Transcript LIS508 lecture 8: tcp/ip and domains Thomas Krichel 2003-11-25

LIS508 lecture 8:
tcp/ip and domains
Thomas Krichel
2003-11-25
Structure
•
•
•
IP
TCP
Domains
•
discussion mostly based on
Tanenbaum’s “computer networks”
classic book….
Internet Protocol IP
• LAN protocols are not part of the Internet.
• IP operates on top of LANs to make them
interoperable.
• IP sets up a set of logical addresses that locate
a physical device over the whole range of
locations over the Internet.
• It provides for the means to send datagrams
from one address to the other…
• Such datagrams are called packets. The IP
service is not reliable!
in the words of rfc791
• “The Internet protocol is designed for use in
interconnected systems of packet-switched
computer connection networks. The Internet
protocol provides for transmitting blocks of data
called datagrams from sources to destinations.
The Internet protocol also provides for
fragmentation and reassembly of long datagram,
if necessary, for transmission through 'small
packet' networks.”
• “There are no mechanisms to augment end-toend data reliability, flow control, sequencing, or
other services commonly found in host-to-host
protocols.”
IP address
• 32 bit address, usually written as a
sequence of four decimal numbers
between 0 and 255.
• Contains a network part and a host part
– dependent on the network mask
– depending on the class of the network
• All traffic that is not on the local network is
sent to a gateway
finding the IP address
• A host is on the Internet when it has an IP
address that others can reach. Usually
that implies knowing
– IP address of the machine
– network mask
– IP address of the gateway
• There can be written into a file on the
machine. This is usually referred to as a
static address.
reading the IP address
• An IP address has a network component
and a host component.
– Class A address a binary number that starts
with 0, then has 7bit for network information
and 24 for the host on that network
– Class B address is a binary number that
starts with 10, then has 14 bit for the network
and then 16 bits for the host.
– Class C address is a binary number starts
with 110, then has 21 bit for the network and
then 8 bit for the host.
address allocation
• traditionally organizations have been given
a network, belonging to one of the classes,
and then have given out hosts in the
organization
• Some organizations don't need a big block
of addresses
• Others are short (and they are usually not
in the US!)
address shortage
• IP classes waste addresses.
• They were set up to simplify routing of
packets.
• IP version 6 will have 128 bit addresses
and a completely different routing
algorithm, but until this is implemented, we
have address shortage.
static and dynamic addresses
• Static IP addresses have problems
– waste a lot of address space on machines
that are switched off
– have to be rewritten when device moves
• dynamic addressing has become more
common
• the most widely used protocol is the
dynamic host configuration protocol
dhcp
• When connected to a network a client software
on a host machine sends out a request on the
LAN it is attached to.
• A dhcp server will answer and lease an IP
address to the host, sending it the network mask
and the gateway address as well.
• Internet providers work like that to save address
space.
• Problem: some services require IP addresses to
be stable. They can not be run in such a setting.
routing
• using IP, all datagrams travel individually.
• they may travel through many networks in
order to get to their destination
• networks are interconnected through
routers who make the decision where to
send the packet to next.
• Such decision are based on routing
protocols such as OSPF or BGP etc. This
is a very complicated piece of engineering.
frame / packet / segment
• The Ethernet frame on the LAN contains the IP
packet.
• A gateway between two networks takes the
packet out of the Ethernet frame of one network,
and “wraps” it in a frame used on another
network.
• Inside the IP packet, there is a TCP segment.
The TCP segment tells the destination machine
what to do with the data.
transmission control protocol
• provides a reliable service of communication
– stream orientation: bytes come out from the sender,
arrive in the same order at the receiver
– packet buffering: fast arrived data is stored at the
destination until it can be processed
– full duplex: communication in two ways.
• if a packet has gone astray, TCP retransmit it.
• uses port numbers as addresses to tell the host
what to do with arriving packets.
applications and ports
• TCP uses port numbers to detect which
application protocol to send the data to.
• Some 0-1023 ports are well-known
– 80 for http
– 23 for telnet
-- 22 for ssh
-- 53 for dns
• firewalls can block traffic for specific ports
on specific machines and therefore allow
or prevent services.
summary : TCP/IP “model”
• Application layer
– http, smtp, ftp, dns, ntp
• Transport layer
– tcp, udp
• Network layer
– IP
• Host-to-host layer
– LAN and WAN protocols
Critique of tcp/ip
• Not a model but a protocol stack
• No proper distinction between
– Service
– Protocol
– Interface
• Ad hoc set of application protocols
introduction to NAT
• The biggest problem facing the Internet is
that it is running out of addresses for IPv.4
and that IPv6 is not implemented
everywhere.
