Transcript 23 - UTRGV Faculty Web

23-Support Protocols and
Technologies
Dr. John P. Abraham
Professor
UTPA
ARP and RARP
Position of ARP and RARP in TCP/IP protocol suite
An ARP request is broadcast;
an ARP reply is unicast.
ARP operation
ARP packet
ARP
• ARP is encapsulated in a frame. The type field in the
frame header specifies that the frame contains an ARP
message.
• IP asks ARP to create an ARP request
– Sender IP & Physical, target IP and 0s Physical.
• This is send to data link layer, where a it is encapsulated
into a frame with senders physical and broadcast
address as receiver.
• All machines hear, intended machine keeps and others
drop the message.
• The appropriate receiver replies, unicast, with physical
addresses of sender and receiver.
ARP cashing and Message
Processing
• Since many packets travel from source to destination, it
is inefficient to have ARP request and response for each.
To reduce network traffic, ARP software extracts and
saves the information from response so it can be used
for subsequent packets. It is kept in RAM (cache) rather
than disk drive. When the cache run out of space, the
oldest entry is replaced.
• When an address needs to be resolved, look in the
cache first. A cache can be updated with request or
response. See the algorithm on page 387. Both
originator and target update their cache entries. Other
listening computers do not update cache, other wise
their cache will fill up quickly.
RARP operation
ICMP
• Internet Control Message Protocol
– Used to report errors back to the original
source. ICMP itself becomes a payload in an
IP packet.
ICMP messages
ICMP messages
• Echo request and reply are used by ping.
• Echo-request and echo-reply messages can test the reachability of
a host. This is usually done by invoking the ping command.
• Timestamp-request and timestamp-reply messages can be used to
calculate the round-trip time between a source and a destination
machine even if their clocks are not synchronized.
• We use the traceroute program to find the route
BOOTP
– Bootstrap Protocol
– An earlier protocol: RARP allowed a computer to obtain an IP address
from the server. It became obsolete because of BOOTP which has
more features. Bootp can be anywhere on the internet whereas RARP
has to be one the same network.
– BOOTP is still used if the machine boots remotely. BOOTP provides IP
address, mask and address of a default router in a single step.
– Bootp communicates using IP. Request was sent to destination
address with all 1’s, and used all 0’s as the source address. Bootp
server responded using the MAC address. Bootp keeps a table of MAC
addresses and corresponding IP addresses. So it used a static address
for each machine. The administrator maintains this table.
– Boot prom can be installed on a network card. Used with diskless
workstations.
– Not very efficient if computers change rapidly.
DHCP
• Dynamic Host Configuration Protocol
It becomes difficult to keep track of all the MAC and IP addresses,
particularly when computers come and go such as in the case of
large organizations or WIFI.
DHCP provides a mechanism that allows an arbitrary computer to
join a new network and obtain and IP address automatically.
The administrator does not need to make an entry.
DHCP can provide a static IP or a dynamic IP.
DHCP leases out the IP addresses for a fixed period of time. The
server keeps a pool of available IP addresses.
When the lease expires, a host can choose to relinquish the
address or renegotiate to extend the lease.
DHCP packet
Options for DHCP
DHCP operation and optimizations
• Recovery from loss or duplication
– Missing or duplicate packets do not result in
misconfiguration.
• Caching a server address
– Once a server is found, its address is kept for asking
for lease renewal. Otherwise another DHCP server
might respond.
• Avoidance of synchronized flooding
– In case multiple machines reboots simultaneously
after a power failure lines can be flooded with dhcp
requests. DHCP requires each host to delay a
random time before transmitting a request.
Indirect DHCP server access
through a relay
• Each individual network does not have to have a
DHCP server.
• Instead, a DHCP relay agent forwards requests
and responses between a client and the server.
• At least one relay agent must be present on each
network, and that agent must be configured with
the address of the appropriate DHCP server.
• The relay agents forwards responses to the client.
• Discuss DHCP redundancy.
NAT
• Network Address Translation
• Multiple devices at a site to share a SINGLE GLOBAL IP address
(or a POOL of IP addresses)
• A host at the site appears to have a normal Internet connection.
• NAT run as an in-line service (NAT must be placed between the
computer and the internet). NAT usually resides in the router.
• Single valid public IP and many private IP addresses. The public IP
address is assigned to the router (wan side).
• Before a datagram from the site can be allowed onto the Internet,
NAT must translate the private IP address into a globally valid IP
address. Similarly the NAT must translate an incoming IP address
destined for a host into a private IP address.
NAT table
• The NAT device replaces the private source address
with it’s own public IP address. As a packet reaches
NAT from a private IP, it creates a table of destination
address and source address, for in and out. Example:
OUT if source is 192.168.0.1, the new value placed in
there is 128.210.24.6, destination of 198.133.219.25, no
change. IN source address 192.133.219.25, no change,
destination 128.210.24.6 change to 192.168.0.1.
• Can only handle situations in which each host at a site
communicates with a unique server on the internet.
• A pool of public IP address would make communication
faster.
Transport-Layer NAT
• If two computers contacts the same destination address
the above example would not work. If two hosts at the
site attempt to communicate with remote server x, the
translation table will contain multiple entries for X, and
NAT will not be able to route incoming datagrams.
• Also, in case two or more applications running on a
given host at a site attempt simultaneous communication
with different destination on the Internet, the forwarding
table will end up with duplicates.
• Then private port address is added to the table. One
might be assigned port 1400, and the other 1401.
NAPT
• Network Address and Port Translation
– Allows a site to have arbitrary numbers of applications
running on arbitrary hosts, all communicating
simultaneously with arbitrary destinations on the
internet.
– Most people do not use the acronym NAPT, instead
NAT is used to refer to all of these situations.
– Since port numbers are associated with the transport
layer, it is also known as transport layer NAT.
NAT and Servers
• Automatic table construction does not work well for
communication initiated from the internet to multiple
servers in a particular site. The NAT device cannot
know which computer should receive an incoming web
connection.
• Twice NAT, a variant of NAT, allows the local DNS to
create a new entry in the table on the NAT device when
a remote system looks up the name of a computer at the
site. This way the NAT is able to look up the table as the
first packet arrives.
• Twice NAT fails when the DNS server is not queried first
(using IP address) and when a client uses a DNS proxy
to resolve domain names.