Upload
kristopher-davis
View
223
Download
2
Embed Size (px)
Citation preview
IP technology, part 1
1) IP technology basic concepts
2) The IP protocol stack
3) Transport layer protocols (UDP, TCP, SCTP)
4) The IP datagram header (IPv4 and IPv6)
5) Addressing and routing
IP technology related source material
All possible IP-related topics are not covered in this course. The basic idea is to learn the technology needed for carrying services traditionally offered by circuit-switched networks (e.g. voice traffic in PSTN or PLMN) over IP networks.
More information on each topic is available from IETF web pages, where numerous requests for comments (RFCs) are listed. RFCs are generally easier to read (at leat the introduction part) than for instance the ITU-T or 3GPP standardization literature. Also, Wikipedia should be a reasonably reliable source on IP-related technology. (If there is conflict between Wikipedia and lecture notes, please contact the lecturer.)
IP network architecture
HostHost
LAN or intranet LAN or intranet
Router
Computer
HostHost
HostHost
HostHost Host can be behind modem or ADSL connection
ARP
Public Internet
Client-server concept
HostHost
ServerClient
Transactions are always started by client
Network does not have to know IP address of client before transaction (dynamic IP address allocation is possible)
Web (www) applications are based on this concept
HostHost
Request
Response
:
•
•
•
Role of routers in an IP network
HostHost
ServerClient
Routers perform switching of IP packets (task of the OSI network layer)
IP packets are routed independently through the IP network(s) towards the destination indicated by the destination IP address in the IP datagram header
Independent routing => connectionless service (IP packets belonging to a certain transaction can travel along different paths, experience different delays, and arrive out of sequence at the destination…)
HostHost
Router
•
•
•
IP protocol suite
LAN-protocols, ATM, PSTN/ISDN, PLMN …LAN-protocols, ATM, PSTN/ISDN, PLMN …
ARPARP
UDPUDPTCPTCP
ICMPICMPIPIP
SMTP POP, IMAP
SMTP POP, IMAP HTTPHTTPFTPFTP DNSDNS
Signalling Protocols
(e.g. ISUP)
Signalling Protocols
(e.g. ISUP)
SLIPSLIP PPPPPP
RIPRIP OSPFOSPF BGPBGP
SCTPSCTP
RTPRTP
RT DataRT DataHTMLHTML
Lower protocol layers
ARP (Address Resolution Protocol) takes care of mapping between logical IP addresses and physical MAC addresses in a Local Area Network (LAN).
PPP (Point-to-Point Protocol) or SLIP (Serial Line IP) is used for transport of IP traffic over modem connections between terminal and ISP’s Point of Presence (PoP).
LAN-protocols, ATM, PSTN/ISDN, PLMN …LAN-protocols, ATM, PSTN/ISDN, PLMN …
ARPARP
ICMPICMPIPIP
SLIPSLIP PPPPPP
RIPRIP OSPFOSPF BGPBGP
Bearer Technology
Assisting protocols in the IP layer (1)
ICMP (Internet Control Message Protocol) is a mandatory protocol (i.e. must be supported by all routers) and is used for informing hosts about problems in the network.
UDPUDPTCPTCP
ICMPICMPIPIP RIPRIP OSPFOSPF BGPBGP
SCTPSCTP
ARPARPSLIPSLIP PPPPPP
Some ICMP messages: destination network/host/port unreachable/unknown, echo request, echo reply, TTL expired, IP header bad.
Assisting protocols in the IP layer (2)
Various routing protocols are employed for exchanging information between routers in the IP network
UDPUDPTCPTCP
ICMPICMPIPIP RIPRIP OSPFOSPF BGPBGP
SCTPSCTP
ARPARPSLIPSLIP PPPPPP
RIP (Routing Information Protocol) OSPF (Open Shortest Path First)
BGP (Border Gateway Protocol)
for routing within autonomous systems
for “international” routing
Transport layer protocols (1)
TCP (Transmission Control Protocol) takes care of end-to-end flow & error control + segmentation & reassembly of larger blocks of information.
UDP (User Datagram Protocol) is used for ”unreliable but fast” transport of independent blocks of information.
