Exploring Usable Path MTU in the Internet
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Redes De Computadores (RCOMP)
Redes de Computadores (RCOMP) Lecture 03 2019/2020 • Ethernet local area network technologies. • Virtual local area networks (VLAN). • Wireless local area networks. Instituto Superior de Engenharia do Porto – Departamento de Engenharia Informática – Redes de Computadores (RCOMP) – André Moreira 1 ETHERNET Networks – CSMA/CD Ethernet networks (IEEE 802.3 / ISO 8802-3) were originally developed by Xerox in the 70s. Nowadays, ethernet is undoubtedly the most widely used technology in wired LANs. Originally, access control to the medium (MAC - Medium Access Control) was a key issue. The CSMA/CD technique used in ethernet is not ideal, it doesn’t avoid collisions and, as such, results in low efficiency under heavy traffic. The early Ethernet networks were based on a coaxial cable to which all nodes were connected (bus topology), the most important variants were: Thick Ethernet - 10base5 - 10 Mbps / Digital Signal(1) / maximum 500 m bus length Thin Ethernet - 10base2 - 10 Mbps / Digital Signal(1) / maximum 180 m bus length Node Node Node Node Node Node Node Node Node Node (1) base stands for a baseband transmission medium, therefore digital signals must be used. Instituto Superior de Engenharia do Porto – Departamento de Engenharia Informática – Redes de Computadores (RCOMP) – André Moreira 2 ETHERNET networks – Collision Domain CSMA/CD (Carrier Sense Multiple Access with Collision Detection) requires packet collisions to be detected by all nodes before the emission of the packet ends. This introduces limitations on the relationship between the packet’s transmission time and the signal propagation delay. To ensure collision detection by all nodes, there’s minimum packet size of 64 bytes (this sets a minimum transmission time), also there is a maximum segment size (sets the maximum propagation delay). -
Network Layer 2
Network Layer Topics • Network service models • Datagrams (packets), virtual circuits • IP (Internet Protocol) • Internetworking • Forwarding (Longest Matching Prefix) • Helpers: ARP and DHCP • Fragmentation and MTU discovery • Errors: ICMP (traceroute!) • IPv6, scaling IP to the world • NAT, and “middleboxs” • Routing Algorithms CSE 461 University of Washington 2 Dynamic Host Configuration Protocol (DHCP) Bootstrapping •Problem: • A node wakes up for the first time … • What is its IP address? What’s the IP address of its router? • At least Ethernet address is on NIC What’s my IP? CSE 461 University of Washington 4 Bootstrapping 1. Manual configuration (old days) • Can’t be factory set, depends on use 2. DHCP: Automatically configure addresses • Shifts burden from users to IT folk What’s my IP? Use A.B.C.D CSE 461 University of Washington 5 DHCP •DHCP (Dynamic Host Configuration Protocol), from 1993, widely used •It leases IP address to nodes •Provides other parameters too • Network prefix • Address of local router • DNS server, time server, etc. CSE 461 University of Washington 6 DHCP Protocol Stack •DHCP is a client-server application • Uses UDP ports 67, 68 DHCP UDP IP Ethernet CSE 461 University of Washington 7 DHCP Addressing •Bootstrap issue: • How does node send a message to DHCP server before it is configured? •Answer: • Node sends broadcast messages that delivered to all nodes on the network • Broadcast address is all 1s • IP (32 bit): 255.255.255.255 • Ethernet/MAC (48 bit): ff:ff:ff:ff:ff:ff CSE 461 University of Washington -
MTU and MSS Tutorial
MTU and MSS Tutorial Dr. E. Garcia, [email protected] Published: November 16, 2009. Last Update: November 16, 2009. © 2009 E. Garcia Abstract – This tutorial covers maximum transmission unit ( MTU ), maximum segment size ( MSS ), PING, NETSTAT, and fragmentation. Expressions relevant to these concepts are systematically derived and explained. Keywords: maximum transmission unit, MTU , maximum segment size, MSS , PING, NETSTAT 1 MTU and MSS As discussed in the IP Packet Fragmentation Tutorial (http://www.miislita.com/internet-engineering/ip-packet-fragmentation-tutorial.pdf ) and elsewhere (1 - 3), the data payload ( DP ) of an IP packet is defined as the packet length ( PL ) minus the length of its IP header ( IPHL ), (Eq 1) whereܦܲ theൌ maximum ܲܮ െ ܫܲܪܮ PL is defined as the Maximum Transmission Unit (MTU) . This is the largest IP packet that can be transmitted without further fragmentation. Thus, when PL = MTU (Eq 2) However,ܦܲ ൌ an ܯܷܶ IP packet െ ܫܲܪܮ encapsulates a TCP packet such that DP = TCPHL + MSS (Eq 3) where TCPHL is the length of the TCP header and MSS is the data payload of the TCP packet, also known as the Maximum Segment Size (MSS) . Combining Equations 2 and 3 leads to MSS = MTU – IPHL – TCPHL (Eq 4) Figure 1 illustrates the connection between MTU and MSS –for an IP packet decomposed into three fragments. Figure 1. Fragmentation example where MTU = PL = pl 1 = pl 2 > pl 3 and DP = dp 1 + dp 2 + dp 3 = PL – IPHL . © 2009 E. Garcia 1 Typically, IP and TCP headers are 20 bytes long. Thus, MSS = MTU – 40 (Eq 5) If IP or TCP options are specified, the MSS is further reduced by the number of bytes taken up by the options (OP), each of which may be one byte or several bytes in size. -
