Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 1
Chapter 3.1: The Internet Protocol IP
Data Link Layer
Chapter 3: Protocols and Services
• 3.1: The Internet Protocol: IP • 3.2: Routing
• 3.3: Auxiliary Protocols • 3.4: Quality of Service
• 3.5: Transport Layer: TCP and UDP
Presentation Layer
Session Layer
Chapter 2: Computer Networks Physical Layer
Network Layer Transport Layer Application Layer
Internet Protocols
Chapter 4: Application Protocols
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 2
Chapter 3.1: The Internet Protocol IP
Layer 3
Layer 3: Network Layer
• Boundary between network carrier and customer • Control of global traffic:
Coupling of sub-networks by… - Global addressing
- Routing of data packets
Global flow control
Layer 1/2 are responsible only for the transmission of data between adjacent computers.
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 3
Chapter 3.1: The Internet Protocol IP
Layers in the Network
Physical Layer Data Link Layer Network Layer Transport Layer Session Layer Presentation Layer Application Layer Application Process Physical Layer Data Link Layer Network Layer Transport Layer Session Layer Presentation Layer Application Layer Application Process Physical Layer Data Link Layer Network Layer Physical Layer Data Link Layer Network Layer
Host A Router A Router B Host B
Routers in the network receive frames from layer 2, extract the layer 3 content (packet) and decide due to the global address, to which outgoing connection the packet must be passed on.
Accordingly the packet becomes payload of a new frame and is sent.
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 4
Chapter 3.1: The Internet Protocol IP
Two Fundamental Philosophies
Connectionless communication:
• Data are transferred as packets of variable length • Source and destination address are being indicated • Sending is made spontaneously without reservations • Very easy to implement
• But: packets can take different ways to the receiver (wrong order of packets at the receiver, differences in transmission delay, unreliability)
Connection-oriented communication: • Connection establishment:
Selection of the communication partner resp. of the terminal
Examination of the communication readiness
Initiation of a connection
• Data transmission: Information exchange between the partners • Connection termination: Release of the terminals and channels
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 5
Chapter 3.1: The Internet Protocol IP
Connectionless Communication
Computer A
Computer C
Computer B
• Message is divided into packets
• Access is always possible, small susceptibility to faults
• Alternative paths for the packets
• Additional effort in the nodes: Store-and-Forward network
Keyword: Packet Switching
1 3 2
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 6
Chapter 3.1: The Internet Protocol IP
Connection-Oriented Communication
Computer A
Computer C
Computer B
• Simple communication method
• Defined way between the participants • Switching nodes connect the lines
• Exclusive use of the line (telephone) or virtual connection:
Establishment of a connection over a (possibly even packet switching) network Keyword: Circuit Switching
virtual connection 1
2 3
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 7
Chapter 3.1: The Internet Protocol IP
Result: ARPANET (predecessor of today's Internet)
Goal about 40 years ago:• Interconnection of computers and networks using uniform protocols • A particularly important initiative was initiated by the ARPA
(Advanced Research Project Agency, with military interests)
• The participation of the military was the only sensible way to implement such an ambitious and extremely expensive project
• The OSI specification was still in developing phase
On the Way to Today's Internet
In the Internet, the connectionless principle is chosen, based on its predecessor ARPANET:
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 8
Chapter 3.1: The Internet Protocol IP
Design objective for ARPANET
• The operability of the network should remain intact even after a largest disaster possible, e.g. a nuclear war, thus high connectivity and connectionless transmission
• Network computer and host computer are separated
ARPA
Advanced Research Projects Agency
ARPANET
1969
Subnet
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 9
Chapter 3.1: The Internet Protocol IP
A subnet consists of:
• Interface Message Processors (IMPs), which are connected by leased transmission circuits
• High connectivity (in order to guarantee the demanded reliability)
Host IMP
Subnet IMP-I
MP protoc
ol
Source IMP to
destination IMP protocol Host-host Protocol
Host-IMP Protocol
A node consists of • an IMP
• a host
Several protocols for the communication between IMP-IMP, host-IMP,…
ARPANET
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 10
Chapter 3.1: The Internet Protocol IP
XDS 940
DEK PDP-10
XDS 1-7
Stanford Research Institutes (SRI)
University of Utah
University of California Los Angeles (UCLA) University of
California Santa Barbara (UCSB)
ARPANET
(December 1969)
IMP
IMP IBM
360/75 IMP
IMP
California
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 11
Chapter 3.1: The Internet Protocol IP
SRI
UCSB
UCLA
Utah
WITH
Harvard Illinois
USC
SRI Utah Illinois WITH
USC UCLA
UCSB
Stanford
Harvard Aberdeen
CMU
ARPANET in April 1972 ARPANET in September 1972
Very fast evolution of ARPANET within shortest time:
Evolution by ARPANET
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 12
Chapter 3.1: The Internet Protocol IP
Problem: Interworking!
