Weeks%205-7%20DNS,%20IP%20Addressing,%20IP%20Routing

1
Weeks 5-7DNS, IP Addressing, IP Routing

2
DNS Domain Name System

• People many identifiers
• SSN, name, passport
• Internet hosts, routers
• IP address (32 bit) - used for addressing
  datagrams
• name, e.g., www.yahoo.com - used by humans
• Q map between IP addresses and name ?

• Domain Name System
• distributed database implemented in hierarchy of
  many name servers
• application-layer protocol host, routers, name
  servers to communicate to resolve names
  (address/name translation)
• note core Internet function, implemented as
  application-layer protocol
• complexity at networks edge

3
DNS

• Why not centralize DNS?
• single point of failure
• traffic volume
• distant centralized database
• maintenance
• doesnt scale!

• DNS services
• Hostname to IP address translation
• Host aliasing
• Canonical and alias names
• Mail server aliasing
• Load distribution
• Replicated Web servers set of IP addresses for
  one canonical name

4
Distributed, Hierarchical Database

• Client wants IP for www.amazon.com 1st approx
• Client queries a root server to find com DNS
  server
• Client queries com DNS server to get amazon.com
  DNS server
• Client queries amazon.com DNS server to get IP
  address for www.amazon.com

5
DNS Root name servers

• contacted by local name server that can not
  resolve name
• root name server
• contacts authoritative name server if name
  mapping not known
• gets mapping
• returns mapping to local name server

13 root name servers worldwide
6
TLD and Authoritative Servers

• Top-level domain (TLD) servers responsible for
  com, org, net, edu, etc, and all top-level
  country domains uk, fr, ca, jp.
• Network solutions maintains servers for com TLD
• Educause for edu TLD
• Authoritative DNS servers organizations DNS
  servers, providing authoritative hostname to IP
  mappings for organizations servers (e.g., Web
  and mail).
• Can be maintained by organization or service
  provider

7
Local Name Server

• Does not strictly belong to hierarchy
• Each ISP (residential ISP, company, university)
  has one.
• Also called default name server
• When a host makes a DNS query, query is sent to
  its local DNS server
• Acts as a proxy, forwards query into hierarchy.

8
Example
root DNS server
2

• Host at cis.poly.edu wants IP address for
  gaia.cs.umass.edu

3
TLD DNS server
4
5
6
7
1
8
authoritative DNS server dns.cs.umass.edu
requesting host cis.poly.edu
gaia.cs.umass.edu
9
Recursive queries

• recursive query
• puts burden of name resolution on contacted name
  server
• heavy load?
• iterated query
• contacted server replies with name of server to
  contact
• I dont know this name, but ask this server

10
DNS caching and updating records

• once (any) name server learns mapping, it caches
  mapping
• cache entries timeout (disappear) after some time
• TLD servers typically cached in local name
  servers
• Thus root name servers not often visited
• update/notify mechanisms under design by IETF
• RFC 2136
• http//www.ietf.org/html.charters/dnsind-charter.h
  tml

11
DNS records

• DNS distributed db storing resource records (RR)

• TypeA
• name is hostname
• value is IP address

• TypeCNAME
• name is alias name for some cannonical (the
  real) name
• www.ibm.com is really
• servereast.backup2.ibm.com
• value is cannonical name

• TypeNS
• name is domain (e.g. foo.com)
• value is IP address of authoritative name server
  for this domain

• TypeMX
• value is name of mailserver associated with name

12
DNS protocol, messages

• DNS protocol query and reply messages, both
  with same message format

• msg header
• identification 16 bit for query, reply to
  query uses same
• flags
• query or reply
• recursion desired
• recursion available
• reply is authoritative

13
DNS protocol, messages
Name, type fields for a query
RRs in reponse to query
records for authoritative servers
additional helpful info that may be used
14
Inserting records into DNS

• Example just created startup Network Utopia
• Register name networkuptopia.com at a registrar
  (e.g., Network Solutions)
• Need to provide registrar with names and IP
  addresses of your authoritative name server
  (primary and secondary)
• Registrar inserts two RRs into the com TLD
  server
• (networkutopia.com, dns1.networkutopia.com, NS)
• (dns1.networkutopia.com, 212.212.212.1, A)
• Put in authoritative server Type A record for
  www.networkuptopia.com and Type MX record for
  networkutopia.com
• How do people get the IP address of your Web
  site?

