Lecture 16 TCP vs UDP Example Statistics Trace Sample UDP/TCP Ratio Total IP Traffic (pkts/bytes/flows) pkts bytes flows CAIDA OC48 08 2002 0.11 0.03 0.11 (1371M/838GB/79M) 01 2003 0.12 0.05 0.27 (463M/267GB/26M) GigaSUNET 04 2006 0.06 0.02 1.06 (422M/294GB/9M) 11 2006 0.08 0.03 1.45 CAIDA OC192 06 2008 0.14 0.05 1.43 (4427M/2279GB/197M) 02 2009 0.19 0.07 2.34 (1922M/1410GB/110M) OptoSUNET 01 2009 0.21 0.11 3.09 (1100M/657GB/41M) 02 2009 0.20 0.11 2.63 http://www.caida.org/research/traffic analysis/tcpudpratio/ 2 1
Internet Private Addresses (IPv4) RFC1918 IP address range 24 bit block 10.0.0.0 10.255.255.255 20 bit block 172.16.0.0 172.31.255.255 number of addresses 16,777,216 1,048,576 16 bit block 192.168.0.0 192.168.255.255 65,536 classful description single class A network 16 contiguous class B network 256 contiguous class C network largest CIDR block (subnet mask) 10.0.0.0/8 (255.0.0.0) Address ranges reserved by IANA for Private Addresses 172.16.0.0/12 (255.240.0.0) 192.168.0.0/1 6 (255.255.0.0) host id size 24 bits 20 bits 16 bits http://en.wikipedia.org/wiki/private_network 3 NAT: network address translation rest of Internet 138.76.29.7 10.0.0.4 local network (e.g., home network) 10.0.0/24 10.0.0.1 10.0.0.2 10.0.0.3 all datagrams leaving local network have same single source NAT IP address: 138.76.29.7,different source port numbers datagrams with source or destination in this network have 10.0.0/24 address for source, destination (as usual) 4 2
NAT: network address translation motivation: local network uses just one IP address as far as outside world is concerned: range of addresses not needed from ISP: just one IP address for all devices can change addresses of devices in local network without notifying outside world can change ISP without changing addresses of devices in local network devices inside local net not explicitly addressable, visible by outside world (a security plus) 5 NAT: network address translation implementation: NAT router must: outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #)... remote clients/servers will respond using (NAT IP address, new port #) as destination addr remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table 6 3
NAT: network address translation 2: NAT router changes datagram source addr from 10.0.0.1, 3345 to 138.76.29.7, 5001, updates table 2 NAT translation table WAN side addr LAN side addr 138.76.29.7, 5001 10.0.0.1, 3345 S: 138.76.29.7, 5001 D: 128.119.40.186, 80 138.76.29.7 S: 128.119.40.186, 80 D: 138.76.29.7, 5001 3 3: reply arrives dest. address: 138.76.29.7, 5001 10.0.0.4 S: 10.0.0.1, 3345 D: 128.119.40.186, 80 1 S: 128.119.40.186, 80 D: 10.0.0.1, 3345 4 1: host 10.0.0.1 sends datagram to 128.119.40.186, 80 10.0.0.1 10.0.0.2 4: NAT router 10.0.0.3 changes datagram dest addr from 138.76.29.7, 5001 to 10.0.0.1, 3345 7 NAT: network address translation 16 bit port number field: 60,000 simultaneous connections with a single LAN side address! NAT is controversial: routers should only process up to layer 3 violates end to end argument NAT possibility must be taken into account by app designers, e.g., P2P applications address shortage should instead be solved by 8 4
NAT traversal problem client wants to connect to server with address 10.0.0.1 server address 10.0.0.1 local to LAN (client can t use it as destination addr) only one externally visible NATed address: 138.76.29.7 solution1: statically configure NAT to forward incoming connection requests at given port to server e.g., (123.76.29.7, port 2500) always forwarded to 10.0.0.1 port 25000 client? 138.76.29.7 NAT router 10.0.0.4 10.0.0.1 9 NAT traversal problem solution 2: Universal Plug and Play (UPnP) Internet Gateway Device (IGD) Protocol. Allows NATed host to: learn public IP address (138.76.29.7) add/remove port mappings (with lease times) i.e., automate static NAT port map configuration NAT router 10.0.0.1 For more info on UPnP, IGD and Port Control Protocol (PCP) see IETF Working Grop docs http://tools.ietf.org/html/draft ietf pcp upnp igd interworking 04 IGD 10 5
NAT traversal problem solution 3: relaying (used in Skype) NATed client establishes connection to relay external client connects to relay relay bridges packets between to connections client 2. connection to relay initiated by client 3. relaying established 1. connection to relay initiated by NATed host 138.76.29.7 NAT router 10.0.0.1 11 Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram networks 4.3 what s inside a router 4.4 IP: Internet Protocol datagram format IPv4 addressing ICMP 4.5 routing algorithms link state distance vector hierarchical routing 4.6 routing in the Internet RIP OSPF BGP 4.7 broadcast and multicast routing 12 6
