Presentation is loading. Please wait.

Presentation is loading. Please wait.

– 1 – CSCE 517 Sum 03 Slides for Today July 14 are not Quite Complete; but close enough to post Test 2 will be returned and …

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "– 1 – CSCE 517 Sum 03 Slides for Today July 14 are not Quite Complete; but close enough to post Test 2 will be returned and …"— Presentation transcript:

1 – 1 – CSCE 517 Sum 03 Slides for Today July 14 are not Quite Complete; but close enough to post Test 2 will be returned and …

2 Lecture UDP, Traceroute, DNS etc. Topics Unix File systems one more time UDP Traceroute Domain Name Service July 14, 2003 CSCE 517 Forensic Computing

3 – 3 – CSCE 517 Sum 03 Unix File System Structure Encore! Inode Disk Addresses 21KAddrI#Name1K 2K 3K 4K 5K 6K 7K 8K 9K 10KAddrI#Name11K 12K 13K 14K 15K 16K 17K 18K 19K 20K 21K

4 – 4 – CSCE 517 Sum 03 User Datagram Protocol (UDP) Main connectionless protocol of the TCP/IP suite Built on top of IP Connectionless No “guarantees” on delivery as in TCP If TCP analogous to “telephone call” UDP analogous to telegram Maximum size of IP datagram is 65535 Maxiumum size of UDP datagram 8192 Reference for UDP material “TCP/IP Illustrated Volume1 The Protocols” by W. Richard Stevens 1992

5 – 5 – CSCE 517 Sum 03 TCP/IP Suite (modified) TCPUDP ICMP IP Ethernet Driver IGMP ssh Physical Ethernet or Other LAN ARPRARP DNS…httpsnmpsmtp …Application Layer Transport Layer Network Layer Data Link Layer** Physical Layer TCP/IP Layers Modified** bootp

6 – 6 – CSCE 517 Sum 03 User Datagram Header Format 0 7 8 15 16 23 24 31 Source Port Destination Port LengthChecksum Data octets (if any) Source port Destination port Length – length of header + length of data Checksum One’s complement sum of the 16-bit words If length is odd pad with ‘\0’, a byte of zeroes Include 12-byte pseudo-header from the IP header Source IP address, Destination IP address, zero, protocol

7 – 7 – CSCE 517 Sum 03 User Datagram Header Checksum 0 7 8 15 16 23 24 31 Source Port Destination Port 16-bit UDP length 16-bit Checksum Data octets (if any) Checksum One’s complement sum of the 16-bit words If length is odd pad with ‘\0’, a byte of zeroes Include 12-byte pseudo-header from the IP header Source IP address, Destination IP address, zero, protocol, length 32 bit source IP address 32 bit destination IP address Zero 8-bit protocol 16-bit UDP length

8 – 8 – CSCE 517 Sum 03 Last Time IP Fragmentation ICMP Unreachable Error (Fragmentation Required) Determining the Path MTU using traceroute

9 – 9 – CSCE 517 Sum 03 Interaction of UDP and ARP

10 – 10 – CSCE 517 Sum 03 ICMP Source Quench Error

11 – 11 – CSCE 517 Sum 03 UDP Server Design

12 – 12 – CSCE 517 Sum 03 UDP Programming in Java Java Tutorial - All about Datagrams http://java.sun.com/docs/books/tutorial/networking/datagrams/ http://java.sun.com/docs/books/tutorial/networking/datagrams/ What is a UDP datagram? A datagram is an independent, self-contained message sent over the network whose arrival, arrival time, and content are not guaranteed. [Java Tutorial] import java.io.*; public class QuoteServer { public static void main(String[] args) throws IOException { throws IOException { new QuoteServerThread().start(); new QuoteServerThread().start(); }}

13 – 13 – CSCE 517 Sum 03 UDP Programming in Java public QuoteServerThread() throws IOException { this("QuoteServer"); } public QuoteServerThread(String name) throws IOException { super(name); super(name); socket = new DatagramSocket(4445); socket = new DatagramSocket(4445); try { in = new BufferedReader( new FileReader("one- liners.txt")); } try { in = new BufferedReader( new FileReader("one- liners.txt")); } catch (FileNotFoundException e) System.err.println("Couldn't open quote file. " + "Serving time instead."); } }

14 – 14 – CSCE 517 Sum 03 Java UDP Client … int port; InetAddress address; DatagramSocket socket = null; DatagramPacket packet; byte[] sendBuf = new byte[256]; if (args.length != 1) { System.out.println("Usage: java QuoteClient "); return; } DatagramSocket socket = new DatagramSocket(); byte[] buf = new byte[256]; InetAddress address = InetAddress.getByName(args[0]); DatagramPacket packet = new DatagramPacket(buf, buf.length, address, 4445); socket.send(packet); packet = new DatagramPacket(buf, buf.length); socket.receive(packet); String received = new String(packet.getData()); System.out.println("Quote of the Moment: " + received); …