15
Network Layer

• Goals
• understand principles behind network layer
  services
• routing (path selection)
• dealing with scale
• how a router works
• advanced topics IPv6, mobility
• instantiation and implementation in the Internet

16
Network Layer

• Introduction
• Virtual circuit and datagram networks
• Whats inside a router
• IP Internet Protocol
• Datagram format
• IPv4 addressing
• ICMP
• IPv6

• Routing algorithms
• Link state
• Distance Vector
• Hierarchical routing
• Routing in the Internet
• RIP
• OSPF
• BGP
• Broadcast and multicast routing

17
Network layer

• transport segment from sending to receiving host
• on sending side encapsulates segments into
  datagrams
• on rcving side, delivers segments to transport
  layer
• network layer protocols in every host, router
• Router examines header fields in all IP datagrams
  passing through it

18
Key Network-Layer Functions

• analogy
• routing process of planning trip from source to
  dest
• forwarding process of getting through single
  interchange

• forwarding move packets from routers input to
  appropriate router output
• routing determine route taken by packets from
  source to dest.
• Routing algorithms

19
Interplay between routing and forwarding
20
Connection setup

• 3rd important function in some network
  architectures
• ATM, frame relay, X.25
• Before datagrams flow, two hosts and intervening
  routers establish virtual connection
• Routers get involved
• Network and transport layer cnctn service
• Network between two hosts
• Transport between two processes

21
Network service model
Q What service model for channel transporting
datagrams from sender to rcvr?

• Example services for a flow of datagrams
• In-order datagram delivery
• Guaranteed minimum bandwidth to flow
• Restrictions on changes in inter-packet spacing

• Example services for individual datagrams
• guaranteed delivery
• Guaranteed delivery with less than 40 msec delay

22
Network layer service models
Guarantees ?
Network Architecture Internet ATM ATM ATM ATM
Service Model best effort CBR VBR ABR UBR
Congestion feedback no (inferred via
loss) no congestion no congestion yes no
Bandwidth none constant rate guaranteed rate gua
ranteed minimum none
Loss no yes yes no no
Order no yes yes yes yes
Timing no yes yes no no
23
Network layer connection and connection-less
service

• Datagram network provides network-layer
  connectionless service
• VC network provides network-layer connection
  service
• Analogous to the transport-layer services, but
• Service host-to-host
• No choice network provides one or the other
• Implementation in the core

24
Virtual circuits

• source-to-dest path behaves much like telephone
  circuit
• performance-wise
• network actions along source-to-dest path

• call setup, teardown for each call before data
  can flow
• each packet carries VC identifier (not
  destination host address)
• every router on source-dest path maintains
  state for each passing connection
• link, router resources (bandwidth, buffers) may
  be allocated to VC

25
VC implementation

• A VC consists of
• Path from source to destination
• VC numbers, one number for each link along path
• Entries in forwarding tables in routers along
  path
• Packet belonging to VC carries a VC number.
• VC number must be changed on each link.
• New VC number comes from forwarding table

26
Forwarding table
Forwarding table in northwest router
Routers maintain connection state information!
27
Virtual circuits signaling protocols

• used to setup, maintain teardown VC
• used in ATM, frame-relay, X.25
• not used in todays Internet

6. Receive data
5. Data flow begins
4. Call connected
3. Accept call
1. Initiate call
2. incoming call
28
Datagram networks

• no call setup at network layer
• routers no state about end-to-end connections
• no network-level concept of connection
• packets forwarded using destination host address
• packets between same source-dest pair may take
  different paths

1. Send data
2. Receive data
29
Forwarding table
4 billion possible entries
Destination Address Range
Link
Interface 11001000 00010111 00010000
00000000
through
0 11001000
00010111 00010111 11111111 11001000
00010111 00011000 00000000
through
1
11001000 00010111 00011000 11111111
11001000 00010111 00011001 00000000
through

2 11001000 00010111 00011111 11111111
otherwise

3
30
Longest prefix matching
Prefix Match
Link Interface
11001000 00010111 00010
0 11001000 00010111
00011000 1
11001000 00010111 00011
2
otherwise
3
Examples
Which interface?
DA 11001000 00010111 00010110 10100001
Which interface?
DA 11001000 00010111 00011000 10101010
31
Datagram or VC network why?

