What is the Internet? Commercial worth of Internet G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk The 1969 Start of Internet project Time to get a market of 50 Million People: Internet 1983 � 214 hosts (50 in Arpanet ; 164 in MilNet) 1990� 200,000 hosts (start of “Internet”) Radio took 38 years Protocol 1995� 7 M hosts (30 M users) 1997 22.5 M hosts (50 M users) TV took 13 years Suite 2004 250 M hosts (798 M users ; 1/6 world population) 2008 ??? The Internet took 4 years The Network Layer (IP) – Once opened to the general public One current estimate: The Interface Layers (e.g. Ethernet) � 2,300 M Telephones � 1,340 M Mobile phones Routing between networks � 600 M PCs
Statistics from the IITF Report released on April 15, 1998 Transport (TCP, UDP, and applications) The Emerging Digital Economy http://www.ecommerce.gov/emerging.htm
Internet Protocol Stack IP Protocol Stack The Power of IP G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Layering of Protocols Applications End-to-End Principle Middleware IP under everything email ftp web � decouple transmission from application Transport chat � networks (IS) do not care what they carry irc VoIP � hosts (ES) do not care how it gets there TVoIP IP-hosts can control how they use the network Internet Protocol IP Profound impact on regulation
client server
Middleware FTP FTP TransportLinks Ethernet IP on everything Fibre 3G Physical IP
Ethernet Enet Enet Ethernet Layer driver driver
Some Internet Players People expect Internet connectivity Video/Multimedia is Important! G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 40000 Applications Middleware 30000 Transport 20000 Internet “above the wire Protocol 10000 and below the application” “By the year 2016, no one under the age of forty will remember a world without personal computer. The Ambient Video (webcams) 0 TransportLinks average twenty year old will find it hard to imagine a Internet Video to TV 2008 2009 2010 2011 2012 2013 time when there wasn't any email to check or Web Internet Video to PC Physical Internet Voice sites to visit.” Internet Gaming Layer – George Christian, 2006. File Sharing Web/Email IP Appliances IP Packets G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Messages (large blocks of data) Internet are split into smaller pieces, called “Packets” Protocol Each packet (PDU) has: A header (known as the PCI) The Connection-Less Network Service � Well-defined format � Destination address , source address, type, ... The 20 byte IP Packet Header A payload (known as the SDU) IP Network Layer Addresses � A piece of the data to be communicated Name Resolution (name to IP Address)
Internet Addresses IP Header Internet Architecture G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 0 15 16 31 Arranged in four levels: 129.23.5.9 Addresses of End Systems � Core Routers (No user networks connected) 4 IHL ToS/DSCP 16-bit total length � Distribution Routers (Regional networks) 16-bit identification flags 13-bit fragment offset � Access Routers (Internet Service Providers) 139.133.204.18 � Home / Corporate networks TTL protocol 16-bit header checksum 32-bit source IP address 32-bit destination IP address options (if any) 20 bytes data
139.133.1.2 139.133.1.3 139.133.10.7
RFC 791
Internet Addresses OrganisationOrganisation of names of Names and and addresses Addresses G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst
I need to send to: abdn.ac.uk There are two ways of identifying a computer, using: Name Resolution ! A name 139.133.204.18 ! A network address Name and Addresses Mail to: [email protected] Flat v. Hierarchical Structures Names and addresses may be organised using: The DNS ! A flat structure ! A hierarchical structure
139.133.1.2 139.133.1.3 139.133.10.7 Flat Structure The Telephone Numbering System The Domain name Service Tree Flat Structure ITU Telephone Numbering System G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst G Fairhurst root National Insurance Number us uk edu org com NZ 341865 B Country Albania UK Uganda USA Zim 355 44 256 1 263 Lon Man Area Abdn co ac ieee Batch of numbers 171 1224 1212 allocated to Serialan office number Exchange 27 49 Number indicates issuing bbc abdn ed office and nothing about individual Subscriber Line 2201 2497 www erg cs
ITU E.164 geographic domains generic domains
Flat v Hierarchical Structure Internet Email Evolution of the DNS Flat v Hierarchical Structure G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst
Hierarchical! ! ! ! ! ! Flat I need to send to: A single file abdn.ac.uk ! /etc/hosts (in unix) 139.133.204.18 Easy to remember! ! ! ! Difficult to remember � entered by person setting-up computer
Abbreviated name possible! No unique abbreviations Mail to: A central file (at internic.arpa) Easy to find location of name! Only uniquely identifies [email protected] � downloaded to /etc/hosts (using ftp) Difficult to change location!! Easy to change location Locally administer names! ! Names allocated centrally A distributed database � clients send a request (query) e.g. telephone no. e.g. 139.133.1.2 139.133.1.3 139.133.10.7 Postcode social security no. � a dns sends a response (resolution) IP name (DNS) IP address Most systems still also have a “/etc/hosts” and some also use a LAN name server
DNS Stack Internet Email: dns query Internet Email: dns response G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
DNS Stub DNS dns stub resolver dns stub resolver Resolver Server 139.133.204.18 139.133.204.18
Mail to: I need to send to: [email protected] abdn.ac.uk I need to send to: abdn.ac.uk
local dns server local dns server 139.133.1.2 139.133.1.2 client needs to resolve a “name” to an “address” “abdn.ac.uk” “abdn.ac.uk” to communicate to destination is 139.133.204.18 is 139.133.204.18 Sending the Email Recursive Lookup DNSDNS Client Client Cache Cache G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Recursion asks server to do what is needed to resolve dns stub resolver dns stub resolver DNS Client Request Mail to:139.133.204.18 139.133.204.18 (recursion-bit set) 139.133.204.18 In Local Cache? No
Yes Mail to: I need to send to: [email protected] abdn.ac.uk Cache entry Yes out of date? Fetch value from DNS server No
local dns server Use cached local dns server (referrals without recursion-bit set) value Store in Cache 139.133.1.2 “uk” is W “uk.ac” “abdn. “abdn.ac.uk” is X ac.uk” is 139.133.204.18 is Y
DNS Cache DNS Records DNS Resolution G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
DNS Records have various types: Browser/Application sends name to resolver (DNS client) dns cache MX records used for Mail Exchange “abdn.ac.uk” Resolver checks own cache (local files, etc) is 139.133.204.18 mail.abdn.ac.uk 3600 IN MX 500 backup.abdn.ac.uk mail.abdn.ac.uk 3600 IN MX 5 mailserver.abdn.ac.uk If not resolved, contacts DNS Server dns stub resolver mail.abdn.ac.uk 3600 IN MX 10 mailserver1.abdn.ac.uk (resolver knows this IP address) 139.133.204.18 Email uses the lowest numbered reachable mail server If not resolved, contacts root DNS server (.) May redirect to other server(s) Other formats also use the DNS: I need to send to: http://www.abdn.ac.uk Resolver given 1 or more addresses abdn.ac.uk ftp://ftp.abdn.ac.uk (resolver caches the answer for some time) sip://[email protected] local dns server Browser/Application given lowest numbered server dns cache “abdn.ac.uk” is 139.133.204.18
NamingNaming & Addressing: & Addressing Summary - Summary IP LANs G Fairhurst G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
A name is a symbol - designed for human reading An address is a data structure understood by a network Organisation may be hierarchical or flat Interface Layers (L1 & L2) A name server provides a service to change between network addresses and network names
