Chapter 4 Part 1 PPT

Chat with Document Download Quiz & Flashcards

Document Details

TranquilExuberance2151

Uploaded by TranquilExuberance2151

Tags

chapter 4 presentation general

Related

Summary

Presentation slides for chapter 4 part 1.

Full Transcript

NET-256 Computer Network Foundations Chapter 4 – Part 1 Network Layer: Data Plane Computer Networking: A Top- Down...

NET-256 Computer Network Foundations Chapter 4 – Part 1 Network Layer: Data Plane Computer Networking: A Top- Down Approach 8th edition Jim Kurose, Keith Ross All material copyright 1996-2020 Pearson, 2020 J.F Kurose and K.W. Ross, All Rights Reserved Network layer: our goals  understand principles  instantiation, behind network layer implementation in the services, focusing on Internet data plane: IP protocol network layer service NAT models forwarding versus routing how a router works addressing Network Layer: 4-2 Network layer: “data plane” roadmap  Network layer: overview data plane control plane  What’s inside a router input ports, switching, output ports  IP: the Internet Protocol IPv4 datagram format addressing network address translation IPv6 Network Layer: 4-3 Network-layer services and protocols  transport segment from sending mobile network to receiving host national or global ISP sender: encapsulates segments into datagrams, passes to link layer applicati receiver: delivers segments to on transpor transport layer protocol t network  network layer protocols in every link physical networ k link networ k link Internet device: hosts, routers physica l physica l  Routers (principle network layer networ k networ k link devices within the network core): physica l link physica l networ k datacenter network examines header fields in all IP link physica l datagrams passing through it applicati moves datagrams from input ports on transpor enterprise t to output ports to transfer network network link datagrams along end-end path physical Network Layer: 4-4 Two key network-layer functions network-layer functions: analogy: taking a trip  forwarding: move packets  forwarding: process of from a router’s input link to getting through single appropriate router output link  interchange routing: process of planning happens in very short trip from source to destination timescale - nanoseconds  routing: determine route taken by packets from source to destination routing algorithms Longer timescale - seconds forwarding routing Network Layer: 4-5 Network layer: data plane, control plane Data plane (Forwarding) Control plane (Routing)  Local action, per-router  network-wide logic (end-to- function end)  determines how  determines how datagram datagram arriving on is routed among routers router input port is along end-end path from forwarded values in arriving to router  two source host to destination control-plane approaches: traditional routing algorithms: output packet header port hostimplemented in routers 0111 1 (measurements, forwarding table, 2 maintenance) 3 software-defined networking (SDN): implemented in (remote) servers (to perform route calculations) Network Layer: 4-6 Two key network-layer functions routing Routing: algorithm  global action: Forwarding: local forwarding local forwardingtable determine  aka “switching” table header value output link source- 0100 3  local action: 0101 0111 2 2 destination paths move arriving 1001 1 taken by packets packets from router’s input  routing link to 1 algorithms appropriate router output 3 2 link 01 11 destination address in arriving packet’s header Introduction: 1-7 Per-router control plane Individual routing algorithm components in each and every router interact in the control plane Routing Algorithm control plane data plane values in arriving packet header 0111 1 2 3 Network Layer: 4-8 Software-Defined Networking (SDN) control plane Remote controller computes, installs forwarding tables in routers Remote Controller control plane data plane CA CA CA CA CA values in arriving packet header 0111 1 2 3 Network Layer: 4-9 Network layer: “data plane” roadmap  Network layer: overview data plane control plane  What’s inside a router input ports, switching, output ports  IP: the Internet Protocol IPv4 datagram format addressing network address translation IPv6 Network Layer: 4-10 Router architecture overview high-level view of generic router architecture: routing, management routing control plane (software) processor operates in millisecond time frame forwarding data plane (hardware) operates in nanosecond timeframe high-speed switching fabric router input ports router