ARP ARP is encapsulated in a frame. The type field in the frame header specifies that the frame contains an ARP message. IP asks ARP to create an ARP request –Sender IP & Physical, target IP and 0s Physical. This is send to data link layer, where a it is encapsulated into a frame with senders physical and broadcast address as receiver. All machines hear, intended machine keeps and others drop the message. The appropriate receiver replies, unicast, with physical addresses of sender and receiver.
ARP cashing and Message Processing Since many packets travel from source to destination, it is inefficient to have ARP request and response for each. To reduce network traffic, ARP software extracts and saves the information from response so it can be used for subsequent packets. It is kept in RAM (cache) rather than disk drive. When the cache run out of space, the oldest entry is replaced. When an address needs to be resolved, look in the cache first. A cache can be updated with request or response. See the algorithm on page 387. Both originator and target update their cache entries. Other listening computers do not update cache, other wise their cache will fill up quickly.
Echo request and reply are used by ping. Echo-request and echo-reply messages can test the reachability of a host. This is usually done by invoking the ping command. Timestamp-request and timestamp-reply messages can be used to calculate the round-trip time between a source and a destination machine even if their clocks are not synchronized. We use the traceroute program to find the route
BOOTP –Bootstrap Protocol –An earlier protocol: RARP allowed a computer to obtain an IP address from the server. It became obsolete because of BOOTP which has more features. Bootp can be anywhere on the internet whereas RARP has to be one the same network. –BOOTP is still used if the machine boots remotely. BOOTP provides IP address, mask and address of a default router in a single step. –Bootp communicates using IP. Request was sent to destination address with all 1’s, and used all 0’s as the source address. Bootp server responded using the MAC address. Bootp keeps a table of MAC addresses and corresponding IP addresses. So it used a static address for each machine. The administrator maintains this table. –Boot prom can be installed on a network card. Used with diskless workstations. –Not very efficient if computers change rapidly.
DHCP Dynamic Host Configuration Protocol It becomes difficult to keep track of all the MAC and IP addresses, particularly when computers come and go such as in the case of large organizations or WIFI. DHCP provides a mechanism that allows an arbitrary computer to join a new network and obtain and IP address automatically. The administrator does not need to make an entry. DHCP can provide a static IP or a dynamic IP. DHCP leases out the IP addresses for a fixed period of time. The server keeps a pool of available IP addresses. When the lease expires, a host can choose to relinquish the address or renegotiate to extend the lease.
DHCP operation and optimizations Recovery from loss or duplication –Missing or duplicate packets do not result in misconfiguration. Caching a server address –Once a server is found, its address is kept for asking for lease renewal. Otherwise another DHCP server might respond. Avoidance of synchronized flooding –In case multiple machines reboots simultaneously after a power failure lines can be flooded with dhcp requests. DHCP requires each host to delay a random time before transmitting a request.
Indirect DHCP server access through a relay Each individual network does not have to have a DHCP server. Instead, a DHCP relay agent forwards requests and responses between a client and the server. At least one relay agent must be present on each network, and that agent must be configured with the address of the appropriate DHCP server. The relay agents forwards responses to the client. Discuss DHCP redundancy.
NAT Network Address Translation Multiple devices at a site to share a SINGLE GLOBAL IP address (or a POOL of IP addresses) A host at the site appears to have a normal Internet connection. NAT run as an in-line service (NAT must be placed between the computer and the internet). NAT usually resides in the router. Single valid public IP and many private IP addresses. The public IP address is assigned to the router (wan side). Before a datagram from the site can be allowed onto the Internet, NAT must translate the private IP address into a globally valid IP address. Similarly the NAT must translate an incoming IP address destined for a host into a private IP address.
NAT table The NAT device replaces the private source address with it’s own public IP address. As a packet reaches NAT from a private IP, it creates a table of destination address and source address, for in and out. Example: OUT if source is 192.168.0.1, the new value placed in there is 184.108.40.206, destination of 220.127.116.11, no change. IN source address 18.104.22.168, no change, destination 22.214.171.124 change to 192.168.0.1. Can only handle situations in which each host at a site communicates with a unique server on the internet. A pool of public IP address would make communication faster.
Transport-Layer NAT If two computers contacts the same destination address the above example would not work. If two hosts at the site attempt to communicate with remote server x, the translation table will contain multiple entries for X, and NAT will not be able to route incoming datagrams. Also, in case two or more applications running on a given host at a site attempt simultaneous communication with different destination on the Internet, the forwarding table will end up with duplicates. Then private port address is added to the table. One might be assigned port 1400, and the other 1401.
NAPT Network Address and Port Translation –Allows a site to have arbitrary numbers of applications running on arbitrary hosts, all communicating simultaneously with arbitrary destinations on the internet. –Most people do not use the acronym NAPT, instead NAT is used to refer to all of these situations. –Since port numbers are associated with the transport layer, it is also known as transport layer NAT.
NAT and Servers Automatic table construction does not work well for communication initiated from the internet to multiple servers in a particular site. The NAT device cannot know which computer should receive an incoming web connection. Twice NAT, a variant of NAT, allows the local DNS to create a new entry in the table on the NAT device when a remote system looks up the name of a computer at the site. This way the NAT is able to look up the table as the first packet arrives. Twice NAT fails when the DNS server is not queried first (using IP address) and when a client uses a DNS proxy to resolve domain names.