ch. 9 – address allocation, resolution, and packet forwarding (tcp/ip)

Ch. 9 – Address Allocation, Resolution, and Packet Forwarding (TCP/IP)

TCP/IP

• Most of the introduction to TCP/IP will be covered in Chapter 11.

IP Addressing

• Static

• Dynamic

Static IP Addressing

• You have to go to each individual device– Meticulous records must

be kept– No duplicate IP addresses

Dynamic Addressing

• Dynamic Host Configuration Protocol (DHCP)– Successor to BOOTP– Allows host to obtain an IP address quickly and dynamically– Uses a defined range of IP address

DHCP – Getting more than the IP Address

BOOTP

• BOOTP (Bootstrap Protocol)

• Provides IP address, subnet mask, default gateway IP address and DNS IP address.

Disadvantage:

• BOOTP is not a dynamic configuration protocol (like DHCP).

• When a client requests an IP address the BOOTP server looks up its MAC address in a table to find the IP address.

• This binding is predetermined.

• What if the computer is moved to another subnet/network?

• Use DHCP!

The ARP Table

• The ARP table is stored in area of Random-Access Memory on each host.

• Such an area of memory is often called a cache. The ARP table is often referred to as an ARP cacheARP cache.

• Entries in the ARP table “age out.” They are removed from the table after a period of inactivity.

Aging Out

• For Microsoft Windows hosts:– Initial mappings have a 2-minute time-to-live.– An entry that is used twice in 2 minutes is

automatically given a 10-minute time-to-live.

Using a default gateway

• If the destination IP address is not on the same subnet (or network), a computer must use the services of a routerrouter.

• Routers are sometimes called gatewaysgateways for this reason.

• Sending computer checks for a default gateway in its TCP/IP configuration.

• If no default gateway is installed, the sending computer cannot send the message.

198.189.232.1

Domain Names and IP Addresses

• Many times we communicate with other hosts using domain names such as www.cisco.com

• Hosts and routers route packets using IP addresses, NOT domain names.

• The host must translate the domain name to an IP address.

• The host will have the DNS Server do this translation for it.

• The Domain Name System (abbreviated DNS) is an Internet directory service.

• DNS is how domain names are translated into IP addresses, and DNS also controls email delivery.

• If your computer cannot access DNS, your web browser will not be able to find web sites, and you will not be able to receive or send email.

Domain Names and IP Addresses

We usually use domain names, www.cisco.com, but the IP packets are sent using the IP address, 198.133.219.25.Data link destination address Data link source address Other data link fields

IP Destination Address IP Source Address Other IP fields and data

198.133.219.25

Exploring the Domain Name Space

• DNS software is generally made up of two elements: the actual name server, and something called a resolver.

• The name server responds to browser requests by supplying name-to-address conversions.

• When it doesn't know the answer, the resolver will ask another name server for the information.


• To see how it works, let's go back to the domain-name-space inverted tree.

• When you type in a URL, your browser sends a request to the closest name server.

• If that server has ever fielded a request for the same host name (within a time period set by the administrator to prevent passing old information), it will locate the information in its cache and reply.


• If the name server is unfamiliar with the domain name, the resolver will attempt to "solve" the problem by asking a server farther up the tree.

• If that doesn't work, the second server will ask yet another - until it finds one that knows.

• (When a server can supply an answer without asking another, it's known as an authoritative server.)


• Once the information is located, it's passed back to your browser, and you're sent on your merry way.

• Usually this process occurs quickly, but occasionally it can take an excruciatingly long time (like 15 seconds).


• In the worst cases, you'll get a dialog box that says the domain name doesn't exist - even though you know it does.

• This happens because the authoritative server is slow replying to the first, and your computer gets tired of waiting so it times-out (drops the connection).

• But if you try again, there's a good chance it will work, because the authoritative server has had enough time to reply, and your name server has stored the information in its cache.

Proxy ARP – (from cisco.com)

• http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094adb.shtml

• This link and PDF is on my Semester 1 web page.Introduction• This document explains the concept of proxy Address Resolution

Protocol (ARP). • Proxy ARP is the technique in which one host, usually a router,

answers ARP requests intended for another machine. • By "faking" its identity, the router accepts responsibility for routing

packets to the "real" destination. • Proxy ARP can help machines on a subnet reach remote subnets

without configuring routing or a default gateway.Prerequisites• This document requires an understanding of the ARP and Ethernet

environment.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094adb.shtml

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094adb.shtml

How Does Proxy ARP Work?

• Below is an example of how proxy ARP works:


• The Host A (172.16.10.100) on Subnet A needs to send packets to Host D (172.16.20.200) on Subnet B.

