Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
COS 338 Day 15 DAY 15 Agenda Capstone Proposal Overdue Capstone progress reports still overdue 3 accepted, 3 in mediation I forgot to mark in calendar so I will grant a reprieve Lab 4 write-up corrected 2 A’s, 1 B, 2 F’s and 1 non-submit Again grades are determined by effort Lab 5 Due November 3 Assignment 5 Posted Due November 7 Should be on assignment 7 (I suspect that we will have only 8-9 assignments) Today we will discussing TCP/IP Lab 6 on Thursday 2 TCP/IP Internetworking Chapter 8 Panko’s Business Data Networks and Telecommunications, 5th edition Copyright 2005 Prentice-Hall Perspective Chapters 4 & 5 covered single LANs Chapter 7 covered single WANs Most corporations have intranets that combine multiple LANs and WANs Most intranets use TCP/IP standards So does the global Internet Chapter 8 deals with TCP/IP internetworking 4 5 Internetworking with Routers Routers Connect Multiple Networks (LANs and WANs) into an Internet Site B Router Z LAN 1 LAN 4 Router W LAN 3 LAN 2 Router X WAN Router Y Site A Site C 6 Figure 8-1: Major TCP/IP Standards User Applications 5 Application HTTP 4 Transport 3 Internet SMTP Many Others TCP Supervisory Applications DNS Routing Many Protocols Others UDP IP ICMP ARP 2 Data Link None: Use OSI Standards Internetworking is done at the internetNone: and transport 1 Physical Use OSIlayers. Standards There are only a few standards at these layers. Note: Shaded protocols are discussed in this chapter. 7 Figure 8-1: Major TCP/IP Standards, Continued User Applications 5 Application HTTP 4 Transport SMTP TCP Many Others Supervisory Applications DNS Routing Many Protocols Others UDP At the application layer, there are 3 Internet user applications and IPsupervisory applications. ICMP ARP We will look at two supervisory applications in this chapter. 2 Data Link None: Use OSI Standards 1 Physical None: Use OSI Standards Note: Shaded protocols are discussed in this chapter. Figure 8-2: Recap: IP, TCP, and UDP Layer Protocol ConnectionOriented? Reliable? Lightweight or Heavyweight? 4 (Transport) TCP Yes Yes Heavyweight 4 (Transport) UDP No No Lightweight 3 (Internet) IP No No Lightweight 8 9 Figure 8-3: Hierarchical IP Address Network Part (not always 16 bits) Subnet Part (not always 8 bits) Host Part (not always 8 bits) Total always is 32 bits 128.171.17.13 The Internet UH Network (128.171) 32-bit host IP addresses have three parts CBA Subnet (17) Host (13) 10 Figure 8-3: Hierarchical IP Address, Continued Question. The IP address is 123.16.22.47 How large is the network part? Figure 8-4: Border Router, Internal Router, Networks, and Subnets Border Router Internal Router Corporate Network 192.168.x.x ISP Network 60.x.x.x Border Routers Connect Different Networks 11 Figure 8-4: Border Router, Internal Router, Networks, and Subnets, Continued Subnet 192.168.2.x Internal Router Subnet 192.168.3.x Subnet 192.168.1.x Border Router Corporate Network 192.168.x.x Internal Routers Connect Different Subnets within the Firm 12 13 Figure 8-5: Part of an Internet Router A Router B Router C Router B connects to 4 subnets via its 4 interfaces (ports) Subnet 172.30.20.x Ethernet Switch 1 Router D 172.30.20. 1 C1-… Client PC R 172.30.20. 47 A1-… Ethernet Switch 2 Server X 172.30.20. 19 B1-… Server Y 172.30.21. 86 D1-… Router E 172.30.21. 2 E1-… Subnet 172.30.21.x Router F 172.30.21. 1 F1-… Figure 8-5: Part of an Internet, Continued Router A Interface 4 172.30.19.1 11-… Subnet 172.30.20.x Router D 172.30.20. 1 C1-… Router B Router B Interface 1 Subnet 172.30.19.x 802.11 14 Router C Router B’s Interface 1 is connected to a point-to-point 802.11 subnet, Subnet Ethernet 172.30.19.x Ethernet Switch 1 Switch 2 172.30.21.x This subnet goes to Router A’s Interface 4, Client PC R which Serverhas X IP address 172.30.19.1 and MAC address 172.30.20. 172.30.20. Server Y11- … Router E 47 19 172.30.21. 172.30.21. A1-… Each interface B1-… on a router 86 has a different 2 E1-… IP address and dataD1-… link layer address. Router F 172.30.21. 1 F1-… Figure 8-5: Part of an Internet, Continued Router A Subnet 172.30.20.x Router D 172.30.20. 1 C1-… Router B 15 Router B Router C Interface 4 Subnet 172.30.22.x 802.11 Interface 1 172.30.22.9 21-… Router B’s interface 4 also connects To an 802.11 point-to-point subnet,Ethernet Ethernet 172.30.22.x. Switch 2 Switch 1 This reaches Interface 1 on Router C. Client PC R Server X This interface has 172.30.20. 172.30.20. Server Y Router E IP address 172.30.22.9 47 19 172.30.21. 172.30.21. and MAC address 21… A1-… B1-… 86 D1-… 2 E1-… Subnet 172.30.21.x Router F 172.30.21. 1 F1-… 16 Figure 8-5: Part of an Internet, Continued Router A Router B Router B Interface 2 Ethernet Subnet 172.30.20.x Ethernet Switch 1 Router D 172.30.20. 1 C1-… Client PC R 172.30.20. 