Transcript Introduction to computer networkd #9

Network Protocols
IP addressing – Classes
IP packet format
ARP and RARP
ICMP
The Function of Protocols
• As protocols serve their functions in the OSI model, they
might work at one or many layers
• When a set of protocols works cooperatively, it’s called a
protocol stack or protocol suite
– The most common protocol stack is TCP/IP, the Internet
protocol suite
– IPX/SPX, used in older versions of Novell NetWare, is
disappearing as companies upgrade to newer versions of
NetWare
– Levels of a protocol stack map to their functions in the OSI
model
2
Routable vs. Nonroutable Protocols
• The network layer (OSI) is responsible for moving data
across multiple networks
– Routers are responsible for routing process
• Protocol suites that function at Network layer are
routable or routed protocols; otherwise, they are called
nonroutable
– TCP/IP and IPX/SPX are routable protocols
– An older and nearly obsolete protocol, NetBEUI, is a
nonroutable protocol that works well in small networks,
but its performance drops considerably as a network
grows.
3
Protocols in a Layered Architecture
4
Network Protocols
• Some popular network protocols include:
– Internet Protocol version 4 (IPv4 or simply IP)
• Provides addressing and routing information
– Internetwork Packet Exchange (IPX)
• Novell’s protocol for packet routing and forwarding
• Belongs to the IPX/SPX protocol suite
• Serves many of the same functions as TCP/IP’s IP
– Internet Protocol version 6 (IPv6)
• A new version of IP that’s being implemented on many
current networking devices and operating systems
– Addresses some weaknesses of IPv4
5
Common Protocol Suites
• Because most protocols contain a combination of
components, these components are usually bundled as
a protocol suite
– TCP/IP
• Dominates the networking arena to the point of making
most of the other suites nearly obsolete
– IPX/SPX
– NetBIOS/NetBEUI
– AppleTalk
6
TCP/IP Network Layer Protocols
• Internet Protocol version 4 (IPv4) is a Network layer
protocol that provides source and destination
addressing and routing for the TCP/IP suite
– Connectionless protocol; fast but unreliable
• Internet Control Message Protocol (ICMP) is a Network
layer protocol used to send error and control messages
between systems or devices
– The Ping utility uses ICMP to request a response from a
remote host to verify availability
• Address Resolution Protocol (ARP) resolves logical (IP)
addresses to physical (MAC) addresses
7
IP Service
• IP provide provides an unreliable connectionless best effort service
(also called: “datagram service”).
– Unreliable: IP does not make an attempt to recover lost packets
– Connectionless: Each packet (“datagram”) is handled
independently. IP is not aware that packets between hosts may
be sent in a logical sequence
– Best effort: IP does not make guarantees on the service (no
throughput guarantee, no delay guarantee,…)
• Consequences:
– Higher layer protocols have to deal with losses or with duplicate
packets
– Packets may be delivered out-of-sequence
8
IP Service
• IP supports the following services:
• one-to-one
• one-to-all
• one-to-several
unicast
broadcast
(unicast)
(broadcast)
(multicast)
multicast
• IP multicast also supports a many-to-many service.
