Data Link Layer Switching
Download
Report
Transcript Data Link Layer Switching
Internet
Foreleser: Carsten Griwodz
Email: [email protected]
10. Mar. 2004
1
INF-3190: Internet
Internet Protocol Stack
and Some Well-known Protocols
Application
layer
TCP
UDP
Network
layer
IP
+ ICMP
+ ARP
WANs
ATM
10. Mar. 2004
LLC & MAC
physical
Transport
layer
LANs
Data link and
Physical layer
MANs
2
INF-3190: Internet
Internet Protocol
IP
Defined for the first time in 1981
J. Postel
RFC 791, September 1981
Connectionless service (datagram)
Provide best-efforts (not guaranteed) way to transport
datagrams
From source to destination
Without regard whether
these machines are on the same network
there are other networks in between
Packet length
10. Mar. 2004
In theory: up to 64 kBytes
In real life: approx. 1500 Bytes
3
INF-3190: Internet
IP Segmentation/Reassembly
Transparent segmentation
Non-transparent segmentation
Used in the Internet
10. Mar. 2004
4
INF-3190: Internet
IPv4 Datagram Format
4 bits
Version
Internet Network
Layers Headers
16 values
Protocol specific fields
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
10. Mar. 2004
Not in use
Not in use
Not in use
Not in use
Internet Protocol, version 4
Stream Protocol (ST, ST-II)
Internet Protocol, version 6
IPv77, TP/IX, CATNIP
PIP
TUBA
Not in use
Not in use
Not in use
Not in use
Not in use
Not in use
Version
5
IPv4: dominant version
IPv6: upcoming successor to IPv4
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
Type of service
Header Length (IHL) (in
32 bit words)
at least 5 words with 32
bit each = 20 bytes
at most 15 words with
32 bit each = 60 bytes
D T R C
1 bit unused
C (1 bit): low cost
R (1 bit): high reliability
T (1 bit): high throughput
D (1 bit): low delay
Precedence (3 bit)
10. Mar. 2004
priority 0 (normal) ...7 (network control)
influences the queuing scheme (and not
routing)
6
Type of Service
Original definition
OLD definition
Was ignored by routers
Redefined by DiffServ
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
DS
DS Field
Differentiated Services
Field
New definition
0 0
Class selector codepoints
If of the form xxx000
Differentiated Services Codepoint
10. Mar. 2004
xxxxx0 reserved for standardization
xxxx11 reserved for local use
xxxx01 open for local use, may be
standardized later
7
NEW definition
DiffServ compliant
Not widely deployed yet
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
DS
Identification
Total length
full length including the data
stated in bytes
all hosts must be prepared to accept datagrams of up to 576 bytes
recommendation:
Total length
send larger datagrams only if assured that destination can handle these
max. 65.535 byte, often approximately 1500 byte
Identification
necessary for destination to determine datagram a fragment belongs to
all fragments of a datagram contain same identification value
10. Mar. 2004
8
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
DS
Identification
Flags
1 bit unused
DF (1 bit): don’t fragment
Routers must be able to handle packets with 576 or fewer bytes
MF (1 bit): more fragments
DM
Total length
Fragment offset
last fragment marked 0
Fragment offset
offset of this fragment, i.e. the position within a datagram
stated in multiples of 8 bytes (elementary frament unit)
13 bits max. 8192 fragments / datagram max. datagram len. 65536 bytes
10. Mar. 2004
9
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
DS
Identification
Time to live
Protocol
Time To Live (TTL)
DM
Total length
Fragment offset
life cycle in seconds, max. 255 sec
when 0: drop packet, feedback to sender
must be decremented per hop, in practical use: counts hops (not seconds)
Protocol type of higher level protocol for transmission
1–
2–
3–
4–
5–
6–
…
10. Mar. 2004
ICMP
IGMP
GGP
IP
ST
TCP
Internet Control Message Protocol
Internet Group Management Protocol
Gateway to Gateway Protocol
IP in IP tunneling
ST-II in IP tunneling
TCP
10
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
DS
Total length
Identification
DM
Fragment offset
Time to live
Protocol
