NET0183Lec21and22

NET0183 Networks and Communications

Lectures 21 and 22Support Protocols: DHCP and NAT

8/25/2009 1NET0183 Networks and Communications

by Dr Andy Brooks

Lecture powerpoints from the recommended textbook are by Lami Kaya, [email protected] powerpoints are 2009 Pearson Education Inc.Their content has sometimes been edited by Andy Brooks.

8/25/2009NET0183 Networks and Communications

by Dr Andy Brooks2

The recommended textbook is Computer Networks and Internets by Douglas E. Comerhttp://www.coursesmart.com/0136066992/?a=1773944www.pearson-books.com/student (for additional discounts and offers)

2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved. 3

23.10 Protocol Software, Parameters,

and Configuration

When a host or router is powered on, the operating system (OS) is started and the protocol software is initialized.

For a router, the configuration manager loads a saved configuration which specifies initial values for items such as:

the IP address for each network connection

the protocol software to run

the forwarding table

For a host, the configuration process is known as bootstrapping.

A protocol, known as the Bootstrap Protocol (BOOTP), was invented to allow a host to obtain multiple parameters with a single request.

Currently, DHCP is used to take care of most of the configuration.

Cisco IOS Wikipedia 6. mars 2010

4

Cisco IOS (originally Internetwork Operating System) is the software used on the vast majority of Cisco Systems routers and current Cisco network switches. (Earlier switches ran CatOS). IOS is a package of routing, switching, internetworking and telecommunications functions tightly integrated with a multitaskingoperating system. The first IOS was written by William Yeager.

Cisco IOS has a characteristic command line interface (CLI), whose style has been widely copied by other networking products.

NET0183 Networks and Communications by Dr Andy Brooks

8/25/2009


23.11 Dynamic Host Configuration Protocol (DHCP)

BOOTP required manual administration.

DHCP allows a computer to join a new network and obtain an IP address automatically. the concept has been termed plug-and-play networking

DHCP allows a computer to move to a new network and obtain configuration information without requiring an

administrator to make manual changes to a database. Douglas E. Comer



When a computer boots the client computer broadcasts a DHCP Request the server sends a DHCP Reply

DHCP uses the term offer to denote the message a server sends and we say that the server is offering an address to the client

We can configure a DHCP server to supply two types of addresses: permanently assigned addresses as provided by BOOTP or a pool of dynamic addresses to be allocated on demand

Typically, a permanent address is assigned to a server, and a dynamic address is assigned to an arbitrary host.

Addresses assigned on demand are not given out for an arbitrary length of time.

A network administrator specifies the lease time for a dynamic IP address.

Cisco IOS DHCP Serverhttp://www.cisco.com/en/US/docs/ios/12_0t/12_0t1/feature/guide/Easyip2.html#wp4363

7NET0183 Networks and Communications

by Dr Andy Brooks8/25/2009

Dynamic Host Control Protocol (DHCP) enables you to automatically assign reusable IP addresses to DHCP clients. The Cisco IOS DHCP Server feature is a full DHCP server implementation that assigns and manages IP addresses from specified address pools within the router to DHCP clients. If the Cisco IOS DHCP Server cannot satisfy a DHCP request from its own database, it can forward the request to one or more secondary DHCP servers defined by the network administrator.

Figure 1 shows the basic steps that occur when a DHCP client requests an IP address from a DHCP server. The client, Host A, sends a DHCPDISCOVER broadcast message to locate a Cisco IOS DHCP Server. A DHCP server offers configuration parameters (such as an IP address, a MAC address, a domain name, and a lease for the IP address) to the client in a DHCPOFFER unicast message.




Figure 1 DHCP Request for an IP Address from a DHCP Server

The DHCPREQUEST is broadcast so that all DHCP servers know which offer the client has accepted. ( A client can receive DHCP offers from multiple DHCP servers.)




A DHCP client may receive offers from multiple DHCP servers and can accept any one of the offers; however, the client usually accepts the first offer it receives. Additionally, the offer from the DHCP server is not a guarantee that the IP address will be allocated to the client; however, the server usually reserves the address until the client has had a chance to formally request the address.

