6/16/2015 Network Fundamentals II Dr. Tim Lin ECE Department Cal Poly Pomona Add Corporate Logo Here EXIT > >

04/18/23

Network Fundamentals IINetwork Fundamentals II

Dr. Tim Lin

ECE Department

Cal Poly Pomona

Add Add CorporateCorporate

LogoLogoHereHere

EXITEXIT>>

Agenda• What is Computer Network• ISO / OSI model• Internet Organizations• IP Addresses

– v4• Classful• Classless

– V6• IP Protocol

– Header

• ICMP Protocol• ARP Protocol

• UDP Protocol• TCP Protocol

– Header– Flow Control– Error Control– Congestion Control

• FTP Protocol• HTTP Protocol• SMTP Protocol• Network Commands• Technology (LAN)

04/18/23

IP ProtocolIP Protocol

EXITEXITOSIOSI>><<

• The transmission mechanism at the network layer

• Unreliable connectionless datagram protocol

Figure 7.1 Position of IP in TCP/IP protocol suite

Figure 7.2 IP datagram

Tools to Analyze IP Packet

• Wireshark– http://www.wireshark.org – Download From Dr. Rich’s CS499 site

• Ethereal– http://www.ethereal.com

Run Wireshark

Check Frame 253 an ICMP frame (which is an IP frame)

Analyze Frame 253

First 12 bytes: Ethernet dest and rc physical addresses

Analyze 74 bytes of IP data

• 0000 00 06 25 8f ac 55 00 0f 1f 4f 21 7a 08 00 45 00 ..%..U.. .O!z..E.• 0010 00 3c b5 f2 00 00 80 01 ca f6 c0 a8 01 6e 62 89 .<...... .....nb.• 0020 95 38 08 00 30 5c 02 00 1b 00 61 62 63 64 65 66 .8..0\.. ..abcdef• 0030 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 ghijklmn

opqrstuv• 0040 77 61 62 63 64 65 66 67 68 69 wabcdefg hi

IP Version 4

Header length = 5 * 4 = 20

Total length = 0x3c = 60 decimal. Frame = 14

ethernet + 60 IP

Protocol = 1 meaning ICMP from

chart 6

Figure 8.25 Example of checksum calculation in hexadecimal

Figure 9.1 Position of ICMP in the network layer

Figure 9.2 ICMP encapsulation

Figure 9.3 General format of ICMP messages

Analyze 74 bytes of ICMP data

• 0000 00 06 25 8f ac 55 00 0f 1f 4f 21 7a 08 00 45 00 ..%..U.. .O!z..E.• 0010 00 3c b5 f2 00 00 80 01 ca f6 c0 a8 01 6e 62 89 .<...... .....nb.• 0020 95 38 08 00 30 5c 02 00 1b 00 61 62 63 64 65 66 .8..0\.. ..abcdef• 0030 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 ghijklmn

opqrstuv• 0040 77 61 62 63 64 65 66 67 68 69 wabcdefg hi

IP Version 4

Header length = 5 * 4 = 20

Total length = 0x3c = 60 decimal. Frame = 14

ethernet + 60 IP

Protocol = 1 meaning ICMP from

chart 6

ICMP Type = 8 or echo request, agreeing with chart 9

Underlined data: ICMP data section

Ethernet type 0800

C code of ping (ICMP)• //• // Ping.h• //

• #pragma pack(1)

• #define ICMP_ECHOREPLY 0• #define ICMP_ECHOREQ 8

• // IP Header -- RFC 791• typedef struct tagIPHDR• {• u_char VIHL; // Version and IHL• u_char TOS; // Type Of Service• short TotLen; // Total Length• short ID; // Identification• short FlagOff; // Flags and Fragment Offset• u_char TTL; // Time To Live• u_char Protocol; // Protocol• u_short Checksum; // Checksum• struct in_addr iaSrc; // Internet Address - Source• struct in_addr iaDst; // Internet Address - Destination• }IPHDR, *PIPHDR;

Check IP Header (chart 5)

Ping.h• // ICMP Header - RFC 792• typedef struct tagICMPHDR• {• u_char Type; // Type• u_char Code; // Code• u_short Checksum; // Checksum• u_short ID; // Identification• u_short Seq; // Sequence• char Data; // Data• }ICMPHDR, *PICMPHDR;

