1 Kyung Hee University Chapter 7 Internet Protocol Version 4 (IPv4)

11

Kyung Hee University

Chapter 7Chapter 7Internet Internet Protocol Protocol Version 4Version 4

(IPv4)(IPv4)

22


7.1 Introduction7.1 Introduction

The transmission mechanism used by the TCP/IP

Unreliable and connectionless datagram protocol

Best-effort delivery service

IP packets can be corrupted, lost, arrive out of order, or delayed and may create congestion for the network

Each datagram is handled independently

Each datagram can follow a different route to

destination

Datagram sent by the same source to the same destination could arrive out of order.

33


Position of IP in TCP/IP protocol suitePosition of IP in TCP/IP protocol suite

44


7.2 Datagrams7.2 Datagrams

Datagrams are packets in the network layer

Datagram is a variable-length packet consisting of

header and data.

The header is 20 to 60 bytes, contains information essential to routing and delivery

It is customary in TCP/IP to show the header in 4-byte section

Field in Header

Version(VER) – the version of IP protocol (4-bit)

Header length(HLEN) – total length of the datagram header in 4-byte words.

55


IP DatagramIP Datagram

66



TOS(Type of Service) – 8-bit

Precedenceinterpretation

0 0 0xxx 0

0

1

xx

x

x

x

x

x

x

x

x

x

x

1

1Differential service

interpretation

x

Category Codepoint Assigning Authority

1 XXXXX0 Internet : 24 services

2 XXXX11 Local

3 XXXX01 Temporary or experiment

77



Total Length

16-bit field (limited to 65,535 bytes)

Define the total length of the IP datagram in bytes

Length of data = total length – header length

Encapsulation of a small datagram in an Ethernet frame

Figure 7.4 Encapsulation of a small datagram in an Ethernet frame

88


IP DatagramIP DatagramIdentification – used in fragmentation

Flags – used in fragmentation

Fragmentation offset – used in fragmentation

Time to love – limited life time of datagram

Protocol – the higher level protocol that uses the

services of the IP layer

Fig. 7.5 Multiplexing

99



Checksum – Check errors

Source address – The IP address of source

Destination address – The IP address of destination

1010


Example 7.1Example 7.1

An IP packet has arrived with the first 8 bit shown:

The receiver discards the packet. Why?

SolutionThere is an error in this packet. The 4 left-most bit(0100) show the version, which is correct. The next 4 bit(0010) show the wrong header length(2 × 4 = 8). The minimum number of byte in the header must be 20. The packet has been corrupted in transmission.

1111



In an IP packet, the value of HLEN is 1000 in binary. How

many byte of option are being carried by this packet?

Solution

The HLEN value is 8, which means the total number of

bytes in the header is 8 × 4 or 32 bytes. The first 20 bytes

are the base header, the next 12 bytes are the option.

1212



In an IP packet, the value of HLEN is 516 and the value of

the total length field is 002816. How many bytes of data are

being carried by this packet?

Solution

The HLEN value is 5, which mean the total number of

bytes in the header is 5 × 4 or 20 bytes (no options). The

total length is 40 bytes, which means the packet is

carrying 20 bytes of data (40 − 20).

1313


7.3 Fragmentation7.3 Fragmentation

The format and size of the received frame depend on

the protocol used by the physical network

When a datagram encapsulated in a frame, the total size

of the datagram must be less than MTU(Maximum

Transfer Unit) size

We must divide the datagram to make it possible to

pass through the network; this is called fragmentation

1414


MTU(Maximum Transfer Unit)MTU(Maximum Transfer Unit)

