CSC521 Communication Protocols 網路通訊協定 Ch.5 Internet Addressing 吳俊興 國立高雄大學資訊工程學系 Internetworking With TCP/IP, Vol I: Sixth Edition, Douglas E. Comer
Outline 1 Introduction 2 Universal Host Identifiers 3 The Original IPv4 Classful Addressing Scheme 4 Dotted Decimal Notation Used With IPv4 5 IPv4 Subnet Addressing 6 Fixed Length IPv4 Subnets 7 Variable-Length IPv4 Subnets 8 Implementation Of IPv4 Subnets With Masks 9 IPv4 Subnet Mask Representation And Slash Notation 10 The Current Classless IPv4 Addressing Scheme 11 IPv4 Address Blocks And CIDR Slash Notation 12 A Classless IPv4 Addressing Example 13 IPv4 CIDR Blocks Reserved For Private Networks 14 The IPv6 Addressing Scheme 15 IPv6 Colon Hexadecimal Notation 16 IPv6 Address Space Assignment 17 Embedding IPv4 Addresses In IPv6 For Transition 18 IPv6 Unicast Addresses And /64 19 IPv6 Interface Identifiers And MAC Addresses 20 IP Addresses, Hosts, And Network Connections 21 Special Addresses 22 Weaknesses In Internet Addressing 23 Internet Address Assignment And Delegation Of Authority 24 An Example IPv4 Address Assignment 25 Summary 2
Host Universal Host Identifiers Refer to an end system that attaches to the Internet Any device that is not a router is classified as a host Universal communication service The system allows an attached host to communicate with any other attached host Identifiers: names, addresses, or routes Humans prefer to use pronounceable names to identify computers Software works more efficiently with compact binary identifiers that we think of as addresses Each host on an internet has a unique integer address, Internet Protocol address or IP address 3
Unique binary value Internet Protocol (IP) Address Assigned to each host in Internet Chosen to make routing efficient 32 bits for IPv4 and 128 bits for IPv6 Address divided into two parts Prefix (network ID) identifies network to which host attaches Suffix (host ID) identifies host on that network How should division be made? Large prefix, small suffix means many possible networks, but each is limited in size Large suffix, small prefix means each network can be large, but there can only be a few networks Original Internet address scheme designed to accommodate both possibilities 4
Original IPv4 Classful Addressing Original Internet addressing scheme - self-identifying Can determine boundary between prefix and suffix from the address itself No additional state needed to store boundary information Both hosts and routers benefit Lowest Highest A 1.0.0.0 126.0.0.0 B 128.1.0.0 191.255.0.0 C 192.0.1.0 223.255.255.0 D 224.0.0.0 239.255.255.255 E 240.0.0.0 255.255.255.254 Dotted Decimal Notation 140.127.208.17 = 1000 1100. 0111 1111. 1101 0000. 0001 0001 5
Assignment of IPv4 Addresses In the original IP addressing scheme: network prefix + host suffix Network prefix Each physical network is assigned a unique network address All hosts on same network assigned same address prefix Prefixes assigned by central authority (Obtained from ISP) Routers only examine prefix (small routing tables) Host suffix Each host on a network has the network address as a prefix of the host's individual address Each host on a network has a unique suffix Assigned locally Local administrator must ensure uniqueness 3 blocks of private IP address space 10.0.0.0-10.255.255.255 (10/8 prefix; 1 ClassA) 172.16.0.0-172.31.255.255 (172.16/12 prefix; 16 ClassB) 192.168.0.0-192.168.255.255 (192.168/16 prefix; 256 C) Loopback address: 127.0.0.1 Refers to local computer (never sent to Internet) 6
Endpoint Identification Because IP addresses encode both a network and a host on that network, they do not specify an individual computer, but a connection to a network. IP Address!= Host Multi-homed hosts A router connecting n networks has n distinct IP addresses, one for each network connection 7
Network-prefix Minimization Problem Question: How can we minimize the number of assigned network prefixes (especially class B) without abandoning the 32-bit addressing scheme? Two Answers: ProxyARP Subnet addressing 8
Proxy ARP: Layer-2 Solution Arrange special system to answer ARP requests and forward datagrams between networks Hosts think they are on same network Allow two physical networks to share a single IP prefix Known informally as the ARP hack Assessments Chief advantages Transparent to hosts No change in IP routing tables Chief disadvantages Does not generalize to complex topology Only works on networks that use ARP Most proxy ARP systems require manual configuration 9
