Network-Layer: IPv4 (Internet Protocol) RFC 791. Key Functions of the Network Layer Global Addressing Routing Fragmentation and reassembly. - презентация

1 Network-Layer: IPv4 (Internet Protocol) RFC 791

2 Key Functions of the Network Layer Global Addressing Routing Fragmentation and reassembly

3 IP in TCP/IP Stack Media Access Control (Ethernet, Token Ring, FDDI, X.25, PPP, etc.) User Datagram Protocol (UDP) RFC 768 ~ connectionless transport ~ Transmission Control Protocol (ТСP) RFC 793 ~ connection-oriented transport ~ Upper-Layer Protocols ~ such as SNMP, telnet, FTP, HTTP, POP3, etc. ~ Upper Transport Network Data Link ARP Internet Control Messaging Protocol (ICMP) RFC 792 Internet Protocol version 4 (IPv4) RFC 791 RARP

4 Уникальная адресация допускает связь между конечными станциями Выбор пути основан на местоположении (location) Местоположение представлено адресом UNIX Host Company A Company B Introduction to TCP/IP Addresses Internet

5 IP Addresses IP адрес – логический адрес (не физический, как MAC!) Каждый узел должен иметь уникальный IP адрес Выделением IP адресов в глобальном адресном пространстве занимается ICАNN (Internet Corporation for Assigned Names and Numbers), в регионах RIR (Regional Internet Registry, существует 5 штук). Россия относится к региону RIPE NCC - независимая некоммерческая организация для Европы, которая поддерживает инфраструктуру Интернет посредством технической координации. Подробнее 32 bits Decimal: Binary: HEX: C Е. 28 IP адрес включает network ID и host ID

6 IP Address Classes 1 – 126 Range of first octet:

7 Special adresses network address (адрес сети) limited broadcast (пакет с таким адресом назначения должен рассылаться всем узлам, находящимся в той же сети, что и источник этого пакета) broadcast (пакет, имеющий такой адрес рассылается всем узлам сети с заданным номером) Loopback interface: – Network Network

8 Broadcast Addresses (Directed broadcast) (Local network broadcast) X

9 Private networks A: B: – C: – Reserved for automatic private addressing (DHCP): –

10 NAT: Network Address Translation Обоснование: локальная сеть использует один внешний адрес для работы с внешним миром: –Нет необходимости в аренде большого количества адресов у провайдера для каждого устройства –Можно легко переходить на работу с другим провайдером, без переконфигурирования LAN –Безопасность: устройства внутренней сети не адресуются (не видимы) снаружи.

11 NAT: Network Address Translation S: , 3345 D: , : host sends datagram to , 80 NAT translation table WAN side addr LAN side addr , , 3345 …… S: , 80 D: , S: , 5001 D: , : NAT router changes datagram source addr from , 3345 to , 5001, updates table S: , 80 D: , : Reply arrives dest. address: , : NAT router changes datagram dest addr from , 5001 to , 3345

12 IP Addressing: Solutions Subnetting Variable Length Subnet Mask (VLSM) Supernetting Classless InterDomain Routing (CIDR)

13 Network prefix and extended network prefix

14 Subnetting Граница подсети может приходиться на любой из 32 бит в IP адресе Задается маской подсети / network + subnet host This network Directed broadcast Netmask

15 Network Addressing without Subnets

16 Network Addressing with Subnets / / / /24

17 Decimal Equivalents of Bit Patterns = = = = = = = =

18

19 IP addressing: CIDR Classfull addressing: неэффективное использование адресного пространства CIDR: Classless InterDomain Routing –сетевая часть адреса может быть произвольной длины –address format: a.b.c.d/x, где x – задает число бит в адресе, относящихся к NetworkID network part host part /23

20 Hierarchical addressing: route aggregation Send me anything with addresses beginning / / / /23 Fly-By-Night-ISP Organization 0 Organization 7 Internet Organization 1 ISPs-R-Us Send me anything with addresses beginning / /23 Organization Иерархическая адресация позволяет эффективно анонсировать маршрутную информацию: Провайдеры ISPs-R-Us имеют детальную информацию о своем внутреннем распределении адресного пространства по организациям

21 CIDR Безклассовая междоменная маршртизация (Classless Inter-domain Routing) Использует агрегированную (supernetting) информацию на роутерах Позволяет анонсировать меньшее число CIDR блоков Уменьшает размер и сложность маршрутных таблиц

22 IP Datagrams

23 IP packet structure 16-bit total packet length 16-bit identification TOS 4-bit ver 4-bit IHL 13-bit Fr offset flags 3-bit DATA Header checksumTTLProtocol Source address Destination address Options (+padding) Version.Current protocol version is 4. IHL - IP header length. IHL is quantity of 32-bit words in IP header. This field has 4-bit length => maximum header length is 60 bytes TOS - type of service contain of a 3-bit precedence bits (ignored), 4 TOS bits, and unused bit which must be 0. 4 TOS bits: minimize delay maxm,ize throughput maximize reliability minimize monetary cost Only 1 of these 4 bits can be turned on TPL - total packet length is total IP packets length in bytes. Then maximum length of IP packet is bytes. IDENTIFICATION - this field is used when IP need fragment fatagrams. Identification identifies each datagram and is incremented each time a datagram is sent Well see meaning of this field when we talk about fragmentation FLAGS and FRAGMENT OFFEST see also when we talk about fragmentation

