10. Mar. 20041INF-3190: Internet Internet Foreleser: Carsten Griwodz Email: [email protected]@ifi.uio.no.

10. Mar. 2004 1 INF-3190: Internet

Internet

Foreleser: Carsten GriwodzEmail: [email protected]


Data link andPhysical layer

Networklayer

Transportlayer

Applicationlayer

Internet Protocol Stackand Some Well-known Protocols

WANs

ATM

LLC & MAC

physical

LANs

MANs

IP+ ICMP+ ARP

TCP UDP

SMTP

HTTP

FTP

TELN

ET N

FS RTP


Internet Protocol IP

Defined for the first time in 1981 J. Postel RFC 791, September 1981

Connectionless service (datagram) Provide best-efforts (not guaranteed) way to transport

datagrams From source to destination Without regard whether

these machines are on the same network there are other networks in between

Packet length In theory: up to 64 kBytes In real life: approx. 1500 Bytes


IP Segmentation/Reassembly

Transparent segmentation

Non-transparent segmentation Used in the Internet


IPv4 Datagram Format 4 bits

16 values

Version IPv4: dominant version IPv6: upcoming successor to

IPv4

Protocol specific fields

VersionInternet NetworkLayers Headers

0 Not in use12345

Not in use

Not in useNot in use

Internet Protocol, version 4Stream Protocol (ST, ST-II)

6 Internet Protocol, version 67 IPv77, TP/IX, CATNIP8 PIP9 TUBA

10 Not in use1112131415

Not in useNot in useNot in useNot in useNot in use


Version IHL Type of service

IPv4 Datagram Format

Header Length (IHL) (in 32 bit words)

at least 5 words with 32 bit each = 20 bytes

at most 15 words with 32 bit each = 60 bytes

D T R C

Precedence (3 bit) priority 0 (normal) ...7 (network control) influences the queuing scheme (and

not routing)

1 bit unused C (1 bit): low cost R (1 bit): high reliability T (1 bit): high throughput D (1 bit): low delay

Type of Service Original definition

OLD definition Was ignored by routers Redefined by DiffServ


Version IHL DS


0

Class selector codepoints If of the form xxx000

DS Field Differentiated

Services Field New definition

NEW definition DiffServ compliant Not widely deployed

yet

0

Differentiated Services Codepoint xxxxx0 reserved for standardization xxxx11 reserved for local use xxxx01 open for local use, may be

standardized later


Version IHL DS


IdentificationTotal length

Total length full length including the data stated in bytes all hosts must be prepared to accept datagrams of up to 576 bytes recommendation:

send larger datagrams only if assured that destination can handle these max. 65.535 byte, often approximately 1500 byte

Identification necessary for destination to determine datagram a fragment belongs to all fragments of a datagram contain same identification value


Version IHL DS



Flags 1 bit unused DF (1 bit): don’t fragment

Routers must be able to handle packets with 576 or fewer bytes MF (1 bit): more fragments

last fragment marked 0 Fragment offset

offset of this fragment, i.e. the position within a datagram stated in multiples of 8 bytes (elementary frament unit) 13 bits max. 8192 fragments / datagram max. datagram len.

65536 bytes

DM Fragment offset


Version IHL DS



Time To Live (TTL) life cycle in seconds, max. 255 sec when 0: drop packet, feedback to sender must be decremented per hop, in practical use: counts hops (not

seconds) Protocol type of higher level protocol for transmission

1 – ICMP Internet Control Message Protocol 2 – IGMP Internet Group Management Protocol 3 – GGP Gateway to Gateway Protocol 4 – IP IP in IP tunneling 5 – ST ST-II in IP tunneling 6 – TCP TCP …

DM Fragment offsetTime to live Protocol


Version IHL DS



Header Checksum to detect errors generated by bad memory words inside an IS observed each time when datagram is received (both in IS and ES)

if necessary datagram is dropped certain summation of the header words

addition of all 16-bit halfwords in one’s complement arithmeticand use one’s complement of result (assume this field as zero upon arrival)

must be recomputed at each hop (due to change in Time-to-Live field) Source Address

sender’s IP address Destination Address

receiver’s IP address

DM Fragment offsetTime to live Protocol

Destination AddressSource address

Header checksum


Options (0 or more)

Destination AddressSource address

Time to live Protocol Header checksumIdentification DM Fragment offset

Version IHL Type of service Total lengthPRE ToS


Data

Options options for routing, testing and debugging conceptual design: as an enhancement for future versions variable length: each begins with 1-byte identification code