• Internet
• data exchange among computers
• elastic service, no strict timing req.
• smart end systems (computers)
• can adapt, perform control, error recovery
• simple inside network, complexity at edge
• many link types
• different characteristics
• uniform service difficult

• ATM
• evolved from telephony
• human conversation
• strict timing, reliability requirements
• need for guaranteed service
• dumb end systems
• telephones
• complexity inside network

32
Router Architecture Overview

• Two key router functions
• run routing algorithms/protocol (RIP, OSPF, BGP)
• forwarding datagrams from incoming to outgoing
  link

33
Input Port Functions
Physical layer bit-level reception

• Decentralized switching
• given datagram dest., lookup output port using
  forwarding table in input port memory
• goal complete input port processing at line
  speed
• queuing if datagrams arrive faster than
  forwarding rate into switch fabric

Data link layer e.g., Ethernet see chapter 5
34
Three types of switching fabrics
35
Switching Via Memory

• First generation routers
• traditional computers with switching under
  direct control of CPU
• packet copied to systems memory
• speed limited by memory bandwidth (2 bus
  crossings per datagram)

36
Switching Via a Bus

• datagram from input port memory
• to output port memory via a shared bus
• bus contention switching speed limited by bus
  bandwidth
• 1 Gbps bus, Cisco 1900 sufficient speed for
  access and enterprise routers (not regional or
  backbone)

37
Switching Via An Interconnection Network

• overcome bus bandwidth limitations
• Banyan networks, other interconnection nets
  initially developed to connect processors in
  multiprocessor
• Advanced design fragmenting datagram into fixed
  length cells, switch cells through the fabric.
• Cisco 12000 switches Gbps through the
  interconnection network

38
Output Ports

• Buffering required when datagrams arrive from
  fabric faster than the transmission rate
• Scheduling discipline chooses among queued
  datagrams for transmission

39
Output port queueing

• buffering when arrival rate via switch exceeds
  output line speed
• queueing (delay) and loss due to output port
  buffer overflow!

40
Input Port Queuing

• Fabric slower than input ports combined -gt
  queueing may occur at input queues
• Head-of-the-Line (HOL) blocking queued datagram
  at front of queue prevents others in queue from
  moving forward
• queueing delay and loss due to input buffer
  overflow!

41
The Internet Network layer

• Host, router network layer functions

Transport layer TCP, UDP
Network layer
Link layer
physical layer
42
IP datagram format

• how much overhead with TCP?
• 20 bytes of TCP
• 20 bytes of IP
• 40 bytes app layer overhead

43
IP Fragmentation Reassembly

• network links have MTU (max.transfer size) -
  largest possible link-level frame.
• different link types, different MTUs
• large IP datagram divided (fragmented) within
  net
• one datagram becomes several datagrams
• reassembled only at final destination
• IP header bits used to identify, order related
  fragments

fragmentation in one large datagram out 3
smaller datagrams
reassembly
44
IP Fragmentation and Reassembly

• Example
• 4000 byte datagram
• MTU 1500 bytes

1480 bytes in data field
offset 1480/8
45
IP Addressing introduction
223.1.1.1

• IP address 32-bit identifier for host, router
  interface
• interface connection between host/router and
  physical link
• routers typically have multiple interfaces
• host may have multiple interfaces
• IP addresses associated with each interface

223.1.2.9
223.1.1.4
223.1.1.3
223.1.1.1 11011111 00000001 00000001 00000001
223
1
1
1
46
IP Addressing

• Internet Scaling Problems
• In the early nineties, the Internet has
  experienced two major scaling issues as it has
  struggled to provide continuous and uninterrupted
  growth
• The eventual exhaustion of the IPv4 address space
  
• The ability to route traffic between the ever
  increasing number of networks that comprise the
  Internet
• The first problem is concerned with the eventual
  depletion of the IP address space. The current
  version of IP, IP version 4 (IPv4), defines a
  32-bit address which means that there are only 2
  32 (4,294,967,296) IPv4 addresses available. This
  might seem like a large number of addresses, but
  as new markets open and a significant portion of
  the world's population becomes candidates for IP
  addresses, the finite number of IP addresses will
  eventually be exhausted.

