Download Internet

Internet
Foreleser: Carsten Griwodz
Email: [email protected]
06. Apr. 2005
1
INF-3190: Internet
Internet Protocol Stack
and Some Well-known Protocols
Application
layer
TCP
UDP
Network
layer
IP
+ ICMP
+ ARP
WANs
ATM
06. Apr. 2005
LLC & MAC
physical
Transport
layer
LANs
Data link and
Physical layer
MANs
2
INF-3190: Internet
IP Routing
06. Apr. 2005
3
INF-3190: Internet
IP Routing

Routing tables
Networ
k
10.0.0.
0
20.0.0.5
40.0.0.7
30.0.0.6
Networ
Networ
Networ
k
k
k
F
G
H
20.0.0.
30.0.0.
40.0.0.
0
0
0
10.0.0.5
30.0.0.7
20.0.0.6
Routing table of G


To reach host Route to this
on network
address
20.0.0.0
Deliver direct
30.0.0.0
Deliver direct
10.0.0.0
20.0.0.5
40.0.0.0
30.0.0.7
Routers may have incomplete information
Default paths
06. Apr. 2005
4
INF-3190: Internet
IP Routing: Historical
Original
implementation
ARPANET
G1
Local net 1

…
Local net 2
Gn
Local net n
Routers: “Core Gateways”



Connect LANs to the backbone, know the routes to all networks
Exchange routing information with each other
Gateway-to-Gateway Protocol (GGP):



G2
Distance vector routing
metric: physical distance
Problems



Today several backbones
Today not all networks are connected directly to the backbone
In GGP all gateways communicate with each other
06. Apr. 2005
5
INF-3190: Internet
IP Routing: Autonomous Systems

Hidden networks
Core gateways
AS boundary router
G1
Local net 1
G2
Local net 2



Autonomous System
G3
Local net 3
G4
Local net 4
Core gateways have to be informed about hidden networks
Autonomous systems (AS)
Internet domains
Boundary routers are also called Exterior gateways
06. Apr. 2005
6
INF-3190: Internet
IP Routing: Autonomous Systems
AS
AS
AS
AS
AS
AS
AS
AS
AS
AS
AS




AS
AS
AS
AS
Many autonomous systems (~70000)


AS
AS
AS
AS
AS
Have different sizes
Exchange services with each other as equals or as provider/customer
Have different relations to each other
Every AS has a unique number
Every AS must know a route to every network
06. Apr. 2005
7
INF-3190: Internet
IP Routing: Autonomous Systems
AS
AS
AS
AS
AS
AS
AS

AS
AS
AS
AS
Stub domain



AS
AS
AS
AS
AS
AS
AS
AS
AS
One AS, several networks
Networks may have different owners, but in the same AS
Multiconnected domain



Like stub domain
Connected to more than one other AS
No through traffic
06. Apr. 2005
8
INF-3190: Internet
IP Routing: Autonomous Systems
AS
AS
AS
AS
AS
AS
AS

AS
AS
AS
AS
Peering




AS
AS
AS
AS
AS
AS
AS
AS
AS
Bi-lateral agreement between two directly connected ASes
Exchange routes to all subnetworks
Typically don’t offer global routes to each other
Transit domains


Offer connection service to customer ASes
Offer global routes to customer AS
06. Apr. 2005
9
INF-3190: Internet
IP Routing: Autonomous Systems
AS
AS
AS
AS
AS
AS
AS

AS
AS
AS
AS
Tier-1 domain





AS
AS
AS
AS
AS
AS
AS
AS
AS
Top level networks
Advertise all global routes
Customer to no-one
No-pay agreements with their peers
Internet Exchange Point



Non-profit organisation
Large centers for interconnecting ASes
Keeps peering costs low for smaller ASes
06. Apr. 2005
10
INF-3190: Internet
IP Routing: Autonomous Systems


