Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 IP Addressing EE 122: Intro to Communication Networks Fall 2010 (MW 4-5:30 in 101 Barker) Scott Shenker TAs: Sameer Agarwal, Sara Alspaugh, Igor Ganichev,

Published byElisabeth Cannon Modified over 8 years ago

Similar presentations

Presentation on theme: "1 IP Addressing EE 122: Intro to Communication Networks Fall 2010 (MW 4-5:30 in 101 Barker) Scott Shenker TAs: Sameer Agarwal, Sara Alspaugh, Igor Ganichev,"— Presentation transcript:

1 1 IP Addressing EE 122: Intro to Communication Networks Fall 2010 (MW 4-5:30 in 101 Barker) Scott Shenker TAs: Sameer Agarwal, Sara Alspaugh, Igor Ganichev, Prayag Narula http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other colleagues at Princeton and UC Berkeley

2 2 Goals of Today’s Lecture IP addressing Address allocation Brief security analysis of IP’s header design –Leftover from last lecture, will cover if have time

3 3 IP Addressing

4 4 Designing IP’s Addresses Question #1: what should an address be associated with? –E.g., a telephone number is associated not with a person but with a handset Question #2: what structure should addresses have? What are the implications of different types of structure? Question #3: who determines the particular addresses used in the global Internet? What are the implications of how this is done?

5 5 IP Addresses (IPv4) A unique 32-bit number Identifies an interface (on a host, on a router, …) Represented in dotted-quad notation. E.g, 12.34.158.5: 0000110000100010 1001111000000101 12341585

6 Examples What address is this? How would you represent 68.115.183.7 6 0101000000010011 1111000000110011 10001001110011 1011011100000111 80.19.240.51

7 What Are Addresses Used For? Network uses addresses to figure out where to forward packets Routers are the network devices that forward packets based on IP addresses What do “switches” do? –Route on Layer-2 addresses (e.g., MAC addresses) 7

8 8 Routers Router consists of –Set of input interfaces where packets arrive –Set of output interfaces from which packets depart –Some form of interconnect connecting inputs to outputs Router implements –Forward packet to corresponding output interface –Manage bandwidth and buffer space resources host LAN 1... host LAN 2... router WAN Router

9 9 Forwarding Table Store mapping between IP addresses and output interfaces –Forward incoming packets based on destination address …… 31.2.3.6 1 1.2.3.5 1 2 1.2.3.4 2

10 10 Scalability Challenge Suppose hosts had arbitrary addresses –Then every router would need a lot of information –…to know how to direct packets toward the host host LAN 1... host LAN 2... router WAN 1.2.3.45.6.7.82.4.6.81.2.3.55.6.7.92.4.6.9 1.2.3.4 1.2.3.5 forwarding table

11 Two Universal Tricks in CS When you need more flexibility, you add… –A layer of indirection When you need more scalability, you impose… –A hierarchical structure 11

12 12 Hierarchical Addressing in U.S. Mail Addressing in the U.S. mail –Zip code: 94704 –Street: Center Street –Building on street: 1947 –Location in building: Suite 600 –Name of occupant: Scott Shenker Forwarding the U.S. mail –Deliver letter to the post office in the zip code –Assign letter to mailman covering the street –Drop letter into mailbox for the building/room –Give letter to the appropriate person ???

13 Who Knows What? Does anyone in the US Mail system know where every house is? Separate routing tables at each level of hierarchy –Each of manageable scale 13

14 14 Hierarchical Structure The Internet is an “inter-network” –Used to connect networks together, not hosts –Natural two-level hierarchy: oWAN delivers to right LAN oLAN delivers to right host host LAN 1... host LAN 2... router WAN LAN = Local Area Network WAN = Wide Area Network

15 15 Hierarchical Addressing Prefix is network address: suffix is host address 12.34.158.0/23 is a 23-bit prefix with 2 9 addresses –Terminology: “Slash 23” 0000110000100010 1001111000000101 Network (23 bits)Host (9 bits) 12341585

16 16 IP Address and a 23-bit Subnet Mask 0000110000100010 1001111000000101 12341585 11111111 1111111000000000 255 2540 Address Mask

17 17 Scalability Improved Number related hosts with same prefix –1.2.3.0/24 on the left LAN –5.6.7.0/24 on the right LAN host LAN 1... host LAN 2... router WAN 1.2.3.41.2.3.71.2.3.1565.6.7.85.6.7.95.6.7.212 1.2.3.0/24 5.6.7.0/24 forwarding table