• dhcp relieves this for machines that are on
and off.
• But many home users want to connect a
number of machines independently to the
Internet, without having to request a new
IP for each new machine.
Network Address Translation
• Your provider gives you one IP address for
a hub that connects you with the outside
world.
• Internally, you connect a number of
machines to the hub. Each machine has
an internet address, but these addresses
are only valid for your LAN.
– 10.0.0.0
-- 172.16.0.0
-- 192.168.0.0
• have been set aside for that. The hub
uses dhcp to assign such addresses
NAT at work
• The hub has two IP addresses, an internal one
and an external one .
• When a host on the LAN wants to connect a
remote (non-LAN) service, it tells the hub
– its internal address and port
– the destination address and port
• The hub exchanges the internal IP with the
external one and uses a special port for this
connection.
• When the response comes to the special port on
the hub, it is forwarded to the LAN host.
NAT critique
• violates the principle that each machine on the
Internet has its own IP address
• brings the Internet back to the stage of
connection-oriented networking
• protocol layering is screwed: IP layer makes
assumptions about TCP, which is an upper layer.
• some protocols, such as ftp use IP addresses in
a way that NAT does not know about. They can
not run with NAT, unless further tweaking is
done.
Application layer
• This is the top level of the network,
applications that run on it.
• In fact, the Domain Name System
occupies a special role because most
other application layer protocols relay on
it.
• Off the top of my head, only peer-to-peer
communication systems don’t really use
DNS
Host names
• A host name associates a human-friendly name
with an IP address.
• Example: arcano.openlib.org = 148.4.16.229
• Finding an IP for a name is called a name
lookup. The reverse is a reverse lookup.
• Names are a sequence of labels, separated by
dot.
• Names may contain letters, numbers and
hyphens. They may not start with a hyphen.
• Names solve from right to left, contrary to
addresses, that resolve from left to right.
purpose
• Allows to keep constant name for
– changing machines
– changing the location of the machine.
• Makes it easier for humans to remember
access points to services.
• Establish brand names and have an
economic value
History of DNS
• In the 70s, one single file HOSTS.TXT was
maintained at SRI-NIC, downloaded frequently
by all hosts on the Internet.
• Problems
– traffic and load
– name collisions
– Consistency
• 1984, Paul Mockapetris releases RFC822 and
RFC883 that describe the Domain Name
System DNS.
• Names are words separated by dots.
DNS and domains
• DNS is
– distributed database
– client server architecture
• Name servers have information about names.
– general purpose
• Allows a lot of different properties to be associated
with names
– hierarchical structure
• Top component of name is to the right.
– independent of physical structure
Berkeley Internet Name Domain
• BIND is an implementation of the Domain
Name System (DNS) protocols and
provides an openly redistributable
reference implementation of the major
components of the Domain name system,
including
– a Domain Name System server (named)
– a Domain Name System resolver library
– tools for verifying the proper operation of the
DNS server
Top level domains
• For the US, delimited by function: .com, .net,
.org, .int, .biz, .info etc.
• For other countries, use name of the country, .to,
.su, .ru.
• Below that you can register names, such as
myprof.com
• And then, you can create your own names like
krichel.myprof.com, daluca.myprof.com, and
associate properties with them.
To register names
• There is a market of name registrars around.
• You have to check that the name is not already
taken, e.g. “whois openlib.org”
–
–
–
–
–
–
Domain Name: OPENLIB.ORG
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: UTSERV.MCC.AC.UK
Name Server: FAFNER.OPENLIB.ORG
• Many registrars will run a server for you, I run
my own.
openlib.org. IN SOA wotan.liu.edu. tkrichel.wotan.liu.edu. (
2001111300
; Serial
10800
; Refresh after 3 hours
3600
; Retry after 1 hour
640800
; Expire after 1 week
86400
; Minimum ttl of 1 day
)
openlib.org.
IN
NS
wotan.liu.edu.
; primary server, the one which holds the authoritative info
(this file)
openlib.org.
IN
NS
utserv.mcc.ac.uk.
; secondary servers, At least one is necssesary.
openlib.org.
IN
A
131.227.9.154
mail.openlib.org. IN
CNAME wotan.liu.edu.
openlib.org.
IN
MX
1
mail.openlib.org.
trabbi.openlib.org. IN
TXT
"hello world"
http://openlib.org/home/krichel
Thank you for your attention!