47
IP Addressing

• The address shortage problem is aggravated by the
  fact that portions of the IP address space have
  not been efficiently allocated. Also, the
  traditional model of classful addressing does not
  allow the address space to be used to its maximum
  potential.
• The Address Lifetime Expectancy (ALE) Working
  Group of the IETF has expressed concerns that if
  the current address allocation policies are not
  modified, the Internet will experience a near to
  medium term exhaustion of its unallocated address
  pool. If the Internet's address supply problem is
  not solved, new users may be unable to connect to
  the global Internet!

48
Trends
49
Classful IP Addressing
One of the fundamental features of classful IP
addressing is that each address contains a
self-encoding key that identifies the dividing
point between the network prefix and the
host-number.
50
Class A Networks

• Each Class A network address has an 8-bit
  network-prefix with the highest order bit set to
  0 and a seven-bit network number, followed by a
  24-bit host-number.
• Today, it is no longer considered 'modern' to
  refer to a Class A network. Class A networks are
  now referred to as "/8s" (pronounced "slash
  eight" or just "eights") since they have an 8-bit
  network-prefix.

51
Class A Networks

• A maximum of 126 (27 -2) /8 networks can be
  defined. The calculation requires that the 2 is
  subtracted because the /8 network 0.0.0.0 is
  reserved for use as the default route and the /8
  network 127.0.0.0 (also written 127/8 or
  127.0.0.0/8) has been reserved for the "loopback"
  function.
• Each /8 supports a maximum of 16,777,214 (224
  -2) hosts per network. The host calculation
  requires that 2 is subtracted because the all-0s
  ("this network") and all-1s ("broadcast")
  host-numbers may not be assigned to individual
  hosts.
• The /8 address space is 50 of the total IPv4
  unicast address space.

52
Classful Addressing Continued

• Class B Networks
• Each Class B network address has a 16-bit
  network-prefix with the two highest order bits
  set to 1-0 and a 14-bit network number, followed
  by a 16-bit host-number.
• Class B networks are now referred to as"/16s"
  since they have a 16-bit network-prefix.A maximum
  of 16,384 (214 ) /16 networks can be defined
  with up to 65,534 (216 -2) hosts per network, it
  represents 25 of the total IPv4 unicast address
  space.

53
Classful Addressing Continued

• Class C Networks
• Each Class C network address has a 24-bit
  network-prefix with the three highest order bits
  set to 1-1-0 and a 21-bit network number,
  followed by an 8-bit host-number.
• Class C networks are now referred to as "/24s"
  since they have a 24-bit network-prefix.
• A maximum of 2,097,152 (221 ) /24 networks can
  be defined with up to 254 (28 -2) hosts per
  network. It represents 12.5 (or 1/8th) of the
  total IPv4 unicast address space.
• Other Classes
• Class D addresses have their leading four-bits
  set to 1-1-1-0 and are used to support IP
  Multicasting. Class E addresses have their
  leading four-bits set to 1-1-1-1 and are reserved
  for experimental use.

54
Dotted Decimal Notation
Dotted-decimal notation divides the 32-bit
Internet address into four 8-bit (byte) fields
and specifies the value of each field
independently as decimal number with the fields
separated by dots.
55
Limitations to Classful Addressing

• During the early days of the Internet, the
  seemingly unlimited address space allowed IP
  addresses to be allocated to an organization
  based on its request rather than its actual need.
  As a result, addresses were freely assigned to
  those who asked for them without concerns about
  the eventual depletion of the IP address space.
• The decision to standardize on a 32-bit address
  space meant that there were only 232
  (4,294,967,296) IPv4 addresses available. A
  decision to support a slightly larger address
  space would have exponentially increased the
  number of addresses thus eliminating the current
  address shortage problem.

56
Limitations to Classful Addressing

• The classful A, B, and C octet boundaries were
  easy to understand and implement, but they did
  not foster the efficient allocation of a finite
  address space. Problems resulted from the lack of
  a network class that was designed to support
  medium-sized organizations.
• A /24, which supports 254 hosts, is too small
  while a /16, which supports 65,534 hosts, is too
  large.
• In the past, the Internet has assigned sites with
  several hundred hosts a single /16 address
  instead of a couple of /24s addresses.
  Unfortunately, this has resulted in a premature
  depletion of the /16 network address space. The
  only readily available addresses for medium-size
  organizations are /24s which have the potentially
  negative impact of increasing the size of the
  global Internet's routing table.

