6IP layerProvides powerful logical abstractionHides Physical Layer dependencyUpper layer processes see a logical IP network
7Functions of Internet Protocol Internet Protocol (IP) providesDatagram servicePhisical network independence for higher layer processingLogical address for computers on networkIndependence from maximum transmission unit sizeFragmentation and reassembly controlThese topics are examined in the next several viewgraphs
8IP Datagram Service Ip makes use of “best efforts” service Similar to postal servicesAdvantagesSimplicity and less overheadUpper layers can build more reliable serviceAdequate for many networks-- LANs, frame relay
9Need for Uniform Addresses (Logical Addresses) Phisical networks use different addressing schemesEthernet networks use 6-byte addressesX.25 networks use 14-digit decimal codesARCNET networks use 1-byte addressesHow should nodes on a logical network be identified?Solution: Use a logical address to provide a uniform way of addressing all network nodes rregardless of their physical network connections
10Message Size Limitations Physical networks support different maximum frame sizeExample: 1518 bytes for Etherne, 512 bytes for ARCNET, etc.Upper layers (TCP) del with message size of arbitrary lengthProblem: How do you send arbitrarily long messages to networks with packet-size constraints?A solution: datagrams, fragmentation, and reassembly
11Names and Addresses LAN Addressing NIC addresses (like National Insurance Number)Broadcast technologyNo geographyNetwork AddressingIP addresses (telephone numbers)Permits subnetting (like county and area codes)Gives routing capabilityMaps to NIC address through ARPHuman Friendly NamesShows affiliations (like a normal mail address)Structured independently of IPUsed to identify people, computers, networks, organistations.Maps to IP through DNS
12Typical MTU Size Network Typical frame size (bytes) MTU (bytes) Maximum frame size (bytes)Ethernet102415001518IEEE 802.5(4 Mbps)44644508(16 Mbps)*1024/409617,75617,800ARCNET508512X.2512840804096*Assuming a token-holding time of 9 ms.MTU = maximum transmission unit
13Fragmentation and Reassembly Control Many applications on hosts tend to use large message sizeFile transfer, graphic applicationsMany wide area networks prefer smaller packet size in comparison with some applicationsBetter use of buffer memorySmaller probability of error for each packetSmaller delay for priority packetsLarger packet size in networks (such as LANs) can result in more efficient data transfer
14Freagmentation and Reassembly Control (continued) What would happen to packets going from Host B to Host A?Note: TCP messages can be fragmented by sender
16Calculating an Address Class (continued) First Decimal Number in Dotted Decimal AddressMinimumMaximumA1126B128191C192223D224239E240247
17Range of Assignable Addresses netidhostidClassMinimumMaximumA1220.127.116.11B128.00.1C.1254D224.239.N/AN/A = not applicableWhy is address 127.x.x.x not assigned?
18Software Loopback Local machne can be addressed by 127.x.x.x “x” can be any value-- Typically, is used for local hostAlso referred to software loopback test-- Packets never transmitted-- Packets copied from transmit buffer to receive buffer
19Hostid and Broadcast Addresses Hostid of 0 is never assigned to an individual hostAn internet address with hostid of 0 refers to the network itself-- Example:-- Refers to class B networkDirected broadcast addressesBy convention, broadcast addresses have all 1 s in hostid field-- Example:Important exception is software derived from BSD 4.2 UNIX-- Uses all 0s broadcastLimited broadcast addressBroadcast address ofIP packets with this address usually do not cross router boudaryNot all TCP/IP implementations support it
21The Problem: Need for Address Resolution How does a host know about another host’s physical address?Hard code knowledge of physical addresses?Can you logical (IP address) to determine physical address?-- Address resolution protocols
22Dynamic Address Resolution Protocol Mechanism Host A broadcasts ARP request on network containing B’s IP addressAll nodes receive ARP request, but only B responds because its IPaddress is included in the ARP requestB replies to A, with B’s physical addressAssumption: requires broadcast capability on network (i.e.,Ethernet, Token Ring, etc.)
23ARP Request/Response Packet Structure Numbers in ( ) represent bits
24ARP Refinements: Caching In previous exampleHost A uses ARP reply to build a local cache-- Cache contains <IP addr., Physical addr.> pairHost B is likely to reply to AUse ARP request to store A’s <IP addr., Psysical addr.> in cacheOther host extract A’s <IP addr., Physical addr> from ARP requestMachines booting on netork announce their <IP addr., Physical addr.>Other machines cache this informationAlso used for duplicate IP address detection
25IP Address for Disless Nodes Workstations store their IP addresses in local storage mediaHow do diskless workstations store their IP addresses?A solution: use Reverse ARP (RARP)-- Keep <IP addr., Physical addr.? Bindings on RARP server-- Potential for simplifying IP adress administration?
