Title: Section 9: IP and the Network Layer
1Section 9 IP and the Network Layer
- In this section
- Introduction to the network layer
- Internet architecture
- The Internet Protocol (IP)
- Addresses
- Address resolution (ARP)
- IP packet format
- IP management (ICMP)
- Host configuration (DHCP)
- Version 6
2The Network Layer
- Services
- Deliver packets between any two hosts, reliably
or unreliably. - A network-wide concern
- Transport layer (above) between two end hosts.
- Data link layer (below) between two physically
connected hosts. - Network layer involves each and every host,
router, and gateway in the network.
3Architectural Approaches
- Connectionless - similar to postal system
endpoint puts data to send into a packet and
hands to network for delivery - Connection-oriented - similar to telephone
system endpoints establish and maintain a
connection as long as they have data to exchange
4Connectionless (Datagram) Service
- No connection established
- Source of data adds destination information to
data and delivers to network - Network delivers each data item individually
- No routes set up at connection establishment time
- each packet may follow different route to
destination (but typically wont). - No guarantee of reliable, or in-order delivery
(although data link layer may still do
link-by-link error control). - Advantages
- Robust with respect to node / link failures.
- Recovery at end to end (transport) level.
- Examples IP
5Connection-oriented Service
- One endpoint requests connection from network
- Other endpoint agrees to connection
- Computers exchange data through connection
- Typically uses a stream interface
- Source delivers stream of data to network
- Network breaks into packets for delivery
- Data transmission not necessarily continuous
like telephone, connection remains in place while
no data transmitted - One endpoint requests network to break connection
when transmission is complete - Examples Asynchronous Transfer Mode (ATM), X.25
6Connection duration and persistence
- Connections can be made on-demand or set up
permanently - Switched connection or switched virtual circuit
- Permanent connection or provisioned virtual
circuit - Permanent connections
- Originally hard-wired
- Now configured at system initialization
- Switched connections
- Computer maintains permanent connection to
network - Network makes connection on demand
7Virtual circuits
- Virtual acts like a circuit, but isnt really
one. - Reliable delivery of packets between end hosts.
- All packets within connection follow the same
route.
A
D
two VCs share link B-C
B
C
E
F
8Virtual circuits (2)
- At connection establishment time
- Connection setup packet flows from sender to
receiver. - Routing tables updated at intermediate nodes to
reflect new virtual circuit (VC). - Fits well with quality of service (QoS)
guarantees reject call on path if QoS cant be
guaranteed. - Potential difficulty recovery from link or
router failure.
9Address and Connection Identifiers
- Address is a complete, unique identifier
- Connectionless delivery requires address on each
packet - Connection-oriented delivery can use a shorthand
that identifies the connection rather than the
destination
- Asynchronous Transfer Mode (ATM) - 160-bit
address, 28-bit connection identifier - Connection identifier includes
- 12-bit virtual path identifier (VPI)
- 16-bit virtual circuit identifier (VCI)
- Connection identifier local to each computer
- May be different in different parts of the ATM
switch
10Internetworking
- In the real world, computers are connected by
many different technologies - Internetworking is a scheme for interconnecting
multiple networks of dissimilar technologies - Uses both hardware and software
- Extra hardware positioned between networks
- Software on each attached computer
- System of interconnected networks is called an
internetwork or an internet
11Routers
- A router is a hardware component used to
interconnect networks - The router is the main layer 3 building block for
large internets. - A router has interfaces on multiple networks
-
-
-
- Networks can use different technologies
- Router forwards packets between networks
- Transforms packets as necessary to meet standards
for each network
12Internet Architecture
- An internetwork is composed of arbitrarily many
networks interconnected by routers -
- Routers can have more than two interfaces
13A virtual network
- Internetworking software builds a single,
seamless virtual network out of multiple physical
networks - Universal addressing scheme
- Universal service
- All details of physical networks hidden from
users and application programs
Net 2
Net 3
Net 1
14A virtual network
- Internetworking software builds a single,
seamless virtual network out of multiple physical
networks - Universal addressing scheme
- Universal service
- All details of physical networks hidden from
users and application programs
Net 2
router
Net 3
Net 1
Physical network
15Internetworking Protocols
- TCP/IP is the mostly widely used internetworking
protocol suite - First internetworking protocol suite
- Initially funded through ARPA
- Picked up by NSF
- Others include IPX, VINES, AppleTalk
- TCP/IP is by far the most widely used
- Vendor and platform independent
16Internet addresses
- One key aspect of virtual network is single,
uniform address format - Cannot use hardware addresses because different
technologies have different address formats - Address format must be independent of any
particular hardware address format - Sending host puts destination internet address in
packet - Destination address can be interpreted by any
intermediate router - Routers examine address and forward packet on to
the destination
17IP addresses
- Addressing in TCP/IP is specified by the Internet
Protocol (IP) - Each host is assigned a 32-bit number
- Called the IP address or Internet address
- Unique across entire Internet
- Each IP address is divided into a prefix and a
suffix - Prefix identifies network to which computer is
attached - Suffix identifies computer within that network
- Address format makes routing efficient
18Network and Host Numbers
- Every network in a TCP/IP internet is assigned a
network number. - Each host on a specific network is assigned a
host number or host address that is unique within
that network. - Host's IP address is the combination of the
network number (prefix) and host address (suffix)
- Network numbers must be unique.
