Transcript arp
IP: putting it all together
Part 1
G53ACC
Chris Greenhalgh
1
Contents
Scenario
Local network communication
– Sending a packet
– ARP
– Receiving a packet
Remote network communication
– Routing
2
Book coverage
Assumed from CCN:
– Comer ch. 13 (routing), 17 (internet), 22 (IPv6), 25
(TCP)
Reviewed:
– Comer ch. 18 (addresses), 20 (datagram), 21 (frag.)
Additional:
– Comer ch. 19 (ARP), 23 (ICMP), 24 (UDP), 26 (NAT),
27 (Internet routing, part)
3
Scenario
Sending a UDP packet
– E.g. the ReverseClientUnicast, or DNS client
Pre-configured machine
On an Ethernet
Connected to the Internet
Running the IP protocol suite
– How does communication "really" work?
4
Scenario (& see text dump)
128.243.22.61
(monet)
Start
Here
128.243.22.1
128.243.21.1
Ethernet
switch(es)
128.243.22/24
Ethernet
switch(es)
128.243.21/24
Router
Internet
128.243.22.35
(mcclean)
155.198.5.83
(www.ic.ac.uk)
128.243.21.16
(DNS server) 128.243.21.19
5
e.g. ReverseClientUnicast.java
…
int port = Integer.parseInt(args[1]);
InetAddress server =
InetAddress.getByName(args[0]);
DatagramSocket socket =
new DatagramSocket();
…
byte [] data =
requestByteStream.toByteArray();
DatagramPacket request =
new DatagramPacket(data, data.length,
server, port);
socket.send(request);
6
…
TCP/IP reference model
You are here
ReverseClient, DNS, …
TCP, UDP
IP
IEEE802
Ethernet,
WiFi, …
7
Comer Fig. 17.4
What have you got?
(what does the machine know?)
An array of bytes
– Application layer data
A destination IP address (not name)
– E.g. 128.243.22.35 (case 1);
128.243.21.19 (case 2)
A destination UDP port
A sending UDP socket (=> source UDP port)
Local IP configuration (in OS)
– See later
8
Goal: send that data to the
destination machine
But physical network transports Ethernet
frames (only!)…
You are here: Application Data
9
Transport layer, UDP:
add UDP header
Source port =
sending socket
Dest. port =
from request
Data = app. Data
Length = data length
Checksum =
error check (CRC)
10
TCP/IP reference model
You are here
ReverseClient, DNS, …
TCP, UDP
IP
IEEE802
Ethernet,
WiFi, …
11
Comer Fig. 17.4
What have you got now?
(what does the machine know?)
A UDP header and datagram payload
– Includes source & dest. UDP ports
– Application layer data
A destination IP address (not name)
– E.g. 128.243.22.35 (case 1);
128.243.21.19 (case 2)
Local IP configuration (in OS)
– See later
12
Network Layer, IP:
add IP header
13
Selected IP header fields
Version = 4
Type = UDP
Source IP address =
a local IP, probably
not filled in yet
Destination IP =
from request
TTL =
“Time To Live”
(network hops),
initially high
Header checksum =
error check for header
Fragment offset –
see fragmentation
14
So…
You have:
– IP packet
– With IP destination
You need:
– Ethernet (or other
network) Interface to
send it
– Ethernet frame
– With Ethernet
destination
15
Local IP configuration
For now assume set by hand, e.g. on monet:
– Own IP address, e.g. 128.243.22.61
– Netmask (range of IP addresses on physical segment),
e.g. 255.255.255.0
– Default router, e.g. 128.243.22.1
– DNS server address
– (See later notes on auto-configuration)
Built in:
– Own Ethernet address
(in Network Interface Card (NIC) PROM)
16
IP layer:
what shall I do with this packet?
IP datagram forwarding rule:
– Send it to another physically reachable machine which
is believed to be closer to the IP destination
But:
– Which machine is closer?
– Which physical interface can be used to reach that
machine?
