* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download COSC4377 TCP vs UDP – Example Statistics
Distributed firewall wikipedia , lookup
Universal Plug and Play wikipedia , lookup
Deep packet inspection wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
SIP extensions for the IP Multimedia Subsystem wikipedia , lookup
Parallel port wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Dynamic Host Configuration Protocol wikipedia , lookup
Computer network wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Network tap wikipedia , lookup
Airborne Networking wikipedia , lookup
Internet protocol suite wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 COSC4377 Lecture 16 Lennart Johnsson 2013‐10‐17 COSC4377 TCP vs UDP – Example Statistics Trace Sample UDP/TCP Ratio pkts bytes flows Total IP Traffic (pkts/bytes/flows) CAIDA‐OC48 08‐2002 0.11 0.03 0.11 (1371M/838GB/79M) 01‐2003 0.12 0.05 0.27 (463M/267GB/26M) GigaSUNET 04‐2006 0.06 0.02 1.06 (422M/294GB/9M) 11‐2006 0.08 0.03 1.45 06‐2008 0.14 0.05 1.43 (4427M/2279GB/197M) 02‐2009 0.19 0.07 2.34 (1922M/1410GB/110M) OptoSUNET 01‐2009 0.21 0.11 3.09 (1100M/657GB/41M) 02‐2009 0.20 0.11 2.63 CAIDA‐ OC192 http://www.caida.org/research/traffic‐analysis/tcpudpratio/ 2 1 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 Internet Private Addresses (IPv4) RFC1918 IP address range number of addresses classful description largest CIDR block (subnet host id size mask) 24‐bit block 10.0.0.0 ‐ 10.255.255.255 16,777,216 single class A network 10.0.0.0/8 (255.0.0.0) 20‐bit block 172.16.0.0 ‐ 172.31.255.255 1,048,576 16 contiguous 172.16.0.0/12 class B 20 bits (255.240.0.0) network 192.168.0.0 ‐ 16‐bit block 65,536 192.168.255.255 256 contiguous class C network 24 bits 192.168.0.0/1 6 16 bits (255.255.0.0) Address ranges reserved by IANA for Private Addresses http://en.wikipedia.org/wiki/Private_network 3 Lennart Johnsson 2013‐10‐17 COSC4377 NAT: network address translation rest of Internet local network (e.g., home network) 10.0.0/24 10.0.0.1 10.0.0.4 10.0.0.2 138.76.29.7 10.0.0.3 all datagrams leaving local network have same single source NAT IP address: 138.76.29.7,different source port numbers Slide from Kurose & Ross, 6th Ed datagrams with source or destination in this network have 10.0.0/24 address for source, destination (as usual) 4 2 10/17/2013 COSC4377 Lennart Johnsson 2013‐10‐17 NAT: network address translation motivation: local network uses just one IP address as far as outside world is concerned: range of addresses not needed from ISP: just one IP address for all devices can change addresses of devices in local network without notifying outside world can change ISP without changing addresses of devices in local network devices inside local net not explicitly addressable, visible by outside world (a security plus) 5 Slide from Kurose & Ross, 6th Ed COSC4377 Lennart Johnsson 2013‐10‐17 NAT: network address translation implementation: NAT router must: outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #) . . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table Slide from Kurose & Ross, 6th Ed 6 3 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 NAT: network address translation NAT translation table WAN side addr LAN side addr 2: NAT router changes datagram source addr from 10.0.0.1, 3345 to 138.76.29.7, 5001, updates table 1: host 10.0.0.1 sends datagram to 128.119.40.186, 80 138.76.29.7, 5001 10.0.0.1, 3345 …… …… S: 10.0.0.1, 3345 D: 128.119.40.186, 80 10.0.0.1 1 2 S: 138.76.29.7, 5001 D: 128.119.40.186, 80 10.0.0.4 138.76.29.7 S: 128.119.40.186, 80 D: 138.76.29.7, 5001 S: 128.119.40.186, 80 D: 10.0.0.1, 3345 3 10.0.0.2 4 10.0.0.3 4: NAT router changes datagram dest addr from 138.76.29.7, 5001 to 10.0.0.1, 3345 3: reply arrives dest. address: 138.76.29.7, 5001 7 Slide from Kurose & Ross, 6th Ed COSC4377 Lennart Johnsson 2013‐10‐17 NAT: network address translation 16‐bit port‐number field: 60,000 simultaneous connections with a single LAN‐side address! NAT is controversial: routers should only process up to layer 3 violates end‐to‐end argument • NAT possibility must be taken into account by app designers, e.g., P2P applications address shortage should instead be solved by IPv6 Slide from Kurose & Ross, 6th Ed 8 4 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 NAT traversal problem • client wants to connect to server with address 10.0.0.1 – server address 10.0.0.1 local to LAN (client can’t use it as destination addr) – only one externally visible NATed address: 138.76.29.7 10.0.0.1 client ? 