CSCE 790: Computer Network Security

download report

Transcript CSCE 790: Computer Network Security

CSCE 515:
Computer Network Programming
Chin-Tser Huang
[email protected]
University of South Carolina
Internet Protocol (IP)



Workhorse of TCP/IP protocol suite
Upper layer data (TCP, UDP, ICMP,
IGMP, etc.) are transmitted as IP
datagrams
Provide unreliable and connectionless
datagram delivery service
2/3/2005
2
IP Header
2/3/2005
3
IP Demultiplexing
TCP
ICMP
UDP
IGMP
IP
2/3/2005
4
IP Options



A variable-length list of optional information
for the datagram
Always end on 32-bit boundary
Options defined in IPv4 include





2/3/2005
Security and handling restrictions
Record route
Timestamp
Loose source routing
Strict source routing
5
IP Routing



Done on a hop-by-hop basis
If destination is directly connected or on
a shared network, send IP datagram
directly to destination
Otherwise send datagram to a default
router
2/3/2005
6
Routing Table

Each entry contains following
information




2/3/2005
Destination IP address
IP address of next-hop router
Flags
Specification of network interface
7
Subnet Addressing

Class B
To make better use of class A and class B
addresses, divide host ID into subnet ID and
host ID
1 0
14
netid
1 0
14
netid
2/3/2005
16
hostid
8
subnetid
8
hostid
8
Subnet Mask

32-bit value containing “1” bits for network ID
and subnet ID, and “0” bits for host ID
14
netid
1 0
8
subnetid
8
hostid
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 =0xffffff00
=255.255.255.0
2/3/2005
9
ifconfig Command




Available at /usr/sbin
Configure or query a network interface
used by TCP/IP
Support address families other than IP
address
-a option to display report of all
interfaces
2/3/2005
10
netstat Command







Available at /usr/bin
Display network status
-a option to display state of all sockets, all
routing table entries, or all interfaces
-i option to display interface information
-n option to print IP addresses instead of
host names
-r option to display routing table
-M option to display multicast routing table
2/3/2005
11
Problems with Current IP



32-bit IP addresses are inadequate for
Internet growth
Limited support for extensions and
options
Lack of security features
2/3/2005
12
Future of IP: IPv6



Designed to be successor of IPv4
Specified in RFC 1883
Five major changes from IPv4





2/3/2005
Expanded Addressing Capabilities
Header Format Simplification
Improved Support for Extensions and Options
Flow Labeling Capability
Authentication and Privacy Capabilities
13
IPv6 Header
0
2/3/2005
31
14
IPv6 Extension Headers
2/3/2005
15
Next Class




ICMP
Ping and traceroute
Routing principles
Read TI Ch. 6, 7, 8, 9
2/3/2005
16