Classful IP Addressing. Classless Addressing: CIDR. Routing & Forwarding: Logical View of a Router. IP Addressing: Basics

(1)

Switching and Forwarding

Network Layer Part I

• Switching and Forwarding – Generic Router Architecture – Forwarding Tables:

• Bridges/Layer 2 Switches; VLAN • Routers and Layer 3 Switches • Forwarding in Layer 3 (Network Layer)

– Network Layer Functions N k i M d l VC D

Csci 183/183W/232: Computer

Networks Network Layer Part IForwarding and Routing 1 – Network Service Models: VC vs. Datagram

• ATM and IP Datagram Forwarding – IP Addressing

• Network vs. host: address blocks, longest prefix matching • Address allocation and DHCP

– IP Datagram Forwarding Model and ARP Protocol – IP and ICMP Protocols, IP Fragmentation and Re-assembly

Readings: Textbook: Chapter 4: Section 4.1;

Routing & Forwarding:

Logical View of a Router

A E D C B F 2 2 1 3 1 1 2 5 3 5 Csci 183/183W/232: Computer

Networks Forwarding and RoutingNetwork Layer Part I 2

1

IP Addressing: Basics

• Globally unique (for “public” IP addresses)

• IP address:

32-bit identifier for host, router

interface

• Interface:

connection between host/router and

physical link

– router’s typically have multiple interfaces

Networks Network Layer Part IForwarding and Routing 3

router s typically have multiple interfaces – host may have multiple interfaces – IP addresses associated with each interface

• Dot notation (for ease of human reading)

223.1.1.1 = 11011111 00000001 00000001 00000001

223 1 1 1

IP Addressing: Network vs. Host

• Two-level hierarchy

– network part (high order

bits)

– host part (low order bits)

• What’s a network ?

(

from IP address perspective)

223.1.1.1 223.1.1.3 223.1.1.4 223.1.1.2 223.1.7.0 223.1.9.2 multi-access LAN point-to-point li k Csci 183/183W/232: Computer

(

from IP address perspective)

– device interfaces with same network part of IP address

– can physically reach each other without intervening

router 223.1.2.1 223.1.2.2 223.1.2.6 223.1.3.2 223.1.3.1 223.1.3.27 223.1.7.1 223.1.8.0 223.1.8.1 223.1.9.1 link

“Classful” IP Addressing

0network host 10 network host 110 network host A B C class 1.0.0.0 to 127.255.255.255 128.0.0.0 to 191.255.255.255 192.0.0.0 to 223.255.255.255

7

7 15 23 31

Csci 183/183W/232: Computer Forwarding and Routing 5 32 bits

1110 multicast address

D 224.0.0.0 to_{239.255.255.255} • Disadvantage: inefficient use of address space; address

space exhaustion

• e.g., class B net allocated enough addresses for 65K hosts, even if only 2K hosts in that network

Classless Addressing: CIDR

CIDR: C

lassless

I

nter

D

omain

R

outing

• Network portion of address is of

arbitrary length

• Addresses allocated in contiguous blocks

– Number of addresses assigned always power of 2

• Address format:

a b c d/x

Csci 183/183W/232: Computer Forwarding and Routing 6

Address format:

a.b.c.d/x

– x is number of bits in network portion of address

(2)

Representation of Address Blocks

• “Human Readable” address format: a.b.c.d/x

– x is number of bits in network portion of address, the network portion is also called the network prefix

•

machine representation of a network (addr block): using a combination of

– first IP of address blocks of the network – network mask ( x “1”’s followed by 32-x “0”’s

11001000 00010111 0001000

0 00000000

network mask:

network w/ address block: 200.23.16.0/23

11111111 11111111 1111111

0 00000000

first IP address of address block:

More Examples

Three Address Blocks: First IP address: 11001000 00010111 00010000 00000000 Network mask: 11111111 11111111 11111000 00000000 First IP address: 11001000 00010111 00011000 00000000 Last IP address: 11001000 00010111 00011000 11111111

Given an IP address, which network (or address block) does it belong to?