Simultaneously to the ARPANET further (smaller) networks were developed. All the LANs, MANs, WANs
• had different protocols, media, …
• could not be interconnected at first and were not be able to communicate with each another.
Therefore:
Development of uniform protocols on the transport- and network level (without a too accurate definition of these levels, in particular without exact coordination with the respective OSI levels).
Result: TCP/IP networks.
Interworking
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 13
Chapter 3.1: The Internet Protocol IP
Developed 1974:
Transmission Control Protocol/Internet Protocol (TCP/IP)
Requirements:
• Fault tolerance
• Maximal possible reliability and availability
• Flexibility (i.e. suitability for applications with very different requirements)
The result:
• Network protocol IP; (Internet Protocol; connectionless)
• End-to-end protocols TCP (Transmission Control Protocol; connection-oriented) and UDP (User Datagram Protocol; connectionless)
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 14
Chapter 3.1: The Internet Protocol IP
From the ARPANET to the Internet
• 1983 TCP/IP became the official protocol of ARPANET. ARPANET was connected with many other USA networks.
• Intercontinental connecting with networks in Europe, Asia, Pacific.
• The total network evolved this way to a world-wide available network (called “Internet”) and gradually lost its early militarily dominated character.
• No central administrated network, but a world-wide union from many individual, different networks under local control (and financing).
• 1990 the Internet consisted of 3,000 networks with 200,000 computers. That was however only the beginning of a rapid evolution.
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 15
Chapter 3.1: The Internet Protocol IP
What does it mean: “a computer is connected to the Internet”?
• Use of the TCP/IP protocol suite • Accessibility over an IP address • Ability to send IP packets
In its early period, the Internet was limited to the following applications:
E-mail electronic mail (partly because the US post was not very reliable and the different time zones made telephone accessibility of the telephone partner more difficult)
Remote login running jobs on external computers
File transfer exchange of data between computers
Internet
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 16
Chapter 3.1: The Internet Protocol IP
• Until 1990: the Internet was comparatively small, only used by universities and research institutions.
• 1990: The WWW (World Wide Web) - first developed by the CERN for the simplification of communication within the field of highenergy physics -became, together with HTML and Netscape browsers, a from nobody
foreseen “killer application”; this was the breakthrough for the acceptance of the Internet.
• Emergence of so-called Internet Service Providers (ISP), i.e. companies, which make their computers available as access points to the Internet. • Millions of new (predominantly non-academic) users!
• New applications, e.g. E-Commerce
• 1995: Backbones, ten thousands LANs, millions attached computers, exponentially rising number of users
• 1998: The number of attached computers is doubled approx. all 6 months • 1999: The transferred data volume is doubled in less than 4 months
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 17
Chapter 3.1: The Internet Protocol IP
Evolution of the Internet
At mid of 2007: (estimated) 500 million of hosts attached to the Internet
1 .01 .1 98 1 1 .01 .1 98 2 1 .01 .1 98 3 1 .01 .1 98 4 1 .01 .1 98 5 1 .01 .1 98 6 1 .01 .1 98 7 1 .01 .1 98 8 1 .01 .1 98 9 1 .01 .1 99 0 1 .01 .1 99 1 1 .01 .1 99 2 1 .01 .1 99 3 1 .01 .1 99 4 1 .01 .1 99 5 1 .01 .1 99 6 1 .01 .1 99 7 1 .01 .1 99 8 1 .01 .1 99 9 1 .01 .2 00 0 1 .01 .2 00 1 1 .01 .2 00 2 1 .01 .2 00 3
0
20.000.000
40.000.000
60.000.000
80.000.000
100.000.000
120.000.000
140.000.000
160.000.000
180.000.000
200.000.000
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 18
Chapter 3.1: The Internet Protocol IP
Internet and Intranet
Internet
• Communication via the TCP/IP protocols • Local operators control and finance
• Global coordination by some organizations
• Internet Providers provide access points for private individuals
Intranet
• Enterprise-internal communication with the same protocols and applications as in the Internet.
