network protocols

Network Protocols

IP addressing – ClassesIP packet formatARP and RARP

ICMP

2

The Function of Protocols

• As protocols serve their functions in the OSI model, they might work at one or many layers

• When a set of protocols works cooperatively, it’s called a protocol stack or protocol suite– The most common protocol stack is TCP/IP, the Internet

protocol suite– IPX/SPX, used in older versions of Novell NetWare, is

disappearing as companies upgrade to newer versions of NetWare

– Levels of a protocol stack map to their functions in the OSI model

3

Routable vs. Nonroutable Protocols

• The network layer (OSI) is responsible for moving data across multiple networks– Routers are responsible for routing process

• Protocol suites that function at Network layer are routable or routed protocols; otherwise, they are called nonroutable– TCP/IP and IPX/SPX are routable protocols– An older and nearly obsolete protocol, NetBEUI, is a

nonroutable protocol that works well in small networks, but its performance drops considerably as a network grows.

4

Protocols in a Layered Architecture

5

Network Protocols

• Some popular network protocols include:– Internet Protocol version 4 (IPv4 or simply IP)

• Provides addressing and routing information– Internetwork Packet Exchange (IPX)

• Novell’s protocol for packet routing and forwarding• Belongs to the IPX/SPX protocol suite• Serves many of the same functions as TCP/IP’s IP

– Internet Protocol version 6 (IPv6)• A new version of IP that’s being implemented on many

current networking devices and operating systems– Addresses some weaknesses of IPv4

6

Common Protocol Suites

• Because most protocols contain a combination of components, these components are usually bundled as a protocol suite– TCP/IP

• Dominates the networking arena to the point of making most of the other suites nearly obsolete

– IPX/SPX– NetBIOS/NetBEUI– AppleTalk

7

TCP/IP Network Layer Protocols

• Internet Protocol version 4 (IPv4) is a Network layer protocol that provides source and destination addressing and routing for the TCP/IP suite– Connectionless protocol; fast but unreliable

• Internet Control Message Protocol (ICMP) is a Network layer protocol used to send error and control messages between systems or devices– The Ping utility uses ICMP to request a response from a

remote host to verify availability• Address Resolution Protocol (ARP) resolves logical (IP)

addresses to physical (MAC) addresses

8

IP Service

• IP provide provides an unreliable connectionless best effort service (also called: “datagram service”).– Unreliable: IP does not make an attempt to recover lost packets– Connectionless: Each packet (“datagram”) is handled

independently. IP is not aware that packets between hosts may be sent in a logical sequence

– Best effort: IP does not make guarantees on the service (no throughput guarantee, no delay guarantee,…)

• Consequences: – Higher layer protocols have to deal with losses or with duplicate

packets– Packets may be delivered out-of-sequence

9

• IP supports the following services:• one-to-one (unicast)• one-to-all (broadcast)• one-to-several (multicast)

• IP multicast also supports a many-to-many service. • IP multicast requires support of other protocols (IGMP,

multicast routing)

IP Service

unicastbroadcast multicast

Internet Addresses (IP Addresses)

• Defined when IP was standardized in 1981• IP addresses are 32-bit long and consist of:

– a network address part – network identifier– a host address part – host number within that network

• IP addresses are grouped into classes (A,B,C) depending on the size of the network identifier and the host part of the address

• A fourth class (Class D) was defined later (1988) for Multicast addresses

11

Internet Address Classes

12


13


NETWORK

0 8 16 24 32 bits

NETWORK

NETWORK

IP MULTICAST ADDRESSES (28 BITS)

RESERVED FOR EXPERIMENTS

0

10

110

1110

11110

Class A

Class B

Class C

Class D

Class E

HOST (24 BITS)

HOST (16 BITS)

HOST (8 BITS)

14

IP Addressing - Classes

• Class A: first octet between 1-126– 126 networks (0 and 127 reserved)– Assigned to very large size networks– 65K < number of hosts < 16M

• Class B: first octet between 128-191– 16384 networks– Assigned to Intermediate size networks– 256 < number of hosts < 65K