Padding fill up to the word limit

Data field for user data

Example options security: security degree,

exclusion of routes, ignored in practice

strict source routing: sender specifies exact route

loose source routing: sender specifies list of routers to visit

record route: store IP addresses of routers

timestamp: like record route, but also timestamp added at router

Padding


IPv4 Datagram Format Example option: record route

IS

SenderReceiver

128.2.14.16

128.2.3.4 128.7.1.3

128.7.8.9128.10.4.12 128.9.12.4

128.9.3.17128.10.4.2

Options

Payload

P 128.2.14.16 empty empty empty empty empty

Record Route Option

128.2.3.4 128.7.8.9 128.10.4.12 128.9.3.17


Internet Control Message Protocol (ICMP)

History J. Postel RFC 792, Sept. 1981

Purpose to communicate network layer information

mostly error reportinge.g. in ftp, telnet, http appears "destination network unreachable"

ICMP origin, e.g.: a router was unable to find the given destination address router sent back ICMP (Type 3) packet sending host received the packet, returned error code to TCP TCP returned error code to application (e.g. ftp, telnet, http)

between hosts, routers (and gateways)

ICMP messages are sent as IP packets i. e. the first 32 bits of the IP data field are ICMP headers


Internet Control Message Protocol (ICMP)

Header structure

Type 16 types, a. o.

destination or port or protocol unreachable fragmentation necessary but DF (don’t fragment) DF is set source route failed, redirect (for routing) echo-request and echo-reply (e.g. for "ping" program) source quench (packet for congestion control)

Code states cause if type is "destination unreachable"

e. g. net, host, protocol, port unreachable or fragmentation needed, source route failed

Type Code Checksum


Internet Addresses andInternet Subnetworks

Original global addressing concept for the Internet For addressing end systems and intermediate systems each network interface (not ES) has its own unique address 5 classes

ICANN (Internet Corporation for Assigned Numbers and Names) manages network numbers delegates parts of the address space to regional authorities

0 Network Host

1

7

0

1 1 0

Network Host

Network Host

1 1 01 Multicast address

1 111 Reserved

24

14 16

21 8

28

28

A

B

C


Internet Address andInternet Subnetworks

Networks grow and should be somehow structured several networks instead of one preferable but getting several address areas is hard

since address space is limited e.g., university may have started with class B address, doesn’t get

second one Problem

class A, B, C refer to one network, not collection of LANs

Allow a network to be split into several parts for internal use still look like single network to outside world


Internet Address andInternet Subnetworks

Idea local decision for subdividing host share

into subnetwork portion and end system portion

1 0 Network Host14 16

Use “subnet mask” to distinguish network and subnet part from host part

Routing with 3 levels of hierarchy Algorithm in router

(by masking bits: AND between address and subnet mask): packet to another network (yes, then to this router) packet to local end system (yes, then deliver packet) packet to other subnetwork (yes, then reroute to appropriate router)

Subnet Host6 10

1 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 1 0e.g. address

129.8.7.2:

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0Subnet mask:

To write down subnet addresswith subnet mask use either 129.8.4.0/255.255.252.0or 129.8.4.0/221 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0Subnet address:

& &


CIDR: Classless InterDomain Routing

Subnetting not good enough Too many organizations require addresses

in principle many addresses due to 32-bit address space but inefficient allocation due to class-based organization

class A network with 16 million addresses too big for most cases class C network with 256 addresses is too small most organizations are interested in class B network, but there are only

16384 (in reality, class B too large for many organizations) Large number of networks leads to large routing tables

Introduction of CIDR (Classless InterDomain Routing) (RFC1519)

CIDR Principle to allocate IP addresses in variable-sized blocks

(without regard to classes) e.g., request for 2000 addresses would lead to

assignment of 2048 address block starting on 2048 byte boundary but, dropping classes makes forwarding more complicated


CIDR: Classless InterDomain Routing

Search for longest matching prefix if several entries with different subnet mask length may match

then use the one with the longest mask i.e., AND operation for address & mask must be done for each

table entry

Entries may be aggregated to reduce routing tables

Router194.24.0.0/19

Router

Router

Unassigned 194.24.12.0/22

Router

194.24.0.0/21

194.24.8.0/22

194.24.16.0/20


IP Version 6 (IPv6) Motivation for IPv6: problems with IPv4

Too few addresses Bad support for QoS Bad support for mobility Many other shortcomings …

Background & Status 1990: Call for Proposals 1992: 21 variants, with 7 possible candidates 1993: combination of 2 candidates:

S. Deering and Francis (Xerox, Palo Alto) result: RFC 1883-87 protocol, addressing, ICMP,

RFC 1825-29, newer ones appeared later(RFC2460-2466)

since 2000: possibility to expand but still debate about its future

Status of IPv6 at IFI First IPv6-capable routers installed Should work in summer


IPv6 Objectives To support billions of end systems

longer addresses To reduce routing tables To simplify protocol processing

simplified header

To increase security security means integrated

To support real-time data traffic flow label, traffic class

To provide multicasting To support mobility (roaming)

