ipv4 (part iii)4 network address translation (nat) nprivate network ngood practice to use private...
TRANSCRIPT
1
IPv4 (Part III)
รศ.ดร.อนันต์ ผลเพิ/ม
Asso. Prof. Anan Phonphoem, [email protected]
http://www.cpe.ku.ac.th/~ananComputer Engineering Department
Kasetsart University, Bangkok, Thailand
Jan 2020
2
Outlinen IP Fundamental Operationn Internet Protocoln Addressingn Supporting Protocol
n ARPn ICMP: ping + tracerouten NATn DHCP
3
Network Address Translation (NAT)
4
Network Address Translation (NAT)
n Private Networkn Good practice to use private address
n Map local addresses to (real) public IP address(es)
n Security (not expose internal details)n Alleviate IP depletion
5
Private IP address
Class RFC 1918 CIDR prefixA 10.0.0.0 – 10.255.255.255 10.0.0.0/8
B 172.16.0.0 – 172.31.255.255 172.16.0.0/12
C 192.168.0.0 – 192.168.255.255 192.168.0.0/16
6
Stub Networkn Operates at the border of a stub network
7
ADSL Router
WLAN ADSL Router
Stub Network Example ADSL Connection
ADSL Modem InternetISP
Telephone Line
ADSL Modem
ADSL Modem
8
NAT
“One” or “Pool” of IP addresses
Example
9
Internet
Site using private addresses
172.18.3.1
172.18.3.2
172.18.3.20
Source: 172.18.3.1 Source: 200.24.5.8
Destination: 200.24.5.8Destination: 172.18.3.1
200.24.5.8172.18.3.254
10
Configure NAT
n Static Translationn Dynamic Translation
11
Static Translation
12
Dynamic Translation
Many-to-one Mapping ???Many inside IP à one outside IP
13
PAT: Port Address Translation (Overloaded NAT)
14
PAT
179.9.8.80
15
Disadvantages of NAT
n Delayn Loss of end-to-end abilityn Might not work with some applications
16
Outlinen IP Fundamental Operationn Internet Protocoln Addressingn Supporting Protocol
n ARPn ICMP: ping + tracerouten NATn BOOTP/DHCP ß Application Protocol
17
Bootstrap Protocol (BOOTP)
18
BOOTPn RFC951 (Sep 1985) for RARP
replacementn Diskless terminaln Discover its own IP addressn Download executable image filen Small program built in chip
n BOOTH and TFTPn Application Protocol
n Encapsulated in IP and UDP
http://www.davewentzel.com/sites/default/files/vt510.jpg
19
TCP/IP Protocol Suite (Internet Model)
Applications User service and interface5
Transport Process delivery + Error (TCP/UDP)4
Network Packet end-to-end (across network)3
Data Link2
Physical (mechanical and electrical spec)1
Provide framesNode-to-node (same network segment)Transmission bit streams
Move packets from source to destination
Reliable end-to-end (whole message)
20
TCP/IP protocol Suite
Application
TCP UDP
IP
Datalink
Physical
21
BOOTP packet format
22
Operation
23
Dynamic Host Configuration Protocol (DHCP)
24
DHCP
n BOOTP Enhancementn RFC 1531 (Oct 1993 – 8 yrs. After BOOTP)n Same message structure as BOOTPn Can choose among many DHCP servers
25
DHCP packet
26
Operation
CIADDR : Client IP AddressGIADDR: Gateway IP AddressCHADDR: Client Hardware Address
27
DHCP Message
28
DHCP transition diagram
29
DHCP Relay
Gateway
192.168.1.0
192.168.2.0
30
DHCP Relay
Gateway
192.168.1.0
192.168.2.0
31
Summaryn IP Fundamental Operationn Internet Protocoln Addressingn Supporting Protocol
n ARPn ICMP: ping + tracerouten NATn BOOTP/DHCP ß Application Protocol
Homework
32
1. Find out an application (e.g. games) does not work with NAT ? Please explain why.
2. According to DHCP, identify one problem/attack that might occur.
Note:• Reference• ~2 pages (1 page for each problem)