cosc 4765 networking overview. bandwidth review bit (b) = a unit of information, 0 or 1 –10 bits...
TRANSCRIPT
Cosc 4765
Networking
overview
Bandwidth Review• Bit (b) = a unit of information, 0 or 1
– 10 bits can represent 1024 different messages– 20 bits represent > 1 million– 30 bits > 1 billion messages
• The bandwidth of a communication channel = number of bits per second it transmits
• All channels have limited bandwidth• One byte (B) = 8 bits (an octet)• Transmitting 1 MB at 56K bps takes 143 sec.• 1 GB = gigabyte takes 40 hours
– at 7Mbps 19 minutes; at 1 Gbps takes 8 seconds• Latency = delay from first bit transmitted to first received
Progress of Technology• Have more disk storage
– 1971: 10 MB– 2001: 80,000 MB (soon 1 terabyte = 1000GB)
• Higher communication speeds– Human speech: 30 bits/sec– 1971 Modem 300 bits/sec– 2001 Modem: 56,000 bits/sec– T1 line: 1,544,000 bits/sec– Internet 2: 1,000,000,000 bits/sec– Nortel: 1,000,000,000,000 bits/sec in 1 fiber
(entire U.S. telephone traffic)
IMPROVEMENT: 8000 x
1971-2001IMPROVEMENT:
3 BILLION x
BANDWIDTH APPLICATION TECHNOLOGY
Streaming Video + Voice
Browsing, Audio
E-mail, FTP
Paging
Video Conferencing, Multimedia
Telnet
ISDN
FDDI
T3/E3
T1/E1
New Modem
Wireless WAN
Old Modem
4.8
19.2
56K
128K
T3 = 44.7 Mb
OC3 = 155 Mb
In Kbps
Virtual Reality, Medical Imaging
1 gigabit
ADSL
Full-motion HDTV
GigabitEthernet
Copper
Fiber
Experimental1 terabitAll U.S. telephone conversations simultaneously
T1 = 1.544 Mb
DSL ~ 7 Mb
OC12 = 622 Mb
Human speech = 30 bpsBANDWIDTH LIST
Some humor first
http://www.the5thwave.com/images/cartoons_computer/large/training/631lg.gif
IEEE Standards for networking
There are 7 layers in the OSI network model• Layer 7: Application
– mechanisms to support end-user applications such as mail, ftp, etc.
• Layer 6: Presentation– mechanisms for dealing with data representation
• Layer 5: Session– mechanisms for establishing reliable
communications between cooperating applications
IEEE Standards for networking (2)
• Layer 4: Transport layer– provides reliable end-to-end error recovery
mechanisms and flow control in the higher networking software
– Firewall work here (an up to layer 7)
• Layer 3: Network (hardware)– Establishes communication from station to station– Most high level Network protocols are in this layer– Routers work at this layer
IEEE Standards for networking (3)
• Layer 2: Data link (hardware)– transmits and receives frames, MAC protocol belongs
to this layer– Switches and bridges work at this layer.
• layer 1: Physical (hardware)– standardizes the electrical, mechanical, and functional
control of data circuits that connect to the transmission media
– Hubs and repeaters work at this layer.• Layer 0: transmission media
– cables between two network stations (includes wireless transmissions)
How OSI layer works.
– A program, which "functions" at layer 7, (application layer) passes the message down to the next OSI levels. Each layer changes and adds information as needed.
– the message goes out onto the network.– then back up the OSI levels (stripping off
information needed only at that layer and changing the message as needed) until it reaches the application layer of the receiving program, which then reads the message based on the protocol used.
• We are going to look at each layer, starting at layer 7 and working our way down to layer 0
• But remember, each layer is dependent on the one above it and below it.
• An important concept in OSI is data encapsulation. Layer 7 data is encapsulated by Layer 4, then layer 3 encapsulates layer 4 data (which is encapsulated layer 7 data with more information), continuing this process down to layer 2.– Each layer also uses different terms as well.
