Remote Procedure Call Implementations
Download
Report
Transcript Remote Procedure Call Implementations
IP: putting it all together
Part 2
G53ACC
Chris Greenhalgh
1
Contents
Fragmentation
Error reporting (ICMP)
Auto-configuration
Network Address Translation
2
Fragmentation
IP allows datagram sizes up to 64Kbytes
Physical networks often only support
smaller frame types (Maximum
Transmission Unit, MTU):
– E.g. Ethernet 1500bytes, dialup PPP ~256bytes
Single IP datagram may need to be
divided into “fragments” for transmission…
3
IP fragmentation
Each fragment is a (new) IP packet
–
–
–
–
Has IP header, original source & destination
Identification field same for each fragment
Fragment offset identifies what bit it is
“More Fragments” flag set in all but last
fragment
4
Fragmenting packets
May be done by sending host
May be done by intermediate router:
May be prevented with IP “Do not
fragment” flag
– ICMP fragmentation required response if a
router would have needed to fragment it
– Used by TCP to learn path MTU and avoid
fragmentation
5
Reassembling fragments
Done ONLY by the ultimate destination of
the packet
– After checking header checksum and
destination, but before any more processing
Maintains a pool of fragments
– Discarded after a time-out
– If all fragments of a datagram received the
datagram is reassembled and handled as before
6
Fragmentation and
reassembly issues
Lose one segment and you lose the whole
message
– Bad if segment loss is likely or
number of segments is large
E.g. NFS v.2 used UDP, v.3 uses TCP
– because block size 8K -> 32K
– many more segments!
=> higher effective packet loss rate with UDP
and more wasted bandwidth
7
Error reporting
IP includes Internet Control Message Protocol
(ICMP) RFC 792
ICMP messages sent in IP packets
– (i.e. same protocol level as UDP or TCP)
– IP protocol number 2
Not seen by applications - between hosts or
routers OSs only
– Error messages
– Informational messages (mostly superceded by DHCP)
NOTE: some may be dropped by firewalls to
avoid possible attacks e.g. denial of service (but
makes diagnosis of problems harder)
8
ICMP message types
9
ICMP Error messages (i)
Source Quech
– router to host, please slow down (buffer
overflow)
Time exceeded
– datagram discarded due to TTL=0 or lost
fragment
can be used to trace a route by gradually increasing
TTL and seeing which router it gets to before timing
out
See commands: tracert (windows), traceroute (unix)10
ICMP error messages (ii)
Destination unreachable
– datagram discarded by router because host or network
not reachable
– Datagram discarded by host because UDP/TCP port not
in use
Redirect
– datagram sent to wrong next hop (gives alternative)
Fragmentation required
– if fragmentation not allowed but necessary
can be used to determine path MTU (maximum transmission
unit)
11
ICMP informational messages
Echo Request/Reply
– ICMP software sends Reply when receives Request
test computer accessible (e.g. ping)
Address mask request/reply
– allow host on booting to query local router for netmask
(see DHCP, later)
Gateway discovery
– allow host on booting to find default router (see DHCP)
12
Auto-configuration - low-level
ICMP address mask request/reply
– => netmask
Reverse ARP (RARP) RFC 903
– send Ethernet address and a server returns your
IP address
ICMP gateway discovery
– => default route
13
Auto-configuration - higherlevel (i)
Bootstrap Protocol (BOOTP)
RFC 951 and RFC 1542
– single BOOTP request
– BOOTP server replies with IP address, Router
IP address, server information
– requires server configuration for each machine
14
Auto-configuration - higher
level (ii)
Dynamic Host Configuration Protocol
(DHCP) RFC 1541
–
–
–
–
conceptually an extension of BOOTP
server can maintain pool of IP addresses
no configuration for a new machine
but IP address (and therefore domain names)
may change each time a machine is booted
15
Network Address Translation:
motivations
IP requires every machine to have a unique
IP address
– But there are not enough IPv4 addresses to go
round so…
– Allow sites to have their own internal private
addresses
– And share just a few global IP addresses
between all of their machines
16
Network Address Translation
– NAT device at boundary between private
network and Internet
translates to and from internal private addresses…
17
Simple NAT
Maps between an internal private IP address
and an external global IP address
– E.g. for a server machine
– NAT device is configured (by hand?!) with the
address mapping
– Re-writes IP packet headers when forwarding:
18
Network Address and Port
Translation (NAPT)
Allows a single external IP to be shared by
many private IPs
– By changing port numbers as well as IP
addresses:
19
Configuring NAPT
Can be statically configured
– E.g. for a web server
External IP, port 80 Internal server IP, port 80
Can be dynamically configured by outgoing
connections/packets
– For normal clients, e.g. accessing external
servers…
– NB. Does NOT allow external hosts to initiate
connections to internal hosts (good security )
20
NAPT dynamic configuration
example
Internal IP IA, port PA sends a packet to external IP
IB, port PB…
– IP header has IPs, UDP/TCP header has ports
NAT device sees outgoing packet
– Chooses a currently unused port number PC
– for its own global IP address, IC
– Creates a new translation mapping
IA, PA IC,PC (leaves external IP/port)
– Discards mapping if unused for some time
(configurable)
21
NAT/NAPT deployment
Most ISPs
– Hence need to apply specifically for “static”
(globally routable) IP addresses
Many home/small office firewalls and
broadband routers
22
Additional NAT/NAPT issues
Internet server sees NAT device’s IP address and
translated port number (if NAPT)
Private network client only knows its private IP
address and local port
Client IP address not transferable (correct or
useful) outside the NAT device
– E.g. RMI references passed from client to server will
contain private IP and so won’t work for server
– The client and server will disagree about what they
consider the client’s IP address to be (security issue?!)
23