Routing, reminder • Forward IP packets between networks according to destination Practical Networking 2 • Part of the IP implementation • Can be done statically or dynamically Based on Elisheva Alexander (eli7@cs.huji.ac.il) tirgul from sysp2001 Routing, reminder Routing, reminder • Special kind of routing • Routing can be complex! – Choose better route for high priority packets – Which is the best path – Queue packets according to priority – Avoids loops – This provide limited QoS! – Routing table is smaller then the internet – According to source • Hosts, network with higher priority – According to type • Usually telnet needs high latency, low bandwidth • Usually ftp needs high bandwidth high latency Routing Static Routing, reminder • The routing we will be doing is very simple, static • Looks at packet destination & go through the routing table: routing according to routing table • If an entry exists for destination in the routing table … • Routing is done by the kernel – If gw is defined in entry route to gw (recursively) • User interface – Otherwise send out proper interface – Configured by ioctl(2) to a routing socket • Otherwise if an entry exists for a network that includes (PF_ROUTE) destination … – route(8) – If gw is defined in entry, route to gw (recursively) – Otherwise send out proper interface • Enabling IP forwarding: • Otherwise if a default entry exists (destination 0.0.0.0) … – FreeBSD IP forwarding is not enabled by default – Send to the default gw – This is a kernel parameter • Finaly: – sysctl(8) modifies kernel parameters at runtime – Drop packet & perhaps send an ICMP back 1
Routing table example 10.1.0.3/16 zelda • Machines – Modem DSL interface and Ethernet interface – Carl, the big evil pentume with two Ethernet 10.0.0.1/16 10.1.0.1/16 interfaces eth0 eth1 DSL INET – Pizi and Zelda, hosts on the internal network carl hub • Networks modem 10.0.0.138/16 – DSL 132. pizi – DMZ 10.0/16 Internal DMZ network – Internal 10.1/16 10.0/16 10.1/16 10.1.0.2/16 netstat(8) to view routing table Doing the routing (not finished) • Carl does static routing. • An IP packet from pitzi is sent to www.cs.huji.ac.il – packet forwarding must be enabled • Note: netstat on FreeBSD prints the actual • Source – 10.0.1.2 routing table. Pretty messy. • Destination 132.65.80.39 • Carl looks for the destination in the routing table: Packets coming back to pitzi from route(8) not finished www.cs.huji.ac.il • An IP packet from www.cs.huji.ac.il returns • Manipulate the routing table to pizi – Route [delete|get|add] [-net | -host] destination • Source – 132.65.80.39 destination – gateway [netmask] 10.0.1.2 • Needs root privileges (in order to open a • Carl looks for the destination in the routing routing socket) table: • Examples is there a 10.0.1.2 entry? no is there a 10.0.1.0/255.255.255 entry? yes! we can reach that network via eth1! 2
Routers can handle some errors MTU problems in routing • Zelda sends an IP packet to pitzi via carl • Modem has two interfaces • Perhaps zelda’s aRP cache maps pitzi’s IP number to carl by – eth0 with MTU 1500 connected to carl mistake! • Perhaps zelda’s routing table sends packets to pitzi via carl – ppp1 with MTU 1400 connected to DSL source 192.168.0.3 destination 192.168.0.2 • Lets say carl sends a packet of size > 1400. carl looks for the destination … Modem should: is there a 192.168.0.2 entry? No is there a 192.168.0.0/255.255.255.0 entry? No – Either fragment the IP packet so it fits on the link layer is there a 192.168.0.0/255.255.0.0 entry ? Yes! – Or at least tell carl to lower the MTU we can reach that host via eth1! • Modem is not smart, and decide just to drop the • But the packet came on that wire: packets – Carl may send an ICMP redirect bark • Problem!!! – Carl may forward the packet anyway – Carl can do whatever it wants Solving the MTU problem Routing Diagnostic tools • In order to get around this we would want • traceroute(8) – print the route packets take to: to network host carl > ifconfig mtu 1400 eth0 • Uses UDP packets and utilizes IP’s ttl field • Carl is smar enough! • Elicits an ICMP TIME_EXCEEDED – Doesn’t drop the packets > 1400 it gets from response from each gateway along a path eth1 – Takes care of them properly What Traceroute Traceroute output • Send a UDP packet with ttl 1 mos24:~> traceroute www.tau.ac.il traceroute to mondrian.tau.ac.il (132.66.16.6), 30 hops max, 38 byte packets • Our host’s gateway will send and ICMP 1 router-160 (132.65.160.1) 0.597 ms 0.405 ms 0.378 ms TIME_EXCEEDED back to us 2 cc-cs.huji.ac.il (132.64.252.25) 0.318 ms 0.258 ms 0.217 ms 3 cisco101-103-2.huji.ac.il (132.64.252.41) 0.348 ms 0.319 ms 0.280 ms • Send a UDP packet with ttl 2 4 gw-huji.huji.ac.il (128.139.226.1) 1.945 ms 1.220 ms 1.643 ms • Our packet will pass our gateway lowering it’s ttl 5 gp1-huji-cel.ilan.net.il (128.139.193.1) 6.645 ms 5.797 ms 6.228 ms 6 tau-gp1-fe.ilan.net.il (128.139.191.69) 6.818 ms 7.162 ms 5.880 ms • Have an ICMP TIME_EXCEEDED sent from the 7 * * * following hop or time out (and print a *) 8 * * * 9 * * * • This till we (hopefully) 10 * * * – reach our destination and get an ICMP “port 11 * * * unreachable” 12 * * * 13 * * * – Or till we reach the maximum ttl 3