IP datagram

Frame

Header TrailerMTUMaximum length of data that can be encapsulated in a frame

1515


FragmentationFragmentation

The value of the MTU differs from one physical network

protocol to another

1616


Fields Related to FragmentationFields Related to Fragmentation

Identification – All fragments have the same

identification value

Flag – 3-bit field

Fragmentation offset – 13-bit field, the relative position

of this fragment with respect to the whole datagram

1717


Fragmentation ExampleFragmentation Example

0000 1399

Offset = 0000/8 = 0

1400 2799

Offset = 1400/8 = 175

2800 3999

Offset = 2800/8 = 350

1818


Detailed Fragmentation ExampleDetailed Fragmentation Example

0004020

14,567

Bytes 0000–3999

Original datagram

0

1751420

14,567

Bytes 1400–2799

Fragment 2

1

3501220

14,567

Bytes 2800–3999

Fragment 3

0

175820

14,567

Bytes 1400–2199

Fragment 2.1

1

Fragment 1

0001420

14,567

Bytes 0000–1399

1

1919



A packet has arrived with an M bit value of 0. Is this first

fragment, or a middle fragment? Do we know if the packet

was fragment?

Solution

If the M bit is 0, it means that there are no more fragment;

the fragment is the last one. However, we cannot say if

the original packet was fragment or not. A nonfragmented

packet is considered the last fragment.

2020



A packet has arrived in which the offset value is 100, the

value of HLEN is 5 and the value of the total length field is

100. What is the number of the first byte and the last

byte?

Solution

The first byte number is 100 × 8 = 800. The total length is

100bytes and the header length is 20bytes (5 × 4), which

means that there are 80 bytes in this datagram. If the first

byte number is 800, the last byte number must be 879.

2121


7.4 Options7.4 Options

Type field (8-bit) : Fixed length

Copy : Control the presence of the option in fragmentation

Class : Define the general purpose of the option

Number : Define the type of option

Length field (8-bit) : Fixed length

The total length of the option

Value field : Variable length

Contain the data that specific options require

2222


Option FormatOption Format

Type Length

8 bits 8 bits

Value

Variable length

Copy

0 Copy only in first fragment1 Copy into all fragments

Class

00 Datagram control01 Reserved10 Debugging and management11 Reserved

Number

00000 End of option00001 No operation00011 Loose source route00100 Timestamp00111 Record route01001 Strict source route

2323


Categories of OptionsCategories of Options

2424


No Operation OptionNo Operation Option

1-byte option used as a filter between options

2525


End-of-Option OptionEnd-of-Option Option

1-byte option used for padding at the end of the option

field

2626


Record-Route OptionRecord-Route Option

Used to record the Internet routers that handle the

datagram

2727


Record-Route ConceptRecord-Route Concept

67.34.30.6 138.6.25.40

67.14.10.22

140.10.0.0/16

140.10.5.4

200.14.7.9

200.14.7.0/24

200.14.7.14

138.6.22.26

138.6.0.0/16

140.10.6.3

Network Network Network Network67.0.0.0/24

7 15 7 15140.10.6.3

7 15 12140.10.6.3200.14.7.9

7 1615140.10.6.3200.14.7.9138.6.22.26

4 8

2828


Strict-Source-Route OptionStrict-Source-Route Option

Used by source to predetermine a route for the

datagram as it travels through the Internet

All of routers defined in the option must be visited by

the datagram

2929


Strict-Source-Route ConceptStrict-Source-Route Concept

67.34.30.6 138.6.25.40

67.14.10

.22

140.10.0.0/16

140.10

.5.4

200.14

.7.9

200.14.7.0/24

200.14

.7.14

138.6.22

.26

138.6.0.0/16

140.10

.6.3


Source: 67.34.30.6Destination: 67.14.10.22

200.14.7.14140.10.5.4

415137

138.6.25.40

Destination:140.10.5.4Source: 67.34.30.6

815137

138.6.25.40

67.14.10.22200.14.7.14

Source: 67.34.30.6Destination:200.14.7.14

1215137

138.6.25.40

67.14.10.22140.10.5.4

Source: 67.34.30.6Destination:138.6.25.40

161513767.14.10.22

200.14.7.14140.10.5.4

3030


Loose-Source-Route OptionLoose-Source-Route Option

Similar to the strict source route, but it is more relaxed.

