CSE401N:Computer Networks Lecture The Internet Protocol(IP) IPv4 & IPv6 CIDR, Subnet & NAT DHCP,ARP

6/3/2015 4a-2 The Internet Network layer routing table Host, router network layer functions: Routing protocols path selection RIP, OSPF, BGP IP protocol addressing conventions datagram format packet handling conventions ICMP protocol error reporting router “signaling” Transport layer: TCP, UDP Link layer physical layer Network layer

6/3/2015 4a-3 IP Addressing: introduction r IP address: 32-bit identifier for host, router interface r interface: connection between host, router and physical link m router’s typically have multiple interfaces m host may have multiple interfaces m IP addresses associated with interface, not host, router =

6/3/2015 4a-4 IP Addressing r IP address: m network part (high order bits) m host part (low order bits) r What’s a network ? ( from IP address perspective) m device interfaces with same network part of IP address m can physically reach each other without intervening router network consisting of 3 IP networks (for IP addresses starting with 223, first 24 bits are network address) LAN

6/3/2015 4a-5 IP Addressing How to find the networks? r Detach each interface from router, host r create “islands of isolated networks Interconnected system consisting of six networks

6/3/2015 4a-6 IP Addresses 0 network host 10 network host 110 networkhost 1110 multicast address A B C D class to to to to bits given notion of “network”, let’s re-examine IP addresses: “class-full” addressing:

6/3/2015 4a-7 IP Addressing r An IP address is a 32-bit sequence of 1s and 0s. r To make the IP address easier to use, the address is usually written as four decimal numbers separated by periods. r This way of writing the address is called the dotted decimal format.

6/3/2015 4a-8 Decimal and Binary Conversion

6/3/2015 4a-9 IPv4 Addressing

6/3/2015 4a-10 Class A, B, C, D, and E IP Addresses

6/3/2015 4a-11

6/3/2015 4a-12 Reserved IP Addresses 1. Certain host addresses are reserved and cannot be assigned to devices on a network. 2. An IP address that has binary 0s in all host bit positions is reserved for the network address. 3. An IP address that has binary 1s in all host bit positions is reserved for the broadcast address.

6/3/2015 4a-13 Network Address

6/3/2015 4a-14 Broadcast Address

6/3/2015 4a-15 Public and Private IP Addresses 1. No two machines that connect to a public network can have the same IP address because public IP addresses are global and standardized. 2. Procedure was needed to make sure that addresses were in fact unique. 3. Originally, an organization known as the Internet Network Information Center (InterNIC) handled this procedure. InterNIC no longer exists and has been succeeded by the Internet Assigned Numbers Authority (IANA). 4. IANA carefully manages the remaining supply of IP addresses to ensure that duplication of publicly used addresses does not occur. 5. However, private networks that are not connected to the Internet may use any host addresses, as long as each host within the private network is unique.

6/3/2015 4a-16 Public and Private IP Addresses 1. RFC 1918 sets aside three blocks of IP addresses for private, internal use. 2. Addresses that fall in these ranges are not routed on the Internet backbone. Internet router immediately discard private addresses. 3. Connecting a network using private addresses to the Internet requires translation of the private addresses to public addresses using Network Address Translation (NAT).

6/3/2015 4a-17 IP addressing: CIDR r Classful addressing: m inefficient use of address space, address space exhaustion m e.g., class B net allocated enough addresses for 65K hosts, even if only 2K hosts in that network r CIDR: Classless InterDomain Routing m network portion of address of arbitrary length m address format: a.b.c.d/x, where x is # bits in network portion of address network part host part /23

6/3/2015 4a-18 r Millions of Addresses Available m Over 16,000,000 r Efficiency m Non-subnetted networks are wasteful m Division of networks not optimal r Smaller Network m Easier to manage m Smaller broadcast domains r So Make the network as small as possible m Divide the network into subnetworks m Borrow some bits from the host add. Why Subnet?

