Transcript Document 7743515
10. Mar. 2004
Internet Foreleser: Carsten Griwodz Email: [email protected]
1 INF-3190: Internet
Internet Protocol Stack and Some Well-known Protocols
10. Mar. 2004 TCP UDP IP + ICMP + ARP ATM WANs LLC & MAC physical LANs MANs 2 Application layer Transport layer Network layer Data link and Physical layer INF-3190: Internet
Internet Protocol IP
Defined for the first time in 1981 J. Postel RFC 791, September 1981
Connectionless service (datagram)
Provide best-efforts (not guaranteed) way to transport datagrams From source to destination Without regard whether these machines are on the same network there are other networks in between Packet length In theory: up to 64 kBytes In real life: approx. 1500 Bytes 10. Mar. 2004 3 INF-3190: Internet
IP Segmentation/Reassembly
Transparent segmentation Non-transparent segmentation Used in the Internet 10. Mar. 2004 4 INF-3190: Internet
IPv4 Datagram Format
4 bits 16 values Internet Network Layers Headers 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Protocol specific fields Not in use Not in use Not in use Not in use Internet Protocol, version 4 Stream Protocol (ST, ST-II) Internet Protocol, version 6 IPv77, TP/IX, CATNIP PIP TUBA Not in use Not in use Not in use Not in use Not in use Not in use Version IPv4: dominant version IPv6: upcoming successor to IPv4 10. Mar. 2004 5 INF-3190: Internet
IPv4 Datagram Format
Version IHL Type of service Header Length (IHL) (in 32 bit words) at least 5 words with 32 bit each = 20 bytes at most 15 words with 32 bit each = 60 bytes D T R C 1 bit unused C (1 bit): low cost R (1 bit): high reliability T (1 bit): high throughput D (1 bit): low delay Precedence (3 bit ) priority 0 (normal) ...7 (network control) influences the queuing scheme (and not routing) 10. Mar. 2004 6 Type of Service
Original definition
OLD definition Was ignored by routers Redefined by
DiffServ
INF-3190: Internet
IPv4 Datagram Format
Version IHL DS DS Field Differentiated Services Field New definition 0 0 Class selector codepoints If of the form xxx000 Differentiated Services Codepoint xxxxx0 reserved for standardization xxxx11 reserved for local use xxxx01 open for local use, may be standardized later 10. Mar. 2004 7
NEW definition
DiffServ
compliant Not widely deployed yet INF-3190: Internet
IPv4 Datagram Format
Version IHL Identification DS Total length Total length full length including the data stated in bytes all hosts must be prepared to accept datagrams of up to 576 bytes recommendation: send larger datagrams only if assured that destination can handle these max. 65.535 byte, often approximately 1500 byte Identification necessary for destination to determine datagram a fragment belongs to all fragments of a datagram contain same identification value 10. Mar. 2004 8 INF-3190: Internet
IPv4 Datagram Format
Version IHL Identification DS D M Total length Fragment offset Flags 1 bit unused DF (1 bit): don’t fragment Routers must be able to handle packets with 576 or fewer bytes MF (1 bit): more fragments last fragment marked 0 Fragment offset offset of this fragment, i.e. the position within a datagram stated in multiples of 8 bytes (elementary frament unit) 13 bits max. 8192 fragments / datagram max. datagram len. 65536 bytes 10. Mar. 2004 9 INF-3190: Internet
IPv4 Datagram Format
Version IHL DS Identification Time to live Protocol D M Total length Fragment offset Time To Live (TTL) life cycle in seconds, max. 255 sec when 0: drop packet, feedback to sender must be decremented per hop, in practical use: counts hops (not seconds) Protocol type of higher level protocol for transmission 1 – ICMP 2 – IGMP 3 – GGP 4 – IP 5 – ST 6 – TCP … Internet Control Message Protocol Internet Group Management Protocol Gateway to Gateway Protocol IP in IP tunneling ST-II in IP tunneling TCP 10. Mar. 2004 10 INF-3190: Internet
IPv4 Datagram Format
Version IHL Identification Time to live DS Protocol D M Fragment offset Header checksum Source address Destination Address Total length Header Checksum to detect errors generated by bad memory words inside an IS observed each time when datagram is received (both in IS and ES) if necessary datagram is dropped certain summation of the header words addition of all 16-bit halfwords in one’s complement arithmetic and use one’s complement of result (assume this field as zero upon arrival) must be recomputed at each hop (due to change in Time-to-Live field) Source Address sender’s IP address Destination Address receiver’s IP address 10. Mar. 2004 11 INF-3190: Internet
IPv4 Datagram Format
Version IHL Identification Time to live Protocol D M Source address Destination Address Total length Fragment offset Header checksum Options (0 or more) Data Padding Example options security: security degree, exclusion of routes, ignored in practice strict source routing: sender specifies exact route loose source routing: sender specifies list of routers to visit record route: store IP addresses of routers timestamp: like record route, but also timestamp added at router Options options for routing, testing and debugging conceptual design: as an enhancement for future versions variable length: each begins with 1-byte identification code Padding fill up to the word limit Data field for user data 10. Mar. 2004 12 INF-3190: Internet
IPv4 Datagram Format
Example option: record route
128.2.14.16
128.2.3.4
128.7.1.3
128.7.8.9
128.10.4.12
128.10.4.2
Sender 128.9.12.4
128.9.3.17
Receiver IS Options Payload P 128.2.14.16
Record Route Option empty empty 10. Mar. 2004 13 INF-3190: Internet
Internet Control Message Protocol (ICMP)
History J. Postel RFC 792, Sept. 1981 Purpose to communicate network layer information mostly error reporting e.g. in ftp, telnet, http appears "destination network unreachable" ICMP origin, e.g.: a router was unable to find the given destination address router sent back ICMP (Type 3) packet sending host received the packet, returned error code to TCP TCP returned error code to application (e.g. ftp, telnet, http) between hosts, routers (and gateways) ICMP messages are sent as IP packets i. e. the first 32 bits of the IP data field are ICMP headers 10. Mar. 2004 14 INF-3190: Internet
Internet Control Message Protocol (ICMP) Header structure
Type Code Checksum
Type
16 types, a. o.
