Embed Size (px)
Citation preview
Karlston D'Emanuele
Internet Layer
Password Removed
www.uniunderground.com
Karlston D'Emanuele
Internet Protocol (IP)
• IP is an addressing scheme for hosts on a network.
• The addressing hides the underlying physical view by creating a virtual network view.
• It also provides an– Unreliable,– Best-Effort and– Connectionless packet delivery protocol. – Reliability and flow control is provided by TCP
Karlston D'Emanuele
Internet Protocol (IP)
• The IP address consists of a 32-bit unsigned binary value.
• It is usually expressed in a series of 4 byte integers separated by a decimal point– Ex 192.168.17.23
• Each host needs to have a unique IP address throughout the whole network is wishes to communicate with.
• Hosts containing a textual name (ex abc.com) is translated to an IP address using the DNS service, an application layer service.
Karlston D'Emanuele
Methods of Delivery
• A datagram can be delivered in one of four ways (since it is connectionless)– Unicast - Directed to a single destination– Broadcast
• Limited-broadcast 255.255.255.255: all hosts on local subnet• Network-directed broadcast: valid network address, all 1 in host part• Subnet-directed broadcast: valid network and subnet address, all 1
in host part• All-subnets-directed broadcast: valid network and all 1s in subnet
and host part
– Multicasting – Hosts are grouped using the same Class D IP address
– Anycasting – Hosts are given same address and the first host to receive it will form a connection
Karlston D'Emanuele
Addressing
• An IP address is usually split up into two numbers– <network><host>
• This is done to allow finding the target host much faster.
• The task of routing a packet to the appropriate network is done by a device called a router.
• Each IP datagram stores inside it the destination IP address in a header.
Karlston D'Emanuele
Addressing
• A network is defined as those hosts having the same network number and each host on the same network is connected with each other using Layer 1 devices (i.e. devices that can only talk using Layer 1 language)
• Since all IP addresses need to be unique, then one needs to obtain an IP address (which are finite) to connect on the internet– ARIN, RIPE and APNIC
• One usually buys a range of addresses within the same network.
• Since networks tend to be of varying sizes, a classification of network numbers exists
Karlston D'Emanuele
Addressing
• Classes– Class A
• All addresses that start with 0• The first byte refers to the network address• The remaining 3 bytes are the host address• Private addresses: 10.0.0.0/8 and 127.0.0.0/8
– Class B• All addresses that start with 10• The next 2 bytes are the host address• The first 2 bytes are the network address• Private addresses: 172.16.0.0/12
Karlston D'Emanuele
Addressing
• Classes– Class C
• All addresses that start with 110• The first 3 bytes are the network address• The last byte is used as the host address• Private addresses: 192.168.0.0/16
– Class D• All addresses that start with 1110• Used for multicasting
– Class E• All addresses that start with 11110• Reserved for future use
Karlston D'Emanuele
Classless Inter-Domain Routing (CIDR)
• CIDR does not route according to the class, but according to the IP prefix– IP Prefix is the high order bits of an IP address
• Each routing entry in the routing table will contain an IP address and a network mask to determine the IP prefix– To refer to 8 Class C networks in one go one would have
• IP: 192.32.136.0• Mask: 255.255.248.0
• Combining multiple network addresses in one entry is known as supernetting.
• Nowadays address ranges are allocated in terms of CIDR ranges.
• Routing can now form a hierarchical structure
Karlston D'Emanuele
Subnets
• What happens when one has networks that do not correspond to the classes of IP addresses.– Changes in networks might also happen after one
purchases IP addresses• One splits the host part into a subnet number
and then a host number– <network><subnet><host>
• The subnet and host are transparent to external networks– A local host knows about subnets– A foreign host does not know about the subnet and
still sees subnet + host as one single host number.
Karlston D'Emanuele
Subnets and Supernets
• Subnets– The division into subnets is performed by the local
administrator. – The routing is performed by a hierarchy of routers.– This division is identified through the use of a subnet
mask• Zeros represent the host part• Ones represent the network part• Example, using the subnet 255.255.255.0 will transform the
IP into a Class C address.