Ethernet
• Uses the OSI network model, but with different names. – Also compresses layer 5, 6, 7 into the same
layer. Most network applications are written to the Ethernet standards (including O/Ss),
• Because of the different names, which confuses people, the layer number is normally used as the name.
Layer 7: Application
• Application protocol defines:– types of messages to be exchanged
• requests and response messages
– The syntax of the messages, fields and how they are delineated.
– semantics of the fields (ie what they mean)– rules for when and how a program sends
messages and replies to messages.
• Such as the HTTP protocol.
Layer 6: Presentation layer
• Deals with data representation – since UNIX, windows, Mac, the Internet, etc
do not agree on what the data should look like, this layer deals with the multiple data representation standards.
– These include whether the O/S uses ASCII standards or another character standard, big/little Endian byte ordering standards, etc.
Layer 5: Session layer
• when a program asks for a network connection, it is this layer than establishes and maintains the connection– Sockets are created on this layer
• These layer makes a request to Layer 4 for protocol. Layer 5 is a virtual layer in most respects. It's standard interface into layer 4.– A socket is created on this layer, but how all the
communication is done is left up layer 4 and below.
Layer 4: Transport
• Provides logical communication between application processes on different hosts.– Not a physical connection, but applications think so.– Applications don’t need to worry about physical
infrastructure.
• Two protocols provided and developer must choose one.– UDP (User Datagram Protocol)– TCP (Transmission control Protocol)
• Other non-common transport protocols exist here
UDP in detail
• [RFC 768]– multiplex/demultiplexing and error checking. – No connection establishment– No connection state– small packet header overhead
• UDP adds 8B of header, while TCP adds 20B
– Unregulated send rate
UDP segment
• Contains– Source Port #– Destination Port #– Length of entire segment (including header)– Checksum– Application data or message.
• No IP number, contained in the network layer header information. IP are layer 3 information.
TCP: Overview RFCs: 793, 1122, 1323, 2018, 2581
• full duplex data:– bi-directional data flow in
same connection– MSS: maximum segment
size
• connection-oriented: – handshaking (exchange
of control msgs) init’s sender, receiver state before data exchange
• flow controlled:– sender will not overwhelm
receiver
• point-to-point:– one sender, one receiver
• reliable, in-order byte steam:– no “message boundaries”
• pipelined:– TCP congestion and flow
control set window size
• send & receive buffers
socketdoor
T C Psend buffer
T C Preceive buffer
socketdoor
segm ent
applicationwrites data
applicationreads data
TCP segment structure
source port # dest port #
32 bits
applicationdata
(variable length)
sequence number
acknowledgement numberrcvr window size
ptr urgent datachecksum
FSRPAUheadlen
notused
Options (variable length)
URG: urgent data (generally not used)
ACK: ACK #valid
PSH: push data now(generally not used)
RST, SYN, FIN:connection estab(setup, teardown
commands)
# bytes rcvr willingto accept
countingby bytes of data(not segments!)
Internetchecksum
(as in UDP)
Data Reliability
• Why does TCP provide reliable data transfer and UDP does not?– In the Network layer (Layer 3), Best-effect
delivery service is provided– Meaning the best attempt to deliver is made,
but no guarantees, no orderly deliver, and no guarantee on the integrity of the data.
Layer 3: Network layer
routingtable
Host, router network layer functions:
Routing protocols•path selection•RIP, OSPF, BGP
IP protocol•addressing conventions•datagram format•packet handling conventions
ICMP protocol•error reporting•router “signaling”
Transport layer: TCP, UDP
Link layer
physical layer
Networklayer
Network layer functions
• transport packet from sending to receiving hosts
• network layer protocols in every host, router
three important functions:• path determination: route taken
by packets from source to dest. Routing algorithms
• switching: move packets from router’s input to appropriate router output
• call setup: some network architectures require router call setup along path before data flows
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
application
transportnetworkdata linkphysical
application
transportnetworkdata linkphysical
Network service model
Q: What service model for “channel” transporting packets from sender to receiver?
• guaranteed bandwidth?• preservation of inter-packet
timing (no jitter)?• loss-free delivery?• in-order delivery?• congestion feedback to
sender?