- Host addresses may be reused on different
networks combination of network number prefix
and host address suffix will be unique. - Assignment of network numbers must be coordinated
globally assignment of host addresses can be
managed locally.
19IP address format
- IP designers chose 32-bit addresses (see RFC
790, RFC 1166) - Allocate some bits for prefix, some for suffix
- Large prefix, small suffix - many networks, few
hosts per network - Small prefix, large suffix - few networks, many
hosts per network - Because of variety of technologies, need to allow
for both large and small networks - Designers chose a compromise - multiple address
formats that allow both large and small prefixes - Each format is called an address class.
- Class of an address is identified by first four
bits
20Dotted Decimal Notation
- 32 bits divided into 4 octets
- Each octet is converted to decimal value
- Dots used to separate the 4 decimal values
- Examples
21IP addresses in C/C
- From /usr/include/netinet/in.h
- / Internet address
- This definition contains obsolete fields for
- compatibility with SunOS 3.x and 4.2bsd. The
- presence of subnets renders divisions into
fixed - fields misleading at best. New code should
use - only the s_addr field.
- /
- struct in_addr
- union
- struct u_char s_b1,s_b2,s_b3,s_b4
S_un_b - struct u_short s_w1,s_w2 S_un_w
- u_long S_addr
- S_un
- define s_addr S_un.S_addr / should be used for
all code /
22Useful function calls
- unsigned long inet_addr( char cp )
- Converts string with dotted address to 32 bit
value - Example inet_addr(129.0.0.1)
- socketAddress.sin_addr.s_addr inet_addr(
charIPAddress ) - char inet_ntoa(struct in_addr in)
- Converts 32 bit value of IP address to a string
in dotted decimal format.
23IP Addresses in Java
- Class java.net.InetAddress
- static InetAddress getByName(String host)
- Creates new instance of InetAddress based on a
string address - String can either be a dotted decimal IP address
(e.g. 129.0.0.1), or a host name - static InetAddress getByAddress(byte address)
- Creates new instance of InetAddress based on
bytes containing the 4 values for the IP address - String getHostAddress( )
- Returns the IP address as a dotted decimal string
- byte getAddress( )
- Returns the raw IP address as an array of bytes
24IP Address Classes
Octet 1
Octet 2
Octet 3
Octet 4
Class
1.0.0.1 to 126.255.255.254
0 prefix
suffix
A
128.0.0.1 to 191.255.255.254
10 prefix
suffix
B
192.0.0.1 to 223.255.255.254
110 prefix
suffix
C
224.0.0.0 to 239.255.255.255
1110 multicast
D
240.0.0.0 to 254.255.255.255
1111 reserved for future use
E
25Special IP addresses
26Allocation of IP address classes
27CIDR addresses
- CIDR Classless Internet Domain Routing
- Created to allow more flexibility in subnet
sizes in particular, different values between
256 and 65536 - Obsoletes previous IP address classes
- Notation IP address / bits in prefix
- Usage
- Set up 32 bit mask with indicated number of 1
bits followed by 0 bits - Logical AND with mask and IP address to get
network prefix
28CIDR Example
- Example allocate 2 sub-networks that can hold
14 hosts each - Prefix calculated by logical AND
- Network 1 128.211.0.16 / 28 ? 28 bits in
prefix - Network 2 128.211.0.32 / 28
- Mask is 11111111 11111111 11111111 11110000
- Net 1 10000000 11010011 00000000 0001
- Allows IP addresses 128.211.0.17 through
128.211.0.30, since suffix cannot be all 0s or
all 1s. - Net 2 10000000 11010011 00000000 0010
29Mapping IP addresses
- Problem How to map IP addresses onto hardware?