ICMP: internet control message protocol used by hosts & routers to communicate networklevel information error reporting: unreachable host, network, port, protocol echo request/reply (used by ping) network layer above IP: ICMP msgs carried in IP datagrams ICMP message: type, code plus first 8 bytes of IP datagram causing error Type Code description 0 0 echo reply (ping) 3 0 dest. network unreachable 3 1 dest host unreachable 3 2 dest protocol unreachable 3 3 dest port unreachable 3 6 dest network unknown 3 7 dest host unknown 4 0 source quench (congestion control - not used) 8 0 echo request (ping) 9 0 route advertisement 10 0 router discovery 11 0 TTL expired 12 0 bad IP header 13 Traceroute and ICMP source sends series of UDP segments to dest first set has TTL =1 second set has TTL=2, etc. unlikely port number when nth set of datagrams arrives to nth router: router discards datagrams and sends source ICMP messages (type 11, code 0) ICMP messages includes name of router & IP address 3 probes 3 probes when ICMP messages arrives, source records RTTs stopping criteria: UDP segment eventually arrives at destination host destination returns ICMP port unreachable message (type 3, code 3) source stops 3 probes 14 7
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What s inside a router 4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP 4.5 Routing algorithms Link state Distance Vector Hierarchical routing 4.6 Routing in the Internet RIP OSPF BGP 4.7 Broadcast and multicast routing 15 More than 4 billion devices already share addresses http://www.youtube.com/watch?feature=player_embedded&v= Uwjt32NvVA is essential to the continued health and growth of the Internet and that by allowing all devices to talk to each other directly, enables new innovative services http://www.google.com/ipv6/index.html 16 8
: motivation initial motivation: 32 bit address space soon to be completely allocated. additional motivation: header format helps speed processing/forwarding header changes to facilitate QoS datagram format: fixed length 40 byte header no fragmentation allowed 17 datagram format priority: identify priority among datagrams in flow flow Label: identify datagrams in same flow. (concept of flow not well defined). next header: identify upper layer protocol for data ver 32 bits pri flow label payload len next hdr hop limit source address (128 bits) destination address (128 bits) ver 16 bit identifier time to live head. len type of service upper layer IPv4 32 bits flgs 32 bit source IP address length header checksum 32 bit destination IP address fragment offset data Options (if any) data (variable length,,typically a TCP or UDP segment) 18 9
The Internet Protocol History History of the Internet Protocol Internet Protocol version 4 (IPv4) Developed for the original Internet (ARPANET) in 1978 4 billion addresses Deployed globally & well entrenched Allocated based on documented need Internet Protocol version 6 () Design began in 1993 when IETF forecasts showed IPv4 depletion between 2010 and 2017 340 undecillion addresses Completed, tested, and available since 1999 Used and managed similar to IPv4 https://www.arin.net/knowledge/v4_deplete_v6_adopt.pdf 19 IPv4 and IPv5 Comparison https://www.arin.net/knowledge/v4_deplete_v6_adopt.pdf 20 10
Other changes from IPv4 checksum: removed entirely to reduce processing time at each hop options: allowed, but outside of header, indicated by Next Header field ICMPv6: new version of ICMP additional message types, e.g. Packet Too Big multicast group management functions 21 addresses RFC4291 Full format x:x:x:x:x:x:x:x, where the 'x's are one to four hexadecimal digits of the eight 16 bit pieces of the address. Examples: ABCD:EF01:2345:6789:ABCD:EF01:2345:6789 2001:DB8:0:0:8:800:200C:417A 22 11
addresses RFC4291 Compressed format Examples: 2001:DB8:0:0:8:800:200C:417A a unicast address Compressed 2001:DB8::8:800:200C:417A FF01:0:0:0:0:0:0:101 a multicast address Compressed FF01::101 0:0:0:0:0:0:0:1 the loopback address Compressed ::1 0:0:0:0:0:0:0:0 the unspecified address Compressed :: 23 addresses RFC4291 Alternative format Examples: 0:0:0:0:0:0:13.1.68.3 0:0:0:0:0:FFFF:129.144.52.38 or in compressed form: ::13.1.68.3 ::FFFF:129.144.52.38 24 12