? ??virtual circuit
or datagram?
The most important abstraction provided
by network layer:
serv
ice a
bst
ract
ion
Virtual circuits
• call setup, teardown for each call before data can flow• each packet carries VC identifier• every router on source-dest path s maintain “state” for each
passing connection– transport-layer connection only involved two end systems
• link, router resources (bandwidth, buffers) may be allocated to VC– to get circuit-like performance.
“source-to-dest path behaves much like telephone circuit”– performance-wise– network actions along source-to-dest path
Virtual circuits: signaling protocols
• used to setup, maintain teardown VC• used in ATM, frame-relay, X.25• not used in today’s Internet
application
transportnetworkdata linkphysical
application
transportnetworkdata linkphysical
1. Initiate call 2. incoming call
3. Accept call4. Call connected5. Data flow begins 6. Receive data
Datagram networks: the Internet model
• no call setup at network layer
• routers: no state about end-to-end connections– no network-level concept of “connection”
• packets typically routed using destination host ID– packets between same source-dest pair may take different
paths
application
transportnetworkdata linkphysical
application
transportnetworkdata linkphysical
1. Send data 2. Receive data
Datagram or VC network: why?
Internet• data exchange among
computers– “elastic” service, no strict
timing req.
• “smart” end systems (computers)– can adapt, perform control,
error recovery
– simple inside network, complexity at “edge”
• many link types – different characteristics
– uniform service difficult
ATM (asynchronous transfer mode)
• evolved from telephony• human conversation:
– strict timing, reliability requirements
– need for guaranteed service
• “dumb” end systems– telephones– complexity inside
network
Routing
Graph abstraction for routing algorithms:
• graph nodes are routers
• graph edges are physical links– link cost: delay, $ cost,
or congestion level
Goal: determine “good” path
(sequence of routers) thru network from source to
dest.
Routing protocol
A
ED
CB
F
2
2
13
1
1
2
53
5
• “good” path:– typically means
minimum cost path– other def’s possible
IP Addressing: introduction• IP address: 32-bit
identifier for host, router interface
• interface: connection between host, router and physical link– router’s typically have
multiple interfaces– host may have multiple
interfaces– IP addresses associated
with interface, not host, router
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
223.1.1.1 = 11011111 00000001 00000001 00000001
223 1 11
IP datagram format
ver length
32 bits
data (variable length,typically a TCP
or UDP segment)
16-bit identifier
Internet checksum
time tolive
32 bit source IP address
IP protocol versionnumber
header length (bytes)
max numberremaining hops
(decremented at each router)
forfragmentation/reassembly
total datagramlength (bytes)
upper layer protocolto deliver payload to
head.len
type ofservice
“type” of data flgsfragment
offsetupper layer
32 bit destination IP address
Options (if any) E.g. timestamp,record routetaken, specifylist of routers to visit.
Getting a datagram from source to dest.
IP datagram:
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
miscfields
sourceIP addr
destIP addr data
• datagram remains unchanged, as it travels source to destination
• addr fields of interest here
Dest. Net. next router Nhops
223.1.1 1223.1.2 223.1.1.4 2223.1.3 223.1.1.4 2
routing table in A
Getting a datagram from source to dest.
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
Starting at A, given IP datagram addressed to B:
• look up net. address of B• find B is on same net. as A• link layer will send datagram
directly to B inside link-layer frame– B and A are directly connected
Dest. Net. next router Nhops
223.1.1 1223.1.2 223.1.1.4 2223.1.3 223.1.1.4 2
miscfields223.1.1.1223.1.1.3data
Getting a datagram from source to dest.
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
Dest. Net. next router Nhops
223.1.1 1223.1.2 223.1.1.4 2223.1.3 223.1.1.4 2Starting at A, dest. E:
• look up network address of E• E on different network
– A, E not directly attached
• routing table: next hop router to E is 223.1.1.4
• link layer sends datagram to router 223.1.1.4 inside link-layer frame
• datagram arrives at 223.1.1.4 • continued…..
miscfields223.1.1.1223.1.2.3 data
Getting a datagram from source to dest.