47 A1-… Router C Router B’s Interface 2 connects to Ethernet subnet 172.30.20.x. Subnet Ethernet This subnetSwitch has a 2single172.30.21.x switch. Server X 172.30.20. 19 B1-… Other devices on the subnet include a single router (D), Server Y Router E Router F a single Client PC (R), 172.30.21. 172.30.21. 172.30.21. and (X). 1 86 a single server 2 D1-… E1-… F1-… Figure 8-5: Part of an Internet, Continued Router A Router B Router B’s Interface 3 connects to Ethernet Subnet 172.30.21.x 17 Router C Router B Interface 3 Ethernet Ethernet Switch 2 Ethernet Subnet 1 has 172.30.20.x ThisSwitch subnet Subnet 172.30.21.x one server (Y) Router D twoClient PC (E R and Server and routers F) X 172.30.20. 1 C1-… 172.30.20. 47 A1-… 172.30.20. 19 B1-… Server Y 172.30.21. 86 D1-… Router E 172.30.21. 2 E1-… Router F 172.30.21. 1 F1-… Figure 8-5: Part of an Internet, Continued Router A Router B Arriving Packet 18 Router C A packet arrives in Interface 1 of Router B. The router will forward the packet out a different interface. Subnet 172.30.20.x Ethernet Switch 1 Router D 172.30.20. 1 C1-… Client PC R 172.30.20. 47 A1-… Ethernet Switch 2 Server X 172.30.20. 19 B1-… Server Y 172.30.21. 86 D1-… Router E 172.30.21. 2 E1-… Subnet 172.30.21.x Router F 172.30.21. 1 F1-… Figure 8-5: Part of an Internet, Continued Router A Router B Here the packet is sent out Interface 3, whichEthernet connects to Subnet Subnet 172.30.21.x Switch 1 19 Router C Router B Interface 3 Ethernet Ethernet Switch 2 Interface 1 172.30.22.9 21-… Subnet 172.30.21.x 172.30.20.x bePC sent Router DIt must Client R to Server X Server Y, 172.30.20. 172.30.20. 172.30.20. Router 1 47E, or 19 Router C1-… A1-…F. B1-… Server Y 172.30.21. 86 D1-… Router E 172.30.21. 2 E1-… Router F 172.30.21. 1 F1-… Figure 8-5: Part of an Internet, Continued Router A Router B For a packet going to Server Y, Router C Router B Interface 3 Ethernet Ethernet Switch 2 EthernetIP address The destination Subnet Switch 1 172.30.20.x is 172.30.21.86 20 Interface 1 172.30.22.9 21-… Subnet 172.30.21.x (Server Y, the destination host) Router D Client PC R Server X 172.30.20. 172.30.20. The packet172.30.20. is put in a frame with 1 47 address D1-… 19 Destination MAC C1-… A1-… B1-… (Server Y) Server Y 172.30.21. 86 D1-… Router E 172.30.21. 2 E1-… Router F 172.30.21. 1 F1-… Figure 8-5: Part of an Internet, Continued Router A Router B For a packet going to Router E, which will take responsibility for the packet. Router C Router B Interface 3 Ethernet Ethernet Switch 2 EthernetIP address Subnet The destination Switch 1 172.30.20.x is the IP address of 21 Interface 1 172.30.22.9 21-… Subnet 172.30.21.x the destination host. Router D Client PC R Server X 172.30.20. 172.30.20. 172.30.20. The packet is put in a frame with 1 47 19 destination MAC address E1-… C1-… A1-… B1-… (Router E). Server Y 172.30.21. 86 D1-… Router E 172.30.21. 2 E1-… Router F 172.30.21. 1 F1-… 22 Figure 8-6: Multiprotocol Routing Unix Server Old NetWare Server Ethernet LAN 1 IPX/ SNA SPX TCP/IP TCP/IP Multiprotocol Most firms have a mix of internetworking Ethernet Router X architectures (TCP/IP, IPX/SPX, SNA, etc.). LAN 3 Ethernet Consequently, are multiprotocol Internal LAN 2 most routers routers that route the packets of Router Y multiple architectures. Site A Site B Edge Router Z Mainframe The Internet WWW Server Figure 8-7: Ethernet Switching Versus IP Routing 23 Switch 2 Ethernet Ethernet switching is fast and therefore inexpensive. Port 5 on Switch 1 Switching For a destination MAC address, to Port 3 on Switch 2 there is only one match in the table. Port 7 on Switch 2 This can be found quickly. to Port 4 on Switch 3 The frame is sent out the port listed in that row. Switch 1 A1-44-D5-1F-AA-4C Switch 1, Port 2 B2-CD-13-5B-E4-65 Switch 1, Port 7 Switching Table Switch 1 Port Station 2 A1-44-D5-1F-AA-4C 7 B2-CD-13-5B-E4-65 5 C3-2D-55-3B-A9-4F 5 D4-47-55-C4-B6-9F 5 E5-BB-47-21-D3-56 Figure 8-7: Ethernet Switching Versus IP Routing, Continued Router B IP Routing Router A IP Routing Table Router A Interface Network 1 60.x.x.x 2 128.171.x.x 1 123.x.x.x 2 60.x.x.x 2 123.x.x.x Interface 1 Network 60.x.x.x Interface 2 Router C Router topologies are meshes. This gives alternative routes. A destination IP address will Match multiple rows. 24 Figure 8-7: Ethernet Switching Versus IP Routing, Continued Router B IP Routing Router A IP Routing Table Router A Interface Network 1 60.x.x.x 2 128.171.x.x 1 123.x.x.x 2 60.x.x.x 2 123.x.x.x Interface 1 Network 60.x.x.x Interface 2 Router C All matching rows must be found. Then, the best match must be found. This is slow and therefore expensive. 