The Netwok Layer IPv4 and IPv6 Part 1

Similar documents
The Netwok Layer IPv4 and IPv6 Part 1

The Netwok Layer IPv4 and IPv6 Part 1

The Netwok Layer IPv4 and IPv6 Part 1

The Netwok Layer IPv4 and IPv6 Part 1

The Netwok Layer IPv4 and IPv6 Part 2

The Netwok Layer IPv4 and IPv6 Part 2

The Netwok Layer IPv4 and IPv6 Part 2

Computer Networks Principles Network Layer - IP

The Netwok 15 Layer IPv4 and IPv6 Part 3

The Network 15 Layer IPv4 and IPv6 Part 3

IP Multicast Jean Yves Le Boudec 2014

The TCP/IP Architecture. Jean Yves Le Boudec 2017

The TCP/IP Architecture. Jean Yves Le Boudec 2015

IP Multicast Jean Yves Le Boudec 2015

Internet Protocol Addressing and Routing. Redes TCP/IP

The TCP/IP Architecture. Jean Yves Le Boudec 2015

The TCP/IP Architecture. Jean Yves Le Boudec 2015

The TCP/IP Architecture. Jean Yves Le Boudec 2017

The TCP/IP Architecture Jean Yves Le Boudec 2014

The TCP/IP Architecture Jean Yves Le Boudec 2014

IP Multicast Jean Yves Le Boudec 2017

TCP/IP Protocol Suite

Tunnels. Jean Yves Le Boudec 2015

OSI Data Link & Network Layer

IPv6. (Internet Protocol version 6)

Tunnels. Jean Yves Le Boudec 2015

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

The MAC Layer. Jean Yves Le Boudec 2015

Network layer: Overview. Network Layer Functions

PART X. Internetworking Part 1. (Concept, IP Addressing, IP Routing, IP Datagrams, Address Resolution)

TCP/IP Protocol Suite and IP Addressing

EXAM TCP/IP NETWORKING Duration: 3 hours

Computer Networking. Network Layer - IP. Prof. Andrzej Duda

IP: Addressing, ARP, Routing

Tunnels. Jean Yves Le Boudec 2014

IPv6 Feature Facts

RMIT University. Data Communication and Net-Centric Computing COSC 1111/2061. Lecture 2. Internetworking IPv4, IPv6

Computer Networking: A Top Down Approach Featuring the. Computer Networks with Internet Technology, William

EXAM TCP/IP NETWORKING Duration: 3 hours With Solutions

TSIN02 - Internetworking

Outline. IP Address. IP Address. The Internet Protocol. o Hostname & IP Address. o The Address

Last time. Network layer. Introduction. Virtual circuit vs. datagram details. IP: the Internet Protocol. forwarding vs. routing

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang

Internetworking/Internetteknik, Examination 2G1305 Date: August 18 th 2004 at 9:00 13:00 SOLUTIONS

Chapter Motivation For Internetworking

Chapter 7: IP Addressing CCENT Routing and Switching Introduction to Networks v6.0

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

PUCPR. Internet Protocol. Edgard Jamhour E N G L I S H S E M E S T E R

The MAC Layer. Jean Yves Le Boudec 2015

EXAM TCP/IP NETWORKING Duration: 3 hours

Planning for Information Network

ROUTING INTRODUCTION TO IP, IP ROUTING PROTOCOLS AND PROXY ARP

IPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

Introduction to routing in the Internet

Address Resolution Protocol (ARP), RFC 826

Department of Computer and IT Engineering University of Kurdistan. Network Layer. By: Dr. Alireza Abdollahpouri

SEN366 (SEN374) (Introduction to) Computer Networks

IPv6 Associated Protocols. Athanassios Liakopoulos 6DEPLOY IPv6 Training, Skopje, June 2011