Computers are sealed off from the global Internet (data security)
Heterogeneous network structures from different branches can be integrated with TCP/IP easily
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 19
Chapter 3.1: The Internet Protocol IP
The TCP/IP Protocol Suite
Networks Protocols
Application Layer
Transport Layer
Internet Layer
Wireless LAN
Ethernet Token Ring DSL
FTP Telnet SMTP DNS SNMP TFTP
HTTP
UDP TCP
IP Routing protocols
“Helper” protocols
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 20
Chapter 3.1: The Internet Protocol IP
Sandglass Model
HTTP, SMTP, FTP, … E-Mail, File Transfer, Video Conferencing, …
Twisted Pair, Optical Fiber, Radio Transmission, …
Because of the small number of central protocols but the large number of
applications and communication networks, the TCP/IP protocol stack (and applications/networks) can be represented like a sandglass.
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 21
Chapter 3.1: The Internet Protocol IP
Internet Layer
Routing Protocols Transfer Protocols:
IPv4, IPv6
“Helper” Protocols: ICMP, ARP, RARP, IGMP
Routing Tables
The tasks of the Internet layer can be rawly divided into three tasks: • Data transfer over a global network (chapter 3.1)
• Route decision at the sub-nodes (chapter 3.2)
• Control of the network or transmission status, auxiliary protocols for address translation (chapter 3.3)
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 22
Chapter 3.1: The Internet Protocol IP
IP: connectionless, unreliable transmission of datagrams/packets (“Best Effort”) • Transparent end-to-end communication between the hosts
• Routing, interoperability between different network types • IP addressing (IPv4):
→ Uses logical 32-bit addresses → Hierarchical addressing
→ 3 network classes
→ 4 address formats (including multicast) • Fragmenting and reassembling of packets
• Maximum packet size: 64 kByte (in practice: 1500 byte) • At present commonly used: Version 4 of IP protocol: IPv4
(September 1981, RFC 791)
IP – Internet Protocol
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 23
Chapter 3.1: The Internet Protocol IP
IP Packet
IP Header,
usually 20 Bytes
Source Address
Version Type of
Service Total Length IHL
Identification Fragment Offset
Protocol
Time to Live Header Checksum
Destination Address
Padding Options (variable, 0-40 Byte)
32 Bits (4 Bytes)
DATA (variable)
D F
M F
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 24
Chapter 3.1: The Internet Protocol IP
The IP Header (1)
• Version: IP version number (for simultaneous use of several IP versions)
• IHL: IP Header Length (in words of 32 bit; between 5 and 15, depending upon options)
• Type of Service: Indication of the desired service: Combination of reliability (e.g. file transfer) and speed (e.g. audio)
• Total Length: Length of the entire packet (in byte, ≤ 216-1 = 65535 bytes) • Identification: definite marking of a packet
• Time to Live (TTL): Lifetime of packets is limited to maximal 255 Hops (endless circling of packets in the network is prevented). In principle, also the processing time in routers is to be considered, which does not happen in practice. The
counter is reduced with each hop, with 0 the packet is discarded.
Prece-dence D T R unused
3 bit priority
(0 = normal data, 7 = control packet)
Delay
Throughput
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 25
Chapter 3.1: The Internet Protocol IP
The IP Header (2)
• DF: Don't Fragment. All routers must forward packets up to a size of 576 byte, everything beyond that is optional. Larger packets with set DF-bit therefore cannot take each possible way in the network.
• MF: More Fragments. “1” - further fragments follow. “0” - last fragment of a datagram)
• Fragment Offset: Sequence number of the fragments of a packet (213 = 8192 possible fragments). The offset states, at which place of a packet (counted in multiples of 8 byte) a fragment belongs. From this a maximum length of 8192 * 8 byte = 65536 byte results for a packet.