25 Figure 8-7: Ethernet Switching Versus IP Routing, Continued Ethernet (and most other) switching is inexpensive for a given traffic volume Router routing is expensive for a given traffic volume Network administrators say “Switch where you can; route where you must.” 26 27 Figure 8.8: Routing Table Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) NextInterface Hop Router 1 128.171.0.0 255.255.0.0 (/16) 47 2 G 2 172.30.33.0 255.255.255.0 (/24) 0 1 Local 3 192.168.6.0 255.255.255.0 (/24) 12 2 G Routers Base Routing Decisions on Their Routing Tables. Each Row Represents a Route to a Network or Subnet For Each Arriving Packet, The Packet’s Destination IP Address Is Matched Against the Destination Network or Subnet Field in Every Row 28 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) NextInterface Hop Router 1 128.171.0.0 255.255.0.0 (/16) 47 2 G 2 172.30.33.0 255.255.255.0 (/24) 0 1 Local 3 192.168.6.0 255.255.255.0 (/24) 12 2 G Each Row Represents a Route to a Network or Subnet. All packets to that network or subnet are governed by that one row. So there is one rule for a range of IP addresses. This reduces the number of rows that must be considered. 29 Figure 8.9: Masking 1. Basic Process Information bit 1 0 1 0 Mask bit 1 1 0 0 Result 1 0 0 0 2. Common Patterns Binary Decimal 00000000 0 11111111 255 3. Example 1 IP Address Mask Result 4. Example 2 IP Address Mask Result 172. 30. 22. 7 255. 0. 0. 0 172. 0. 0. 0 172. 30. 22. 7 255. 255. 0. 0 172. 30. 0. 0 30 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) NextInterface Hop Router 1 128.171.0.0 255.255.0.0 (/16) 47 2 G 2 172.30.33.0 255.255.255.0 (/24) 0 1 Local 3 192.168.6.0 255.255.255.0 (/24) 12 2 G Row 1 If Destination IP Address = 172. 30.33.6 Mask = 255.255. 0.0 Result = 172. 30. 0.0 Destination Network or Subnet = 128.171. 0.0 No match! 31 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) NextInterface Hop Router 1 128.171.0.0 255.255.0.0 (/16) 47 2 G 2 172.30.33.0 255.255.255.0 (/24) 0 1 Local 3 192.168.6.0 255.255.255.0 (/24) 12 2 G Row 2 If Destination IP Address = 172. 30. 33.6 Mask = 255.255.255.0 Result = 172. 30. 33.0 Destination Network or Subnet = 172. 30. 33.0 This row is a match! 32 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) NextInterface Hop Router 1 128.171.0.0 255.255.0.0 (/16) 47 2 G 2 172.30.33.0 255.255.255.0 (/24) 0 1 Local 3 192.168.6.0 255.255.255.0 (/24) 12 2 G Row 3 If Destination IP Address = 172. 30. 33.6 Mask = Result = Destination Network or Subnet = Is this row is a match? Routing For Each Incoming IP Packet Destination IP address is matched against every row in the routing table. If the routing table has 10,000 rows, 10,000 comparisons will be made for each packet. There can be multiple matching rows for a destination IP address, corresponding to multiple alternative routes. After all matches are found, the best match must be selected. 33 34 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) 3 192.168.0.0 255.255.0.0 (/16) 12 NextInterface Hop Router 2 If only one row matches, it will be selected as the best row match. Destination IP address = 192.168.6.7 G 35 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) 13 0.0.0.0 0.0.0.0 (/0) 5 NextInterface Hop Router 3 The default row always matches Mask 0.0.0.0 applied to anything results in 0.0.0.0 This always matches the Network/Subnet value 0.0.0.0 The router specified for this row (H) is the default router H 36 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) 1 128.171.0.0 255.255.0.0 (/16) 47 2 G 7 128.171.17.0 255.255.255.0 (/24) 55 3 H NextInterface Hop Router If there are multiple matches, the row with the longest length of match is selected This is Row 7 for 128.171.17.56 (24 bit match) Row 1’s length of match is only 16 bits Longer matches often are routes to a particular subnet within a network 37 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) 5 172.29.8.0 255.255.255.0 (/24) 34 1 F 8 172.29.8.0 255.255.255.0 (/24) 20 3 H NextInterface Hop Router If there are multiple rows with the same lengths of match, the metric column compares alternative routes. If the metric is cost, the smallest metric wins (20) If the metric is speed, the largest metric wins (34) The Situation The router first evaluated the IP destination address of the arriving packet against all rows and noted the matching rows. The router then selected the best-match row. Now, the router examines the interface and next-hop router fields in the best-match row to determine what to do with the packet. 38 Figure 8-11: Interface and Next-Hop Router Router Forwarding Packet Router A Possible Next-Hop Router Packet to Router B on Interface 5 Router B IP Subnet on Interface (Port 5) Packet must be sent to a particular host or router on the subnet out a particular interface (port). Router C Possible Destination Host Possible Next-Hop Router 39 40 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) 5 172.29.8.0 255.255.255.0 (/24) 34 1 F The Interface specifies the “out” port on the router. NextInterface Hop Router A subnet is attached to this interface. NHR column specifies a specific NHR on that subnet. For Row 5, send packet to NHR F on the subnet out Interface 1. 