18 18 Easy to Add New Hosts No need to update the routers –E.g., adding a new host 5.6.7.213 on the right –Doesn’t require adding a new forwarding entry host LAN 1... host LAN 2... router WAN 1.2.3.41.2.3.71.2.3.1565.6.7.85.6.7.95.6.7.212 1.2.3.0/24 5.6.7.0/24 forwarding table host 5.6.7.213

19 Original Internet Addresses First eight bits: network address (/8) Last 24 bits: host address Assumed 256 networks were more than enough! 19

20 20 Next Design: Classful Addressing –Class A: if first byte in [0..127], assume /8 (top bit = 0) oVery large blocks (e.g., MIT has 18.0.0.0/8) –Class B: first byte in [128..191]  assume /16 (top bits = 10) oLarge blocks (e.g,. UCB has* 128.32.0.0/16) –Class C: [192..223]  assume /24 (top bits = 110) oSmall blocks (e.g., ICIR has 192.150.187.0/24) o(My house has a /25) 0*************** 10************** 110*************

21 21 Classful Addressing (cont’d) –Class D: [224..239] (top bits 1110) oMulticast groups –Class E: [240..255] (top bits 11110) oReserved for future use What problems can classful addressing lead to? –Only comes in 3 sizes –Routers can end up knowing about many class C’s 1110************ 11110***********

22 Today’s Addressing: CIDR CIDR = Classless Interdomain Routing Flexible boundary between network and host addresses Must specify both address and mask, to clarify where the network address ends and the host address begins –Classful addressing communicate this with first few bits –CIDR requires explicit mask 22

23 23 CIDR Addressing IP Address : 12.4.0.0 IP Mask: 255.254.0.0 0000110000000100 00000000 1111111111111110 00000000 Address Mask for hostsNetwork Prefix Use two 32-bit numbers to represent a network. Network number = IP address + Mask Written as 12.4.0.0/15 or 12.4/15

24 24 CIDR: Hierarchal Address Allocation 12.0.0.0/8 12.0.0.0/15 12.253.0.0/16 12.2.0.0/16 12.3.0.0/16 :::: 12.3.0.0/22 12.3.4.0/24 :::: 12.3.254.0/23 12.253.0.0/19 12.253.32.0/19 12.253.64.0/19 12.253.64.108/30 12.253.96.0/18 12.253.128.0/17 :::::: Prefixes are key to Internet scalability –Addresses allocated in contiguous chunks (prefixes) –Routing protocols and packet forwarding based on prefixes :

25 25 Scalability: Address Aggregation Provider is given 201.10.0.0/21 (201.10.0.x.. 201.10.7.x) 201.10.0.0/22201.10.4.0/24201.10.5.0/24201.10.6.0/23 Provider Routers in the rest of the Internet just need to know how to reach 201.10.0.0/21. The provider can direct the IP packets to the appropriate customer.

26 26 Aggregation Not Always Possible 201.10.0.0/21 201.10.0.0/22 201.10.4.0/24 201.10.5.0/24 201.10.6.0/23 Provider 1Provider 2 Multi-homed customer with 201.10.6.0/23 has two providers. Other parts of the Internet need to know how to reach these destinations through both providers.  /23 route must be globally visible

27 27 Growth in Routed Prefixes (1989-2005) Initial growth super-linear; no aggregation Advent of CIDR allows aggregation: linear growth Internet boom: multihoming drives superlinear growth Dot-com implosion; Internet bubble bursts Back in business

28 28 Special-Purpose Address Blocks Private addresses –By agreement, not routed in the public Internet –For networks not meant for general Internet connectivity –Blocks: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 Link-local –By agreement, not forwarded by any router –Used for single-link communication only –Intent: autoconfiguration (especially when DHCP fails) –Block: 169.254.0.0/16 Loopback –Address blocks that refer to the local machine –Block: 127.0.0.0/8 –Usually only 127.0.0.1/32 is used Limited broadcast –Sent to every host attached to the local network –Block: 255.255.255.255/32

29 29 Summary of IP Addressing Scalability Through Non-Uniform Hierarchy Hierarchical addressing –Critical for scalable system –Don’t require everyone to know everyone else –Reduces amount of updating when something changes Non-uniform hierarchy –Useful for heterogeneous networks of different sizes –Class-based addressing was far too coarse –Classless InterDomain Routing (CIDR) more flexible

30 Editorial Internet started with simple addressing design: –Two-layer hierarchy: network and host –Addresses in each hierarchy not tied to network topology Address exhaustion led to a less clean design –CIDR is based on flexible aggregation –Aggregation relies on topological numbering In “our” design, names were –Semantic-free –Verifiable Internet addresses violate both of these conditions –Spoofing, problems with mobility, etc. 30

31 31 5 Minute Break Questions Before We Proceed?

