* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Data Link Layer Switching
Survey
Document related concepts
Net neutrality wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Computer network wikipedia , lookup
SIP extensions for the IP Multimedia Subsystem wikipedia , lookup
Net neutrality law wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Deep packet inspection wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Internet protocol suite wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Real-Time Messaging Protocol wikipedia , lookup
UniPro protocol stack wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
Internet Foreleser: Carsten Griwodz Email: [email protected] 10. Mar. 2004 1 INF-3190: Internet Internet Protocol Stack and Some Well-known Protocols Application layer TCP UDP Network layer IP + ICMP + ARP WANs ATM 10. Mar. 2004 LLC & MAC physical Transport layer LANs Data link and Physical layer MANs 2 INF-3190: Internet Internet Protocol IP Defined for the first time in 1981 J. Postel RFC 791, September 1981 Connectionless service (datagram) Provide best-efforts (not guaranteed) way to transport datagrams From source to destination Without regard whether these machines are on the same network there are other networks in between Packet length 10. Mar. 2004 In theory: up to 64 kBytes In real life: approx. 1500 Bytes 3 INF-3190: Internet IP Segmentation/Reassembly Transparent segmentation Non-transparent segmentation Used in the Internet 10. Mar. 2004 4 INF-3190: Internet IPv4 Datagram Format 4 bits Version Internet Network Layers Headers 16 values Protocol specific fields 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 10. Mar. 2004 Not in use Not in use Not in use Not in use Internet Protocol, version 4 Stream Protocol (ST, ST-II) Internet Protocol, version 6 IPv77, TP/IX, CATNIP PIP TUBA Not in use Not in use Not in use Not in use Not in use Not in use Version 5 IPv4: dominant version IPv6: upcoming successor to IPv4 INF-3190: Internet IPv4 Datagram Format Version IHL Type of service Header Length (IHL) (in 32 bit words) at least 5 words with 32 bit each = 20 bytes at most 15 words with 32 bit each = 60 bytes D T R C 1 bit unused C (1 bit): low cost R (1 bit): high reliability T (1 bit): high throughput D (1 bit): low delay Precedence (3 bit) 10. Mar. 2004 priority 0 (normal) ...7 (network control) influences the queuing scheme (and not routing) 6 Type of Service Original definition OLD definition Was ignored by routers Redefined by DiffServ INF-3190: Internet IPv4 Datagram Format Version IHL DS DS Field Differentiated Services Field New definition 0 0 Class selector codepoints If of the form xxx000 Differentiated Services Codepoint 10. Mar. 2004 xxxxx0 reserved for standardization xxxx11 reserved for local use xxxx01 open for local use, may be standardized later 7 NEW definition DiffServ compliant Not widely deployed yet INF-3190: Internet IPv4 Datagram Format Version IHL DS Identification Total length full length including the data stated in bytes all hosts must be prepared to accept datagrams of up to 576 bytes recommendation: Total length send larger datagrams only if assured that destination can handle these max. 65.535 byte, often approximately 1500 byte Identification necessary for destination to determine datagram a fragment belongs to all fragments of a datagram contain same identification value 10. Mar. 2004 8 INF-3190: Internet IPv4 Datagram Format Version IHL DS Identification Flags 1 bit unused DF (1 bit): don’t fragment Routers must be able to handle packets with 576 or fewer bytes MF (1 bit): more fragments DM Total length Fragment offset last fragment marked 0 Fragment offset offset of this fragment, i.e. the position within a datagram stated in multiples of 8 bytes (elementary frament unit) 13 bits max. 8192 fragments / datagram max. datagram len. 65536 bytes 10. Mar. 2004 9 INF-3190: Internet IPv4 Datagram Format Version IHL DS Identification Time to live Protocol Time To Live (TTL) DM Total length Fragment offset life cycle in seconds, max. 255 sec when 0: drop packet, feedback to sender must be decremented per hop, in practical