Each router in the list must be visited, but the datagram

can visit other routers as well

3131


Timestamp OptionTimestamp Option

Used to record the time of datagram processing by a router

The time is expressed in miliseconds from Universal Time

3232


Use of Flag in TimestampUse of Flag in Timestamp

Flag 0 : each router adds only the timestamp in the provided field

Flag 1 : each router must add its outgoing IP address and the

timestamp

Flag 3 : the IP addresses are given, and each router must check

the given IP address with its own incoming IP address

0

1

3333


Timestamp ConceptTimestamp Concept

67.34.30.6

67.14.10

.22

140.10.0.0/16

140.10

.5.4

200.14

.7.9

200.14.7.0/24

200.14

.7.14

138.6.22

.26

138.6.0.0/16

140.10

.6.3


68 28 05 1 68 28 13 0 1140.10.6.336000000

68 28 21 0 1140.10.6.336000000200.14.7.936000012

68 28 29 0 1140.10.6.336000000200.14.7.9

138.6.22.2636000012

36000020

3434



Which of the six option are used for datagram control and which

are used for debugging and management?

Solution

We look at the second and third (left-most) bits of the type.

a. No operation: type is 00000001; datagram control.

b. End of option: type is 00000000; datagram control.

c. Record route: type is 00000111; datagram control.

d. Strict source route: type is 10001001; datagram control.

e. Loose source route: type is 10000011; datagram control.

f. Timestamp: type is 01000100; debugging and management control.

3535



One of the utilities available in UNIX to check the traveling of the IP

packets is ping. In the next chapter, we talk about the ping program

in more detail. In this example, we want to show how to use the

program to see if a host is available. We ping a server at De Anza

College named fhda.edu. The result shows that the IP address of the

host is 153.18.8.1. The result also shows the number of bytes used.

3636



The traceroute program can be used to implement loose

source routing. The –g option allows us to define the

routers to be visited, from the source to destination. The

following shows how we can send a packet to the

fhda.edu server with the requirement that the packet visit

the router 153.18.251.4.

3737



The traceroute program can also be used to implement strict source routing. The –G option forces the packet to visit the routers in the command line. The following shows how we can send a packet to the fhda.edu server and force the packet to visit only the router 153.18.251.4.

3838


7.5 Checksum7.5 Checksum

Checksum – The error detection method used by most

TCP/IP protocol

Protect against the corruption that may occur during the transmission of a packet

Redundant information added to the packet

Calculated at the sender and the value obtained is sent with the packet

The receiver repeats the same calculation on the whole packet including the checksum

If the result is satisfactory, the packet is accepted; otherwise, it is rejected

3939


Checksum ConceptChecksum Concept

ChecksumPacket

n bits

n bits

n bits

n bits

n bits

n bits

n bits

Section 1

SumComplement

Result

Section 2

Checksum

Section k

Receiver

..............

..............

If the result is 0, keep;otherwise, discard.

4040


Checksum in One’s Complement ArithmeticChecksum in One’s Complement Arithmetic

Sender

Sum : TChecksum : _T

Datagram

_TT

4141



Figure shows an example of a checksum calculation at the sender site for an IP header without option. The header is divided into 16-bit sections. All the sections are added and the sum is complemented. The result is inserted in the checksum field.

Example of checksum calculation at the sender

10.12.14.5

051 0

17

12.6.7.9

4242



Figure shows the checking of checksum calculation at the receiver site ( or intermediate router ) assuming that no errors occurred in the header. The header is divided into 16-bit sections. All the sections are added and the sum is complement. Since the result is 16 0s, the packet is accepted.

4343


7.6 IP over ATM7.6 IP over ATM

In this section, we want to see how an IP datagram is

moving through a switched WAN such as an ATM

The IP packet is encapsulated in cells

An ATM network has its own definition for the physical address of a device

Binding between an IP address and a physical address is attained through a protocol called ATMARP

4444


An ATM WAN in the InternetAn ATM WAN in the Internet

4545


AAL LayerAAL Layer

The AAL layer used by the IP protocol is AAL5

The only AAL used by the Internet is AAL5

It is sometimes called the simple and efficient adaptation layer (SEAL).

