Download インターネット概論 第07回(2002/11/12) 「僕と私のセキュ

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
page
67
page
68
page
69
Document related concepts

CAN bus wikipedia , lookup

Net neutrality law wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

AppleTalk wikipedia , lookup

IEEE 1355 wikipedia , lookup

Dynamic Host Configuration Protocol wikipedia , lookup

Network tap wikipedia , lookup

Net bias wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Computer network wikipedia , lookup

Airborne Networking wikipedia , lookup

Deep packet inspection wikipedia , lookup

I²C wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Internet protocol suite wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript 
Introduction to the
Internet Architecture
Kazunori SUGIURA, PhD.
September 2nd, 2003
2017/5/25
1
About Myself
• Kazunori Sugiura (Born Feb 4th 1970)
• Bachelor degree: Keio University(1994)
– Faculty of Environmental Information
• Graduate School: Masters Degree: Keio University(1996)
– Faculty of Media and Governance
• phD(2002):
– Faculty of Media and Governance
in profession of Information Technology
• Researcher in Communication Research Laboratory
– High Speed Network Division (Internet Architecture Group)
• Part time instructor in Keio University J. Murai, H. Tokuda, O.
Nakamura, H Kusumoto Lab.
• Part time instructor in Otsuma Woman’s Univ.
• Member of WIDE Project.
2017/5/25
2
About My Lecture
• Today
– Introduction to the Internet Architecture
• Brief Internet and “IP” history
• IP Tomorrow
• Tomorrow
– Leftovers from today
– Internet Architecture and Broadband applications
2017/5/25
3
Preparatory Hearings
• How many of you know the history of “The
Internet”?
• How many of you have heard IPv4?
• How many of you have heard IPv6?
2017/5/25
4
History of the Internet (IPv4) and
incoming IPv6
Starting of the Internet
• Mid 1960s (D)ARPA, USA requested
– Network which can resist Nuclear war
• Circuit switching is weak
• Packet exchange
• 1970s TCP/IP was born (Protocol Method)
2017/5/25
6
Topic
Protocol
2017/5/25
7
What is Protocol?
• Pledge to have a communication
• Examples:
IP、HTTP、TCP、FTP、UDP、ICMP、etc…
• Why do we use protocols?
– extendibility
– Scalability
– Transparent to different medium
2017/5/25
8
Topic
Topology and communications
2017/5/25
9
Network Topology
• There are many ways for network
connections.
Star
Tree
2017/5/25
Ring
Bus
Mesh
10
Uni-cast communications
Network
I want to talk to him
alone
2017/5/25
11
Broadcast
I wan to talk to
Everyone
Network
2017/5/25
12
Multicast
I wan to talk to
Group of
People
Network
Talking to group of people
2017/5/25
13
Circuit Exchange (ex. Analog telephone)
• Talk to each other with circuits (virtual circuits).
Exclusive dedicated line.
2017/5/25
14
Packet exchange (Internet)
• Send chunks of data (packets) in shared
networks
Shares same pipes, when its
not crowded, its smooth
2017/5/25
When crowded, may be jammed
15
Topic
Characteristics of the Internet
2017/5/25
16
End-To-End modem
• End system try their best
• End system does not now about the network
2017/5/25
17
Best effort
• Relay system will “try” their best to transport
data
– Internet does not assure the data to be sent
perfectly
2017/5/25
18
Autonomous Distributed Collaborated
• Duty for Relay system
(IP)
– Best effort
– Try their best
2017/5/25
• Duty for End system
(TCP/IP)
•
•
•
•
•
Responsible for data to be sent
Acknowledge to the receiver
Re-transmit
Slow down
Divide the information to
smaller chunks
19
Topic
Layering Models of the Internet
2017/5/25
20
OSI Layer model
data
restoring
Encoding
packet
packet
frame
signal
All we see is an application layer and physical layer
2017/5/25
21
Japan to USP
Airplane
USP
Taxi
