Presentation is loading. Please wait.

Presentation is loading. Please wait.

IPv4 Fragmentation, PMTU Discovery and NAT

Published byLuke Terry Modified over 9 years ago

Similar presentations

Presentation on theme: "IPv4 Fragmentation, PMTU Discovery and NAT"— Presentation transcript:

1 IPv4 Fragmentation, PMTU Discovery and NAT
Dr Ram P Rustagi, PESIT Jun 06, 2013

2 IP addresses: how to get one?
Q: How does a host get IP address? hard-coded by system admin in a file Windows: control-panel->network->configuration->tcp/ip- >properties UNIX: /etc/rc.config DHCP: Dynamic Host Configuration Protocol: dynamically get address from as server “plug-and-play” Network Layer 4-44

3 DHCP: Dynamic Host Configuration Protocol
goal: allow host to dynamically obtain its IP address from network server when it joins network can renew its lease on address in use, after lease expiry preferably gets the same address, not guaranteed client can reuse its address support for mobile users who want to join network guarantee one address will be assigned to only one client retain DHCP client address across reboots not guaranteed retain DHCP client configs across server reboots must coexist with statically assigned addresses interoperate with BOOTP relay agents Network Layer 4-45

4 DHCP: Dynamic Host Configuration Protocol
DHCP overview: an extension of BOOTP mechanism host broadcasts “DHCP discover” msg [optional] DHCP server responds with “DHCP offer” msg [optional] more than one server can make the offer client can choose which server to send request to host requests IP address: “DHCP request” msg DHCP server sends address: “DHCP ack” msg Renewal happens with DHCP request/ack On completion, client sends DHCP release msg practically not seen

5 DHCP: more than IP addresses
DHCP can return more than just allocated IP address on subnet: address of first-hop router for client name and IP address of DNS sever network mask (indicating network versus host portion of address) Network Layer 4-48

6 DHCP: example DHCP UDP IP Eth Phy DHCP DHCP connecting laptop needs its IP address, addr of first-hop router, addr of DNS server: use DHCP DHCP DHCP request encapsulated in UDP, encapsulated in IP, encapsulated in Ethernet DHCP DHCP UDP IP Eth Phy DHCP Ethernet frame broadcast (dest: FFFFFFFFFFFF) on LAN, received at router running DHCP server router with DHCP server built into router Ethernet demuxed to IP demuxed, UDP demuxed to DHCP src: Kurose & Ross

7 DHCP: example DHCP DCP server formulates DHCP ACK containing client’s IP address, IP address of first-hop router for client, name & IP address of DNS server DHCP UDP IP Eth Phy encapsulation of DHCP server, frame forwarded to client, demuxing up to DHCP at client DHCP UDP IP Eth Phy DHCP DHCP router with DHCP server built into router client now knows its IP address, name and IP address of DSN server, IP address of its first-hop router DHCP src: Kurose & Ross

8 32 bit destination IP address
IP datagram format IP protocol version number ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier header checksum time to live 32 bit source IP address head. len type of service flgs fragment offset upper layer 32 bit destination IP address options (if any) total datagram length (bytes) header length (bytes) “type” of data for fragmentation/ reassembly max number remaining hops (decremented at each router) upper layer protocol to deliver payload to e.g. timestamp, record route taken, specify list of routers to visit. how much overhead? 20 bytes of TCP 20 bytes of IP = 40 bytes + app layer overhead src: Kurose & Ross

9 IP fragmentation, reassembly
network links have MTU (max.transfer size) - largest possible link-level frame different link types, different MTUs large IP datagram divided (“fragmented”) within net one datagram becomes several datagrams “reassembled” only at final destination IP header bits used to identify, order related fragments can be refragmented fragmentation: in: one large datagram out: 3 smaller datagrams reassembly src: Kurose & Ross

10 IP fragmentation, reassembly
MTU for some networks Hyperchannel Token Ring (16Mbps) Token Ring (4Mbps) FDDI Ethernet X PPP - 296

11 IP fragmentation, reassembly
ID =x offset =0 fragflag length =4000 x D M Flags: D - Don’t Fragment M - More Fragments example: 4000 byte datagram MTU = 1500 bytes ID =x offset =0 fragflag =1 length =1500 =185 =370 =1040 one large datagram becomes several smaller datagrams 1480 bytes in data field offset = 1480/8 Network Layer 4-36

12 Example : Re-fragmentation
Src: Forouzan - Data Communication and Networking

13 Example : Re-fragmentation
Src: Forouzan - Data Communication and Networking

14 IP fragmentation, reassembly
Questions A pkt has arrived with an M bit of 0. Is this the first, last of middle segment? Can we say if pkt was fragmented? A pkt has arrived with an M bit of 1. Is this the first, last of middle segment? Can we say if pkt was fragmented? A pkt has arrived with an M bit of 1 and offset value 0. Is this the first, last of middle segment? Can we say if pkt was fragmented? A pkt has arrived with offset value 100, and HLEN value of 5, value of total length field is 100. What are the numbers of the first byte and last byte?

