Transcript arp

IP: putting it all together
Part 1
G53ACC
Chris Greenhalgh
1
Contents
Scenario
 Local network communication

– Sending a packet
– ARP
– Receiving a packet

Remote network communication
– Routing
2
Book coverage

Assumed from CCN:
– Comer ch. 13 (routing), 17 (internet), 22 (IPv6), 25
(TCP)

Reviewed:
– Comer ch. 18 (addresses), 20 (datagram), 21 (frag.)

Additional:
– Comer ch. 19 (ARP), 23 (ICMP), 24 (UDP), 26 (NAT),
27 (Internet routing, part)
3
Scenario

Sending a UDP packet
– E.g. the ReverseClientUnicast, or DNS client
Pre-configured machine
 On an Ethernet
 Connected to the Internet
 Running the IP protocol suite

– How does communication "really" work?
4
Scenario (& see text dump)
128.243.22.61
(monet)
Start
Here 
128.243.22.1
128.243.21.1
Ethernet
switch(es)
128.243.22/24
Ethernet
switch(es)
128.243.21/24
Router
Internet
128.243.22.35
(mcclean)
155.198.5.83
(www.ic.ac.uk)
128.243.21.16
(DNS server) 128.243.21.19
5
e.g. ReverseClientUnicast.java

…
int port = Integer.parseInt(args[1]);
InetAddress server =
InetAddress.getByName(args[0]);
DatagramSocket socket =
new DatagramSocket();
…
byte [] data =
requestByteStream.toByteArray();
DatagramPacket request =
new DatagramPacket(data, data.length,
server, port);
socket.send(request);
6
…
TCP/IP reference model
You are here
ReverseClient, DNS, …
TCP, UDP
IP
IEEE802
Ethernet,
WiFi, …
7
Comer Fig. 17.4
What have you got?
(what does the machine know?)

An array of bytes
– Application layer data

A destination IP address (not name)
– E.g. 128.243.22.35 (case 1);
128.243.21.19 (case 2)



A destination UDP port
A sending UDP socket (=> source UDP port)
Local IP configuration (in OS)
– See later
8
Goal: send that data to the
destination machine

But physical network transports Ethernet
frames (only!)…
You are here: Application Data
9
Transport layer, UDP:
add UDP header


Source port =
sending socket
Dest. port =
from request



Data = app. Data
Length = data length
Checksum =
error check (CRC)
10
TCP/IP reference model
You are here
ReverseClient, DNS, …
TCP, UDP
IP
IEEE802
Ethernet,
WiFi, …
11
Comer Fig. 17.4
What have you got now?
(what does the machine know?)

A UDP header and datagram payload
– Includes source & dest. UDP ports
– Application layer data

A destination IP address (not name)
– E.g. 128.243.22.35 (case 1);
128.243.21.19 (case 2)

Local IP configuration (in OS)
– See later
12
Network Layer, IP:
add IP header
13
Selected IP header fields




Version = 4
Type = UDP
Source IP address =
a local IP, probably
not filled in yet
Destination IP =
from request



TTL =
“Time To Live”
(network hops),
initially high
Header checksum =
error check for header
Fragment offset –
see fragmentation
14
So…

You have:
– IP packet
– With IP destination

You need:
– Ethernet (or other
network) Interface to
send it
– Ethernet frame
– With Ethernet
destination
15
Local IP configuration

For now assume set by hand, e.g. on monet:
– Own IP address, e.g. 128.243.22.61
– Netmask (range of IP addresses on physical segment),
e.g. 255.255.255.0
– Default router, e.g. 128.243.22.1
– DNS server address
– (See later notes on auto-configuration)

Built in:
– Own Ethernet address
(in Network Interface Card (NIC) PROM)
16
IP layer:
what shall I do with this packet?

IP datagram forwarding rule:
– Send it to another physically reachable machine which
is believed to be closer to the IP destination

But:
– Which machine is closer?
– Which physical interface can be used to reach that
machine?

