Chapter4-part2 - UCF Computer Science

Download Report

Transcript Chapter4-part2 - UCF Computer Science 

NAT traversal problem
 client want to connect to
server with address 10.0.0.1


server address 10.0.0.1 local
Client
to LAN (client can’t use it as
destination addr)
only one externally visible
NATted address: 138.76.29.7
 solution 1: statically
configure NAT to forward
incoming connection
requests at given port to
server

10.0.0.1
?
138.76.29.7
10.0.0.4
NAT
router
e.g., (123.76.29.7, port 2500)
always forwarded to 10.0.0.1
port 25000
Network Layer
4-1
Solution #1 Example: Cisco wireless router
Network Layer
4-2
NAT traversal problem
 solution 2: Universal Plug and
Play (UPnP) Internet Gateway
Device (IGD) Protocol. Allows
NATted host to:
 learn public IP address
138.76.29.7
(138.76.29.7)
 Drill a “hole” in NAT
 Add a port mappings on NAT
10.0.0.1
IGD
10.0.0.4
NAT
router
 Require both host and NAT to
be UPnP compatible
 automate static NAT port map
configuration
Network Layer
4-3
NAT traversal problem
 solution 3: relaying (used in Skype)
NATed server establishes connection to relay
 External client connects to relay
 relay bridges packets between to connections

2. connection to
relay initiated
by client
Client
3. relaying
established
1. connection to
relay initiated
by NATted host
138.76.29.7
10.0.0.1
NAT
router
Network Layer
4-4
DHCP: Dynamic Host Configuration Protocol
Goal: allow host to dynamically obtain its IP address
from network server when it joins network
Can renew its lease on address in use
Allows reuse of addresses (only hold address while connected
an “on”
Support for mobile users who want to join network (more
shortly)
DHCP overview:
 host broadcasts “DHCP discover” msg
 DHCP server responds with “DHCP offer” msg
 host requests IP address: “DHCP request” msg
 DHCP server sends address: “DHCP ack” msg
Network Layer
4-5
DHCP client-server scenario
A
B
223.1.2.1
DHCP
server
223.1.1.1
223.1.1.2
223.1.1.4
223.1.2.9
223.1.2.2
223.1.1.3
223.1.3.1
223.1.3.27
223.1.3.2
E
arriving DHCP
client needs
address in this
network
Network Layer
4-6
DHCP client-server scenario
DHCP server: 223.1.2.5
DHCP discover
arriving
client
src : 0.0.0.0, 68
dest.: 255.255.255.255,67
yiaddr: 0.0.0.0
transaction ID: 654
DHCP offer
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4
transaction ID: 654
Lifetime: 3600 secs
DHCP request
time
src: 0.0.0.0, 68
dest:: 255.255.255.255, 67
yiaddrr: 223.1.2.4
transaction ID: 655
Lifetime: 3600 secs
DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4
transaction ID: 655
Lifetime: 3600 secs
Network Layer
4-7
Chapter 4: Network Layer
 4. 1 Introduction
 4.2 Virtual circuit and
datagram networks
 4.3 What’s inside a
router
 4.4 IP: Internet
Protocol




Datagram format
IPv4 addressing
ICMP
IPv6
 4.5 Routing algorithms
 Link state
 Distance Vector
 Hierarchical routing
 4.6 Routing in the
Internet



RIP
OSPF
BGP
 4.7 Broadcast and
multicast routing
Network Layer
4-8
ICMP: Internet Control Message Protocol
 used by hosts & routers to
communicate network-level
information
 error reporting:
unreachable host, network,
port, protocol
 echo request/reply (used
by ping)
 network-layer “above” IP:
 ICMP msgs carried in IP
datagrams
 Not built on TCP!
 ICMP message: type, code plus
first 8 bytes of IP datagram
causing error
Type
0
3
3
3
3
3
3
4
Code
0
0
1
2
3
6
7
0
8
9
10
11
12
0
0
0
0
0
description
echo reply (ping)
dest. network unreachable
dest host unreachable
dest protocol unreachable
dest port unreachable
dest network unknown
dest host unknown
source quench (congestion
control - not used)
echo request (ping)
route advertisement
router discovery
TTL expired
bad IP header
Network Layer
4-9
Traceroute and ICMP
 Source sends series of
UDP segments to dest



First has TTL =1
Second has TTL=2, etc.
Unlikely port number
 When nth datagram arrives
to nth router:



