Technological Prerequisites

8/7/2019 Technological Prerequisites

1/149

CEENET Workshop Budapest 16-26 August 19991

Technological PrerequisitesGeorge Macri

ROMTELECOM S.A.

Romania

5thNetwork Technologies Workshop

.


2/149


2

Technological Prerequisites

Internetworks

Internet Protocols Internet Addresses

Routing

Subneting CIDR


3/149


3

What internetworks are

Start with lots of little networks

Many different types

ethernet, dedicated leased lines, dialup, ATM,

Frame Relay, FDDI

Each type has its own idea of addressing and

protocols Want to connect them all together and provide a

unified view of the whole lot


4/149


4

The unifying effect of the network layer

Define a protocol that works in the same

way with any underlying network

Call it the network layer

routers operate at the network layer

There are defined ways of using: protocol over ethernet, ATM, FDDI

protocol over serial lines (PPP)

protocol over almost anything


5/149


5

The 7 Layer OSI ModelApplicationPresentation

Session

Transport

Network

Datalink

Physical


6/149


6

Protocol Stacks

Layers:

ethernet token ring atm dialup frame relayx.25 hdlc

IP

TCP / UDP

Applications

Network layerTransport layer


7/149


7

Layer Functions

Physical

Data Link

Network

Transport

IP

TCP End to end reliability

Forwarding

best-effort

Packet delivery

Raw signal

Application Mail, Web etc.

Session

Presentation


8/149


8

ISO seven layer model

1: Physical layer

moves bits using voltage, current, light, etc.

2: Data Link layer

bundles bits into frames and moves frames

between hosts on the same link


9/149


9

ISO seven layer model 3: Network layer (e.g. IP)

Makes routing decisions

uses destination address in packet

Forwards packet hop by hop

encapsulates network layer packet inside data link

layer frame

different framing on different underlying network

types

Unreliable

Single address space for the entire internetwork


10/149


10


4: Transport layer (e.g. TCP)

end to end transport of datagrams

encapsulates datagrams in network layer

packets

adds reliability by detecting and retransmitting

lost packets uses acknowledgements and sequence

numbers to keep track


11/149


11


5: Session layer

not used in the TCP/IP network model

6: Presentation layer

not used in the TCP/IP network model

7: Application layer

Uses the underlying layers to carry out work


12/149


12

Layer interaction

Presentation

Session

Transport

Network

LinkPhysical

Link

Network

Physical Physical

Link Link

Network

Transport

Session

Presentation

Application Application

Network


13/149


13

INTERNET PROTOCOLS Internet protocols

can be used for communications between heterogeneous systems;

can be used for communications between systems connected in a LAN;

can be used for communications between systems connected in a WAN;

can be used for communications between a set ofinterconnected networks;

Documents called RFCs (Requests For Comments), which are reviewed and

analyzed by the IETF community; improvements, additions and refinements of

protocols are published in new RFCs (see ftp://ftp.rs.internic.net.,

ftp://ftp.ripe.net/).

Looking at all RFCs, you can see the history of the development of

Internet protocols, people and companies that have contributed to this

TCP and IP are the best known of the Internet protocols and very

often the term TCP/IP refers to the whole family of protocols.


14/149

TCP/IP Modelpplication

P TCP

ICMP IP

P P

atalinkPhysical

Message

Segment

atagram

FrameBit

5

4

3

21


15/149


15

TCP/IP is a 5 Layered model Layers 1 and 2 are not actually defined by

TCP/IP , as TCP/IP was defined to be

independent of physical media .


16/149

Layer 3 is the Internet Protocol(IP) layer

This provides a basic datagram service

ICMP(Internet Control Message Protocol) is

normally provided in this layer

ICMPreports problems in transmission ofdatagrams

ARP(Adress Resolution Protocol)

RARP(Reverse Address Resolution Protocol)


17/149

In layer 4 are 2 possible protocols : TCP(Transport

Control Protocol) and UDP(User Datagram

Protocol) .TCPprovides a reliable service with error correction

and flow control .

The cost of providing a reliable service is more

overhead in connection setup and closedown, processing

power for correcting errors and data transmission, but

some applications need reliability irrespective of cost.

UDPjust extends IPs connectionless datagram serviceto applications that do not require reliability .

UDPdatagrams can be sent to a network without the

overhead of creating and maintaining a connection


18/149


Layer 5 is theApplication layer

This layer provides services suitable for the

different types of application that might wish to

use the network .

It does not provide the application itself .

For example : SMTP , FTP , Telnet ...


19/149


TCP/IP


20/149


Internet Protocols

PPP HDLC SLIP LAPB

Public telephone networkLAN

X.25

Ethernet/IEEE 802.3

ARP RFC 826

IP RFC 791

Telnet

RFC 854

FTP RFC 959

SMTP

RFC 821

SNMP

TCP RFC 793 UDP RFC 768

DNSRFC 1035

NFS RPC

RIPRFC 1058

ICMP

RFC 792

Routing protocolsBGP OSPF IGRP EIGRP


21/149


There is a protocol for mail that defines a set of commands and messages that one machine

sends to the other, for example, a conversation between machines linkguide.ici.ro and mail.iob.ro:

Linkguide: HELO linkguide.ici.ro

Mail.iob.ro: 250 mail.iob.ro - HELO Linkguide.ici.ro

Linkguide: MAIL From:

Mail.iob.ro: 250 MAIL accepted

Linkguide: RCPT To:Mail.iob.ro: 250 Recipient accepted

Linkguide: DATA

Mail.iob.ro: 354 Start mail input; end with ,

Linkguide: Date: Sat, 26 Jul 96 14:23:34 +02

Linkguide: From: [email protected]

Linkguide: To: [email protected]

Linkguide: Subject: heloLinkguide: text of the message

Linkguide: .