output ports Network Layer: 4-11 Input port functions lookup, link layer forwarding line switch protocol fabric termination (receive) queueing physical layer: bit-level reception decentralized switching: link layer:  using header field values, lookup output port e.g., Ethernet using forwarding table in input port memory (chapter 6) (“match plus action”)  goal: complete input port processing at ‘line speed’  input port queuing: if datagrams arrive faster Network Layer: 4-12 Input port functions lookup, link layer forwarding line switch protocol fabric termination (receive) queueing physical layer: bit-level reception decentralized switching: link layer:  using header field values, lookup output port e.g., Ethernet using forwarding table in input port memory (chapter 6) (“match plus action”)  destination-based forwarding: forward based only on destination IP address (traditional)  generalized forwarding: forward based on any set Network Layer: 4-13 Network layer: “data plane” roadmap  Network layer: overview data plane control plane  What’s inside a router input ports, switching, output ports  IP: the Internet Protocol IPv4 datagram format addressing network address translation IPv6 Network Layer: 4-14 Network Layer: Internet host, router network layer functions: transport layer: TCP, UDP Path-selection IP protocol datagram format algorithms: addressing network implemented packet handling conventions forwarding layer in routing table ICMP protocol protocols error reporting (OSPF, BGP) router “signaling” SDN controller link layer physical layer Network Layer: 4-15 IPv4 Datagram format 32 bits IP protocol version number total datagram ver head. type of length length (bytes) header length(bytes) len service fragment fragmentation/ “type” of service: 16-bit identifier flgs  diffserv (0:5) offset reassembly  ECN (6:7) time to upper header live layer checksum header checksum TTL: remaining max hops source IP address 32-bit source IP address (decremented at each router) Maximum length: 64K bytes destination IP address 32-bit destination IP address payload protocol (e.g., TCP, UDP, ICMP) Typically: 1500 bytes or less options (if any) e.g., timestamp, record overhead route taken  20 bytes of TCP payload data  20 bytes of IP (variable length,  = 40 bytes + app typically a TCP layer overhead or UDP segment) Network Layer: 4-16 IPv4 Format  Version (4-bit): IP Protocol version, currently 4.  Header length (4-bit): the length of the IP header in 4-byte unit. It is the number of the 32- bit words in the header. The minimum value for this field is 5 and the maximum is 15.  Type of Services(TOS): How packet should be handled Different Services uses this field for differentiate packet types. Distinguish IP packets based on delay, throughput, reliability.  Total length: To define the total length of the packet including the header in bytes. 16-bit number, the maximum IP size is limited to 2^16 bytes, or 64 Kbytes. Typically packet doesn’t exceed 1500 byte IPv4 Format  Identification, flags, fragment offset: A source node gives a unique ID to each packet. Identification, Flags, Fragmentation offset fields are used for packet fragmentation (will be covered later)  Time to Live (TTL): A packet has a limited lifetime in the network to avoid circulating forever. Designed to hold a timestamp, and decreased by each router. A packet is discarded by a router if TTL is zero. Revised to hold the maximum number of hops the packet can travel thru the network. Each router decrements it by one. If the value is zero the packet will be dropped. IPv4 Format  Protocol: To define payload protocol type, that’s the protocol to which data portion should be passed to 1 for ICMP 2 for IGMP 6 for TCP Protocol field and 17 for UDP encapsulated data IPv4 Format  Header checksum: Helps routers to detect bit errors in received IP packets. An IP header is slightly modified by each router. At least TTL field. The checksum must be re-calculated by routers. The checksum must be efficiently calculated with no need of special hardware. Routers discard packets for which an error has been detected.  