26RARP Operation RARP uses same packet structure as ARP Sender address – PADestination address = broadcastEthertype = 8035 hexRARP uses same packet structure as ARP
27RARP Operation (continued) Send broadcasts RARP requestSENDER HA ← Sender’s physical addressTARGET HA ← Sender’s physical addressRARP servers respond withOPERATION TYPE ← replyTARGET IP ← Answer (requester’s IP address)DATA LINK DA ← Requester’s physical addressLssuesRARP request stormsPrimary and backup RARP servers
28BOOTPBOOTP makes use of UDP/IP to obtain IP addresses and other informationBOOTP does not provide clients with bootstrap imageIt provides the name of the boot imageBoot image is transferred using Trivial File Transfer Protocol (TFTP)To forward BOOTP requests across routers, routers must be configured with rekay agents to foeward BOOTP packets
29Troubleshooting Duplicate IP Addresses and ARP Tables Nodes on an IP network must have unique IP addressesOtherwise, ARP tables are initialized with incorrect <IP addr., Physical addr.> mappingsSymptoms of bad ARP tables are-- Users unable to access TCP/IP hosts-- Workstations and servers crashing-- Intermittent problems with applications not workingCommon results of duplicate IP addresses areARP table corruption at workstationsARP table corruption at servers
30Duplicate IP Addresses at Workstation Step 1Workstation initiates FTP session to server
31Duplicate IP Addresses at Workstation (continued) Step 2Second workstation with duplicate IP address initiates FTP session to server
32Duplicate IP Addresses at Workstation (continued) If the server receives a TCP/IP connection request from a second workstation with a duplicate IP address, the TCP/IP software mayIgnore the second requestOverwrite the server ARP cache entry with hardware address from second workstationGet confused and crashIn either of the above choices, one or both of the workstations with the duplicate IP address will have connection problems
33Duplicate IP Addresses at the Server Workstation tries to connect to VAX at IP addressIf the SUN server at duplicate IP address returns an ARP reply faster than the VAX, the workstation connects to the SUN server instead of the VAXWhat happens if the SUN server and VAX server also act as routers?
34ARP Display UtilitiesResolving duplicate IP address problems can be a challenging task on large networksKeeping good records of IP address assignments and hardware addresses of devices can helpUse utilities to display and fix ARP cache entries-- Most UNIX systems have the arp utilityarp -aarp -d hostnamearp -s hostname hardware_addrDisplay all ARP entries in tableDelete an entry from ARP tableAdd a new entry in ARP table. Entry is nottimed out!
40IP Packet Structure Background: This exercise is a guided tour on the structure of IP packets. It will be done concurrently with the lecture, which will explain the IP structure. You will use the packet trace that you saved in an earlier exercise for understanding the IP packet structure.Objectives:Examine the IP packet fieldsUnderstand the functionality of the IP protocol
41IP Packet Structure (continued) Run LANWatch at your workstation.If you forgot how to run LANWatch, see page 16 in the Exercise Manual.Load the filt TELNET. TR1 that contains the TELNET packet trace youstored in an earlier exercise.Highlight one of the red packets that contain IP protocol information and display it in the detailed format.Follow the instructions given to you by the instructor.
42IP Field: Version Version field Indicates format of IP header Declares version of protocol to which datagram belongsAllows development of new protocols while network is operationalWhat is the version of the IP packet on your screen?
43IP Field: Internet Header Length Measured in 32-bit wordsRequired because IP header contains variable length options fieldWhat is the internet header length of the IP packet on your screen?___________________________Does the IP packet have an options field?Yes No
44IP Field: Type of Service (TOS) Informs networks on Quality Of Service (QOS) desired
45IP Field: Type of Service (TOS) What is the bit pattern for TOS of IP packet on your screen? __________________________What is the TOS value? _________________
46IP Field: Total Length Total length Length of datagram (octets), including IP header and data portionMaximum datagram size is 65,535 octetsAll hosts must be prepared to receive datagrams of 576 octets512 octets of data and 64 octets of protocol overheadWhat is the total length for the IP packet on your screen? _________________ octets?
47IP Field: Identification Set uniquely for each datagramUsed as an aid in assembling fragments of a datagramWhat is the identification value for the IP packet on your screen? ___________
48IP Field: Identification (continued) Use cursor keys (↑, ↓) to examine identification field values of IP packets before and after this IP packetWhat is the identification value of the previous IP packet?______What is the identification value of the next IP packet?________
49IP Field: FlagsWhat are the flag settings for the IP packet on your screen?DF flag =_______ MF flag = _______
50IP Field: Fragment Offset Position of fragment's data relative to the beginning of data carried in original datagramMaximum of 8192 fragments per datagramIdentification field is same for all fragments
51IP Field: Fragment Offset What is the fragment offset for the IP packet on your screen?_________________________
52IP Field: Time to Live Time to live Maximum time IP datagram can remain on internetWhen TTL = 0, IP datagram is destroyed (dropped)Decreased by time for IP header processing, but must be decreased by at least 1
53What is the TTL field value for the IP datagram on your screen
54IP Field: Protocol Protocol field Indicates which Upper Layer Protocol (ULP) is to receive data portion of IP datagramWhat is the protocol field value for the IP packet on your screen?