Mail.iob.ro: 250 OK

Linkguide: QUIT

Mail.iob.ro: 221 mail.iob.ro Service closing transmission channel

The protocol assumes that we have a reliable way of command and message communication

SMTP mail exchange as an example


22/149


TCP/IP Architecture Terms

FTP server

TCP

IP

Token Ring Driver

FTP client

TCP

IP

Host A Host B

Ethernet Driver

router

IP

eth

drv

t.r.

drv


23/149


Encapsulation

Lower layers add headers (and sometimes

trailers) to data from higher layers

Data

Data

Data

Data

Header

HeaderHeader

HeaderHeader

Header

Application

Transport

Internet

Network Access


24/149


IP Addresses

Purpose

Basic Structure

Network mask

Special addresses


25/149


25

Purpose of an IP address

Unique Identification of

Source

Sometimes used for security or policy-based filtering of

data

Destination

So the networks know where to send the data

Network Independent Format

IP over anything


26/149


26

Basic Structure of an IP Address

32 bit / 4 byte number:

(e.g. 204.152.8.1)

Decimal Representation:

Binary Representation:

152 8 1204

1100110010011000 00001000 00000001


27/149


27

Address Structure Revisited

Hierarchical Division in IP Address:

Network Part (Prefix) describes which physical network

Host Part (Host Address) describes which host on that network

Boundary can be anywhere not necessarily at a multiple of 8 bits

Network Host

205 . 154 . 8 1

11001101 10011010 00001000 00000001


28/149


28

Network Masks

Define which bits are used to describe the

Network Part

Different Representations: decimal dot notation: 255.255.248.0

number of network bits: /19

Binary AND of 32 bit IP address with 32 bitnetmask yields network part of address


29/149


29

Subnetting

One class address (either B or C) space could be too large for a

given organization, or for a certain site of the organization.

Subnetting divides a single network address into many subnet

addresses, so that each subnetwork can have its own unique

address.

A subnet is defined by applying a bit mask (the subnet mask) to

the IP address.

If a bit is 1 in the mask, the equivalent bit in the address is

interpreted as a network bit.

If a bit in the mask is 0, the bit belongs to the host part of the

address.

Ex: mask to divide the 193.226.2.0 address into 4 subnets:

11111111 11111111 11111111 11000000


30/149


30

Example Prefixes

137.158.128.0/17 (netmask 255.255.128.0)

198.134.0.0/16 (netmask 255.255.0.0)

205.37.193.128/26 (netmask 255.255.255.192)

10001001 10011110 1 0000000 00000000

11000110 10000110 00000000 00000000

11001101 00100101 11000111 10 000000

11111111 11111111 1 0000000 00000000

11111111 11111111 11111111 11 000000

11111111 11111111 00000000 00000000


31/149


31

Old-Style Classes of Address Different classes used to represent different sizes of

network (small, medium, large)

Class A networks: x.0.0.0 - 16.777.215 host addresses

8 bits network, 24 bits host (/8, 255.0.0.0)

First byte in range x=1-127

Class B networks: x.y.0.0 - 65.536 host addresses

16 bits network, 16 bits host (/16 ,255.255.0.0)

First byte in range x=128-191 y=0-254 Class C networks: x.y.z.0 - 256 host address

24 bits network, 8 bits host (/24, 255.255.255.0)

First byte in range x=192-223 y,z=0-254


32/149


32

IP Address Structure - Class-full

Network address Host addressAddress format

32 bits

Class A

network=8 bits

Class B

network=16 bits

Class C

network=24 bits

Class D

(multicast)

Class E

(reserved)

0

1 0

1 1 0

1 1 1 0

1 1 1 1


33/149


33

Special Addresses

All 0s in host part: Represents Network

e.g. 193.0.0.0/24

e.g. 138.37.128.0/17

All 1s in host part: Broadcast

e.g. 137.156.255.255 (137.156.0.0/16)

e.g. 134.132.100.255 (134.132.100.0/24)

e.g. 190.0.127.255 (190.0.0.0/17)

127.0.0.0/8: Loopback address (127.0.0.1)

0.0.0.0: Various special purposes


34/149


34

TCP/IP Basics: Physical & Datalink


35/149


35

The Physical and Datalink layer

Ethernet

IEEE and ISO

Token Ring

FDDI

SLIP PPP

ISDN


36/149


36

Ehernet

Network access protocol

The medium for communication between two machines directly connected can be: coax,

twisted cable, telephone link, radio link, satellite link, etc. The lowest layer of protocols

provides functions that manage the data transmission specific to a certain physical

medium.

Classes of links

Point to point

Broadcast

Non-broadcast multi-access

Ethernet/IEEE 802.3 is a coaxial based bus cabling system developed by Digital Equipment

Corporation, Intel, Xerox (DIX)

Ethernet was the technological basis for the IEEE 802.3 specification

Both of them specify the CSMA/CD (Carrier Sense Multiple Access with Collision

Detection), also referred as listen while talk (LWT)

Both are broadcast networks


37/149

Ethernet Topologies

Thick Wire10 Base 5

Transceivers

Thin Wire10 Base 2

Transceivers on

boards in

computers

Twisted Pair

concentrator

On Board

Transceivers

10/100/1000 Base T

Fiber

concentrator

Transceivers

10/100/1000Base F


38/149


38

The Ethernet frame

This Ethernet frame encapsulates theTCP/IP protocol and is responsible for

transporting it across the cabling system to

layer 2 of the destination device , whetherits a Router , Gateway or end node .

8 ctets 6 ctets 6 ctets 2 ctets 46-1500 ctets 4 ctets

Preamble estination address ource address Type ata CRC


39/149


39

MAC addressing The ethernet frame uses addresses referred

to asMAC (Medium Access Control)

MACaddresses identify the specific

network cards

These are 48 bits long

Each network card has a unique address

configured by its manufacturer


40/149

The LAN card will accept only 3 types ofMAC

address .

Unicast- Frames with destination to the exactMACaddress .

Broadcast- Has all 48 bits set to binary 1

(or Hex FF FF FF FF FF FF) .

This type of frame is used when the sender does not

know the destinationMACaddress it tries to

communicate , so we broadcast to all .

Multicast- Addressing to groups of LAN cards thatare related in some way .

The LAN cards have to be configured to know they

are part of a multicastgroup .


41/149


41

The type fieldType rotocol

0x0800 I

0x0806

0x8035

The Type field identifies

different protocols .

A computer running multiple

protocols can easilydifferentiate between them , and

path the contents to the relevant

layer .

TCP/IP Generally uses 3

Ethernet types registered in

IEEE .


42/149


42

CRC - Cyclic Redundancy Check At the end of the frame is a CRC .

