What is the Internet? Commercial worth of Internet G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk The 1969 Start of Internet project Time to get a market of 50 Million People: Internet 1983 214 hosts (50 in Arpanet ; 164 in MilNet) 1990 200,000 hosts (start of “Internet”) Radio took 38 years Protocol 1995 7 M hosts (30 M users) 1997 22.5 M hosts (50 M users) TV took 13 years Suite 2004 250 M hosts (798 M users ; 1/6 world population) 2008 ??? The Internet took 4 years The Network Layer (IP) – Once opened to the general public One current estimate: The Interface Layers (e.g. Ethernet) 2,300 M Telephones 1,340 M Mobile phones Routing between networks 600 M PCs
Statistics from the IITF Report released on April 15, 1998 Transport (TCP, UDP, and applications) The Emerging Digital Economy http://www.ecommerce.gov/emerging.htm
Internet Protocol Stack IP Protocol Stack The Power of IP G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Layering of Protocols Applications End-to-End Principle Middleware IP under everything email ftp web decouple transmission from application Transport chat networks (IS) do not care what they carry irc VoIP hosts (ES) do not care how it gets there TVoIP IP-hosts can control how they use the network Internet Protocol IP Profound impact on regulation
client server
Middleware FTP FTP TransportLinks Ethernet IP on everything Fibre 3G Physical IP
Ethernet Enet Enet Ethernet Layer driver driver
Some Internet Players People expect Internet connectivity Video/Multimedia is Important! G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 40000 Applications Middleware 30000 Transport 20000 Internet “above the wire Protocol 10000 and below the application” “By the year 2016, no one under the age of forty will remember a world without personal computer. The Ambient Video (webcams) 0 TransportLinks average twenty year old will find it hard to imagine a Internet Video to TV 2008 2009 2010 2011 2012 2013 time when there wasn't any email to check or Web Internet Video to PC Physical Internet Voice sites to visit.” Internet Gaming Layer – George Christian, 2006. File Sharing Web/Email IP Appliances IP Packets G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Messages (large blocks of data) Internet are split into smaller pieces, called “Packets” Protocol Each packet (PDU) has: A header (known as the PCI) The Connection-Less Network Service Well-defined format Destination address , source address, type, ... The 20 byte IP Packet Header A payload (known as the SDU) IP Network Layer Addresses A piece of the data to be communicated Name Resolution (name to IP Address)
Internet Addresses IP Header Internet Architecture G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 0 15 16 31 Arranged in four levels: 129.23.5.9 Addresses of End Systems Core Routers (No user networks connected) 4 IHL ToS/DSCP 16-bit total length Distribution Routers (Regional networks) 16-bit identification flags 13-bit fragment offset Access Routers (Internet Service Providers) 139.133.204.18 Home / Corporate networks TTL protocol 16-bit header checksum 32-bit source IP address 32-bit destination IP address options (if any) 20 bytes data
139.133.1.2 139.133.1.3 139.133.10.7
RFC 791
Internet Addresses OrganisationOrganisation of names of Names and and addresses Addresses G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst
I need to send to: abdn.ac.uk There are two ways of identifying a computer, using: Name Resolution ! A name 139.133.204.18 ! A network address Name and Addresses Mail to: [email protected] Flat v. Hierarchical Structures Names and addresses may be organised using: The DNS ! A flat structure ! A hierarchical structure
