net (146.97.33.30) 32.023 ms 35.862 ms 28.696 ms10 146.97.35.6 (146.97.35.6) 26.864 ms 25.046 ms 24.458 ms11 linx-gw.ja.net (193.63.94.249) 23.115 ms 32.644 ms 21.848 ms12 linx-2.router.demon.net (195.66.224.13) 26.371 ms 26.082 ms 22.430 ms13 tele-backbone-1-ge020.router.demon.net (194.159.252.54) 14 anchor-core-2-fxp1.router.demon.net (158.152.0.178) 15 demon-gw-2.sol.co.uk (195.11.50.130) 37.791 ms 33.314 ms 38.483 ms16 atm1-0-0-1.core2.scotland.net (194.247.77.34) 50.325 ms 56.771 ms 17 fe12-0-0.core1.scotland.net (194.247.67.41) 44.368 ms 46.100 ms 18 ABZ-Sci-Park.LL.scotland.net (194.247.71.109) 50.041 ms 51.625 ms
Traceroute to globalweb.ac.ukG Fairhurst, http://www.erg.abdn.ac.uk
139.133
194.81
146.97
193.63
198.32
129.7
Pegasus.phys.uh.eduWeb server
Web browser
abdn.ac.uk
abman.net.uk
ja.net
linx-gw.ja.net
ucaid.edu
gw.uh.edu
Route to phys.uh.edu
25 hops in total over 6 domains (4 intermediate)
G Fairhurst, http://www.erg.abdn.ac.uk 1 milliways (139.133.204.64) 2.956 ms 2.103 ms 2.101 ms
2 gw34.abdn.ac.uk (139.133.34.1) 4.951 ms 4.891 ms 4.765 ms 3 gwkccs.abdn.ac.uk (139.133.7.4) 5.255 ms 16.300 ms 5.009 ms 4 aclarke-gw.abman.net.uk (194.81.60.94) 6.665 ms 5.533 ms 5.623 ms
5 146.97.250.17 (146.97.250.17) 10.686 ms 10.713 ms 9.235 ms 6 146.97.37.29 (146.97.37.29) 14.946 ms 20.399 ms 25.039 ms
7 pos9-0.edin-scr.ja.net (146.97.35.61) 14.822 ms 17.958 ms 20.820 ms 8 pos0-0.leed-scr.ja.net (146.97.33.26) 26.630 ms 26.973 ms 21.264 ms 9 pos2-0.lond-scr.ja.net (146.97.33.30) 28.960 ms 25.399 ms 25.840 ms10 146.97.35.6 (146.97.35.6) 22.284 ms 22.070 ms 23.392 ms11 us-gw2.ja.net (193.63.94.91) 28.271 ms 22.696 ms 23.660 ms12 193.62.157.18 (193.62.157.18) 91.709 ms 90.632 ms 87.277 ms13 ny-pop.i2.ja.net (193.62.157.210) 95.792 ms 95.864 ms 97.488 ms
14 clev-nycm.abilene.ucaid.edu (198.32.8.29) 106.189 ms 116.730 ms 15 ipls-clev.abilene.ucaid.edu (198.32.8.25) 113.960 ms 109.556 ms 16 kscy-ipls.abilene.ucaid.edu (198.32.8.5) 129.682 ms 126.980 ms
Traceroute to phys.uh.eduG Fairhurst, http://www.erg.abdn.ac.uk
17 dnvr-kscy.abilene.ucaid.edu (198.32.8.13) 138.995 ms 130.486 ms 18 scrm-dnvr.abilene.ucaid.edu (198.32.8.1) 153.115 ms 157.528 ms 19 losa-scrm.abilene.ucaid.edu (198.32.8.18) 163.873 ms 163.366 ms 20 hstn-losa.abilene.ucaid.edu (198.32.8.22) 195.996 ms 201.506 ms
21 LINK2ABILENE.GIGAPOP.GEN.TX.US (198.32.236.13) 194.006 ms 22 INTRALINK2IBT.GIGAPOP.GEN.TX.US (198.32.236.37) 199.774 ms 23 UH.GIGAPOP.GEN.TX.US (198.32.236.30) 205.365 ms 201.777 ms
24 vespasian-vlan10.gw.uh.edu (129.7.254.254) 205.210 ms 196.519 ms 25 Pegasus.Phys.UH.EDU (129.7.2.50) 204.640 ms 197.582 ms 204.103 ms
Traceroute to phys.uh.edu
25 hops in total over 6 domains (4 intermediate)
G Fairhurst, http://www.erg.abdn.ac.uk0 15 16 31
data
options (if any)32-bit destination IP address
32-bit source IP address16-bit header checksum
13-bit fragment offsetflags16-bit total length ToS/DSCPIHL4
16-bit identificationTTL protocol
20 bytes
IP Header
RFC 791
Router always examine the IP destination addressRouters may also utilise the ToS/DSCP valueThe TTL is decremented and checksum recalculated
4
G Fairhurst, http://www.erg.abdn.ac.uk
net=
host route?
net=
network route?
default routespecified?
net =
local network?
