PowerPoint - DePaul University
Download
Report
Transcript PowerPoint - DePaul University
Network Protocols
Internet Protocol (IP)
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Will layer 2 networking suffice?
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Layer 3 usually provides...
•
Internetworking for data link technologies
•
Globally unique addresses
•
Scalable routing
•
A common communications format
•
Packet fragmentation capability
•
A hardware independent interface
•
Packet independence
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
An IP router (or gateway)...
•
Is usually a special purpose, dedicated device
•
Connects heterogenous networks
•
Directs packets toward their ultimate destination
•
Often uses dynamic routing algorithms/protocols
•
which make automatic forwarding decisions
•
which make decisions based on various metrics
•
Official pronounciation is rooter
•
layer 3 switch = router = layer 3 switch
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
IP routing
•
Scope
•
•
Dynamic routing
•
•
protocol for route exchange and computation
Static routing
•
•
autonomous system (AS), interior, exterior
manually configured routes
Destination address driven
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Internet Protocol (IP)
•
Documented in IETF RFC 791
•
Connectionless
•
Unreliable
•
Simple (relatively)
•
The thin waist in the TCP/IP suite hourglass model
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
IP address
•
Virtual, not specific to a hardware device
•
32-bit fixed address length (IPv4)
•
Unique address for each interface (typically)
•
Global registrar assigns network bits (prefix)
•
Local administrator assigns host bits (suffix)
•
Usually written in dotted decimal (dotted quad)
•
e.g. 140.192.5.1
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
IP address types
•
Unicast (one-to-one)
•
•
Multicast (one-to-many)
•
•
receivers join/listen to group destination address
Broadcast (one-to-all)
•
•
source addresses should always be unicast
special case of multicast, usually unnecessary
Anycast (one-to-one-of-many)
•
usually one-to-nearest, often used for reliability
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
IP address notation
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Special IP addresses
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Classful IP addressing
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Classful address sizes
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Example IP network
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Example IP router addressing
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Classful addressing limitations
•
Internet growth
•
Route table size
•
Address depletion
•
Misappropriation of addresses
•
Lack of support for varying sized networks
•
Class B is often too big, Class C often too small
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
IP addressing solutions
•
Subnetting
•
Supernetting
•
Classless interdomain routing (CIDR)
•
Variable length subnet masks (VLSM)
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Subnetting
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Subnet masks
•
The bit length of the prefix (network bits)
•
Prefix (network bits) no longer classful (fixed size)
•
Use of the slash '/' notation to represent addresses
•
•
140.192.5.1 with mask of 255.255.255.128 is:
•
140.192.5.1/25
As viewed in binary for clarity, a /25 mask is:
•
11111111.11111111.11111111.10000000
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Subnet masks example
•
Given 140.192.50.8/20 what is the...
•
subnet mask in dotted decimal notation?
•
directed broadcast address in dotted quad?
•
total number of hosts that can be addressed?
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Supernetting
•
Combine smaller address blocks into an aggregate
•
If class B is too big and class C is too small...
•
Combine 199.63.0.0/24 to 199.63.15.0/24
•
To form 199.63.0.0/20
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Supernetting example
•
Given an ISP that has 128.15.0.0/16:
•
what block might be assigned to a customer
needing to address 300 hosts?
•
how does the ISP manage their IP address
allocation if there are many customers with
varying address requirements?
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
CIDR
•
Routers using aggregated prefixes (CIDR blocks)
•
primarily through the use of supernetting
•
So instead of adding multiple class C blocks...
•
...advertise some larger aggregate, e.g. /20
•
The Internet CIDR report:
•
http://www.cidr-report.org
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
CIDR example
•
Given an ISP that announces:
•
64.5.0.0/20
•
64.5.16.0/20
•
192.0.2.0/25
•
192.0.2.192/26
•
192.0.2.128/26
•
What is the least number of CIDR announcements
that can be made for this ISP?
•
Why might address blocks not be aggregated?
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
VLSM
•
Many subnet sizes in an autonomous system (AS)
•
Allows for efficient use of address space
•
Can be used to build an internal hierarchy
•
External view of the AS does not change
•
An AS may be allocated 140.192.0.0/16, but...
•
internally may use:
•
140.192.0.0/17
•
140.192.128.0/24
•
140.192.129.0/25 and so on...
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
VLSM example
•
Given an assignment of 140.192.0.0/16, create an
addressing strategy to support:
•
6 satellite offices and 1 large headquarter site
•
6000 total hosts on all combined networks
•
headquarters needs about 50% of all addresses
•
satellite offices need 200 to 700 addresses
•
overall growth per year is 500 hosts
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Obtaining IP addresses
•
IANA has global authority for assignment
•
Regional registries delegate to ISPs and large nets
•
ISPs assign addresses to end users
•
RFC 1918 defines private address blocks
•
NOT globally unique
•
NOT for hosts attached directly to public Internet
•
10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16
•
You will understand RFC 1918 consequences
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
IP datagram layout
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Inside an IP datagram
•
Version field
•
•
•
usually set to binary 0100 (is what decimal?)
Header length
•
length of IP header in 32-bit words
•
typically set to 5 (as in 5 octets)
Type of Service (redefined in newer RFCs)
•
an indication of quality/class of service
•
rarely used with success outside a single AS
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Inside an IP datagram [cont.]
•
•
•
Total length
•
total IP datagram length in octets
•
maximum value is 65535, but rarely > 1500
Identification
•
to identify fragments of a single IP datagram
•
experimentally used in tracing DDoS sources
Flags
•
bit 0 reserved, others for fragmentation (or not)
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Inside an IP datagram [cont.]
•
Fragment offset
•
•
•
helps piece together IP fragments
Time to live (TTL)
•
limts the time/hops of datagram in the net
•
counts down to zero, at zero it is discarded
Protocol type
•
indicates next layer protocol in payload
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Inside an IP datagram [cont.]
•
Header checksum
•
•
Source/Destination address
•
•
32-bit IP address
Options (optional)
•
•
used to verify header validity at each hop
rarely used, padded to 32-bit boundary if
needed
Payload
•
variable length
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Basic tools
•
ping
•
traceroute
•
arp
•
route
•
netstat
•
packet capture
•
•
tcpdump, ethereal
routing table monitors, looking glass servers
TDC375 Autumn 03/04
John Kristoff - DePaul University
1
Final thoughts
•
IP is unreliable, connectionless
•
IP addressing is a pain, wait til you see IPv6
•
IP addresses today are both a who and a where
•
IP addresses make for poor trust relationships
•
IP fragmentation is generally best avoided
•
Private IPs and NATs, yuck!
TDC375 Autumn 03/04
John Kristoff - DePaul University
1