139.133.1.2 139.133.1.3 139.133.10.7 Flat Structure The Telephone Numbering System The Domain name Service Tree Flat Structure ITU Telephone Numbering System G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst G Fairhurst root National Insurance Number us uk edu org com NZ 341865 B Country Albania UK Uganda USA Zim 355 44 256 1 263 Lon Man Area Abdn co ac ieee Batch of numbers 171 1224 1212 allocated to Serialan office number Exchange 27 49 Number indicates issuing bbc abdn ed office and nothing about individual Subscriber Line 2201 2497 www erg cs
ITU E.164 geographic domains generic domains
Flat v Hierarchical Structure Internet Email Evolution of the DNS Flat v Hierarchical Structure G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst
Hierarchical! ! ! ! ! ! Flat I need to send to: A single file abdn.ac.uk ! /etc/hosts (in unix) 139.133.204.18 Easy to remember! ! ! ! Difficult to remember entered by person setting-up computer
Abbreviated name possible! No unique abbreviations Mail to: A central file (at internic.arpa) Easy to find location of name! Only uniquely identifies [email protected] downloaded to /etc/hosts (using ftp) Difficult to change location!! Easy to change location Locally administer names! ! Names allocated centrally A distributed database clients send a request (query) e.g. telephone no. e.g. 139.133.1.2 139.133.1.3 139.133.10.7 Postcode social security no. a dns sends a response (resolution) IP name (DNS) IP address Most systems still also have a “/etc/hosts” and some also use a LAN name server
DNS Stack Internet Email: dns query Internet Email: dns response G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
DNS Stub DNS dns stub resolver dns stub resolver Resolver Server 139.133.204.18 139.133.204.18
Mail to: I need to send to: [email protected] abdn.ac.uk I need to send to: abdn.ac.uk
local dns server local dns server 139.133.1.2 139.133.1.2 client needs to resolve a “name” to an “address” “abdn.ac.uk” “abdn.ac.uk” to communicate to destination is 139.133.204.18 is 139.133.204.18 Sending the Email Recursive Lookup DNSDNS Client Client Cache Cache G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Recursion asks server to do what is needed to resolve dns stub resolver dns stub resolver DNS Client Request Mail to:139.133.204.18 139.133.204.18 (recursion-bit set) 139.133.204.18 In Local Cache? No
Yes Mail to: I need to send to: [email protected] abdn.ac.uk Cache entry Yes out of date? Fetch value from DNS server No
local dns server Use cached local dns server (referrals without recursion-bit set) value Store in Cache 139.133.1.2 “uk” is W “uk.ac” “abdn. “abdn.ac.uk” is X ac.uk” is 139.133.204.18 is Y
DNS Cache DNS Records DNS Resolution G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
DNS Records have various types: Browser/Application sends name to resolver (DNS client) dns cache MX records used for Mail Exchange “abdn.ac.uk” Resolver checks own cache (local files, etc) is 139.133.204.18 mail.abdn.ac.uk 3600 IN MX 500 backup.abdn.ac.uk mail.abdn.ac.uk 3600 IN MX 5 mailserver.abdn.ac.uk If not resolved, contacts DNS Server dns stub resolver mail.abdn.ac.uk 3600 IN MX 10 mailserver1.abdn.ac.uk (resolver knows this IP address) 139.133.204.18 Email uses the lowest numbered reachable mail server If not resolved, contacts root DNS server (.) May redirect to other server(s) Other formats also use the DNS: I need to send to: http://www.abdn.ac.uk Resolver given 1 or more addresses abdn.ac.uk ftp://ftp.abdn.ac.uk (resolver caches the answer for some time) sip://[email protected] local dns server Browser/Application given lowest numbered server dns cache “abdn.ac.uk” is 139.133.204.18
NamingNaming & Addressing: & Addressing Summary - Summary IP LANs G Fairhurst G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
A name is a symbol - designed for human reading An address is a data structure understood by a network Organisation may be hierarchical or flat Interface Layers (L1 & L2) A name server provides a service to change between network addresses and network names
