* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Internet
Survey
Document related concepts
IEEE 802.1aq wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Airborne Networking wikipedia , lookup
Net neutrality wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Computer network wikipedia , lookup
Deep packet inspection wikipedia , lookup
Net neutrality law wikipedia , lookup
Internet protocol suite wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
Internet Foreleser: Carsten Griwodz Email: [email protected] 06. Apr. 2005 1 INF-3190: Internet Internet Protocol Stack and Some Well-known Protocols Application layer TCP UDP Network layer IP + ICMP + ARP WANs ATM 06. Apr. 2005 LLC & MAC physical Transport layer LANs Data link and Physical layer MANs 2 INF-3190: Internet IP Routing 06. Apr. 2005 3 INF-3190: Internet IP Routing Routing tables Networ k 10.0.0. 0 20.0.0.5 40.0.0.7 30.0.0.6 Networ Networ Networ k k k F G H 20.0.0. 30.0.0. 40.0.0. 0 0 0 10.0.0.5 30.0.0.7 20.0.0.6 Routing table of G To reach host Route to this on network address 20.0.0.0 Deliver direct 30.0.0.0 Deliver direct 10.0.0.0 20.0.0.5 40.0.0.0 30.0.0.7 Routers may have incomplete information Default paths 06. Apr. 2005 4 INF-3190: Internet IP Routing: Historical Original implementation ARPANET G1 Local net 1 … Local net 2 Gn Local net n Routers: “Core Gateways” Connect LANs to the backbone, know the routes to all networks Exchange routing information with each other Gateway-to-Gateway Protocol (GGP): G2 Distance vector routing metric: physical distance Problems Today several backbones Today not all networks are connected directly to the backbone In GGP all gateways communicate with each other 06. Apr. 2005 5 INF-3190: Internet IP Routing: Autonomous Systems Hidden networks Core gateways AS boundary router G1 Local net 1 G2 Local net 2 Autonomous System G3 Local net 3 G4 Local net 4 Core gateways have to be informed about hidden networks Autonomous systems (AS) Internet domains Boundary routers are also called Exterior gateways 06. Apr. 2005 6 INF-3190: Internet IP Routing: Autonomous Systems AS AS AS AS AS AS AS AS AS AS AS AS AS AS AS Many autonomous systems (~70000) AS AS AS AS AS Have different sizes Exchange services with each other as equals or as provider/customer Have different relations to each other Every AS has a unique number Every AS must know a route to every network 06. Apr. 2005 7 INF-3190: Internet IP Routing: Autonomous Systems AS AS AS AS AS AS AS AS AS AS AS Stub domain AS AS AS AS AS AS AS AS AS One AS, several networks Networks may have different owners, but in the same AS Multiconnected domain Like stub domain Connected to more than one other AS No through traffic 06. Apr. 2005 8 INF-3190: Internet IP Routing: Autonomous Systems AS AS AS AS AS AS AS AS AS AS AS Peering AS AS AS AS AS AS AS AS AS Bi-lateral agreement between two directly connected ASes Exchange routes to all subnetworks Typically don’t offer global routes to each other Transit domains Offer connection service to customer ASes Offer global routes to customer AS 06. Apr. 2005 9 INF-3190: Internet IP Routing: Autonomous Systems AS AS AS AS AS AS AS AS AS AS AS Tier-1 domain AS AS AS AS AS AS AS AS AS Top level networks Advertise all global routes Customer to no-one No-pay agreements with their peers Internet Exchange Point Non-profit organisation Large centers for interconnecting ASes Keeps peering costs low for smaller ASes 06. Apr. 2005 10 INF-3190: Internet IP Routing: Autonomous Systems Every AS has a unique number Every AS must know a route to every network Stub domain Multiconnected domain AS AS AS AS AS AS Peering AS AS AS AS AS AS AS AS AS AS AS AS AS AS Tier-1 domains Transit domains 06. Apr. 2005 Internet Exchange Point 11 INF-3190: Internet IP Routing: Internal and External Routing Direct Routing/ Interior Protocols: N0 Both source and destination end systems are located in the same subnetwork source end system sends datagram to the destination end system identification done by the local address mapping routing is completely defined by the subnetwork routing algorithm N1 N2 N4 N3 N5 Indirect Routing/Exterior Protocols: Source and destination end system are located on different networks source end system sends datagram to the next router each router determines the next router on the path to the destination end system routing decision is based only on 06. Apr. 2005 the network and subnetwork part of the Internet address, i.e. host part not used 12 INF-3190: Internet IP Routing: Autonomous Systems EGP Autonomous System x Gx G1 Autonomous System 1 Place physically close to each other ASs are administrative entities Collects routing information on networks in the AS