TCP Ip English

Rio de Janeiro, Aug.
2005
Internet Protocol
Italo TOBIA
Training for TIM Celular - Rio de Janeiro
CONTENTS
TCP/IP architecture IP protocol IP addressing Direct/indirect forwarding Address resolution protocol (ARP) Sub-netting
Internet architecture and services
Internet Protocol Italo TOBIA
Rio de Janeiro, Aug. 2005
The goal of this short presentation is to provide the basic concepts related to IP and TCP architecture, with focus on IP addressing techniques.
They often use a transport layer service
Ethernet FDDI Token Ring Frame Relay ATM
TCP/IP is an open architecture configurable on most physical network technologies. It specifies high layer functions and protocols, regardless the interfacing network mode. So, if you have a host implementing TCP/IP software functions, you can change the network adapter (from an Ethernet card to a serial modem card) without any modification of that software: you must only change the network adapter driver. DNS uses both TCP and UDP services: name resolution queries are UDP based; zone transfers are TCP based. ND protocol has been defined for the IPv6 stack and gives ARP and RARP some more functionalities.
data app tcp ipip

Header Data Link
data data data data

Trailer Data Link
app
TCP TCP segment segment
tcp tcp
app
IP IP datagram datagram
ipip
app
Data Data Link Link Frame Frame