• As shown in the diagram above, Host A has a /16 subnet mask. • What this means is that Host A believes that it is directly connected to

all of network 172.16.0.0. • When Host A needs to communicate with any devices it believes are

directly connected, it will send an ARP request to the destination. • Therefore, when Host A needs to send a packet to Host D, Host A

believes that Host D is directly connected, so it sends an ARP request to Host D.

• To reach Host D (172.16.20.200), Host A needs the MAC address of Host D.

• Therefore, Host A broadcasts an ARP request on Subnet A, as below:

Sender's MAC Address Sender's IP Address Target MAC Address Target IP Address

00-00-0c-94-36-aa 172.16.10.100 00-00-00-00-00-00 172.16.20.200


• In above ARP request, Host A (172.16.10.100) is requesting that Host D (172.16.20.200) send its MAC address.

• The above ARP request packet is then encapsulated in an Ethernet frame with Host A's MAC address as the source address and a broadcast (FFFF.FFFF.FFFF) as the destination address.

• Since the ARP request is a broadcast, it reaches all the nodes in the Subnet A, including the router's e0 interface, but does not reach Host D.

• The broadcast will not reach Host D because routers, by default, do not forward broadcasts.

• Since the router knows that the target address (172.16.20.200) is on another subnet and can reach Host D, it will reply with its own MAC address to Host A.

Sender's MAC Address Sender's IP Address Target MAC Address Target IP Address

00-00-0c-94-36-ab 172.16.20.200 00-00-0c-94-36-aa 172.16.10.100


• Above is the Proxy ARP reply that the router sends to Host A.

• The proxy ARP reply packet is encapsulated in an Ethernet frame with router's MAC address as the source address and Host A's MAC address as the destination address.

• The ARP replies are always unicast to the original requester.

• On receiving this ARP reply, Host A updates its ARP table as below:

IP Address MAC Address

172.16.20.200 00-00-0c-94-36-ab


• From now on Host A will forward all the packets that it wants to reach 172.16.20.200 (Host D) to the MAC address 00-00-0c-94-36-ab (router).

• Since the router knows how to reach Host D, the router forwards the packet to Host D.

• The ARP cache on the hosts in Subnet A is populated with the MAC address of the router for all the hosts on the Subnet B.

• Hence all packets destined to Subnet B are sent to the router.

• The router forwards those packets to the hosts in Subnet B.

• The ARP cache of Host A is given below:

IP Address MAC Address

172.16.20.200 00-00-0c-94-36-ab

172.16.20.100 00-00-0c-94-36-ab

172.16.10.99 00-00-0c-94-36-ab

172.16.10.200 00-00-0c-94-36-bb

Note: Multiple IP addresses are mapped to a single MAC address (the router's MAC address), indicating that proxy ARP is in use.

Routers and the Network Layer

Network Layer

• Routers– Pass data between networks– Use Layer 3 addresses (logical)– Can make intelligent decisions regarding best path

Assigned by Network AdministratorAssigned by NIC manufacturer

Network Segmentation

Since the interface where the router connects to a network is considered to be part of that network, the interface where the router connects to network A has an IP address of A1.

172.30.10.10/24

172.30.10.11/24 172.30.10.12/2

4

172.30.10.13/24 10.25.1.10/16

10.25.7.11/1610.25.3.12/16

10.25.3.13/16

172.30.10.1/24 10.25.1.1/16

172.30.10.0/24

10.25.0.0/16

Routers and Data Relaying

• You want to send data from one network to another.

• The router:– Strips off the data link header, carried by the frame– Examines the network layer address to determine the destination

network– Consults its routing table to determine which interface it will use to

send the data

Router Interface

Each router interface must have a separate network (or subnetwork) address.Includes subnet mask.

• The network layer provides best-effort end-to-end packet delivery across interconnected networks.

• The network layer uses the IP routing table to send packets from the source network to the destination network.

• After the router determines which path to use, it proceeds with forwarding the packet.

• It takes the packet that it accepted on one interface and forwards it to another interface or port that reflects the best path to the packet's destination.

• Much more information later in the presentation on “The Routing Table Structure.”

Path Switching • Host X has a packet(s) to send to Host Y• A router generally relays a packet from one data link to another, using two basic

functions: 1. a path determination function - Routing 2. a switching function – Packet Forwarding

• Let’s go through all of the stages these routers use to route and switch this packet.

• See if you can identify these two functions at each router.• Note: Data link addresses have been abbreviated.

