1
Network Layer
IP addressing, routers DHCP, NAT
So far,
• Networked application
• Need to know IP address of any hostname
• Use DNS,
• Given a port#, connect to a process running on a remote host
• Can use TCP or UDP transport protocol
Host needs a network Identifier
• To communicate over a link, hosts need a hardware identifier called the MAC address. Every Network Interface card has a hardware address (Bluetooth, wifi, ethernet etc).
• Hardware address is fixed, stored in hardware of the NIC
• To communicate over the Internet, host need a logical identifier called the IP address
• IP address can be static or dynamic, stored in the IP stack software
IPAddresses
IPV4
• 32 bits long
• Notation:
• Each byte is written in decimal in MSB order, separated by dots
• Example: 128.195.1.80
• Identifier for host, router interface
• Each interface needs to have an IP address
IPV6
• 128 bits long
• Notation:
• Divided into 16 bits segments, written in Hex digits separated by a colon
• 2001:0DB8:AC10:FE01:1C48:3A1C:A95A:B1C2
• FE80::1234:3456:5678:1A08
• Link local address: automatic way to configure IP address for local communication
4
1 2
3 4
2
5
Types of IPv4 Addresses
• Unicast Address
• Destination is a single host
• Multicast address
• Destination is a group of hosts
• Broadcast address
• 255.255.255.255
• Destination is all hosts
6
IPv4 Address Classes (old)
0 Net
32 bits
Type of Serv. Host
10 Net Host
110 Net Host
1110 Multicast address
11110 Reserved
A
B
C
D
E
Class
7
IP Address Classes• Class A:
• For very large organizations
• 16 million hosts allowed
• Class B:
• For large organizations
• 65 thousand hosts allowed
• Class C
• For small organizations
• 255 hosts allowed
• Class D
• Multicast addresses
• No network/host hierarchy
8
IP Address Hierarchy
• Class A, B, C addresses support two levels of hierarchy
• However, the host portion can be further split into “subnets” by the address class owner
• more than 2 levels of hierarchy
5 6
7 8
3
9
Problems with Class-based Routing
• Too many small networks requiring multiple class C addresses
• Running out of class B addresses, not enough nets in class A
• Addressing strategy must allow for greater diversity of network sizes
10
IP addressing: CIDRCIDR: Classless InterDomain Routing
• subnet portion of address of arbitrary length
• address format: a.b.c.d/x, where x is # bits in subnet portion of address
11001000 00010111 00010000 00000000
subnetpart
hostpart
200.23.16.0/23
11
CIDR
• An ISP can obtain a block of addresses and partition this further to its customers
• Say an ISP has 200.8.4.0/24 address (256 addresses). He has another customer who needs only 4 addresses from 200.8.4.24 then that block can be specified as 200.8.4.24/30
12
Subnetting
Host idSubnet idNetwork id
Example: Class B address with 8-bit subnetting
165.230 .24 .8
16 bits 8 bits 8 bits
Example
Address:
9 10
11 12
4
13
Subnet Masks
Subnet masks allow hosts to determine if another
IP address is on the same subnet or the same
network
Host idSubnet idNetwork id
16 bits 8 bits 8 bits
1111111111111111 11111111 00000000Mask:
255.255 .255 .0
14
Subnet Masks (cont’d)
Are IP addresses A and B on the same subnet?
1. Compute (A and M).
2. Compute (B and M).
3. If (A and M) = (B and M) then A and B are
on the same subnet.
Assume IP addresses A and B share subnet mask M.
Example: A and B are class B addresses
A = 165.230.82.52
B = 165.230.24.93
M = 255.255.255.0
Same network?
Same subnet?
15
IP Addressing in network
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
16
The Internet Protocol (IP)• Provides delivery of packets from one host to any other host
in the Internet
• Internet packets are called “datagrams” and may be up to 64 kilobytes in length
• although they are typically much smaller
13 14
15 16
5
17
IP datagram format
ver length
32 bits
data (variable length,typically a TCP
or UDP segment)
16-bit identifier
headerchecksum
time tolive
32 bit source IP address
IP protocol versionnumber
header length(bytes)
max numberremaining hops
(decremented at each router)
forfragmentation/reassembly
total datagramlength (bytes)
upper layer protocolto deliver payload to
head.len
type ofservice
“type” of data flgsfragment
offsetupperlayer
32 bit destination IP address
Options (if any) E.g. timestamp,record routetaken, specifylist of routers to visit.
how much overhead with TCP?
❑ 20 bytes of TCP
❑ 20 bytes of IP
❑ = 40 bytes + app layer overhead 18
IP Fragmentation & Reassembly
• network links have MTU (max.transfer size) - largest possible link-level frame.
• different link types, different MTUs
• large IP datagram divided (“fragmented”) within net
• one datagram becomes several datagrams
• “reassembled” only at final destination
• IP header bits used to identify, order related fragments
fragmentation: in: one large datagramout: 3 smaller datagrams
reassembly
19
IP Fragmentation and ReassemblyID=x
offset=0
fragflag=0
length=4000
ID=x
offset=0
fragflag=1
length=1500
ID=x
offset=185
fragflag=1
length=1500
ID=x
offset=370
fragflag=0
length=1040
One large datagram becomesseveral smaller datagrams
Example
❑ 4000 bytedatagram
❑ MTU = 1500 bytes
1480 bytes in data field
offset =1480/8
20
IP Support Protocols
• ARP
• RARP
• ICMP
17 18
19 20
6
ARP
• A host can communicate with an other host connected on a link using
• MAC address
• IP address
• How does it know the IP address of its Peer?
22
ARP
• Address Resolution Protocol
• Returns a MAC sublayer address or link layer address when given an Internet address
• After a packet reaches a router, the link layer header needs to be added to reflect the destination host on that link
• Need IP →MAC address translation
Preamble
S D 0x0806 ARP PACKET
Type
ARP packet format
23
Protocol Type : IPv4 0x0800, IPv6 0x86DD
Opcode ARP request:0
Opcode ARP reply:1
,
Source IP address
Source MAC address
Destination IP address
Destination MAC address
24
ARP (cont’d)
Ethernet Address:05:23:f4:3d:e1:04
IP Address:
128.195.1.20
Ethernet Address:98:22:ee:f1:90:1a
IP Address:
128.195.1.38
Ethernet Address:12:04:2c:6e:11:9c
IP Address:
128.195.1.122
Wants to transmit to 128.195.1.38
ARP
ARP packetcontaining “128.195.1.38?”
Ignored Answered
Proto=IPv4
0x0800
Sender H/W address
Sender IP address
Target H/W address
target IP address
Oper=1
21 22
23 24
7
25
ICMP
• Protocol for error detection and reporting• tightly coupled with IP, unreliable
• ICMP messages delivered in IP packets
• ICMP functions:
• Announce network errors
• Announce network congestion
• Assist trouble shooting
• Announce timeouts
26
ICMP MSG
IP header
Source, Destination Address, TTL, ...
ICMP MSG
Message type, Code, Checksum,
Data
IPV4 Header for ICMP
27
1
ICMP header Protocol Field value=1
28
25 26
27 28
8
29
ICMP: Internet Control Message ProtocolType Code description
0 0 echo reply (ping)
3 0 dest. network unreachable
3 1 dest host unreachable
3 2 dest protocol unreachable
3 3 dest port unreachable
3 6 dest network unknown
3 7 dest host unknown
4 0 source quench (congestion
control - not used)
8 0 echo request (ping)
9 0 route advertisement
10 0 router discovery
11 0 TTL expired
12 0 bad IP header
30
Specific uses of ICMP
• Echo request reply
• Can be used to check if a host is alive
• Destination unreachable
• Invalid address and/or port
• TTL expired
• Routing loops, or too far away
31
Ping
• Uses ICMP echo request/reply
• Source sends ICMP echo request message to the destination address
• Destination replies with an ICMP echo reply message containing the data in the original echo request message
• Source can calculate round trip time (RTT) of packets
• If no echo reply comes back then the destination is unreachable
32
Ping (cont’d)
R1 R2 R3A B
Tim
e
Echo request
Echo reply
29 30
31 32
9
33
Traceroute
• Traceroute records the route that packets take
• A clever use of the TTL field
• When a router receives a packet, it decrements TTL
• If TTL=0, it sends an ICMP time exceeded message back to the sender
• To determine the route, progressively increase TTL
• Every time an ICMP time exceeded message is received, record the sender’s (router’s) address
• Repeat until the destination host is reached or an error message occurs
34
Traceroute (cont’d)
R1 R2 R3A B
TTL=1, Dest = B,
port = invalid
TTL=2, Dest = B
TTL=3, Dest = B
TTL=4, Dest = B
Te (R1)
Te (R2)
Te (R3)
Pu (B)
Tim
e
Te = Time exceeded
Pu = Port unreachable
More Internet ProtocolsDHCP, NAT, IPv6
36
DHCP (Ch 4.3)
• DHCP stands for dynamic host configuration protocol
• DHCP is client-server
• DHCP offers a number of more features
• Dynamic IP address allocation
• IP addresses can be leased for a certain time
• Useful where there are a limited number of IP addresses
• Useful for temporary connections (testing, laptops, mobile networks)
33 34
35 36
10
37
DHCP (cont’d)
• DHCP has two components:
• A protocol for delivering bootstrap information from the server to the clients
• An algorithm for dynamically assigning addresses to clients
38
Address Allocation Modes
• DHCP supports three modes of allocation
• Automatic allocation: Server assigns a permanent address to a host
• Dynamic allocation: Server assigns a host an IP address with a finite “lease”
• Manual allocation: Server assigns host an IP address chosen by the network administrator
IPV4 Header for DHCP
39
17
Source Port Destination port=67
DHCP PACKET
40
DHCP Packets (cont’d)
Number of seconds Flags
Transaction ID
Request/Reply Hardware typeHardware address
length in bytesHop count
Client hardware address (16 bytes)
Your IP address
Server IP address
Gateway IP address
Server hostname (64 bytes)
Boot filename (128 bytes)
Options (312+ bytes)
Client IP address
0 7 8 15 16 23 24 31
Request=1
Reply=2
37 38
39 40
11
41
Definitions of address fields
• ciaddr Client IP address; only filled in if client is in BOUND, RENEW or REBINDING state and can respond to ARP requests.
