IP technology, part 1 1) IP technology basic concepts 2) The IP protocol stack 3) Transport layer protocols (UDP, TCP, SCTP) 4) The IP datagram header

IP technology, part 1

1) IP technology basic concepts

2) The IP protocol stack

3) Transport layer protocols (UDP, TCP, SCTP)

4) The IP datagram header (IPv4 and IPv6)

5) Addressing and routing

IP technology related source material

All possible IP-related topics are not covered in this course. The basic idea is to learn the technology needed for carrying services traditionally offered by circuit-switched networks (e.g. voice traffic in PSTN or PLMN) over IP networks.

More information on each topic is available from IETF web pages, where numerous requests for comments (RFCs) are listed. RFCs are generally easier to read (at leat the introduction part) than for instance the ITU-T or 3GPP standardization literature. Also, Wikipedia should be a reasonably reliable source on IP-related technology. (If there is conflict between Wikipedia and lecture notes, please contact the lecturer.)

IP network architecture

HostHost

LAN or intranet LAN or intranet

Router

Computer

HostHost

HostHost

HostHost Host can be behind modem or ADSL connection

ARP

Public Internet

Client-server concept

HostHost

ServerClient

Transactions are always started by client

Network does not have to know IP address of client before transaction (dynamic IP address allocation is possible)

Web (www) applications are based on this concept

HostHost

Request

Response

:

•

•

•

Role of routers in an IP network

HostHost

ServerClient

Routers perform switching of IP packets (task of the OSI network layer)

IP packets are routed independently through the IP network(s) towards the destination indicated by the destination IP address in the IP datagram header

Independent routing => connectionless service (IP packets belonging to a certain transaction can travel along different paths, experience different delays, and arrive out of sequence at the destination…)

HostHost

Router

•

•

•

IP protocol suite

LAN-protocols, ATM, PSTN/ISDN, PLMN …LAN-protocols, ATM, PSTN/ISDN, PLMN …

ARPARP

UDPUDPTCPTCP

ICMPICMPIPIP

SMTP POP, IMAP

SMTP POP, IMAP HTTPHTTPFTPFTP DNSDNS

Signalling Protocols

(e.g. ISUP)


(e.g. ISUP)

SLIPSLIP PPPPPP

RIPRIP OSPFOSPF BGPBGP

SCTPSCTP

RTPRTP

RT DataRT DataHTMLHTML

Lower protocol layers

ARP (Address Resolution Protocol) takes care of mapping between logical IP addresses and physical MAC addresses in a Local Area Network (LAN).

PPP (Point-to-Point Protocol) or SLIP (Serial Line IP) is used for transport of IP traffic over modem connections between terminal and ISP’s Point of Presence (PoP).

LAN-protocols, ATM, PSTN/ISDN, PLMN …LAN-protocols, ATM, PSTN/ISDN, PLMN …

ARPARP

ICMPICMPIPIP

SLIPSLIP PPPPPP


Bearer Technology

Assisting protocols in the IP layer (1)

ICMP (Internet Control Message Protocol) is a mandatory protocol (i.e. must be supported by all routers) and is used for informing hosts about problems in the network.

UDPUDPTCPTCP

ICMPICMPIPIP RIPRIP OSPFOSPF BGPBGP

SCTPSCTP

ARPARPSLIPSLIP PPPPPP

Some ICMP messages: destination network/host/port unreachable/unknown, echo request, echo reply, TTL expired, IP header bad.

Assisting protocols in the IP layer (2)

Various routing protocols are employed for exchanging information between routers in the IP network

UDPUDPTCPTCP

ICMPICMPIPIP RIPRIP OSPFOSPF BGPBGP

SCTPSCTP

ARPARPSLIPSLIP PPPPPP

RIP (Routing Information Protocol) OSPF (Open Shortest Path First)

BGP (Border Gateway Protocol)

for routing within autonomous systems

for “international” routing

Transport layer protocols (1)

TCP (Transmission Control Protocol) takes care of end-to-end flow & error control + segmentation & reassembly of larger blocks of information.

UDP (User Datagram Protocol) is used for ”unreliable but fast” transport of independent blocks of information.

