ICS 451: Today's plan

Similar documents
ICS 351: Networking Protocols

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

To make a difference between logical address (IP address), which is used at the network layer, and physical address (MAC address),which is used at

Vorlesung Kommunikationsnetze

CS 457 Lecture 11 More IP Networking. Fall 2011

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

Last time. Network layer. Introduction. Virtual circuit vs. datagram details. IP: the Internet Protocol. forwarding vs. routing

CSCI-1680 Network Layer: IP & Forwarding Rodrigo Fonseca

Internet Control Message Protocol (ICMP)

CS519: Computer Networks. Lecture 2: Feb 2, 2004 IP (Internet Protocol)

Computer Networks ICS 651. IP Routing RIP OSPF BGP MPLS Internet Control Message Protocol IP Path MTU Discovery

TSIN02 - Internetworking

CPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer

The Internetworking Problem. Internetworking. A Translation-based Solution

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

(ICMP), RFC

Network layer: Overview. Network Layer Functions

Introduction to Internetworking

Configuring Routes on the ACE

Your Name: Your student ID number:

Lecture 8. Basic Internetworking (IP) Outline. Basic Internetworking (IP) Basic Internetworking (IP) Service Model

Network Layer. The Network Layer. Contents Connection-Oriented and Connectionless Service. Recall:

Network Layer. Recall: The network layer is responsible for the routing of packets The network layer is responsible for congestion control

Internetworking/Internetteknik, Examination 2G1305 Date: August 18 th 2004 at 9:00 13:00 SOLUTIONS

History Page. Barracuda NextGen Firewall F

Lecture 8. Reminder: Homework 3, Programming Project 2 due on Thursday. Questions? Tuesday, September 20 CS 475 Networks - Lecture 8 1

Internet Control Message Protocol (ICMP), RFC 792. Prof. Lin Weiguo Copyleft 2009~2017, School of Computing, CUC

Network Layer (4): ICMP

Outline. SC/CSE 3213 Winter Sebastian Magierowski York University. ICMP ARP DHCP NAT (not a control protocol) L9: Control Protocols

Network Layer: Internet Protocol

Problems of IP. Unreliable connectionless service. Cannot acquire status information from routers and other hosts

IPv4. Christian Grothoff.

ICMP (Internet Control Message Protocol)

Operational Security Capabilities for IP Network Infrastructure

Chapter 4: outline. 4.5 routing algorithms link state distance vector hierarchical routing. 4.6 routing in the Internet RIP OSPF BGP

Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields.

Configuring IPv4. Finding Feature Information. This chapter contains the following sections:

CSCI-1680 Network Layer: IP & Forwarding Rodrigo Fonseca

Internet Control Message Protocol

H

CS 457 Networking and the Internet. Problems. Mechanisms 9/21/16. Fall 2016 Indrajit Ray

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Auxiliary Protocols

Internet Protocols (chapter 18)

Department of Computer and IT Engineering University of Kurdistan. Network Layer. By: Dr. Alireza Abdollahpouri

Computer Network Fundamentals Spring Week 4 Network Layer Andreas Terzis

TSIN02 - Internetworking

Redesde Computadores(RCOMP)

CS475 Networks Lecture 8 Chapter 3 Internetworking. Ethernet or Wi-Fi).

Internet Technology 3/23/2016

Internet Protocol. Outline Introduction to Internet Protocol Header and address formats ICMP Tools CS 640 1

Lecture Computer Networks

MESSAGES error-reporting messages and query messages. problems processes IP packet specific information

Ref: A. Leon Garcia and I. Widjaja, Communication Networks, 2 nd Ed. McGraw Hill, 2006 Latest update of this lecture was on

ICMP (Internet Control Message Protocol)

Operation Manual IP Addressing and IP Performance H3C S5500-SI Series Ethernet Switches. Table of Contents

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Introduction to Computer Networks. CS 166: Introduction to Computer Systems Security

Subnets. IP datagram format. The Internet Network layer. IP Fragmentation and Reassembly. IP Fragmentation & Reassembly. IP Addressing: introduction

CSCI-1680 Network Layer: IP & Forwarding John Jannotti

IPv4 and IPv6 Commands

ECE 461 Internetworking Fall Quiz 1

Module 7 Internet And Internet Protocol Suite

CCNA Exploration Network Fundamentals. Chapter 06 Addressing the Network IPv4

Computer Networks Security: intro. CS Computer Systems Security

Lecture 2: Basic routing, ARP, and basic IP

CSC 6575: Internet Security Fall Attacks on Different OSI Layer Protocols OSI Layer Basic Attacks at Lower Layers

Telecom Systems Chae Y. Lee. Contents. Overview. Issues. Addressing ARP. Adapting Datagram Size Notes

Using ICMP to Troubleshoot TCP/IP Networks

internet technologies and standards

Cisco CCIE Security Written.