10.0.0.4 138.76.29.7 • solution1: statically configure NAT to forward incoming connection requests at given port to server NAT router – e.g., (123.76.29.7, port 2500) always forwarded to 10.0.0.1 port 25000 9 Slide from Kurose & Ross, 6th Ed Lennart Johnsson 2013‐10‐17 COSC4377 NAT traversal problem solution 2: Universal Plug and Play (UPnP) Internet Gateway Device (IGD) Protocol. Allows NATed host to: learn public IP address (138.76.29.7) add/remove port mappings (with lease times) i.e., automate static NAT port map configuration 10.0.0.1 IGD NAT router For more info on UPnP, IGD and Port Control Protocol (PCP) see IETF Working Grop docs http://tools.ietf.org/html/draft‐ietf‐pcp‐upnp‐igd‐interworking‐04 Slide from Kurose & Ross, 6th Ed 10 5 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 NAT traversal problem solution 3: relaying (used in Skype) NATed client establishes connection to relay external client connects to relay relay bridges packets between to connections 2. connection to relay initiated by client 1. connection to relay initiated by NATed host 3. relaying established client 138.76.29.7 10.0.0.1 NAT router 11 Slide from Kurose & Ross, 6th Ed Lennart Johnsson 2013‐10‐17 COSC4377 Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram networks 4.3 what’s inside a router 4.4 IP: Internet Protocol – – – – datagram format IPv4 addressing ICMP IPv6 Slide from Kurose & Ross, 6th Ed 4.5 routing algorithms link state distance vector hierarchical routing 4.6 routing in the Internet RIP OSPF BGP 4.7 broadcast and multicast routing 12 6 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 ICMP: internet control message protocol • used by hosts & routers to communicate network‐ level information – error reporting: unreachable host, network, port, protocol – echo request/reply (used by ping) • network‐layer “above” IP: – ICMP msgs carried in IP datagrams • ICMP message: type, code plus first 8 bytes of IP datagram causing error Type 0 3 3 3 3 3 3 4 Code 0 0 1 2 3 6 7 0 8 9 10 11 12 0 0 0 0 0 description echo reply (ping) dest. network unreachable dest host unreachable dest protocol unreachable dest port unreachable dest network unknown dest host unknown source quench (congestion control - not used) echo request (ping) route advertisement router discovery TTL expired bad IP header 13 Slide from Kurose & Ross, 6th Ed COSC4377 Lennart Johnsson 2013‐10‐17 Traceroute and ICMP source sends series of UDP segments to dest first set has TTL =1 second set has TTL=2, etc. unlikely port number when nth set of datagrams arrives to nth router: router discards datagrams and sends source ICMP messages (type 11, code 0) ICMP messages includes name of router & IP address 3 probes when ICMP messages arrives, source records RTTs stopping criteria: UDP segment eventually arrives at destination host destination returns ICMP “port unreachable” message (type 3, code 3) source stops 3 probes 3 probes Slide from Kurose & Ross, 6th Ed 14 7 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 Chapter 4: Network Layer • 4. 1 Introduction • 4.2 Virtual circuit and datagram networks • 4.3 What’s inside a router • 4.4 IP: Internet Protocol – – – – Datagram format IPv4 addressing ICMP IPv6 • 4.5 Routing algorithms – Link state – Distance Vector – Hierarchical routing • 4.6 Routing in the Internet – RIP – OSPF – BGP • 4.7 Broadcast and multicast routing 15 Slide from Kurose & Ross, 6th Ed COSC4377 Lennart Johnsson 2013‐10‐17 More than 4 billion devices already share addresses http://www.youtube.com/watch?feature=player_embedded&v=‐Uwjt32NvVA IPv6 is essential to the continued health and growth of the Internet and that by allowing all devices to talk to each other directly, IPv6 enables new innovative services http://www.google.com/ipv6/index.html 16 8 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 IPv6: motivation initial motivation: 32‐bit address space soon to be completely allocated. additional motivation: header format helps speed processing/forwarding header changes to facilitate QoS IPv6 datagram format: fixed‐length 40 byte header no fragmentation allowed 17 Slide from Kurose & Ross, 6th Ed Lennart Johnsson 2013‐10‐17 COSC4377 IPv6 datagram format priority: identify priority among datagrams in flow flow Label: identify datagrams