The Network Layer and the Internet Protocol
kirja sivut 190-222
Verkkokerros
•
Internet-protokolla (IP) toteuttaa verkkokerroksen– Tietoliikennepaketit välitetään erilaisten fyysisten kerrosten ylitse koneelta koneelle
– IP tarjoaa "best effort"-tyyppisen epäluotettavan välityspalvelun – Ylemmät kerrokset välittävät datan oikealle sovellukselle, IP tuo
sen vain koneelle
•
Verkkokerroksen osoiteavaruus on globaali•
Toimiakseen verkkokerros tarvitsee:– Kehystyksen linkkikerrokselta
– Lähiverkoissa muunnoksen IP-osoitetta vastaavaan MAC- osoitteeseen (ARP)
– Point-to-point -verkoissa tiedon linkkien takana sijaitsevista IP- verkoista (reititysprotokollat)
– Konfiguraatiotiedot (DHCP)
OVERVIEW
• The Internet Protocol
• IP addresses, address resolution
• IP in LAN environment
• Static routing
Network Layer
• Network layer packets are transmitted from the sending network entity all the way to the reciever, spanning several LANs and data link layer
technologies
• There are several network layer protocols
–
Internet Protocol (IP) is currently the most common one–
X.25 is almost obsolete–
Provides reliable, connection oriented packet networkingIP
• IP = The Internet Protocol
• Defined in RFC 791
• IP sends simple datagrams over network.
• It provides unreliable and connectionless delivery service.
–
unreliable = no guarantees, ICMP error messages–
connectionless = each packet is treated as a separate case• Large IP packets may be fragmented and reassembled in transmission
–
In practice path MTU discovery is used instead–
Maximum Transmission UnitIP Packet Format
Data
Padding Options...
Destination IP address Source IP address
Header checksum Protocol
TTL
Fragment offset Flags
Identification
Total length Hdr TOS
length Vers
0 16
bits31
...IP Packet Format
• Version is 4 until IPv6 comes.
• Type of Service contains quality parameters, like maximize throughput or reliability. This field has never been really used and is now recycled for different Quality of Service solutions
• Identification is set by sending host to unique value for each sent IP-packet, usually this is an incremental counter.
• Flags tell if this packet is fragmented or if this packet should not be fragmented
• Fragment offset tells how far from the head of
original datagram this fragment is
...IP Packet Format
• Time to Live is decremented by one by every router passed. When 0 is reached, the packet is discarded and an ICMP-message sent back.
• Protocol may be TCP, UDP, ICMP or one of several others
• Options are rarely used and not widely supported.
They are loose and strict source routing, route
recording, time stamping and military security
options (RFC 1108).
IP Addresses
• IP address identifies a network interface. A host can have several interfaces.
• Current length is 32 bits (IPv4). Future length is 128 bits (IPv6).
• General syntax:
–
4 components separated by dots ("dotted quad")–
decimal numbers (0-255)–
for example: 193.210.18.18• Addresses have two components, the network id
and the host id.
Address Classes
•
The network part of the address is used to route a packet to the right LAN– The host part tells which host on a LAN should receive the packet
– If a host is sending a packet to an address, which network part is not same as the sender’s the packet is sent to a gateway
(router), if the network part is same, the packet is sent to the LAN
•
There is only a small number of class A networks but they can have many hosts•
Class B networks are almost all taken•
There are quite a few class C networks but they can only have 254 hosts each•
Class based routing is now mostly obsolete and replaced by classless routing (CIDR)Address Classes
•
A traditional division of IPv4 Internet addresses, now mostly obsolete•
Still often referred to in discussions11110 1110 110 10 0 first bits
reserved 240-247
0 27
E
multicast addresses 224-239
0 28
D
small -"- 192-223
8 21
C
medium -"- 128-191
16 14
B
large organizations 0-127
24 7
A
use first
byte host
bits netID
bits Class
CIDR (Classless Inter Domain Routing)
•
Arbitrary length host and network fields instead of A, B and C classes•
Commonly used to make superblocks of C classes for routing (a.k.a. supernetting)•
In the future may be used to split unused A classes•
Network mask marks the boundary– For example 130.223.236.0/22 netmask is 255.255.252.0
– The number after the slash (/) tells how many bits in the mask are 1, the rest are 0
•
Host IP address AND network mask = network's IP address•
RFC 1518, 1519Special Addresses
• 0.0.0.0 is used for "any" or "no" IP address
• 255.255.255.255 is local broadcast address
• 127 followed by hostID is the loopback address
–
E.g. 127.0.0.1• NetID followed by all zeros is the network address
–
E.g. 222.1.16.0/24• NetID followed by all ones is network broadcast address
–
E.g. 222.1.16.255/24Special Addresses
• On the Internet there is an agreement that some addresses are not routed to the backbone
–
10.0.0.0/8–
192.168.0.0/16–
172.16.0.0/12• These addresses are called private networks and
used for NAT (Network Address Translation)
Subnetting
•
Large networks are often divided into smaller units•
Subnetting hides the details of internal network organization– for example, 150.78.0.0/16 (216-2 hosts) could be subnetted to 150.78.0.0/24 (28 subnets with 28-2 hosts in each)
•
Host IP address AND network mask = network IP addressHostID SubnetID
NetID
Default netmask Subnet mask
ICMP
•
ICMP = Internet Control Message Protocol•
Defined in RFC 792•
ICMP packet syntax:– Type identifies the message: echo request, echo reply, destination unreachable, etc.