41 Figure 8.8: Routing Table, Continued Row Destination Network or Subnet Mask (/Prefix) Metric (Cost) 2 172.30.33.0 255.255.255.0 (/24) 0 NextInterface Hop Router 1 Local If Next-Hop Router Field says Local, Then the destination host in on the subnet attached to the interface (1). Instead of sending the packet to a next-hop router on the subnet, the router will send the packet to its destination address. Routing Recap The router looks at the destination IP address in the packet. First, the router finds all matching rows. Second, selects the best matching row. Third, sends packet back out the row’s specified interface, to the row’s specified next-hop router. Begins to process the next packet. 42 Quiz An IP address matches rows 112 and 456. What row in the routing table will the router look at first when it searches for matching rows? (Trick question but one that illustrates a crucial point.) 43 Quiz 1,000 consecutive packets arrive, all going to the same destination IP address. The routing table has 100,000 rows. This destination IP address matches two rows in the routing table. In total, how many rows will the router have to examine? 44 Routing Recap, Continued Switches only provide single possible paths, so there is only one matching entry in the switching table, and it is quickly found—the one corresponding to the single path. Routers have multiple alternative routes and so must evaluate every row (route) and then select the best match; this makes routers very expensive compared to switches for a comparable traffic volume. 45 46 Figure 8-12: Routing Protocols Routing Table Information Router Router Router Routers get the information for their routing tables by exchanging information via routing protocols. Router Routing Table Information Router What is “Routing”? TCP/IP uses the term “routing” in two ways. First, the forwarding of packets when they reach a router is called routing. Second, exchanges between routers in order to transfer routing table information is called routing. 47 Figure 8-13: Multiprotocol Label Switching (MPLS) Label-Switching Router 1 LabelSwitching Router 2 Legend Packet Label LabelSwitching Router 3 LabelSwitching Router 5 Label-Switching Multiprotocol Label Switching (MPLS) Router 4 can simply forwarding and therefore reduce Label-Switched the cost of router operation. Path 48 Figure 8-13: Multiprotocol Label Switching (MPLS), Continued Label-Switching Router 1 LabelSwitching Router 2 Legend Packet Label LabelSwitching Router 3 In multiprotocolLabel-Switching label switching, 4 a label-switched pathRouter is determined for a flow of similar packets. A label is added before each packet. LabelSwitching Router 5 Label-Switched Path 49 Figure 8-13: Multiprotocol Label Switching (MPLS), Continued Label-Switching Router 1 LabelSwitching Router 2 Legend LabelLabelSwitching Packet Label Label-switching the way5 Switching routers along Router look only Router 3 at a packet’s label, not at its destination IP address. Label-Switching Label-Switching Table Router 4 Label-Switched The label-switching table tells the router Label Interface Path what interface to use to send the packet out. A 1 C 1 F 3 50 Figure 8-13: Multiprotocol Label Switching (MPLS), Continued Label-Switching Router 1 LabelSwitching Router 2 Legend Packet Label Label-Switching Table Label Interface A 1 C 1 F 3 Label switching tablesLabelLabelhave only one row per Switching label. Switching Router 5 Router 3 as the row is found, As soon the packet can be sent back out. Label-Switching Router 4 Label-Switched As in Ethernet switching, Pathinexpensive. this is fast and therefore 51 Figure 8-13: Multiprotocol Label Switching (MPLS), Continued Label-Switching Router 1 LabelSwitching Router 2 Legend LabelLabelSwitching Packet Label Switching 5 Label switching is similarRouter to theRouter use of 3 virtual circuits in PSDNs. Label-Switching Label-Switching Table Router 4 Label-Switched Label Interface Path A 1 C 1 F 3 52 Figure 8-13: Multiprotocol Label Switching (MPLS), Continued MPLS makes transit through an internet much faster and therefore cheaper than traditional IP destination address-based routing In addition, more than one label can be set up for packets going to a particular network or subnet Different labels can give different priorities, etc. This allows different traffic to be given different service quality guarantees 53 Figure 8-14: Domain Name System (DNS) Hierarchy (root) Top-Level Domain Names .au .ie 1, .nlwe saw .uk that In Chapter DNS servers can provide a target host’s IP address Second-Level microsoft.com hawaii.edu if you only cnn.com know its host name. Domain Names However, DNS really is a Subnetgeneral