Send ICMPmessageextract net
from IP address
Route IPdatagram
Send IPdatagram
arp request
destinationin arp cache?
Y Y Y Y
Y
N
N N NN
Router Forwarding ProcedureNetwork ID e.g. 10.1.0.0/16139.133.1.0/24
G Fairhurst, http://www.erg.abdn.ac.uk
H0 H1 H2
R0
R2
R3
R1
Routing
H3
Itʼs not for my LANsend to local router (R0)
R3 is nearer H3,send to R3
R1 is nearest H3,send to R1
Itʼs on my LANuse arp to find h.a. send directly to H3
G Fairhurst, http://www.erg.abdn.ac.ukRouting Table
!
destination ! !route
139.133.208.x !localdefault ! ! !R0
destination ! !route
139.133.208.x !localN0 ! ! ! !localN1 ! ! ! !localN2 ! ! ! !R2N3 ! ! ! !R1139.134.x.x !R1
H0 H1 H2
H3
R0
R2
R3
R1
139.133.208.x
139.134.204.x
N0N1
N2N3
G Fairhurst, http://www.erg.abdn.ac.uk
“Best Effort” network serviceNot all packets are deliveredSome may be delivered twice!Not all packets follow same routeNot all packets take the same time(Not all packets are segmented in the same way)
R0
R2
R1
Alternative RoutesG Fairhurst, http://www.erg.abdn.ac.uk
Routers exchange control packets
Routers send “control” messages! If you donʼt get them, you know link is “dead”
Thereʼs no such thing as a reliable “I am dead indication”This needs agreement between the two ends
R0
R2
R1
Routing ProtocolsG Fairhurst, http://www.erg.abdn.ac.uk
Routes from local networks
Default RouteA
Router B declares Router B as default routeRouter C declares Router B as default routeRouter D declares Router B as default routeAll traffic to “unknown addresses flows towards “core”
B CD
Default Route
Default Route
G Fairhurst, http://www.erg.abdn.ac.ukRoutes to Remote Networks
Route towards 10.1.0.0/16A
Router A instructs Router B Send B all traffic to addresses with network ID 10.1.0.0/16Router B sends traffic with network ID 10.1.1.0/24 to CRouter B sends traffic with network ID 10.1.3.0/24 to D
B CD
Route towards 10.1.1.0/24
Route towards 10.1.3.0/24
G Fairhurst, http://www.erg.abdn.ac.ukLink ProtocolControllers(e.g. Ethernet)
Network Protocol(Forwarding Engine)
Hardware Address Tables
InterfaceManagement Table
Forwarding Table(IP address matchesanother local interface)
Interface to/from Packet Switch
Receivedpacket
Forwardedpacket
Router ArchitectureG Fairhurst, http://www.erg.abdn.ac.uk
Router Architecture
Hardware Packet Switch(connects via general purpose processor)
Network Interface Cards(here with single interfaces)
Receivedpacket
Forwardedpacket
Forwarding table(identifies this packet requiresprocessing by general purpose processor)
General Purpose Processor(examines packet header in detail, perhaps using filter table)
Forwarding Plane
SVC SVC
NetInterface
NetInterface
Control Plane
G Fairhurst, http://www.erg.abdn.ac.ukRouter Platform
Home Gateway(cost)
Office Router(control)
ISP Router(interfaces)
Core Router(speed)
ServicesPlatform(flexibility)
WebServer
Not all routers are equal- Cost is sometimes important- Control is sometimes important- Speed is sometimes important- Services are sometimes important
Price v RouterPerformance
Instructions/Packet
Cost/Bandwidth
FabricEngine
CoreRouter
EdgeRouter
ServicesPlatform
PC
1 10 100 1000 10000 100000
G Fairhurst, http://www.erg.abdn.ac.ukNAT
First invented to map one computer to one addressReally useful in a commercial setting
This lets a company change itʼs external IP address
G Fairhurst, http://www.erg.abdn.ac.uk
NAPTPort TranslationNAPT shares same address between multiple usersGenerally what is done for home networksConnections have to be started from the inside
- Becomes a nuisance when connecting to a serverNAPTs build state
- When a NAPT crashes the connections disappearNATs try to be “transparent”, it hides and doesthings without anyone asking it to do things
G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
ICMPInternet Control Message Protocol
ICMP Encapsulation
Ping and ICMP Echo
Other uses: PMTU Discovery, Traceroute
G Fairhurst, http://www.erg.abdn.ac.ukInternet Control Message Protocol
Routers / Computers send ICMP messages
Messages usually contain the header of the packet
Not usually sent when ICMP messages received(An exception is an ICMP ECHO REQUEST)
Problem
H1R0 R2R1H0
ICMP(Reason, Diagnostic)
G Fairhurst, http://www.erg.abdn.ac.uk0 15 16 317 8
8-bit type 8-bit code 16-bit checksum
(contents depend on type and code)
Type! Message
0! ! Echo reply3! ! Destination unreachable4! ! Source quench5! ! Redirect8! ! Echo request11! ! Time exceeded (i.e. TTL=0)!