This is a 32 bit value that is calculated from all the

bits of the Ethernet frame and its contents , butignoring the preamble and the CRC itself .

The remote node does the same calculation and

compares the CRC .

If the value is different , the LAN card will not pass

the Frame to the network layer .


43/149


43

The service provided by Ethernet The medium access mechanism used by

Ethernet is CSMA/CD (Carrier Sense

Multiple Access with Collision Detection) . This allows nodes on the network to manage

shared access to the cable , but it restricts the

length of the cabling , and the number of nodes

that use it . They are not specific to Protocol , therefore for

TCP/IP .


44/149


44

Ethernet Packet size Minimum packet size - 64 octets

Maximum packet size - 1518 octets

The sizes above include all the frame apart fromthe preamble .

Because of the frame header fields , the CRC and

the overhead of the IP and TCP or UDP higherlayer protocols , the amount left for useful

application data is less then 1518 .


45/149

To give an example :

The Ethernet frame overhead consists of 18

octets and the higher layer protocols often

need 40 octets .

That leaves 1460 (1518-40-18=1460) octets

for application data .


46/149


46

IEEE and ISO systems IEEE 802.3 uses CSMA/CD .

IEEE 802.4 uses a token mechanism on a

bus .

IEEE 802.5 and FDDI (IS9314) use a token

passing mechanism on a ring .


47/149


47

LLC (Logical Link Layer) For LANs , layer 2 is split to 2 sublayers .

The lower is MAC and above we have the

LLC , which has the standard number IEEE

802.2 .

One of the major functions of LLC is to

differentiate between the different types ofnetwork layer protocols , in a similar way to

the type field of Ethernet .


48/149


48

EthernetApplication Application

resentation resentation

ession essionTransport Transport

Net ork Net ork

IEEE 802.2 IEEE 802.2IEEE 802.3 IEEE 802.3


49/149


49

Token Ring


resentation resentation

ession essionTransport Transport

Net ork Net ork

IEEE 802.2 IEEE 802.2IEEE 802.5 IEEE 802.5


50/149


50

FDDI


Presentation Presentation

Session SessionTransport Transport

Network Network

IEEE 802.2 IEEE 802.2

IEEE 802.5 IEEE 802.5

IS 9314 IS 9314


51/149


51

Encapsulation

The type field specifies the upper-layer protocol to receive the data after Ethernet processing is

complete

The CRC (Cyclic Redundancy check) is created by the sender and recalculated by the receiver

The frame length (header, data, and CRC) 64-1518 bytes

Application

TCP

IP

Ethernet E I T Data C

I T Data

T Data

Data

E I T Data C

I T Data

T Data

Ethernet

Ethernet

IP

TCP

Application


52/149


52

The IEEE 802.3 frame The IEEE 802.3 frame has the same general format as DIX Ethernet

(Ethernet_II) frame .

The Type field in Ethernet DIX is the Length field in IEEE 802.3

THE FCS (Frame Check Sequence) is instead ofCRC As there is no Type field , it is not possible to detect which network

layer protocol is carried in the MAC layer

The MAC frame consists of only addresses , length and FCS.

It is the function of LLC to separate the different network layer

protocols .


53/149


53

IEEE 802.3 frame

7 octets 1

octet

6 octets 6 octets 2 octets 4

octets

Preamble Destination

address

Source

address

Length LLC Data FCS

46-1500

Octets


54/149


54

Bridging TCP/IP Bridging between IEEE LANs is often promoted as

transparent to any protocol above the MAC layer .

This will bring expectations that there are no particular

problems with TCP/IP . There are 4 issues that need consideration :

The length field for the 802.3 bus.

Encapsulation on bus networks.

The maximum frame sizes.

The representation of MAC addresses.


55/149


55

Length fields

The IEEE 802.3 CSMA/CD network has a

length field immediately before the LLC .

Other IEEE networks do not .

Bridging will at least involve changing the

content of the frame and recalculating the

FCS .This action will be totally transparent to the

network planners .


56/149


56

Frame size

For TCP/IP , the transmitted frame size is determined by

the Maximum Transfer Unit (MTU) set in the driver

software for the LAN interface .

It is possible on most TCP/IP implementations to modifythe MTU to match the number of data octets carried by

the Link Layer protocol .

Setting the MTUs of each interface on a Token Ring to

1492 will prevent its frames from being to large for

bridging to IEEE 802.3 .

This reduction will limit Token Ring efficiency .


57/149


57

Representation of MAC addresses

The IEEE 802.1 committee defined how LANs should

represent 48 bit MAC addresses as a bit stream on the

cable .

IEEE 802.3 and 802.5 committee chose to represent theseaddresses higher in the protocol .

IEEE 802.3 and 802.5 represent differently the MAC

address .

Bridges now have to be wise and not only reverse the

address but also to calculate the FCS .


58/149


58

Example of vendor-dependant Ethernet addresses

Prefix Manufacturer

00:00:0C Cisco

00:00:95 Proteon

00:00:A2 Wellfleet

00:00:C0 Western Digital

00:AA:00 Intel

02:60:8C 3Comm

08:00:09 Hewlett-Packard

08:00:10 AT&T

08:00:0B Unisys

08:00:20 Sun08:00:2B DEC

08:00:46 Sony

08:00:5A IBM

AA:00:03 DEC

AA:00:04 DEC


59/149


59

TCP/IP Basics: Serial Connections


60/149


60

SLIP - Serial Line Internet Protocol

In some situations , it is advantageous to use

asynchronous Serial lines to carry TCP/IP

protocols , either by : Dialup modems

Modems on private wires

through an asynchronous network Direct connection between 2 computers


61/149


61

SLIP functionality

LAN

Host

Asynchronous

connections

V.24/RS232C

Dialup

modem

link

Modem

link

Direct

connection

PCs

with

SLIP


62/149


62

SLIP frame format

SLIPdefines 2 special characters :

SLIP END - 0xC0

SLIP ESC - 0xDB

Datagrams sent using SLIPare framed SLIP

END characters .


63/149


63

SLIP frame format

0xC0 IP

datagram

0xC0

Data before

SLIP

21 31 32 C0 5F

SLIP detects

C0 and

inserts DB

21 31 32 DB C0 5F


64/149


64

PPP - Point to Point Protocol

PPPcame to overcome a number of limitations

ofSLIP.