15

IP Addressing - Classes

• Class C: first octet between 192-223– 2097152 networks– Assigned to smaller networks– hosts < 256

• Class D: first octet between 224-239– Reserved for multicasting

• Class E: first octet between 240-255– Reserved for experimental use

16


Class Lowest Network Identifier Address

Highest Network Identifier Address

A 1.0.0.0 126.0.0.0

B 128.0.0.0 191.255.0.0

C 192.0.0.0 223.255.255.0

D 224.0.0.0 239.255.255.255

E 240.0.0.0 247.255.255.255

Dotted Decimal Notation

• Internet addresses are represented in text by the dotted decimal notation– each byte is written in decimal values (from 0 to 255)

• example:

10000000 00001010 00000010 00011110is written as 128. 10. 2. 30

Uniqueness of IP Addresses

• Network numbers are assigned by a central authority– The Internet Network Information Center (InterNIC)– Another authority, the IANA – Internet Assigned Numbers

Authority sets policy• Network numbers are unique worldwide• Host numbers are assigned by network managers

– They must be unique within a given network• Thus, IP addresses are unique worldwide.

19

Find the class of each address:

A- 227.12.14.87 B- 193.14.56.22 C- 14.23.120.8

D- 252.5.15.111 E- 134.11.78.56

Example

Solution

A. The first byte is 227 (between 224 and 239); the class is D.B. The first byte is 193 (between 192 and 223); the class is C.C. The first byte is 14 (between 0 and 127); the class is A.D. The first byte is 252 (between 240 and 255); the class is E.E. The first byte is 134 (between 128 and 191); the class is B.

20

Special Purpose IP Addresses

• 0.0.0.0– Means this host, used by machines as source address when

they boot up (if they don’t know their IP address, and need to get it from a boot server)

• 255.255.255.255– Means limited broadcast. Used as a destination address to

send packets to all hosts on the local network where the source is. Packets sent to this address are never relayed

• Network part all zeros– Means the host on this network

21


• Host part all ones– Broadcast address on the network specified in the network

identifier; routers typically do not forward these datagrams• Host part all zeros

– Broadcast address on the network specified in the network identifier (it was an implementation error in some networks)


• 127.x.x.x– Means loopback (datagrams are looped back in software;

they are not sent on any physical interface)• 224.0.0.1

– Multicast address for “All systems on this subnetwork”• 224.0.0.2

– Multicast address for “All routers on this subnetwork”

IPv4 versus IPv6

• IP version 6 (IPv6) has been defined and developed. • IPv6 uses 128 bits rather than the 32 bits currently used

in IPv4. • IPv6 uses hexadecimal numbers to represent the 128

bits.

IPv4

Translating Between IP and MAC Addresses (ARP and

RARP)• Each interface has an IP address at Layer 3, and a

MAC address at Layer 2• Assume that host A wants to send a packet to host B

(A and B on the same network)• Host A knows the IP address of host B; however, in

order to transmit the packet, host A must somehow know or find out what the MAC (layer 2) address of host B is!

• Solution: the Address Resolution Protocol (ARP), RFC826

Address Resolution Protocol

• Used to find the physical address of a target device on the local physical network, given only the target’s IP address. ARP mechanism:– The source broadcasts a special packet asking the device with

target IP address to respond with a message carrying the (IP address, physical address) mapping

– All devices on the local physical network receive the broadcast, but only the target recognizes its IP address and responds to the request

– When the source receives the reply, it sends the packet to the target using the target’s physical address and places the mapping in its cache.

ARP Process

ARP - example

tARP enables a computer to find the MAC address of the computer that isassociated with an IP address.

ARP - example

All devices on the network receive the packet and pass to network layer; only one device responds with an ARP reply.