- Address resolution
- Where this takes place router attached to
physical network. - Three methods used to resolve addresses
- Table lookup
- Computation
- Message exchange
30Resolution using Table Lookup
- Router keeps table.
- The following could be a table for network
197.15.3.0 / 24 - To save space and time, only the host value of
the IP address would be stored.
31Resolution using Computation
- If hardware addresses are configurable, they can
be assigned to correspond with the host part of
their IP address - Example
- host with IP address 229.123.1.1 is assigned
hardware address 1 - host with IP address 229.123.1.2 is assigned
hardware address 2 - and so on.
- Computation logical AND with value 000000FF.
- hardware_address ip_address 0xff
32Resolution using Message Exchange
- Example Ethernet Address Resolution Protocol
(ARP) - See RFC 826
- Router sends broadcast ARP message to LAN to
query hosts as to who matches the IP address - Only the host with the matching IP address
replies directly to router - Router then has hardware address
33ARP message format
- There is a generic format in RFC 826
- The following is specific for Ethernet 32 bit
protocol (P) addresses and 48 bit hardware (H)
addresses
0
8
16
31
Bits
Protocol address type 0800
Hardware address type 0001
H. addr. length
P. addr. length
Operation
Senders hardware address, part 1
Senders H. address pt. 2
Senders P. address pt. 1
Senders P. address pt. 2
Target H. address pt. 1
Target hardware address, part 2
Target protocol address
34Transmission of ARP messages
- Ethernet frame
- ARP packet
Frame type
Preamble
data
CRC
Dest. Addr.
Source Addr.
SFD
0806
7
46 1500
4
6
6
2
1
octets
octets
Padding
ARP
18
28
octets
35IP Internet Protocol
0
4
8
16
19
31
Bits
Version
IHL
Service type
Total length
Identification
Flags
Fragment offset
Time to live
Protocol
Header Checksum
Source address
Destination address
Options
Data up to 65,515 octets
Maximum packet size 65,535 octets
36IP protocol fields
- Definition RFC 791, plus subsequent additions
- Version version number of protocol (currently
4 version 6 also standardized) - Internet Header Length (IHL) number of 32-bit
words in header - Minimum value 5 (which indicates no options)
- Larger values used when options are present.
37IP Protocol Fields
- Type of service
- Specifies, precedence (bits 0-2), delay (bit 3),
throughput (bit 4), reliability (bit 5)
parameters - 0 bit normal, 1 bit exceptional
- Total length length of packet in octets
- Identification sequence number
- Flags (3)
- More indicates packet is a fragment, with more
to come - Dont fragment prohibits fragmentation
- (Reserved for future use)
38IP Protocol Fields
- Fragment offset Indicates where in original
datagram, measured in 64-bit units - Note that this requires fragmentation happen at
64-bit boundaries (except for last fragment) - Time to live specifies, in seconds, time
remaining before this packet expires - Every router must decrease this value by at least
one. - Protocol indicates protocol at next higher
level - Current listhttp//www.iana.org/assignments/prot
ocol-numbers - Examples
- 1 ICMP Internet Control Message Protocol
- 6 TCP Transmission Control Protocol
- 17 UDP User Datagram Protocol
39IP Protocol Fields
- Header checksum
- 16 bit ones-complement addition of all 16 bit
words in the header - Set to zero before computation
- Re-computed at each router
- Some fields, such as time-to-live will change as
message travels through network - Source address 32 bit IP address
- Destination address 32 bit IP address
40IP options
- Defined in RFC 791 and others
- Examples
- Secure packet
- Routing information provided
- Record route
- Record time stamps
- Stream identifier
41IP upper level interface
- Two service primitives send and receive
(recv) - Result SEND(src,dst,prot,TOS,TTL,BufPTR,len,Id,D
F,opt) - Result RECV(BufPTR,prot,src,dst,TOS,len,opt
)
- where
- src source address
- dst destination address
- prot protocol
- TOS type of service
- TTL time to live
- BufPTR buffer pointer
- len length of buffer
- Id Identifier
- DF Don't Fragment
- opt option data
42IP Fragmentation and Reassembly
- Construction of an IP packet requires obeying
maximum frame sizes at each data link layer - MTU maximum transmission unit
- Example IP packet carried inside an Ethernet
frame (see slide 303) can have, at most, 1480
octets of user data 20 octets of IP header
1500 - RFC 791 says any part of the internet must have
an MTU ? 68 octets - Any host must be able to receive 576 octets
(possibly in fragments)
43IP Fragmentation and Reassembly
- If the IP dont fragment flag is set, and there
is more data than the MTU allows, a router will
trash the IP packet and send an ICMP message. - Otherwise, router has to separate user data into
fragments of allowable size. - Fragmentation can be done at any router
reassembly is only done at final destination.
