ping iwing.cpe.ku.ac.th - Department of Computer Engineering
Download
Report
Transcript ping iwing.cpe.ku.ac.th - Department of Computer Engineering
Supporting Protocols and
Technologies in TCP/IP Suites
Asst. Prof. Chaiporn Jaikaeo, Ph.D.
[email protected]
http://www.cpe.ku.ac.th/~cpj
Computer Engineering Department
Kasetsart University, Bangkok, Thailand
Adapted from the notes by Lami Kaya and lecture slides from Anan Phonphoem
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
© The McGraw-Hill Companies, Inc.
Outline
Address Resolution Protocol (ARP)
Internet Control Message Protocol (ICMP)
Dynamic Host Configuration Protocol (DHCP)
Network Address Translation (NAT)
2
Address Resolution Protocol
(ARP)
Address Resolution
Recall the forwarding process
IP must translate the next-hop IP address to
a MAC address
Forwarding uses IP addresses
A MAC address is needed to communicate with
the next hop
The translation process is known as address
resolution
Address resolution is local to a network
4
Address Resolution
One computer can resolve the address of
another computer only if both computers
attach to the same physical network
Resolve
Resolve
5
ARP
RFC 826 - Address Resolution Protocol
ARP maps any network level address (such
as IP) to its corresponding data link address
(such as Ethernet)
Supporting protocol in data link layers
Not data link layer protocol itself
6
ARP Protocol
Station 1 is looking for MAC add of IP 158.109.33.200
3
I’m looking for IP
158.109.33.200
ARP request
ARP request
ARP request
1
2
4
ARP request
7
ARP Protocol
Station 3 (IP 158.109.33.200) responses
3
4
ARP response
I’m IP 158.109.33.200
My physical address is
01-12-33-3A-C2-23
ARP response
1
2
8
Conceptual Address Boundary
9
ARP Cache
Sending an ARP request for each datagram is
inefficient
Three frames traverse the network for each datagram
ARP request, ARP response, and the data datagram itself
ARP cache is used to reduce network traffic
ARP saves the information from a response
so it can be used for subsequent packets
The software does not keep the information indefinitely
Instead, ARP maintains a small table of bindings in memory
10
ARP from Command Prompt
entry in ARP table
C:\> arp -a
www.cpe.ku.ac.th (158.108.33.5) at 0:0:e8:15:cc:c
$ ping garnet.cpe.ku.ac.th
:
C:\> arp -a
router.cpe.ku.ac.th (158.108.33.1) at 0:0:c:6:13:4a
cc.cpe.ku.ac.th (158.108.33.2) at 2:60:8c:2e:b5:8b
www.cpe.ku.ac.th (158.108.33.5) at 0:0:e8:15:cc:c
11
Error Reporting Mechanisms
Error Reporting Mechanisms
IP problems
Best effort
Data can be
Error detection of IP
lost, duplicate, delay, out-of-order
checksum
if error, discard frame (cannot send back error
message – no trust in the header)
IP requires additional helpers
Internet Control Message Protocol (ICMP)
13
ICMP
RFC 792
IP supporter
For error generating
Transmission problem
Time to live (TTL) exceed
Destination unreachable
etc.
Serve as useful diagnostic tools
ping, traceroute
14
ICMP
ICMP error messages never generates due to:
ICMP error messages themselves
Broadcast/Multicast (prevent broadcast Storms)
What are Broadcast Storms ?
A large number of broadcast frames transmitted nearly
simultaneous
LAN may freeze!
15
ICMP encapsulation
frame hdr
Frame data
e.g. Ethernet
IP hdr
contain
protocol 0x01
(ICMP)
IP data
type
code
……...
indicate error type
16
Ethernet Frame Containing
ICMP packet
DA
SA
T
Frame (Ethernet) Header
IP
header
IP Header
Type Code
Other info.
ICMP
Type Code
Description
8
0
Echo request
0
0
Echo reply
11
0
Time exceed
3
3
Port unreachable
17
ICMP header
type - relevant ICMP message
code - more detail information
checksum - covers ICMP header/data (not
IP header)
0
15 16
type:8
code:8
31
checksum:16
Content specific
18
ICMP Messages
19
Diagnostic Tools: ping
ping request
ping reply
Generate an ICMP echo request
Receive the ICMP echo reply
All TCP/IP node is supposed to implement
ICMP and respond to ICMP echo
20
ping command (#1)
Send a single echo request / wait for a reply
Resend another request if no reply (1 sec.)
Repeat until receive at least one reply or stop after
time out
> ping iwing.cpe.ku.ac.th
iwing.cpe.ku.ac.th is alive
> ping happy.cpe.ku.ac.th
no answer from happy.cpe.ku.ac.th
21
ping command (#2)
Send an echo request message every
seconds
Records the time it takes for each reply
Every echo request contains a unique
sequence number to match replies and
request
Record round-trip timing
Perform packet lost statistics
22
ping example
$ ping iwing.cpe.ku.ac.th
PING iwing.cpe.ku.ac.th (158.108.32.199) from 158.108.32.31 : 56(84) bytes of data.