Router discards datagram
And sends to source an
ICMP message (type 11,
code 0)
Message includes name of
router& IP address
Ethereal example
 When ICMP message
arrives, source calculates
RTT
 Traceroute does this 3
times
Stopping criterion
 UDP segment eventually
arrives at destination host
 Destination returns ICMP
“host unreachable” packet
(type 3, code 3)
 When source gets this
ICMP, stops.
Network Layer 4-10
“Real” Internet delays and routes
 What do “real” Internet delay & loss look like?
 Traceroute program: provides delay
measurement from source to router along end-end
Internet path towards destination. For all i:



sends three packets that will reach router i on path
towards destination
router i will return packets to sender
sender times interval between transmission and reply.
3 probes
3 probes
3 probes
Introduction
1-11
“Real” Internet delays and routes
traceroute: gaia.cs.umass.edu to www.eurecom.fr
Three delay measurements from
gaia.cs.umass.edu to cs-gw.cs.umass.edu
1 cs-gw (128.119.240.254) 1 ms 1 ms 2 ms
2 border1-rt-fa5-1-0.gw.umass.edu (128.119.3.145) 1 ms 1 ms 2 ms
3 cht-vbns.gw.umass.edu (128.119.3.130) 6 ms 5 ms 5 ms
4 jn1-at1-0-0-19.wor.vbns.net (204.147.132.129) 16 ms 11 ms 13 ms
5 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136) 21 ms 18 ms 18 ms
6 abilene-vbns.abilene.ucaid.edu (198.32.11.9) 22 ms 18 ms 22 ms
7 nycm-wash.abilene.ucaid.edu (198.32.8.46) 22 ms 22 ms 22 ms trans-oceanic
8 62.40.103.253 (62.40.103.253) 104 ms 109 ms 106 ms
link
9 de2-1.de1.de.geant.net (62.40.96.129) 109 ms 102 ms 104 ms
10 de.fr1.fr.geant.net (62.40.96.50) 113 ms 121 ms 114 ms
11 renater-gw.fr1.fr.geant.net (62.40.103.54) 112 ms 114 ms 112 ms
12 nio-n2.cssi.renater.fr (193.51.206.13) 111 ms 114 ms 116 ms
13 nice.cssi.renater.fr (195.220.98.102) 123 ms 125 ms 124 ms
14 r3t2-nice.cssi.renater.fr (195.220.98.110) 126 ms 126 ms 124 ms
15 eurecom-valbonne.r3t2.ft.net (193.48.50.54) 135 ms 128 ms 133 ms
16 194.214.211.25 (194.214.211.25) 126 ms 128 ms 126 ms
17 * * *
* means no response (probe lost, router not replying)
18 * * *
19 fantasia.eurecom.fr (193.55.113.142) 132 ms 128 ms 136 ms
Under Windows is “tracert”
Introduction
1-12
Traceroute from My Home Computer (last year)
Introduction
1-13
Traceroute from My Home
Computer (another time)
Introduction
1-14
Introduction
1-15
Online Traceroute Tools
 Because UCF campus network blocks all
ICMP packets, you need an outside machine
to try it.
Try on http://tools.pingdom.com/ping/
 Try from different countries from
www.traceroute.org
 Check traceroute virtual path at:

• http://traceroute.monitis.com/
and
• http://www.yougetsignal.com/tools/visual-tracert/
Introduction
1-16
Chapter 4: Network Layer
 4. 1 Introduction
 4.2 Virtual circuit and
datagram networks
 4.3 What’s inside a
router
 4.4 IP: Internet
Protocol




Datagram format
IPv4 addressing
ICMP
IPv6
 4.5 Routing algorithms
 Link state
 Distance Vector
 Hierarchical routing
 4.6 Routing in the
Internet



RIP
OSPF
BGP
 4.7 Broadcast and
multicast routing
Network Layer 4-17
IPv6
 Initial motivation: 32-bit address space soon
to be completely allocated.
 Additional motivation:
header format helps speed processing/forwarding
 header changes to facilitate QoS
 Checksum: removed entirely to reduce processing
time at each hop
IPv6 datagram format:
 fixed-length 40 byte header
 no fragmentation allowed
Very slow take off

• IPv4 still has space (CIDR, DHCP, NAT)
• Too trouble to upgrade
Network Layer 4-18
IPv6 Header (Cont)
Priority: identify priority among datagrams in flow
Flow Label: identify datagrams in same “flow.”
(concept of“flow” not well defined).
Next header: identify upper layer protocol for data
Network Layer 4-19
Transition From IPv4 To IPv6
 Not all routers can be upgraded simultaneous
no “flag days”
 How will the network operate with mixed IPv4 and
IPv6 routers?