To know who's who on the Internet a computer must Encapsulation for Ethernet Addresses allocated to network as an address block know the address of a name server e.g. Aberdeen University allocated 139.133.x.x Address Resolution Protocol (arp) Each System (ES or IS): One (or more) unique IP address per NIC All addresses start with the same address prefix e.g. 139.133.1.5, 139.133.208.1 IP Interfaces Dynamic Host Configuration Protocol IP Address Allocation G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Network Layer Sometimes a host doesnʼt know its IP address Operating Quite common for dial-up, ADSL, etc .... System Kernel Internet Service Provider allocates an IP address IP address 3 Unique (or pool of IP addresses) Interface le0 le1 lo0 Hosts request an IP address using DHCP Name IP address 1 IP address 2 Addresses allocated to network as an address block (Dynamic Host Configuration Protocol) e.g. Aberdeen University allocated 139.133.x.x/16 Interface Loop-Back Ethernet Send their MAC address, receive an IP address i.e. addresses start with the same address prefix Software Driver Driver e.g. 139.133.1.5, 139.133.208.1 Addresses may be loaned (for some time) Physical Ethernet Ethernet or static assigned to a specific MAC address Each System (ES or IS): Layer Controller Controller Hardware One (or more) unique IP address per NIC
DHCP Server DHCP Example DHCP Protocol G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Broadcast: What happens if you join a new network? Client sends Clients broadcast to LAN to Discover DHCP server DHCP discover - includes own MAC address & “Magic Cookie” Could configure IP address by hand with own ... but in practice need a better way MAC address Unicast: One or more DHCP Server responds with a DHCP Offer: DHCP allows this to be done automatically DHCP server IP address that may be used; sends an offer IP Subnet mask; IP address of default router; Unicast: with details and an IP address to use IP address of DNS server; Senders know: Client requests use MAC source address (may look in NIC ROM) of the address IP address of DHCP server; Unicast: Senders use DHCP to find their own IP addresses DHCP server “Magic Cookie” - nonce to identify request at server acknowledges request and provides Client responds to ONE server with a DHCP Request This is automatic when end system connects to LAN a lease for some period Server responds with a DHCP Acknowledgment Client DHCP Value used only for a specified period (lease interval) Server
Ethernet MAC Frame Maximum Transfer Unit (MTU) IP Interfaces G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 1) Insert MAC address of destination (use arp) 2) Insert own MAC address (from PROM) IP Datagram 6B 6B 2B 4B P MTU L3 (NL) IP Other NL MAC MAC MAC A MAC Destination Source Type Payload CRC MTU D Largest IP datagram (packet) which may be sent ARP Medium L2 (DL) Framing Access 3) Insert payload type code (0x800 for IP) IP packet (datagram) size 68-65535 B Typically 1500B today using IPv4 Control 4) Insert up to 1500 B payload (e.g. IP packet) Min MTU 1280 B using IPv6 [RFC 2460] L1 (PL) Transmission Control 5) Add padding if frame less than 60B (excl CRC) 6) Calculate 32 bit CRC over the frame (signature) Fragmentation provided by sender ARP needed to set the destination MAC address Larger transport packets are fragmented to MTU.