 Consult OS IP routing table…
17
Routing table
Lists a set of rules:
  What to do with a packet addressed to
any destination IP address

– Which physical interface to use
– Whether the destination is directly reachable
– If not, which directly reachable machine to pass
the packet on to
18
Routing table example
(from scenario, monet) G = gateway
(not direct)
# netstat -r
Destination
128.243.22.0
127.0.0.0
0.0.0.0
Gateway
0.0.0.0
0.0.0.0
128.243.22.1
Genmask
255.255.255.0
255.0.0.0
0.0.0.0
Fl
U
U
UG
M
0
0
0
R
0
0
0
U
0
0
0
Iface
eth0
lo
eth0
# ifconfig eth0 [windows: ipconfig /all]
eth0 Link encap:Ethernet HWaddr 00:01:02:AD:0F:08
inet addr:128.243.22.61 Bcast:128.243.22.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
19
Routing table example: windows
(128.243.22.74 - not from the scenario)









>netstat –r
Network Destination
Netmask
Gateway
0.0.0.0
0.0.0.0
128.243.22.1
127.0.0.0
255.0.0.0
127.0.0.1
128.243.22.0
255.255.255.0
128.243.22.74
128.243.22.74 255.255.255.255
127.0.0.1
…
>ipconfig /all
…
Ethernet adapter Local Area Connection:
Connection-specific
Description . . . .
Physical Address. .
IP Address. . . . .
Subnet Mask . . . .






DNS
. .
. .
. .
. .
Suffix
. . . .
. . . .
. . . .
. . . .
.
.
.
.
.
:
:
:
:
:
Interface
128.243.22.74
127.0.0.1
128.243.22.74
127.0.0.1
Metric
10
1
10
10
This machine
(direct)
3Com Gigabit NIC (3C2000)
00-0A-5E-54-2B-65
128.243.22.74
255.255.255.0
…
20
Case 1: send to 128.243.22.35
128.243.22.61
(monet)
Start
Here 
128.243.22.1
128.243.21.1
Ethernet
switch(es)
128.243.22/24
Ethernet
switch(es)
128.243.21/24
Router
Internet
128.243.22.35
(mcclean)
155.198.5.83
(www.ic.ac.uk)
128.243.21.16
(DNS server) 128.243.21.19
21
Case 1: Send to 128.243.22.35
Find routing table entry matching
destination IP address (128.243.22.35)
  gateway (if any) and interface

– No gateway (directly reachable destination)
 send directly to 128.243.22.35
– Interface “eth0”

Need Ethernet address for direct destination
to send on Ethernet…
22
Address Resolution Protocol
(ARP)
Internet standard, RFC 826
 Protocol for dynamic mapping of (local) IP
addresses to (local) Ethernet address

23
ARP request/response packet

Construct ARP request “who has IP
128.243.22.34”:
– “H” = “hardware” (Ether.); “P” = “protocol” (IP)
24
ARP/Ethernet encapsulation

Place ARP request in Ethernet frame
– Type 806
25
ARP query

Broadcast on identified outgoing interface:
Broadcast request
Unicast response
26
ARP query handling
– all hosts on that Ethernet receive the broadcast
request and packet to OS
– Each host inspects Ethernet frame type and passes
to relevant handler (in OS)
– ARP handler inspects request: is this my IP
address?
– Host 128.243.22.35 sees match and builds and
sends back ARP response
“128.243.22.35 =
Ethernet address 00:a0:c9:ca:1d:d7”
– Sending host caches this information for (near)
future re-use in an ARP table…
27
ARP cache

Try # arp –a
– table of IP address  Ethernet (MAC) address
28
TCP/IP reference model
You are here
ReverseClient, DNS, …
TCP, UDP
IP
IEEE802
Ethernet,
WiFi, …
29
Comer Fig. 17.4
(Finally) Build Ethernet frame





Source IP = sending interface IP
Source MAC address = sending interface MAC
address
Destination IP address = original destination
Destination MAC address = next hop MAC
address
Ethernet frame type = 0800
30
Send on identified network
interface

Ethernet LAN is (logical) broadcast
– Packet typically seen by the Ethernet card of
every machine on that LAN

(give or take Ethernet switches which learn and
route by MAC address)
31
Receiving a packet…
32
Incoming Ethernet frame: NIC