method for naming cba.hawaii.edu Name resources on the Internet. .edu .net .org voyager.cba.hawaii.edu .com Host Names ntl.cba.hawaii.edu 54 Figure 8-14: Domain Name System (DNS) Hierarchy, Continued (root) Top-Level Domain Names .edu hawaii.edu 55 .net .org .com .au .ie .nl .uk Second-Level microsoft.com cnn.com Domain Names DNS is organized as a hierarchy. cba.hawaii.edu voyager.cba.hawaii.edu Subnet The top level is the root. Name Top-level domains are organized by type (.com, .edu., etc.) Host ntl.cba.hawaii.edu by country (.uk, .ie, .ch, etc.) Names or by both (.com.us). http://www.root-servers.org/ Figure 8-14: Domain Name System (DNS) Hierarchy, Continued (root) Top-Level Domain Names .edu .net .org Second level domains .com indicate .au .ie .nl .uk a company (cnn.com) or a product (somemovie.com). Second-Level microsoft.com cnn.com hawaii.edu Domain Companies compete for good Names second-level domain names. (Panko.info, Microsoft.com) Subnet cba.hawaii.edu Name They can get these from domain name registrars. voyager.cba.hawaii.edu Host Names ntl.cba.hawaii.edu 56 Figure 8-14: Domain Name System (DNS) Hierarchy, Continued (root) Top-Level Domain Names .au .ie .nl .uk At lower levels, more specific resources can be named. Second-Level microsoft.com cnn.com hawaii.edu Domain One example is the host name. Names voyager.cba.hawaii.edu ntl.cba.hawaii.edu Subnet cba.hawaii.edu Name .edu .net .org voyager.cba.hawaii.edu .com Host Names ntl.cba.hawaii.edu 57 58 Figure 8-1: Major TCP/IP Standards User Applications 5 Application HTTP 4 Transport 3 Internet SMTP Many Others TCP Supervisory Applications DNS Routing Many Protocols Others UDP IP ICMP 2 Data Link None: Use OSI Standards 1 Physical None: Use OSI Standards ARP Note: Shaded protocols are discussed in this chapter. Figure 8-15: Internet Control Message Protocol (ICMP) for Supervisory Messages Router Host Unreachable Error Message IP was created to deliver packets. Echo Request (Ping) ICMP was created to support Echo supervisory messages at the internet layer. Reply 59 Figure 8-15: Internet Control Message Protocol (ICMP) for Supervisory Messages, Continued Router Host Unreachable Error Message Echo Request (Ping) ICMP messages are carried in the data fields Echo of IP packets. Response There are no transport or application layer messages. ICMP IP Message Header 60 Figure 8-15: Internet Control Message Protocol (ICMP) for Supervisory Messages, Continued Router Host Unreachable Error Message ICMP error messages Echo Request ICMP IP advise senders of delivery problems.Header (Ping) Message Echo Reply This is not reliability; there is no automatic error correction. This is only error advisement. 61 Figure 8-15: Internet Control Message Protocol (ICMP) for Supervisory Messages, Continued Echo messages can be used toRouter “ping” IP addresses or host names. Host Unreachable Pinged hosts reply with echo reply messages. Error Message This response indicates that the host is active. Echo (Ping) Echo Reply ICMP IP Message Header 62 63 64 Figure 8-16: IPv4 and IPv6 Packets Bit 0 IP Version 4 Packet Version Header Diff-Serv (4 bits) Length (8 bits) Value (4 bits) is 4 (0100) Identification (16 bits) Unique value in each original IP packet Time to Live (8 bits) Bit 31 Total Length (16 bits) Length in octets Flags Fragment Offset (13 bits) (3 bits) Octets from start of original IP fragment’s data field Protocol (8 bits) Header Checksum 1=ICMP, 6=TCP, (16 bits) 17=UDP 65 Figure 8-16: IPv4 and IPv6 Packets Bit 0 IP Version 4 Packet Bit 31 Version Header Diff-Serv Total Length (4 bits) Length (8 bits) (16 bits) Value (4 bits) Length in octets is 4 (0100) Identification (16 bits) Flags Fragment Offset (13 bits) Version (3 field tells theOctets version of start of Unique value in eachThe original bits) from the Internet Protocol that the packetIPfollows. IP packet original fragment’s data field The version of IPChecksum today Time to Live Protocol (8dominant bits) Header is Version 4. (IPv4) (8 bits) 1=ICMP, 6=TCP, (16 bits) 17=UDP There were no earlier versions. 66 Figure 8-16: IPv4 and IPv6 Packets, Continued Bit 0 IP Version 4 Packet TTL prevents misaddressed packetsBit 31 Diff-Serv Totalendlessly. Length from circulating (8 bits) (16 bits) Length in octets The sender sets the TTL value. Version Header (4 bits) Length Value (4 bits) is 4 (0100) Each router along the way decrements TTL value by 1. Identification (16 bits) (decreases) Flags the Fragment Offset (13 bits) Unique value in each original (3 bits) Octets from start of If a router decrements to 0, IP packet original TTL IP fragment’s the router discards the packet. data field Time to Live Protocol (8 bits) Header Checksum (TTL) 1=ICMP, 6=TCP, (16 bits) (8 bits) 17=UDP 67 Figure 8-16: IPv4 and IPv6 Packets, Continued Bit 0 IP Version 4 Packet Bit 31 Version