UDPUDPTCPTCP

ICMPICMPIPIP

SMTP POP, IMAP



(e.g. ISUP)


(e.g. ISUP)


SCTPSCTP

RTPRTP


Transport layer protocols (2)

SCTP (Stream Control Transmission Protocol) is an alternative to TCP (=> too slow) or UDP (=> not reliable), primarily for carrying signalling information. SCTP may become popular also more generally in the future.

UDPUDPTCPTCP

ICMPICMPIPIP

SMTP POP, IMAP



(e.g. ISUP)


(e.g. ISUP)


RTPRTP


Adapt. pr.Adapt. pr.

SCTPSCTP

See: http://www.isoc.org/briefings/017/index.shtmlSee: http://www.isoc.org/briefings/017/index.shtml

SCTP is used for signalling transport

Signalling Protocol (e.g. ISUP)Signalling Protocol (e.g. ISUP)

MTPMTP

Transport of SS7 application protocols (e.g. ISUP) over conventional SS7 network using MTP.

Transport of SS7 application protocols over IP using Sigtran protocol stack (which includes SCTP).

Protocol conversion in

signalling gateway (SGW)

Adapt. pr.Adapt. pr.

SCTPSCTP

IPIP

Phys.Phys.

Sigtran protocols

Four advantages of SCTP over TCP

SCTP TCP

Preservation of message boundaries (SCTP carries blocks of information)

Multistreaming property (several streams in parallel)

Multihoming property (the host has several points of attachment to the Internet)

Protection against SYN flooding attacks

TCP carries a continuous stream of information (bad for message transport)

One continuous stream only (head-of-line blocking possible)

One point of attachment only (makes TCP less reliable)

SYN flooding attacks are a problem in TCP

Preservation of message boundaries

TCP

SCTP

... ...

Information is carried as a continuous stream of bytes. The higher protocol layers must find the message boundaries at the receiving end, TCP cannot do this.

SCTP can find the message boundaries at the receiving end of the SCTP connection. Higher protocol layers do not have to do this.

... ...

Multisreaming

TCP

SCTP

... ...

... ...

A message is delayed or lost (1). All other messages of all other users (2) are delayed (=> head-of-line blocking).

If a message is delayed or lost (1), only messages belonging to this stream are delayed (2). Other messages are part of other SCTP streams and are carried without delay over the SCTP connection (also called SCTP association).

1

2

12

2 2

Multihoming

ClientClient ServerServer

In a TCP connection, only one IP address is available at each endpoint.

123.456.7.89 123.987.6.54

ClientClient ServerServer

In an SCTP connection, several IP addresses are available at each endpoint.

123.456.7.89123.456.6.78123.456.5.67

123.987.6.54123.987.5.43123.987.4.32

use insteadIf not available

Protection against SYN flooding attacks

TCP uses a three-way handshake to set up a connection. This method is prone to SYN flooding attacks.

SCTP uses a 4-way handshake with a signed cookie, in this way preventing DoS (Denial-of-Service) attacks like SYN flooding.

ClientClient ServerServerSYN

SYN/ACK

ACK

If client first sends SYN, but does not then send ACK, this TCP connection is left hanging...

Applications (1)

FTP (File Transfer Protocol) for sending larger files (offers flow and error control).

SMTP (Simple Mail Transfer Protocol) for outgoing e-mail.

POP (Post Office Protocol) or IMAP (Internet Message Access Protocol) for fetching e-mail from mailbox.

UDPUDPTCPTCP

SMTP POP, IMAP



(e.g. ISUP)


(e.g. ISUP)

SCTPSCTP

RTPRTP


Applications (2)

HTTP (HyperText Transfer Protocol) is used for client-server type of communication, and is the most popular protocol for transport of WWW content (e.g. HTML pages).

http://www.hut.fi/overview.html Uniform Resource Locator (URL)

protocol host computer content page written in HTML

UDPUDPTCPTCP

SMTP POP, IMAP



(e.g. ISUP)


(e.g. ISUP)

SCTPSCTP

RTPRTP


network &

Applications (3)

DNS (Domain Name System) performs translation between IP addresses and domain names:

122.233.121.123 thisnetwork.thishost.com

IP address must be used for routing through IP networks

However, domain names are more user friendly

UDPUDPTCPTCP

SMTP POP, IMAP



(e.g. ISUP)


(e.g. ISUP)

SCTPSCTP

RTPRTP


Applications (4)

RTP (Real Time Protocol) provides important functions (e.g. sequence numbering, time stamp) for transport of real time data. RTP runs on top of UDP.