15 – 15 – CSCE 517 Sum 03 RFCs – Request for Comments RFCs initially; now standards 1980 TCP/IP version 1 RFC 761 1980 UDP - RFC 768 http://www.faqs.org/rfcs/rfc768.html http://www.faqs.org/rfcs/rfc768.html 1981 IP - RFC 791 http://www.faqs.org/rfcs/rfc791.html http://www.faqs.org/rfcs/rfc791.html 1981 TCP – RFC 1995 SSH – RFC 793 http://www.free.lp.se/fish/rfc.txt (SSH 1) http://dmoz.org/Computers/Security/Products_and_Tools/Crypt ography/SSH/Documentation/ http://www.free.lp.se/fish/rfc.txt http://dmoz.org/Computers/Security/Products_and_Tools/Crypt ography/SSH/Documentation/ http://www.free.lp.se/fish/rfc.txt http://dmoz.org/Computers/Security/Products_and_Tools/Crypt ography/SSH/Documentation/

16 – 16 – CSCE 517 Sum 03 Traceroute Traceroute traces the route a packet would take if sent to a destination. Note two IP datagrams sent to same address are not guaranteed to go the same way, but usually do. “Implemented by Van Jacobson from a suggestion by Steve Deering. Debugged by a cast of thousands …” IP record record option records route taken by IP datagram. Traceroute is implemented using UDP, IP (TTL) and ICMP.

17 – 17 – CSCE 517 Sum 03 Traceroute IP record record option Why not just use this?  At the time not all routers supported Record Route option.  One way option. The receiver gets the route, but then must return it to the sender.  The size of the field for recording the path is not long enough to record many current paths (16-18 hops).

18 – 18 – CSCE 517 Sum 03 Traceroute Implementation traceroute destination Send UDP packet to a weird port at a destination with TTL = 1. When the packet reaches the first router it decrements the TTL which becomes 0. So the router discards the packet and sends the ICMP message “time exceeded” back. This identifies the first router. Send UDP packet to a weird port at a destination with TTL = 1. When the packet reaches the first router it decrements the TTL which becomes 0. So the router discards the packet and sends the ICMP message “time exceeded” back. This identifies the first router. Send UDP packet to destination with TTL = 2. The packet goes through the first router and TTL is decremented to 1. It is passed to the second router on the route which decrements the TTL to zero and sends an ICMP response that identifies the second router. Send UDP packet to destination with TTL = 2. The packet goes through the first router and TTL is decremented to 1. It is passed to the second router on the route which decrements the TTL to zero and sends an ICMP response that identifies the second router. … Until the packet reaches destination. When it reaches there is the weird port number, so there is no server waiting and this causes the destination to send ICMP “unreachable” and this identifies the destination and that it is the last hop. Until the packet reaches destination. When it reaches there is the weird port number, so there is no server waiting and this causes the destination to send ICMP “unreachable” and this identifies the destination and that it is the last hop.

19 – 19 – CSCE 517 Sum 03 Traceroute Implementation Picture C B A D E F G $ Traceroute G B C D E F G

20 – 20 – CSCE 517 Sum 03 IP Source Routing Option

21 – 21 – CSCE 517 Sum 03 Traceroute with loose source routing Traceroute –g 129.252.44.1 yahoo.com Traceroute to yahoo.com through 129.252.44.1 This can be repeated up to eight times

22 – 22 – CSCE 517 Sum 03 IP Routing Routing Table – each router “knows” the next hop not the entire path Unix/Windows: netstat -rn

23 – 23 – CSCE 517 Sum 03 IP Addresses, Dotted Decimals, Names IP addresses are 32bit integers A workstation has IP address of 9490592 (as unsigned) or 0x81FC0B5A in hex Any ideas? Nobody can remember that so we break it up into bytes as a dotted decimal 129.252.11.90 But the way I really remember this workstation is “erdos.cse.sc.edu”. This name is easy to remember.

24 – 24 – CSCE 517 Sum 03 Fully Qualified Domain Names The Domain Name System DNS name space is hierarchical Root level = unnamed root Top level domains arpa – IP addresses, e.g., 90.11.252.129.in-addr.arpa com – commercial edu – educational gov – government mil – military org – organizations Names are concatenated from the bottom to the root separated by “.”s

25 – 25 – CSCE 517 Sum 03 Fully Qualified Domain Names Top-level arpa com edu gov mil net org ae … cn in …us Domains 2 nd level in-addr yahoo sc … acm va 129 cse reston 252 erdos cnri 11 90 generic domains country domains

26 – 26 – CSCE 517 Sum 03 Domain Name System Just as ARP translates from IP addresses to ethernet addresses (or other DLL addresses) The Domain Name System translates from fully qualified domain names (FQDN) to IP addresses.