Example 1:

11001000 00010111 00010110 10100001

Networks Forwarding and RoutingNetwork Layer Part I 8 11001000 00010111 00011000 11111111

what is the network prefix?

11001000 00010111 00011000

First IP address

:

11001000 00010111 00011001 00000000 Last IP address:

11001000 00010111 00011111 11111111 what is the network prefix?

11001000 00010111 00011

Example 2:

11001000 00010111 00011000 10101010

Use longest prefix matching!

Another Example

• Consider a datagram network using 32-bit host addresses, suppose a router has four links, numbered 0 through 3, and packets are to be forwarded to the link interfaces as follows:

Destination Addr Range Link Interface

11100000 00000000 00000000 00000000 through 0 11100000 11111111 11111111 11111111

11100000 11111111 11111111 11111111 11100001 00000000 00000000 00000000 through 1 11100001 00000000 11111111 11111111 11100001 00000001 00000000 00000000 through 2 11100001 11111111 11111111 11111111 O.W. 3

Provide the forwarding table – a table containing the network prefix and the outgoing interface.

IP Addresses: How to Get One?

Q:

How does

host

get IP address?

• “static” assigned: i.e., hard-coded in a file

– Wintel: control-panel->network->configuration->tcp/ip->properties

>properties – UNIX: /etc/rc.config

• Dynamically assigned: using DHCP

(D

ynamic

H

ost

C

onfiguration

P

rotocol)

– dynamically get address from a server – “plug-and-play”

DHCP: Dynamic Host Configuration Protocol

Goal:

allow host to dynamically obtain its IP address

from network DHCP server when it joins network

Can renew its lease on address in use

Allows reuse of addresses (only hold address while connected as “on”) Support for mobile users who want to join network (more shortly)

DHCP overview:

– host broadcasts “DHCP discover” msg – DHCP server responds with “DHCP offer” msg – host requests IP address: “DHCP request” msg – DHCP server sends address: “DHCP ack” msg

(3)

DHCP Client-Server Scenario

DHCP server: 223.1.2.5 arriving client DHCP discover src : 0.0.0.0, 68 dest.: 255.255.255.255,67 yiaddr: 0.0.0.0 transaction ID: 654 DHCP offer src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 654 Lifetime: 3600 secs DHCP t Csci 183/183W/232: Computer

Networks Network Layer Part IForwarding and Routing 13 time DHCP request src: 0.0.0.0, 68 dest:: 255.255.255.255, 67 yiaddrr: 223.1.2.4 transaction ID: 655 Lifetime: 3600 secs DHCP ACK src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 655 Lifetime: 3600 secs

IP Addresses: How to Get One? …

Q:

How does a

network

get network part of IP

addr?

A:

gets an allocated portion of its provider

ISP’s address space

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20 Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23 ... ….. …. …. Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

IP Addressing: the Last Word...

Q:

How does an ISP get block of addresses?

A:

ICANN

:

I

nternet

C

orporation for

A

ssigned

N

ames and

N

umbers

– allocates addresses

allocates addresses

– manages DNS

– assigns domain names, resolves disputes

NAT: Network Address Translation

10.0.0.1 10.0.0.2 10.0.0.4

138 76 29 7

local network (e.g., home network)

10.0.0/24 rest of

Internet

10.0.0.3 138.76.29.7

Datagrams with source or destination in this network have 10.0.0/24 address for source, destination (as usual)

Alldatagrams leavinglocal network have samesingle source

NAT IP address: 138.76.29.7, different source port numbers

10.0.0.0/8 has been reserved for private networks!

NAT: Network Address Translation

• Motivation:

local network uses just one IP address as

far as outside world is concerned:

– no need to be allocated range of addresses from ISP: - just one IP address is used for all devices

– can change addresses of devices in local network without

Csci 183/183W/232: Computer Forwarding and Routing 17

notifying outside world

– can change ISP without changing addresses of devices in local network

– devices inside local net not explicitly addressable, visible by outside world (a security plus).