To know who's who on the Internet a computer must Encapsulation for Ethernet Addresses allocated to network as an address block know the address of a name server � e.g. Aberdeen University allocated 139.133.x.x Address Resolution Protocol (arp) Each System (ES or IS): � One (or more) unique IP address per NIC � All addresses start with the same address prefix � e.g. 139.133.1.5, 139.133.208.1 IP Interfaces Dynamic Host Configuration Protocol IP Address Allocation G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Network Layer Sometimes a host doesnʼt know its IP address Operating Quite common for dial-up, ADSL, etc .... System Kernel Internet Service Provider allocates an IP address IP address 3 Unique (or pool of IP addresses) Interface le0 le1 lo0 Hosts request an IP address using DHCP Name IP address 1 IP address 2 Addresses allocated to network as an address block (Dynamic Host Configuration Protocol) � e.g. Aberdeen University allocated 139.133.x.x/16 Interface Loop-Back Ethernet Send their MAC address, receive an IP address � i.e. addresses start with the same address prefix Software Driver Driver � e.g. 139.133.1.5, 139.133.208.1 Addresses may be loaned (for some time) Physical Ethernet Ethernet or static assigned to a specific MAC address Each System (ES or IS): Layer Controller Controller Hardware � One (or more) unique IP address per NIC
DHCP Server DHCP Example DHCP Protocol G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Broadcast: What happens if you join a new network? Client sends Clients broadcast to LAN to Discover DHCP server DHCP discover - includes own MAC address & “Magic Cookie” � Could configure IP address by hand with own ... but in practice need a better way MAC address Unicast: One or more DHCP Server responds with a DHCP Offer: � DHCP allows this to be done automatically DHCP server IP address that may be used; sends an offer IP Subnet mask; IP address of default router; Unicast: with details and an IP address to use IP address of DNS server; Senders know: Client requests use � MAC source address (may look in NIC ROM) of the address IP address of DHCP server; Unicast: Senders use DHCP to find their own IP addresses DHCP server “Magic Cookie” - nonce to identify request at server acknowledges request and provides Client responds to ONE server with a DHCP Request This is automatic when end system connects to LAN a lease for some period Server responds with a DHCP Acknowledgment Client DHCP Value used only for a specified period (lease interval) Server
Ethernet MAC Frame Maximum Transfer Unit (MTU) IP Interfaces G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 1) Insert MAC address of destination (use arp) 2) Insert own MAC address (from PROM) IP Datagram 6B 6B 2B 4B P MTU L3 (NL) IP Other NL MAC MAC MAC A MAC Destination Source Type Payload CRC MTU D � Largest IP datagram (packet) which may be sent ARP Medium L2 (DL) Framing Access 3) Insert payload type code (0x800 for IP) IP packet (datagram) size 68-65535 B � Typically 1500B today using IPv4 Control 4) Insert up to 1500 B payload (e.g. IP packet) � Min MTU 1280 B using IPv6 [RFC 2460] L1 (PL) Transmission Control 5) Add padding if frame less than 60B (excl CRC) 6) Calculate 32 bit CRC over the frame (signature) Fragmentation provided by sender ARP needed to set the destination MAC address Larger transport packets are fragmented to MTU.
7) Prefix 8B preamble (including SFD) Address Resolution Protocol (arp) ARP Request (send A -> C) ARP Example G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Application sends Where is C? Not me, Unicast: I am C All systems connected to the Internet have ignore the my address a unique IP address query is XXXXXX ARP triggered, A has a packet stored Systems know (or find out from DHCP) their IP address A B C packet to Broadcast: send to C Systems know the IP address of the destination arp who-is (or find it out from the DNS) target-ip Target tell me Unicast: Broadcast: Who is C? IP arp target-ip Systems know their own MAC address Unicast: is 08:00:20:1b:d4:90 (or can look in the NIC ROM) Application stored Ether Type = 0x806 IP packet sent with target No obvious way of determining destination MAC address 14B 28B 18B 4B MAC address - We will call the Next Hop IP address the Target-IP Ethernet arp Ethernet header message Padding CRC Querier Target IP IP
ARP/RARP Packet Ethernet Driver ARP/DHCP Packet G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 0 8 15 16 31 48 bit 32 bit IP output IP input Ether hardware address IP source address Hardware Type Protocol Type loopback HLEN PLEN Operation dest Y = Sender HA (octets 0-3) broadcast? copy other Sender HA (octets 4-5) Sender IP (octets 0-1) N protocols dest Y Sender !P (octets 2-3) Target HA (octets 0-1) = Ether Type local IP = 0x800 Target HA (octets 2-5) ? N Ether Type Target !P (octets 0-3) destination N = 0x806 in arp cache? ARP demux operation�� message Packets Ethernet 48 bit Ether Type = 0x806 stored awaiting frame type 32 bit � 1�� ARP request arp cache entry Y Ether Type Ether Type IP target address Ether hardware address � 2�� ARP reply = 0x800 = 0x806 � [3�� RARP request - ignore this] Ethernet Where are my friends? Who am I? � [4�� RARP reply - ignore this] RFC 826 RFC 2131
ARP Packet Protocol Demultiplexing arp Summary G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk dent -> (broadcast) ARP C Who is 10.0.0.80, gordon ? Transport Senders know: ICMP IGMP Protocols � IP Protocol Type � IP source address (may use DHCP) Indicates how to demux gordon -> dent � IP destination address (may use DNS) ARP R 10.0.0.80, gordon is 8:0:20:96:10:1a .... and hence the Target-IP of the next-hop system IP � MAC source address (may look in NIC ROM) ARP: ----- ARP/RARP Frame ----- ARP ARP: Hardware type = 1 0x800 Senders use arp to find Target-IPʼs MAC addresses 0x806 ARP: Protocol type =0x0800 (IP) Ethernet An arp cache is needed to prevent overload!! ARP: Length of hardware address = 6 bytes Driver ARP: Length of protocol address = 4 bytes Ethernet Frame Type The arp cache is also updated by any query ARP: Opcode 0x0001 (ARP Request) Indicates how to demux ARP: Sender's hardware address = 8:0:20:b:b0:83 Incoming The arp cache entries expire after a fixed period ARP: Sender's protocol address = 10.0.0.17, dent frame ARP: Target hardware address = ? (0xffff ffff ffff) It is automatic when each packet is sent ARP: Target protocol address = 10.0.0.80, (0x8b85 cc50) IP Protocol Demux (Structures) ARP Example ARP Example G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Received IP Packet Use the “ping” command to send test packets Use the “arp -a” command to examine ARP cache. inetsw[ ] Each time a packet is made, arp is triggered as ip_proto[ ] 0 IP gresley:arp -a 0 3 milliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 necessary to find the target-IPʼs mac address. 1 UDP mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0 1 4 2 Packets sent to 139.133.207.111 were received and 2 5 TCP generate replies. IP Protocol 3 IP (raw) ... 3 The cache consists of a table of address and bindings 4 ICMP Packets sent to 139.133.207.222 generate no replies, Type Byte 5 There are currently two entries we can assume this address is not in use. 6 2 IGMP ... 3 Table of gresley:ping 139.133.207.111 17 1 PING 139.133.207.111 (139.133.207.111): 56 data bytes pointers to Pointers 64 bytes from 139.133.207.111: icmp_seq=0 ttl=60 time=1.732 ms entry in table ... 3 to handlers ... of IP protocols for transport gresley:ping 139.133.207.222 protocols PING 139.133.207.222 (139.133.207.222): 56 data bytes 255 ping: sendto: Host is down ping: wrote 139.133.207.222 64 chars, ret=-1 Goto inetsw[ip_proto[packet[protocol]]]; ...