Internet architecture and services Internet Protocol Italo TOBIA Rio de Janeiro, Aug. 2005 4
Each protocol creates a protocol data unit (PDU) for transmission that includes headers required by that protocol and data to be transmitted. This data becomes the service data unit (SDU) of the next layer below it. This diagram shows an application layer PDU consisting of an application header and application data. When this is passed to transport layer, it becomes a transport layer SDU, an so on until layer 2 PDUin this case shown with both a header and a footerthat is converted to bits and sent at layer 1
IP is the workhorse protocol of the TCP/IP protocol suite (W. R. Stevens) IP provides a datagram service which is connectionless and unreliable unreliable means that no one can grant the correct packet delivery to the designed destination (best effort service ) connectionless means that IP does not store any information with reference to forwarded packets. Each packet is handled (that is: routed) in an independent way from others. So, IP datagrams can be delivered to destination according to a wrong sequence that the original
The Main Function of IP: Internetwork Datagram Delivery beyond the local broadcast domain The fundamental job of the Internet Protocol is the delivery of datagrams from one device to another over an internetwork. It is connection-less; the sender does not contact the receiver before sending data, but it sends immediately the datagram. Some other protocol layer will take care of receiver synchronization, lost packets recovery, etc.. IP datagram are handled (routed, forwarded and not acknowledged) by the intermediate systems (routers) according to a memory-less scheme. ADDRESSING, ROUTING, FRAGMENTATION and REASSEMBLY are IP related functions.
IP datagrams length is variable:
header: 20 64 byte data + header <= MTU (Maximum Transmission Unit); if not, packet will be fragmented
Source address: 4 bytes Destination address: 4 bytes Protocol: layer transport protocol Fragment offset: displacement of the fragment inside the complete original packet Identification: ID of the packet Flag: it signals that the packet has/has not been fragmented Time-To-Live (TTL): maximum number of hops the packet can cross, before it can be discarded, unless non delivered to the destination Header checksum: error check for the header (no retransmission if an error is detected) IHL: header length Total length: packet total length (useful for options extraction)
IP Header details
Field Name Size (bytes)
1/2 (4 bits)
Description
Version: Identifies the version of IP used to generate the datagram. For IPv4, this is of course the number 4. The purpose of this field is to ensure compatibility between devices that may be running different versions of IP. In general, a device running an older version of IP will reject datagrams created by newer implementations, under the assumption that the older version may not be able to interpret the newer datagram correctly. Internet Header Length (IHL): Specifies the length of the IP header, in 32-bit words. This includes the length of any options fields and padding. The normal value of this field when no options are used is 5 (5 32-bit words = 5*4 = 20 bytes). Contrast to the longer Total Length field below. Type Of Service (TOS): A field designed to carry information to provide quality of service features, such as prioritized delivery, for IP datagrams. It was never widely used as originally defined, and its meaning has been subsequently redefined for use by a technique called Differentiated Services (DS). See below for more information. Total Length (TL): Specifies the total length of the IP datagram, in bytes. Since this field is 16 bits wide, the maximum length of an IP datagram is 65,535 bytes, though most are much smaller. Identification: This field contains a 16-bit value that is common to each of the fragments belonging to a particular message; for datagrams originally sent unfragmented it is still filled in, so it can be used if the datagram must be fragmented by a router during delivery. This field is used by the recipient to reassemble messages without accidentally mixing fragments from different messages. This is needed because fragments may arrive from multiple messages mixed together, since IP datagrams can be received out of order from any device see table in next pages Fragment Offset: When fragmentation of a message occurs, this field specifies the offset, or position, in the overall message where the data in this fragment goes. It is specified in units of 8 bytes (64 bits). The first fragment has an offset of 0. Time To Live (TTL): Specifies how long the datagram is allowed to live on the network, in terms of router hops. Each router decrements the value of the TTL field (reduces it by one) prior to transmitting it. If the TTL field drops to zero, the datagram is assumed to have taken too long a route and is discarded.
Version
IHL
1/2 (4 bits)
TOS
TL
Identification
Flags Fragment Offset
3/8 (3 bits) 1 5/8 (13 bits)
TTL
IP Header details
Field Name Protocol Size (bytes) 1 Header Checksum: A checksum computed over the header to provide basic protection against corruption in transmission. This is not the more complex CRC code typically used by data link layer technologies such as Ethernet; it is just a 16-bit checksum. It is calculated by dividing the header bytes into words (a word is two bytes) and then adding them together. The data is not checksummed, only the header. At each hop the device receiving the datagram does the same checksum calculation and on a mismatch, discards the datagram as damaged. Source Address: The 32-bit IP address of the originator of the datagram. Note that even though intermediate devices such as routers may handle the datagram, they do not normally put their address into this fieldit is always the device that originally sent the datagram. Destination Address: The 32-bit IP address of the intended recipient of the datagram. Again, even though devices such as routers may be the intermediate targets of the datagram, this field is always for the ultimate destination. Options: One or more of several types of options may be included after the standard headers in certain IP datagrams (supplementary services). Padding: If one or more options are included, and the number of bits used for them is not a multiple of 32, enough zero bits are added to pad out the header to a multiple of 32 bits (4 bytes). Data: The data to be transmitted in the datagram, either an entire higher-layer message or a fragment of one. Internet Protocol Italo TOBIA Rio de Janeiro, Aug. 2005 8 Description