My house
Hotel
Train Station gate
Inspection
Shin-Kawasaki
Bus
Custom/domestic
Suva
Narita Express
Nadi Airport
Narita Airport
2017/5/25
22
OSI Layer and packet
• Transmission
– Each layer adds necessary information and delivers it
to the lower layer
• Receiver
Layer
Info.
– Each layer processes the data within the information,
restores it, and passes to the upper layer
Data
Application
TCP
2017/5/25
UDP
Application
TCP
Data
UDP
IP
IP
Network Interface
Network Interface
Physical
Physical
Transmit node
Receiver node
23
Actual Layering model
Religion / God
Society / Political
Realistic
Layer
Society / Political
Person
Person
Application
Application
Presentation
Presentation
Session
Transport
2017/5/25
Religion / God
Traditional
OSI
Layer
Session
Transport
Network
Network
Data link
Data link
Physical
Physical
24
1) Physical Layer
• Physical Signal transport line
– Strength of signal
– Encoding modulation
• Medium
– Fibers, copper wires, AC outlet, satellites, wireless
– ITU-T, ISO
• Specifications
– X.25,IEEE,ATM,ISDN…
– Fibers: SONET,FDH…
2017/5/25
25
2) Data Link Layer
• Protocol specification for sending packet to physical
communication medium
• Synchronous, transmission control
– CSMA/CD
• Identification
– MAC Address
• Error Correction
– CRC Checksum
2017/5/25
26
3) Network Layer
• Unaware of physical lines, considering point to
point transmission through the whole internet.
• IPv4,IPv6
• Unique address
• Routing
2017/5/25
27
4) Transport layer
• Inter process communication specification for
each node (host)
• TCP,UDP
• Service identification inside the node (port)
2017/5/25
28
5) Session Layer
• Layer specification of session (from beginning of
communication and the end)
• Finite State Machine
– Initilize State, *** State, etc…
• Generally application handles the session
2017/5/25
29
6) Presentation Layer
• Specification of presentation of data
communicated by session layer( coding,
encryption)
• Byte order
– Least/Most Significant Bit (LSB/MSB)
– Htonl (), Htons ()
• Generally, application handles the presentation
of data.
2017/5/25
30
7) Application Layer
• For communication between application
• E-Mail Format
• HTTP, FTP
2017/5/25
31
Many Mediums, Data-link
Wireless
LANs
Campus
UT
P
HUB/
Switch
LANs
ISD
N
Etherne
t
ADSL
Fibers
WDM
Internet
Telecom
Providers
PPP
LANs
Remote Campus
2017/5/25
HOME
35
Topic
IP address
2017/5/25
36
IP address
• Telephone
– Dial number
• Letters
– Address
• Network requires the destination to send to
– Address of the Internet
– IP Address
2017/5/25
37
Protocol Layering
process
process
TCP
Internet Control
Message Protocol
ARP
IGMP
Internet Group
Management Protocol
network
layer
RARP
hardware
interface
2017/5/25
transport
layer
UDP
IP
ICMP
process
process
media
data link
layer
38
IP Address
• Definitions for Internet Protocol
– v4:203.178.143.71
– v4 → 32bit、v6 → 128bit Address pool
– Unique numbers
• IP Address
– Written in Decimal format
• 133.27.4.120
– Inside the computers, are binary digits
• 10000101 00011011 00000100 01111000
– Hexadecimal format
• 0x85 1B 04 78
2017/5/25
39
Topic
IPv4 and IPv6
2017/5/25
40
What is IPv6?
• New Internet Protocol
– We are currently using Version 4
– Next version is Version 6
Version 5 was being obsolete Version 6 is realized
• Pool of available IP address
– IP version 4
• ex.) 133.27.41.68
• 4 Byte, 32bit = 2^32
– 4,294,967,296 individuals
– IP Version 6
• ex.) 2001:8013:fe59::ffe0:0001
• 16 Byte, 128bit = 2^128
– 340,282,366,920,938,463,463,374,607,431,768,211,456 indivisuals
• Fixed header length
• Variety of option header
2017/5/25
41
Why addressing so important?
• IP version 4
– Used to identify the computers connected to the
networks
– Not enough for all the peoples in the global region.