ARP Example ARP Question ARP Question G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk gresley:arp -a milliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 Two 10 Mbps Ethernet LANs are connected by a bridge. mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0 When monitoring LAN A for 1 minute, 40 arp requests are gresley:ping 139.133.207.111 LAN A LAN B observed and 30 arp responses. PING 139.133.207.111 (139.133.207.111): 56 data bytes 64 bytes from 139.133.207.111: icmp_seq=0 ttl=60 time=1.732 ms BRIDGE ... Calculate the Utilisation for the arp packets for LAN A. gresley:ping 139.133.207.222 PING 139.133.207.222 (139.133.207.222): 56 data bytes Size of ARP request/Response is ping: sendto: Host is down ping: wrote 139.133.207.222 64 chars, ret=-1 =8+14+28+4 (less than minimum Enet PDU) => 8+64 B ... Two 10 Mbps Ethernet LANs are connected by a bridge. = (70/60) x 8x72/107x100 % = 0.007% gresley:arp -a When monitoring LAN A for 1 minute, milliways-mac.erg.abdn.ac.uk (139.133.207.64) at 0:d0:bb:f7:c6:c1 on en0 40 arp requests are observed and 30 arp responses. mavis-mac.erg.abdn.ac.uk (139.133.207.77) at 8:0:20:86:ec:df on en0 Give two reasons why there may be fewer responses than erg2-printer.erg.abdn.ac.uk (139.133.207.111) at 0:10:83:ba:c0:a5 on en0 queries. ? (139.133.207.222) at (incomplete) on en0 [ethernet] (a) Calculate the Utilisation for the arp packets for LAN A. The arp cache has two new entries: (b) Give two reasons why there are fewer responses than (1) Some arp requests fail to complete (IP addr not used) queries. (2) Some arp requests may have been sourced on LAN B 139.133.207.111 has MAC: 0:10:83:ba:c0:a5 and correspond to an IP address on LAN B. The response 139.133.207.222 did not respond (no cache entry) would not travel across the bridge.
ARP Packet The Internet G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 001a 2f52 4841 000a 95cf ea5e 0806 0001 isi.edu 0800 0604 0002 000a 95cf ea5e 8b85 cf98 128.9.0.32 001a 2f52 4841 8b85 cf40 Routing (L3) The Role of routers Internet
Subnet mask
Default router emps sysc 139.133.7.10 139.133.7.110 Role of Routers Bridges v Routers About An IP Network G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Routers Connect networks Control traffic flow between networks End Systems send packet to an IP address More expensive know nothing about the network toplogy Work at Network Layer (e.g.IP) Connect different IP networks Relaying Need configuration Media conversion IP Segmentation Routers use IP address to forward packets Bridges/Switches know nothing about ʻconversationsʼ Routing Separate work group traffic Quality of Service Management Improve LAN performance Security Cheap Work at MAC Layer (mostly self configuring) RFC 1812 Form one IP network (broadcast domain at L2)
Selecting a Route IP Header IP Subnet Mask G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 0 15 16 31 4 IHL ToS/DSCP 16-bit total length ES need to know the network netmask Should the Local Network be used? All systems in a subnet must share same subnet mask 16-bit identification flags 13-bit fragment offset or IP Address Block of addresses (32768 in this case) TTL protocol 16-bit header checksum 0 Should a router be used? 32-bit source IP address
32-bit destination IP address net mask 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 options (if any) R0 network id host id B) Remote Network 20 bytes data IP address!! !! 139.133.7.110 ES and routers always examine the IP destination address netmask !! ! ! ! 0xffffff00 (255.255.255.0) A) Local Network network ID!! ! ! 139.133.7.0 RFC 950 H0 H1 RFC 791
IP Subnet Mask Finding the Network ID Identifying the Destination Network (1) G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Local network calculation Subnet mask often written as a ʻ/ʼ followed by number of 1s in the mask local IP address ! ! !139.133.7.110 Finding the network ID local network mask ! !255.255.255.0 � Convert IP address to hex (or binary) /8 11111111 00000000 00000000 00000000 � Convert netmask to hex (or binary) /9 11111111 10000000 00000000 00000000 local net +subnet id ! !139.133.7.0 /10 11111111 11000000 00000000 00000000 � Perform logical AND between the two /11 11111111 11100000 00000000 00000000 /12 11111111 11110000 00000000 00000000 Example: dest IP address ! ! !139.133.7.10 Compare /16 11111111 11111111 00000000 00000000 /20 11111111 11111111 11110000 00000000 local network mask ! !255.255.255.0 /24 11111111 11111111 11111111 00000000 � IP address 139.131. 63. 53 /28 11111111 11111111 11111111 11110000 &�netmask 255.255. 0 . 0 dest net +subnet id ! !139.133.7.0 � host id is: 139.131. 0 . 0/16 /29 11111111 11111111 11111111 11111000 /30 11111111 11111111 11111111 11111100 Match, therefore /31 11111111 11111111 11111111 11111110 Remote network calculation use local network Identifying the Destination Network (2) Escaping from the LAN Finding the Broadcast Address G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Local network calculation Where is Z? Router understands the best link local IP address ! ! !139.133.7.110 to route a packet towards Z Broadcast address = the network ID + all 1ʼs host ID local network mask ! !255.255.255.0 Finding the broadcast address local net +subnet id ! !139.133.7.0 � Convert IP address to hex (or binary) � Convert netmask to hex (or binary) � Perform logical OR of the inverted netmask router forwards dest IP address ! ! !129.105.2.6 Compare packet on a link local network mask ! !255.255.255.0 Example: Sender forms packet with netmask 255.255. 0 . 0 dest net +subnet id ! !129.105.2.0 destination address of Z and sends to Local Router � IP address 139.131. 63. 53 OR 0 . 0 .255.255 Remote network calculation Differ, use � host id is: 139.131.255.255 a router
IP Broadcast Network Layer Processing (IP) G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk SVC Man Routing SVC IP broadcast uses network address Routers Application software with a subnet value of all 1ʼs (and layers 5-7) never Routing (L3) Transport To all systems in an IP network forward Transport Layer IP broadcast Always sent using MAC broadcast Routes Network R0 Layer ARP not needed Traceroute IP IP In Out Routing Protocols Net Interface H0 H1 Interface (Link, Physical) End System Stack