Header Checksum
Source Address
Destination Address Options
Variable
Padding
Variable
Data Internet architecture and services
Variable
IP header details: flags and protocol type
Router MTU=1500
ID=12345 MF=0 OS=0 TL=1500
Router MTU=512
ID=12345 MF=1 ID=12345 MF=1 ID=12345 MF=0 OS=0 TL=512 OS=64 TL=512 OS=128 TL=476
MTU=256
ID=12345 MF=1 ID=12345 MF=1 ID=12345 MF=1 ID=12345 MF=1 ID=12345 MF=1 ID=12345 MF=0 OS=0 TL=256 OS=32 TL=256 OS=64 TL=256 OS=96 TL=256 OS=128 TL=256 OS=160 TL=220
Rio de Janeiro, Aug. 2005 10
In order to send messages using IP we encapsulate the higher-layer data into IP datagrams. These datagrams must then be sent down to the data link layer, where they are further encapsulated into the frames of whatever technology is going to be used to physically convey them, either directly to their destination, or indirectly to the next intermediate step in their journey to their intended recipient. The data link layer implementation puts the entire IP datagram into the data portion (the payload) of its frame format, just as IP puts transport layer messages, transport headers and all, into its IP Data field. This immediately presents us with a potential issue: matching the size of the IP datagram to the size of the underlying data link layer frame size. The underlying network that a device uses to connect to other devices could be LAN connection like Ethernet or Token Ring, a wireless LAN link such as 802.11, or a dialup, DSL, E-1 or other WAN connection. Each physical network will generally use its own frame format, and each format has a limit on how much data can be sent in a single frame (due to BER/packet error ratio). If the IP datagram is too large for the data link layer frame format's payload section, we MUST FRAGMENT before transmitting it. More Fragments This flag is set to a 1 for all fragments except the last one, which has it set to 0. When the fragment with a value of 0 in the More Fragments flag is seen, the destination knows it has received the last fragment of the message. Fragment Offset This field solves the problem of sequencing fragments by indicating to the recipient device where in the overall message each particular fragment should be placed. The field is 13 bits wide, so the offset can be from 0 to 8191. Fragments are specified in units of 8 bytes, which is why fragment length must be a multiple of 8. Uncoincidentally, 8191 * 8 is 65,528, just about the maximum size allowed for an IP datagram. Let's take the same example from above. The first fragment would have a Fragment Offset of 0. The second would have an offset of 64 (512 divided by 8). The third would have an offset of 128 (1024 divided by 8). As an exercise, You can calculate by yourself other offsets due to the second fragmentation process.
De 0330 011
NH DC DC
011
02
0330
051
0330/213476 De 0330 085 De 0330 011 NH 075 DC NH 02 DC
0330/174523 Called line
075 085
06
06 / 43539044
06/43539044 Calling line
DC = directly connected
network field
Host field
Internet Protocol Italo TOBIA Rio de Janeiro, Aug. 2005 11
Layer 2 addresses are flatly organized so the cannot be routed over WAN environments. Network layer addresses must be organized according to hierarchical schemes, so as the routing process can simply operate. A hyerarchical scheme means that, each address contains a network field (prefix) and a host field (end system address). In telephone networks we have a country code, an area code, a subscriber number. In this mode we can route data from an area to another only by inspecting the prefix, regardless the host field.
32 bit
Network
8 bit 8 bit
Host
8 bit 8 bit
198 .
18
140
208
Rio de Janeiro, Aug. 2005 12
Humans don't work too well with binary numbers, because they are long and complicated, and the use of only two digits makes them hard to differentiate. (Quick, which of these is larger: 11100011010100101001100110110001 or 11100011010100101001101110110001 ?) For this reason, when we use IP addresses we don't work with them in binary except when absolutely necessary. The first thing that humans would naturally do with a long string of bits is to split it into four eight-bit octets, to make it more manageable. So, 11100011010100101001101110110001 would become 11100011 - 01010010 10011101 - 10110001. Then, we could convert each of those octets into a more manageable two-digit hexadecimal number, to yield the following: E3 - 52 - 9D B1. This is in fact the notation used for IEEE MAC address, except that they are 48 bits long so they have six two-digit hex numbers, and they are usually separated by colons, not dashes as used here. Each version 4 IP address is 32 bits long. When we refer to the IP address we use a dotted-decimal notation, while the computer converts this into binary. However, even though these sets of 32 bits are considered a single entity, they have an internal structure containing two components: Network Identifier (Network ID): A certain number of bits, starting from the leftmost bit, is used to identify the network where the host or other network interface is located. This is also sometimes called the network prefix or even just the prefix. Host Identifier (Host ID): The remainder of the bits are used to identify the host on the network.