Agenda L2 versus L3 Switching IP Protocol, IP Addressing IP Forwarding ARP and ICMP IP Routing First Hop Redundancy

IPv6 Protocols and Networks Hadassah College Spring 2018 Wireless Dr. Martin Land

Lecture 4 The Network Layer. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Dan Lo Department of Computer Science and Software Engineering Southern Polytechnic State University

Master Course Computer Networks IN2097

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Dongsoo S. Kim Electrical and Computer Engineering Indiana U. Purdue U. Indianapolis

Topics for This Week

CSEP 561 Internetworking. David Wetherall

Troubleshooting Tools

Configuring Advanced Firewall Settings

Information Network Systems The network layer. Stephan Sigg

Introduction to routing in the Internet

H

Introduction to IPv6. IPv6 addresses

LECTURE 8. Mobile IP

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

User Datagram Protocol

Lecture 5 The Network Layer part II. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Router Architecture Overview

Lecture 3. The Network Layer (cont d) Network Layer 1-1

Communication Networks ( ) / Fall 2013 The Blavatnik School of Computer Science, Tel-Aviv University. Allon Wagner

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local

Introduction to routing in the Internet

CS 458 Internet Engineering Spring First Exam

Interconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1

UNIT III. 3.1 Circuit switching vs. packet switching / Packet switched networks. Figure 3.1.1: Switching Techniques

HPE FlexFabric 5940 Switch Series

ECE 435 Network Engineering Lecture 13

Transcription:

ICS 451: Today's plan ICMP ping traceroute ARP DHCP summary of IP processing

ICMP Internet Control Message Protocol, 2 functions: error reporting (never sent in response to ICMP error packets) network debugging (ping) common errors packets include destination unreachable (network, host, protocol, or port unreachable) fragmentation needed TTL expired (Time Exceeded) redirect parameter problem

ICMP error message format IP header, ICMP header, IP header of error packet, 64 bits (8 bytes) of IP payload of error packet ICMP header (8 bytes) has type (e.g. destination unreachable), code (e.g. host unreachable) and 4 or more bytes that vary depending on the type

Ping ICMP type ECHO, code 0 ICMP type ECHO REPLY, code 0 4 extra bytes hold two bytes of ID (usually process ID) and two bytes of sequence number any additional bytes carry sender's time, in binary (usually 8 bytes) when the packet returns, can compare time received (from system) with time sent (in packet)

Traceroute When a router drops a packet, it sends back a Time Exceeded in Transit ICMP error so if I send a packet with TTL 1, my router should send me an error TTL 2, the next router should send me an error the final host should send me port unreachable sometimes blocked by firewalls

Traceroute example, IPv4 edo@uhx01 1 % traceroute n www.ietf.org traceroute to www.ietf.org (104.20.1.85), 30 hops max, 40 byte packets 1 128.171.24.193 0.345 ms 0.297 ms 0.186 ms 2 128.171.1.201 1.478 ms 1.127 ms 1.172 ms 3 128.171.64.190 1.085 ms 0.945 ms 1.008 ms 4 205.166.205.48 1.021 ms 0.863 ms 1.083 ms 5 74.202.119.9 1.541 ms 1.598 ms 14.653 ms 6 64.129.238.190 70.884 ms 52.823 ms 73.906 ms 7 * 4.68.71.137 54.391 ms 54.440 ms 8 4.69.144.138 54.595 ms 4.69.144.202 53.114 ms 4.69.144.74 52.828ms 9 4.68.70.130 53.027 ms 58.414 ms 55.843 ms 10 62.115.32.214 84.881 ms 81.319 ms 81.322 ms 11 104.20.1.85 62.808 ms 62.954 ms 55.745 ms

Traceroute example, IPv6 $ traceroute6 n www.ietf.org traceroute to www.ietf.org (2400:cb00:2048:1::6814:55), 30 hops max, 80 byte packets 1 2001:470:a:446::1 71.683 ms 73.466 ms 75.001 ms 2 2001:470:0:9b::1 85.305 ms 85.277 ms 85.256 ms 3 2001:504:16::3417 75.380 ms 75.373 ms 75.324 ms 4 2400:cb00:28:1024::6ca2:f46a 75.116 ms 2400:cb00:28:1024::6ca2:f415 75.430 ms 2400:cb00:28:1024::6ca2:f46a 75.243 ms

