ppt

Download Report

Transcript ppt 

Lecture powerpoints from the recommended textbook are by Lami Kaya, [email protected].
Lecture powerpoints are © 2009 Pearson Education Inc.
Their content has sometimes been edited by Andy Brooks.
NET0183 Networks and Communications
Lectures 19 and 20
Support Protocols: ARP and ICMP
8/25/2009
NET0183 Networks and Communications
by Dr Andy Brooks
1
The recommended textbook is Computer Networks and Internets by Douglas E. Comer
http://www.coursesmart.com/0136066992/?a=1773944
www.pearson-books.com/student (for additional discounts and offers)
8/25/2009
NET0183 Networks and Communications
by Dr Andy Brooks
2
23.2 Address Resolution
• A network does not know how to locate a computer from its
IP address.
• The next-hop address must be translated to an equivalent
MAC address.
• Translation from a computer's IP address to an equivalent
hardware address is known as address resolution.
– An IP address is said to be resolved to the correct MAC address.
• Address resolution is local to a network.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
3
Note: There are many different names for the same thing.
4
23.2 Address Resolution
Figure 23.1 An example internet of three networks.
• If router R1 forwards a datagram to router R2, router R1 will
resolve R2´s IP address to a MAC address.
• If host A sends a datagram to host B, A resolve´s B´s IP
address to B´s MAC address and sends the frame directly.
• If host A sends a datagram to host F, IP software on A
determines the datagram must pass through router R1, and
so resolves the address of R1.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
5
23.3 The Address Resolution Protocol (ARP)
• Most hardware has adopted the 48-bit Ethernet.
– link layer/MAC/hardware/Ethernet addresses are 6 bytes.
• The Address Resolution Protocol (ARP) is used to resolve
IP addresses.
• Consider Figure 23.2
– Suppose B needs to resolve the IP address of C
– B broadcasts a request that says:
“I'm looking for the MAC address of a computer that has IP address C”
– The broadcast only travels across one network.
– An ARP request message reaches all computers on a network.
– When C receives a copy of the request along with the other hosts,
only C sends a directed reply back to B that says:
“I'm the computer with IP address C, and my MAC address is M”
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
6
23.3 The Address Resolution Protocol (ARP)
Figure 23.2 Illustration of the ARP message exchange when computer B
resolves the address of computer C.
An ARP request message reaches
all the computers on the network.
An ARP reply message is sent
directly to the requesting host.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
7
23.4 ARP Message Format
• ARP protocol can be used to bind an arbitrary high-level
address to an arbitrary hardware address.
– address length fields are used
• In practice, the generality of ARP is seldom used as most
implementations of ARP are used to bind IP addresses to
Ethernet addresses.
• Figure 23.3 illustrates the format of an ARP message when
the protocol is used with an IP version 4 address (4 octets)
and Ethernet hardware address (6 octets).
– Each line of the figure corresponds to 32 bits of an ARP message.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
8
23.4 ARP Message Format
Figure 23.3 The format of an ARP message when binding an IPv4 address
to an Ethernet address.
Here, the ARP packet size is 28 bytes.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
9
23.4 ARP Message Format
• HARDWARE ADDRESS TYPE
– 16-bit field that specifies the type of hardware address being used
– the value is 1 for Ethernet
• PROTOCOL ADDRESS TYPE
– 16-bit field that specifies the type of protocol address being used
– the value is 0x0800 for IPv4
• HADDR LEN
– 8-bit integer that specifies the size of a hardware address in bytes
•
PADDR LEN
– 8-bit integer that specifies the size of a protocol address in bytes
•
OPERATION
– 16-bit field that specifies whether the message
• request (the field contains 1) or
• response (the field contains 2)
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
10
23.4 ARP Message Format
• SENDER HADDR
– HADDR LEN bytes for the sender's hardware address
• SENDER PADDR
– PADDR LEN bytes for the sender's protocol address
• TARGET HADDR
– HADDR LEN bytes for the target's hardware address
• TARGET PADDR
– PADDR LEN bytes for the target's protocol address
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
11
23.4 ARP Message Format
• When a request is sent the sender does not know the
target's hardware address - that is the information being
requested.
– Therefore, field TARGET HADDR in an ARP request can be filled
with zeroes (0s) because the contents are not used.
• In a response the target binding refers to the initial computer
that sent the request.