The GINI Router
The GINI Router: A Routing Element for User-level Micro Internet by Weiling Xu DEPARTMENT OF COMPUTER SCIENCE MCGILL UNIVERSITY, MONTREAL JUNE,2004 A THESIS SUBMITTED TO MCGILL UNIVERSITY IN PARTIAL FULFILMENT OF THE REQUlREMENTS OF THE DEGREE OF MASTER OF SCIENCE © Weiling Xu 2004 Library and Bibliothèque et 1+1 Archives Canada Archives Canada Published Heritage Direction du Branch Patrimoine de l'édition 395 Wellington Street 395, rue Wellington Ottawa ON K1A ON4 Ottawa ON K1A ON4 Canada Canada Your file Votre référence ISBN: 0-494-06476-5 Our file Notre référence ISBN: 0-494-06476-5 NOTICE: AVIS: The author has granted a non L'auteur a accordé une licence non exclusive exclusive license allowing Library permettant à la Bibliothèque et Archives and Archives Canada to reproduce, Canada de reproduire, publier, archiver, publish, archive, preserve, conserve, sauvegarder, conserver, transmettre au public communicate to the public by par télécommunication ou par l'Internet, prêter, telecommunication or on the Internet, distribuer et vendre des thèses partout dans loan, distribute and sell th es es le monde, à des fins commerciales ou autres, worldwide, for commercial or non sur support microforme, papier, électronique commercial purposes, in microform, et/ou autres formats. paper, electronic and/or any other formats. The author retains copyright L'auteur conserve la propriété du droit d'auteur ownership and moral rights in et des droits moraux qui protège cette thèse. this thesis. Neither the thesis Ni la thèse ni des extraits substantiels de nor substantial extracts from it celle-ci ne doivent être imprimés ou autrement may be printed or otherwise reproduits sans son autorisation. -
Iethernet W5500 Datasheet Kr
W5500 Datasheet Version 1.0.6 http://www.wiznet.co.kr © Copyright 2013 WIZnet Co., Ltd. All rights reserved. W5500 The W5500 chip is a Hardwired TCP/IP embedded Ethernet controller that provides easier Internet connection to embedded systems. W5500 enables users to have the Internet connectivity in their applications just by using the single chip in which TCP/IP stack, 10/100 Ethernet MAC and PHY embedded. WIZnet‘s Hardwired TCP/IP is the market-proven technology that supports TCP, UDP, IPv4, ICMP, ARP, IGMP, and PPPoE protocols. W5500 embeds the 32Kbyte internal memory buffer for the Ethernet packet processing. If you use W5500, you can implement the Ethernet application just by adding the simple socket program. It’s faster and easier way rather than using any other Embedded Ethernet solution. Users can use 8 independent hardware sockets simultaneously. SPI (Serial Peripheral Interface) is provided for easy integration with the external MCU. The W5500’s SPI supports 80 MHz speed and new efficient SPI protocol for the high speed network communication. In order to reduce power consumption of the system, W5500 provides WOL (Wake on LAN) and power down mode. Features - Supports Hardwired TCP/IP Protocols : TCP, UDP, ICMP, IPv4, ARP, IGMP, PPPoE - Supports 8 independent sockets simultaneously - Supports Power down mode - Supports Wake on LAN over UDP - Supports High Speed Serial Peripheral Interface(SPI MODE 0, 3) - Internal 32Kbytes Memory for TX/RX Buffers - 10BaseT/100BaseTX Ethernet PHY embedded - Supports Auto Negotiation (Full and half duplex, 10 and 100-based ) - Not supports IP Fragmentation - 3.3V operation with 5V I/O signal tolerance - LED outputs (Full/Half duplex, Link, Speed, Active) - 48 Pin LQFP Lead-Free Package (7x7mm, 0.5mm pitch) 2 / 68 W5500 Datasheet Version1.0.6 (DEC 2014) Target Applications W5500 is suitable for the following embedded applications: - Home Network Devices: Set-Top Boxes, PVRs, Digital Media Adapters - Serial-to-Ethernet: Access Controls, LED displays, Wireless AP relays, etc. -
Automotive Ethernet: the Definitive Guide