Every AS has a unique number
Every AS must know a route to every
network
Stub domain
Multiconnected domain
AS
AS
AS
AS
AS
AS
Peering
AS
AS
AS
AS
AS
AS
AS
AS
AS
AS
AS
AS
AS
AS
Tier-1 domains
Transit domains
06. Apr. 2005
Internet Exchange Point
11
INF-3190: Internet
IP Routing: Internal and External Routing

Direct Routing/ Interior Protocols:





N0
Both source and destination end
systems are located in the same
subnetwork
source end system sends
datagram to the destination end
system
identification done by the local
address  mapping
routing is completely defined by
the subnetwork routing algorithm
N1
N2
N4
N3
N5
Indirect Routing/Exterior Protocols:

Source and destination end system are located on different networks



source end system sends datagram to the next router
each router determines the next router on the path to the destination end
system
routing decision is based only on

06. Apr. 2005
the network and subnetwork part of the Internet address, i.e. host part not used
12
INF-3190: Internet
IP Routing: Autonomous Systems
EGP
Autonomous
System x
Gx
G1
Autonomous
System 1
Place physically close to each other

ASs are administrative entities



Collects routing information on networks in the AS
Defines boundary routers that transmit routing information to other ASs
Boundary routers will filter routes




Expose information about network reachability to other ASs
May transmit information about other reachable ASs (tier-1 domains, transit
domains)
ISP will offer customers access to routes its sees via peerings and transits
ISP will offer peers routes to customers, no routes from transits or other peers
06. Apr. 2005
13
INF-3190: Internet
Exterior Gateway Protocol

Requirements,
basic conditions



AS
AS
AS
AS
political
economical
security-related
AS
AS
AS
AS
AS
Requirement examples



AS
AS
AS

AS
AS
AS

AS
AS
AS
AS
AS
to avoid certain autonomous systems
to avoid certain countries
to stay within one country (before going via
foreign country)
data of company A should not to pass through
company B
06. Apr. 2005
14
INF-3190: Internet
Border Gateway Protocol (BGP)

Previously: Internet Exterior Gateway Protocol (RFC 1654)
Now: Border Gateway Protocol (RFC 1771, 1772, 1773) is de-facto standard

BGP uses distance path mechanism


Related to distance vector routing

But without count-to-infinity problem

IS sends periodically a list to its neighbours containing

Receiving IS evaluates path
estimated distance and preferred Path
from itself to each destination
for a specified block of reachable IP addresses


Distance
Policy compliance
 notion of a path / of how to reach other routers is distributed
 but, no criteria for selecting a route is distributed


Each BGP router must have its own criteria, i.e. policy
Remarks


Big updates
But only a limited number of routers
06. Apr. 2005
15
INF-3190: Internet
Interior Gateway Protocol
IGPx
Autonomous
System x
IGPx

Gx
G1
Autonomous
System 1
IGP1
In general: intradomain routing


EGP
IGP1
individual solutions possible
Presently preferred procedures




Routing Information Protocol (RIP): old, retiring
Intermediate System – Intermediate System (IS-IS): long time favorite
Open Shortest Path First (OSPF): scales better than IS-IS
Interior Border Gateway Protocol (iBGP): combined with IS-IS and OSPF
06. Apr. 2005
16
INF-3190: Internet
Routing Information Protocol (RIP)

Background (regarding the originally used protocol)



Principle




developed as a part of Berkeley UNIX
since 1988, RIP Version 1, RFC 1058
Distance Vector Routing
Distance in number of hops, 15 is ∞
Periodic updates: 30 sec cycle, 180 sec with update  ∞
RIP Version 2

G. Malkin, RFC 1387, 1388 and 1389 (RIP-MIB)



Uses multicast if necessary to distribute data
Not broadcast
Networks without broadcast or multicast (ISDN, ATM)


06. Apr. 2005
“Triggered" updates
To be sent only if the routing table changes
17
INF-3190: Internet
Open Shortest Path First (OSPF)

Background: since 1990 Internet Standard, RFCs 1247, 2178


Transition from DVR to LSR
Principle



Link State Routing
Several possible distance metrics
Metric selection per update packet possible (RFC 1349)
OSPF no.
0
2
4
8
16