• IP version 6
– To identify every object on Earth.
Real Network
2017/5/25
42
So many addresses in IPv6?
• Address length is 128 bit
– 4 times longer compared to IPv4 address
– And the available address is …
• 2^128 available address pool
– Approx. 3.4×10^38
– Can identify 2.2×10^20 individuals in 1cm2
• Can you count?
– 340,282,366,920,938,463,463,374,607,431,768,211,456
2017/5/25
43
History of IPv6
• IP next generation
July, 1991
Nov, 1992
IETF starts investigation for IP address shortage
Dec,1993
RFC1550 IPng design
RFC1380 proposes address shortage
Starts development of next generation Internet Protocols
• IPv6
Jan,1995
Using RFC1752 SIPP as base, address spool has been
changed to 128bit
Renamed IPng (next generation) to IPv6 (IP version6)
Dec, 1995
RFC1884 IPv6 Addressing Architecture
1998年7月 RFC2373
1998
IPv6RFC2460 IPv6 Specification, etc…
2017/5/25
44
Address Scheme of IPv6
IPv6 Address
• IP address is 16bytes (128bit)
• If you try to write IPv6 address in similar format
used in IPv4:
– 123.123.123.123.123.123.123.123.123.123.123.123.123.
123.123.123
• Write IPv6 address in hexadecimal format
– “:” is used instead of “.”
– Continuous “0” can be abbreviated once
– Example:
3ffe:501:100c:d220:220:e0ff:fe89:dc8
3ffe:501:100c:1::1 = 3ffe:501:100c:1:0:0:0:1
2017/5/25
46
Characteristics of IPv6
• Available pool of address space
–
–
–
–
–
–
128bit address
Anything can be connected to the networks
Home appliances, mobile phones, cars,
Performance improvements
Simple header for less load factor to relay system
Relay system does not fragment packets
• New Technology
– Automatic network configuration (Plug and Play)
– Mobility, Security, Scalability upgrade
2017/5/25
47
Windows XP supports IPv6
anonymous global address
public global address
link-local address
2017/5/25
48
3 different IP address for IPv6
• Global address
Unique address used to identification throughout the
network
• Link local address
Permitted only to the LAN segment of the network
devices which are connected to
• Site local address
Address used dedicatedly which is not connected to
the internet
2017/5/25
49
Global Address
• 3bit prefix…“001”
– IPv4: Class
• Interface ID is automatically configured with
hardware MAC address
3bit 13bit
001
TLA
ID
32bit
16bit
NLA ID
SLA ID
Public
Topology
2017/5/25
Site
Topology
64bit
Interface ID
Interface
Identification
50
Link local address
• Starts with “fe80”
• Do not send datagram starting with this address
– Ex. Automatic address configuration, finding nearest
nodes
10bit
1111111010
2017/5/25
54bit
0000 . . . . . . . 0000
64bit
Interface ID
51
Site local address
• Starts with “fec0”
• IPv6 router should not send datagram starting
with this address outside the site
10bit
38bit
1111111011 0000 . . . . 0000
2017/5/25
16bit
Subbet
ID
64bit
Interface ID
52
IPv4
0
31
Version Data length
Type of Service
(4bit)
(4bit)
(8bit)
Identification
Flag
(16bit)
(3bit)
Time to live
Protocol
(8bit)
(8bit)
Source address
(32bit)
Destination address
(32bit)
IP Options
(0 or more)
Packet length (byte)
(16bit)
Fragment offset
(13bit)
Header checksum
(16bit)
Padding
Data
32bit
2017/5/25
53
IPv6
0
Version
(3bit)
31
Traffic Class
(9bit)
Payload length
(16bit)
Flow label
(20bit)
Next header
(8bit)
Hop limit
(8bit)
Source address
(128bit)
Destination address
(128bit)
Extension header
(0 or more)
Data
32bit
2017/5/25
54
New technology in IPv6
How to retrieve IPv6 address
• Interface retrieves network information from the router
and configures IP address with own interface ID
Network ID
128bit
interfaceID
ルータ
Here is the
Network info!
• MAC address is (should be) unique
using it as a unique address in Internet
• Interface ID consists of 64 bit