ICMP Message
Postel, J., "Internet Control Message Protocol", RFC792, STD 5, 1981.
G Fairhurst, http://www.erg.abdn.ac.ukICMP Encapsulation
user data
Usually contains "ID" and "sequence number"for "ICMP Echo"
user dataICMPheader
4
20
IPheader user dataICMP
header
Ethernetheader
EthernetCRC-32
14 4IP
header user dataICMPheader
G Fairhurst, http://www.erg.abdn.ac.uk
ping -s sysbPING sysb: 56 data bytes64 bytes from sysb (139.133.201.196): icmp_seq=0. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=1. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=2. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=3. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=4. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=5. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=6. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=7. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=8. time=3. ms64 bytes from sysb (139.133.201.196): icmp_seq=9. time=4. ms64 bytes from sysb (139.133.201.196): icmp_seq=10. time=5. ms64 bytes from sysb (139.133.201.196): icmp_seq=11. time=3. ms^C----sysb PING Statistics----12 packets transmitted, 12 packets received, 0% packet lossround-trip (ms) min/avg/max = 3/3/5
Ping of Local Host
RTT = 2 ms
Ping 60 B of ICMP payload
G Fairhurst, http://www.erg.abdn.ac.uk
ping -s www.ksc.nasa.govPING zeno.ksc.nasa.gov: 56 data bytes64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=0. time=191. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=1. time=237. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=2. time=412. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=3. time=177. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=4. time=183. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=5. time=189. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=6. time=179. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=7. time=177. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=8. time=174. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=9. time=175. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=10. time=178. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=11. time=189. ms64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=12. time=322. ms^C----zeno.ksc.nasa.gov PING Statistics----14 packets transmitted, 13 packets received, 7% packet lossround-trip (ms) min/avg/max = 174/214/412
Ping of Remote HostG Fairhurst, http://www.erg.abdn.ac.uk
Segmentation / Fragmentation
IP segmentation by routers
IP segmentation header
Path MTU Discovery
End System segmentation by sender
G Fairhurst, http://www.erg.abdn.ac.ukIP Segmentation
Each Interface has a Maximum Transmission UnitThe MTU specifies the size of the largest IP packetPackets must be fragmented to be less than the MTU
G Fairhurst, http://www.erg.abdn.ac.uk
Own MAC hardware address (from NIC PROM)! Used in MAC source address
Own IP address (given by network administrator)! Used as IP source address
Own IP subnet mask (given by network administrator)! Indicates remote destination addresses! Indicates IP broadcast address (to all local systems)
IP default router (given by network administrator)! IP address of router to send to for remote addresses! (indicates MAC address for remote IP networks)
IP name server server (given by network administrator)! IP address of a server to resolve names <-> address
Required InformationG Fairhurst, http://www.erg.abdn.ac.uk
Transport,Middleware & Applications
UDP (Header, Services)
Demultiplexing (Protocol, Port)
Checksum
TCP (Header, Services)
TCP Connections
Applications
1980s: Reliable data transmission
Data was precious... Networks needed to be careful not to loose/damage it.
1980
G Fairhurst, http://www.erg.abdn.ac.uk
1980s: The Internet model
In most places, the Internet is only “best effort”There can be:
Loss (never arrives)Variable delay (arrives late)Reordering (wrong order)
All much more common with wireless
G Fairhurst, http://www.erg.abdn.ac.uk
Reliability needs to be End-to-End
"The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the end points of the communication system. Therefore, providing that questioned function as a feature of the communication system itself is not possible."