Subnet Addressing Subdivides the host suffix into a pair of fields for physical network and host Allows an organization to use a single network prefix for multiple physical networks Interpreted only by routers and hosts at the site; treated like normal address elsewhere Both physical networks share prefix 128.10 Router R uses third octet of address to choose physical net Address Mask: Each physical network is assigned 32-bit address mask (also called subnet mask) 10
Variable-Length IPv4 Subnets Variable-length subnetting Advantages flexibility: a mixture of large and small networks higher utilization of the address space Disadvantages The scheme can be difficult to administer Address ambiguity may be occurred The ambiguity cannot be resolved except by renumbering 11
IPv4 Subnets with Address Masks (Subnet) Mask: covers the internet portion of the address as well as the physical network part of the local portion sets to 1 if machines on the network treat the corresponding bit in the IP address as part of the subnet prefix clears to 0 if they treat the bit as part of the host identifier Each entry in routing table also has an address mask All-1s mask used for host-specific routes Network mask used for network-specific routes Subnet mask used for subnet-specific routes All-0s mask used for default route Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.158 20 (Default) 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 (Loopback) 192.168.0.158 255.255.255.255 127.0.0.1 127.0.0.1 20 (Local) 192.168.0.0 255.255.255.0 192.168.0.158 192.168.0.158 20 (LAN) 192.168.0.255 255.255.255.255 192.168.0.158 192.168.0.158 20 (Broadcast) 12
Network Addressing Problems Problems Continued exponential Internet growth Dire prediction (1993): We will exhaust the address space ''in a few years''. Note: address space is not near exhaustion Subnetting insufficient Limited IP addresses (esp. Class B) Further Motivation For CIDR: aggregating class C Limitation of classful addressing Fewer than seventeen thousand Class B numbers (total 2 14 ) More than two million Class C network numbers (2 21 ) Flexibility of CIDR Merging 256 Class C numbers into a single prefix that is equivalent to Class B Splitting a Class B along power of two boundaries Solution to problem Temporary fix until next generation of IP Backward compatible with classful addressing 13
Classless Inter-Domain Routing (CIDR) CIDR Idea: permit arbitrary-length network prefixes CIDR Techniques: Extended Addressing: subnet + supernet blocks of address numbers Forwarding (longest-prefix matching) Route propagation (condensation) CIDR was predicted to work ''for a few years'' Extremely successful! Will work for at least 25 years! 14
Supernetting Supernetting: assigning a block of contiguous class C numbers Route Proliferation Example: a block of 256 contiguous class C numbers (equal toaclassb) supernetting: single CIDR prefix spans 256 Class C network numbers Classful routing table requires 256 separate entries for each class C If classful forwarding used, CIDR addresses result in more routes 15
CIDR Block and Slash Notation Network Addresses written NUMBER / m NUMBER is IP prefix; m is ''address mask'' length Example 214.5.48.0 / 20 Prefix occupies 20 bits Suffix occupies 12 bits 128.211.168.0/21 Mask values must be converted to dotted decimal when configuring a router (and binary internally) 16
Dotted Decimal Equivalents Example of / 30 block: 128.211.176.212/30 useful when customer of ISP has very small network 17
CIDR Forwarding Implementation Of CIDR Route Lookup Each entry in routing table has address plus mask Search is organized from most-specific to least-specific (i.e., entry with longest mask is tested first) Known as longest-prefix lookup or longest-prefix search Implementing Longest-Prefix Matching Cannot easily use hashing Data structure of choice is binary trie Identifies unique prefix needed to match route Example of Unique Prefixes 18
Route Propagation Route Exchange: route per CIDR block Store address mask with each route Send pair of (address, mask) whenever exchanging routing information Route Condensation (Aggregation) Multiple subnets of common prefixes are aggregated into a larger subnet Examples: 140.127.208.0/24 Dept. Office 140.127.208.0-140.127.208.39 Prof's Offices 140.127.208.40-140.127.208.63 Computer Room 140.127.208.64-140.127.208.127 4F (Labs) 140.127.208.128-140.127.208.255 How to divide 140.127.208.0/24 into two subnets of equal size? Ans. 140.127.208.0/25 and 140.127.208.128/25 19
