Internet Protocols The Internet emerged from the development of the TCP/IP protocol suite. TCP stands for Transmission Control Protocol and IP for Internet Protocol. Many application services and application-level protocols now exist based on TCP/IP including: The Web (HTTP). E-mail (SMTP, POP). File transfer (FTP). Net News (NNTP). Telnet (telnet).
Internet Protocols TCP/IP layers Message Layers Application Messages (UDP) or Streams (TCP) Application Transport Internet UDP or TCP packets IP datagrams Network-specific frames Message Layers Underlying network Network interface TCP/IP layers
Figure 3.13 Encapsulation in a message transmitted via TCP over an Ethernet Application message TCP header IP header Ethernet header Ethernet frame port TCP IP
Internet Protocols TCP is a transport protocol that can be used to support applications directly or additional protocols can be layered on it to provide additional features. TCP is a reliable connection-oriented protocol used to transport streams of data. Another transport protocol (User Datagram Protocol UDP) is used to meet traditional message-based communication. IP is the underlying network protocol that provide the basic transmission mechanism for the Internet and other subnets. Success of TCP/IP is based on their independence of underlying transmission technology enabling internetworks to built up from many heterogeneous networks and data links.
Three different kinds of addresses Host names (e.g., www.cnn.com) IP addresses (e.g., 64.236.16.20) MAC addresses (e.g., 00-15-C5-49-04-A9)
MAC Address vs. IP Address MAC addresses Hard-coded in read-only memory when adaptor is built Like a social security number Flat name space of 48 bits (e.g., 00-0E-9B-6E-49-76) Portable, and can stay the same as the host moves Used to get packet between interfaces on same network IP addresses Configured, or learned dynamically Like a postal mailing address Hierarchical name space of 32 bits (e.g., 12.178.66.9) Not portable, and depends on where the host is attached Used to get a packet to destination IP subnet 7 7
Protocol Layering: The Internet is build this way TCP—Transmission Control Protocol, reliable connect-oriented transfer of a byte stream. TCP UDP Internet Protocol
Protocol Layering: The Internet is build this way UDP—User Datagram Protocol, best-effort connectionless transfer of individual messages. UDP just sends or receives raw packets with a best-effort approach, also layered above IP TCP UDP Internet Protocol
Protocol Layering: The Internet is build this way DNS, VoIP, and many more applications use UDP packets to communicate data SSH, FTP, HTTP, SMTP DNS, VoIP TCP UDP Internet Protocol
Layers in the Example 11
Layers in the Example Send the datagram to 128.143.7.21 Send HTTP Request to neon Establish a connection to 128.143.71.21 at port 80 Open TCP connection to 128.143.71.21 port 80 IP datagram is a TCP segment for port 80 Send a datagram (which contains a connection request) to 128.143.71.21 Send IP data-gram to 128.143.71.21 Send IP datagram to 128.143.71.21 Frame is an IP datagram Frame is an IP datagram Send the datagram to 128.143.137.1 Send the datagram to 128.143.7.21 Send Ethernet frame to 00:e0:f9:23:a8:20 Send Ethernet frame to 00:20:af:03:98:28 12
Layers and Services Service provided by TCP to HTTP: reliable transmission of data over a logical connection Service provided by IP to TCP: unreliable transmission of IP datagrams across an IP network Service provided by Ethernet to IP: transmission of a frame across an Ethernet segment Other services: DNS: translation between domain names and IP addresses ARP: Translation between IP addresses and MAC addresses 13
Sending a packet from Argon to Neon 14
Sending a packet from Argon to Neon 128.143.71.21 is not on my local network. Therefore, I need to send the packet to my default gateway with address 128.143.137.1 Sending a packet from Argon to Neon 128.143.71.21 is on my local network. Therefore, I can send the packet directly. DNS: What is the IP address of “neon.tcpip-lab.edu”? DNS: The IP address of “neon.tcpip-lab.edu” is 128.143.71.21 ARP: What is the MAC address of 128.143.137.1? ARP: The MAC address of 128.143.137.1 is 00:e0:f9:23:a8:20 ARP: What is the MAC address of 128.143.71.21? ARP: The MAC address of 128.143.137.1 is 00:20:af:03:98:28 frame frame 15
A programmer’s conceptual view of an Internet TCP/IP Internet Protocols Application Application TCP UDP IP A programmer’s conceptual view of an Internet TCP/IP
Internet Protocols IP Addressing Used scheme for assigning addresses to networks and the computers connected to them must satisfy the following requirements: Universal: any host on Internet can send a message to any other. Assign Unique IP address to each host in the Internet. Sufficient: defining large addressing space and using it efficiently. IPv4 (1984): 32-bit addresses for 232 (~ 4 billion) addresses, but insufficient due to: i) Unforeseen growth of internet. ii) Inefficient use of address space. IPv6 (1994): 128-bit addresses for 2128 (~ 3x1038) addressable nodes. Routing: support a flexible and efficient routing scheme, but addresses themselves should not contain routing information.