• Supernets used to minimise the number of rules in a routing table.
Karlston D'Emanuele
Subnetting Methodology
• Subnet Addresses are also represented using the short hand notation, /x, where x is number of bits borrowed from the host address to form the network+subnet address,– For Example, 255.255.255.0 is /24
• Note that performing an AND operation between the subnet mask and an IP address will give you the network + subnet address.
• The treatment of all 1s and all 0s applies to all three components of the IP address– Thus for each subnet range, the first and last are
unusable.
Karlston D'Emanuele
Subnetting Methodology
• Following table shows subnet borrowing for Class C addresses (courtesy of Cisco)
Slash format /25 /26 /27 /28 /29 /30 N/A N/A
Mask 128 192 224 240 248 252 254 255
Bits Borrowed 1 2 3 4 5 6 7 8
Value 128 64 32 16 8 4 2 1
Total Subnets 4 8 16 32 64
Usable Subnets 2 6 14 30 62
Total Hosts 64 32 16 8 4
Usable Hosts 62 30 14 6 2
Karlston D'Emanuele
Subnet Example
• A company has bought the class C network address:– 193.188.34.0
• Yet it has 5 networks that each contain 10 PCs.• One can create the subnet borrowing 4 bits
– Therefore, the ideal subnet mask is 255.255.255.240 or /28
• Now one has 16 subnets, each able to hold 16 hosts.• But the all 0s and all 1s address are typically reserved
for the network and broadcast addresses.– Thus the total number of useable addresses are:
• 14 subnets with a capacity of 14 hosts and 60 IP addresses.
Karlston D'Emanuele
Subnet Example
• Thus administrator can use the following:– Network 1:193.188.34.16 hosts 193.188.34.17-
193.188.34.30– Network 2:193.188.34.32 hosts 193.188.34.33-
193.188.34.46– Network 3:193.188.34.48 hosts 193.188.34.49-
193.188.34.62– Network 4:193.188.34.64 hosts 193.188.34.65-
193.188.34.78– Network 5:193.188.34.80 hosts 193.188.34.81-
193.188.34.94• and still has 9 unused networks.
Karlston D'Emanuele
Different Internet Layer Protocols
• Internet Protocol (IP)– IP version 4 (Current Version)– IP version 6 (Current + Next generation)
• IPX– Novell IP protocol
• AppleTalk– Apple equivalent to IP protocol
Karlston D'Emanuele
IP v4 – Header Format
Ver.Header Length
Type of Service Total Length
Identification Flags Fragment Offset
Time To Live Protocol Header Checksum
Source Address
Destination Address
Options + Padding
Data
0 4 8 12 16 20 24 28 32
0
32
64
96
128
160
160/192+
Karlston D'Emanuele
IP v4 – Header Format
• Version– By keeping the version it is possible to identify
how the bits received are to be interpreted.
• Header Length– Identifies how many 32-bit words are part of
the frame.– The minimum value allowed is 5, which
means no data is appended.– The maximum value is 15 with limits the
options section to 40bytes.
Karlston D'Emanuele
IP v4 – Header Format
• Type of Service– Bits 0-2: precedence – Bit 3: 0 = Normal Delay, 1 = Low Delay – Bit 4: 0 = Normal Throughput, 1 = High Throughput – Bit 5: 0 = Normal Reliability, 1 = High Reliability – Bits 6-7: Reserved for future use
• Total Length– The length of the data being transmitted.– The maximum length is 65,535 bytes.
• Identification– If the data is fragmented, this field is used to determine to which
original message the fragment belongs too.
Karlston D'Emanuele
IP v4 – Header Format • Flags
– Bit 1: Reserved and is always zero– Bit 2: Don’t Fragment bit– Bit 3: More Fragments
• Fragment Offset– The position where the current fragment belongs in the original
datagram.– All fragment offsets, except the last fragment, must be multiple of 8.
