1
IPv4
PROTOCOL – ADDRESSING – DEPLOYMENT – MOBILITY
IPv4 (Review)Connectionless
Best effort delivery
Transport independent
VERSION HEADER LENGTHTOS/DS TOTAL LENGTH
IDENTIFICATION FLAGS FRAGMENTATION OFFSET
TIME TO LIVE PROTOCOL CHECKSUM
SOURCE ADDRESS
DESTINATION ADDRESS
Fixed header
Options (optional)
Data payload
2
IPv4 HeaderVersion
Header length
TOS/DS
Total length
Identification
Flags
Fragmentation offset
Time to live
Protocol
Header checksum
Source address
Destination address
OptionsSome available optionso Strict source routing
o Loose source routing
o Record route
o Time stamp
Options are rarely used
Options are often blocked
Strict source routingo Source specifies exact path
through network
o Great for troubleshooting
o A security risk
Loose source routingo Source specifies nodes the
datagram must pass through
o Great for troubleshooting
o A security risk
3
Source routingSender decides route
+ Sender can pick path with specificproperties
+ More predictible performance
- Sender must know network
- Bad response to failure
- Difficult to load balance
Network decides route+ Responds well to topology change
+ Relatively simple to implement
+ Can load balance over multiple network paths
- Unpredictible performance
- Difficult to ensure specific pathproperties (e.g. QoS)
Loose Source Routing UsesCheck return patho traceroute –g DEST ME
Detect packet snifferso ping –g HOST SNIFFER
192.0.1.4
192.0.1.5
ICMP ECHO
TO: 192.0.1.4LSR: 192.0.1.5
4
Attacker192.6.1.8
Trusted server147.12.1.6
Victim
Spoof 147.12.1.6LSR: 192.6.1.8
Loose Source Routing AbusesImplementations that reverse the source route makes spoofing easy
Gain access to private networks
10.0.1.5
147.12.1.1
To: 10.0.1.5LSR: 147.12.1.1
IP Addressing
5
IPv4 AddressesFive address classes:o A – 16 million addresses
o B – 65000 addresses
o C – 255 addresses
o D – Multicast groups
o E – Reserved
Prefix determines classo 0 – Class A
o 10 – Class B
o 110 – Class C
o 1110 – Class D
o 11110 – Class E
Addresses are all the sameo No address classes
o No fixed network boundaries
Explicit netmasko Determines network size
o Determines address prefix
Addresses are attached to interfaces
Special addresses
Multicast groups224.0.0.0/4
Network interconnect benchmark testing
192.18.0.0/15
6to4 Relay Anycast192.88.99.0
Test-Net192.0.2.0
RFC1918172.16.0.0/12
Link local addresses169.254.0.0/16
Loopback127.0.0.0/8
Public-data networks14.0.0.0/8
RFC191810.0.0.0/8
”This network”0.0.0.0/8
6
Sidebar: InterfacesLink-level endpoint
Has network addresso Multiple IP addresses
o Multiple protocols
Loopback interfaceo For local traffic
Send IP packet
INPUT QUEUE
ENQ
UEU
E
DEQ
UEU
E
Sent toLoopback?
Broadcast orMulticast?
ETHERNETSEND
ETHERNETRECEIVE
Sent to IFaddress?
NO
NO
NO
YES
YES
YES
Receive IP packet
ETHERNET INTERFACE
CIDR NotationA.B.C.D/Lo A.B.C.D – IPv4 Address
o L – Prefix length
The prefixo Long prefix: more networks
o Short prefix: larger networks
o Corresponds to the netmask
Examples
130.236.178.12/32o A single address
130.236.178.0/24o Network with 255 addresses
130.236.0.0/16o Network with 65k addresses
o An old class B network
130.128.0.0/12o Network with 1M addresses
o Aggregate of 16 old class B networks
7
Try it out!What is the netmask ofo 130.236.0.0/16
o 112.54.67.0/28
o 54.128.0.0/9
How many hosts ono 212.112.0.64/28
o 64.128.0.0/9
o 122.14.68.12/30
o 130.236.189.0/31
What prefix lengtho 255.255.255.0
o 255.255.192.0
o 255.252.0.0
What the…o 0.0.0.255
o 0.3.255.255
Addressing PtP LinksUse /30so Safe but wastes space
Use unnumbered interfaceso Special-case management
o Not always available
Use /32so Tricky to manage correctly
o May introduce new problems (e.g. no broadcast)
Use /31so Requires some configuration
o Standard and portable
112.