IPv6 Formalized in RFC2460, December 1998 Obsoleted by RFC8200 (STD86), July 2017 IPv4 described in RFC791, September 1981 128 bits composed of two logical parts A 64-bit network prefix used for routing A 64-bit interface identifier used to identify a host's network interface Addressing methods: unicast, anycast, and multicast Reachability scopes: node-local, link-local, and global 20
The IPv6 Addressing Scheme IPv6 address: Each occupies 128 bits (16 octets) Binary notation is untenable IPv6 Colon Hexadecimal Notation Colon hexadecimal notation (colon hex): 8 groups of 16 bits each 68E6:8C64:FFFF:FFFF:0:1180:96A:FFFF Zero compression --- a string of repeated zeros is replaced by a pair of colons FF05:0:0:0:0:0:0:B3 FF05::B3 it can be applied only once in any address Colon hex notation incorporates dotted decimal suffixes 0:0:0:0:0:0:128.10.2.1 ::128.10.2.1 IPv6 extends CIDR-like notation by allowing an address to be followed by a slash and an integer that specifies a number of bits 12AB::CD30:0:0:0:0/60 21
Reachability Scopes of an IPv6 Address An IPv6 interface can have multiple IPv6 addresses Every IPv6 address has a reachability scope Address Reachability scope scope Description Node-local Same node Used to send packets to the same node and never sent on a link or forwarded by an IPv6 router. Two types: - Loopback address: equivalent to IPv4 loopback address (127.0.0.1) 0:0:0:0:0:0:0:1 or ::1 - Node-local multicast address Link-local Local link Used to communicate between hosts on the link, always configured automatically. Three types: - Unspecified address: ::0 indicating the absence of an address, or attempting to verify the uniqueness of a tentative address Never assigned to an interface or used as a destination address - Link-local unicast address: All interfaces of IPv6 hosts require it fe80::/10 (followed by 54 zeros to fe80::/64) - Link-local multicast address Global The IPv6 Internet Aggregatable, globally-routable unicast addresses, equivalent to public IPv4 addresses, configured by router advertisement. Two types: - Global Unicast address - Other scope multicast address 22
IPv6 Address Space Assignment How humans manage address assignment devising a hierarchy of authority How routers handle the necessary forwarding tables router efficiency IPv6 address space The first 8 bits of an address are sufficient to identify the basic types OSI Network Service Access Point address 2000::/3 Global Unicast fc00::/7 Unique Local Unicast fe80::/10 Link-Scoped Unicast ff00::/8 Multicast https://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xhtml 23
IPv6 Unicast Addresses And /64 Three conceptual parts a globally-unique prefix >= 48 bits a subnet ID <= 16 bits an interface ID = 64 bits The most-significant 64 bits are used as the routing prefix Automatically generated from the interface's MAC address using the modified EUI-64 format (Extended Unique Identifier) Obtained from a DHCPv6 server Automatically established randomly, or Assigned manually On system startup, a node automatically creates a link-local address on each IPv6-enabled interface Selected with the prefix fe80::/64 + Interface ID https://en.wikipedia.org/wiki/ipv6_address 24
IPv6 Interface Identifiers And MAC Addresses Interface identifier (interface ID) To emphasize that a host can have multiple interfaces and multiple IDs * A 48-bit MAC address 00:0C:29:0C:47:D5 turned into a 64-bit EUI-64 00:0C:29:FF:FE:0C:47:D5 by inserting FF:FE in the middle * To create an IPv6 address, it yields 020C:29FF:FE0C:47D5 by inverting the Universal(1)/Local(0) bit 25
Address Uniqueness All interfaces of IPv6 hosts require a link-local address On system startup, a node automatically creates a link-local address on each IPv6-enabled interface Selected with the prefix fe80::/64 + Interface ID Hosts verify the uniqueness of addresses assigned by sending a Neighbor Solicitation message asking for the Link Layer address of the IP address If any other host is using that address, it responds The host first sends out a Router Solicitation message to the all-routers multicast group with its link local address as source to determine if the network is connected to any routers at all If there is no answer after a predetermined number of attempts, the host concludes that no routers are connected Then all nodes are reachable using the link-local address assigned to the host If it does get a response from a router, there will be network information inside that is needed to create a globally unique address 26