55IP Field: Protocol (continued) Protocol field valueKeyboardDescriptionReserved1ICMPInternet Control Message Protocol6TCPTransmission Control Protocol8EGPExterior Gateway Protocol9IGPAny private Interior Gateway Protocol11NVPNetwork Voice Protocol17UDPUser Datagram Protocol22XNS IDPXerox Network System’s Internet Datagram Protocol29ISO TP4ISO Transport Protocol class 489OSPFOpen shortest path first
56IP Field: Header Checksum Covers only the IP headerAdd up 1's complement of each data item (16-bit) and then the 1 's complement of the sumRecomputed at every route because TTL field changesWhat is the header checksum field value of the IP packet?_______________________
57IP Field: Source Address, Destination Address Source and destination addresses are divided in netid and hostid fieldsWhat are the source-address and destination-address fields of the IP packet on your screen?Source address: _______________Destination address: ____________
58IP Field: Options Options Officially defined options are -- Security, loose source routing-- Strict source routing, record route-- Stream ID, Internet timestampOptions are of two types
59Are there any options defined in the IP packet on your screen
60BonusPick an IP packet (that appeals to you!) within LANWatch and analyze it on your own. Try to identify the blank fields in the IP datagram above. Label these fields and enter the value in the fields for the IP packet you are analyzing.
62Duplicate IP Address Problem IP addresses must be uniqueMost network software assumes trusted hostsDuplicate IP addresses result inNetwork software becoming confused, malfunctioningRouting problems-- Because routing information is encoded in IP address netid and hostid
63Buffer Reassembly Problem Not all IP implementations are equally robustSome IP implementations may not reassemble datagram fragments correctlySolution: Configure IP software for DF = 1-- Problem:DF flag may not be configurable by network managerFragmentation may be required if IP datagram traverses networks with small MTU
64IP Trailers: 4BSD UNIXSoftware derived from BSD 4.2 UNIX may use alternate IP encapsulationDone for efficient memory management-- To place data information on page boundaryBerkeley-style trailer encapsulationWill not interoperate with normal IP encapsulation (example: IP routers)
65Avoiding IP TrailersOn many UNIX systems, IP trailer encapsulation can be controlled by the if conf ig utilityExample:ifconfig ethO -trailersifconfig ethOethO: flags=23<UP,BROADCAST,NOTRAILERS>inet netmask ffffOOOO broadcast
66All O's BroadcastIP software implemented on earlier BSD 4.2 UNIX may use all O's broadcastCan cause confusion with most systems that use all 1's broadcastUse if conf ig utility to enable all 1's broadcastMay not work if broadcast mechanism has been hard-codedExample:ifconfig ethO broadcastifconfig ethOethO: flags=23<UP,BROADCAST,NOTRAILERS>inet netmask ffffOOOO broadcast
68Using Unique Internet Addresses If building your own private internetDecide on an IP address class-- Popular choices are class B, class CIf you decide not to connect to the InternetYou can select your own IP network numberIf you decide to connect to the InternetYou should apply to Network information Center (NIC) for unique internetwork numberAlternatively, use IP address translation devices such as application-level gateways-- Application-level gateways also can be used to implement-- firewalls for enhancing security-- Can be used to avoid duplicate IP address conflicts
69Application-Level Security Gateway (Firewall) Application-level firewall providesIsolation between duplicate IP addressesSecurity by restricting access between internal and external networks at the Application LayerAlternatively, use a private address
70Obtaining Unique IP Network Number To obtain Internet number to connect to the Internet, apply toNetwork Solutions InterNIC Registration Services 505 Huntmar Park Drive Herndon, VA USAUsers wanting to connect to the MILNET must still apply toDDN Network Information Center Park Meadow Drive, Suite 200 Chantilly, VA USASee Appendix D for application form for Obtaining IP Network Number
71IP Address Database Local management of IP addresse RARP servers can Configuration database kept on local machine-- Often simple text files, such as /etc/hosts (UNIX) or net . cfg and config . tel, etc. (MS-DOS)RARP serversBOOTP serverDHCP server (covered in Course 154)Name serversRARP servers canSimplify IP address maintenanceProblems:-- Updates when data-link address changes-- RARP storms-- Single point of failure
73IP on IEEE 802 LANs Initial IP implementation on LANs was on Ethernet Ethertype field in Ethernet header is used to indicate IP packet-- Ethertype = 800 hex for IP packetsThere is no Ethertype field in IEEE LANsHow do you indicate Ethertype information?-- Use lEEE802.2LLC
74IEEE 802.2 Logical Link Control IEEE LANs use a sublayer called LLC to indicate protocol (software) addresses
75The SNAP ProtocolA special DSAP or SSAP value in IEEE field indicates that Ethertype field is in the data fieldThis mechanism is called SubNet Access Erotocol (SNAP)
77IP on X.25First octet in X.25 call request data field indicates IP protocolX.25 virtual circuit is used to transmit datagrams-- Closed after a period of inactivity-- Treated as a point-to-point circuit
78IP on ATMATM transmits data in fixed 53-byte cells (5 bytes header and 48 bytes data)ATM cells available on demand with low latency-- Real-time audio/video-- Multimedia applicationsATM provides virtual channels with quality of service (QoS) parameters
79Chapter Summary You have learned about The role of the Internet Protocol (IP)IP address classesAddress Resolution ProtocolsIP packet structureIP on various physical networks