* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Slide 1
Survey
Document related concepts
Airborne Networking wikipedia , lookup
Network tap wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Point-to-Point Protocol over Ethernet wikipedia , lookup
Computer network wikipedia , lookup
Internet protocol suite wikipedia , lookup
SIP extensions for the IP Multimedia Subsystem wikipedia , lookup
Asynchronous Transfer Mode wikipedia , lookup
Serial digital interface wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Deep packet inspection wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Transcript
Chapter 6: Objectives Explain how network layer protocols and services support communications across data networks. Explain how routers enable end-to-end connectivity in a small to medium-sized business network. Determine the appropriate device to route traffic in a small to medium-sized business network. Configure a router with basic configurations. The Network Layer Encapsulation and Decapsulation IP Header Data Link Header IP Packet Data Link Trailer Data Link Header IP Packet Data Link Trailer Data Link Header IP Packet Data Link Trailer Data Link Header IP Header TCP Header TCP Header HTTP Header Data Link Trailer Data Link Header HTTP Header Data Data Data Link Trailer 3 Encapsulation DATA SEGMENT DATA S.P / D.P. / S.N. / Ack # / … DATA (SEGMENT) PACKET IPv / HLEN / Flag / S. IP / D. IP / … Frame Header FRAME DATA (PACKET) Trailer 111010110101011100001001011010101010010101010101101101010001010101010110101010 Functions of the Network Layer IP IP The network layer, or OSI Layer 3, provides services to allow end devices to exchange data across the network. The network layer uses four basic processes: Addressing end devices Encapsulation Routing De-encapsulation Network Layer Protocols Common Network Layer Protocols Internet Protocol version 4 (IPv4) Internet Protocol version 6 (IPv6) Legacy Network Layer Protocols Novell Internetwork Packet Exchange (IPX) AppleTalk Connectionless Network Service (CLNS/DECNet) Characteristics of IPv4 Connectionless: No connection is established before sending data packets. Best effort delivery: No additional overhead is used to guarantee packet delivery. Makes it unreliable …? Media independent: Operates independently of the medium carrying the data. Connectionless Service = Postal Service Connectionless Service Best Effort Delivery = Unreliable Best Effort Delivery = Unreliable IP is unreliable because it doesn’t have the capability to manage, and recover from, undelivered or corrupt packets. TCP (if used) will manage the transmission reliability. It also makes for a smaller IP header. Less overhead = less delay in delivery = very fast. IPv4 Media Independent IP doesn’t care what type of media the packet is carried on. MTU The The outgoing outgoing link link has has a a large enough MTU but to I smaller MTU so I have don’t reconstruct fragment the packets. packets. It is my job to reconstruct the packets. IP Packet IP Packet Network link with larger MTU IP Packet IP Packet IP Packet Network link with smaller MTU Network link with larger MTU IP Packet IP Packet IP Packet IP Packet IP Packet IP Packet The Network layer does consider the maximum size of PDU that each medium can transport. This is referred to as the Maximum Transmission Unit (MTU). The Network layer determines how large to create the packets. Routers may need to split up a packet when forwarding it from one media to a media with a smaller MTU. This process is called fragmenting the packet or fragmentation. This is similar to segmenting at the Transport layer but happens at the Network layer. IPv4 Packet IPv4 Packet IP Header Data (Payload) IPv4 has been in use since 1983 when it was deployed on the Advanced Research Projects Agency Network (ARPANET). An IPv4 packet has two parts: IP Header - Identifies the packet characteristics. Payload - Contains the Layer 4 segment information and the actual data. IPv4 Header – Significant Fields Byte 1 Version Byte 2 IP Header Length Byte 3 Differentiated Services Total Length DSCP ECN Identification Time-To-Live Byte 4 Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding IPv4 Header – Validation Fields Byte 1 Version Byte 2 IP Header Length Byte 3 Differentiated Services Total Length DSCP ECN Identification Time-To-Live Byte 4 Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Sample IPv4 Packet Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Version (4 bits) – Indicates the version of IP currently used. – 0100 = 4 and therefore IPv4 – 0110 = 6 and therefore IPv6 Padding Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding IP Header Length (4 bits) – Identifies the number of 32-bit words in the header. – The IHL value varies due to the Options and Padding fields. – The minimum value for this field is 5 (i.e., 5×32 = 160 bits = 20 bytes) and the maximum value is 15 (i.e., 15×32 = 480 bits = 60 bytes). Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Differentiated Services (8 bits) – Formerly called the Type of Service (ToS) field. – The field is used to determine the priority of each packet. – First 6 bits identify the Differentiated Services Code Point (DSCP) value for QoS. – Last 2 bits identify the explicit congestion notification (ECN) value used to prevent dropped packets during times of network congestion. Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Total Length (16 bits) – Sometimes referred to as the Packet Length. – Defines the entire packet (fragment) size, including header and data, in bytes. – The minimum length packet is 20 bytes (20-byte header + 0 bytes data) and the maximum is 65,535 bytes. . Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address A router may have to fragment a packet Padding when forwarding it from one medium to another medium that has a smaller MTU. Options (optional) When this happens, fragmentation occurs and the IPv4 packet uses the following 3 fields to keep track of the fragments Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Identification (16 bits) – Field uniquely identifies the fragment of an original IP packet. Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Flag (3 bits) – This 3-bit field identifies how the packet is fragmented. – It is used with the Fragment Offset and Identification fields to help reconstruct the fragment into the original packet. Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Fragment Offset (13 bits) – Field identifies the order in which to place the packet fragment in the reconstruction of the original unfragmented packet. Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Time-to-Live (TTL) (8 bits) Padding – Used to limit the lifetime of a packet. – It is specified in seconds but is commonly referred to as hop count. – The packet sender sets the initial TTL value and is decreased by one each time the packet is processed by a router, or hop. – If the TTL field decrements to zero, the router discards the packet and sends an ICMP Time Exceeded message to the source IP address. – The traceroute command uses this field to identify the routers used between the source and destination. Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Protocol (8 bits) – Field indicates the data payload type that the packet is carrying, which enables the network layer to pass the data to the appropriate upper-layer protocol. – Common values include ICMP (1), TCP (6), and UDP (17). – Others: GRE (47), ESP (50), EIGRP (88), OSPF (89) – http://www.iana.org/assignments/protocol-numbers/ Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Header Checksum (8 bits) – Field is used for error checking of the IP header. – The checksum of the header is recalculated and compared to the value in the checksum field. – If the values do not match, the packet is discarded. Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Source IP Address (32 bits) – Contains a 32-bit binary value that represents the source IP address of the packet. Version IP Header Length Differentiated Services Total Length DSCP ECN Identification Time-To-Live Flag Protocol Fragment Offset Header Checksum Source IP Address Destination IP Address Options (optional) Padding Destination IP Address (32 bits) – Contains a 32-bit binary value that represents the destination IP address of the packet. Sample IPv4 Headers Sample IPv4 Headers Sample IPv4 Headers IPv6 Packet IPv4 Limitations of IPv4 Since 1983, IPv4 has been updated to address new challenges. However, even with changes, IPv4 still has three major issues: IP address depletion Internet routing table expansion Lack of end-to-end connectivity IP Address Depletion IPv4 has a limited number of unique public IP addresses available. Although there are approximately 4 billion IPv4 addresses, the increasing number of new IP-enabled devices, always-on connections, and the potential growth of less-developed regions have increased the need for more addresses. Blocks Assigned in 1993 Blocks Assigned in 2000 Blocks Assigned in 2007 Blocks Assigned in 2010 IPv4 Address Depletion In October 2010, less than 5% of the public IPv4 addresses remained unallocated. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 Monday, January 31, 2011 IANA allocated two blocks of IPv4 address space to APNIC, the RIR for the Asia Pacific region (39/8 and 106/8) This triggered a global policy to allocate the remaining IANA pool of 5 /8’s equally between the five RIRs. So, basically… Internet Routing Table Expansion A routing table is used by routers to make best path determinations. As the number of servers (nodes) connected to the Internet increases, so too does the number of network routes. These IPv4 routes consume a great deal of memory and processor resources on Internet routers. Lack of End-to-End Connectivity NAT 192.168.1.0/24 RFC 1918 Private Address Public IPv4 Address Network Address Translation (NAT) is a technology commonly implemented within IPv4 networks. NAT provides a way for multiple devices to share a single public IP address. However, because the public IP address is shared, the IP address of an internal network host is hidden. This can be problematic for technologies that require end-to-end connectivity. IETF To The