addresses RFC4291 Prefix representation (like CIDR for IPv4) Example: 60 bit prefix 20010DB80000CD3 (hexadecimal): 2001:0DB8:0000:CD30:0000:0000:0000:0000/60 2001:0DB8::CD30:0:0:0:0/60 2001:0DB8:0:CD30::/60 25 How to obtain an address? defines both a stateful and stateless address autoconfiguration mechanism. Stateless auto configuration requires no manual configuration of hosts, minimal (if any) configuration of routers, and no additional servers. The stateless mechanism allows a host to generate its own addresses using a combination of locally available information and information advertised by routers. Routers advertise prefixes that identify the subnet(s) associated with a link, while hosts generate an "interface identifier" that uniquely identifies an interface on a subnet. An address is formed by combining the two. In the absence of routers, a host can only generate link local addresses. However, link local addresses are sufficient for allowing communication among nodes attached to the same link. RFC 2462, December 1998. In Stateful auto configuration (DHCPv6), hosts obtain interface addresses and/or configuration information and parameters from a server. Servers maintain a database that keeps track of which addresses have been assigned to which hosts. The stateful auto configuration protocol allows hosts to obtain addresses, other configuration information or both from a server. Stateless and stateful auto configuration complement each other. For example, a host can use stateless auto configuration to configure its own addresses, but use stateful auto configuration to obtain other information. RFC 3315, July 2003. 26 13
Transition from IPv4 to not all routers can be upgraded simultaneously no flag days how will network operate with mixed IPv4 and routers? tunneling: datagram carried as payload in IPv4 datagram among IPv4 routers IPv4 header fields IPv4 source, dest addr header fields source dest addr UDP/TCP payload IPv4 payload datagram IPv4 datagram 27 Tunneling logical view: A B IPv4 tunnel connecting routers E F physical view: A B C D E F IPv4 IPv4 28 14
Tunneling logical view: physical view: A A B B IPv4 tunnel connecting routers C D E E F F IPv4 IPv4 flow: X src: A dest: F data src:b dest: E Flow: X Src: A Dest: F src:b dest: E Flow: X Src: A Dest: F flow: X src: A dest: F data data data A-to-B: B-to-C: inside IPv4 B-to-C: inside IPv4 E-to-F: 29 Adoption Three drivers of growth (Akamai) 1) Content availability. More of our customers are opting in to have their sites, content, and applications permanently available "dual stacked" (i.e., available over both and IPv4). 2) Availability of from access network providers. Over the past year, some of the largest growth ia coming from major ISPs within the U.S., as they roll out production support to their end users, including Verizon Wireless, AT&T, and Comcast. This is on top of some ISPs in Europe and Asia that have had deployed in production for a few years, as well as a long tail of thousands of network providers, universities, and research labs around the globe. More growth will come as these networks extend their deployments and as other networks join them. 3) End user device support. While most recent desktop and laptop operating systems and client software supports, many home routers and gateways didn't have support until very recently. Many embedded devices and consumer electronics are also slow to gain support, with the notable exception of many 4G LTE smart phones. This has been one of the limiting factors to users whose network providers have rolled out capabilities, and as users upgrade devices over the next few years, this should cause a significant increase in usage. https://blogs.akamai.com/2012/07/a data driven view of ipv6 adoption.html 30 15
adoption The U.S. Government has put in place an mandate that requires all government agencies to have their public facing websites and email services available over by September 30 th, 2012. Over 1,800 U.S Government websites are expected to be on by the mandate deadline. http://www.enterprisenetworkingplanet.com/netsp/u.s. governmentpaves the way to ipv6 with mandate compliance.html Planning Guide/Roadmap Toward Adoption within the U.S. Government, Strategy and Planning Committee Federal Chief Information Officers Council, http://www.ipv6forum.com/dl/presentations/usgv6roadmap.pdf while is small today, it's imperative that the technology is rolled out now, Akamai, September 28, 2012, http://www.enterprisenetworkingplanet.com/netsp/u.s. government paves the way to ipv6 withmandate compliance.html A 2014 US Government mandate will require that the internal enterprise infrastructures of U.S. Government agencies are running. 31 Adoption https://www.arin.net/ 32 16
Adoption https://blogs.akamai.com/2012/07/a data driven view of ipv6 adoption.html 33 connectivity for Google users Enabled Web browsers http://www.vyncke.org/ipv6status/compare.php?metric=p&countries=ch,ro,fr,us,gb http://www.google.com/ipv6/statistics.html 34 17
Percentage of ASs announcing prefixes http://www.ipv6actnow.org/info/statistics/ Adoption Launch Day June 6, 2012 http://www.worldipv6launch.org/measurements/ http://www.worldipv6launch.org/measurements/ https://blogs.akamai.com/2012/07/ a data driven view of ipv6 adoption.html 36 18