PPPhas been designed to operate over both :

asynchronous (start/stop) connections , and bit

oriented synchronous systems .


65/149


65

PPPprovides more then just a simple

connection between hosts .

It also defines several management andtesting functions to deal with line quality ,

option negotiation and the setup of IP

addresses .


66/149


66

The service provided by PPP

PPPprovides a Point to Point connection

between 2 TCP/IP systems for the transfer

of IP datagrams .

PPPcan operate over virtually any serial

link interface .

The only limitation is that it requires a fullduplex connection .


67/149


67

It does not need serial interface control

signals , but the standard recommends it for

performance improvements .

There is no restriction for the speed used for

PPP.


68/149


68

The PPP frame

Flag

01111110

Address

11111111

Control

00000011

Protocol

16 bits

In fo rm a tion FC S

16 bits

Flag

01111110

The address field is all 1s.

The control octet contains the value 0x03.

The protocol field defines the protocol carried by this frame :

Link Control Protocol - 0xC021

Network Control Protocol - 0x8021

Internet Protocol - 0x0021


69/149


69

PPPcan multiplex data from many sources,

which makes it practical for high speed

connections between bridges or routers.


70/149


70

TCP/IP Basics: Network Layer


71/149


71

Why do we need IP protocol layer?

Although the services provided by TCP protocol are needed by many

applications, there are still some kind of applications that dont need

them;

However, there are some services that every application needs.

The services that every application needs are put together into the IPprotocol layer;

IP protocol provides the basic service for the transmission of a

datagram from one machine to another machine which do not need to

be connected directly;

As a result, TCP calls on the services of IP; Like TCP, IP protocol layer can be viewed as a library of routines

that TCP calls on, but which is also available to applications that dont

use TCP


72/149


72

IP - Internet Protocol IP is described as a connectionless datagram service .

Datagrams are packets of information that can be destined for one , many or all

stations (unique , multicast or broadcast) - provide addressing.

There is no requirement for the intended recipient/s to acknowledge whether

the datagram was received (no flow control, no end-to-end data reliability). As IP is connectionless , no specific route is defined between 2 communicating

nodes , so datagrams traveling can travel through different routes and reach

destination in a different order (no sequencing and allow for fragmentation).

One of the major roles of IP layer is to make it unnecessary for higher layer

protocols to understand anything about the physical capabilities of the media

supporting them .Note : This is important for application developers writing programs on top of

the transport layer with no variations because of the different kind of media

used .


73/149

The IP Architecture

Application

P T P

I P IP

A P A P

atalink

Physical

essage

Segment

atagram

Frame

Bit

5

4

3

2

1

( )

( ) ( ) ( )1 0800

8035 0806


74/149


74

Encapsulation

Both the header and data of the IP datagram become the datalink frame

of whichever network they happen to be on.This is called

encapsulation .

Protocol number identifies the protocol in the layer aboveIP to which the data is passed (/etc/protocols)

0 IP pseudo protocol number

1 ICMP

6 TCP

17 UDP


75/149


75

Fragmentation and Reassemble IEEE 802.3 and Ethernet systems have maximum data

sizes of 1492 and 1500 octets respectively .

IEEE 802.5 frames is not defined , but in practice it is

usually no greater then 8192 octets . This size limit seen by IP is known as the Maximum

Transfer Unit (MTU) .

TheMTUcan be adjusted for each interface , but its not

necessary unless bridging different LAN technologies .


76/149


76

IP datagram Formatersion I T Total length

Identi ication Flags Fragment set

TT Protocoleader Checksum

ource IP address

estination IP address

ptions Paddingata

Version - 4 bits Total length - 16 bits


77/149

Version - 4 bits

Version of the IP protocol

Current version is 4

Internet Header Length - 4bits

For easy finding of

beginning of data .

Normally the value is 5

indicated no options are

used .

Type Of Service - 8 bits

The first of 3 bits are used to

indicate 1 of 8 levels ofpriority .

Some Routers Ignore these

flags .

Total length - 16 bits

The total length of the IP datagram

The size of data is computed from

the total length field and IHL . Identification - 16 bits

This is an integer value used to

help identify all fragments of a

datagram .

This field is unique for each new

datagram .

Flags - 3 bits Time To Live (TTL) - 8 bits


78/149

Flags - 3 bits

The 2 low order bits are

used as flags to control

fragmentation .The low order bit , if 0 ,

indicates the last fragment

of a datagram - MF (More

Flag) .

The middle bit is used toindicate that the datagram

should not be fragmented -

DF (Do not Fragment) .

Fragment Offset - 13 bitsUsed in a fragmented

datagram to indicate the

position that the fragment

occupies .

Time To Live (TTL) - 8 bits

This prevents datagrams to get

routed in a loop .

If its set to 0 , a router shoulddiscard the datagram .

The recommended value is 32 ,

but it can be set to a maximum of

255 too .

Protocol - 8 bits

The transport layer protocol

carried by this datagram .

It tells the IP layer where to path

the datagram .17 - UDP

6 - TCP

1 - ICMP


79/149

Header checksum - 16 bits

It protects only the header and not the data .

The reason is because the checksum must be

recalculated every time it passes through a router .

Other parameters change too .

Source IP address - 32 bits

Destination IP address - 32 bits

Data variable

This includes the headers of higher layer protocols and

users data .


80/149


80

Routing IP Datagrams

Target Internet

H

H

G

G

N

N

N

G

Source

Where do I send

that datagram?


81/149


81

IP Routing

SubNet

Direct

Connection

local host

same subnet

default gateway

local host

default gateway local hostsame subnet

next-hop

Subnet

Default

Gateway


82/149


82

IP algorithm

1. Search the routing table for an entry that matches the

complete destination IP address (network ID or host ID). If

found, send the packet to the indicated next-hop router or

to the directly connected interface. (second interface orppp)

2. Search the routing table for an entry that matches just the

destination network ID. If found, send the packet to the

indicated next-hop router or to the directly connectedinterface. (local networks)

3. Search the routing table for an entry labeled default. If

found, send the packet to the indicated next-hop router


83/149


83

ARP - Address Resolution Protocol

If we wish to connect to a remote computer we must

know its IP address , but we do not need to know its

MAC address . ARPwas invented for this reason .