212.
6.34
/31
112.212.6.35/31
112.212.6.34/31
Broadcast:255.255.255.255
8
IANA allocates blocks (usually /8s) to regional registries (RIRs)RIRs allocate blocks to national and local registries (NIRs and LIRs)NIRs and LIRs allocate (mostly PA) addresses to end users
Address Allocation
Other networksOther networksI can reach8.6.3.0/24
I can reach8.6.3.0/24
PI and PA addressesMultihomingo Better reliability
o Better performance
Two kinds of addresseso Provider independent
o Provider aggregableQwestQwestTeliaNetTeliaNet
I can reach8.6.3.0/24
I can reach8.6.3.0/24
I can reach8.0.0.0/8
I can reach8.6.3.0/24
Using provider independent addressesUsing provider aggregable addresses
9
Aggregation and subnettingSubnetting
Creating more but smallernetworks by extending the prefix
Exposes internal details of the network
Aggregation
Creating fewer but largernetworks by shortening the prefix
Hides internal details of the network
Reduces global routing tablesize
Subnetting example (basic)
192.0.2.0/26
192.0.2.128/26
192.0.2.64/26
192.0.2.192/261 1
1 0
0 1
0 0192.0.2.0/24
10
Subnetting example (VLSM)
192.0.2.64/26
192.0.2.0/27
192.0.2.128/25
192.0.2.32/27
0 1
1
0 0 0
0 0 1
192.0.2.0/24
Aggregation exampleCombine networkso A shorter prefix covers more
networks than a longer one
What about holes?o If you own the space – OK!
o If you don’t – be careful
192.0.2.64/26
192.0.2.0/27
192.0.2.128/25
192.0.2.0/24
11
Explicit Congestion Notification
Dealing With CongestionEnd-to-end (e.g. IP)
No support for congestioncontrol in the network layer
Congestion is inferred from other events
Network assisted (e.g. ATM)
Explicit network layer support for congestion control
Congestion can be managed
ACTIVE QUEUE MANAGEMENT
12
Queue managementTail drop
Drop packets when queuebecomes full
Problems
Queues remain full
Global synchronization
Random Early Drop
Drop packets when queue is getting full
Problems
Increases jitter
Fairness issues in TCP
Tuning issues
ECN: Detect, Don’t DropNew field in IP headero Low two bits of TOS
o Four ECN codepoints
New flags in TCP headero Explicit Congestion Echo
o Congestion Window Reduced
DSCP ECN
Not-ECT 0 0ECT(1) 0 1ECT(0) 1 0CE 1 1
FIN
SYN
RST
AC
K
UR
G
ECE
CW
R
PSH
IP Header
TCP header
Reserved
13
ECN in TCPPerformance
Fairness issues
Improves goodput
Tuning issues
Deployment
Broken firewalls
Anternateimplementations CWR
Router
ECT CE
ECE
Mobile IP
14
Mobile IPMobility
Moving between networks
Not the same as portability
Examples
Working from a hotel
Roaming between WLANs
Alternative to VPNs
Mobile node
Home Agent
Foreign Agent
Correspondent Node
Internet
172.16.0.0/24
Care-of address: 172.16.0.23Home address: 130.236.189.65
Home Network130.236.189.0/24
Mobile IP ComponentsMobile Node (MN)
The entity that moves between networks
Has a permanent home address in its home network
Home Agent (HA)Router on home network
Binds home address with care-of address
Forwards packets to MN
Mobile node
Home Agent
Foreign Agent
Correspondent Node
Internet
172.16.0.0/24
Care-of address: 172.16.0.23Home address: 130.236.189.65
Home Network130.236.189.0/24
15
Mobile IP ComponentsForeign Agent (FA)
Router on foreign network
MN registers with FA on attach
MN sends/receives via HA through FA (FA de-capsulates)
Care-of Address (COA)Address of MN in foreign network
Sent by FA to HA when MN registers
Often address of FA
Mobile node
Home Agent
Foreign Agent
Correspondent Node
Internet
172.16.0.0/24
Care-of address: 172.16.0.23Home address: 130.236.189.65