• #define REQ_DATASIZE 32 // Echo Request Data size

• // ICMP Echo Request• typedef struct tagECHOREQUEST• {• ICMPHDR icmpHdr;• DWORD dwTime;• char cData[REQ_DATASIZE];• }ECHOREQUEST, *PECHOREQUEST;

• // ICMP Echo Reply• typedef struct tagECHOREPLY• {• IPHDR ipHdr;• ECHOREQUEST echoRequest;• char cFiller[256];• }ECHOREPLY, *PECHOREPLY;

• #pragma pack()

Ping.c (prelude)

• //• // PING.C -- Ping program using ICMP and RAW Sockets• //

• #include <stdio.h>• #include <stdlib.h>• #include <winsock.h>

• #include "ping.h"

• // Internal Functions• void Ping(LPCSTR pstrHost);• void ReportError(LPCSTR pstrFrom);• int WaitForEchoReply(SOCKET s);• u_short in_cksum(u_short *addr, int len);

• // ICMP Echo Request/Reply functions• int SendEchoRequest(SOCKET, LPSOCKADDR_IN);• DWORD RecvEchoReply(SOCKET, LPSOCKADDR_IN, u_char *);

Ping.c main function• // main()• void main(int argc, char **argv)• {• WSADATA wsaData;• WORD wVersionRequested = MAKEWORD(1,1);• int nRet;

• // Check arguments• if (argc != 2)• {• fprintf(stderr,"\nUsage: ping hostname\n");• return;• }

• // Init WinSock• nRet = WSAStartup(wVersionRequested, &wsaData);• if (nRet)• {• fprintf(stderr,"\nError initializing WinSock\n");• return;• }

• // Check version• if (wsaData.wVersion != wVersionRequested)• {• fprintf(stderr,"\nWinSock version not supported\n");• return;• }

• // Go do the ping• Ping(argv[1]);

• // Free WinSock• WSACleanup();• }

Ping function first part• void Ping(LPCSTR pstrHost)• {• SOCKET rawSocket;• LPHOSTENT lpHost;• struct sockaddr_in saDest;• struct sockaddr_in saSrc;• DWORD dwTimeSent;• DWORD dwElapsed;• u_char cTTL;• int nLoop;• int nRet;

• // Create a Raw socket• rawSocket = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);• if (rawSocket == SOCKET_ERROR) • {• ReportError("socket()");• return;• }•• // Lookup host• lpHost = gethostbyname(pstrHost);• if (lpHost == NULL)• {• fprintf(stderr,"\nHost not found: %s\n", pstrHost);• return;• }•• // Setup destination socket address• saDest.sin_addr.s_addr = *((u_long FAR *) (lpHost->h_addr));• saDest.sin_family = AF_INET;• saDest.sin_port = 0;

• // Tell the user what we're doing• printf("\nPinging %s [%s] with %d bytes of data:\n",• pstrHost,• inet_ntoa(saDest.sin_addr),• REQ_DATASIZE);

Ping function part II• // Ping multiple times• for (nLoop = 0; nLoop < 4; nLoop++)• {• // Send ICMP echo request• SendEchoRequest(rawSocket, &saDest);

• // Use select() to wait for data to be received• nRet = WaitForEchoReply(rawSocket);• if (nRet == SOCKET_ERROR)• {• ReportError("select()");• break;• }• if (!nRet)• {• printf("\nTimeOut");• break;• }

• // Receive reply• dwTimeSent = RecvEchoReply(rawSocket, &saSrc, &cTTL);

• // Calculate elapsed time• dwElapsed = GetTickCount() - dwTimeSent;• printf("\nReply from: %s: bytes=%d time=%ldms TTL=%d", • inet_ntoa(saSrc.sin_addr), • REQ_DATASIZE,• dwElapsed,• cTTL);• }• printf("\n");• nRet = closesocket(rawSocket);• if (nRet == SOCKET_ERROR)• ReportError("closesocket()");• }

Send Echo Request• // SendEchoRequest()• // Fill in echo request header• // and send to destination• int SendEchoRequest(SOCKET s,LPSOCKADDR_IN lpstToAddr) • {• static ECHOREQUEST echoReq;• static nId = 1;• static nSeq = 1;• int nRet;