UDPUDPTCPTCP
ICMPICMPIPIP
SMTP POP, IMAP
SMTP POP, IMAP HTTPHTTPFTPFTP DNSDNS
Signalling Protocols
(e.g. ISUP)
Signalling Protocols
(e.g. ISUP)
RIPRIP OSPFOSPF BGPBGP
SCTPSCTP
RTPRTP
RT DataRT DataHTMLHTML
Transport layer protocols (2)
SCTP (Stream Control Transmission Protocol) is an alternative to TCP (=> too slow) or UDP (=> not reliable), primarily for carrying signalling information. SCTP may become popular also more generally in the future.
UDPUDPTCPTCP
ICMPICMPIPIP
SMTP POP, IMAP
SMTP POP, IMAP HTTPHTTPFTPFTP DNSDNS
Signalling Protocols
(e.g. ISUP)
Signalling Protocols
(e.g. ISUP)
RIPRIP OSPFOSPF BGPBGP
RTPRTP
RT DataRT DataHTMLHTML
Adapt. pr.Adapt. pr.
SCTPSCTP
See: http://www.isoc.org/briefings/017/index.shtmlSee: http://www.isoc.org/briefings/017/index.shtml
SCTP is used for signalling transport
Signalling Protocol (e.g. ISUP)Signalling Protocol (e.g. ISUP)
MTPMTP
Transport of SS7 application protocols (e.g. ISUP) over conventional SS7 network using MTP.
Transport of SS7 application protocols over IP using Sigtran protocol stack (which includes SCTP).
Protocol conversion in
signalling gateway (SGW)
Adapt. pr.Adapt. pr.
SCTPSCTP
IPIP
Phys.Phys.
Sigtran protocols
Four advantages of SCTP over TCP
SCTP TCP
Preservation of message boundaries (SCTP carries blocks of information)
Multistreaming property (several streams in parallel)
Multihoming property (the host has several points of attachment to the Internet)
Protection against SYN flooding attacks
TCP carries a continuous stream of information (bad for message transport)
One continuous stream only (head-of-line blocking possible)
One point of attachment only (makes TCP less reliable)
SYN flooding attacks are a problem in TCP
Preservation of message boundaries
TCP
SCTP
... ...
Information is carried as a continuous stream of bytes. The higher protocol layers must find the message boundaries at the receiving end, TCP cannot do this.
SCTP can find the message boundaries at the receiving end of the SCTP connection. Higher protocol layers do not have to do this.
... ...
Multisreaming
TCP
SCTP
... ...
... ...
A message is delayed or lost (1). All other messages of all other users (2) are delayed (=> head-of-line blocking).
If a message is delayed or lost (1), only messages belonging to this stream are delayed (2). Other messages are part of other SCTP streams and are carried without delay over the SCTP connection (also called SCTP association).
1
2
12
2 2
Multihoming
ClientClient ServerServer
In a TCP connection, only one IP address is available at each endpoint.
123.456.7.89 123.987.6.54
ClientClient ServerServer
In an SCTP connection, several IP addresses are available at each endpoint.
123.456.7.89123.456.6.78123.456.5.67
123.987.6.54123.987.5.43123.987.4.32
use insteadIf not available
Protection against SYN flooding attacks
TCP uses a three-way handshake to set up a connection. This method is prone to SYN flooding attacks.
SCTP uses a 4-way handshake with a signed cookie, in this way preventing DoS (Denial-of-Service) attacks like SYN flooding.
ClientClient ServerServerSYN
SYN/ACK
ACK
If client first sends SYN, but does not then send ACK, this TCP connection is left hanging...
Applications (1)
FTP (File Transfer Protocol) for sending larger files (offers flow and error control).
SMTP (Simple Mail Transfer Protocol) for outgoing e-mail.
POP (Post Office Protocol) or IMAP (Internet Message Access Protocol) for fetching e-mail from mailbox.
UDPUDPTCPTCP
SMTP POP, IMAP
SMTP POP, IMAP HTTPHTTPFTPFTP DNSDNS
Signalling Protocols
(e.g. ISUP)
Signalling Protocols
(e.g. ISUP)
SCTPSCTP
RTPRTP
RT DataRT DataHTMLHTML
Applications (2)
HTTP (HyperText Transfer Protocol) is used for client-server type of communication, and is the most popular protocol for transport of WWW content (e.g. HTML pages).