Automotive Ethernet: The Definitive Guide Charles M. Kozierok Colt Correa Robert B. Boatright Jeffrey Quesnelle Illustrated by Charles M. Kozierok, Betsy Timmer, Matt Holden, Colt Correa & Kyle Irving Cover by Betsy Timmer Designed by Matt Holden Automotive Ethernet: The Definitive Guide. Copyright © 2014 Intrepid Control Systems. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and publisher. Printed in the USA. ISBN-10: 0-9905388-0-X ISBN-13: 978-0-9905388-0-6 For information on distribution or bulk sales, contact Intrepid Control Systems at (586) 731-7950. You can purchase the paperback or electronic version of this book at www.intrepidcs.com or on Amazon. We’d love to hear your feedback about this book—email us at [email protected]. Product and company names mentioned in this book may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of this book, neither the authors nor Intrepid Control Systems shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in this book. -
Guidelines for the Secure Deployment of Ipv6
Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks NIST Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 December 2010 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Dr. Patrick D. Gallagher, Director GUIDELINES FOR THE SECURE DEPLOYMENT OF IPV6 Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-119 Natl. Inst. Stand. Technol. Spec. Publ. 800-119, 188 pages (Dec. 2010) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. -
RFC 6349 Testing with Truespeed™ from JDSU—Experience Your
RFC 6349 Testing with TrueSpeed™ from JDSU— Experience Your Network as Your Customers Do RFC 6349 is the new transmission control protocol (TCP) throughput test methodology that JDSU co-authored along with representatives from Bell Canada and Deutsche Telecom. Recently issued by the Internet Engineering Task Force (IETF) organization, RFC 6349 provides a repeatable test method for TCP throughput analysis with systematic processes, metrics, and guidelines to optimize the network and server performance. This application note summarizes RFC 6349, “Framework for TCP Throughput Testing,” and highlights the automated and fully compliant JDSU RFC 6349 implementation, TrueSpeed, now available on the JDSU T-BERD®/MTS-6000A Multi-Services Application Module (MSAM) and T-BERD/MTS-5800 Handheld Network Tester. This application note also discusses the integration of TrueSpeed RFC 6349 with the ITU Y.1564 Ethernet service activation standard. This powerful testing combination provides a comprehensive means to ensure an optimized end-customer experience in multi-service (such as triple play) environments. RFC 6349 TCP Test Methodology RFC 6349 specifies a practical methodology for measuring end-to-end TCP throughput in a managed IP network with a goal of providing a better indication of the user experience. In the RFC 6349 framework, TCP and IP parameters are also specified to optimize TCP throughput. RFC 6349 recommends always conducting a Layer 2/3 turn-up test before TCP testing. After verifying the network at Layer 2/3, RFC 6349 specifies conducting -
Practical TCP/IP and Ethernet Networking Titles in the Series
Practical TCP/IP and Ethernet Networking Titles in the series Practical Cleanrooms: Technologies and Facilities (David Conway) Practical Data Acquisition for Instrumentation and Control Systems (John Park, Steve Mackay) Practical Data Communications for Instrumentation and Control (Steve Mackay, Edwin Wright, John Park) Practical Digital Signal Processing for Engineers and Technicians (Edmund Lai) Practical Electrical Network Automation and Communication Systems (Cobus Strauss) Practical Embedded Controllers (John Park) Practical Fiber Optics (David Bailey, Edwin Wright) Practical Industrial Data Networks: Design, Installation and Troubleshooting (Steve Mackay, Edwin Wright, John Park, Deon Reynders) Practical Industrial Safety, Risk Assessment and Shutdown Systems for Instrumentation and Control (Dave Macdonald) Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems (Gordon Clarke, Deon Reynders) Practical Radio Engineering and Telemetry for Industry (David Bailey) Practical SCADA for Industry (David Bailey, Edwin Wright) Practical TCP/IP and Ethernet Networking (Deon Reynders, Edwin Wright) Practical Variable Speed Drives and Power Electronics (Malcolm Barnes) Practical TCP/IP and Ethernet Networking Deon Reynders Pr Eng, BSc BEng, BSc Eng (Elec)(Hons), MBA Edwin Wright MIPENZ, BSc(Hons), BSc(Elec Eng), IDC Technologies, Perth, Australia . Newnes An imprint of Elsevier Linacre House, Jordan Hill, Oxford OX2 8DP 200 Wheeler Road, Burlington, MA 01803 First published 2003 Copyright 2003, IDC Technologies. All rights reserved No part of this publication may be reproduced in any material form (including photocopying or storing in any medium by electronic means and whether or not transiently or incidentally to some other use of this publication) without the written permission of the copyright holder except in accordance with the provisions of the Copyright, Designs and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road, London, England W1T 4LP. -
Computer Networking Exercises