57
Subnetting

• In 1985, RFC 950 defined a standard procedure to
  support the subnetting, or division, of a single
  Class A, B, or C network number into smaller
  pieces.
• Subnetting was introduced to overcome some of the
  problems that parts of the Internet were
  beginning to experience with the classful
  two-level addressing hierarchy
• Internet routing tables were beginning to grow.
• Local administrators had to request another
  network number from the Internet before a new
  network could be installed at their site.
• Three-level
• hierarchy is used

58
Subnetting
59
What did subnetting bring?

• Subnetting attacked the expanding routing table
  problem by ensuring that the subnet structure of
  a network is never visible outside of the
  organization's private network.
• The route from the Internet to any subnet of a
  given IP address is the same, no matter which
  subnet the destination host is on. This is
  because all subnets of a given network number use
  the same network-prefix but different subnet
  numbers.
• The routers within the private organization need
  to differentiate between the individual subnets,
  but as far as the Internet routers are concerned,
  all of the subnets in the organization are
  collected into a single routing table entry.

60
Subnetting contd

• This allows the local administrator to introduce
  arbitrary complexity into the private network
  without affecting the size of the Internet's
  routing tables.
• Subnetting overcame the registered number issue
  by assigning each organization one (or at most a
  few) network number(s) from the IPv4 address
  space. The organization was then free to assign a
  distinct subnetwork number for each of its
  internal networks.
• This allows the organization to deploy additional
  subnets without needing to obtain a new network
  number from the Internet.

61
Example

• The size of the global Internet routing table
  does not grow because the site administrator does
  not need to obtain additional address space and
  the routing advertisements for all of the subnets
  are combined into a single routing table entry.
• The local administrator has the flexibility to
  deploy additional subnets without obtaining a new
  network number from the Internet.
• Route flapping (i.e., the rapid changing of
  routes) within the private network does not
  affect the Internet routing table

62
Extended Network Prefix
Internet routers use only the network-prefix of
the destination address to route traffic to a
subnetted environment. Routers within the
subnetted environment use the extended-network-pre
fix to route traffic between the individual
subnets. The extended-network-prefix is composed
of the classful network-prefix and the
subnet-number.
130.5.5.25/24 notation is used to describe the
IP address
63
Subnet Design Considerations

• 1) How many total subnets does the organization
  need today?
• 2) How many total subnets will the organization
  need in the future?
• 3) How many hosts are there on the organization's
  largest subnet today?
• 4) How many hosts will there be on the
  organization's largest subnet in the future?

64
Subnet Design Considerations

• The first step in the planning process is to take
  the maximum number of subnets required and round
  up to the nearest power of two. For example, if a
  organization needs 9 subnets, 23 (or 8) will not
  provide enough subnet addressing space, so the
  network administrator will need to round up to
  24 (or 16). Also leave room for growth.
• The second step is to make sure that there are
  enough host addresses for the organization's
  largest subnet. If the largest subnet needs to
  support 50 host addresses today, 25 (or 32) will
  not provide enough host address space so the
  network administrator will need to round up to
  26 (or 64).
• The final step is to make sure that the
  organization's address allocation provides enough
  bits to deploy the required subnet addressing
  plan.

65
Subnet Example

• An organization has been assigned the network
  number 193.1.1.0/24 and it needs to define six
  subnets. The largest subnet is required to
  support 25 hosts.

66
Subnet example contd

• A 27-bit extended-network-prefix leaves 5 bits to
  define host addresses on each subnet.
• This means that each subnetwork with a 27-bit
  prefix represents a contiguous block of 25 (32)
  individual IP addresses. However, since the
  all-0s and all-1s host addresses cannot be
  allocated, there are 30 (25 -2) assignable host
  addresses on each subnet.

67
Example Continued
Base Net 11000001.00000001.00000001 .00000000
193.1.1.0/24 Subnet 0 11000001.00000001.000000
01. 000 00000 193.1.1.0/27 Subnet 1
11000001.00000001.00000001. 001 00000
193.1.1.32/27 Subnet 2 11000001.00000001.0000000
1. 010 00000 193.1.1.64/27 Subnet 3
11000001.00000001.00000001. 011 00000
193.1.1.96/27 Subnet 4 11000001.00000001.0000000
1. 100 00000 193.1.1.128/27 Subnet 5
11000001.00000001.00000001. 101 00000
193.1.1.160/27 Subnet 6 11000001.00000001.000000
01. 110 00000 193.1.1.192/27 Subnet 7
11000001.00000001.00000001. 111 00000
193.1.1.224/27
Subnets
Subnet 6 11000001.00000001.00000001.110 00000
193.1.1.192/27 Host 1 11000001.00000001.00000001
.110 00001 193.1.1.193/27 Host 2
11000001.00000001.00000001.110 00010
193.1.1.194/27 Host 3 11000001.00000001.00000001
.110 00011 193.1.1.195/27 . . Host 28
11000001.00000001.00000001.110 11100
193.1.1.220/27 Host 29 11000001.00000001.0000000
1.110 11101 193.1.1.221/27 Host 30
11000001.00000001.00000001.110 11110
193.1.1.222/27
Hosts belonging to Subnet 6
68
Variable Length Subnet Masks

• In 1987, RFC 1009 specified how a subnetted
  network could use more than one subnet mask. When
  an IP network is assigned more than one subnet
  mask, it is considered a network with "variable
  length subnet masks" (VLSM) since the
  extended-network-prefixes have different lengths.
• There are several advantages to be gained if more
  than one subnet mask can be assigned to a given
  IP network number
• Multiple subnet masks permit more efficient use
  of an organization's assigned IP address space.
• Multiple subnet masks permit route aggregation
  which can significantly reduce the amount of
  routing information at the "backbone" level
  within an organization's routing domain.
• Example. A /16 network with a /22
  extended-network prefix permits 64 subnets each
  of which supports a maximum of 1,022 hosts.
• This is fine if the organization wants to deploy
  a number of large subnets, but what about the
  occasional small subnet containing only 20 or 30
  hosts? Since a subnetted network could have only
  a single mask, the network administrator was
  still required to assign the 20 or 30 hosts to a
  subnet with a 22-bit prefix. This assignment
  would waste approximately 1,000 IP host addresses
  for each small subnet deployed!

69
Example Continued

• One solution to this problem was to allow a
  subnetted network to be assigned more than one
  subnet mask.
• Assume that in the previous example, the network
  administrator is also allowed to configure the
  130.5.0.0/16 network with a /26
  extended-network-prefix.
• A /26 extended-network prefix permits 1024
  subnets (210 ), each of which supports a maximum
  of 62 hosts (26 -2).
• The /26 prefix would be ideal for small subnets
  with less than 60 hosts, while the /22 prefix is
  well suited for larger subnets containing up to
  1000 hosts.

70
Recursive Definition of an Organizations Address
Space
sub-subnet
sub2-subnet
subnet
The 11.0.0.0/8 network is first configured with a
/16 extended-network-prefix. The 11.1.0.0/16
subnet is then configured with a /24
extended-network-prefix 11.253.0.0/16 subnet is
configured with a /19 extended-network-prefix.
Note that the recursive process does not require
that the same extended-network-prefix be assigned
at each level of the recursion. Also, the
recursive sub-division of the organization's
address space can be carried out as far as the
network administrator needs to take it.
71
Route Aggregation
72
Requirements for VLSM Design

• The successful deployment of VLSM has three
  prerequisites
• The routing protocols must carry
  extended-network-prefix information with each
  route advertisement.
• The bottom line is that if you want to deploy
  VLSM in a complex topology, you must select OSPF
  or IS-IS as the Interior Gateway Protocol (IGP)
  rather than RIP-1!
• It should be mentioned that RIP-2, defined in RFC
  1388, improves the RIP protocol by allowing it to
  carry extended-network-prefix information.
  Therefore, RIP-2 supports the deployment of VLSM.
• All routers must implement a consistent
  forwarding algorithm based on the "longest
  match.. A route with a longer extended-network-pr
  efix is said to be "more specific" while a route
  with a shorter extended-network-prefix is said to
  be "less specific.
• For route aggregation to occur, addresses must be
  assigned so that they have topological
  significance.

73
Classless Inter Domain Routing (CIDR)

• By 1992, the exponential growth of the Internet
  was beginning to raise serious concerns among
  members of the IETF about the ability of the
  Internet's routing system to scale and support
  future growth. These problems were related to
• The near-term exhaustion of the Class B network
  address space
• The rapid growth in the size of the global
  Internet's routing tables
• The eventual exhaustion of the 32-bit IPv4
  address space

74
CIDR

• CIDR was officially documented in September 1993
  in RFC 1517, 1518, 1519, and 1520. CIDR supports
  two important features that benefit the global
  Internet routing system
• CIDR eliminates the traditional concept of Class
  A, Class B, and Class C network addresses. This
  enables the efficient allocation of the IPv4
  address space which will allow the continued
  growth of the Internet until IPv6 is deployed.
• CIDR supports route aggregation where a single
  routing table entry can represent the address
  space of perhaps thousands of traditional
  classful routes. This allows a single routing
  table entry to specify how to route traffic to
  many individual network addresses. Route
  aggregation helps control the amount of routing
  information in the Internet's backbone routers,
  reduces route flapping (rapid changes in route
  availability), and eases the local administrative
  burden of updating external routing information.
• Without the rapid deployment of CIDR in 1994 and
  1995, the Internet routing tables would have in
  excess of 70,000 routes (instead of the current
  30,000) and the Internet would probably not be
  functioning today!

75
CIDR

• CIDR eliminates the traditional concept of Class
  A, Class B, and Class C network addresses and
  replaces them with the generalized concept of a
  "network-prefix."
• Routers use the network-prefix, rather than the
  first 3 bits of the IP address, to determine the
  dividing point between the network number and the
  host number. As a result, CIDR supports the
  deployment of arbitrarily sized networks rather
  than the standard 8-bit, 16-bit, or 24-bit
  network numbers associated with classful
  addressing.
• In the CIDR model, each piece of routing
  information is advertised with a bit mask (or
  prefix-length). The prefix-length is a way of
  specifying the number of leftmost contiguous bits
  in the network-portion of each routing table
  entry.
• Example. All prefixes with a /20 prefix represent
  the same amount of address space (212 or 4,096
  host addresses). Furthermore, a /20 prefix can be
  assigned to a traditional Class A, Class B, or
  Class C network number.

76
CIDR Address Blocks
77
Efficient Address Allocation

• Assume that an ISP has been assigned the address
  block 206.0.64.0/18. This block represents 16,384
  (214 ) IP addresses which can be interpreted as
  64 /24s.
• If a client requires 800 host addresses, rather
  than assigning a Class B (and wasting 64,700
  addresses) or four individual Class Cs (and
  introducing 4 new routes into the global Internet
  routing tables), the ISP could assign the client
  the address block 206.0.68.0/22, a block of 1,024
  (210 ) IP addresses (4 contiguous /24s).

78
CIDR Address Allocation Example

• For this example, assume that an ISP owns the
  address block 200.25.0.0/16. This block
  represents 65, 536 (216 ) IP addresses (or 256
  /24s).
• From the 200.25.0.0/16 block it wants to allocate
  the 200.25.16.0/20 address block. This smaller
  block represents 4,096 (212 ) IP addresses (or
  16 /24s).
• If you look at the ISP's /20 address block as a
  pie, in a classful environment it can only be cut
  into 16 equal-size pieces.

79
CIDR Address Allocation

• However, in a classless environment, the ISP is
  free to cut up the pie any way it wants.
• It could slice up the original pie into 2 pieces
  (each 1/2 of the address space) and assign one
  portion to Organization A, then cut the other
  half into 2 pieces (each 1/4 of the address
  space) and assign one piece to Organization B,
  and finally slice the remaining fourth into 2
  pieces (each 1/8 of the address space) and assign
  it to Organization C and Organization D.
• Each of the individual organizations is free to
  allocate the address space within its
  "Intranetwork" as it sees fit.

80
CIDR vs VLSM

• CIDR has the same familiar look and feel of VLSM
• CIDR and VLSM are essentially the same thing
  since they both allow a portion of the IP address
  space to be recursively divided into subsequently
  smaller pieces.
• The difference is that with VLSM, the recursion
  is performed on the address space previously
  assigned to an organization and is invisible to
  the global Internet. CIDR, on the other hand,
  permits the recursive allocation of an address
  block by an Internet Registry to a high-level
  ISP, to a mid-level ISP, to a low-level ISP, and
  finally to a private organization's network.
• Just like VLSM, the successful deployment of CIDR
  has three prerequisites
• The routing protocols must carry network-prefix
  information with each route advertisement.
• All routers must implement a consistent
  forwarding algorithm based on the "longest
  match.
• For route aggregation to occur, addresses must be
  assigned so that they are topologically
  significant.

81
Controlling the Growth of Internet's Routing
Tables

• Within a domain, detailed information is
  available about all of the networks that reside
  in the domain.
• Outside of an addressing domain, only the
  common network prefix is advertised. This allows
  a single routing table entry to specify a route
  to many individual network addresses.