 Tunneling: IPv6 carried as payload in IPv4
datagram among IPv4 routers
Network Layer 4-20
Tunneling
Logical view:
Physical view:
E
F
IPv6
IPv6
IPv6
A
B
E
F
IPv6
IPv6
IPv6
IPv6
A
B
IPv6
tunnel
IPv4
IPv4
Network Layer 4-21
Tunneling
Logical view:
Physical view:
A
B
IPv6
IPv6
A
B
C
IPv6
IPv6
IPv4
Flow: X
Src: A
Dest: F
data
A-to-B:
IPv6
E
F
IPv6
IPv6
D
E
F
IPv4
IPv6
IPv6
tunnel
Src:B
Dest: E
Src:B
Dest: E
Flow: X
Src: A
Dest: F
Flow: X
Src: A
Dest: F
data
data
B-to-C:
IPv6 inside
IPv4
B-to-C:
IPv6 inside
IPv4
Flow: X
Src: A
Dest: F
data
E-to-F:
IPv6
Network Layer 4-22
IPv6 Tunneling vs. IPv4 NAT
 Similarity:
Both have one IPv4 public IP address, and many
computers behind it
 Conduct translation/capculing on that special
edge router

 Difference:
 Hosts behind NAT are un-addressable
• Cannot communicate with each other
 Hosts
behind Tunneling are addressable
• Can communicate with each other directly
Network Layer 4-23
Chapter 4: Network Layer
 4. 1 Introduction
 4.2 Virtual circuit and
datagram networks
 4.3 What’s inside a
router
 4.4 IP: Internet
Protocol




Datagram format
IPv4 addressing
ICMP
IPv6
 4.5 Routing algorithms
 Link state
 Distance Vector
 Hierarchical routing
 4.6 Routing in the
Internet



RIP
OSPF
BGP
 4.7 Broadcast and
multicast routing
Network Layer 4-24
Routing Algorithm classification
Global or decentralized
information?
Global:
 all routers have complete
topology, link cost info
 “link state” algorithms
Decentralized:
 router knows physicallyconnected neighbors, link
costs to neighbors
 iterative process of
computation, exchange of
info with neighbors
 “distance vector” algorithms
Static or dynamic?
Static:
 routes change slowly
over time
Dynamic:
 routes change more
quickly
 periodic update
 in response to link
cost changes
Network Layer 4-25
Chapter 4: Network Layer
 4. 1 Introduction
 4.2 Virtual circuit and
datagram networks
 4.3 What’s inside a
router
 4.4 IP: Internet
Protocol




Datagram format
IPv4 addressing
ICMP
IPv6
 4.5 Routing algorithms
 Link state
 Distance Vector
 Hierarchical routing
 4.6 Routing in the
Internet



RIP
OSPF
BGP
 4.7 Broadcast and
multicast routing
Network Layer 4-26
A Link-State Routing Algorithm
Dijkstra’s algorithm
 net topology, link costs
known to all nodes
 accomplished via “link
state broadcast”
 all nodes have same info
 computes least cost paths
from one node (“source”) to
all other nodes
 gives routing table for
that node
 iterative: after k iterations,
know least cost path to k
destinations
Idea:
 at each iteration increase
spanning tree by the node
that has least cost path to
the source
5
2
A
B
2
1
D
3
C
3
1
5
F
1
E
2
Network Layer 4-27
A Link-State Routing Algorithm
Notation:
 c(i,j): link cost from node i
to j. cost infinite if not
direct neighbors
 D(v): current value of cost
of path from source to
dest. V
Examples:
 c(B,C) = 3
 D(E) = 2
 p(B) = A
 N = { A, B, D, E }
5
 p(v): predecessor node
along path from source to
v, that is next v
 N: set of nodes already in
spanning tree (least cost
path known)
2
A
B
2
1
D
3
C
3
1
5
F
1
E
2
Network Layer 4-28
Dijsktra’s Algorithm
1 Initialization:
2 N = {A}
3 for all nodes v
4
if v adjacent to A
5
then D(v) = c(A,v)
6
else D(v) = infinity
7
8 Loop
9
find w not in N such that D(w) is a minimum
10 add w to N
11 update D(v) for all v adjacent to w and not in N:
12
D(v) = min( D(v), D(w) + c(w,v) )
13 /* new cost to v is either old cost to v or known
14
shortest path cost to w plus direct link cost from w to v */
15 until all nodes in N
Network Layer 4-29
Dijkstra’s algorithm: example
Step
N
0
A
1
AD
2
ADE
3
ADEB
4 ADEBC
5 ADEBCF
D(B),p(B) D(C),p(C) D(D),p(D) D(E),p(E) D(F),p(F)
2,A
5,A
1,A
infinity,infinity,2,A
4,D
1,A
2,D
infinity,2,A
3,E
1,A
2,D
4,E
2,A
3,E
1,A
2,D
4,E
2,A
3,E
1,A
2,D
4,E
2,A
3,E
1,A
2,D
4,E
5
A
1
2
B
2
D
3
C
3
1
5
F
1
E
2
Network Layer 4-30
Chapter 4: Network Layer
 4. 1 Introduction
 4.2 Virtual circuit and
datagram networks
 4.3 What’s inside a
router
 4.4 IP: Internet
Protocol