44Example of MTU Ethernet frames
Frame type
Preamble
data
CRC
Dest. Addr.
Source Addr.
SFD
0800
7
46 1500
4
6
6
2
1
octets
1500 ( MTU)
octets
Layer 4 data
Source Addr.
Dest. Addr.
IP
24 1480
4
4
12
octets
45Example of Fragmented Data
User data 2276 octets
With an MTU of 1500, this could be sent as
TL816, FO185, more0
User data 796 octets
20
TL total length, FO frame offset (in
8-octet/64-bit units)
46IP Fragmentation
- The frame offset is used instead of a fragment
sequence number because this allows for further
fragmentation at a subsequent router
TL816, FO185, more0
796
MTU 820
47Reassembly
- Reassembly is only done at the destination
- i.e. host with IP address in destination field
- Fragments are reassembled based on matching
source address, destination address,
identification field (sequence number), and
protocol - A reassembly timer is often used as the holding
time for resources while waiting for all
fragments - Timer started when first fragment arrives.
- Timer cancelled when contiguous data from frame
offset 0, to a fragment where the more flag is
0 has arrived. - If timer expires, buffer is released and
fragments are trashed (and ICMP time exceeded
message returned). - Alternative use Time to live field of first
fragment
48Internet Control Message Protocol (ICMP)
- Defined in RFC 792, plus updates
- Required for internet compliance
- Carried in IP packets
- ICMP messages often sent as a reply to IP packet
Bits
0
4
8
16
31
Type
Code
Checksum
Parameters
Message content variable length
49ICMP message types
- 8 Echo
- 0 Echo reply
- Asks for return of this message for testing
- Parameters identifier, sequence number
- 3 Destination unreachable
- Code indicates particular condition
- 0 net unreachable
- 1 host unreachable
- 2 protocol unreachable
- 3 port unreachable
- 4 fragmentation required dont fragment flag
set - 5 source route failure
- Data original IP header, plus first 64 bits of
data
50ICMP message types
- 4 Source quench
- Request to slow sending rate of IP packets
- Data as in destination unreachable (type 3)
- 5 Redirect
- Used to indicate a shorter routing path
- Parameters IP address of suggested router
- 11 Time exceeded
- Time to live counter of IP packet reached zero
- Reassembly of fragmented data has timed out.
- Data as in destination unreachable (type 3)
- 12 Parameter problem
- Indicates problems with an IP message (usually
bad option format) - Data as in destination unreachable (type 3)
51ICMP message types
- 13 Timestamp
- Sends message that records sending time, and asks
for reply - Data sending time, reception time (to be filled
in), reply sending time (to be filled in) - 14 Timestamp reply
- Reply to timestamp request
- Data values filled in from ICMP 13 message
- 17 Address mask request
- Host asks router on LAN for CIDR address mask
(usually at reboot) - 18 Address mask reply
- Reply to address mask request
- Data the address mask
52Network administration functionsthat use ICMP
- Ping test if a host will respond
- Sends an ICMP echo message to designated host
- Host sends ICMP echo reply
- Used to test connectivity
- Many organizations have disabled ping to prevent
denial-of-service attacks - Traceroute find route from source to
destination - Sends IP packet with time-to-live of 1
- First router will discard packet and send ICMP
time exceeded message - Next message sent has time-to-live of 2, and so
on until destination is reached - Each router en route will have sent an ICMP
message
53Protocol Configuration
- A software vendor wants to sell identical copy of
protocol software to all customers. - Each system running a protocol will have
different parameters - IP address
- Hardware address
- Location of local router
- Location of local servers for Domain Name
Service, printing, time of day, - The problem
- How to discover the local custom values when
system is initialized?
54Protocol Configuration Initialization
- Example joining the campus wireless network.
- You do not want to have to configure your system
you want to start using the Internet right away - Problem
- What address do you use to find an address?