http://www.hut.fi/overview.html Uniform Resource Locator (URL)
protocol host computer content page written in HTML
UDPUDPTCPTCP
SMTP POP, IMAP
SMTP POP, IMAP HTTPHTTPFTPFTP DNSDNS
Signalling Protocols
(e.g. ISUP)
Signalling Protocols
(e.g. ISUP)
SCTPSCTP
RTPRTP
RT DataRT DataHTMLHTML
network &
Applications (3)
DNS (Domain Name System) performs translation between IP addresses and domain names:
122.233.121.123 thisnetwork.thishost.com
IP address must be used for routing through IP networks
However, domain names are more user friendly
UDPUDPTCPTCP
SMTP POP, IMAP
SMTP POP, IMAP HTTPHTTPFTPFTP DNSDNS
Signalling Protocols
(e.g. ISUP)
Signalling Protocols
(e.g. ISUP)
SCTPSCTP
RTPRTP
RT DataRT DataHTMLHTML
Applications (4)
RTP (Real Time Protocol) provides important functions (e.g. sequence numbering, time stamp) for transport of real time data. RTP runs on top of UDP.
UDPUDPTCPTCP
SMTP POP, IMAP
SMTP POP, IMAP HTTPHTTPFTPFTP DNSDNS
Signalling Protocols
(e.g. ISUP)
Signalling Protocols
(e.g. ISUP)
SCTPSCTP
RTPRTP
RT DataRT DataHTMLHTML
RTP can carry e.g. • Digitized speech (PCM)• Encoded speech (EFR, AMR)• Multimedia traffic (compressed audio, video)
Real Time Protocol (RTP)
RTP is used for carrying real-time data (e.g. coded voice) over IP networks. RTP offers two features:
The correct RTP packet order is maintained at the destination
RTP packets include a time stamp that records the exact time of transmission.
Voice stream
Voice stream
RTPRTP
UDPUDP
IPIP
:
Time stamps can be used at the destination to ensure synchronised play-out of (e.g.) the voice samples. TCP cannot be used below RTP, since TCP causes too large delays. Unfortunately, unlike TCP, UDP cannot guarantee correct packet order at the destination.
RTP avoids delay variation
It is worth noting that RTP cannot reduce the total transmission delay in the network.
However, the usage of time stamps helps to reduce the time variation or jitter at the destination.
RTP in itself cannot reduce the time variation. This is the task of the application (which utilises the time stamps provided by RTP) at the destination.
RTP is able to carry a large variety of coded information (audio or video) => RTP is the standard solution for VoIP applications (“Voice over RTP over UDP over IP”).
IPv4 header structure (1)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
Version (4 bits): tells that this is IP Version 4 (IPv4)
(In case of IPv6, the bits following the 4-bit Version field should be interpreted totally differently)
32 bits (= 4 bytes or octets)
IPv4 header structure (2)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
IP header length (4 bits) is needed since Options + Padding can vary in length. Usually IP header length = 20 bytes.
(The Options field is rarely used. This is why such a field is not included in the IPv6 header)
IPv4 header structure (3)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
ToS = Type of Service (8 bits) is used for QoS management purposes (=> DiffServ).
(In the IPv6 header there is an 8 bit Traffic class field for the same purpose)
IPv4 header structure (4)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
Datagram length (16 bits): since this field is 16 bits long, the IP datagram can contain up to 216 = 65535 bytes (in theory).
Most routers, however, cannot handle such large datagrams.
IPv4 header structure (5)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
IP fragmentation: a large IP datagram may be fragmented (in any router along the path) and will be reassembled at the destination.
IPv6 does not offer fragmentation (it is rarely used anyway).
All fragments contain the same
number
Has value zero in last
fragment
Position of fragment in
original datagram
IPv4 header structure (6)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
Time-to-live (8 bits): this number is decreased by one in each router along the path. If number zero is reached in a router, the IP datagram is discarded and the router sends an ICMP message (TTL expired) to the source of the datagram.
Used also in IPv6 (called “hop limit”)
IPv4 header structure (7)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
Protocol field (8 bits): describes which higher layer protocol is used (TCP, UDP, or SCTP). The header of the higher-layer datagram is located at the beginning of the IP datagram payload.
Used also in IPv6 (called “next header”)
Starts here ...
IP packet structure
Bearer protocol frame/packet/cellBearer protocol frame/packet/cell
IP datagramIP datagram
TCP/UDP datagramTCP/UDP datagram
User/application dataUser/application data
IP header
TCP/UDP header
Direction of transport
IPv4 header structure (8)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
Header checksum (16 bits): used for error control. Routers along the path have to recalculate the checksum.
This kind of error control is not used in IPv6 (since the same error control function is offered by TCP - and even UDP).