NAT: Network Address Translation

Implementation:

NAT router must:

– outgoing datagrams: replace(source IP address, port #) of every outgoing datagram to (NAT IP address, new port #)

. . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr.

– remember (in NAT translation table) every (source IP address

Csci 183/183W/232: Computer Forwarding and Routing 18 – remember (in NAT translation table) every (source IP address,

port #) to (NAT IP address, new port #) translation pair

(4)

NAT: Network Address Translation

10 0 0 1 S: 10.0.0.1, 3345 D: 128.119.40.186, 80 1: host 10.0.0.1 sends datagram to 128.119.40, 80 NAT translation table

WAN side addr LAN side addr 138.76.29.7, 5001 10.0.0.1, 3345 …… …… 2: NAT router

changes datagram source addr from 10.0.0.1, 3345 to 138.76.29.7, 5001, updates table

10.0.0.1 10.0.0.2 10.0.0.3 1 10.0.0.4 138.76.29.7 S: 128.119.40.186, 80 D: 10.0.0.1, 3345 4 S: 138.76.29.7, 5001 D: 128.119.40.186, 80 2 S: 128.119.40.186, 80 D: 138.76.29.7, 5001 3 3: Reply arrives dest. address: 138.76.29.7, 5001 4: NAT router changes datagram dest addr from

138.76.29.7, 5001 to 10.0.0.1, 3345

NAT: Network Address Translation

• 16-bit port-number field:

– 60,000 simultaneous connections with a single LAN-side address!

• NAT is controversial:

– routers should only process up to layer 3 – violates end-to-end argument

• NAT possibility must be taken into account by app designers, eg, P2P applications

– address shortage should instead be solved by IPv6

IP Forwarding & IP/ICMP Protocol

N t

k

Routing protocols •path selection •RIP, OSPF, BGP IP protocol •addressing conventions •packet handling conventions Transport layer: TCP, UDP

Network

layer

routing_table ICMP protocol

•error reporting •router “signaling”

Data Link layer (Ethernet, WiFi, PPP, …) Physical Layer (SONET, …)

IP Service Model and Datagram Forwarding

• Connectionless (datagram-based)

– Each datagram carries source and destination

• Best-effort delivery (unreliable service)

– packets may be lost

– packets can be delivered out of order – duplicate copies of a packet may be delivered – packets can be delayed for a long time F r rdin nd IP ddr ss

Networks Forwarding and RoutingNetwork Layer Part I 22 • Forwarding and IP address

– forwarding based on network id

• Delivers packet to the appropriate network

• Once on destination network, direct delivery using host id

• IP destination-based next-hopforwarding paradigm – Each host/router has IP forwarding table

• Entries like <network prefix, next-hop, output interface>

IP Datagram Format

ver length 32 bits 16-bit identifier Internet checksum time to live

32 bit source IP address IP protocol version number header length (32-bit words) max number remaining hops (decremented at each router) for fragmentation/ reassembly total datagram length (bytes) head.

len type ofservice

“type” of data _{flgs fragment}

offset upper layer data (variable length, typically a TCP or UDP segment) )

upper layer protocol to deliver payload to

32 bit destination IP address

Options (if any) E.g. timestamp, record route taken, specify list of routers to visit.

how much overhead with TCP? • 20 bytes of TCP • 20 bytes of IP • = 40 bytes + app

layer overhead

IP Datagram Forwarding Model

IP datagram:

misc

fieldsIP addrsource IP addrdest data A 223.1.1.1

Dest. Net. next router Nhops 223.1.1 1 223.1.2 223.1.1.4 2 223.1.3 223.1.1.4 2

forwarding table in A

fields IP addr • datagram remains unchanged, as it travels source to destination • addr fields of interest

(5)

IP Forwarding Table

4 billion possible entries!