Class A
7 bit 0 netid
(0.0.0.0 24 bit hostid
- 127.255.255.255
Class B
14 bit 1 0 netid 16 bit hostid
(128.0.0.0 - 191.255.255.255)
Class C
21 bit 1 1 0 netid 28 bit
(192.0.0.0 - 223.255.255.255) 8 bit hostid (224.0.0.0 - 239.255.255.255)
Class D
1 1 1 0
multicast group ID (240.0.0.0 - 255.255.255.254) 27 bit
Class E
1 1 1 10 reserved
13
Looking at this figure, you can see that the first three, classes A, B and C, comprise most of the total address space (7/8ths of it). These are the classes used for unicast IP addressing, which means for messages sent to a single destination host. (The blocks also include associated broadcast addresses for these networks). They allow the Internet to provide addressing for a small number of very large networks, a moderate number of medium-sized organizations, and a large number of smaller companies. This approximately reflects the distribution of organization sizes, approximately, in the real world, though the large gulf in the maximum number of hosts allowed for each address class leads to inflexibility and problems. As you can see, the classes differ in the place where the dividing line is drawn between the network ID and the host ID portions of the addresses they contain. However, in each case the division is made on octet boundaries: in classful addressing, the division does not occur within an octet.
Class A Class B Class C Class D Class E
8 bit
8 bit
8 bit
8 bit
N
Example:
15.10.10.90
Net ID
Host ID
In this class the first bit is set to 0. The net id field is 8 bit long, then you can have 27 class A networks, each with a maximum number of hosts given by 16777216 (224). Class A addresses can be recognized by the first byte value: its decimal is GE 0 and LE 127.
8 bit
8 bit
8 bit
8 bit
N
Example:
130.20.18.62
Net ID
Host ID
Internet Protocol Italo TOBIA Rio de Janeiro, Aug. 2005
15
If the first bit is 1, we must consider the second bit in the address filed. Class B has the second bit set to 0; in this case the net id field is 16 bits long and the host id field is 16 bit long. The maximum number of class B networks is 16384 (214), each with at most 65536 (216) host. Class B network addresses, according to de dotted decimal format, range from 120.0 up to 191.255.
8 bit
8 bit
8 bit
8 bit
N
Example:
195.31.235.10
Net ID
Host ID
Internet Protocol Italo TOBIA Rio de Janeiro, Aug. 2005
16
If the first and the second bit of the address field are 1, we consider the third bit. If this last is 0, we have a class C address. So, the net id field is 3 bytes long and the host id field is only one byte. We can have up to 2097152 (221) class C networks, each with 256 (28) hosts. Class C network addresses range from 192.0.0 up to 223.255.255.
Range Start Address 0.0.0.0 10.0.0.0 127.0.0.0 128.0.0.0
Range End Address 0.255.255.255 10.255.255.255 127.255.255.255 128.0.255.255
Classful Address Equivalent
Classless Address Equivalent 0/8 10/8 127/8 128.0/16
Description
Class A network 0.x.x.x Class A network 10.x.x.x Class A network 127.x.x.x Class B network 128.0.x.x
Reserved. Class A private address block. Loopback address block. Reserved. Class B private address block reserved for automatic private address allocation (See NOTE below) Class B private address blocks. Reserved. Reserved. Class C private address blocks. Reserved.
169.254.0.0
169.254.255.255
Class B network 169.254.x.x
169.254/16
172.16.0.0
172.31.255.255
16 contiguous Class B networks from 172.16.x.x through 172.31.x.x Class B network 191.255.x.x Class C network 192.0.0.x 256 contiguous Class C networks from 192.168.0.x through 192.168.255.x Class C network 223.255.255.x
172.16/12
191.255.0.0 192.0.0.0
191.255.255.255 192.0.0.255
191.255/16 192.0.0/24
192.168.0.0
192.168.255.255
192.168/16
223.255.255.0
223.255.255.255
223.255.255/24
17
Normally, when a TCP/IP application needs to send information, that information travels down the protocol layers to IP where it is encapsulated in an IP datagram. That datagram then passes down to the data link layer of the device's physical network for transmission to the next hop, on the way to the IP destination. However, one special range of addresses is set aside for loopback functionality. This is the range 127.0.0.0 to 127.255.255.255. IP datagrams sent by a host to a 127.x.x.x loopback address are not passed down to the data link layer for transmission. Instead, they loop back to the source device at the IP level. In essence, this represents a short-circuiting of the normal protocol stack; data is sent by a device's layer three IP implementation and then immediately received by it. The purpose of the loopback range is testing of the TCP/IP protocol implementation on a host without a physical network adapter. Since the lower layers are short-circuited, sending to a loopback address allows the higher layers (IP and above) to be effectively tested without the chance of problems at the lower layers manifesting themselves. 127.0.0.1 is the address most commonly used for testing purposes. NOTE IETF reserved a special IP address block for automatic IP address assigning. This block, 169.254.0.1 through 169.254.255.254 (or 169.254.0.0/16 in classless notation) is reserved for autoconfiguration, as mentioned in RFC 3330: Hosts obtain these addresses by auto-configuration, such as when a DHCP server may not be found. Strangely, however, no TCP/IP standard has yet been defined to specify how such autoconfiguration works. To fill the void, Microsoft created an implementation that it calls Automatic Private IP Addressing (APIPA). Due to Microsoft's market power, APIPA has been deployed on its operating systems, and has thus become a de facto standard in the industry.
All 0s All 0s All 1s Net 127