Internet Protocols IP Addressing The IP address: 32-bit numeric identifier containing: A unique network identifier within the Internet, allocated by the Internet Network Information Center (NIC). A unique host identifier within that network, assigned by its manager. Written as a sequence of four decimal numbers separated by dots. Has equivalent symbolic domain name represented in a hierarchy. Has five classes: Class A: reserved for very large networks (224 hosts on each). Class B: allocated for organization networks contain more than 255 hosts. Class C: allocated to all other networks (less than 255 hosts on each). Class D: reserved for multicasting but this is not supported by all routers. Class E: unallocated addresses reserved for future requirements.
Internet Protocols IP Addressing Internet addressing structure
Internet Protocols IP Addressing octet 1 octet 2 octet 3 Range of addresses Network ID Host ID 1.0.0.0 to Class A: 1 to 127 0 to 255 0 to 255 0 to 255 127.255.255.255 Network ID Host ID Class B: 128.0.0.0 to 128 to 191 0 to 255 0 to 255 0 to 255 191.255.255.255 Network ID Host ID 192.0.0.0 to Class C: 192 to 223 0 to 255 0 to 255 1 to 254 223.255.255.255 Multicast address 224.0.0.0 to Class D (multicast): 224 to 239 0 to 255 0 to 255 1 to 254 239.255.255.255 240.0.0.0 to Class E (reserved): 240 to 255 0 to 255 0 to 255 1 to 254 255.255.255.255 Decimal representation of Internet addressing
Internet Protocols IP Protocol Transmits datagrams from one host to another via intermediate routers with the following characteristics: No guarantee of delivery. Duplication possible. Unbounded delay. No order preservation.
Internet Protocols IP Protocol When an IP datagram (up to 64 Kbytes) is longer than the Maximum Transfer Unit (MTU) of the underlying network: It is broken into smaller packets at the source and reassembled at its final destination. Each packet has a fragment identifier to enable out-of-order fragments to be collected. data IP address of destination IP address of source header up to 64 kilobytes IP packet layout
Internet Protocols IP Routing IP network layer routes packets from their source to their destination using a routing algorithm: Distance-vector algorithm: Router Information Protocols (RIP-1, RIP-2, ……). Link state algorithms class. Open Shortest Path First (OSPF) protocol. Different routing algorithms may co-exist since routing tables contain identical information for all algorithms. However, for routing table creation and update, the same algorithm needs to be used. Therefore, the Internet is divided into topological areas and one algorithm used in every area.
Internet Protocols IP Routing Internet topological map is partitioned into autonomous systems which are subdivided into areas. Every autonomous system has a backbone area. The collection of routers connect non-backbone areas to the backbone and the links that interconnect those routers are the Internet backbone. Backbone links are usually of high bandwidth and are replicated for reliability.