mtr(8) Routers are hard workers! • Where is it done? • Ping can also be used to find problems on • User space the way to a host – Dynamic routing (routed, gated, zebra) – Routing algorithms • Mtr(8) combines the capabilities of ping – Changes in the routing table – Load balancing queuing and traceroute – Special routing decisions – according to source content • The Kernel • E.g. you can see exactly where the packet – Static routing – pretty simple – Just check the routing table, perhaps do link layer stuff (ARP) loss occurs • Hardware – Once an initial connection is established – trivial – The need for speed, MBONE • Different routers do different things – many times done in all three! Routers don’t do all the work Reminder, Transport Layer • There are many other machines that help • TCP, Transmission Control Protocol get your data from here to there! – Reliable, flow-controlled, two-way transmission • We will see that later – Simulates a connection: client server module • UDP Unreliable Datagram Protocol – Unreliable, connectionless, lightweight – Speed is more important then correctness or reliability • Real time communication VoIP, talk telnet Multiplexing • telnet – user interface to the TELNET protocol • telnet <host> <port name or number> • Many applications want to communicate on one • Usful for debugging TCP Protocols machine – telnet www.microsoft.com http • A connection is defined by a unique quadruple • Talk RAW http with a web server • <source IP, source Port, dest IP, dest Port> – telnet pop.cs.huji.ac.il 110 • A returning connection may just swap the source and • Check your mail anywhere • Of course you can use the default telent port (23) destination • Ports – telnet gw.cs.huji.ac.il – UDP and TCP do not share ports • Lets you log into the university – telnet towel.blinkenlights.nl – Privileged ports (<1024) can only be opened by root – Well known ports can be found in /etc/services • Shows you a nice movie 4
The Net Cat, a swiss army knife of Sending email with telnet the transport layer telnet cse 25 • nc(1) – arbitrary TCP and UDP connections and 220 cs.huji.ac.il welcomes you to the wonderful world of ESMTP (but NO UCE please) mail from: lior listens 250 OK rcpt to: lior • Used for just about anything under the sun 250 Accepted data involving TCP or UDP 500 unrecognized command data 354 Enter message, ending with "." on a line by itself • Can open TCP connections, send UDP packets Hi, This is a test message . • Listen on arbitrary TCP and UDP ports 250 OK id=1BWuPY-000BVg-Qb quit • Port scanning 221 cs.huji.ac.il closing connection • Source routing Connection to host lost. • Scripts nicely C:\Documents and Settings\lior> Netcat examples nc is great and wonderful! • Copy file/dir • Simple TCP proxies – nc -l -p 1234 | uncompress -c | tar xvfp - • Shell-scripts based HTTP client and – and then on the other side – tar cfp - /some/dir | compress -c | nc -w 3 othermachine 1234 servers • Port scanning • Network daemon testing – echo QUIT | nc -v -w 5 target 20-250 500-600 5990-7000 • Performance testing • Source routing based connectivity testing – yes AAAAAAAAAAAAAAAAAAAAAA | nc -v -v -l -p 2222 > /dev/null • More! – yes BBBBBBBBBBBBBBBBBBBBBB | nc othermachine 2222 > /dev/null Packet sniffers Promiscuous mode • Applications that listen to the network and • Promiscuous mode capture the trafic – Network card sends all packets heard to the OS – For real time analysis • Non promiscuous mode – Save to file and analyze later – Network card only sends packets destined it’s MAC • There is no problem listening to packets sent – Network card only sends broadcasts packtes to/from our own machine • We must ask the device driver to change the • In a broadcast network like ethernet we can also card’s mode in order to sniff other people’s listen to other traffic, assuming no switch, we will packets hear packets that have nothing to do with us 5
Recommend
More recommend