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
• Arriving at 223.1.4, destined for 223.1.2.2
• look up network address of E• E on same network as router’s
interface 223.1.2.9 – router, E directly attached
• link layer sends datagram to 223.1.2.2 inside link-layer frame via interface 223.1.2.9
• datagram arrives at 223.1.2.2!!! (hooray!)
miscfields223.1.1.1223.1.2.3 data network router Nhops interface
223.1.1 - 1 223.1.1.4 223.1.2 - 1 223.1.2.9
223.1.3 - 1 223.1.3.27
Dest. next
IP Fragmentation & Reassembly• network links have MTU
(max.transfer size) - largest possible link-level frame.– different link types,
different MTUs • large IP datagram divided
(“fragmented”) within net– one datagram becomes
several datagrams– “reassembled” only at
final destination– IP header bits used to
identify, order related fragments
fragmentation: in: one large datagramout: 3 smaller datagrams
reassembly
IP Fragmentation and Reassembly
ID=x
offset=0
fragflag=0
length=4000
ID=x
offset=0
fragflag=1
length=1500
ID=x
offset=1480
fragflag=1
length=1500
ID=x
offset=2960
fragflag=0
length=1040
One large datagram becomesseveral smaller datagrams
MTU is min. of 576 bytes, so if MSS is 536b, fragmentation can eliminated
RIP ( Routing Information Protocol)
• Distance vector algorithm• Included in BSD-UNIX Distribution in 1982• Distance metric: # of hops (max = 15 hops)
– Can you guess why?
• Distance vectors: exchanged every 30 sec via Response Message (also called advertisement)
• Each advertisement: route to up to 25 destination nets
RIP: Link Failure and Recovery If no advertisement heard after 180 sec -->
neighbor/link declared dead– routes via neighbor invalidated– new advertisements sent to neighbors– neighbors in turn send out new
advertisements (if tables changed)– link failure info quickly propagates to entire
net– poison reverse used to prevent ping-pong
loops (infinite distance = 16 hops)
RIP Table processing
• RIP routing tables managed by application-level process called route-d (daemon)
• advertisements sent in UDP packets, periodically repeated
RIP Table example (continued)
Router: giroflee.eurocom.fr
• Three attached class C networks (LANs)
• Router only knows routes to attached LANs• Default router used to “go up”• Route multicast address: 224.0.0.0• Loopback interface (for debugging)• ASUWLINK: netstat –rn will show the route table
Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------- 127.0.0.1 127.0.0.1 UH 0 26492 lo0 192.168.2. 192.168.2.5 U 2 13 fa0 193.55.114. 193.55.114.6 U 3 58503 le0 192.168.3. 192.168.3.5 U 2 25 qaa0 224.0.0.0 193.55.114.6 U 3 0 le0 default 193.55.114.129 UG 0 143454
ICMP: Internet Control Message Protocol
• used by hosts, routers, gateways to communication network-level information– error reporting: unreachable host, network, port,
protocol– echo request/reply (used by ping)
• network-layer “above” IP:– ICMP msgs carried in IP datagrams
• ICMP message: type, code plus first 8 bytes of IP datagram causing error
ICMP
• Reason for ICMP:– provides a mechanism for IP devices to use
when they need to exchange information about network problems that are preventing delivery
• Normally semi-permanent and/or non-transient errors.
• problems that prevent all datagrams through to their destination.
ICMP (2)
• IP datagram failed to be delivered because– next-hop router is unavailable– non-existent destination IP address or Port
• ICMP error message are returned if is a semi-permanent or non-transient error– transient errors are ignored and left to the
application or TCP to deal with.• why? the next packet should not have the same
problem.
ICMP (3)
• non-transient and semi-permanent errors– a fundamental problem with the network itself– a problem in the way that the sender is trying
to use the network– destination becomes unreachable– IP Time-to-Live value reaching zero
• Time-to-Live value based on hops, not actual time.
ICMP (4)
• Also used for– exchanging general information about the
network
• Essentially ICMP is a collection of predefined messages– system chooses a message from a dictionary,
places the code for the message into an ICMP-specific datagram and then sends it.