Check dest. Ethernet (MAC) address
– Accept if broadcast or = NIC’s MAC address
– Interrupt OS…
33
Incoming Ethernet frame: OS
OS is interrupted by NIC and retrieves
received Ethernet frame
 Inspects frame type field and handles
contents (payload) accordingly:

– 0806  ARP (already considered)
– 0800  IP v.4…
34
Incoming IP packet (OS)

Inspects IP header
– Check header checksum, discard if corrupted
– Check destination IP address
If (one of our) local address(es), continue local
processing…
 Otherwise, consider for forwarding

– Forwarding enabled (e.g. router)  see later
– Forwarding disabled (e.g. most hosts)  discard
35
Incoming IP packet with local
destination (OS)
(Fragments reassembled first – see later)
 Check IP packet type:

–
–
–
–
–

1 ICMP Internet Control Message
2 IGMP Internet Group Management
4 IP in IP (encapsulation)
6 TCP Transmission Control
17 UDP User Datagram
Pass to relevant handler…
36
Incoming (e.g.) UDP datagram
with local IP address (OS)

Inspects UDP header
– Check UDP checksum, discard if corrupt
– Check destination UDP port
If not bound to an application
 Send an error response (ICMP Destination
Unreachable – see later)
 If currently bound to an application socket
 pass payload plus source IP and source UDP port
to application socket…

37
Receiving application
(e.g. ReverseServerUnicast.java)

int port = Integer.parseInt(args[0]);
DatagramSocket socket =
new DatagramSocket(port);
…
byte [] requestBytes = new byte[65536];
DatagramPacket request =
new DatagramPacket(requestBytes,
requestBytes.length);
socket.receive(request);
…

38
Case 2: send to 128.243.21.19
(different network)
128.243.22.61
(monet)
Start
Here 
128.243.22.1
128.243.21.1
Ethernet
switch(es)
128.243.22/24
Ethernet
switch(es)
128.243.21/24
Router
Internet
128.243.22.35
(mcclean)
155.198.5.83
(www.ic.ac.uk)
128.243.21.16
(DNS server) 128.243.21.19
39
Case 2: Send to 128.243.21.19

Begins as before:
– Construct UDP header
– Construct IP header
–  Complete IP datagram
40
Case 2: Routing at senderG = gateway
(not direct)

Find routing table entry matching destination IP address
(128.243.22.35) (may appear as “default”):
# netstat -r
Destination
128.243.22.0
127.0.0.0
0.0.0.0

Gateway
0.0.0.0
0.0.0.0
128.243.22.1
Genmask
255.255.255.0
255.0.0.0
0.0.0.0
Fl
U
U
UG
M
0
0
0
R
0
0
0
U
0
0
0
Iface
eth0
lo
eth0
Doesn't match local network, So use default route
– Gateway (next directly reachable hop) = router 128.243.22.1
– Outgoing network interface = eth0 (IP 128.243.22.61)
41
Case 2: Sending non-local
Destination IP address is 128.243.21.19
 Destination Ethernet address is Ethernet
address of gateway/next hop machine

–  do ARP to find Ethernet address
corresponding to IP 128.243.22.1
– Router replies with its MAC address on that
LAN

Send IP packet in Ethernet frame on LAN to
router MAC address…
42
Routing handling of packet

Initially as for normal host receive
– NIC accepts Ethernet frame addressed to it
– Passes to OS via interrupt
– OS determines frame type and passes for
handling as IP
– Checks packet is not corrupt
– Checks destination IP address
If local, continue processing for local delivery
 If not local…

43
Router packet forwarding

OS checks packet Time To Live (TTL)
– may discard packet, else decrement TTL

Now send as a normal packet
– router OS checks own routing tables

finds next hop IP destination for network portion of
IP address
– resolves low-level address of next hop (e.g.
Ethernet, using ARP)
– sends packet on next hop interface
44
Routing in routers
Routers are pre-configured with details of
directly connected networks
 Routers exchange routing packets with all
directly connected routers

– e.g. RIP, BGP, OSPF

Routers progressively discover all networks
and which interface is "closest" to them, i.e.
what the next hop interface should be.
45
Wide-area routing

For scalability (localisation of information)
routing is normally divided:
– Within a site or organisation = “autonomous
unit”
– Between autonomous units
Note: different
protocols,
different levels
of granularity
46