(in reality, far less, but can still have millions of “routes”) forwarding table entry format

destination network next-hop (IP address) link interface (1st_{IP address , network mask )}

11001000 00010111 00010000 00000000, 200.23.16.1 0

Networks Network Layer Part IForwarding and Routing 25 11111111 11111111 11111000 00000000 11001000 00010111 00011000 00000000, - (direct) 1 11111111 11111111 11111111 00000000 11001000 00010111 00011001 00000000, 200.23.25.6 2 11111111 11111111 11111000 00000000 otherwise 128.30.0.1 3

Forwarding Table Lookup

using Longest Prefix Matching

Prefix Match Next Hop Link Interface 11001000 00010111 00010 200.23.16.1 0

11001000 00010111 00011000 - 1

11001000 00010111 00011 200.23.25.6 2

otherwise 128.30.0.1 3

Networks Forwarding and RoutingNetwork Layer Part I 26 DA: 11001000 00010111 00011000 10101010

Examples

DA: 11001000 00010111 00010110 10100001 Which interface? Which interface?

IP Forwarding: Destination in Same Net

Starting at A, send IP

datagram addressed to B:

• look up net. address of B in

misc

fields223.1.1.1 223.1.1.3data

Dest. Net. next router Nhops 223.1.1 1 223.1.2 223.1.1.4 2 223.1.3 223.1.1.4 2 223.1.1.1 A

forwarding table in A

Networks Network Layer Part IForwarding and Routing 27 p

forwarding table • find B is on same net. as A • link layer will send datagram

directly to B inside link-layer frame

– B and A are directly connected

223.1.1.2 223.1.1.3 223.1.1.4 223.1.2.9 223.1.2.2 223.1.2.1 223.1.3.2 223.1.3.1 223.1.3.27 B E

IP Datagram Forwarding on Same LAN:

Interaction of IP and data link layers

223.1.1.1 223.1.1.2 223.1.1.3 223.1.1.4 223.1.2.9 223.1.2.2 223.1.2.1 223.1.3.27 A B E

Starting at A, given IP

datagram addressed to B:

• look up net. address of B, find B

on same net. as A

• link layer send datagram to B inside link-layer frame

223.1.3.2 223.1.3.1

B’s MAC

addr A’s MACaddr A’s IPaddr B’s IPaddr IP payload datagram frame

frame source,

dest address datagram source,dest address

MAC (Physical) Addresses -- Revisited

• used to get frames from one interface to another physically-connected interface (same physical network, i.e., p2p or LAN) • 48 bit MAC address (for most LANs)

– fixed for each adaptor, burned in the adapter ROM – MAC address allocation administered by IEEE

• 1st_{bit: 0 unicast, 1 multicast.} • all 1’s : broadcast MAC flat address > portability

Csci 183/183W/232: Computer Forwarding and Routing 29 • MAC flat address -> portability

– can move LAN card from one LAN to another • MAC addressing operations on a LAN:

– each adaptor on the LAN “sees” all frames

– accept a frame if dest. MAC address matches its own MAC address – accept all broadcast (MAC= all1’s) frames

– accept all frames if set in “promiscuous” mode

– can configure to accept certain multicast addresses (first bit = 1)

MAC vs. IP Addresses

32-bit IP address:

• network-layer address, logical

– i.e., not bound to any physical device, can be re-assigned • IP hierarchical address NOT portable

– depends on IP network to which an interface is attached – when move to another IP network, IP address re-assigned • used to get IP packets to destination IP network

Csci 183/183W/232: Computer Forwarding and Routing 30 used to get IP packets to destination IP network

– Recall how IP datagram forwarding is performed

• IP network is “virtual,” actually packet delivery done by the underlying physical networks

– from source host to destination host, hop-by-hop via IP routers – over each link, different link layer protocol used, with its own frame

headers, and source and destination MAC addresses

(6)

ARP: Address Resolution Protocol

• Each IP node (host, router) on LAN has ARP table • ARP Table: IP/MAC address

mappings for some LAN nodes

< IP address; MAC address; timer>

Question: how to determine

MAC address of B

knowing B’s IP address?

