Outline. IP Address. IP Address. The Internet Protocol. o Hostname & IP Address. o The Address

Outline IP The Internet Protocol o IP Address IP subnetting CIDR o ARP Protocol o IP Function o Fragmentation o NAT o IPv6 2 IP Address o Hostname & IP Address IP Address o The Address ping www.nu.ac.th Who is www.nu.ac.th? 10.20.20.30 DNS www.nu.ac.th Each node has it s unique name and IP address DNS service mapping IP to name and name to IP Host use IP to create packet as the destination address 32 bits 00001010 00010100 00010100 00011110 8 bits 8 bits 8 bits 8 bits 10.20.20.30 Write in 8 bit-decimal block Dot-Decimal notation 32 bits unique address any interface has it s own unique address Dot-Decimal notation is easily to read and write. 10.20.20.30 3 4

IP Address o Router s Address 10.40.60.21 10.40.60.22 10.40.60.1 10.20.20.2 10.20.20.4 Internet 203.200.182.34 10.20.20.1 IP address associated with interface not machine Each machine can have more than one interface 1 by 1 or 1 to many mapping MAC to IP Address IP Address o Addressing Concept Partition into 2 fields Network Address (define a Network) Node Address (specific a device on the network) 10.40.60.21 10.40.60.22 10.20.20.2 10.20.20.4 Network 10.20.30.21 10.20.30.22 Network 5 6 Network IP Address o Network Address 8 / 16 / 24 from NIC Network assign to network 32 bits Host assign to machine Interface 32 bits divided to Network address and Host address Network address refer to Network number Host address refer to Host number on Network IP Address o Address Class Class A Class B Class C Class D Class E 8 16 24 32 0 Network ID Host ID 10 Network ID Host ID 110 1110 11110 Network ID Multicast Address Reserved Host ID Class D and E has no Network and Host ID 7 8

IP Address o Network Address Class A 0. 0. 0. 0 0.0.0.0 to 127.0.0.0 0 to 127 128. 0. 0. 0 Class B 128.0.0.0 to 191.255.0.0 128 to 191 0 to 255 192. 0. 0. 0 Class C 192.0.0.0 to 223.255.255.0 Class D Class E 192 to 223 0 to 255 0 to 255 224. 0. 0. 0 240. 0. 0. 0 IP Address o Number of Network and Host Class Number of Networks Number of Hosts A 2 7 2 = 126 2 24 2 = 16,277,214 B 2 14 2 = 16,384 2 16 2 = 65,534 C 2 21 2 = 2,097,152 2 8 2 = 254 D Not applicable Not applicable E Not applicable Not applicable 9 10 IP Address o Special Addresses Reserved Addresses those are not assigned to any node Net ID Host ID Purpose Any All 0s Network Address Any All 1s Directed Broadcast Address All 1s All 1s Limited Broadcast Address All 0s All 0s This Host on this Network IP Address o Network Address Address that s assigned to network Class A 10.0.0.1 10.0.0.2 Network : 10.0.0.0 Broadcast : 10.255.255.255 Class C 202.1.4.1 202.1.4.2 Class B 160.1.0.1 160.1.0.2 Network : 160.1.0.0 Broadcast : 160.1.255.255 11 127 Any Loopback Address 12 Network : 202.1.4.0 Broadcast : 202.1.4.255

IP Address o Directed Broadcast Address Address for broadcast on subnetwork IP Address o Limited Broadcast Address Address for broadcast on owned network 200.0.1.255 200.0.1.1 200.0.1.2 200.0.1.4 Broadcast to a specific subnet Router forwards directed broadcast address to the subnet 200.0.1.1 200.0.1.2 200.0.1.4 Broadcast to all host on it s own network Router not allowed limited broadcast forward to others subnet 255.255.255.255 * Class E address 200.0.1.3 200.0.1.3 13 14 IP Address o This Host on this Network Address Address for unassigned node on network Bootstrap Server IP Address o Loopback Address Pseudo address as host s own address source destination 0.0.0.0 255.255.255.255 diskless client use 0.0.0.0 as a source for Bootp Router use 0.0.0.0 as a default network for routing Process 1 Process 2 TCP IP Datalink Physical Host use loopback to talk to it s own service Most system use 127.0.0.1 as loopback and names localhost Loopback packet never leaves it s machine 15 16