7) Prefix 8B preamble (including SFD) Address Resolution Protocol (arp) ARP Request (send A -> C) ARP Example G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Application sends Where is C? Not me, Unicast: I am C All systems connected to the Internet have ignore the my address a unique IP address query is XXXXXX ARP triggered, A has a packet stored Systems know (or find out from DHCP) their IP address A B C packet to Broadcast: send to C Systems know the IP address of the destination arp who-is (or find it out from the DNS) target-ip Target tell me Unicast: Broadcast: Who is C? IP arp target-ip Systems know their own MAC address Unicast: is 08:00:20:1b:d4:90 (or can look in the NIC ROM) Application stored Ether Type = 0x806 IP packet sent with target No obvious way of determining destination MAC address 14B 28B 18B 4B MAC address - We will call the Next Hop IP address the Target-IP Ethernet arp Ethernet header message Padding CRC Querier Target IP IP
ARP/RARP Packet Ethernet Driver ARP/DHCP Packet G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 0 8 15 16 31 48 bit 32 bit IP output IP input Ether hardware address IP source address Hardware Type Protocol Type loopback HLEN PLEN Operation dest Y = Sender HA (octets 0-3) broadcast? copy other Sender HA (octets 4-5) Sender IP (octets 0-1) N protocols dest Y Sender !P (octets 2-3) Target HA (octets 0-1) = Ether Type local IP = 0x800 Target HA (octets 2-5) ? N Ether Type Target !P (octets 0-3) destination N = 0x806 in arp cache? ARP demux operation message Packets Ethernet 48 bit Ether Type = 0x806 stored awaiting frame type 32 bit 1 ARP request arp cache entry Y Ether Type Ether Type IP target address Ether hardware address 2 ARP reply = 0x800 = 0x806 [3 RARP request - ignore this] Ethernet Where are my friends? Who am I? [4 RARP reply - ignore this] RFC 826 RFC 2131
ARP Packet Protocol Demultiplexing arp Summary G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk dent -> (broadcast) ARP C Who is 10.0.0.80, gordon ? Transport Senders know: ICMP IGMP Protocols IP Protocol Type IP source address (may use DHCP) Indicates how to demux gordon -> dent IP destination address (may use DNS) ARP R 10.0.0.80, gordon is 8:0:20:96:10:1a .... and hence the Target-IP of the next-hop system IP MAC source address (may look in NIC ROM) ARP: ----- ARP/RARP Frame ----- ARP ARP: Hardware type = 1 0x800 Senders use arp to find Target-IPʼs MAC addresses 0x806 ARP: Protocol type =0x0800 (IP) Ethernet An arp cache is needed to prevent overload!! ARP: Length of hardware address = 6 bytes Driver ARP: Length of protocol address = 4 bytes Ethernet Frame Type The arp cache is also updated by any query ARP: Opcode 0x0001 (ARP Request) Indicates how to demux ARP: Sender's hardware address = 8:0:20:b:b0:83 Incoming The arp cache entries expire after a fixed period ARP: Sender's protocol address = 10.0.0.17, dent frame ARP: Target hardware address = ? (0xffff ffff ffff) It is automatic when each packet is sent ARP: Target protocol address = 10.0.0.80, (0x8b85 cc50) IP Protocol Demux (Structures) ARP Example ARP Example G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Received IP Packet Use the “ping” command to send test packets Use the “arp -a” command to examine ARP cache. inetsw[ ] Each time a packet is made, arp is triggered as ip_proto[ ] 0 IP gresley:arp -a 0 3 milliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 necessary to find the target-IPʼs mac address. 1 UDP mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0 1 4 2 Packets sent to 139.133.207.111 were received and 2 5 TCP generate replies. IP Protocol 3 IP (raw) ... 3 The cache consists of a table of address and bindings 4 ICMP Packets sent to 139.133.207.222 generate no replies, Type Byte 5 There are currently two entries we can assume this address is not in use. 6 2 IGMP ... 3 Table of gresley:ping 139.133.207.111 17 1 PING 139.133.207.111 (139.133.207.111): 56 data bytes pointers to Pointers 64 bytes from 139.133.207.111: icmp_seq=0 ttl=60 time=1.732 ms entry in table ... 3 to handlers ... of IP protocols for transport gresley:ping 139.133.207.222 protocols PING 139.133.207.222 (139.133.207.222): 56 data bytes 255 ping: sendto: Host is down ping: wrote 139.133.207.222 64 chars, ret=-1 Goto inetsw[ip_proto[packet[protocol]]]; ...
