Sie sind auf Seite 1von 419

Internetworking With TCP/IP

Douglas Comer Computer Science Department Purdue University 250 N. University Street West Lafayette, IN 47907-2066 http://www.cs.purdue.edu/people/comer

Copyright 2005. All rights reserved. This document may not be reproduced by any means without the express written consent of the author.

NOTES
Internetworking With TCP/IP
Douglas Comer Computer Science Department Purdue University 250 N. University Street West Lafayette, IN 47907-2066 http://www.cs.purdue.edu/people/comer
Copyright 2005. All rights reserved. This document may not be reproduced by any means without written consent of the author.

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART I COURSE OVERVIEW AND INTRODUCTION

Internetworking With TCP/IP vol 1 -- Part 1

2005

Topic And Scope

Internetworking: an overview of concepts, terminology, and technology underlying the TCP/IP Internet protocol suite and the architecture of an internet.

Internetworking With TCP/IP vol 1 -- Part 1

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

You Will Learn


d Terminology (including acronyms) d Concepts and principles
The underlying model Encapsulation End-to-end paradigm

NOTES

d Naming and addressing d Functions of protocols including ARP, IP, TCP, UDP, SMTP, FTP, DHCP, and more d Layering model

Internetworking With TCP/IP vol 1 -- Part 1

2005

You Will Learn


(continued)
d Internet architecture and routing d Applications

Internetworking With TCP/IP vol 1 -- Part 1

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

What You Will NOT Learn


d A list of vendors, hardware products, software products, services, comparisons, or prices d Alternative internetworking technologies (they have all disappeared!)

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

2005

Schedule Of Topics
d Introduction d Review of
Network hardware Physical addressing

d Internet model and concept d Internet (IP) addresses d Higher-level protocols and the layering principle d Examples of internet architecture

Internetworking With TCP/IP vol 1 -- Part 1

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Schedule Of Topics
(continued)
d Routing update protocols d Application-layer protocols

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

2005

Why Study TCP/IP?


d The Internet is everywhere d Most applications are distributed

Internetworking With TCP/IP vol 1 -- Part 1

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Remainder Of This Section


d History of Internet protocols (TCP/IP) d Organizations d Documents

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

2005

Vendor Independence
d Before TCP/IP and the Internet
Only two sources of network protocols * * Specic vendors such as IBM or Digital Equipment Standards bodies such as the ITU (formerly known as CCITT)

d TCP/IP
Vendor independent

Internetworking With TCP/IP vol 1 -- Part 1

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Who Built TCP/IP?


d Internet Architecture Board (IAB) d Originally known as Internet Activities Board d Evolved from Internet Research Group d Forum for exchange among researchers d About a dozen members d Reorganized in 1989 and 1993 d Merged into the Internet Society in 1992

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

11

2005

Components Of The IAB Organization


d IAB (Internet Architecture Board)
Board that oversees and arbitrates URL is http://www.iab.org/iab

d IRTF (Internet Research Task Force)


Coordinates research on TCP/IP and internetworking Virtually defunct, but may re-emerge

Internetworking With TCP/IP vol 1 -- Part 1

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Components Of The IAB Organization


(continued)
d IETF (Internet Engineering Task Force)
Coordinates protocol and Internet engineering Headed by Internet Engineering Steering Group (IESG) Divided into N areas (N is 10 plus or minus a few) Each area has a manager Composed of working groups (volunteers) URL is http://www.ietf.org

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

13

2005

ICANN
d Internet Corporation for Assigned Names and Numbers
http://www.icann.org

d Formed in 1998 to subsume IANA contract d Not-for-prot managed by international board d Now sets policies for addresses and domain names d Support organizations
Address allocation (ASO) Domain Names (DNSO) Protocol parameter assignments (PSO)

d For fun see http://www.icannwatch.org


Internetworking With TCP/IP vol 1 -- Part 1

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

World Wide Web Consortium


d Organization to develop common protocols for World Wide Web d Open membership d Funded by commercial members d URL is
http://w3c.org

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

15

2005

Internet Society
d Organization that promotes the use of the Internet d Formed in 1992 d Not-for-prot d Governed by a board of trustees d Members worldwide d URL is
http://www.isoc.org

Internetworking With TCP/IP vol 1 -- Part 1

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Protocol Specications And Documents


d Protocols documented in series of reports d Documents known as Request For Comments (RFCs)

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

17

2005

RFCs
d Series of reports that include
TCP/IP protocols The Internet Related technologies

d Edited, but not peer-reviewed like scientic journals d Contain:


Proposals Surveys and measurements Protocol standards

Internetworking With TCP/IP vol 1 -- Part 1

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

RFCs
d Series of reports that include
TCP/IP protocols The Internet Related technologies

NOTES

d Checked and edited by IESG d Contain:


Proposals Surveys and measurements Protocol Standards Jokes!

Internetworking With TCP/IP vol 1 -- Part 1

19

2005

RFCs
(continued)
d Numbered in chronological order d Revised document reissued under new number d Numbers ending in 99 reserved for summary of previous 100 RFCs d Index and all RFCs available on-line

Internetworking With TCP/IP vol 1 -- Part 1

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Requirements RFCs
d Host Requirements Documents
Major revision/clarication of most TCP/IP protocols RFC 1122 (Communication Layers) RFC 1123 (Application & Support) RFC 1127 (Perspective on 1122-3)

NOTES

d Router Requirements
Major specication of protocols used in IP gateways (routers) RFC 1812 (updated by RFC 2644)

Internetworking With TCP/IP vol 1 -- Part 1

21

2005

Special Subsets Of RFCs


d For Your Information (FYI)
Provide general information Intended for beginners

d Best Current Practices (BCP)


Engineering hints Reviewed and approved by IESG

Internetworking With TCP/IP vol 1 -- Part 1

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

A Note About RFCs


d RFCs span two extremes
Protocol standards Jokes

NOTES

d Question: how does one know which are standards?

Internetworking With TCP/IP vol 1 -- Part 1

23

2005

TCP/IP Standards (STD)


d Set by vote of IETF d Documented in subset of RFCs d Found in Internet Official Protocol Standards RFC and on IETF web site
Issued periodically Current version is RFC 3600

Internetworking With TCP/IP vol 1 -- Part 1

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Internet Drafts
d Preliminary RFC documents d Often used by IETF working groups d Available on-line from several repositories d Either become RFCs within six months or disappear

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

25

2005

Obtaining RFCs And Internet Drafts


d Available via
Email FTP World Wide Web http://www.ietf.org/

d IETF report contains summary of weekly activity


http://www.isoc.org/ietfreport/

Internetworking With TCP/IP vol 1 -- Part 1

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d TCP/IP is vendor-independent d Standards set by IETF d Protocol standards found in document series known as Request For Comments (RFCs) d Standards found in subset of RFCs labeled STD

NOTES

Internetworking With TCP/IP vol 1 -- Part 1

27

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART II REVIEW OF NETWORK HARDWARE AND PHYSICAL ADDRESSING

Internetworking With TCP/IP vol 1 -- Part 2

2005

The TCP/IP Concept


d Use existing network hardware d Interconnect networks d Add abstractions to hide heterogeneity

Internetworking With TCP/IP vol 1 -- Part 2

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Challenge
d Accommodate all possible network hardware d Question: what kinds of hardware exist?

NOTES

Internetworking With TCP/IP vol 1 -- Part 2

2005

Network Hardware Review


d We will
Review basic network concepts Examine example physical network technologies Introduce physical (hardware) addressing

Internetworking With TCP/IP vol 1 -- Part 2

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Two Basic Categories Of Network Hardware


d Connection oriented d Connectionless

NOTES

Internetworking With TCP/IP vol 1 -- Part 2

2005

Connection Oriented (Circuit Switched Technology)


d Paradigm
Form a connection through the network Send / receive data over the connection Terminate the connection

d Can guarantee bandwidth d Proponents argue that it works well with real-time applications d Example: ATM network

Internetworking With TCP/IP vol 1 -- Part 2

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Connectionless (Packet Switched Technology)


d Paradigm
Form packet of data Pass to network

NOTES

d Each packet travels independently d Packet includes identication of the destination d Each packet can be a different size d The maximum packet size is xed (some technologies limit packet sizes to 1,500 octets or less)

Internetworking With TCP/IP vol 1 -- Part 2

2005

Broad Characterizations Of Packet Switching Networks


d Local Area Network (LAN) d Wide Area Network (WAN) d Categories are informal and qualitative

Internetworking With TCP/IP vol 1 -- Part 2

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Local Area Networks


d Engineered for
Low cost High capacity

NOTES

d Direct connection among computers d Limited distance

Internetworking With TCP/IP vol 1 -- Part 2

2005

Wide Area Networks (Long Haul Networks)


d Engineered for
Long distances Indirect interconnection via special-purpose hardware

d Higher cost d Lower capacity (usually)

Internetworking With TCP/IP vol 1 -- Part 2

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Examples Of Packet Switched Networks


d Wide Area Nets
ARPANET, NSFNET, ANSNET Common carrier services

NOTES

d Leased line services


Point-to-point connections

d Local Area Nets


Ethernet Wi-Fi

Internetworking With TCP/IP vol 1 -- Part 2

11

2005

ARPANET (1969-1989)
d Original backbone of Internet d Wide area network around which TCP/IP was developed d Funding from Advanced Research Project Agency d Initial speed 50 Kbps

Internetworking With TCP/IP vol 1 -- Part 2

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NSFNET (1987-1992)
d Funded by National Science Foundation d Motivation: Internet backbone to connect all scientists and engineers d Introduced Internet hierarchy
Wide area backbone spanning geographic U.S. Many mid-level (regional) networks that attach to backbone Campus networks at lowest level

NOTES

d Initial speed 1.544 Mbps

Internetworking With TCP/IP vol 1 -- Part 2

13

2005

ANSNET (1992-1995)

End-User Site MCI Point of Presence

d Backbone of Internet before commercial ISPs d Typical topology


Internetworking With TCP/IP vol 1 -- Part 2

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Wide Area Networks Available From Common Carriers


d Point-to-point digital circuits
T-series (e.g., T1 = 1.5 Mbps, T3 = 45 Mbps) OC-series (e.g., OC-3 = 155 Mbps, OC-48 = 2.4 Gbps)

NOTES

d Packet switching services also available


Examples: ISDN, SMDS, Frame Relay, ATM

Internetworking With TCP/IP vol 1 -- Part 2

15

2005

Example Local Area Network: Ethernet


d Extremely popular d Can run over
Copper (twisted pair) Optical ber

d Three generations
10Base-T operates at 10 Mbps 100Base-T (fast Ethernet) operates at 100 Mbps 1000Base-T (gigabit Ethernet) operates at 1 Gbps

d IEEE standard is 802.3


Internetworking With TCP/IP vol 1 -- Part 2

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Ethernet Frame Format


Preamble 8 octets Destination Address 6 octets Source Address 6 octets Frame Type 2 octets Frame Data 461500 octets CRC 4 octets

NOTES

d Header format xed (Destination, Source, Type elds) d Frame data size can vary from packet to packet
Maximum 1500 octets Minimum 46 octets

d Preamble and CRC removed by framer hardware before frame stored in computers memory

Internetworking With TCP/IP vol 1 -- Part 2

17

2005

Example Ethernet Frame In Memory


02 07 01 00 27 ba 08 00 2b 0d 44 a7 08 00 45 00 00 54 82 68 00 00 f f 01 35 21 80 0a 02 03 80 0a 02 08 08 00 73 0b d4 6d 00 00 04 3b 8c 28 28 20 0d 00 08 09 0a 0b 0c 0d 0e 0 f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1 f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2 f 30 31 32 33 34 35 36 37

d Octets shown in hexadecimal d Destination is 02.07.01.00.27.ba d Source is 08.00.2b.0d.44.a7 d Frame type is 08.00 (IP)
Internetworking With TCP/IP vol 1 -- Part 2

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Point-to-Point Network
d Any direct connection between two computers
Leased line Connection between two routers Dialup connection

NOTES

d Link-level protocol required for framing d TCP/IP views as an independent network


Note: some pundits argue the terminology is incorrect because a connection limited to two endpoints is not technically a network

Internetworking With TCP/IP vol 1 -- Part 2

19

2005

Hardware Address
d Unique number assigned to each machine on a network d Used to identify destination for a packet

Internetworking With TCP/IP vol 1 -- Part 2

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Hardware Address Terminology


d Known as
MAC (Media Access Control) address Physical address Hardware unicast address

NOTES

d Hardware engineers assign ne distinctions to the above terms d We will treat all terms equally

Internetworking With TCP/IP vol 1 -- Part 2

21

2005

Use Of Hardware Address


d Sender supplies
Destinations address Source address (in most technologies)

d Network hardware
Uses destination address to forward packet Delivers packet to proper machine.

d Important note: each technology denes its own addressing scheme

Internetworking With TCP/IP vol 1 -- Part 2

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Three Types Of Hardware Addressing Schemes


d Static
Address assigned by hardware vendor

NOTES

d Congurable
Address assigned by customer

d Dynamic
Address assigned by software at startup

Internetworking With TCP/IP vol 1 -- Part 2

23

2005

Examples Of Hardware Address Types


d Congurable: proNET-10 (Proteon)
8-bit address per interface card All 1s address reserved for broadcast Address assigned by customer when device installed

d Dynamic MAC addressing: LocalTalk (Apple)


Randomized bidding Handled by protocols in software

Internetworking With TCP/IP vol 1 -- Part 2

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Examples Of Hardware Address Types


(continued)
d Static MAC addressing: Ethernet
48-bit address Unicast address assigned when device manufactured All 1s address reserved for broadcast One-half address space reserved for multicast (restricted form of broadcast)

NOTES

d Ethernets static addressing is now most common form

Internetworking With TCP/IP vol 1 -- Part 2

25

2005

Bridge
d Hardware device that connects multiple LANs and makes them appear to be a single LAN d Repeats all packets from one LAN to the other and vice versa d Introduces delay of 1 packet-time d Does not forward collisions or noise d Called Layer 2 Interconnect or Layer 2 forwarder d Makes multiple LANs appear to be a single, large LAN d Often embedded in other equipment (e.g., DSL modem)

Internetworking With TCP/IP vol 1 -- Part 2

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Bridge
(continued)
d Watches packets to learn which computers are on which side of the bridge d Uses hardware addresses to lter

NOTES

Internetworking With TCP/IP vol 1 -- Part 2

27

2005

Layer 2 Switch
d Electronic device d Computers connect directly d Applies bridging algorithm d Can separate computers onto virtual networks (VLAN switch)

Internetworking With TCP/IP vol 1 -- Part 2

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Physical Networks As Viewed By TCP/IP


d TCP/IP protocols accommodate
Local Area Network Wide Area Network Point-to-point link Set of bridged LANs

NOTES

Internetworking With TCP/IP vol 1 -- Part 2

29

2005

The Motivation For Heterogeneity


d Each network technology has advantages for some applications d Consequence: an internet may contain combinations of technologies

Internetworking With TCP/IP vol 1 -- Part 2

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Heterogeneity And Addressing


d Recall: each technology can dene its own addressing scheme d Heterogeneous networks imply potential for heterogeneous addressing d Conclusion: cannot rely on hardware addressing

NOTES

Internetworking With TCP/IP vol 1 -- Part 2

31

2005

Summary
d TCP/IP is designed to use all types of networks
Connection-oriented Connectionless Local Area Network (LAN) Wide Area Network (WAN) Point-to-point link Set of bridged networks

Internetworking With TCP/IP vol 1 -- Part 2

32

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
(continued)
d Each technology denes an addressing scheme d TCP/IP must accommodate heterogeneous addressing schemes

NOTES

Internetworking With TCP/IP vol 1 -- Part 2

33

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART III INTERNETWORKING CONCEPT AND ARCHITECTURAL MODEL

Internetworking With TCP/IP vol 1 -- Part 3

2005

Accommodating Heterogeneity
d Approach 1
Application gateways Gateway forwards data from one network to another Example: le transfer gateway

d Approach 2
Network-level gateways Gateway forwards individual packets

d Discussion question: which is better?

Internetworking With TCP/IP vol 1 -- Part 3

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Desired Properties
d Universal service d End-to-end connectivity d Transparency

NOTES

Internetworking With TCP/IP vol 1 -- Part 3

2005

Agreement Needed To Achieve Desired Properties


d Data formats d Procedures for exchanging information d Identication
Services Computers Applications

d Broad concepts: naming and addressing

Internetworking With TCP/IP vol 1 -- Part 3

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The TCP/IP Internet Concept


d Use available networks d Interconnect physical networks
Network of networks Revolutionary when proposed

NOTES

d Devise abstractions that hide


Underlying architecture Hardware addresses Routes

Internetworking With TCP/IP vol 1 -- Part 3

2005

Network Interconnection
d Uses active system d Each network sees an additional computer attached d Device is IP router (originally called IP gateway)

Internetworking With TCP/IP vol 1 -- Part 3

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Network Interconnection

NOTES

Net 1

Net 2

d Network technologies can differ


LAN and WAN Connection-oriented and connectionless

Internetworking With TCP/IP vol 1 -- Part 3

2005

Building An Internet
d Use multiple IP routers d Ensure that each network is reachable d Do not need router between each pair of networks

Internetworking With TCP/IP vol 1 -- Part 3

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Multiple Networks

NOTES

Net 1

R2

Net 2

R2

Net 3

d Networks can be heterogeneous d No direct connection from network 1 to network 3

Internetworking With TCP/IP vol 1 -- Part 3

2005

Physical Connectivity

In a TCP/IP internet, special computers called IP routers or IP gateways provide interconnections among physical networks.

Internetworking With TCP/IP vol 1 -- Part 3

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Packet Transmission Paradigm


d Source computer
Generates a packet Sends across one network to a router

NOTES

d Intermediate router
Forwards packet to next router

d Final router
Delivers packet to destination

Internetworking With TCP/IP vol 1 -- Part 3

11

2005

An Important Point About Forwarding

Routers use the destination network, not the destination computer, when forwarding packets.

Internetworking With TCP/IP vol 1 -- Part 3

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Equal Treatment

NOTES

The TCP/IP internet protocols treat all networks equally. A Local Area Network such as an Ethernet, a Wide Area Network used as a backbone, or a point-to-point link between two computers each count as one network.

Internetworking With TCP/IP vol 1 -- Part 3

13

2005

Users View Of Internet


d Single large (global) network d Users computers all attach directly d No other structure visible

Internetworking With TCP/IP vol 1 -- Part 3

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Users View Of A TCP/IP Internet

NOTES

users view

Internetworking With TCP/IP vol 1 -- Part 3

15

2005

Actual Internet Architecture


d Multiple physical networks interconnected d Each host attaches to one network d Single virtual network achieved through software that implements abstractions

Internetworking With TCP/IP vol 1 -- Part 3

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Two Views Of A TCP/IP Internet

NOTES

users view

actual connections

Internetworking With TCP/IP vol 1 -- Part 3

17

2005

Architectural Terminology
d End-user system is called host computer
Connects to physical network Possibly many hosts per network Possibly more than one network connection per host

d Dedicated systems called IP gateways or IP routers interconnect networks


Router connects two or more networks

Internetworking With TCP/IP vol 1 -- Part 3

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Many Unanswered Questions


d Addressing model and relationship to hardware addresses d Format of packet as it travels through Internet d How a host handles concurrent communication with several other hosts

NOTES

Internetworking With TCP/IP vol 1 -- Part 3

19

2005

Summary
d Internet is set of interconnected (possibly heterogeneous) networks d Routers provide interconnection d End-user systems are called host computers d Internetworking introduces abstractions that hide details of underlying networks

Internetworking With TCP/IP vol 1 -- Part 3

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART IV CLASSFUL INTERNET ADDRESSES

Internetworking With TCP/IP vol 1 -- Part 4

2005

Denitions
d Name
Identies what an entity is Often textual (e.g., ASCII)

d Address
Identies where an entity is located Often binary and usually compact Sometimes called locator

d Route
Identies how to get to the object May be distributed
2
2005

Internetworking With TCP/IP vol 1 -- Part 4

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Internet Protocol Address (IP Address)


d Analogous to hardware address d Unique value assigned as unicast address to each host on Internet d Used by Internet applications

NOTES

Internetworking With TCP/IP vol 1 -- Part 4

2005

IP Address Details
d 32-bit binary value d Unique value assigned to each host in Internet d Values chosen to make routing efcient

Internetworking With TCP/IP vol 1 -- Part 4

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IP Address Division
d Address divided into two parts
Prex (network ID) identies network to which host attaches Sufx (host ID) identies host on that network

NOTES

Internetworking With TCP/IP vol 1 -- Part 4

2005

Classful Addressing
d Original IP scheme d Explains many design decisions d New schemes are backward compatible

Internetworking With TCP/IP vol 1 -- Part 4

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Desirable Properties Of An Internet Addressing Scheme


d Compact (as small as possible) d Universal (big enough) d Works with all network hardware d Supports efcient decision making
Test whether a destination can be reached directly Decide which router to use for indirect delivery Choose next router along a path to the destination

NOTES

Internetworking With TCP/IP vol 1 -- Part 4

2005

Division Of Internet Address Into Prex And Sufx


d How should division be made?
Large prex, small sufx means many possible networks, but each is limited in size Large sufx, small prex means each network can be large, but there can only be a few networks

d Original Internet address scheme designed to accommodate both possibilities


Known as classful addressing

Internetworking With TCP/IP vol 1 -- Part 4

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Original IPv4 Address Classes


0 1 Class A 0 netid 8 16 24 hostid 31

NOTES

Class B 1 0

netid

hostid

Class C 1 1 0

netid

hostid

Three Principle Classes

0 1 2 3 Class D 1 1 1 0

31 IP multicast

Class E 1 1 1 1 0

reserved

Other (seldom used) Classes


Internetworking With TCP/IP vol 1 -- Part 4

2005

Important Property
d Classful addresses are self-identifying d Consequences
Can determine boundary between prex and sufx from the address itself No additional state needed to store boundary information Both hosts and routers benet

Internetworking With TCP/IP vol 1 -- Part 4

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Endpoint Identication

NOTES

Because IP addresses encode both a network and a host on that network, they do not specify an individual computer, but a connection to a network.

Internetworking With TCP/IP vol 1 -- Part 4

11

2005

IP Address Conventions
d When used to refer to a network
Host eld contains all 0 bits

d Broadcast on the local wire


Network and host elds both contain all 1 bits

d Directed broadcast: broadcast on specic (possibly remote) network


Host eld contains all 1 bits Nonstandard form: host eld contains all 0 bits

Internetworking With TCP/IP vol 1 -- Part 4

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Assignment Of IP Addresses
d All hosts on same network assigned same address prex
Prexes assigned by central authority Obtained from ISP

NOTES

d Each host on a network has a unique sufx


Assigned locally Local administrator must ensure uniqueness

Internetworking With TCP/IP vol 1 -- Part 4

13

2005

Advantages Of Classful Addressing


d Computationally efcient
First bits specify size of prex / sufx

d Allows mixtures of large and small networks

Internetworking With TCP/IP vol 1 -- Part 4

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Directed Broadcast

NOTES

IP addresses can be used to specify a directed broadcast in which a packet is sent to all computers on a network; such addresses map to hardware broadcast, if available. By convention, a directed broadcast address has a valid netid and has a hostid with all bits set to 1.

Internetworking With TCP/IP vol 1 -- Part 4

15

2005

Limited Broadcast
d All 1s d Broadcast limited to local network only (no forwarding) d Useful for bootstrapping

Internetworking With TCP/IP vol 1 -- Part 4

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

All Zeros IP Address


d Can only appear as source address d Used during bootstrap before computer knows its address d Means this computer

NOTES

Internetworking With TCP/IP vol 1 -- Part 4

17

2005

Internet Multicast
d IP allows Internet multicast, but no Internet-wide multicast delivery system currently in place d Class D addresses reserved for multicast d Each address corresponds to group of participating computers d IP multicast uses hardware multicast when available d More later in the course

Internetworking With TCP/IP vol 1 -- Part 4

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Consequences Of IP Addressing
d If a host computer moves from one network to another, its IP address must change d For a multi-homed host (with two or more addresses), the path taken by packets depends on the address used

NOTES

Internetworking With TCP/IP vol 1 -- Part 4

19

2005

Multi-Homed Hosts And Reliability


NETWORK 1

I1
R A

I2
B

I3

I4
NETWORK 2

I5

d Knowing that B is multi-homed increases reliability d If interface I3 is down, host A can send to the interface I5

Internetworking With TCP/IP vol 1 -- Part 4

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Dotted Decimal Notation


d Syntactic form for expressing 32-bit address d Used throughout the Internet and associated literature d Represents each octet in decimal separated by periods (dots)

NOTES

Internetworking With TCP/IP vol 1 -- Part 4

21

2005

Example Of Dotted Decimal Notation


d A 32-bit number in binary
10000000 00001010 00000010 00000011

d The same 32-bit number expressed in dotted decimal notation


128 . 10 . 2 . 3

Internetworking With TCP/IP vol 1 -- Part 4

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Loopback Address
d Used for testing d Refers to local computer (never sent to Internet) d Address is 127.0.0.1

NOTES

Internetworking With TCP/IP vol 1 -- Part 4

23

2005

Classful Address Ranges


Class A B C D E Lowest Address 1.0.0.0 128.1.0.0 192.0.1.0 224.0.0.0 240.0.0.0 Highest Address 126.0.0.0 191.255.0.0 223.255.255.0 239.255.255.255 255.255.255.254

Internetworking With TCP/IP vol 1 -- Part 4

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary Of Address Conventions


all 0s This host 1

NOTES

all 0s

host

Host on this net 1

all 1s

Limited broadcast (local net) 2

net

all 1s

Directed broadcast for net 2

127

anything (often 1)

Loopback 3

Notes:

2 3

Allowed only at system startup and is never a valid destination address. Never a valid source address. Should never appear on a network.