ARP Message Format

PROTOCOL TYPE

TARGET IP (octets 0-3)

160 8 24

HLEN

HARDWARE TYPE

SENDER HA (octets 0-3)

TARGET HA (octets 2-5)

31

PLEN OPERATION

SENDER IP (octetS 0-1)SENDER HA (octetS 4-5)

TARGET HA (octets 0-1)SENDER IP (octetS 2-3)

ARP Message

• HARDWARE TYPE: specifies type of hardware interface for which the request is made (e.g., 1 for Ethernet)

• PROTOCOL TYPE: specifies high level protocol address supplied in message (e.g. 0800 hex for IP)

• HLEN and PLEN: specify length of fields for hardware address and protocol address respectively

• OPERATION: specifies if this is an ARP request or reply message (1 for ARP request, 2 for ARP response, 3 for RARP request and 4 for RARP response)

• HA and IP: hardware and IP addresses respectively

Reverse ARP - RARP

• Usually, a machine’s IP address is kept on its secondary storage (OS finds it at start up)

• Issue : Diskless Workstations!– files are stored on a remote server– need IP address to use TCP/IP to obtain initial boot

image• Solution : Use physical address to identify machine• Given a physical network address, find the corresponding

Internet address• Reverse Address Resolution Protocol (RARP), RFC903

RARP

• Mechanism– Sender broadcasts a RARP request, supplying its physical

network address in the Target HA field– Only machines authorized to supply the RARP service (RARP

servers) process the request and send a reply filling in the target internet address

• Mechanism allows a host to ask about an arbitrary target– thus sender HA is separate from target HA address– RARP server replies to sender’s HA

• Ethernet frame Protocol Type for RARP is 8035 hex

RARP

The source initiates a RARP request, which helps it detect its own IP address.

Advanced ARP Concepts

• Default gateway• Proxy ARP

35

Default Gateway

• Another term for a router

• If a computer does not know how to deliver a packet, it sends the packet to the default gateway

• A router may be a dedicated hardware device or a computer with multiple network cards

• The router must be on the same network as the computer sending the packet

How ARP Sends Data to Remote Networks?

Proxy ARP

Internet Control Message Protocol• Architecturally above IP -- ICMP messages are carried in IP

packets and are demultiplexed at receiver.• Transfer of (control) messages from routers and hosts to hosts• Feedback about problems

– e.g. time to live expired, destination unreachable (e.g. no ARP reply), checksum fails (header only!), no route to destination, etc.

• Considered “part” of IP, but it is really a user of IP– Encapsulated in IP datagram– Not reliable– ICMP messages sent in response to incoming datagrams with

problems – ICMP message not sent for ICMP message

Internet Control Message Protocol

• Used by hosts, routers, gateways to communication network-level information– error reporting:

unreachable host, network, port, protocol

– echo request/reply (used by ping)

• ICMP message: type, code plus first 8 bytes of IP datagram causing error

Type Code description0 0 echo reply (ping)3 0 dest. network unreachable3 1 dest host unreachable3 2 dest protocol unreachable3 3 dest port unreachable3 6 dest network unknown3 7 dest host unknown4 0 source quench (congestion control - not used)8 0 echo request (ping)9 0 route advertisement10 0 router discovery11 0 TTL expired12 0 bad IP header

ICMP and Ping

• An internet host, A, is reachable from another host, B, if datagrams can be delivered from A to B

• ping program tests reachability - sends datagram from B to A that A echoes back to B

• Uses ICMP echo request and echo reply messages • Internet layer includes code to reply to incoming ICMP

echo request messages

ICMP and MTU Discovery

• Fragmentation should be avoided for optimal performance

• How can source configure outgoing datagrams to avoid fragmentation?

• Source determines path MTU - smallest network MTU on path from source to destination

• Source probes path using IP datagrams with don't fragment flag

• Router responds with ICMP fragmentation required message

• Source sends smaller probes until destination reached.

ICMP and Redirect• Default route may cause extra hop

– Host A is sending a packet to Host B. Host A's default IP router is router R1. Host A forwards the packet destined for Host B to its default router R1.

– R1 checks its routing table and finds that the next hop for the route to the network for Host B is router R2.

– If Host A and R2 are on the same network that is also directly attached to R1, an ICMP Redirect message is sent to Host A informing it that R2 is the better route when sending to Host B.