UDPUDPTCPTCP

SMTP POP, IMAP



(e.g. ISUP)


(e.g. ISUP)

SCTPSCTP

RTPRTP


RTP can carry e.g. • Digitized speech (PCM)• Encoded speech (EFR, AMR)• Multimedia traffic (compressed audio, video)

Real Time Protocol (RTP)

RTP is used for carrying real-time data (e.g. coded voice) over IP networks. RTP offers two features:

The correct RTP packet order is maintained at the destination

RTP packets include a time stamp that records the exact time of transmission.

Voice stream

Voice stream

RTPRTP

UDPUDP

IPIP

:

Time stamps can be used at the destination to ensure synchronised play-out of (e.g.) the voice samples. TCP cannot be used below RTP, since TCP causes too large delays. Unfortunately, unlike TCP, UDP cannot guarantee correct packet order at the destination.

RTP avoids delay variation

It is worth noting that RTP cannot reduce the total transmission delay in the network.

However, the usage of time stamps helps to reduce the time variation or jitter at the destination.

RTP in itself cannot reduce the time variation. This is the task of the application (which utilises the time stamps provided by RTP) at the destination.

RTP is able to carry a large variety of coded information (audio or video) => RTP is the standard solution for VoIP applications (“Voice over RTP over UDP over IP”).

IPv4 header structure (1)

VersionVersion IHLIHL Type of ServiceType of Service Total length of IP datagramTotal length of IP datagram

IdentificationIdentification FlagsFlags Fragment offsetFragment offset

Time-to-liveTime-to-live ProtocolProtocol Header checksum (for error control)Header checksum (for error control)

Source IP address Source IP address

Destination IP addressDestination IP address

OptionsOptions PaddingPadding

Payload of IP datagramPayload of IP datagram

Version (4 bits): tells that this is IP Version 4 (IPv4)

(In case of IPv6, the bits following the 4-bit Version field should be interpreted totally differently)

32 bits (= 4 bytes or octets)









IP header length (4 bits) is needed since Options + Padding can vary in length. Usually IP header length = 20 bytes.

(The Options field is rarely used. This is why such a field is not included in the IPv6 header)









ToS = Type of Service (8 bits) is used for QoS management purposes (=> DiffServ).

(In the IPv6 header there is an 8 bit Traffic class field for the same purpose)









Datagram length (16 bits): since this field is 16 bits long, the IP datagram can contain up to 216 = 65535 bytes (in theory).

Most routers, however, cannot handle such large datagrams.









IP fragmentation: a large IP datagram may be fragmented (in any router along the path) and will be reassembled at the destination.

IPv6 does not offer fragmentation (it is rarely used anyway).

All fragments contain the same

number

Has value zero in last

fragment

Position of fragment in

original datagram









Time-to-live (8 bits): this number is decreased by one in each router along the path. If number zero is reached in a router, the IP datagram is discarded and the router sends an ICMP message (TTL expired) to the source of the datagram.

Used also in IPv6 (called “hop limit”)









Protocol field (8 bits): describes which higher layer protocol is used (TCP, UDP, or SCTP). The header of the higher-layer datagram is located at the beginning of the IP datagram payload.

Used also in IPv6 (called “next header”)

Starts here ...

IP packet structure

Bearer protocol frame/packet/cellBearer protocol frame/packet/cell

IP datagramIP datagram

TCP/UDP datagramTCP/UDP datagram

User/application dataUser/application data

IP header

TCP/UDP header

Direction of transport









Header checksum (16 bits): used for error control. Routers along the path have to recalculate the checksum.

This kind of error control is not used in IPv6 (since the same error control function is offered by TCP - and even UDP).

Why?Why?









Source and destination IP address (32 bits each): note that these addresses are not changed in routers along the route.