• Objective of Network ID is to define positions
2017/5/25
56
Difference between DHCP(IPv4) and IPv6
• IPv4(DHCP)
– DHCP distributes address pool predefined in the
configuration
• DHCP address needs to be reserved
• Different address may be reconfigured every time
• IPv6
– Address configured with network information and
Interface ID
• Address is already configured by the interface
• If used in same network, address will not change
2017/5/25
57
Unique character in IPv6
• Protocol level extension availability
• Security awareness
– Security and authorization readiness
– IPsec is available in standard( IPv4 is optional )
• Authentication:
Authenticate if you are communicating with trusted host
• Encryption:
Cannot be decrypted during the network relays
• Using IPv6 extension header
• Priority controls
– Priority control for real time communications
2017/5/25
58
IPv4 to IPv6 (switching ?)
From IPv4 to IPv6
v4 only
•Partial IPv6
•Tunneling v4 backbone
v4 / v6
•Mostly IPv6
•IPv6 Native networs
•Different technology required during switching
•IPv6 cannot be correspondent to terminal or the network alone
•Finally it will likely to be like in the IPv4 infrastructure
2017/5/25
v6 only
60
Dual Stack
• IPv4/IPv6 can be used
• Server/Router/Client
• Until No IPv4 nodes are available
IPv4/v6
IPv4/v6
IPv6
IPv4
IPv4
IPv4
IPv6
IPv6
IPv4/v6
2017/5/25
61
Tunneling
• IPv6 network tunnels
through IPv4 network
(IPv4 network tunnels
through IPv6 network)
• Encapsulation mechanism
Beginning
IPv6
IPv6
IPv6
IPv4
IPv6
Ending
IPv4
2017/5/25
IPv4
IPv4
IPv6
IPv4
62
Translator
• To communicate IPv4 only supported host to
IPv6 only supported host
• NAT,SOCKS, Layer realization
IPv6
2017/5/25
IPv4
63
IPv6 readiness
IPv6 Ready!
• UNIX based platforms
– Linux, FreeBSD, OpenBSD, NetBSD, Solaris8
• Windows
– 2000, XP
• Macintosh
– Mac OS X
2017/5/25
65
IPv6 Ready applications – windows
• server
– Apache 2.0.43 / 1.3.27
• client – www
– Internet Explorer
– WWWC 1.0.2
– Wget 1.7
• client – telnet/ssh
– Tera Term Pro 2.3 + TTSSH
1.5.4
– PortForwarder 1.1.1
• client – FTP
– FFFTP 1.82
– NcFTP 3.0.4
2017/5/25
• client – etc
–
–
–
–
Meadow 1.15
Emacs 21.1
NTEmacs 20.7
ActivePerl 5.6.1.633
• Socket6 port for Win32
• patch for IM
– Ruby 1.6.7
– Cygwin 1.3.12-4
• Application List on
Cygwin/Mingw
– WinPcap 2.2beta & WinDump
3.5.2a
– Runtime Library for MSVC++
7.0 (mfc70.dll and msvcr70.dll)
66
IPv6 stacks
• Implementations
• KAME(http://www.kame.
net) BSD IPv6 stacks
• USAGI(http://www.linuxipv6.org/) Linux IPv6
stacks
Mac
UNIX
OS X
*BSD
KAME
2017/5/25
• MSR(http://www.researc
h.microsoft.com/)
Microsoft Research
• WindowsXP includes IPv6
stacks by default
Windows
Linux
2000
USAGI
MSR IPv6
XP
XP SP1
XP IPv6
67
IPv6 Services
How to realize IPv6
• IPv6 readiness check
• IPv6 ready machines and informations
– IPv6 capable router
– At least one IPv4 global address for tunneling
– DNS Server
2017/5/25
69
Windows XP (1/3)
• SP1
• Ipconfig
• Ipv6 if
2017/5/25
70
Windows XP(2/3)
• Install IPv6
– Ipconfig
ipv6 if
– Ipv6 install
2017/5/25
71
Windows XP( 3/3)
• IPv6
confirmation
– ipconfig
– ipv6 if
– ping6
– http://www.k
ame.net
2017/5/25
72
Related documents
Instructor Rubric for Presentations
Instructor Rubric for Presentations
Title: ISPs ignore IP timebomb
Title: ISPs ignore IP timebomb
WWW Lab1
WWW Lab1
IPv6 Migration: A cost estimate Methodology
IPv6 Migration: A cost estimate Methodology
Sustainable Consumption & Production
Sustainable Consumption & Production
IPv4 to IPv6 Migration strategies
IPv4 to IPv6 Migration strategies
Document
Document
Tapeworm Diseases - AAP Red Book
Tapeworm Diseases - AAP Red Book
Document
Document
Back to School 2006
Back to School 2006
Math 130
Math 130
IPv6 Transition
IPv6 Transition