Meaning
Normal service
Minimize financial cost
Maximize reliability
Maximize throughput
Minimize delay
Distribute updates using flooding
Routing tables created using Dijkstra’s "shortest path first" algorithm
 Name "Open Shortest Path First“
06. Apr. 2005
18
INF-3190: Internet
Open Shortest Path First (OSPF)


For large autonomous
systems
AS substructure




To other AS
AS
AS backbone area
Area
Router classes




AS boundary routers
Backbone routers
Area border routers
Internal routers
06. Apr. 2005
To other AS
19
INF-3190: Internet
Open Shortest Path First (OSPF)

Adjacency


LSR measures distance to all neighbors
OSPF measures distance to all adjacent nodes

If several routers are connected by a LAN





One is designated router
All other routers on the LAN are adjacent only to it
It is adjacent to all others
Abstraction leads to point-to-point links
Required for Dijkstra’s algorithm
H
D
E
B
A
C
H
D
G
I
F
transform to
graph
A
G
I
C
F
LAN
06. Apr. 2005
B
E
20
INF-3190: Internet
Final remarks

IS-IS is similar to OSPF without

iBGP is often used to distribute tables for routing among ASs inside
an AS


areas
Separate the issue from dynamics of IGP
Not all routers inside an AS must carry the full external routing table





(working support for)
Some routers talk iBGP and have the full routing table
Called route reflectors
All route reflectors of an AS must be connected at all times
They have route reflector clients that route all external traffic through
them
Multiconnected ASs want to save resources
If two routes to a target AS exist …

… and policies allow it
 Hot potato routing

06. Apr. 2005
21
INF-3190: Internet
Internet Protocol

IP

Defined for the first time in 1981



J. Postel
RFC 791, September 1981
Connectionless service


Provide best-efforts service
Without regard to whether



these machines are on the same network
there are other networks in between
Packet length


06. Apr. 2005
In theory: up to 64 kBytes
In real life mostly approx. 1500 Bytes
22
INF-3190: Internet
IPv4 Datagram Format
Internet Network
Layers Headers
Version
Protocol specific fields
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
06. Apr. 2005
Not in use
Not in use
Not in use
Not in use
Internet Protocol, version 4
Stream Protocol (ST, ST-II)
Internet Protocol, version 6
IPv77, TP/IX, CATNIP
PIP

TUBA
Not in use
Not in use
Not in use
Not in use
Not in use
Not in use
Version


23
IPv4: dominant version
IPv6: upcoming successor to IPv4
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
Type of service
D T R C






1 bit unused
C (1 bit): low cost
R (1 bit): high reliability
T (1 bit): high throughput
D (1 bit): low delay

Precedence (3 bit)


06. Apr. 2005
priority 0 (normal) ...7 (network control)
influences the queuing scheme (and not
routing)
24
OLD definition


Was ignored by routers
Redefined by DiffServ
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
DS

DS Field


Differentiated Services
Field
New definition
0 0

Class selector codepoints


If of the form xxx000
Differentiated Services Codepoint



06. Apr. 2005

xxxxx0 reserved for standardization
xxxx11 reserved for local use
xxxx01 open for local use, may be
standardized later
25
NEW definition

DiffServ compliant

Not widely deployed yet
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
DS
Total length
Identification
DM
Fragment offset
Time to live
Protocol
Header checksum
Source address
Destination Address

Protocol type of higher level protocol for transmission







1–
2–
3–
4–
5–
6–
…
06. Apr. 2005
ICMP Internet Control Message Protocol
IGMP Internet Group Management Protocol
GGP Gateway to Gateway Protocol
IP
IP in IP tunneling
ST ST–II in IP tunneling
TCP TCP
26
INF-3190: Internet
IPv4 Segmentation/Reassembly
IP routers



Transparent segmentation
Non-transparent segmentation
Used in the Internet
06. Apr. 2005
27
INF-3190: Internet
IPv4 Segmentation/Reassembly