To be open for change (future) extension headers

To coexist with existing protocols

Scalability

Addressing IPv4limitations

Coexistance


IPv6 vs. IPv4

4 bits 16 values

Protocol specific fields

VersionInternet NetworkLayers Headers

0 Not in use12345

Not in use

Not in useNot in use

Internet Protocol, version 4Stream Protocol (ST, ST-II)

6 Internet Protocol, version 67 IPv77, TP/IX, CATNIP8 PIP9 TUBA

10 Not in use1112131415

Not in useNot in useNot in useNot in useNot in use


IPv6 vs. IPv4

VersionPriority Flow labelPayload length Next header Hop Limit

Destination Address(128 bit)

Source address(128 bit)

Options (0 or more)

Destination Address (32 bit)Source address (32 bit)

Time to live Protocol Header checksumIdentification DM Fragment offset

Version IHL Type of service Total lengthPRE ToSIPv4 Header

IPv6 Header

Total Length Payload Length

length including the data (but without the 40 byte header)

actually a maximum of 65.535 byte (plus 40 byte header)

min. 576 byte possibly extension via

"Jumbogram" options (but then no fragmentation)

a maximum of 65.535 byte may not be enough for a major data transmission

Protocol Next Header contains identification

Either transport layer protocol Or first option


IPv6 vs. IPv4

Options (0 or more)

Header checksumIdentification DM Fragment offsetIHL ToS

Constant header length IPv4 Type of Service

Precedence replaced by priority

D T R C-Bits (QoS) eliminated and replaced by "Flow label"

Identification, flags, fragment offset if still too large packet is sent, then error message

L4 should then take over this task and transfer the PDU with the appropriate size to L3

Header checksum L2 and L4 have sufficient mechanisms Communication channels better nowadays, at the expense of

the performance


IPv6 vs. IPv4

Options (0 or more)

Header checksumIdentification DM Fragment offsetIHL ToS

IPv6 options Are not part of

the header Follow the header

Indicated by “next header” field


Destination Address(128 bit)

Source address(128 bit)


IPv6 Header Fields


Destination Address

Source address

IPv6 Header

01234567

89

101112131415

Not characterizedFillerUnattendedReservedAttended bulk transferReservedInteractiveInternet management

Continuous rate traffic

With flow control Without flow control

Priority differentiation of

sources lower number < lower

priority


IPv6 Header Fields

Flow Label Definition may still change (experimental) Flow = Tupel (source ID, dest ID, No.) Pre-defined Handling defined by external auxiliary protocol

VersionPriorityPayload length Next header Hop Limit

Destination Address

Source address

Flow labelFlow label

TIME to live = Hop limit life cycle in number of

hops, max. 255this may not be sufficient, presently usually approx. 32 hops

Hop Limit


IPv6 Header Fields

Next Header contains either

transport layer protocol identification

Oroptions

VersionPriorityPayload length Next header Hop Limit

Destination Address

Source address

Flow labelFlow label

Example options Hop-by-hop options

miscellaneous information for routers

Routing full or partial route to

follow Fragmentation

management of datagram fragments

Authentication verfication of the

sender’s identity Encrypted security

payload information about

encrypted content Description options

additional information for the destination

Next header


IPv6 Addresses

0000 00010000 0010000 0100000 0110000 1000100101001110010111011101111 01111 101111 1101111 1110 01111 1110 101111 1110 111111 1111

UnassignedOSI NSAP address

Novell Netware IPX addressesUnassignedUnassignedUnassignedUnassigned

Provider-based addressesUnassigned

Geographic-based addressesUnassignedUnassignedUnassignedUnassignedUnassignedUnassignedUnassigned

Link local use addressesSite local use address

Multicast

0000 0000 Reserved (including IPv4) 1/256

1/128

1/321/161/8

1/16

1/64

1/512

1/1024

1/256

1/256

1/1281/128

1/128

1/32

1/1024

1/81/81/81/81/8

Prefix (binary) Usage Fraction


IPv6 Addresses and Anycast Provider based: approx. 16 mio. companies allocate addresses Geographically based: allocation as it is today Link, site-used: address has only local importance (security,

Firewall concept) Should make NAT (network address translation) useless

Anycast definition previously

unicast, broadcast and multicast now (new)

anycast send data to one member of a group

for example to the member which is the nearest one geographically i.e. a system within a pre-defined group is to be accessed

Anycast application To search for the nearest web-server To locate the nearest router of a multicast group

in order to participate in group communication

10. Mar. 20041INF-3190: Internet Internet Foreleser: Carsten Griwodz Email: [email protected]@ifi.uio.no.

Documents