information network i network layer: the internet protocol · information network i network layer:...
TRANSCRIPT
Information Network I
Network layer: the Internet Protocol
Youki KadobayashiNAIST
Internet Protocol
• Vinton G. Cerf and Robert E. Kahn, “A Protocol for Packet Network Intercommunication”, IEEE Trans. on Comms, 22(5), May 1974
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 2
Internet Protocol
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 3
• Jonathan B. Postel, “Internetwork Protocol Approaches”, invited paper, IEEE Trans. on Comms, 28(4), April 1980
Gateway, a.k.a. router
IP packet and IP header
• Internet Protocol defines structure of bits
• It also defines associated semantics of bits– Defined in Internet standards: RFC 791
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 4
8 310 4 16
Ver.
Option (if any)
IHL Type ofService Total Length (in Octet)
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
IP version 4 header
IP version 6 header
• Similar, but simplified a lot• Enlarged address, from 32 bit to 128 bits
– 32bit 4,294,967,296– 128bit 340,282,366,920,938,463,463,374,607,431,768,211,456
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 5
Ver TrafficClass Flow Label
Payload LengthNext Header Hop Limit
Source Address
Destination Address
How IP works: addressing
• Structure
– Symbolically:IP-address ::= { <Network-prefix>, <Host-number> }
• Semantics– Unicast – transmission to single host– Multicast – transmission to interested hosts– Broadcast – transmission to all hosts in the network
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 6
How IP works: sending packets
• Indicate IP version• Write source IP address• Write destination IP address• Write packet length• Write header checksum• Indicate upper layer protocol
• Then transmit to the predefined gateway
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 7
How IP works: hop-by-hop inspection
• Decrease “time to live”in order to avoid meltdown from loops– Discard if TTL = 0
• Verify header checksumin order to avoid data corruption
• Forward to next hop
• See RFC 1812: Requirements for IPv4 routers,esp. Section 4
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 8
How IP works: receiving packets
• Check IP version• Check source IP address
– Discard if multicast or broadcast• Check destination IP address
– Discard if it’s not mine• Verify header checksum
• See RFC 1122: Requirements for Internet hosts,esp. Section 3
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 9
10
Q&A
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
IP Address
Before sending anything, you’ll face a simple question:How do we identify communicating peers?
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 11
12
Identifying nodes with IP address
Characteristics of IP address:•It is global: uniquely identifiable worldwide•It is hierarchical: delegated to regional bodies•It has two parts: network identifier and host identifier•It has several types
Type ofaddress
Subspace of addresses thatare hierarchically delegated
Network Host
0xDD0xA3 0x4A 0x7F
163.221.74.127/24
163 221 74 127
Network address : 24bit
Prefix length
e.g. IPv4 address
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
13
IPv4 address space
• Global and unique address space– 232
• Types of addresses– Class A (begins with 0)– Class B (begins with 10)– Class C (begins with 110)– Class D (begins with 1110) – Multicast.
• Unicast address allocation has been delegated to regional entities– RIPE in Europe, APNIC in Asia-Pacific, ARIN in
America
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
Unicast
IPv4 address space: minor exceptionsRFC 1918, RFC 3330
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 14
The Internet Assigned Numbers Authority (IANA) has reserved thefollowing three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)172.16.0.0 - 172.31.255.255 (172.16/12 prefix)192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
0.0.0.0/8 – Addresses in this block refer to source hosts on "this” network. 127.0.0.0/8 – loopback address. A datagram sent by a higher level protocol
to an address anywhere within this block should loop back inside the host.
169.254.0.0/16 – "link local" block. It is allocated for communication betweenhosts on a single link. Hosts obtain these addresses by auto-configuration,
192.0.2.0/24 – "TEST-NET" for use in documentation and example code.Addresses within this block should not appear on the public Internet.
224.0.0.0/4 – multicast address. This block, formerly known as the Class Daddress space, is allocated for use in IPv4 multicast address assignments.
15
Addressing one or more nodes
• Unicast– Point-to-point communication– Specify a source and a destination address
• Broadcast
• Multicast– Transmission to “interested” hosts– Interested hosts join the group
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
16
Broadcast
• Broadcast– Sends data to all hosts on the same datalink
• Broadcast depends on the same capability in datalink– IP broadcast
should be mapped to:– Link-layer broadcast
• Some datalinks don’t support broadcast
– Some hosts may not be hearing you• Offline hosts can’t receive• Receiver may be busy
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
17
Multicast
• Multicast– Group communication; one-to-many or many-to-many
– Membership:• if a host is not a member of the group, it doesn’t receive
packets to the group– membership management– group management
• Well-defined mapping– IP multicast, to– Link-layer multicast
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
IPv6 address space
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 18
Usage Prefix Ratio
Reserved 00000000 1/256...Global Unicast 001 1/8Unassigned 010 1/8Unassigned 011 1/8Unassigned 100 1/8Unassigned 101 1/8..Link-Local Unicast 11111110 10 1/1024Multicast Address 11111111 1/256
Global Unicast: It’s a pretty big address space of 2^30,large enough to accommodate Internet of Things
IPv6 address format
The community has been discussing optimal value of m and n.• RFC 3177 said m = 16• Today: RFC 6177 supersedes RFC 3177, reflecting community
consensus
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 19
Global routing prefix Subnet ID Interface IDn m 128-n-m
RFC 3513 defines address format:
ARIN (American Registry) address allocation policy for end sites:- /64 when it is known that one and only one subnet is needed
(n = 64)- /56 for small sites who need only a few subnets over the next 5 years
(n = 56, m = 8)- /48 for larger sites
(n = 48, m = 16)
20
Bootstrapping with broadcast or multicast
• The single most useful example of broadcast/multicast:Automatic configuration.