use: counts hops (not seconds) Protocol type of higher level protocol for transmission 1– 2– 3– 4– 5– 6– … 10. Mar. 2004 ICMP IGMP GGP IP ST TCP Internet Control Message Protocol Internet Group Management Protocol Gateway to Gateway Protocol IP in IP tunneling ST-II in IP tunneling TCP 10 INF-3190: Internet IPv4 Datagram Format Version IHL DS Total length Identification DM Fragment offset Time to live Protocol Header checksum Source address Destination Address Header Checksum to detect errors generated by bad memory words inside an IS observed each time when datagram is received (both in IS and ES) if necessary datagram is dropped certain summation of the header words must be recomputed at each hop (due to change in Time-to-Live field) Source Address addition of all 16-bit halfwords in one’s complement arithmetic and use one’s complement of result (assume this field as zero upon arrival) sender’s IP address Destination Address receiver’s IP address 10. Mar. 2004 11 INF-3190: Internet IPv4 Datagram Format Version IHL Type PRE of service ToS Total length Identification DM Fragment offset Time to live Protocol Header checksum Source address Destination Address Options (0 or more) Padding Data Options options for routing, testing and debugging conceptual design: as an enhancement for future versions variable length: each begins with 1-byte identification code Padding Example options security: security degree, exclusion of routes, ignored in practice strict source routing: sender specifies exact route loose source routing: sender specifies list of routers to visit record route: store IP addresses of routers timestamp: like record route, but also timestamp added at router fill up to the word limit Data field for user data 10. Mar. 2004 12 INF-3190: Internet IPv4 Datagram Format Example option: record route 128.2.3.4 128.7.1.3 128.2.14.16 128.10.4.12 128.7.8.9 128.9.12.4 128.10.4.2 128.9.3.17 Sender Receiver IS Options P 128.2.14.16 Payload Record Route Option 10. Mar. 2004 128.2.3.4 empty 128.7.8.9 empty 13 128.10.4.12 empty 128.9.3.17 empty empty INF-3190: Internet Internet Control Message Protocol (ICMP) History J. Postel RFC 792, Sept. 1981 Purpose to communicate network layer information mostly error reporting e.g. in ftp, telnet, http appears "destination network unreachable" ICMP origin, e.g.: a router was unable to find the given destination address router sent back ICMP (Type 3) packet sending host received the packet, returned error code to TCP TCP returned error code to application (e.g. ftp, telnet, http) between hosts, routers (and gateways) ICMP messages are sent as IP packets i. e. the first 32 bits of the IP data field are ICMP headers 10. Mar. 2004 14 INF-3190: Internet Internet Control Message Protocol (ICMP) Header structure Type Code Checksum 16 types, a. o. Type destination or port or protocol unreachable fragmentation necessary but DF (don’t fragment) DF is set source route failed, redirect (for routing) echo-request and echo-reply (e.g. for "ping" program) source quench (packet for congestion control) Code states cause if type is "destination unreachable" 10. Mar. 2004 e. g. net, host, protocol, port unreachable or fragmentation needed, source route failed 15 INF-3190: Internet Internet Addresses and Internet Subnetworks Original global addressing concept for the Internet For addressing end systems and intermediate systems each network interface (not ES) has its own unique address 5 classes 7 Network A 0 B 10 C 11 0 1 11 0 1 1 11 24 Host 14 Network 16 Host 21 Network 8 Host 28 Multicast address 28 Reserved ICANN (Internet Corporation for Assigned Numbers and Names) manages network numbers delegates parts of the address space to regional authorities 10. Mar. 2004 16 INF-3190: Internet Internet Address and Internet Subnetworks Networks grow and should be somehow structured several networks instead of one preferable but getting several address areas is hard since address space is limited e.g., university may have started with class B address, doesn’t get second one Problem class A, B, C refer to one network, not collection of LANs Allow a network to be split into