The Internet: Technology and Applications Course: 635.413.31

1
The Internet Technology and ApplicationsCours
e 635.413.31

• Summer 2007
• Johns Hopkins University
• Instructor John A. Romano

2
Internetworking Review

• The Goals of the Internet
• Hide technological details from the user
• Refrain from mandating a specific network
  interconnection technology or topology
• Utilize a universal address space
• Internet Architecture Routers
• The key piece of equipment in the internet are
  routers
• Special systems that attach to two or more
  networks and forward packets between them
• Can separate networks of different technologies
• The key protocol (the glue to the Internet) is
  called IP, or the Internet Protocol

3
Internetworking

• Review -- where does IP fit?

4
The Internet Protocol

• Why IP?
• Creates a seamless virtual network
• Provides global address space
• Defines a connectionless, packet-oriented
  protocol
• Provides best effort delivery up to higher
  layer protocols to detect recover from failures
• Core definition in RFC 791 (with several
  extensions and amendment RFCs)
• What we cover in this class
• IP Addressing
• ARP how IP addresses translate to Hardware
  addresses
• IP Packet (Datagram) Structure Operation
• IP Packet Forwarding
• ICMP Error Status Reporting

5
Classful IP Addressing

• IP Addresses
• Hierarchical versus Flat Addressing
• IP Address Hierarchy Host part vs. network part
• Allows for smaller routing tables
• Allows for distributed control and distribution
  of addresses
• Can cause inefficient allocation of addresses
• Classful Addressing Scheme 5 different
  classes
• BIG Networks Class A
• Network mask is eight bits (high order address
  bit is zero)
• 127 possible networks (actually 125)
• Medium Networks Class B
• Network mask is 16 bits (high order address bits
  are 10)
• Small Networks Class C
• Network mask is 24 bits (high order address bits
  are 110)

6
Classful IP Addressing

• Multicast Addresses Class D
• High order address bits are 1110
• The rest of the address has no inherent structure
  like the primary addresses each address
  defines a multicast group (think channels
  stations tune into)
• Some multicast IP addresses are reserved as
  well-known addresses
• Experimental Addresses Class E
• High order address bits are 11110
• Used for research example -- the development of
  Anycast services
• The Classful Scheme has been largely replaced by
  a Classless Scheme that is much more flexible
• The newer scheme requires the transmission of a
  mask value to determine which part of the
  address is network and which is host
• Classful Classless Examples

7
Classful IP Addressing

• IP Address Field Details

8
Subnetting

• Allows a single network address to span multiple
  physical networks
• Adds another hierarchical level to the IP address
  scheme
• Instead of dividing the address into network
  host parts, it is divided into network and local
  parts (Figure 9.3 in textbook)
• A 32 bit subnet mask denotes what portion of the
  address is the host part
• So important that support of subnetting is now a
  required part of the IP standard
• Reasons for subnetting
• Better control and security of network traffic
• Allows for more efficient routing within an
  organizations network (particularly a large
  network)
• Allows for distributed control and distribution
  of addresses, but can contribute to inefficient
  address allocation if improperly used

9
Subnetting

• Variable-length Subnet Masking (VLSM)
• A enhancement to subnetting that allows the
  flexible allocation of different size subnets to
  physical networks
• Allows for even more efficient allocation of
  addresses
• Requires the use exchange of subnet masks for
  proper network operation (e.g. in routing
  protocols)
• Calculation of netmask with subnetting (Regular
  VLSM)

10
Special IP Addresses

• Multicast
• Allows for more efficient use of network
  bandwidth
• Important for one-to-many services
• Video
• Software distribution
• Newsfeeds
• Used in several routing protocols
• Relationship between Multicast IP and Ethernet
  addresses
• Ethernet HW address range 01005e000000 to
  01005e7fffff reserved for multicast
• Low order 23 bits of IP Multicast address map to
  an ethernet HW multicast address
• Well-known Multicast Addresses (RFC 1700)
• 224.0.0.5 All OSPF routers
• 224.0.0.102 HSRP (Hot Standby Router Protocol)

11
Special IP Addresses

• Broadcast
• Another one-to-many means of communication
  related to multicast
• Important in many hosts initialization process
• If managed carelessly can severely degrade
  network performance (or worse!)
• Two classes of broadcast
• Local Broadcast
• Local uses IP address of all ones
  (255.255.255.255)
• Broadcasts to the network physically connected to
  the host interface
• Local broadcast not forwarded by routers
• Directed Broadcast
• Allows a host to send a broadcast to a remote
  network or subnet
• Network/Subnet part of address is the real
  address while the host part is all ones (example
  128.220.255.255)
• CAREFUL!!! This feature may not make you many
  friends

12
Special IP Addresses

• Loopback
• Whole Class A (127.x.y.z) allocated to this
  function
• Allows the testing of a hosts protocol stack
  without affecting the network
• Similar in function to addressing something to
  the local hosts real IP address (though
  differences can be implementation dependent)
• Network Special Host Addresses
• An IP address specifying a network has all zeros
  in the host field
• Typically see network addresses in routing tables
• During startup a host may need to use a temporary
  IP address typically 0.0.0.0 is used for this
  purpose

13
Special IP Addresses

• Private IP Addresses (Non-routable)
• The IETF has declared several blocks of addresses
  as private or nonroutable
• Internet routers should be configured to
  block/filter these addresses
• Commonly used with DSL, Cable Modems, and behind
  Firewalls in conjunction with NAT (Network
  Address Translation)
• Reserved Blocks
• 10.0.0.0/8
• 172.16.0.0/12
• 192.168.0.0/16
• Other Special IP Addresses (RFC 3330)
• 169.254.0.0/16 Link Local addresses for use
  across a single link
• 198.18.0.0/15 Used for network benchmarking
  per RFC 2544
• 192.0.2.0/24 A test network block of addresses

14
Address Resolution Protocol (ARP)

• What is ARP needed for?
• For delivery an IP address must be mapped to a
  data link layer address
• ARP defines a dynamic means for mapping to occur
• There are other ways for providing this
  functionality table lookup computational
  methods
• ARP for Ethernet defined in RFC 826
• ARP packet format (for Ethernet)
• Can accommodate multiple lower layer protocols
  (not just Ethernet)
• ARP frame type is 0x0806 ARP Request type is 1
  Reply is type 2

15
Address Resolution Protocol (ARP)

• The ARP cache
• Reduces network traffic by storing recently used
  address ARP data
• Entries typically time out after 20 minutes
• Newer ARP information replaces older information
  in the ARP cache
• Automatic ARP Cache Revalidation
• Minimizes the jitter in network traffic flow
  after an ARP entry expires
• The Address Resolution process
• ARP requests are broadcast while a reply is
  typically unicast
• ARP example

16
Address Resolution Protocol (ARP)

• Variations of ARP
• Proxy ARP
• Allows a router to answer ARP requests on one
  interface for a host on a different router
  interface
• Proxy ARP examples
• Gratuitous ARP
• Denotes a host broadcasting an ARP request for
  its own IP address
• Contains a new or updated IP to HW address
  binding other hosts update their cache
• Sometimes used to provide faster recovery from
  system outages
• Not implemented on all operating system network
  protocol stacks

17
Address Resolution Protocol (ARP)

• ARPs relative RARP (the Reverse Address
  Resolution Protocol)
• Allows a host (particularly diskless
  workstations) to obtain IP address automatically
• RARP packet format
• Same as ARP except the Ethernet frame type is
  0x8035
• RARP Request 3 and Reply 4
• There are better ways of providing this
  information and more (e.g. BOOTP DHCP) which
  we will learn about later!

18
IP Packet Format Structure

• The Internet Protocol (IP) Packet

19
IP Packet Structure Mandatory Fields

• Protocol Field
• Version 4 (current) and Version 6 (future)
• IP packet header length field (4 bits)
• Header size is not fixed there can be options
• Field counts the number of four byte words in
  the header
• Maximum header size 60 bytes
• Type of Service (TOS) field (8 bits)
• Original definition 3 bits for precedence and 3
  bits for TOS
• TOS bits Minimize delay, maximize throughput,
  maximize reliability
• The original specification has been superseded by
  the Diff-Serv specs
• New definitions in RFC 2474 redefine the use of
  the field
• Backwards compatible with older definitions
• A whole new set of codepoints defined to help
  apply QoS to IP networks
• Finding wider use because of VoIP and other
  real-time streaming services

20
IP Packet Structure Mandatory Fields

• IP packet length field (16 bits)
• Some IP packets can be smaller than the minimum
  data link frame size
• Example minimum Ethernet frame size is 46 bytes
• Tiny IP packets are padded out to the minimum
  frame size with zeros
• Maximum packet size 65535 bytes
• IP packet identification field (16 bits)
• Uniquely identifies each IP packet very
  important for fragmentation
• Hosts typically use an internal counter to set
  this field which is incremented each time an IP
  packet is sent
• Fragmentation Flags and Offset fields
• DF (Dont Fragment) bit
• MF (More Fragments) bit
• Offset field (13 bits) - specifies the offset in
  8 byte units of the fragment from the beginning
  of the original IP packet