The client returns a formal request for the offered IP address to the DHCP server in a DHCPREQUEST broadcast message. The DHCP server confirms that the IP address has been allocated to the client by returning a DHCPACK unicast message to the client.

acknowledgement/stafesting




The formal request for the offered IP address (the DHCPREQUEST message) that is sent by the client is broadcast so that all other DHCP servers that received the DHCPDISCOVER broadcast message from the client can reclaim the IP addresses that they offered to the client.

If the configuration parameters sent to the client in the DHCPOFFER unicast message by the DHCP server are invalid (a misconfiguration error exists), the client returns a DHCPDECLINE broadcast message to the DHCP server.

The DHCP server will send to the client a DHCPNAK denial broadcast message, which means the offered configuration parameters have not been assigned, if an error has occurred during the negotiation of the parameters or the client has been slow in responding to the DHCPOFFER message (the DHCP server assigned the parameters to another client) of the DHCP server.

A NAK is a negative acknowledgment from DHCP.



DHCP issues a lease on the address for a finite period. The use of leases allows a DHCP server to reclaim

addresses. When the lease expires the DHCP server places the address back in the pool of available addresses.

When a lease expires, a host can choose to relinquish the address or renegotiate with DHCP to extend the lease. Negotiation occurs concurrently with other activity.

Normally, DHCP approves each lease extension. However, a server may be configured to deny lease extension for

administrative or technical reasons. For example, if leases were not claimed back each time a student laboratory

finishes,after several consecutive laboratories, addresses might run out.

DHCP grants absolute control of leasing to a server. If a server denies an extension request, the host must stop using the address.



End-users whose computers coordinate with a DHCP server to obtain an IP address normally do not need to worry about their IP address expiring.

Note that a client can ask a DHCP server to allocate the previously allocated IP address.


23.12 DHCP Protocol Operation and Optimizations

DHCP includes several optimizing features:

DHCP is designed to insure that missing or duplicate packets do not result in misconfiguration.

If no response is received a host retransmits its request.

If a duplicate response arrives, a host ignores the extra copy.

Once a host finds a DHCP server, the host caches the server's address, making the process of lease renewal

efficient.

DCHP takes steps to prevent synchronized requests by requiring each host to delay a random amount of time

before transmitting a request.

Otherwise synchronized requests could occur if all the computers on a network rebooted at the same time after a power failure.


23.13 DHCP Message Format

DHCP is a modified version of the BOOTP message format.

Figure 23.8 illustrates the DHCP message format OP specifies whether the message is a Request (1) or a Response (2)

HTYPE and HLEN fields specify the network hardware type and the length of a hardware address

HYTPE = 1 for 10Mb Ethernet and HLEN = 6 for 10 Mb Ethernet

HOPS specifies how many servers forwarded the request

TRANSACTION IDENTIFIER provides a value that a client can use to determine if an incoming response matches its request

SECONDS ELAPSED specifies how many seconds have elapsed since the host began to boot

FLAGS specifies whether it can receive broadcast or directed replies

Except for OPTIONS (OP), each field in a DHCP message has a fixed size.


23.13 DHCP Message Format Figure 23.8 The DHCP message format


23.13 DHCP Message Format

Later fields in the message are used in a response to carry information back to the host that sent a request.

If a host does not know its IP address, the server uses field YOUR IP ADDRESS to supply the value.

SERVER IP ADDRESS and SERVER HOST NAME give the host information about the location of a server.

ROUTER IP ADDRESS contains the IP address of a default router.

DHCP allows a computer to negotiate to find a boot image.

To do so, the host fills in field BOOT FILE NAME with a request.

The DHCP server does not send an image. BOOT FILE NAME is used to return the name of the file. A host will use a separate

protocol to download the image (.eg. TFTP).


23.14 Indirect DHCP Server Access

Through a Relay DHCP broadcasts on the local network to find a server.