IPv6 Protocol Architecture

The MAC Layer. Contents. Textbook. Jean Yves Le Boudec Fall 2012

Rocky Mountain IPv6 Summit April 9, 2008

Chapter 4: Network Layer

EXAM TCP/IP NETWORKING Duration: 3 hours With Solutions

ECE 4450:427/527 - Computer Networks Spring 2017

Introduction to routing in the Internet

OSI Data Link & Network Layer

Guide to Networking Essentials, 6 th Edition. Chapter 5: Network Protocols

Agenda L2 versus L3 Switching IP Protocol, IP Addressing IP Forwarding ARP and ICMP IP Routing First Hop Redundancy

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 12

6 Chapter 6. Figure 1 Required Unique Addresses

Basics of communication. Grundlagen der Rechnernetze Introduction 31

Chapter 4 Network Layer: The Data Plane

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

OSI Data Link & Network Layer

Workshop on Scientific Applications for the Internet of Things (IoT) March

IPv6 is Internet protocol version 6. Following are its distinctive features as compared to IPv4. Header format simplification Expanded routing and

Router Architecture Overview

IPv6 Neighbor Discovery

ISO 9001:2008. Pankaj Kumar Dir, TEC, DOT

CSC 4900 Computer Networks: Network Layer

McGraw-Hill The McGraw-Hill Companies, Inc., 2000

EC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane

IPv6 Protocol & Structure. npnog Dec, 2017 Chitwan, NEPAL

1 Connectionless Routing

Networking Fundamentals

12.1. IPv6 Feature. The Internet Corporation for Assigned Names and Numbers (ICANN) assigns IPv6 addresses based on the following strategy:

Connection Oriented Networking MPLS and ATM

Internet Protocol, Version 6

The MAC Layer. Mukhopadhyay. Jean Yves Le Boudec 2018

Internet Network Protocols IPv4/ IPv6

COSC4377. TCP vs UDP Example Statistics

Lecture 4 - Network Layer. Transport Layer. Outline. Introduction. Notes. Notes. Notes. Notes. Networks and Security. Jacob Aae Mikkelsen

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

IPv6 Concepts. Improve router performance Simplify IP header Align to 64 bits Address hierarchy with more levels Simplify routing tables

Introduction to Internetworking

Table of Contents 1 IPv6 Configuration IPv6 Application Configuration 2-1

Vorlesung Kommunikationsnetze

Addressing protocols. TELE3118 lecture notes Copyright by Tim Moors Aug-09. Copyright Aug-09, Tim Moors

Internet. Organization Addresses TCP/IP Protocol stack Forwarding. 1. Use of a globally unique address space based on Internet Addresses

Transcription:

ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE The Netwok Layer IPv4 and IPv6 Part 1 Jean Yves Le Boudec 2014 1 Contents 1. The Two Principles of IP Unicast 2. IPv4 addresses 3. IPv6 addresses 4. Subnets and Masks 5. NATs 6. ARP Textbook Chapter 5: The Network Layer 2

IP Principle #1 = Structured addresses + Longest prefix match Recall goal of Internet Protocol (IP) = interconnect all systems in the world Principle #1: every interface has an IP address IP address is structured to reflect where the system is in the world every packet contains IP address of destination every system has a forwarding table ( = routing table) and performs longest prefix match on address destination 3 Lisa A.H1 Forwarding table to output B.* 2 A.* 0 1 Forwarding table to output A.* 1 B.D.* 2 B.* 3 0 2 1 3 1 0 router R1 to: B.D.H2 router R2 router R3 2 Forwarding table to output A.* 1 B.D.* 1 B.C.* 0 Homer B.C.H2 to output A.* 1 B.* 2 1 router R4 2 Bart B.D.H2 Forwarding table 4

IP Principle #2 = Don t use routers inside a LAN B WiFi base station P W E Ethernet concentrator B E and W P should not go through router W E goes through router Terminology: LAN = subnet IP principle 2 says: between subnets use routers, inside subnet don t 5 We observe a packet from W to P at 1. Which IP destination address do we see? 1. The IP address of P 1 25% 25% 25% 25% 2. The IP address of an Ethernet interface of the Ethernet concentrator 3. There is no destination IP address in the packet since communication is inside the subnet and does not go through a router 4. I don t know The IP address of P dress of an Ethernet... no destination IP a... I don t know 6