6/3/2015 4a-19 What You Need r Understand Address System r Understand Classes of Networks r “Two-Tums” Table m Formulas m Magic Numbers m Subnet Mask r “ANDing” Process

6/3/2015 4a-20 Dissecting the Address > Classes < r CLASS RANGES: m A: 0 – 127 N. H. H. H m B: 128 – 191 N. N. H. H m C: 192 – 223 N. N. N. H _ _ _ _ _ _ _ _._ _ _ _ _ _ _ _._ _ _ _ _ _ _ _._ _ _ _ _ _ _ _ (Digital) (Decimal) CLASS B

6/3/2015 4a-21 TWO-TUMS MAGIC NUMBERS: SUBNET MASK:

6/3/2015 4a-22 Magic Formulas Number of Usable Subnets 2 n – = = = = = = = = 6 Number of Usable Hosts/Subnet 2 h-n – = = =? = ? =? n = # borrowed bits h = # bits available in host address

6/3/2015 4a-23 Subnet Mask r What is a Subnet Mask? m “Extended Network Prefix” m Indicates extent of the Network numbers _ _ _ _ _ _ _ _ r Why is it needed? m Used by router to determine Network Address r How? m Uses “ANDing” to compare Mask to IP Address

6/3/2015 4a-24 ANDing Process MASK: IP: Network Address:

6/3/2015 4a-25 How to Subnet? * Subnet: Borrow _ _ _ _ _ _ _ _._ _ _ _ _ _ _ _._ _ _ _ _ _ _ _._ _ _ _ _ _ _ _ (Digital) (Decimal)

6/3/2015 4a-26 Easy Example

6/3/2015 4a-27 Set Up Subnets Subnets What is the Subnet Mask? What are the Network Addresses? What is the Broadcast Domain What IP Addresses are available?

6/3/2015 4a-28 Steps…. 1. What is the CLASS? 2. How many BITS do we need to borrow? 3. Determine Subnet Mask 4. Determine “Magic Number” 5. Set up Table for IP Address (“Wire”), Range & Broadcast Domain 6. Fill in Table 1. C [Range: 192 – 223]] 2. 5 Subnets 3 [ = 6] Use Subnet Mask # Borrow 3 Bits Wire Range BC 6.

6/3/2015 4a-29 Table WIRERANGEBC

6/3/2015 4a-30 Table WIRERANGEBC Class C Borrow 5 Bits

6/3/2015 4a-31 Table WIRERANGEBC Magic Number

6/3/2015 4a-32 Table WIRERANGEBC Subnet Mask

6/3/2015 4a-33 Table WIRERANGEBC

6/3/2015 4a-34 Table WIRERANGEBC Broadcast Domain

6/3/2015 4a-35 Table WIRERANGEBC

6/3/2015 4a-36 Table WIRERANGEBC – – – – – – –

6/3/2015 4a-37 Table WIRERANGEBC – – – – – – – Reserved for Network Addresses Reserved for Broadcast Addresses

6/3/2015 4a-38 Table WIRERANGEBC – – – – –

6/3/2015 4a-39 Set Up Subnets

6/3/2015 4a-40

6/3/2015 4a-41 Obtaining an Internet Address 1. Static addressing m Each individual device must be configured with an IP address. 2. Dynamic addressing m Reverse Address Resolution Protocol (RARP) m Bootstrap Protocol (BOOTP) m Dynamic Host Configuration Protocol (DHCP) m DHCP initialization sequence m Function of the Address Resolution Protocol m ARP operation within a subnet

Obtaining an IP Address 1.A network host needs to obtain a globally unique address in order to function on the Internet. 2.MAC has only significance only in LAN to identify host. 3.Router does not use MAC address( ? ) to forward packets outside LAN. 4.IP addresses are used for Internet communication. 5.IP is hierarchical addressing Scheme that allows individual addresses to be associated together and treated together.

6/3/2015 4a-43 Obtaining an IP Address Regardless of the method chosen no two interfaces can have the same IP address.

6/3/2015 4a-44 Static Assignment of an IP Address 1. Static assignment works best on small, infrequently changing networks. 2. The system administrator manually assigns and tracks IP addresses for each computer, printer, or server on the intranet. 3. Servers should be assigned a static IP address so workstations and other devices will always know how to access needed services. 4. Other devices that should be assigned static IP addresses are network printers, application servers, and routers.