Internetworking With TCP/IP vol 1 -- Part 4

25

2005

An Example Of IP Addresses
ETHERNET 128.10.0.0 WI-FI NETWORK 128.210.0.0

ISP 9.0.0.0 routers

Internetworking With TCP/IP vol 1 -- Part 4

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Host Addresses


ETHERNET 128.10.0.0

NOTES

128.10.2.3 MERLIN (multi-homed host)

128.10.2.8 GUENEVERE (Ethernet host)

128.10.2.26 LANCELOT (Ethernet host)

128.210.0.3 To ISP 128.10.0.6 128.210.50 TALIESYN (router) 128.210.0.1 ARTHUR (Wi-Fi host) WI-FI NETWORK 128.210.0.0 128.10.2.70

GLATISANT (router)

Internetworking With TCP/IP vol 1 -- Part 4

27

2005

Another Addressing Example


d Assume an organization has three networks d Organization obtains three prexes, one per network d Host address must begin with network prex

Internetworking With TCP/IP vol 1 -- Part 4

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of IP Addressing
Rest of the Internet
Hosts and routers using other addresses

NOTES

Router to Internet

R1

Site with three networks

128.10.0.0
R2 R3

192.5.48.0

128.211.0.0

128.211 .0.9
H1

Example host

Internetworking With TCP/IP vol 1 -- Part 4

29

2005

Summary
d IP address
32 bits long Prex identies network Sufx identies host

d Classful addressing uses rst few bits of address to determine boundary between prex and sufx

Internetworking With TCP/IP vol 1 -- Part 4

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
(continued)
d Special forms of addresses handle
Limited broadcast Directed broadcast Network identication This host Loopback

NOTES

Internetworking With TCP/IP vol 1 -- Part 4

31

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART V MAPPING INTERNET ADDRESSES TO PHYSICAL ADDRESSES (ARP)

Internetworking With TCP/IP vol 1 -- Part 5

2005

Motivation
d Must use hardware (physical) addresses to communicate over network d Applications only use Internet addresses

Internetworking With TCP/IP vol 1 -- Part 5

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example
d Computers A and B on same network d Application on A generates packet for application on B d Protocol software on A must use Bs hardware address when sending a packet

NOTES

Internetworking With TCP/IP vol 1 -- Part 5

2005

Consequence
d Protocol software needs a mechanism that maps an IP address to equivalent hardware address d Known as address resolution problem

Internetworking With TCP/IP vol 1 -- Part 5

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Address Resolution
d Performed at each step along path through Internet d Two basic algorithms
Direct mapping Dynamic binding

NOTES

d Choice depends on type of hardware

Internetworking With TCP/IP vol 1 -- Part 5

2005

Direct Mapping
d Easy to understand d Efcient d Only works when hardware address is small d Technique: assign computer an IP address that encodes the hardware address

Internetworking With TCP/IP vol 1 -- Part 5

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Direct Mapping


d Hardware: proNet ring network d Hardware address: 8 bits d Assume IP address 192.5.48.0 (24-bit prex) d Assign computer with hardware address K an IP address 192.5.48.K d Resolving an IP address means extracting the hardware address from low-order 8 bits

NOTES

Internetworking With TCP/IP vol 1 -- Part 5

2005

Dynamic Binding
d Needed when hardware addresses are large (e.g., Ethernet) d Allows computer A to nd computer Bs hardware address
A starts with Bs IP address A knows B is on the local network

d Technique: broadcast query and obtain response d Note: dynamic binding only used across one network at a time

Internetworking With TCP/IP vol 1 -- Part 5

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Internet Address Resolution Protocol (ARP)


d Standard for dynamic address resolution in the Internet d Requires hardware broadcast d Intended for LAN d Important idea: ARP only used to map addresses within a single physical network, never across multiple networks

NOTES

Internetworking With TCP/IP vol 1 -- Part 5

2005

ARP
d Machine A broadcasts ARP request with Bs IP address d All machines on local net receive broadcast d Machine B replies with its physical address d Machine A adds Bs address information to its table d Machine A delivers packet directly to B

Internetworking With TCP/IP vol 1 -- Part 5

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of ARP Request And Reply Messages

NOTES

A broadcasts request for B (across local net only)

B replies to request

Internetworking With TCP/IP vol 1 -- Part 5

11

2005

ARP Packet Format When Used With Ethernet


0 8 ETHERNET ADDRESS TYPE (1) ETH ADDR LEN (6) IP ADDR LEN (4) 16 IP ADDRESS TYPE (0800) OPERATION 31

SENDERS ETH ADDR (first 4 octets) SENDERS ETH ADDR (last 2 octets) SENDERS IP ADDR (last 2 octets) SENDERS IP ADDR (first 2 octets) TARGETS ETH ADDR (first 2 octets)

TARGETS ETH ADDR (last 4 octets) TARGETS IP ADDR (all 4 octets)

Internetworking With TCP/IP vol 1 -- Part 5

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Observations About Packet Format


d General: can be used with
Arbitrary hardware address Arbitrary protocol address (not just IP)

NOTES

d Variable length elds (depends on type of addresses) d Length elds allow parsing of packet by computer that does not understand the two address types

Internetworking With TCP/IP vol 1 -- Part 5

13

2005

Retention Of Bindings
d Cannot afford to send ARP request for each packet d Solution
Maintain a table of bindings

d Effect
Use ARP one time, place results in table, and then send many packets

Internetworking With TCP/IP vol 1 -- Part 5

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ARP Caching
d ARP table is a cache d Entries time out and are removed d Avoids stale bindings d Typical timeout: 20 minutes

NOTES

Internetworking With TCP/IP vol 1 -- Part 5

15

2005

Algorithm For Processing ARP Requests


d Extract senders pair, (IA, EA) and update local ARP table if it exists d If this is a request and the target is me
Add senders pair to ARP table if not present Fill in target hardware address Exchange sender and target entries Set operation to reply Send reply back to requester

Internetworking With TCP/IP vol 1 -- Part 5

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Algorithm Features
d If A ARPs B, B keeps As information
B will probably send a packet to A soon

NOTES

d If A ARPs B, other machines do not keep As information


Avoids clogging ARP caches needlessly

Internetworking With TCP/IP vol 1 -- Part 5

17

2005

Conceptual Purpose Of ARP


d Isolates hardware address at low level d Allows application programs to use IP addresses

Internetworking With TCP/IP vol 1 -- Part 5

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ARP Encapsulation
d ARP message travels in data portion of network frame d We say ARP message is encapsulated

NOTES

Internetworking With TCP/IP vol 1 -- Part 5

19

2005

Illustration Of ARP Encapsulation


ARP MESSAGE

FRAME HEADER

FRAME DATA AREA

Internetworking With TCP/IP vol 1 -- Part 5

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Ethernet Encapsulation
d ARP message placed in frame data area d Data area padded with zeroes if ARP message is shorter than minimum Ethernet frame d Ethernet type 0x0806 used for ARP

NOTES

Internetworking With TCP/IP vol 1 -- Part 5

21

2005

Reverse Address Resolution Protocol


d Maps Ethernet address to IP address d Same packet format as ARP d Intended for bootstrap
Computer sends its Ethernet address RARP server responds by sending computers IP address

d Seldom used (replaced by DHCP)

Internetworking With TCP/IP vol 1 -- Part 5

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Computers IP address independent of computers hardware address d Applications use IP addresses d Hardware only understands hardware addresses d Must map from IP address to hardware address for transmission d Two types
Direct mapping Dynamic mapping

NOTES

Internetworking With TCP/IP vol 1 -- Part 5

23

2005

Summary
(continued)
d Address Resolution Protocol (ARP) used for dynamic address mapping d Important for Ethernet d Sender broadcasts ARP request, and target sends ARP reply d ARP bindings are cached d Reverse ARP was originally used for bootstrap

Internetworking With TCP/IP vol 1 -- Part 5

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART VI INTERNET PROTOCOL: CONNECTIONLESS DATAGRAM DELIVERY

Internetworking With TCP/IP vol 1 -- Part 6

2005

Internet Protocol
d One of two major protocols in TCP/IP suite d Major goals
Hide heterogeneity Provide the illusion of a single large network Virtualize access

Internetworking With TCP/IP vol 1 -- Part 6

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Concept

NOTES

IP allows a user to think of an internet as a single virtual network that interconnects all hosts, and through which communication is possible; its underlying architecture is both hidden and irrelevant.

Internetworking With TCP/IP vol 1 -- Part 6

2005

Internet Services And Architecture Of Protocol Software

APPLICATION SERVICES RELIABLE TRANSPORT SERVICE CONNECTIONLESS PACKET DELIVERY SERVICE

d Design has proved especially robust

Internetworking With TCP/IP vol 1 -- Part 6

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IP Characteristics
d Provides connectionless packet delivery service d Denes three important items
Internet addressing scheme Format of packets for the (virtual) Internet Packet forwarding

NOTES

Internetworking With TCP/IP vol 1 -- Part 6

2005

Internet Packet
d Analogous to physical network packet d Known as IP datagram

Internetworking With TCP/IP vol 1 -- Part 6

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IP Datagram Layout
DATAGRAM HEADER DATAGRAM DATA AREA

NOTES

d Header contains
Source Internet address Destination Internet address Datagram type eld

d Payload contains data being carried

Internetworking With TCP/IP vol 1 -- Part 6

2005

Datagram Header Format


0 VERS 4 HLEN 8 TYPE OF SERVICE IDENT TTL TYPE SOURCE IP ADDRESS DESTINATION IP ADDRESS IP OPTIONS (MAY BE OMITTED) BEGINNING OF PAYLOAD (DATA) . . . PADDING FLAGS 16 19 24 TOTAL LENGTH FRAGMENT OFFSET HEADER CHECKSUM 31

Internetworking With TCP/IP vol 1 -- Part 6

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Addresses In The Header


d SOURCE is the address of original source d DESTINATION is the address of ultimate destination

NOTES

Internetworking With TCP/IP vol 1 -- Part 6

2005

IP Versions
d Version eld in header denes version of datagram d Internet currently uses version 4 of IP, IPv4 d Preceding gure is the IPv4 datagram format d IPv6 discussed later in the course

Internetworking With TCP/IP vol 1 -- Part 6

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Datagram Encapsulation
d Datagram encapsulated in network frame d Network hardware treats datagram as data d Frame type eld identies contents as datagram
Set by sending computer Tested by receiving computer

NOTES

Internetworking With TCP/IP vol 1 -- Part 6

11

2005

Datagram Encapsulation For Ethernet

IP HEADER

IP DATA

FRAME HEADER

FRAME DATA

d Ethernet header contains Ethernet hardware addresses d Ethernet type eld set to 0x0800

Internetworking With TCP/IP vol 1 -- Part 6

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Datagram Encapsulated In Ethernet Frame


02 07 01 00 27 ba 08 00 2b 0d 44 a7 08 00 45 00 00 54 82 68 00 00 f f 01 35 21 80 0a 02 03 80 0a 02 08 08 00 73 0b d4 6d 00 00 04 3b 8c 28 28 20 0d 00 08 09 0a 0b 0c 0d 0e 0 f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1 f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2 f 30 31 32 33 34 35 36 37

NOTES

d 20-octet IP header follows Ethernet header d IP source: 128.10.2.3 (800a0203) d IP destination: 128.10.2.8 (800a0208) d IP type: 01 (ICMP)
Internetworking With TCP/IP vol 1 -- Part 6

13

2005

Standards For Encapsulation


d TCP/IP protocols dene encapsulation for each possible type of network hardware
Ethernet Frame Relay Others

Internetworking With TCP/IP vol 1 -- Part 6

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Encapsulation Over Serial Networks


d Serial hardware transfers stream of octets
Leased serial data line Dialup telephone connection

NOTES

d Encapsulation of IP on serial network


Implemented by software Both ends must agree

d Most common standards: Point to Point Protocol (PPP)

Internetworking With TCP/IP vol 1 -- Part 6

15

2005

A Potential Problem
d A datagram can contain up to 65535 total octets (including header) d Network hardware limits maximum size of frame (e.g., Ethernet limited to 1500 octets)
Known as the network Maximum Transmission Unit (MTU)

d Question: how is encapsulation handled if datagram exceeds network MTU?

Internetworking With TCP/IP vol 1 -- Part 6

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Possible Ways To Accommodate Networks With Differing MTUs


d Force datagram to be less than smallest possible MTU
Inefcient Cannot know minimum MTU

NOTES

d Hide the network MTU and accommodate arbitrary datagram size

Internetworking With TCP/IP vol 1 -- Part 6

17

2005

Accommodating Large Datagrams


d Cannot send large datagram in single frame d Solution
Divide datagram into pieces Send each piece in a frame Called datagram fragmentation

Internetworking With TCP/IP vol 1 -- Part 6

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of When Fragmentation Needed


Host A Net 1 MTU=1500 R1 Net 2 MTU=620 R2 Host B Net 3 MTU=1500

NOTES

d Hosts A and B send datagrams of up to 1500 octets d Router R1 fragments large datagrams from Host A before sending over Net 2 d Router R2 fragments large datagrams from Host B before sending over Net 2

Internetworking With TCP/IP vol 1 -- Part 6

19

2005

Datagram Fragmentation
d Performed by routers d Divides datagram into several, smaller datagrams called fragments d Fragment uses same header format as datagram d Each fragment forwarded independently

Internetworking With TCP/IP vol 1 -- Part 6

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Fragmentation
Original datagram Header data1 600 bytes
. . . . . . . . . . .

NOTES

data2 600 bytes

. . . . . . . . . . .

data3 200 bytes

Header1

data1

fragment #1 (offset of 0)

Header2

data2

fragment #2 (offset of 600)

Header3

data3

fragment #3 (offset of 1200)

d Offset species where data belongs in original datagram d Offset actually stored as multiples of 8 octets d MORE FRAGMENTS bit turned off in header of fragment #3

Internetworking With TCP/IP vol 1 -- Part 6

21

2005

Fragmenting A Fragment
d Fragment can be further fragmented d Occurs when fragment reaches an even-smaller MTU d Discussion: which elds of the datagram header are used, and what is the algorithm?

Internetworking With TCP/IP vol 1 -- Part 6

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Reassembly
d Ultimate destination puts fragments back together
Key concept! Needed in a connectionless Internet

NOTES

d Known as reassembly d No need to reassemble subfragments rst d Timer used to ensure all fragments arrive
Timer started when rst fragment arrives If timer expires, entire datagram discarded

Internetworking With TCP/IP vol 1 -- Part 6

23

2005

Time To Live
d TTL eld of datagram header decremented at each hop (i.e., each router) d If TTL reaches zero, datagram discarded d Prevents datagrams from looping indenitely (in case forwarding error introduces loop) d IETF recommends initial value of 255 (max)

Internetworking With TCP/IP vol 1 -- Part 6

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Checksum Field In Datagram Header


d 16-bit 1s complement checksum d Over IP header only! d Recomputed at each hop

NOTES

Internetworking With TCP/IP vol 1 -- Part 6

25

2005

IP Options
d Seldom used d Primarily for debugging d Only some options copied into fragments d Are variable length d Note: padding needed because header length measured in 32-bit multiples d Option starts with option code octet

Internetworking With TCP/IP vol 1 -- Part 6

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Option Code Octet


0 COPY 1 2 3 4 5 OPTION NUMBER 6 7 OPTION CLASS

NOTES

Option Class 0 1 2 3

Meaning Datagram or network control Reserved for future use Debugging and measurement Reserved for future use

Internetworking With TCP/IP vol 1 -- Part 6

27

2005

IP Semantics
d IP uses best-effort delivery
Makes an attempt to deliver Does not guarantee delivery

d In the Internet, routers become overrun or change routes, meaning that:


Datagrams can be lost Datagrams can be duplicated Datagrams can arrive out of order or scrambled

d Motivation: allow IP to operate over the widest possible variety of physical networks

Internetworking With TCP/IP vol 1 -- Part 6

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Output From PING Program


PING venera.isi.edu (128.9.0.32): 64 data bytes at 1.0000 second intervals 72 72 72 72 72 bytes bytes bytes bytes bytes from from from from from 128.9.0.32: 128.9.0.32: 128.9.0.32: 128.9.0.32: 128.9.0.32: icmp_seq=0. icmp_seq=1. icmp_seq=1. icmp_seq=2. icmp_seq=3. time=170. time=150. time=160. time=160. time=160. ms ms ms ms ms

NOTES

----venera.isi.edu PING Statistics---4 packets transmitted, 5 packets received, -25% packet loss round-trip (ms) min/avg/max = 150/160/170

Shows actual case of duplication

Internetworking With TCP/IP vol 1 -- Part 6

29

2005

Summary
d Internet Protocol provides basic connectionless delivery service for the Internet d IP denes IP datagram to be the format of packets on the Internet d Datagram header
Has xed elds Species source, destination, and type Allows options

d Datagram encapsulated in network frame for transmission

Internetworking With TCP/IP vol 1 -- Part 6

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
(continued)
d Fragmentation
Needed when datagram larger than MTU Usually performed by routers Divides datagram into fragments

NOTES

d Reassembly
Performed by ultimate destination If some fragment(s) do not arrive, datagram discarded

d To accommodate all possible network hardware, IP does not require reliability (best-effort semantics)

Internetworking With TCP/IP vol 1 -- Part 6

31

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART VII INTERNET PROTOCOL: FORWARDING IP DATAGRAMS

Internetworking With TCP/IP vol 1 -- Part 7

2005

Datagram Transmission
d Host delivers datagrams to directly connected machines d Host sends datagrams that cannot be delivered directly to router d Routers forward datagrams to other routers d Final router delivers datagram directly

Internetworking With TCP/IP vol 1 -- Part 7

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Question

NOTES

Does a host need to make forwarding choices? Answer: YES!

Internetworking With TCP/IP vol 1 -- Part 7

2005

Example Host That Must Choose How To Forward Datagrams

path to some destinations R1

path to other destinations R2

HOST

d Note: host is singly homed!

Internetworking With TCP/IP vol 1 -- Part 7

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Two Broad Cases


d Direct delivery
Ultimate destination can be reached over one network The last hop along a path Also occurs when two communicating hosts both attach to the same physical network

NOTES

d Indirect delivery
Requires intermediary (router)

Internetworking With TCP/IP vol 1 -- Part 7

2005

Important Design Decision

Transmission of an IP datagram between two machines on a single physical network does not involve routers. The sender encapsulates the datagram in a physical frame, binds the destination IP address to a physical hardware address, and sends the resulting frame directly to the destination.

Internetworking With TCP/IP vol 1 -- Part 7

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Testing Whether A Destination Lies On The Same Physical Network As The Sender

NOTES

Because the Internet addresses of all machines on a single network include a common network prefix and extracting that prefix requires only a few machine instructions, testing whether a machine can be reached directly is extremely efficient.

Internetworking With TCP/IP vol 1 -- Part 7

2005

Datagram Forwarding
d General paradigm
Source host sends to rst router Each router passes datagram to next router Last router along path delivers datagram to destination host

d Only works if routers cooperate

Internetworking With TCP/IP vol 1 -- Part 7

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

General Concept
Routers in a TCP/IP Internet form a cooperative, interconnected structure. Datagrams pass from router to router until they reach a router that can deliver the datagram directly.

NOTES

Internetworking With TCP/IP vol 1 -- Part 7

2005

Efcient Forwarding
d Decisions based on table lookup d Routing tables keep only network portion of addresses (size proportional to number of networks, not number of hosts) d Extremely efcient
Lookup Route update

Internetworking With TCP/IP vol 1 -- Part 7

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Important Idea
d Table used to decide how to send datagram known as routing table (also called a forwarding table) d Routing table only stores address of next router along the path d Scheme is known as next-hop forwarding or next-hop routing

NOTES

Internetworking With TCP/IP vol 1 -- Part 7

11

2005

Terminology
d Originally
Routing used to refer to passing datagram from router to router

d More recently
Purists decided to use forwarding to refer to the process of looking up a route and sending a datagram

d But...
Table is usually called a routing table

Internetworking With TCP/IP vol 1 -- Part 7

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Conceptual Contents Of Routing Table Found In An IP Router


20.0.0.5 Network 10.0.0.0 Network 20.0.0.0 30.0.0.6 Network 30.0.0.0 40.0.0.7 Network 40.0.0.0

NOTES

Q 10.0.0.5

R 20.0.0.6

S 30.0.0.7

An example Internet with IP addresses

TO REACH NETWORK 20.0.0.0 / 8 30.0.0.0 / 8 10.0.0.0 / 8 40.0.0.0 / 8

ROUTE TO THIS ADDRESS DELIVER DIRECT DELIVER DIRECT 20.0.0.5 30.0.0.7

The routing table for router R

Internetworking With TCP/IP vol 1 -- Part 7

13

2005

Special Cases
d Default route d Host-specic route

Internetworking With TCP/IP vol 1 -- Part 7

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Default Route
d Special entry in IP routing table d Matches any destination address d Only one default permitted d Only selected if no other match in table

NOTES

Internetworking With TCP/IP vol 1 -- Part 7

15

2005

Host-Specic Route
d Entry in routing table d Matches entire 32-bit value d Can be used to send trafc for a specic host along a specic path (i.e., can differ from the network route) d More later in the course

Internetworking With TCP/IP vol 1 -- Part 7

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Level Of Forwarding Algorithm


EXAMINATION OR UPDATES OF ROUTES DATAGRAM TO BE FORWARDED

NOTES

ROUTING TABLE

FORWARDING ALGORITHM

IP addresses used Physical addresses used


DATAGRAM TO BE SENT PLUS ADDRESS OF NEXT HOP

d Routing table uses IP addresses, not physical addresses

Internetworking With TCP/IP vol 1 -- Part 7

17

2005

Summary
d IP uses routing table to forward datagrams d Routing table
Stores pairs of network prex and next hop Can contain host-specic routes and a default route

Internetworking With TCP/IP vol 1 -- Part 7

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART VIII ERROR AND CONTROL MESSAGES (ICMP)

Internetworking With TCP/IP vol 1 -- Part 8

2005

Errors In Packet Switching Networks


d Causes include
Temporary or permanent disconnection Hardware failures Router overrun Routing loops

d Need mechanisms to detect and correct

Internetworking With TCP/IP vol 1 -- Part 8

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Error Detection And Reporting Mechanisms


d IP header checksum to detect transmission errors d Error reporting mechanism to distinguish between events such as lost datagrams and incorrect addresses d Higher level protocols (i.e., TCP) must handle all other problems

NOTES

Internetworking With TCP/IP vol 1 -- Part 8

2005

Error Reporting Mechanism


d Named Internet Control Message Protocol (ICMP) d Required and integral part of IP d Used primarily by routers to report delivery or routing problems to original source d Also includes informational (nonerror) functionality d Uses IP to carry control messages d No error messages sent about error messages

Internetworking With TCP/IP vol 1 -- Part 8

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ICMP Purpose

NOTES

The Internet Control Message Protocol allows a router to send error or control messages to the source of a datagram, typically a host. ICMP provides communication between the Internet Protocol software on one machine and the Internet Protocol software on another.

Internetworking With TCP/IP vol 1 -- Part 8

2005

Error Reporting Vs. Error Correction


d ICMP does not
Provide interaction between a router and the source of trouble Maintain state information (each packet is handled independently)

d Consequence
When a datagram causes an error, ICMP can only report the error condition back to the original source of the datagram; the source must relate the error to an individual application program or take other action to correct the problem.

Internetworking With TCP/IP vol 1 -- Part 8

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Important Restriction
d ICMP only reports problems to original source d Discussion question: what major problem in the Internet cannot be handled with ICMP?

NOTES

Internetworking With TCP/IP vol 1 -- Part 8

2005

ICMP Encapsulation
d ICMP message travels in IP datagram d Entire ICMP message treated as data in the datagram d Two levels of encapsulation result

Internetworking With TCP/IP vol 1 -- Part 8

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ICMP Message Encapsulation


ICMP MESSAGE

NOTES

IP HEADER

IP DATA

FRAME HEADER

FRAME DATA

d ICMP message has header and data area d Complete ICMP message is treated as data in IP datagram d Complete IP datagram is treated as data in physical network frame

Internetworking With TCP/IP vol 1 -- Part 8

2005

Example Encapsulation In Ethernet


02 07 01 00 27 ba 08 00 2b 0d 44 a7 08 00 45 00 00 54 82 68 00 00 f f 01 35 21 80 0a 02 03 80 0a 02 08 08 00 73 0b d4 6d 00 00 04 3b 8c 28 28 20 0d 00 08 09 0a 0b 0c 0d 0e 0 f 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1 f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2 f 30 31 32 33 34 35 36 37

d ICMP header follows IP header, and contains eight bytes d ICMP type eld species echo request message (08) d ICMP sequence number is zero
Internetworking With TCP/IP vol 1 -- Part 8

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ICMP Message Format


d Multiple message types d Each message has its own format d Messages
Begin with 1-octet TYPE eld that identies which of the basic ICMP message types follows Some messages have a 1-octet CODE eld that further classies the message

NOTES

d Example
TYPE species destination unreachable CODE species whether host or network was unreachable
11
2005

Internetworking With TCP/IP vol 1 -- Part 8

ICMP Message Types


Type Field 0 3 4 5 6 8 9 10 11 12 13 14 15 16 17 18 ICMP Message Type Echo Reply Destination Unreachable Source Quench Redirect (change a route) Alternate Host Address Echo Request Router Advertisement Router Solicitation Time Exceeded for a Datagram Parameter Problem on a Datagram Timestamp Request Timestamp Reply Information Request Information Reply Address Mask Request Address Mask Reply

Internetworking With TCP/IP vol 1 -- Part 8

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ICMP Message Types


(continued)
Type Field 30 31 32 33 34 35 36 37 38 39 40 ICMP Message Type Traceroute Datagram Conversion Error Mobile Host Redirect IPv6 Where-Are-You IPv6 I-Am-Here Mobile Registration Request Mobile Registration Reply Domain Name Request Domain Name Reply SKIP Photuris

NOTES

Internetworking With TCP/IP vol 1 -- Part 8

13

2005

Example ICMP Message (ICMP Echo Request)


0 TYPE (8 or 0) IDENTIFIER OPTIONAL DATA ... 8 CODE (0) 16 CHECKSUM SEQUENCE NUMBER 31

d Sent by ping program d Used to test reachability

Internetworking With TCP/IP vol 1 -- Part 8

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example ICMP Message (Destination Unreachable)


0 TYPE (3) 8 CODE (0-12) UNUSED (MUST BE ZERO) INTERNET HEADER + FIRST 64 BITS OF DATAGRAM ... 16 CHECKSUM 31

NOTES

d Used to report that datagram could not be delivered d Code species details

Internetworking With TCP/IP vol 1 -- Part 8

15

2005

Example ICMP Message (Redirect)


0 TYPE (5) 8 CODE (0 to 3) ROUTER INTERNET ADDRESS INTERNET HEADER + FIRST 64 BITS OF DATAGRAM ... 16 CHECKSUM 31

d Used to report incorrect route

Internetworking With TCP/IP vol 1 -- Part 8

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Situation Where An ICMP Redirect Cannot Be Used


R2 R1 S R4

NOTES

R3

R5 D

d R5 cannot redirect R1 to use shorter path

Internetworking With TCP/IP vol 1 -- Part 8

17

2005

Example ICMP Message (Time Exceeded)


0 TYPE (11) 8 CODE (0 or 1) UNUSED (MUST BE ZERO) INTERNET HEADER + FIRST 64 BITS OF DATAGRAM ... 16 CHECKSUM 31

d At least one fragment failed to arrive, or d TTL eld in IP header reached zero

Internetworking With TCP/IP vol 1 -- Part 8

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ICMP Trick
d Include datagram that caused problem in the error message
Efcient (sender must determine how to correct problem) Eliminates need to construct detailed message

NOTES

d Problem: entire datagram may be too large d Solution: send IP header plus 64 bits of data area (sufcient in most cases)

Internetworking With TCP/IP vol 1 -- Part 8

19

2005

Summary
d ICMP
Required part of IP Used to report errors to original source Reporting only: no interaction or error correction

d Several ICMP message types, each with its own format d ICMP message begins with 1-octet TYPE eld d ICMP encapsulated in IP for delivery

Internetworking With TCP/IP vol 1 -- Part 8

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART IX INTERNET PROTOCOL: CLASSLESS AND SUBNET ADDRESS EXTENSIONS (CIDR)

Internetworking With TCP/IP vol 1 -- Part 9

2005

Recall

In the original IP addressing scheme, each physical network is assigned a unique network address; each host on a network has the network address as a prefix of the hosts individual address.

d Routers only examine prex (small routing tables)

Internetworking With TCP/IP vol 1 -- Part 9

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

An Observation
d Division into prex and sufx means: site can assign and use IP addresses in unusual ways provided
All hosts and routers at the site honor the sites scheme Other sites on the Internet can treat addresses as a network prex and a host sufx

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

2005

Classful Addressing
d Three possible classes for networks d Class C network limited to 254 hosts (cannot use all-1s or all-0s) d Personal computers result in networks with many hosts d Class B network allows many hosts, but insufcient class B prexes

Internetworking With TCP/IP vol 1 -- Part 9

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Question
d How can we minimize the number of assigned network prexes (especially class B) without abandoning the 32-bit addressing scheme?

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

2005

Two Answers To The Minimization Question


d Proxy ARP d Subnet addressing

Internetworking With TCP/IP vol 1 -- Part 9

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Proxy ARP
d Layer 2 solution d Allow two physical networks to share a single IP prex d Arrange special system to answer ARP requests and forward datagrams between networks

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

2005

Illustration Of Proxy ARP


Main Network H1 H2 H3 R H4 Hidden Network H5 Router running proxy ARP

d Hosts think they are on same network d Known informally as the ARP hack

Internetworking With TCP/IP vol 1 -- Part 9

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Assessment Of Proxy ARP


d Chief advantages
Transparent to hosts No change in IP routing tables

NOTES

d Chief disadvantages
Does not generalize to complex topology Only works on networks that use ARP Most proxy ARP systems require manual conguration

Internetworking With TCP/IP vol 1 -- Part 9

2005

Subnet Addressing
d Not part of original TCP/IP address scheme d Allows an organization to use a single network prex for multiple physical networks d Subdivides the host sufx into a pair of elds for physical network and host d Interpreted only by routers and hosts at the site; treated like normal address elsewhere

Internetworking With TCP/IP vol 1 -- Part 9

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Subnet Addressing


Network 128.10.1.0 128.10.1.1 REST OF THE INTERNET H1 R H2 128.10.1.2

NOTES

Network 128.10.2.0 128.10.2.1 all traffic to 128.10.0.0 H3 H4 128.10.2.2

d Both physical networks share prex 128.10 d Router R uses third octet of address to choose physical net

Internetworking With TCP/IP vol 1 -- Part 9

11

2005

Interpretation Of Addresses
d Classful interpretation is two-level hierarchy
Physical network identied by prex Host on the net identied by sufx

d Subnetted interpretation is three-level hierarchy


Site identied by network prex Physical net at site identied by part of sufx Host on the net identied by remainder of sufx

Internetworking With TCP/IP vol 1 -- Part 9

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Address Interpretation (Subnetted Class B Address)


Internet part
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

NOTES

local part
. . . . . . . . . . . . . . . . . . .