1 2
This host1 Host Host on this net1 Limited broadcast (local net) 2 All 1s Directed broadcast for net 2 Loopback3
Anything (often 1)
Allowed only as source address, during host bootstrap Can be used only as destination address 3 Must not be propagated in networks (only for local use purposes)
18
200.168.4.0
200.168.3.0
200.168.1.0
200.168.4.255 (directed broadcast) 255.255.255.255 (local broadcast)
200.168.2.0
X
Routers can forward directed broadcast packets. Local broadcast packets must travel only inside the interested LAN
20
For a windows XP machine the TCP/IP parameters configuration is similar to this figure.
10/100 Ethernet NIC configuration
21
This is an example for the network interface card for a windows 2000 machine. Only by roll over on the card name and type, the system visualizes the physical address of the card (MAC address). In the second window, the user can configure several parameters of the network card, according to the specific card and using the card driver.
IP forwarding
Direct forwarding It takes place when two communicating hosts belong to the same logical IP network; the communication does not involve routers The sending host encapsulates its packet into the LAN frame and sends it using MAC host destination address. Indirect forwarding The sending station addresses the remote host at layer 3 and addresses the default gateway at layer 2; packets cross one or more routers The transmitting host encapsulates its datagram in a frame using the default gateway MAC address Datagrams crosses routers along the path, until they reach the destination host
Internet architecture and services Internet Protocol Italo TOBIA Rio de Janeiro, Aug. 2005
22
All machines located inside the same physical network (that is, in the same logical IP network) can communicate each other by means of layer 2 services. Direct forwarding is related to communications inside a logical IP network. Each machine needing to communicate with a host in the same LAN, must map the destination IP address with its MAC address. This association can be carried on by means of: - An ARP server (over non broadcast networks) - A distributed algorithm and a protocol running on all hosts belonging to the same physical network (over broadcast networks) In case of indirect forwarding, the sending host verifies that the destination IP address to contact is outside his network, so the default gateway must be directly addresses (using its MAC address) and sending the packet to it.
Host A
Host B
.10
MAC 00082C785852
Network 192.168.10.0/24
.35
MAC 000060AD8744
MAC-D MAC-D 000060AD8744 000060AD8744 MAC-S MAC-S 00082C785852 00082C785852 IP-D IP-D 192.168.10.35 192.168.10.35 IP-S IP-S 192.168.10.10 192.168.10.10
23
The steps are: 1. Host A verifies that host B does belong to the same network 2. Host A sends an Address Resolution Protocol packet to a layer 2 broadcast address, indicating the IP address to translate 3. All hosts in the same LAN receive that packet, but only host B replies providing the requested information 4. Host A encapsulates the IP packet into a MAC frame using its MAC and the resolved MAC addresses.
Host B
200.10.5.6
Internet
Host A
172.168.1.1
IP Add: 172.168.1.10 Mask: 255.255.255.0 Default Gateway: 172.168.1.1