• Time To Live– This determines for how long should be message be kept alive on the
network.– The maximum lifetime is 255 seconds.
• Protocol– A number showing to which higher level protocol to pass the data. Ex.6
is TCP, 17 is UDP and 1 is ICMP
Karlston D'Emanuele
IP v4 – Header Format • Header Checksum
– This field verifies if the header data received is correct.– The checksum field is the 16-bit one's complement of the one's complement sum
of all 16-bit words in the header. For purposes of computing the checksum, the value of the checksum field is zero.
• Source Address and Destination Address fields• Options
– Loose Source Routing• Supply explicit routing information and each router records the route
– Strict Source Routing• Same as above yet routers have to obey the path given
– Record Router• Each router records the route yet host does not specify any route
– Internet Timestamp• Each router places a timestamp of when the datagram was processed
• Padding– Aligns the header in 4-bytes.
• Data
Karlston D'Emanuele
TCP/IP over Ethernet – Data Flow Example
Application
Transport
Internet
Network-to-Host
Application
Transport
Internet
Network-to-Host
Hello There!!
ABCPC2PC1
Hello There!!TCP
BA Hello There!!TCP
BA Hello There!!TCP
IP: 192.168.10.10MAC: FF:FF:FF:00:00:01
IP: 192.168.10.11MAC: FF:FF:FF:00:00:02
Karlston D'Emanuele
IP v6 – Header Format
0 4 8 12 16 20 24 28 32
0
32
64
192
320
Ver. Traffic Control Flow Label
Payload Length Next Header Hop Limit
Source Address
Destination Address
Data
Karlston D'Emanuele
IP v6 – Header Format
• Version– Same as the IP v4 Header field
• Traffic Control– Used to distinguish between packets with different
real-time delivery requirements
• Flow Label– Still in experimental phases– Allow source and destination to set up
pseudoconnection with particular requirements
Karlston D'Emanuele
IP v6 – Header Format
• Payload Length• Next Header
– Next Header field specifies the presence of an extra options header
• Hop Limit– Similar to TTL but uses hops instead of actual time.
• Source Address• Destination Address• Data
Karlston D'Emanuele
TCP/IP over Ethernet – Data Flow Example
Application
Transport
Internet
Network-to-Host
Application
Transport
Internet
Network-to-Host
Hello There!!
ABCPC2PC1
Hello There!!TCP
BA Hello There!!TCP
BA Hello There!!TCP
IP: 3ffe:ffff:0100:f101:0210:a4ff:fee3:9566MAC: FF:FF:FF:00:00:01
IP: 3ffe:ffff:0100:f101:0210:a4ff:fee3:96faMAC: FF:FF:FF:00:00:02
Karlston D'Emanuele
Working with IPv4 and IPv6 devices
• Software Based Conversion– Vista provides Torendo
• Hardware Based– Router
• Techniques– Keeping a mapping table– Re-encapsulation
Karlston D'Emanuele
Home Network Design• Maximum Cable length 100m.• All computers:
– Need to use the same protocol.– Need to be on the same subnet.
• One can place the network subnet different from the Internet subnet to increase security.
• Wireless networks use Wi-Fi Protected Access (WPA) to limit access.
LP001
PC001
PC002
MAC001
ROUTER-1 MODEM-1
Karlston D'Emanuele
The Internet – Client/Server
• The internet is based on Client/Server idea.• Direction of initiation categorises whether a
program is a client or a server.• A client:
– Initialises the connection– Is an active program
• A server:– Listens for new connections– Provides a service– Is a passive program– Can be single- or multi-threaded server
Karlston D'Emanuele
The Internet – Client/Server
• Loading a Website:– Client sends a request (ex. http://www.um.edu.mt)
GET /index.html HTTP/1.1Host: www.example.com
Client sends request
Server sends response
Karlston D'Emanuele
The Internet – Request Message
• The message starts with one of the following flags:– GET or HEADER
• Used when the request is at most 255 characters long.
• This can also contain website form values.– Displayed as ?param1=value1¶m2=value2
– POST• Used when the request is more than 255
characters or the form data is hidden from the URL.