The Internet Protocol (IP) Communication between IP hosts requires knowledge of IP addresses An IP address is unique across the whole network (= the world in general) An IP address is the address of an interface There are two versions: IPv4 (current version) and IPv6 (next version) There are two network layers: Internet4 and Internet6 Terminology: packet = IP data unit intermediate system = system that forwards data units to another system; an IP intermediate system is called a router an IP system that does not forward is called a host 7 2. IPv4 addresses IPv4 address Uniquely identifies one interface in the world (in principle) An IPv4 address is 32 bits, usually noted in dotted decimal notation dotted decimal: 4 integers (one integer = 8 bits) example 1: 128.191.151.1 example 2: 129.192.152.2 hexadecimal: 8 hexa digits (one hexa digit = 4 bits) example 1: x80 bf 97 01 example 2: x81 c0 98 02 binary: 32 bits example 1: b1000 0000 1011 1111 1001 0111 0000 0001 example 2: b1000 0001 1100 0000 1001 1000 0000 0010 8

Binary, Decimal and Hexadecimal Given an integer B the basis : any integer can be represented in base B by means of an alphabet of B symbols Usual cases are decimal: 234 binary: 1110 1010 hexadecimal: ea Mapping binary < > hexa is simple: one hexa digit is 4 binary digits e = 1110 a = 1010 ea = b1110 1010 Mapping binary < > decimal is best done by a calculator 1110 1010 = 128 + 64 + 32 + 8 + 2 = 234 Special Cases to remember f = 1111 = 15 ff = 11111111 = 255 9 lrcsuns 128.178.156.24 08:00:20:71:0D:D4 lrcpc3 128.178.156.7 00:00:C0:B8:C2:8D Example Modem + PPP sic500cs 128.178.84.130 128.178.84.133 182.5 in-inr 128.178.156.1 00:00:0C:02:78:36 LRC ed2-in 182.1 DI ETHZ-Backbone 129.132.100.12 129.132.100.27 ezci7-ethz-switch 129.132.35.1 sw-zu-03 Switch 130.59.x.x sw-la-01 128.178.47.3 128.178.84.1 128.178.47.5 ed0-ext EPFL-Backbone ed0-swi 15.13 128.178.100.12 stisun1 15.7 15.221 128.178.100.3 128.178.182.3 in-inj 128.178.79.1 00:00:0C:17:32:96 disun3 128.178.79.9 lrcmac4 08:00:20:20:46:2E 128.178.156.23 Ring SIDI SUN 08:00:07:01:a2:a5 ezci7-ethz-switch ed2-el Komsys 129.132 66.46 LEMA lrcmac4 128.178.29.64 08:00:07:01:a2:a5 10

Network Prefix Network prefixes are used in routing tables /24 is the prefix length in bits Extract from routing table at sw-la-0 128.178.100.2 Destination Next hop 128.178.29.1 128.178/16 128.178.47.5 0/0 130.59.23.2 Extract from routing table at ed0-swi Destination Next hop 128.178.29/24 128.178.100.2 128.178/16 128.178.100.3 0/0 128.178.47.3 11 Special Addresses 0.0.0.0 absence of address 127.0.0/24 this host (loopback address) for example 127.0.0.1 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 private networks (e.g in IEW) cannot be used on the public Internet 169.254.0.0/16 link local address (can be used only between systems on same LAN) 224/4 multicast 240/5 reserved 255.255.255.255/32 link local broadcast 12