• IP multicast requires support of other protocols (IGMP,
multicast routing)
9
Internet Addresses (IP Addresses)
• Defined when IP was standardized in 1981
• IP addresses are 32-bit long and consist of:
– a network address part – network identifier
– a host address part – host number within that network
• IP addresses are grouped into classes (A,B,C) depending
on the size of the network identifier and the host part of
the address
• A fourth class (Class D) was defined later (1988) for
Multicast addresses
Internet Address Classes
11
Internet Address Classes
12
Internet Address Classes
0
Class A
8
0
NETWORK
Class B
10
Class C
110
Class D
Class E
16
1110
11110
24
32 bits
HOST (24 BITS)
NETWORK
HOST (16 BITS)
NETWORK
HOST (8 BITS)
IP MULTICAST ADDRESSES (28 BITS)
RESERVED FOR EXPERIMENTS
13
IP Addressing - Classes
• Class A: first octet between 1-126
– 126 networks (0 and 127 reserved)
– Assigned to very large size networks
– 65K < number of hosts < 16M
• Class B: first octet between 128-191
– 16384 networks
– Assigned to Intermediate size networks
– 256 < number of hosts < 65K
14
IP Addressing - Classes
• Class C: first octet between 192-223
– 2097152 networks
– Assigned to smaller networks
– hosts < 256
• Class D: first octet between 224-239
– Reserved for multicasting
• Class E: first octet between 240-255
– Reserved for experimental use
15
Internet Address Classes
Class
Lowest Network Identifier
Address
Highest Network Identifier
Address
A
1.0.0.0
126.0.0.0
B
128.0.0.0
191.255.0.0
C
192.0.0.0
223.255.255.0
D
224.0.0.0
239.255.255.255
E
240.0.0.0
247.255.255.255
16
Dotted Decimal Notation
• Internet addresses are represented in text by the
dotted decimal notation
– each byte is written in decimal values (from 0 to 255)
• example:
10000000 00001010 00000010 00011110
is written as 128. 10. 2. 30
Uniqueness of IP Addresses
• Network numbers are assigned by a central authority
– The Internet Network Information Center (InterNIC)
– Another authority, the IANA – Internet Assigned Numbers
Authority sets policy
• Network numbers are unique worldwide
• Host numbers are assigned by network managers
– They must be unique within a given network
• Thus, IP addresses are unique worldwide.
Example
Find the class of each address:
A- 227.12.14.87
B- 193.14.56.22
D- 252.5.15.111
E- 134.11.78.56
C- 14.23.120.8
Solution
A. The first byte is 227 (between 224 and 239); the class is
B. The first byte is 193 (between 192 and 223); the class is
C. The first byte is 14 (between 0 and 127); the class is
D. The first byte is 252 (between 240 and 255); the class is
E. The first byte is 134 (between 128 and 191); the class is B.
D.
C.
A.
E.
19
Special Purpose IP Addresses
• 0.0.0.0
– Means this host, used by machines as source address when
they boot up (if they don’t know their IP address, and need to
get it from a boot server)
• 255.255.255.255
– Means limited broadcast. Used as a destination address to
send packets to all hosts on the local network where the
source is. Packets sent to this address are never relayed
• Network part all zeros
– Means the host on this network
20
Special Purpose IP Addresses
• Host part all ones
– Broadcast address on the network specified in the network
identifier; routers typically do not forward these datagrams
• Host part all zeros
– Broadcast address on the network specified in the network
identifier (it was an implementation error in some networks)
21
Special Purpose IP Addresses
• 127.x.x.x
– Means loopback (datagrams are looped back in software;
they are not sent on any physical interface)
• 224.0.0.1
– Multicast address for “All systems on this subnetwork”
• 224.0.0.2
– Multicast address for “All routers on this subnetwork”
IPv4 versus IPv6
• IP version 6 (IPv6) has been defined and developed.
• IPv6 uses 128 bits rather than the 32 bits currently used
in IPv4.
• IPv6 uses hexadecimal numbers to represent the 128
bits.
IPv4
Translating Between IP and MAC
Addresses (ARP and RARP)
• Each interface has an IP address at Layer 3, and a
MAC address at Layer 2
• Assume that host A wants to send a packet to host B
(A and B on the same network)
• Host A knows the IP address of host B; however, in
order to transmit the packet, host A must somehow
know or find out what the MAC (layer 2) address of
host B is!
• Solution: the Address Resolution Protocol (ARP),
RFC826
Address Resolution Protocol
• Used to find the physical address of a target device on the
local physical network, given only the target’s IP address.
ARP mechanism:
– The source broadcasts a special packet asking the device with
target IP address to respond with a message carrying the (IP
address, physical address) mapping
– All devices on the local physical network receive the
broadcast, but only the target recognizes its IP address and
responds to the request
– When the source receives the reply, it sends the packet to the
target using the target’s physical address and places the
mapping in its cache.