in same “flow.” (concept of“flow” not well defined). next header: identify upper layer protocol for data IPv4 IPv6 32 bits 32 bits ver pri ver flow label payload len next hdr source address (128 bits) destination address (128 bits) hop limit head. len type of service 16‐bit identifier time to live length flgs upper layer fragment offset header checksum 32 bit source IP address 32 bit destination IP address Options (if any) data Slide from Kurose & Ross, 6th Ed data (variable length,,typically a TCP or UDP segment) 18 9 10/17/2013 COSC4377 Lennart Johnsson 2013‐10‐17 The Internet Protocol ‐ History • History of the Internet Protocol – Internet Protocol version 4 (IPv4) • • • • Developed for the original Internet (ARPANET) in 1978 4 billion addresses Deployed globally & well entrenched Allocated based on documented need – Internet Protocol version 6 (IPv6) • Design began in 1993 when IETF forecasts showed IPv4 depletion between 2010 and 2017 • 340 undecillion addresses • Completed, tested, and available since 1999 • Used and managed similar to IPv4 https://www.arin.net/knowledge/v4_deplete_v6_adopt.pdf 19 COSC4377 Lennart Johnsson 2013‐10‐17 IPv4 and IPv5 Comparison https://www.arin.net/knowledge/v4_deplete_v6_adopt.pdf 20 10 10/17/2013 COSC4377 Lennart Johnsson 2013‐10‐17 Other changes from IPv4 • checksum: removed entirely to reduce processing time at each hop • options: allowed, but outside of header, indicated by “Next Header” field • ICMPv6: new version of ICMP – additional message types, e.g. “Packet Too Big” – multicast group management functions 21 Slide from Kurose & Ross, 6th Ed COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 addresses RFC4291 • “Full” format x:x:x:x:x:x:x:x, where the 'x's are one to four hexadecimal digits of the eight 16‐bit pieces of the address. Examples: ABCD:EF01:2345:6789:ABCD:EF01:2345:6789 2001:DB8:0:0:8:800:200C:417A 22 11 10/17/2013 COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 addresses RFC4291 • “Compressed” format Examples: 2001:DB8:0:0:8:800:200C:417A a unicast address Compressed 2001:DB8::8:800:200C:417A FF01:0:0:0:0:0:0:101 a multicast address Compressed FF01::101 0:0:0:0:0:0:0:1 the loopback address Compressed ::1 0:0:0:0:0:0:0:0 the unspecified address Compressed :: 23 COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 addresses RFC4291 • Alternative format Examples: 0:0:0:0:0:0:13.1.68.3 0:0:0:0:0:FFFF:129.144.52.38 or in compressed form: ::13.1.68.3 ::FFFF:129.144.52.38 24 12 10/17/2013 COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 addresses RFC4291 • Prefix representation (like CIDR for IPv4) Example: 60‐bit prefix 20010DB80000CD3 (hexadecimal): 2001:0DB8:0000:CD30:0000:0000:0000:0000/60 2001:0DB8::CD30:0:0:0:0/60 2001:0DB8:0:CD30::/60 25 COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 – How to obtain an address? • IPv6 defines both a stateful and stateless address auto‐ configuration mechanism. – Stateless auto‐configuration requires no manual configuration of hosts, minimal (if any) configuration of routers, and no additional servers. The stateless mechanism allows a host to generate its own addresses using a combination of locally available information and information advertised by routers. Routers advertise prefixes that identify the subnet(s) associated with a link, while hosts generate an "interface identifier" that uniquely identifies an interface on a subnet. An address is formed by combining the two. In the absence of routers, a host can only generate link‐local addresses. However, link‐local addresses are sufficient for allowing communication among nodes attached to the same link. RFC 2462, December 1998. – In Stateful auto‐configuration (DHCPv6), hosts obtain interface addresses and/or configuration information and parameters from a server. Servers maintain a database that keeps track of which addresses have been assigned to which hosts. The stateful auto‐configuration protocol allows hosts to obtain addresses, other configuration information or both from a server. Stateless and stateful auto‐configuration complement each other. For example, a host can use stateless auto‐configuration to configure its own addresses, but use stateful auto‐configuration to obtain other information. RFC 3315, July 2003. 