IPv4 Packet Format Higher layer protocol 1= ICMP, 6 = TCP, 17 = UDP) Header 20 bytes (+ options, if any) payload We will see the functions of the fields other than the addresses in a following module 13 3. IPv6 Addresses The current IP is IPv4. IPv6 is the next version of IP Why a new version? IPv4 address space is too small (32 bits 4 10 addresses ) What does IPv6 do? Redefine packet format with a larger address: 128 bits ( 3 10 addresses) Otherwise essentially the same as IPv4 IPv6 is incompatible with IPv4; routers and hosts must handle both separately A can talk to W, B can talk to W, A and B cannot communicate Web browser W Application IPv6 TCP MAC IPv4 Dual Stack Local router IPv6 MAC IPv4 B HTTP TCP IPv6 A HTTP TCP IPv4 14

Routing Tables at ed0 swi IP address of next hop lrcsuns 128.178.156.24 08:00:20:71:0D:D4 Destination Next hop 2001:620:618:1a4/64 fe80::1%1 2001:620:618/48 fe80::4%2 ::/0 fe80::1%2 128.178.47.3 sw-la-01 2001:620:618:10a::1 fe80::1 %1 stisun1 ed0-ext ed0-swi 128.178.47.3 %2 128.178.15.7 2001:620:618:10b::1 2001:620:618:1a6:1:80b2:f66:1 fe80::1 182.5 ed2-in 128.178.182.3 2001:620:618:1ac::3 2001:620:618:1ac::5 182.1 in-inr in-inj 2001:620:618:1ac::1 128.178.156.1 DI 128.178.79.1 2001:620:618:1ad::1 2001:620:618:1ab::1 00:00:0C:02:78:36 00:00:0C:17:32:96 LRC interface number 128.178.47.3 2001:620:618:10b::4 fe80::4 ed2-el 128.178.29.1 2001:620: 618:1a4::1 lrcpc3 128.178.156.7 00:00:C0:B8:C2:8D lrcmac4 2001:620:618:1ad:0a00:20ff:fe78:30f9 08:00:20:78:30:F9 15 IPv6 addresses are 128 bit long and are written using hexadecimal digits an EPFL public address: 2001:620:618:1a6:0a00:20ff:fe78:30f9 an EPFL private address: fd24:ec43:12ca:1a6:0a00:20ff:fe78:30f9 This is a private address EPFL private 16

Compression Rules for IPv6 Addresses 1 piece = 16 bits = [0 4 ]hexa digits; leading zeroes in one piece are omitted ; prefer lower case pieces separated by : (colon) one IPv6 address uncompressed = 8 pieces :: replaces any number of 0s in more than one piece; appears only once in address uncompressed 2002:0000:0000:0000:0000:ffff:80b2:0c26 2001:0620:0618:01a6:0000:20ff:fe78:30f9 compressed 2002::ffff:80b2:c26 2001:620:618:1a6:0:20ff:fe78:30f9 17 A Few IPv6 Global Unicast Addresses The block 2000/3 (i.e. 2xxx and 3xxx) is allocated for global unicast addresses 2001:620::/32 Switch 2001:620:618::/48 EPFL 2001:620:8::/48 ETHZ 2a02:1200::/27 Swisscom 2001:678::/29 provider independent address 2001::/32 Teredo 2002::/16 6to4 18

Examples of Special Addresses EPFL Private fc00::/7 (i.e. fcxx: and fdxx:) For example fd24:ec43:12ca:1a6:a00: 20ff:fe78:30f9 fe80::/10 ::/128 absence of address ::1/128 this host (loopback address) Unique local addresses = private networks (e.g in IEW) cannot be used on the public Internet link local address (can be used only between systems on same LAN) ff00::/8 multicast ff02::1:ff00:0/104 Solicited node multicast ff02::1/128 ff02::2/128 link local broadcast all link local routers 19 IPv6 Packet Format e.g. Higher layer protocol 1= ICMP, 6 = TCP, 17 = UDP) 16 bytes Header 40 bytes (+ options, if any) We will see the functions of the fields other than the addresses in a following module payload 20