Total length



Identification


Unique for all segments of a datagram with same src/dst pair
Flags



Length of the unsegmented datagram in bytes
≥576 bytes
≤65535 bytes
DF (1 bit): don’t fragment
MF (1 bit): more fragments
Fragment offset

Offset of this fragment in the datagram in multiples of 8 bytes
06. Apr. 2005
28
INF-3190: Internet
IPv4 Datagram Format
Version
IHL
DS
Total length
Identification
DM
Fragment offset
Time to live
Protocol
Header checksum
Source address
Destination Address
Options (0 or more)
Padding
Data
06. Apr. 2005
29
INF-3190: Internet
IP Version 6 Objectives

To support billions of end systems



To reduce routing tables
To simplify protocol processing


simplified header
security means integrated
To support real-time data traffic



To be open for change (future)


Addressing IPv4
limitations
flow label, traffic class
To provide multicasting
To support mobility (roaming)

Scalability
To increase security


longer addresses
extension headers
To coexist with existing protocols
06. Apr. 2005
30
Coexistance
INF-3190: Internet
IPv6 vs. IPv4
IPv4 Header
Version
IHL
Type
PRE of service
ToS
Total length
Identification
DM
Fragment offset
Time to live
Protocol
Header checksum
Source address (32 bit)
Destination Address (32 bit)
Options (0 or more)
Version Priority
Payload length
Flow label
Next header
Hop Limit
Source address
(128 bit)
Destination Address
(128 bit)
IPv6 Header
06. Apr. 2005
31
INF-3190: Internet
IPv6 Header Fields
Version Priority
Payload length
Flow label
Next header
IPv6 Header
Hop Limit

Priority

Source address

differentiation of sources
lower number < lower
priority
Destination Address
With flow control
0
1
2
3
4
5
6
7
Not characterized
Filler
Unattended
Reserved
Attended bulk transfer
Reserved
Interactive
Internet management
06. Apr. 2005
Without flow control
8
9
10
11
12
13
14
15
Continuous rate traffic
32
INF-3190: Internet
Internet Control Message Protocol (ICMP)

History



J. Postel
RFC 792, Sept. 1981
Purpose

to communicate network layer information


mostly error reporting
e.g. in ftp, telnet, http appears "destination network unreachable"
ICMP origin, e.g.:






a router was unable to find the given destination address
router sent back ICMP (Type 3) packet
sending host received the packet, returned error code to TCP
TCP returned error code to application (e.g. ftp, telnet, http)
between hosts, routers (and gateways)
ICMP messages are sent as IP packets

i. e. the first 32 bits of the IP data field are ICMP headers
06. Apr. 2005
33
INF-3190: Internet
Internet Control Message Protocol (ICMP)

Header structure

Type

Code
Checksum
16 types, a. o.






Type
destination or port or protocol unreachable
fragmentation necessary but DF (don’t fragment) DF is set
source route failed, redirect (for routing)
echo-request and echo-reply (e.g. for "ping" program)
source quench (packet for congestion control)
Code

states cause if type is "destination unreachable"


06. Apr. 2005
e. g. net, host, protocol, port unreachable or
fragmentation needed, source route failed
34
INF-3190: Internet
IPv4 Addresses and
Internet Subnetworks

Original global addressing concept for the Internet



For addressing end systems and intermediate systems
each network interface (not end system) has its own unique address
5 classes
7
Network
A
0
B
10
C
11 0
1 11 0
1 1 11
06. Apr. 2005
24
Host
14
Network
16
Host
21
Network
8
Host
28
Multicast address
28
Reserved
35
INF-3190: Internet
IPv4 Address and
Internet Subnetworks

Networks grow and should be somehow structured


several networks instead of one preferable
but getting several address areas is hard



since address space is limited
e.g., university may have started with class B address, doesn’t get second
one
Problem

class A, B, C refer to one network, not collection of LANs
 Allow a network to be split into several parts


for internal use
still look like single network to outside world
06. Apr. 2005
36
INF-3190: Internet
IPv4 Address and
Internet Subnetworks