Source IP address and Destination IP address: IP address of source device IP address of destination device (determined via DNS lookup)  Options: Variable length For new protocols  Data (Payload): Contains the Transport layer segment Can carry other types of data such as ICMP message IPv4 fragmentation, reassembly network links have MTU (max.transfer size) - largest possible link-level frame different link types, different MTUs fragmentation: … in: one large datagram out: 3 smaller datagrams  large IP datagram divided reassembly (“fragmented”) within net one datagram becomes several datagrams … “reassembled” only at final destination host IP header bits used to identify, order related fragments Network Layer: Data 4-21 Plane Data is 10,000 bytes and MTU is 2500 4-22 Fields for Fragmentation  Identification The source host generates the unique ID  Flags (3-bits) Unused bit DF bit (Don’t Fragment) 1 – force the router not to fragment the packet. If the packet length is greater than the MTU, the router will discard the packet and send an error message to the source MF bit (More Fragment) 1 – tell the destination whether or not more fragments follow  Offset: to identify sequence of fragments. It generally indicates number of data bytes preceding or ahead of the fragment. Where the fragment fits within the original IP packet Unit of 8-byte chunks Between the beginning of the packet to be fragmented and the Flags used in fragmentation M=1 means the packet is not the last fragment M=0 means the packet is the last fragment D=1 means Do not fragment the packet Examp le A packet has arrived with an M bit value of 0. Is this the first fragment, the last fragment, or a middle fragment? Do we know if the packet was fragmented? Solution If the M bit is 0, it means that there are no more fragments; the fragment is the last one. However, we cannot say if the original packet was fragmented or not. A non-fragmented packet is considered the last fragment. IPv4 fragmentation/reassembly - Example The offset value is specified in units of 8-byte chunks example: length ID fragflag offset  4000 byte datagram =4000 =x =0 =0 3980 byte data + 20 byte header (including 20 byte header)  MTU = 1500 bytes one large datagram becomes several smaller datagrams 1480 bytes in length ID fragflag offset data field 1480 byte data + 20 byte heade =1500 =x =1 =0 offset = length ID fragflag offset 1480/8 =1500 =x =1 =185 1480 byte data + 20 byte head length ID fragflag offset 1020 byte data + 20 byte head =1040 =x =0 =370 Network Layer: 4-26 Fragmentation and Reassembly  Fragmentation takes place at the sender and routers  Reassembly takes place at the receiver host ONLY. Fragment at source Reassemble at destination Source Fragment Router Destination at router IP IP Network Network Network layer: “data plane” roadmap  Network layer: overview data plane control plane  What’s inside a router input ports, switching, output ports  IP: the Internet Protocol IPv4 datagram format addressing network address translation IPv6 Network Layer: 4-28 IP addressing: introduction 223.1.1.1  IP address: 32-bit identifier 223.1.2.1 associated with each host or router interface (network 223.1.1.2 223.1.1.4 223.1.2.9 interface card)  interface: connection 223.1.1.3 223.1.3.27 between host/router and 223.1.2.2 physical link router’s typically have 223.1.3.1 223.1.3.2 multiple interfaces host typically has one or two interfaces (e.g., wired Ethernet, wireless 802.11) dotted-decimal IP address notation: IP address associated with each 223.1.1.1 = 11011111 00000001 00000001 00000001 interface 223 1 1 1 Network Layer: 4-29 IP addressing: introduction 223.1.1.1 Q: how are 223.1.2.1 interfaces 223.1.1.2 A: actually we’ll learn about A: wired 223.1.1.4 223.1.2.9 connected? that in chapters 6, Ethernet interfaces 7 connected by 223.1.1.3 223.1.3.27 223.1.2.2 Ethernet switches 223.1.3.1 223.1.3.2 For now: don’t need to worry about how one interface is connected to another (with no A: wireless WiFi interfaces connected by WiFi base station intervening router) Network Layer: 4-30 IPv4 Addresses The address space of IPv4 is 232 (4,294,967,296) Notation. Binary notation Dotted-decimal notation Octet 1 Octet 2 Octet 3 Octet 4 Example Change the following IPv4 addresses from binary notation to dotted-decimal notation. Solution We replace each group of 8 bits with its equivalent decimal number and add dots for separation. Example Change the following IPv4 addresses from dotted-decimal notation to binary notation. Solution We replace each decimal number with its binary equivalent. Structure of IPv4 Address All devices on IPv4 network need a 32-bit logical address to communicate IPv4 address is a 32-bit hierarchical address consists of a network portion on the left and a host portion on the right Length will vary depending on the size of the network (Large networks will have longer host portion) A network is a range of addresses All devices on the same network have the same bit pattern