ARP Process
ARP - example
t
ARP enables a
computer to
find the MAC
address of the
computer that is
associated with
an IP address.
ARP - example
All devices on
the network
receive the
packet and
pass to
network layer;
only one
device
responds with
an ARP reply.
ARP Message Format
0
8
16
24
HARDWARE TYPE
HLEN
PROTOCOL TYPE
PLEN
OPERATION
SENDER HA (octets 0-3)
SENDER HA (octetS 4-5)
SENDER IP (octetS 0-1)
SENDER IP (octetS 2-3)
TARGET HA (octets 0-1)
TARGET HA (octets 2-5)
TARGET IP (octets 0-3)
31
ARP Message
• HARDWARE TYPE: specifies type of hardware interface for
which the request is made (e.g., 1 for Ethernet)
• PROTOCOL TYPE: specifies high level protocol address
supplied in message (e.g. 0800 hex for IP)
• HLEN and PLEN: specify length of fields for hardware
address and protocol address respectively
• OPERATION: specifies if this is an ARP request or reply
message (1 for ARP request, 2 for ARP response, 3 for RARP
request and 4 for RARP response)
• HA and IP: hardware and IP addresses respectively
Reverse ARP - RARP
• Usually, a machine’s IP address is kept on its secondary
storage (OS finds it at start up)
• Issue : Diskless Workstations!
– files are stored on a remote server
– need IP address to use TCP/IP to obtain initial boot
image
• Solution : Use physical address to identify machine
• Given a physical network address, find the corresponding
Internet address
• Reverse Address Resolution Protocol (RARP), RFC903
RARP
• Mechanism
– Sender broadcasts a RARP request, supplying its physical
network address in the Target HA field
– Only machines authorized to supply the RARP service (RARP
servers) process the request and send a reply filling in the
target internet address
• Mechanism allows a host to ask about an arbitrary target
– thus sender HA is separate from target HA address
– RARP server replies to sender’s HA
• Ethernet frame Protocol Type for RARP is 8035 hex
RARP
The source
initiates a RARP
request, which
helps it detect its
own IP address.
Advanced ARP Concepts
• Default gateway
• Proxy ARP
Default Gateway
• Another term for a router
• If a computer does not know how to deliver a
packet, it sends the packet to the default gateway
• A router may be a dedicated hardware device or a
computer with multiple network cards
• The router must be on the same network as the
computer sending the packet
35
How ARP Sends Data to Remote
Networks?
Proxy ARP
Internet Control Message Protocol
• Architecturally above IP -- ICMP messages are carried in IP
packets and are demultiplexed at receiver.
• Transfer of (control) messages from routers and hosts to hosts
• Feedback about problems
– e.g. time to live expired, destination unreachable (e.g. no ARP
reply), checksum fails (header only!), no route to destination,
etc.
• Considered “part” of IP, but it is really a user of IP
– Encapsulated in IP datagram
– Not reliable
– ICMP messages sent in response to incoming datagrams with
problems
– ICMP message not sent for ICMP message
ICMP
Internet Control Message Protocol
• Used by hosts, routers,
gateways to
communication networklevel information
– error reporting:
unreachable host,
network, port, protocol
– echo request/reply
(used by ping)
• ICMP message: type, code
plus first 8 bytes of IP
datagram causing error
Type
0
3
3
3
3
3
3
4
8
9
10
11
12
Code description
0
echo reply (ping)
0
dest. network unreachable
1
dest host unreachable
2
dest protocol unreachable
3
dest port unreachable
6
dest network unknown
7
dest host unknown
0
source quench (congestion
control - not used)
0
echo request (ping)
0
route advertisement
0
router discovery
0
TTL expired
0
bad IP header
ICMP and Ping
• An internet host, A, is reachable from another host, B, if
datagrams can be delivered from A to B
• ping program tests reachability - sends datagram from
B to A that A echoes back to B
• Uses ICMP echo request and echo reply messages
• Internet layer includes code to reply to incoming ICMP
echo request messages
ICMP and MTU Discovery
• Fragmentation should be avoided for optimal
performance
• How can source configure outgoing datagrams to avoid
fragmentation?