• Protocol: Which transport protocol is used in the data part (UDP, TCP,…)? To which transport process the packet is to be passed on?
• Header Checksum: 1’s complement of the sum of the 16-bit half words of the
header. Must be computed with each hop (since TTL changes)
• Source Address/Destination address: Network and host numbers of sending and receiving computer. This information is used by routers for the routing decision.
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 26
Chapter 3.1: The Internet Protocol IP
Fragmentation
• A too large or too small packet length prevents a good performance. Additionally there are often size restrictions (buffer, protocols with length specifications,
standards, allowed access time to a channel,…)
• The data length must be a multiple of 8 byte. Exception: the last fragment, there only the remaining data are packed, padding to 8 byte units does not take place. • If the “DF”-bit is set, the fragmentation is prevented.
777 x00 0 0 1200 bytes
Ident. Flags Offset Data
IP header
777 x01 0 0 511
777 x01 64 512 1023
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 27
Chapter 3.1: The Internet Protocol IP
The IP Header (3)
Options: Prepare for future protocol extensions. Coverage: Multiple of 4 byte,
therefore possibly padding is necessary. At present, 5 options are defined, however none is supported by common routers:
• Security: How secret is the transported information? (Application e.g. in military: Avoidance of crossing of certain countries/networks.)
• Strict Source Routing: Complete path defined from the source to the destination host by providing the IP addresses of all routers which are crossed. (Use by system managers e.g. in case of damaged routing tables or for time measurements)
• Loose Source Routing: The carried list of routers must be passed in indicated order. Additional routers are permitted.
• Record Route: Recording of the IP addresses of the routers passed. (Maximally 9 IP addresses possible, nowadays too few.)
• Time Stamp: Records router addresses (32 bits) as well as a time stamp for each router (32 bits). Application e.g. in fault management.
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 28
Chapter 3.1: The Internet Protocol IP
• Unique IP address for each host and router.
• IP addresses are 32 bits long and are used in the Source Address as well as in
Destination Address field of IP packets.
• The IP address is structured hierarchical and refers to a certain network, i.e. machines with connection to several networks have several IP addresses.
• Structure of the address: Network address for physical network (e.g. 137.226.0.0) and host address for a machine in the addressed network (e.g. 137.226.12.221)
IP Addressing
32 bits
10 Network Host
B
110 Network Host
C 2097151 networks
(LANs) with 256 hosts each
(starting from 192.0.0.0)
0 Network Host
Class A
1110 Multicast address
D
1111 Reserved for future use
E
16383 networks with 216 hosts each
(starting from 128.0.0.0) 126 networks with
224 host each
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 29
Chapter 3.1: The Internet Protocol IP
IP Addresses
Binary format
Dotted Decimal Notation
10001001 11100010 00001100 00010101 137.226.12.21
137.226.12.1
137.226.112.1
137.226.112.78 Router
137.226.12.21
• Each node has (at least) one world-wide unique IP address
• Router or gateways, which link several networks with one another, have for each network an assigned IP address
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 30
Chapter 3.1: The Internet Protocol IP
IP Addresses and Routing
137.226.0.0 142.117.0.0
12.0.0.0
194.52.124.0 a
b
a default
x.x.x.x
b direct
194.52.124.x
a direct
142.117.x.x
a 142.117.x.x
137.226.x.x
b 194.52.124.x
12.x.x.x
Network Interface Connection
Destination IP Address
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 31
Chapter 3.1: The Internet Protocol IP
Class B address
137.226.12.174
Class B address
of RWTH Aachen
10001001 11100010 00001100 10101110
Subnet
(Computer science 4)
Terminal “Shadow”
The representation of the 32-bit addresses is divided into 4 sections of each 8 bits:
IP Addressing - Examples
0 0 0 ... 0 0 0
0 0 ... 0 0 Host
Network
127 arbitrary
This host
Host in this network
1 1 1 ... 1 1 1 Broadcast in own local area network 1 1 1 ... 1 1 1 Broadcast in the remote network
Loop, no sending to the network
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 32
Chapter 3.1: The Internet Protocol IP
Address Space
50,00%
25,00%
12,50% 6,25%
6,25%
Klasse A
Klasse B
Klasse C
Klasse D
Klasse E
Class
Class
Class
Class
Class
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 33
Chapter 3.1: The Internet Protocol IP
Problems
• Nobody had thought about such a strong growth of the Internet
(otherwise one would have defined longer addresses from the beginning). • Too many Class A address blocks were assigned in the first Internet years. • Inefficient use of the address space.