– Code defines the reason: host unreachable, port unreachable, etc.
– Data contains part of the IP packet that caused the error.
Data
Checksum Code
Type
ICMP
•
ICMP messages are transmitted in IP datagrams.•
Communicates error messages and other conditions that require attention.•
Can be utilized to track network infrastructure (ping, traceroute).ICMP data ICMP header
IP header
IP on LAN
• Usually one physical segment = one IP network
• Each IP network has a network address and a broadcast address
• Problem: IP addresses only make sense to the TCP/IP protocol suite, not to the hardware
interface
• Solution: ARP maps IP addresses to hardware addresses
• If a booting host doesn’t know its IP address,
DHCP (or RARP, BOOTP) can be used
…IP on LAN
• Host interfaces must be activated
• Loopback interface:
ifconfig lo 127.0.0.1
• Ethernet interface:
ifconfig eth0 194.197.118.42 broadcast \ 194.197.118.255 netmask 255.255.255.0
• Other interfaces
• Default route
route add default 194.197.118.1
…IP on LAN
gato tsilven 6$ ifconfig -a
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0 UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX packets:77 errors:0 dropped:0 overruns:0 frame:0 TX packets:77 errors:0 dropped:0 overruns:0 carrier:0 collisions:0
eth0 Link encap:Ethernet HWaddr 00:60:08:06:2A:36
inet addr:194.197.118.42 Bcast:194.197.118.255 Mask:255.255.255.0
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:178567 errors:0 dropped:0 overruns:0 frame:0 TX packets:43770 errors:0 dropped:0 overruns:0 carrier:0 collisions:20
Interrupt:5 Base address:0x6c00 gato tsilven 7$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Iface 194.197.118.0 0.0.0.0 255.255.255.0 U 1500 eth0
ARP (Address Resolution Protocol)
• A host finds other hosts by broadcasting an ARP query for the IP address
• The host with correct IP address replies with its hardware address
• The address pair is added to receivers dynamic ARP cache
• Features: proxy ARP, gratuitous ARP
• RFC 826
ARP Packet Format
•
Encapsulated into link layer frame•
Data is always 28 bytes– hardw type = hardware address type (0x0001 = Ethernet) – prot type = protocol address type (0x0800 = IP)
– OP = operation (ARP/RARP request/reply)
target IP address target
MAC address sender
IP
address sender
MAC address OP
prot size hardw
size prot
type hardw
type
2 2 1 1 2 6 4 6 4 bytes
ARP, an Example
gato tsilven 15$ arp -a
jalopeno.nixu.fi (194.197.118.20) at 08:00:20:74:F1:2C [ether] on eth0 fajitas.nixu.fi (194.197.118.21) at 08:00:20:18:06:14 [ether] on eth0 tapas.nixu.fi (194.197.118.24) at 08:00:09:6D:B6:44 [ether] on eth0 gato tsilven 16$ ping 194.197.118.37
PING 194.197.118.37 (194.197.118.37): 56 data bytes
64 bytes from 194.197.118.37: icmp_seq=0 ttl=64 time=3.0 ms 64 bytes from 194.197.118.37: icmp_seq=1 ttl=64 time=0.7 ms --- 194.197.118.37 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 0.7/1.8/3.0 ms
gato tsilven 17$ arp -a
jalopeno.nixu.fi (194.197.118.20) at 08:00:20:74:F1:2C [ether] on eth0 sueno.nixu.fi (194.197.118.37) at 00:60:08:54:2D:D9 [ether] on eth0 fajitas.nixu.fi (194.197.118.21) at 08:00:20:18:06:14 [ether] on eth0 tapas.nixu.fi (194.197.118.24) at 08:00:09:6D:B6:44 [ether] on eth0
ARP, an Example
bash-2.02# tcpdump -i eth0 -n -t -q\
host 194.197.118.42
tcpdump: listening on eth0
arp who-has 194.197.118.37 tell 194.197.118.42 arp reply 194.197.118.37 is-at 0:60:8:54:2d:d9
194.197.118.42 > 194.197.118.37: icmp: echo request 194.197.118.37 > 194.197.118.42: icmp: echo reply 194.197.118.42 > 194.197.118.37: icmp: echo request 194.197.118.37 > 194.197.118.42: icmp: echo reply 6 packets received by filter
0 packets dropped by kernel
Bootstrapping an IP Host in the LAN
• RARP (Reverse ARP), a host broadcasts its
hardware address and receives an IP address to use as its own
• BOOTP (Bootstrap Protocol) is better:
–
IP address and other information can be given• Both now replaced by DHCP (Dynamic Host
Configuration Protocol)
DHCP
• DHCP (Dynamic Host Configuration Protocol) extends BOOTP:
–
automatic assignment of (permanent) IP addresses–
dynamic assignment for a limited time• Extends vendor-specific area from 64 to 312 bytes
• RFC 1531
• Supports distributed configuration
–
Message forwarding or local servers• Not a trivial service to configure for large
installations
…DHCP
•
Messages are sent using UDP over IP – Server in port 67, client in port 68•
The DHCP server on the LAN segment is found using a broadcast– First packet to 255.255.255.255 from 0.0.0.0 (client does not know its’ own address)
•
Message types:– DISCOVER, OFFER, REQUEST, DECLINE, ACK, NAK, RELEASE
•
The server returns all necessary information – IP address, netmask, gateway to the client – DNS server’s address also– Address assignment for limited time or permanently – The IP address can be from a pool or static