• Source determines path MTU - smallest network MTU
on path from source to destination
• Source probes path using IP datagrams with don't
fragment flag
• Router responds with ICMP fragmentation required
message
• Source sends smaller probes until destination reached.
ICMP and Redirect
• Default route may cause extra hop
– Host A is sending a packet to Host B. Host A's default IP router
is router R1. Host A forwards the packet destined for Host B to
its default router R1.
– R1 checks its routing table and finds that the next hop for the
route to the network for Host B is router R2.
– If Host A and R2 are on the same network that is also directly
attached to R1, an ICMP Redirect message is sent to Host A
informing it that R2 is the better route when sending to Host B.
– Router R1 then forwards the IP datagram to R2.
– Host A adds a host route to its routing table for Host B's IP
address with router R2's IP address as the forwarding address.
Subsequent datagrams from Host A to Host B are forwarded by
means of router R2.
Internet Control Message Protocol
5-61
ICMP in Action
45
IP Packet Format
bit # 0
7 8
version
header
length
15 16
ECN
DS
Identification
time-to-live (TTL)
23
24
31
total length (in bytes)
0
D M
F F
protocol
Fragment offset
header checksum
source IP address
destination IP address
options (0 to 40 bytes)
payload
4 bytes
• 20 bytes ≤ Header Size < 24 x 4 bytes = 60 bytes
• 20 bytes ≤ Total Length < 216 bytes = 65536 bytes
46
IP header format
IP header format: Version
• 4 bits.
• Indicates the version of
IP currently used.
– IPv4 : 0100
– IPv6 : 0110
IP header format: Header length
• 4 bits.
• IP header length : Indicates the
datagram header length in 32 bit
words (4 bits), and thus points to
the beginning of the data.
IP header format: Service type
• 8 bits.
• Specifies the level of importance
that has been assigned by a
particular upper-layer protocol.
• Precedence.
• Reliability.
• Speed.
IP header format: Total length
• 16 bits.
• Specifies the length of the
entire IP packet, including
data and header, in bytes.
IP header format: Identification
• 16 bits.
• Identification contains an integer
that identifies the current datagram.
• Assigned by the sender to aid in
assembling the fragments of a
datagram.
IP header format: Flags
• 3 bits.
• The second bit specifying whether the
packet can be fragmented .
• The last bit specifying whether the packet
is the last fragment in a series of
fragmented packets.
IP header format: Fragment offset
• 13 bits.
• The field that is used to help piece together
datagram fragments.
• The fragment offset is measured in units of
8 octets (64 bits).
• The first fragment has offset zero.
IP header format: Time to Live
• 8 bits.
• Time-to-Live maintains a counter that
gradually decreases to zero, at which point
the datagram is discarded, keeping the
packets from looping endlessly.
IP header format: Protocol
• 8 bits.
• Indicates which upper-layer protocol receives
incoming packets after IP processing has
been completed
• 06 : TCP
• 17 : UDP
Fields of the IP Header
• Protocol (1 byte):
• Specifies the higher-layer protocol.
• Used for demultiplexing to higher layers.
4 = IP-in-IP
encapsulation
6 = TCP
17 = UDP
1 = ICMP
2 = IGMP
IP
57
IP header format: Header checksum
• 16 bits.
• A checksum on the header only,
helps ensure IP header integrity.
IP header format: Addresses
• 32 bits each.
• Source IP Address
• Destination IP Address
IP header format: Options
• Variable length.
• Allows IP to support various options,
such as security, route, error report ...
Fields of the IP Header
• Options:
– Security restrictions
– Record Route: each router that processes the
packet adds its IP address to the header.
– Timestamp: each router that processes the packet
adds its IP address and time to the header.
– (loose) Source Routing: specifies a list of routers
that must be traversed.
