Presentation is loading. Please wait.

Presentation is loading. Please wait.

11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.1 CSE565: Computer Security Lecture 22 IP Basics Shambhu Upadhyaya Computer Science & Eng. University.

Published byCameron Hutchinson Modified over 8 years ago

Similar presentations

Presentation on theme: "11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.1 CSE565: Computer Security Lecture 22 IP Basics Shambhu Upadhyaya Computer Science & Eng. University."— Presentation transcript:

1 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.1 CSE565: Computer Security Lecture 22 IP Basics Shambhu Upadhyaya Computer Science & Eng. University at Buffalo Buffalo, New York 14260

2 11/12/15UB Fall 2015 Outline  IP (November 12, 2015)  IP Security architecture (November 17, 2015)  Authentication Header  Key Management CSE565: S. Upadhyaya Lec 22.2

3 11/12/15UB Fall 2015 The Role of IP  IP provides functionality to interconnected devices across multiple networks  IP is implemented in each end system and routers  The routers along the way must cope up with:  Addressing schemes (IEEE 802 vs. X.25)  Maximum packet sizes (fragmentation)  Interfaces (hardware/software)  Reliability (should be independent of it) CSE565: S. Upadhyaya Lec 22.3

4 11/12/15UB Fall 2015 Some Issues of IP  Data at higher level are encapsulated in a PDU (protocol data unit)  PDU is passed through one or more networks and connected routers and to the end system  IP header must contain all the necessary addresses  No reliability assurance  Intermediate subnets need not be concerned about reliability requirements  TCP takes care of reliability CSE565: S. Upadhyaya Lec 22.4

5 11/12/15UB Fall 2015 Configuration of TCP/IP CSE565: S. Upadhyaya Lec 22.5 Figure: Configuration for TCP/IP Example

6 11/12/15UB Fall 2015 Operation of Routers  IP is implemented in all end systems and routers  End systems must have compatible protocols above IP  Routers need only have up through IP CSE565: S. Upadhyaya Lec 22.6

7 11/12/15UB Fall 2015 Operation, Contd.  Block of data from X to Y  PDU is created and IP layer attaches a header (global Internet address of Y)  Since Y is on another network, the packet needs to be sent to router 1 in the form of an LLC PDU  Upon receiving, MAC layer constructs a MAC packet and sticks in the address of router 1  After examination, router 1 routes packets to router 2 (wrapping in another format if necessary)  Router 2 strips off header to determine that the IP packet is destined to Y  Router 2 creates a packet with destination address of Y and sends it onto the LAN  Y removes all headers and forwards data to upper CSE565: S. Upadhyaya Lec 22.7

8 Router, Switch and Hub  Router is like a computer - acts as gateway  Joins together multiple LANs to a WAN  Works at layer 3 of OSI  Switch is less sophisticated  Must designate a computer as a gateway  Works at layer 2 of OSI  Connects devices to form a LAN  Hub is used to connect segments of LAN  Works at layer 1 of OSI  It is like a splitter 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.8

9 11/12/15UB Fall 2015 IPv4  20 bytes or 160 bits (minimum)  32 bit address (4.3 billion IP addresses)  Study shows that available address space would not last long  In April 2014, North American Registry for Internet Numbers (ARIN), announced it had reached "phase 4" of its IPv4 countdown plan, with fewer than 17 million IPv4 addresses remaining CSE565: S. Upadhyaya Lec 22.9

10 The Grim Story of IPv4  ARIN had fewer than 17M addresses left last year  ARIN has tightened the address supply and now has run out of it  APNIC (Asia-Pacific registry) reached the 17M threshold four years ago  RIPE NCC (Europe) reached its threshold less than three years ago  Latin America and Caribbean directories in similar status  AfriNIC in Africa is continuing to supply IPv4 addresses 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.10

11 How Did We Get Here  In the 80’s protocols used 16 bit addresses  The Internet growth was not predicted well  Making the addresses a meager 32 bits was a big failure of imagination  It took only a decade before IP address numbering ran into trouble  Initially a class system – A,B,C to handle networks and hosts  This was later abolished, which improved situation a bit 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.11

12 Use of IP Address Space 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.12

13 Classless Regime  Deployment of new IP address space slowed down to a much more sustainable pace as the Internet boomed in late 90’s  Around 2000  More and more broadband always-on connections  Few years later  Millions of smartphones continuously connected  Day was saved by NAT adoption 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.13

14 NAT Details  These days people use more than one PC  ISPs provide more IP addresses for a fee  Cheaper solution is to share a single add.  With NAT, you get IP addresses from 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16 address ranges set aside for private use  A home router that implements NAT then translates between the internal address and the regular, public address given out by the ISP 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.14