Defines boundary routers that transmit routing information to other ASs Boundary routers will filter routes Expose information about network reachability to other ASs May transmit information about other reachable ASs (tier-1 domains, transit domains) ISP will offer customers access to routes its sees via peerings and transits ISP will offer peers routes to customers, no routes from transits or other peers 06. Apr. 2005 13 INF-3190: Internet Exterior Gateway Protocol Requirements, basic conditions AS AS AS AS political economical security-related AS AS AS AS AS Requirement examples AS AS AS AS AS AS AS AS AS AS AS to avoid certain autonomous systems to avoid certain countries to stay within one country (before going via foreign country) data of company A should not to pass through company B 06. Apr. 2005 14 INF-3190: Internet Border Gateway Protocol (BGP) Previously: Internet Exterior Gateway Protocol (RFC 1654) Now: Border Gateway Protocol (RFC 1771, 1772, 1773) is de-facto standard BGP uses distance path mechanism Related to distance vector routing But without count-to-infinity problem IS sends periodically a list to its neighbours containing Receiving IS evaluates path estimated distance and preferred Path from itself to each destination for a specified block of reachable IP addresses Distance Policy compliance notion of a path / of how to reach other routers is distributed but, no criteria for selecting a route is distributed Each BGP router must have its own criteria, i.e. policy Remarks Big updates But only a limited number of routers 06. Apr. 2005 15 INF-3190: Internet Interior Gateway Protocol IGPx Autonomous System x IGPx Gx G1 Autonomous System 1 IGP1 In general: intradomain routing EGP IGP1 individual solutions possible Presently preferred procedures Routing Information Protocol (RIP): old, retiring Intermediate System – Intermediate System (IS-IS): long time favorite Open Shortest Path First (OSPF): scales better than IS-IS Interior Border Gateway Protocol (iBGP): combined with IS-IS and OSPF 06. Apr. 2005 16 INF-3190: Internet Routing Information Protocol (RIP) Background (regarding the originally used protocol) Principle developed as a part of Berkeley UNIX since 1988, RIP Version 1, RFC 1058 Distance Vector Routing Distance in number of hops, 15 is ∞ Periodic updates: 30 sec cycle, 180 sec with update ∞ RIP Version 2 G. Malkin, RFC 1387, 1388 and 1389 (RIP-MIB) Uses multicast if necessary to distribute data Not broadcast Networks without broadcast or multicast (ISDN, ATM) 06. Apr. 2005 “Triggered" updates To be sent only if the routing table changes 17 INF-3190: Internet Open Shortest Path First (OSPF) Background: since 1990 Internet Standard, RFCs 1247, 2178 Transition from DVR to LSR Principle Link State Routing Several possible distance metrics Metric selection per update packet possible (RFC 1349) OSPF no. 0 2 4 8 16 Meaning Normal service Minimize financial cost Maximize reliability Maximize throughput Minimize delay Distribute updates using flooding Routing tables created using Dijkstra’s "shortest path first" algorithm Name "Open Shortest Path First“ 06. Apr. 2005 18 INF-3190: Internet Open Shortest Path First (OSPF) For large autonomous systems AS substructure To other AS AS AS backbone area Area Router classes AS boundary routers Backbone routers Area border routers Internal routers 06. Apr. 2005 To other AS 19 INF-3190: Internet Open Shortest Path First (OSPF) Adjacency LSR measures distance to all neighbors OSPF measures distance to all adjacent nodes If several routers are connected by a LAN One is designated router All other routers on the LAN are adjacent only to it It is adjacent to all others Abstraction leads to point-to-point links Required for Dijkstra’s algorithm H D E B A C H D G I F transform to graph A G I C F LAN 06. Apr. 2005 B E 20 INF-3190: Internet Final remarks IS-IS is similar to OSPF without iBGP is often used to distribute tables for routing among ASs inside an AS areas Separate the issue from dynamics of IGP Not all routers inside an AS must carry the full external routing table (working support for) Some routers talk iBGP and have the full routing table Called route reflectors All route reflectors of an AS must be connected at all times They have route reflector clients that route all external traffic through them Multiconnected ASs want to save resources If two routes to a target AS exist … … and policies allow it Hot potato routing 06. Apr. 2005 21 INF-3190: Internet Internet Protocol IP Defined for the first time in 1981 J. Postel RFC 791, September 1981 Connectionless service Provide best-efforts service Without regard to whether these machines are on the same network there are other networks in between Packet length 06. Apr. 2005 In theory: up to 64 kBytes In real life mostly approx. 