It relates IPs to MAC addresses only on media that

supports broadcasts .

Each node maintains a cache called theARPcache ,which holds a table of IPs against MAC addresses .


84/149


84

How ARP works

When IP is requested to send a datagram to

another IP address , it first looks in theARPcache

to find the corresponding MAC address .

If there is no entry it then attempts to look for itusingARP.

In order to do thisARPsends anARPrequest

datagram to all LAN cards using a broadcastaddress .

ARP uses its own Ethernet type 0x0806 for these


85/149

ARPuses its own Ethernet type 0x0806 for these

requests , so they are passed to theARPsoftware

in all nodes within the broadcast area .

All cards on a network read this request datagram

and any that discover a match between their IP

and the requested IP reply with anARPresponse .

If a response is received , the answer is entered to

theARPcache for future use .

If none is received , the request is repeated .

ARPdatagrams are not passed through routers , as a routeroperates at the IP layer and will not relay MAC broadcast

traffic .

This makes routers a good buffer between broadcast domains

and prevent flooding networks .


86/149


86

ARP commands

arp command can be used to display the content

of the ARP table;

Formats: arp -a ! displays all the entries in the ARP table;

arp ! displays the entry for

specified

arp -d ! deletes an entry for arp -s ! adds a new entry


87/149


87

RARP - Reverse ARP RARPis intended for use with devices that cannot store

their IP address , usually diskless workstations.

RARP, likeARP, operates directly over the datalink layer

and has an Ethernet type 0x8035 . Nodes acting asRARPservers that find a match for the

MAC address in theirRARPtables will reply with the

corresponding IP address in aRARPresponse .


88/149


88

This system requires that at least one server

is present and that the server has a table

defining which IP addresses should be usedby each MAC address .


89/149


89

ICMP - Internet Control Message Protocol

Even though IP is a datagram service and

there is no delivery guarantee , ICMPis

provided within IP and can generate errormessages regarding datagram delivery .

ICMPuses IP datagrams to carry its

messages back and forth between relevantnodes .


90/149


90

ICMPerror messages are generated by a

node recognizing there is a transmission

problem and they are sent back to theoriginating address of the datagram that

caused the problem .


91/149


91

rame header rame data

I header I data

Type Code


92/149


92

General format of ICMP message

Type (8): specifies the type of ICMP message

Code (8): used to specify parameters of the message that can be encoded in a few bits

Checksum (16): checksum of the entire ICMP message

Parameters (32): used to specify more lengthy parameters

Information (variable):provides additional information related to the message

ECHO and ECHO REPLY - mechanism for testing if communication is possible between two

entities. A host can send the ICMP ECHO message to see if a remote IP is up and operational.

When a system receives an echo message, it send the same packet back to the source host in an

ICMP ECHO REPLY message. The ping command uses this message.

A TIME EXCEEDED message is sent by a gateway if the ttl value of a datagram expires

(becomes zero). This facility is used by the traceroute command.

Type (8 bits) Code (8 bits) Checksum (16 bits)

Parameters (32 bits)

Information (variable)


93/149


93

Type field 0

3

4

5

8 11

12

13

14 15

16

17

18

Echo reply

Destination unreachable

Source quench

Redirect

Echo requestTime exceeded for datagram

Parameter problem on datagram

Time stamp request

Time stamp replyInformation request

Information reply

Address mask request

Address mask response

Message Type


94/149


94

The ping command

ping

it is a simple function, extremely useful for testing the network connection;

it allows the network administrator to determine whether further testing should be directed

toward the network (the lower layers) or the application (the upper layers)

if ping shows that packets can travel to the destination system and back, the problem is probably

in the upper layers

If packets cant make the round-trip, lower protocol layers are probably at fault

Basic format

ping [] []

The host name or IP address of the remote host being testyed.

Defines the size in bytes of the test packets. This field is only required if the

count field is going to be used. Default packet size is 56 bytes.

The number of packets to be sent in the test. Default number is usually 5.

ping example


95/149


95

ping example

Examples

#ping ftp.ripe.net

info.ripe.net is alive

# ping -s ftp.ripe.net 100 10

PING info.ripe.net: 100 data bytes

108 bytes from info.ripe.net (39.13.5.97): icmp_seq=0. time=1070. ms








----info.ripe.net PING Statistics----

8 packets transmitted, 8 packets received, 0% packet loss

round-trip (ms) min/avg/max = 980/998/1070


96/149


96

traceroute - Tracing routes

is the program that can help the network administrator locate the

problem when something is down between the local host and a

remote destination

traces the route of UDP packets from the local host to a remote

host

prints the name (if it can be determined) and IP address of each

gateway along the route to the remote host

uses two techniques: small ttl values and invalid port number


97/149


97

traceroute - Tracing routesOperation

traceroute sends out 3 UDP packets with ttl value set to one

the first gateway decrement ttl and gets the value zero.

The first gateway will send back to the source host an ICMP TIME EXCEEDED

message as error message

traceroute displays one line of output for each gateway from which it receives anICMP TIME EXCEEDED message

traceroute will then increment by one the ttl value and sends again 3 UDP packets

the flow of packets tracing to a host three hops away is illustrated below

When the destination host receives a packet from traceroute, it returns back an ICMP

Unreachable Port message. This happens because traceroute intentionally uses an

invalid port number (33434) to force this error.

When traceroute receives the Unreachable Port message, it knows that it has

reached the destination host, and it terminates the trace.

In this way, traceroute is able to develop a list of the gateways, starting at one hop

away and increasing one hop at a time, until the remote host is reached.