21
IP Packet Structure Mandatory Fields

• Time-to-Live (TTL) field (8 bits)
• Used to limit the lifetime of an IP packet
• Decremented every time the IP packet transits a
  router
• TTL set by the source host value is OS and
  application dependent
• Protocol field (8 bits)
• Identifies the higher layer protocol payload
  encapsulated in the IP packet
• Allows IP layer to determine what higher layer
  process should receive the data
• Header Checksum field (16 bits)
• Checks for errors in the IP header ONLY
• Ones complement addition used to calculate
  checksum
• Errored IP packets are silently discarded
  recovery is up to higher layers
• Source destination IP address fields (32 bits
  each)

22
IP Packet Structure Optional Fields

• Header Option Fields
• Header options can take up an additional 40 bytes
  in the IP header
• Provide a variety of services used in special
  circumstances
• First byte specifies option type some options
  are only one byte while others are variable
  length
• Generic Structure of Header Options

23
IP Packet Structure Optional Fields

• Record Route Option
• Used to detect and record the path being taken by
  a particular IP packet
• Code field Record Route option specified by a
  value of 7 in this 8 bit field
• Length Field contains total length of the
  option header (usually 39 bytes)
• At maximum length option can store nine IP
  addresses in the list, after that the list is
  full and routers ignore the option
• Pointer Field shows the router where to store
  the next IP address points to the first empty
  byte (i.e. ptr4 if no IP addresses have been
  recorded)
• Routers typically record the outgoing interface
  of the IP packet

24
IP Packet Structure Optional Fields

• Timestamp Option (Code field 44)
• Allows a host to query another system for its
  current time
• Same fields at the Record Route option plus two
  additional 4 bit fields
• Overflow (OF) field- 4 bit counter incremented by
  routers after option header is full
• Flags (FL) field specifies whether routers record
  a timestamp only or a timestamp and its IP
  address.
• Time returned is number of milliseconds past
  midnight UTC
• There are now better ways of time synchronization
  (NTP, OSF DCE, etc)
• Security Options
• Defined in RFC 1108 rarely used today
• Allowed the labeling of IP packets with
  classification information
• Provided no inherent protection relied on
  routers to read labels and route packets through
  paths of the appropriate security level

25
IP Packet Structure Optional Fields

• Source Routing Options
• Allows a source host to specify the path IP
  packets will take through the Internet
• Option header fields (code, length, pointer) and
  maximum size are the same as the Record Route
  option
• Code is 0x83 for loose source routing and 0x89
  for strict source routing
• Two varieties Loose and Strict
• Strict Source Routing the EXACT path is
  specified in the IP packet
• Loose Source Routing the IP packet contains a
  list of IP addresses that it must traverse but it
  can traverse others not listed.
• Source Route Examples

26
IP Fragmentation and Reassembly

• Concept -- Maximum Transmission Unit (MTU)
• Based on underlying transmission protocol
• Cannot be violated (includes the frame headers
  trailers)
• MTU example
• Fragmentation
• Allows IP to deal with physical networks that
  have different MTUs
• IP header fields and flags important during IP
  Fragmentation
• IP Fragmentation example
• Reassembly
• Done at destination host
• Eases processing burden on routers
• Allows IP fragments to traverse different routes
  in the network
• Example illustrating different routing of IP
  packet fragments
• Example for reassembly at destination host

27
IP Fragmentation and Reassembly

• Concept -- Maximum Transmission Unit (MTU)
• Loss of a fragment can does occur (just like
  any other IP packet)
• Two things that can go wrong
• Fragment gets corrupted and are discarded
• Upon receipt of the first fragment destination
  host sets a timer if any fragment fails to make
  it into the reassembly buffers before the timer
  expires ALL fragments are discarded.
• Multiple Fragmentations Example

28
IP Packet Forwarding

• Encapsulation of an IP packet for transmission
• Lower layer frame may change many times during
  transit
• The role of routers (versus a multi-homed host)
• The characteristics of IP packet forwarding
• Table-driven
• Next-hop
• Done on a per-packet basis
• The routing table
• The mechanism a host uses to determine what to do
  with an IP packet its trying to send
• The mechanism a router uses to determine how to
  forward an IP packet
• In general routing tables contain routes to
  networks
• How the tables are filled is covered in Class 4!

29
IP Packet Forwarding

• IP Forwarding example

30
IP Packet Forwarding

• Example routing table from a Cisco Router
• a-tserversh ip route
• Codes C - connected, S - static, I - IGRP, R -
  RIP, M - mobile, B - BGP
• D - EIGRP, EX - EIGRP external, O - OSPF,
  IA - OSPF inter area
• E1 - OSPF external type 1, E2 - OSPF
  external type 2, E - EGP
• i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS
  level-2, - candidate default U - per-user
  static route
• Gateway of last resort is 128.244.12.1 to network
  0.0.0.0
• 128.244.0.0/16 is variably subnetted, 126
  subnets, 8 masks
• O E2 128.244.219.160/27 110/1 via
  128.244.12.1, 160332, Ethernet0
• O E1 128.244.102.0/24 110/34 via
  128.244.12.1, 160332, Ethernet0
• O IA 128.244.77.32/27 110/27 via
  128.244.12.1, 160332, Ethernet0
• O 128.244.149.252/30 110/75 via
  128.244.12.1, 160332, Ethernet0
• O IA 128.244.84.0/24 110/17 via
  128.244.12.1, 160332, Ethernet0
• O 128.244.148.192/28 110/21 via
  128.244.12.1, 160332, Ethernet0
• O E2 128.244.86.0/24 110/20 via
  128.244.12.1, 160332, Ethernet0
• O 128.244.76.0/24 110/11 via
  128.244.12.1, 160342, Ethernet0