• yiaddr 'your' (client) IP address. The IP address, server is assigning to client
• siaddr IP address of server to use in the netx step of the bootstrap process; returned in DHCPOFFER, DHCPACK by server.
• giaddr Relay agent IP address, used in booting via a relay agent.
• chaddr Client hardware address used for identification.
42
DHCP Packet Fields
• All fields are same as BOOTP except:
• Flags: One flag currently defined• Broadcast (bit 0): Clients can request that all DHCP server messages be broadcast to
it
• Options: • All DHCP packets must use the “DHCP message type” option, which defines the
“type” of DHCP message being sent:
• 1= DHCPDISCOVER
• 2= DHCPOFFER
• 3= DHCPREQUEST
• 4= DHCPDECLINE
• 5=DHCPACK
• 6=DHCPNACK
• 7=DHCP RELEASE
• 8=DHCP INFORM
43
DHCP Message types
• DHCP message types
• DHCP Discover: Client broadcasts to locate a server
• DHCP Offer: Server responds with proposal of parameters
• DHCP Request: Client broadcasts its choice of server. All other servers are implicitly declined.
• DHCP ACK: Selected server responds to client with address
• DHCP NAK: Selected server rejects the client’s request
• DHCP Decline: Client declines server’s parameters
• DHCP Release: Client releases its assigned address
44
DHCP ProtocolServer 1 Server 2Client
Collects replies
Selects server 2
41 42
43 44
12
45
DHCP Protocol (cont’d)
• DHCP client broadcasts a DHCP Discover message
• Client may specify preference of a lease and/or IP address
• Many servers may respond with offers
• Client chooses one server from them
• Client broadcasts DHCP request with id of chosen server
• Selected server sends DHCP ACK or NAK
• Client begins using offered IP address once it receives ACK
• If the client finds a problem, it sends a DHCP Decline message to the server and starts over again
• Client may choose to release the address before lease expires by sending a DHCP Release message to the server
46
DHCP Relay Agents
• Similar to BOOTP Relay Agents
• DHCP relay agents allow DHCP servers to handle requests from other subnets
DHCP
Relay
Agent
Client
IP
Gateway
Router
IP
Gateway
Router
DHCP
Server
47
Summary
• DHCP allow “ignorant” hosts to receive IP addresses (and more) at start-up time
• IP addresses don’t have to be manually configured into hosts
48
NAT: Network Address Translation
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
138.76.29.7
local network(e.g., home network)
10.0.0/24
rest ofInternet
All datagrams leaving localnetwork have same single source
NAT IP address: 138.76.29.7,different source port numbers
45 46
47 48
13
49
NAT: Network Address Translation
10.0.0.1
10.0.0.2
10.0.0.3
S: 10.0.0.1, 3345D: 128.119.40.186, 80
1
10.0.0.4
138.76.29.7
1: host 10.0.0.1 sends datagram to 128.119.40.186, 80
NAT translation tableWAN side addr LAN side addr
138.76.29.7, 5001 10.0.0.1, 3345…… ……
S: 128.119.40.186, 80 D: 10.0.0.1, 3345 4
S: 138.76.29.7, 5001D: 128.119.40.186, 802
2: NAT routerchanges datagramsource addr from10.0.0.1, 3345 to138.76.29.7, 5001,updates table
S: 128.119.40.186, 80 D: 138.76.29.7, 5001 3
3: Reply arrivesdest. address:138.76.29.7, 5001
4: NAT routerchanges datagramdest addr from138.76.29.7, 5001 to 10.0.0.1, 3345
50
NAT: Network Address Translation
• Features: local network uses just one IP address as far as outside world is concerned:
• range of addresses not needed from ISP: just one IP address for all devices
• can change addresses of devices in local network without notifying outside world
• can change ISP without changing addresses of devices in local network
• devices inside local net not explicitly addressable, visible by outside world (a security plus).
51
NAT: Network Address Translation
• 16-bit port-number field:
• 60,000 simultaneous connections with a single LAN-side address!
• NAT is controversial:
• routers should only process up to layer 3
• violates end-to-end argument
• NAT possibility must be taken into account by app designers, eg, P2P applications
• address shortage should instead be solved by IPv6
49 50
51