Header Diff-Serv Total Length (4 bits) Length bits) bits) data field. The Protocol field tells(8the receiver what is in the(16 packet’s Value (4 bits) Length in octets 1 = an ICMP message is 4 6 = a TCP segment (0100) 17 = a UDP datagram Identification Offset (13 bits) There (16 are bits) other values Flags for otherFragment purposes. Unique value in each original (3 bits) Octets from start of IP packet original IP fragment’s data field Time to Live Protocol (8 bits) Header Checksum (8 bits) 1=ICMP, 6=TCP, (16 bits) 17=UDP 68 Figure 8-16: IPv4 and IPv6 Packets, Continued IP Version 4 Packet Bit 31 Version Header Diff-Serv Total Length (4 bits) Length Packets may (8 be bits) fragmented (broken into (16 bits) multiple packets) Value (4 bits) by routers along Length the way.in octets is 4 (0100) Identification (16 bits) Flags Fragment Offset (13 bits) Unique value in each original (3 bits) Octets from start of IP packet original IP fragment’s data field Time to Live Protocol (8 bits) Header Checksum (8 bits) 1=ICMP, 6=TCP, (16 bits) The receiving host reassembles the fragmented packet 17=UDP using information in the Identification, Flags, and Fragment offset fields. However, fragmentation is rare and typically indicates a hacker attack. 69 Figure 8-16: IPv4 and IPv6 Packets, Continued Bit 0 IP Version 4 Packet Bit 31 Source IP Address (32 bits) Destination IP Address (32 bits) Options (if any) Padding The source and destination IP address fields are 32 bits long, of course. Data Field 70 Figure 8-16: IPv4 and IPv6 Packets, Continued Bit 0 IP Version 4 Packet Bit 31 Source IP Address (32 bits) Destination IP Address (32 bits) Options (if any) Padding Data Field The sender may add Options fields. if an option does not end at a 32-bit boundary, padding is added. Options are rare and usually indicate attacks. 71 Figure 8-16: IPv4 and IPv6 Packets, Continued Bit 0 IP Version 4 Packet The data field contains a TCP segment, UDP datagram, message, Source IP AddressICMP (32 bits) or other content. Destination IP Address (32 bits) Options (if any) Data Field Bit 31 Padding 72 Figure 8-16: IPv4 and IPv6 Packets, Continued Bit 0 Version Value is 6 (0110) IP Version 6 Packet Diff-Serv (8 bits) Bit 31 Flow Label (20 bits) Marks a packet as part of a specific flow The IETF has defined a new version of IP. This is Internet Protocol Version 6 (IPv6). Payload Length Next Header Hop Limit (16 bits) The Version field(8value bits) is 6 (0110). (8 bits) Source IP Address (128 bits) Destination IP Address (128 bits) Next Header or Payload (Data Field) 73 Figure 8-16: IPv4 and IPv6 Packets, Continued Bit 0 Version Value is 6 (0110) IP Version 6 Packet Bit 31 Diff-Serv Flow Label (20 bits) (8 bits) Marks a packet as part of a specific flow IPv6 has 128-bit source and destination IP addresses. This allows many more hosts. Payload This Length Next Header Limit is important because some areas Hop of the world (16 bits) (8 bits) (8 bits) are running out of IP addresses. Source IP Address (128 bits) Destination IP Address (128 bits) Next Header or Payload (Data Field) 74 Figure 8-16: IPv4 and IPv6 Packets, Continued Bit 0 Version Value is 6 (0110) IP Version 6 Packet Diff-Serv (8 bits) Bit 31 Flow Label (20 bits) Marks a packet as part of a specific flow IPv6 adoption has been slow. IPv4 addressesNext are not very scarceHop yet,Limit Payload Length Header and implementing a (8 new protocol is difficult (16 bits) bits) (8 bits) because all routers must be changed. Source IP Address (128 bits) However, cellphones, a growing number of devices other than PCs connected Destination IP Address (128 bits) to the Internet, and growth in Asia should spur demand for IPv6 adoption in the future. Next Header or Payload (Data Field) 75 Figure 8-17: TCP Segment and UDP Datagram Bit 0 TCP Segment Source Port Number (16 bits) Bit 31 Destination Port Number (16 bits) Sequence Number (32 bits) Acknowledgement Number (32 bits) Header Length (4 bits) Reserved Flag Fields (6 bits) (6 bits) TCP Checksum (16 bits) Window Size (16 bits) Urgent Pointer (16 bits) Figure 8-17: TCP Segment and UDP Datagram Bit 0 TCP Segment Bit 31 One-bit fields (16 are bits) used to characterize a TCP segment. Source Portflag Number Destination Port Number (16 bits) If a bit is “set”, this means that its value is 1. The flag fields includeNumber SYN, ACK, FIN, and RST. Sequence (32 bits) In order: RST,ACK,PSH,URG,SYN, FIN 010010? Acknowledgement Number (32 bits) Header Length (4 bits) Reserved Flag Fields (6 bits) (6 bits) TCP Checksum (16 bits) Window Size (16 bits) Urgent Pointer (16 bits) 76 77 Figure 8-17: TCP Segment and UDP Datagram, Continued Bit 0 TCP Segment Source Port Number (16 bits) Bit 31 Destination Port Number (16 bits) Sequence Number (32 bits) Acknowledgement Number (32 bits) Header Length (4 bits) The