TCP
TCPDave Clarke, 1981
G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.ukNetwork Layer Processing (IP)
G Fairhurst, http://www.erg.abdn.ac.uk
IPIn
IPOut
Transport
SVC Man Routing SVC
NetInterface
NetworkLayer
Interface(Link, Physical)
Transport
Transport
G Fairhurst, http://www.erg.abdn.ac.ukTransport Layer Service
End System
End System
Logical link between applications
Transport protocols run in End Systems
Several Transport Protocols(ICMP)UDP, TCP, STCP, UDP-Lite, DCCP
G Fairhurst, http://www.erg.abdn.ac.uk
UDP User Datagram ProtocolBest Effort Service
Multiplexing (service access points)
Integrity Check
G Fairhurst, http://www.erg.abdn.ac.uk
## Internet (IP) protocols#ip 0 IP # internet protocolicmp 1 ICMP # internet control message protocoltcp 6 TCP # transmission control protocoludp 17 UDP # user datagram protocol## Internet (IPv6) extension headers#ipv6 41 IPv6 # IPv6 in IP encapsulation... More IPv6 Extension Headers...
In UNIX, these are stored in /etc/protocols
IP Protocol Types
IP
Incomingpacket
IP ICMP
IP Protocol TypeIndicates how to demux
Transport Protocols
IP in IP Tunnel
G Fairhurst, http://www.erg.abdn.ac.uk
0 15 16 31
8 bytes16-bit source port 16-bit destination port 16-bit UDP length 16-bit UDP checksum
data (if any)
UDP Header
(dest IP, dest port))
Integrity checked by:! Verifying the length of PDU (incl. header)! Executing a checksum algorithm
RFC 768
Each connection identified by:
G Fairhurst, http://www.erg.abdn.ac.uk
Transmission Frame Corruption (link CRC fails)Router Header Corruption (IP Checksum fails)Router Congestion (packet discarded by router)Receiver Busy (packet discarded by end system)No route to destination (packet discarded by router)Equipment failure (packet discarded by router)Each means packet does NOT reach the destination
Why are datagram networks unreliable?
Loss in NetworksG Fairhurst, http://www.erg.abdn.ac.uk
Corruption of packet:! inside bridges! inside routers! inside end systems! Causes: ! Software errors (copy wrong data)! DMA hardware faultsErrors in IP header detected by IP checksum! Routers discard packets with header errorsErrors in IP payload undetectedA corrupted packet can reach the destination
Why are datagram networks unreliable? (II)
Corruption in Networks
G Fairhurst, http://www.erg.abdn.ac.uk16-Bit UDP Checksum
Sender treats segment contents as sequence of 16-bit integersAdd (1ʼs complement sum) of segment contentsPut checksum value into UDP checksum field
Receiver computes checksum of received segmentIs computed checksum equals checksum field value:
NO - error was detected.YES - no error detected. But, may be errors nonetheless?
Some other things to check:Addresses, Length, ProtocolThese are also added into checksum
G Fairhurst, http://www.erg.abdn.ac.uk
Server
C2
C1
C3 C4
Internet
Port Numbers
Each client sends packet with a specified Destination Port
The Server accepts packet to a socket bound to Destination Port
G Fairhurst, http://www.erg.abdn.ac.ukWell-Known Server Port Number
IP
Ethernetdriver
Application
Transport
Network
Data Link
Physical Layer
Server “opens” a new transport session
It “binds” to(dst = server-port, src= any-port)
It “accepts” new connections
I will accept packets from server-port
G Fairhurst, http://www.erg.abdn.ac.uk
Some examples are:37 !Network time Server (nntp)53!! ! Domain Name Server (dns)
e.g. packets sent from a client to a dns server (53)IP header! ! ! ! ! ! ! UDP header(clientʼs IP addr, dns server IP addr) ! (client port,53)e.g. packets (responses) from a dns server(3) to a clientIP header! ! ! ! ! ! ! UDP header(dns server IP addr, clientʼs IP addr) ! (53, client port)
The Internet has agreed a set of well -known portsThere are lots of these - one for each service
Well Known Port NumbersG Fairhurst, http://www.erg.abdn.ac.uk
Unique Client Port Number
IP
Ethernetdriver
Application
Transport
Network
Data Link
Physical Layer
Client “opens” a new transport session
It “binds” to(src = unique-port,dst = server-port)
I want to send to server-port
G Fairhurst, http://www.erg.abdn.ac.ukUnique Client Port Number
Connections identified by: {SIP,SPort,DIP,DPort}How do you choose SPort?