Zone Index for Link-Local Address Problem: because all link-local addresses in a host have a common prefix, normal routing procedures cannot be used to choose the outgoing interface when sending packets to a link-local destination Solution: A special identifier, a zone index, is appended to provide the additional routing information The zone index is appended to the address, separated by a percent sign (%) The Microsoft Windows IPv6 stack uses numeric zone indices, e.g., fe80::3%1. The index is determined by the interface number Most Unix-like systems (e.g., BSD, Linux, OS X) use the interface name as a zone index: fe80::3%eth0 Alternatively, on BSD based operating systems (including OS X), a numeric zone index can be used in the second 16-bit word, e.g.: fe80:1::3 fe80::i 1 %eth1 fe80::i 2 fe80::i 3 %3 fe80::i 4 %eth4 fe80::i 5 %5 To reach Host A with fe80::i 2, Router R and Host B must specify fe80::i 2 %eth1 and f380::i 2 %3, respectively. 27
IPv6 RFCs RFC8200, Internet Protocol, Version 6 (IPv6) Specification, July 2017 (42 pages) RFC4291, IP Version 6 Addressing Architecture, February 2006 (25 pages) RFC8064, Recommendation on Stable IPv6 Interface Identifiers, February 2017 (9 pages) Stateless Address Autoconfiguration (SLAAC) RFC4443, Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification, March 2006 (24 pages) RFC4861, Neighbor Discovery for IP version 6 (IPv6), September 2007 (97 pages) RFC3315, Dynamic Host Configuration Protocol for IPv6 (DHCPv6), July 2003 (101 pages) 28
Embedding IPv4 Addresses In IPv6 For Transition From IPv4 to IPv6 a small fraction of addresses in the IPv6 space to encode IPv4 addresses any address that begins with 80 zero bits followed by 16 bits of all ones contains an IPv4 address in the low-order 32 bits Stateless IP/ICMP Translation protocol (SIIT) a set of addresses are reserved 29
IP Addresses, Hosts, And Network Connections Multi-homed hosts A computer that has two or more physical network connections Each of the computer s network connections must be assigned an address that identifies a network 30
IPv4 Special Addresses Network identifier: when used to refer to a network Host field contains all 0 bits i.e. 140.127.0.0 (10001100.01111111.00000000.00000000) Limited broadcast: broadcast on the local wire only No forwarding, useful for bootstrapping Network and host fields both contain all 1 bits 255.255.255.255 (11111111.11111111.11111111.11111111) Directed broadcast: broadcast on network Host field contains all 1 bits i.e. 140.127.255.255 (10001100.01111111.11111111.11111111) Nonstandard form: host field contains all 0 bits i.e. 140.127.0.0 (10001100.01111111.00000000.00000000) All zeros IP address (0.0.0.0): means this computer Can only appear as source address Used during bootstrap before computer knows its address Multicast address: deliver to a specific subset of hosts Any IPv4 address begins with three 1 bits 31
Summary Of IPv4 Special Address Conventions 32
IPv6 Multicast And Anycast Addresses IPv6 designers decided to avoid broadcast and use only multicast Anallhosts multicast group the packet is delivered to all hosts on the local network Anallnodes multicast group the packet is delivered to all hosts and all routers An anycast address A set of identical servers at arbitrary locations in the Internet the same service the same anycast address A packet sent to the anycast address goes to the nearest server 33
Weaknesses In Internet Addressing Addresses refer to network connections, not to the host computer A weakness of the IPv4 once a prefix size is chosen, the maximum number of hosts on the network is fixed IPv6 solution by allocating an absurd number of bits (64) to a suffix that identifies a host (a network interface) Assume it s enough 34
Weaknesses In Internet Addressing One IP address for a destination If a network is down, it may be impossible to reach the destination using a specific address 35
Internet Address Assignment And Delegation Of Authority Internet Assigned Numbers Authority (IANA) Internet Corporation for Assigned Names and Numbers (ICANN) Internet Service Provider (ISP) 36
An Example IPv4 Address Assignment 37
Summary 32-bit IPv4 address Prefix identifies network Suffix identifies host 128-bit IPv6 unicast address 64-bit globally-unique routing prefix + Subnet ID 64-bit interface ID (always occupies 64 bits) Classful addressing uses first few bits of address to determine boundary between prefix and suffix Two extensions to original classful IP addressing scheme Subnet addressing + CIDR addressing CIDR mask identifies division between network prefix and host suffix Subnet mask identifies boundary between subnet and individual host CIDR Techniques Extended Addressing: subnet + supernet blocks of address numbers Forwarding (longest-prefix matching) Route propagation (condensation) 38