Download Internetworking

Internetworking
4.1 Simple Internetworking (IP)
4.2 Routing
4.3 Global Internet
4.4 Multicast
1
4.1 Simple Internetworking (IP)
4.1.1 What is an Internework
4.1.2 Service Model
4.1.3 Global Address
4.1.4 Datagram Forwarding in IP
4.1.5 Address Translation (ARP)
4.1.6 Host Configuration (DHCP)
4.1.7 Error Reporting (ICMP)
4.1.8 Virtual Networks and Tunnels
2
4.1.1 What is an Internework
 Concatenation of networks
H1
H2
Netw ork 1 (Ethernet)
H7
H3
R3
H8
Netw ork 4
(point-to-point)
Netw ork 2 (Ethernet)
R1
R2
H4
Netw ork 3 (FDDI)
H5
H6
A simple internetwork. Hn =host, Rn = router
3
 An internetwork is a network of networks
 in the figure, we see Ethernets, an FDDI ring, and a
point-to-point link
 each of these is a single-technology network
 the nodes that interconnect the networks are called
routers (sometimes called gateways)
 The following figure shows how H1 and H8 are
logically connected by the internet, including
the protocol graph running on each node
4
 A simple internetwork of protocol stack
H1
H8
TCP
R1
IP
ETH
R2
IP
ETH
R3
IP
FDDI
FDDI
IP
PPP
PPP
TCP
IP
ETH
ETH
Protocol layers used to connect H1 to H8.
ETH: the protocol that runs over Ethernet.
5
4.1.2 Service Model
 A good place to start when you build an internetwork
is to define its service model
 A service model is the host-to-host services you want
to provide
 Service model for an internetwork
 a host-to-host service only if this service can
somehow be provided over each of the underlying
physical networks
6
4.1.2 Service Model
 IP service model has two parts
 addressing scheme
 provides a way to identify all hosts in the internetwork
 datagram (conectionless) model of data delivery
 This service model is sometimes called best effort
 although IP makes every effort to deliver datagrams, it makes
no guarantees
7
 Datagram
 a type of packet sent in a connectionless manner
over a network
 every datagram carry enough information to let
the network forward the packet to its correct
destination
 no need for any advance setup mechanism to tell
the network what to do when the packet arrives
8
 Best-effort delivery (unreliable service)
 if something goes wrong and has the following
situations




packets are lost
packets are delivered out of order
duplicate copies of a packet are delivered
packets can be delayed for a long time
 the network does not make any attempt to recover
from the failure
9
 Best-effort, connectionless service is about the
simplest service you could ask for from an
internetwork
 If you provide best-effort service over a
network that provides a reliable service, then
that’s fine
10
 If, on the other hand, you had a reliable service
model over an unreliable network, you would
have to put lots of extra functionality into the
routers
 Keeping the routers as simple as possible was
one of the original design goals of IP
11
 Datagram format
0
4
Version
8
HLen
16
TOS
31
Length
Ident
TTL
19
Flags
Protocol
Offset
Checksum
SourceAddr
DestinationAddr
Options (variable)
Pad
(variable)
Data
12
 Datagram format
 a succession of 32-bit words
 Packet formats at the internetworking layer and above
are almost invariably designed to align on 32-bit
boundaries
 To simplify the task of processing them in software
0
4
Version
8
HLen
16
TOS
31
Length
Ident
TTL
19
Flags
Protocol
Offset
Checksum
SourceAddr
DestinationAddr
Options (variable)
Pad
(variable)
Data
13
 Datagram format
 a succession of 32-bit words
 the top word is transmitted first
 the leftmost byte of each word is transmitted first
0
4
Version
8
HLen
16
TOS
31
Length
Ident
TTL
19
Flags
Protocol
Offset
Checksum
SourceAddr
DestinationAddr
Options (variable)
Pad
(variable)
Data
14
 1st word of the header
 Version: the version of IP
 the current version of IP is 4 (IPv4)
 HLen: the length of the header in 32-bit words
 most of the time (when there are no options),