Example: if 500 devices in an enterprise are to be attached, a Class B address block is needed, but by this unnecessarily more than 65.000 host addresses are blocked.
Solution approach
Extension of the address space within IPv6 against the actual version IPv4 ⇒ IP version 6 has 128 bit for addresses
⇒ 7 x 1023 IP addresses per square meter of the earth's surface (including the oceans!)
⇒ one address per molecule on earth's surface!
But: The success of IPv6 is not by any means safe! (The introduction of IPv6 is tremendously difficult: Interoperability, costs, migration strategies,….)
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 34
Chapter 3.1: The Internet Protocol IP
Ethernet A 128.10.1.0
128.10.1.3 128.10.1.8 128.10.1.70 128.10.1.26
Ethernet B 128.10.2.0
128.10.2.3 128.10.2.133 128.10.2.18
Rest of the Internet
All traffic for 128.10.0.0
128.10.2.1 Router
Ethernet A Host
Ethernet A Host
Ethernet A Host
Ethernet B Host Ethernet
B Host Ethernet
B Host
Examples for subnets: subnet mask 255.255.255.0
Problem: Class C-networks are very small, Class B-networks often already too large. Therefore exists the possibility of dividing an through the IP-address identified network into so-called subnets.
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 35
Chapter 3.1: The Internet Protocol IP
IP Subnets
• Within an IP network address block, several physical networks can be addressed
• Some bits of the host address part are used as network ID • A Subnet mask identifies the „abused” bits
• All hosts of a network should use the same subnet mask
• Routers can determine through combination of an IP address and a subnet mask, into which subnet a packet must be sent.
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 Subnet
Mask
Network Host
Class B address
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 36
Chapter 3.1: The Internet Protocol IP
IP Subnets - Computation of the Destination
0111 100010001001
137. 226 . 12 . 21
11100010 00001100 00010101
255. 255. 255. 0
12. 0
137. 226.
0000 0000
0000 0000 1111 1111
0000 1100 1111 1111
1110 0010 1111 1111
1000 1001
IP address
Subnet mask
Network of the addressed host
AND
The entrance router of the RWTH, which receives the IP packet, does not know, where host “12.21” is located – no corresponding entry is in its routing table
The router computes the (sub-)network address “137.226.12” and
searches its routing table for this entry
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 37
Chapter 3.1: The Internet Protocol IP
Assigned network address for the RWTH: 137.226.0.0
137.226.12.0 Info 4
137.226.8.0
254 hosts per subnet:
• Hosts have the addresses 1 – 254
• 0 is reserved for the subnet • 255 is reserved for broadcast
in the subnet
Subnet mask for each subnet = 255.255.255.0
Other format for writing of addresses in subnets: prefix notation 137.226.12.221/24
137.226.112.0 137.227.10.0
Example of a Subnet
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 38
Chapter 3.1: The Internet Protocol IP
More flexible Addressing
Remaining problem: how to use the very small class C networks efficiently for today’s network sizes? How to reduce the number of entries in routing tables? Solution: Classless Inter-Domain Routing (CIDR)
• Allow also for moving the network/host separation in left direction, i.e. skip the class concept and always give a subnet mask as mark of the end of the network address part
• Examples:
137.250.x.x/15: The first 15 bits of the IP address only are used for the network identification – even if it would be a class B address
197.121.192.x/19: Several class C networks are combined to a single subnet • Used together with routing: Backbone router, e.g. on transatlantic links only
consider the first 13 bits → small routing tables, little cost of routing decision • Routers of ISPs consider e.g. only the first 15 bits
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 39
Chapter 3.1: The Internet Protocol IP
NAT – Network Address Translation
• Each internal computer in the Intranet needs an own IP address to communicate with the others. For this purpose, “private” address blocks are reserved, which everyone may use (without buying an own address block) within its own networks and which are never routed in the Internet:
• 10.0.0.0 - 10.255.255.255 • 172.16.0.0 - 172.31.255.255 • 192.168.0.0 – 192.168.255.255
• When using addresses of those range, the internal computers can communicate with each other