Why?Why?
IPv4 header structure (9)
VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram
IdentificationIdentification FlagsFlags Fragment offsetFragment offset
Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)
Source IP address Source IP address
Destination IP addressDestination IP address
OptionsOptions PaddingPadding
Payload of IP datagramPayload of IP datagram
Source and destination IP address (32 bits each): note that these addresses are not changed in routers along the route.
In IPv6 the addresses are 4 x 32 = 128 bits long!
IPv6 header structure
VersionVersion Traffic classTraffic class Flow label (identifies datagram ”flows”)Flow label (identifies datagram ”flows”)
Payload lengthPayload length Next headerNext header Hop limitHop limit
Payload of IP datagramPayload of IP datagram
Source IP address
Destination IP address
Can point to an “options” field in the
payload (instead of
TCP, UDP …)
32 bits (= 4 bytes or octets)
IPv4 and IPv6 address structure
IPv4 address (32 bits or 4 bytes):
123.45.67.89
IPv6 address (128 bits or 16 bytes):
One byte (number between 0 and 255)
2001:0db8:85a3:0000:1319:8a2e:0370:7344
Four hexadecimal numbers (between 0 and f), each occupying four bits.
Strong points of IPv6
Larger IP address space (3.4 1038 IP addresses available)
Fixed IP datagram header length (no variable length options field …) and better way to handle options
More simple (and therefore faster) header processing; no checksum checking or fragmentation
Real-time service or QoS support (using ”flow label” and ”traffic class” fields)
.
UDP header structure
Source port numberSource port number Destination port numberDestination port number
Length of UDP content (incl.header)Length of UDP content (incl.header) ChecksumChecksum
UDP payload (application data)UDP payload (application data)
Two functions of UDP:
• application multiplexing (using port numbers)
• error control (using checksum)
TCP header structure
Source port numberSource port number Destination port numberDestination port number
Sequence numberSequence number
Acknowledgement numberAcknowledgement number
Data offsetData offset FlagsFlags Receiver window sizeReceiver window size
ChecksumChecksum Urgent pointerUrgent pointer
Options Options PaddingPadding
TCP payload (application data) TCP payload (application data)Starts here ...
Flow control
Flags are one-bit indicators (SYN, ACK, FIN ...) used for simple signalling (TCP connection setup and teardown)
IP address – points to host Port – points to application
Difference between IP address and port
TCP/UDPTCP/UDP
IPIP
TCP/UDPTCP/UDP
IPIP
Host A Host B
Port Y Port Z
IP address N IP address M
IP datagram contains:
(in IP header)source IP address Ndestination IP address M
(in TCP/UDP header)source port Ydestination port Z
Some important port numbers
http (web applications) 80 TCP onlyhttps (http over SSL) 443 TCP onlyDNS 53 UDP mainlySMTP (outgoing mail)25 TCP/UDPPOP3 (from mail server) 110 TCP onlyIMAP (from mail server) 220 TCP/UDP
(Just to give an example, not necessary to remember.)
IP address + port number is given as 123.456.7.89:80
(Within the server only. The client can usually freely choose its port number.)
IPv4 address structure
0 Network HostHost
HostHost110 Network
Class A
Class B
Class C
10 Network
27 = 128 224 = 16.8 106
214 = 16384 216 = 65536
28 = 256221 = 2.1 106
Hierarchical structure:
Flat structure would provide 232 = 4.3 109 IP addresses
IPv6 provides 2128 = 3.4 1038 IP addresses !
unnecessary capacity
running out of class B networks !
HostHost
Insufficient IPv4 address space
There are basically four ways to avoid running out of IP addresses, either by making more efficient usage of the available address space (point 1) or by “expanding” the address space (points 2 – 4):
Classless interdomain routing (CIDR)
Dynamic IP address allocation
Network address translation (NAT)
Move to IPv6 (=> virtually unlimited address space).
1.
2.
3.
4.
Classless interdomain routing (CIDR)
In comparison with the original class-oriented address structure, CIDR makes more efficient usage of the available address space. The size of the network part of the address is included in the IP address after the slash:
10110110 00101110 01011100 01101110
Network part = 21 bits Host part = 32 – 21 = 11 bits
182.46.92.110/21
In this example, eight class C networks are effectively grouped into one larger network.
Dynamic IP address allocation
IP address is allocated temporarily. Address is taken from an address pool (stored in a DHCP server) and after usage is returned to the address pool.