15 IP Fragmentation IP Fragmentation is avoided in general
Path MTU (PMTU) discovery is used to find the max segment size for a given path Fragment is a costly process especially for NAT address is configured by default in any enterprise

16 ICMP: internet control message protocol RFC 792
Query Messages: Type Code description 0/ Echo reply/request (ping) 13/ Timestamp request/reply 10/ Router solicitation/advt Error Reporting Messages dest. network unreachable dest host unreachable dest protocol unreachable dest port unreachable dest network unknown dest host unknown source quench (congestion control - not used) Redirect TTL expired bad IP header used by hosts & routers to communicate network- level information error reporting: unreachable host, network, port, protocol echo request/reply (used by ping) network-layer “above” IP: ICMP msgs carried in IP datagrams ICMP message: type, code plus first 8 bytes of IP datagram causing error Network Layer 4-65

17 ICMP Redirect Src: Forouzan - Data Communication and Networking

18 Traceroute and ICMP source sends series of UDP segments to dest
first set has TTL =1 second set has TTL=2, etc. unlikely port number when nth set of datagrams arrives to nth router: router discards datagrams and sends source ICMP messages (type 11, code 0) ICMP messages includes name of router & IP address when ICMP messages arrives, source records RTTs stopping criteria: UDP segment eventually arrives at destination host destination returns ICMP “port unreachable” message (type 3, code 3) source stops 3 probes 3 probes 3 probes src: Kurose & Ross

19 PMTU Discovery PMTU Discovery
source finds out the max fragment size on the path to destination it is actually a misnomer no actual discovery packet is sent from source source sets ‘D’ (don’t fragment) bit in IP header when a router is required to fragment i.e. MTU of o/g link is small packet is dropped and ICMP error is sent to source with the supported fragment size source retransmits the packet with smaller fragment size PMTU discovery continues till packet reaches destination

20 PMTU Discovery Implementation on Linux machines enabled by default
$ sysctl net.ipv4.ip_no_pmtu_disc net.ipv4.ip_no_pmtu_disc = 0 no PMTU discovery is disabled i.e. PMTU discovery is enabled To disable PMTU discovery $sudo sysctl -w net.ipv4.ip_no_pmtu_disc=1

21 NAT: network address translation
rest of Internet local network (e.g., home network) 10.0.0/24 all datagrams leaving local network have same single source NAT IP address: ,different source port numbers datagrams with source or destination in this network have /24 address for source, destination (as usual) src: Kurose & Ross

22 NAT: network address translation
motivation: local network uses just one IP address as far as outside world is concerned: range of addresses not needed from ISP: just one IP address for all devices can change addresses of devices in local network without notifying outside world can change ISP without changing addresses of devices in local network devices inside local net not explicitly addressable, visible by outside world (a security plus) Network Layer 4-57

23 NAT: network address translation
implementation: NAT router must: outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #) . . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table Network Layer 4-58

24 Address Allocation for private networks
RFC 1918 One Class A network (224) 16 Class B Networks (220) 256 Class C Networks (216)

25 Private addresses without NAT

26 Special purpose addresses
Loopback address

27 NAT: network address translation
NAT translation table WAN side addr LAN side addr 2: NAT router changes datagram source addr from , 3345 to , 5001, updates table +Protocol 1: host sends datagram to , 80 , , 3345 …… …… S: , 3345 D: , 80 1 S: , 80 D: , 3345 4 S: , 5001 D: , 80 2 S: , 80 D: , 5001 3 4: NAT router changes datagram dest addr from , 5001 to , 3345 3: reply arrives dest. address: , 5001 src: Kurose & Ross Network Layer 4-59

28 NAT: network address translation
16-bit port-number field: simultaneous connections on one NAT address! 65,535 NAT is controversial: routers should only process up to layer 3 violates end-to-end argument NAT possibility must be taken into account by app designers, e.g., P2P applications address shortage should instead be solved by IPv6 gets complicated with IP fragmentation Network Layer 4-60