26 13 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 Transition from IPv4 to IPv6 • not all routers can be upgraded simultaneously – no “flag days” – how will network operate with mixed IPv4 and IPv6 routers? • tunneling: IPv6 datagram carried as payload in IPv4 datagram among IPv4 routers IPv4 header fields IPv4 source, dest addr IPv6 header fields IPv6 source dest addr IPv4 payload UDP/TCP payload IPv6 datagram IPv4 datagram 27 Slide from Kurose & Ross, 6th Ed Lennart Johnsson 2013‐10‐17 COSC4377 Tunneling IPv4 tunnel connecting IPv6 routers A B IPv6 IPv6 A B C IPv6 IPv6 IPv4 logical view: E F IPv6 IPv6 D E F IPv4 IPv6 IPv6 physical view: Slide from Kurose & Ross, 6th Ed 28 14 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 Tunneling IPv4 tunnel connecting IPv6 routers A B IPv6 IPv6 logical view: A B C IPv6 IPv6 IPv4 E F IPv6 IPv6 D E F IPv4 IPv6 IPv6 physical view: flow: X src: A dest: F data A-to-B: IPv6 src:B dest: E src:B dest: E Flow: X Src: A Dest: F Flow: X Src: A Dest: F data data B-to-C: IPv6 inside IPv4 B-to-C: IPv6 inside IPv4 flow: X src: A dest: F data E-to-F: IPv6 29 Slide from Kurose & Ross, 6th Ed COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 Adoption • Three drivers of IPv6 growth (Akamai) – 1) Content availability. More of our customers are opting in to have their sites, content, and applications permanently available "dual‐stacked" (i.e., available over both IPv6 and IPv4). – 2) Availability of IPv6 from access network providers. Over the past year, some of the largest growth ia coming from major ISPs within the U.S., as they roll out production IPv6 support to their end‐users, including Verizon Wireless, AT&T, and Comcast. This is on top of some ISPs in Europe and Asia that have had IPv6 deployed in production for a few years, as well as a long tail of thousands of network providers, universities, and research labs around the globe. More IPv6 growth will come as these networks extend their IPv6 deployments and as other networks join them. – 3) End‐user device support. While most recent desktop and laptop operating systems and client software supports IPv6, many home routers and gateways didn't have support until very recently. Many embedded devices and consumer electronics are also slow to gain IPv6 support, with the notable exception of many 4G LTE smart phones. This has been one of the limiting factors to users whose network providers have rolled out IPv6 capabilities, and as users upgrade devices over the next few years, this should cause a significant increase in IPv6 usage. https://blogs.akamai.com/2012/07/a‐data‐driven‐view‐of‐ipv6‐adoption.html 30 15 10/17/2013 COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 adoption • The U.S. Government has put in place an IPv6 mandate that requires all government agencies to have their public facing websites and email services available over IPv6 by September 30th, 2012. • Over 1,800 U.S Government websites are expected to be on IPv6 by the mandate deadline. http://www.enterprisenetworkingplanet.com/netsp/u.s.‐government‐ paves‐the‐way‐to‐ipv6‐with‐mandate‐compliance.html • Planning Guide/Roadmap Toward IPv6 Adoption within the U.S. Government , Strategy and Planning Committee Federal Chief Information Officers Council, http://www.ipv6forum.com/dl/presentations/USGv6Roadmap.pdf • “while IPv6 is small today, it's imperative that the technology is rolled out now”, Akamai, September 28, 2012, http://www.enterprisenetworkingplanet.com/netsp/u.s.‐government‐paves‐the‐way‐to‐ipv6‐with‐ mandate‐compliance.html • A 2014 IPv6 US Government mandate will require that the internal enterprise infrastructures of U.S. Government agencies are running IPv6. 31 COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 Adoption https://www.arin.net/ 32 16 10/17/2013 COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 Adoption https://blogs.akamai.com/2012/07/a‐data‐driven‐view‐of‐ipv6‐adoption.html 33 COSC4377 Lennart Johnsson 2013‐10‐17 IPv6 connectivity for Google users IPv6 Enabled Web browsers http://www.vyncke.org/ipv6status/compare.php?metric=p&countries=ch,ro,fr,us,gb http://www.google.com/ipv6/statistics.html 34 17 10/17/2013 Lennart Johnsson 2013‐10‐17 COSC4377 Percentage of ASs announcing IPv6 prefixes http://www.ipv6actnow.org/info/statistics/ Lennart Johnsson 2013‐10‐17 COSC4377 IPv6 Adoption IPv6 Launch Day June 6, 2012 http://www.worldipv6launch.org/measurements/ http://www.worldipv6launch.org/measurements/ https://blogs.akamai.com/2012/07/ a‐data‐driven‐view‐of‐ipv6‐adoption.html 36 18