The dotted decimal notation for 80 1: is 1. 128.193.255.255 2. 228.393.255.255 3. I don t know 33% 33% 33% 128.193.255.255 228.393.255.255 I don t know 21 The hexadecimal notation «2001::bad:babe» denotes a string of 1. 32 bits 2. 44 bits 3. 48 bits 4. 64 bits 5. 128 bits 6. None of the above 7. I don t know 14% 14% 14% 14% 14% 14% 14% 32 bits 44 bits 48 bits 64 bits 128 bits None of the above I don t know 22

4. Subnets and Masks Recall the IP principles: longest prefix match + routers between subnets only An IP system needs to know (in its forwarding table) which addresses are in same LAN as self ( = on link ) ed2 in has an IPv4 packet to destination address 128.178.15.7: packet is sent directly to 128.178.15.7 128.178.156.24 : packet is sent to in inr This is done using the subnet mask dest next-hop interface 128.178.15.0/24 On-link eth0 128.178.10.0/24 On-link eth1 128.178.182.0/24 On-link eth2 128.178.156.0/24 128.178.182.5 eth2 0.0.0.0/0 128.178.10.1 eth1 23 One IP subnet must correspond to one network part An IP address is usually interpreted a network part a host part 128.178.151.24 2001:620:618:1a6:0a00:20ff:fe78:30f9 Network part identifies subnet One subnet = one LAN All hosts in same LAN must have same network part The size of the network part may vary EPFL IPv4 network part is 24 bits ETHZ IPv4 network part 26 bits IPv6 network part is very often 64 bits 24

A system computes its network part from its IP address using the subnet mask, configured with the address = string of bits equal to 1 in network part, to 0 in host part network == IP address && mask At EPFL, IPv4 mask = 255.255.255.0 128.178.15.7 and 128.178.15.221 are on same subnet because 128.178.15.7 && 255.255.255.0 = 128.178.15.221 && 255.255.255.0 =128.178.15.0 IPv6 mask is very often 64 bits i.e. = ffff:ffff:ffff:ffff:: The notation /<length of network part> is also used Subnet Mask We could use the notation /24 instead of 255.255.255.0 25 Same as saying Mask = ffff:ffff:ffff:ffff:: 26

Reserved Addresses with IPv4 0 and «all 1» are often avoided as host part Example: 128.178.156.0 and 128.178.156.255 are avoided (to prevent confusions with broadcast) 27 IPv4 address classes Long ago, IPv4 addresses had a class subnet mask was not necessary This is now obsolete but many people continue to use it. 0 1 2 3 8 16 24 31 class A 0 Net Id Subnet Id Host Id class B 10 Net Id Subnet Id Host Id class C 110 Net Id Host Id class D 1110 Multicast address class E 11110 Reserved Class A B C D E Range 0.0.0.0 to 127.255.255.255 128.0.0.0 to 191.255.255.255 192.0.0.0 to 223.255.255.255 224.0.0.0 to 239.255.255.255 240.0.0.0 to 247.255.255.255 28

bridge?... 187.44.....??...253...1? 192.44.78.254 X? bridge host A 192.44.77.254 192.44.77.2 Can Host A have this address? Masks are all 255.255.255.0 1. Yes 2. No 3. I don t know 33% 33% 33% Yes No know 29 The IPv4 Subnet Mask at ETHZ is 1. 255.255.255.0 2. 255.255.255.1 3. 255.255.255.2 4. 255.255.255.192 5. 255.255.255.198 6. 255.255.255.332 7. ffff:ffff:ffff:ffff:: 8. ffff:ffff:ffff:ffff:c000:: 9. I don t know 11% 11% 11% 11% 11% 11% 11% 11% 11% 255.255.255.0 255.255.255.1 255.255.255.2 255.255.255.192 255.255.255.198 255.255.255.332 ffff:ffff:ffff:ffff:: ffff:ffff:ffff:ffff:c000:: I don t know 30