Path Switching and Packet Forwarding

192.168.1.10/24 192.168.4.10/24

RTA RTB RTC192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24

e0 e0s0s0 s0s1.1 .1 .1 .1.2 .2

Data link destination address Data link source address Other data link fields


X Y

Data Link Header IP (Network layer) Packet

Data Link Frame = Data Link Header + IP Packet

From Host X to Router RTA

• Host X begins by encapsulating the IP packet into a data link frame (in this case Ethernet) with RTA’s Ethernet 0 interface’s MAC address as the data link destination address.

• How does Host X know to forward to packet to RTA and not directly to Host Y? How does Host X know or get RTA’s Ethernet address?

– Remember, it looks at the packet’s destination ip address does an AND operation and compares it to its own ip address and subnet mask.

– It determines if the two ip addresses are on the same subnet or not.

– If the are on the same subnet, it looks for the destination ip address of the packet in its ARP cache. – sending out an ARP request if it is not there.

– If they are on different subnets, it looks for the ip address of the default gateway in its ARP cache – sending out an ARP request if it is not there.

• If you do not remember, be sure to review our previous presentation, “ARP – The Process and the Protocol”

192.168.1.10/240A-10

192.168.4.10/240B-20

RTA RTB RTC192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24

e000-10

e00C-22

e00B-31

e100-20

s0s0.1 .1 .1 .1.2 .2



X Y

00-10 0A-10 192.168.4.10 192.168.1.10

RTA to RTB

1. RTA looks up the IP destination address in its routing table.

• 192.168.4.0/24 has next-hop-ip address of 192.168.2.2 and an exit-interface of e1.

• Since the exit interface is on an Ethernet network, RTA must resolve the next-hop-ip address with a destination MAC address.

2. RTA looks up the next-hop-ip address of 192.168.2.2 in its ARP cache.

• If the entry was not in the ARP cache, the RTA would need to send an ARP request out e1. RTB would send back an ARP reply, so RTA can update its ARP cache with an entry for 192.168.2.2.

192.168.1.10/240A-10

192.168.4.10/240B-20

RTA RTB RTC192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24

e000-10

e00C-22

e00B-31

e100-20

s0s0.1 .1 .1 .1.2 .2



X Y

0B-31 00-20 192.168.4.10 192.168.1.10

1

2

3RTA Routing Table

Network Hops Next-hop-ip Exit-interface192.168.1.0/24 0 Dir.Conn. e0192.168.2.0/24 0 Dir.Conn e1192.168.3.0/24 1 192.168.2.2 e1192.168.4.0/24 2 192.168.2.2 e1

RTA ARP CacheIP Address MAC Address192.168.2.2 0B-31

RTA to RTB (continued)3. Data link destination address and frame encapsulation• After finding the entry for the next-hop-ip address 192.168.2.2 in its ARP cache,

RTA uses the MAC address for the destination MAC address in the re-encapsulated Ethernet frame.

The frame is now forwarded out Ethernet 1 (as specified in RTA’s routing table.• Notice, that the IP Addresses did not change.• Also notice that the Routing table was used to find the next-hop ip address,

used for the data link address and exit interface, to forward the packet in a new data link frame.

192.168.1.10/240A-10

192.168.4.10/240B-20

RTA RTB RTC192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24

e000-10

e00C-22

e00B-31

e100-20

s0s0.1 .1 .1 .1.2 .2



X Y

0B-31 00-20 192.168.4.10 192.168.1.10

1

2

3RTA Routing Table

Network Hops Next-hop-ip Exit-interface192.168.1.0/24 0 Dir.Conn. e0192.168.2.0/24 0 Dir.Conn e1192.168.3.0/24 1 192.168.2.2 e1192.168.4.0/24 2 192.168.2.2 e1

RTA ARP CacheIP Address MAC Address192.168.2.2 0B-31

192.168.1.10/240A-10

192.168.4.10/240B-20

RTA RTB RTC192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24

e000-10

e00C-22

e00B-31

e100-20

s0s0.1 .1 .1 .1.2 .2



X Y

FFFF 192.168.4.10 192.168.1.10

1

RTB to RTC

1. RTB looks up the IP destination address in its routing table.

• 192.168.4.0/24 has next-hop-ip address of 192.168.3.2 and an exit-interface of s0 (serial 0).

• Since the exit interface not on an Ethernet network, RTA does not need to resolve the next-hop-ip address with a destination MAC address.

• Remember, serial interfaces do not have MAC addresses.