SPort needs to be unique for a clientCould increment for each new socket
(some OS do)But... could do something different
(many OS do)Could pick a random (but unique) SPort
(makes packet snooping harder)
G Fairhurst, http://www.erg.abdn.ac.ukSrc &Dest Port Numbers
IP
Ethernetdriver
IP
Ethernetdriver
Application
Transport
Network
Data Link
Physical Layer
(unique,well-known)
(well-known,unique)
Server(well-
known)Client
(unique)All UDP packets carry(src, dst) port numbers
G Fairhurst, http://www.erg.abdn.ac.ukSimple Services! Startup / Bootstrap !(DHCP, tftp)
Query / Response! Disk Sharing !! ! ! (nfs)! Address Query! ! ! (dns)! Time Query! ! ! ! (ntp)! Network Management ! (snmp)
Stream Services! Audio, Video!! ! ! (Multimedia)! Internet Telephony! ! (Voice over IP)
Multicast! Internet TV! ! ! ! (Multicast Multimedia)! File Distribution! ! ! (Multicast File Transfer)
UDP ServicesG Fairhurst, http://www.erg.abdn.ac.uk
TFTPTrivial File Transfer Protocol
Reliability
Packet Headers
Retransmission (ARQ)
VERY simple file transfer protocol.
First defined in 1980.
Easy to implement in a very small amount of memory.
TFTP is useful for booting computers and configuring routers which did not have mass storage devices.
Can be used to transfer small files between hosts on a LAN, e.g. remote X Window System terminal.
G Fairhurst, http://www.erg.abdn.ac.ukTrivial File Transfer Protocol (TFTP)
G Fairhurst, http://www.erg.abdn.ac.ukTrivial File Transfer Protocol (TFTP)
Read Request (RRQ)
No software whenclient switched on,requests copyfrom server
copy of client software(e.g. “bootstrap, 1074 B)
DATA ACK
Internet is Best Effort! Some information may be lost in transit
Corruption unlikely (due to CRCs and checksums)
Reliability Implies....
! All information is received!! (no loss, no residual errors)! No information is duplicated !(no extra copies)!Sequencing !! ! ! ! ! (original order is preserved)
ReliabilityG Fairhurst, http://www.erg.abdn.ac.uk
ACK ACK
D
ACK
Send a Packet Wait Acknowledged
"I got it!"
D D
Automatic Repeat reQuest (ARQ)G Fairhurst, http://www.erg.abdn.ac.uk
Transmit Timer
Transmit timer monitors receipt of acknowledgments
Starts:!When first Data Packet sent
Restarts:!When a new Data Packet sent
Stops:!When all packets have been acknowledged
G Fairhurst, http://www.erg.abdn.ac.uk
ACK ACK
D1 D2 D2'
"I got it!" Lost packet
Timer Timer
"What, no ACK?- send it again."
Timerstopped
Timerstarted
Timerrestarted
"I got it!"
Timerrestarted
Timer
Loss Recovery by Timer G Fairhurst, http://www.erg.abdn.ac.uk
Advantages Very simple to implement
Disadvantages Response to every transmitted Data packet Timers needed to recover loss of a Data packet/ACK Wasteful with long delays
Stop & Wait ARQG Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
Trivial File Transfer Protocol (TFTP)
READrequest(RRQ)
Serverstartstransfer
DATA 1 (512 B)
DATAindication
ACK(1)
DATA 2 (512 B)
DATAindication
ACK(2)
DATA 3 (50 B)
DATAindication
Last block< 512B,indicates endof transfer.