the header is 5 words (20 bytes) long
15
 TOS: the 8-bit type of service
 allow packets to be treated differently based
on application needs
 example, the TOS value might determine
whether or not a packet should be placed in a
special queue that receives low delay
16
 Length: 16 bits of the header
 contain the length of the datagram, including
the header
 the field counts bytes rather than words
 the maximum size of an IP datagram is
65,535 bytes
 the physical network over which IP is
running may not support such long packets
 IP supports a fragmentation and
reassembly process
17
 2nd word of the header contains information about
fragmentation
 Offset: 12-bit counts 8-byte chunk, not bytes
 the distance (number of chunks) between the
start of the original data and the start of the
current fragment
18
 3rd word of the header
 TTL: one-byte time to live
 a specific number of seconds that the packet
would be allowed to live
 routers along the path would decrement this
field until it reached 0
 By default: 64
 Protocol: one-byte demultiplexing key
 identifies the higher-level protocol to which
this IP packet should be passed
 values defined for TCP (6), UDP (17)
19
 Checksum:
 calculated by considering the entire IP header
as a sequence of 16-bit words
 adding them up using ones complement
arithmetic, and taking the ones complement
of the result
20
 the fourth word of the header: SourceAddr
 the fifth word of the header: DestinationAddr
 there may be a number of options at the end of the
header
 the presence or absence of options may be determined
by examining the header length (HLen) field
21
Fragmentation and Reassembly
 Each network technology tends to have its own idea
of how large a packet can be, example,
 Ethernet can accept packets up to 1,500 bytes long
 FDDI packets may be 4,500 bytes long
 Every network type has a maximum transmission
unit (MTU)
 the largest IP datagram that it can carry in a frame
 this value is smaller than the largest packet size on that
network because the IP datagram needs to fit in the payload
of the link-layer frame
22
 Fragmentation
 typically occurs when necessary (MTU < Datagram)
 to enable these fragments to be reassembled at the
receiving host, they all carry the same identifier in
the Ident field
 this identifier is chosen by the sending host and is
intended to be unique among all the datagrams that
might arrive at the destination from this source over
some reasonable time period
23
 since all fragments of the original datagram contain
this identifier, the reassembling host will be able to
recognize those fragments that go together
 should all the fragments not arrive at the receiving
host, the host gives up on the reassembly process
and discards the fragments that did arrive
 IP does not attempt to recover from missing
fragments
24
 example
 consider what happens when host Hl sends a datagram
to host H8
 assuming that the MTU is 1,500 bytes for the two
Ethernets, 4,500 bytes for the FDDI network, and 532
bytes for the point-to-point network
 a 1,420-byte datagram (20-byte IP header plus 1,400 bytes
of data) sent from H1 makes it across the first Ethernet and
the FDDI network without fragmentation but must be
fragmented into three datagrams at router R2
 these three fragments are then forwarded by router R3
across the second Ethernet to the destination host
25
26
H1
ETH IP (1400)
R1
R2
R3
R1
R2
R3
FDDI IP (1400)
H8
PPP IP (512)
ETH IP (512)
PPP IP (512)
ETH IP (512)
PPP IP (376)
ETH IP (376)
IP datagrams traversing the sequence of physical networks
27
 each fragment is itself a self-contained IP datagram
that is transmitted over a sequence of physical
networks, independent of the other fragments
 each IP datagram is reencapsulated for each
physical network over which it travels
28
(a)
(b)
Header fields used in IP fragmentation: (a) unfragmented packet; (b) fragmented packets.