Header checksum
Source address
Destination Address
Header Checksum
to detect errors generated by bad memory words inside an IS
observed each time when datagram is received (both in IS and ES)
if necessary datagram is dropped
certain summation of the header words
must be recomputed at each hop (due to change in Time-to-Live field)
Source Address
addition of all 16-bit halfwords in one’s complement arithmetic
and use one’s complement of result (assume this field as zero upon arrival)
sender’s IP address
Destination Address
receiver’s IP address
10. Mar. 2004
11
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
Type
PRE of service
ToS
Total length
Identification
DM
Fragment offset
Time to live
Protocol
Header checksum
Source address
Destination Address
Options (0 or more)
Padding
Data
Options
options for routing, testing and debugging
conceptual design: as an enhancement for future versions
variable length: each begins with 1-byte identification code
Padding
Example options
security: security degree, exclusion
of routes, ignored in practice
strict source routing: sender
specifies exact route
loose source routing: sender
specifies list of routers to visit
record route: store IP addresses of
routers
timestamp: like record route, but
also timestamp added at router
fill up to the word limit
Data
field for user data
10. Mar. 2004
12
INF-3190: Internet
IPv4 Datagram Format
Example option: record route
128.2.3.4
128.7.1.3
128.2.14.16
128.10.4.12
128.7.8.9
128.9.12.4
128.10.4.2
128.9.3.17
Sender
Receiver
IS
Options
P 128.2.14.16
Payload
Record Route Option
10. Mar. 2004
128.2.3.4
empty
128.7.8.9
empty
13
128.10.4.12
empty
128.9.3.17
empty
empty
INF-3190: Internet
Internet Control Message Protocol (ICMP)
History
J. Postel
RFC 792, Sept. 1981
Purpose
to communicate network layer information
mostly error reporting
e.g. in ftp, telnet, http appears "destination network unreachable"
ICMP origin, e.g.:
a router was unable to find the given destination address
router sent back ICMP (Type 3) packet
sending host received the packet, returned error code to TCP
TCP returned error code to application (e.g. ftp, telnet, http)
between hosts, routers (and gateways)
ICMP messages are sent as IP packets
i. e. the first 32 bits of the IP data field are ICMP headers
10. Mar. 2004
14
INF-3190: Internet
Internet Control Message Protocol (ICMP)
Header structure
Type
Code
Checksum
16 types, a. o.
Type
destination or port or protocol unreachable
fragmentation necessary but DF (don’t fragment) DF is set
source route failed, redirect (for routing)
echo-request and echo-reply (e.g. for "ping" program)
source quench (packet for congestion control)
Code
states cause if type is "destination unreachable"
10. Mar. 2004
e. g. net, host, protocol, port unreachable or
fragmentation needed, source route failed
15
INF-3190: Internet
Internet Addresses and
Internet Subnetworks
Original global addressing concept for the Internet
For addressing end systems and intermediate systems
each network interface (not ES) has its own unique address
5 classes
7
Network
A
0
B
10
C
11 0
1 11 0
1 1 11
24
Host
14
Network
16
Host
21
Network
8
Host
28
Multicast address
28
Reserved
ICANN (Internet Corporation for Assigned Numbers and Names)
manages network numbers
delegates parts of the address space to regional authorities
10. Mar. 2004
16
INF-3190: Internet
Internet Address and
Internet Subnetworks
Networks grow and should be somehow structured
several networks instead of one preferable
but getting several address areas is hard
since address space is limited
e.g., university may have started with class B address, doesn’t get second
one
Problem
class A, B, C refer to one network, not collection of LANs
Allow a network to be split into several parts
for internal use
still look like single network to outside world
10. Mar. 2004
17
INF-3190: Internet
Internet Address and
Internet Subnetworks
Idea
e.g. address
129.8.7.2:
Subnet mask:
Subnet address:
local decision for subdividing host share
into subnetwork portion and end system portion