Home Network130.236.189.0/24
Mobile IP Support ServicesAgent discovery
MN must discover FA or HA in current network
FA and HA broadcast their presence
Uses ICMP Router Discovery Protocol (IDRP)
RegistrationWhen MN is not at home it registers its COA with its HA
Registration request
Registration request
Internet
Registration reply
Registration reply
Home Agent
16
Mobile IP TablesHome Agent
Mobility Binding Table
Binds home address to COA
Foreign AgentVisitor List
Identifies visiting mobile nodes
Maps MNs home address to its HA and MAC address
195192.0.2.1130.236.189.66
181172.16.0.23130.236.189.71
200172.16.0.23130.236.189.65
LifetimeCOAHome Address
312
181
200
Lifetime
0:2c:…8.23.122.18.23.122.121
0:2c:…130.236.189.1130.236.189.71
0:8:…130.236.189.1130.236.189.65
MACHome AgentHome Address
Mobile IP RoutingTriangle routing
MN sends packets using home address
Traffic to MN is sent to HA
o HA encapsulates and sends packets to FA
o FA de-capsulates and sends packets to MN
Mobile node
Home Agent
Foreign Agent
Correspondent Node
Internet
172.16.0.0/24
Care-of address: 172.16.0.23Home address: 130.236.189.65
Home Network130.236.189.0/24
17
Mobile IP Routing
MN CN
MN CN
CN MN
SRC DST
CN MNHA COA
MN CN
1
2
3
4
5
Mobile IP ConcernsPacket filtering
BCP is to not allow outbound traffic from non-local sources
Foreign network firewalls
SecurityRegistration and authentication
PerformanceWhat if FA and CN are close, but HA is a long way off?
ReliabilitySingle HA is vulnerable
Mobile node
Home Agent
Foreign Agent
Correspondent Node
Internet
172.16.0.0/24
COA: 172.16.0.23HA: 130.236.189.65
Home Network130.236.189.0/24
18
Route OptimizationIPv4
Direct notification of CN
CN tunnels to MN
Issues
What if MN moves?
Security
MN
HA
FA
CN
Internet
Home Network
Binding update
Binding request
Binding warn
ing
Binding acknowledge
Mobile IPChallenges
Smooth handoffs
Route optimization
Security
Qualit of Service
IPv6
Additional mobility support
Supports route optimization
Supports smooth handoffs
Still a research area
19
IP Implementation Issues
FragmentationIdentificationo Which IP datagram is this?
Flagso Are there fragments?
o May I fragment you?
Fragmentation offseto Which fragment is this?
IDENTIFICATION FLAGS FRAGMENTATION OFFSET
Fragmentation is needed when the datagram is larger than the pathMTU.
Fragmentation is an integral part of IP.
20
Reassembly of fragmentsID: 131Flags: MFOffset: 0Length: 100IP
HEA
DER
ID: 131Flags: MFOffset: 200Length: 100IP
HEA
DER
ID: 131Flags: Offset: 300Length: 45IP
HEA
DER
REASSEMBLY BUFFER
Reassembly of fragmentsID: 131Flags: MFOffset: 0Length: 100IP
HEA
DER
IP H
EAD
ER
ID: 131Flags: Offset: 300Length: 45IP
HEA
DER
REASSEMBLY BUFFER
ID: 131Flags: MFOffset: 50Length: 200
21
Ping of DeathCreate IP datagram larger than65535 bytes
Some IP implementationswould crash during reassembly
Fragment 1o Size: 65500 bytes
o Offset: Zero
Fragment 2o Size 2048 bytes
o Offset: 65500 bytes
Offset: 0Length: 65500IP
HEA
DER
Offset: 65500Length: 2048IP
HEA
DER
REASSEMBLY BUFFER
So what?Unspecified border caseso Different implementations
behave differently
o Some implementations don’t behave well at all
Deployment issueso Failure to communicate
Security issueso Direct attacks
o Information gathering
Other examples
Reassembly timeouts (IP)
ID field generation (IP)
Retransmission timeouts (TCP)
Overlapping segments (TCP)
Initial window size (TCP)
ISN generation (TCP)
Query ID generation (DNS)