29
 The unfragmented packet has 1,400 bytes of data and a
20-byte IP header
 when the packet arrives at router R2, which has an MTU of
532 bytes, it has to be fragmented
 a 532-byte MTU leaves 512 bytes for data after the 20-byte
IP header, so the first fragment contains 512 bytes of data
 the router sets the M bit as 1 in the Flags field, meaning that
there are more fragments to follow
 it sets the Offset to 0, since this fragment contains the first
part of the original datagram
30
 the data carried in the second fragment starts with
the 513th byte of the original data, so the field in
this header is set to 64 (= 512/8)
 the third fragment contains the last 376 bytes of
data, and the offset is now 2 × 512 / 8 = 128 (since
this is the last fragment, the M bit is not set)
31
4.1.3 Global Addresses
 One of the things that IP service model
provides is an addressing scheme
 If you want to be able to send data to any host
on any network, there needs to be a way of
identifying all the hosts
 Thus, we need a global addressing scheme–
one in which no two hosts have the same
address
32
4.1.3 Global Addresses
 Ethernet addresses are globally unique
 that alone does not suffice for an addressing
scheme in a large internetwork
 Ethernet addresses are also flat
 they have no structure and provide very few clues
to routing protocols
33
 IP addresses are hierarchical
 made up of two parts that correspond to some sort
of hierarchy in the internetwork
 network part
 identifies the network to which the host is
attached
 all hosts attached to the same network have the
same network part
 host part
 identifies each host uniquely on that particular
network
34
 example 1
 the addresses of the hosts on network 1 would all have the
same network part and different host parts
 example 2
 the routers are attached to two networks
 they need to have an address on each network, one for each
interface, e.g., router Rl
 has an IP address on the interface to network 2 that has the same
network part as the hosts on network 2
 has an IP address on the interface to network 3 that has the same
network part as the hosts on network 3
 it is more precise to think of IP addresses as belonging to
interfaces than to hosts
35
 IP addresses are divided into three different
classes
 each of the following figure defines different-sized
network and host parts
 there are also class D addresses specify a multicast
group, and class E addresses that are currently
unused
 in all cases, the address is 32 bits long
36
7
A:
0
24
Network
Host
14
B:
1
0
16
Network
Host
21
C:
1
1
0
Network
8
Host
IP addresses: (a) class A; (b) class B; (c) class C
37
 the class of an IP address is identified in the most
significant few bits
 if the first bit is 0, it is a class A address
 if the first bit is 1 and the second is 0, it is a class B
 if the first two bits are 1 and the third is 0, it is a class
C address
 of the approximately 4 billion (= 232)possible IP
addresses
 one-half are class A
 one-quarter are class B
 one-eighth are class C
38
 Class A addresses
 7 bits for the network part and 24 bits for the host
part
 126 (= 27-2) class A networks (0 and 127 are
reserved)
 each network can accommodate up to 224-2 (about 16
million) hosts (again, two are reserved values)
 Class B addresses
 14 bits for the network part and 16 bits for the host
part
 65,534 (= 216-2) hosts
39
 Class C addresses
 21 bits for the network part and 8 bits for the
host part
 2,097,152 (= 22l) class C networks
 254 hosts (host identifier 255 is reserved for
broadcast, and 0 is not a valid host number)
40
 IP addresses are written as four decimal integers
separated by dots
 each integer represents the decimal value contained in
1 byte (= 0~255) of the address, starting at the most
significant
 Example, 171.69.210.245
 Internet domain names (DNS)
 also hierarchical
 domain names tend to be ASCII strings separated by
dots, e.g., cs.princeton.edu
41
4.1.4 Datagram Forwarding in IP
 Forwarding
 the process of taking packet from an input and
sending it out on the appropriate output
 Routing
 the process of building up the tables that allow the
correct output for a packet to be determined
 The discussion here focus on forwarding
42
 Strategy
 every IP datagram contains destination’s address
 if connected to destination network
 then forward to host
 if not directly connected
 then forward to some router
 forwarding table maps network number
(NetworkNum) into next hop (NextHop)
 each host has a default router
 each router maintains a forwarding table
43
 Datagram forwarding algorithm
 if (NetworkNum of destination = NetworkNum of one
of my interfaces) then
deliver packet to destination over that interface
else
if (NetworkNum of destination is in my forwarding
table) then
deliver packet to NextHop route
else
deliver packet to default router
44
 For a host with only one interface and only a default router
in its forwarding table
 (simplified algorithm)
 if (NetworkNum of destination = my NetworkNum)
then
deliver packet to destination directly
else
deliver packet to default router
45
 Example1
 suppose H1 wants to send a datagram to H2
 since they are on the same physical network, H1
and H2 have the same network number in their IP
address
 H1 deduces that it can deliver the datagram directly
to H2 over the Ethernet
 the one that needs to be resolved is how Hl finds
out the correct Ethernet address for H2
46
 Example2