Network Layer Processing (IP) Router Architecture PC Router Architecture G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk SVC Man Routing SVC Services 1995 Single CPU design (application software) Forwarding (data plane) Routing (control plane) and Transport were closely linked TTL=64 Control Plane Network Interfaces standard NICʼs Single CPU design Most routers did both on the same CPU (PC-like) SVC Man Routing Routing Table Standard NICʼs 2005 Separate Forwarding Engine Control Plane Limited services: Data Plane IP TTL-- Forwarding (data plane) in hardware and Routing Routing Forward TTL=0? (switching/forwarding Interfaces optimised for forwarding fabric) Forwarding Plane Management (control plane) in a local CPU in same “box” IP IP IP IP IP IP AAA, etc In Out In Out In Out 2010 Independent Forwarding Engine Net Net NetNet Interfaces Net Net Net Interface Interface InterfaceInterface Forwarding (data plane) in hardware and Routing Interface Interface Interface Intermediate System Stack (control plane) in a possibly separate box Multiservice Router Architecture Routing Process Route to zeno.ksc.nasa.gov G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Transport Transport Route to zeno.ksc.nasa.gov (128.159.1.155), 30 hops max, 40 byte packets Multiple CPU design Routing Routing 1 milliways-erg (10.0.0.64) ���2 ms 1 ms 1 ms 2 139.133.210.1 (139.133.210.1) �� � 7 ms 7 ms 7 ms SVC SVC Routing Man 3 abdn-gw.abdn.ac.uk (139.133.7.6) �� 3 ms 3 ms 3 ms Custom Interfaces Routing 4 smds-gw.ulcc.ja.net (193.63.203.33) � 17 ms 16 ms 15 ms Routing 5 nsn-gw.ulcc.ac.uk (128.86.1.3) �� � 16 ms 17 ms 16 ms Many services: Table Table 6 128.161.165.1 (128.161.165.1) �� � 96 ms 123 ms 147 ms Control Control 7 GSFC6.NSN.NASA.GOV (192.100.13.6) �98 ms 115 ms 146 ms 8 128.161.44.4 (128.161.44.4) �� � 178 ms 189 ms 154 ms Plane Plane Multi-protocol Routing 9 MSFC1.NSN.NASA.GOV (192.100.14.1) 170 ms 178 ms 175 ms IP IP 10 KSC.NSN.NASA.GOV (128.161.30.27) � 192 ms 316 ms 168 ms Management, DHCP, Forward Forward 11 192.150.33.1 (192.150.33.1) �� � 192 ms 205 ms 213 ms 12 128.159.215.239 (128.159.215.239) � 172 ms 172 ms 193 ms AAA, VoIP, 13 163.205.253.254 (163.205.253.254) � 330 ms 222 ms 269 ms Forwarding Plane Web servers, IP IP IP IP IP IP 14 zeno.ksc.nasa.gov (128.159.1.155) � 220 ms 377 ms 177 ms In Out In Out In Out Load balancing, Firewalls, NAT, Net Net Net Net Net Net Intrusion Detection Interface Interface Interface Interface Interface Interface
Route to globalweb.ac.uk Traceroute to globalweb.ac.uk Route to phys.uh.edu G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 1 milliways (139.133.204.64) 2.831 ms 2.077 ms 2.167 ms linx-gw.ja.net gw.uh.edu abdn.ac.uk 2 gw34.abdn.ac.uk (139.133.34.1) 4.828 ms 4.955 ms 4.865 ms abdn.ac.uk 139.133 193.63 129.7 139.133 scotland.net 3 gwkccs.abdn.ac.uk (139.133.7.4) 16.989 ms 15.510 ms 5.331 ms linx-gw.ja.net 194.247 4 aclarke-gw.abman.net.uk (194.81.60.94) 7.769 ms 5.545 ms 5.734 ms ja.net 193.63 5 146.97.250.17 (146.97.250.17) 9.785 ms 12.061 ms 9.347 ms 146.97 6 146.97.37.29 (146.97.37.29) 13.904 ms 16.689 ms 11.144 ms abman.net.uk 158.152 7 pos9-0.edin-scr.ja.net (146.97.35.61) 11.492 ms 16.527 ms 21.450 ms 194.81 195.66 8 pos0-0.leed-scr.ja.net (146.97.33.26) 18.450 ms 27.231 ms 19.766 ms 9 pos2-0.lond-scr.ja.net (146.97.33.30) 32.023 ms 35.862 ms 28.696 ms 195.11 10 146.97.35.6 (146.97.35.6) 26.864 ms 25.046 ms 24.458 ms 194.159 router.demon.net 11 linx-gw.ja.net (193.63.94.249) 23.115 ms 32.644 ms 21.848 ms ja.net 12 linx-2.router.demon.net (195.66.224.13) 26.371 ms 26.082 ms 22.430 ms 194.81 Pegasus.phys.uh.edu 13 tele-backbone-1-ge020.router.demon.net (194.159.252.54) Web browser abman.net.uk Web browser 146.97 www.test.globalweb.co.uk 198.32 Web server 14 anchor-core-2-fxp1.router.demon.net (158.152.0.178) ucaid.edu Web server 15 demon-gw-2.sol.co.uk (195.11.50.130) 37.791 ms 33.314 ms 38.483 ms 16 atm1-0-0-1.core2.scotland.net (194.247.77.34) 50.325 ms 56.771 ms 18 hops in total 25 hops in total 17 fe12-0-0.core1.scotland.net (194.247.67.41) 44.368 ms 46.100 ms over 6 domains (4 intermediate) over 9 domains (7 intermediate) 18 ABZ-Sci-Park.LL.scotland.net (194.247.71.109) 50.041 ms 51.625 ms
Traceroute to phys.uh.edu Traceroute to phys.uh.edu IP Header G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 1 milliways (139.133.204.64) 2.956 ms 2.103 ms 2.101 ms 0 15 16 31 17 dnvr-kscy.abilene.ucaid.edu (198.32.8.13) 138.995 ms 130.486 ms 2 gw34.abdn.ac.uk (139.133.34.1) 4.951 ms 4.891 ms 4.765 ms 18 scrm-dnvr.abilene.ucaid.edu (198.32.8.1) 153.115 ms 157.528 ms 44 IHL ToS/DSCP 16-bit total length 3 gwkccs.abdn.ac.uk (139.133.7.4) 5.255 ms 16.300 ms 5.009 ms 19 losa-scrm.abilene.ucaid.edu (198.32.8.18) 163.873 ms 163.366 ms 4 aclarke-gw.abman.net.uk (194.81.60.94) 6.665 ms 5.533 ms 5.623 ms 20 hstn-losa.abilene.ucaid.edu (198.32.8.22) 195.996 ms 201.506 ms 16-bit identification flags 13-bit fragment offset TTL protocol 16-bit header checksum 5 146.97.250.17 (146.97.250.17) 10.686 ms 10.713 ms 9.235 ms 21 LINK2ABILENE.GIGAPOP.GEN.TX.US (198.32.236.13) 194.006 ms 6 146.97.37.29 (146.97.37.29) 14.946 ms 20.399 ms 25.039 ms 22 INTRALINK2IBT.GIGAPOP.GEN.TX.US (198.32.236.37) 199.774 ms 32-bit source IP address 23 UH.GIGAPOP.GEN.TX.US (198.32.236.30) 205.365 ms 201.777 ms 7 pos9-0.edin-scr.ja.net (146.97.35.61) 14.822 ms 17.958 ms 20.820 ms 32-bit destination IP address 8 pos0-0.leed-scr.ja.net (146.97.33.26) 26.630 ms 26.973 ms 21.264 ms 24 vespasian-vlan10.gw.uh.edu (129.7.254.254) 205.210 ms 196.519 ms 9 pos2-0.lond-scr.ja.net (146.97.33.30) 28.960 ms 25.399 ms 25.840 ms 25 Pegasus.Phys.UH.EDU (129.7.2.50) 204.640 ms 197.582 ms 204.103 ms options (if any) 10 146.97.35.6 (146.97.35.6) 22.284 ms 22.070 ms 23.392 ms 20 bytes 11 us-gw2.ja.net (193.63.94.91) 28.271 ms 22.696 ms 23.660 ms data 12 193.62.157.18 (193.62.157.18) 91.709 ms 90.632 ms 87.277 ms 13 ny-pop.i2.ja.net (193.62.157.210) 95.792 ms 95.864 ms 97.488 ms 25 hops in total Router always examine the IP destination address Routers may also utilise the ToS/DSCP value 14 clev-nycm.abilene.ucaid.edu (198.32.8.29) 106.189 ms 116.730 ms over 6 domains (4 intermediate) 15 ipls-clev.abilene.ucaid.edu (198.32.8.25) 113.960 ms 109.556 ms The TTL is decremented and checksum recalculated 16 kscy-ipls.abilene.ucaid.edu (198.32.8.5) 129.682 ms 126.980 ms RFC 791 Router Forwarding Procedure Routing Routing Table G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 139.134.204.x G Fairhurst, http://www.erg.abdn.ac.uk
Network ID Itʼs on my LAN e.g. 10.1.0.0/16 use arp to find h.a. destination ! !route Route IP 139.133.1.0/24 send directly to H3 R3 H3 R3 H3 datagram 139.133.208.x !local Send ICMP � extract net message N3 N0 ! ! ! !local from IP address R3 is nearer H3, R2 R2 N1 ! ! ! !local N N2 net net send to R3 N2 ! ! ! !R2 net N N N3 ! ! ! !R1 = N = = default route R1 R1 local network host route network route specified? N1 139.134.x.x !R1 ? ? ? Y Y Y R1 is nearest H3, N0 Y send to R1
Send IP Itʼs not for my LAN R0 R0 destination N arp destination ! !route in arp cache? request datagram send to local router (R0) 139.133.208.x Y 139.133.208.x !local default ! ! !R0 H0 H1 H2 H0 H1 H2