Rescue To address these problems, the IETF it implemented solutions to solve these problems. Short Term solutions included: Subnetting Variable-length subnet masking (VLSM) Classless interdomain routing (CIDR) Supernetting Network Address Translation (NAT) Private Addresses However, its long term solution was IP version 6 (IPv6) IPv6 IPv6 overcomes the limitations and provides the following improvements: Increased address space Improved packet handling Eliminates the need for NAT Integrated security Increased Address Space The 32-bit IPv4 address space provides approximately 4,294,967,296 unique addresses. Of these, only 3.7 billion addresses are assignable, because the IPv4 addressing system separates the addresses into classes, and reserves addresses for multicasting, testing, and other specific uses. IPv6 addresses are based on 128-bit hierarchical addressing as opposed to IPv4 with 32 bits. 340 undecillion addresses This dramatically increases the number of available IP addresses. Increased Address Space Number name Scientific Notation 1 Thousand 10 1 Million 10 1 Billion 10 1 Trillion 10 1 Quadrillion 10 1 Quintillion 10 1 Sextillion 10 1 Septillion 10 1 Octillion 10 1 Nonillion 10 1 Decillion 10 1 Undecillion 10 3 6 9 12 15 18 21 24 27 30 33 36 Number of zeros 1,000 1,000,000 1,000,000,000 There are 4 billion IPv4 addresses 1,000,000,000,000 1,000,000,000,000,000 1,000,000,000,000,000,000 1,000,000,000,000,000,000,000 1,000,000,000,000,000,000,000,000 1,000,000,000,000,000,000,000,000,000 1,000,000,000,000,000,000,000,000,000,000 1,000,000,000,000,000,000,000,000,000,000,000 1,000,000,000,000,000,000,000,000,000,000,000,000 50 billion billion billion addresses for every person on earth There are 340 undecillion IPv6 addresses Do we need this many addresses? Improved Packet Handling The IPv6 header has been simplified with fewer fields. This improves packet handling by intermediate routers and also provides support for extensions and options for increased scalability/longevity. IPv6 Header Byte 1 Version Byte 2 Byte 3 Traffic Class Payload Length Byte 4 Flow Label Next Header Source IP Address Destination IP Address Hop Limit Sample IPv4 Packet Version Traffic Class Flow Label Payload Length Next Header Source IP Address Destination IP Address Hop Limit Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source IP Address Destination IP Address Version (4 bits) – Indicates the version of IP currently used. – 0100 = 4 and therefore IPv4 – 0110 = 6 and therefore IPv6 Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source IP Address Destination IP Address Traffic Class (8 bits) – Field is equivalent to the IPv4 Differentiated Services (DS) field. – It also contains a 6-bit DSCP value used for QoS and a 2-bit ECN used for traffic congestion control. Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source IP Address Destination IP Address Flow Label (20 bits) – Field provides a special service for real-time applications. – It can be used to inform routers and switches to maintain the same path for the packet flow so that packets are not reordered. Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source IP Address Destination IP Address Payload Length (16 bits) – Field is equivalent to the Total Length field in the IPv4 header. – It defines the entire packet (fragment) size, including header and optional extensions Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source IP Address Destination IP Address Next Header (8 bits) – Field is equivalent to the IPv4 Protocol field. – It indicates the data payload type that the packet is carrying, enabling the network layer to pass the data to the appropriate upper-layer protocol. – This field is also used if there are optional extension headers added to the IPv6 packet. Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source IP Address Destination IP Address Hop Limit (8 bits) – Field replaces the IPv4 TTL field. – This value is decremented by one by each router that forwards the packet. – When the counter reaches 0 the packet is discarded and an ICMPv6 message is forwarded to the sending host, indicating that the packet did not reach its destination. Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source IP Address Destination IP Address Source Address (128 bits) – Field identifies the IPv6 address of the sending host. Version Traffic Class Flow Label Payload Length Next Header Hop Limit Source IP Address Destination IP Address Destination Address (128 bits) – Field identifies the IPv6 address of the receiving host. Sample IPv6 Headers Sample IPv6 Headers Sample IPv6 Headers Eliminates the Need for NAT With such a large number of public IPv6 addresses, Network Address Translation (NAT) is not needed. Customer sites, from the largest enterprises to single households, can get a public IPv6 network address. This avoids some of the NAT-induced application problems experienced by applications requiring end-to-end connectivity. Integrated Security IPv6 natively supports authentication and privacy capabilities. With IPv4, additional features had to be implemented to do this.