DHCP does not require each individual network to have a DHCP server.

Instead, a DHCP relay agent forwards requests and responses between a client and the DHCP server.

At least one relay agent must be present on each network and the relay agent must be configured with the address of

the appropriate DHCP server.

When the DHCP server responds the relay agent forwards the response to the client.

It may seem that using multiple relay agents is no better than using multiple DHCP servers.


23.14 Indirect DHCP Server Access

Through a Relay Network managers prefer to manage multiple relay agents

for two reasons:

First, in a network with one DHCP server and multiple relay agents, administration of addresses is centralized into a

single device.

Thus, a network manager does not need to interact with multiple devices to change the lease policy or determine the current status.

Second, many commercial routers contain a mechanism that provides DHCP relay service on all the networks to

which the router attaches.

Relay agent facilities in a router are usually easy to configure and the configuration is unlikely to change.


23.15 Network Address Translation (NAT)

The Internet expanded and addresses became scarce, so subnet and classless addressing (CIDR) were introduced to help conserve addresses.

Another mechanism was invented that allows multiple computers at a site to share a single, globally valid IP address, known as Network Address Translation (NAT).

NAT provides transparent communication. A host in the Internet always appears to receive communication from

a single computer rather than from one of many computers at the site.

NAT runs as an in-line service . It must be placed on the connection between the Internet and the site.

Most implementations embed NAT in another device such as a Wi-Fi wireless access point or an Internet router.


23.15 Network Address Translation (NAT)

Figure 23.9 The conceptual architecture used with NAT.

NAThttp://foldoc.org/nat

21

Network Address Translation

A technique in which a router or firewall rewrites the source and/or destination Internet addresses in a packet as it passes through, typically to allow multiple hosts to connect to the Internet via a single external IP address. NAT keeps track of outbound connections and distributes incoming packets to the correct machine.

NET0183 Networks and Communications by Dr Andy Brooks

8/25/2009


23.16 NAT Operation and Private

Addresses

The goal of NAT is to provide an illusion.

When viewed from the Internet: the site appears to consist of a single host computer that has been

assigned a valid IP address

all datagrams sent from the site appear to originate from one host

and all datagrams sent to the site appear to be sent to one host

When viewed from a host in the site the Internet appears to accept and route private addresses.

A single IP address cannot be assigned to multiple computers. If two or more computers use the same address conflicts arise

because multiple computers will respond to an ARP who has this IP address request.


23.16 NAT Operation and Private Addresses

NAT solves the problem by using two types of addresses.

The NAT device itself is assigned a single globally-valid IP address as if the NAT device were a host on the Internet.

Each computer at the site is assigned a unique private address, also known as a nonroutable address.

Figure 23.10 (below) lists address blocks that the IETF has designated as private.

/x means x is the number of bits in the routing prefix

http://tools.ietf.org/html/rfc1918

24


23.16 NAT Operation and Private

Addresses Private addressing is only used inside a site.

Before a datagram from the site can be allowed onto the Internet, NAT must translate the private IP into a globally

valid IP address.

NAT must translate the globally valid IP address in an incoming packet to a private address before transferring a

datagram to a host at the site.

The basic NAT provides a two-way translation.

the source address translation

as a datagram passes from the site to the Internet and

the destination address translation

as a datagram passes from the Internet to the site



Figure 23.11 Illustration of basic NAT translation that

changes the source address of an outgoing datagram and

the destination address of an incoming datagram.



Most implementations of NAT use a translation table to store the information needed to rewrite addresses.

When a packet is being set out, NAT automatically updates the translation table.

Figure 23.12 (below) shows a translation table that corresponds to the address mapping in Figure 23.11.


23.17 Transport-Layer NAT (NAPT)

Basic NAT handles situations in which each host at a site communicates with a unique server in the Internet.

However, if two hosts at the site attempt to communicate with the same remote server X,

the translation table will contain multiple entries for X

and NAT will not be able to route incoming datagrams

Basic NAT also fails when two or more applications running on a given host at a site attempt simultaneous

communication with different destinations on the Internet.