Warning: time of day goes back, taking countermeasures.
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=0 ttl=252 time=1.187 msec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=1 ttl=252 time=601 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=2 ttl=252 time=594 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=3 ttl=252 time=594 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=4 ttl=252 time=585 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=5 ttl=252 time=590 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=6 ttl=252 time=584 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=7 ttl=252 time=587 usec
--- iwing.cpe.ku.ac.th ping statistics --8 packets transmitted, 8 packets received, 0% packet loss
round-trip min/avg/max/mdev = 0.584/0.665/1.187/0.198 ms
23
ping as debugging tools
What we get from ping?
Timing information
Connection reliability
Destination is reachable (routable)
IP layer is functional, but no guarantee for other
higher layer protocols
24
ping results
No response
Lost packet (significant when >2-3%)
Transmission error on WAN/LAN
Overloading bridges/routers
Varying round-trip time
Target host inactive or no connection
host/network overloading
No lost and round-trip time is reasonably constant
Congratulations! That’s all we want.
25
Diagnostic Tools: traceroute
Command to determine the active route to a destination
address
How does it work?
send a UDP messages to an unused port on the target host with
ttl=1
router decrease ttl to 0, it has to return an ICMP time exceed
message
traceroute sets ttl =2 and retransmits, this time go one more hop
ttl++ until UDP messages reach the destination.
the target returns an ICMP service unavailable because there is no
UDP port service.
26
How traceroute works?
UDP(TTL =1)
Destination unused port #
27
How traceroute works?
UDP(TTL
TTL = 0=1)
ICMP(time
exceed)
UDP(TTL =1)
28
How traceroute works?
UDP(TTL
ICMP(time
TTL = 0=1)
exceed)
UDP(TTL
ICMP(time=2)
=1)
exceed)
UDP(TTL
ICMP(time=2)
exceed)
29
How traceroute works?
UDP(TTL =8)
UDP(TTL =9)
ICMP(port
UDP(TTL =10)
unreachable)
ICMP(port UDP(TTL
unreachable)
=0)
30
Traceroute example
$ traceroute iwing.cpe.ku.ac.th
traceroute to iwing.cpe.ku.ac.th (158.108.32.199), 30 hops max, 38 byte
packets
1 fe-cpegw2-server (158.108.32.1) 0.851 ms 0.782 ms 0.683 ms
2 gb-cpegwbb-cpegw (158.108.35.10) 0.387 ms 0.368 ms 0.337 ms
3 gb-cpec4k6-cpec6k (158.108.35.114) 0.685 ms 0.654 ms 0.613 ms
4 iwing (158.108.32.199) 0.506 ms 0.439 ms 0.418 ms
31
Traceroute example
$ traceroute www.umass.edu
traceroute to www.umass.edu (128.119.101.5), 30 hops max, 38 byte packets
1 fe-cpegw2-server (158.108.32.1) 0.855 ms 0.737 ms 0.700 ms
2 gb-cpegwbb-cpegw (158.108.35.10) 0.430 ms 0.409 ms 0.359 ms
3 158.108.254.37 (158.108.254.37) 0.488 ms 0.469 ms 0.401 ms
4 158.108.251.54 (158.108.251.54) 0.558 ms 0.617 ms 0.733 ms
5 158.108.251.57 (158.108.251.57) 1.121 ms 0.919 ms 1.046 ms
6 202.28.213.1 (202.28.213.1) 1.311 ms 1.758 ms 1.154 ms
7 202.28.212.29 (202.28.212.29) 1.531 ms 1.445 ms 1.189 ms
8 202.28.212.2 (202.28.212.2) 1.456 ms 1.532 ms 1.151 ms
9 S1-1.R00.LA-POP.uni.net.th (202.28.28.162) 226.026 ms 226.043 ms 225.962 ms
10 63.216.18.53 (63.216.18.53) 253.741 ms 239.317 ms 249.022 ms
11 snvang-losang.abilene.ucaid.edu (198.32.8.95) 233.765 ms 239.165 ms 240.522 ms
12 dnvrng-snvang.abilene.ucaid.edu (198.32.8.2) 258.216 ms 258.599 ms *
13 kscyng-dnvrng.abilene.ucaid.edu (198.32.8.14) 269.012 ms 268.717 ms 318.331 ms
…
19 nox300gw1-PEER-NoX-UMASS-192-5-89-102.nox.org (192.5.89.102) 310.155 ms 310.240 ms
344.973 ms
20 lgrc-rt-106-8.gw.umass.edu (128.119.2.193) 323.127 ms 325.108 ms 313.802 ms
21 lgrc-rt-106-6.gw.umass.edu (128.119.2.185) 310.291 ms 321.111 ms 309.874 ms
22 * * *
23 * * *
32
Dynamic Host Configuration
Protocol (DHCP)
DHCP
Allows a computer to join a new network and
obtain networking parameters automatically
IP address
Subnet mask
Default router (gateway) address
DNS server's address
etc.