10
14
Network
6
Subnet
16
10
Host Host
1 00 0 0 00 1 0 00 0 1 00 0 0 00 0 0 11 10 0 0 00 0 1 0
&
&
1 11 1 1 11 1 1 11 1 1 11 1 1 11 1 1 10 00 0 0 00 0 0 0
1 00 0 0 00 1 0 00 0 1 00 0 0 00 0 0 10 00 0 0 00 0 0 0
To write down subnet address
with subnet mask use either
129.8.4.0/255.255.252.0
or
129.8.4.0/22
Use “subnet mask” to distinguish network and subnet part from
host part
Routing with 3 levels of hierarchy
Algorithm in router
(by masking bits: AND between address and subnet mask):
10. Mar. 2004
packet to another network (yes, then to this router)
packet to local end system (yes, then deliver packet)
packet to other subnetwork (yes, then reroute to appropriate router)
18
INF-3190: Internet
CIDR: Classless InterDomain Routing
Subnetting not good enough
Too many organizations require addresses
in principle many addresses due to 32-bit address space
but inefficient allocation due to class-based organization
class A network with 16 million addresses too big for most cases
class C network with 256 addresses is too small
most organizations are interested in class B network, but there are only 16384 (in
reality, class B too large for many organizations)
Large number of networks leads to large routing tables
Introduction of CIDR (Classless InterDomain Routing) (RFC1519)
CIDR Principle
to allocate IP addresses in variable-sized blocks
e.g., request for 2000 addresses would lead to
(without regard to classes)
assignment of 2048 address block starting on 2048 byte boundary
but, dropping classes makes forwarding more complicated
10. Mar. 2004
19
INF-3190: Internet
CIDR: Classless InterDomain Routing
Search for longest matching prefix
if several entries with different subnet mask length may match
then use the one with the longest mask
i.e., AND operation for address & mask must be done for each table
entry
Entries may be aggregated to reduce routing tables
194.24.0.0/21
Router
194.24.8.0/22
194.24.0.0/19
Router
Router
Unassigned
194.24.16.0/20
10. Mar. 2004
20
194.24.12.0/22
Router
INF-3190: Internet
IP Version 6 (IPv6)
Motivation for IPv6: problems with IPv4
Background & Status
Too few addresses
Bad support for QoS
Bad support for mobility
Many other shortcomings …
1990:
1992:
1993:
Call for Proposals
21 variants, with 7 possible candidates
combination of 2 candidates:
S. Deering and Francis (Xerox, Palo Alto)
result:
RFC 1883-87 protocol, addressing, ICMP,
RFC 1825-29, newer ones appeared later
(RFC2460-2466)
since 2000: possibility to expand but still debate about its future
Status of IPv6 at IFI
First IPv6-capable routers installed
Should work in summer
10. Mar. 2004
21
INF-3190: Internet
IPv6 Objectives
To support billions of end systems
To reduce routing tables
To simplify protocol processing
simplified header
security means integrated
To support real-time data traffic
To be open for change (future)
Addressing IPv4
limitations
flow label, traffic class
To provide multicasting
To support mobility (roaming)
Scalability
To increase security
longer addresses
extension headers
To coexist with existing protocols
10. Mar. 2004
22
Coexistance
INF-3190: Internet
IPv6 vs. IPv4
Internet Network
Layers Headers
Version
Protocol specific fields
4 bits
16 values
10. Mar. 2004
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Not in use
Not in use
Not in use
Not in use
Internet Protocol, version 4
Stream Protocol (ST, ST-II)
Internet Protocol, version 6
IPv77, TP/IX, CATNIP
PIP
TUBA
Not in use
Not in use
Not in use
Not in use
Not in use
Not in use
23
INF-3190: Internet
IPv6 vs. IPv4
IPv4 Header
Version
IHL
Type
PRE of service
ToS
Total length
Identification
DM
Fragment offset
Time to live
Protocol
Header checksum
Source address (32 bit)
Destination Address (32 bit)
Protocol Next Header
Options (0 or more)
contains identification
Either transport layer protocol
Or first option
Total Length Payload Length
length including the data (but
without the 40 byte header)
actually a maximum of 65.535
byte (plus 40 byte header)
Version Priority
Payload length