for the network portion (network ID) but different host portion (host ID) Structure of IPv4 Address  Subnet Mask 32-bit number of contiguous 1’s followed by contiguous 0’s. To help find the network ID and the host ID by comparing IP Address and the Subnet Mask. The 1s in the subnet mask identify the network portion while the 0s identify the host portion. Structure of IPv4 Address  Prefix Length Shorthand method of identifying a subnet mask. It is the number of bits set to 1 in the subnet mask. Written in “slash notation”, a “/” followed by the number of bits set to 1. /8 or /16 or /24 Prefix Length – tells you how many bits in IP address refers to network portion. Prefix Subnet Mask 32-bit Address Length 11111111.00000000.00000000.000000 255.0.0.0 /8 00 11111111.11111111.00000000.000000 255.255.0.0 /16 00 11111111.11111111.11111111.000000 255.255.255.0 /24 00 255.255.255.12 11111111.11111111.11111111.100000 /25 8 00 255.255.255.19 11111111.11111111.11111111.110000 /26 2 00 255.255.255.22 11111111.11111111.11111111.111000 /27 4 00 255.255.255.24 11111111.11111111.11111111.111100 /28 0 00 255.255.255.24 11111111.11111111.11111111.111110 /29 8 00 255.255.255.25 11111111.11111111.11111111.111111 /30 2 00 Special Addresses  Network address The first address in a block is normally not assigned to any device; it is used as the network address that represents the organization to the rest of the world. ANDing between the IP address and the subnet mask yields the network address.  Broadcast address The last address in a block is used for broadcasting to all devices under the network.  Host Address Any IP address between the Network address and Broadcast address. Assigned to hosts within the network. Example The first address (Network Address) can be found by ANDing the given addresses with the mask. ANDing here is done bit by bit moving left to right. The result of ANDing 2 bits is 1 if both bits are 1s; the result is 0 otherwise. Example A block of addresses is granted to a small organization. We know that one of the addresses is 205.16.37.39/28. What is the first address in the block? Solution The binary representation of the given address is IP address: 11001101 00010000 00100101 00100111 Subnet Mask: 11111111 11111111 11111111 11110000 If we set 32−28 rightmost bits to 0, we get Network Address: 11001101 00010000 00100101 00100000 or 205.16.37.32 Example Find the last address for the same block in the previous example. Solution The binary representation of the given address is IP address: 11001101 00010000 00100101 00100111 Subnet Mask: 11111111 11111111 11111111 11110000 If we set 32 − 28 rightmost bits to 1, we get 11001101 00010000 00100101 00101111 or 205.16.37.47 IPv4 Communication Unicast Broadcast Multicas t Hierarchy of IPv4 Addressing  Each address in the block can be considered as a two-level hierarchical structure: the leftmost n bits (prefix) define the network; the rightmost 32 − n bits define the host. Network ID and Host Portion IP = 192.168.1.0 /28 portion 32-28 = 4 bits) (e.g. n = 28 & total bits are 32. So, 32-n = host SM = 11111111. 11111111. 11111111.11110000 (Binary) SM = 255.255.255.240 (Decimal) Two Level of Hierarchy Use of IPv4 Address IPv4 addressing space can be:  Subnetting Divide a single large network into smaller networks known as subnets. Hence, divide the network large address block into multiple smaller sub-groups (ranges). Use of flexible network mask. Relieve congestion and improve utilization of IPv4 addressing space.  Supernetting Opposite to subnetting, is to combine multiple contiguous address spaces into a larger single address space. Allows routers to advertise many network routes in one single advertisement. Subnetting  Dividing the IP network into several smaller groups (subnets) with each group having its own subnet IP address  Site looks to rest of internet like single network and routers outside the organization route the packet based on the main Network address  Local routers route within subnetted network using subnet address  Host portion of address partitioned into subnet number (most significant part) and host number (least significant part)  In this case, IP address will have 3 levels (Main network, subnet, host)  Subnet mask is a 32-bit consists of zeros and ones that indicates which bits of the IP address are subnet number and which are host number  Subnet mask when ANDed with the IP address it gives the subnetwork address Three Level of Hierarchy The subnet mask is customized by varying the length of host and network portions to create IP ranges that fit the IP requirements of the individual sub-networks. 