Alternative Routes Routing Protocols Routes from local networks G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Router B declares Router B as default route R2 R2 Router C declares Router B as default route Router D declares Router B as default route R1 R1 All traffic to “unknown addresses flows towards “core” “Best Effort” network service Not all packets are delivered Some may be delivered twice! R0 R0 Routers exchange control packets A Not all packets follow same route Default Route Default Route Not all packets take the same time Routers send “control” messages � If you donʼt get them, you know link is “dead” (Not all packets are segmented in the same way) B C Thereʼs no such thing as a reliable “I am dead indication” This needs agreement between the two ends Default Route D
Routes to Remote Networks Router Architecture Router Architecture G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Router A instructs Router B Link Protocol Interface Network Interface Cards Forwarding table Send B all traffic to addresses with network ID 10.1.0.0/16 Controllers Management Table (here with single interfaces) (identifies this packet requires (e.g. Ethernet) processing by general purpose Router B sends traffic with network ID 10.1.1.0/24 to C processor) Router B sends traffic with network ID 10.1.3.0/24 to D Received packet Received packet Network Protocol (Forwarding Engine) A Route towards 10.1.0.0/16 Hardware Forwarded Route towards 10.1.1.0/24 Address packet Tables Interface to/from B C Packet Switch Forwarding Table Route towards 10.1.3.0/24 Forwarded Hardware Packet Switch General Purpose Processor packet (IP address matches (connects via general (examines packet header in detail, D another local interface) purpose processor) perhaps using filter table) Router Platform Price v RouterPerformance NAT G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Not all routers are equal SVC SVC - Cost is sometimes important First invented to map one computer to one address - Control is sometimes important Cost/Bandwidth Control Really useful in a commercial setting Plane - Speed is sometimes important - Services are sometimes important This lets a company change itʼs external IP address
Forwarding Plane PC Home Office ISP Core Services Gateway Router Router Router Edge Platform (cost) (control) (interfaces) (speed) Net Net Core Router Interface Interface Fabric Router Engine Services Web 1 Platform Server 10 100 1000 10000 100000 (flexibility) Instructions/Packet
NAPT Internet Control Message Protocol G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Port Translation Problem NAPT shares same address between multiple users Generally what is done for home networks ICMP Connections have to be started from the inside H0 R0 R1 R2 H1 - Becomes a nuisance when connecting to a server Internet Control Message Protocol NAPTs build state - When a NAPT crashes the connections disappear ICMP Encapsulation ICMP (Reason, Diagnostic) NATs try to be “transparent”, it hides and does Ping and ICMP Echo things without anyone asking it to do things Routers / Computers send ICMP messages Other uses: PMTU Discovery, Traceroute Messages usually contain the header of the packet Not usually sent when ICMP messages received (An exception is an ICMP ECHO REQUEST)
ICMP Message ICMP Encapsulation Ping of Local Host G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 0 7 8 15 16 31 8-bit type 8-bit code 16-bit checksum Usually contains Ping 60 B of ICMP payload "ID" and "sequence number" (contents depend on type and code) for "ICMP Echo" RTT = 2 ms user data ping -s sysb 4 PING sysb: 56 data bytes 64 bytes from sysb (139.133.201.196): icmp_seq=0. time=3. ms Type� Message ICMP 64 bytes from sysb (139.133.201.196): icmp_seq=1. time=3. ms user data 64 bytes from sysb (139.133.201.196): icmp_seq=2. time=3. ms header 64 bytes from sysb (139.133.201.196): icmp_seq=3. time=3. ms 20 64 bytes from sysb (139.133.201.196): icmp_seq=4. time=3. ms 0�� Echo reply 64 bytes from sysb (139.133.201.196): icmp_seq=5. time=3. ms 3�� Destination unreachable IP ICMP 64 bytes from sysb (139.133.201.196): icmp_seq=6. time=3. ms header header user data 64 bytes from sysb (139.133.201.196): icmp_seq=7. time=3. ms 4�� Source quench 14 4 64 bytes from sysb (139.133.201.196): icmp_seq=8. time=3. ms 64 bytes from sysb (139.133.201.196): icmp_seq=9. time=4. ms 5�� Redirect IP ICMP 64 bytes from sysb (139.133.201.196): icmp_seq=10. time=5. ms Ethernet user data Ethernet 64 bytes from sysb (139.133.201.196): icmp_seq=11. time=3. ms 8�� Echo request header header header CRC-32 ^C 11�� Time exceeded (i.e. TTL=0) ----sysb PING Statistics---- 12 packets transmitted, 12 packets received, 0% packet loss � round-trip (ms) min/avg/max = 3/3/5 Postel, J., "Internet Control Message Protocol", RFC792, STD 5, 1981. Ping of Remote Host IP Segmentation G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
ping -s www.ksc.nasa.gov PING zeno.ksc.nasa.gov: 56 data bytes Segmentation / 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=0. time=191. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=1. time=237. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=2. time=412. ms Fragmentation 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=3. time=177. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=4. time=183. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=5. time=189. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=6. time=179. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=7. time=177. ms IP segmentation by routers 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=8. time=174. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=9. time=175. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=10. time=178. ms IP segmentation header 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=11. time=189. ms 64 bytes from zeno.ksc.nasa.gov (128.159.1.155): icmp_seq=12. time=322. ms Each Interface has a Maximum Transmission Unit ^C ----zeno.ksc.nasa.gov PING Statistics---- Path MTU Discovery 14 packets transmitted, 13 packets received, 7% packet loss The MTU specifies the size of the largest IP packet round-trip (ms) min/avg/max = 174/214/412 End System segmentation by sender Packets must be fragmented to be less than the MTU
Required Information 1980s: Reliable data transmission G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Own MAC hardware address (from NIC PROM) � Used in MAC source address Transport,Middleware 1980 Own IP address (given by network administrator) & Applications � Used as IP source address UDP (Header, Services) Own IP subnet mask (given by network administrator) � Indicates remote destination addresses Demultiplexing (Protocol, Port) � Indicates IP broadcast address (to all local systems) IP default router (given by network administrator) Checksum � IP address of router to send to for remote addresses � (indicates MAC address for remote IP networks) TCP (Header, Services)
IP name server server (given by network administrator) TCP Connections Data was precious... � IP address of a server to resolve names <-> address Networks needed to be careful not to loose/damage it. Applications