min. 576 byte
possibly extension via
"Jumbogram" options (but then
no fragmentation)
a maximum of 65.535 byte may
not be enough for a major data
transmission
Hop Limit
Source address
(128 bit)
Destination Address
(128 bit)
IPv6 Header
10. Mar. 2004
Flow label
Next header
25
INF-3190: Internet
IPv6 vs. IPv4
IHL
Identification
ToS
DM
Fragment offset
Header checksum
Constant header length
IPv4 Type of Service
Precedence replaced by
priority
D T R C-Bits (QoS)
Options (0 or more)
eliminated and replaced
by "Flow label"
Identification, flags, fragment offset
if still too large packet is sent, then error message
L4 should then take over this task and
transfer the PDU with the appropriate size to L3
Header checksum
L2 and L4 have sufficient mechanisms
Communication channels better nowadays, at the expense of the
performance
10. Mar. 2004
26
INF-3190: Internet
IPv6 vs. IPv4
IHL
Identification
ToS
DM
Fragment offset
Header checksum
Options (0 or more)
IPv6 options
Are not part of the
header
Follow the header
Version Priority
Payload length
Flow label
Next header
Hop Limit
Source address
(128 bit)
Indicated by “next
header” field
Destination Address
(128 bit)
10. Mar. 2004
27
INF-3190: Internet
IPv6 Header Fields
Version Priority
Payload length
Flow label
Next header
IPv6 Header
Hop Limit
Priority
Source address
differentiation of sources
lower number < lower
priority
Destination Address
With flow control
0
1
2
3
4
5
6
7
Not characterized
Filler
Unattended
Reserved
Attended bulk transfer
Reserved
Interactive
Internet management
10. Mar. 2004
Without flow control
8
9
10
11
12
13
14
15
Continuous rate traffic
28
INF-3190: Internet
IPv6 Header Fields
Version Priority
Payload length
Flow label
Next header
Hop Limit
TIME to live = Hop limit
Source address
Destination Address
life cycle in number of
hops, max. 255
this may not be sufficient,
presently usually approx.
32 hops
Flow Label
Definition may still change (experimental)
Flow = Tupel (source ID, dest ID, No.)
Pre-defined
Handling defined by external auxiliary protocol
10. Mar. 2004
29
INF-3190: Internet
IPv6 Header Fields
Version Priority
Payload length
Flow label
Next header
Hop Limit
Source address
Example options
Hop-by-hop options
Routing
Destination Address
Next Header
10. Mar. 2004
information about
encrypted content
Description options
30
verfication of the sender’s
identity
Encrypted security payload
management of datagram
fragments
Authentication
contains either
transport layer protocol
identification
Or
options
full or partial route to
follow
Fragmentation
miscellaneous information
for routers
additional information for
the destination
INF-3190: Internet
IPv6 Addresses
10. Mar. 2004
Prefix (binary)
Usage
Fraction
0000 0000
0000 0001
0000 001
0000 010
0000 011
0000 1
0001
001
010
011
100
101
110
1110
1111 0
1111 10
1111 110
1111 1110 0
1111 1110 10
1111 1110 11
1111 1111
Reserved (including IPv4)
Unassigned
OSI NSAP address
Novell Netware IPX addresses
Unassigned
Unassigned
Unassigned
Unassigned
Provider-based addresses
Unassigned
Geographic-based addresses
Unassigned
Unassigned
Unassigned
Unassigned
Unassigned
Unassigned
Unassigned
Link local use addresses
Site local use address
Multicast
1/256
1/256
1/128
1/128
1/128
1/32
1/16
1/8
1/8
1/8
1/8
1/8
1/8
1/16
1/32
1/64
1/128
1/512
1/1024
1/1024
1/256
31
INF-3190: Internet
IPv6 Addresses and Anycast
Provider based: approx. 16 mio. companies allocate addresses
Geographically based: allocation as it is today
Link, site-used: address has only local importance (security, Firewall
concept)
Should make NAT (network address translation) useless
Anycast definition
previously
now (new)
anycast
send data to one member of a group
unicast, broadcast and multicast
for example to the member which is the nearest one geographically
i.e. a system within a pre-defined group is to be accessed
Anycast application
To search for the nearest web-server
To locate the nearest router of a multicast group
10. Mar. 2004
in order to participate in group communication
32
INF-3190: Internet