several parts for internal use still look like single network to outside world 10. Mar. 2004 17 INF-3190: Internet Internet Address and Internet Subnetworks Idea e.g. address 129.8.7.2: Subnet mask: Subnet address: local decision for subdividing host share into subnetwork portion and end system portion 10 14 Network 6 Subnet 16 10 Host Host 1 00 0 0 00 1 0 00 0 1 00 0 0 00 0 0 11 10 0 0 00 0 1 0 & & 1 11 1 1 11 1 1 11 1 1 11 1 1 11 1 1 10 00 0 0 00 0 0 0 1 00 0 0 00 1 0 00 0 1 00 0 0 00 0 0 10 00 0 0 00 0 0 0 To write down subnet address with subnet mask use either 129.8.4.0/255.255.252.0 or 129.8.4.0/22 Use “subnet mask” to distinguish network and subnet part from host part Routing with 3 levels of hierarchy Algorithm in router (by masking bits: AND between address and subnet mask): 10. Mar. 2004 packet to another network (yes, then to this router) packet to local end system (yes, then deliver packet) packet to other subnetwork (yes, then reroute to appropriate router) 18 INF-3190: Internet CIDR: Classless InterDomain Routing Subnetting not good enough Too many organizations require addresses in principle many addresses due to 32-bit address space but inefficient allocation due to class-based organization class A network with 16 million addresses too big for most cases class C network with 256 addresses is too small most organizations are interested in class B network, but there are only 16384 (in reality, class B too large for many organizations) Large number of networks leads to large routing tables Introduction of CIDR (Classless InterDomain Routing) (RFC1519) CIDR Principle to allocate IP addresses in variable-sized blocks e.g., request for 2000 addresses would lead to (without regard to classes) assignment of 2048 address block starting on 2048 byte boundary but, dropping classes makes forwarding more complicated 10. Mar. 2004 19 INF-3190: Internet CIDR: Classless InterDomain Routing Search for longest matching prefix if several entries with different subnet mask length may match then use the one with the longest mask i.e., AND operation for address & mask must be done for each table entry Entries may be aggregated to reduce routing tables 194.24.0.0/21 Router 194.24.8.0/22 194.24.0.0/19 Router Router Unassigned 194.24.16.0/20 10. Mar. 2004 20 194.24.12.0/22 Router INF-3190: Internet IP Version 6 (IPv6) Motivation for IPv6: problems with IPv4 Background & Status Too few addresses Bad support for QoS Bad support for mobility Many other shortcomings … 1990: 1992: 1993: Call for Proposals 21 variants, with 7 possible candidates combination of 2 candidates: S. Deering and Francis (Xerox, Palo Alto) result: RFC 1883-87 protocol, addressing, ICMP, RFC 1825-29, newer ones appeared later (RFC2460-2466) since 2000: possibility to expand but still debate about its future Status of IPv6 at IFI First IPv6-capable routers installed Should work in summer 10. Mar. 2004 21 INF-3190: Internet IPv6 Objectives To support billions of end systems To reduce routing tables To simplify protocol processing simplified header security means integrated To support real-time data traffic To be open for change (future) Addressing IPv4 limitations flow label, traffic class To provide multicasting To support mobility (roaming) Scalability To increase security longer addresses extension headers To coexist with existing protocols 10. Mar. 2004 22 Coexistance INF-3190: Internet IPv6 vs. IPv4 Internet Network Layers Headers Version Protocol specific fields 4 bits 16 values 10. Mar. 2004 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Not in use Not in use Not in use Not in use Internet Protocol, version 4 Stream Protocol (ST, ST-II) Internet Protocol, version 6 IPv77, TP/IX, CATNIP PIP TUBA Not in use Not in use Not in use Not in use Not in use Not in use 23 INF-3190: Internet IPv6 vs. IPv4 IPv4 Header Version IHL Type PRE of service ToS Total length Identification DM Fragment offset Time to live Protocol Header checksum Source address (32 bit) Destination Address (32 bit) Protocol Next Header Options (0 or more) contains identification Either transport layer protocol Or first option Total Length Payload