27 – 27 – CSCE 517 Sum 03 Names Servers Primary and secondary name servers Root name servers ftp.rs.internic.netftp.rs.internic.net or nic.ddn.mil ftp.rs.internic.net DNS Caching – much like ARP caching Iterative versus sequential

28 – 28 – CSCE 517 Sum 03 DNS Message Format Identification made up by client and merely returned by the server. IdentificationFlags number of questions Number of answer RRs Number of authority RRs Number of additional RRs Questions - Answers – variable number of resource records Authority – variable number of resource records Additional Information – variable number of records

29 – 29 – CSCE 517 Sum 03 Flags Field of DNS header QR – 0 means a query, 1 means a response Opcode (4 bits): 0  standard query, 1  reverse query, 2  server status request AA (1 bit) – authoritative answer (responder is THE nameserver for the zone) TC (1 bit) truncated UDP limited to 512 bytes RD (1 bit)  recursion desired RA (1 bit)  recursion available Zero - 3 bits all zero 000 (padding, synch, expansion?) Rcode (4 bits) – return code 0  no error, 3  name error … QR opcode opcodeAATCRDRAZerorcode

30 – 30 – CSCE 517 Sum 03 Question Format in DNS Messages

31 – 31 – CSCE 517 Sum 03 Resource Record Portion of DNS Response

32 – 32 – CSCE 517 Sum 03 Resource Records

33 – 33 – CSCE 517 Sum 03 Caching

34 – 34 – CSCE 517 Sum 03 DNS Spoofing

35 – 35 – CSCE 517 Sum 03 Summary

Download ppt "– 1 – CSCE 517 Sum 03 Slides for Today July 14 are not Quite Complete; but close enough to post Test 2 will be returned and …"

Similar presentations

Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.

Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Internet Control Message Protocol (ICMP)

Internet Control Message Protocol (ICMP)
1 TDC365-03 TDC 365 Network Interconnections Technologies Lecture #4 Notes Spring, 2009.

1 TDC TDC 365 Network Interconnections Technologies Lecture #4 Notes Spring, 2009.
The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.

The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.
Chapter 5 The Network Layer.

Chapter 5 The Network Layer.
Internet Networking Spring 2003

Internet Networking Spring 2003
Domain Name System: DNS

Domain Name System: DNS
ICMP: Ping and Trace CCNA 1 version 3.0 Rick Graziani Spring 2005.

ICMP: Ping and Trace CCNA 1 version 3.0 Rick Graziani Spring 2005.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.

Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.

TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
1 Internet Control Message Protocol (ICMP) RIZWAN REHMAN CCS, DU.

1 Internet Control Message Protocol (ICMP) RIZWAN REHMAN CCS, DU.
1 ICMP – Using Ping and Trace CCNA Semester 2. 2 172.30.1.20 172.30.1.25.

1 ICMP – Using Ping and Trace CCNA Semester
Chapter Overview TCP/IP Protocols IP Addressing.

Chapter Overview TCP/IP Protocols IP Addressing.
USER DATAGRAM PROTOCOL (UDP) Prof. Crista Lopes. What is UDP ?  an unreliable transport protocol that can be used in the Internet.  an alternative to.

USER DATAGRAM PROTOCOL (UDP) Prof. Crista Lopes. What is UDP ?  an unreliable transport protocol that can be used in the Internet.  an alternative to.
TELE202 Lecture 10 Internet Protocols (2) 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »Internet Protocols (1) »Source: chapter 15 ¥This Lecture »Internet.

TELE202 Lecture 10 Internet Protocols (2) 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »Internet Protocols (1) »Source: chapter 15 ¥This Lecture »Internet.
Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES Internet Control Message Protocol ICMP author -- J. Postel, September 1981. The purpose.

Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES Internet Control Message Protocol ICMP author -- J. Postel, September The purpose.
© Janice Regan, CMPT 128, 2007-2012 0 CMPT 371 Data Communications and Networking Network Layer ICMP and fragmentation.

© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking Network Layer ICMP and fragmentation.
Netprog: DNS and name lookups1 Address Conversion Functions and The Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.

Netprog: DNS and name lookups1 Address Conversion Functions and The Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
TELE202 Lecture 9 Internet Protocols (1) 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »Congestion control »Source: chapter 12 ¥This Lecture »Internet.

TELE202 Lecture 9 Internet Protocols (1) 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »Congestion control »Source: chapter 12 ¥This Lecture »Internet.

Similar presentations

Ads by Google