55Types of Address Discovery
- Fixed
- Host is assigned a permanent set of addresses for
IP, hardware, etc. - Protocol software needs to find these parameters
during initialization, either locally or from a
server. - Required for well-known locations (e.g. web
server) - Dynamic
- Host uses a temporary IP address obtained from a
server for a specified period of time. - Addresses are allocated from an available pool
- Examples ISP dial-up connection, wireless network
56Protocol Initialization
- Local, fixed option manual configuration of IP
address. - Reverse Address Resolution Protocol (RARP)
- ARP Given IP address, find hardware address
- RARP Given hardware address, obtain IP address
- Needs fixed hardware address in network interface
card (e.g. Ethernet) - RARP request for IP address is broadcast over
network. - After obtaining an IP address, the next step is
to find a router. - To do this, we need the subnet mask of the
network, so that we can find a router on the same
network. - Broadcast ICMP Address Mask Request message
- Reply contains IP mask
- Broadcast ICMP Gateway discovery message
57Dynamic Address Allocation
- Each host obtains a lease for an IP address
assigned from a pool. - Provisioning challenge how large should the
pool of IP addresses be for customer base? - Lease has expiry time
- Lease can be renewed before expiry
- On expiry, IP address is returned to the
available pool.
58DHCP Dynamic Host Configuration Protocol
- Defined in RFC 2131
- Protocol to automatically
- Assign an IP address from a pool of available
addresses - Assignment can be permanent or temporary
- Temporary assignment (a lease) will have an
expiry time. - Locate a server
- Locate a router
- Get the name of a server
- Relies on special IP addresses
- IP address 0.0.0.0 used to send messages while
obtaining IP address - IP address 255.255.255.255 local network
broadcast
59DHCP Message Format
0
8
16
24
31
Bits
Message type
HW addr. type
Header length
Hops to server
Transaction ID
Seconds elapsed
Broadcast flag and 15 zeros
Client IP address (if renewing)
Your new IP address
Reboot Server IP address
Router IP address
Client Hardware address (16 octets)
Server host name (64 octets)
Reboot file name (128 octets)
Options (variable)
60DHCP Message Types
- (not a complete list)
- Discover request from client to find servers
(broadcast) - Offer server reply to discover, with offer of
configuration parameters (broadcast, possibly by
more than one server) - Request confirmation of offer, sent from client
to specific server - Acknowledgement configuration parameters issued
by server to client - Release client returns allocations to server
and cancels lease
61Network Address Translation (NAT)
- Problem increased number of private / home
networks - Solution reserve some IP addresses as private
addresses - The following IP addresses can be used locally
- 10.0.0.0 to 10.255.255.255
- 172.16.0.0 to 172.31.255.255
- 192.168.0.0 to 192.168.255.255
- No standard router will forward packets with
these addresses
62NAT Routers
- To set up a home network, obtain a regular IP
address such as 200.24.5.8, and an NAT router - Configure the NAT router so that it is connected
to the Internet with the regular IP address. - Internally, to set up 3 computers on the private
network, configure them as (for example) - 10.0.0.1 internal address of NAT router
- 10.0.0.2, 10.0.0.3, 10.0.0.4 addresses of the
computers
63Address Translation
- Within the private network, a computer sending an
IP packet uses - Source IP address the private IP address (e.g.
10.0.0.2) - Destination IP address the actual destination
- At the NAT router, the router will replace the
source IP address with its own global IP address
(e.g. 200.24.5.8) - Return packets will have the destination as the
global IP address of the router. - The NAT router will then replace the destination
address with the local address of the computer - The NAT router needs to monitor outgoing packets,
so that incoming packets can be forwarded
correctly.
64NAT Routing Table
- The NAT router will keep a table that matches the
internal IP addresses with the destination IP
addresses. - Example 10.0.0.2 sends an IP packet to
25.8.2.10 via NAT router with external address
200.24.5.8. - The NAT router creates a table entry associating
the destination 25.8.2.10 with 10.0.0.2 - The NAT router replaces the source address with
its external address - External IP packet Source 200.24.5.8,
Destination 25.8.2.10. - When an IP packet arrives from 25.8.2.10 with
destination 200.24.5.8, the NAT router looks up
the source in the routing table, replaces the
destination with the routing table entry
10.0.0.2, and then forwards the packet.