ARP Example ARP Question ARP Question G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk gresley:arp -a milliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 Two 10 Mbps Ethernet LANs are connected by a bridge. mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0 When monitoring LAN A for 1 minute, 40 arp requests are gresley:ping 139.133.207.111 LAN A LAN B observed and 30 arp responses. PING 139.133.207.111 (139.133.207.111): 56 data bytes 64 bytes from 139.133.207.111: icmp_seq=0 ttl=60 time=1.732 ms BRIDGE ... Calculate the Utilisation for the arp packets for LAN A. gresley:ping 139.133.207.222 PING 139.133.207.222 (139.133.207.222): 56 data bytes Size of ARP request/Response is ping: sendto: Host is down ping: wrote 139.133.207.222 64 chars, ret=-1 =8+14+28+4 (less than minimum Enet PDU) => 8+64 B ... Two 10 Mbps Ethernet LANs are connected by a bridge. = (70/60) x 8x72/107x100 % = 0.007% gresley:arp -a When monitoring LAN A for 1 minute, milliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 40 arp requests are observed and 30 arp responses. mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0 Give two reasons why there may be fewer responses than erg2-printer.erg.abdn.ac.uk (139.133.207.111) at 0:10:83:ba:c0:a5 on en0 queries. ? (139.133.207.222) at (incomplete) on en0 [ethernet] (a) Calculate the Utilisation for the arp packets for LAN A. The arp cache has two new entries: (b) Give two reasons why there are fewer responses than (1) Some arp requests fail to complete (IP addr not used) queries. (2) Some arp requests may have been sourced on LAN B 139.133.207.111 has MAC: 0:10:83:ba:c0:a5 and correspond to an IP address on LAN B. The response 139.133.207.222 did not respond (no cache entry) would not travel across the bridge.
ARP Packet The Internet G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 001a 2f52 4841 000a 95cf ea5e 0806 0001 isi.edu 0800 0604 0002 000a 95cf ea5e 8b85 cf98 128.9.0.32 001a 2f52 4841 8b85 cf40 Routing (L3) The Role of routers Internet
Subnet mask
Default router emps sysc 139.133.7.10 139.133.7.110 Role of Routers Bridges v Routers About An IP Network G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Routers Connect networks Control traffic flow between networks End Systems send packet to an IP address More expensive know nothing about the network toplogy Work at Network Layer (e.g.IP) Connect different IP networks Relaying Need configuration Media conversion IP Segmentation Routers use IP address to forward packets Bridges/Switches know nothing about ʻconversationsʼ Routing Separate work group traffic Quality of Service Management Improve LAN performance Security Cheap Work at MAC Layer (mostly self configuring) RFC 1812 Form one IP network (broadcast domain at L2)
Selecting a Route IP Header IP Subnet Mask G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 0 15 16 31 4 IHL ToS/DSCP 16-bit total length ES need to know the network netmask Should the Local Network be used? All systems in a subnet must share same subnet mask 16-bit identification flags 13-bit fragment offset or IP Address Block of addresses (32768 in this case) TTL protocol 16-bit header checksum 0 Should a router be used? 32-bit source IP address
32-bit destination IP address net mask 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 options (if any) R0 network id host id B) Remote Network 20 bytes data IP address!! !! 139.133.7.110 ES and routers always examine the IP destination address netmask !! ! ! ! 0xffffff00 (255.255.255.0) A) Local Network network ID!! ! ! 139.133.7.0 RFC 950 H0 H1 RFC 791
IP Subnet Mask Finding the Network ID Identifying the Destination Network (1) G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Local network calculation Subnet mask often written as a ʻ/ʼ followed by number of 1s in the mask local IP address ! ! !139.133.7.110 Finding the network ID local network mask ! !255.255.255.0 Convert IP address to hex (or binary) /8 11111111 00000000 00000000 00000000 Convert netmask to hex (or binary) /9 11111111 10000000 00000000 00000000 local net +subnet id ! !139.133.7.0 /10 11111111 11000000 00000000 00000000 Perform logical AND between the two /11 11111111 11100000 00000000 00000000 /12 11111111 11110000 00000000 00000000 Example: dest IP address ! ! !139.133.7.10 Compare /16 11111111 11111111 00000000 00000000 /20 11111111 11111111 11110000 00000000 local network mask ! !255.255.255.0 /24 11111111 11111111 11111111 00000000 IP address 139.131. 63. 53 /28 11111111 11111111 11111111 11110000 &