Applications: Dial-up (modem) Internet accessADSLGPRSWLAN
Protocol used: DHCP (Dynamic Host Configuration Protocol, RFC 2131).
• • • •
Network address translation (NAT)
NAT is a method of connecting a number of hosts (in a private network) to the Internet using a single external IP address.
NAT gateway
NAT gateway
Private network Internet
10.123.4.12
10.123.4.11
10.123.4.13
Reusable IP addresses (for instance of form 10.x.x.x or 192.168.x.x) are used for routing "behind" the NAT gateway.
Port no. 1
Port no. 2
Port no. 3
A single (globally unique) IP address is used for routing through the Internet. Hosts are identified by TCP/UDP port numbers.
123
.456.7
.89
IP address and port usage in NAT
In outgoing packets (from client to server), NAT affects the source IP address and port number:
S port nr. D port nr.S IP addr. D IP addr.… … …
IP header TCP/UDP header
In incoming packets, the destination IP address and port number are affected:
S port nr. D port nr.S IP addr. D IP addr.… … …
10.123.4.11 => 123.456.7.89For example:
1123 => 12515For example:
AS 1
Hierarchical structure of Internet
AS 2AS 3
IGP
IGP
AS = Autonomous
System
IGP = Interior
Gateway Protocol
EGP = Exterior Gateway Protocol
EGP
Routing protocols in Internet
In practice, there is worldwide only one very complex EGP, namely BGP (Border Gateway Protocol)
The two most well-known IGP’s are RIP and OSPF
OSPF (Open Shortest Path
First)
RIP (Routing Information
Protocol)
RIP vs. OSPF
RIP is a distance vector routing protocol, where neighbouring routers exchange routing information.
RIP is one of the oldest IGPs and is still widely used today.
OSPF is a link-state routing protocol, where routers construct a complete topological map of the entire autonomous system.
Autonomous system can be hierarchically structured into smaller “networks”.
Open => publicly available (not like Cisco’s EIGRP)
RFC 1723
RFC 2178
Example: downloading HTML page (1)
User terminal
(Client)
HTML page source
(Server)
Send me HTML page
HTTPHTTP
TCPTCP
IPIP
PPPPPP
IPIP
PPPPPP
HTTPHTTP
TCPTCP
IPIP
ATMATMATMATM
Internet service provider’s PoP
Modem connection and PPP link between user terminal and ISP’s Point of Presence (PoP) is established. User terminal is given IP address (dynamic allocation).
UDPUDP
Example: downloading HTML page (2)
User terminal
(Client)
HTML page source
(Server)
UDPUDP
IPIP
PPPPPP
DNS performs translation between URL and IP address of server (only the latter can be used for routing IP packets to the server).
UDPUDP
IPIP
Contact DNS ...
IP
DNS replies ...
IPIP
PPPPPP
Example: downloading HTML page (3)
User terminal
(Client)
HTML page source
(Server)
HTTPHTTP
TCPTCP
IPIP
PPPPPP
IPIP
PPPPPP
HTTPHTTP
TCPTCP
IPIP
ATMATMATMATM
TCP connection is set up. Note that IP packets can be routed over different bearer networks (like ATM as above) and do not necessarily follow the same path.
Three-way handshaking
Example: downloading HTML page (4)
User terminal
(Client)
HTML page source
(Server)
HTTPHTTP
TCPTCP
IPIP
PPPPPP
IPIP
PPPPPP
HTTPHTTP
TCPTCP
IPIP
ATMATMATMATM
HTTP request (get HTML page) is sent to server. HTTP reply (including HTML page) is returned in a “200 ok” message.
RequestReply
Example: downloading HTML page (5)
User terminal
(Client)
HTML page source
(Server)
HTTPHTTP
TCPTCP
IPIP
PPPPPP
IPIP
PPPPPP
HTTPHTTP
TCPTCP
IPIP
ATMATMATMATM
If the client has no more requests, the TCP connection is cleared.
Two-way handshaking
Example: downloading HTML page (6)
User terminal
(Client)
HTML page source
(Server)
HTTPHTTP
TCPTCP
IPIP
PPPPPP
IPIP
PPPPPP
HTTPHTTP
TCPTCP
IPIP
ATMATMATMATM
When requested by the client, the PPP and modem connections are cleared. (Bearer connections within the Internet backbone are naturally not cleared.)