6/3/2015 4a-45 IP addresses: how to get one? r hard-coded by system admin in a file m Wintel: control-panel->network->configuration->tcp/ip->properties m UNIX: /etc/rc.config r DHCP: Dynamic Host Configuration Protocol: dynamically get address: “plug-and-play” m host broadcasts “DHCP discover” msg m DHCP server responds with “DHCP offer” msg m host requests IP address: “DHCP request” msg m DHCP server sends address: “DHCP ack” msg

6/3/2015 4a-46 DHCP client-server scenario

6/3/2015 4a-47 DHCP client-server scenario DHCP server: arriving client time DHCP discover src : , 68 dest.: ,67 DHCPDISCOVER yiaddr: transaction ID: 654 DHCP offer src: , 67 dest: , 68 DHCPOFFER yiaddrr: transaction ID: 654 DHCP server ID: Lifetime: 3600 secs DHCP request src: , 68 dest:: , 67 DHCPREQUEST yiaddrr: transaction ID: 655 DHCP server ID: Lifetime: 3600 secs DHCP ACK src: , 67 dest: , 68 DHCPACK yiaddrr: transaction ID: 655 DHCP server ID: Lifetime: 3600 secs

6/3/2015 4a-48 DHCP IP Address Management DHCP allows a host to obtain an IP address dynamically without the network administrator having to set up an individual profile for each device. All that is required when using DHCP is a defined range of IP addresses on a DHCP server. As hosts come online, they contact the DHCP server and request an address. The DHCP server chooses an address and leases it to that host. With DHCP, the entire network configuration of a computer can be obtained in one message. The major advantage that DHCP has over BOOTP is that it allows users to be mobile. This mobility allows the users to freely change network connections from location to location. The importance to this DHCP advancement is its ability to lease an IP address to a device and then reclaim that IP address for another user after the first user releases it. This means that DHCP offers a one to many ratio of IP addresses and that an address is available to anyone who connects to the network.

6/3/2015 4a-49 IP addresses: how to get one? Network (network portion): r get allocated portion of ISP’s address space: ISP's block /20 Organization /23 Organization /23 Organization /23... ….. …. …. Organization /23

6/3/2015 4a-50 Hierarchical addressing: route aggregation “Send me anything with addresses beginning /20” / / /23 Fly-By-Night-ISP Organization 0 Organization 7 Internet Organization 1 ISPs-R-Us “Send me anything with addresses beginning /16” /23 Organization Hierarchical addressing allows efficient advertisement of routing information:

6/3/2015 4a-51 Hierarchical addressing: more specific routes ISPs-R-Us has a more specific route to Organization 1 “Send me anything with addresses beginning /20” / / /23 Fly-By-Night-ISP Organization 0 Organization 7 Internet Organization 1 ISPs-R-Us “Send me anything with addresses beginning /16 or /23” /23 Organization

6/3/2015 4a-52 IP addressing: the last word... Q: How does an ISP get block of addresses? A: ICANN: Internet Corporation for Assigned Names and Numbers m allocates addresses m manages DNS m assigns domain names, resolves disputes

6/3/2015 4a-53

6/3/2015 4a-54

6/3/2015 4a-55 Address Resolution Protocol (ARP) 1. With TCP/IP networking, a data packet must contain both a destination MAC address and a destination IP address. 2. Some devices will keep tables that contain MAC addresses and IP addresses of other devices that are connected to the same LAN. 3. These are called Address Resolution Protocol (ARP) tables. 4. ARP tables are stored in RAM memory, where the cached information is maintained automatically on each of the devices. 5. Each device on a network maintains its own ARP table. 6. When a network device wants to send data across the network, it uses information provided by the ARP table. 7. When a source determines the IP address for a destination, it then consults the ARP table in order to locate the MAC address for the destination. 8. If the source locates an entry in its table, destination IP address to destination MAC address, it will associate the IP address to the MAC address and then uses it to encapsulate the data. >arp -a

6/3/2015 4a-56 Address Resolution Protocol (ARP) 1.The computer that requires an IP and MAC address pair broadcasts an ARP request. 2.All the other devices on the local area network analyze this request, and if one of the local devices matches the IP address of the request, it sends back an ARP reply that contains its IP-MAC pair. 3.Another method to send data to the address of a device that is on another network segment is to set up a default gateway. 4.If the receiving host is not on the same segment, the source host sends the data using the actual IP address of the destination and the MAC address of the router.