Internet part

physical network

host

Note: in this case, 16-bit host portion is divided into two 8-bit elds

Internetworking With TCP/IP vol 1 -- Part 9

13

2005

Choice Of Subnet Size


d How should host portion of address be divided? d Answer depends on topology at site and number of hosts per network

Internetworking With TCP/IP vol 1 -- Part 9

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Site With Hierarchical Topology

NOTES

To rest of Internet R1 Network 1 R2 Network 2 R3 Network 3

R4 Network 4

R5 Network 5

Internetworking With TCP/IP vol 1 -- Part 9

15

2005

Illustration Of Subnet Addressing


Rest of the Internet
Subnet address treated as normal IP address

Router at site

R1

Subnet identified by using part of host portion to identify physical net

128.10.1.0
R2 R3

128.10.2.0

128.10.3.0

Site using third octet to subnet address 128.10.0.0

Internetworking With TCP/IP vol 1 -- Part 9

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Address Mask
d Each physical network is assigned 32-bit address mask (also called subnet mask) d One bits in mask cover network prex plus zero or more bits of sufx portion d Logical and between mask and destination IP address extracts the prex and subnet portions

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

17

2005

Two Possible Mask Assignments


d Fixed-length subnet masks d Variable-length subnet masks

Internetworking With TCP/IP vol 1 -- Part 9

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Fixed-length Subnet Masks


d Organization uses same mask on all networks d Advantages
Uniformity Ease of debugging / maintenance

NOTES

d Disadvantages
Number of nets xed for entire organization Size of physical nets xed for entire organization

Internetworking With TCP/IP vol 1 -- Part 9

19

2005

Possible Fixed-Length Subnets For Sixteen Bit Host Address


Bits in mask 16 18 19 20 21 22 23 24 25 26 27 28 29 30 # subnets 1 2 6 14 30 62 126 254 510 1022 2046 4094 8190 16382 # hosts/subnet 65534 16382 8190 4094 2046 1022 510 254 126 62 30 14 6 2

d All-0s and all-1s values must be omitted d Organization chooses one line in table
Internetworking With TCP/IP vol 1 -- Part 9

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Variable-Length Subnet Masks (VLSM)


d Administrator chooses size for each physical network d Mask assigned on per-network basis d Advantages
Flexibility to mix large and small nets More complete use of address space

NOTES

d Disadvantages
Difcult to assign / administer Potential address ambiguity More routes

Internetworking With TCP/IP vol 1 -- Part 9

21

2005

Use Of Address Space (Start With 16 Bits Of Host Sufx)


d One possible VLSM assignment (92.9% of addresses used)
11 networks of 2046 hosts each 24 networks of 254 hosts each 256 networks of 126 hosts each

d Another possible VLSM assignment (93.1% of addresses used)


9 networks of 2046 hosts each 2 networks of 1022 hosts each 40 networks of 510 hosts each 160 networks of 126 hosts each
22
2005

Internetworking With TCP/IP vol 1 -- Part 9

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Subnet Details
d Two interesting facts
Can assign all-0s or all-1s subnet Can assign noncontiguous subnet mask bits

NOTES

d In practice
Should avoid both

d Discussion question: why does the subnet standard allow the all-1s and all-0s subnet numbers?

Internetworking With TCP/IP vol 1 -- Part 9

23

2005

VLSM Example
d Use low-order sixteen bits of 128.10.0.0 d Create seven subnets d Subnet 1
Up to 254 hosts Subnet mask is 24 bits

d Subnets 2 through 7
Up to 62 hosts each Subnet mask is 26 bits

Internetworking With TCP/IP vol 1 -- Part 9

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example VLSM Prexes


d Subnet 1 (up to 254 hosts)
mask: 11111111 11111111 11111111 00000000

NOTES

prefix: 10000000 00001010 00000001 00000000

d Subnet 2 (up to 62 hosts)


mask: 11111111 11111111 11111111 11000000

prefix: 10000000 00001010 00000000 10000000

d Subnet 3 (up to 62 hosts)


mask: 11111111 11111111 11111111 11000000

prefix: 10000000 00001010 00000000 11000000

Internetworking With TCP/IP vol 1 -- Part 9

25

2005

Example VLSM Prexes


(continued)
d Subnet 4 (up to 62 hosts)
mask: 11111111 11111111 11111111 11000000

prefix: 10000000 00001010 00000001 00000000

d Subnet 5 (up to 62 hosts)


mask: 11111111 11111111 11111111 11000000

prefix: 10000000 00001010 00000001 01000000

d Subnet 6 (up to 62 hosts)


mask: 11111111 11111111 11111111 11000000

prefix: 10000000 00001010 00000001 10000000


Internetworking With TCP/IP vol 1 -- Part 9

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example VLSM Prexes


(continued)
d Subnet 7 (up to 62 hosts)
mask: 11111111 11111111 11111111 11000000

NOTES

prefix: 10000000 00001010 00000001 11000000

Internetworking With TCP/IP vol 1 -- Part 9

27

2005

Address Ambiguity
d Address of host 63 on subnet 1 is
mask: 11111111 11111111 11111111 00000000

prefix: 10000000 00001010 00000001 00000000 host: 10000000 00001010 00000001 00111111

d Directed broadcast address on subnet 4 is


mask: 11111111 11111111 11111111 11000000

prefix: 10000000 00001010 00000001 00000000 bcast: 10000000 00001010 00000001 00111111

d Same value!
Internetworking With TCP/IP vol 1 -- Part 9

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

More Address Ambiguity


d Directed broadcast address on subnet 1 is
mask: prefix: 11111111 11111111 11111111 00000000 10000000 00001010 00000001 00000000

NOTES

broadcast: 10000000 00001010 00000001 11111111

d Directed broadcast address on subnet 7 is


mask: 11111111 11111111 11111111 11000000

prefix: 10000000 00001010 00000001 11000000 broadcast:10000000 00001010 00000001 11111111

d Same value!
Internetworking With TCP/IP vol 1 -- Part 9

29

2005

Example Of Illegal Subnet Assignment


Net 1 (not a subnet address)

R1 Net 2 (subnet of address N)

R2 Net 3 (subnet of address N)

d Host cannot route among subnets d Rule: subnets must be contiguous!

Internetworking With TCP/IP vol 1 -- Part 9

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Variety Of Routes
d Forwarding must accommodate
Network-specic routes Subnet-specic routes Host-specic routes Default route Limited broadcast Directed broadcast to network Directed broadcast to specic subnet

NOTES

d Single algorithm with address masks can accommodate all the above
Internetworking With TCP/IP vol 1 -- Part 9

31

2005

Use Of Address Masks


d Each entry in routing table also has address mask d All-1s mask used for host-specic routes d Network mask used for network-specic routes d Subnet mask used for subnet-specic routes d All-0s mask used for default route

Internetworking With TCP/IP vol 1 -- Part 9

32

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Unied Forwarding Algorithm


Algorithm:
Forward_IP_Datagram (datagram, routing_table) Extract destination IP address, ID, from datagram; If prefix of ID matches address of any directly connected network send datagram to destination over that network (This involves resolving ID to a physical address, encapsulating the datagram, and sending the frame.) else for each entry in routing table do Let N be the bitwise-and of ID and the subnet mask If N equals the network address field of the entry then forward the datagram to the specified next hop address endforloop If no matches were found, declare a forwarding error;

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

33

2005

Special Case: Unnumbered Serial Network


d Only two endpoints d Not necessary to assign (waste) network prex d Trick: use remote IP address as next hop

Internetworking With TCP/IP vol 1 -- Part 9

34

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Unnumbered Serial Network

NOTES

128.10.0.0 R1
1 2

128.211.0.0 leased serial line R2

128.10.2.250

(a)

128.211.0.100

TO REACH HOSTS ON NETWORK 128.10.0.0 default

ROUTE TO THIS ADDRESS DELIVER DIRECT 128.211.0.100 (b)

USING THIS INTERFACE 1 2

Internetworking With TCP/IP vol 1 -- Part 9

35

2005

Classless Inter-Domain Routing (CIDR)


d Problem
Continued exponential Internet growth Subnetting insufcient Limited IP addresses (esp. Class B)

d Dire prediction made in 1993:


We will exhaust the address space in a few years.

Note: address space is not near exhaustion

Internetworking With TCP/IP vol 1 -- Part 9

36

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

CIDR Addressing
d Solution to problem
Temporary x until next generation of IP Backward compatible with classful addressing Extend variable-length subnet technology to prexes

NOTES

d CIDR was predicted to work for a few years


Extremely successful! Will work for at least 25 years!

Internetworking With TCP/IP vol 1 -- Part 9

37

2005

One Motivation For CIDR: Class C


d Fewer than seventeen thousand Class B numbers (total) d More than two million Class C network numbers d No one wants Class C (too small) d CIDR allows
Merging 256 Class C numbers into a single prex that is equivalent to Class B Splitting a Class B along power of two boundaries

Internetworking With TCP/IP vol 1 -- Part 9

38

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

CIDR Notation
d Addresses written NUMBER / m
NUMBER is IP prex m is address mask length 214.5.48.0/20 Prex occupies 20 bits Sufx occupies 12 bits

NOTES

d Example

d Mask values must be converted to dotted decimal when conguring a router (and binary internally)

Internetworking With TCP/IP vol 1 -- Part 9

39

2005

Route Proliferation
d If classful forwarding used, CIDR addresses result in more routes d Example:
Single CIDR prex spans 256 Class C network numbers (supernetting) Classful routing table requires 256 separate entries

Internetworking With TCP/IP vol 1 -- Part 9

40

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Route Condensation
d Solution: change forwarding as well as addressing d Store address mask with each route d Send pair of (address, mask) whenever exchanging routing information d Known as a CIDR block

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

41

2005

Example Of A CIDR Block

Dotted Decimal lowest highest 128.211.168.0 128.211.175.255

32-bit Binary Equivalent 10000000 11010011 10101000 00000000 10000000 11010011 10101111 11111111

Internetworking With TCP/IP vol 1 -- Part 9

42

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Dotted Decimal Equivalents


CIDR Notation /1 /2 /3 /4 /5 /6 /7 /8 /9 /10 /11 /12 /13 /14 /15 /16 Dotted Decimal 128.0.0.0 192.0.0.0 224.0.0.0 240.0.0.0 248.0.0.0 252.0.0.0 254.0.0.0 255.0.0.0 255.128.0.0 255.192.0.0 255.224.0.0 255.240.0.0 255.248.0.0 255.252.0.0 255.254.0.0 255.255.0.0 CIDR Notation /17 /18 /19 /20 /21 /22 /23 /24 /25 /26 /27 /28 /29 /30 /31 /32 Dotted Decimal 255.255.128.0 255.255.192.0 255.255.224.0 255.255.240.0 255.255.248.0 255.255.252.0 255.255.254.0 255.255.255.0 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 255.255.255.254 255.255.255.255

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

43

2005

Example Of /30 CIDR Block


Dotted Decimal lowest highest 128.211.176.212 128.211.176.215 32-bit Binary Equivalent 10000000 11010011 10110000 11010100 10000000 11010011 10110000 11010111

d Useful when customer of ISP has very small network

Internetworking With TCP/IP vol 1 -- Part 9

44

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Implementation Of CIDR Route Lookup


d Each entry in routing table has address plus mask d Search is organized from most-specic to least-specic (i.e., entry with longest mask is tested rst) d Known as longest-prefix lookup or longest-prefix search

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

45

2005

Implementing Longest-Prex Matching


d Cannot easily use hashing d Data structure of choice is binary trie d Identies unique prex needed to match route

Internetworking With TCP/IP vol 1 -- Part 9

46

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Unique Prexes


32-Bit Address 00110101 01000110 01010110 01100001 10101010 10110000 10111011 00000000 00000000 00000000 00000000 11110000 00000010 00001010 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 Unique Prefix 00 0100 0101 011 1010 10110 10111

NOTES

Internetworking With TCP/IP vol 1 -- Part 9

47

2005

Example Binary Trie For The Seven Prexes

d Path for 0101 is shown in red

Internetworking With TCP/IP vol 1 -- Part 9

48

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Modications And Extensions


d Several variations of trie data structures exist
PATRICIA trees Level-Compressed tries (LC-tries)

NOTES

d Motivation
Handle longest-prex match Skip levels that do not distinguish among routes

Internetworking With TCP/IP vol 1 -- Part 9

49

2005

Nonroutable Addresses
d CIDR blocks reserved for use within a site d Must never appear on the Internet d ISPs do not maintain routes d Also called private addresses
Prefix 10 / 8 172.16 / 12 192.168 / 16 169.254 / 16 Lowest Address 10.0.0.0 172.16.0.0 192.168.0.0 169.254.0.0 Highest Address 10.255.255.255 172.31.255.255 192.168.255.255 169.254.255.255

Internetworking With TCP/IP vol 1 -- Part 9

50

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Original IP addressing scheme was classful d Two extensions added
Subnet addressing CIDR addressing

NOTES

d Subnetting used only within a site d CIDR used throughout the Internet d Both use 32-bit address mask
CIDR mask identies division between network prex and host sufx Subnet mask identies boundary between subnet and individual host
51
2005

Internetworking With TCP/IP vol 1 -- Part 9

Summary
(continued)
d Single unied forwarding algorithm handles routes that are
Network-specic Subnet-specic Host-specic Limited broadcast Directed broadcast to network Directed broadcast to subnet Default

d Longest-prex match required


Typical implementation: binary trie
52
2005

Internetworking With TCP/IP vol 1 -- Part 9

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART X PROTOCOL LAYERING

Internetworking With TCP/IP vol 1 -- Part 10

2005

Motivation For Layering


d Communication is difcult to understand d Many subproblems
Hardware failure Network congestion Packet delay or loss Data corruption Data duplication or inverted arrivals

Internetworking With TCP/IP vol 1 -- Part 10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Solving The Problem


d Divide the problem into pieces d Solve subproblems separately d Combine into integrated whole d Result is layered protocols

NOTES

Internetworking With TCP/IP vol 1 -- Part 10

2005

Protocol Layering
d Separates protocol functionality d Each layer solves one part of the communication problem d Intended primarily for protocol designers d Set of layers is called a protocol stack

Internetworking With TCP/IP vol 1 -- Part 10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Concept Of Layering

NOTES

Sender Layer n ... Layer 2 Layer 1

Receiver Layer n ... Layer 2 Layer 1

Network

Internetworking With TCP/IP vol 1 -- Part 10

2005

More Realistic Layering


Conceptual Layers High-Level Protocol Layer Internet Protocol Layer Network Interface Layer (a) Interface 1 Protocol 1 Software Organization Protocol 2 Protocol 3

IP Module

Interface 2 (b)

Interface 3

Internetworking With TCP/IP vol 1 -- Part 10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Layering In An Internet

NOTES
Receiver

Sender

other... IP Layer Interface IP Layer Interface IP Layer Interface

other... IP Layer Interface

Net 1

Net 2

Net 3

Internetworking With TCP/IP vol 1 -- Part 10

2005

Examples Of Layering
d Two models exist d ISO 7-layer reference model for Open System Interconnection (OSI)
Predates TCP/IP Does not include an Internet layer Prescriptive (designed before protocols)

d Internet 5-layer reference model


Designed for TCP/IP Descriptive (designed along with actual protocols)

Internetworking With TCP/IP vol 1 -- Part 10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ISO 7-Layer Reference Model


Layer 7 6 5 4 3 2 1 Functionality Application Presentation Session Transport Network Data Link (Hardware Interface) Physical Hardware Connection

NOTES

Internetworking With TCP/IP vol 1 -- Part 10

2005

TCP/IP 5-Layer Reference Model

Conceptual Layer Application

Objects Passed Between Layers

Messages or Streams Transport Transport Protocol Packets Internet IP Datagrams Network Interface
. . ......................... ............ . . . . . . . . . . Hardware . . . . . . . . . . . ......................... ............ .

Network-Specific Frames

d Only four layers above hardware

Internetworking With TCP/IP vol 1 -- Part 10

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP/IP Layer 1: Physical Hardware


d Denes electrical signals used in communication (e.g., voltages on wires between two computers) d Uninteresting except to electrical engineers

NOTES

Internetworking With TCP/IP vol 1 -- Part 10

11

2005

TCP/IP Layer 2: Network Interface


d Denes communication between computer and network hardware d Isolates details of hardware (MAC) addressing d Example protocol: ARP d Code is usually in the operating system

Internetworking With TCP/IP vol 1 -- Part 10

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP/IP Layer 3: Internet


d Protocol is IP d Provides machine to machine communication d Denes best-effort, connectionless datagram delivery service for the Internet d Code is usually in the operating system

NOTES

Internetworking With TCP/IP vol 1 -- Part 10

13

2005

TCP/IP Layer 4: Transport


d Provides end-to-end connection from application program to application program d Often handles reliability, ow control d Protocols are TCP and UDP d Code is usually in the operating system

Internetworking With TCP/IP vol 1 -- Part 10

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP/IP Layer 5: Application


d Implemented by application programs d Many application-specic protocols in the Internet d Built on top of transport layer

NOTES

Internetworking With TCP/IP vol 1 -- Part 10

15

2005

Two Differences Between TCP/IP And Other Layered Protocols


d TCP/IP uses end-to-end reliability instead of link-level reliability d TCP/IP places the locus of intelligence and decision making at the edge of the network instead of the core

Internetworking With TCP/IP vol 1 -- Part 10

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Layering Principle

NOTES

Software implementing layer n at the destination receives exactly the message sent by software implementing layer n at the source.

Internetworking With TCP/IP vol 1 -- Part 10

17

2005

Illustration Of Layering Principle


Host A Application identical message Transport identical packet Internet identical datagram Network Interface identical frame Physical Net Network Interface Internet Transport Host B Application

Internetworking With TCP/IP vol 1 -- Part 10

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

When A Datagram Traverses The Internet


d All layers involved at
Original source Ultimate destination

NOTES

d Only up through IP layer involved at


Intermediate routers

Internetworking With TCP/IP vol 1 -- Part 10

19

2005

Illustration Of Layering In An Internet


Host A Application identical message Host B Application

Transport

identical packet Router R

Transport

Internet identical datagram Network Interface

Internet identical datagram Network Interface

Internet

identical frame Physical Net 1

identical frame Physical Net 2

Network Interface

Internetworking With TCP/IP vol 1 -- Part 10

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

A Key Denition
d A protocol is classied as end-to-end if the layering principle applies from one end of the Internet to the other d Examples
IP is machine-to-machine because layering principle only applies across one hop TCP is end-to-end because layering principle from original source to ultimate destination

NOTES

Internetworking With TCP/IP vol 1 -- Part 10

21

2005

Practical Aspect Of Layering


d Multiple protocols at each layer d One protocol used at each layer for given datagram

Internetworking With TCP/IP vol 1 -- Part 10

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Two Protocols At Network Interface Layer: SLIP And PPP


d Both used to send IP across
Serial data circuit Dialup connection

NOTES

d Each denes standards for


Framing (encapsulation) Addressing

d Incompatible

Internetworking With TCP/IP vol 1 -- Part 10

23

2005

Notion Of Multiple Interfaces And Layering


Conceptual Layer Transport Internet Network Interface Intranet Protocol 1 Software Organization Protocol 2 Protocol 3

IP Module

Interface 1

Interface 2 Point-To-Point (Intranet)

Interface 3

(a)

(b)

Internetworking With TCP/IP vol 1 -- Part 10

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Boundaries In The TCP/IP Layering Model


d High-level protocol address boundary
Division between software that uses hardware addresses and software that uses IP addresses

NOTES

d Operating system boundary


Division between application program running outside the operating system and protocol software running inside the operating system

Internetworking With TCP/IP vol 1 -- Part 10

25

2005

The Consequence Of An Address Boundary

Application programs as well as all protocol software from the Internet layer upward use only IP addresses; the network interface layer handles physical addresses.

Internetworking With TCP/IP vol 1 -- Part 10

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of The Two Boundaries


Conceptual Layer Application Transport Internet Network Interface
........................................ . . . . . . . . . . . . Hardware . . . . . . . ........................................ .

NOTES

Boundary

Software outside the operating system Software inside the operating system

Only IP addresses used Physical addresses used

Internetworking With TCP/IP vol 1 -- Part 10

27

2005

Handling Multiple Protocols Per Layer


d Sender places eld in header to say which protocol used at each layer d Receiver uses eld to determine which protocol at next layer receives the packet d Known as multiplexing and demultiplexing

Internetworking With TCP/IP vol 1 -- Part 10

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Demultiplexing An Incoming Frame

NOTES

IP Module

ARP Module

RARP Module

Demultiplexing Based On Frame Type

Frame Arrives

Internetworking With TCP/IP vol 1 -- Part 10

29

2005

Example Of Demultiplexing Performed By IP

ICMP Module

UDP Module

TCP Module

IP Module

Datagram Arrives

Internetworking With TCP/IP vol 1 -- Part 10

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Demultiplexing Performed By TCP


Application 1 Application 2 ... Application n

NOTES

TCP Module

Segment Arrives

d TCP is part of operating system d Transfer to application program must cross operating system boundary

Internetworking With TCP/IP vol 1 -- Part 10

31

2005

Discussion
d What are the key advantages and disadvantages of multiplexing / demultiplexing? d Can you think of an alternative?

Internetworking With TCP/IP vol 1 -- Part 10

32

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Layering
Intended for designers Helps control complexity in protocol design

NOTES

d TCP/IP uses 5-layer reference model d Conceptually, a router only needs layers 2 and 3, and a host needs all layers d IP is machine-to-machine protocol d TCP is end-to-end protocol d Demultiplexing used to handle multiple protocols at each layer

Internetworking With TCP/IP vol 1 -- Part 10

33

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XI USER DATAGRAM PROTOCOL (UDP)

Internetworking With TCP/IP vol 1 -- Part 11

2005

Identifying The Ultimate Destination


d IP address only species a computer d Need a way to specify an application program (process) on a computer d Unfortunately
Application programs can be created and destroyed rapidly Each operating system uses its own identication

Internetworking With TCP/IP vol 1 -- Part 11

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Specifying An Application Program


d TCP/IP introduces its own specication d Abstract destination point known as protocol port number (positive integer) d Each OS determines how to bind protocol port number to specic application program

NOTES

Internetworking With TCP/IP vol 1 -- Part 11

2005

User Datagram Protocol


d Transport-layer protocol (Layer 4) d Connectionless service: provides application programs with ability to send and receive messages d Allows multiple, application programs on a single machine to communicate concurrently d Same best-effort semantics as IP
Message can be delayed, lost, or duplicated Messages can arrive out of order

d Application accepts full responsibility for errors

Internetworking With TCP/IP vol 1 -- Part 11

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Added Benet Of UDP

NOTES

The User Datagram Protocol (UDP) provides an unreliable connectionless delivery service using IP to transport messages between machines. It uses IP to carry messages, but adds the ability to distinguish among multiple destinations within a given host computer.

Internetworking With TCP/IP vol 1 -- Part 11

2005

UDP Message Format

0 UDP SOURCE PORT UDP MESSAGE LENGTH

16 UDP DESTINATION PORT UDP CHECKSUM DATA ...

31

d If UDP CHECKSUM eld contains zeroes, receiver does not verify the checksum

Internetworking With TCP/IP vol 1 -- Part 11

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Port Numbers In A UDP Message


d SOURCE PORT identies application on original source computer d DESTINATION PORT identies application on ultimate destination computer d Note: IP addresses of source and destination do not appear explicitly in header

NOTES

Internetworking With TCP/IP vol 1 -- Part 11

2005

UDP Pseudo-Header
d Used when computing or verifying a checksum d Temporarily prepended to UDP message d Contains items from IP header d Guarantees that message arrived at correct destination d Note: pseudo header is not sent across Internet

Internetworking With TCP/IP vol 1 -- Part 11

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Contents Of UDP Pseudo-Header

NOTES
31

16 SOURCE IP ADDRESS DESTINATION IP ADDRESS

ZERO

PROTO

UDP LENGTH

d SOURCE ADDRESS and DESTINATION ADDRESS specify IP address of sending and receiving computers d PROTO contains the Type from the IP datagram header

Internetworking With TCP/IP vol 1 -- Part 11

2005

Position Of UDP In Protocol Stack


Conceptual Layering

Application

User Datagram (UDP)

Internet (IP)

Network Interface

d UDP lies between applications and IP

Internetworking With TCP/IP vol 1 -- Part 11

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Encapsulation

NOTES
UDP DATA AREA

UDP HEADER

IP HEADER

IP DATA AREA

FRAME HEADER

FRAME DATA AREA

Internetworking With TCP/IP vol 1 -- Part 11

11

2005

Division Of Duties Between IP and UDP

The IP layer is responsible for transferring data between a pair of hosts on an internet, while the UDP layer is responsible for differentiating among multiple sources or destinations within one host.

d IP header only identies computer d UDP header only identies application programs

Internetworking With TCP/IP vol 1 -- Part 11

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Demultiplexing Based On UDP Protocol Port Number

NOTES

Port 1

Port 2

Port 3

UDP: Demultiplexing Based On Port UDP Datagram arrives

IP Module

Internetworking With TCP/IP vol 1 -- Part 11

13

2005

Assignment Of UDP Port Numbers


d Small numbers reserved for specic services
Called well-known ports Same interpretation throughout the Internet Used by server software

d Large numbers not reserved


Available to arbitrary application program Used by client software

d More later in the course

Internetworking With TCP/IP vol 1 -- Part 11

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Examples Of Assigned UDP Port Numbers


Decimal 0 7 9 11 13 15 17 19 37 42 43 53 67 68 69 88 111 123 161 162 512 513 514 525 Keyword ECHO DISCARD USERS DAYTIME QUOTE CHARGEN TIME NAMESERVER NICNAME DOMAIN BOOTPS BOOTPC TFTP KERBEROS SUNRPC NTP UNIX Keyword echo discard systat daytime netstat qotd chargen time name whois nameserver bootps bootpc tftp kerberos sunrpc ntp snmp snmp-trap biff who syslog timed
15

NOTES

Description Reserved Echo Discard Active Users Daytime Network Status Program Quote of the Day Character Generator Time Host Name Server Who Is Domain Name Server BOOTP or DHCP Server BOOTP or DHCP Client Trivial File Transfer Kerberos Security Service Sun Remote Procedure Call Network Time Protocol Simple Network Management Protocol SNMP traps UNIX comsat UNIX rwho Daemon System Log Time Daemon
2005

Internetworking With TCP/IP vol 1 -- Part 11

Summary
d User Datagram Protocol (UDP) provides connectionless, best-effort message service d UDP message encapsulated in IP datagram for delivery d IP identies destination computer; UDP identies application on the destination computer d UDP uses abstraction known as protocol port numbers

Internetworking With TCP/IP vol 1 -- Part 11

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XII RELIABLE STREAM TRANSPORT SERVICE (TCP)

Internetworking With TCP/IP vol 1 -- Part 12

2005

Transmission Control Protocol (TCP)


d Major transport service in the TCP/IP suite d Used for most Internet applications (esp. World Wide Web)

Internetworking With TCP/IP vol 1 -- Part 12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP Characteristics
d Stream orientation d Virtual circuit connection d Buffered transfer d Unstructured stream d Full duplex connection d Reliability

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

2005

Providing Reliability
d Traditional technique: Positive Acknowledgement with Retransmission (PAR)
Receiver sends acknowledgement when data arrives Sender starts timer whenever transmitting Sender retransmits if timer expires before acknowledgement arrives

Internetworking With TCP/IP vol 1 -- Part 12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Acknowledgements
Events At Sender Site
Send Packet 1 Receive Packet 1 Send ACK 1 Receive ACK 1 Send Packet 2 Receive Packet 2 Send ACK 2 Receive ACK 2

NOTES

Network Messages

Events At Receiver Site

d Time moves from top to bottom in the diagram

Internetworking With TCP/IP vol 1 -- Part 12

2005

Illustration Of Recovery After Packet Loss


Events At Sender Site
Send Packet 1 Start Timer

Network Messages
Packet lost

Events At Receiver Site

Packet should arrive ACK should be sent ACK would normally arrive at this time Timer Expires Retransmit Packet 1 Start Timer Receive Packet 1 Send ACK 1 Receive ACK 1 Cancel Timer

Internetworking With TCP/IP vol 1 -- Part 12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Problem With Simplistic PAR

NOTES

A simple positive acknowledgement protocol wastes a substantial amount of network bandwidth because it must delay sending a new packet until it receives an acknowledgement for the previous packet.

d Problem is especially severe if network has long latency

Internetworking With TCP/IP vol 1 -- Part 12

2005

Solving The Problem


d Allow multiple packets to be outstanding at any time d Still require acknowledgements and retransmission d Known as sliding window

Internetworking With TCP/IP vol 1 -- Part 12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Sliding Window


initial window

NOTES

10

...

(a) window slides

10

...

(b)

d Window size is xed d As acknowledgement arrives, window moves forward

Internetworking With TCP/IP vol 1 -- Part 12

2005

Why Sliding Window Works

Because a well-tuned sliding window protocol keeps the network completely saturated with packets, it obtains substantially higher throughput than a simple positive acknowledgement protocol.

Internetworking With TCP/IP vol 1 -- Part 12

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Sliding Window


Events At Sender Site
Send Packet 1 Send Packet 2 Send Packet 3 Receive ACK 1 Receive ACK 2 Receive ACK 3 Receive Packet 1 Send ACK 1 Receive Packet 2 Send ACK 2 Receive Packet 3 Send ACK 3

NOTES

Network Messages

Events At Receiver Site

Internetworking With TCP/IP vol 1 -- Part 12

11

2005

Sliding Window Used By TCP


d Measured in byte positions d Illustration
current window
. . . . . . . . . . . . . . . .