Networks Network Layer Part IForwarding and Routing 31 timer>

– timer: time after which address mapping will be forgotten (typically 15 min)

ARP Protocol

• A wants to send datagram to B, and A knows B’s IP address.

• A looks up B’s MAC address in its ARP table

• Suppose B’s MAC address

• B receives ARP packet, replies to A with its (B's) MAC address

– frame sent to A’s MAC address (unicast) • A caches (saves) IP-to-MAC

address pair in its ARP table until information becomes old

Networks Forwarding and RoutingNetwork Layer Part I 32 pp

is not in A’s ARP table. • A broadcasts (why?)ARP

query packet, containing B's IP address

– all machines on LAN receive ARP query

until information becomes old (times out)

– soft state: information that times out (goes away) unless refreshed • ARP is “plug-and-play”:

– nodes create their ARP tables without intervention from net administrator

ARP Messages

Hardware Address Type: e.g., Ethernet

Protocol address Type: e.g., IP

Operation: ARP request or ARP response

ARP Request & Response Processing

• The

requester

broadcasts

ARP request

• The

target node

unicasts

(why?) ARP reply to

requester

– With its physical address

– Adds the requester into its ARP table (why?)

• On receiving the response,

requester

g

p

,

q

– updates its table, sets timer

• Other nodes

upon receiving the ARP request

– Refresh the requesterentry if already there – No action otherwise (why?)

• Some questions to think about:

– Shall requester buffer IP datagram while performing ARP? – What shall requester do if never receive any ARP response?

ARP Operation Illustration

IP Forwarding: Destination in Diff. Net

Starting at A, dest. E:

• look up network address of E

in forwarding table • E on different network

A E n t di tl tt h d misc

fields223.1.1.1 223.1.2.3 data _{Dest. Net. next router Nhops} 223.1.1 1 223.1.2 223.1.1.4 2 223.1.3 223.1.1.4 2 223.1.1.1 A

forwarding table in A

– A, E not directly attached • routing table: next hop

router to E is 223.1.1.4 • link layer sends datagram to

(7)

IP Forwarding: Destination in Diff. Net …

Arriving at 223.1.4,

destined for 223.1.2.2

• look up network address of E

in router’s forwarding table

E t k t ’

misc

fields223.1.1.1 223.1.2.3 data Dest. Net router Nhops interface 223.1.1 - 1 223.1.1.4

223.1.2 - 1 223.1.2.9

223.1.3 - 1 223.1.3.27 223.1.1.1

A

forwarding table in router

Networks Network Layer Part IForwarding and Routing 37 • E on same network as router’s

interface 223.1.2.9 – router, E directly attached • link layer sends datagram to

223.1.2.2 inside link-layer frame via interface 223.1.2.9 • datagram arrives at 223.1.2.2!!!(hooray!) 223.1.1.2 223.1.1.3 223.1.1.4 223.1.2.9 223.1.2.2 223.1.2.1 223.1.3.2 223.1.3.1 223.1.3.27 B E

Forwarding to Another LAN:

Interaction of IP and Data Link Layer

walkthrough:

send datagram from A to B via R

assume A knows B IP address

A

Networks Forwarding and RoutingNetwork Layer Part I 38 • Two ARP tables in router R, one for each IP network (LAN) • In routing table at source host, find router 111.111.111.110 • In ARP table at source, find MAC address E6-E9-00-17-BB-4B, etc

A

R

B

• A creates datagram with source A, destination B • A uses ARP to get R’s MAC address for 111.111.111.110

A

R

B

Networks Network Layer Part IForwarding and Routing 39 • A creates link-layer frame with R's MAC address as dest,

frame contains A-to-B IP datagram • A’s data link layer sends frame • R’s data link layer receives frame