6/3/2015 4a-57 ARP conversation HEY - Everyone please listen! Will please send me his/her Ethernet address? not me Hi Green! I’m , and my Ethernet address is 87:A2:15:35:02:C3

6/3/2015 4a-58 RARP conversation HEY - Everyone please listen! My Ethernet address is 22:BC:66:17:01:75. Does anyone know my IP address ? not me Hi Green! Your IP address is

6/3/2015 4a-59 Getting a datagram from source to dest. IP datagram: A B E misc fields source IP addr dest IP addr data r datagram remains unchanged, as it travels source to destination r addr fields of interest here Dest. Net. next router Nhops routing table in A

6/3/2015 4a-60 Getting a datagram from source to dest. Starting at A, given IP datagram addressed to B: r look up net. address of B r find B is on same net. as A r link layer will send datagram directly to B inside link-layer frame m B and A are directly connected Dest. Net. next router Nhops misc fields data A B E

6/3/2015 4a-61 Getting a datagram from source to dest. Dest. Net. next router Nhops Starting at A, dest. E: r look up network address of E r E on different network m A, E not directly attached r routing table: next hop router to E is r link layer sends datagram to router inside link- layer frame r datagram arrives at r continued….. misc fields data A B E

6/3/2015 4a-62 Getting a datagram from source to dest. Arriving at , destined for r look up network address of E r E on same network as router’s interface m router, E directly attached r link layer sends datagram to inside link-layer frame via interface r datagram arrives at !!! (hooray!) misc fields data network router Nhops interface Dest. next A B E

6/3/2015 4a-63 IP datagram format ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier Internet checksum time to live 32 bit source IP address IP protocol version number header length (bytes) max number remaining hops (decremented at each router) for fragmentation/ reassembly total datagram length (bytes) upper layer protocol to deliver payload to head. len type of service “type” of data flgs fragment offset upper layer 32 bit destination IP address Options (if any) E.g. timestamp, record route taken, specify list of routers to visit.

6/3/2015 4a-64 IP header format

6/3/2015 4a-65 IP header format: Version 4 bits. Indicates the version of IP currently used. –IPv4 : 0100 –IPv6 : bits. Indicates the version of IP currently used. –IPv4 : 0100 –IPv6 : 0110

6/3/2015 4a-66 IP header format: Header length 4 bits. IP header length : Indicates the datagram header length in 32 bit words (4 bits), and thus points to the beginning of the data. 4 bits. IP header length : Indicates the datagram header length in 32 bit words (4 bits), and thus points to the beginning of the data.

6/3/2015 4a-67 IP header format: Service type 8 bits. Specifies the level of importance that has been assigned by a particular upper-layer protocol. Precedence. Reliability. Speed. 8 bits. Specifies the level of importance that has been assigned by a particular upper-layer protocol. Precedence. Reliability. Speed.

6/3/2015 4a-68 IP header format: Total length 16 bits. Specifies the length of the entire IP packet, including data and header, in bytes. 16 bits. Specifies the length of the entire IP packet, including data and header, in bytes.

6/3/2015 4a-69 IP header format: Identification 16 bits. Identification contains an integer that identifies the current datagram. Assigned by the sender to aid in assembling the fragments of a datagram. 16 bits. Identification contains an integer that identifies the current datagram. Assigned by the sender to aid in assembling the fragments of a datagram.

6/3/2015 4a-70 IP header format: Flags 3 bits. The second bit specifying whether the packet can be fragmented. The last bit specifying whether the packet is the last fragment in a series of fragmented packets. 3 bits. The second bit specifying whether the packet can be fragmented. The last bit specifying whether the packet is the last fragment in a series of fragmented packets.

6/3/2015 4a-71 IP header format: Fragment offset 13 bits. The field that is used to help piece together datagram fragments. The fragment offset is measured in units of 8 octets (64 bits). The first fragment has offset zero. 13 bits. The field that is used to help piece together datagram fragments. The fragment offset is measured in units of 8 octets (64 bits). The first fragment has offset zero.