destination or port or protocol unreachable fragmentation necessary but DF (don’t fragment) DF is set source route failed, redirect (for routing) echo-request and echo-reply (e.g. for "ping" program) source quench (packet for congestion control)
Code
states cause if type is "destination unreachable" e. g. net, host, protocol, port unreachable or fragmentation needed, source route failed 10. Mar. 2004 15 INF-3190: Internet
Internet Addresses and Internet Subnetworks
Original global addressing concept for the Internet For addressing end systems and intermediate systems each network interface (not ES) has its own unique address 5 classes A B C 0 1 0 7 Network 14 Network 1 1 0 1 1 1 1 0 1 1 1 24 Host 21 Network 28 Multicast address 28 Reserved 16 Host 8 Host ICANN (Internet Corporation for Assigned Numbers and Names) manages network numbers delegates parts of the address space to regional authorities 10. Mar. 2004 16 INF-3190: Internet
Internet Address and Internet Subnetworks
Networks grow and should be somehow structured several networks instead of one preferable but getting several address areas is hard since address space is limited e.g., university may have started with class B address, doesn’t get second one Problem class A, B, C refer to one network, not collection of LANs Allow a network to be split into several parts for internal use still look like single network to outside world 10. Mar. 2004 17 INF-3190: Internet
Internet Address and Internet Subnetworks
Idea local decision for subdividing host share into subnetwork portion and end system portion e.g. address 129.8.7.2: Subnet mask: Subnet address: 1 0 14 Network 6 Subnet 16 Host 10 Host 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 To write down subnet address with subnet mask use either 129.8.4.0/255.255.252.0
or 129.8.4.0/22 Use “subnet mask” to distinguish network and subnet part from host part Routing with 3 levels of hierarchy Algorithm in router (by masking bits: AND between address and subnet mask): packet to another network (yes, then to this router) packet to local end system (yes, then deliver packet) packet to other subnetwork (yes, then reroute to appropriate router) 10. Mar. 2004 18 INF-3190: Internet
CIDR: Classless InterDomain Routing
Subnetting not good enough Too many organizations require addresses in principle many addresses due to 32-bit address space but inefficient allocation due to class-based organization class A network with 16 million addresses too big for most cases class C network with 256 addresses is too small most organizations are interested in class B network, but there are only 16384 (in reality, class B too large for many organizations) Large number of networks leads to large routing tables Introduction of CIDR (Classless InterDomain Routing) (RFC1519) CIDR Principle to allocate IP addresses in variable-sized blocks (without regard to classes) e.g., request for 2000 addresses would lead to assignment of 2048 address block starting on 2048 byte boundary but, dropping classes makes forwarding more complicated 10. Mar. 2004 19 INF-3190: Internet
CIDR: Classless InterDomain Routing
Search for longest matching prefix if several entries with different subnet mask length may match then use the one with the
longest mask
i.e., AND operation for address & mask must be done for each table entry Entries may be aggregated to reduce routing tables 194.24.0.0/19 Router 194.24.0.0/21 Router 194.24.8.0/22 Router Unassigned 194.24.12.0/22 194.24.16.0/20 Router 10. Mar. 2004 20 INF-3190: Internet
IP Version 6 (IPv6)
Motivation for IPv6: problems with IPv4 Too few addresses Bad support for QoS Bad support for mobility Many other shortcomings … Background & Status 1990: 1992: 1993: result: Call for Proposals 21 variants, with 7 possible candidates combination of 2 candidates: S. Deering and Francis (Xerox, Palo Alto) RFC 1883-87 protocol, addressing, ICMP, RFC 1825-29, newer ones appeared later (RFC2460-2466) since 2000: possibility to expand but still debate about its future Status of IPv6 at IFI First IPv6-capable routers installed Should work in summer 10. Mar. 2004 21 INF-3190: Internet
IPv6 Objectives
To support billions of end systems longer addresses To reduce routing tables To simplify protocol processing simplified header To increase security security means integrated To support real-time data traffic flow label, traffic class To provide multicasting To support mobility (roaming) To be open for change (future) extension headers To coexist with existing protocols 10. Mar. 2004 22 Scalability Addressing IPv4 limitations Coexistance INF-3190: Internet
IPv6 vs. IPv4