In IPv6 the addresses are 4 x 32 = 128 bits long!

IPv6 header structure

VersionVersion Traffic classTraffic class Flow label (identifies datagram ”flows”)Flow label (identifies datagram ”flows”)

Payload lengthPayload length Next headerNext header Hop limitHop limit


Source IP address

Destination IP address

Can point to an “options” field in the

payload (instead of

TCP, UDP …)

32 bits (= 4 bytes or octets)

IPv4 and IPv6 address structure

IPv4 address (32 bits or 4 bytes):

123.45.67.89

IPv6 address (128 bits or 16 bytes):

One byte (number between 0 and 255)

2001:0db8:85a3:0000:1319:8a2e:0370:7344

Four hexadecimal numbers (between 0 and f), each occupying four bits.

Strong points of IPv6

Larger IP address space (3.4 1038 IP addresses available)

Fixed IP datagram header length (no variable length options field …) and better way to handle options

More simple (and therefore faster) header processing; no checksum checking or fragmentation

Real-time service or QoS support (using ”flow label” and ”traffic class” fields)

.

UDP header structure

Source port numberSource port number Destination port numberDestination port number

Length of UDP content (incl.header)Length of UDP content (incl.header) ChecksumChecksum

UDP payload (application data)UDP payload (application data)

Two functions of UDP:

• application multiplexing (using port numbers)

• error control (using checksum)

TCP header structure

Source port numberSource port number Destination port numberDestination port number

Sequence numberSequence number

Acknowledgement numberAcknowledgement number

Data offsetData offset FlagsFlags Receiver window sizeReceiver window size

ChecksumChecksum Urgent pointerUrgent pointer

Options Options PaddingPadding

TCP payload (application data) TCP payload (application data)Starts here ...

Flow control

Flags are one-bit indicators (SYN, ACK, FIN ...) used for simple signalling (TCP connection setup and teardown)

IP address – points to host Port – points to application

Difference between IP address and port

TCP/UDPTCP/UDP

IPIP

TCP/UDPTCP/UDP

IPIP

Host A Host B

Port Y Port Z

IP address N IP address M

IP datagram contains:

(in IP header)source IP address Ndestination IP address M

(in TCP/UDP header)source port Ydestination port Z

Some important port numbers

http (web applications) 80 TCP onlyhttps (http over SSL) 443 TCP onlyDNS 53 UDP mainlySMTP (outgoing mail)25 TCP/UDPPOP3 (from mail server) 110 TCP onlyIMAP (from mail server) 220 TCP/UDP

(Just to give an example, not necessary to remember.)

IP address + port number is given as 123.456.7.89:80

(Within the server only. The client can usually freely choose its port number.)

IPv4 address structure

0 Network HostHost

HostHost110 Network

Class A

Class B

Class C

10 Network

27 = 128 224 = 16.8 106

214 = 16384 216 = 65536

28 = 256221 = 2.1 106

Hierarchical structure:

Flat structure would provide 232 = 4.3 109 IP addresses

IPv6 provides 2128 = 3.4 1038 IP addresses !

unnecessary capacity

running out of class B networks !

HostHost

Insufficient IPv4 address space

There are basically four ways to avoid running out of IP addresses, either by making more efficient usage of the available address space (point 1) or by “expanding” the address space (points 2 – 4):

Classless interdomain routing (CIDR)

Dynamic IP address allocation

Network address translation (NAT)

Move to IPv6 (=> virtually unlimited address space).

1.

2.

3.

4.

Classless interdomain routing (CIDR)

In comparison with the original class-oriented address structure, CIDR makes more efficient usage of the available address space. The size of the network part of the address is included in the IP address after the slash:

10110110 00101110 01011100 01101110

Network part = 21 bits Host part = 32 – 21 = 11 bits

182.46.92.110/21

In this example, eight class C networks are effectively grouped into one larger network.

Dynamic IP address allocation

IP address is allocated temporarily. Address is taken from an address pool (stored in a DHCP server) and after usage is returned to the address pool.

Applications: Dial-up (modem) Internet accessADSLGPRSWLAN

Protocol used: DHCP (Dynamic Host Configuration Protocol, RFC 2131).