ICMP Message Formats
Ping and ICMP
• Uses ICMP messages to test basic connectivity between two devices
• The message created is for ICMP itself, so no other protocols are involved– ICMP is not a transport protocol and as such
can not be used to deliver application data.
• ICMP receives the message, which is an "echo request", then generates a response "echo reply" and sends it.
UNIX ping• example (ping k2 from meru)seker>ping k2PING k2.cs.uwyo.edu (129.72.216.12): 56 data bytes64 bytes from 129.72.216.12: icmp_seq=0 ttl=64 time=2.773 ms64 bytes from 129.72.216.12: icmp_seq=1 ttl=64 time=1.720 ms
----k2.cs.uwyo.edu PING Statistics----2 packets transmitted, 2 packets received, 0.0% packet lossround-trip min/avg/max = 1.720/2.246/2.773 ms• MEANS:• icmp_seq is the sequence number from the icmp packet• ttl is time-to-live, time is the round trip time for the packet, so 2.773
milliseconds for the first line• And summary information
ICMP message types
• Three main message types:– ICMP error message
• There a problem to report
– ICMP query message• Asking for information
– ICMP query reply message• response to query• It is really a ICMP query message, it is easier to
think about separately.
When not to send ICMP Messages
• An ICMP error message in response to another ICMP error message.– would create a message loop and case a
network/broadcast storm.
• ICMP Error messages to broadcast or multicast address– It could generate thousands of messages.
• ICMP query response messages may be sent.• Optional in the RFC 1122
Common Message TypesType Code description Message Family0 0 echo reply (ping) Query (reply)3 0-15 dest. network unreachable Error4 0 source quench Error5 0-3 Redirect Error8 0 echo request (ping) Query (request)9 0 route advertisement Query (reply)10 0 router Solicition Query (request)11 0-1 Time-To-Live expired Error12 0-2 bad IP header Error13 0 Timestamp Request Query (request)14 0 Timestamp reply Query (reply)17 0 Address Mask request Query (request) (obsolete)18 0 Address Mask Reply Query (reply) (obsolete)
traceroute
• allows you to identify the route that datagrams are taking to a remote device.
• How it works:– sends a set of packets with incrementally larger Time-
to-Live (hops) values, checking ICMP time exceeded error messages as packets expire getting to their distintation
– first packet ttl =1, router sets it to zero, and returns an ICMP error, traceroute notes the router and time
– second packet ttl=2, so the second router sets it to zero, and returns an ICMP error, traceroute notes the routers and time,
– etc, until it reaches it destination.
Traceroute Example 1>traceroute k2traceroute to k2 (129.72.216.12), 30 hops max, 60 byte packets1 k2.cs.uwyo.edu (129.72.216.12) 3 ms 2 ms 2 ms• Only 1 hop, because there is no router in between• this version sends 3 messages to get a better idea of time.
>traceroute arthur.uwyo.edutraceroute to arthur.uwyo.edu (129.72.10.203), 30 hops max, 60 byte
packets 1 129.72.216.1 11 ms 7 ms 9 ms 2 quark.uwyo.edu (129.72.62.70) 1 ms 5 ms 2 ms 3 arthur.uwyo.edu (129.72.10.203) 2 ms 2 ms 2 ms• the 216 "gateway", internal uwyo router, then arthur.