98/149


98

traceroute example

# traceroute ftp.ripe.net

traceroute to info.ripe.net (39.13.5.97), 30 hops max, 40 byte packets

1 agsici1.ici.ro (192.162.16.25) 20 ms 10 ms 0 ms

2 Vienna-EBS1.Ebone.NET (192.121.159.97) 870 ms 870 ms 870 ms3 Paris-EBS2.Ebone.net (192.121.156.17) 900 ms 890 ms 890 ms

4 Stockholm-ebs.ebone.net (192.121.154.21) 920 ms 930 ms 960 ms

5 Amsterdam-ebs.Ebone.NET (192.121.155.13) 970 ms 990 ms 970 ms

6 Amsterdam.ripe.net (193.0.15.130) 1000 ms 970 ms 970 ms

7 info.ripe.net (39.13.5.97) 1040 ms 970 ms 990 ms

Flow of traceroute packets


99/149


99

Flow of traceroute packetsping program First router Second router Third router

decrements ttl to 0

return error TIME EXCEEDED

ttl=1

ttl=2

ttl=3

decrements ttl to 1

forward

decrements ttl to 0return error TIME EXCEEDED

decrements ttl to 2

forward

decrements ttl to 1

forward

received at destination

port unreachableReturn error port unreachable


100/149

ICMPhas its own IP protocol number (1) so

the IP layer knows when it receives them. Even though ICMPuses the IP layer, it is

considered as being within IP, because it does

not necessarily provide any service to the

layers above.


101/149


101

ICMP types 0 and 8 - echo

The most common ICMPmessages used for

diagnostics are type 0 and 8.

These are generated byPing.Pingsends ICMPtype 8 datagrams to a node

and expects an ICMPtype 0 reply, returning

the data sent in the request.


102/149


102

ICMP echo datagram (0 or 8)

Type Code Checksum

Identifier Sequence number

Optional data


103/149


103

Note : How can Ping generate ICMP echo requests ifICMP

does not provide a service to Ping ?

A Ping implementation does not use ICMP to generate the

request.It merely mimics whatICMP would do as a program that

operates over the IP layer.

Ping generates an IP datagram with a data field that

equates toIC

MP echo request (protocol number1

and thefirst octet of data is 8 - ICMP echo request).

It then adds the rest of the fields including the data

pattern that it expects to be echoed.


104/149


104

ICMP type 3 - destination unreachable

If a router is unable to deliver a datagram, it

can return the destination unreachable

ICMPdatagram to indicate why. The code field is used to identify the cause

of failure.

The values in the code field help to pinpointthe reason for the datagram failure to arrive

its destination.


105/149


105

ICMP type 3 - Destination Unreachable

Type Code Checksum

Unused (must be 0)

Internet header +64 bits of datagram prefix


106/149


106

Code value

0 Network unreachable

1 Host unreachable

2 Protocol unreachable

3 Port unreachable

4 Fragmentation needed and

the do not fragment bit set

5 Source route failed

Meaning

If a router is unable to deliver a datagram , it can


107/149

g ,

return the destination unreachable ICMP

datagram to indicate why . Network unreachable - The network specified in the IP

address cannot be found .

The IP address and routing tables should be checked .

This error message is only generated by a router .

We can find where the error occurred , from the source

address in IP header that carried the ICMP message .

Host unreachable - The datagram reached the router

which is directly connected to the destination network,but failed to communicate with the host.

This message is generated by a router only .

Protocol unreachable - The datagram reached the

d ti ti h t b t th ti l t l i d i


108/149

destination host , but the particular protocol carried in

the datagram is not available .

Port unreachable - A host sends the message that theparticular application layer service is not available .

Fragmentation needed and the do not fragment bit set -

Normally comes from a router , indicating that it needs

to fragment the datagram , but is instructed not to by

the do not fragment (DF) bit in the flags field of the IP

header .

This fault is uncommon , DF is normally used on

diskless workstations booting via TFTP .

TFTP has only 512 octets of user data .

Check MTU size .

Source route failed - If we specified a route and

h d f il d l h


109/149

the datagram failed to complete the route , we

will get this error .

The point of failure will be the router thatgenerated the ICMPmessage .


110/149


110

ICMP type 4 , code 0 - Source Quench

The format of the datagram is the same as

destination unreachable , but with a type of 4 and

a code of 0 .

Source quench gives a router or a host the ability

to request that a source of datagrams will slow

down .

Source quench will occur if a node is running lowon buffer resources and is unable to process

datagrams quickly enough .


111/149

If you dont slow

down , your datagrams

will be discarded .


112/149


112

ICMP type 5 - route change request

It is used only by routers .

A router that knows that it is not the optimum

router for a particular destination , uses the relevant

field of a route change request to suggest a more

suitable router . Type Code Checksum

Internet address of a more suitable router

Internet header +64 bits of datagram prefix


113/149


113

ICMP type 11 - time exceeded for datagram

The format is the same as destination unreachable .

It can be sent in 2 situations :

From a router - Indicating that the TTL in the IP header

has been decremented to 0 .

It indicates that the original Time To Live was not

suitable to the number of hops needed .

From a node - An attempt to recreate the originaldatagram by reassembly of fragments failed .

The code value is 1 .


114/149


114

ICMP type 12 - Parameter problem message

Indicates that a wrong argument has been used with anoption field in the IP header .

It can also indicate an error in the implementation of IP .

Its sent only if the datagram has been discarded .

The pointer field indicates the position of the octet

position of the suspect field . Type Code Checksum

Pointer nused (must be 0)

Internet header 64 bits of datagram prefix


115/149


115

ICMP types 13,14 - Time stamp request & reply

This message is used to obtain the time

from a clock in a distant machine .

It is rarely used today .


116/149


116

ICMP types 15,16 - information request

This message is used to obtain the network

number of the requesting host if its

unknown . It can be used in dial in systems using SLIP,

as a method for allocating the appropriate

network addresses for each end of the link .


117/149


117

ICMP types 17,18 - Address mask request

Used to allow a node to discover the subnet

mask of the network it is connected to .

The node can send the request to a knownaddress or to broadcast .


118/149


118

Transport Protocol Ports

Port 0 - Special use

Ports 1 - 255 - Well-known ports

Ports 256 - 1023 - Reserved ports

Ports 1024 - 4999 - Dynamic client ports

Ports 5000 - 65,535 - Fixed server ports

The address of an

application within a host ApplicationApplicationApplication

Application

HOST


119/149


119

User Datagram Protocol

Connectionless delivery service

Uses the IP layer service

Does not add reliability to the IP protocol Enables distinguishing among multiple

destinations within a host computer

End point


120/149


120

UDP Protocol Header Format

UDP Source Port UDP Destination Port

UDP Message Length UDP Checksum

Data

0 16 31

Fragmentation

What if the packet size is larger then 1500?