172.168.1.0/24
IP Add: 172.168.1.120 Mask: 255.255.255.0 Default Gateway: 172.168.1.1

The steps are: 1. Host A verifies that host B does NOT belong to the same network 2. Host A sends an Address Resolution Protocol packet to a layer 2 broadcast address, indicating in the information field, the IP address of the default gateway (which must reside on the same physical network) 3. All hosts in the same LAN receive that packet, but only the router replies providing the requested information; the answer is encapsulated into a unicast MAC frame 4. Host A encapsulates the IP packet into a MAC frame using its MAC and the resolved MAC address of the router 5. The router, inputs the packet and extract the IP datagram, then it reads the destination IP address and starts the routing process looking up its routing table and searching for a valid entry for delivering data to the next hop.
gateway
25
If the host has not configured the default gateway address, packets from the host can be forwarded only on the attached LAN, using MAC address and ARP process. Communication is possible between the station and all other LAN users.
Inside a logical IP network (or sub-network), routing service is provided by the layer 2 infrastructure (using MAC addresses in a LAN, for example) We need a mapping between layer 2 and layer 3 addresses; this mapping can take place by means of a standard protocol: ARP (Address Resolution Protocol) Layer 2 addresses can be: MAC addresses for a LAN Logical channel numbers in point to point networks, such as frame relay, atm, x.25
26
Layer 2 addresses can be considered for communicating only in a local environment; these addresses cannot be organized neither managed. Layer 3 addresses must be used for communicating outside a local network environment (outside a broadcast domain); in other words, when we must send data over a WAN infrastructure we need higher layer addresses than layer 2.
Direct forwarding needs the destination station MAC and IP addresses Statical mapping Mapping table must be set initially, during the node configuration step (e.g. X.25, ISDN, etc.) Dynamical mapping The mapping table is dynamically set with data exchanged by means of the address resolution protocol RFC826 broadcast (in LAN environment) ARP-Server (in Non Broadcast networks)
27
In general, direct mapping is not possible when the layer three address is smaller than the layer two address. Consider that Ethernet is the most popular technology at layer two and uses a 48-bit address, and IP is the most popular technology at layer three and uses a 32-bit address. This is one reason why direct mapping is a technique that is seldom used, and that most people do not know about! The bigger reason why static resolution is not at all uses, is why direct mapping is inflexible. Dynamic resolution is a more generalized solution, because it allows data link layer and network layer addresses to be independent, and its disadvantages can be mostly neutralized through careful implementation.
MAC frame addresses
ARP packet: most significant fields
MAC broadcast MAC A
MAC A MAC E
ARP Req ARP Reply
MAC A IP A MAC E IP E
??
IP E
MAC A IP A
A
ARP Request
A
ARP Reply
ARP request: layer 2 broadcast
ARP reply: layer 2 unicast

28
In order to reduce the overhead due to packets traveling the local network, dynamic address resolution is simple and functional, but it's usually not enough. We must add some intelligence to the implementation of address resolution to reduce the impact on performance of continual address resolutions. Designers always include a caching mechanism in the ARP software. After a device's network layer address is resolved to a data link layer address, the link between the two is kept in the memory of the system hosting the device, for a period of time. When it needs the layer two address the next time, the device just does a quick lookup in its cache. This means instead of doing a broadcast on every datagram or session, we only do it once for a whole sequence of datagrams. Cross resolution technique is also used by software designers: 1. A asks for B address resolution 2. B replies 3. A puts B MAC address in the local ARP table 4. B puts A MAC address in the local ARP table
Mapping information: <IP address> <MAC address> are stored in a cache memory (ARP Cache) When a network driver on the host machine requests a packet transmission, some control actions take place: destination address existence If YES, the MAC frame can be completed and transmitted If NOT, an ARP frame must be constructed and transmitted On windows machines, a command must be issued to view the arp table: arp -a
C:\> arp C:\> arp -a -a Interface: Interface: 195.31.237.213 195.31.237.213 on on Interface Interface 1 1 Internet Address Physical Internet Address Physical Address Address 195.31.237.136 08-00-20-95-1f-d3 195.31.237.136 08-00-20-95-1f-d3 195.31.237.138 08-00-20-20-3d-28 195.31.237.138 08-00-20-20-3d-28 195.31.237.140 08-00-20-90-3e-b9 195.31.237.140 08-00-20-90-3e-b9 195.31.237.193 00-e0-1e-84-cc-a0 195.31.237.193 00-e0-1e-84-cc-a0
Type Type dynamic dynamic dynamic dynamic dynamic dynamic dynamic dynamic
Italo TOBIA Rio de Janeiro, Aug. 2005 29
Internet Protocol
ARP does not use IP services, but it only layes on LAN protocol stack.
IP addresses and routing tables dimension fast growth, imposed some prevenction actions (IETF) This solutions are: Best IP addresses allocation degli indirizzi IP Classless InterDomain Routing (CIDR) Private addressed and Network Address Translation (NAT) IP version 6 (IPv6)
30
Advantages of Subnet Addressing In essence, subnet addressing allows each organization to have its own internet within the Internet. Just as the real Internet looks only at networks and hosts, a two-level hierarchy, each organization can now also have subnets and hosts within their network. This change provides numerous advantages over the old system: Better Match to Physical Network Structure: Hosts can be grouped into subnets that reflect the way they are actually structured in the organization's physical network. Flexibility: The number of subnets and number of hosts per subnet can be customized for each organization. Each can decide on its own subnet structure and change it as required. Invisibility To Public Internet: Subnetting was implemented so that the internal division of a network into subnets is visible only within the organization; to the rest of the Internet the organization is still just one big, flat, network. This also means that any changes made to the internal structure are not visible outside the organization. No Need To Request New IP Addresses: Organizations do not have to constantly requisition more IP addresses, as they would in the workaround of using multiple small Class C blocks. No Routing Table Entry Proliferation: Since the subnet structure exists only within the organization, routers outside that organization know nothing about it. The organization still maintains a single (or perhaps a few) routing table entries for all of its devices. Only routers inside the organization need to worry about routing between subnets.
Subnet Addressing
netid
hostid
Network Prefix
netid
subnetid
hostid
Network Prefix
31
Deciding where to put the boundary of the sub-net field is one of the most important design considerations in setting up a subnetted IP network. The number of subnets is generally determined based on the number of physical subnetworks in the overall organizational network. The number of hosts per subnetwork must not exceed the maximum allowed for the particular subnetting choice we make. Choosing how to divide the original host ID bits into subnet ID bits and host ID bits is sometimes called custom subnetting. Sub-netting is based on the standard RFC 950, defined and published in 1985. A 3rd layer here has been introduced: net-id, sub-net id, host-id. Sub-netting solves the following problems: -Routing table continuous growth -IP addresses waste and anti-economic use
Address class and netmask