• But: packets with those addresses are not forwarded by a router. Thus: routers, which are attached to the “external world” need a global address
• Solution: assign a few IP addresses to a company which are known by a “NAT box” which usually is installed with the router
• When data are leaving the own network, an address translation takes place: the NAT box exchanges the private address with a globally valid one
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 40
Chapter 3.1: The Internet Protocol IP
NAT Variants
NAT is available in several “variants”, known under different names: Basic NAT (also: Static NAT)
• Each private IP address is translated into one certain external IP
• Either, you need as much external addresses as private ones, otherwise no re-translation is possible when a reply arrives
• Or, you manage a pool of external IP addresses and assign one dynamically when a request is sent out
router with NAT box Internet 192.168.0.2 192.168.0.3 192.168.0.4 192.168.0.5 router with NAT box Internet 192.168.0.2 192.168.0.3 192.168.0.4 192.168.0.5 137.226.12.35 192.168.0.5 137.226.12.34 192.168.0.4 137.226.12.33 192.168.0.3 137.226.12.32 192.168.0.2 Map to Private IP 137.226.12.35 ---137.226.12.34 ---137.226.12.33 192.168.0.5 137.226.12.32 192.168.0.2 Currently mapped: Private IP
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 41
Chapter 3.1: The Internet Protocol IP
NAT Variants
Disadvantages of static NAT:
• With static mapping, you need as much official IP addresses as you have computers
• With dynamic mapping, you need less official IP addresses, but for times of high traffic you nevertheless need nearly as much addresses as local computers
• Those approaches help to hide the network structure, but not to save addresses Hiding NAT (also: NAPT: Network Address Port Translation, Masquerading)
• Translate several local addresses into the same external address • Now: some more details are necessary to deliver a response
router with NAT box
Internet
192.168.0.2 192.168.0.3
192.168.0.4 192.168.0.5
137.226.12.32 192.168.0.5
137.226.12.32 192.168.0.4
137.226.12.32 192.168.0.3
137.226.12.32 192.168.0.2
Map to Private IP
to: 137.226.12.32 destination?
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 42
Chapter 3.1: The Internet Protocol IP
NAPT – Network Address Port Translation
80 207.17.4.21
198.60.42.12 1500
10.0.0.7 1500
TCP
21 137.226.12.221 198.60.42.12
1066 10.0.0.1
1066 TCP
Port (destination) IP (destination)
IP (global) Port (global)
IP (local) Port (local)
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 43
Chapter 3.1: The Internet Protocol IP
Problems with NAPT
NAPT works well with communication initiated from the Intranet. But: how could someone from outside give a request to the Intranet (e.g. to the web server)? • NAPT box needs to be a bit more “intelligent”
• Some static information has to be stored, e.g. “each incoming request with port 80 has to be mapped to the private address of the web server”
• Still problems if e.g. several web servers are operated, or if some user spontaneously wants to have special access to a host from outside • Lots of workarounds
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 44
Chapter 3.1: The Internet Protocol IP
The new IP - IPv6
Why changing the protocol, when IPv4 works well? • Dramatically increasing need for new IP addresses • Improved support of real time applications
• Security mechanisms (Authentication and data protection)
• Differentiation of types of service, in particular for real time applications • Support of mobility (hosts can go on journeys without address change) • Simplification of the protocol in order to ensure a faster processing • Reduction of the extent of the routing tables
• Options for further development of the protocol → IPv6 (December 1995, RFC 1883)
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 45
Chapter 3.1: The Internet Protocol IP
• Address size
– 128-bit addresses (8 groups of each 4 hexadecimal numbers) • Improved option mechanism
– Simplifies and accelerates the processing of IPv6 packets in routers • Auto-configuration of addresses
– Dynamic allocation of IPv6-addresses • Improvement of the address flexibility
– Anycast address: Reach any one out of several • Support of the reservation of resources
– Marking of packets for special traffic • Security mechanisms
– Authentication and Privacy • Simpler header structure:
– IHL: redundant, no variable length of header by new option mechanism – Protocol, fragmentation fields: redundant, moved into the options