The IPv6 Subnet Mask at ETHZ is 1. 255.255.255.0 2. 255.255.255.1 3. 255.255.255.2 4. 255.255.255.192 5. 255.255.255.198 6. /48 7. ffff:ffff:ffff:ffff:: 8. ffff:ffff:ffff:ffff:c000:: 9. I don t know 11% 11% 11% 11% 11% 11% 11% 11 5.255.0 5.255.1 5.255.2 255.192 255.198 /48 31 ffff:ffff:: ff:c000:: What is the subnet broadcast address for subnet 129.132.100.0/26? 1. 129.132.100.0 2. 129.132.100.15 3. 129.132.100.63 4. 129.132.100.192 5. 129.132.100.255 6. I don t know 17% 17% 17% 17% 17% 17% 129.132.100.0 129.132.100.15 129.132.100.63 129.132.100.192 129.132.100.255 I don t know 33

5. NATs: Why invented? (Network Address Translation boxes) Goal: re use same IP address for several devices / use private addresses This is a special type of «middle box», that is violating the TCP/IP architecture Used in residential networks («ADSL Modem») Used in companies to save IP addresses 35 How does Network Address Translation Work? NAT box modifies IP address and port numbers (port numbers are in TCP and UDP headers see transport protocol module) Maps (IP address, protocol type, port number) Exact matching from NAT Table To: 192.168.10.11 UDP : 1029 To: 130.104.228.200 UDP : 3441 To: 192.168.10.10 UDP : 1029 To: 130.104.228.200 UDP : 3442 LAN IPv 4 NAT box LAN Internet 192.168.10.11 udp 1029 130.104.228.200 udp 3441 192.168.10.11 udp 1029 130.104.228.200 udp 3442 NAT table 36

Creating a NAT table entry: on the fly From: 192.168.10.11 TCP : 1765 To: 201.19.32.45 Port 80 From: 130.104.228.200 TCP : 2343 To: 201.19.32.45 Port 80 LAN IPv 4 NAT box LAN Internet 192.168.10.10 udp 1029 130.104.228.200 udp 3441 192.168.10.11 udp 1029 130.104.228.200 udp 3442 192.168.10.11 tcp 1765 130.104.228.200 tcp 2343 NAT table 201.19.32.45 37 Why some applications don t work with NATs S NAT Assume A behind a NAT and S in the internet Communication between A and S must be initiated by A «punch a hole through the NAT» If A and S are both behind a NAT (e.g. with voice over IP), we have a bootstrap problem A does not know its IP address as seen by S Solving this requires a third party this is what made Skype s fortune Cone or restricted NATs: third party used only to discover translated address Symmetric NAT: third party relays all traffic 38

Types of NATs Cone: translated (address, port) = f (internal (address, port)) ; remains valid as long as refreshed Symmetric: translated (address, port) = f(internal (address, port), correspondent (address, port)) Restricted: translated (address, port) = f (internal (address, port)) ; but valid only for specific correspondent address traffic from an unknown correspondent address is silently discarded This is only a rough classification; many things may happen in practice; NATs are a hack! 39 NAT44 and NAT66 NATs are motivated primarily by shortage of IPv4 addresses NAT44 maps IPv4 IPv4 addresses Widespread Many believe that there is no need for NAT66 since there are as many IPv6 addresses as one may ever need NAT66 are not widespread But NAT66 may be needed for other reasons use private addresses eg IEWv6 to EPFL v6 RFC 6296 specifies NAT66 40