10

11

...

d Bytes through 2 are acknowledged d Bytes 3 through 6 not yet acknowledged d Bytes 7 though 9 waiting to be sent d Bytes above 9 lie outside the window and cannot be sent
Internetworking With TCP/IP vol 1 -- Part 12

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Layering Of The Three Major Protocols


Conceptual Layering

NOTES

Application

Reliable Stream (TCP)

User Datagram (UDP)

Internet (IP)

Network Interface

Internetworking With TCP/IP vol 1 -- Part 12

13

2005

TCP Ports, Connections, And Endpoints


d Endpoint of communication is application program d TCP uses protocol port number to identify application d TCP connection between two endpoints identied by four items
Senders IP address Senders protocol port number Receivers IP address Receivers protocol port number

Internetworking With TCP/IP vol 1 -- Part 12

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

An Important Idea About Port Numbers

NOTES

Because TCP identifies a connection by a pair of endpoints, a given TCP port number can be shared by multiple connections on the same machine.

Internetworking With TCP/IP vol 1 -- Part 12

15

2005

Passive And Active Opens


d Two sides of a connection d One side waits for contact
A server program Uses TCPs passive open

d One side initiates contact


A client program Uses TCPs active open

Internetworking With TCP/IP vol 1 -- Part 12

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP Segment Format


0 4 10 SOURCE PORT SEQUENCE NUMBER ACKNOWLEDGEMENT NUMBER HLEN RESERVED CHECKSUM OPTIONS (MAY BE OMITTED) BEGINNING OF PAYLOAD (DATA) . . . CODE BITS WINDOW URGENT PTR PADDING 16 24 DESTINATION PORT 31

NOTES

d Offset species header size (offset of data) in 32-bit words

Internetworking With TCP/IP vol 1 -- Part 12

17

2005

Code Bits In The TCP Segment Header

Bit (left to right) URG ACK PSH RST SYN FIN

Meaning if bit set to 1 Urgent pointer field is valid Acknowledgement field is valid This segment requests a push Reset the connection Synchronize sequence numbers Sender has reached end of its byte stream

Internetworking With TCP/IP vol 1 -- Part 12

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Flow Control And TCP Window


d Receiver controls ow by telling sender size of currently available buffer measured in bytes d Called window advertisement d Each segment, including data segments, species size of window beyond acknowledged byte d Window size may be zero (receiver cannot accept additional data at present) d Receiver can send additional acknowledgement later when buffer space becomes available

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

19

2005

TCP Checksum Computation


d Covers entire segment (header plus data) d Required (unlike UDP) d Pseudo header included in computation as with UDP

Internetworking With TCP/IP vol 1 -- Part 12

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP Pseudo Header

NOTES
31

16 SOURCE IP ADDRESS DESTINATION IP ADDRESS

ZERO

PROTOCOL

TCP LENGTH

Internetworking With TCP/IP vol 1 -- Part 12

21

2005

TCP Retransmission
d Designed for Internet environment
Delays on one connection vary over time Delays vary widely between connections

d Fixed value for timeout will fail


Waiting too long introduces unnecessary delay Not waiting long enough wastes network bandwidth with unnecessary retransmission

d Retransmission strategy must be adaptive

Internetworking With TCP/IP vol 1 -- Part 12

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Adaptive Retransmission
d TCP keeps estimate of round-trip time (RTT) on each connection d Round-trip estimate derived from observed delay between sending segment and receiving acknowledgement d Timeout for retransmission based on current round-trip estimate

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

23

2005

Difculties With Adaptive Retransmission


d The problem is knowing when to retransmit d Segments or ACKs can be lost or delayed, making roundtrip estimation difcult or inaccurate d Round-trip times vary over several orders of magnitude between different connections d Trafc is bursty, so round-trip times uctuate wildly on a single connection

Internetworking With TCP/IP vol 1 -- Part 12

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Difculties With Adaptive Retransmission


(continued)
d Load imposed by a single connection can congest routers or networks d Retransmission can cause congestion d Because an internet contains diverse network hardware technologies, there may be little or no control for intranetwork congestion

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

25

2005

Solution: Smoothing
d Adaptive retransmission schemes keep a statistically smoothed round-trip estimate d Smoothing keeps running average from uctuating wildly, and keeps TCP from overreacting to change d Difculty: choice of smoothing scheme

Internetworking With TCP/IP vol 1 -- Part 12

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Original Smoothing Scheme


d Let RTT be current (old) average round-trip time d Let NRT be a new sample d Compute
RTT = * RTT + * NRT where +=1

NOTES

d Example: = .8, = .2 d Large makes estimate less susceptible to a single long delay (more stable) d Large makes estimate track changes in round-trip time quickly
Internetworking With TCP/IP vol 1 -- Part 12

27

2005

Problems With Original Scheme


d Associating ACKs with transmissions
TCP acknowledges receipt of data, not receipt of transmission Assuming ACK corresponds to most recent transmission can cause instability in round-trip estimate (Cypress syndrome) Assuming ACK corresponds to rst transmission can cause unnecessarily long timeout Both assumptions lead to lower throughput

Internetworking With TCP/IP vol 1 -- Part 12

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Partridge / Karn Scheme


d Solves the problem of associating ACKs with correct transmission d Species ignoring round-trip time samples that correspond to retransmissions d Separates timeout from round-trip estimate for retransmitted packets

NOTES

Also called Karns Algorithm

Internetworking With TCP/IP vol 1 -- Part 12

29

2005

Partridge / Karn Scheme


(continued)
d Starts (as usual) with retransmission timer as a function of round-trip estimate d Doubles retransmission timer value for each retransmission without changing round-trip estimate d Resets retransmission timer to be function of round-trip estimate when ACK arrives for nonretransmitted segment

Internetworking With TCP/IP vol 1 -- Part 12

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Flow Control And Congestion


d Receiver advertises window that species how many additional bytes it can accept d Window size of zero means sender must not send normal data (ACKs and urgent data allowed) d Receiver can never decrease window beyond previously advertised point in sequence space d Sender chooses effective window smaller than receivers advertised window if congestion detected

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

31

2005

Jacobson / Karels Congestion Control


d Assumes long delays (packet loss) due to congestion d Uses successive retransmissions as measure of congestion d Reduces effective window as retransmissions increase d Effective window is minimum of receivers advertisement and computed quantity known as the congestion window

Internetworking With TCP/IP vol 1 -- Part 12

32

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Multiplicative Decrease
d In steady state (no congestion), the congestion window is equal to the receivers window d When segment lost (retransmission timer expires), reduce congestion window by half d Never reduce congestion window to less than one maximum sized segment

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

33

2005

Jacobson / Karels Slow Start


d Used when starting trafc or when recovering from congestion d Self-clocking startup to increase transmission rate rapidly as long as no packets are lost d When starting trafc, initialize the congestion window to the size of a single maximum sized segment d Increase congestion window by size of one segment each time an ACK arrives without retransmission

Internetworking With TCP/IP vol 1 -- Part 12

34

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Jacobson / Karels Congestion Avoidance


d When congestion rst occurs, record one-half of last successful congestion window (ightsize) in a threshold variable d During recovery, use slow start until congestion window reaches threshold d Above threshold, slow down and increase congestion window by one segment per window (even if more than one segment was successfully transmitted in that interval)

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

35

2005

Jacobson / Karels Congestion Avoidance


(continued)
d Increment window size on each ACK instead of waiting for complete window increase = segment / window Let N be segments per window, or
N = congestion_window / max segment size so increase = segment / N = (MSS bytes / N) = MSS / (congestion_window/MSS) or increase = (MSS*MSS)/congestion_window
Internetworking With TCP/IP vol 1 -- Part 12

36

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Changes In Delay
d Original smoothing scheme tracks the mean but not changes d To track changes, compute
DIFF = SAMPLE - RTT RTT = RTT + * DIFF DEV = DEV + (| DIFF | - DEV)

NOTES

d DEV estimates mean deviation d is fraction between 0 and 1 that weights new sample d Retransmission timer is weighted average of RTT and DEV:
RTO = * RTT + * DEV

d Typically, = 1 and = 4

Internetworking With TCP/IP vol 1 -- Part 12

37

2005

Computing Estimated Deviation


d Extremely efcient (optimized) implementation possible
Scale computation by 2n Use integer arithmetic Choose to be 1/2
n

Implement multiplication or division by powers of 2 with shifts Research shows n = 3 works well

Internetworking With TCP/IP vol 1 -- Part 12

38

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP Round-Trip Estimation


100

NOTES

80

60

40

.. .... . .. . ... .. . . . ... . . . .. .. ... ... ... .. . ... . . .. .. . . ... . .. .. . . . .. . ... . . . .... .. ... . ... .. . . ... . . ... ... .... ........ . .. . .. .... ... ... .. .. .. .. ... ... . ..... .. .. . .. . .. .. .. ....... . ..... .. . . . . .. . ..... .. ... .......

20

20

40

60

80

100

120

140

160

180

200

Datagram Number Internetworking With TCP/IP vol 1 -- Part 12

39

2005

Measurement Of Internet Delays For 100 Successive Packets At 1 Second Intervals


12 s

10 s
. x ... . .. x ... . .x x. .. . .x x. .. .. .. x . . . . . . . . . . . . . . . . . . x.. . x . .. . . .. . x .. . . x ... . . . . . . . x . .. . . .. . . . . . . .. . . .. . . . .x. x.x ... .. ... . . . . . . . .. . . . . .. . . .. . .. . . x.. . . . x. . .. . . . . .. . x. . . xx x. . . . .. .. . .. . . . . x . . . .x . . . .. . . . . .. . . . .. . .. x . . . . x x ... .. . . . . .. . . . . . . x . . x . x .. . . . . .. .. . x. . . x. . . . .. x . .. x .x . .. . x.. . x . . .. . .. .. . x ... . . .. x . .. x .x . . ... . x x .. .... . .x . x. x x

8s

6s

Time
4s

2s

. . . . . . . . . . . . . . . . . . . . . . . . .x. xx.x . . . . x . . . . .. . . . x .. . . . . . x . .. . .. . . x . . . . . . . x.x.. . xx . .. . . . . . .. .. x x xx.. . xx ...... . . x. . . xx .. . .. . .x . . . .. .x . . . .. .. .. x .. .. x . . . . .. . .. . . . .. . . . x.. ... x . . . . x ... ... .. . . .. . . . . . . . .. . xx ... .. .. .x . . . . .. . . . . x .. x. . . . . . . . . .x . .. . .x . . .. x.. ... xx.xx.. .. ... . . .. .. . .. x x . x. .x .. . . . .. .. . .x x .. .x . .. . . ..x x x. . .. xx . .. . x x ... x

10

20

30

40

50

60

70

80

90

100

Datagram Number
Internetworking With TCP/IP vol 1 -- Part 12

40

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP Round-Trip Estimation For Sampled Internet Delays


12 s

NOTES

10 s
. x ... . .. x .. . . . x. .. .x .x x. .. .. .. x . . . . . . . . . . . . . . . . . . x.. . x . .. . . .. . x .. . . x ... . . . . . . . . x . .. . . .. . . .. . . . . . .. . . . .x. x.x ... .. ... . . . . . . . .. . . . . .. . . . . .. . . .x . . . . x... . . . . .x .. . x . ... . x . x. . . . . . .. . . . . . .x . . .x . . . .. . . . . .. . . . .. . .. x . . . . x x ... .. . . . . .. . . . . . . x . . x . x .. . . . . x. ... . x.... .. . . . . . . .. . . xx .. x .x . x .. x. .. . . x . ... .. . . .. . x.x . . . . . . .. x ..x .. ... .x . x. x x

8s

6s

Time
4s

2s

. . . . . . . . . . . . . . . . . . . . x

. .x. xx.x . . .

. . . . . . .. x. .. x .. ..

. xx .

. .. x.. ..x .. .. . .. ..x .

. x .. . x .. . . .. . x. . . x.x.. xx . . . x x xx.. . . . x. . .. . .x .x . .. .x . . x .. .. . . . .. . . . . .. . . . x ... ... . . .. . . . . . . . . . . .. .x . x. . .. . x. .x . x . . .. . . .

.. . x . . .. . .x x.. ... xx.xx.. .. x x .. .. . .. .. . . ..x

. x.. . . . .x

.. .. . ..x

. . . . . . . . . . . . . . . . . . . . . . . . . . . . x. .. . . x . .. .. ... x .. . .. .. . x . . . . . . . . . .x

10

20

30

40 50 60 Datagram Number

70

80

90

100

Internetworking With TCP/IP vol 1 -- Part 12

41

2005

TCP Details
d Data ow may be shut down in one direction d Connections started reliably, and terminated gracefully d Connection established (and terminated) with a 3-way handshake

Internetworking With TCP/IP vol 1 -- Part 12

42

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

3-Way Handshake For Connection Startup

NOTES

Events At Site 1 Network Messages Events At Site 2


Send SYN seq=x Receive SYN segment Send SYN seq=y, ACK x+1 Receive SYN + ACK segment Send ACK y+1 Receive ACK segment

Internetworking With TCP/IP vol 1 -- Part 12

43

2005

3-Way Handshake For Connection Shutdown


Events At Site 1
(application closes connection) Send FIN seq=x Receive FIN segment Send ACK x+1 (inform application) Receive ACK segment (application closes connection) Send FIN seq=y, ACK x+1 Receive FIN + ACK segment Send ACK y+1 Receive ACK segment

Network Messages

Events At Site 2

Internetworking With TCP/IP vol 1 -- Part 12

44

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP Finite State Machine


anything / reset begin
CLOSED

NOTES

passive open

close active open / syn send / syn

LISTEN

syn / syn + ack reset

SYN RECVD

syn / syn + ack

SYN SENT

close / timeout / reset

ack close / n close / n


FIN WAIT-1 ESTABLISHED

syn + ack / ack n / ack


CLOSE WAIT

close / n
CLOSING LAST ACK

n / ack n-ack / ack n / ack

ack /

ack /
FIN WAIT-2

ack /
TIME WAIT

timeout after 2 segment. lifetimes


. . . . .

Internetworking With TCP/IP vol 1 -- Part 12

45

2005

TCP Urgent Data


d Segment with urgent bit set contains pointer to last octet of urgent data d Urgent data occupies part of normal sequence space d Urgent data can be retransmitted d Receiving TCP should deliver urgent data to application immediately upon receipt

Internetworking With TCP/IP vol 1 -- Part 12

46

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP Urgent Data


(continued)
d Two interpretations of standard
Out-of-band data interpretation Data mark interpretation

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

47

2005

Data-Mark Interpretation Of Urgent Data


d Has become widely accepted d Single data stream d Urgent pointer marks end of urgent data d TCP informs application that urgent data arrived d Application receives all data in sequence d TCP informs application when end of urgent data reached

Internetworking With TCP/IP vol 1 -- Part 12

48

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Data-Mark Interpretation Of Urgent Data


(continued)
d Application
Reads all data from one stream Must recognize start of urgent data Must buffer normal data if needed later

NOTES

d Urgent data marks read boundary

Internetworking With TCP/IP vol 1 -- Part 12

49

2005

Urgent Data Delivery


d Receiving application placed in urgent mode d Receiving application leaves urgent mode after reading urgent data d Receiving application acquires all available urgent data when in urgent mode

Internetworking With TCP/IP vol 1 -- Part 12

50

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Fast Retransmit
d Coarse-grained clock used to implement RTO
Typically 300 to 500ms per tick

NOTES

d Timer expires up to 1s after segment dropped d Fast retransmission


Sender uses three duplicate ACKs as trigger Sender retransmits early Sender reduces congestion window to half

Internetworking With TCP/IP vol 1 -- Part 12

51

2005

Other TCP Details


d Silly Window Syndrome (SWS) avoidance d Nagle algorithm d Delayed ACKs d For details, read the text

Internetworking With TCP/IP vol 1 -- Part 12

52

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Comparison Of UDP And TCP

NOTES

Reliable Stream (TCP)

User Datagram (UDP)

Internet (IP) Network Interface

d TCP and UDP lie between applications and IP d Otherwise, completely different

Internetworking With TCP/IP vol 1 -- Part 12

53

2005

Comparison Of UDP and TCP


UDP between apps. and IP packets called datagrams unreliable checksum optional connectionless record boundaries intended for LAN no flow control 1-to-1, 1-many, many-1 allows unicast, multicast or broadcast TCP between apps. and IP packets called segments reliable checksum required connection-oriented stream interface useful over WAN or LAN flow control 1-to-1 unicast only

Internetworking With TCP/IP vol 1 -- Part 12

54

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary Of TCP
d Major transport service in the Internet d Connection oriented d Provides end-to-end reliability d Uses adaptive retransmission d Includes facilities for ow control and congestion avoidance d Uses 3-way handshake for connection startup and shutdown

NOTES

Internetworking With TCP/IP vol 1 -- Part 12

55

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XIII ROUTING: CORES, PEERS, AND ALGORITHMS

Internetworking With TCP/IP vol 1 -- Part 13

2005

Internet Routing
(review)
d IP implements datagram forwarding d Both hosts and routers
Have an IP module Forward datagrams

d IP forwarding is table-driven d Table known as routing table

Internetworking With TCP/IP vol 1 -- Part 13

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

How / When Are IP Routing Tables Built?


d Depends on size / complexity of internet d Static routing
Fixes routes at boot time Useful only for simplest cases

NOTES

d Dynamic routing
Table initialized at boot time Values inserted / updated by protocols that propagate route information Necessary in large internets

Internetworking With TCP/IP vol 1 -- Part 13

2005

Routing Tables
d Two sources of information
Initialization (e.g., from disk) Update (e.g., from protocols)

d Hosts tend to freeze the routing table after initialization d Routers use protocols to learn new information and update their routing table dynamically

Internetworking With TCP/IP vol 1 -- Part 13

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Routing With Partial Information

NOTES

A host can forward datagrams successfully even if it only has partial routing information because it can rely on a router.

Internetworking With TCP/IP vol 1 -- Part 13

2005

Routing With Partial Information


(continued)

The routing table in a given router contains partial information about possible destinations. Routing that uses partial information allows sites autonomy in making local routing changes, but introduces the possibility of inconsistencies that may make some destinations unreachable from some sources.

Internetworking With TCP/IP vol 1 -- Part 13

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Original Internet

NOTES

ARPANET BACKBONE

R1

R2

...

Rn

Core Routers

Local Net 1

Local Net 2

Local Net n

d Backbone network plus routers each connecting a local network

Internetworking With TCP/IP vol 1 -- Part 13

2005

Worst Case If All Routers Contain A Default Route

BACKBONE

...
... Rn

R1

R2

Local Net 1

Local Net 2

Local Net n

d Datagram sent to nonexistent destination loops until TTL expires

Internetworking With TCP/IP vol 1 -- Part 13

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Original Routing Architecture


d Small set of core routers with complete information about all destinations d Other routers know local destinations and use the core as central router

NOTES

Internetworking With TCP/IP vol 1 -- Part 13

2005

Illustration Of Default Routes In The Original Internet Core

L1

Ln . . . L7
CORE SYSTEM

L2

L3

L6 L5

L4

Internetworking With TCP/IP vol 1 -- Part 13

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Disadvantage Of Original Core


d Central bottleneck for all trafc d No shortcut routes possible d Does not scale

NOTES

Internetworking With TCP/IP vol 1 -- Part 13

11

2005

Beyond A Core Architecture


d Single core insufcient in world where multiple ISPs each have a wide-area backbone d Two backbones rst appeared when NSF and ARPA funded separate backbone networks d Known as peer backbones

Internetworking With TCP/IP vol 1 -- Part 13

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Peer Backbones

NOTES

HOST 1

ARPANET BACKBONE

HOST 2

R1

R2

R3

HOST 3

NSFNET BACKBONE

HOST 4

Internetworking With TCP/IP vol 1 -- Part 13

13

2005

Partial Core
d Cannot have partial core scheme d Proof:
default routes from sites behind core 1 default route to sites beyond core 1 PARTIAL CORE #1 PARTIAL CORE #2 default routes from sites behind core 2

default route to sites beyond core 2

d Datagram destined for nonexistent destination loops until TTL expires

Internetworking With TCP/IP vol 1 -- Part 13

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

When A Core Routing Architecture Works

NOTES

A core routing architecture assumes a centralized set of routers serves as the repository of information about all possible destinations in an internet. Core systems work best for internets that have a single, centrally managed backbone. Expanding the topology to multiple backbones makes routing complex; attempting to partition the core architecture so that all routers use default routes introduces potential routing loops.

Internetworking With TCP/IP vol 1 -- Part 13

15

2005

General Idea
d Have a set of core routers know routes to all locations d Devise a mechanism that allows other routers to contact the core to learn routes (spread necessary routing information automatically) d Continually update routing information

Internetworking With TCP/IP vol 1 -- Part 13

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Automatic Route Propagation


d Two basic algorithms used by routing update protocols
Distance-vector Link-state

NOTES

d Many variations in implementation details

Internetworking With TCP/IP vol 1 -- Part 13

17

2005

Distance-Vector Algorithm
d Initialize routing table with one entry for each directlyconnected network d Periodically run a distance-vector update to exchange information with routers that are reachable over directlyconnected networks

Internetworking With TCP/IP vol 1 -- Part 13

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Dynamic Update With Distance-Vector


d One router sends list of its routes to another d List contains pairs of destination network and distance d Receiver replaces entries in its table by routes to the sender if routing through the sender is less expensive than the current route d Receiver propagates new routes next time it sends out an update d Algorithm has well-known shortcomings (we will see an example later)

NOTES

Internetworking With TCP/IP vol 1 -- Part 13

19

2005

Example Of Distance-Vector Update

Destination Net 1 Net 2 Net 4 Net 17 Net 24 Net 30 Net 42

Distance 0 0 8 5 6 2 2 (a)

Route direct direct Router L Router M Router J Router Q Router J

Destination Net 1 Net 4 Net 17 Net 21 Net 24 Net 30 Net 42 (b)

Distance 2 3 6 4 5 10 3

d (a) is existing routing table d (b) incoming update (marked items cause change)

Internetworking With TCP/IP vol 1 -- Part 13

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Link-State Algorithm
d Alternative to distance-vector d Distributed computation
Broadcast information Allow each router to compute shortest paths

NOTES

d Avoids problem where one router can damage the entire internet by passing incorrect information d Also called Shortest Path First (SPF)

Internetworking With TCP/IP vol 1 -- Part 13

21

2005

Link-State Update
d Participating routers learn internet topology d Think of routers as nodes in a graph, and networks connecting them as edges or links d Pairs of directly-connected routers periodically
Test link between them Propagate (broadcast) status of link

d All routers
Receive link status messages Recompute routes from their local copy of information

Internetworking With TCP/IP vol 1 -- Part 13

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Routing tables can be
Initialized at startup (host or router) Updated dynamically (router)

NOTES

d Original Internet used core routing architecture d Current Internet accommodates peer backbones d Two important routing algorithms
Distance-vector Link state

Internetworking With TCP/IP vol 1 -- Part 13

23

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XIV ROUTING: EXTERIOR GATEWAY PROTOCOLS AND AUTONOMOUS SYSTEMS (BGP)

Internetworking With TCP/IP vol 1 -- Part 14

2005

General Principle

Although it is desirable for routers to exchange routing information, it is impractical for all routers in an arbitrarily large internet to participate in a single routing update protocol.

d Consequence: routers must be divided into groups

Internetworking With TCP/IP vol 1 -- Part 14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

A Practical Limit On Group Size

NOTES

It is safe to allow up to a dozen routers to participate in a single routing information protocol across a wide area network; approximately five times as many can safely participate across a set of local area networks.

Internetworking With TCP/IP vol 1 -- Part 14

2005

Router Outside A Group


d Does not participate directly in groups routing information propagation algorithm d Will not choose optimal routes if it uses a member of the group for general delivery

Internetworking With TCP/IP vol 1 -- Part 14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Extra Hop Problem


Local Net 1

NOTES
R2
Local Net 2

R1

BACKBONE R3
non-participating router

participating router

participating router

d Non-participating router picks one participating router to use (e.g., R2) d Non-participating router routes all packets to R2 across backbone d Router R2 routes some packets back across backbone to R1

Internetworking With TCP/IP vol 1 -- Part 14

2005

Statement Of The Problem

Treating a group of routers that participate protocol as a default delivery system can hop for datagram traffic; a mechanism is nonparticipating routers to learn routes routers so they can choose optimal routes.

in a routing update introduce an extra needed that allows from participating

Internetworking With TCP/IP vol 1 -- Part 14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Solving The Extra Hop Problem


d Not all routers can participate in a single routing exchange protocol (does not scale) d Even nonparticipating routers should make routing decisions d Need mechanism that allows nonparticipating routers to obtain correct routing information automatically (without the overhead of participating fully in a routing exchange protocol)

NOTES

Internetworking With TCP/IP vol 1 -- Part 14

2005

Hidden Networks
d Each site has complex topology d Nonparticipating router (from another site) cannot attach to all networks

Internetworking With TCP/IP vol 1 -- Part 14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Hidden Networks

NOTES

INTERNET BACKBONE
Participating Router

R1
Local Net 1

R2
Local Net 2

R3
Local Net 3

R4

Local Net 4

d Propagation of route information is independent of datagram routing d Group must learn routes from nonparticipating routers d Example: owner of networks 1 and 3 must tell group that there is a route to network 4
Internetworking With TCP/IP vol 1 -- Part 14

2005

A Requirement For Reverse Information Flow

Because an individual organization can have an arbitrarily complex set of networks interconnected by routers, no router from another organization can attach directly to all networks. A mechanism is needed that allows nonparticipating routers to inform the other group about hidden networks.

Internetworking With TCP/IP vol 1 -- Part 14

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Autonomous System Concept (AS)


d Group of networks under one administrative authority d Free to choose internal routing update mechanism d Connects to one or more other autonomous systems

NOTES

Internetworking With TCP/IP vol 1 -- Part 14

11

2005

Modern Internet Architecture

A large TCP/IP internet has additional structure to accommodate administrative boundaries: each collection of networks and routers managed by one administrative authority is considered to be a single autonomous system that is free to choose an internal routing architecture and protocols.

Internetworking With TCP/IP vol 1 -- Part 14

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

EGPs: Exterior Gateway Protocols


d Originally a single protocol for communicating routes between two autonomous systems d Now refers to any exterior routing protocol d Solves two problems
Allows router outside a group to advertise networks hidden in another autonomous system Allows router outside a group to learn destinations in the group

NOTES

Internetworking With TCP/IP vol 1 -- Part 14

13

2005

Border Gateway Protocol


d The most popular (virtually the only) EGP in use in the Internet d Current version is BGP-4 d Allows two autonomous systems to communicate routing information d Supports CIDR (mask accompanies each route) d Each AS designates a border router to speak on its behalf d Two border routers become BGP peers

Internetworking With TCP/IP vol 1 -- Part 14

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of An EGP (Typically BGP)

NOTES

Common an EGP used Network

R1

R2

Internetworking With TCP/IP vol 1 -- Part 14

15

2005

Key Characteristics Of BGP


d Provides inter-autonomous system communication d Propagates reachability information d Follows next-hop paradigm d Provides support for policies d Sends path information d Permits incremental updates d Allows route aggregation d Allows authentication

Internetworking With TCP/IP vol 1 -- Part 14

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Additional BGP Facts


d Uses reliable transport (i.e., TCP)
Unusual: most routing update protocols use connectionless transport (e.g., UDP)

NOTES

d Sends keepalive messages so other end knows connection is valid (even if no new routing information is needed)

Internetworking With TCP/IP vol 1 -- Part 14

17

2005

Four BGP Message Types

Type Code 1 2 3 4

Message Type OPEN UPDATE NOTIFICATION KEEPALIVE

Description Initialize communication Advertise or withdraw routes Response to an incorrect message Actively test peer connectivity

Internetworking With TCP/IP vol 1 -- Part 14

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

BGP Message Header

NOTES
31

16

24

MARKER

LENGTH

TYPE

d Each BGP message starts with this header

Internetworking With TCP/IP vol 1 -- Part 14

19

2005

BGP Open Message

0 VERSION

16

31

AUTONOMOUS SYSTEMS NUM HOLD TIME BGP IDENTIFIER PARM. LEN

Optional Parameters (variable)

d Used to start a connection d HOLD TIME species max time that can elapse between BGP messages
Internetworking With TCP/IP vol 1 -- Part 14

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

BGP Update Message

NOTES
31

0 WITHDRAWN LEN

16

Withdrawn Destinations (variable) PATH LEN Path Attributes (variable)

Destination Networks (variable)

d Sender can advertise new routes or withdraw old routes

Internetworking With TCP/IP vol 1 -- Part 14

21

2005

Compressed Address Entries


d Each route entry consists of address and mask d Entry can be compressed to eliminate zero bytes

Internetworking With TCP/IP vol 1 -- Part 14

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Format Of BGP Address Entry That Permits Compression

NOTES

0 LEN

31

IP Address (1-4 octets)

d LEN eld species size of address that follows

Internetworking With TCP/IP vol 1 -- Part 14

23

2005

Third-Party Routing Information


d Many routing protocols extract information from the local routing table d BGP must send information from the receivers perspective

Internetworking With TCP/IP vol 1 -- Part 14

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Architecture In Which BGP Must Consider Receivers Perspective

NOTES

To peer in other Autonomous System

Net 5

R1 R3

R2

Runs BGP

Net 1

Net 2

Net 3 R4

Net 4

Internetworking With TCP/IP vol 1 -- Part 14

25

2005

Metric Interpretation
d Each AS can use its own routing protocol d Metrics differ
Hop count Delay Policy-based values

d EGP communicates between two separate autonomous systems

Internetworking With TCP/IP vol 1 -- Part 14

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Key Restriction On An EGP

NOTES

An exterior gateway protocol does not communicate or interpret distance metrics, even if metrics are available.

d Interpretation: my autonomous system provides a path to this network

Internetworking With TCP/IP vol 1 -- Part 14

27

2005

The Point About EGPs

Because an Exterior Gateway Protocol like BGP only propagates reachability information, a receiver can implement policy constraints, but cannot choose a least cost route. A sender must only advertise paths that traffic should follow.