6/3/2015 4a-72 IP header format: Time to Live 8 bits. Time-to-Live maintains a counter that gradually decreases to zero, at which point the datagram is discarded, keeping the packets from looping endlessly. 8 bits. Time-to-Live maintains a counter that gradually decreases to zero, at which point the datagram is discarded, keeping the packets from looping endlessly.

6/3/2015 4a-73 IP header format: Protocol 8 bits. Indicates which upper-layer protocol receives incoming packets after IP processing has been completed 06 : TCP 17 : UDP 8 bits. Indicates which upper-layer protocol receives incoming packets after IP processing has been completed 06 : TCP 17 : UDP

6/3/2015 4a-74 IP header format: Header checksum 16 bits. A checksum on the header only, helps ensure IP header integrity. 16 bits. A checksum on the header only, helps ensure IP header integrity.

6/3/2015 4a-75 IP header format: Addresses 32 bits each. Source IP Address Destination IP Address 32 bits each. Source IP Address Destination IP Address

6/3/2015 4a-76 IP header format: Options Variable length. Allows IP to support various options, such as security, route, error report... Variable length. Allows IP to support various options, such as security, route, error report...

6/3/2015 4a-77 IP header format: Padding The header padding is used to ensure that the internet header ends on a 32 bit boundary.

6/3/2015 4a-78 Anatomy of an IP Packet Version – Specifies the format of the IP packet header. The 4-bit version field contains the number 4 if it is an IPv4 packet and 6 if it is an IPv6 packet. IP header length (HLEN) – Indicates the datagram header length in 32-bit words. Type of service (ToS) – 8 bits that specify the level of importance that has been assigned by a particular upper-layer protocol. Total length – 16 bits that specify the length of the entire packet in bytes. Identification – 16 bits that identify the current datagram. This is the sequence number. Flags – A 3-bit field in which the two low-order bits control fragmentation. One bit specifies if the packet can be fragmented and the other indicates if the packet is the last fragment in a series of fragmented packets. Fragment offset – 13 bits that are used to help piece together datagram fragments. This field allows the previous field to end on a 16-bit boundary.

6/3/2015 4a-79 Anatomy of an IP Packet Time to Live (TTL) – A field that specifies the number of hops a packet may travel. This number is decreased by one as the packet travels through a router. When the counter reaches zero the packet is discarded. This prevents packets from looping endlessly. Protocol – 8 bits that indicate which upper-layer protocol such as TCP or UDP receives incoming packets after the IP processes have been completed. Header checksum – 16 bits that help ensure IP header integrity. Source address – 32 bits that specify the IP address of the node from which the packet was sent. Destination address – 32 bits that specify the IP address of the node to which the data is sent. Options – Allows IP to support various options such as security. The length of this field varies. Padding – Data – Contains upper-layer information and has a variable length of up to 64 bits.

6/3/2015 4a-80 IP Fragmentation & Reassembly r network links have MTU (max.transfer size) - largest possible link-level frame. m different link types, different MTUs r large IP datagram divided (“fragmented”) within net m one datagram becomes several datagrams m “reassembled” only at final destination m IP header bits used to identify, order related fragments fragmentation: in: one large datagram out: 3 smaller datagrams reassembly

6/3/2015 4a-81 IP Fragmentation and Reassembly ID =x offset =0 fragflag =0 length =4000 ID =x offset =0 fragflag =1 length =1500 ID =x offset =1480 fragflag =1 length =1500 ID =x offset =2960 fragflag =0 length =1040 One large datagram becomes several smaller datagrams

6/3/2015 4a-82 ICMP: Internet Control Message Protocol r used by hosts, routers, gateways to communication network-level information m error reporting: unreachable host, network, port, protocol m echo request/reply (used by ping) r network-layer “above” IP: m ICMP msgs carried in IP datagrams r ICMP message: type, code plus first 8 bytes of IP datagram causing error Type Code description 0 0 echo reply (ping) 3 0 dest. network unreachable 3 1 dest host unreachable 3 2 dest protocol unreachable 3 3 dest port unreachable 3 6 dest network unknown 3 7 dest host unknown 4 0 source quench (congestion control - not used) 8 0 echo request (ping) 9 0 route advertisement 10 0 router discovery 11 0 TTL expired 12 0 bad IP header