IP Address o Private Address Space Addresses those use for private network Class Network Number A 10.0.0.0 1 B 172.16.0.0 to 172.31.0.0 16 C 192.168.0.0 to 192.168.255.0 256 RFC 1918 defines special IP blocks that will be isolated from Internet. Any one can use without any permission. Use for Isolated Network, Experiment, Internal or Security IP Address o Problem with class assignment A E B D C Class A takes 50% range Class B takes 25% range Class C takes 12.5% range Problems address wasteful (specially in class A) running out of IP address 17 18 IP Address o How to assigns IP address RFC 1466 Class A : no allocation at this time Class B : Allocation will be restricted to apply Organization that has more than 32 subnets Organization that has more than 4096 hosts Class C: divided to regional blocks Subnetting การแบ งเน ตเว ร คย อย 19

Subnet Basics o Addressing without subnetting 172.16.0.1 172.16.0.2 172.16.0.3 172.16.255.255 Subnet Basics o Addressing with subnetting 172.16.1.2 172.16.1.3 172.16.2.2 172.16.2.3 172.16.0.0 Network Class B network can have 65,534 hosts Hard to manage Low Performance 172.16.3.2 172.16.3.3 A Class B is divided to smaller group by router 21 22 Subnet Basics o Subnetwork Benefits Overall traffic is reduced, may improve performance Smaller networks are easy to manage and troubleshoot Increase controllable of address space Subdivide on IP network number is an important initial task of network managers Subnet Address o Addressing Before Subnet Network ID After Subnet Host ID Network ID Subnet ID Host ID Subnet address create by borrow Host ID bits and designate as a Subnet ID 23 24

Subnet Address o Assign Subnet ID define physical subnetwork define individual host Network ID Subnet ID Host ID Subnet Address o Subnet Example Class B 172.16.0.0 divided to 254 subnets by borrow 8 Host ID bits choose appropriate size Class A 2 to 22 bits Class B 2 to 14 bits Class C 2 to 6 bits Each Class has difference size of subnet field 25 26 Subnet Mask o Subnet Mask : 32 bits number use to identify subnet o Masking Subnet Mask bit-wise and between IP Address and subnet mask yields a network address Note that zeros bit are used to mask out the host number resulting the network address 27 28

Subnet Mask o Prefix format The number of routing bits (network and subnet bits) in each subnet mask can also be indicated by the "/n " format. Subnet Routing o Routing Hosts and routers perform logical AND to send packets. to 172.16.3.3 172.16.1.2 172.16.1.3 172.16.2.2 172.16.2.3 2 1 29 172.16.1.2 has a packet to 172.16.3.3 and determine it s not on the same subnetwork The packet is sent to router 30 172.16.3.2 172.16.3.3 3 The router performs a subnet masking and sends the packet to the destination network Subnet Interpretation o Interpretation From IP address and subnet mask, define it s host number in which subnetwork Subnet Calculation o Default Subnet Mask A default subnet mask : a subnet mask with no subnetting 31 32

Subnet Calculation o Range of bit Network ID s bits that extended from default subnet : Subnet ID Subnet Calculation o Subnet Mask Computation Decimal equivalents of bit patterns 8 bits extending range 33 34 Subnet Calculation o Net and Host number Calculate network and host number of subnet Subnet Applying o Network and Host relationship Sample in Class C 8 bit subnet ID = 2 8 =256 => 254 subnets 8 bit host ID = 2 8 =256 => 254 hosts per subnet 35 36

Subnet Applying o Subnetting Special Addresses Reserved addresses that are not allowed to be assigned to any node Subnet Applying o Subnet Address Block Example in Class C 37 38 39 Subnet Applying o Contiguous and Noncontiguous mask Subnet Applying o Type of Subnetting Static Subnetting all subnets in the subnetted network use the same subnet mask pros: simply to implement, easy to maintain cons: wasted address space (consider a network of 4 hosts with 255.255.255.0 wastes 250 IP) Variable Length Subnetting the subnets may use different subnet masks pros: utilize address spaces 40 cons: required well-management