sequence Reserved Flag Fields number field Window Size to be put in (16 order (6allows bits) TCP(6segments bits) bits) if IP delivers them out of order TCP Checksum (16 bits) Urgent Pointer (16 bits) 78 Figure 8-17: TCP Segment and UDP Datagram, Continued Bit 0 TCP Segment Bit 31 The Acknowledgement Number field tells the other Source Port Number (16 bits) Destination Port Number (16 side bits) which segment is being acknowledged. Sequence Number (32 bits) Acknowledgement Number (32 bits) Header Length (4 bits) Reserved Flag Fields (6 bits) (6 bits) TCP Checksum (16 bits) Window Size (16 bits) Urgent Pointer (16 bits) In TCP segments that are acknowledgements, the ACK bit is set. 79 Figure 8-17: TCP Segment and UDP Datagram, Continued Bit 0 TCP Segment Source Port Number (16 bits) Bit 31 Destination Port Number (16 bits) In connection-opening requests, Sequence Number (32 bits) the SYN flag bit is set. Acknowledgement Number (32 bits) Header Length (4 bits) Reserved Flag Fields (6 bits) (6 bits) TCP Checksum (16 bits) Window Size (16 bits) Urgent Pointer (16 bits) 80 Figure 8-17: TCP Segment and UDP Datagram, Continued Bit 0 TCP Segment Source Port Number (16 bits) Bit 31 Destination Port Number (16 bits) Sequence Number bits) In notifications of(32 closings, the FIN bit is set. Acknowledgement Number (32 bits) Header Length (4 bits) Reserved Flag Fields (6 bits) (6 bits) TCP Checksum (16 bits) Window Size (16 bits) Urgent Pointer (16 bits) Figure 8-18: Normal Four-Way Closes and Abrupt Resets in TCP Normal Four-Way Close FIN ACK FIN ACK A normal TCP close is a 4-way close. 81 Figure 8-18: Normal Four-Way Closes and Abrupt Resets in TCP, Continued Abrupt Reset RST In an abrupt close, one side sends a RST segment in which the RST bit is set. The connection is closed by this one segment. There is no acknowledgements of the RST. 82 83 Figure 8-17: TCP Segment and UDP Datagram, Continued Bit 0 TCP Segment Bit 31 Source Port Number (16 bits) Destination Port Number (16 bits) As Module A discusses, the Window Size field Sequence can be used in flow control Number by telling(32 thebits) other side how many more octets it can transmit before getting Acknowledgement another acknowledgement. Number (32 bits) Header Length (4 bits) Reserved Flag Fields (6 bits) (6 bits) TCP Checksum (16 bits) Window Size (16 bits) Urgent Pointer (16 bits) 84 Figure 8-17: TCP Segment and UDP Datagram, Continued Bit 0 TCP Segment Bit 31 Source Port Number (16 bits)transport Destination Number (16 bits) The receiving processPort uses the TCP Checksum field to check the segment for errors. Sequence Number (32 bits) If the receiver finds errors, it discards the segment. Acknowledgement Number (32 bits) If the segment is correct, the receiver sends an ACK. Header Reserved Flag Fields Window Size Length (6 bits) (6 bits) (16 bits) (4 bits) TCP Checksum (16 bits) Urgent Pointer (16 bits) 85 Figure 8-17: TCP Segment and UDP Datagram, Continued In contrast to IP packets, TCP segments often use options. TCP Segment Options (if any) Data Field The data field contains an application message, or, in the case of a supervisory segment, is missing. Padding 86 Figure 8-17: TCP Segment and UDP Datagram, Continued Bit 0 TCP Segment Source Port Number (16 bits) Destination Port Number (16 bits) Sequence Number (32 bits) Acknowledgement Number (32 bits) Header Length (4 bits) Bit 31 PortFields number fields indicate theSize Reserved Flag Window sending(6 and receiving application (6 bits) bits) (16processes. bits) Similar to the Protocol field in IP packets. TCP Checksum (16 bits) Urgent Pointer (16 bits) Figure 8-19: Use of TCP (and UDP) Port Numbers Servers use well-known port numbers for their major applications. Port 80 = HTTP Ports 20, 21 = FTP Port 21 for supervisory information Port 20 for file transfers Port 23 = Telnet Port 25 = SMTP (E-mail) 87 Figure 8-19: Use of TCP (and UDP) Port Numbers, Continued Clients Use Ephemeral Port Numbers. By IETF rules, Ports 49153 to 65535. Windows follows the rules. Unix programs usually do not. The client chooses a random ephemeral port number for each new connection. 88 Figure 8-19: Use of TCP (and UDP) Port Numbers, Continued Registered Port Numbers Ports 1024 through 49151. For non-major applications. Unix does not follow the rules for port number ranges. Unix uses some registered port numbers as ephemeral port numbers. 89 Figure 8-19: Use of TCP (and UDP) Port Numbers, Continued Socket A socket is an IP address, a colon, and a port number. Example: 128.171.17.13:80 For servers, specifies a specific application on a specific server. For clients, specifies a specific connection on a specific client. 