Consult OS IP routing table…
17
Routing table
Lists a set of rules:
What to do with a packet addressed to
any destination IP address
– Which physical interface to use
– Whether the destination is directly reachable
– If not, which directly reachable machine to pass
the packet on to
18
Routing table example
(from scenario, monet) G = gateway
(not direct)
# netstat -r
Destination
128.243.22.0
127.0.0.0
0.0.0.0
Gateway
0.0.0.0
0.0.0.0
128.243.22.1
Genmask
255.255.255.0
255.0.0.0
0.0.0.0
Fl
U
U
UG
M
0
0
0
R
0
0
0
U
0
0
0
Iface
eth0
lo
eth0
# ifconfig eth0 [windows: ipconfig /all]
eth0 Link encap:Ethernet HWaddr 00:01:02:AD:0F:08
inet addr:128.243.22.61 Bcast:128.243.22.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
19
Routing table example: windows
(128.243.22.74 - not from the scenario)
>netstat –r
Network Destination
Netmask
Gateway
0.0.0.0
0.0.0.0
128.243.22.1
127.0.0.0
255.0.0.0
127.0.0.1
128.243.22.0
255.255.255.0
128.243.22.74
128.243.22.74 255.255.255.255
127.0.0.1
…
>ipconfig /all
…
Ethernet adapter Local Area Connection:
Connection-specific
Description . . . .
Physical Address. .
IP Address. . . . .
Subnet Mask . . . .
DNS
. .
. .
. .
. .
Suffix
. . . .
. . . .
. . . .
. . . .
.
.
.
.
.
:
:
:
:
:
Interface
128.243.22.74
127.0.0.1
128.243.22.74
127.0.0.1
Metric
10
1
10
10
This machine
(direct)
3Com Gigabit NIC (3C2000)
00-0A-5E-54-2B-65
128.243.22.74
255.255.255.0
…
20
Case 1: send to 128.243.22.35
128.243.22.61
(monet)
Start
Here
128.243.22.1
128.243.21.1
Ethernet
switch(es)
128.243.22/24
Ethernet
switch(es)
128.243.21/24
Router
Internet
128.243.22.35
(mcclean)
155.198.5.83
(www.ic.ac.uk)
128.243.21.16
(DNS server) 128.243.21.19
21
Case 1: Send to 128.243.22.35
Find routing table entry matching
destination IP address (128.243.22.35)
gateway (if any) and interface
– No gateway (directly reachable destination)
send directly to 128.243.22.35
– Interface “eth0”
Need Ethernet address for direct destination
to send on Ethernet…
22
Address Resolution Protocol
(ARP)
Internet standard, RFC 826
Protocol for dynamic mapping of (local) IP
addresses to (local) Ethernet address
23
ARP request/response packet
Construct ARP request “who has IP
128.243.22.34”:
– “H” = “hardware” (Ether.); “P” = “protocol” (IP)
24
ARP/Ethernet encapsulation
Place ARP request in Ethernet frame
– Type 806
25
ARP query
Broadcast on identified outgoing interface:
Broadcast request
Unicast response
26
ARP query handling
– all hosts on that Ethernet receive the broadcast
request and packet to OS
– Each host inspects Ethernet frame type and passes
to relevant handler (in OS)
– ARP handler inspects request: is this my IP
address?