RTB Routing TableNetwork Hops Next-hop-ip Exit-interface192.168.1.0/24 1 192.168.2.1 e0192.168.2.0/24 0 Dir.Conn e0192.168.3.0/24 0 Dir.Conn s0192.168.4.0/24 1 192.168.3.2 s0

2

192.168.1.10/240A-10

192.168.4.10/240B-20

RTA RTB RTC192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24

e000-10

e00C-22

e00B-31

e100-20

s0s0.1 .1 .1 .1.2 .2



X Y

FFFF 192.168.4.10 192.168.1.10

1

RTB to RTC

2. Data link destination address and frame encapsulation.

• When the interface is a point-to-point serial connection, the Routing Table process does not even look at the next-hop IP address.

• Remember, a serial link is like a pipe - only one way in and only one way out.

• RTA now encapsulates the IP packet into the proper data link frame, using the proper serial encapsulation (HDLC, PPP, etc.).

• The data link destination address is set to a broadcast, since there is only one other end of the pipe and the frame is now forwarded out serial 0.

RTB Routing TableNetwork Hops Next-hop-ip Exit-interface192.168.1.0/24 1 192.168.2.1 e0192.168.2.0/24 0 Dir.Conn e0192.168.3.0/24 0 Dir.Conn s0192.168.4.0/24 1 192.168.3.2 s0

2

192.168.1.10/240A-10

192.168.4.10/240B-20

RTA RTB RTC192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24

e000-10

e00C-22

e00B-31

e100-20

s0s0.1 .1 .1 .1.2 .2



X Y

0B-20 0C-22 192.168.4.10 192.168.1.10

RTC to Host Y1. RTC looks up the IP destination address in its routing table.• 192.168.4.0/24 is a directly connected network with an exit-interface of e0.• RTC realizes that this destination ip address is on the same network as one of its

interfaces and it can sent the packet directly to the destination and not another router.

• Since the exit interface is on an directly connected Ethernet network, RTC must resolve the destination ip address with a destination MAC address.

2. RTC looks up the destination ip address of 192.168.4.10 in its ARP cache.• If the entry was not in the ARP cache, the RTC would need to send an ARP

request out e0. Host Y would send back an ARP reply, so RTC can update its ARP cache with an entry for 192.168.4.10.

RTC ARP CacheIP Address MAC Address192.168.4.10 0B-20

RTC Routing TableNetwork Hops Next-hop-ip Exit-interface192.168.1.0/24 2 192.168.3.1 s0192.168.2.0/24 1 192.168.3.1 s0192.168.3.0/24 0 Dir.Conn s0192.168.4.0/24 0 Dir.Conn e0

13

2

192.168.1.10/240A-10

192.168.4.10/240B-20

RTA RTB RTC192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24

e000-10

e00C-22

e00B-31

e100-20

s0s0.1 .1 .1 .1.2 .2



X Y

0B-20 0C-22 192.168.4.10 192.168.1.10

RTC to Host Y (continued)

3. Data link destination address and frame encapsulation

• After finding the entry for the destination ip address 192.168.4.10 in its ARP cache, RTC uses the MAC address for the destination MAC address in the re-encapsulated Ethernet frame.

The frame is now forwarded out Ethernet 0 (as specified in RTA’s routing table.

RTC ARP CacheIP Address MAC Address192.168.4.10 0B-20

RTC Routing TableNetwork Hops Next-hop-ip Exit-interface192.168.1.0/24 2 192.168.3.1 s0192.168.2.0/24 1 192.168.3.1 s0192.168.3.0/24 0 Dir.Conn s0192.168.4.0/24 0 Dir.Conn e0

13

2

From Cisco on-line curriculum:• When the router checks its routing table entries, it discovers that the best path to

destination Network 2 uses outgoing port To0, the interface to a token-ring LAN.

• Although the lower-layer framing must change as the router passes packet traffic from Ethernet on Network 1 to token-ring on Network 2, the Layer 3 addressing for source and destination remains the same.

• In the Figure, the destination address remains Network 2, Host 5, regardless of the different lower-layer encapsulations.

From Cisco on-line curriculum:• Routers enable LAN-to-WAN packet flow by keeping the end-to-end source and destination

addresses constant while encapsulating the packet in data link frames, as appropriate, for the next hop along the path.

NOTE:

• Remember, when the interface is a point-to-point serial connection, the Routing Table process does not even look at the next-hop IP address in the routing table, only the exit-interface.

Ch. 9 – Address Allocation, Resolution, and Packet Forwarding (TCP/IP)

CCNA 1 version 3

Rick Graziani

Cabrillo College

Spring 2005

ch. 9 – address allocation, resolution, and packet forwarding (tcp/ip)

Documents