30 Addresses 14 Addresses 14 Addresses Subnets 223.1.1.1  What’s a subnet ? a piece (segment)of the 223.1.2.1 network where devices’ 223.1.1.2 interfaces can physically reach 223.1.1.4 223.1.2.9 each other without passing through an intervening router, 223.1.1.3 223.1.3.27 directly connected to each 223.1.2.2 other via link layer technology (Ethernet, Wi-Fi) 223.1.3.1 223.1.3.2  IP addresses have structure: subnet part: devices in same subnet have common high order network consisting of 3 subnets bits host part: remaining low order bits Network Layer: 4-47 Subnets subnet 223.1.1.0/24 223.1.1.1 subnet 223.1.2.0/24 Recipe for defining 223.1.2.1 subnets: 223.1.1.2 223.1.1.4 223.1.2.9  to determine the subnets, detach each 223.1.1.3 223.1.3.27 223.1.2.2 interface from its host or router, creating subnet 223.1.3.0/24 223.1.3.1 223.1.3.2 “islands” of isolated networks subnet mask: /24  each isolated network(high-order is 24 bits: subnet part of IP addre called a subnet Network Layer: 4-48 Subnets 223.1.1.2 subnet 223.1.1/24  where are 223.1.1.1 223.1.1.4 the 223.1.1.3 subnets?  what are 223.1.9.2 223.1.7.0 subnet 223.1.7/24 the /24 subnet 223.1.9/24 subnet addresses? 223.1.9.1 223.1.7.1 223.1.8.1 223.1.8.0 subnet 223.1.2/24 223.1.2.6subnet 223.1.8/24 223.1.3.27 subnet 223.1.3/24 223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2 Network Layer: 4-49 IP addressing: CIDR Subnet Address assignment mechanism is known as: CIDR: Classless InterDomain Routing (pronounced “cider”) subnet portion of address of arbitrary length address format: a.b.c.d/x, where x is # bits in subnet portion of address subnet host part part 11001000 00010111 00010000 00000000 200.23.16.0/23 Network Layer: 4-50 Calculating Addresses using VLSM – Variable Length Subnet Masking Subnetting: Dividing Networks into Right Sizes When planning the network addressing scheme, the network administrator need to take into consideration the following: 1. We need to consider the total number of hosts available in the entire corporate internetwork 2. Select a block of addresses that is large enough to accommodate all devices in the network including user devices, servers, intermediary devices, router, etc. 3. Then we need to divide/group the hosts in the internetwork based on either, location, purpose, ownership factors. Creating a network diagram can be helpful at this stage to see the different subnetworks and the number of hosts in each 4. Plan the number of subnetworks needed and the size of each based on the grouping of hosts. We need to consider the following factors: a. The maximum number of hosts that need to be accommodated in each subnetwork b. The future growth in the number of hosts in each subnetwork 5. Start allocating addresses from the overall block of addresses 6. We start with the locations that require the most hosts and work down to the point-to-point links. VLSM – Variable Length Subnet Masking Suppose an organization has three subnets and each subnet has different host IP address requirements: Marketing (Subnet A) = 60 hosts Operations (Subnet B) = 12 hosts Management (Subnet C) = 28 hosts The organization is allocated the address block 192.168.2.0/24 4-52 Solution Step 1: Analyze the IP address block allocated for the network. Determine how many host addresses this block will provide. Allocated the address block 192.168.2.0/24 /24  11111111.11111111.11111111. 00000000 < ------------ Network Portion < - Host Portion - ------------ > > Host bits = 8 Host addresses available= 2^8 = 256 – 2 = 254 4-53 Solution Step 2: Arrange subnets in descending order from largest to smallest. Marketing (Subnet A) = 60 hosts Management (Subnet C) = 28 hosts Operations (Subnet B) = 12 hosts 4-54 Solution Step 3: Find the appropriate subnet size to fit the minimum IP requirements of each subnet starting from the largest subnet to smallest. Take into consideration the network address, broadcast address in addition to host addresses required. You can use the hosts/subnet table below: 4-55 Solution Marketing (Subnet A) = 60 hosts /26  11111111.11111111.11111111.11000000 /26 will create four equal sized subnets (2^2 = 4) Number of hosts (subnet size) = 2^6 = 64 192.168.2.0 - 192.168.2.63 192.168.2.64 - 192.168.2.127 192.168.2.128 - 192.168.2.191 192.168.2.192 - 192.168.2.255 First Subnet can be allocated to Marketing subnet Remaining space can be further subnetted to accommodate remaining subnets 4-56 Solution Management (Subnet C) = 28 hosts /27  11111111.11111111.11111111.11100000 /27 will create 8 equal sized subnets (2^3 = 8) Number of hosts (subnet size) = 2^5 = 32 The remaining addressing space starting with IP 192.168.2.64 192.168.2.64 - 192.168.2.95 192.168.2.96 - 192.168.2.127 192.168.2.224 - 192.168.2.255 First Subnet can be allocated to Managment subnet Remaining space can be further subnetted to accommodate remaining subnets 4-57 Solution Operations (Subnet B) = 12 hosts /28  11111111.11111111.11111111.11110000 /28 will create 16 equal sized subnets (2^4 = 16) Number of hosts (subnet size) = 2^4 = 16 The remaining addressing space starting with IP 192.168.2.96 192.168.2.96 - 192.168.2.111 192.168.2.112 - 192.168.2.191 First Subnet can be allocated to Operations subnet Remaining space can be further subnetted for future growth 4-58 Network Layer: 4-59 IP addresses: how to get one? That’s actually two questions: 1.Q: How does a host get IP address within its network (host part of address)? 2.Q: How does a network get IP address for itself (network part of address) How does host get IP address?  hard-coded by sysadmin in config file (e.g., /etc/rc.config in UNIX)  DHCP: Dynamic Host Configuration Protocol: dynamically get address from as server “plug-and-play” Network Layer: 4-60 DHCP: Dynamic Host Configuration Protocol goal: host dynamically obtains IP address from network server when it “joins” network  can renew its lease on address in use  allows reuse of addresses (only hold address while connected/on)  support for mobile users who join/leave network DHCP overview:  host broadcasts DHCP discover msg [optional]  DHCP server responds with DHCP offer msg [optional]  host requests IP address: DHCP request msg  DHCP server sends address: DHCP ack msg Network Layer: 4-61 DHCP client-server scenario Typically, DHCP server DHCP will be co-located in 223.1.1.1 server router, serving all 223.1.2.1 subnets to which router is 223.1.2.5 attached 223.1.1.2 223.1.1.4 223.1.2.9 223.1.1.3 223.1.3.27 arriving DHCP client 223.1.2.2 needs address in this network 223.1.3.1 223.1.3.2 Network Layer: 4-62 DHCP client-server scenario DHCP server: 223.1.2.5 DHCP discover Arriving client src : 0.0.0.0, 68 Broadcast: is there a dest.: 255.255.255.255,67 DHCP server yiaddr: 0.0.0.0out transaction there? ID: 654 DHCP offer src: 223.1.2.5, 67 Broadcast: I’m a DHCP dest: 255.255.255.255, 68 server! yiaddrr:Here’s 223.1.2.4an IP transaction address youID:can 654 use lifetime: 3600 secs The two steps above DHCP request can be skipped “if a src: 0.0.0.0, 68 client remembers and dest:: 255.255.255.255, 67 Broadcast: OK. I would wishes to reuse a yiaddrr: 223.1.2.4 previously allocated like to useID:this transaction 655 IP lifetime: 3600 secs address! network address” [RFC 2131] DHCP ACK src: 223.1.2.5, 67 dest: 255.255.255.255, Broadcast: 68 OK. You’ve yiaddrr: 223.1.2.4 gottransaction that IPID:address! 655 lifetime: 3600 secs Network Layer: 4-63 DHCP: more than IP addresses DHCP can return more than just allocated IP address on subnet:  address of first-hop router for client (Gateway IP)  name and IP address of DNS sever  network mask (indicating network versus host portion of address) Network Layer: 4-64 IP addresses: how to get one? Q: how does network get subnet part of IP address? A: gets allocated portion of its provider ISP’s address space ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20 Block size = 2^12 = 4,096 IP addresses ISP can then allocate out its address space in 8 blocks: Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23... ….. …. …. Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23 Block size = 2^9 = 512 IP addresses Network Layer: 4-65 Hierarchical addressing: route aggregation (supernetting) hierarchical addressing allows efficient advertisement of routing information: This single advertised address prefix Organization 0 will be sufficient for the rest of 200.23.16.0/23 the internet to be able to route to the (2^12) addresses in this Organization 1 “Send me anything ISP address range. 200.23.18.0/23 with addresses Organization 2 beginning 200.23.20.0/23. ISP X 200.23.16.0/20”... Internet. Organization 7. 200.23.30.0/23 “Send me anything ISP Y with addresses beginning 199.31.0.0/16” Network Layer: 4-66 Hierarchical addressing: more specific routes  Organization 1 moves from ISP X to ISP Y  ISP Y now advertises a more specific route to Organization 1 Organization 0 200.23.16.0/23 Organization 1 “Send me anything 200.23.18.0/23 with addresses Organization 2 beginning 200.23.20.0/23. ISP X 200.23.16.0/20”... Internet. Organization 7. 