Datagram format
IPv4 addressing
ICMP
IPv6
 4.5 Routing algorithms
 Link state
 Distance Vector
 Hierarchical routing
 4.6 Routing in the
Internet



RIP
OSPF
BGP
 4.7 Broadcast and
multicast routing
Network Layer 4-31
Distance Vector Algorithm (1)
Bellman-Ford Equation (dynamic programming)
Define
dx(y) := cost of least-cost path from x to y
Then
dx(y) = minv {c(x,v) + dv(y) }
where min is taken over all neighbors of x
Network Layer 4-32
Bellman-Ford example
Suppose we know that
dv(z) = 5, dx(z) = 3, dw(z) = 3
5
2
u
v
2
1
x
3
w
3
1
5
z
1
y
2
How about du(y)?
B-F equation says:
du(z) = min { c(u,v) + dv(z),
c(u,x) + dx(z),
c(u,w) + dw(z) }
= min {2 + 5,
1 + 3,
5 + 3} = 4
Network Layer 4-33
Distance Vector Algorithm (3)
 Dx(y) = estimate of least cost from x to y
 Distance vector: Dx = [Dx(y): y є N ]
 Node x knows cost to each neighbor v:
c(x,v)
 Node x maintains Dx = [Dx(y): y є N ]
 Node x also maintains its neighbors’
distance vectors
 For
each neighbor v, x maintains
Dv = [Dv(y): y є N ]
Network Layer 4-34
Distance vector algorithm (4)
Basic idea:
 Each node periodically sends its own distance
vector estimate to neighbors
 When a node x receives new DV estimate from
neighbor, it updates its own DV using B-F equation:
Dx(y) ← minv{c(x,v) + Dv(y)}
for each node y ∊ N
 Under minor, natural conditions, the estimate Dx(y)
converge the actual least cost dx(y)
Network Layer 4-35
Distance Vector Algorithm (5)
Iterative, asynchronous:
each local iteration caused
by:
 local link cost change
 DV update message from
neighbor
Distributed:
 each node notifies
neighbors only when its DV
changes

neighbors then notify
their neighbors if
necessary
Each node:
wait for (change in local link,
cost of msg from neighbor)
recompute estimates
if DV to any dest has
changed, notify neighbors
Network Layer 4-36
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)}
= min{2+0 , 7+1} = 2
node x table
cost to
x y z
cost to
x y z
from
from
x 0 2 7
y ∞∞ ∞
z ∞∞ ∞
node y table
cost to
x y z
Dx(z) = min{c(x,y) +
Dy(z), c(x,z) + Dz(z)}
= min{2+1 , 7+0} = 3
x 0 2 3
y 2 0 1
z 7 1 0
x ∞ ∞ ∞
y 2 0 1
z ∞∞ ∞
node z table
cost to
x y z
from
from
x
x ∞∞ ∞
y ∞∞ ∞
z 71 0
time
2
y
7
1
z
Network Layer 4-37
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)}
= min{2+0 , 7+1} = 2
node x table
cost to
x y z
x ∞∞ ∞
y ∞∞ ∞
z 71 0
from
from
from
from
x 0 2 7
y 2 0 1
z 7 1 0
cost to
x y z
x 0 2 7
y 2 0 1
z 3 1 0
x 0 2 3
y 2 0 1
z 3 1 0
cost to
x y z
x 0 2 3
y 2 0 1
z 3 1 0
x
2
y
7
1
z
cost to
x y z
from
from
from
x ∞ ∞ ∞
y 2 0 1
z ∞∞ ∞
node z table
cost to
x y z
x 0 2 3
y 2 0 1
z 7 1 0
cost to
x y z
cost to
x y z
from
from
x 0 2 7
y ∞∞ ∞
z ∞∞ ∞
node y table
cost to
x y z
cost to
x y z
Dx(z) = min{c(x,y) +
Dy(z), c(x,z) + Dz(z)}
= min{2+1 , 7+0} = 3
x 0 2 3
y 2 0 1
z 3 1 0
time
Network Layer 4-38
Comparison of LS and DV algorithms
Message complexity
 LS: with n nodes, E links,
O(nE) msgs sent
 DV: exchange between
neighbors only
 convergence time varies
Speed of Convergence
 LS: O(n2) algorithm requires
O(nE) msgs
 may have oscillations
 DV: convergence time varies
 may be routing loops
 count-to-infinity problem
Robustness: what happens
if router malfunctions?
LS:


node can advertise
incorrect link cost
each node computes only
its own table
DV:


DV node can advertise
incorrect path cost
each node’s table used by
others
• error propagate thru
network
Network Layer 4-39