When a NAT has a packet to forward and an association exists in the NAT table A. The NAT looks for a longest prefix match B. The NAT looks for an exact match C. None of the above D. I don t know The NAT looks for a longest. The NAT looks for an exact. 0% 0% 0% 0% None of the above I don t know 41 From WAN to LAN, the NAT may modify A. The source port B. The destination port C. None of the above D. I don t know 0% 0% 0% 0% The source port The destination port None of the above I don t know 42

ed2 in has a packet to destination address: 128.178.15.7; packet is sent directly to 128.178.15.7 128.178.156.24; packet is sent to 128.178.182.5 6. MAC Address Resolution Q: What does «send packet directly» mean? A: send in an Ethernet frame, with destination MAC address = MAC address of 128.178.15.7 Pb: what is the MAC address of 128.178.15.7? Solution: ed2 in learns MAC address of 128.178.15.7 using an address resolution procedure 44 Address Resolution with IPv4 : ARP Protocol 1: ed2-in has a packet to send to 128.178.15.7(stisun1) 1 No dest IP address Dest MAC addr = ff:ff:ff:ff:ff:ff ed2-in stisun1 lrcpc2 ed0-ext 128.178.15.221 08:00:20:71:0d:d4 128.178.15.7 00:00:c0:b3:d2:8d 128.178.15.13 00:00:0c:02:78:36 this address is on the same subnet lrcsuns sends an ARP request to all systems on the subnet (Ethernet broadcast Ethernet type = ARP) target IP address = 128.178.156.7 ARP request is received by all IP hosts on the local network is not forwarded by routers 45

Address Resolution with IPv4 : ARP Protocol 1 2 No dest IP address Dest MAC addr = 08:00:20:71:0d:d4 ed2-in stisun1 lrcpc2 ed0-ext 128.178.15.221 08:00:20:71:0d:d4 128.178.15.7 00:00:c0:b3:d2:8d 128.178.15.13 00:00:0c:02:78:36 2: stisun1 has recognized its IPv4 address sends an ARP reply packet to the requesting host with its IPv4 and MAC addresses 46 Address Resolution with IPv4 : ARP Protocol 1 2 3 Dest IP addr = 128.178.15.7 Dest MAC Addr = 00:00:c0:b3:d2:8d ed2-in stisun1 lrcpc2 ed0-ext 128.178.15.221 08:00:20:71:0d:d4 128.178.15.7 00:00:c0:b3:d2:8d 128.178.15.13 00:00:0c:02:78:36 3: ed2-in reads ARP reply, stores in a cache and sends IPv4 packet to stisun1 1 and 2 are ARP packets; Ethertype = ARP (0806) 3 is an IPv4 packet; Ethertype = IPv4 (0800) ed2 in keeps mapping in cache; expires if there is no traffic from stisun2 for some period of time > cache timeout 47

Address Resolution with IPv6 is part of the Neighbor Discovery Protocol (NDP) 1: ed2-in has a packet to send to 2001:620:618:1a6:1:80b2:f66:1(stisun1) 1 Dest IP address = ff02::1:ff66:1 Dest MAC address = 33:33:ff:66:00:01 ed2-in stisun1 lrcpc2 ed0-ext 128.178.15.221 128.178.15.7 2001:620:618:1a6:1: 2001:620:618:1a6:1: 80b2:f01:1 08:00:20:71:0d:d4 80b2:f66:1 00:00:d0:b3:d2:8d this address is on the same subnet lrcsuns sends a Neighbor Solicitation (NS) packet to the solicited node multicast address ff02::1:ff66:1 NS is received by all IPv6 hosts on the local network that have the same solicited node multicast address (here: only stisun1) 48 The Solicited Node Multicast Address Add last 24 bits of target IP address to ff02::1:ff00:0/104 A packet with such a destination address is forwarded by layer 2 to all nodes that listen to this multicast address Using MAC multicast address 33:33:<last 32 bits of IP address> This is better than broadcast Target address Solicited Node multicast address Compressed Uncompressed Uncompressed Compressed 2001:620:618:1a6:001:80b2:f66:1 2001:0620:0618:01a6:0001:80b2:0f66:0001 ff02:0000:0000:0000:0000:0001:ff66:0001 ff02::1:ff66:1 49