1500 Bytes 22 INF-3190: Internet IPv4 Datagram Format Internet Network Layers Headers Version Protocol specific fields 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 06. Apr. 2005 Not in use Not in use Not in use Not in use Internet Protocol, version 4 Stream Protocol (ST, ST-II) Internet Protocol, version 6 IPv77, TP/IX, CATNIP PIP TUBA Not in use Not in use Not in use Not in use Not in use Not in use Version 23 IPv4: dominant version IPv6: upcoming successor to IPv4 INF-3190: Internet IPv4 Datagram Format Version IHL Type of service D T R C 1 bit unused C (1 bit): low cost R (1 bit): high reliability T (1 bit): high throughput D (1 bit): low delay Precedence (3 bit) 06. Apr. 2005 priority 0 (normal) ...7 (network control) influences the queuing scheme (and not routing) 24 OLD definition Was ignored by routers Redefined by DiffServ INF-3190: Internet IPv4 Datagram Format Version IHL DS DS Field Differentiated Services Field New definition 0 0 Class selector codepoints If of the form xxx000 Differentiated Services Codepoint 06. Apr. 2005 xxxxx0 reserved for standardization xxxx11 reserved for local use xxxx01 open for local use, may be standardized later 25 NEW definition DiffServ compliant Not widely deployed yet INF-3190: Internet IPv4 Datagram Format Version IHL DS Total length Identification DM Fragment offset Time to live Protocol Header checksum Source address Destination Address Protocol type of higher level protocol for transmission 1– 2– 3– 4– 5– 6– … 06. Apr. 2005 ICMP Internet Control Message Protocol IGMP Internet Group Management Protocol GGP Gateway to Gateway Protocol IP IP in IP tunneling ST ST–II in IP tunneling TCP TCP 26 INF-3190: Internet IPv4 Segmentation/Reassembly IP routers Transparent segmentation Non-transparent segmentation Used in the Internet 06. Apr. 2005 27 INF-3190: Internet IPv4 Segmentation/Reassembly Total length Identification Unique for all segments of a datagram with same src/dst pair Flags Length of the unsegmented datagram in bytes ≥576 bytes ≤65535 bytes DF (1 bit): don’t fragment MF (1 bit): more fragments Fragment offset Offset of this fragment in the datagram in multiples of 8 bytes 06. Apr. 2005 28 INF-3190: Internet IPv4 Datagram Format Version IHL DS Total length Identification DM Fragment offset Time to live Protocol Header checksum Source address Destination Address Options (0 or more) Padding Data 06. Apr. 2005 29 INF-3190: Internet IP Version 6 Objectives To support billions of end systems To reduce routing tables To simplify protocol processing simplified header security means integrated To support real-time data traffic To be open for change (future) Addressing IPv4 limitations flow label, traffic class To provide multicasting To support mobility (roaming) Scalability To increase security longer addresses extension headers To coexist with existing protocols 06. Apr. 2005 30 Coexistance INF-3190: Internet IPv6 vs. IPv4 IPv4 Header Version IHL Type PRE of service ToS Total length Identification DM Fragment offset Time to live Protocol Header checksum Source address (32 bit) Destination Address (32 bit) Options (0 or more) Version Priority Payload length Flow label Next header Hop Limit Source address (128 bit) Destination Address (128 bit) IPv6 Header 06. Apr. 2005 31 INF-3190: Internet IPv6 Header Fields Version Priority Payload length Flow label Next header IPv6 Header Hop Limit Priority Source address differentiation of sources lower number < lower priority Destination Address With flow control 0 1 2 3 4 5 6 7 Not characterized Filler Unattended Reserved Attended bulk transfer Reserved Interactive Internet management 06. Apr. 2005 Without flow control 8 9 10 11 12 13 14 15 Continuous rate traffic 32 INF-3190: Internet Internet Control Message Protocol (ICMP) History J. Postel RFC 792, Sept. 1981 Purpose to communicate network layer information mostly error reporting e.g. in ftp, telnet, http appears "destination network unreachable" ICMP origin, e.g.: a router was unable to find the given destination address router sent back ICMP (Type 3) packet sending host received the packet, returned error code to TCP TCP returned error code to application (e.g. ftp, telnet, http) between hosts, routers (and gateways) ICMP messages are sent as IP packets i. e. the first 32 bits of the IP data field are ICMP headers 06. Apr. 2005 33 INF-3190: Internet Internet Control Message Protocol (ICMP) Header structure Type Code Checksum 16 types, a. o. Type destination or port or protocol unreachable fragmentation necessary but DF (don’t fragment) DF is set source route failed, redirect (for