1980s: The Internet model Reliability needs to be End-to-End Network Layer Processing (IP) G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk SVC Man Routing SVC In most places, the Internet is only “best effort”
There can be: Transport Loss (never arrives) TCP Variable delay (arrives late)
Reordering (wrong order) Network All much more common with wireless Layer TCP Dave Clarke, 1981 IP IP "The function in question can completely and correctly be In Out implemented only with the knowledge and help of the application standing at the end points of the communication Net Interface system. Therefore, providing that questioned function as a Interface (Link, Physical) feature of the communication system itself is not possible." Transport Layer Service IP Protocol Types G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk IP in IP Tunnel G Fairhurst, http://www.erg.abdn.ac.uk Transport Logical link between applications IP ICMP Protocols IP Protocol Type Transport Transport protocols run in End Systems Indicates how to demux UDP User Datagram Protocol IP End System Best Effort Service Incoming # packet # Internet (IP) protocols Multiplexing (service access points) # ip 0 IP # internet protocol icmp 1 ICMP # internet control message protocol Integrity Check tcp 6 TCP # transmission control protocol udp 17 UDP # user datagram protocol # # Internet (IPv6) extension headers Several Transport Protocols # Transport ipv6 41 IPv6 # IPv6 in IP encapsulation (ICMP) ... More IPv6 Extension Headers... UDP, TCP, STCP, UDP-Lite, DCCP End System In UNIX, these are stored in /etc/protocols
UDP Header Loss in Networks Corruption in Networks G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Why are datagram networks unreliable? Why are datagram networks unreliable? (II) Each connection identified by: Corruption of packet: (dest IP, dest port)) Transmission Frame Corruption (link CRC fails) � inside bridges ! inside routers 0 15 16 31 Router Header Corruption (IP Checksum fails) � inside end systems 16-bit source port 16-bit destination port 8 bytes � 16-bit UDP length 16-bit UDP checksum Router Congestion (packet discarded by router) Causes: � Software errors (copy wrong data) Receiver Busy (packet discarded by end system) data (if any) � DMA hardware faults No route to destination (packet discarded by router) Errors in IP header detected by IP checksum � Routers discard packets with header errors Integrity checked by: Equipment failure (packet discarded by router) � Verifying the length of PDU (incl. header) Each means packet does NOT reach the destination Errors in IP payload undetected � Executing a checksum algorithm A corrupted packet can reach the destination RFC 768
16-Bit UDP Checksum Port Numbers Well-Known Server Port Number G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
Sender treats segment contents as sequence of 16-bit integers C2 The Server accepts packet Application I will accept Add (1ʼs complement sum) of segment contents to a socket packets from Put checksum value into UDP checksum field bound to Destination Port server-port
Receiver computes checksum of received segment Transport Is computed checksum equals checksum field value: C1 Server Server “opens” a new NO - error was detected. Internet transport session YES - no error detected. But, may be errors nonetheless? Network It “binds” to IP (dst = server-port, src= any-port) Some other things to check: Addresses, Length, Protocol Data Link Ethernet It “accepts” new driver These are also added into checksum 3 C C4 Each client sends packet Physical Layer connections with a specified Destination Port Well Known Port Numbers Unique Client Port Number Unique Client Port Number G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk The Internet has agreed a set of well -known ports I want to Application There are lots of these - one for each service send to server-port Connections identified by: {SIP,SPort,DIP,DPort} How do you choose SPort?
Transport Client “opens” a new Some examples are: transport session SPort needs to be unique for a client 37 !Network time Server (nntp) 53!! ! Domain Name Server (dns) Could increment for each new socket It “binds” to (some OS do) e.g. packets sent from a client to a dns server (53) Network IP (src = unique-port, But... could do something different IP header�� � � � � � UDP header dst = server-port) (clientʼs IP addr, dns server IP addr) � (client port,53) (many OS do) e.g. packets (responses) from a dns server(3) to a client Could pick a random (but unique) SPort Data Link Ethernet IP header�� � � � � � UDP header driver (dns server IP addr, clientʼs IP addr) � (53, client port) (makes packet snooping harder) Physical Layer
Src &Dest Port Numbers UDP Services G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Simple Services Server Client (well- � Startup / Bootstrap �(DHCP, tftp) Application (unique) known) All UDP packets carry Query / Response TFTP (src, dst) port numbers � Disk Sharing �� � � (nfs) � Address Query�� � (dns) Trivial File Transfer Protocol Transport � Time Query�� � � (ntp) (unique, � Network Management � (snmp) Reliability well-known)
Network IP IP Stream Services Packet Headers � Audio, Video�� � � (Multimedia) (well-known, � Internet Telephony�� (Voice over IP) Retransmission (ARQ) unique) Data Link Ethernet Ethernet driver driver Multicast Physical Layer � Internet TV�� � � (Multicast Multimedia) � File Distribution�� � (Multicast File Transfer)
Trivial File Transfer Protocol (TFTP) Trivial File Transfer Protocol (TFTP) Reliability G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
VERY simple file transfer protocol. Internet is Best Effort Read Request (RRQ) � Some information may be lost in transit First defined in 1980. Corruption unlikely (due to CRCs and checksums) Easy to implement in a very small amount of memory. copy of client software Reliability Implies.... (e.g. “bootstrap, 1074 B) TFTP is useful for booting computers and configuring routers No software when which did not have mass storage devices. client switched on, � All information is received�� (no loss, no residual errors) requests copy � No information is duplicated �(no extra copies) Can be used to transfer small files between hosts on a LAN, from server �Sequencing �� � � � � (original order is preserved) e.g. remote X Window System terminal. DATA ACK Automatic Repeat reQuest (ARQ) Transmit Timer Loss Recovery by Timer G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk "What, no ACK? Send a Packet Wait Acknowledged - send it again." Timer Timer Timer Timer started restarted restarted stopped
Timer Timer Timer D D D Transmit timer monitors receipt of acknowledgments D1 D2 D2' Starts:�When first Data Packet sent
ACK ACK ACK Restarts:�When a new Data Packet sent ACK ACK Stops:� When all packets have been acknowledged "I got it!" "I got it!" Lost packet "I got it!"