31
Internet Message Control Protocol (ICMP)

• What is ICMP used for?
• Provides rudimentary error reporting capability
• Provides a basic informational and
  troubleshooting mechanism
• ICMP Mechanics
• Required part of IP
• Defined in RFC 792
• Generic ICMP Message Format
• Type and Code fields
• Header Checksum
• Additional header bytes

32
Internet Message Control Protocol (ICMP)

• ICMP Error Messages
• Sent in response to a problem delivering an IP
  packet
• Includes the IP header plus eight bytes of
  payload from the packet causing the error
  (contains the TCP or UDP port numbers so the
  source application can be notified)
• NOT sent under the following conditions
• in response to any other Network layer protocol
  besides IP
• in response to an errored ICMP packet
• in response to an IP multicast or broadcast
  source

33
Internet Message Control Protocol (ICMP)

• ICMP Error Messages
• Major Error Types
• Destination Unreachable (Type 3)
• Network Unreachable (Code 0)
• Host Unreachable (Code 1)
• Protocol Unreachable (Code 2)
• Port Unreachable (Code 3)
• Fragmentation required but the DF bit set (Code
  4)
• IP Redirect (Type 5)
• Used by routers to correct hosts
• Time Exceeded (Type 11)
• Either a TTL or a Destination Reassembly Issue
• Parameter Problem (Type 12)
• The catch-all error message

34
Internet Message Control Protocol (ICMP)

• ICMP Informational Troubleshooting Messages
• Echo Request (Type 8) and Echo Reply (Type 0)
• Used to tell whether a hosts network interface
  card is functioning
• Payload typically empty but certain
  implementations will allow you to specify the
  ICMP payload
• Older Messages no longer in use
• Timestamp Request (Type 13) and Timestamp Reply
  (Type 14)
• Allows a host to query another for the current
  time
• Returns the number of milliseconds past midnight
  UTC stills requires the receiving host to
  calculate the current time
• There are better ways of doing this NTP, RPC
  time functions
• Address Mask Request (Type 17) (Type 18)
• Allows a host to determine its address mask from
  its neighbors
• Sometimes good (if the mask is right) and
  sometimes bad!

35
Internet Message Control Protocol (ICMP)

• PING
• A fundamental troubleshooting tool based on ICMP
• PING Example
• ping www.digex.net
• PING www.digex.net (207.87.16.116) 56 data
  bytes
• 64 bytes from 207.87.16.116 icmp_seq0
  ttl117 time94.168 ms
• 64 bytes from 207.87.16.116 icmp_seq1
  ttl117 time73.961 ms
• 64 bytes from 207.87.16.116 icmp_seq2
  ttl117 time63.667 ms
• 64 bytes from 207.87.16.116 icmp_seq3
  ttl117 time57.443 ms
• 64 bytes from 207.87.16.116 icmp_seq4
  ttl117 time65.453 ms
• 64 bytes from 207.87.16.116 icmp_seq5
  ttl117 time85.126 ms
• 64 bytes from 207.87.16.116 icmp_seq6
  ttl117 time69.730 ms
• 64 bytes from 207.87.16.116 icmp_seq7
  ttl117 time67.107 ms
• C
• --- www.digex.net ping statistics ---
• 10 packets transmitted, 10 packets received,
  0 packet loss
• round-trip min/avg/max/stddev
  57.004/70.505/94.168/11.062 ms

36
Review of Class 2

• The Key Conclusions to Class 2
• The Network Interconnection model from Class 1
  is used in the Internet
• The Internet Protocol is the key to
  internetworking it is a flexible and
  feature-rich base to the family of internet
  protocols
• ARP provides a dynamic standard means to map
  between MAC and network layer addresses
• IP forwarding is a datagram-based, next-hop,
  table-driven process
• ICMP provides error reporting, informational,
  troubleshooting mechanism for IP

37
Reading and Homework

• Reading
• Comer Chapters 4 through 9 (except sections
  9.20 and 9.21)
• First Homework Assignment is due in a week (see
  Class 1 slides for the problems)
• Next Monday Transport Layer (TCP UDP)
  Protocols