 suppose H1 wants to send a datagram to H8
 since they are on different physical networks
 H1 deduces that it needs to send the datagram to a
router
 Hl sends the datagram over the Ethernet to R1
 R1 knows that it cannot deliver a datagram directly
to H8 because neither of Rl’s interfaces is on the
same network as H8
47
 suppose R1’s default router is R2; R1 then sends
the datagram to R2 over the token ring network
 assume R2 has the forwarding table shown as
follows, it looks up H8’s network number (network
1) and forwards the datagram to R3
48
Network
Number
Next Hop
1
R3
2
R1
3
Interface 1
4
Interface 0
Forwarding table for router R2
49
 R3 forwards the datagram directly to H8
 it is possible to include the information about directly
connected networks in the forwarding table
 example, we could label the network interfaces of router R2
as interface 0 for the point-to-point link (network 4) and
interface l for the token ring (network 3)
50
4.1.5 Address Translation (ARP)
 Issue
 IP datagrams contain IP addresses, but the physical
interface hardware on the host or router to which you
want to send the datagram only understands the
addressing scheme of that particular network
51
 Resolution
 translate the IP address to a link-level address that
makes sense on this network (e.g., a 48-bit Ethernet
address)
 encapsulate the IP datagram inside a frame that contains
that link-1evel address and send it either to the ultimate
destination or to a router that promises to forward the
datagram toward the ultimate destination
frame
link-level
address
IP datagram
Encapsulation
52
Network part
Host part
(physical address)
 Simple way to map an IP address into a physical network
address
 encode a host’s physical address in the host part of its IP
address
 example, a host with physical address 00100001
01001001 (the decimal value 33 in the upper byte and
73 in the lower byte) might be given the IP address
128.96.33.73
 it is limited in that the network’s physical addresses can
be no more than 16 bits long in this example
53
 More general solution
 each host maintains a table of address pairs (map IP
addresses into physical addresses)
 Alternative solution：Address Resolution Protocol
(ARP)
 enable each host on a network to build up a table of
mappings between IP addresses and link-level addresses
 since these mappings may over time (e.g. because an
Ethernet card in a host breaks and is replaced by a new one
with a new address), the entries are timed out periodically
and removed
54
 this happens on the order of every 15 minutes
 the set of mappings currently stored in a host is known as the
ARP cache or ARP table
55
 The ARP packet contains
 HardwareType
 the type of physical network (e.g., Ethernet)
 ProtocolType
 the higher-layer protocol (e.g., IP)
 HLen (“hardware” address length) and PLen (“protocol”
address length)
 the length of the link-layer address and higher-layer
protocol address
56
 Operation
 specifies whether this is a request or a response
 Addresses




source hardware (Ethernet) address (6 bytes)
source protocol (IP) address (4 bytes)
target hardware (Ethernet) address (6 bytes)
target protocol (IP) address (4 bytes)
57
0
8
16
Hardware type = 1
HLen = 48
31
ProtocolType = 0x0800
PLen = 32
Operation
SourceHardwareAddr (bytes 0-3)
SourceHardwareAddr (bytes 4-5)
SourceProtocolAddr (bytes 0-1)
SourceProtocolAddr (bytes 2-3)
TargetHardwareAddr (bytes 0-1)
TargetHardwareAddr (bytes 2-5)
TargetProtocolAddr (bytes 0-3)
ARP Packet Format
58
4.1.6 Host Configuration (DHCP)
 Dynamic Host Configuration Protocol (DHCP)
 relies on the existence of a DHCP server that is responsible
for providing configuration information to hosts
 there is at least one DHCP server for an administrative
domain
 at the simplest level, the DHCP server can function just as
a centralized repository for host configuration information
 DHCP saves the network administrators from having to
walk around to every host in the company with a list of
addresses and network map in hand and configuring each
host manually
59
 a more sophisticated use of DHCP saves the network
administrator from even having to assign addresses to
individual hosts
 the DHCP server maintains a pool of available
addresses that it hands out to hosts on demand
 this considerably reduces the amount of configuration
an administrator must do by allocating a range of IP
addresses (all with the same network number) to each
network
60
 DHCP server discovery
 to contact a DHCP server, a newly booted or attached host
sends a DHCPDISCOVER message to a special IP
(broadcast) address (255.255.255.255)
 it will be received by all hosts and routers on that network
 in the simplest case, one of these nodes is the DHCP server
for the network
 the server would then reply to the host that generated the
discovery message (all the other nodes would ignore it)
61
 DHCP uses the concept of relay agent
 there is at least one relay agent on each network, and it is
configured with just one piece of information: the IP
address of the DHCP server
 when a relay agent receives a DHCPDISCOVER message,
it unicasts it to the DHCP server and awaits the response,
which it will then send back to the requesting client
62
Unicast to server
DHCP
relay
Other netw orks
DHCP
server
Broadcast
Host
A DHCP relay agent receives a broadcast DHCPDISCOVER message from a host and sends
a unicast DHCPDISCOVER to a remote DHCP Server.