32 32 Address Allocation

33 33 Obtaining a Block of Addresses Allocation is also hierarchical –Prefix: assigned to an institution –Addresses: assigned by the institution to their nodes Who assigns prefixes? –Internet Corporation for Assigned Names and Numbers oAllocates large address blocks to Regional Internet Registries oICANN is politically charged –Regional Internet Registries (RIRs) oE.g., ARIN (American Registry for Internet Numbers) oAllocates address blocks within their regions oAllocated to Internet Service Providers and large institutions ($$) –Internet Service Providers (ISPs) oAllocate address blocks to their customers (could be recursive) Often w/o charge

34 34 Figuring Out Who Owns an Address Address registries –Public record of address allocations –Internet Service Providers (ISPs) should update when giving addresses to customers –However, records are notoriously out-of-date Ways to query –UNIX: “whois –h whois.arin.net 169.229.60.27” –http://www.arin.net/whois/ –http://www.geektools.com/whois.php –…–…

35 35 Are 32-bit Addresses Enough? Not all that many unique addresses –2 32 = 4,294,967,296 (just over four billion) –Plus, some (many) reserved for special purposes –And, addresses are allocated in larger blocks And, many devices need IP addresses –Computers, PDAs, routers, tanks, toasters, … Long-term solution ( perhaps ): larger address space –IPv6 has 128-bit addresses (2 128 = 3.403 × 10 38 ) Short-term solutions: limping along with IPv4 –Private addresses –Dynamically-assigned addresses (DHCP) –Network address translation (NAT)

36 36 Network Address Translation (NAT) Before NAT… –Every machine connected to Internet had unique IP address 1.2.3.4 1.2.3.5 5.6.7.8 LAN Clients Server Internet 1.2.3.45.6.7.8801001 dest addr src addr dst port src port 5.6.7.81.2.3.4801001

37 37 NAT (cont’d) Independently assign addresses to machines behind same NAT –Usually in address block 192.168.0.0/16 Use bogus port numbers to multiplex/demultiplex internal addresses 192.2.3.4 192.2.3.5 5.6.7.8 Clients Server Internet NAT 1.2.3.4 5.6.7.8192.2.3.4801001 192.2.3.4:1001 1.2.3.4:2000 5.6.7.81.2.3.48020001.2.3.45.6.7.88020005.6.7.8192.2.3.4801001

38 38 NAT (cont’d) Independently assign addresses to machines behind same NAT –Usually in address block 192.168.0.0/16 Use bogus port numbers to multiplex demultiplex internal addresses 192.2.3.4 192.2.3.5 5.6.7.8 Clients Server Internet NAT 1.2.3.4 192.2.3.4:1001 1.2.3.4:2000 5.6.7.81.2.3.48020011.2.3.45.6.7.88020015.6.7.8192.2.3.5801001 192.2.3.5:1001 1.2.3.4:2001 5.6.7.8192.2.3.5801001

39 39 Hard Policy Questions How much address space per geographic region? –Equal amount per country? –Proportional to the population? –What about addresses already allocated? Address space portability? –Keep your address block when you change providers? –Pro: avoid having to renumber your equipment –Con: reduces the effectiveness of address aggregation Keeping the address registries up to date? –What about mergers and acquisitions? –Delegation of address blocks to customers? –As a result, the registries are often out of date

40 40 Summary of IP Addressing 32-bit numbers identify interfaces Allocated in prefixes Non-uniform hierarchy for scalability and flexibility –Routing is based on CIDR A number of special-purpose blocks reserved Address allocation: –ICANN  RIR  ISP  customer network  host Issues to be covered later –How hosts get their addresses (DHCP) –How to map from an IP address to a link address (ARP)

41 Quick Security Analysis 41

42 Focus on Sender Attacks Ignore (for now) attacks by others: –Traffic analysis –Snooping payload –Denial of service Here we look at vulnerabilities sender can exploit 42

43 IP Packet Structure 4-bit Version 4-bit Header Length 8-bit Type of Service (TOS) 16-bit Total Length (Bytes) 16-bit Identification 3-bit Flags 13-bit Fragment Offset 8-bit Time to Live (TTL) 8-bit Protocol 16-bit Header Checksum 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

44 44 IP Address Integrity Source address should be the sending host –But, who’s checking, anyway? –You could send packets with any source you want –Why is checking hard?