traceroute Example 2>traceroute www.netscape.comtraceroute to www.netscape.com (64.12.151.215), 30 hops max, 60 byte packets 1 129.72.216.1 5 ms 8 ms 8 ms 2 uwyo-router-subnet-062.uwyo.edu (129.72.62.1) 2 ms 1780 ms 1781 ms 3 frgp-gw-1.uwyo.edu (129.72.253.6) 12 ms 9 ms 6 ms 4 ucar.edu.ip.att.net (12.124.158.13) 24 ms 18 ms 16 ms 5 gbr1-p60.dvmco.ip.att.net (12.123.36.138) 27 ms 20 ms 25 ms 6 gbr4-p70.dvmco.ip.att.net (12.122.5.21) 19 ms 1697 ms 1781 ms 7 gbr4-p80.dlstx.ip.att.net (12.122.2.101) 29 ms 1703 ms 1781 ms 8 gbr6-p70.dlstx.ip.att.net (12.122.5.85) 31 ms 1708 ms 1781 ms 9 * * *10 tbr2-p013401.attga.ip.att.net (12.122.10.74) 52 ms 2764 ms 46 ms11 tbr1-p012501.attga.ip.att.net (12.122.9.157) 47 ms 2763 ms 46 ms12 tbr2-p013801.wswdc.ip.att.net (12.122.10.69) 56 ms 2775 ms 62 ms13 ggr2-p390.wswdc.ip.att.net (12.123.9.85) 60 ms 1706 ms 1781 ms• NOTE: * * * indicates the request timed out, since it is not receiving any response from either
the destination system or intermediary, but continues with the next ttl increment.• It may be a firewall, instead of a network failure.
Multicast
• Normally, an IP number refers to 1 host, but it can refer to many hosts on 1 or more networks.– Known as a multicast address
• Multicasting: Sending a packet from 1 host to members of a multicast group
Multicast Examples
• Multimedia– Users "tune in" a video or audio transmission from a single
source, but the source does not send to each individual.
• Teleconferencing• Database
– replicated database are updated at the same time
• Distributed computation– intermediate results are sent to all participants. The sender need
no even know who they are
• Real-time workgroup– work is exchanged among active members in real time.
Broadcast (briefly)
• Broadcast sends data from one device to every other device on a local network– uses a broadcast specific address to a
network topology– Devices MUST monitor and read any frame
that is marked for the broadcast address– typically, 255 as the last octet.
• 10.216.218.255 is the broadcast address for cosc.• 129.72.255.255 is the broadcast address for all of
uwyo.edu. (very bad to use!)
Vs Broadcast and Unicast
• Broadcast sends the message to everyone on the network
• Unicast sends to an individual• So if we have 5 members on 2 different
networks– unicast must create and send 5 packets (1 for each
member) for each packet sent.– broadcast must broadcast each packet to 2 networks.– Multicast sends 1 packet and each member gets the
packet.
Vs Broadcast and Unicast (2)
• Unicast– more work for the source host, must create
and send a packet for each member
• Broadcast– Many (hundreds!) get "junk" packets.
• Multicast– Source host sends only 1 packet to the group.
The work is done on the routers (if there is more than 1 network/LAN involved).
Multicast addresses
• Multicast address are known as a Class D addresses– All IP address from 224.0.0.0 to 239.255.255.255– there are ranges inside that are associated with a
specific application service
• All number 224.0.0.0 to 224.0.0.255 are predefined and reserved addresses for routing protocols and infrastructure services.– http://www.isi.edu/in-notes/iana/assignments/mulitcastaddresses
Multicast addresses examples
• 224.0.0.1 all local multicast hosts (including routers) and is never forwarded
• 224.0.0.2 all local multicast routers and is never forwarded
• 224.0.1.1 Network Time Protocol
• 224.0.1.24 Microsoft's Windows Internet Name Server locator services (WINS)
Layer 2: Data Link Layer• link layer services
– error detection, correction– multiple access protocols and LANs– link layer addressing, ARP
Link Layer: setting the context• two physically connected devices:
– host-router, router-router, host-host
• unit of data: frame
applicationtransportnetwork
linkphysical
networklink
physical
M
M
M
M
Ht
HtHn
HtHnHl MHtHnHl
framephys. link
data linkprotocol
adapter card
CSMA: Carrier Sense Multiple Access
CSMA: listen before transmit:• If channel sensed idle: transmit entire packet• If channel sensed busy, defer transmission
– Persistent CSMA: retry immediately with probability p when channel becomes idle (may cause instability)
– Non-persistent CSMA: retry after random interval
• human analogy: don’t interrupt others!