Stop & Wait ARQ Trivial File Transfer Protocol (TFTP) TFTP Protocol Header G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Op Codes for TFTP Server DATA 1 1 = TRead Request (RRQ) Advantages starts DATA 2 DATA 3 (512 B) (512 B) (50 B) 2 = Write Request (WRQ) Very simple to implement transfer 3 = DATA (512 B, unless final) Disadvantages 4 = ACK Response to every transmitted Data packet 5 = Error Op Code 2 B sequence number Timers needed to recover loss of a Data packet/ACK Wasteful with long delays ACK(1) ACK(2) ACK(3) 4B Data block
READ DATA DATA DATA 8 B UDP request indication indication indication (RRQ) Last block< 512B, 20 B IP indicates end of transfer. TFTP defined in RFC 1350, 1992
Throughput Throughput Summary G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
! TFTP is very simple to implement Uses UDP/IP
DATA Adds to this to provide reliable delivery Useful for simple tasks Defined as “the number of bits transferred per second (software download, configuration of routers, etc) from a given layer to the upper layer as a result of a RTT Idle time ACK conversation between two users of the layer” Performance OK for a LAN Considers only data forwarded to the OSI layer above (i.e. not layer ovehead) Not suited to general Internet Expressed in bits per second Slow performance with large delay ! Throughput = (PDU)/(RTT) Measures performance of a layer No userid/login No congestion control (see “TCP”) FTP between local hosts Encapsulation G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
FTP FTP user data Application client TCP Transmission Control Protocol client Reliable application Integrity Check (as UDP) header user data Transport TCP TCP 20 Multiplexing (similar to UDP) TCP application user data Reliable In-Order Delivery (retransmits) header header Network IP IP 20 Stream-oriented Transport IP TCP application header header header user data Flow Control (receiver slows-down sender) Ethernet Data Link Ethernet 14 4 Physical Layer driver driver Congestion Avoidance (network slows-down sender) Ethernet IP TCP application Ethernet header header header header user data CRC-32 Out-Of-Band Data (little used) (source IP, source port; Dest IP, dest port)
TCP Streams TCP Header TCP Services G Fairhurst, http://www.erg.abdn.ac.uk Same as UDP G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Sender Interactive Services Receiver 0 15 16 31 16-bit source port 16-bit destination port � terminal access (telnet [23] rlogin [513]) read 32-bit sequence number � dns write read 32-bit acknowledgement number 20 bytes Bulk Services write read TCPHL reserved flags 16-bit window size read � file transfer (ftp [21])� write 16-bit TCP checksum 16-bit urgent pointer � mail transfer (smtp [25]) options (if any) � streaming media
data (if any) Semi-Interactive� � � WWW (http [80]) Data and ACK � nfs sequence numbers ≤ MSS RFC 793
Well Known Port Numbers Window Throughput G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Stop and Wait Protocol The Internet has agreed a set of well -known ports !Throughput = (PDU)/(RTT) There are lots of these, see: DATA � /etc/services file in UNIX Idle time � or RFC 1060 (Assigned Numbers) ACK Some examples are: Defined as “the number of bits transferred per second 20 FTP-DATA File Transfer [Default Data] from a given layer to the upper layer as a result of a 21 FTP File Transfer [Control] Window-Based Protocol conversation between two users of the layer” 23 TELNET Telnet 25 SMTP Simple Mail Transfer !High throughput requires large enough window. Considers only data forwarded to the OSI layer above 37 TIME Time ! ! (window(in bytes)xRTT) > bandwidth (i.e. not layer ovehead) 69 TFTP Trivial File Transfer 79 FINGER Finger DATA Expressed in bits per second 110 POP3 Post Office Protocol v 3 DATA 123 NTP Network Time Protocol Measures performance of a layer 143 IMAP2 Interim Mail Access Prot. v2 DATA ACK 161 SNMP Simple Network Man. Prot. DATA
DATA Utilisation Multiplexing G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk Idle (unused) � � An end system uses TCP to communicate with another end system over a 10 Mbps Ethernet LAN. The sender transmits 50 packets per second with 1460 B of TCP data, and receives 25 packets per Utilised� second of Acknowledgements (ACKs) with no data.
Defined as “the total number of bits transferred at the Calculate: physical layer to communicate a certain amount of data divided by the time taken to communicate the data.” � (i) The throughput Two flows can share a link (multiplexing) Includes all bits in all types of frame irrespective of Utilisation = sum of each flow utilisation whether they are corrupted or correctly received. � (ii) The utilisation of the network Expressed as a percentage of physical layer rate. � (iii) The utilisation if UDP were used instead of TCP No loss occurs providing utilisation < 100% Some buffer space is needed to store bursts Measures link capacity used .