90 Using netstat -n 91 Figure 8-19: Use of TCP (and UDP) Port Numbers, Continued Client 60.171.18.22 Ephemeral Source Port Number (50047) From: 60.171.18.22:50047 To: 1.33.17.13:80 Well-Known Destination Port Number (80) A connection has both a source and destination socket. Webserver 1.33.17.13 Port 80 Socket is based on the packet IP addresses and the TCP or UDP port number fieldsSMTP Server 123.30.17.120 Port 25 92 Figure 8-19: Use of TCP (and UDP) Port Numbers, Continued Client 60.171.18.22 From: 60.171.18.22:50047 To: 1.33.17.13:80 From: 1.33.17.13:80 To: 60.171.18.22:50047 In two-way communication, the sockets are reversed for transmissions in the opposite direction. Webserver 1.33.17.13 Port 80 SMTP Server 123.30.17.120 Port 25 93 Figure 8-19: Use of TCP (and UDP) Port Numbers, Continued Client 60.171.18.22 From: 60.171.18.22:50047 To: 1.33.17.13:80 If a client connects to two servers, it will select different ephemeralWebserver port numbers (50047 and 60003) for the two1.33.17.13 connections Port 80 From: 60.171.18.22:60003 To: 123.30.17.120:25 SMTP Server 123.30.17.120 Port 25 94 95 Figure 8-17: TCP Segment and UDP Datagram, Continued Bit 0 UDP Datagram Bit 31 Source Port Number (16 bits) Destination Port Number (16 bits) UDP Length (16 bits) UDP Checksum (16 bits) Data Field UDP also uses source and destination port numbers. The UDP header is very simple because it does not have to handle connections, error correction, flow control, and other supervisory matters. Figure 8-20: Layer 3 Switches and Routers in Site Internets To Other Sites Border Router Layer 3 Switch Layer 3 switches are routers. Layer 3 Switch Ethernet However, they are faster than Workgroup traditional software-based Switch routers because they do processing in hardware. Ethernet Workgroup Switches are faster than routers, Switch so marketers invented “Layer 3 switch. 96 Figure 8-20: Layer 3 Switches and Routers in Site Internets, Continued To Other Sites Border Router Layer 3 Switch Layer 3 switches are routers. Layer 3 Switch Ethernet mean However, hardware limitations Workgroup that they are limited routers. Switch They are not full multiprotocol routers. Ethernet They only support TCP/IP Workgroup and, sometimes, IPX/SPX. Switch This limits their usefulness. 97 Figure 8-20: Layer 3 Switches and Routers in Site Internets, Continued To Other Sites Border Router Layer 3 Switch Layer 3 switches are routers. Layer 3 Switch Ethernet However, hardware limitations mean that they are limitedWorkgroup routers. Switch They usually cannot connect to Ethernet WANs because they usually only implement Workgroup Ethernet at the data link layer. Switch A router is normally used at the border. 98 Figure 8-20: Layer 3 Switches and Routers in Site Internets, Continued Like traditional routers, L3 switches require To considerable management labor. Router Other Therefore, they usually do not Sites replace workgroups switches at the bottom of the hierarchy. Layer 3 Switch Layer 3 Switch Ethernet Workgroup Switch Ethernet Workgroup Switch User 99 Topics Covered IP Hierarchical IP addresses Network, subnet, and host parts Parts vary in length, but the total is always 32 bits 100 Topics Covered 101 IP Router Operation Compare destination IP address of packet to each row to find all matching rows Find the best-match row based on length of match and metric values Send the packet out the indicated interface to the indicated destination host or next-hop router Multiprotocol routers are not limited to routing IP packets Topics Covered IP Routing Protocols Allow routers to share route information so they can update their routing tables Multiprotocol Label Switching (MPLS) Bases routing decisions on packet labels instead of IP addresses Reduces work compared to normal routing and therefore costs less 102 Topics Covered Domain Name System (DNS) Not just to look up a destination host’s IP address if you only know its host name A general system for naming things on the Internet Firms want second-level domain names (cnn.com) ICMP For supervisory messages at the internet layer Error advisement messages of various types Pinging to see if a host or router is online 103 Topics Covered IPv4 Fields Version Time to live (TTL) Protocol Options (rare and suspicious) Data field IPv6 128-bit address fields to allow many more hosts on the Internet 104 Topics Covered TCP One-bit Flag fields (if value is 1, said to be set) Sequence numbers Acknowledgement numbers and ACK bit FIN versus RST closes Window size field for flow control (Module A) Port numbers Well-known, registered for applications Ephemeral for client connections Socket syntax = IP address : port number 105 Topics Covered UDP Also has source and destination port numbers Otherwise simple because does not do supervisory chores Layer 3 Switches Routers, but fast and inexpensive like switches. But labor cost to manage any router is high Limited in protocol handling, interfaces Very attractive where they can be used 106