• R removes IP datagram from Ethernet frame, sees its destined to B

• R uses ARP to get B’s physical layer address

• R creates frame containing A-to-B IP datagram sends to B

IP Datagram Format Again

ver length 32 bits 16-bit identifier Internet checksum time to live

32 bit source IP address IP protocol version number header length (bytes) max number remaining hops (decremented at each router) for fragmentation/ reassembly total datagram length (bytes) head.

len type ofservice

“type” of data _{flgs fragment}

offset

upper layer

Networks Forwarding and RoutingNetwork Layer Part I 40 data

(variable length, typically a TCP or UDP segment) )

upper layer protocol to deliver payload to

32 bit destination IP address

Options (if any) E.g. timestamp, record route taken, specify list of routers to visit.

how much overhead with TCP? • 20 bytes of TCP • 20 bytes of IP • = 40 bytes + app layer overhead

Fields in IP Datagram

• IP protocol version: current version is 4, IPv4, new: IPv6 • Header length: number of 32-bit words in the header • Type of Service:

– 3-bit priority,e.g, delay, throughput, reliability bits, … • Total length: including header (maximum 65535 bytes) • Identification: all fragments of a packet have same

identification

Csci 183/183W/232: Computer Forwarding and Routing 41 • Flags: don’t fragment, more fragments

• Fragment offset: where in the original packet (count in 8 byte units)

• Time to live: maximum life time of a packet • Protocol Type: e.g., ICMP, TCP, UDP etc

• IP Option: non-default processing, e.g., IP source routing option, etc.

IP Fragmentation & Reassembly: Why

• network links have MTU (maximum transmission unit) - largest possible data gram.

– different link types, different MTUs • large IP datagram divided

(“f d”) i hi

fragmentation:

in:one large datagram

out:3 smaller datagrams

Csci 183/183W/232: Computer Forwarding and Routing 42 (“fragmented”) within net

– one datagram becomes several datagrams – “reassembled” only at

final destination – IP header bits used to

identify, order related fragments

(8)

IP Fragmentation & Reassembly: How

• An IP datagram is chopped by a router into smaller pieces if – datagram size is greater than network MTU

– Don’t fragment option is not set

• Each datagram has unique datagram identification

– Generated by source hosts

– All fragments of a packet carry original datagram id • All fragments except the last have moreflag set

Networks Network Layer Part IForwarding and Routing 43 • All fragments except the last have moreflag set

– Fragment offset and Length fields are modified appropriately • Fragments of IP packet can be further fragmented by other

routers along the way to destination ! • Reassembly only done at destination host(why?)

– Use IP datagram id, fragment offset, fragment flags. Length

IP Fragmentation and Reassembly: Exp

ID =xfragflag=0 offset=0 length =4000 IDfragflagoffset length

One large datagram becomes several smaller datagrams

Example

• 4000 byte datagram • MTU = 1500 bytes

Networks Forwarding and RoutingNetwork Layer Part I 44 ID =xfragflag=1 offset=0 length =1500 ID =xfragflag=1 offset=185 length =1500 ID =x fragflag=0 offset=370 length =1040

ICMP: Internet Control Message Protocol

• used by hosts, routers, gateways to communicate network-level information

– error reporting: unreachable host, network, port, protocol – echo request/reply

Type Code description 0 0 echo reply (ping) 3 0 dest. network unreachable 3 1 dest host unreachable 3 2 dest protocol unreachable 3 3 dest port unreachable 3 6 dest network unknown

echo request/reply (used by ping) • network-layer “above” IP:

– ICMP msgs carried in IP datagrams

• ICMP message:type, code plus first 8 bytes of IP datagram causing error

3 7 dest host unknown 4 0 source quench (congestion

control - not used) 8 0 echo request (ping) 9 0 route advertisement 10 0 router discovery 11 0 TTL expired 12 0 bad IP header