29 NAT traversal problem client wants to connect to server with address server address local to LAN (client can’t use it as destination addr) only one externally visible NATed address: solution1: statically configure NAT to forward incoming connection requests at given port to server e.g., ( , port 2500) always forwarded to port 25000 client ? NAT router src: Kurose & Ross Network Layer 4-61

30 NAT traversal problem solution 2: Universal Plug and Play (UPnP) Internet Gateway Device (IGD) Protocol. Allows NATed host to: learn public IP address ( ) add/remove port mappings (with lease times) i.e., automate static NAT port map configuration NAT router IGD src: Kurose & Ross Network Layer 4-62

31 NAT traversal problem solution 3: relaying (used in Skype)
NATed client establishes connection to relay external client connects to relay relay bridges packets between to connections 2. connection to relay initiated by client NAT router 1. connection to relay initiated by NATed host 3. relaying established client src: Kurose & Ross Network Layer 4-63

32 NAT: network address translation
Two type of NAT SNAT (Source NAT) Destination NAT NAT for TCP Data entering from outside is allowed after connection establishment NAT Entry is removed for connection close NAT for UDP makes a short entry for small duration (30s ?) Good Tutorial for Linux NAT tutorial.html#NATINTRO

33 Thank You

Download ppt "IPv4 Fragmentation, PMTU Discovery and NAT"

Similar presentations

CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
CS 457 – Lecture 16 Global Internet - BGP Spring 2012.

CS 457 – Lecture 16 Global Internet - BGP Spring 2012.
4: Network Layer4a-1 IP Addressing: introduction r IP address: 32-bit identifier for host, router interface r interface: connection between host, router.

4: Network Layer4a-1 IP Addressing: introduction r IP address: 32-bit identifier for host, router interface r interface: connection between host, router.
Lecture 18 Network Layer (Internet Protocol)

Lecture 18 Network Layer (Internet Protocol)
Announcement r Recitation tomorrow on Project 2 r Midterm Survey at the end of this class.

Announcement r Recitation tomorrow on Project 2 r Midterm Survey at the end of this class.
Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.

Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.
Network Layer 4-1 4.1 introduction 4.2 virtual circuit and datagram networks 4.3 what’s inside a router 4.4 IP: Internet Protocol  datagram format  IPv4.

Network Layer introduction 4.2 virtual circuit and datagram networks 4.3 what’s inside a router 4.4 IP: Internet Protocol  datagram format  IPv4.
The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.

The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.
Chapter 5 The Network Layer.

Chapter 5 The Network Layer.
N/W Layer Addressing1 Instructor: Anirban Mahanti Office: ICT 745 Class Location: ICT 121 Lectures: MWF 12:00 – 12:50 Notes.

N/W Layer Addressing1 Instructor: Anirban Mahanti Office: ICT Class Location: ICT 121 Lectures: MWF 12:00 – 12:50 Notes.
NAT: Network Address Translation 10.0.0.1 10.0.0.2 10.0.0.3 10.0.0.4 138.76.29.7 local network (e.g., home network) 10.0.0/24 rest of Internet Datagrams.

NAT: Network Address Translation local network (e.g., home network) /24 rest of Internet Datagrams.
Network Layer Overview and IP

Network Layer Overview and IP
11- IP Network Layer4-1. Network Layer4-2 The Internet Network layer forwarding table Host, router network layer functions: Routing protocols path selection.

11- IP Network Layer4-1. Network Layer4-2 The Internet Network layer forwarding table Host, router network layer functions: Routing protocols path selection.
Network Layer4-1 IP: Internet Protocol r Datagram format r IPv4 addressing r DHCP: Dynamic Host Configuration Protocol r NAT: Network Address Translation.

Network Layer4-1 IP: Internet Protocol r Datagram format r IPv4 addressing r DHCP: Dynamic Host Configuration Protocol r NAT: Network Address Translation.
IP Addressing: introduction

IP Addressing: introduction
Network Layer4-1 Chapter 4 Network Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley,

Network Layer4-1 Chapter 4 Network Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley,
Network Layer4-1 Chapter 4 Network Layer A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students, readers).

Network Layer4-1 Chapter 4 Network Layer A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students, readers).
Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,

Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,
Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,

Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,
12 – NAT, ICMP, IPv6 Network Layer4-1. Network Layer4-2 Chapter 4 Network Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd.

12 – NAT, ICMP, IPv6 Network Layer4-1. Network Layer4-2 Chapter 4 Network Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd.

Similar presentations

Ads by Google