A B Ca b c Data-link layer
Network layer
• Bootstrap A:l A → all routers:
“who is router”l R → A:
“your router is R”
Rr
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
21
Q&A
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
Mapping to Datalink
How do we transmit that IP packet on Ethernet, or Wi-Fi?
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 22
Network to datalink: Address Resolution Protocolfor IP version 4
• A → B: “M”– a → all stations: “where is B”– b → a: “B is at b”– a → b: “A → B: “M””
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 23
A B Ca b c Data-link layer
Network layer
RFC 826
Network to datalink: Neighbor Discovery Protocol for IP version 6
• A → B: “M”– A → M(B): “where is B”– B → A: “B is at b”– a → b: “A → B: “M””– M() maps unicast address to solicited-node multicast
address
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 24
RFC 4861
A B Ca b c Data-link layer
Network layer
Network to datalink: the case of bridged networks
• A → C: “M”– a → all stations: “where is C”– c → a: “C is at a”– a → c: “A → C: “M””
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 25
A Ba b
C Dc d
Tt
Data-link layerNetwork layer
Network to datalink: the case of routed networks
• A → C: “M”– a → all stations: “where is R”– r → a: “R is at r”– a → r: “A → C: “M””
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 26
l r → all stations: “where is C”l c → r: “C is at c”l r → c: “A → C: “M””
A Ba b
C Dc d
Rr
Data-link layerNetwork layer
27
Datalink to network layer
• Multiple network layer protocols are multiplexed on a single datalink
• Needed: Multiplexing, de-multiplexing
IPv4 IPv6 ....
Ethernet
IPv4 IPv6 ....
Ethernet Datalink
Network
?
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
28
De-multiplexing with LLC
Source SAP Address Information
1
Control
1 or 2 bytes
Destination SAP Address Source SAP Address
I/G
7 bits1
C/R
7 bits1
I/G = Individual or group addressC/R = Command or response frame
DestinationSAP Address
1 byte
e.g. SAP address :06 IP packetE0 Novell IPXFE OSI packetAA SubNetwork Access protocol (SNAP)
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
29
De-multiplexing with LLC/SNAP
MAC Header FCS
AA AA 03LLC PDU1 1 1
InformationSNAP Header
TypeORG
SNAP PDU
3 2
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
30
A hierarchical perspective
Datalink Layer Datalink Layer
Network Layer
Datalink to Network:
UsingLLC/SNAP
Network to Datalink:
UsingARP (IPv4), ND (IPv6)
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
31
Q&A
• Hands-on Tutorial/Walkthrough
Diving Deeper with (Wire)shark!
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
Debugging IP
How do I know IP is nicely working over given datalink?How do I know the IP address is correct?
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 32
ICMP: internet control message protocol
• Handy for probing the Internetwithout help of transport protocols
• A very simple “debug function” for IP:– Echo request– Echo reply
• Gateways may return diagnostic ICMP messages:• 0 = net unreachable;• 1 = host unreachable;• 2 = protocol unreachable;• 3 = port unreachable;• 4 = fragmentation needed and DF set;• 5 = source route failed.
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 33
RFC 792
34
End-to-end diagnostics with ICMP
• ICMP echo can be used to:– Check if the destination IP is reachable from source– Identify faulty section in the middle
• By obtaining echo replyor other diagnostic ICMP messages
ApplicationPresentation
SessionTransportNetwork
Data LinkPhysical
ApplicationPresentation
SessionTransportNetwork
Data LinkPhysical
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
ICMP message
Groupwork Hands-on
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 35
“easter_challenge”
• Divide into 4 groups• Find the hidden pcap file in the VM provided.• We have injected 4 ‘Easter eggs’ into the packets• A packet has no more than 1 ‘Easter egg’• Analyze the file using Wireshark• You have 20 minutes to consult with you group
members and find the ‘Easter eggs’• Good luck!
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 36
Some tricks in connecting networks
Is it so simple to connect vastly different two networks?
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 37
38
Fragmentation and reassembly:adapting to diverse datalinks
• Datalinks have different MTUs– MTU: Maximum Transmission Unit
• Fragmentation:– Splits packets in order to fit into smaller MTU
• Reassembly:– Assembles fragmented packets at the receiving host
• NOTE: this applies to IPv4 only
MTU = 1520MTU = 9128
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
4500 1500 1500 1500
39
Fragmentation info in IPv4 header
• Flags = {0, MF, DF}• Fragment offset: 13 bits
8 310 4 16
Ver.
Option (if any)
IHL Type ofService Total Length (in Octet)
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
Path MTU discoverymandatory in IP version 6
• Probe MTU for destination• Remember MTU
• Avoid fragmentation in the middle
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 40
RFC 1981
ApplicationPresentation
SessionTransportNetwork
Data LinkPhysical
ICMPpacket too big
90009000 1500
41
Q&A
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved.
Assignment No. 3• Imagine you are a Network Architect in a start-up
network operator (no more than 1000 subscribers) and you have been tasked with building the Physical and Data link infrastructure
• Please build an action plan for building the L1/L2 infrastructure– Build a diagram of the L1/L2 infrastructure– Explain why you chose one technology over another by
highlighting the pro/cons• Report format: [name]-[studentID].pdf• Deadline: April 26, 2017 17:00 JST
2017/4/21 Copyright(C) 2016 Youki Kadobayashi, all rights reserved. 42