Subnet Applying Subnet Applying o Variable Length o Problem of Static Subnetting : Inefficient allocation address 41 42 Subnet Example Subnet Example o Class A : Subnet Address Table o Class A 43 44

Subnet Example Subnet Example o Class A : Routing 45 o Class B 46 Subnet Example Subnet Example o Class B : Subnet Address Table 47 o Class B : Routing 48

o Class C Subnet Example Subnet Example o Class C : Subnet Address Table 49 50 Subnet Example o Class C : Routing CIDR Classless Interdomain Routing 51

53 Address allocation problem o Exhaustion of the class B network address space. o The lack of a network class of a size which is appropriate formid-sizes organization; class C, with a max of 254 hosts, is too small, while class B, with a max of 65534 hosts, is too large. o Allocate blocks of class C instead and downside is more routes entry in routing table 54 Routing Table problems o Issue multiple (block) class C addresses (instead single class B address) solves a running out of class B address but... o Introduces a problem of routing table By default, a routing table contains an entry for every network How large a routing table should be for all Class C networks? o Growth of routing table in the Internet routers beyond the ability of current software and hardware to manage Route Non-Aggregation Activate BGP Entries http://bgp.potaroo.net/as2.0/bgp-active.html 55 56 BGP data obtained from AS65000 Report last updated at Mon Nov 28 01:10:09 2011 (UTC+1000).

How to Solve Route Aggregation o Topological allocate IP address assignment o We divide the world into 8 regions like this : (RFC1466) 57 58 59 Classless Interdomain Routing o Class C address s concept becomes meaningless on these route between domains, the technique is called Classless Interdomain Routing or CIDR (pronounce cider) o Key concept is to allocate multiple IP addresses in the way that allow summarization into a smaller number of routing table (route aggregate) o CIDR is supported by BGP4 and based on route aggregation e.g 16 class C addresses can be summarized to a single routing entry (router can hold a single route entry for the main trunks between these areas 60 Supernetting o CIDR is also called Supernetting in contrast to subnetting o an organization has been allocated a block of class C addresses in 2n with contiguous address space archive by using bits which belongs to the network address as host bits class C example : altering the default class C subnet mask such that some bit change from 1 to 0

61 Supernetting Sample o an organization with 4 class C 190.0.32.0, 190.0.33.0, 190.0.34.0 190.0.35.0 This organization s network has changed from 4 net to a single net with 1022 hosts 62 The Longest Match Supernetting o Europe has 194.0.0.0-195.255.255.255 with mask 254.0.0.0 o A case of one organization (195.0.16.0-195.0.36.0 mask 255.255.254.0) needs different routing entry o datagrams 195.0.20.1 matches both Europe s and this organization. How to do? o Routing mechanism selects the longest mask (255.255.254.0 is longer than 254.0.0.0), then route to the organization Summary 63 o routing decisions are now made based on masking operations of the entire 32 bit address, hence the term classes o No existing routes is changed o CIDR slows down the growth of routing tables (current ~ 50K entries in core routers) o Short term solution to solve routing problem o limitation : not all host/router software allows supernet mask ARP Address Resolution Protocol

Topic o Introduction to ARP o ARP functionality o Proxy ARP o RARP ARP protocol o ARP maps any network level address (such as IP address) to its corresponding data link address (such as Ethernet address) RFC 826 - Ethernet Address Resolution Protocol (STD0037) ARP is a supported protocol in the data link layers, not data link layer protocol 65 66 ARP and RARP Ethernet frame o ARP and RARP perform dynamic mapping between logical addresses and physical addresses ARP maps a logical address to a physical address i.e., IP address to Ethernet address 67 RARP maps a physical address to a logical address i.e., Ethernet address to IP address 68

ARP in operation ARP mechanisms 69 70 o Each node maintains the ARP cache it first looks in the cache to find entry first if the entry is not used for a period (~15 minutes), it is deleted. o Receive node can adds an MAC addr entry for source station in its own cache. o ARP traffic load hosts quickly add cache entries. If all hosts on a subnet are booted at the same time? => flurry of ARP requests and reply. ARP as a command line ARP Packet 71 72