– Checksum: Already done by layer 2 and 4
IPv6 - Characteristics
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 46
Chapter 3.1: The Internet Protocol IP
• Version: IP version number
• Priority: 4 bits for priority. 1 News, 4 -ftp, 6 - telnet, 8 to 15 - real time traffic
• Flow label: virtual connection with certain characteristics/requirements
• PayloadLen: packet length after the 40-byte header
• Next Header: 8-bit selector. Indicates the type of the following extension header (or the transport header)
• HopLimit: At each node decremented by one. At zero the packet is discarded
• Source Address: The address of the original sender of the packet
• Destination Address: The address of the receiver (not necessarily the final
destination, if there is an optional routing header)
• Next Header/Data: if an extension header is specified, it follows after the main
header. Otherwise, the data are following
1 4 8 16 24 32
The prefix of an address characterizes
geographical areas, providers, local internal areas,…
IPv6 Main Header
Version (4)
Next Header (8) HopLimit (8) PayloadLen (16)
Flow label (24)
Source Address (128)
Destination Address (128)
Next Header/Data Priority
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 47
Chapter 3.1: The Internet Protocol IP
Optional data follows in extension headers. There are 6 headers defined: • Hop by Hop (information for single links)
All routers have to examine this field. Momentarily only the support of
Jumbograms (packets exceeding the normal IP packet length) is defined (length specification).
• Routing (definition of a full or partly specified route) • Fragmentation (administration of fragments)
Difference to IPv4: Only the source can do fragmentation. Routers for which a packet is too large, only send an error message back to the source.
• Authentication (of the sender) • Ciphered data
• Destination options (additional information for the destination)
IPv6 Extension Headers
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 48
Chapter 3.1: The Internet Protocol IP
IPv4 vs. IPv6: Header
En sion
Prio
rity Flow label PayloadLen NEXT headers Hop limit SOURCE ADDRESS SOURCE ADDRESS SOURCE ADDRESS SOURCE ADDRESS Destination ADDRESS Destination ADDRESS Destination ADDRESS Destination ADDRESS NEXT header/DATA En
sion IHL Totally length Type OF
service
Identification Fragment offset Time to
Live Protocol Header Checksum SOURCE ADDRESS
Destination ADDRESS
Option (variable)/Padding
DATA
The IPv6 header is longer, but this is only caused by the longer addresses.
Otherwise it is “better sorted” and thus faster to process by routers.
Ver-sion
4 8 16 32
Prio-rity Flow Label PayloadLen Next
Header Hop Limit Source Address Source Address Source Address Source Address Destination Address Destination Address Destination Address Destination Address
Next Header / Data
4 8 16 32
Ver-sion IHL Total Length Type of Service Identification Time to Live Protocol Source Address Destination Address Options (variable)/Padding Data
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 49
Chapter 3.1: The Internet Protocol IP
Coexistence of IPv4 and IPv6
IPv6 cannot be introduced “over night”… for some time both IP variants will be used in parallel.
• New network interface card drivers support both versions of IP, thus they are able to communicate with the newer version
• But: how to enable two modern IPv6-based hosts to communicate if only an IPv4-based network is in between?
1. Header Conversion
Router translates an incoming IPv6 packet into a IPv4 packet, receiving router retranslates
Internet
mostly IPv4
IPv6 network
IPv6 header
payload IPv4
header
payload payload headerIPv6
IPv6 network
But: reconstruction of e.g. flow label???
Lehrstuhl für Informatik 4
Kommunikation und verteilte Systeme
Page 50
Chapter 3.1: The Internet Protocol IP
Coexistence of IPv4 and IPv6
2. TunnelingRouter at the entry to the IPv4-based network encapsulate an incoming IPv6 packet into a new IPv4 packet with destination address of the next router also supporting IPv6
Internet
mostly IPv4
IPv6 network
IPv6 header
payload IPv4
header
IPv6 header payload
IPv6 network
IPv6 header payload
• More overhead because of two headers for one packet, but no information loss due to header conversion
Tunneling is a general concept also used for multicast, VPN, etc: it simply means “pack a whole packet as it is into a new packet of different protocol”