Natural network address is a prefix with a mask equal to the implicit one Subnetting: originates from an implicite mask with more bits set to 1
Network
Subnet
Host
Address
1 1 0 0 0 0 0 1 1 1 0 0 1 1 0 1 1 0 0 1 1 1 1 0 0 0 1 0 0 1 0 0 193 205 102 36
Mask
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 255 255 255 248
32
In a non-subnetted classful environment, routers use the first octet of the IP address to determine what the class is of the address, and from this they know which bits are the network ID and which are the host ID. When we use subnetting, these routers also need to know how that host ID is divided into subnet ID and host ID. However, this division can be arbitrary for each network. Furthermore, there is no way to tell how many bits belong to each simply by looking at the IP address. In a subnetting environment, the additional information about which bits are for the subnet ID and which for the host ID must be communicated to devices that interpret IP addresses. This information is given in the form of a 32-bit binary number called a subnet mask. The network address for one of its hosts can be determined by an AND operation between the IP host address and its sub-net mask.
Inside an IP subnet communication takes place using layer 2 services, so: One physical network is mapped onto one IP subnet.
Allowed values for the mask

Only consecutive ones:
128 192 224 240 248 252 254 255 1000 1100 1110 1111 1111 1111 1111 1111 0000 0000 0000 0000 1000 1100 1110 1111 (128) (64) (32) (16) (8) (4) (2) (1)
33
Determining the subnet ID from a host IP address:
Address byte number
Octet 1 10011010 (154) 11111111 (255) 10011010 (154)
Octet 2 01000111 (71) 11111111 (255) 01000111 (71)
Octet 3 1001011 0 (150) 1111100 0 (248) 1001000 0 (144)
Octet 4 0010101 0 (42) 0000000 0 (0) 0000000 0 (0)
Host IP Address
Subnet Mask
Result of AND Masking
172.16.1.0
172.16.0.0
Router
172.16.2.0
34
The class B network 172.16.0.0 has been subnetted extracting two small class C like subnets: 172.16.1.0 and 172.16.2.0
Network IP address Default Subnet Mask 24-bit Subnet Mask
Host
172
Network
16 255
Network
0
Host
0 0
Host
255 255
0
Subnet
255
255
35
The natural netmask has been extended using the 3rd byte. From a class B network we can obtain up to 256 class C like subnets, each with 256 addresses.
36
Bitwise_AND (IP destination address, My subnet mask) Is equal to Bitwise_AND Bitwise_AND (My (My IP address, My subnet mask) ? YES Direct forwarding NO Indirect forwarding forwarding
37
The routing process runs on hosts, besides routers. When a host must send an IP packet on the network, it first evaluates if the destination IP address to contact belongs to the same network. This evaluation come through a bitwise AND operation, described in the figure.
An important limitation in traditional subnetting consists of using a fixed length subnet mask for each network address Once the netmask has been defined, we must use a fixed number of subnets, all with the same dimension (the same number of host addresses) In 1987 RFC 1009 specified how one network can be divided in more subnets with more than one subnet mask When a network is assigned more than one subnet mask, the network is considered a VLSM structure
38
For example, consider a relatively small company with a Class C network, 195.31.238.0/24. They have six subnetworks in their network. The first four subnets (S1, S2, S3 and S4) are relatively small, containing only 10 hosts each. However, one of them (S5) is for their production floor and has 50 hosts, and the last (S6) is their development and engineering group, which has 100 hosts. The total number of addresses needed is thus 196 (including the 6 router interfaces and excluding the subnetwork and broadcast addresses for each subnet). Without subnetting, we have enough hosts in our Class C network to handle them all. However, when we try to subnet, we have a big problem. In order to have six subnets we need to use 3 bits for the subnet ID. This leaves only 5 bits for the host ID, which means every subnet has the identical capacity of 30 hosts. This is enough for the smaller subnets but not enough for the larger ones. The only solution with conventional subnetting, other than shuffling the physical subnets, is to get another Class C block for the two big subnets and use the original for the four small ones. But this is expensive, and means wasting hundreds of IP addresses! With traditional subnetting, all subnets must be the same size, which creates problems when there are some subnets that are much larger than others
Classless InterDomain Routing (CIDR) supports two important features that broughth two benefits to Internet routing system: CIDR removes address classes concept, allowing a more efficient IP address space allocation CIDR supports addresses aggregation (supernetting) allowing to represent thousands network classfull IP address space with a single routing table entry
39
Subnetting does not really tackle the problems in general terms. Some issues remain due to the use of classes even with subnets, mainly due to routing operations in the big Internet environment. As the name implies, classless addressing completely eliminates the prior notions of classes. There are no more Class A, B, C blocks that are divided by the first few bits of the address. Instead, under CIDR, all Internet blocks can be of arbitrary size. Instead of having all networks use 8 (Class A), 16 (Class B) or 24 (Class C) bits for the network ID, we can have larger networks with, say, 13 bits for the network ID (leaving 19 bits for the host ID), or very small ones that use 28 bits for the network ID (only 4 bits for the host ID). The size of the network is still based on the binary power of the number of host ID bits, of course VLSM is very much like CIDR in how it works. A classless network is normally specified in CIDR or slash notation, such as this example: 184.13.152.0/22. Here, the /22 means the first 22 bits of the address are the network ID. The equivalent subnet mask can be calculated by creating a 32-bit number with 22 ones followed by 10 zeroes. That is: 11111111 11111111 11111100 000000 or in dotted decimal format: 255 255 252 0 The subnet mask length is 22
Address space is now allocated in such a way to allow addresses aggregation

Organization needs Less than 256 addresses Less than 512 but more than 256 Less than 1024 but more than 512 Less than 2048 but more than 1024 Less than 4096 but more than 2048 Less than 8192 but more than 4096 Less than 16384 but more than 8192 Assigned addresses 1 C class network 2 adjacent C class networks 4 adjacent C class networks 8 adjacent C class networks 16 adjacent C class networks 32 adjacent C class networks 64 adjacent C class networks
40
198.32.0.0/24 198.32.0.0/24 198.32.1.0/24 198.32.1.0/24 198.32.7.0/24 198.32.7.0/24 198.32.6.0/24 198.32.6.0/24 198.32.7.0/24 198.32.7.0/24 198.32.4.0/24 198.32.4.0/24 198.32.5.0/24 198.32.5.0/24
.. .. ..
198.32.0.0/24 198.32.0.0/24 198.32.1.0/24 198.32.1.0/24 198.32.2.0/24 198.32.2.0/24 198.32.3.0/24 198.32.3.0/24
198.32.3.0
198.32.0.0
Token Ring Token Ring Token Ring
Token Ring
198.32.7.0
Token Ring
198.32.1.0
198.32.2.0
198.32.5.0
Token Ring
198.32.6.0
198.32.4.0
Internet architecture and services Rio de Janeiro, Aug. 2005 41
198.32.0.0/21 198.32.0.0/21
198.32.0.0/22 198.32.0.0/22 198.32.4.0/23 198.32.4.0/23
198.32.6.0/23 198.32.6.0/23
198.32.3.0
198.32.0.0
Token Ring Token Ring Token Ring
Token Ring
198.32.7.0
Token Ring
198.32.1.0
198.32.2.0
198.32.5.0
Token Ring
198.32.6.0
198.32.4.0
Internet architecture and services Internet Protocol Italo TOBIA Rio de Janeiro, Aug. 2005 42
A router interface can be assigned: One primary address One or more secondary addresses The primary address is used as source address for default locally generated messages The router interface belongs to more than one logical IP network Hosts supports secondary address too
43
Default Default Gateway Gateway 192.168.10.1 192.168.10.1 1 192.168.10.1 (primary) 192.168.11.1 (secondary) 2
Default Default Gateway Gateway 192.168.11.1 192.168.11.1
192.168.10.10
192.168.10.0/24 192.168.11.0/24
192.168.11.90
44
A host or a router (more often, also desirable) can belong to more than one single logical IP network. The primary address is used as default source address for locally generated packets. It is possible to map more IP networks on to the same local area network. In this case the router located on both LANs must operate using only one ethernet interface, configured with two IP addresses.
Exercise: subnetting problem