45 45 IP Address Integrity, con’t Why would someone use a bogus source address? Launch a denial-of-service attack –Send excessive packets to the destination –… to overload the node, or the links leading to the node –But: victim can identify/filter you by the source address Evade detection by “spoofing” –Put someone else’s source address in the packets oOr: use a lot of different ones so can’t be filtered Or: as a way to bother the spoofed host –Spoofed host is wrongly blamed –Spoofed host may receive return traffic from the receiver

46 Security Implications of IP’s Design 4-bit Version 4-bit Header Length 8-bit Type of Service (TOS) 16-bit Total Length (Bytes) 16-bit Identification 3-bit Flags 13-bit Fragment Offset 8-bit Time to Live (TTL) 8-bit Protocol 16-bit Header Checksum 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

47 47 Security Implications, con’t Version field (4 bits) …. ? –Issue: fledgling IPv6 deployment means sometimes connectivity exceeds security enforcement oE.g., firewall rules only set up for IPv4 Header length (4 bits) …. ? –Controls presence of IP options oE.g., Source Route lets sender control path taken through network - say, sidestep security monitoring –Non-obvious difficulty: IP options often processed in router’s slow path oAllows attacker to stress router for denial-of-service –Often, today’s firewalls configured to drop packets with options.

48 IP Packet Structure 4-bit Version 4-bit Header Length 8-bit Type of Service (TOS) 16-bit Total Length (Bytes) 16-bit Identification 3-bit Flags 13-bit Fragment Offset 8-bit Time to Live (TTL) 8-bit Protocol 16-bit Header Checksum 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

49 49 Security Implications of TOS? (8 bits) What if attacker sets TOS for their flooding traffic for prioritized delivery? –If regular traffic does not set TOS, then network prefers the attack traffic, greatly compounding damage What if network charges for TOS traffic … –… and attacker spoofs the victim’s source address? (denial-of-money) In general, in today’s network TOS does not work –Due to very hard problems with billing –TOS has now been redefined for Differential Service oDiscussed later in course

50 IP Packet Structure 4-bit Version 4-bit Header Length 8-bit Type of Service (TOS) 16-bit Total Length (Bytes) 16-bit Identification 3-bit Flags 13-bit Fragment Offset 8-bit Time to Live (TTL) 8-bit Protocol 16-bit Header Checksum 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

51 51 Security Implications of Fragmentation? Allows evasion of network monitoring/enforcement E.g., split an attack across multiple fragments –Packet inspection won’t match a “signature” E.g., split TCP header across multiple fragments –Firewall can’t tell anything about connection associated with traffic Both of these can be addressed by monitor remembering previous fragments –But that costs state Nasty-at Offset=0 tack-bytes Offset=8

52 52 Fragmentation Attacks, con’t What if 2 overlapping fragments are inconsistent? How does network monitor know whether receiver sees USERNAME NICE or USERNAME EVIL ? USERNAME Offset=0 NICE Offset=8 EVIL Offset=8

53 53 Fragmentation Attacks, con’t What if fragments exceed IP datagram limit? –Maximum size of 13-bit field: 0x1FFF = 8191 Byte offset into final datagram = 8191*8 = 65528 Length of final datagram = 65528 + 9 = 65537 Result: kernel crash –Denial-of-service using just a few packets –Fixed in modern OS’s NineBytes Offset=65528

54 54 Fragmentation Attacks, con’t What happens if attacker doesn’t send all of the fragments in a datagram? Receiver (or firewall) winds up holding the ones they receive for a long time –State-holding attack

55 IP Packet Structure 4-bit Version 4-bit Header Length 8-bit Type of Service (TOS) 16-bit Total Length (Bytes) 16-bit Identification 3-bit Flags 13-bit Fragment Offset 8-bit Time to Live (TTL) 8-bit Protocol 16-bit Header Checksum 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

56 56 Security Implications of TTL? (8 bits) Allows discovery of topology (a la traceroute) Can provide a hint that a packet is spoofed –It arrives at a router w/ a TTL different than packets from that address usually have oBecause path from attacker to router has different # hops –Though this is brittle in the presence of routing changes Initial value that’s picked is somewhat distinctive to sender’s operating system. This plus other such initializations allow OS fingerprinting … –Which in turn can allow attacker to infer its likely vulnerabilities

57 57 Security Implications of Remainder? No apparent problems with protocol field (8 bits) –It’s just a demux’ing handle –If value set incorrectly, next higher layer will find packet ill-formed Similarly, bad IP checksum field (16 bits) will very quickly cause packet to be discarded by the network

58 58 Next Lecture IP Forwarding; Transport protocols Read K&R: 3-3.4

Download ppt "1 IP Addressing EE 122: Intro to Communication Networks Fall 2010 (MW 4-5:30 in 101 Barker) Scott Shenker TAs: Sameer Agarwal, Sara Alspaugh, Igor Ganichev,"

Similar presentations

Introduction to IPv6 Presented by: Minal Mishra. Agenda IP Network Addressing IP Network Addressing Classful IP addressing Classful IP addressing Techniques.