AAL5 accepts an IP packet of no more than 65,536

bytes and adds 8-byte trailer

AAL5 passes the message in 48-byte segments to the

ATM layer

4646


Cell RoutingCell Routing

The cells start from the entering-point router and end at

the exiting-point router

ATM Network

ATM cell

Entering-pointrouter

Exiting-pointrouter

I II III

IP Packet

IPPacket

4747


Address Binding in IP over ATMAddress Binding in IP over ATM

An ATM network needs virtual circuit identifiers to

route the cell

IP datagram contains only source and destination IP address

Virtual circuit identifiers must be determined from the destination IP address.

4848


7.7 Security7.7 Security

Since the IPv4 protocol was started when the Internet

user trusted each other, no security was provided for

the IPv4 protocol

Today, however, the situation is different

The Internet is not secure any more

In this section, we give a brief idea about the security

issues in IP protocol and the solution

4949


Security IssuesSecurity Issues

Packet sniffing

Passive attack

The attacker does not change the contents of the packet

Encryption of the packet – attacker cannot see the contents of packet

Packet modification

Active attack

The attacker intercepts the packet, change the contents of the packet

Data integrity – receiver can make sure that packet has not been changed during the transmission

IP spoofing

An attacker can masquerade as somebody else and create an IP packet that carries the source address of another computer

Origin authentication mechanism can prevent this type of attack

5050


IPSec (IP Security)IPSec (IP Security)

Create a connection-oriented service between two entities in which they can exchange IP packet without worrying about the three attacks discussed before

Defining Algorithms and Key

The two entities that want to create a secure channel between themselves can agree on some available algorithms and keys to be used for security purpose

Packet Encryption

Make the packet sniffing attack useless

Data Integrity

Guarantee that the packet is not modified during the transmission

Origin Authentication

Prevent IP spoofing attack

5151


7.8 IP Package7.8 IP Package

IP package involves eight component

Header-adding module

Processing module

Forwarding module

Fragmentation module

Reassembly module

Routing module

MTU table

Reassembly table

5252


IP ComponentIP Component

5353


IP Header-Adding ModuleIP Header-Adding Module

5454


Processing ModuleProcessing Module

5555


IP PackageIP Package

Queue

Input queue – store the datagram coming from the data link layer or the upper-layer protocols

Output queue – store the datagram going to the data link layer or the upper-layer protocols

Routing table

Used by the forwarding module to determine the next-hop address of the packet

Forwarding module

Receive an IP packet from the processing module

Find the IP address of the next station along with the interface number to which the packet should be sent

MTU table

Used by the fragmentation module to find the maximum transfer unit of a particular interface

5656


Fragmentation ModuleFragmentation Module

5757


Fragmentation ModuleFragmentation Module

5858


Reassembly TableReassembly Table

Used by reassembly module

State field : FREE or IN-USE

IP address field : define the source IP address of the datagram

Datagram ID : number that uniquely defines a datagram

Timeout : predetermined amount of time in which all fragments must arrive

Fragment field : a pointer to a linked list of fragment

5959


Reassembly ModuleReassembly Module

6060


SummarySummary

IP is an unreliable connectionless protocol responsible for source-to-destination delivery. Packets in the IP layer are called datagrams

The MTU is the maximum number of bytes that a data link protocol can encapsulate. MTUs vary from protocol to protocol. Fragmentation is the division of a datagram into smaller units to accommodate the MTU of a data link protocol

The IP datagram header consists of a fixed, 20-byte section and a variable options section with a maximum 40 bytes. The options section of the IP header is used for network testing and debugging. The six IP options each have a specific function

6161


SummarySummary

The error detection method used by IP is the checksum. The checksum, however, convers only the header, but not the data. The checksum uses one’s complement arithmetic to add equal-size sections of the IP header. The complement result is stored in the checksum field. The receiver also used one’s complement arithmetic to check the header.

IP over ATM uses AAL5 layer in an ATM network. An ATM network creates a route between an entering-point router and exiting-point router. The next-hop address of an IP packet can be mapped to a physical address of an exiting-point router using ATMARP

An IP package can consist of the following : a header-adding module, a processing module, a forwarding module, a fragmentation module, a reassembly module, a routing table, an MTU table, and a reassembly table.

Documents

1 Kyung Hee University Chapter 7 Internet Protocol Version 4 (IPv4)