Traceroute from a remote place $ traceroute n www.hawaii.edu traceroute to www.hawaii.edu (128.171.224.100), 30 hops max, 60 byte packets 1 192.168.3.1 2.092 ms 1.994 ms 1.974 ms 2 192.168.2.254 2.851 ms 3.169 ms * 3 192.168.2.1 4.487 ms 8.058 ms 8.059 ms 4 133.205.178.201 10.316 ms 10.311 ms 10.297 ms 5 192.168.4.1 715.377 ms 715.392 ms 716.995 ms 6 182.33.57.117 747.101 ms 775.364 ms 805.649 ms 7 182.33.57.213 805.668 ms 814.364 ms 864.240 ms 8 * * 69.43.227.5 879.163 ms 9 64.128.3.1 908.117 ms 908.138 ms 926.854 ms 10 66.192.243.238 819.116 ms 819.554 ms 820.491 ms 11 74.202.119.10 792.610 ms 764.176 ms 738.531 ms 12 128.171.213.2 739.577 ms 739.445 ms 709.709 ms

Path MTU discovery sender sends as big packets as its network MTU can support if TCP MSS option is present in the SYN packets, sender will use the smaller of its own and its peer's MSS TCP also sets the Don't Fragment (DF) bit routers cannot fragment IPv6 packets router that cannot forward, sends destination unreachable, fragmentation needed payload indicates MTU of interface next router may do the same again!

Deprecated ICMP messages source quench: send to a sender that is filling up a router's buffers increases traffic during congestion apparently not very effective redirect: on this same network, for this destination, use this other router can be used for man-in-the-middle attacks might still work on many systems (there are other ways to do MITM)

IP over Data-Link layer when sending or forwarding an IP packet, the routing table gives us interface and next hop the next hop is an IP address the data link layer requires a MAC address we need to resolve the IP address to a MAC address then the packet can be sent to the MAC address of the next hop

Address Resolution Protocol ARP cache saves IP->MAC mappings for a few minutes unless refreshed mapping obtained by broadcasting a request Who has 1.2.3.4? tell 5.6.7.8 response is unicast to the MAC in the request responder (and everyone else) also caches the mapping in the request

ARP Variants Reverse ARP (RARP): given a MAC address, give me an IP address similar to DHCP, but less commonly used Proxy ARP: another device replies for the device that has the IP address invisible to the requester useful on non-broadcast networks as long as requet sent to the Proxy ARP server other uses as well

ARP Security ARP Spoofing: an ARP reply with incorrect information can make an IP unreachable can make an attacker the Man-In-The-Middle only defense is to monitor the LAN for strange ARP replies e.g. several replies for the same request

DHCP Dynamic Host Configuration Protocol each interface needs an IP address configuring each by hand is tedious and errorprone instead, configure them all in a DHCP server, let the server tell the machines when they boot can also have a pool of addresses assigned on demand to anyone on the network less adminstration, less chance of people selecting an address at random

Summary: IP processing for incoming packets compute IP header checksum discard if incorrect reassemble if necessary if destination address is one of ours check protocol field deliver to TCP or UDP or do ICMP processing including delivery to ping/traceroute otherwise decrement TTL, forward packet if TTL==0 or not forwarding, discard packet

DHCP Information Interface IP address Netmask Default Gateway(s) Default Name Server(s) and quite a bit more!

DHCP Transmission DHCP is carried over UDP but sender may not have an IP address! nor know IP address of DHCP server DHCP packets sent from 0.0.0.0 to 255.255.255.255 and over the LAN broadcast address, usually ff:ff:ff:ff:ff:ff

Summary: IP processing for incoming packets compute IP header checksum discard if incorrect reassemble if necessary if destination address is one of ours check protocol field deliver to TCP or UDP or do ICMP processing including delivery to ping/traceroute otherwise decrement TTL, forward packet if TTL==0 or not forwarding, discard packet

Summary: IP processing for outgoing packets find longest-match route next-hop-ip,interface compare packet size to MTU of interface fragment if needed (or discard if DF==1) compute IP header checksum check ARP table for next-hop-ip if not found, ARP on interface and wait for response send packet on interface, to MAC address corresponding to next-hop-ip

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback