Title: Chapter 4 Internet Protocol-Part 1, IPv4
1Chapter 4 Internet Protocol-Part 1, IPv4
Unreliable and Best Effort Delivery
- IP does not guarantee that it will handle the
problems of - Datagram duplication
- Delayed or out-of-order delivery
- Corruption of data
- Datagram loss
Therefore, additional layers of protocol software
are needed to handle each of these errors.
The major reason is that we dont want IP to be
too complicated.
2Chapter 4 Internet Protocol-Part 1, IPv4
IP provides three important definitions 1. The
IP protocol defines the basic unit of data
transfer used throughout a TCP/IP internet.
(packet formating) 2. IP software performs the
routing function, choosing a path over which
data will be sent. (routing, forwarding) 3. IP
includes a set of rules that embody the idea of
unreliable packet delivery. The rules
characterize how hosts and routers should
process packets, how and when error messages
should be generated, and the conditions under
which packets can be discarded. (error
handling)
3Chapter 4 Internet Protocol-Part 1, IPv4
TCP/IP protocols use the name IP datagram to
refer to an internet packet.
IP header
Datagram data area
General form of an IP datagram
The amount of data carried in a datagram is not
fixed. It can be a single octet of data or at
most 64K octets, including the header.
A datagram header contains information to route
the datagram across the internet.
4Chapter 4 Internet Protocol-Part 1, IPv4
Datagram Format
0 3 8
15 19
31
version IHL Type of Service
Total length
Identification Flags
Fragment Offset
Time to Live Protocol
Header Checksum
Source Address
Destination Address
Options Padding
Data
5Chapter 4 Internet Protocol-Part 1, IPv4
The IP Datagram Header Format
- TIME TO LIVE measure in 1-second increments.
- PROTOCOL the next level protocol that is to
receive - the data field at the destination.
- SOURCE and Destination IP ADDRESS 32 bits
- IP OPTIONS (VARIABLE) encodes the IP options
- requested by the sender.
- Record route option
- Source route options
- Timestamp option
- PADDING (VARIABLE) used to ensure that the
internet - header ends on a 32-bit boundary.
- DATA (VARIABLE) a multiple of eight bits in
length.
6Chapter 4 Internet Protocol-Part 1, IPv4
TTL Each router along the path from source to
destination is required to decrement the TTL by 1
when it processes the datagram header.
Furthermore, each router records the local time
when the datagram arrives, and decrement the TTL
by the number of seconds the datagram remained
inside the router waiting for service.
Header checksum by treating the header as a
sequence of 16-bit integers, adding them together
using 1's complement arithmetic, and then taking
the 1's complement of the result. In computing,
field Header checksum is assumed to be 0.
7Chapter 4 Internet Protocol-Part 1, IPv4
0 1 2 3 4 5 6
7 0 1 2
0 DF MF
Precedence D T R M 0
Precedence 111 Network Control 110 Internetwork
Control 101 CRITIC/ECP 100 Flash Override 011
Flash 010 Immediate 001 Priority 000 Routine
DF 0 May Fragment 1 Don't Fragment
MF 0 Last Fragment 1 More Fragment
Delay, Monetary cost 0 Normal 1 Low
Throughput, Reliability 0 Normal 1 High
(Only 1 of these 4 bits can be turned on.)
8Chapter 4 Internet Protocol-Part 1, IPv4
9Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
- Constraints on design
- These earlier attempts at differentiated service
make clear the design constraints on a standard
for the Internet. They are -
- Deployability in small steps, with a degree of
backward compatibility, including
interoperability with IP precedence and with the
IntServ/RSVP model.
10Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
- Minimal overhead on backbone and trunk routers.
Specifically, the standard must not require these
routers to store information about an individual
traffic flow or treat a particular flow in a
special way. (Of course, it must allow different
types of flows to be handled in different ways.)
11Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
- Separation of real-time traffic from the TCP-like
traffic that reacts to congestion by slowing down
and retransmitting undelivered packets. - The ability for Internet service providers to
offer different grades of service to different
customers. - Inclusion of management facilities, not least the
ability of network operators to assign and
monitor the use of resources.