ACK(3)
G Fairhurst, http://www.erg.abdn.ac.ukTFTP Protocol Header
Data block4B
8 B UDP
20 B IP
Op Code 2 B sequence number
Op Codes for TFTP1 = TRead Request (RRQ)2 = Write Request (WRQ)3 = DATA (512 B, unless final)4 = ACK5 = Error
TFTP defined in RFC 1350, 1992
G Fairhurst, http://www.erg.abdn.ac.uk
Defined as “the number of bits transferred per second from a given layer to the upper layer as a result of a conversation between two users of the layer”Considers only data forwarded to the OSI layer above(i.e. not layer ovehead)Expressed in bits per secondMeasures performance of a layer
Throughput
! Throughput = (PDU)/(RTT)
DATA
ACKRTT Idle time
G Fairhurst, http://www.erg.abdn.ac.ukThroughput
! TFTP is very simple to implementUses UDP/IPAdds to this to provide reliable deliveryUseful for simple tasks (software download, configuration of routers, etc)Performance OK for a LAN
Not suited to general InternetSlow performance with large delayNo userid/loginNo congestion control (see “TCP”)
G Fairhurst, http://www.erg.abdn.ac.ukSummary
G Fairhurst, http://www.erg.abdn.ac.uk
TCP Transmission Control ProtocolIntegrity Check (as UDP)
Multiplexing (similar to UDP)
Reliable In-Order Delivery (retransmits)
Stream-oriented Transport
Flow Control (receiver slows-down sender)
Congestion Avoidance (network slows-down sender)
Out-Of-Band Data (little used)
G Fairhurst, http://www.erg.abdn.ac.uk
FTPclient
TCP
IP
Ethernetdriver
FTPclient
TCP
IP
Ethernetdriver
Application
Transport
Network
Data LinkPhysical Layer
FTP between local hosts
Reliable
(source IP, source port; Dest IP, dest port)
G Fairhurst, http://www.erg.abdn.ac.uk
user data
user dataapplicationheader
user dataapplicationheader
TCPheader
user dataapplicationheader
TCPheader
IPheader
Ethernetheader user dataapplication
headerTCP
headerIP
headerEthernetCRC-32
20
20
14 4
Encapsulation
G Fairhurst, http://www.erg.abdn.ac.ukTCP Streams
write
write
write
readreadreadread
≤ MSS
Sender Receiver
G Fairhurst, http://www.erg.abdn.ac.uk
0 15 16 31
20 bytes
16-bit source port 16-bit destination port32-bit sequence number
32-bit acknowledgement numberTCPHL reserved flags 16-bit window size
16-bit TCP checksum 16-bit urgent pointeroptions (if any)
data (if any)
TCP Header
RFC 793
Same as UDP
Data and ACK sequence numbers
G Fairhurst, http://www.erg.abdn.ac.ukTCP Services
Interactive Services! terminal access (telnet [23] rlogin [513])! dns
Bulk Services! file transfer (ftp [21])!! mail transfer (smtp [25])! streaming mediaSemi-Interactive!!! WWW (http [80])! nfs
G Fairhurst, http://www.erg.abdn.ac.uk
Some examples are:
20 FTP-DATA File Transfer [Default Data]21 FTP File Transfer [Control] 23 TELNET Telnet 25 SMTP Simple Mail Transfer 37 TIME Time 69 TFTP Trivial File Transfer79 FINGER Finger110 POP3 Post Office Protocol v 3123 NTP Network Time Protocol143 IMAP2 Interim Mail Access Prot. v2 161 SNMP Simple Network Man. Prot.
The Internet has agreed a set of well -known ports
There are lots of these, see: ! /etc/services file in UNIX! or RFC 1060 (Assigned Numbers)
Well Known Port NumbersG Fairhurst, http://www.erg.abdn.ac.uk
Stop and Wait Protocol!Throughput = (PDU)/(RTT)
Window-Based Protocol!High throughput requires large enough window.! ! (window(in bytes)xRTT) > bandwidth
ACK
DATA
Idle time
ACK
DATA
DATA
DATA
DATA
DATA
WindowG Fairhurst, http://www.erg.abdn.ac.uk
Defined as “the number of bits transferred per second from a given layer to the upper layer as a result of a conversation between two users of the layer”Considers only data forwarded to the OSI layer above(i.e. not layer ovehead)Expressed in bits per secondMeasures performance of a layer
Throughput
G Fairhurst, http://www.erg.abdn.ac.uk
Defined as “the total number of bits transferred at the physical layer to communicate a certain amount of data divided by the time taken to communicate the data.”Includes all bits in all types of frame irrespective of whether they are corrupted or correctly received. Expressed as a percentage of physical layer rate.Measures link capacity used.
Utilisation!Idle (unused)
Utilised!
G Fairhurst, http://www.erg.abdn.ac.uk
! An end system uses TCP to communicate with another end system over a 10 Mbps Ethernet LAN. The sender transmits 50 packets per second with 1460 B of TCP data, and receives 25 packets per second of Acknowledgements (ACKs) with no data.