Introduction to IPv6 Presented by: Minal Mishra. Agenda IP Network Addressing IP Network Addressing Classful IP addressing Classful IP addressing Techniques.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
4 IP Address (IPv4)  A unique 32-bit number  Identifies an interface (on a host, on a router, …)  Represented in dotted-quad notation 0000110000100010.

4 IP Address (IPv4)  A unique 32-bit number  Identifies an interface (on a host, on a router, …)  Represented in dotted-quad notation
CS 453 Computer Networks Lecture 20 Layer 3Network Layer Network Layer of the Internet.

CS 453 Computer Networks Lecture 20 Layer 3Network Layer Network Layer of the Internet.
Fundamentals of Computer Networks ECE 478/578 Lecture #14: InternetWorking Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.

Fundamentals of Computer Networks ECE 478/578 Lecture #14: InternetWorking Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.
IPv4 Addresses. Internet Protocol: Which version? There are currently two versions of the Internet Protocol in use for the Internet IPv4 (IP Version 4)

IPv4 Addresses. Internet Protocol: Which version? There are currently two versions of the Internet Protocol in use for the Internet IPv4 (IP Version 4)
Chapter 18. IP: Internet Protocol Addresses

Chapter 18. IP: Internet Protocol Addresses
Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.

Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.
IP Address 1. 2 Network layer r Network layer protocols in every host, router r Router examines IP address field in all IP datagrams passing through it.

IP Address 1. 2 Network layer r Network layer protocols in every host, router r Router examines IP address field in all IP datagrams passing through it.
1 EE 122: IP Addressing Ion Stoica TAs: Junda Liu, DK Moon, David Zats (Materials with thanks to Vern Paxson, Jennifer.

1 EE 122: IP Addressing Ion Stoica TAs: Junda Liu, DK Moon, David Zats (Materials with thanks to Vern Paxson, Jennifer.
Chapter 5 The Network Layer.

Chapter 5 The Network Layer.
1 K. Salah Module 5.1: Internet Protocol TCP/IP Suite IP Addressing ARP RARP DHCP.

1 K. Salah Module 5.1: Internet Protocol TCP/IP Suite IP Addressing ARP RARP DHCP.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6961:Internet Protocols Quiz 1: Solutions Time: 60 min (strictly enforced) Points: 50 YOUR.

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6961:Internet Protocols Quiz 1: Solutions Time: 60 min (strictly enforced) Points: 50 YOUR.
1 Transport and TCP EE122 Fall 2011 Scott Shenker Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson.

1 Transport and TCP EE122 Fall 2011 Scott Shenker Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson.
11- IP Network Layer4-1. Network Layer4-2 The Internet Network layer forwarding table Host, router network layer functions: Routing protocols path selection.

11- IP Network Layer4-1. Network Layer4-2 The Internet Network layer forwarding table Host, router network layer functions: Routing protocols path selection.
1 IP Addressing and Forwarding EE122 Fall 2011 Scott Shenker Materials with thanks to Jennifer Rexford, Ion Stoica,

1 IP Addressing and Forwarding EE122 Fall 2011 Scott Shenker Materials with thanks to Jennifer Rexford, Ion Stoica,
IP Address 1. 2 Network layer r Network layer protocols in every host, router r Router examines IP address field in all IP datagrams passing through it.

IP Address 1. 2 Network layer r Network layer protocols in every host, router r Router examines IP address field in all IP datagrams passing through it.
TDC375 Autumn 03/04 John Kristoff - DePaul University 1 Network Protocols Internet Protocol (IP)

TDC375 Autumn 03/04 John Kristoff - DePaul University 1 Network Protocols Internet Protocol (IP)
IP Addressing and Forwarding COS 461: Computer Networks Spring 2011 Mike Freedman 1.

IP Addressing and Forwarding COS 461: Computer Networks Spring 2011 Mike Freedman 1.
IP Addressing and Forwarding COS 461: Computer Networks Spring 2009 (MW 1:30-2:50 in COS 105) Michael Freedman

IP Addressing and Forwarding COS 461: Computer Networks Spring 2009 (MW 1:30-2:50 in COS 105) Michael Freedman

Similar presentations

Ads by Google