6/3/2015 4a-83 NAT: Network Address Translation local network (e.g., home network) /24 rest of Internet Datagrams with source or destination in this network have /24 address for source, destination (as usual) All datagrams leaving local network have same single source NAT IP address: , different source port numbers

6/3/2015 4a-84 NAT: Network Address Translation r Motivation: local network uses just one IP address as far as outside word is concerned: m no need to be allocated range of addresses from ISP: - just one IP address is used for all devices m can change addresses of devices in local network without notifying outside world m can change ISP without changing addresses of devices in local network m devices inside local net not explicitly addressable, visible by outside world (a security plus).

6/3/2015 4a-85 NAT: Network Address Translation Implementation: NAT router must: m outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #)... remote clients/servers will respond using (NAT IP address, new port #) as destination addr. m remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair m incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table

6/3/2015 4a-86 NAT: Network Address Translation S: , 3345 D: , : host sends datagram to , 80 NAT translation table WAN side addr LAN side addr , , 3345 …… S: , 80 D: , S: , 5001 D: , : NAT router changes datagram source addr from , 3345 to , 5001, updates table S: , 80 D: , : Reply arrives dest. address: , : NAT router changes datagram dest addr from , 5001 to , 3345

6/3/2015 4a-87 NAT: Network Address Translation r 16-bit port-number field: m 60,000 simultaneous connections with a single LAN-side address! r NAT is controversial: m routers should only process up to layer 3 m violates end-to-end argument NAT possibility must be taken into account by app designers, e.g., P2P applications m address shortage should instead be solved by IPv6

6/3/2015 4a-88 IPv6 r Initial motivation: 32-bit address space will be completely allocated by 2008 r Additional motivation: m streamline the IP protocol to reduce processing overhead

6/3/2015 4a-89 ver total length data (variable length, typically a TCP or UDP segment) 16-bit identifier Internet checksum time to live 32 bit source IP address head. len type of service flgs fragment offset protocol 32 bit destination IP address Options (if any) IPv4 vs. IPv6

6/3/2015 4a-90 Differences Between Ipv4 and IPv6 r Address length: 32 vs. 128 r Fragmentation: IPv6 has no fragmentation r Type of service (TOS): IPv6 has no TOS r Checksum: removed entirely to reduce processing time at each hop r Options: allowed, but outside of header, indicated by “Next Header” field; options specify how to deal with the packet if a header is unknown

6/3/2015 4a-91 Transition From IPv4 To IPv6 r Not all routers can be upgraded simultaneous m no “flag days” m How will the network operate with mixed IPv4 and IPv6 routers? r Two proposed approaches: m Dual Stack: some routers with dual stack (v6, v4) can “translate” between formats m Tunneling: IPv6 carried as payload in IPv4 datagram among IPv4 routers

6/3/2015 4a-92 Dual Stack Approach A B E F IPv6 IPv6/v4 IPv6 C D IPv4 Flow: X Src: A Dest: F data Flow: ?? Src: A Dest: F data Src:A Dest: F data A-to-B: IPv6 Src:A Dest: F data B-to-C: IPv4 B-to-C: IPv4 B-to-C: IPv6

6/3/2015 4a-93 Tunneling A B E F IPv6 tunnel Logical view: Physical view: A B E F IPv6 C D IPv4 Flow: X Src: A Dest: F data Flow: X Src: A Dest: F data Flow: X Src: A Dest: F data Src:B Dest: E Flow: X Src: A Dest: F data Src:B Dest: E A-to-B: IPv6 E-to-F: IPv6 B-to-C: IPv6 inside IPv4 B-to-C: IPv6 inside IPv4

6/3/2015 4a-94 Network Layer: summary What we’ve covered: r network layer services r routing principles: link state and distance vector r hierarchical routing r IP r Internet routing protocols reliable transfer m intra-domain: RIP, OSPF m inter-domain: BGP r IPv6