15 The Stanford vs. China Story  More than a decade ago, Stanford held more IPv4 addresses than the entire China  However, by 2006, organizations in China held a total of 98M IP addresses  Today, China has given out a total of 330M addresses  China is the second largest holder of IPv4 addresses, behind the US with 1.591 billion  China: 1 address for 4, US: 1 user 5 addresses  If each user in the world deserves one, we have a problem! 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.15

16 IP Addresses Held By Country 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.16

17 So, What Now?  IPv6 is the solution  Read the article: “With the Americas running out of IPv4, it’s official: The Internet is full” by Iljitsch van Beijnum at arstechnica.com  (http://arstechnica.com/information- technology/2014/06/with-the-americas- running-out-of-ipv4-its-official-the-internet- is-full/)http://arstechnica.com/information- technology/2014/06/with-the-americas- running-out-of-ipv4-its-official-the-internet- is-full/  Also read: http://arstechnica.com/information- technology/2015/07/us-exhausts-new-ipv4- addresses-waitlist-begins/ http://arstechnica.com/information- technology/2015/07/us-exhausts-new-ipv4- addresses-waitlist-begins/ 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.17

18 11/12/15UB Fall 2015 IPv6  Fixed length of 40 octets  128 bit addresses ( 5x10 28 addresses for each of the 7 billion people)  U.S. government specified network backbones at federal agencies must deploy IPv6 by 2008 – the adoption is slow due to lack of client base  Major backbone networks – Amazon, Comcast, HSBC, Akamai, Verizon, etc. have deployed IPv6 CSE565: S. Upadhyaya Lec 22.18

19 Summary  IPv4 has already run out of address space  IPv6 initiative started in 1995 but adoption is slow, will become main stream soon  Products such as Microsoft OS have support for IPv6 and are enabled by default  IPv6 has no backward compatibility since headers are significantly different  You need to run dual stacks to serve both types of networks  Situation is similar to WEP and RSN in the wireless security domain 11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.19

Download ppt "11/12/15UB Fall 2015 CSE565: S. Upadhyaya Lec 22.1 CSE565: Computer Security Lecture 22 IP Basics Shambhu Upadhyaya Computer Science & Eng. University."

Similar presentations

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
4 IP Address (IPv4)  A unique 32-bit number  Identifies an interface (on a host, on a router, …)  Represented in dotted-quad notation 0000110000100010.

4 IP Address (IPv4)  A unique 32-bit number  Identifies an interface (on a host, on a router, …)  Represented in dotted-quad notation
Addressing the Network IPv4

Addressing the Network IPv4
IPv4 Addresses. Internet Protocol: Which version? There are currently two versions of the Internet Protocol in use for the Internet IPv4 (IP Version 4)

IPv4 Addresses. Internet Protocol: Which version? There are currently two versions of the Internet Protocol in use for the Internet IPv4 (IP Version 4)
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Prepared By: Eng.Ola M. Abd El-Latif

Prepared By: Eng.Ola M. Abd El-Latif
Communicating over the Network

Communicating over the Network
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Introduction to TCP/IP

Introduction to TCP/IP
Internet Protocol-IP. Objective l TCP/IP vs. OSI models l CO vs. CL protocols l IP Features »Fragmentation »Routing l IP Datagram Format l IPv6.

Internet Protocol-IP. Objective l TCP/IP vs. OSI models l CO vs. CL protocols l IP Features »Fragmentation »Routing l IP Datagram Format l IPv6.
1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.

1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.
Computer Networks with Internet Technology William Stallings

Computer Networks with Internet Technology William Stallings
CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.

CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.
Networking Components Chad Benedict – LTEC 4550 1.

Networking Components Chad Benedict – LTEC
Basic Networking Components

Basic Networking Components
Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.

Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.
Types of Addresses in IPv4 Network Range

Types of Addresses in IPv4 Network Range
1 26-Aug-15 Addressing the network using IPv4 Lecture # 2 Engr. Orland G. Basas Prepared by: Engr. Orland G. Basas IT Lecturer.

1 26-Aug-15 Addressing the network using IPv4 Lecture # 2 Engr. Orland G. Basas Prepared by: Engr. Orland G. Basas IT Lecturer.
1 26-Aug-15 S Ward Abingdon and Witney College CCNA Exploration Semester 1 Addressing the network IPv4 CCNA Exploration Semester 1 Chapter 6.

1 26-Aug-15 S Ward Abingdon and Witney College CCNA Exploration Semester 1 Addressing the network IPv4 CCNA Exploration Semester 1 Chapter 6.
4: Addressing Working At A Small-to-Medium Business or ISP.

4: Addressing Working At A Small-to-Medium Business or ISP.

Similar presentations

Ads by Google