Internetworking With TCP/IP vol 1 -- Part 14

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Internet is too large for all routers to participate in one routing update protocol d Group of networks and routers under one administrative authority is called Autonomous System (AS) d Each AS chooses its own interior routing update protocol d Exterior Gateway Protocol (EGP) is used to communicate routing information between two autonomous systems d Current exterior protocol is Border Gateway Protocol version 4, BGP-4 d An EGP provides reachability information, but does not associate metrics with each route

NOTES

Internetworking With TCP/IP vol 1 -- Part 14

29

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XV ROUTING: INSIDE AN AUTONOMOUS SYSTEM (RIP, OSPF, HELLO)

Internetworking With TCP/IP vol 1 -- Part 15

2005

Static Vs. Dynamic Interior Routes


d Static routes
Initialized at startup Never change Typical for host Sometimes used for router

d Dynamic router
Initialized at startup Updated by route propagation protocols Typical for router Sometimes used in host
2
2005

Internetworking With TCP/IP vol 1 -- Part 15

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Topology In Which Static Routing Is Optimal


Net 1

NOTES

R1 Net 2

R2 Net 3

R3

R4

Net 4

Net 5

d Only one route exists for each destination

Internetworking With TCP/IP vol 1 -- Part 15

2005

Illustration Of Topology In Which Dynamic Routing Is Needed


Net 1

R1 Net 2

R2 Net 3

R5

R3

R4

Net 4

Net 5

d Additional router introduces multiple paths

Internetworking With TCP/IP vol 1 -- Part 15

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Exchanging Routing Information Within An Autonomous System


d Mechanisms called interior gateway protocols, IGPs d Choice of IGP is made by autonomous system d Note: if AS connects to rest of the world, a router in the AS must use an EGP to advertise network reachability to other autonomous systems.

NOTES

Internetworking With TCP/IP vol 1 -- Part 15

2005

Example Of Two Autonomous Systems And the Routing Protocols Used

IGP1 BGP used R1 IGP1 R2

IGP2

IGP2

Internetworking With TCP/IP vol 1 -- Part 15

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example IGPs
d RIP d HELLO d OSPF

NOTES

Internetworking With TCP/IP vol 1 -- Part 15

2005

Routing Information Protocol (RIP)


d Implemented by UNIX program routed d Uses hop count metric d Distance-vector protocol d Relies on broadcast d Assumes low-delay local area network d Uses split horizon and poison reverse techniques to solve inconsistencies d Current standard is RIP2

Internetworking With TCP/IP vol 1 -- Part 15

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Two Forms Of RIP


d Active
Form used by routers Broadcasts routing updates periodically Uses incoming messages to update routes

NOTES

d Passive
Form used by hosts Uses incoming messages to update routes Does not send updates

Internetworking With TCP/IP vol 1 -- Part 15

2005

Illustration Of Hosts Using Passive RIP


To Some Parts Of Internet R1 128.10.0.200 128.10.0.0 R2 128.10.0.209 To Some Parts Of Internet

...

d Host routing table initialized to:


Destination 128.10.0.0 default Route direct 128.10.0.200

d Host listens for RIP broadcast and uses data to update table d Eliminates ICMP redirects
Internetworking With TCP/IP vol 1 -- Part 15

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

RIP Operation
d Each router sends update every 30 seconds d Update contains pairs of (destination address, distance) d Distance of 16 is infinity (i.e., no route)

NOTES

Internetworking With TCP/IP vol 1 -- Part 15

11

2005

Slow Convergence Problem (Count To Innity)

Network N

R1

R2

R3

Routers with routes to network N

Network N

R1

R2

R3

R1 erroneously routes to R2 after failure

Internetworking With TCP/IP vol 1 -- Part 15

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

RIP1 Update Format


0 8 16 31

NOTES

COMMAND

VERSION (1)

RESERVED NET 1 ADDR., OCTETS 1 - 2

FAMILY OF NET 1

NET 1 ADDRESS, OCTETS 3 - 6 NET 1 ADDRESS, OCTETS 7 - 10 NET 1 ADDRESS, OCTETS 11 - 14 DISTANCE TO NETWORK 1 FAMILY OF NET 2 NET 2 ADDRESS, OCTETS 3 - 6 NET 2 ADDRESS, OCTETS 7 - 10 NET 2 ADDRESS, OCTETS 11 - 14 DISTANCE TO NETWORK 2 ... NET 2 ADDR., OCTETS 1 - 2

d Uses FAMILY eld to support multiple protocols d IP address sent in octets 3 - 6 of address eld d Message travels in UDP datagram
Internetworking With TCP/IP vol 1 -- Part 15

13

2005

Changes To RIP In Version 2


d Update includes subnet mask d Authentication supported d Explicit next-hop information d Messages can be multicast (optional)
IP multicast address is 224.0.0.9

Internetworking With TCP/IP vol 1 -- Part 15

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

RIP2 Update Format


0 8 16 31

NOTES

COMMAND

VERSION (1)

UNUSED ROUTE TAG FOR NET 1

FAMILY OF NET 1 NET 1 IP ADDRESS NET 1 SUBNET MASK

NET 1 NEXT HOP ADDRESS DISTANCE TO NETWORK 1 FAMILY OF NET 2 NET 2 IP ADDRESS NET 2 SUBNET MASK NET 2 NEXT HOP ADDRESS DISTANCE TO NETWORK 2 ... ROUTE TAG FOR NET 2

d Packet format is backward compatible d Innity still limited to 16 d RIP2 can be broadcast
Internetworking With TCP/IP vol 1 -- Part 15

15

2005

Measures Of Distance That Have Been Used


d Hops
Zero-origin One-origin (e.g., RIP)

d Delay d Throughput d Jitter

Internetworking With TCP/IP vol 1 -- Part 15

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

HELLO: A Protocol That Used Delay


d Developed by Dave Mills d Measured delay in milliseconds d Used by NSFNET fuzzballs d Now historic

NOTES

Internetworking With TCP/IP vol 1 -- Part 15

17

2005

How HELLO Worked


d Participants kept track of delay between pairs of routers d HELLO propagated delay information across net d Route chosen to minimize total delay

Internetworking With TCP/IP vol 1 -- Part 15

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Route Oscillation
d Effective delay depends on trafc (delay increases as trafc increases) d Using delay as metric means routing trafc where delay is low d Increased trafc raises delay, which means route changes d Routes tend to oscillate

NOTES

Internetworking With TCP/IP vol 1 -- Part 15

19

2005

Why HELLO Worked


d HELLO used only on NSFNET backbone d All paths had equal throughput d Route changes damped to avoid oscillation

Internetworking With TCP/IP vol 1 -- Part 15

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Open Shortest Path First (OSPF)


d Developed by IETF in response to vendors proprietary protocols d Uses SPF (link-state) algorithm d More powerful than most predecessors d Permits hierarchical topology d More complex to install and manage

NOTES

Internetworking With TCP/IP vol 1 -- Part 15

21

2005

OSPF Features
d Type of service routing d Load balancing across multiple paths d Networks partitioned into subsets called areas d Message authentication d Network-specic, subnet-specic, host-specic, and CIDR routes d Designated router optimization for shared networks d Virtual network topology abstracts away details d Can import external routing information

Internetworking With TCP/IP vol 1 -- Part 15

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

OSPF Message Header

NOTES
31

0 VERSION (1)

8 TYPE

16

24 MESSAGE LENGTH

SOURCE ROUTER IP ADDRESS AREA ID CHECKSUM AUTHENTICATION TYPE AUTHENTICATION (octets 0-3) AUTHENTICATION (octets 4-7)

d Each message starts with same header

Internetworking With TCP/IP vol 1 -- Part 15

23

2005

OSPF Message Types


Type 1 2 3 4 5 Meaning Hello (used to test reachability) Database description (topology) Link status request Link status update Link status acknowledgement

Internetworking With TCP/IP vol 1 -- Part 15

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

OSPF HELLO Message Format

NOTES
31

16

24

OSPF HEADER WITH TYPE = 1

NETWORK MASK DEAD TIMER HELLO INTER DESIGNATED ROUTER BACKUP DESIGNATED ROUTER NEIGHBOR1 IP ADDRESS NEIGHBOR2 IP ADDRESS ... NEIGHBORn IP ADDRESS GWAY PRIO

d Used to test reachability


Internetworking With TCP/IP vol 1 -- Part 15

25

2005

OSPF Database Description Message Format

16

24

29

31

OSPF HEADER WITH TYPE = 2

MUST BE ZERO DATABASE SEQUENCE NUMBER LINK TYPE LINK ID ADVERTISING ROUTER LINK SEQUENCE NUMBER LINK CHECKSUM ... LINK AGE

M S

d Fields starting at LINK TYPE are repeated


Internetworking With TCP/IP vol 1 -- Part 15

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Values In The LINK Field


Link Type 1 2 3 4 5 Meaning Router link Network link Summary link (IP network) Summary link (link to border router) External link (link to another site)

NOTES

Internetworking With TCP/IP vol 1 -- Part 15

27

2005

OSPF Link Status Request Message Format

16

31

OSPF HEADER WITH TYPE = 3

LINK TYPE LINK ID ADVERTISING ROUTER ...

Internetworking With TCP/IP vol 1 -- Part 15

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

OSPF Link Status Update Message Format

NOTES

16

31

OSPF HEADER WITH TYPE = 4

NUMBER OF LINK STATUS ADVERTISEMENTS

LINK STATUS ADVERTISEMENT1

...

LINK STATUS ADVERTISEMENTn

Internetworking With TCP/IP vol 1 -- Part 15

29

2005

Header Used In OSPF Link Status Advertisements


0 LINK AGE LINK ID ADVERTISING ROUTER LINK SEQUENCE NUMBER LINK CHECKSUM LENGTH 16 LINK TYPE 31

d Four possible formats follow


Links from a router to given area Links from a router to physical net Links from a router to physical nets of a subnetted IP network Links from a router to nets at other sites
30
2005

Internetworking With TCP/IP vol 1 -- Part 15

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Discussion Question
d What are the tradeoffs connected with the issue of routing in the presence of partial information?

NOTES

Internetworking With TCP/IP vol 1 -- Part 15

31

2005

Summary
d Interior Gateway Protocols (IGPs) used within an AS d Popular IGPs include
RIP (distance vector algorithm) OSPF (link-state algorithm)

Internetworking With TCP/IP vol 1 -- Part 15

32

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XVI INTERNET MULTICASTING

Internetworking With TCP/IP vol 1 -- Part 16

2005

Hardware Multicast
d Form of broadcast d Only one copy of a packet traverses the net d NIC initially congured to accept packets destined to
Computers unicast address Hardware broadcast address

d User can dynamically add (and later remove)


One or more multicast addresses

Internetworking With TCP/IP vol 1 -- Part 16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

A Note About Hardware Multicast

NOTES

Although it may help to think of multicast addressing as a generalization that subsumes unicast and broadcast addresses, the underlying forwarding and delivery mechanisms can make multicast less efficient.

Internetworking With TCP/IP vol 1 -- Part 16

2005

Ethernet Multicast
d Determined by low-order bit of high-order byte d Example in dotted decimal:
01.00.00.00.00.0016

d Remaining bits specify a multicast group

Internetworking With TCP/IP vol 1 -- Part 16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IP Multicast
d Group address: each multicast group assigned a unique class D address d Up to 228 simultaneous multicast groups d Dynamic group membership: host can join or leave at any time d Uses hardware multicast where available d Best-effort delivery semantics (same as IP) d Arbitrary sender (does not need to be a group member)

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

2005

Facilities Needed For Internet Multicast


d Multicast addressing scheme d Effective notication and delivery mechanism d Efcient Internet forwarding facility

Internetworking With TCP/IP vol 1 -- Part 16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IP Multicast Addressing
d Class D addresses reserved for multicast d General form:
0 1 1 1 2 1 3 0 4 Group Identification 31

NOTES

d Two types
Well-known (address reserved for specic protocol) Transient (allocated as needed)

Internetworking With TCP/IP vol 1 -- Part 16

2005

Multicast Addresses
d Address range
224.0.0.0 through 239.255.255.255

d Notes
224.0.0.0 is reserved (never used) 224.0.0.1 is all systems 224.0.0.3 is all routers Address up through 224.0.0.255 used for multicast routing protocols

Internetworking With TCP/IP vol 1 -- Part 16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Multicast Address Assignments


Address 224.0.0.0 224.0.0.1 224.0.0.2 224.0.0.3 224.0.0.4 224.0.0.5 224.0.0.6 224.0.0.7 224.0.0.8 224.0.0.9 224.0.0.10 224.0.0.11 224.0.0.12 224.0.0.13 224.0.0.14 224.0.0.15 224.0.0.16 224.0.0.17 224.0.0.18 Meaning Base Address (Reserved) All Systems on this Subnet All Routers on this Subnet Unassigned DVMRP Routers OSPFIGP All Routers OSPFIGP Designated Routers ST Routers ST Hosts RIP2 Routers IGRP Routers Mobile-Agents DHCP Server / Relay Agent All PIM Routers RSVP-Encapsulation All-CBT-Routers Designated-Sbm All-Sbms VRRP

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

2005

Example Multicast Address Assignments


(continued)

Address 224.0.0.19 through 224.0.0.255 224.0.1.0 through 238.255.255.255 239.0.0.0 through 239.255.255.255

Meaning Other Link Local Addresses

Globally Scoped Addresses

Scope restricted to one organization

Internetworking With TCP/IP vol 1 -- Part 16

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Mapping An IP Multicast Address To An Ethernet Multicast Address


d Place low-order 23 bits of IP multicast address in low-order 23 bits of the special Ethernet address:
01.00.5E.00.00.0016

NOTES

d Example IP multicast address 224.0.0.2 becomes Ethernet multicast address


01.00.5E.00.00.0216

Internetworking With TCP/IP vol 1 -- Part 16

11

2005

Transmission Of Multicast Datagrams


d Host does not install route to multicast router d Host uses hardware multicast to transmit multicast datagrams d If multicast router is present on net
Multicast router receives datagram Multicast router uses destination address to determine routing

Internetworking With TCP/IP vol 1 -- Part 16

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Multicast Scope
d Refers to range of members in a group d Dened by set of networks over which multicast datagrams travel to reach group d Two techniques control scope
IPs TTL eld (TTL of 1 means local net only) Administrative scoping

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

13

2005

Host Participation In IP Multicast


d Host can participate in one of three ways:
Level 0 1 2 Meaning Host can neither send nor receive IP multicast Host can send but not receive IP multicast Host can both send and receive IP multicast

d Note: even level 2 requires additions to host software

Internetworking With TCP/IP vol 1 -- Part 16

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Host Details For Level 2 Participation


d Host uses Internet Group Management Protocol (IGMP) to announce participation in multicast d If multiple applications on a host join the same multicast group, each receives a copy of messages sent to the group d Group membership is associated with a specic network:
A host joins a specific IP multicast group on a specific network.

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

15

2005

IGMP
d Allows host to register participation in a group d Two conceptual phases
When it joins a group, host sends message declaring membership Multicast router periodically polls a host to determine if any host on the network is still a member of a group

Internetworking With TCP/IP vol 1 -- Part 16

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IGMP Implementation
d All communication between host and multicast router uses hardware multicast d Single query message probes for membership in all active groups d Default polling rate is every 125 seconds d If multiple multicast routers attach to a shared network, one is elected to poll d Host waits random time before responding to poll (to avoid simultaneous responses) d Host listens to other responses, and suppresses unnecessary duplicate responses

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

17

2005

IGMP State Transitions


d Host uses FSM to determine actions:
another host responds / cancel timer

join group / start timer

timer expires / send response

NONMEMBER
leave group / cancel timer

DELAYING MEMBER
query arrives / start timer

MEMBER

reference count becomes zero / leave group

d Separate state kept for each multicast group

Internetworking With TCP/IP vol 1 -- Part 16

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IGMP Message Format

NOTES
31

0 TYPE

8 RESP TIME

16 CHECKSUM

GROUP ADDRESS (ZERO IN QUERY)

d Message TYPE eld is one of:


Type 0x11 0x11 0x16 0x17 0x12 Group Address unused (zero) used used used used Meaning General membership query Specific group membership query Membership report Leave group Membership report (version 1)

Internetworking With TCP/IP vol 1 -- Part 16

19

2005

Multicast Forwarding Example

network 1

network 3 network 2
A F G

d Hosts marked with dot participate in one group d Hosts marked with X participate in another group d Forwarding depends on group membership

Internetworking With TCP/IP vol 1 -- Part 16

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Complexity Of Multicast Routing

NOTES

Unlike unicast routing in which routes change only when the topology changes or equipment fails, multicast routes can change simply because an application program joins or leaves a multicast group.

Internetworking With TCP/IP vol 1 -- Part 16

21

2005

Multicast Forwarding Complication

Multicast forwarding requires a router to examine more than the destination address.

d In most cases, forwarding depends on the source address as well as the destination address

Internetworking With TCP/IP vol 1 -- Part 16

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Final Item That Complicates IP Multicast

NOTES

A multicast datagram may originate on a computer that is not part of the multicast group, and may be forwarded across networks that do not have any group members attached.

Internetworking With TCP/IP vol 1 -- Part 16

23

2005

Multicast Routing Paradigms


d Two basic approaches d Flood-and-prune
Send a copy to all networks Only stop forwarding when it is known that no participant lies beyond a given point

d Multicast trees
Routers interact to form a tree that reaches all networks of a given group Copy traverses branches of the tree

Internetworking With TCP/IP vol 1 -- Part 16

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Reverse Path Forwarding


d Early ood-and-prune approach d Actual algorithm is Truncated Reverse Path Forwarding (TRPF)

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

25

2005

Example Topology In Which TRPF Delivers Multiple Copies

network 1
R1 R2 A

network 2
R3

network 3
R4

network 4

Internetworking With TCP/IP vol 1 -- Part 16

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Multicast Trees

NOTES

A multicast forwarding tree is defined as a set of paths through multicast routers from a source to all members of a multicast group. For a given multicast group, each possible source of datagrams can determine a different forwarding tree.

Internetworking With TCP/IP vol 1 -- Part 16

27

2005

Examples Of Multicast Routing Protocols


d Reverse Path Multicasting (RPM) d Distance-Vector Multicast Routing Protocol (DVMRP) d Core-Based Trees (CBT) d Protocol Independent Multicast - Dense Mode (PIM-DM) d Protocol Independent Multicast - Sparse Mode (PIM-SM)

Internetworking With TCP/IP vol 1 -- Part 16

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Reverse Path Multicasting (RPM)


d Early form d Routers ood datagrams initially d Flooding pruned as group membership information learned

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

29

2005

Distance-Vector Multicast Routing Protocol (DVMRP)


d Early protocol d Denes extension of IGMP that routers use to exchange multicast routing information d Implemented by Unix mrouted program
Congures tables in kernel Supports tunneling Used in Internets Multicast backBONE (MBONE)

Internetworking With TCP/IP vol 1 -- Part 16

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Topology In Which Tunneling Needed

NOTES

net 1

net 2

INTERNET
R1 (with no support for multicast) R2

Internetworking With TCP/IP vol 1 -- Part 16

31

2005

Encapsulation Used With Tunneling

DATAGRAM HEADER

MULTICAST DATAGRAM DATA AREA

DATAGRAM HEADER

UNICAST DATAGRAM DATA AREA

d IP travels in IP

Internetworking With TCP/IP vol 1 -- Part 16

32

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Core-Based Trees (CBT)


d Proposed protocol d Better for sparse network d Does not forward to a net until host on the net joins a group d Request to join a group sent to core of network d Multiple cores used for large Internet

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

33

2005

Division Of Internet

Because CBT uses a demand-driven paradigm, it divides the internet into regions and designates a core router for each region; other routers in the region dynamically build a forwarding tree by sending join requests to the core.

Internetworking With TCP/IP vol 1 -- Part 16

34

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Protocol Independent Multicast - Dense Mode (PIM-DM)


d Allows router to build multicast forwarding table from information in conventional routing table d Term dense refers to density of group members d Best for high density areas d Uses ood-and-prune approach

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

35

2005

Protocol Independent Multicast - Sparse Mode (PIM-SM)


d Allows router to build multicast forwarding table from information in conventional routing table d Term sparse refers to relative density of group members d Best for situations with islands of participating hosts separated by networks with no participants d Uses tree-based approach

Internetworking With TCP/IP vol 1 -- Part 16

36

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Question For Discussion


d How can we provide reliable multicast?

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

37

2005

Summary
d IP multicasting uses hardware multicast for delivery d Host uses Internet Group Management Protocol (IGMP) to communicate group membership to local multicast router d Two forms of multicast routing used
Flood-and-prune Tree-based

Internetworking With TCP/IP vol 1 -- Part 16

38

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
(continued)
d Many multicast routing protocols have been proposed
TRPF DVMRP CBT PIM-DM PIM-SM

NOTES

Internetworking With TCP/IP vol 1 -- Part 16

39

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XVII IP Switching And MPLS

Internetworking With TCP/IP vol 1 -- Part 17

2005

Switching Technology
d Designed as a higher-speed alternative to packet forwarding d Uses array lookup instead of destination address lookup d Often associated with Asynchronous Transfer Mode (ATM)

Internetworking With TCP/IP vol 1 -- Part 17

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Switching Concept
S2 S1
0 1 0

NOTES

S3
0

(a)

label 0 1 2 3

action send out interface 1 send out interface 1 send out interface 0 send out interface 1 . . . (b)

d Part (b) shows table for switch S1 d Identier in packet known as label d All labels except 2 go out interface 1
Internetworking With TCP/IP vol 1 -- Part 17

2005

Extending Switching To A Large Network


S2 S0
0

S1
0 1

S3
0

label 0 1 2 3

action label 1; send out 0 label 0; send out 0 label 3; send out 0 label 2; send out 0

label 0 1 2 3

action label 2; send out 1 label 4; send out 1 label 1; send out 0 label 3; send out 1

d Label replacement known as label swapping d A path through the network corresponds to a sequence of labels

Internetworking With TCP/IP vol 1 -- Part 17

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

An Important Note
Switching uses a connection-oriented approach. To avoid the need for global agreement on the use of labels, the technology allows a manager to define a path of switches without requiring that the same label be used across the entire path.

NOTES

Internetworking With TCP/IP vol 1 -- Part 17

2005

Potential Advantages Of Switching For IP Forwarding


d Faster forwarding d Aggregated route information d Ability to manage aggregate ows

Internetworking With TCP/IP vol 1 -- Part 17

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IP Switching
d Pioneered by Ipsilon Corporation d Originally used ATM hardware d Variants by others known as
Layer 3 switching Tag switching Label switching

NOTES

d Ideas eventually consolidated into Multi-Protocol Label Switching (MPLS)

Internetworking With TCP/IP vol 1 -- Part 17

2005

MPLS Operation
d Internet divided into
Standard routers MPLS core

d Datagram encapsulated when entering the MPLS core and de-encapsulated when leaving d Within the core, MPLS labels are used to forward packets

Internetworking With TCP/IP vol 1 -- Part 17

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Processing An Incoming Datagram


d Datagram classified
Multiple headers examined Example: classication can depend on TCP port numbers as well as IP addresses

NOTES

d Classication used to assign a label d Note: each label corresponds to ow that may include may TCP sessions

Internetworking With TCP/IP vol 1 -- Part 17

2005

Hierarchical MPLS
d Multi-level hierarchy is possible d Example: corporation with three campuses and multiple buildings on each campus
Conventional forwarding within a building One level of MPLS for buildings within a campus Additional level of MPLS between campuses

d To accommodate hierarchy, MPLS uses stack of labels

Internetworking With TCP/IP vol 1 -- Part 17

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

MPLS Label Processing


d Only top label is used to forward d When entering new level of hierarchy, push addtional label on stack d When leaving a level of the hierarchy, pop the top label from the stack

NOTES

Internetworking With TCP/IP vol 1 -- Part 17

11

2005

MPLS Encapsulation
MPLS header DATAGRAM HEADER

DATAGRAM DATA AREA

FRAME HEADER

FRAME DATA AREA

d MPLS can run over conventional networks d Shim header contains labels

Internetworking With TCP/IP vol 1 -- Part 17

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Fields In An MPLS Shim Header


0 LABEL 20 EXP 22 S 24 TTL 31

NOTES

d Shim header
Prepended to IP datagram Only used while datagram in MPLS core

d MPLS switches use LABEL in shim when forwarding packet

Internetworking With TCP/IP vol 1 -- Part 17

13

2005

Label Switching Router (LSR)


d Device that connects between conventional Internet and MPLS core d Handles classication d Uses data structure known as Next Hop Label Forwarding Table (NHLFT) to choose an action

Internetworking With TCP/IP vol 1 -- Part 17

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Next Hop Label Forwarding Entry


d Found in NHLFT d Species
Next hop information (e.g., the outgoing interface) Operation to be performed Encapsulation to use (optional) How to encode the label (optional) Other information needed to handle the packet (optional)

NOTES

Internetworking With TCP/IP vol 1 -- Part 17

15

2005

Possible Operations
d Replace label at top of stack d Pop label at top of stack d Replace label at top of stack, and then push one or more new labels onto stack

Internetworking With TCP/IP vol 1 -- Part 17

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Control Processing And Label Distribution


d Needed to establish Label Switched Path (LSP)
Coordinate labels along the path Congure next-hop forwarding in switches

NOTES

d Performed by Label Distribution mechanism d Series of labels selected automatically

Internetworking With TCP/IP vol 1 -- Part 17

17

2005

Protocols For MPLS Control


d Two primary protocols proposed
Label Distribution Protocol (MPLS-LDP) Constraint-Based Routing LDP (CR-LDP)

d Other proposals to extend routing protocols


OSPF BGP

Internetworking With TCP/IP vol 1 -- Part 17

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Notes About Fragmentation


d Outgoing
MPLS prepends shim header to each datagram If datagram lls network MTU, fragmentation will be required

NOTES

d Incoming
Classication requires knowledge of headers (e.g., TCP port numbers) Only rst fragment contains needed information LSR must collect fragments and reassemble before classication

Internetworking With TCP/IP vol 1 -- Part 17

19

2005

Mesh Topology
d Used in many MPLS cores d LSP established between each pair of LSRs d Parallel LSPs can be used for levels of service d Example
One LSP reserved for VOIP trafc Another LSP used for all other trafc

Internetworking With TCP/IP vol 1 -- Part 17

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Service Differentiation

NOTES

Because MPLS classification can use arbitrary fields in a datagram, including the IP source address, the service a datagram receives can depend on the customer sending the datagram as well as the type of data being carried.

Internetworking With TCP/IP vol 1 -- Part 17

21

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XVIII MOBILE IP

Internetworking With TCP/IP vol 1 -- Part 18

2005

Mobility And IP Addressing


d Recall: prex of IP address identies network to which host is attached d Consequence: when moving to a new network either
Host must change its IP address All routers install host-specic routes

Internetworking With TCP/IP vol 1 -- Part 18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Mobile IP
d Technology to support mobility
Allows host to retain original IP address Does not require routers to install host-specic routes

NOTES

Internetworking With TCP/IP vol 1 -- Part 18

2005

Characteristics Of Mobile IP
d Transparent to applications and transport protocols d Interoperates with standard IPv4 d Scales to large Internet d Secure d Macro mobility (intended for working away from home rather than moving at high speed)

Internetworking With TCP/IP vol 1 -- Part 18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

General Approach
d Host visiting a foreign network obtains second IP address that is local to the site d Host informs router on home network d Router at home uses second address to forward datagrams for the host to the foreign network
Datagrams sent in a tunnel Uses IP-in-IP encapsulation

NOTES

Internetworking With TCP/IP vol 1 -- Part 18

2005

Two Broad Approaches


d Foreign network runs system known as foreign agent
Visiting host registers with foreign agent Foreign agent assigns host a temporary address Foreign agent registers host with home agent

d Foreign network does not run a foreign agent


Host uses DHCP to obtain temporary address Host registers directly with home agent

Internetworking With TCP/IP vol 1 -- Part 18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Foreign Agent Advertisement Extension


d Sent by router that runs foreign agent d Added to ICMP router advertisement d Format:
0 TYPE (16) LIFETIME 8 LENGTH CODE CARE-OF ADDRESSES 16 24 SEQUENCE NUM RESERVED 31

NOTES

Internetworking With TCP/IP vol 1 -- Part 18

2005

CODE Field In Advertisement Message

Bit 0 1 2 3 4 5 6 7

Meaning Registration with an agent is required; co-located care-of addressing is not permitted The agent is busy and is not accepting registrations Agent functions as a home agent Agent functions as a foreign agent Agent uses minimal encapsulation Agent uses GRE-style encapsulation Agent supports header compression when communicating with mobile Unused (must be zero)

Internetworking With TCP/IP vol 1 -- Part 18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Host Registration Request

NOTES
31

0 TYPE (1 or 3)

8 FLAGS

16 LIFETIME HOME ADDRESS HOME AGENT CARE-OF ADDRESS

IDENTIFICATION

EXTENSIONS

. . .