12Existing Internet Services
Chapter 4 Internet Protocol-Part 1, IPv4
- Best-effort service
- is insufficient from many perspectives
- Multimedia applications require some sort of
delay and bandwidth guarantees - Some VIP users can pay more for better service
- Packet forwarding
- routers are bottleneck
- advanced switching technique
- layer 3, layer 4, and higher?
13Integrated Service (IntServ)
Chapter 4 Internet Protocol-Part 1, IPv4
- Support per-flow end-to-end QoS
- Guaranteed service
- Controlled-load service
- RSVP
- signaling protocol
- soft state
- receiver initiated reservation
14Some Concerns with IntServ
Chapter 4 Internet Protocol-Part 1, IPv4
- RSVP per-flow signaling and state is too much
- Can core routers do switching?
- How to integrate with ATM?
15What is Differentiated Service
Chapter 4 Internet Protocol-Part 1, IPv4
- Provide different levels of service with
scalability - Mark packets according to their service
requirement (DS codepoint) - Based on the mark, core routers apply
differentiated per-hop forwarding behavior (PHB)
(active queue management) - Only a limited number of PHBs is defined, so
traffic aggregation is required - Edge routers do the heavy job traffic
classification (marking), conditioning, ...
16Traffic Aggregates
Chapter 4 Internet Protocol-Part 1, IPv4
17What is Differentiated Service
Chapter 4 Internet Protocol-Part 1, IPv4
- Features
- Keep the forwarding simple
- Push complexity to edges of network
- Provide differentiated services
- Provide service without assumption of traffic
using it - Provide service long-term and short-term
provision - Allow the best effort traffic dominates the
Internet
18RSVP vs DiffServ
Chapter 4 Internet Protocol-Part 1, IPv4
Source Ben Teitelbaum, QBone Architecture
19Why Differentiated Service
Chapter 4 Internet Protocol-Part 1, IPv4
- Simpler than RSVP/IntServ
- no per-flow signaling or state
- More efficient core routers
- limited number of service classes
- Range of different packet handling services and
mapping possible - Supports VPNs
- Ipsec ESP leaves the IP header un-encrypted
20Why Differentiated Service
Chapter 4 Internet Protocol-Part 1, IPv4
Source Chris Metz
21Quality of Service Approaches
Chapter 4 Internet Protocol-Part 1, IPv4
Source Chris Metz
22DiffServ Architecture
Chapter 4 Internet Protocol-Part 1, IPv4
Source Ben Teitelbaum, QBone Architecture
23Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
The differentiated-services model uses the
most-significant 6 bits (05) from the
type-of-service or traffic class octet, defined
identically for the old IPv4 and the new IPv6.
Known as the Differentiated Services Code Point
(DSCP), this 6-bit field indicates how each
router should treat the packet. To emphasize the
fact that the router need not store information
about what the ultimate provider and consumer of
the data are doing (so-called session
information), this treatment is known as a
per-hop behavior (PHB). On the Internet, the
transmission of a data packet between two routers
is only one leg, or hop, in its journey, and a
per-hop behavior defines how an individual router
will treat an individual packet when sending it
over the next hop through the network.
24Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
Six bits of the DS field are used as a codepoint
(DSCP) to select the PHB a packet experiences at
each node. A two-bit currently unused (CU) field
is reserved. The value of the CU bits are ignored
by differentiated services-compliant nodes when
determining the per-hop behavior to apply to a
received packet. The DS field structure is
presented below 0 1 2 3 4 5 6
7 ------------------------ DSCP
CU ---------------------
--- DSCP differentiated services codepoint
CU currently unused
25Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
Being 6 bits long, the differentiated-services
code point can have one of 64 different binary
values and each one can be defined as calling for
a unique per-hop behavior. Many experts believe
that 64 different behaviors are more than will
ever be needed but, to allow for all
eventualities, some of the 64 possible values are
reserved for local or experimental use.
26Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
Implementors should note that the DSCP field is
six bits wide. DS- compliant nodes MUST select
PHBs by matching against the entire 6-bit DSCP
field, e.g., by treating the value of the field
as a table index which is used to select a
particular packet handling mechanism which has
been implemented in that device. The value of the
CU field MUST be ignored by PHB selection. The
DSCP field is defined as an unstructured field to
facilitate the definition of future per-hop
behaviors.
27Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
When a packet arrives, a router has a new job to
do in addition to deciding which output port to
send the packet to. In concept, the router will
use the code point to select one of 64 possible
subroutines that will manage the handling of the
packet at its output port. What the subroutine
actually does will depend on the definition of
the per-hop behavior for the particular code
point. For example, the subroutine might instruct
the router to put the packet at the front of the
queue at the output port, thereby giving it
highest priority, or at the back of the queue,
giving it the lowest.
28Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
It is a basic feature of DiffServ that every
packet must be classified, that is, it must have
a suitable value inserted in its
differentiated-services code point field. The
value can be inserted in either of two places
the original source of the traffic or at a
router.
29Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
Inserting the code point at the original source
of the traffic, such as a Web server or IP
telephony gateway, has a distinct advantage. The
server or gateway in question can have explicit
knowledge of the application in use, and can
therefore mark packets in an application-dependent
way.
30Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
One alternative is to have the traffic classified
and marked by a router--say, the first
encountered by the traffic or the one at the
boundary between customer and Internet service
provider. The advantage here is that no change is
needed to servers. But the router requires some
extra "smarts." Fortunately, many routers have a
very similar capability already, for use with
IntServ/RSVP. DiffServ needs this extra logic
only in the boundary routers, and thereby avoids
the performance overhead suffered by IntServ on
backbone trunks.
31Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
Four overall types of per-hop behaviors have been
defined as standard so far. They are default,
class-selector, expedited forwarding, and assured
forwarding. For default behavior, the code point
value is zero and the service to be expected is
exactly what is provided by today's Internet
service, with its completely uncontrolled traffic
congestion and packet loss.
32Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
The RECOMMENDED codepoint for the Default PHB is
the bit pattern ' 000000' the value '000000'
MUST map to a PHB that meets these
specifications. The codepoint chosen for Default
behavior is compatible with existing practice
RFC791. Where a codepoint is not mapped to a
standardized or local use PHB, it SHOULD be
mapped to the Default PHB. A packet initially
marked for the Default behavior MAY be re-marked
with another codepoint as it passes a boundary
into a DS domain so that it will be forwarded
using a different PHB within that domain,
possibly subject to some negotiated agreement
between the peering domains.
33Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
For class-selector behaviors, there are seven
code point values, running from 001000 to 111000
and selecting up to seven ranked behaviors. Each
behavior has at least as good a probability of
timely forwarding as its predecessor in the
ranking, if not a better one. Note that the
default behavior plus the class selectors exactly
mirror the original eight IP precedence values,
thereby providing compatibility with that scheme.
34Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
We refer to a Class Selector Codepoint with a
larger numerical value than another Class
Selector Codepoint as having a higher relative
order while a Class Selector Codepoint with a
smaller numerical value than another Class
Selector Codepoint is said to have a lower
relative order. The set of PHBs mapped to by the
eight Class Selector Codepoints MUST yield at
least two independently forwarded classes of
traffic, and PHBs selected by a Class Selector
Codepoint SHOULD give packets a probability of
timely forwarding that is not lower than that
given to packets marked with a Class Selector
codepoint of lower relative order, under
reasonable operating conditions and traffic
loads.
35Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
Expedited forwarding (EF) behavior has a
recommended differentiated-services code point
value of 101110. The departure rate of EF traffic
is defined as necessarily equaling or exceeding a
configurable rate. EF is intended to allow the
creation of real-time services with a configured
throughput rate for the services' data packets.
36Chapter 4 Internet Protocol-Part 1, IPv4
Differential Service (redefine the TOS octet)
Assured forwarding (AF) behavior actually
consists of three sub-behaviors, which for
convenience may be called AF1, AF2, and AF3. When
the network is congested, packets marked for AF1
have the lowest probability of being discarded by
any router, and packets marked for AF3 have the
highest. Thus, within the AF class, differential
drop probabilities are available otherwise, the
class represents a single type of per-hop
behavior. The standard actually defines four
independent AF classes. Quite complex service
offerings can be constructed using AF behaviors,
and much remains to be understood about them.
37Chapter 4 Internet Protocol-Part 1, IPv4
Maximum transfer unit (MTU) the amount of data
that can be transferred in one physical frame
Limiting datagrams to fit the smallest possible
MTU in the internet makes transfers inefficient
when those datagrams pass across a network that
can carry larger size frames.
However, allowing datagrams to be larger than the
minimum network MTU in an internet means that a
datagram may not always fit into a single network
frame.
38Chapter 4 Internet Protocol-Part 1, IPv4
The choice should be obvious the point of the
internet design is to hide underlying network
technologies and make communication convenient
for the user.
Thus, TCP/IP software chooses a convenient
initial datagram size and arranges a way to
divide large datagrams into smaller pieces when
the datagram needs to traverse a network that
has a small MTU.
The small pieces are called fragments, and the
process of dividing a datagram is known as
fragmentation.
39Chapter 4 Internet Protocol-Part 1, IPv4
Host A
Host B
Net 1 MTU1500
Net 2 MTU1500
Net 2 MTU620
R1
R2
R1 and R2 must both do the fragmentation.
Fragments must be reassembled to produce a
complete copy of the original datagram before it
can be processed at the destination. (By whom?)
40Chapter 4 Internet Protocol-Part 1, IPv4
The IP protocol does not limit datagrams to a
small size, nor does it guarantee that large
datagrams will be delivered without
fragmentation.
Fragmentation and reassembly occur automatically
without the source taking special action.
The IP specification states that routers must
accept datagrams up to the maximum of the MTUs of
networks to which they attach. In addition, a
router or a host must always handle datagrams of
up to 576 octets.
41Chapter 4 Internet Protocol-Part 1, IPv4
Fragmentation Example
Data 1 600 octets
Datagram header
Data 2 600 octets
Data 3 200 octets
Frag 1 header
Data 1
Offset0, more1
Frag 2 header
Data 2
Offset600/8, more1
Frag 3 header
Data 3
Offset1200/8, more0
42Chapter 4 Internet Protocol-Part 1, IPv4
Should a datagram be reassembled after passing
across one network, or should the fragments be
carried to the final host before reassembly?
In TCP/IP, once a datagram has been fragmented,
the fragments travel as separate datagrams all
the way to the ultimate destination where they
must be reassembled.
All fragments have the same Identification field
value.
43Chapter 4 Internet Protocol-Part 1, IPv4
Reassembly at the destination has two
disadvantages 1. Inefficiency may have many
small fragments 2. One fragment loss leads to the
whole packet to be useless. And the useless
fragments still travel to the destination.
Advantages for reassembly at the destination 1.
Router is simpler. 2. Avoid repeated
fragmentation and reassembly. 3. Each fragments
can route independently.
44Chapter 4 Internet Protocol-Part 1, IPv4
Options are included primarily for network
testing or debugging. Options processing is an
integral part of the IP protocol, however, so all
standard implementations must include it.
Each option consists of a single octet option
code, which may be followed by a single octet
length and a set of data octets for that option.
Option code
0 1 2 3 4 5
6 7
Copy option class option number
Copy1 the option should be copied into all
fragments Copy0 the option should only be
copied into the first fragments
(Router should take care of this bit.)
45Chapter 4 Internet Protocol-Part 1, IPv4
Option class Meaning 0
Datagram or network control
1 Reserved 2
Debugging and measurement
3 Reserved
Opt class opt number length
description 0 0
end of option list 0
1 no operation (used
to align octets) 0 2
11 security and handling restrictions
0 3 var
loose source routing 0 7
var record route 0
9 var strict source
routing 2 4 var
internet timestamp
46Chapter 4 Internet Protocol-Part 1, IPv4
The routing and timestamp options are the most
interesting because they provide a way to monitor
or control how internet routers route datagrams.
The record route option allows the source to
create an empty list of IP addresses and arrange
for each router that handles the datagram to add
its IP address to the list.
1 byte(value4,8,12,, 40)
Option format
...
1st IP address 2nd IP address
Code length pointer
Option class0 option number7 lengthvariable
Pointer the currently available IP address
slot, if pointergtlength, the list is
full. Updated by each router.