• • • •

Network address translation (NAT)

NAT is a method of connecting a number of hosts (in a private network) to the Internet using a single external IP address.

NAT gateway

NAT gateway

Private network Internet

10.123.4.12

10.123.4.11

10.123.4.13

Reusable IP addresses (for instance of form 10.x.x.x or 192.168.x.x) are used for routing "behind" the NAT gateway.

Port no. 1

Port no. 2

Port no. 3

A single (globally unique) IP address is used for routing through the Internet. Hosts are identified by TCP/UDP port numbers.

123

.456.7

.89

IP address and port usage in NAT

In outgoing packets (from client to server), NAT affects the source IP address and port number:

S port nr. D port nr.S IP addr. D IP addr.… … …

IP header TCP/UDP header

In incoming packets, the destination IP address and port number are affected:

S port nr. D port nr.S IP addr. D IP addr.… … …

10.123.4.11 => 123.456.7.89For example:

1123 => 12515For example:

AS 1

Hierarchical structure of Internet

AS 2AS 3

IGP

IGP

AS = Autonomous

System

IGP = Interior

Gateway Protocol

EGP = Exterior Gateway Protocol

EGP

Routing protocols in Internet

In practice, there is worldwide only one very complex EGP, namely BGP (Border Gateway Protocol)

The two most well-known IGP’s are RIP and OSPF

OSPF (Open Shortest Path

First)

RIP (Routing Information

Protocol)

RIP vs. OSPF

RIP is a distance vector routing protocol, where neighbouring routers exchange routing information.

RIP is one of the oldest IGPs and is still widely used today.

OSPF is a link-state routing protocol, where routers construct a complete topological map of the entire autonomous system.

Autonomous system can be hierarchically structured into smaller “networks”.

Open => publicly available (not like Cisco’s EIGRP)

RFC 1723

RFC 2178

Example: downloading HTML page (1)

User terminal

(Client)

HTML page source

(Server)

Send me HTML page

HTTPHTTP

TCPTCP

IPIP

PPPPPP

IPIP

PPPPPP

HTTPHTTP

TCPTCP

IPIP

ATMATMATMATM

Internet service provider’s PoP

Modem connection and PPP link between user terminal and ISP’s Point of Presence (PoP) is established. User terminal is given IP address (dynamic allocation).

UDPUDP


User terminal

(Client)

HTML page source

(Server)

UDPUDP

IPIP

PPPPPP

DNS performs translation between URL and IP address of server (only the latter can be used for routing IP packets to the server).

UDPUDP

IPIP

Contact DNS ...

IP

DNS replies ...

IPIP

PPPPPP


User terminal

(Client)

HTML page source

(Server)

HTTPHTTP

TCPTCP

IPIP

PPPPPP

IPIP

PPPPPP

HTTPHTTP

TCPTCP

IPIP

ATMATMATMATM

TCP connection is set up. Note that IP packets can be routed over different bearer networks (like ATM as above) and do not necessarily follow the same path.

Three-way handshaking


User terminal

(Client)

HTML page source

(Server)

HTTPHTTP

TCPTCP

IPIP

PPPPPP

IPIP

PPPPPP

HTTPHTTP

TCPTCP

IPIP

ATMATMATMATM

HTTP request (get HTML page) is sent to server. HTTP reply (including HTML page) is returned in a “200 ok” message.

RequestReply


User terminal

(Client)

HTML page source

(Server)

HTTPHTTP

TCPTCP

IPIP

PPPPPP

IPIP

PPPPPP

HTTPHTTP

TCPTCP

IPIP

ATMATMATMATM

If the client has no more requests, the TCP connection is cleared.

Two-way handshaking


User terminal

(Client)

HTML page source

(Server)

HTTPHTTP

TCPTCP

IPIP

PPPPPP

IPIP

PPPPPP

HTTPHTTP

TCPTCP

IPIP

ATMATMATMATM

When requested by the client, the PPP and modem connections are cleared. (Bearer connections within the Internet backbone are naturally not cleared.)

Documents

IP technology, part 1 1) IP technology basic concepts 2) The IP protocol stack 3) Transport layer protocols (UDP, TCP, SCTP) 4) The IP datagram header