82
Routing In a Classless Envir.
Organization A using ISP1 and its addresses
Organization A using ISP2 and ISP1s addresses
83
Example Continued

• The "best" thing for the size of the Internet's
  routing tables would be to have Organization A
  obtain a block of ISP 2's address space and
  renumber.
• This would allow the eight networks assigned to
  Organization A to be hidden behind the aggregate
  routing advertisement of ISP 2.
• Unfortunately, renumbering is a labor-intensive
  task which could be very difficult, if not
  impossible, for Organization A.

• Let the ISP2 inject a specific route
  200.25.16.0/21 to the Internet
• Longest prefix match algorithms will make sure
  that Org A traffic will go through ISP2 at the
  expense of specific routes in the routing table

84
Address Allocation in the Private Internet

• RFC 1918 requests that organizations make use of
  the private Internet address space for hosts that
  require IP connectivity within their enterprise
  network, but do not require external connections
  to the global Internet.
• For this purpose, the IANA has reserved the
  following three address blocks for private
  internets
• 10.0.0.0 - 10.255.255.255 (10/8 prefix)
• 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
• 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
• Any organization that elects to use addresses
  from these reserved blocks can do so without
  contacting the IANA or an Internet registry.
• Since these addresses are never injected into the
  global Internet routing system, the address space
  can simultaneously be used by many different
  organizations.
• The disadvantage to this addressing scheme is
  that it requires an organization to use a Network
  Address Translator (NAT).

85
NAT Network Address Translation
rest of Internet
local network (e.g., home network) 10.0.0/24
10.0.0.1
10.0.0.4
10.0.0.2
138.76.29.7
10.0.0.3
Datagrams with source or destination in this
network have 10.0.0/24 address for source,
destination (as usual)
All datagrams leaving local network have same
single source NAT IP address 138.76.29.7, differe
nt source port numbers
86
NAT Network Address Translation

• Motivation local network uses just one IP
  address as far as outside word is concerned
• no need to be allocated range of addresses from
  ISP - just one IP address is used for all
  devices
• can change addresses of devices in local network
  without notifying outside world
• can change ISP without changing addresses of
  devices in local network
• devices inside local net not explicitly
  addressable, visible by outside world (a security
  plus).

87
NAT Network Address Translation

• Implementation NAT router must
• outgoing datagrams replace (source IP address,
  port ) of every outgoing datagram to (NAT IP
  address, new port )
• . . . remote clients/servers will respond using
  (NAT IP address, new port ) as destination
  addr.
• remember (in NAT translation table) every (source
  IP address, port ) to (NAT IP address, new port
  ) translation pair
• incoming datagrams replace (NAT IP address, new
  port ) in dest fields of every incoming datagram
  with corresponding (source IP address, port )
  stored in NAT table

88
NAT Network Address Translation
NAT translation table WAN side addr LAN
side addr
138.76.29.7, 5001 10.0.0.1, 3345

10.0.0.1
10.0.0.4
10.0.0.2
138.76.29.7
10.0.0.3
4 NAT router changes datagram dest addr
from 138.76.29.7, 5001 to 10.0.0.1, 3345
3 Reply arrives dest. address 138.76.29.7,
5001
89
NAT Network Address Translation

• 16-bit port-number field
• 60,000 simultaneous connections with a single
  LAN-side address!
• NAT is controversial
• routers should only process up to layer 3
• violates end-to-end argument
• NAT possibility must be taken into account by app
  designers, eg, P2P applications
• address shortage should instead be solved by IPv6

90
ICMP Internet Control Message Protocol

• used by hosts routers to communicate
  network-level information
• error reporting unreachable host, network, port,
  protocol
• echo request/reply (used by ping)
• network-layer above IP
• ICMP msgs carried in IP datagrams
• ICMP message type, code plus first 8 bytes of IP
  datagram causing error

Type Code description 0 0 echo
reply (ping) 3 0 dest. network
unreachable 3 1 dest host
unreachable 3 2 dest protocol
unreachable 3 3 dest port
unreachable 3 6 dest network
unknown 3 7 dest host unknown 4
0 source quench (congestion
control - not used) 8 0
echo request (ping) 9 0 route
advertisement 10 0 router
discovery 11 0 TTL expired 12 0
bad IP header