24 IP packet structure DATA 16-bit total packet length 16-bit identification TOS 4-bit ver 4-bit IHL 13-bit Fr offset flags 3-bit Header checksumTTLProtocol Source address Destination address Options (+padding) TTL - time-to-live sets an upper limit of routers through which a datagram can pass. This field is decremented each time when datagram pass the router. When this field became 0 a datagram is dropped by router and ICMP message is sent to datagrams sender PROTOCOL - this field identifies DATA portion of datagram (which protocol is encapsulated into IP datagram). HEADER CHECKSUM is calculated for IP header only. SOURCE and DESTINATION addresses is senders and receivers IP addresses. OPTIONS is a variable-length field which contain some options. Well discuss some of them later. The option field always end on a 32-bit boundary. PAD bytes (value is 0) are added if necessary. DATA is data.

25 Options (Variable length) type : fc Flag copy indicates whether (1) or not (0) the option field is to be copied when the datagram is fragmented. class0 control 1 reserved 2 debugging and measurement length Counts the length (in bytes) of the option, including the type and length fields. option data Contains data relevant to the option. 0 End of option list. (class0) 1 No operation. (class0) 3 Loose source routing. (class0) 4 Internet time stamp (class2) 7 Record route. (class0) 9 Strict source routing. (class0) option number

26 Options, detail Record route (number 7, class0) Strict source routing (number 9,class0) Loose source routing (number 3, class0) Internet time stamp (number 4,class2) flag: 0 Time stamps only, stored in consecutive 32-bit words. Pointer+4 1 Each time stamp is preceded by the IP address of the registering module. Pointer+ 8 2 The IP address fields are pre-specified, and an IP module only registers when it finds its own address in the list. time stamp: A 32-bit time stamp recorded in milliseconds since midnight UT (GMT)

27 Key Functions of the Network Layer Global Addressing Routing Fragmentation and reassembly

28 Network-Layer Protocol Operations X Y A BC Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical A B C X Y Network Data Link Physical Network Data Link Physical Network Data Link Physical

29 Functions of a router

30 Processing an IP datagram in an IP module

31 Ethernet and loopback device drivers

32 IP reframing (forwarding) Destination MAC Source MAC Type 0x0800 DATA IP datagram CRC Packet:

33 Routing table (Examples) UNIX: Destination Gateway Genmask Flags Metric Iface U 0 eth U 0 eth U 0 eth U 0 lo UG 0 eth0 Win2000: Network Destination Netmask Gateway Interface Metric

34 Правила маршрутизации Поиск совпадающего адреса хоста. Поиск совпадающего адреса сети. Поиск пункта по умолчанию.

35 Routing Algorithm Extract destination IP address, D, and compute the network prefix, N 1.If N matches direct network connection Then resolving D to a MAC address, encapsulating the datagram, and send it 2.Else if host-specific route found Then send the datagram 3.Else if entry exists for network N, send it 4.Else if entry exists for default route, send it 5.Else routing error

36 Routing table: sources Initialization of interfaces in process of the booting /8 Directly connected network Default Or re-configure of the interface #ifconfig eth netmask broadcast up Static routes #route add –net netmask eth1 C:>route add mask metric 1 if 2 ICMP-redirects Dynamic routes on router only; from routing daemon (routed, gated, zebra, etc); routing protocols RIP,OSPF, etc

37 Gateway Redirect ICMP: Internet Control Message Protocol Dynamic host route entry added to senders route table / /24 Router #1 Ping Router #2 Internet IP datagram 1 IP datagram 2 IP datagram 1 ICMP Redirect route add -host gateway

38 Routed versus Routing Protocol Routed protocol used between routers to direct user traffic Examples: IP, IPX Routing protocol used only between routers to maintain tables Examples: RIP, OSPF, BGP Network Protocol Destination Network Protocol Name Exit Port to Use

39 Key Functions of the Network Layer Global Addressing Routing Fragmentation and reassembly

40 IP Fragmentation & Reassembly different network links have different MTU (Max. Transfer Unit) large IP datagram divided (fragmented) within net –one datagram becomes several datagrams –reassembled only at final destination –IP header bits Identification used to identify, order related fragments fragmentation: in: one large datagram out: 3 smaller datagrams reassembly MTU Ethernet Hader IP HeaderTCP HeaderDATAEternet Trailer MSS

41 Fragmentation: IP Header 16-bit: Identification3-bit: Flags13-bit: Fragment offset 0DFMF Identification: A unique number assigned by the sender to aid in reassembling a fragmented datagram. Fragments of a datagram will have the same identification number. Flags: 0 Reserved DF Don't Fragment: 0 means allow fragmentation, 1 means do not allow fragmentation. MF More Fragments: 0 means that this is the last fragment of this datagram, 1 means that this is not the last fragment. Fragment Offset: Used with fragmented datagrams, to aid in reassembly of the full datagram. The value is the number of 64-bit (8-byte) pieces (header bytes are not counted) that are contained in earlier fragments. In the first (or only) fragment, this value is always zero.

42 IP Fragmentation