The concept has been termed plug-and-play
networking
34
DHCP Message Format
35
DHCP Operation
DHCP Server
Client
Boot
DHCP DISCOVER
(Broadcast)
DHCP OFFER
DHCP REQUEST
DHCP ACK
36
DHCP Discover Message
Broadcast by clients
37
DHCP Offer Message
Sent directly to client
38
Assigned Address Types
We can configure a DHCP server to supply
two types of addresses:
Permanently assigned addresses
Typically assigned to servers
A pool of dynamic addresses to be allocated on
demand
Typically assigned to arbitrary hosts
39
Address Leasing
DHCP issues a lease on the address for a
finite period
Thus allows a DHCP server to reclaim addresses
When a lease expires, a host can choose to
relinquish the address or renegotiate with
DHCP to extend the lease
If approved, a computer continues to operate
without any interruption
If a server denies an extension request, the host
must stop using the address
40
DHCP Relay Agents
DHCP discover messages are broadcast locally
These messages are not forwarded by routers
DHCP Server
10.1.4.2
10.1.2.11
10.1.1.10
10.1.1.11
10.1.1.12
10.1.4.1
10.1.1.1
10.1.2.1
Router
Assuming all networks are /24
DHCP
DISCOVER
New client
10.1.2.12
41
Example: DHCP Relay Agents
Each network may be equipped with a DHCP relay
Typically built into a router
DHCP Server
10.1.4.2
10.1.1.10
10.1.1.11
10.1.1.12
10.1.2.11
2
10.1.4.1
10.1.1.1
DHCP DISCOVER
(Unicast)
10.1.2.1
Router &
DHCP Relay
Assuming all networks are /24
1
DHCP
DISCOVER
New client
10.1.2.12
42
Example: DHCP Relay Agents
Each network may be equipped with a DHCP relay
Typically built into a router
DHCP Server
10.1.4.2
10.1.1.12
10.1.2.11
DHCP OFFER
10.1.1.10
10.1.1.11
3
5
10.1.4.1
10.1.1.1
DHCP
OFFER
10.1.2.1
Router &
DHCP Relay
Assuming all networks are /24
4
Client
accepts IP
New client
10.1.2.12
43
Example: DHCP Relay Agents
Each network may be equipped with a DHCP relay
Typically built into a router
DHCP Server
8
DHCP ACK
10.1.1.10
10.1.1.11
10.1.1.12
10.1.4.1
10.1.1.1
10.1.4.2
DHCP
REQUEST
6
DHCP
REQUEST
10.1.2.1
Router &
DHCP Relay
Assuming all networks are /24
10.1.2.11
7
DHCP
ACK
9
New client
10.1.2.12
44
Network Address Translation
(NAT)
Network Address Translation
NAT – Network Address Translation
A function that translates the address of
datagrams into a new address
Typically, original address is private (unroutable)
New address is public and routable
46
Private Addresses
Internet routers will not route packets whose
destination addresses fall within these ranges
47
Basic NAT Operation
Address Translation Table:
Inside
Outside
10.0.0.3
158.108.3.4
NAT Router
SA = 10.0.0.3
DA = 128.23.2.2
SA = 158.108.3.4
DA = 128.23.2.2
SA = 128.23.2.2
DA = 10.0.0.3
SA = 128.23.2.2
DA = 158.108.3.4
48
Address Pooling
SA = 10.0.0.2
DA = 130.2.1.5
SA = 10.0.0.3
DA = 128.23.2.2
SA = 158.108.3.5
NAT Router
DA = 130.2.1.5
SA = 158.108.3.4
DA = 128.23.2.2
Address Translation Table:
Inside
Outside
10.0.0.3
10.0.0.2
158.108.3.4
158.108.3.5
158.108.3.6
:
49
Advantages of Using NAT
Eliminates need to reassign addresses when
changing to a new ISP
Protects network security
Balances load
SA = 202.1.3.8
DA = 158.108.1.6
10.1.1.1
Internet
SA = 128.23.2.2
DA = 158.108.1.6
10.1.1.2
Preserves IP addresses
50
Port Translation
Single public IP address is mapped to
multiple hosts in a private network
In this case, NAT router modifies the port
numbers for outgoing traffic
Known as NAPT or PAT
51
NAPT Operation
Address Translation Table:
Inside
Outside
10.0.0.3:2322
158.108.3.4:4511
NAT Router
SA = 10.0.0.3:2322
DA = 128.23.2.2:80
SA = 158.108.3.4:4511
DA = 128.23.2.2:80
SA = 128.23.2.2:80
DA = 10.0.0.3:2322
SA = 128.23.2.2:80
DA = 158.108.3.4:4511
52
NAT/NAPT for Home Users
Wireless router has NAT/NAPT functionality
built in
Along with DHCP and switch functionalities
192.168.1.11
Map all IP
addresses to single
routable address
Wireless Router
Internet
DSL/Cable Modem
192.168.1.9
192.168.1.5
192.168.1.6
53