200.23.30.0/23 “Send me anything ISP Y with addresses Organization 1 beginning 199.31.0.0/16” 200.23.18.0/23 “or 200.23.18.0/23” Network Layer: 4-67 Hierarchical addressing: more specific routes  Organization 1 moves from ISP X to ISP Y  ISP Y now advertises a more specific route to Organization 1 Organization 0 200.23.16.0/23 “Send me anything with addresses Organization 2 beginning 200.23.20.0/23. ISP X 200.23.16.0/20”... Internet. Organization 7. 200.23.30.0/23 “Send me anything ISP Y with addresses Organization 1 beginning 199.31.0.0/16” 200.23.18.0/23 “or 200.23.18.0/23” Network Layer: 4-68 CIDR and Routing  Aggregation (supernetting) of routing table entries: 128.143.0.0/16 and 128.144.0.0/16 are represented as 128.128.0.0/11  Longest prefix match: Routing table lookup finds the routing entry that matches the longest prefix What is the outgoing interface for Prefix Interface 128.143.192.1/17 ? Interface # 1 128.0.0.0/4 interface #5 128.128.0.0/9 interface #2 Route aggregation can be exploited 128.143.128.0/17 interface #1 when IP address blocks are assigned Routing table in an hierarchical fashion Without CIDR, a router must maintain individual routing table entries for these class B networks. With CIDR, a router can summarize these routes using a single network address by using a 13-bit prefix: 172.24.0.0 /13 Steps: 1. Count the number of left-most matching bits, /13 (255.248.0.0) 2. Add all zeros after the last matching bit: 172.24.0.0 = 10101100 00011000 00000000 00000000 Supernetting Example  Company XYZ needs to address 400 hosts.  Its ISP gives them two contiguous Class C addresses: 207.21.54.0/24 207.21.55.0/24  Company XYZ can use a prefix of 207.21.54.0 /23 to supernet these two contiguous networks. (Yielding 510 hosts)  207.21.54.0 /23 207.21.54.0/24 207.21.55.0/24 23 bits in common IP addressing: last words... Q: how does an ISP get block of Q: are there enough 32-bit IP addresses? addresses? A: ICANN: Internet Corporation  ICANN allocated last chunk for Assigned Names and of IPv4 addresses to RRs in Numbers 2011 http://www.icann.org/ allocates IP addresses,  NAT (next) helps IPv4 through 5 regional registries address space exhaustion (RRs) (who may then allocate to  IPv6 has 128-bit address local registries) space manages DNS root zone, including delegation of individual TLD (.com,.edu , …) management Network Layer: 4-72 Network layer: “data plane” roadmap  Network layer: overview data plane control plane  What’s inside a router input ports, switching, output ports  IP: the Internet Protocol IPv4 datagram format addressing network address translation IPv6 Network Layer: 4-73 Public and Private IP Addresses  Public IPv4 addresses are globally routed between internet service provider (ISP) routers.  Private IPv4 addresses are blocks of addresses set aside for use in private networks by most organizations.  Private IPv4 are not unique and can be used internally within any network.  Private addresses are not globally routable. Range 1: 10.0.0.0/8 or 10.0.0.0 to 10.255.255.255 Range 2: 172.16.0.0/12 or 172.16.0.0 to 172.31.255.255 Range 3: 192.168.0.0/16 or 192.168.0.0 to 192.168.255.255  Network Address Translation (NAT) used to convert between private & global IP addresses Network Address and RFC 1918 Private Address Prefix Range 10.0.0.0/8 10.0.0.0 - 10.255.255.255 172.16.0.0/12 172.16.0.0 - 172.31.255.255 192.168.0.0/16 192.168.0.0 - 192.168.255.255 NAT: network address translation NAT: all devices in local network share just one IPv4 address as far as outside world is concerned rest of local network (e.g., Internet home network) 10.0.0/24 10.0.0.1 138.76.29.7 10.0.0.4 10.0.0.2 10.0.0.3 all datagrams leaving local datagrams with source or network have same source NAT IP destination in this network have address: 138.76.29.7, but 10.0.0/24 address for source, different source port numbers destination (as usual) Network Layer: 4-75 NAT: network address translation  all devices in local network have 32-bit addresses in a “private” IP address space (10/8, 172.16/12, 192.168/16 prefixes) that can only be used in local network  advantages:  just one IP address needed from provider ISP for all devices  can change addresses of host in local network without notifying outside world  can change ISP without changing addresses of devices in local network  security: devices inside local net not directly addressable, visible by outside world Network Layer: 4-76 NAT: network address translation implementation: NAT router must (transparently):  outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #) remote clients/servers will respond using (NAT IP address, new port #) as destination address  remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair  incoming datagrams: replace (NAT IP address, new port #) in destination fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table Network Layer: 4-77 NAT: network address translation NAT translation table 2: NAT router changes 1: host 10.0.0.1 sends WAN side addr LAN side addr datagram to datagram source address from 10.0.0.1, 138.76.29.7, 5001 10.0.0.1, 3345 128.119.40.186, 80 3345 to 138.76.29.7, …… …… 5001, S: 10.0.0.1, 3345 updates table D: 128.119.40.186, 80 10.0.0.1 1 S: 138.76.29.7, 2 5001 10.0.0.4 D: 128.119.40.186, 10.0.0.2 80 138.76.29.7 S: 128.119.40.186, 80 4 S: 128.119.40.186, 10.0.0.3 80 3 D: 10.0.0.1, 3345 D: 138.76.29.7, 3: reply arrives, 5001 destination address: 138.76.29.7, 5001 Network Layer: 4-78 NAT: network address translation  NAT has been controversial: address “shortage” should be solved by IPv6 routers “should” only process up to layer 3 port # manipulation by network-layer device port numbers are meant to be used for addressing processes not hosts violates end-to-end argument Manipulating datagram header IP addresses NAT traversal: what if client wants to connect to server behind NAT?  but NAT is here to stay: extensively used in home and institutional nets, 4G/5G cellular nets Network Layer: 4-79 Other IP Companion Protocols Internet Control Protocols  ICMP (Internet Control Message Protocol)  ARP (Address Resolution Protocol)  RARP (Reverse Address Resolution Protocol)  BOOTP (BOOTstrap Protocol, alternative to RARP)  DHCP (Dynamic Host Configuration Protocol) ICMP  Used to report something unexpected; each ICMP message is encapsulated in an IP packet  Used to test the internet Timestamp Destination Source Redirect Echo Time and Parameterquench –Echo exceededisrequest unreachable used problem––reply message iswhen and–indicates –sent are Timestamp a–formerly router whenis used used to athatnotices when see used reply packet an ifisthe that to a–dropped illegal given are slow subnet avalue packets similar down destination or awith stations seem because has router been echo is to its can’t reachable that bemessages, routed detected were locate counter in aand the destination sending wrong. alive; except reached header upon that Ittoo isthe field; zero; receiving used many arrival orby this this when packets; the the message event time router aisecho packet aitofsymptom isthe indicates message, tonotwith tell message used athe DF bug thatthe anymore, sending bit and in receiving setthe packets the can’t host because departure station about sender’s are be delivered IPwhen the looping, time is there suppose probable congestion softwareof because the is to a oran “small occurs, error answer reply are enormous possiblepacket” with those recoded in the packets network congestion the echo in the transited tend reply orstands reply; thetomessage routers throw timeritinisthe used more wayme values fuel weremeasure into thelow set to network fire; congestion performance control is done now in the transport layer Traceroute and ICMP  Source sends series of UDP  When ICMP message segments to destination arrives, source calculates First has TTL =1 RTT (Round Trip Time) Second has TTL=2, etc.  Traceroute sends three sets Unlikely port number of packets 3 with the same TTL  When nth datagram arrives to nth router: Stopping criterion Router discards datagram  UDP segment eventually And sends to source an arrives at destination host ICMP Time Exceeded  Destination returns ICMP message “host unreachable” packet Message includes name of (type 3, code 3) router& IP address  When source gets this E.g. Tracert 192.168.1.1 ICMP, stops. 4-84 ARP and RARP  ARP is a network layer (3) protocol that allows a host to obtain the hardware address (MAC Address) information used in forming a layer 2 frame complete with destination and source MAC addresses.  Although ARP is a layer 3 protocol it does not use an IP header, it has its own packet format and is a broadcast on the local LAN within the data field of a layer 2 (Ethernet) frame without needing to be routed.  If a host does not know its IP address it may send out a RARP (Reverse Address Resolution Protocol) request read by a RARP server which has a table of hardware addresses and IP addresses. The RARP uses the same packet format as the ARP. Host A need to send data to Host B , but don’t know the MAC address