65Limitations
- Since the NAT router forwards incoming packets,
based on remembered destinations of outgoing
packets, communication must always be initiated
from inside the private network. - This means that hosts connected to an NAT router
cannot run server programs, as they cannot be
contacted directly. - Two computers inside the private network cannot
access the same global destination concurrently,
unless sending port numbers (transport layer
addresses used by TCP/UDP) are - stored by the NAT router
- distinguishable (probable, but not certain)
66IP Version 6 (IPv6)
- Defined in RFC 2460 and others
- Enhancements
- 128 bit addresses
- Revised (incompatible) base header format
- Extension headers used for additional information
- Support for Quality of Service specification
- Extensibility
- Modifications to accommodate faster routing
67IPv6 addresses
- IPv4 addresses have first 96 bits as 0 in IPv6
- New shorthand notation colon hexadecimal
- 105.220.136.100.255.255.255.255.0.0.18.128.140.10.
255.255 - becomes
- 69DC8864FFFFFFFF012808C0AFFFF
- FFOC0000000B1
- becomes
- FFOC B1
- In IPv6, an IP address is assigned to an
interface, not a node - One device can have 2 or more IPv6 addresses on
the same network - Intended to speed routing of packets
- Example one address could be the higher
priority interface.
68IPv6 multiple headers
optional
IPv6 base
data
Extension 1
Extension N
40
octets
- Each extension header will identify its own
length, as well as the type of extension header
(next header) or data that follows.
69IPv6 Base Header
0
4
12
16
24
31
Bits
Version
Traffic class
Flow label
Payload length
Next header
Hop limit
Source address
Destination address
70IPv6 base header fields (1)
- Version 6
- Traffic class
- Available for establishing classes or priorities
for packet handling - First 6 bits differentiated services field
- Last 2 bits reserved for congestion
notification (not yet standardized) - Flow label identifier for a sequence of packets
from a single source, and with similar
transmission requirements - Example one flow could identify a specific video
transmission
71IPv6 base header fields (2)
- Payload length (in octets)
- Length of all extension headers plus upper layer
data - Does not include the fixed header.
- Next header identifies type of header following
this header - Could indicate upper level protocol, or IPv6
extension header - Values are the protocol numbers defined in
http//www.iana.org/assignments/protocol-numbers
72IPv6 base header fields (3)
- Hop limit after visiting this many routers,
packet will be discarded. - Source, destination addresses
- Destination address may not be packets ultimate
destination - Available modes
- Unicast single destination
- Anycast choose one destination from a list
- Multicast specific group of destinations
- Broadcast to everyone
73Extension headers
- Recommended order of appearance
- IPv6 base (required)
- Hop-by-hop options (next header 0)
- Destination options (next header 60)
- To be processed by first destination in IPv6
header, plus destinations in routing header. - Routing header (next header 43)
- Fragmentation header (next 44)
- Authentication (next header 51)
- Security / Encapsulation (next header 50)
- Destination options (next header 60)
- For packets final destination
- Upper layer protocol (next header 6 for TCP, 17
for UDP,58 for ICMPv6, 41 for IPv6 inside IPv6)
74Hop-by-Hop Options
- Jumbo payload packet is larger than 65,535
octets - Payload length in fixed header must be zero
- No fragment header
- Router alert information should be examined
by each router along the way - Example using a protocol such as the Resource
reSerVation Protocol (RSVP) to set up quality of
service parameters.
75Fragmentation in IPv6
- An extension header, the fragment header
contains the fragmentation information not
contained in the base header - All fragmentation in IPv6 must be done by
original sender - This means that the sender has to discover the
minimum MTU for the entire transmission. - Find MTU by sending decreasingly larger ICMP
echo messages with dont fragment set, until
an ICMP echo reply is returned instead of
destination unreachable - IPv6 has the rule that networks must have an MTU
? 1280 octets
76Authentication Codes
- Message Authentication Code (MAC)
- carried in authentication header.
- Assume that sender A and receiver B have a shared
secret key, KAB. - MAC f(KAB, M), where f is a mutually-agreed
encryption function - Receiving the correct MAC means
- receiver knows that message is not altered.
- message is from correct sender
- sequence of message is correct
77Transition from IPv4 to IPv6
- During the transition period from IPv4 to IPv6,
if an IPv6, if an IPv6 packet has to cross an
IPv4 network, an approach called tunneling is
used. - When the IPv6 packet reaches an IPv4 network, an
IPv4 packet is created and the IPv6 is put inside
with protocol number 41. - The destination IPv4 address is the next router
that can forward the packet using IPv6.
version
IPv4 data
4
41
next IPv6 router
IPv4 destination
upper layer data
6
17
IPv6 dest
protocol (IPv6)
next header
version
78IP tunneling
X
IPv6
IPv6
IPv4
C
X
C
C
C