Calculate:! (i) The throughput ! (ii) The utilisation of the network! (iii) The utilisation if UDP were used instead of TCP
G Fairhurst, http://www.erg.abdn.ac.ukMultiplexing
Two flows can share a link (multiplexing)Utilisation = sum of each flow utilisationNo loss occurs providing utilisation < 100%Some buffer space is needed to store bursts
Sharing
• Circuit-switching allocates fixed capacity
• Peak packet rate can exceed long-term share
G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.ukCongestion
More packets received than sent ! !! queue buildsQueue exceeds buffer memory! packets discardedKnown as a “drop-tail” router
G Fairhurst, http://www.erg.abdn.ac.ukCongestion Collapse
Retransmit the discarded packets!! causes more overloadSituation results in a “meltdown”Known as a “congestion collapse”
“Route” Optimisation Problem
ES can optimise globally
ISP-level optimisation more course-grain
G Fairhurst, http://www.erg.abdn.ac.uk
Multi-path sharing
Takes sharing one stage further
Leverages multi-homing
Traffic moves away from congested links
G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
Congestion Collapse was a real problem in late 80ʼs
It was prevented by new algorithms in TCP (1986)
! Each TCP sender now judges how fast to send! - based on whether they experience congestion:
End Systems that see any loss slow down.End Systems that do NOT see loss speed up.
! Use of this is required (1988)! It has worked very well - at least up until now!
TCP continues to evolve......
Congestion Avoidance
A New Internet Layer?
InternetProtocol
Transport
Links and Physical
Transmission
G Fairhurst, http://www.erg.abdn.ac.uk
Current Internet
(1981)
IPv6
Next Gen. Internet(1994)
IPv4 IPv6
G Fairhurst, http://www.erg.abdn.ac.ukIPv4
32-bit address Monolithic header (complex)
Options not widely implementedRouter fragmentation troublesome (use PMTUD)
Version HLen DSCP/ToS
ProtocolTime to Live
Total Datagram Length
Fragment Identification Fragmentation OffsetFlags
Header Checksum
32 bit Source Address
32 bit Destination Address
Options (if any), multiple of 32 bits
ECN
Field updated and present in IPv6 base header
Field not present in IPv6 base header
G Fairhurst, http://www.erg.abdn.ac.uk
“New” IPv6 Functions
Simplified header format (good for hardware)Expanded addressing 128-bitImproved support for Extensions (e.g. mobility)Flow LabelingAuthentication and Privacy (IPsec, SEND, ...)
Version DSCP/ToS
Hop Limit
Flow Label
Payload Length
128 bit Source Address
ECN
Next Header
128 bit Destination Address
Header Extensions (if any)
Header LengthNext Header
G Fairhurst, http://www.erg.abdn.ac.uk
0000: 47 5c 8f 15 00 80 6c 86 dd 60 00 00 00 00 40 3a G\....l..`....@:
0010: 40 20 10 0d b8 85 a3 08 d3 13 19 8a 2e 03 70 73 @ ............ps
0020: 35 20 10 0d b8 85 a3 08 d3 13 19 8a 2e 03 70 73 5 ............ps
0030: 35 80 00 e9 6b 77 3d 00 04 9b 56 d9 47 00 00 00 5...kw=...V.G...
0040: 00 3e 0f 0d 00 00 00 00 00 10 11 12 13 14 15 16 .>..............
0050: 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 ......... !"#$%&
0060: 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 '()*+,-./0123456
0070: 37 8f 05 4a 29 ff ff ff ff ff ff ff ff ff ff ff 7..J)...........
0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
0090: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
00a0: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................
00b0: ff ff ff ff ff ff ff ff ff ff ff ff ............
G Fairhurst, http://www.erg.abdn.ac.ukIPv6 Decode
Standard on all router platforms
Common on high-end switches
Standard in modern host operating systems
“IPv6 is not Rocket Science” – Lorenzo Colitti
http://www.ipv6forum.com/
But...
0.39% of BGP-advertised prefixes are IPv6!
0.2% of total web traffic!
G Fairhurst, http://www.erg.abdn.ac.ukIPv6 Status
Some features were not used:
Flow-labels not so useful after all
IPsec mainly used for VPNs
Many IPv6 features now in IPv4:
QoS
Multicast
Mobility
NAT has replaced the need for addresses?
“...Itʼs not deployed, do we need IPv6?”
IPv4 IPv6
G Fairhurst, http://www.erg.abdn.ac.ukIPv6 Features Distribution of allocated IPv4 Addresses
USA32%
Asia/Pacific31%
Europe28%
Lat America7%
Africa2%
USA Asia/Pacific Europe Lat America Africa
Areas with high demand for rural satellite Internet have few IPv4 addresses
G Fairhurst, http://www.erg.abdn.ac.uk
0
20
40
60
8078
73
65 65 65
62 62
59
55
49 49
45
4241
39
35
Dec-04Jul-05
Dec-05Jun-06
Dec-06Jun-07
Dec-07Jun-08
Unallocated IANA IPv4 /8 Addresses
~9 /8’s allocated per year
http://www.potaroo.net/tools/ipv4/index.html
the days of free IPv4 addresses are numbered...Projected IANA Unallocated Address Pool Exhaustion: 20-Jun-2011
G Fairhurst, http://www.erg.abdn.ac.uk
So what will the Future Internet be?