Computer Networking Exercises Antonio Carzaniga Faculty of Informatics USI (Università della Svizzera italiana) Edition 2.4 April 2020 1 ◮Exercise 1. Consider a DNS query of type A within a DNS system containing IN class information. Using boxes to represent servers and lines with labels to represent packets, diagram an iterative request for “www.ban.mcyds.net”. The answer must be authoritative. Label any DNS servers you need to contact using a descriptive label. Label every packet with the essential information. For example, a box may be labeled “authority for .com,” while a packet might be labeled “answer, www.ban.mcyds.net, 192.168.23.45” (10’) Consider the same DNS request specified above. Now create a new diagram showing a recursive request. Once again, the answer must be authoritative. (10’) ◮Exercise 2. Given the utility functions listed below, write the pseudo-code to perform an iterative DNS lookup. dns_query_pkt make_dns_packet(type, class, flags) Creates a new DNS query packet. Flags can be combined via the ‘|’ operator. So for a query that is both authoritative and recursive, one would write: (DNS_AUTH | DNS_RECURSE). Only the DNS_AUTH and DNS_RECURSE flags are valid. Type can be A, MX, NS, or any other valid DNS type. value get_dns_answer(dns_answer_packet, n) Return the value in the nth answer of a dns_answer_pkt packet. For example, in re- ply to a MX lookup for inf.unisi.ch, get_dns_answer(pkt,1) would return the SMTP mail server for the inf.unisi.ch domain. In reply to a NS query it would return the authoritative name server. dns_answer_packet send_and_wait(dns_query_packet, server) Send the given dns_query_packet and wait for a replay from the given DNS server. -
Dynamic Jumbo Frame Generation for Network Performance Scalability
1 JumboGen: Dynamic Jumbo Frame Generation For Network Performance Scalability David Salyers, Yingxin Jiang, Aaron Striegel, Christian Poellabauer Department of Computer Science and Engineering University of Notre Dame Notre Dame, IN. 46530 USA Email: {dsalyers, yjiang3, striegel, cpoellab}@nd.edu Abstract— Network transmission speeds are increasing at a there is a fixed amount of overhead processing per packet, significant rate. Unfortunately, the actual performance of the it is a challenge for CPUs to scale with increasing network network does not scale with the increases in line speed. This speeds [2]. In order to overcome this issue, many works on is due to the fact that the majority of packets are less than or equal to 64 bytes and the fact that packet size has not scaled with high performance networks, as in [3] and [4], have advocated the increases in network line speeds. This causes a greater and the use of a larger MTU length or jumbo frames. These works greater load to be placed on routers in the network as routing show that the performance of TCP and the network in general decisions have to be made for an ever increasing number of can significantly improve with the use of jumbo-sized packets. packets, which can cause increased packet delay and loss. In Unfortunately, the benefits of jumbo frames are limited for order to help alleviate this problem and make the transfer of bulk data more efficient, networks can support an extra large several reasons. First, the majority of packets transferred are MTU size. Unfortunately, when a packet traverses a number of 64 bytes or less. -
The PTB-PTS ICMP-Based Attack Against Ipsec Gateways Vincent Roca, Saikou Fall
Too Big or Too Small? The PTB-PTS ICMP-based Attack against IPsec Gateways Vincent Roca, Saikou Fall To cite this version: Vincent Roca, Saikou Fall. Too Big or Too Small? The PTB-PTS ICMP-based Attack against IPsec Gateways. 2016, pp.16. hal-01178390 HAL Id: hal-01178390 https://hal.inria.fr/hal-01178390 Submitted on 19 Jul 2015 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. IPsec Maintenance and Evolution (IPSECME) V. Roca Internet-Draft S. Fall Intended status: Informational INRIA Expires: January 7, 2016 July 6, 2015 Too Big or Too Small? The PTB-PTS ICMP-based Attack against IPsec Gateways draft-roca-ipsecme-ptb-pts-attack-00 Abstract This document introduces the "Packet Too Big"-"Packet Too Small" Internet Control Message Protocol (ICMP) based attack against IPsec gateways. We explain how an attacker having eavesdropping and packet injection capabilities, from the unsecure network where he only sees encrypted packets, can force a gateway to reduce the Path Maximum Transmission Unit (PMTU) of an IPsec tunnel to the minimum, which can trigger severe issues for the hosts behind this gateway: with a Linux host, depending on the PMTU discovery algorithm in use (i.e., PMTUd versus PLPMTUd) and protocol (TCP versus UDP), the attack either creates a Denial of Service or major performance penalties.