It is divided to 1500xN frames.

fragmentation flags are set


121/149


121

Flow using Datagrams (UDP)

Server

socket()bind()

Client

socket()

sendto()/recvfrom()

closesocket()

sendto()/recvfrom()

closesocket()


122/149


122

Transmission Control Protocol

Connection based communication

Uses the IP layer service

Provides reliable service

Enables distinguishing among multiple

destinations within a host computer


123/149


123

TCP - Transmission Control Protocol

TCP is the protocol layer responsible for making sure that the commands and messages

are transmitted reliably from one application program running on a machine to another

one on the other machine

A message is transmitted and then a positive acknowledgement is being waited for

If the positive acknowledgement does not arrive in a certain period of time, the message

is retransmitted

Messages are numbered in sequence so that no one is being lost or duplicated;

Messages are delivered at the destination in the same orderthey were sent by the

source

If the text of a mail is too large, the TCP protocol will split it into several fragments

called datagrams and it makes sure that all the datagrams arrive correctly at the other

end where they are reassembled into the original message

The TCP protocol layer provides all the functions that are needed for manyapplications and it is better to put them together on a separate protocol rather than

being part of each application

TCP can be viewed as forming a library of routines that many applications can use

when they need reliable network communication with an application on another computer

TCP provides also flow control and congestion control


124/149


124

TCP Protocol Format

Source Port Destination Port

Sequence Number

Acknowledgment Number

Checksum (16) Urgent Pointer

Options(If any) Padding

Data (variable length)

0 4 10 16 24 31

Offset Reserv Flags(6) Window (16 bits)


125/149


125

Establishing and closing TCP Connections

Three-way

handshake

Close

timeSYN

ACK

SYN+ACK

Open

FIN

ACK

ACK

FIN


126/149


126

Sliding Windows

Positive

acknowledgment

with retransmission

Sliding windowtransmission

time

segment 1

segment 2

ack1

ack2

segments

acks

1 2 3 4

1 2 3 4


127/149


127

Application Addresses: Sockets

On a network server, normally several application programs are running at the same time:

FTP server, telnet server, mail server, www server, gopher server, etc.;

TCP must know to whichprogram to deliver the received message;

If you want to connect to the FTP serverit is not enough to know the IP address of the server, you

have to specify that you want to talk to the FTP server program;

This is done by having the well-known sockets - TCP ports - (see the file /etc/services on a

UNIX machine):

In a file server session, e.g., two different applications are involved: FTP server and FTP client

The client program gets commands from the user and passes them to the FTP server program;

There is no need for the client FTP program to use a well know socket number, because nobody

is trying to find it, as opposed to the FTP server program which have to have a well-known

socket number, so that people can open connections to it and start sending commands;

The client FTP program asks the network software to assign it a port number that is guarantee

to be unique, for example 1236 if that number was free;

A connection is identified by four numbers:

connection 1: 192.162.16.2, 1236 193.230.3.120, 21

connection 2: 192.162.16.2, 1237 193.230.3.120, 21

Two connections are different if at least one number is different


128/149


128

Application Addresses: Sockets

Socket = IP address + port #

Physical AddressIP Address

Port

Address

Port

Address

App 1 App 2

Physical AddressIP Address

Port

Address

Port

Address

App 1 App 2Message

Segment

DatagramFrame


129/149


129

Well-known TCP ports

21 - FTP server

23 - telnet server

25 - SMTP mail server 53 - domain nameserver

109 - POP2 server

110 - POP3 server


130/149


130

Flow using Streams (TCP)

Server

socket()bind()

listen()

accept()

send()/recv()

closesocket()

Client

connect()

send()/recv()

closesocket()

socket()


131/149


131

ROUTING

The source and the destination hosts are on the same LAN

There is no decisions for routing;

The packet is transmitted on the cable (coax, twisted cable, optical fiber);

Every computer connected to the LAN will receive it.

That computer which finds that the destination Ethernet address in the header is equal to

his Ethernet address will get the message, the others will discard it.

Note that the address of each computer on the LAN begins with the same network

number

Routing table for host A:

NETWOR GATEWA INTER ACE

192.162.16 none eth


132/149


132

Example of complex configurationA .1 D.4

.1

.2

.1

G.4

.2

.1

H

IJ

.2

K

.3

L

.4

.5

.1M

.2N

192.162.16.

193.230.3.

193.230.4.

193.230.5.

193.230.6.backbone

network with

Internet

connectivity

eth0

ec0

ec

0

eth0

eth0

sl0

sl0

sl0

Routing tablesnet gw int.

M: 193.230.5 none eth0

193.230.6.2 sl0

193.230.4 193.230.5.1 eth0

193.230.3 193.230.5.1 eth0

192.162.16 193.230.5.1 eth0

default 193.230.6.2 sl0

I 193.230.5 none eth0

193.230.4.1 sl0

193.230.3 193.230.4.1 sl0

192.162.16 193.230.4.1 sl0

default 193.230.5.5 eth0

H 193.230.3 none ec0

193,230.4.2 sl0

192.162.16 193.230.1 ec0

default 193.230.4.2 sl0

A 192.162.16 none eth0

default 192.162.16.4 eth0

sl0

ec

1


133/149


133

Routing table initialization and updating

Initialization of routing table

Normally at startup time by executing script command files;

Static routes

route add

route add 192.162.16.0 192.162.16.4 1

route add 193.230.3.0 192.162.16.4 1

route add default 192.162.16.4 1

netstat -rn displays the routing table on a UNIX machine

Static routes have the disadvantage that they do not adapt to the changes in the network

topology

Dinamic routing protocols are run to update the routing table so that they reflect the changes in

topology

Router classes

dedicated routers - special purpose equipment

Cisco, Wellfleet, Proteon, Telebit

cheap router sollution: - public domain software for PCs

ka9q, PCROUTE, Linux, Free BSD, etc.


134/149


134

Routing protocols Types of routing protocols

Interior Gateway Protocol (IGP): RIP, IGRP, OSPF, Hello

Exterior routing Protocol (EGP): BGP, EGP

AS1AS2

EGPIGP

IGP


135/149


135

Autonomous System Number

An Autonomous System Number (AS) is a set of routers under a single

technical administration, using an interior gateway protocol and an

exterior gateway protocol to route packets to other ASs.

An AS is a connected group of IP networks run by one or more network

operators which has a single and defined routing policy. AS number is a 16 bit number (65535 unique AS numbers).

It is a finite amount of address space.

Sometimes, the term AS is misunderstood and used for grouping

together a set of prefixes which belong under the same administrative

umbrella.

AS number are assigned by RIPE in Europe

E l f ti


136/149


136

Example for routing

EBONE EUROPANET

Access to Internet

National

Network

BGP4BGP4

IGRPstatic IGRP

IGRPIGRP


137/149


137

CIDR - Classless Inter-Domain Routing

Internet Service Provider

Internet

193.230.0.0193.230.1.0 193.230.02.0

193.230.3.0

00000000 000000001110011011000001

network host

1110011011000001 00000001 00000000

00000000000000101110011011000001

11000001 1110010 00000011 00000000

Prefix HostClassless representation

Class-full representation

193.230.0.0

193.230.1.0

193.230.2.0

193.230.3.0

customers


138/149

IPng Features/Functionality


139/149


139

IPng Features/Functionality

Expanded Address Space

Autoconfiguration

Real-time/Multimedia support

Integrated Security support

IPv4 IPv6 Transition Strategy

IP Version 6 So whats really changed ?!


140/149


140

IP Version 6 - So what s really changed ?!

IHL Type of Service

Options

Total

Length

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source Address

Destination Address

Padding

Priority Flow Label

Payload Length Next Header

Version

Version

IPv4 Header:

IPv6 Header:

Hop Limit

Address spacequadrupled to 16 bytes

Fixed Length(optional headers daisy-chained)

No Check sum(Done by Link Layer)

No hop-by-hop

segmentation(Path MTU discovery)

Flow Label/Priority(Integrated QoS support)

Source Address

Destination Address

IPv6 Autoconfiguration


141/149


141

IPv6 Autoconfiguration

StatefulDHCPng

Addressing Lifetime Facilitates graceful renumbering

Addresses defined as valid, deprecated or invalid

StatelessHost autonomously configures

its own address

Link Local Addressing

(single subnetscope, formed fromreservedprefixandlinklayer

address)

SUBNET

PREFIX

SUBNET PREFIX + MAC

ADDRESS

SUBNET PREFIX + MAC

ADDRESS

IPv6 Real Time/Premium Services support


142/149


142

IPv6 Real Time/Premium Services support

Flow based, defines flow labeland priority

Can be combined with Source Routing header options

Integration with Tag Switching/MPLS:

Insertion into IPv6 Flow Label Field:- Version Flow Label

Tag

CoS

(Reference/DraftRFC:- draft-baker-flow-label-00.txt)

IP 6 Sec rit


143/149


143

IPv6 Security

IPSec Architecture

Export restrictions recently relaxed

Authentication - MD5 based Confidentiality - DES

Encrypt entire datagram or IP payload

Retain existing use of (packet filtering based)firewalls

IP 6 T iti St t A h


144/149


144

IPv6 Transition Strategy - Approaches

DRIVER

IPv4 IPv6IPv4 IPv6

APPLICATION

TCP/UDP Hosts - Dual Stack

(IPv6 API defined)

Networks - Tunneling

More efficient than building new IPv6 topology

DATA

DATA

Transport LayerHeader

Transport LayerHeader

IPv6 Header

IPv6 Header IPv4 Header

IP 6 T li


145/149


145

IPv6 Tunneling

Network Address Translation IPv4 IPv6

IPv6Driver

IPv6 IPv6 IPv6

IPv4 BackboneIPv4

IPv6

Driver

IPv4

Configured tunnels - manual point-2-point links

Automatic tunnels - via IPv4 compatible IPv6 addresses(96 bits of zeros prefix - 0:0:0:0:0:0/96)

Instrumental in building existing 6-Bone(http://www.6bone.net)

IP 6 R ti


146/149


146

IPv6 Routing

Hierarchy is key

Test address space allocation available:- (RFC1897)

Registry ID ProviderID SubscriberID Subnetwork ID Interface ID

5 bits 16 bits 24 bits 16 bits 48 bits

Existing routing protocols extensions forIPv6RIPv6 - Same destination/mask/metric information as RIPv2

Multiprotocol BGP4+ - Currently Draft

Integrated IS-IS - 20 byte NSAP support facilitates IPv6 address/routing

EIGRPv6 - Reflects Ciscos future proofing commitment

OSPFv3 - Packet formats changed to reflect 128 bits

Neighbour Discovery - dynamic host routerCombination of ES-IS, ARP and ICMP Redirect

IPv6 Current Status Standardization


147/149


147

IPv6 Current Status - Standardization

Several key components now Standards/ProposedStandards

Basic Specification Neighbor Discovery

RIP/OSPF ICMPv6/IGMPv6

Issues remaining open

Addressing Registries Interoperability

DH

CPIPv6 over all media

Extension Headers

IP 6 C S C /V d


148/149


148

IPv6 Current Status - Customers/Vendors

Request forIPv6 support

Academic Community

ISP

Enterprise

Vendor support:- (the usualsuspects!)

BAY Networks Cisco

DigitalIpsilon

Merit Telebit

3Com

Apple FTP Software

Hitachi

IBM

Linux NRL

Siemens Nixdorf Sun etc.

REFERENCES


149/149

REFERENCES

Christian Huitema, Routing in the Internet, Prentice Hall, ISBN 013-132192-

7, 1996

Kevin Dowd, Getting Connected, Internet at 56K and Up, OReilly &

Associates, Inc., Bonn, 1996

Booktexts of Network Technology Workshop, National Network Management

Track, Honolulu, June 1995 Craig Hunt, TCP/IP Network Administration, OReilly & Associates, Inc.,

Sebastopol, 1993

Internetworking Technology Overview, Cisco Systems, Inc., 1993

Booktexts of the 4th Network Seminar and Intensive Course for Scientists and

Network Managers from Central Europe, Feb. 1993, Vienna University

Computer Center

E. Comer, Internetworking with TCP/IP, Vol I, Principles, Protocols and

A hit t P ti H ll E l d Cliff N J 1991

Date post:	08-Apr-2018
Category:	Documents
Upload:	alok-gupta
View:	222 times
Download:	0 times