DHCP Event Diagram
Server1 Client Server 2
DHCPDISCOVER
DHCPOFFER DHCPREQUEST
DHCPACK DHCPDISCOVER
DHCPOFFER DHCPREQUEST
Static Routing
• When host has an IP datagram to send, it checks the routing table for the correct destination
• When a host receives an IP datagram, it checks datagram’s destination address
–
if there is a match, IP layer delivers the datagram to correct protocol module–
else the datagram is silently discarded• A (Unix) system can be configured to act as a router in addition to acting as a host
–
routers can forward IP datagrams from one of its interfaces to anotherRouter
• Router is a network component, which passes traffic between networks
–
Two or more network interfaces connected to networks or to other routers• For each and every given destination address, router must be able to make routing decision
–
Where (to what interface) I send this packet ?–
Routing decision might also be: No such destination, cannot send–
This applies also to workstations and servers even though they usually have only one network interface• Routing decisions are based on routing table
–
Data structure, which contains information about possibleRouting Table, an Example
gato tsilven 19$ netstat -rn Kernel IP routing table
Destination Gateway Genmask Flags MSS Iface 194.197.118.0 0.0.0.0 255.255.255.0 U 1500 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 3584 lo 0.0.0.0 194.197.118.1 0.0.0.0 UG 1500 eth0
Routing table
• Can be fixed (configured by hand to each device)
–
Static routing–
Common at the edges of the network, workstations, servers–
Not feasible on big and redundant networks–
Usually very robust• Can also be dynamic
–
Configured by hand at some point of the network distributed automatically–
Routers exchange information using routing protocols–
Routing protocol events (routing updates) affect directly to routing table.–
This causes interesting dynamic problems–
Debugging can be painfulRouting table contents
• For each destination, routing table contains
–
Addresses for this destination–
Might be some kind of wild card, e.g. all destinations not mentioned elsewhere in routing table (default route)–
Usually expressed as network number / mask–
E.g. 194.197.118.0 / 24 (class C network, 24 network bits)–
Modern routing mechanisms are classless, any number of network bits allowed–
Old-fashioned implementations usually are more or less class-bound.–
Next hop (where to send traffic to this destination)–
Additional information (cost and/or other administrative information)...Routing table contents
• In practice, most transit providers accept only routes with 24 or less network bits
–
E.g. no routes smaller than class C are accepted–
Now backbone transit providers are moving towards allowing /16 networks–
Usually called “superblocks” (254 C classes)• The routing table has usually a cost associated to each link
–
Not a monetary cost, more like a preference (lowest preferred)Routing table
•
Common case: LAN connected to Internet using serial line – Routing table is very simple, a typical case for static routing:Serial line to Internet (default s0
*
Local LAN (Ethernet) e0
193.209.237.0/24
Comment Next hop
Destination Internet
Internet
s0 R e0
193.209.237.0/24
...Routing table
•
When amount of routers and redundant links increase to non-trivial numbers, something more flexible is needed – Static routing can not handle redundant links nor link faults– Except on some environments (and even there unreliable)
Inet
R1
R2
R3 s1
s0
e0
L2, 2Mbps L1, 2 Mbps
L2, 64 kbps
193.209.237.0/24
...Routing table
• Routing table for router R3
Destination Next hop Cost Comment
194.197.118.0/24 e0 0 Directly connected 193.209.237.0/24 s0 1 Fastest route
193.209.237.0/24 s1 10 Backup via R2
* s0 1 Fastest route via R1
* s1 10 Slower
–
Cost added to routing table, prioritization of redundant routes–
How we can know which links are up ?–
Routing protocol again !...Routing table
• What if we can not have default route at all ?
–
Internet "backbone"–
Multihomed network–
Internet connections from many (> 1) ISPs–
In this case routing table will be very big–
And it changes practically all the time–
Practical example on Internet router (1999-04-15)–
69000 prefixes (routes)–
Routes consume 16MB of memory–
Realistic minimum memory for router 64MBRouting protocols
•
Routers can talk to other routers and find out the network topology– Which paths are available to which networks – Which path should be preferred
– Routing protocols transport information, not IP packets
•
Routing protocols can be divided by algorithm or by area•
By algorithm:– No routing protocol (static routes) – Link state protocols (SPF)
– Distance vector protocols (Bellman-Ford)
•
By area:– Routing protocols used internally by one AS, Interior Gateway Protocols
– Routing protocols used between ASes, Exterior Gateway Protocols