LAN A: 1000 hosts WAN G LAN F: 200 hosts R1 R5 LAN B: 500 hosts
LAN E: 100 hosts
WAN H R2
WAN I
R3 LAN D: 60 hosts
R4
LAN C: 30 hosts
45
Design the IP addressing plan for the network described in the figure. We have 9 networks with a total amount of about 2000 hosts. You must use the address blocks from 200.0.0.0/24 to 200.0.7.0/24 (8 adjacent class C address blocks). You can avoid to use IP addresses for router serial interfaces; in doing so you can loose management capabilities and network discovery for these interfaces. The following text has been intentionally left in italian, because the solution must be investigated by the class.
Conviene sempre numerare prima le sottoreti pi estese. Per la LAN A, quindi, occorrono 4 blocchi di indirizzi di classe C (1000 -> 4 x 256) e la maschera dovr tener conto della lunghezza della parte host (che 10 bit), per cui sar lunga 32-10=22 bit. Quindi per la LAN A si hanno i seguenti indirizzi: 200.0.x.0/22, con x=0,1,2,3. Gli host saranno numerati da 200.0.0.2 in poi, evitando gli indirizzi 200.0.x.0; in caso di espansione futura, infatti, alcuni host dovrebbero cedere alla rete il loro indirizzo ed essere rinumerati. Il router ha un indirizzo 200.0.0.1 verso la LAN A. Per la LAN B occorrono due blocchi di 256 indirizzi non tutti utilizzati: 200.0.4.0/23 e 200.0.5.0/23. Gli host sono numerati a partire da 200.0.4.2 e 200.0.5.2 ed avranno come router di default 200.0.4.1 e come secondario 200.0.5.1 definiti sullinterfaccia di R1 verso la rete B. La rete F pu essere numerata con un blocco di indirizzi del tipo 200.0.6.0/24 (gli host sono 200, per cui occorrono 8 bit e la maschera avr una lunghezza 32-8=24). La rete E pu utilizzare una parte dellultimo blocco di indirizzi, cio 200.0.7.0/25 (100 host -> 7 bit -> lunghezza maschera= 32-7=25). La rete D numerata con una parte del sottoinsieme di indirizzi residui del blocco 200.0.7.x, in particolare: 200.0.7.128/26 (essendo 60 gli host, la maschera ha una lunghezza 32-6=26). La numerazione di C si ottiene impiegando una parte degli indirizzi residui del blocco utilizzato per D ed E: 200.0.7.192/27 (30 host -> 5 bit per il campo host e maschera di lunghezza 32-5=27). Le reti definite sui collegamenti seriali si indirizzano infine impiegando le numerazioni residue: G: H: I: 200.0.7.224/30; 200.0.7.228/30; 200.0.7.232/30
A seguito della definizione del piano di indirizzamento occorrer stabilire il piano di routing, che in questo caso, essendo la rete priva di maglie, potr essere statico. Eventualmente possibile integrare il routing statico con protocolli dinamici. Per ciascun router occorrer predisporre la relativa configurazione, seguendo i passi di seguito riportati: 1. 2. 3. 4. Abilitare il protocollo di livello 3 (es. IP) ed il forwarding (IP abilitato alla prima accensione sui router CISCO); Configurare i protocolli di linea ed abilitare le interfacce relative; Configurare il routing (statico e/o dinamico) Definire una politica di sicurezza e programmare le access list e gli altri componenti necessari.

TCP Ip English

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

TCP Ip English

Hochgeladen von

Copyright:

Verfügbare Formate

Rio de Janeiro, Aug.

Training for TIM Celular - Rio de Janeiro

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

They often use a transport layer service

Ethernet FDDI Token Ring Frame Relay ATM

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

data app tcp ipip

data data data data

Data Data Link Link Frame Frame

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

IP datagrams length is variable:

Flags Fragment Offset

3/8 (3 bits) 1 5/8 (13 bits)

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

Destination Address Options

Data Internet architecture and services

IP header details: flags and protocol type

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

Internet architecture and services

Internet Protocol Italo TOBIA

0330/174523 Called line

Internet Protocol Italo TOBIA

(0.0.0.0 24 bit hostid

(192.0.0.0 - 223.255.255.255) 8 bit hostid (224.0.0.0 - 239.255.255.255)

multicast group ID (240.0.0.0 - 255.255.255.254) 27 bit

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

Class A Class B Class C Class D Class E

Range Start Address 0.0.0.0 10.0.0.0 127.0.0.0 128.0.0.0

Range End Address 0.255.255.255 10.255.255.255 127.255.255.255 128.0.255.255

Classful Address Equivalent

Classless Address Equivalent 0/8 10/8 127/8 128.0/16

Class B network 169.254.x.x

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

All 0s All 0s All 1s Net 127

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

Internet architecture and services

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005

10/100 Ethernet NIC configuration

Internet architecture and services

Internet Protocol Italo TOBIA

Rio de Janeiro, Aug. 2005