63
Operation
HType
HLen
Hops
Xid
Secs
Flags
ciaddr
yiaddr
siaddr
giaddr
chaddr (16 bytes)
sname (64 bytes)
file (128 bytes)
options
DHCP packet format
64
65
Operation
HType
HLen
Hops
Xid
Secs
Flags
ciaddr
yiaddr
siaddr
giaddr
chaddr (16 bytes)
sname (64 bytes)
file (128 bytes)
options
 B (Broadcast): 1 bit





Client IP address (ciaddr): 32 bits
Your IP address (yiaddr): 32 bits
Server IP address (siaddr): 32 bits
Gateway IP address (giaddr): 32 bits
Client hardware address (chaddr): 16 bytes
66
4.1.7 Error Reporting (ICMP)
 Internet Control Message Protocol (ICMP)
 defines a collection of error messages that are sent
back to the source host whenever a router is unable
to process an IP datagram successfully
 ICMP segment structure
67
 ICMP header (starts at bit 160 of the IP header)
 Type
 ICMP type as specified above
 Code (see the following table)
 further specification of the ICMP type
 e.g. an ICMP Destination Unreachable might have this field
set to 1 through 15 each bearing different meaning
 Checksum
 contains error checking data calculated from the ICMP
header+data, with value 0 for this field
68
 ID
 contains an ID value, should be returned in case of
ECHO REPLY
 Sequence
 contains a sequence value, should be returned in case
of ECHO REPLY
69
List of permitted control messages
(incomplete list)
70
71
72
4.1.8 Virtual Networks and Tunnels
 Virtual Private Network (VPN)
 a more controlled connectivity
 corporations with many sites often build private networks by
leasing transmission lines from the phone companies and
using those lines to interconnect sites
 communication is restricted to take place only among the
sites of that corporation, which is often desirable for security
reasons
 to make a private network “virtual”, the leased transmission
lines - which are not shared with any other corporations would be replaced by some sort of shared network
73
C
Physical links
A
B
Corporation X private netw ork
K
L
M
Corporation Y private netw ork
(a)
K
C
L
Physical links
A
M
B
Virtual circuits
(b)
An example of virtual private networks: (a) two separate private networks;
(b) two virtual private networks sharing common switches.
 In the above figure
 Frame Relay or ATM network is used to provide the
controlled connectivity among sites
 limited connectivity of a real private network is
maintained
 IP Tunnel
 a virtual point-to-point link between a pair of nodes that
are actually separated by an arbitrary number of
networks
75
Netw ork 1
R1
Internetw ork
R2
Netw ork 2
10.0.0.1
IP header,
Destination = 2.x
IP header,
Destination = 10.0.0.1
IP header,
Destination = 2.x
IP payload
IP header,
Destination = 2.x
IP payload
IP payload
A tunnel through an internetwork (the change in encapsulation
of the packet as it moves across the network)
76
Netw ork 1
R1
Internetw ork
R2
Netw ork 2
10.0.0.1
IP header,
Destination = 2.x
IP header,
Destination = 10.0.0.1
IP header,
Destination = 2.x
IP payload
IP header,
Destination = 2.x
IP payload
IP payload
 A tunnel has been configured from R1 to R2
and assigned a virtual interface number 0
 The forwarding table in R1 might therefore
look like the following table
 R1 has two physical interfaces
 interface 0 connects to network 1
 interface 1 connects to a large internetwork and is
thus the default for all traffic that does not match
something more specific in the forwarding table
77
 R1 has a virtual interface, which is the interface to the tunnel
 suppose R1 receives a packet from network 1 that contains an
address in network 2
 the forwarding table says this packet should be sent out
virtual interface 0
 in order to send a packet out this interface, the router
takes the packet, adds an IP header addressed to R2, and
then proceeds to forward the packet as it had just been
received
 R2’s address is 10.0.0.1
 since the network number of this address is 10, not 1 or 2,
a packet destined for R2 will be forwarded out the default
interface into the internetwork
78
NetworkNum
NextHop
1
Interface 0
2
Virtual
interface 0
Default
Interface 1
Forwarding table for router R1
79