routing) echo-request and echo-reply (e.g. for "ping" program) source quench (packet for congestion control) Code states cause if type is "destination unreachable" 06. Apr. 2005 e. g. net, host, protocol, port unreachable or fragmentation needed, source route failed 34 INF-3190: Internet IPv4 Addresses and Internet Subnetworks Original global addressing concept for the Internet For addressing end systems and intermediate systems each network interface (not end system) has its own unique address 5 classes 7 Network A 0 B 10 C 11 0 1 11 0 1 1 11 06. Apr. 2005 24 Host 14 Network 16 Host 21 Network 8 Host 28 Multicast address 28 Reserved 35 INF-3190: Internet IPv4 Address and Internet Subnetworks Networks grow and should be somehow structured several networks instead of one preferable but getting several address areas is hard since address space is limited e.g., university may have started with class B address, doesn’t get second one Problem class A, B, C refer to one network, not collection of LANs Allow a network to be split into several parts for internal use still look like single network to outside world 06. Apr. 2005 36 INF-3190: Internet IPv4 Address and Internet Subnetworks Idea e.g. address 129.8.7.2: Subnet mask: Subnet address: local decision for subdividing host share into subnetwork portion and end system portion 10 14 Network 6 Subnet 16 10 Host Host 1 00 0 0 00 1 0 00 0 1 00 0 0 00 0 0 11 10 0 0 00 0 1 0 & & 1 11 1 1 11 1 1 11 1 1 11 1 1 11 1 1 10 00 0 0 00 0 0 0 1 00 0 0 00 1 0 00 0 1 00 0 0 00 0 0 10 00 0 0 00 0 0 0 To write down subnet address with subnet mask use either 129.8.4.0/255.255.252.0 or 129.8.4.0/22 Use “subnet mask” to distinguish network and subnet part from host part Routing with 3 levels of hierarchy Algorithm in router (by masking bits: AND between address and subnet mask): 06. Apr. 2005 packet to another network (yes, then to this router) packet to local end system (yes, then deliver packet) packet to other subnetwork (yes, then reroute to appropriate router) 37 INF-3190: Internet CIDR: Classless InterDomain Routing Subnetting not good enough Too many organizations require addresses in principle many addresses due to 32-bit address space but inefficient allocation due to class-based organization class A network with 16 million addresses too big for most cases class C network with 256 addresses is too small most organizations are interested in class B network, but there are only 16384 (in reality, class B too large for many organizations) Large number of networks leads to large routing tables Introduction of CIDR (Classless InterDomain Routing) (RFC1519) CIDR Principle to allocate IP addresses in variable-sized blocks e.g., request for 2000 addresses would lead to (without regard to classes) assignment of 2048 address block starting on 2048 byte boundary but, dropping classes makes forwarding more complicated 06. Apr. 2005 38 INF-3190: Internet CIDR: Classless InterDomain Routing Search for longest matching prefix if several entries with different subnet mask length may match then use the one with the longest mask i.e., AND operation for address & mask must be done for each table entry Entries may be aggregated to reduce routing tables 194.24.0.0/21 Router 194.24.8.0/22 194.24.0.0/19 Router Router Unassigned 194.24.16.0/20 06. Apr. 2005 39 194.24.12.0/22 Router INF-3190: Internet IPv6 Addresses 06. Apr. 2005 Prefix (binary) Usage Fraction 0000 0000 0000 0001 0000 001 0000 010 0000 011 0000 1 0001 001 010 011 100 101 110 1110 1111 0 1111 10 1111 110 1111 1110 0 1111 1110 10 1111 1110 11 1111 1111 Reserved (including IPv4) Unassigned OSI NSAP address Novell Netware IPX addresses Unassigned Unassigned Unassigned Unassigned Provider-based addresses Unassigned Geographic-based addresses Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Link local use addresses Site local use address Multicast 1/256 1/256 1/128 1/128 1/128 1/32 1/16 1/8 1/8 1/8 1/8 1/8 1/8 1/16 1/32 1/64 1/128 1/512 1/1024 1/1024 1/256 40 INF-3190: Internet IPv6 Addresses and Anycast Provider based: approx. 16 mio. companies allocate addresses Geographically based: allocation as it is today Link, site-used: address has only local importance (security, Firewall concept) Should make NAT (network address translation) useless Anycast definition previously now (new) anycast send data to one member of a group unicast, broadcast and multicast for example to the member which is the nearest one geographically i.e. a system within a pre-defined group is to be accessed Anycast application To search for the nearest web-server To locate the nearest router of a multicast group 06. Apr. 2005 in order to participate in group communication 41 INF-3190: Internet