Internetworking With TCP/IP vol 1 -- Part 18

2005

FLAGS Field In Host Registration Request

Bit 0 1 2 3 4 5 6-7

Meaning This is a simultaneous (additional) address rather than a replacement. Mobile requests home agent to tunnel a copy of each broadcast datagram Mobile is using a co-located care-of address and will decapsulate datagrams itself Mobile requests agent to use minimal encapsulation Mobile requests agent to use GRE encapsulation Mobile requests header compression Reserved (must be zero)

Internetworking With TCP/IP vol 1 -- Part 18

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Consequence Of Mobile IP

NOTES

Because a mobile uses its home address as a source address when communicating with an arbitrary destination, each reply is forwarded to the mobiles home network, where an agent intercepts the datagram, encapsulates it in another datagram, and forwards it either directly to the mobile or to the foreign agent the mobile is using.

Internetworking With TCP/IP vol 1 -- Part 18

11

2005

Illustration Of The Two-Crossing Problem

Home Site R2 R1 home agent INTERNET R3

Foreign Site

D destination foreign agent

R4

mobiles original home

mobile

Internetworking With TCP/IP vol 1 -- Part 18

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

A Severe Problem

NOTES

Mobile IP introduces a routing inefficiency known as the twocrossing problem that occurs when a mobile visits a foreign network far from its home and then communicates with a computer near the foreign site. Each datagram sent to the mobile travels across the Internet to the mobiles home agent which then forwards the datagram back to the foreign site. Eliminating the problem requires propagating host-specific routes; the problem remains for any destination that does not receive the host-specific route.

Internetworking With TCP/IP vol 1 -- Part 18

13

2005

Summary
d Mobile IP allows a host to visit a foreign site without changing its IP address d A visiting host obtains a second, temporary address which is used for communication while at the site d The chief advantage of mobile IP arises from transparency to applications d The chief disadvantage of mobile IP arises from inefcient routing known as a two-crossing problem

Internetworking With TCP/IP vol 1 -- Part 18

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XIX PRIVATE NETWORK INTERCONNECTION (NAT AND VPN)

Internetworking With TCP/IP vol 1 -- Part 19

2005

Denitions
d An internet is private to one group (sometimes called isolated) if none of the facilities or trafc is accessible to other groups
Typical implementation involves using leased lines to interconnect routers at various sites of the group

d The global Internet is public because facilities are shared among all subscribers

Internetworking With TCP/IP vol 1 -- Part 19

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Hybrid Architecture
d Permits some trafc to go over private connections d Allows contact with global Internet

NOTES

Internetworking With TCP/IP vol 1 -- Part 19

2005

Example Of Hybrid Architecture

Site 1
R1 128.10.1.0

INTERNET R3

Site 2

192.5.48.0 leased circuit R2 R4 128.210.0.0

128.10.2.0

Internetworking With TCP/IP vol 1 -- Part 19

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Cost Of Private And Public Networks


d Private network extremely expensive d Public Internet access inexpensive d Goal: combine safety of private network with low cost of global Internet

NOTES

Internetworking With TCP/IP vol 1 -- Part 19

2005

Question

How can an organization that uses the global Internet to connect its sites keep its data private?

d Answer: Virtual Private Network (VPN)

Internetworking With TCP/IP vol 1 -- Part 19

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Virtual Private Network


d Connect all sites to global Internet d Protect data as it passes from one site to another
Encryption IP-in-IP tunneling

NOTES

Internetworking With TCP/IP vol 1 -- Part 19

2005

Illustration Of Encapsulation Used With VPN

ENCRYPTED INNER DATAGRAM

DATAGRAM HEADER

OUTER DATAGRAM DATA AREA

Internetworking With TCP/IP vol 1 -- Part 19

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Point

NOTES

A Virtual Private Network sends data across the Internet, but encrypts intersite transmissions to guarantee privacy.

Internetworking With TCP/IP vol 1 -- Part 19

2005

Example Of VPN Addressing And Routing

Site 1
R1 128.10.1.0

INTERNET R3

Site 2

192.5.48.0 destination R2 next hop direct R2 tunnel to R3 tunnel to R3 ISPs router R4 128.210.0.0

128.10.2.0

128.10.1.0 128.10.2.0 192.5.48.0 128.210.0.0 default

Routing table in R1

Internetworking With TCP/IP vol 1 -- Part 19

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example VPN With Private Addresses

NOTES

valid IP address Site 1 using subnet 10.1.0.0 R1 10.1 address INTERNET

valid IP address R2 10.2 address Site 2 using subnet 10.2.0.0

d Advantage: only one globally valid IP address needed per site

Internetworking With TCP/IP vol 1 -- Part 19

11

2005

General Access With Private Addresses


d Question: how can a site provide multiple computers at the site access to Internet services without assigning each computer a globally-valid IP address? d Two answers
Application gateway (one needed for each service) Network Address Translation (NAT)

Internetworking With TCP/IP vol 1 -- Part 19

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Network Address Translation (NAT)


d Extension to IP addressing d IP-level access to the Internet through a single IP address d Transparent to both ends d Implementation
Typically software Usually installed in IP router Special-purpose hardware for highest speed

NOTES

Internetworking With TCP/IP vol 1 -- Part 19

13

2005

Network Address Translation (NAT)


(continued)
d Pioneered in Unix program slirp d Also known as
Masquerade (Linux) Internet Connection Sharing (Microsoft)

d Inexpensive implementations available for home use

Internetworking With TCP/IP vol 1 -- Part 19

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NAT Details
d Organization
Obtains one globally valid address per Internet connection Assigns nonroutable addresses internally (net 10) Runs NAT software in router connecting to Internet

NOTES

d NAT
Replaces source address in outgoing datagram Replaces destination address in incoming datagram Also handles higher layer protocols (e.g., pseudo header for TCP or UDP)

Internetworking With TCP/IP vol 1 -- Part 19

15

2005

NAT Translation Table


d NAT uses translation table d Entry in table species local (private) endpoint and global destination. d Typical paradigm
Entry in table created as side-effect of datagram leaving site Entry in table used to reverse address mapping for incoming datagram

Internetworking With TCP/IP vol 1 -- Part 19

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example NAT Translation Table

NOTES

Private Address 10.0.0.5 10.0.0.1 10.0.2.6 10.0.0.3

Private Port 21023 386 26600 1274

External Address 128.10.19.20 128.10.19.20 207.200.75.200 128.210.1.5

External Port 80 80 21 80

NAT Port 14003 14010 14012 14007

Protocol Used tcp tcp tcp tcp

d Variant of NAT that uses protocol port numbers is known as Network Address and Port Translation (NAPT)

Internetworking With TCP/IP vol 1 -- Part 19

17

2005

Use Of NAT By An ISP

ISP using NAT INTERNET hosts using dialup access

Internetworking With TCP/IP vol 1 -- Part 19

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Higher Layer Protocols And NAT


d NAT must
Change IP headers Possibly change TCP or UDP source ports Recompute TCP or UDP checksums Translate ICMP messages Translate port numbers in an FTP session

NOTES

Internetworking With TCP/IP vol 1 -- Part 19

19

2005

Applications And NAT

NAT affects ICMP, TCP, UDP, and other higher-layer protocols; except for a few standard applications like FTP, an application protocol that passes IP addresses or protocol port numbers as data will not operate correctly across NAT.

Internetworking With TCP/IP vol 1 -- Part 19

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Virtual Private Networks (VPNs) combine the advantages of low cost Internet connections with the safety of private networks d VPNs use encryption and tunneling d Network Address Translation allows a site to multiplex communication with multiple computers through a single, globally valid IP address. d NAT uses a table to translate addresses in outgoing and incoming datagrams

NOTES

Internetworking With TCP/IP vol 1 -- Part 19

21

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XX CLIENT-SERVER MODEL OF INTERACTION

Internetworking With TCP/IP vol 1 -- Part 20

2005

Client-Server Paradigm
d Conceptual basis for virtually all distributed applications d One program initiates interaction to which another program responds d Note: peer-to-peer applications use client-server paradigm internally

Internetworking With TCP/IP vol 1 -- Part 20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Denitions
d Client
Any application program Contacts a server Forms and sends a request Awaits a response Usually a specialized program that offers a service Awaits a request Computes an answer Issues a response

NOTES

d Server

Internetworking With TCP/IP vol 1 -- Part 20

2005

Server Persistence

A server starts execution before interaction begins and (usually) continues to accept requests and send responses without ever terminating. A client is any program that makes a request and awaits a response; it (usually) terminates after using a server a finite number of times.

Internetworking With TCP/IP vol 1 -- Part 20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of The Client-Server Paradigm

NOTES

. . . . . .

request sent to well-known port

. . . . . .

client

server

Client sends request

. . . . . .

response sent to clients port

. . . . . .

client

server

Server sends response


Internetworking With TCP/IP vol 1 -- Part 20

2005

Use Of Protocol Ports

A server waits for requests at a well-known port that has been reserved for the service it offers. A client allocates an arbitrary, unused, nonreserved port for its communication.

Internetworking With TCP/IP vol 1 -- Part 20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Client Side
d Any application program can become a client d Must know how to reach the server
Servers Internet address Servers protocol port number

NOTES

d Usually easy to build

Internetworking With TCP/IP vol 1 -- Part 20

2005

Server Side
d Finds clients location from incoming request d Can be implemented with application program or in operating system d Starts execution before requests arrive d Must ensure client is authorized d Must uphold protection rules d Must handle multiple, concurrent requests d Usually complex to design and build

Internetworking With TCP/IP vol 1 -- Part 20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Concurrent Server Algorithm


d Open well-known port d Wait for next client request d Create a new socket for the client d Create thread / process to handle request d Continue with wait step

NOTES

Internetworking With TCP/IP vol 1 -- Part 20

2005

Complexity Of Servers

Servers are usually more difficult to build than clients because, although they can be implemented with application programs, servers must enforce all the access and protection policies of the computer system on which they run and must protect themselves against all possible errors.

Internetworking With TCP/IP vol 1 -- Part 20

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Client-server model is basis for distributed applications d Server is specialized, complex program (process) that offers a service d Arbitrary application can become a client by contacting a server and sending a request d Most servers are concurrent

NOTES

Internetworking With TCP/IP vol 1 -- Part 20

11

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXI THE SOCKET INTERFACE

Internetworking With TCP/IP vol 1 -- Part 21

2005

Using Protocols
d Protocol software usually embedded in OS d Applications run outside OS d Need an Application Program Interface (API) to allow application to access protocols

Internetworking With TCP/IP vol 1 -- Part 21

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

API
d TCP/IP standards
Describe general functionality needed Do not give details such as function names and arguments

NOTES

d Each OS free to dene its own API d In practice: socket interface has become de facto standard API

Internetworking With TCP/IP vol 1 -- Part 21

2005

Socket API
d Dened by U.C. Berkeley as part of BSD Unix d Adopted (with minor changes) by Microsoft as Windows Sockets

Internetworking With TCP/IP vol 1 -- Part 21

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Characteristics Of Socket API


d Follows Unixs open-read-write-close paradigm d Uses Unixs descriptor abstraction
First, create a socket and receive an integer descriptor Second, call a set of functions that specify all the details for the socket (descriptor is argument to each function)

NOTES

d Once socket has been established, use read and write or equivalent functions to transfer data d When nished, close the socket

Internetworking With TCP/IP vol 1 -- Part 21

2005

Creating A Socket

result = socket(pf, type, protocol)

d Argument species protocol family as TCP/IP

Internetworking With TCP/IP vol 1 -- Part 21

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Terminating A Socket

NOTES

close(socket)

d Closing a socket permanently terminates the interaction

Internetworking With TCP/IP vol 1 -- Part 21

2005

Specifying A Local Address For The Socket

bind(socket, localaddr, addrlen)

Internetworking With TCP/IP vol 1 -- Part 21

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Format Of A Sockaddr Structure (Generic)


0 ADDRESS FAMILY ADDRESS OCTETS 2-5 ADDRESS OCTETS 6-9 ADDRESS OCTETS 10-13 16 ADDRESS OCTETS 0-1 31

NOTES

Internetworking With TCP/IP vol 1 -- Part 21

2005

Format Of A Sockaddr Structure When Used With TCP/IP


0 ADDRESS FAMILY (2) IP ADDRESS 16 PROTOCOL PORT 31

Internetworking With TCP/IP vol 1 -- Part 21

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Connecting A Socket To A Destination Address

NOTES

connect(socket, destaddr, addrlen)

d Can be used with UDP socket to specify remote endpoint address

Internetworking With TCP/IP vol 1 -- Part 21

11

2005

Sending Data Through A Socket

send(socket, message, length, ags)

d Note
Function write can also be used Alternatives exist for connectionless transport (UDP)

Internetworking With TCP/IP vol 1 -- Part 21

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Receiving Data Through A Socket

NOTES

recv(socket, buffer, length, ags)

d Note
Function read can also be used Alternatives exist for connectionless transport (UDP)

Internetworking With TCP/IP vol 1 -- Part 21

13

2005

Obtaining Remote And Local Socket Addresses

getpeername(socket, destaddr, addrlen) and getsockname(socket, localaddr, addrlen)

Internetworking With TCP/IP vol 1 -- Part 21

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Set Maximum Queue Length (Server)

NOTES

listen(socket, qlength)

d Maximum queue length can be quite small

Internetworking With TCP/IP vol 1 -- Part 21

15

2005

Accepting New Connections (Server)

newsock = accept(socket, addr, addrlen)

d Note:
Original socket remains available for accepting connections New socket corresponds to one connection Permits server to handle requests concurrently

Internetworking With TCP/IP vol 1 -- Part 21

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Handling Multiple Services With One Server


d Server
Creates socket for each service Calls select function to wait for any request Select species which service was contacted

NOTES

d Form of select
nready = select(ndesc, indesc, outdesc, excdesc, timeout)

Internetworking With TCP/IP vol 1 -- Part 21

17

2005

Socket Functions Used For DNS


d Mapping a host name to an IP address
gethostname(name, length)

d Obtaining the local domain


getdomainname(name, length)

Internetworking With TCP/IP vol 1 -- Part 21

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of A Socket Library

NOTES

application program bound with library routines it calls


Application Program Code Library Routines Used

System Calls In Computers Operating System

Internetworking With TCP/IP vol 1 -- Part 21

19

2005

Byte Order Conversion Routines


d Convert between network byte order and local host byte order d If local host uses big-endian, routines have no effect
localshort = ntohs(netshort) locallong = ntohl(netlong) netshort = htons(localshort) netlong = htonl(locallong)

Internetworking With TCP/IP vol 1 -- Part 21

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IP Address Manipulation Routines


d Convert from dotted decimal (ASCII string) to 32-bit binary value d Example:
address = inet_addr(string)

NOTES

Internetworking With TCP/IP vol 1 -- Part 21

21

2005

Other Socket Routines


d Many other functions exist d Examples: obtain information about
Protocols Hosts Domain name

Internetworking With TCP/IP vol 1 -- Part 21

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Client Program


/* whoisclient.c - main */ #include #include #include #include #include <stdio.h> <sys/types.h> <sys/socket.h> <netinet/in.h> <netdb.h>

NOTES

/*---------------------------------------------------------------------* Program: whoisclient * * Purpose: UNIX application program that becomes a client for the * Internet "whois" service. * * Use: whois hostname username * * Author: Barry Shein, Boston University * * Date: Long ago in a universe far, far away * *---------------------------------------------------------------------*/
Internetworking With TCP/IP vol 1 -- Part 21

23

2005

Example Client Program (Part 2)


main(argc, argv) int argc; char *argv[]; { int s; int len; struct sockaddr_in sa; struct hostent *hp; struct servent *sp; char buf[BUFSIZ+1]; char *myname; char *host; char *user; myname = argv[0]; /* standard UNIX argument declarations */

/* /* /* /* /* /* /* /* /*

socket descriptor length of received data Internet socket addr. structure result of host name lookup result of service lookup buffer to read whois information pointer to name of this program pointer to remote host name pointer to remote user name

*/ */ */ */ */ */ */ */ */

Internetworking With TCP/IP vol 1 -- Part 21

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Client (Part 3)


/* * Check that there are two command line arguments */ if(argc != 3) { fprintf(stderr, "Usage: %s host username\n", myname); exit(1); } host = argv[1]; user = argv[2]; /* * Look up the specified hostname */ if((hp = gethostbyname(host)) == NULL) { fprintf(stderr,"%s: %s: no such host?\n", myname, host); exit(1); } /* * Put hosts address and address type into socket structure */ bcopy((char *)hp->h_addr, (char *)&sa.sin_addr, hp->h_length); sa.sin_family = hp->h_addrtype;

NOTES

Internetworking With TCP/IP vol 1 -- Part 21

25

2005

Example Client (Part 4)


/* * Look up the socket number for the WHOIS service */ if((sp = getservbyname("whois","tcp")) == NULL) { fprintf(stderr,"%s: No whois service on this host\n", myname); exit(1); } /* * Put the whois socket number into the socket structure. */ sa.sin_port = sp->s_port; /* * Allocate an open socket */ if((s = socket(hp->h_addrtype, SOCK_STREAM, 0)) < 0) { perror("socket"); exit(1); }

Internetworking With TCP/IP vol 1 -- Part 21

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Client (Part 5)


/* * Connect to the remote server */ if(connect(s, &sa, sizeof sa) < 0) { perror("connect"); exit(1); } /* * Send the request */ if(write(s, user, strlen(user)) != strlen(user)) { fprintf(stderr, "%s: write error\n", myname); exit(1); } /* * Read the reply and put to users output */ while( (len = read(s, buf, BUFSIZ)) > 0) write(1, buf, len); close(s); exit(0); }
Internetworking With TCP/IP vol 1 -- Part 21

NOTES

27

2005

Example Server Program


/* whoisserver.c - main */ #include #include #include #include #include #include <stdio.h> <sys/types.h> <sys/socket.h> <netinet/in.h> <netdb.h> <pwd.h>

/*---------------------------------------------------------------------* Program: whoisserver * * Purpose: UNIX application program that acts as a server for * the "whois" service on the local machine. It listens * on well-known WHOIS port (43) and answers queries from * clients. This program requires super-user privilege to * run. * * Use: whois hostname username *

Internetworking With TCP/IP vol 1 -- Part 21

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Server (Part 2)


* Author: Barry Shein, Boston University * * Date: Long ago in a universe far, far away * *---------------------------------------------------------------------*/ #define BACKLOG #define MAXHOSTNAME 5 32 /* # of requests were willing to queue */ /* maximum host name length we tolerate */

NOTES

main(argc, argv) int argc; /* char *argv[]; { int s, t; /* int i; /* struct sockaddr_in sa, isa; /* struct hostent *hp; /* char *myname; /* struct servent *sp; /* char localhost[MAXHOSTNAME+1];/*

standard UNIX argument declarations */

socket descriptors general purpose integer Internet socket address structure result of host name lookup pointer to name of this program result of service lookup local host name as character string

*/ */ */ */ */ */ */

Internetworking With TCP/IP vol 1 -- Part 21

29

2005

Example Server (Part 3)


myname = argv[0]; /* * Look up the WHOIS service entry */ if((sp = getservbyname("whois","tcp")) == NULL) { fprintf(stderr, "%s: No whois service on this host\n", myname); exit(1); } /* * Get our own host information */ gethostname(localhost, MAXHOSTNAME); if((hp = gethostbyname(localhost)) == NULL) { fprintf(stderr, "%s: cannot get local host info?\n", myname); exit(1); }

Internetworking With TCP/IP vol 1 -- Part 21

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Server (Part 4)


/* * Put the WHOIS socket number and our address info * into the socket structure */ sa.sin_port = sp->s_port; bcopy((char *)hp->h_addr, (char *)&sa.sin_addr, hp->h_length); sa.sin_family = hp->h_addrtype; /* * Allocate an open socket for incoming connections */ if((s = socket(hp->h_addrtype, SOCK_STREAM, 0)) < 0) { perror("socket"); exit(1); } /* * Bind the socket to the service port * so we hear incoming connections */ if(bind(s, &sa, sizeof sa) < 0) { perror("bind"); exit(1); }
Internetworking With TCP/IP vol 1 -- Part 21

NOTES

31

2005

Example Server (Part 5)


/* * Set maximum connections we will fall behind */ listen(s, BACKLOG); /* * Go into an infinite loop waiting for new connections */ while(1) { i = sizeof isa; /* * We hang in accept() while waiting for new customers */ if((t = accept(s, &isa, &i)) < 0) { perror("accept"); exit(1); } whois(t); /* perform the actual WHOIS service */ close(t); } }

Internetworking With TCP/IP vol 1 -- Part 21

32

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Server (Part 6)


/* * Get the WHOIS request from remote host and format a reply. */ whois(sock) int sock; { struct passwd *p; char buf[BUFSIZ+1]; int i; /* * Get one line request */ if( (i = read(sock, buf, BUFSIZ)) <= 0) return; buf[i] = \0; /* Null terminate */

NOTES

Internetworking With TCP/IP vol 1 -- Part 21

33

2005

Example Server (Part 7)


/* * Look up the requested user and format reply */ if((p = getpwnam(buf)) == NULL) strcpy(buf,"User not found\n"); else sprintf(buf, "%s: %s\n", p->pw_name, p->pw_gecos); /* * Return reply */ write(sock, buf, strlen(buf)); return; }

Internetworking With TCP/IP vol 1 -- Part 21

34

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Socket API
Invented for BSD Unix Not ofcial part of TCP/IP De facto standard in the industry Used with TCP or UDP Large set of functions

NOTES

d General paradigm: create socket and then use a set of functions to specify details

Internetworking With TCP/IP vol 1 -- Part 21

35

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXII BOOTSTRAP AND AUTOCONFIGURATION (DHCP)

Internetworking With TCP/IP vol 1 -- Part 22

2005

System Startup
d To keep protocol software general
IP stack designed with many parameters Values lled in when system starts

d Two possible sources of information


Local storage device (e.g., disk) Server on the network

Internetworking With TCP/IP vol 1 -- Part 22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Bootstrapping
d BOOTstrap Protocol (BOOTP)
Early alternative to RARP Provided more than just an IP address Obtained conguration parameters from a server Used UDP

NOTES

d Dynamic Host Conguration Protocol (DHCP)


Replaces and extends BOOTP Provides dynamic address assignment

Internetworking With TCP/IP vol 1 -- Part 22

2005

Apparent Contradiction
d DHCP used to obtain parameters for an IP stack d DHCP uses IP and UDP to obtain the parameters d Stack must be initialized before being initialized

Internetworking With TCP/IP vol 1 -- Part 22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Solving The Apparent Contradiction


d DHCP runs as application d Only needs basic facilities d In particular:
An application program can use the limited broadcast IP address to force IP to broadcast a datagram on the local network before IP has discovered the IP address of the local network or the machines IP address.

NOTES

d Note: server cannot use ARP when replying to client because client does not know its own IP address

Internetworking With TCP/IP vol 1 -- Part 22

2005

DHCP Retransmission
d Client handles retransmission d Initial timeout selected at random d Timeout for successive retransmissions doubled

Internetworking With TCP/IP vol 1 -- Part 22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Two-Step Bootstrap
d DHCP provides information, not data d Client receives
Name of le that contains boot image Address of server

NOTES

d Client must use another means to obtain the image to run (typically TFTP)

Internetworking With TCP/IP vol 1 -- Part 22

2005

Dynamic Address Assignment


d Needed by ISPs
Client obtains an IP address and uses temporarily When client nishes, address is available for another client

d Also used on many corporate networks

Internetworking With TCP/IP vol 1 -- Part 22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

DHCP Address Assignment


d Backward compatible with BOOTP d Can assign addresses in three ways
Manual (manager species binding as in BOOTP) Automatic (address assigned by server, and machine retains same address) Dynamic (address assigned by server, but machine may obtain new address for successive request)

NOTES

d Manager chooses type of assignment for each address

Internetworking With TCP/IP vol 1 -- Part 22

2005

DHCP Support For Autoconguration

Because it allows a host to obtain all the parameters needed for communication without manual intervention, DHCP permits autoconfiguration. Autoconfiguration is, of course, subject to administrative constraints.

Internetworking With TCP/IP vol 1 -- Part 22

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Dynamic Address Assignment


d Client is granted a lease on an address d Server species length of lease d At end of lease, client must renew lease or stop using address d Actions controlled by nite state machine

NOTES

Internetworking With TCP/IP vol 1 -- Part 22

11

2005

Server Contact

To use DHCP, a host becomes a client by broadcasting a message to all servers on the local network. The host then collects offers from servers, selects one of the offers, and verifies acceptance with the server.

Internetworking With TCP/IP vol 1 -- Part 22

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

DHCP Finite State Machine


Host Boots / DHCPDISCOVER
INITIALIZE

NOTES

SELECT

DHCPNACK

DHCPNACK

or Lease Expires Lease Reaches 87.5% Expiration /


DHCPREQUEST REBIND RENEW

DHCPOFFER

Select Offer /
DHCPREQUEST DHCPACK REQUEST DHCPACK

Lease Reaches 50% Expiration /


DHCPACK BOUND DHCPREQUEST

Cancel Lease / DHCPRELEASE

Internetworking With TCP/IP vol 1 -- Part 22

13

2005

DHCP Message Format


0 OP 8 HTYPE TRANSACTION ID SECONDS CLIENT IP ADDRESS YOUR IP ADDRESS SERVER IP ADDRESS ROUTER IP ADDRESS CLIENT HARDWARE ADDRESS (16 OCTETS) . . . SERVER HOST NAME (64 OCTETS) . . . BOOT FILE NAME (128 OCTETS) . . . OPTIONS (VARIABLE) . . . FLAGS 16 HLEN 24 HOPS 31

Internetworking With TCP/IP vol 1 -- Part 22

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Message Type Field

NOTES
23

0 CODE (53)

8 LENGTH (1)

16 TYPE (1 - 7)

TYPE FIELD 1 2 3 4 5 6 7 8

Corresponding DHCP Message Type DHCPDISCOVER DHCPOFFER DHCPREQUEST DHCPDECLINE DHCPACK DHCPNACK DHCPRELEASE DHCPINFORM

Internetworking With TCP/IP vol 1 -- Part 22

15

2005

Questions For Discussion


d Explain the relationship between DHCP and DNS d What basic facility is needed? Why?

Internetworking With TCP/IP vol 1 -- Part 22

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Two protocols available for bootstrapping
BOOTP (static binding of IP address to computer) DHCP (extension of BOOTP that adds dynamic binding of IP addresses)

NOTES

d DHCP
Server grants lease for an address Lease species length of time Host must renew lease or stop using address when lease expires Actions controlled by nite state machine

Internetworking With TCP/IP vol 1 -- Part 22

17

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXIII DOMAIN NAME SYSTEM (DNS)

Internetworking With TCP/IP vol 1 -- Part 23

2005

Names For Computers


d Humans prefer pronounceable names rather than numeric addresses d Two possibilities
Flat namespace Hierarchical namespace

Internetworking With TCP/IP vol 1 -- Part 23

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Naming Hierarchy
d Two possibilities
According to network topology By organizational structure (independent of physical networks)

NOTES

d Internet uses the latter

Internetworking With TCP/IP vol 1 -- Part 23

2005

Internet Hierarchy

In a TCP/IP internet, hierarchical machine names are assigned according to the structure of organizations that obtain authority for parts of the namespace, not necessarily according to the structure of the physical network interconnections.