Sharing Congestion Congestion Collapse G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
• Circuit-switching allocates fixed capacity Peak packet rate can exceed long-term share • More packets received than sent �� � queue builds Retransmit the discarded packets� Queue exceeds buffer memory � causes more overload � packets discarded Situation results in a “meltdown” Known as a “drop-tail” router Known as a “congestion collapse”
“Route” Optimisation Problem Multi-path sharing Congestion Avoidance G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk ES can optimise globally ISP-level optimisation more course-grain Takes sharing one stage further Leverages multi-homing Congestion Collapse was a real problem in late 80ʼs Traffic moves away from congested links It was prevented by new algorithms in TCP (1986) � Each TCP sender now judges how fast to send � - based on whether they experience congestion: End Systems that see any loss slow down. End Systems that do NOT see loss speed up. � Use of this is required (1988) � It has worked very well - at least up until now! TCP continues to evolve...... A New Internet Layer? IPv6 IPv4 G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
Version HLen DSCP/ToS ECN Total Datagram Length Fragment Identification Flags Fragmentation Offset Time to Live Protocol Header Checksum Internet 32 bit Source Address 32 bit Destination Address Protocol IPv4 IPv6 Options (if any), multiple of 32 bits
TransmissionTransport Field updated and present in IPv6 base header Current Next Gen. Field not present in IPv6 base header Internet Links and Internet (1981) (1994) Physical 32-bit address Monolithic header (complex) Options not widely implemented Router fragmentation troublesome (use PMTUD)
“New” IPv6 Functions IPv6 Decode IPv6 Status G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
Version DSCP/ToS ECN Flow Label Payload Length Next Header Hop Limit 0000: 47 5c 8f 15 00 80 6c 86 dd 60 00 00 00 00 40 3a G\....l..`....@: Standard on all router platforms 0010: 40 20 10 0d b8 85 a3 08 d3 13 19 8a 2e 03 70 73 @ ...... ps 128 bit Source Address Common on high-end switches 0020: 35 20 10 0d b8 85 a3 08 d3 13 19 8a 2e 03 70 73 5 ...... ps 0030: 35 80 00 e9 6b 77 3d 00 04 9b 56 d9 47 00 00 00 5...kw=...V.G... Standard in modern host operating systems 128 bit Destination Address 0040: 00 3e 0f 0d 00 00 00 00 00 10 11 12 13 14 15 16 .>...... 0050: 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 ...... !"#$%& “IPv6 is not Rocket Science” – Lorenzo Colitti Next Header Header Length 0060: 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 '()*+,-./0123456 But... Header Extensions (if any) 0070: 37 8f 05 4a 29 ff ff ff ff ff ff ff ff ff ff ff 7..J)...... 0.39% of BGP-advertised prefixes are IPv6! Simplified header format (good for hardware) 0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ...... Expanded addressing 128-bit 0090: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ...... 0.2% of total web traffic! 00a0: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ...... Improved support for Extensions (e.g. mobility) 00b0: ff ff ff ff ff ff ff ff ff ff ff ff ...... Flow Labeling http://www.ipv6forum.com/ Authentication and Privacy (IPsec, SEND, ...)
IPv6 Features Distribution of allocated IPv4 Addresses Unallocated IANA IPv4 /8 Addresses G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
USA Asia/Pacific Europe Lat America Africa 78 80
73 ~9 /8’s IPv4 IPv6 allocated 65 per year 65 USA 65 60 32% 62 62 59 Some features were not used: 55 Asia/Pacific 49 40 Flow-labels not so useful after all Africa 31% 49 IPsec mainly used for VPNs 2% 45 42 Lat America 41 Many IPv6 features now in IPv4: 7% 39 20 QoS 35
Europe Dec-04 Multicast Jul-05 0 28% Dec-05 Mobility Jun-06 Dec-06 NAT has replaced the need for addresses? Jun-07 the days of free IPv4 addresses are numbered... Dec-07 Areas with high demand for rural satellite Internet have few IPv4 addresses Jun-08 “...Itʼs not deployed, do we need IPv6?” Projected IANA Unallocated Address Pool Exhaustion: 20-Jun-2011 http://www.potaroo.net/tools/ipv4/index.html So what will the Future Internet be? IP Header G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk 0 15 16 31 An Internet that builds on IPv4 4 IHL ToS 16-bit total length 16-bit identification flags 13-bit fragment offset Internet will continue to evolve slowly... Packet Decodes An Internet that deploys IPv6 TTL protocol 16-bit header checksum Ethernet Header 32-bit source IP address ? NAT-free host-to-host via IPv6 PDU Header Chart 32-bit destination IP address Autoconfig /provider-independent addressing Hexadecimal Packet dump options (if any) 20 bytes Mobility (?) 0: 0100 5e02 dc3e 00d0 bbf7 c6c0 0800 4500 16: 00cc e206 0000 7111 a1a9 84b9 8476 e002 data ? And new stuff... 32: dc3e 7982 7982 00b8 08a0 8005 dbc6 d721 48: 69c0 0752 bb5f fe39 3600 8808 b120 8933 64: 6219 9118 5128 ffc8 1321 bc10 933e aa23 A “clean slate” design of a new network architecture 80: 3233 ba00 e892 a00c 1a3c 0a28 37ab 012d 96: aca5 4819 9088 0b39 64ba 43a0 b9a8 04b3 RFC 791 Transition to something better 112: 88b8 4bf8 3940 d024 0a98 8b0b 1703 0a3a ? 128: 8820 a381 a21f 3bc0 9298 e893 90bd 042a 144: 0a88 3287 59ab e980 1211 4002 2208 98b1 160: 7039 0b26 e898 99ab b118 a1aa a702 9ac4 176: 9128 ca21 7822 2971 090a 2194 98d0 27bb 192: 0958 8092 993f b3b0 2922 337a 0f88 8810 208: 8a29 0183 fb15 b888 0d4c
UDP Header Encapsulation And finally.... G Fairhurst, http://www.erg.abdn.ac.uk G Fairhurst, http://www.erg.abdn.ac.uk
ETHER Packet size = 218 bytes Destination = 1:0:5e:2:dc:3e, (multicast) (01-00-5e-02-dc-3e) Source = 0:d0:bb:f7:c6:c0, Ethertype = 0800 (IPv4) IP 0 15 16 31 Version = 4, Header length = 20 bytes Type of service = 0x00 Topics to be examined 16-bit source port 16-bit destination port Total length = 204 bytes (00cc) - Everything on the syllabus (includes lab & tutorials) 8 bytes ID = 57862, Flags = 0x00, Frags = 0 Time To Live = 113 seconds/hops 16-bit UDP length 16-bit UDP checksum Protocol = 17 (UDP) 0: 0100 5e02 dc3e 00d0 bbf7 c6c0 0800 4500 Header checksum = a1a9 16: 00cc e206 0000 7111 a1a9 84b9 8476 e002 Topics excluded Source address = 132.185.132.118 32: dc3e 7982 7982 00b8 08a0 8005 dbc6 d721 - Calculation of link CRC (but know what it does!) data (if any) Destination address = 224.2.220.62 No options 48: 69c0 0752 bb5f fe39 3600 8808 b120 8933 - Algorithm for DPLL (but know what it does!) UDP 64: 6219 9118 5128 ffc8 1321 bc10 933e aa23 Source port = 31106 (7982) 80: 3233 ba00 e892 a00c 1a3c 0a28 37ab 012d - Calculation of packet checksum (but know what it does!) Destination port = 31106 (7982) 96: aca5 4819 9088 0b39 64ba 43a0 b9a8 04b3 Length = 184 (00b8) Checksum = 08a0 112: 88b8 4bf8 3940 d024 0a98 8b0b 1703 0a3a RTP 128: 8820 a381 a21f 3bc0 9298 e893 90bd 042a Topics not covered this year 180B of Data 144: 0a88 3287 59ab e980 1211 4002 2208 98b1 - IP router fragmentation 160: 7039 0b26 e898 99ab b118 a1aa a702 9ac4 - Path MTU Discovery 176: 9128 ca21 7822 2971 090a 2194 98d0 27bb 192: 0958 8092 993f b3b0 2922 337a 0f88 8810 RFC 768 208: 8a29 0183 fb15 b888 0d4c