Header details ARP request packet o hardware type : Ethernet=1 ARCNET=7, localtalk=11 o protocol type : IP=0x800 o hlen : length of hardware address, Ethernet=6 bytes o plen : length of protocol address, IP=4 bytes o ARP operation : ARP request = 1, ARP reply = 2 o RARP request = 3, RARP reply = 4 73 74 ARP reply packet Proxy ARP o One node answers ARP request for another: Router R answers for Y 75 76 o Useful when some nodes on a network cannot support subnet X do not understand subnet, so it thinks that Y is on the same subnet o Router must be configured to be a proxy ARP

This image cannot currently be displayed. RARP o Reverse ARP : map MAC addr to IP addr o For device that can not store IP, usually diskless workstations o Need to setup server with RARP table o Use the same frame format 0x0835 for Ethernet RARP request (ARP 0x0806) operation 0x003 = RARP request 0x004 = RARP reply o RARP can not operate across router, BOOTP is more spread IP Layer Function 77 79 IP layer function o defines a single virtual network on top of different kinds of hardware platform using IP address o functions of IP route packet fragmentation handle type of services send and receive error and control message using ICMP 80 The Internet Network layer Host, router network layer functions: Network layer Routing protocols path selection RIP, OSPF, BGP Transport layer: TCP, UDP forwarding table Link layer physical layer IP protocol addressing conventions datagram format packet handling conventions ICMP protocol error reporting router signaling

IP attributes o handle data unit called IP datagrams o connection less protocol - doesn t promise reliable delivery o best effort delivery o packets may be lost, out of sequence, or duplicated due to various reasons, Connection Less IP encapsulation o With Ethernet Frame 81 82 IP reframing IP datagrams 83 84

85 IP header details (1) o vers - version = 4 o hlen - header length in 32-bit words, hlen =5 with no options o TOS - type of service, desired quality of services IP header details (2) o Total length - max datagrams (including header) is 64K o identification, flags, fragmentation - use to segmentation and reassembly packet o TTL - Time to live, max number of routers (hop count) / time (sec.) through which the datagrams may pass decrease (minimum 1 sec.) at each router to prevent looping, normally set to 30 if ttl == 0 discard and send ICMP TTL exceeded to source IP o Protocol - higher-level protocol that provide data 1 = datagrams carries an ICMP messages 6 = datagrams carries an TCP segments 86 17 = datagrams carries an UDP datagrams 87 IP header details (3) o header checksum - 16 bit one s compliment, note that there is no data checksum o source address - 32 bit IP source address o destination address - 32 bit IP destination address o option and padding - additional info to control functions such as routing and security Routing o process of choosing a path over which to send datagrams o IP routes packet by looking at the IP network number o routing components determine what path are available selecting the best path for a particular purpose using those paths to reach other networks o devices which perform routing are routers (historically call IP gateways) 88

Routing Table o Every router contains a routing table of the network numbers o The table records which connection can be used to reach a particular network plus some indication of the performance or cost of using connection Routing Table form o Routing Table form <network, gateways, others> 89 90 How to create routing Table o static route - by hand # route add 158.108.20.0 158.108.33.1 o dynamic routes - via routing protocol o via ICMP redirect IP route in action Internet 202.1.10.0/29 net mask int/nxt hop s3 10.0.1.0 /29 S0 10.0.0.0 /24 F0 default /0 S0 10.0.1.0/29 s0 10.0.0.1 10.0.0.2 s0 s1 157.16.0.1 157.16.0.2 net mask int/nxt hop 10.0.1.0 /29 S0 10.0.129.0 /29 S1 202.1.10.2 /29 S3 10.0.128.0 /17 S1 10.0.0.0 /17 S0 default /0 S3 10.0.129.0/29 s1 10.0.128.11 10.0.128.12 10.0.0.0/24 F0 F0 10.0.128.0/24 Dst IP 91 92