• // Fill in echo request• echoReq.icmpHdr.Type = ICMP_ECHOREQ;• echoReq.icmpHdr.Code = 0;• echoReq.icmpHdr.Checksum = 0;• echoReq.icmpHdr.ID = nId++;• echoReq.icmpHdr.Seq = nSeq++;

• // Fill in some data to send• for (nRet = 0; nRet < REQ_DATASIZE; nRet++)• echoReq.cData[nRet] = ' '+nRet;

• // Save tick count when sent• echoReq.dwTime = GetTickCount();

• // Put data in packet and compute checksum• echoReq.icmpHdr.Checksum = in_cksum((u_short *)&echoReq, sizeof(ECHOREQUEST));

• // Send the echo request • nRet = sendto(s, /* socket */• (LPSTR)&echoReq, /* buffer */• sizeof(ECHOREQUEST),• 0, /* flags */• (LPSOCKADDR)lpstToAddr, /* destination */• sizeof(SOCKADDR_IN)); /* address length */

• if (nRet == SOCKET_ERROR) • ReportError("sendto()");• return (nRet);• }

Receive Echo Reply• // Receive incoming data• // and parse out fields• DWORD RecvEchoReply(SOCKET s, LPSOCKADDR_IN lpsaFrom, u_char *pTTL) • {• ECHOREPLY echoReply;• int nRet;• int nAddrLen = sizeof(struct sockaddr_in);

• // Receive the echo reply• nRet = recvfrom(s, // socket• (LPSTR)&echoReply, // buffer• sizeof(ECHOREPLY), // size of buffer• 0,

// flags• (LPSOCKADDR)lpsaFrom,// From address• &nAddrLen); // pointer to

address len

• // Check return value• if (nRet == SOCKET_ERROR) • ReportError("recvfrom()");

• // return time sent and IP TTL• *pTTL = echoReply.ipHdr.TTL;• return(echoReply.echoRequest.dwTime); • }

Ping.c: Report Error• // What happened?• void ReportError(LPCSTR pWhere)• {• fprintf(stderr,"\n%s error: %d\n",• WSAGetLastError());• }

• // WaitForEchoReply()• // Use select() to determine when• // data is waiting to be read• int WaitForEchoReply(SOCKET s)• {• struct timeval Timeout;• fd_set readfds;

• readfds.fd_count = 1;• readfds.fd_array[0] = s;• Timeout.tv_sec = 5;• Timeout.tv_usec = 0;

• return(select(1, &readfds, NULL, NULL, &Timeout));• }

Ping.c Checksum• //• // Mike Muuss' in_cksum() function• // and his comments from the original• // ping program• //• // * Author -• // * Mike Muuss• // * U. S. Army Ballistic Research Laboratory• // * December, 1983

• /*• * I N _ C K S U M• *• * Checksum routine for Internet Protocol family headers (C Version)• *• */

• u_short in_cksum(u_short *addr, int len)• {• register int nleft = len;• register u_short *w = addr;• register u_short answer;• register int sum = 0;

• /*• * Our algorithm is simple, using a 32 bit accumulator (sum),• * we add sequential 16 bit words to it, and at the end, fold• * back all the carry bits from the top 16 bits into the lower• * 16 bits.• */• while( nleft > 1 ) {• sum += *w++;• nleft -= 2;• }

• /* mop up an odd byte, if necessary */• if( nleft == 1 ) {• u_short u = 0;

• *(u_char *)(&u) = *(u_char *)w ;• sum += u;• }

• /*• * add back carry outs from top 16 bits to low 16 bits• */• sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */• sum += (sum >> 16); /* add carry */• answer = ~sum; /* truncate to 16 bits */• return (answer);• }

Figure 8.1 Position of ARP in TCP/IP protocol suite

Figure 8.2 ARP operation

LAN

a. ARP request is multicast

System A System B

b. ARP reply is unicast

LAN

System A System B

Looking for physical address of anode with IP address 141.23.56.23

Request

The node physical addressis A4:6E:F4:59:83:AB

Reply

Figure 8.3 ARP packet

Figure 8.5 Four cases using ARP

Figure 8.6 Example 8.1

Note Ethernet Type bytes are 0806 for ARP, different from IP

packet of 0800

ARP Reply Frame

Did you see 0806 in ethernet type?