– Router R1 then forwards the IP datagram to R2. – Host A adds a host route to its routing table for Host B's IP

address with router R2's IP address as the forwarding address. Subsequent datagrams from Host A to Host B are forwarded by means of router R2.

Internet Control Message Protocol

5-61

45

ICMP in Action

46

• 20 bytes ≤ Header Size < 24 x 4 bytes = 60 bytes• 20 bytes ≤ Total Length < 216 bytes = 65536 bytes

IP Packet Format

ECNversionheaderlength

DS total length (in bytes)

Identification Fragment offset

source IP address

destination IP address

options (0 to 40 bytes)

payload

4 bytes

time-to-live (TTL) protocol header checksum

bit # 0 15 23 248 317 16

0MF

DF

IP header format

IP header format: Version

• 4 bits.• Indicates the version of

IP currently used.– IPv4 : 0100– IPv6 : 0110

• 4 bits.• Indicates the version of

IP currently used.– IPv4 : 0100– IPv6 : 0110

IP header format: Header length

• 4 bits.• IP header length : Indicates the

datagram header length in 32 bit words (4 bits), and thus points to the beginning of the data.

• 4 bits.• IP header length : Indicates the

datagram header length in 32 bit words (4 bits), and thus points to the beginning of the data.

IP header format: Service type

• 8 bits.• Specifies the level of importance

that has been assigned by a particular upper-layer protocol.• Precedence. • Reliability. • Speed.

• 8 bits.• Specifies the level of importance

that has been assigned by a particular upper-layer protocol.• Precedence. • Reliability. • Speed.

IP header format: Total length

• 16 bits.• Specifies the length of the

entire IP packet, including data and header, in bytes.

• 16 bits.• Specifies the length of the

entire IP packet, including data and header, in bytes.

IP header format: Identification

• 16 bits.• Identification contains an integer

that identifies the current datagram.• Assigned by the sender to aid in

assembling the fragments of a datagram.

• 16 bits.• Identification contains an integer

that identifies the current datagram.• Assigned by the sender to aid in

assembling the fragments of a datagram.

IP header format: Flags

• 3 bits.• The second bit specifying whether the

packet can be fragmented .• The last bit specifying whether the packet

is the last fragment in a series of fragmented packets.

• 3 bits.• The second bit specifying whether the

packet can be fragmented .• The last bit specifying whether the packet

is the last fragment in a series of fragmented packets.

IP header format: Fragment offset

• 13 bits.• The field that is used to help piece together

datagram fragments.• The fragment offset is measured in units of

8 octets (64 bits). • The first fragment has offset zero.

• 13 bits.• The field that is used to help piece together

datagram fragments.• The fragment offset is measured in units of

8 octets (64 bits). • The first fragment has offset zero.

IP header format: Time to Live

• 8 bits.• Time-to-Live maintains a counter that

gradually decreases to zero, at which point the datagram is discarded, keeping the packets from looping endlessly.

• 8 bits.• Time-to-Live maintains a counter that

gradually decreases to zero, at which point the datagram is discarded, keeping the packets from looping endlessly.

IP header format: Protocol

• 8 bits.• Indicates which upper-layer protocol receives

incoming packets after IP processing has been completed• 06 : TCP• 17 : UDP

• 8 bits.• Indicates which upper-layer protocol receives

incoming packets after IP processing has been completed• 06 : TCP• 17 : UDP

57

Fields of the IP Header

• Protocol (1 byte): • Specifies the higher-layer protocol.• Used for demultiplexing to higher layers.

IP

1 = ICMP 2 = IGMP

6 = TCP 17 = UDP

4 = IP-in-IPencapsulation

IP header format: Header checksum

• 16 bits.• A checksum on the header only,

helps ensure IP header integrity.

• 16 bits.• A checksum on the header only,

helps ensure IP header integrity.

IP header format: Addresses

• 32 bits each.• Source IP Address• Destination IP Address

• 32 bits each.• Source IP Address• Destination IP Address

IP header format: Options

• Variable length.• Allows IP to support various options,

such as security, route, error report ...

• Variable length.• Allows IP to support various options,

such as security, route, error report ...