Internetworking With TCP/IP vol 1 -- Part 23

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Internet Domain Names


d Flexible hierarchy
Universal naming scheme (same everywhere) Each organization determines internal naming structure

NOTES

d Mechanism known as Domain Name System (DNS) d Name assigned to a computer known as domain name

Internetworking With TCP/IP vol 1 -- Part 23

2005

Domain Name Syntax


d Set of labels separated by delimiter character (period) d Example
cs . purdue . edu

d Three labels: cs, purdue, and edu d String purdue . edu is also a domain d Top-level domain is edu

Internetworking With TCP/IP vol 1 -- Part 23

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Original Top-Level Domains


Domain Name com edu gov mil net org arpa int country code Assigned To Commercial organizations Educational institutions (4-year) Government institutions Military groups Major network support centers Organizations other than those above Temporary ARPANET domain (obsolete) International organizations Each country (geographic scheme)

NOTES

d Meaning assigned to each d Three domains considered generic .com .net .org

Internetworking With TCP/IP vol 1 -- Part 23

2005

New Top-Level Domains


Domain Name aero biz coop info museum name pro Assigned To Air-Transport Industry Businesses Non-Profit Cooperatives Unrestricted Museums Individuals Professionals (accountants, lawyers, physicians)

d Proponents argued (incorrectly) that DNS would collapse without additional TLDs d New TLDs created legal nightmare

Internetworking With TCP/IP vol 1 -- Part 23

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Part Of The DNS Tree

NOTES

unnamed root

com

edu

gov

. . .

us

dec

purdue

nsf

va

cc

cs

ecn

reston

cnri

Internetworking With TCP/IP vol 1 -- Part 23

2005

Authority For Names


d Authority delegated down the tree d Example
Purdue University registers under top level domain .edu and receives authority for domain purdue . edu Computer Science Department at Purdue registers with the Purdue authority, and becomes the authority for cs . purdue . edu Owner of a lab in the CS Department registers with the departmental authority, and becomes the authority for xinu . cs . purdue . edu

Internetworking With TCP/IP vol 1 -- Part 23

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

DNS Database
d Record has (name, class) d Class species type of object (e.g., computer, email exchanger) d Consequence:
A given name may map to more than one item in the domain system. The client specifies the type of object desired when resolving a name, and the server returns objects of that type.

NOTES

Internetworking With TCP/IP vol 1 -- Part 23

11

2005

Mapping Domain Names To Addresses


d DNS uses a set of on-line servers d Servers arranged in tree d Given server can handle entire subtree
Example: ISP manages domain names for its clients (including corporations)

Internetworking With TCP/IP vol 1 -- Part 23

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Terminology
d DNS server known as name server d DNS client software known as resolver

NOTES

Internetworking With TCP/IP vol 1 -- Part 23

13

2005

Illustration Of Topology Among DNS Servers

Root Server

server for .com

server for .edu

server for .gov

. . .

server for .us

server for dec.com

server for purdue.edu

server for nsf.gov

server for va.us

Internetworking With TCP/IP vol 1 -- Part 23

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

In Practice
d Single server can handle multiple levels of the naming tree d Example: root server handles all top-level domains

NOTES

Internetworking With TCP/IP vol 1 -- Part 23

15

2005

Domain Name Resolution


d Conceptually, must search from root of tree downward d In practice
Every name server knows location of a root server Only contacts root if no subdomain known Lookup always starts with local server rst (host can learn address of DNS server from DHCP)

Internetworking With TCP/IP vol 1 -- Part 23

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Efcient Translation
d Facts
Most lookups refer to local names Name-to-address bindings change infrequently User is likely to repeat same lookup

NOTES

d To increase efciency
Initial contact begins with local name server Every server caches answers (owner species cache timeout)

Internetworking With TCP/IP vol 1 -- Part 23

17

2005

Domain Server Message Format

0 IDENTIFICATION NUMBER OF QUESTIONS NUMBER OF AUTHORITY

16 PARAMETER NUMBER OF ANSWERS NUMBER OF ADDITIONAL

31

QUESTION SECTION ...

ANSWER SECTION ...

AUTHORITY SECTION ...

ADDITIONAL INFORMATION SECTION ...

Internetworking With TCP/IP vol 1 -- Part 23

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Parameter Bits
Bit of PARAMETER field 0 1-4 Meaning Operation: 0 Query 1 Response Query Type: 0 Standard 1 Inverse 2 Server status request 3 Completion (now obsolete) 4 Notify 5 Update Set if answer authoritative Set if message truncated Set if recursion desired Set if recursion available Set if data is authenticated Set if checking is disabled Reserved Response Type: 0 No error 1 Format error in query 2 Server failure 3 Name does not exist 5 Refused 6 Name exists when it should not 7 RR set exists 8 RR set that should exist does not 9 Server not authoritative for the zone 10 Name not contained in zone

NOTES

5 6 7 8 9 10 11 12-15

Internetworking With TCP/IP vol 1 -- Part 23

19

2005

Format Of Question Section

16

31

QUERY DOMAIN NAME ... QUERY TYPE QUERY CLASS

Internetworking With TCP/IP vol 1 -- Part 23

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Format Of Resource Records

NOTES
31

16

RESOURCE DOMAIN NAME ... TYPE TIME TO LIVE RESOURCE DATA LENGTH CLASS

RESOURCE DATA ...

Internetworking With TCP/IP vol 1 -- Part 23

21

2005

Abbreviation Of Domain Names


d DNS only recognizes full domain names d Client software allows abbreviation

Internetworking With TCP/IP vol 1 -- Part 23

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Domain Name Abbreviation


d Client congured with sufx list
. cs . purdue . edu . cc . purdue . edu . purdue . edu null

NOTES

d User enters abbreviation xinu d Client tries the following in order


xinu. cs . purdue . edu xinu. cc . purdue . edu xinu. purdue . edu xinu
23
2005

Internetworking With TCP/IP vol 1 -- Part 23

The Point About Abbreviation

The Domain Name System only maps full domain names into addresses; abbreviations are not part of the Domain Name System itself, but are introduced by client software to make local names convenient for users.

Internetworking With TCP/IP vol 1 -- Part 23

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Inverse Query
d Map in reverse direction d Excessive overhead d May not have unique answer d Not used in practice

NOTES

Internetworking With TCP/IP vol 1 -- Part 23

25

2005

Pointer Query
d Special case of inverse mapping d Convert IP address to domain name d Trick: write IP address as a string and look up as a name

Internetworking With TCP/IP vol 1 -- Part 23

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Pointer Query


d Start with dotted decimal address such as
aaa . bbb . ccc . ddd

NOTES

d Rearrange dotted decimal representation as a string:


ddd . ccc . bbb . aaa . in-addr . arpa

d Look up using a pointer query type

Internetworking With TCP/IP vol 1 -- Part 23

27

2005

Object Types That DNS Supports

Type A CNAME HINFO MINFO MX NS PTR SOA

Meaning Host Address Canonical Name CPU & OS Mailbox info Mail Exchanger Name Server Pointer Start of Authority

Contents 32-bit IP address Canonical domain name for an alias Name of CPU and operating system Information about a mailbox or mail list 16-bit preference and name of host that acts as mail exchanger for the domain Name of authoritative server for domain Domain name (like a symbolic link) Multiple fields that specify which parts of the naming hierarchy a server implements Uninterpreted string of ASCII text 128-bit IPv6 address

TXT AAAA

Arbitrary text Host Address

Internetworking With TCP/IP vol 1 -- Part 23

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Domain Name System provides mapping from pronounceable names to IP addresses d Domain names are hierarchical; top-level domains are dictated by a central authority d Organizations can choose how to structure their domain names d DNS uses on-line servers to answer queries d Lookup begins with local server, which caches entries

NOTES

Internetworking With TCP/IP vol 1 -- Part 23

29

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXIV APPLICATIONS: REMOTE LOGIN (TELNET AND RLOGIN)

Internetworking With TCP/IP vol 1 -- Part 24

2005

Remote Interaction
d Devised when computers used (ASCII) terminals d Terminal abstraction extended to remote access over a network

Internetworking With TCP/IP vol 1 -- Part 24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Client-Server Interaction
d Client
Invoked by user Forms connection to remote server Passes keystrokes from users keyboard to server and displays output from server on users screen

NOTES

d Server
Accepts connection over the network Passes incoming characters to OS as if they were typed on a local keyboard Sends output over connection to client

Internetworking With TCP/IP vol 1 -- Part 24

2005

TELNET
d Standard protocol for remote terminal access d Three basic services
Denes network virtual terminal that provides standard interface Mechanism that allows client and server to negotiate options (e.g., character set) Symmetric treatment that allows either end of the connection to be a program instead of a physical keyboard and display

Internetworking With TCP/IP vol 1 -- Part 24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of TELNET

NOTES

server sends to pseudo terminal

client reads from keyboard


users screen & keyboard

telnet client

client sends to server server receives from client

telnet server

appl.

operating system

operating system

Internet

the input reaches an application through the pseudo terminal

Internetworking With TCP/IP vol 1 -- Part 24

2005

Accommodating Heterogeneity
d Network Virtual Terminal (NVT) describes systemindependent encoding d TELNET client and server map NVT into local computers representation

Internetworking With TCP/IP vol 1 -- Part 24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of How NVT Accommodates Heterogeneity

NOTES

users keyboard & display

Client

TCP connection across internet

Server

Servers System

Client System format used

NVT format used

Server System format used

Internetworking With TCP/IP vol 1 -- Part 24

2005

Denition Of TELNET NVT

ASCII Control Code NUL BEL BS HT LF VT FF CR other control

Decimal Value 0 7 8 9 10 11 12 13

Assigned Meaning No operation (has no effect on output) Sound audible/visible signal (no motion) Move left one character position Move right to the next horizontal tab stop Move down (vertically) to the next line Move down to the next vertical tab stop Move to the top of the next page Move to the left margin on the current line No operation (has no effect on output)

Internetworking With TCP/IP vol 1 -- Part 24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TELNET NVT Control Functions

NOTES

Signal IP AO AYT EC EL SYNCH BRK

Meaning Interrupt Process (terminate running program) Abort Output (discard any buffered output) Are You There (test if server is responding) Erase Character (delete the previous character) Erase Line (delete the entire current line) Synchronize (clear data path until TCP urgent data point, but do interpret commands) Break (break key or attention signal)

Internetworking With TCP/IP vol 1 -- Part 24

2005

TELNET Commands
Command IAC Decimal Encoding 255 Meaning Interpret next octet as command (when the IAC octet appears as data, the sender doubles it and sends the 2-octet sequence IAC-IAC) Denial of request to perform specified option Approval to allow specified option Refusal to perform specified option Agreement to perform specified option Start of option subnegotiation The go ahead signal The erase line signal The erase character signal The are you there signal The abort output signal The interrupt process signal The break signal The data stream portion of a SYNCH (always accompanied by TCP Urgent notification) No operation End of option subnegotiation End of record
10
2005

DONT DO WONT WILL SB GA EL EC AYT AO IP BRK DMARK NOP SE EOR

254 253 252 251 250 249 248 247 246 245 244 243 242 241 240 239

Internetworking With TCP/IP vol 1 -- Part 24

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TELNET Control Sequences And TCP

NOTES

TELNET cannot rely on the conventional data stream alone to carry control sequences between client and server because a misbehaving application that needs to be controlled might inadvertently block the data stream.

d Solution: use TCPs urgent data to send control sequences

Internetworking With TCP/IP vol 1 -- Part 24

11

2005

TELNET Option Negotiation

TELNET uses a symmetric option negotiation mechanism to allow clients and servers to reconfigure the parameters controlling their interaction. Because all TELNET software understands a basic NVT protocol, clients and servers can interoperate even if one understands options another does not.

Internetworking With TCP/IP vol 1 -- Part 24

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Remote Login (rlogin)


d Invented for BSD Unix d Includes facilities specically for Unix d Allows manager to congure a set of computers so that if two or more computers have same login id, X, the logins are owned by the same individual d Permits other forms of authentication

NOTES

Internetworking With TCP/IP vol 1 -- Part 24

13

2005

Remote Shell (rsh)


d Similar to rlogin d Also part of BSD Unix d Allows remote execution of a single command

Internetworking With TCP/IP vol 1 -- Part 24

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Secure Remote Login (ssh)


d Alternative to TELNET/rlogin d Transport layer protocol with service authentication d User authentication protocol d Connection protocol
Multiplexes multiple transfers Uses encryption for privacy

NOTES

Internetworking With TCP/IP vol 1 -- Part 24

15

2005

Port Forwarding
d Novel aspect of ssh d Similar to NAT d Permits incoming TCP connection to be forwarded across secure tunnel

Internetworking With TCP/IP vol 1 -- Part 24

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Remote Desktop
d Intended for systems that have a GUI interface d Allows a remote user to see screen of remote system and use mouse as well as keyboard d Examples include
Virtual Network Computing (VNC) Remote Desktop Protocol (RDP)

NOTES

Internetworking With TCP/IP vol 1 -- Part 24

17

2005

Summary
d Remote interaction allows client software to connect local keyboard and screen to remote system d Standard protocol is TELNET d Alternatives include rlogin, rsh, and ssh d Remote desktop extends remote access to handle GUI inteface

Internetworking With TCP/IP vol 1 -- Part 24

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXV APPLICATIONS: FILE TRANSFER AND ACCESS (FTP, TFTP, NFS)

Internetworking With TCP/IP vol 1 -- Part 25

2005

On-Line File Sharing


d Always a popular application d Two basic paradigms
Whole-le copying Piecewise le access

d Piecewise access mechanism


Opaque: application uses special facilities to access remote le Transparent: application uses same facilities to access local and remote les

Internetworking With TCP/IP vol 1 -- Part 25

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

File Transfer
d Whole le copying d Client
Contacts server Species le Species transfer direction

NOTES

Server Maintains set of les on local disk Waits for contact Honors request from client

Internetworking With TCP/IP vol 1 -- Part 25

2005

File Transfer Protocol (FTP)


d Major TCP/IP protocol for whole-le copying d Uses TCP for transport d Features
Interactive access Format specication (ASCII or EBCDIC) Authentication control (login and password)

Internetworking With TCP/IP vol 1 -- Part 25

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

FTP Process Model


client system
data transfer control process

NOTES

server system
control process data transfer

client data connection


operating system

client control connection server control connection

server data connection


operating system

TCP/IP internet

d Separate processes handle


Interaction with user Individual transfer requests
5
2005

Internetworking With TCP/IP vol 1 -- Part 25

FTPs Use of TCP Connections

Data transfer connections and the data transfer processes that use them can be created dynamically when needed, but the control connection persists throughout a session. Once the control connection disappears, the session is terminated and the software at both ends terminates all data transfer processes.

Internetworking With TCP/IP vol 1 -- Part 25

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Control Connection Vs. Data Connection


d For data transfer, client side becomes server and server side becomes client d Client
Creates process to handle data transfer Allocates port and sends number to server over control connection Process waits for contact

NOTES

d Server
Receives request Creates process to handle data transfer Process contacts client-side
7
2005

Internetworking With TCP/IP vol 1 -- Part 25

Question For Discussion


d What special relationship is required between FTP and NAT?

Internetworking With TCP/IP vol 1 -- Part 25

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Interactive Use Of FTP


d Initially a command-line interface
User invokes client and species remote server User logs in and enters password User issues series of requests User closes connection Most FTP initiated through browser User enters URL or clicks on link Browser uses FTP to contact remote server and obtain list of les User selects le for download

NOTES

d Currently

Internetworking With TCP/IP vol 1 -- Part 25

2005

Anonymous FTP
d Login anonymous d Password guest d Used for open FTP site (where all les are publicly available d Typically used by browsers

Internetworking With TCP/IP vol 1 -- Part 25

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Secure File Transfer Protocols


d Secure Sockets Layer FTP (SSL-FTP)
Uses secure sockets layer technology All transfers are condential

NOTES

d Secure File Transfer Program (sftp)


Almost nothing in common with FTP Uses ssh tunnel

d Secure Copy (scp)


Derivative of Unix remote copy (rcp) Uses ssh tunnel

Internetworking With TCP/IP vol 1 -- Part 25

11

2005

Trivial File Transfer Protocol (TFTP)


d Alternative to FTP d Whole-le copying d Not as much functionality as FTP d Code is much smaller d Intended for use on Local Area Network d Runs over UDP d Diskless machine can use to obtain image at bootstrap

Internetworking With TCP/IP vol 1 -- Part 25

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TFTP Packet Types


2-octet opcode READ REQ. (1) 2-octet opcode WRITE REQ. (2) 2-octet opcode DATA (3) 2-octet opcode ACK (4) 2-octet opcode ERROR (5) n octets FILENAME n octets FILENAME 2 octets BLOCK # 2 octets BLOCK # 2 octets ERROR CODE n octets ERROR MESSAGE 1 octet 0 1 octet 0 1 octet 0 n octets MODE n octets MODE up to 512 octets DATA OCTETS... 1 octet 0 1 octet 0

NOTES

Internetworking With TCP/IP vol 1 -- Part 25

13

2005

TFTP Retransmission
d Symmetric (both sides implement timeout and retransmission) d Data block is request for ACK d ACK is request for next data block

Internetworking With TCP/IP vol 1 -- Part 25

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Sorcerers Apprentice Bug


d Consequence of symmetric retransmission d Duplicate packet is perceived as second request, which generates another transmission d Duplicate response triggers duplicate packets from the other end d Cycle continues

NOTES

Internetworking With TCP/IP vol 1 -- Part 25

15

2005

Network File System (NFS)


d Protocol for le access, not copying d Developed by Sun Microsystems, now part of TCP/IP standards d Transparent (application cannot tell that le is remote)

Internetworking With TCP/IP vol 1 -- Part 25

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NFS Implementation

NOTES

application

local / remote decision

local file system

NFS client

local disk

network connection to NFS server

Internetworking With TCP/IP vol 1 -- Part 25

17

2005

Remote Procedure Call (RPC)


d Also developed by Sun Microsystems, now part of TCP/IP standards d Used in implementation of NFS d Relies on eXternal Data Representation (XDR) standard for conversion of data items between heterogeneous computers

Internetworking With TCP/IP vol 1 -- Part 25

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Two paradigms for remote le sharing
Whole le copying Piecewise le access

NOTES

d File Transfer Protocol (FTP)


Standard protocol for le copying Separate TCP connection for each data transfer Client and server roles reversed for data connection

d Examples of secure alternatives to FTP


SSL-FTP, sftp, and scp

Internetworking With TCP/IP vol 1 -- Part 25

19

2005

Summary
(continued)
d Trivial File Transfer Protocol (TFTP)
Alternative to FTP that uses UDP Symmetric retransmission scheme Packet duplication can result in Sorcerers Apprentice problem

d Network File System (NFS)


Standard protocol for piecewise le access Uses RPC and XDR

Internetworking With TCP/IP vol 1 -- Part 25

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXVI APPLICATIONS: ELECTRONIC MAIL (SMTP, POP, IMAP, MIME)

Internetworking With TCP/IP vol 1 -- Part 26

2005

Electronic Mail
d Among most widely used Internet services d Two major components
User interface Mail transfer software

d Paradigm: transfer is separate background activity

Internetworking With TCP/IP vol 1 -- Part 26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Email System Components

NOTES

user sends mail


............

outgoing mail spool area

client (background transfer)

TCP connection for outgoing mail

user interface user reads mail


............

mailboxes for incoming mail

server (to accept mail)

TCP connection for incoming mail

Internetworking With TCP/IP vol 1 -- Part 26

2005

Mailbox Names And Aliases


d Email destination identied by pair
( mailbox, computer )

d Aliases permitted (user enters alias that is expanded)

Internetworking With TCP/IP vol 1 -- Part 26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Forwarding
d Powerful idea d Email arriving on a computer can be forwarded to an ultimate destination

NOTES

Internetworking With TCP/IP vol 1 -- Part 26

2005

Illustration Of Aliases And Forwarding

alias database

user sends mail


... .........

alias expansion and forwarding

outgoing mail spool area

client (background transfer)

user interface
user reads mail
... .........

mailboxes for incoming mail

server (to accept mail)

Internetworking With TCP/IP vol 1 -- Part 26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

TCP/IP Standards For Email


d Syntax for email addresses d Format of email message d Protocols for email transfer and mailbox access

NOTES

Internetworking With TCP/IP vol 1 -- Part 26

2005

Email Address Syntax


d Mailbox identied by string
mailbox@computer

d String computer is domain name of computer on which a mailbox resides d String mailbox is unique mailbox name on the destination computer

Internetworking With TCP/IP vol 1 -- Part 26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Format Of Email Message


d Message consists of
Header Blank line Body of message

NOTES

d Headers have form


keyword : information

d Standard given in RFC 2822

Internetworking With TCP/IP vol 1 -- Part 26

2005

Protocol For Email Transfer


d Species interaction between transfer components
Transfer client Transfer server

d Standard protocol is Simple Mail Transfer Protocol (SMTP)

Internetworking With TCP/IP vol 1 -- Part 26

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

SMTP
d Application-level protocol d Uses TCP d Commands and responses encoded in ASCII

NOTES

Internetworking With TCP/IP vol 1 -- Part 26

11

2005

Example Of SMTP
S: 220 Beta.GOV Simple Mail Transfer Service Ready C: HELO Alpha.EDU S: 250 Beta.GOV C: MAIL FROM:<Smith@Alpha.EDU> S: 250 OK C: RCPT TO:<Jones@Beta.GOV> S: 250 OK C: RCPT TO:<Green@Beta.GOV> S: 550 No such user here C: RCPT TO:<Brown@Beta.GOV> S: 250 OK C: S: C: C: C: S: DATA 354 Start mail input; end with <CR><LF>.<CR><LF> ...sends body of mail message... ...continues for as many lines as message contains <CR><LF>.<CR><LF> 250 OK

C: QUIT S: 221 Beta.GOV Service closing transmission channel


Internetworking With TCP/IP vol 1 -- Part 26

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Protocol For Mailbox Access


d Used when users mailbox resides on remote computer d Especially helpful when users local computer is not always on-line d Two protocols exist
Post Office Protocol version 3 (POP3) Internet Message Access Protocol (IMAP)

NOTES

d Each provides same basic functionality


User authentication Mailbox access commands

Internetworking With TCP/IP vol 1 -- Part 26

13

2005

Multipurpose Internet Mail Extensions (MIME)


d Permits nontextual data to be sent in email
Graphics image Voice or video clip

d Sender
Encodes binary item into printable characters Places in email message for transfer

d Receiver
Receives email message containing encoded item Decodes message to extract original binary value
14
2005

Internetworking With TCP/IP vol 1 -- Part 26

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

MIME Header
d Header in email message describes encoding used d Example
From: bill@acollege.edu To: john@example.com MIME-Version: 1.0 Content-Type: image/jpeg Content-Transfer-Encoding: base64 ...data for the image...

NOTES

Internetworking With TCP/IP vol 1 -- Part 26

15

2005

Seven Basic MIME Types

Content Type text image audio video application multipart message

Used When Data In the Message Is Textual (e.g. a document). A still photograph or computer-generated image A sound recording A video recording that includes motion Raw data for a program Multiple messages that each have a separate content type and encoding An entire e-mail message (e.g., a memo that has been forwarded) or an external reference to a message (e.g., an FTP server and file name)

Internetworking With TCP/IP vol 1 -- Part 26

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Mixed / Multipart Message


From: bill@acollege.edu To: john@example.com MIME-Version: 1.0 Content-Type: Multipart/Mixed; Boundary=StartOfNextPart --StartOfNextPart Content-Type: text/plain Content-Transfer-Encoding: 7bit John, Here is the photo of our research lab I promised to send you. You can see the equipment you donated. Thanks again, Bill --StartOfNextPart Content-Type: image/jpeg Content-Transfer-Encoding: base64 ...data for the image...

NOTES

Internetworking With TCP/IP vol 1 -- Part 26

17

2005

Summary
d Email operates at application layer d Conceptual separation between
User interface Mail transfer components

d Simple Mail Transfer Protocol (SMTP)


Standard for transfer Uses ASCII encoding d Post Ofce Protocol (POP) And Internet Mail Access Protocol (IMAP) allow access of remote mailbox. d Multipurpose Internet Mail Extensions (MIME) permits transfer of nontextual information (e.g., images)

Internetworking With TCP/IP vol 1 -- Part 26

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXVII APPLICATIONS: WORLD WIDE WEB (HTTP)

Internetworking With TCP/IP vol 1 -- Part 27

2005

World Wide Web


d Distributed hypermedia paradigm d Major service on the Internet d Use surpassed le transfer in 1995

Internetworking With TCP/IP vol 1 -- Part 27

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Web Page Identier


d Known as Uniform Resource Locator (URL) d Encodes
Access protocol to use Domain name of server Protocol port number (optional) Path through servers le system (optional) Parameters (optional) Query (optional)

NOTES

d Format
http: // hostname [: port] / path [; parameters] [? query]
Internetworking With TCP/IP vol 1 -- Part 27

2005

Web Standards
d Separate standards for
Representation Transfer

Internetworking With TCP/IP vol 1 -- Part 27

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Representation
d HyperText Markup Language (HTML) d Document contains text plus embedded links d HTML gives guidelines for display, not details d Consequence: two browsers may choose to display same document differently

NOTES

Internetworking With TCP/IP vol 1 -- Part 27

2005

Transfer
d Used between browser and web server d Protocol is HyperText Transfer Protocol (HTTP) d Runs over TCP

Internetworking With TCP/IP vol 1 -- Part 27

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

HTTP Characteristics
d Application level d Request / response paradigm d Stateless d Permits bi-directional transfer d Offers capability negotiation d Support for caching d Support for intermediaries

NOTES

Internetworking With TCP/IP vol 1 -- Part 27

2005

HTTP Operation
d Browser sends requests to which server replies d Typical request: GET used to fetch document d Example
GET http://www.cs.purdue.edu/people/comer/ HTTP/1.1

d Relative URL also permitted


GET /people/comer/ HTTP/1.1

Internetworking With TCP/IP vol 1 -- Part 27

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Error Messages
d HTTP includes set of error responses d Server can format error as HTML message for user or use internal form and allow browser to format message

NOTES

Internetworking With TCP/IP vol 1 -- Part 27

2005

Persistent Connections
d HTTP version 1.0 uses one TCP connection per transfer
Browser forms TCP connection to server Browser sends GET request Server returns header describing item Server returns item Server closes connection

d HTTP version 1.1 permits connection to persist across multiple requests

Internetworking With TCP/IP vol 1 -- Part 27

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

HTTP Headers

NOTES

HTTP uses MIME-like headers to carry meta information. Both browsers and servers send headers that allow them to negotiate agreement on the document representation and encoding to be used.

Internetworking With TCP/IP vol 1 -- Part 27

11

2005

Handing Persistence

To allow a TCP connection to persist through multiple requests and responses, HTTP sends a length before each response. If it does not know the length, a server informs the client, sends the response, and then closes the connection.

Internetworking With TCP/IP vol 1 -- Part 27

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Headers And Length Encoding


d HTTP headers use same syntax as email headers
Lines of text followed by blank line Lines of text have form keyword:information

NOTES

d For persistent connection header species length (in octets) of data item that follows

Internetworking With TCP/IP vol 1 -- Part 27

13

2005

Items That Can Appear In An HTTP Header

Header Content-Length Content-Type Content-Encoding Content-Language

Meaning Size of item in octets Type of item Encoding used for item Language(s) used in item

Internetworking With TCP/IP vol 1 -- Part 27

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of Header

NOTES

Content-Length: 34 Content-Language: english Content-Encoding: ascii <HTML> A trivial example. </HTML>

d Note: if length is not known in advance, server can inform browser that connection will close following transfer
Connection: close

Internetworking With TCP/IP vol 1 -- Part 27

15

2005

Negotiation
d Either server or browser can initiate d Items sent in headers d Can specify representations that are acceptable with preference value assigned to each d Example
Accept: text/html, text/plain; q=0.5, text/x-dvi; q=0.8

Internetworking With TCP/IP vol 1 -- Part 27

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Items For Negotiation

NOTES

Accept-Encoding: Accept-Charset: Accept-Language:

Internetworking With TCP/IP vol 1 -- Part 27

17

2005

Conditional Request
d Allows browser to check cached copy for freshness d Eliminates useless latency d Sends If-Modified-Since in header of GET request d Example
If-Modied-Since: Wed, 31 Dec 2003 05:00:01 GMT

Internetworking With TCP/IP vol 1 -- Part 27

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Proxy Servers
d Browser can be congured to contact proxy d Permits caching for entire organization d Server can specify maximum number of proxies along path (including none)

NOTES

Internetworking With TCP/IP vol 1 -- Part 27

19

2005

Caching Of Web Pages


d Caching essential to efciency d Server species
Whether page can be cached Maximum time page can be kept

d Intermediate caches and browser cache web pages d Browser can specify maximum age of page (forces intermediate caches to revalidate)

Internetworking With TCP/IP vol 1 -- Part 27

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Web is major application in the Internet d Standard for representation is HTML d Standard for transfer is HTTP
Request-response protocol Header precedes item Version 1.1 permits persistent connections Server species length of time item can be cached Browser can issue conditional request to validate cached item

NOTES

Internetworking With TCP/IP vol 1 -- Part 27

21

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXVIII APPLICATIONS: VOICE AND VIDEO OVER IP (VOIP, RTP, RSVP)

Internetworking With TCP/IP vol 1 -- Part 28

2005

TCP/IP Protocols
d Designed for data d Can also handle voice and video d Industry excited about Voice Over IP (VOIP)

Internetworking With TCP/IP vol 1 -- Part 28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Representation
d Voice and video must be converted between analog and digital forms d Typical device is codec (coder / decoder) d Example encoding used by phone system is Pulse Code Modulation (PCM)
Note: 128 second audio clip encoded in PCM requires one megabyte of memory

NOTES

d Codec for voice, known as vocodec, attempts to recognize speech rather than just waveforms

Internetworking With TCP/IP vol 1 -- Part 28

2005

Playback
d Internet introduces burstiness d Jitter buffer used to smooth bursts d Protocol support needed

Internetworking With TCP/IP vol 1 -- Part 28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Requirements For Real-Time


Because an IP Internet is not isochronous, additional protocol support is required when sending digitized real-time data. In addition to basic sequence information that allows detection of duplicate or reordered packets, each packet must carry a separate timestamp that tells the receiver the exact time at which the data in the packet should be played.