Address Resolution with IPv6 : NDP Protocol 1 2 Dest IP address = 2001:620:618:1a6:1:80b2:f01:1 Dest MAC address = 08:00:20:71:0d:d4 ed2-in stisun1 lrcpc2 ed0-ext 128.178.15.221 128.178.15.7 2001:620:618:1a6:1: 2001:620:618:1a6:1: 80b2:f01:1 08:00:20:71:0d:d4 80b2:f66:1 00:00:c0:b3:d2:8d 2: stisun1 has received the NS packet and recognized its IPv6 address as the target sends a Neighbor Advertisement in reply with its IPv6 and MAC addresses 50 Address Resolution with IPv6 : NDP Protocol 1 2 3 Dest IP address = 2001:620:618:1a6:1:80b2:f66:1 Dest MAC address = 00:00:c0:b3:d2:8d ed2-in stisun1 lrcpc2 ed0-ext 128.178.15.221 128.178.15.7 2001:620:618:1a6:1: 2001:620:618:1a6:1: 80b2:f01:1 08:00:20:71:0d:d4 80b2:f66:1 00:00:c0:b3:d2:8d 3: ed2-in reads NA, stores in a cache and sends IPv6 packet to stisun1 1,2 and 3 are IPv6 packets; Ethertype = ARP (86DD) ed2 in keeps mapping in cache; expires if there is no traffic from stisun2 for some period of time > cache timeout 51

Look inside an ARP packet Ethernet II Destination: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff) Source: 00:03:93:a3:83:3a (Apple_a3:83:3a) Type: ARP (0x0806) Trailer: 00000000000000000000000000000000... Address Resolution Protocol (request) Hardware type: Ethernet (0x0001) Protocol type: IP (0x0800) Hardware size: 6 Protocol size: 4 Opcode: request (0x0001) Sender MAC address: 00:03:93:a3:83:3a (Apple_a3:83:3a) Sender IP address: 129.88.38.135 (129.88.38.135) Target MAC address: 00:00:00:00:00:00 (00:00:00_00:00:00) Target IP address: 129.88.38.254 (129.88.38.254) 52 Look Inside an ICMPv6 NDP Neighbour Solicitation Packet Solicited Node Multicast Address corresponding to this IPv6 target address Neighbor Solicitation (=ARP Request) 53

ed2 in has a packet to destination address 128.178.156.24; packet is sent to 128.178.182.5; the packet is sent by «ed2 in» 1.... inside an Ethernet frame with destination MAC address = 08:00:20:71:0d:d4 2.... inside an Ethernet frame with destination MAC address = 00:00.0d:0d:9a:75 3. None of the above 4. I don t know 00:00.0d:0d:9a:75 0% 0% 0% 0% 1. 2. 3. 4. 54 Security Issues with ARP/ NDP ARP requests / replies may be falsified (ARP spoofing) 1 2 No dest IP address Dest MAC addr = 08:00:20:71:0d:d4 ed2-in stisun1 lrcpc2 ed0-ext 128.178.15.221 08:00:20:71:0d:d4 128.178.15.7 00:00:c0:b3:d2:8d 128.178.15.13 00:00:0c:02:78:36 Can we prevent ARP spoofing? 55

DHCP Snooping and Dynamic ARP Inspection can prevent ARP spoofing in LANs DHCP snooping = switch/ethernet concentrator/wifi base station observes all DHCP traffic and remembers mappings IP addr MAC addresses (DHCP is used to automatically configure the IP address at system boot) Dynamic ARP inspection: switch filters all ARP (or NDP) traffic and allows only valid answers This solution is deployed in enterprise networks, rarely in homes or WiFi access points 56 Conclusion The network layer (= IP) is the center piece of communication networks IP is built on two principles: one IP address per interface and longest prefix match; this allows to compress routing tables by aggregation inside subnet, don t use routers There are (unfortunately) two versions of IP, IPv4 and IPv6; they are not compatible interworking requires some tricks (see later). NATs came as an after thought and use a different principle than IP unicast (exact match versus longest prefix match) are widely deployed NATs hide IP addresses and complicate the operation of networks The goal of ARP/NDP is to find the MAC address corresponding to an IP address 57

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback