DD2395 p2 2011 Introduction to IP networking Olof Hagsand KTH CSC 1
Example: Packet transfer www.server.org •An end host requests a web-page from a server via a local-area network •The aim of this lecture is to give an overview of how this works in practice •So that you can configure packet filters in the ip-tables lab •Some protocols involved: –Ethernet, ARP, IP, TCP, DNS, HTTP 2
Internet architecture: Example Backbone Every routing domain Backbone Provider is independently routers IX IX administrated Regional Provider Internet Service Internet Exchange / Provider Direct connections Internet Service Provider Web-server xDSL Firewall/NAT router Ethernet Home Network Switch Wireless Host Home Network 3
Network example: KTH Intranet 4
Network example: OptoSunet core 5
Netnod aggregated traffic www.netnod.se 6
The Hourglass Model em ail W W W phone... SMTP HTTP RTP... •Anything over IP – IP over anything TCP UDP… •All applications depend on IP •IP runs over all networks IP •IP is at the heart of all communication ethernet PPP… CSMA async sonet... copper fiber radio... From Steve Deering, 2000 7
The TCP/IP stack and OSI ref model L7: Application SMTP HTTP FTP DNS SSH ... L6: Presentation L5: Session TCP UDP SCTP L4: Transport Router ICMP IGMP L3: Network IP ARP Switch L2: Data Link Ethernet PPP WLAN ATM ... L1: Physical 8
Encapsulation User data Include data from higher layer protocols into Appl lower layer protocols Payload L7 header using headers TCP Payload L4 Segment header IP L3 Payload Datagram header Ethernet Ethernet Payload Frame L2 header trailer 14 20 20 4 Ethernet frame 46 to 1500 bytes 9
Link-level example: Ethernet Ethernet frame: DA SA PT Payload CRC 6 6 2 46-1500 4 •Ethernet is an example of a link-level protocol, that uses copper or fiber. WLAN is similar to Ethernet but runs on 'air'. •One important task of the link-layer is framing –'create packets from the underlying physics' •Another is detecting bit errors (cyclic redundancy check) and addressing ('MAC' addresses) •A MAC (IEEE 802) address has a “flat” structure – they cannot be aggregated into more abstract addresses: networks •Typically only requested on a local-area network on a directly connected network –But a “local-area” network can nowadays be very large 10
Ethernet /WLAN communication •Using a link-level protocol, you can now communicate directly over a link 00:1d:e0:08:83:a7 00:16:d3:cc:c0:0d •But what about communicating over several hops? 11
Network layer and IP Host/ Server/ Router End system End system .1 .34 .1 .107 ... Network 1: Network N 192.36.250.0/25 130.237.32.0 /25 ... TCP TCP IP IP IP MAC MAC MAC MAC PHY PHY PHY PHY LAN LAN •The network layer (IP) primarily adds the ability to cross several networks using 'routing' 12
IPv4 addresses •Each interface in an IPv4 Internet is assigned a unique 32-bit internet address –Not node addresses! •An address has two purposes •Address types –Identifier: Uniquely identify a host –Unicast – one-to-one –Locator: Give location of the host –Anycast - one-to-any •It therefore has two parts –Multicast – one-to-many –Netid (prefix) identifies a network –Broadcast – one-to-all –Hostid identifies a node on that network •Address Space •Slash notation: <netid>/<netidlen> –2 32 = 4 294 967 296 –Example: 192.36.120.0/21 •Notation –Dotted-decimal: 192.36.125.18 Netid Hostid 10111101 10111101 10111101 10111101 11000000 00100100 01111101 00010010 192.36.125.18 13
IPv4 address exhaustion •IANA ran out of IPv4 address blocks in February •APNIC (asia) is already empty •RIPE (europe) end of 2011 •ARIN (america) in 2012 •What to do then? •Address translation (NAT) in different and new variants •IPv6! 14
ARP - Address Resolution Protocol •Problem: A source wants to send a packet to an interface on a directly attached broadcast network - we know the IP-address of the destination but not the MAC address. •Idea: Broadcast a request - “On which MAC address can IP-address X be reached?”. –ARP request •The host/router with the destination replies with its MAC address –ARP reply •The source saves the reply in a cache –So you dont need to ask next time 192.36.250.34 192.36.250.1 00:1d:e0:08:83:a7 00:16:d3:cc:c0:0d 15
IPv4 Header 31 0 Type of Total Version HLEN Service length ID Flags Offset 20 TTL Protocol Header Checksum bytes Source IP address Destination IP address Options •Version •Fragmentation •Header checksum •HLEN – Header Length –ID, Flags, Offset •IP Addresses •TTL – Time To Live •Type of Service –Source, Destination –Limits lifetime •Options •Total Length –up to 40 bytes •Protocol –Header + Payload Higher level protocol 16
ICMP ICMP is a limited signalling protocol for IPv4. Report IP problems back to sender – Control and Management – Considered a part of IP, but uses IP for transfers. – Type Message Type Message 3 Destination unreachable 8/0 Echo request/reply 4 Source quench 13/14 Timestamp request/reply 11 Time exceeded 17/18 Address mask request/reply 12 Parameter problem 10/9 Router solicitation/advertisement 5 Redirection 17
Transport layer Provides service to end-applications: ports UDP TCP •Connection-oriented •Packet-oriented •Reliable •Unreliable •Full-duplex •Full-duplex •Data as byte-stream •Data in packets •Mostly used •Real-time traffic •Network-friendly •Reliability in application 18
TCP Connection Establishment Client Server 3-way handshake: SYN seq=x •Guarantees both sides ready to transfer data •Allows both sides to agree on initial SYN seq=y, ACK x+1 sequence numbers Initial sequence number (ISN) must be chosen so that each incarnation of a ACK y+1 specific TCP connection between two end-points has a different ISN. Note: two well-known TCP attacks: - SYN flooding - Sequence number attacks Normally, client initiates the connection 19
TCP end-to-end reliability • Congestion control: Back-off • Flow control : sender shall not when packets are lost in network overrun receiver •Slow-start to quickly reach •Sliding window network capacity •Receiver announces how much •Congestion avoidance to slowly data it can receive using ACKs reach limit •Fast retransmit •Avoid –Dont drop to zero at loss –Stop and go –silly windows Actual window size: min(receive window, congestion window) 20
Sliding window •Receiver: receiver window – acknowledges data sent and what it is prepared to receive •Sender window size opened and/or closed –Receiving an ACK shifts the window by a constant value. •Stop and go: –Send data, wait for ACKs •Silly window: –Send one byte Receive window usable window Segment no 1 2 3 4 5 6 7 8 9 10 11 12 sent and can’t send until window mo ves acknowledged can send ASAP sent, not ACKed 21
Congestion avoidance CW ND size (in segm ents) After timeout • Threshold = ½ current CWND 26 • CNWD = MSS 24 Congestion avoidance 22 Slow start 20 Tim e-out (at cwnd = 20) 18 Threshold = 16 16 14 12 Threshold = 10 10 08 06 04 02 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 No of transm itted segm ents 22
Fast Retransmit and Recovery CWND size (in segments) After 3 duplicate ACKs: • Threshold = ½ current CWND 26 • CNWD = Threshold 24 22 20 18 16 Perform Duplicate ACK Threshold = 16 Cong. Avoid. 14 12 10 Threshold = 10 08 06 04 ACK no 02 1 2 3 4 5 6 7 8 8 8 8 8 8 13 14 15 1 2 3 4 5 6 7 8 9 10 11 8 12 13 14 15 Segment no 23
DNS: Why do we need names? •In the underlying network and transport layers it is all about addresses. Interfaces, TCP, routing, etc. •In IP, names are translated directly to addresses And then we deal with addresses only No names in the network •Why don't we just stick with addresses? •Names are better for humans fe80::216:d3ff:fecc:c00d •Names add another layer of indirection One name can map to several logical addresses One logical adress can map to several names •Names can be used for other things than just addressing load balancing, mail direction, descriptions, finding services, 24
DNS architecture •Names are structured hierarchically - in a tree form •The DNS architecture is client-server Client is called resolver Server is called name server •The resolver queries the nameservers hierarchically Ultimately, you ask one of 13 root name-servers Replies are cached at several places in the system 25
DNS tree . com edu se uk arpa kth co ac ip6 in-addr csc 192 netlab 71 xen 24 5 26
Resolving process Iterative query Query Resolving root Referral to se server . nameserver Query se se Referral to kth nameserver Query kth Query kth nameserver Referral to csc xen.netlab.csc.kth.se Query Client csc csc Stub-Resolver Referral to nameserver Response: netlab 192.71.24.5 Query netlab netlab Response: nameserver 192.71.24.5 Recursive xen query 27
Recommend
More recommend