– The target address pair in a response serves no purpose.
• The inclusion of the target fields has survived from an early version of the
protocol.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
12
23.5 ARP Encapsulation
• When it travels across a physical network an ARP message
is encapsulated in a hardware frame.
• An ARP message is treated as data being transported and
the network does not interpret an ARP message.
• Figure 23.4 illustrates ARP encapsulation in an Ethernet
frame.
wired Ethernet frame header?
wireless Ethernet frame header?
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
13
23.5 ARP Encapsulation
• The type field in the frame header specifies that the frame
contains an ARP message.
• A sender must assign the appropriate value to the type field
before transmitting the frame.
• A receiver must examine the type field in each incoming
frame.
• Ethernet uses type field 0x806 to denote an ARP message.
• The value 0x806 is used for ARP requests and responses.
– A receiver must examine the OPERATION field in the message to
determine whether an incoming message is a request or a response.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
14
23.6 ARP Caching and Message Processing
• Sending an ARP request for each datagram is inefficient.
– Three (3) frames would traverse the network for each datagram
(an ARP request, ARP response, and the data datagram itself)
• Most communications involve a sequence of packets.
– A sender is likely to repeat the exchange many times.
• To reduce network traffic ARP software extracts and saves
the information from a response so it can be used for
subsequent packets.
– ARP maintains a small table of bindings in memory.
• ARP manages the table as a cache.
–
–
–
–
An entry is replaced when a response arrives.
The oldest entry is removed whenever the table runs out of space.
Entries are removed if they not been updated for a long period of time.
ARP starts by searching the cache when it needs to bind an address.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
15
23.6 ARP Caching and Message Processing
• If the binding is present in the cache, ARP uses the binding
without transmitting a request.
• If the binding is not present in the cache:
–
–
–
–
ARP broadcasts a request
waits for a response
updates the cache
and then proceeds to use the binding
• The cache is only updated when an ARP message arrives
(either a request or a response).
• Algorithm 23.1 outlines the procedure for handling an
incoming ARP message.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
16
23.6 ARP Caching and Message Processing
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
17
23.6 ARP Caching and Message Processing
• “To form the response, ARP begins with the incoming
message, reverses the sender´s and target´s bindings,
inserts its hardware address in field SENDER HADDR, and
changes the OPERATION field to 2, indicating a response.”
• Most computer communication involves two-way traffic so
extracting the sender's address binding helps optimize ARP
performance.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
18
23.7 The Conceptual Address Boundary
Figure 23.5
ARP hides the details of hardware addressing and allows
higher layers of software to use IP addresses.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
19
Viewing the contents of the ARP cache in Windows.
© 2009 Pearson Education Inc., Upper
Saddle River, NJ. All rights reserved.
20
23.8 Internet Control Message Protocol (ICMP)
• IP defines a best-effort communication service.
– datagrams can be lost, duplicated, delayed, or delivered out of order
• IP attempts to avoid errors and to report problems.
• We have already seen one example of error detection in IP:
– A header checksum is used to detect transmission errors
– When a host creates an IP datagram
• the host includes a checksum that covers the entire header
– Whenever a datagram is received
• the checksum is verified to ensure that the header arrived intact
• The IP header contains a TIME TO LIVE field used to
prevent a datagram from circulating forever.
– if the forwarding tables in routers incorrectly introduce a circular path
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
21
23.8 Internet Control Message Protocol (ICMP)
• Response to a header checksum error is the following:
– The datagram is discarded immediately without more processing.
– The receiver cannot trust any fields in the datagram header because
the receiver cannot know which bits were altered.
– The receiver cannot send an error message back to the sender
because the receiver cannot trust the source address in the header.
– The receiver has no option but to discard the damaged datagram.
• IP includes a companion protocol, ICMP, which is used to
report errors back to the original source.
• IP and ICMP are co-dependent:
– IP depends on ICMP to report errors
– ICMP uses IP to carry error messages
• Figure 23.6 lists key ICMP messages and their purpose.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
22
Note: The checksum is over the header and the data.
Note: Source Quench requests a host to reduce the rate at which datagrams are sent.
23
23.8 Internet Control Message Protocol (ICMP)
Figure 23.6 Examples of ICMP messages with the message number and purpose.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
24
23.8 Internet Control Message Protocol (ICMP)
•
As in Figure 23.6, ICMP contains two message types:
– messages used to report errors
– messages used to obtain information
• Time Exceeded and Destination Unreachable are for
reporting errors when a datagram cannot be delivered.
• A destination is unreachable if no route exists to the address.
• A datagram times out if
– either the TTL count in the header expires or
– fragments of the datagram do not arrive before the timer expires
•
Echo Request and Echo Reply are used by the ping
application to test connectivity.
– When a host receives an echo request message ICMP software on a
host or router sends an echo reply that carries the same data as the
request.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
25
23.9 ICMP Message Format and
Encapsulation
• ICMP uses IP to transport each error message.
• When a router has an ICMP message to send it creates an
IP datagram and encapsulates the ICMP message in it.
• Figure 23.7 (below) illustrates the two levels of encapsulation
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
26
23.9 ICMP Message Format and
Encapsulation
• ICMP messages are forwarded like any other datagram, with
one minor exception.
• If an ICMP error message causes an error, no error message
is sent.
• The designers of the Internet wanted to avoid the Internet
becoming congested carrying error messages about error
messages.
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
27
Windows tracert
http://technet.microsoft.com/en-us/library/bb491018.aspx
Tracert
Determines the path taken to a destination by sending Internet
Control Message Protocol (ICMP) Echo Request messages to the
destination with incrementally increasing Time to Live (TTL) field
values. The path displayed is the list of near-side router interfaces of
the routers in the path between a source host and a destination. The
near-side interface is the interface of the router that is closest to the
sending host in the path. Used without parameters, tracert displays
help.
Syntax
tracert [-d] [-h MaximumHops] [-j HostList] [-w Timeout] [TargetName]
28
Windows tracert
http://technet.microsoft.com/en-us/library/bb491018.aspx
Parameters
-d : Prevents tracert from attempting to resolve the IP addresses of
intermediate routers to their names. This can speed up the display of
tracert results.
-h MaximumHops : Specifies the maximum number of hops in the
path to search for the target (destination). The default is 30 hops.
-j HostList : Specifies that Echo Request messages use the Loose
Source Route option in the IP header with the set of intermediate
destinations specified in HostList. With loose source routing,
successive intermediate destinations can be separated by one or
multiple routers. The maximum number of addresses or names in the
host list is 9. The HostList is a series of IP addresses (in dotted decimal
notation) separated by spaces.
8/25/2009
NET0183 Networks and Communications
by Dr Andy Brooks
29
Windows tracert
http://technet.microsoft.com/en-us/library/bb491018.aspx
Parameters
-w Timeout : Specifies the amount of time in milliseconds to wait for
the ICMP Time Exceeded or Echo Reply message corresponding to a
given Echo Request message to be received. If not received within the
time-out, an asterisk (*) is displayed. The default time-out is 4000 (4
seconds).
TargetName : Specifies the destination, identified either by IP
address or host name.
-? : Displays help at the command prompt.
8/25/2009
NET0183 Networks and Communications
by Dr Andy Brooks
30
Windows tracert
http://technet.microsoft.com/en-us/library/bb491018.aspx
Remarks
This diagnostic tool determines the path taken to a destination by sending ICMP
Echo Request messages with varying Time to Live (TTL) values to the destination.
Each router along the path is required to decrement the TTL in an IP packet by at
least 1 before forwarding it. Effectively, the TTL is a maximum link counter. When
the TTL on a packet reaches 0, the router is expected to return an ICMP Time
Exceeded message to the source computer. Tracert determines the path by
sending the first Echo Request message with a TTL of 1 and incrementing the TTL
by 1 on each subsequent transmission until the target responds or the maximum
number of hops is reached. The maximum number of hops is 30 by default and
can be specified using the -h parameter. The path is determined by examining
the ICMP Time Exceeded messages returned by intermediate routers and the
Echo Reply message returned by the destination. However, some routers do not
return Time Exceeded messages for packets with expired TTL values and are
invisible to the tracert command. In this case, a row of asterisks (*) is displayed
for that hop.
8/25/2009
NET0183 Networks and Communications
by Dr Andy Brooks
31
Traceroute warning
• The Internet is dynamic and forwarding tables in
routers change.
• Each datagram sent out each with a different TTL could
take a different route.
• Traceroute output could imply a direct connection
between machines that does not exist.
8/25/2009
NET0183 Networks and Communications
by Dr Andy Brooks
32