An Internet that builds on IPv4
Internet will continue to evolve slowly...
An Internet that deploys IPv6
NAT-free host-to-host via IPv6
Autoconfig /provider-independent addressing
Mobility (?)
And new stuff...
A “clean slate” design of a new network architecture
Transition to something better
??
G Fairhurst, http://www.erg.abdn.ac.uk
?
Packet DecodesEthernet Header
PDU Header Chart
Hexadecimal Packet dump 0: 0100 5e02 dc3e 00d0 bbf7 c6c0 0800 4500
16: 00cc e206 0000 7111 a1a9 84b9 8476 e002 32: dc3e 7982 7982 00b8 08a0 8005 dbc6 d721 48: 69c0 0752 bb5f fe39 3600 8808 b120 8933 64: 6219 9118 5128 ffc8 1321 bc10 933e aa23 80: 3233 ba00 e892 a00c 1a3c 0a28 37ab 012d 96: aca5 4819 9088 0b39 64ba 43a0 b9a8 04b3 112: 88b8 4bf8 3940 d024 0a98 8b0b 1703 0a3a 128: 8820 a381 a21f 3bc0 9298 e893 90bd 042a 144: 0a88 3287 59ab e980 1211 4002 2208 98b1 160: 7039 0b26 e898 99ab b118 a1aa a702 9ac4 176: 9128 ca21 7822 2971 090a 2194 98d0 27bb 192: 0958 8092 993f b3b0 2922 337a 0f88 8810 208: 8a29 0183 fb15 b888 0d4c
G Fairhurst, http://www.erg.abdn.ac.uk0 15 16 31
data
options (if any)32-bit destination IP address
32-bit source IP address16-bit header checksum
13-bit fragment offsetflags16-bit total length ToSIHL4
16-bit identificationTTL protocol
20 bytes
IP Header
RFC 791
G Fairhurst, http://www.erg.abdn.ac.uk
0 15 16 31
8 bytes16-bit source port 16-bit destination port 16-bit UDP length 16-bit UDP checksum
data (if any)
UDP Header
RFC 768
ETHERPacket size = 218 bytesDestination = 1:0:5e:2:dc:3e, (multicast) (01-00-5e-02-dc-3e)Source = 0:d0:bb:f7:c6:c0, Ethertype = 0800 (IPv4)IPVersion = 4, Header length = 20 bytesType of service = 0x00Total length = 204 bytes (00cc)ID = 57862, Flags = 0x00, Frags = 0Time To Live = 113 seconds/hopsProtocol = 17 (UDP)Header checksum = a1a9Source address = 132.185.132.118Destination address = 224.2.220.62No optionsUDPSource port = 31106 (7982)Destination port = 31106 (7982)Length = 184 (00b8)Checksum = 08a0 RTP180B of Data
0: 0100 5e02 dc3e 00d0 bbf7 c6c0 0800 4500 16: 00cc e206 0000 7111 a1a9 84b9 8476 e002 32: dc3e 7982 7982 00b8 08a0 8005 dbc6 d721 48: 69c0 0752 bb5f fe39 3600 8808 b120 8933 64: 6219 9118 5128 ffc8 1321 bc10 933e aa23 80: 3233 ba00 e892 a00c 1a3c 0a28 37ab 012d 96: aca5 4819 9088 0b39 64ba 43a0 b9a8 04b3 112: 88b8 4bf8 3940 d024 0a98 8b0b 1703 0a3a 128: 8820 a381 a21f 3bc0 9298 e893 90bd 042a 144: 0a88 3287 59ab e980 1211 4002 2208 98b1 160: 7039 0b26 e898 99ab b118 a1aa a702 9ac4 176: 9128 ca21 7822 2971 090a 2194 98d0 27bb 192: 0958 8092 993f b3b0 2922 337a 0f88 8810 208: 8a29 0183 fb15 b888 0d4c
EncapsulationG Fairhurst, http://www.erg.abdn.ac.uk
Topics to be examined- Everything on the syllabus (includes lab & tutorials)
Topics excluded- Calculation of link CRC (but know what it does!)- Algorithm for DPLL (but know what it does!)- Calculation of packet checksum (but know what it does!)
Topics not covered this year- IP router fragmentation- Path MTU Discovery
And finally....