Routing Protocol o Routing protocol manages and updates routing table on each network node o Unix often implemented using one of the two daemons: routed : basic routing daemon for interior routing, normally with RIP gated : sophisticated daemon for interior and exterior routing, with additional protocol such as OSPF, BGP Fragmentation 93 Fragmentation o fragmentation = processed used by IP to reduced size of datagram that are too big for network interface MTU e.g. fragment 2000 bytes to Ethernet (MTU=1500) o fragments should be reassembled at the final destination (expensive process) o How? each fragment has its own header each fragment carries the same 16 bit identification number Each fragment must be aligned with an eight-octet 95 boundary 96 Fragmentation flag o Identification number 16 bits integer value used to identify all fragments This id is not a sequence number! o flags - 3 bits control fragmentation o fragment offset - indicate the distance of fragment data from the start of the original datagram, measure in 8 octets unit

IP Fragmentation & Reassembly o network links have MTU (max.transfer size) - largest possible link-level frame. different link types, different MTUs fragmentation: in: one large datagram out: 3 smaller datagrams Fragmentation sample o large IP datagram divided ( fragmented ) within net one datagram becomes several datagrams reassembled only at final destination IP header bits used to identify, order related fragments 97 reassembly 98 Example o 4000 byte datagram o MTU = 1500 bytes 1480 bytes in data field IP Fragmentation and Reassembly offset = 1480/8 length =4000 ID =x length =1500 fragflag =0 ID =x ID =x offset =0 One large datagram becomes several smaller datagrams length =1500 length =1040 ID =x fragflag =1 fragflag =1 fragflag =0 offset =0 offset =185 offset =370 Problem in fragmentation o The end node has no way of knowing how many fragments there be. The end node has to manage enough buffer space to handle reassembly process. o If any fragments lost, all datagram must be discarded o End node starts a timer when received the first fragment, if any fragments fails to arrive (usually 30 secs), all datagrams must be discarded o Since the IP service is connectionless. No attempt is made by IP to recover these situations, though ICMP error message may be generated 99 100

Avoiding fragmentation 101 o For datagrams within the same physical network, the MTU is known. TCP/UDP then use the MTU to limit the message size pass to IP; messages will never be fragmented. o For datagrams passed to diff net, unknown MTU! o standard recommend that all networks supporting TCP/IP have an MTU of at least 576 bytes 512 bytes data+20 bytes TCP hdr + 20 bytes IP hdr with options TO GUARANTEED THAT A PACKET OF 576 BYTES OR LESS IS NEVER FRAGMENTED NAT Network Address Translation NAT: Network Address Translation NAT: Network Address Translation www.ict.up.ac.th Socket Address IP : port rest of Internet local network (e.g., home network) 10.0.0/24 10.0.0.1 10.0.0.4 10.0.0.2 Apache 138.76.29.7 10.0.0.3 202.1.3.7 : 80 160.7.8.9 : 5002 Telnet 202.1.3.7 : 21 All datagrams leaving local network have same single source NAT IP address: 138.76.29.7, different source port numbers Datagrams with source or destination in this network have 10.0.0/24 address for source, destination (as usual) 103 104

105 NAT: Network Address Translation o Motivation: local network uses just one IP address as far as outside world is concerned: range of addresses not needed from ISP: just one IP address for all devices can change addresses of devices in local network without notifying outside world can change ISP without changing addresses of devices in local network devices inside local net not explicitly addressable, visible by outside world (a security plus). 106 NAT: Network Address Translation Implementation: NAT router must: outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #)... remote clients/servers will respond using (NAT IP address, new port #) as destination addr. remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table 2: NAT router changes datagram source addr from 10.0.0.1, 3345 to 138.76.29.7, 5001, updates table 107 NAT: Network Address Translation 2 NAT translation table WAN side addr LAN side addr 138.76.29.7, 5001 10.0.0.1, 3345 S: 138.76.29.7, 5001 D: 128.119.40.186, 80 138.76.29.7 S: 128.119.40.186, 80 D: 138.76.29.7, 5001 3 3: Reply arrives dest. address: 138.76.29.7, 5001 10.0.0.4 S: 10.0.0.1, 3345 D: 128.119.40.186, 80 S: 128.119.40.186, 80 D: 10.0.0.1, 3345 4 1 1: host 10.0.0.1 sends datagram to 128.119.40.186, 80 10.0.0.1 10.0.0.2 10.0.0.3 4: NAT router changes datagram dest addr from 138.76.29.7, 5001 to 10.0.0.1, 3345 NAT: Network Address Translation o 16-bit port-number field: 60,000 simultaneous connections with a single LAN-side address! o NAT is controversial: routers should only process up to layer 3 violates end-to-end argument NAT possibility must be taken into account by app designers, eg, P2P applications address shortage should instead be solved by IPv6 108