NOTES

Internetworking With TCP/IP vol 1 -- Part 28

2005

Illustration Of Jitter Buffer

items inserted at a variable rate K

items extracted at a fixed rate

d Data arrives in bursts d Data leaves at steady rate

Internetworking With TCP/IP vol 1 -- Part 28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Real-Time Transport Protocol (RTP)


d Internet standard d Provides playback timestamp along with data d Allows receiver to playback items in sequence

NOTES

Internetworking With TCP/IP vol 1 -- Part 28

2005

RTP Message Format


d Each message begins with same header
0 1 P 3 X CC 8 M PTYPE TIMESTAMP SYNCHRONIZATION SOURCE IDENTIFIER CONTRIBUTING SOURCE ID 16 SEQUENCE NUM 31 VER

...

Internetworking With TCP/IP vol 1 -- Part 28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Terminology And Layering


d Name implies that RTP is a transport-layer protocol d In fact
RTP is an application protocol RTP runs over UDP

NOTES

Internetworking With TCP/IP vol 1 -- Part 28

2005

Mixing
d RTP can coordinate multiple data streams d Intended for combined audio and video d Up to 15 sources d Header species mixing

Internetworking With TCP/IP vol 1 -- Part 28

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

RTP Control Protocol (RTCP)


d Required part of RTP d Allows sender and receiver to exchange information about sessions that are in progress d Separate data stream d Uses protocol port number one greater than port number of data stream

NOTES

Internetworking With TCP/IP vol 1 -- Part 28

11

2005

RTCP Message Types

Type 200 201 202 203 204

Meaning Sender report Receiver report Source description message Bye message Application specific message

Internetworking With TCP/IP vol 1 -- Part 28

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

RTCP Interaction
d Receivers generate receiver report messages d Inform sender about reception and loss d Senders generate sender report d Provide absolute timestamp and relate real time to relative playback timestamp

NOTES

Internetworking With TCP/IP vol 1 -- Part 28

13

2005

VOIP
d RTP used for encoding and transfer d Also need signaling protocol for
Dialing Answering a call Call forwarding

d Gateway used to connect IP telephone network to Public Switched Telephone Network (PSTN) d PSTN uses SS7 for signaling

Internetworking With TCP/IP vol 1 -- Part 28

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Standards For IP Telephony


d H.323 d SIP

NOTES

Internetworking With TCP/IP vol 1 -- Part 28

15

2005

H.323
d ITU standard d Set of many protocols d Major protocols specied by H.323 include
Protocol H.225.0 H.245 RTP T.120 Purpose Signaling used to establish a call Control and feedback during the call Real-time data transfer (sequence and timing) Exchange of data associated with a call

Internetworking With TCP/IP vol 1 -- Part 28

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

How H.323 Protocols Fit Together

NOTES

audio / video applications video codec RTP UDP audio codec RTCP

signaling and control H.225 Registr. H.225 Signaling H.245 Control TCP IP

data applications T.120 Data

Internetworking With TCP/IP vol 1 -- Part 28

17

2005

Session Initiation Protocol (SIP)


d IETF standard d Alternative to H.323
Less functionality Much smaller

d Permits SIP telephone to make call d Does not require RTP for encoding

Internetworking With TCP/IP vol 1 -- Part 28

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Session Description Protocol (SDP)


d Companion to SIP d Species details such as
Media encoding Protocol port numbers Multicast addresses

NOTES

Internetworking With TCP/IP vol 1 -- Part 28

19

2005

Quality Of Service (QoS)


d Statistical guarantee of performance d Requires changes to underlying Internet infrastructure d Proponents claim it is needed for telephony d Others claim only larger bandwidth will solve the problem

Internetworking With TCP/IP vol 1 -- Part 28

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Resource ReSerVation Protocol (RSVP)


d IETF response to ATM d End-to-end QoS guarantees d Abstraction is unidirectional ow d Initiated by endpoint

NOTES

Internetworking With TCP/IP vol 1 -- Part 28

21

2005

RSVP Requests

An endpoint uses RSVP to request a simplex flow through an IP internet with specified QoS bounds. If routers along the path agree to honor the request, they approve it; otherwise, they deny it. If an application needs QoS in two directions, each endpoint must use RSVP to request a separate flow.

Internetworking With TCP/IP vol 1 -- Part 28

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Note About RSVP


d RSVP denes
Messages endpoint sends to router to request QoS Messages routers send to other routers Replies

NOTES

d RSVP does not specify how enforcement done d Separate protocol needed

Internetworking With TCP/IP vol 1 -- Part 28

23

2005

Common Open Policy Services (COPS)


d Proposed enforcement protocol for RSVP d Known as traffic policing d Uses policy server d Checks data sent on ow to ensure the ow does not exceed preestablished bounds

Internetworking With TCP/IP vol 1 -- Part 28

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d Codec translates between analog and digital forms d RTP used to transfer real-time data d RTP adds timestamp that sender uses to determine playback time d RTCP is companion protocol for RTP that senders and receivers use to control and coordinate data transfer d Voice Over IP uses
RTP for digitized voice transfer SIP or H.323 for signaling

NOTES

d RSVP and COPS provide quality of service guarantees

Internetworking With TCP/IP vol 1 -- Part 28

25

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXIX APPLICATIONS: INTERNET MANAGEMENT (SNMP)

Internetworking With TCP/IP vol 1 -- Part 29

2005

Management Protocols
d Early network systems used two approaches
Separate, parallel management network Link-level management commands

d TCP/IP pioneered running management protocols at the application layer


Motivation: provide internet-wide capability instead of single network capability

Internetworking With TCP/IP vol 1 -- Part 29

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

The Point About Internet Management

NOTES

In a TCP/IP internet, a manager needs to examine and control routers and other network devices. Because such devices attach to arbitrary networks, protocols for internet management operate at the application level and communicate using TCP/IP transport-level protocols.

Internetworking With TCP/IP vol 1 -- Part 29

2005

Architectural Model
MA

Devices being managed


MA

MA

MA

MA

MC

MA

MA

Managers Host Router being managed

Other devices

Internetworking With TCP/IP vol 1 -- Part 29

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Terminology
d Agent
Runs on arbitrary system (e.g., a router) Responds to managers requests

NOTES

d Management software
Runs on managers workstation Sends requests to agents as directed by the manager

Internetworking With TCP/IP vol 1 -- Part 29

2005

TCP/IP Network Management Protocols


d Management Information Base (MIB) d Structure Of Management Information (SMI) d Simple Network Management Protocol (SNMP)

Internetworking With TCP/IP vol 1 -- Part 29

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Management Information Base (MIB)


d All management commands are encoded as fetch or store operations on variables d Example: to reboot, store a zero in a variable that corresponds to the time until reboot. d A MIB is a set of variables and the semantics of fetch and store on each

NOTES

Internetworking With TCP/IP vol 1 -- Part 29

2005

MIB Categories

MIB category system interfaces at ip icmp tcp udp ospf bgp rmon rip-2 dns

Includes Information About The host or router operating system Individual network interfaces Address translation (e.g., ARP mappings) Internet Protocol software Internet Control Message Protocol software Transmission Control Protocol software User Datagram Protocol software Open Shortest Path First software Border Gateway Protocol software Remote network monitoring Routing Information Protocol software Domain Name System software

Internetworking With TCP/IP vol 1 -- Part 29

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Examples of MIB Variables

NOTES

MIB Variable sysUpTime ifNumber ifMtu ipDefaultTTL ipInReceives ipForwDatagrams ipOutNoRoutes ipReasmOKs ipFragOKs ipRoutingTable icmpInEchos tcpRtoMin tcpMaxConn tcpInSegs udpInDatagrams

Category system interfaces interfaces ip ip ip ip ip ip ip icmp tcp tcp tcp udp

Meaning Time since last reboot Number of network interfaces MTU for a particular interface Value IP uses in time-to-live field Number of datagrams received Number of datagrams forwarded Number of routing failures Number of datagrams reassembled Number of datagrams fragmented IP Routing table Number of ICMP Echo Requests received Minimum retransmission time TCP allows Maximum TCP connections allowed Number of segments TCP has received Number of UDP datagrams received

Internetworking With TCP/IP vol 1 -- Part 29

2005

Structure of Management Information (SMI)


d Set of rules for dening MIB variable names d Includes basic denitions such as
Address (4-octet value) Counter (integer from 0 to 232 - 1)

d Species using Abstract Syntax Notation 1 (ASN.1)

Internetworking With TCP/IP vol 1 -- Part 29

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ASN.1
d ISO standard d Species
Syntax for names (user-readable format) Binary encoding (format used in a message)

NOTES

d Absolute, global, hierarchical namespace

Internetworking With TCP/IP vol 1 -- Part 29

11

2005

Position of MIB In The ASN.1 Hierarchy


unnamed

iso 1

itu 2

jointiso-itu 3

org 3

dod 6

internet 1

directory 1

mgmt 2

experimental 3

private 4

mib 1

Internetworking With TCP/IP vol 1 -- Part 29

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Syntactic Form
d Variable name written as sequence of labels with dot (period as delimiter) d Numeric encoding used in messages d Example: prex for mgmt node is
1.3.6.1.2.1

NOTES

Internetworking With TCP/IP vol 1 -- Part 29

13

2005

ASN.1 Hierarchy For TCP/IP


. . .

label from the root to this point is 1 . 3 . 6

internet 1

directory 1

mgmt 2

experimental 3

private 4

mib 1

system 1

interfaces 2

addr. trans. 3

ip 4

icmp 5

tcp 6

udp 7

Internetworking With TCP/IP vol 1 -- Part 29

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example MIB Variables


d Prex for variable ipInReceives is
iso . org . dod . internet . mgmt . mib . ip . ipInReceives

NOTES

d Numeric value is
1.3.6.1.2.1.4.3

Internetworking With TCP/IP vol 1 -- Part 29

15

2005

MIB Tables
d Correspond to data structures programmers think of as arrays or structs d ASN.1 denition uses keyword SEQUENCE d Array index is appended to MIB variable name

Internetworking With TCP/IP vol 1 -- Part 29

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example Of SEQUENCE Denition

NOTES

IpAddrEntry ::= SEQUENCE { ipAdEntAddr IpAddress, ipAdEntIfIndex INTEGER, ipAdEntNetMask IpAddress, ipAdEntBcastAddr IpAddress, ipAdEntReasmMaxSize INTEGER (0..65535) }

Internetworking With TCP/IP vol 1 -- Part 29

17

2005

Simple Network Management Protocol (SNMP)


d Species communication between managers workstation and managed entity d Uses fetch-store paradigm

Internetworking With TCP/IP vol 1 -- Part 29

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Operations That SNMP Supports

NOTES

Command get-request get-next-request get-bulk-request response set-request inform-request snmpv2-trap report

Meaning Fetch a value from a specific variable Fetch a value without knowing its exact name Fetch a large volume of data (e.g., a table) A response to any of the above requests Store a value in a specific variable Reference to third-part data (e.g., for a proxy) Reply triggered by an event Undefined at present

Internetworking With TCP/IP vol 1 -- Part 29

19

2005

SNMP Message Format


d Dened using ASN.1 notation d Similar to BNF grammar

Internetworking With TCP/IP vol 1 -- Part 29

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Example ASN.1 Denition

NOTES

SNMPv3Message ::= SEQUENCE { msgVersion INTEGER (0..2147483647), -- note: version number 3 is used for SNMPv3 msgGlobalData HeaderData, msgSecurityParameters OCTET STRING, msgData ScopedPduData }

Internetworking With TCP/IP vol 1 -- Part 29

21

2005

Denition Of HeaderData Area In SNMP Message

HeaderData ::= SEQUENCE { msgID INTEGER (0..2147483647), -- used to match responses with requests msgMaxSize INTEGER (484..2147483647), -- maximum size reply the sender can accept msgFlags OCTET STRING (SIZE(1)), -- Individual ag bits specify message characteristics -- bit 7 authorization used -- bit 6 privacy used -- bit 5 reportability (i.e., a response needed) msgSecurityModel INTEGER (1..2147483647) -- determines exact format of security parameters that follow }

Internetworking With TCP/IP vol 1 -- Part 29

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Discriminated Union
d ASN.1 uses CHOICE keyword for a discriminated union d Example
ScopedPduData ::= CHOICE { plaintext ScopedPDU, encryptedPDU OCTET STRING -- encrypted ScopedPDU value }

NOTES

Internetworking With TCP/IP vol 1 -- Part 29

23

2005

Summary
d TCP/IP management protocols reside at application layer d Management Information Base (MIB) species set of variables that can be accessed d Structure Of Management Information (SMI) species rules for naming MIB variables d Simple Network Management Protocol (SNMP) species format of messages that pass between a managers workstation and managed entity d Variables named using ASN.1 (absolute, global, hierarchical) d Message format dened with ASN.1 (similar to BNF grammar)
Internetworking With TCP/IP vol 1 -- Part 29

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXX INTERNET SECURITY AND FIREWALL DESIGN (IPsec, SSL)

Internetworking With TCP/IP vol 1 -- Part 30

2005

Network Security
d Refers in broad sense to condence that information and services available on a network cannot be accessed by unauthorized users d Implies
Safety Freedom from unauthorized access or use Freedom from snooping or wiretapping Freedom from disruption of service Assurance that outsiders cannot change data

d Also called information security

Internetworking With TCP/IP vol 1 -- Part 30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

A Crucial Point

NOTES

Just as no physical property is absolutely secure against crime, no network is completely secure.

Internetworking With TCP/IP vol 1 -- Part 30

2005

Aspects Of Protection
d Data integrity d Data availability d Privacy or condentiality d Authorization d Authentication d Replay avoidance

Internetworking With TCP/IP vol 1 -- Part 30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Information Policy
d Denes what is allowed d Special note:
Humans are usually the most susceptible point in any security scheme. A worker who is malicious, careless, or unaware of an organizations information policy can compromise the best security.

NOTES

Internetworking With TCP/IP vol 1 -- Part 30

2005

Internet Security
d Especially difcult d Data travels across many networks owned by many groups from source to destination d Computers in the middle can change data

Internetworking With TCP/IP vol 1 -- Part 30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

A Point About Authentication

NOTES
IP an an an

An authorization scheme that uses a remote machines address to authenticate its identity does not suffice in unsecure internet. An imposter who gains control of intermediate router can obtain access by impersonating authorized client.

Internetworking With TCP/IP vol 1 -- Part 30

2005

Two Basic Techniques For Internet Security


d Encryption d Perimeter Security

Internetworking With TCP/IP vol 1 -- Part 30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IP Security Protocol (IPsec)


d Devised by IETF d Actually a set of protocols d Name IPsec applies collectively d Works with IPv4 or IPv6 d Gives framework, but does not specify exactly which encryption or authentication algorithms to use d Choice between authentication and encryption

NOTES

Internetworking With TCP/IP vol 1 -- Part 30

2005

IPsec Authentication Header (AH)


d Not an IP option d Added after IP header d Follows IPv6 format (more on IPv6 later in the course)

Internetworking With TCP/IP vol 1 -- Part 30

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration of Authentication Header Insertion

NOTES

IPv4 TCP HEADER HEADER (a)

TCP DATA

IPv4 AUTHENTICATION TCP HEADER HEADER HEADER (b)

TCP DATA

d (a) shows datagram and (b) shows same datagram after header has been inserted

Internetworking With TCP/IP vol 1 -- Part 30

11

2005

Type Information
d IPv4 PROTOCOL eld is modied so the type is IPsec d Authentication header contains NEXT HEADER eld that species original type

Internetworking With TCP/IP vol 1 -- Part 30

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Illustration Of Type Information With Authentication

NOTES

0 NEXT HEADER

8 PAYLOAD LEN

16 RESERVED

31

SECURITY PARAMETERS INDEX SEQUENCE NUMBER

AUTHENTICATION DATA (VARIABLE)

. . .

Internetworking With TCP/IP vol 1 -- Part 30

13

2005

Security Association
d Not all information related to security can t in header d Sender and receiver communicate, agree on security parameters, assign small index to each parameter, and then use index values in headers

Internetworking With TCP/IP vol 1 -- Part 30

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IPsec Encapsulating Security Payload (ESP)


d Used to encrypt packet contents d More complex than authentication header

NOTES

Internetworking With TCP/IP vol 1 -- Part 30

15

2005

Illustration Of ESP

IPv4 TCP HEADER HEADER (a)

TCP DATA

authenticated encrypted IPv4 ESP TCP HEADER HEADER HEADER (b) TCP DATA ESP ESP TRAILER AUTH

Internetworking With TCP/IP vol 1 -- Part 30

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

ESP Header

NOTES
31

16

SECURITY PARAMETERS INDEX

SEQUENCE NUMBER

d Eight octets d Precedes payload

Internetworking With TCP/IP vol 1 -- Part 30

17

2005

ESP Trailer

16

24

31

0 - 255 OCTETS OF PADDING

PAD LENGTH

NEXT HEADER

ESP AUTHENTICATION DATA (VARIABLE)

. . .

d Authentication data variable size d Padding optional

Internetworking With TCP/IP vol 1 -- Part 30

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Mutable Header Fields


d Some IP header elds change (e.g., TTL) d IPsec designed to ensure end-to-end integrity d One possibility: IPsec tunneling
Place IPsec datagram inside normal datagram Often used in VPNs

NOTES

Internetworking With TCP/IP vol 1 -- Part 30

19

2005

Illustration Of IPsec Tunneling

OUTER IP AUTHENTICATION HEADER HEADER (a)

INNER IP DATAGRAM (INCLUDING IP HEADER)

authenticated encrypted OUTER IP ESP HEADER HEADER INNER IP DATAGRAM (INCLUDING IP HEADER) (b) ESP ESP TRAILER AUTH

d (a) when used with authentication d (b) when used with encapsulated security payload
Internetworking With TCP/IP vol 1 -- Part 30

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Mandatory Security Algorithms For IPsec

NOTES

Authentication HMAC with MD5 HMAC with SHA-1 RFC 2403 RFC 2404

Encapsulating Security Payload DES in CBC mode HMAC with MD5 HMAC with SHA-1 Null Authentication Null Encryption RFC 2405 RFC 2403 RFC 2404

Internetworking With TCP/IP vol 1 -- Part 30

21

2005

Secure Sockets Layer (SS)


d Created by Netscape, Inc. d Widely used d Not formally adopted by IETF d Same API as sockets d Provides authentication and encryption d De facto standard for web browsers

Internetworking With TCP/IP vol 1 -- Part 30

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Transport Layer Security (TLS)


d Created by IETF d So closely related to SSL that the same protocol port is used d Most implementations of SSL also support TLS

NOTES

Internetworking With TCP/IP vol 1 -- Part 30

23

2005

Perimeter Security
d Form of access control d Mechanism is Internet firewall d Firewall placed at each connection between site and rest of Internet d All rewalls use coordinated policy d Blocks unwanted packets

Internetworking With TCP/IP vol 1 -- Part 30

24

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Firewall Implementation
d Basic technique is packet filter d Typically runs in a router d Manager species restrictions on incoming packets d Filter drops packets that are not allowed

NOTES

Internetworking With TCP/IP vol 1 -- Part 30

25

2005

Illustration Of Packet Filter

OUTSIDE

INSIDE

ARRIVES ON INTERFACE 2 2 1 2 2 2

IP SOURCE

IP DEST.

PROTOCOL TCP TCP TCP UDP UDP TCP

SOURCE PORT

DEST. PORT 21 23 25 43 69 79

* *
128.5.0.0 / 16

* * *

* * * * * *

* * * * * *

Internetworking With TCP/IP vol 1 -- Part 30

26

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Effective Filtering

NOTES

To be effective, a firewall that uses datagram filtering should restrict access to all IP sources, IP destinations, protocols, and protocol ports except those computers, networks, and services the organization explicitly decides to make available externally. A packet filter that allows a manager to specify which datagrams to admit instead of which datagrams to block can make such restrictions easy to specify.

Internetworking With TCP/IP vol 1 -- Part 30

27

2005

Consequences Of A Restrictive Filter

If an organizations firewall restricts incoming datagrams except for ports that correspond to services the organization makes available externally, an arbitrary application inside the organization cannot become a client of a server outside the organization.

Internetworking With TCP/IP vol 1 -- Part 30

28

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Proxy Access
d Allows specic clients to access specic services d Handles problems like virus detection on incoming les d Uses bastion host

NOTES

Internetworking With TCP/IP vol 1 -- Part 30

29

2005

Illustration Of Proxy Access

bastion host

GLOBAL INTERNET (OUTSIDE)

INTRANET (INSIDE)

manually enabled bypass

d Two rewall lters restrict


Incoming packets from Internet to proxy Outgoing packets from site to proxy

Internetworking With TCP/IP vol 1 -- Part 30

30

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Stateful Firewalls
d Allow clients inside an organization to contact servers in the Internet d Firewall
Watches outgoing packets Records source and destination information Uses recorded information when admitting packets

NOTES

d Communication still subject to policies

Internetworking With TCP/IP vol 1 -- Part 30

31

2005

Managing Firewall State


d Connection tracking
Uses FIN to remove state for TCP connection Does not work well with UDP

d Soft state
Timer set when entry created Idle entry removed after timeout

Internetworking With TCP/IP vol 1 -- Part 30

32

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Content Protection With Proxies


d Firewall only operates at packet level d Mechanism known as application proxy protects against incoming
Viruses Other illicit content

NOTES

d Proxy can examine entire content (e.g., mail message)

Internetworking With TCP/IP vol 1 -- Part 30

33

2005

Summary
d Two basic techniques used for Internet security
Encryption Perimeter security

d IETF has dened IPsec as a framework for security d IPsec offers choice of
Authentication header (AH) Encapsulated Security Payload (ESP)

Internetworking With TCP/IP vol 1 -- Part 30

34

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
(continued)
d Firewall is mechanism used for perimeter security d Packet lter specied by manager d Firewall rejects packets except those explicitly allowed d Stateful rewall allows clients in organization to initiate communication d Application proxy can be used to check content

NOTES

Internetworking With TCP/IP vol 1 -- Part 30

35

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

NOTES

PART XXXI THE FUTURE OF TCP/IP (IPv6)

Internetworking With TCP/IP vol 1 -- Part 31

2005

Current Version
d TCP/IP has worked well for over 25 years d Design is exible and powerful d Has adapted to
New computer and communication technologies New applications Increases in size and load

Internetworking With TCP/IP vol 1 -- Part 31

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Most Signicant Technical Problem


d Address space limitation d IPv4 address space may be exhausted by the year 2020

NOTES

Internetworking With TCP/IP vol 1 -- Part 31

2005

History Of The New Version


d Developed by IETF d Started in early 1990s d Input from many groups, including: computer manufacturers, hardware and software vendors, users, managers, programmers, telephone companies, and the cable television industry

Internetworking With TCP/IP vol 1 -- Part 31

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

History Of The New Version


(continued)
d Three main proposals d Eventually new version emerged d Assigned version number 6, and known as IPv6 d RFC in 1994 d Dened over 10 years ago!

NOTES

Internetworking With TCP/IP vol 1 -- Part 31

2005

Major Changes From IPv4


d Larger addresses d Extended address hierarchy d Variable header format d Facilities for many options d Provision for protocol extension d Support for autoconguration and renumbering d Support for resource allocation

Internetworking With TCP/IP vol 1 -- Part 31

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IPv6 Address Size


d 128 bits per address d Absurd increase in capacity d IPv6 has 1024 addresses per square meter of the Earths surface!

NOTES

Internetworking With TCP/IP vol 1 -- Part 31

2005

General Form Of IPv6 Datagram

optional

Base Header

Extension Header 1

...

Extension Header N

DATA . . .

d Base header required d Extension headers optional

Internetworking With TCP/IP vol 1 -- Part 31

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IPv6 Base Header Format


0 VERS 4 TRAFFIC CLASS PAYLOAD LENGTH 12 16 FLOW LABEL NEXT HEADER HOP LIMIT 24 31

NOTES

SOURCE ADDRESS

DESTINATION ADDRESS

d Alignment is on 64-bit multiples d Fragmentation in extension header d Flow label intended for resource reservation
Internetworking With TCP/IP vol 1 -- Part 31

2005

Size Of Base Header

Each IPv6 datagram begins with a 40-octet base header that includes fields for the source and destination addresses, the maximum hop limit, the traffic class, the flow label, and the type of the next header. Thus, an IPv6 datagram must contain at least 40 octets in addition to the data.

Internetworking With TCP/IP vol 1 -- Part 31

10

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IPv6 Extension Headers


d Sender chooses zero or more extension headers d Only those facilities that are needed should be included

NOTES

Internetworking With TCP/IP vol 1 -- Part 31

11

2005

Parsing An IPv6 Datagram


Base Header NEXT=TCP

TCP Segment

(a)

Base Header NEXT=ROUTE

Route Header NEXT=TCP

TCP Segment

(b)

Base Header NEXT=ROUTE

Route Header NEXT=AUTH

Auth Header NEXT=TCP

TCP Segment

(c)

d Each header includes NEXT HEADER eld d NEXT HEADER operates like type eld
Internetworking With TCP/IP vol 1 -- Part 31

12

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

IPv6 Fragmentation And Reassembly


d Like IPv4
Ultimate destination reassembles

NOTES

d Unlike IPv4
Routers avoid fragmentation Original source must fragment

Internetworking With TCP/IP vol 1 -- Part 31

13

2005

How Can Original Source Fragment?


d Option 1: choose minimum guaranteed MTU of 1280 d Option 2: use path MTU discovery

Internetworking With TCP/IP vol 1 -- Part 31

14

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Path MTU Discovery


d Guessing game d Source sends datagram without fragmenting d If router cannot forward, router sends back ICMP error message d Source tries smaller MTU

NOTES

Internetworking With TCP/IP vol 1 -- Part 31

15

2005

Fragmentation Details

0 NEXT HEADER

8 RESERVED

16 FRAG. OFFSET

29 RS

31 M

DATAGRAM IDENTIFICATION

d Fragmentation information carried in extension header

Internetworking With TCP/IP vol 1 -- Part 31

16

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Discussion Questions
d Is fragmentation desirable? d What are the consequences of the IPv6 design?

NOTES

Internetworking With TCP/IP vol 1 -- Part 31

17

2005

IPv6 Colon Hexadecimal Notation


d Replaces dotted decimal d Example: dotted decimal value
104.230.140.100.255.255.255.255.0.0.17.128.150.10.255.255

d Becomes
68E6:8C64:FFFF:FFFF:0:1180:96A:FFFF

Internetworking With TCP/IP vol 1 -- Part 31

18

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Zero Compression
d Successive zeroes are indicated by a pair of colons d Example
FF05:0:0:0:0:0:0:B3

NOTES

d Becomes
FF05::B3

Internetworking With TCP/IP vol 1 -- Part 31

19

2005

IPv6 Destination Addresses


d Three types
Unicast (single host receives copy) Multicast (set of hosts each receive a copy) Anycast (set of hosts, one of which receives a copy)

d Note: no broadcast (but special multicast addresses (e.g., all hosts on local wire)

Internetworking With TCP/IP vol 1 -- Part 31

20

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Proposed IPv6 Address Space


Binary Prefix 0000 0000 0000 0001 0000 001 0000 01 0000 1 0001 001 010 011 100 101 110 1110 1111 1111 1111 1111 0 10 110 1110 0 Type Of Address Reserved (IPv4 compatibility) Unassigned NSAP Addresses Unassigned Unassigned Unassigned Global Unicast Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Link-Local Unicast Addresses IANA - Reserved Multicast Addresses Part Of Address Space 1/256 1/256 1/128 1/64 1/32 1/16 1/8 1/8 1/8 1/8 1/8 1/8 1/16 1/32 1/64 1/128 1/512 1/1024 1/1024 1/256

NOTES

1111 1110 10 1111 1110 11 1111 1111

Internetworking With TCP/IP vol 1 -- Part 31

21

2005

Backward Compatibility
d Subset of IPv6 addresses encode IPv4 addresses d Dotted hex notation can end with 4 octets in dotted decimal
80 zero bits 0000 . . . . . . . . . . . . . . . . . . 0000 0000 . . . . . . . . . . . . . . . . . . 0000 16 bits 0000 FFFF 32 bits IPv4 Address IPv4 Address

Internetworking With TCP/IP vol 1 -- Part 31

22

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.

Summary
d IETF has dened next version of IP to be IPv6 d Addresses are 128 bits long d Datagram starts with base header followed by zero or more extension headers d Sender performs fragmentation d Many myths abound about the advantages of IPv6 d No strong technical motivation for change

NOTES

Internetworking With TCP/IP vol 1 -- Part 31

23

2005

Copyright (c) 2005 by Douglas E. Comer. All rights reserved.