47Chapter 4 Internet Protocol-Part 1, IPv4
Source routing provides a way for the sender to
dictate a path through the internet. For example
testing the network, avoiding hostile network,
choosing the best routing
path, etc.
Option format
...
1st IP address 2nd IP address
Code length pointer
Option class0 option number3 or 9 copy1 (3
loose, may pass others besides the list 9
strict, must pass exactly the specified IP
address) lengthvariable
Pointer the currently available IP address
slot, if pointergtlength, the list is
full. Updated by each router.
48Chapter 4 Internet Protocol-Part 1, IPv4
Timestamp Option
The timestamp option works like record route
option in that the timestamp option contains an
initially empty list, and each router along the
path from source to destination fills in one item
in the list.
Option format
Code(68) length pointer
oflow flags
First IP address
First timestamp
...
49Chapter 4 Internet Protocol-Part 1, IPv4
Timestamp Option
Oflow an integer count of routers that could not
supply a timestamp because the option
length was too small
4-bit flags 0, record timestamps only omit IP
addresses 1, precede each timestamp by an IP
address 3, IP addresses are specified by sender
a router only records a timestamp if the
next IP address in the list matches the
router's IP address
Timestamps give the time and date at which a
router handles the datagram, expressed as
milliseconds since midnight, Greenwich Mean Time
(Universal Time). The router can use any
representation of local time provided it turns on
the high-order bit in the timestamp field.
50Chapter 4 Internet Protocol-Part 1, IPv4
IPv4 Routing Concept
Direct delivery, the transmission of a datagram
from one machine across a single physical network
directly to another, is the basis on which all
internet communication rests.
Indirect delivery occurs when the destination is
not on a directly attached network, forcing the
sender to pass the datagram to a router for
delivery.
51Chapter 4 Internet Protocol-Part 1, IPv4
IPv4 Routing Concept
How does the sender know whether the destination
lies on a directly connected network? To see if
a destination lies on one of the directly
connected networks, the sender extracts the
network portion of the destination IP address and
compares it to the network portion of its own IP
address. A match means the datagram can be sent
directly.
52Chapter 4 Internet Protocol-Part 1, IPv4
IPv4 Routing Concept
The usual IP routing algorithm employs an IP
routing table on each machine that stores
information about possible destinations and how
to reach them.
What information should be kept in routing
tables? If every routing table contained
information about every possible destination
address, it would be impossible to keep the
table current. Furthermore, because the number of
possible destinations is large, machines would
have insufficient space to store the information.
53Chapter 4 Internet Protocol-Part 1, IPv4
IPv4 Routing Concept
Using the network portion of a destination
address instead of the complete host address
makes routing efficient and keeps routing tables
small.
Typically, a routing table contains pairs (N,R),
where N is the IP address of a destination
network, and R is the IP address of the "next"
router along the path to network N.
Router R is called the next hop, and the idea of
using a routing table to store a next hop for
each destination is called next-hop routing.
Thus, the routing table in a router R only
specifies one step along the path from R to a
destination network-the router does not know the
complete path to a destination.
54Chapter 4 Internet Protocol-Part 1, IPv4
IPv4 Routing Concept
30.0.0.6
40.0.0.7
An example
20.0.0.5
Network 10.0.0.0
Network 30.0.0.0
Network 40.0.0.0
Network 20.0.0.0
Q
R
S
10.0.0.5
20.0.0.6
30.0.0.7
Routing table for R
To reach hosts on network route to
this address 20.0.0.0
deliver directly 30.0.0.0
deliver
directly 10.0.0.0
20.0.0.5 40.0.0.0
30.0.0.7
55Chapter 4 Internet Protocol-Part 1, IPv4
IPv4 Routing Concept
Choosing routes based on the destination network
ID alone has several consequences 1. All traffic
destined for a given network takes the same
path. Multiple paths are not used and all
traffic types follow the same path. 2. Only
the final router knows if the destination host
exists or is operational. Thus, we need to
arrange a way for that router to sends
reports of delivery problems back to source. 3.
Traffic from A to B may take different path from
B to A traffic. We need to ensure that
routers cooperate to ensure that two-way
communication is always possible.
56Chapter 4 Internet Protocol-Part 1, IPv4
IPv4 Routing Concept
Default Route
Even if we route by network ID, there are still
too many networks in the internet for the routing
table.
The idea is to have the IP routing software first
look in the routing table for the destination
network. If no route appears in the table, the
routing routines send the datagram to a
default router.
Default routing works well in host machines that
attach to a single physical network and reach
only one router leading to the remainder of the
Internet.
57Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
The original IP addressing scheme has a minor
weakness it fails to envision the growth of
Internet.
The large population of networks stresses the
entire Internet design because it means (1)
immense administrative overhead is required
merely to manage network addresses, (2)
the routing tables in routers are extremely
large, and (3) the address space will eventually
be exhausted.
For (2), it means that when routers exchange
information from their routing tables, the load
on the Internet is high, as is the computational
effort required in participating routers.
58Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
For (3), the original address scheme could not
accommodate the number of networks currently in
the global Internet. In particular, insufficient
class B prefixes exist to cover all medium-size
networks.
So the question is, "How can one minimize the
number of assigned network addresses, especially
class B, without destroying the original
addressing scheme?"
Implications 1. The same IP network prefix must
be shared by multiple physical networks. 2.
Class C must be used instead of Class B whenever
possible. 3. Routing procedures must be modified,
and all machines affected must understand
the convention used.
59Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
The idea of sharing one network address among
multiple physical networks takes several forms
transparent routers, proxy ARP, and standard IP
subnets.
To reduce the need for Class B network addresses,
the idea is to assign multiple class C addresses
in place of a class B address. However, we need
some classless routing capabilities.
60Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
The transparent router scheme is based on the
observation that a network can be extended
through a simple trick as
H1
All hosts appear to be in the same IP network.
Wide Area Network
R
T
H2
Regular router
Transparent router
H3
T is called a transparent router because other
hosts and routers on the WAN do not know it
exists.
H4
(Only one network address is needed)
61Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
Advantages of transparent router require fewer
network address support load balancing by using
multiple transparent routers Disadvantages only
work with networks that have a large address
space not conventional routers, do not provide
all the same services as standard routers
(e.g., they do not participate fully in ICMP
or SNMP functions, do not return ICMP Echo
requests)
62Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
The term proxy ARP, promiscuous ARP, and the ARP
hack refer to map a single IP network prefix into
two physical addresses. (Need two network ID
originally)The technique only applies to networks
that use ARP to bind internet addresses to
physical addresses.
Net 1
R
H1
H2
Net 2
Net 1 and Net 2 has the same network ID. When H1
sends to H2, H1 uses ARP to find H2's physical
address. R returns R's physical address. When H1
sends to R, R forwards it to H2.
63Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
Routers using the proxy ARP technique are taking
advantage of an important feature of the ARP
protocol, namely, trust.
Most hosts install mappings obtained through ARP
without checking their validity and without
maintaining consistency. Thus, it may happen that
the ARP table maps several IP addresses to the
same physical address.
Some implementations of ARP are not as lax as
others. It will alert the managers whenever two
distinct IP addresses map to the same physical
address. The purpose is to warn about spoofing, a
situation in which one machine claims to be
another in order to intercept packets.
64Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
The chief advantage of proxy ARP is that it can
be added to a single router on a network without
disturbing the routing tables in other hosts or
routers on that network.
The chief disadvantage of proxy ARP is that it
does not work for networks unless they use ARP
for address resolution. Furthermore, it does not
generalized to more complex network topology.
In fact, most implementations of proxy ARP rely
on managers to maintain tables of machines and
addresses manually, making it both time consuming
and prone to errors.
65Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
The third technique used to allow a single
network address to span multiple physical
networks is called subnet addressing, subnet
routing, or subnetting.
128.10.1.0
Rest of Internet
R
All traffic to 128.10.0.0
128.10.2.0
A single Class B network with two physical
networks
66Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
IP address
Local part
Internet part
Subnet scheme
Physical network
Host
Internet part
A form of hierarchical addressing
67Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
The number of bits assigned to subnet can be
selected on a per-network basis.
For example, an 8-bit subnet allows up to 256
networks, with up to 256 hosts per network.