– (strict) Source Routing: specifies a list of the only
routers that can be traversed.
61
IP header format: Padding
• The header padding is used to ensure
that the internet header ends on a 32 bit
boundary.
Maximum Transmission Unit
• Maximum size of IP datagram is 65535, but the data link layer
protocol generally imposes a limit that is much smaller
• Example:
– Ethernet frames have a maximum payload of 1500 bytes
 IP datagrams encapsulated in Ethernet frame cannot be
longer than 1500 bytes
• The limit on the maximum IP datagram size, imposed by the
data link protocol is called maximum transmission unit (MTU)
• MTUs for various data link protocols:
Ethernet:
1500
FDDI:
802.3:
1492
ATM AAL5:
802.5:
4464
PPP:
4352
9180
negotiated
63
IP Fragmentation
• What if the size of an IP datagram exceeds the MTU?
IP datagram is fragmented into smaller units.
• What if the route contains networks with different MTUs?
FDDI
Ring
Host A
MTUs:
FDDI: 4352
Ethernet
Router
Host B
Ethernet: 1500
• Fragmentation:
• IP router splits the datagram into several datagram
• Fragments are reassembled at receiver
64
Where is Fragmentation done?
• Fragmentation can be done at the sender or at
intermediate routers
• The same datagram can be fragmented several times.
• Reassembly of original datagram is only done at destination
hosts !!
IP datagram
H
Fragment 2
H2
Fragment 1
H1
Router
65
Fragmentation and Reassembly
 Fragmentation takes place at the sender and routers
 Reassembly takes place at the receiver ONLY.
Fragment
at source
Reassemble
at destination
Source
IP
Router
Destination
Fragment
at router
Network
IP
Network
What’s involved in Fragmentation?
• The following fields in the IP header are involved:
version
header
length
DS
Identification
time-to-live (TTL)
Identification
protocol
total length (in bytes)
ECN
0
DM
F F
Fragment offset
header checksum
When a datagram is fragmented, the
identification is the same in all fragments
Flags
DF bit is set: Datagram cannot be fragmented and must
be discarded if MTU is too small
MF bit set: This datagram is part of a fragment and an
additional fragment follows this one
67
What’s involved in Fragmentation?
• The following fields in the IP header are involved:
version
header
length
DS
Identification
time-to-live (TTL)
Fragment offset
Total length
protocol
total length (in bytes)
ECN
0
DM
F F
Fragment offset
header checksum
Offset of the payload of the current
fragment in the original datagram
Total length of the current fragment
68
Example of Fragmentation
• A datagram with size 2400 bytes must be fragmented
according to an MTU limit of 1000 bytes
Header length: 20
Total length:
2400
Identification:
0xa428
DF flag:
0
MF flag:
0
Fragment offset: 0
Header length: 20
Total length:
448
Identification:
0xa428
DF flag:
0
MF flag:
0
Fragment offset: 244
IP datagram
Header length: 20
Header length: 20
Total length:
996
Total length:
996
Identification:
0xa428 Identification:
0xa428
DF flag:
0
DF flag:
0
MF flag:
1
MF flag:
1
Fragment offset: 122
fragment offset: 0
Fragment 3
MTU: 4000
Fragment 2
Fragment 1
MTU: 1000
Router
69
Determining the length of fragments
To determine the size of the fragments we recall that, since there are
only 13 bits available for the fragment offset, the offset is given as
a multiple of eight bytes. As a result, the first and second fragment
have a size of 996 bytes (and not 1000 bytes). This number is
chosen since 976 is the largest number smaller than 1000–20= 980
that is divisible by eight. The payload for the first and second
fragments is 976 bytes long, with bytes 0 through 975 of the
original IP payload in the first fragment, and bytes 976 through
1951 in the second fragment. The payload of the third fragment
has the remaining 428 bytes, from byte 1952 through 2379. With
these considerations, we can determine the values of the fragment
offset, which are 0, 976 / 8 = 122, and 1952 / 8 = 244, respectively,
for the first, second and third fragment.
70