Length length including the data (but without the 40 byte header) actually a maximum of 65.535 byte (plus 40 byte header) Version Priority Payload length min. 576 byte possibly extension via "Jumbogram" options (but then no fragmentation) a maximum of 65.535 byte may not be enough for a major data transmission Hop Limit Source address (128 bit) Destination Address (128 bit) IPv6 Header 10. Mar. 2004 Flow label Next header 25 INF-3190: Internet IPv6 vs. IPv4 IHL Identification ToS DM Fragment offset Header checksum Constant header length IPv4 Type of Service Precedence replaced by priority D T R C-Bits (QoS) Options (0 or more) eliminated and replaced by "Flow label" Identification, flags, fragment offset if still too large packet is sent, then error message L4 should then take over this task and transfer the PDU with the appropriate size to L3 Header checksum L2 and L4 have sufficient mechanisms Communication channels better nowadays, at the expense of the performance 10. Mar. 2004 26 INF-3190: Internet IPv6 vs. IPv4 IHL Identification ToS DM Fragment offset Header checksum Options (0 or more) IPv6 options Are not part of the header Follow the header Version Priority Payload length Flow label Next header Hop Limit Source address (128 bit) Indicated by “next header” field Destination Address (128 bit) 10. Mar. 2004 27 INF-3190: Internet IPv6 Header Fields Version Priority Payload length Flow label Next header IPv6 Header Hop Limit Priority Source address differentiation of sources lower number < lower priority Destination Address With flow control 0 1 2 3 4 5 6 7 Not characterized Filler Unattended Reserved Attended bulk transfer Reserved Interactive Internet management 10. Mar. 2004 Without flow control 8 9 10 11 12 13 14 15 Continuous rate traffic 28 INF-3190: Internet IPv6 Header Fields Version Priority Payload length Flow label Next header Hop Limit TIME to live = Hop limit Source address Destination Address life cycle in number of hops, max. 255 this may not be sufficient, presently usually approx. 32 hops Flow Label Definition may still change (experimental) Flow = Tupel (source ID, dest ID, No.) Pre-defined Handling defined by external auxiliary protocol 10. Mar. 2004 29 INF-3190: Internet IPv6 Header Fields Version Priority Payload length Flow label Next header Hop Limit Source address Example options Hop-by-hop options Routing Destination Address Next Header 10. Mar. 2004 information about encrypted content Description options 30 verfication of the sender’s identity Encrypted security payload management of datagram fragments Authentication contains either transport layer protocol identification Or options full or partial route to follow Fragmentation miscellaneous information for routers additional information for the destination INF-3190: Internet IPv6 Addresses 10. Mar. 2004 Prefix (binary) Usage Fraction 0000 0000 0000 0001 0000 001 0000 010 0000 011 0000 1 0001 001 010 011 100 101 110 1110 1111 0 1111 10 1111 110 1111 1110 0 1111 1110 10 1111 1110 11 1111 1111 Reserved (including IPv4) Unassigned OSI NSAP address Novell Netware IPX addresses Unassigned Unassigned Unassigned Unassigned Provider-based addresses Unassigned Geographic-based addresses Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Link local use addresses Site local use address Multicast 1/256 1/256 1/128 1/128 1/128 1/32 1/16 1/8 1/8 1/8 1/8 1/8 1/8 1/16 1/32 1/64 1/128 1/512 1/1024 1/1024 1/256 31 INF-3190: Internet IPv6 Addresses and Anycast Provider based: approx. 16 mio. companies allocate addresses Geographically based: allocation as it is today Link, site-used: address has only local importance (security, Firewall concept) Should make NAT (network address translation) useless Anycast definition previously now (new) anycast send data to one member of a group unicast, broadcast and multicast for example to the member which is the nearest one geographically i.e. a system within a pre-defined group is to be accessed Anycast application To search for the nearest web-server To locate the nearest router of a multicast group 10. Mar. 2004 in order to participate in group communication 32 INF-3190: Internet