CSMA/CD (Collision Detection)CSMA/CD: carrier sensing, deferral as in CSMA
– collisions detected within short time– colliding transmissions aborted, reducing channel
wastage – persistent or non-persistent retransmission
• collision detection: – easy in wired LANs: measure signal strengths,
compare transmitted, received signals– difficult in wireless LANs: receiver shut off while
transmitting
• human analogy: the polite conversationalist
LAN Addresses and ARP
32-bit IP address: • network-layer address• used to get datagram to destination network (recall
IP network definition)
LAN (or MAC or physical) address: • used to get the frame from one interface to another
physically-connected interface (same network)• 48 bit MAC address (for most LANs)
burned in the adapter ROM
LAN Addresses and ARPEach adapter on LAN has unique LAN address
LAN Address (more)
• MAC address allocation administered by IEEE• manufacturer buys portion of MAC address space (to
assure uniqueness)• Analogy:
(a) MAC address: like Social Security Number
(b) IP address: like postal address• MAC flat address => portability
– can move LAN card from one LAN to another
• IP hierarchical address NOT portable– depends on network to which one attaches
Recall earlier routing discussion
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
Starting at A, given IP datagram addressed to B:
• look up net. address of B, find B on same net. as A
• link layer send datagram to B inside link-layer frame
B’s MACaddr
A’s MACaddr
A’s IPaddr
B’s IPaddr
IP payload
datagramframe
frame source,dest address
datagram source,dest address
ARP: Address Resolution Protocol
• Each IP node (Host, Router) on LAN has ARP module, table
• ARP Table: IP/MAC address mappings for some LAN nodes
< IP address; MAC address; TTL>
< ………………………….. >– TTL (Time To Live):
time after which address mapping will be forgotten (typically 20 min)
Question: how to determineMAC address of Bgiven B’s IP address?
ARP protocol• A knows B's IP address, wants to learn physical
address of B • A broadcasts ARP query packet, containing B's IP
address – all machines on LAN receive ARP query
• B receives ARP packet, replies to A with its (B's) physical layer address
• A caches (saves) IP-to-physical address pairs until information becomes old (times out) – soft state: information that times out (goes
away) unless refreshed
Routing to another LANwalkthrough: routing from A to B via R
• In routing table at source Host, find router 111.111.111.110
• In ARP table at source, find MAC address E6-E9-00-17-BB-4B, etc
A
RB
• A creates IP packet with source A, destination B • A uses ARP to get R’s physical layer address for
111.111.111.110• A creates Ethernet frame with R's physical address as dest,
Ethernet frame contains A-to-B IP datagram• A’s data link layer sends Ethernet frame • R’s data link layer receives Ethernet frame • R removes IP datagram from Ethernet frame, sees its destined
to B• R uses ARP to get B’s physical layer address • R creates frame containing A-to-B IP datagram sends to B
A
RB
Layer 1 and 0
• For our discussions we don’t have to worry to much about layer 1 which is hardware NICs. Also hubs and repeaters.– Packet sniffing is done “mostly” at layer 2 and above.
• Layer 0 is transmission media such as wiring for wired LANs.– This would be physical security issue and less a
network issue.– Wireless Technology will be covered separately.
References• Computer Networking, A Top-Down Approach featuring the Internet,
Kurose and Ross, Addison Wesley, 2001• Ethernet, The definitive Guide, Charles Spurgeon, O’Reilly, 2000.• Internet Core Protocols, The Definitive Guide, Hall, O'Reilly, 2000.• Cisco LAN Switch Configuration Guide, 1997• Computer Networks, 3rd Edition, Andrew Tanenbaum, Prentice Hall,
1996• Networking Essentials, 2nd Edition, Microsoft Press• Computer Networking with Internet Protocols and Technology,
Stallings, Prentice Hall, 2003• Computer Networks and Internets, 4th, Prentice Hall, 2003• Internet Architectures, Minoli and Schmidt, Wiley, 1999 • Managing IP networks with Cisco Routers, Ballew, O'Reilly, 1997• The Switch Book, The complete Guide to LAN Switching
Technology, Seifert, Wiley, 2000• Numerous websites
QA&