61

Fields of the IP Header

• Options:

– Security restrictions

– Record Route: each router that processes the packet adds its IP address to the header.

– Timestamp: each router that processes the packet adds its IP address and time to the header.

– (loose) Source Routing: specifies a list of routers that must be traversed.

– (strict) Source Routing: specifies a list of the only routers that can be traversed.

IP header format: Padding

• The header padding is used to ensure that the internet header ends on a 32 bit boundary.

• The header padding is used to ensure that the internet header ends on a 32 bit boundary.

63

Maximum Transmission Unit

• Maximum size of IP datagram is 65535, but the data link layer protocol generally imposes a limit that is much smaller

• Example: – Ethernet frames have a maximum payload of 1500 bytes

IP datagrams encapsulated in Ethernet frame cannot be longer than 1500 bytes

• The limit on the maximum IP datagram size, imposed by the data link protocol is called maximum transmission unit (MTU)

• MTUs for various data link protocols: Ethernet: 1500 FDDI: 4352802.3: 1492 ATM AAL5: 9180802.5: 4464 PPP:

negotiated

64

IP Fragmentation

FDDIRing

RouterHost A Host B

Ethernet

MTUs: FDDI: 4352 Ethernet: 1500

• Fragmentation: • IP router splits the datagram into several datagram• Fragments are reassembled at receiver

• What if the size of an IP datagram exceeds the MTU?

IP datagram is fragmented into smaller units.• What if the route contains networks with different MTUs?

65

Where is Fragmentation done?

• Fragmentation can be done at the sender or at intermediate routers

• The same datagram can be fragmented several times.• Reassembly of original datagram is only done at destination

hosts !!

Router

IP datagram H Fragment 1 H1Fragment 2 H2

IP IP

RouterSource Destination

Network Network

Fragmentation and Reassembly

Fragmentat router

Fragmentat source

Reassembleat destination

Fragmentation takes place at the sender and routers Reassembly takes place at the receiver ONLY.

67

What’s involved in Fragmentation?

• The following fields in the IP header are involved:

Identification When a datagram is fragmented, the identification is the same in all fragments

Flags DF bit is set: Datagram cannot be fragmented and must

be discarded if MTU is too smallMF bit set: This datagram is part of a fragment and an

additional fragment follows this one





0MF

DF

68

• The following fields in the IP header are involved:

Fragment offset Offset of the payload of the current fragment in the original datagram

Total length Total length of the current fragment





0MF

DF

What’s involved in Fragmentation?

69

Example of Fragmentation• A datagram with size 2400 bytes must be fragmented

according to an MTU limit of 1000 bytes

IP datagram

Router

Fragment 2Fragment 3

MTU: 1000MTU: 4000

Fragment 1

Header length: 20

Total length: 2400

Identification: 0xa428

DF flag: 0

MF flag: 0

Fragment offset: 0

Header length: 20

Total length: 996


DF flag: 0

MF flag: 1

fragment offset: 0

Header length: 20

Total length: 996


DF flag: 0

MF flag: 1

Fragment offset: 122

Header length: 20

Total length: 448


DF flag: 0

MF flag: 0

Fragment offset: 244

70

Determining the length of fragments

To determine the size of the fragments we recall that, since there are only 13 bits available for the fragment offset, the offset is given as a multiple of eight bytes. As a result, the first and second fragment have a size of 996 bytes (and not 1000 bytes). This number is chosen since 976 is the largest number smaller than 1000–20= 980 that is divisible by eight. The payload for the first and second fragments is 976 bytes long, with bytes 0 through 975 of the original IP payload in the first fragment, and bytes 976 through 1951 in the second fragment. The payload of the third fragment has the remaining 428 bytes, from byte 1952 through 2379. With these considerations, we can determine the values of the fragment offset, which are 0, 976 / 8 = 122, and 1952 / 8 = 244, respectively, for the first, second and third fragment.

network protocols

Documents

protocol suitethe

obsolete protocol

protocol suitetcpipdominates

network protocols ip

common protocol stack

protocol stack map

common protocol suitesbecause

internet protocol suiteipxspx