Internet Protocols IP Routing The need to store information from every node in the IP address space to every other node leads to routing table size explosion. Two possible solutions: Topological grouping of IP addresses, so that addresses in one topological area are all routed to a central router of that area. For example, all addresses 194.0.0.0 to 195.255.255.255 in Europe. Routers outside Europe can have a single table entry to route all addresses in this range to the closest European router, which then perform detailed routing. Problem: before 1993, IP addresses were assigned without regard to geographic location, still in use. Usage of default routes: Not all nodes in a subnet need to store complete routing information as long as key routers close to backbone have complete routing information.
Internet Protocols IP Routing Hosts Links or local networks A D E B C 1 2 5 4 3 6 Routers Routings from C To Link Cost B C E 2 local 5 1 Default - Default Routing
Internet Protocols IP Version 6 (IPv6) Adopted in 1994 to face the addressing limitations of IPv4. Addresses long are 128-bits (~ 3x1038 addressable entities). Address space is partitioned: One partition will hold the entire range of IPv4 addresses. Two partitions used to organize the address space: One according to the geographical locations of the addressed nodes. The other according to their organizational locations. Improved routing speed: No checksum applied to the packet content, only to its header. No datagram fragmentation occurs inside network Supporting a mechanism for determining the smallest datagram size (MTU) before a packet is transmitted.
Internet Protocols IP Version 6 (IPv6) Version (4 bits) Priority (4 bits) Flow label (24 bits) Payload length (16 bits) Next header (8 bits) Hop limit (8 bits) Source address (128 bits) Destination address (128 bits) IPv6 header layout
Internet Protocols IP Version 6 (IPv6) Multimedia streams and other real-time data elements can transmitted in identified flow. The priority and flow label fields can be used to enable handling specific packets more rapidly or with higher reliability than others. Flow labels enable resources to be reserved in order to meet timing requirements of specific real-time data streams. Support multicast (as IPv4 ): The transmission of packets to multiple hosts using a single address. Support a new mode of transmission called anycast: Deliver a packet to at least one of the hosts subscribed to the relevant address. Internet protocol stack, routers software, and application programs require upgrading to support the migration to IPv6.
Internet Protocols MobileIP Support for roaming of laptop computers, personal digital assistants (PDAs), wearable computing devices, etc. IP addresses are bound to subnet addresses, but roaming may leave subnet boundary. MobileIP allows IP communication to continue transparently with respect to current location of the mobile host.
Internet Protocols MobileIP Sender 4. Subsequent IP packets send to FA directly Mobile host MH 2. Address of FA returned to sender 1. First IP packet addressed to MH Internet Foreign agent FA Home 3. First IP packet agent forwarded to FA MobileIP routing mechanism
Internet Protocols MobileIP The home agent keeps track of the current IP address of the mobile host and acts as a proxy during periods of disconnection. When the mobile machine is registered with the foreign agent, the foreign agent contacts the home agent, notifying it of the new temporary IP address. Requests for the server are captured by home agent and re-routed, embedded in MobileIP packets, to the foreign agent: The sender sends first IP packet addressed to the mobile host . The Home agent receive the packet as a proxy for the mobile host. The home agent returns the address of the foreign agent to the sender. The home agent forwards the first IP packet to the foreign agent. Subsequent IP packets sent to the foreign agent directly.
Internet Protocols Firewalls The purpose of a firewall is to monitor and control all communication into and out of an intranet. A firewall is implemented by a set of processes that act as a gateway applying a security policy determined by the organization. The firewall security policy may include any or all of the following: Service control: determine which services on internal hosts are accessible for external access and reject all other incoming service requests. Filtering actions are based on the contents of IP packets and the included TCP and UDP requests. Behavior control: prevent behavior that infringes the organization’s policies and forming part of an attack. User control: the organization discriminate between its users by allowing some access to external services but inhibiting others from doing so.
Internet Protocols Firewalls Protected intranet Router/ filter Internet web/ftp server Firewall configuration