Idea

e.g. address
129.8.7.2:
Subnet mask:
Subnet address:


local decision for subdividing host share
into subnetwork portion and end system portion
10
14
Network
6
Subnet
16
10
Host Host
1 00 0 0 00 1 0 00 0 1 00 0 0 00 0 0 11 10 0 0 00 0 1 0
&
&
1 11 1 1 11 1 1 11 1 1 11 1 1 11 1 1 10 00 0 0 00 0 0 0
1 00 0 0 00 1 0 00 0 1 00 0 0 00 0 0 10 00 0 0 00 0 0 0
To write down subnet address
with subnet mask use either
129.8.4.0/255.255.252.0
or
129.8.4.0/22
Use “subnet mask” to distinguish network and subnet part from
host part
Routing with 3 levels of hierarchy

Algorithm in router
(by masking bits: AND between address and subnet mask):



06. Apr. 2005
packet to another network (yes, then to this router)
packet to local end system (yes, then deliver packet)
packet to other subnetwork (yes, then reroute to appropriate router)
37
INF-3190: Internet
CIDR: Classless InterDomain Routing

Subnetting not good enough

Too many organizations require addresses


in principle many addresses due to 32-bit address space
but inefficient allocation due to class-based organization




class A network with 16 million addresses too big for most cases
class C network with 256 addresses is too small
most organizations are interested in class B network, but there are only 16384 (in
reality, class B too large for many organizations)
Large number of networks leads to large routing tables
 Introduction of CIDR (Classless InterDomain Routing) (RFC1519)

CIDR Principle

to allocate IP addresses in variable-sized blocks


e.g., request for 2000 addresses would lead to


(without regard to classes)
assignment of 2048 address block starting on 2048 byte boundary
but, dropping classes makes forwarding more complicated
06. Apr. 2005
38
INF-3190: Internet
CIDR: Classless InterDomain Routing

Search for longest matching prefix

if several entries with different subnet mask length may match



then use the one with the longest mask
i.e., AND operation for address & mask must be done for each table
entry
Entries may be aggregated to reduce routing tables
194.24.0.0/21
Router
194.24.8.0/22
194.24.0.0/19
Router
Router
Unassigned
194.24.16.0/20
06. Apr. 2005
39
194.24.12.0/22
Router
INF-3190: Internet
IPv6 Addresses
06. Apr. 2005
Prefix (binary)
Usage
Fraction
0000 0000
0000 0001
0000 001
0000 010
0000 011
0000 1
0001
001
010
011
100
101
110
1110
1111 0
1111 10
1111 110
1111 1110 0
1111 1110 10
1111 1110 11
1111 1111
Reserved (including IPv4)
Unassigned
OSI NSAP address
Novell Netware IPX addresses
Unassigned
Unassigned
Unassigned
Unassigned
Provider-based addresses
Unassigned
Geographic-based addresses
Unassigned
Unassigned
Unassigned
Unassigned
Unassigned
Unassigned
Unassigned
Link local use addresses
Site local use address
Multicast
1/256
1/256
1/128
1/128
1/128
1/32
1/16
1/8
1/8
1/8
1/8
1/8
1/8
1/16
1/32
1/64
1/128
1/512
1/1024
1/1024
1/256
40
INF-3190: Internet
IPv6 Addresses and Anycast



Provider based: approx. 16 mio. companies allocate addresses
Geographically based: allocation as it is today
Link, site-used: address has only local importance (security, Firewall
concept)


Should make NAT (network address translation) useless
Anycast definition

previously


now (new)


anycast
send data to one member of a group



unicast, broadcast and multicast
for example to the member which is the nearest one geographically
i.e. a system within a pre-defined group is to be accessed
Anycast application


To search for the nearest web-server
To locate the nearest router of a multicast group

06. Apr. 2005
in order to participate in group communication
41
INF-3190: Internet