A variation of NAT, called Network Address and Port Translation (NAPT) avoids such problems.

NAPT allows a site to have arbitrary numbers of applications running on arbitrary hosts, all communicating simultaneously with arbitrary

destinations throughout the Internet.

Note that most networking professionals assume the term NAT means NAPT.

In addition to a table of source and destination addresses, NAPT uses port numbers to associate each datagram with a

TCP or UDP flow.

Applications use protocol port numbers to distinguish between services.

30

http://www.fatpipe.org/~mjb/Drawings/

port numbers Transport Layer protocols such as TCP and UDP specify a

source and destination port number in their packet headers. Port numbers are an abstract set of numbers independent of an

operating system. Operating systems use process identifiers, job names, or task identifiers to refer to processes.

A port number is a 16-bit unsigned integer (0 to 65535). A process associates with a particular port to send and

receive data. The process will listen for incoming packets whose destination

port number and IP destination address match that port. The process will send out packets whose source port number is

set to that port.




by Dr Andy Brooks32

Packet delivered to an abstract port number is delivered to the correct process.

33

http://skogberg.eu/ia/img/protocolStack.png

Two important protocols in the

transport layer are TCP and UDP.



Instead of stopping at the IP-layer, NAPT operates on transport-layer headers.

NAPT entries contain a 4-tuple of source and destination IP addresses and protocol port numbers.

To avoid a conflict when the same port number is used to connect to the same web server, NAPT must choose an

alternative TCP source port.

Figure 23.13 (below) shows one possibility.


23.18 NAT and Servers

A NAT system builds a translation table automatically by watching outgoing traffic and establishing a new mapping

whenever an application at the site initiates communication.

Automatic table construction does not work well for communication initiated from the Internet to the site.

For example, if multiple computers at a site each run a web server, the NAT device cannot know which computer should receive an

incoming web connection.


23.18 NAT and Servers

A variant of NAT called Twice NAT has been created to allow a site to run multiple servers.

When an application on the Internet looks up the domain name of a computer at the site, the DNS server at the site returns the valid IP

address that has been assigned to the NAT device, and also creates

a new entry in the NAT translation table.

The translation table is initialized before the first packet arrives.

Twice NAT can fail e.g.

when a client application uses the IP address directly without doing a domain name lookup

when the client uses a DNS proxy to resolve domain names

proxy serverhttp://en.wikipedia.org/wiki/Proxy_server 7.3.2010

37

In computer networks, a proxy server is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server evaluates the request according to its filtering rules. For example, it may filter traffic by IP address or protocol. If the request is validated by the filter, the proxy provides the resource by connecting to the relevant server and requesting the service on behalf of the client. A proxy server may optionally alter the client's request or the server's response, and sometimes it may serve the request without contacting the specified server. In this case, it 'caches' responses from the remote server, and returns subsequent requests for the same content directly.

proxy serverhttp://en.wikipedia.org/wiki/Proxy_server 7.3.2010

to keep machines behind it anonymous (mainly for security)

to speed up access to resources (using caching)

web proxies are commonly used to cache web pages from a web server

to apply access policy to network services or content

e.g. to block undesired sites

to log usage i.e. to provide company employee Internet usage reporting


by Dr Andy Brooks38

A proxy server has many potential purposes, including:


23.19 NAT Software and Systems for Use at Home

NAT is especially useful at a residence or small business that has a broadband connection

A set of computers can share the connection without requiring the customer to purchase additional IP addresses.

NAT software can make a PC act as a NAT device.

NAT hardware systems are available at low cost.

Such systems are usually called wireless routers.

The terminology is slightly misleading because such routers also provide wired connections.

Figure 23.14 illustrates how such a router is connected.


23.19 NAT Software and Systems for Use at Home

Figure 23.14 Illustration of the connections for a wireless router.

Date post:	24-Sep-2015
Category:	Documents
Upload:	ijazkhan
View:	212 times
Download:	0 times

NET0183Lec21and22

Documents