– Host 128.243.22.35 sees match and builds and
sends back ARP response
“128.243.22.35 =
Ethernet address 00:a0:c9:ca:1d:d7”
– Sending host caches this information for (near)
future re-use in an ARP table…
27
ARP cache
Try # arp –a
– table of IP address Ethernet (MAC) address
28
TCP/IP reference model
You are here
ReverseClient, DNS, …
TCP, UDP
IP
IEEE802
Ethernet,
WiFi, …
29
Comer Fig. 17.4
(Finally) Build Ethernet frame
Source IP = sending interface IP
Source MAC address = sending interface MAC
address
Destination IP address = original destination
Destination MAC address = next hop MAC
address
Ethernet frame type = 0800
30
Send on identified network
interface
Ethernet LAN is (logical) broadcast
– Packet typically seen by the Ethernet card of
every machine on that LAN
(give or take Ethernet switches which learn and
route by MAC address)
31
Receiving a packet…
32
Incoming Ethernet frame: NIC
Check dest. Ethernet (MAC) address
– Accept if broadcast or = NIC’s MAC address
– Interrupt OS…
33
Incoming Ethernet frame: OS
OS is interrupted by NIC and retrieves
received Ethernet frame
Inspects frame type field and handles
contents (payload) accordingly:
– 0806 ARP (already considered)
– 0800 IP v.4…
34
Incoming IP packet (OS)
Inspects IP header
– Check header checksum, discard if corrupted
– Check destination IP address
If (one of our) local address(es), continue local
processing…
Otherwise, consider for forwarding
– Forwarding enabled (e.g. router) see later
– Forwarding disabled (e.g. most hosts) discard
35
Incoming IP packet with local
destination (OS)
(Fragments reassembled first – see later)
Check IP packet type:
–
–
–
–
–
1 ICMP Internet Control Message
2 IGMP Internet Group Management
4 IP in IP (encapsulation)
6 TCP Transmission Control
17 UDP User Datagram
Pass to relevant handler…
36
Incoming (e.g.) UDP datagram
with local IP address (OS)
Inspects UDP header
– Check UDP checksum, discard if corrupt
– Check destination UDP port
If not bound to an application
Send an error response (ICMP Destination
Unreachable – see later)
If currently bound to an application socket
pass payload plus source IP and source UDP port
to application socket…
37
Receiving application
(e.g. ReverseServerUnicast.java)
int port = Integer.parseInt(args[0]);
DatagramSocket socket =
new DatagramSocket(port);
…
byte [] requestBytes = new byte[65536];
DatagramPacket request =
new DatagramPacket(requestBytes,
requestBytes.length);
socket.receive(request);
…
38
Case 2: send to 128.243.21.19
(different network)
128.243.22.61
(monet)
Start
Here
128.243.22.1
128.243.21.1
Ethernet
switch(es)
128.243.22/24
Ethernet
switch(es)
128.243.21/24
Router
Internet
128.243.22.35
(mcclean)
155.198.5.83
(www.ic.ac.uk)
128.243.21.16
(DNS server) 128.243.21.19
39
Case 2: Send to 128.243.21.19
Begins as before:
– Construct UDP header
– Construct IP header
– Complete IP datagram
40
Case 2: Routing at senderG = gateway
(not direct)
Find routing table entry matching destination IP address
(128.243.22.35) (may appear as “default”):
# netstat -r
Destination
128.243.22.0
127.0.0.0
0.0.0.0
Gateway
0.0.0.0
0.0.0.0
128.243.22.1
Genmask
255.255.255.0
255.0.0.0
0.0.0.0
Fl
U
U
UG
M
0
0
0
R
0
0
0
U
0
0
0
Iface
eth0
lo
eth0
Doesn't match local network, So use default route
– Gateway (next directly reachable hop) = router 128.243.22.1
– Outgoing network interface = eth0 (IP 128.243.22.61)
41
Case 2: Sending non-local
Destination IP address is 128.243.21.19
Destination Ethernet address is Ethernet
address of gateway/next hop machine
– do ARP to find Ethernet address
corresponding to IP 128.243.22.1
– Router replies with its MAC address on that
LAN
Send IP packet in Ethernet frame on LAN to
router MAC address…
42
Routing handling of packet
Initially as for normal host receive
– NIC accepts Ethernet frame addressed to it
– Passes to OS via interrupt
– OS determines frame type and passes for
handling as IP
– Checks packet is not corrupt
– Checks destination IP address
If local, continue processing for local delivery
If not local…
43
Router packet forwarding
OS checks packet Time To Live (TTL)
– may discard packet, else decrement TTL
Now send as a normal packet
– router OS checks own routing tables
finds next hop IP destination for network portion of
IP address
– resolves low-level address of next hop (e.g.
Ethernet, using ARP)
– sends packet on next hop interface
44
Routing in routers
Routers are pre-configured with details of
directly connected networks
Routers exchange routing packets with all
directly connected routers
– e.g. RIP, BGP, OSPF
Routers progressively discover all networks
and which interface is "closest" to them, i.e.
what the next hop interface should be.
45
Wide-area routing
For scalability (localisation of information)
routing is normally divided:
– Within a site or organisation = “autonomous
unit”
– Between autonomous units
Note: different
protocols,
different levels
of granularity
46