IPv6 Next generation IP IPv6 o Initial motivation: 32-bit address space soon to be completely allocated. o Additional motivation: header format helps speed processing/forwarding header changes to facilitate QoS IPv6 datagram format: fixed-length 40 byte header no fragmentation allowed 110 20 bytes / more 111 IPv6 Header ver hlen TOS total length identification flag frag offset TTL protocol hdr checksum source address destination address option and padding IPV4 header 40 bytes fixed ver traffic class flow label payload length next hdr hop lim source address destination address IPV6 header 112 Changes from IPv4 o Not use Header length Identification / flag / frag offset no fragmentation in IPV6 Header checksum o Changes TTL - - > hop limit use in the meaning of hop count Protocol - - > next header TOS (type of service) - - > service class (more bits) Flow label (included) - - > type of flow traffic

113 Additional Abilities Broadcast / Multicast / Anycast Security all IPV6 node support IPSec, two security payload type Authentication / Encrypted Security Mobile IP support route optimization QoS support traffic class / flow label MTU (layer 2) changes from 576 to 1280 IPV6 address format o 128 bits address format IPV4ddd. ddd. ddd. ddd IPV6hhhh : hhhh : hhhh : hhhh : hhhh : hhhh : hhhh : hhhh Can leave front zero in each group All zero group can replace with 0 All zero group/groups can replace with :: (but only 1 pos.) 3fee:005b:1f1f:0000:0000:00a9:1234 114 3fee:5b:1f1f:0:0:a9:1234 or 3fee:5b:1f1f::a9:1234 IPv6 Addressing IPv6 Addressing Unicast Multicast Anycast Assigned Solicited FF02:: /8 FF02::1:FF00:0000 /104 Global Unicast o The Internet Address o First 3 bits 001 o Subnet bits : Prefix o Host bits : Interface ID 3 1 4 Global Link-local Loopback Unspecified Unique local Embedded v4 001 + Global Routing Prefix Subnet ID Interface ID 2000:: /3 3FFF:: /3 FE80:: /10 FEBF:: /10 ::1 /128 FC00:: /7 FDFF:: /7 115 116

Global Unicast : Subnetting o Bits Borrows Hextet : 16 bits Nibble : 4 bits 1 bit : not recommended o IPv6 has no network address / broadcast address P-2-P link can use /127 117 SLAAC o Interface ID Random EUI 64 Use MAC Address Reverse bit 7 from 0 to 1 Insert FFFE in the middle No Privacy 118 SLAAC o Stateless Address Autoconfiguration o 1. Router Advertisement Prefix / Prefix Length / Default Gateway o 2. Host to Router solicitation Host request to router Router answer Prefix / Prefix Length / Default Gateway SLAAC 119 120

121 Link-Local Address o Use in local network : as 169.254.x.x o Router not forward o FE80::/10 Multicast Address Multicast Address o Begin with : FE02 o Assigned FF02::1 -> All IPv6 node FF02::2 -> All Router device o Solicited FF02::1:FF00:1 -> Global / Solicited Node Multicast FF02::1:FF 24 right most bit -> Link-local 122 Transition From IPv4 To IPv6 o How IPV6 concurrently works with IPV4 network Dual stack Tunnel Translation o IPv6 ARP use Solicited Node Multicast 123 124

Dual Stack o Each device have dual IP protocol stack Tunnel o Use tunnel on IPV4 network to transfer IPV6 traffic IPV4 Apps. IPV6 Apps. Socket API. TCP/UDP v4 IP v4 TCP/UDP v6 IP v6 Layer 2 (MAC) Layer 1 (PHY) Dual stack router 125 126 Tunnel o Encapsulate IPV6 traffic Translation o Use address and protocol mapping eg. NAT PT Some applications eg. DNS use IP in data, ALG (Application Layer Gateway) is required. 127 128

Question?