Version 4 bits Protocol specific fields 16 values 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Not in use Not in use Not in use Not in use Internet Protocol, version 4 Stream Protocol (ST, ST-II) Internet Protocol, version 6 IPv77, TP/IX, CATNIP PIP TUBA Not in use Not in use Not in use Not in use Not in use Not in use 10. Mar. 2004 23 Internet Network Layers Headers INF-3190: Internet
IPv6 vs. IPv4
Version IHL Identification Time to live Protocol D M Total length Fragment offset Header checksum Source address (32 bit) Destination Address (32 bit) Options (0 or more) 10. Mar. 2004 25 IPv4 Header Protocol Next Header contains identification Either transport layer protocol Or first option Total Length Payload Length length including the data (but without the 40 byte header) actually a maximum of 65.535 byte (plus 40 byte header) min. 576 byte possibly extension via "Jumbogram" options (but then no fragmentation) a maximum of 65.535 byte may not be enough for a major data transmission IPv6 Header Version Priority Payload length Flow label Next header Source address (128 bit) Destination Address (128 bit) Hop Limit INF-3190: Internet
IPv6 vs. IPv4
IHL Identification ToS Constant header length D M Fragment offset Header checksum IPv4 Type of Service Precedence replaced by priority Identification, flags, fragment offset Options (0 or more) D T R C-Bits (QoS) eliminated and replaced by "Flow label" if still too large packet is sent, then error message L4 should then take over this task and transfer the PDU with the appropriate size to L3 Header checksum L2 and L4 have sufficient mechanisms Communication channels better nowadays, at the expense of the performance 10. Mar. 2004 26 INF-3190: Internet
IPv6 vs. IPv4
IHL Identification ToS D M Fragment offset Header checksum Options (0 or more) IPv6 options Are not part of the header Follow the header Indicated by “next header” field Version Priority Payload length Flow label Next header Source address (128 bit) Destination Address (128 bit) Hop Limit 10. Mar. 2004 27 INF-3190: Internet
IPv6 Header Fields
Version Priority Payload length Flow label Next header Source address Hop Limit IPv6 Header Priority differentiation of sources lower number < lower priority Destination Address With flow control 0 1 2 3 4 5 6 7 Not characterized Filler Unattended Reserved Attended bulk transfer Reserved Interactive Internet management 10. Mar. 2004 Without flow control 8 9 10 11 12 13 14 15 Continuous rate traffic 28 INF-3190: Internet
IPv6 Header Fields
Version Priority Payload length Next header Source address Destination Address TIME to live = Hop limit life cycle in number of hops, max. 255 this may not be sufficient, presently usually approx. 32 hops Flow Label Definition may still change (experimental) Flow = Tupel (source ID, dest ID, No.) Pre-defined Handling defined by external auxiliary protocol 10. Mar. 2004 29 INF-3190: Internet
IPv6 Header Fields
Version Priority Payload length Source address Destination Address Next Header contains either transport layer protocol identification Or options 10. Mar. 2004 Hop Limit 30 Example options Hop-by-hop options miscellaneous information for routers Routing full or partial route to follow Fragmentation management of datagram fragments Authentication verfication of the sender’s identity Encrypted security payload information about encrypted content Description options additional information for the destination INF-3190: Internet
IPv6 Addresses
10. Mar. 2004 Prefix (binary) 0000 0000 0000 0001 0000 001 0000 010 0000 011 0000 1 0001 001 010 011 100 101 110 1110 1111 0 1111 10 1111 110 1111 1110 0 1111 1110 10 1111 1110 11 1111 1111 Usage Reserved (including IPv4) Unassigned OSI NSAP address Novell Netware IPX addresses Unassigned Unassigned Unassigned Unassigned Provider-based addresses Unassigned Geographic-based addresses Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Unassigned Link local use addresses Site local use address Multicast 31 Fraction 1/256 1/256 1/128 1/128 1/128 1/32 1/16 1/8 1/8 1/8 1/8 1/8 1/8 1/16 1/32 1/64 1/128 1/512 1/1024 1/1024 1/256 INF-3190: Internet
IPv6 Addresses and Anycast
Provider based: approx. 16 mio. companies allocate addresses Geographically based: allocation as it is today Link, site-used: address has only local importance (security, Firewall concept) Should make NAT (network address translation) useless Anycast definition previously unicast, broadcast and multicast now (new) anycast send data to one member of a group for example to the member which is the nearest one geographically i.e. a system within a pre-defined group is to be accessed Anycast application To search for the nearest web-server To locate the nearest router of a multicast group in order to participate in group communication 10. Mar. 2004 32 INF-3190: Internet