Karlston D'Emanuele
The Internet – Request Message
• Then the relative location of the resource being requested is passed on.– In the example, the request is asking for the index
page at the root folder.
• Following the location, the version of the HTTP protocol is added.– Note: HTTP1.1 implies that the connection is kept
alive. Therefore whenever sending further requests to the server the same connection is used.
• The Host field identifies the server which is expected to handle the request.
Karlston D'Emanuele
The Internet – Client/Server
• Loading a Website:– Client sends a request (ex. http://www.um.edu.mt)
GET /index.html HTTP/1.1Host: www.example.com
– Server sends a response followed by the websiteHTTP/1.1 200 OKDate: Mon, 23 May 2005 22:38:34 GMT Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Etag: "3f80f-1b6-3e1cb03b" Accept-Ranges: bytes Content-Length: 45874 Connection: closeContent-Type: text/html; charset=UTF-8
Client sends request
Server sends response
Karlston D'Emanuele
The Internet – Response Header
• The server responds with the HTTP protocol that it supports.
• Followed with a number indicating whether it managed to handle the request or not.– Some values:
• 200 OK – the request was handled• 301 Moved Permanently – the page has been permanently
moved• 403 Forbidden – the client does not have privileges to see
the resource• 404 Not Found – the page was not found
Karlston D'Emanuele
The Internet – Response Header
• The Date field specifies the timestamp when a request was received and handled
• Server identifies the host that handled the request
• Last-Modified is the date when the resource being sent was created or last updated on the server.
• Etag is an id given by the server to the resources which is then used by proxy server to determine if the cached resource is still valid or not.
Karlston D'Emanuele
The Internet – Response Header
• The Accept-Ranges field identifies the unit used by the content-length field
• Content-Length provides the receiving client with the amount of data to read after parsing the header
• The server might decide to handle the connection separately from the HTTP/1.1 specification, i.e. KeepAlive. The Connection field informs the client program how to deal with the connection
• Content-Type identifies the type of data represented by the bytes sent following the header
Karlston D'Emanuele
Security
• Firewalls– A barrier to keep destructive forces away from your
property. (http://www.howstuffworks.com/firewall.htm)• Checks whether the information being retrieved is actually
the one requested.– Divides the world into two or more networks:
• One or more secure• One or more non-secure
Karlston D'Emanuele
Security
• Firewalls– Can be either a PC, router, mainframe, etc.– Firewalls can use 1 or more type of filtering techniques.
• Packet filtering – Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.
• Proxy service – Information from the Internet is first fully retrieved by the firewall. Analysed and if it passes the filters, it is sent to the requesting system and vice versa.
• Stateful inspection – Examines the contents of each packet and compares certain key parts of the packet to a database of trusted information.
• Application filtering – Check the data that is being received or sent whether it is of an application that is allowed to access the Internet.
Karlston D'Emanuele
Security
• Access Control Lists (ACLs)– A list of rules defining whether the source or
destination of a packet is trusted or not.• Example:
– network 192.168.0.0/24 any tcp 80
(all TCP traffic from the local network to web-servers)
– Individual servers as well as routers can have network ACLs.
– Access control lists can generally be configured to control both inbound and outbound traffic, and in this context they are similar to firewalls.
Karlston D'Emanuele
Other Protocols
• ICMP– used by networked computers' operating
systems to send error messages—indicating, for instance, that a requested service is not available or that a host or router could not be reached.
• ARP– is the standard method for finding a host's
hardware address when only its network layer address is known.
Karlston D'Emanuele
Other Protocols
• RARP– is a network layer protocol used to obtain an IP
address for a given hardware address (such as an Ethernet address). It has been rendered obsolete by BOOTP and the more modern DHCP, which both support a much greater feature set than RARP.
• DHCP– DHCP is a protocol used by networked computers
(clients) to obtain IP addresses and other parameters such as the default gateway, subnet mask, and IP addresses of DNS servers from a DHCP server.