Once a partition has been selected for a
particular network, all hosts and routers
attached to that network must use it. If they do
not, datagrams can be lost or misrouted.
68Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
Setting Up Subnets
- The IP protocol allows
- 127 Class A networks with 24-bit host fields
- 16383 Class B networks with 16-bit host fields
- over 2 million Class C networks with 8-bit host
fields
Routing can get very complicated as the number of
networks grows. For example, an organization
might give each local network a Class C number.
As the organization grows, administrating
network numbers may get out of hand. A
better idea is to allocate a few Class B network
numbers for each major division. Then divide
each Class B network into physical networks using
subnets.
69Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
Setting Up Subnets
When setting up network, you should select a
network-wide network mask. It determines which
bits in the IP address will represent the host
within the subnet.
If subnet has 8 bits, the subnet mask is
255.255.255.0. The first host on first subnet
is 140.118.1.1. If subnet has 10 bits, the
subnet mask is 255.255.255.192. The first host on
the first subnet is 140.118.0.65.
Example
Class B address
net address host address
subset address
host address
net address
70Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
The routing algorithm used with subnets maintains
additional information in the routing table. Each
table entry contains one additional field that
specifies the subnet mask used with the network
in that entry (subnet mask, network
address, next hop address)
The mask field is used to extract the network
part of an address during lookup.
if ( (maski dest_address)
Network_addressi) forward to NextHopi
For example, if destination address192.4.10.3,
then because 255.255.255.0192.4.10.3192.4.0.0,
choose 192.4.10.0 as the next hop.
71Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
Supernetting or supernet addressing takes an
opposite approach from subnet addressing. Instead
of using a single IP network address for
multiple physical network at a given
organization, supernetting allows the use of many
IP network addresses for a single organization.
To understand why supernetting was adopted, one
needs to know three facts 1. IP does not divide
network addresses into classes equally (Blt17
thousand, Cgt2 million) 2. Class C were being
requested slowly 3. Studies show class B would be
exhausted in only a few years. (ROADS
Running Out of ADdress Space problem)
72Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
To conserve class B numbers, the supernetting
scheme assigns an organization a block of class C
addresses instead of a single class B number.
For example, suppose an organization requests a
class B address that the organization intends to
subnet using the third octet as a subnet field.
Instead of a single class B number, supernetting
assigns the organization a block of 256 class C
numbers that the organization can then assign to
physical networks.
73Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
In supernetting, the information that routers
store and exchange increases dramatically. In
particular, instead of having one entry per
organization, a routing table contains many
entries.
A technique known as Classless Inter-Domain
Routing (CIDR) solves the problem. Conceptually,
CIDR collapses a block of contiguous class C
addresses into a single entry (network address,
count) where network address is the
smallest network address in the block, and count
specifies the total number of network addresses
in the block. For example, the pair (192.5.48.0,
3) can be used to specify the three network
addresses 192.5.48.0, 192.5.49.0, 192.5.50.0.
74Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
In practice, CIDR does not restrict network
numbers to class C addresses nor does it use an
integer count to specify a block size. Instead,
CIDR requires each block of addresses to be a
power of two, and uses a bit mask to identify
the size of the block.
For example, suppose an organization was
assigned a block of 2048 contiguous addresses
starting at address 234.170.168.0.
234.170.168.0 11101010 10101010 10101000
00000000 234.170.175.255 11101010 10101010
10101111 11111111
CIDR requires two values to specify the range of
values the lowest address (234.170.168.0) and a
32-bit mask (255.255.11111000,00000000)
(255.255.248.0).
75Chapter 4 Internet Protocol-Part 1, IPv4
Subnet and Supernet Addressing
When looking up a route, the routing software
does not interpret the destination address class.
Instead, each entry in the routing table contains
an address and a mask, and the routing software
uses a longest-match paradigm to select a route.
Another block definition
234.170.170.0 11101010 10101010 10101010
00000000 234.170.171.255 11101010 10101010
10101011 11111111
Routing entry 234.170.170.0 255.255.11111110.000
00000
A destination of 234.170.171.1 would match this
entry.
Thus a given block of addresses can be
subdivided, and separate routes can be entered
for each subdivision.