1

IP: putting it all togetherIP: putting it all togetherPart 1Part 1

G53ACCG53ACC

Chris GreenhalghChris Greenhalgh

2

ContentsContents

ScenarioScenario Local network communicationLocal network communication

– Sending a packetSending a packet– ARPARP– Receiving a packetReceiving a packet

Remote network communicationRemote network communication– RoutingRouting

3

Book coverageBook coverage

Assumed from CCN:Assumed from CCN:– Comer ch. 13 (routing), 17 (internet), 22 (IPv6), 25 Comer ch. 13 (routing), 17 (internet), 22 (IPv6), 25

(TCP)(TCP)

Reviewed:Reviewed:– Comer ch. 18 (addresses), 20 (datagram), 21 (frag.)Comer ch. 18 (addresses), 20 (datagram), 21 (frag.)

Additional:Additional:– Comer ch. 19 (ARP), 23 (ICMP), 24 (UDP), 26 (NAT), Comer ch. 19 (ARP), 23 (ICMP), 24 (UDP), 26 (NAT),

27 (Internet routing, part)27 (Internet routing, part)

4

ScenarioScenario

Sending a UDP packet Sending a UDP packet – E.g. the ReverseClientUnicast, or DNS clientE.g. the ReverseClientUnicast, or DNS client

Pre-configured machinePre-configured machine On an EthernetOn an Ethernet Connected to the InternetConnected to the Internet Running the IP protocol suiteRunning the IP protocol suite

– How does communication "really" work?How does communication "really" work?

5

Scenario (& see text dump)Scenario (& see text dump)128.243.22.61

(monet)

128.243.22.35(mcclean)

128.243.21.16(DNS server)

Router

Ethernet switch(es)

Ethernet switch(es)

128.243.22/24

128.243.21/24

128.243.22.1

128.243.21.1

128.243.21.19155.198.5.83(www.ic.ac.uk)

Internet

StartHere

6

e.g. ReverseClientUnicast.javae.g. ReverseClientUnicast.java

…… int port = Integer.parseInt(args[1]);int port = Integer.parseInt(args[1]);InetAddress server = InetAddress server = InetAddress.getByName(args[0]); InetAddress.getByName(args[0]); DatagramSocket socket = DatagramSocket socket = new DatagramSocket(); new DatagramSocket(); ……byte [] data =byte [] data = requestByteStream.toByteArray(); requestByteStream.toByteArray(); DatagramPacket request = DatagramPacket request = new DatagramPacket(data, data.length, new DatagramPacket(data, data.length, server, port); server, port);socket.send(request)socket.send(request);;……

7

TCP/IP reference modelTCP/IP reference model

IEEE802Ethernet,WiFi, …

IP

TCP, UDP

Comer Fig. 17.4

ReverseClient, DNS, …

You are here

8

What have you got?What have you got?(what does the machine know?)(what does the machine know?)

An array of bytes An array of bytes – Application layer dataApplication layer data

A destination IP address (not name) A destination IP address (not name) – E.g. E.g. 128.243.22.35 (case 1); 128.243.22.35 (case 1);

128.243.21.19 (case 2)128.243.21.19 (case 2) A destination UDP portA destination UDP port A sending UDP socket (=> source UDP port)A sending UDP socket (=> source UDP port) Local IP configuration (in OS) Local IP configuration (in OS)

– See laterSee later

9

Goal: send that data to the Goal: send that data to the destination machinedestination machine

But physical network transports Ethernet But physical network transports Ethernet frames (only!)…frames (only!)…

You are here: Application Data

10

Transport layer, UDP:Transport layer, UDP:add UDP headeradd UDP header

Source port =Source port =sending socketsending socket

Dest. port =Dest. port =from requestfrom request

Data = app. DataData = app. Data Length = data lengthLength = data length Checksum = Checksum =

error check (CRC)error check (CRC)

11

TCP/IP reference modelTCP/IP reference model

IEEE802Ethernet,WiFi, …

IP

TCP, UDP

Comer Fig. 17.4

ReverseClient, DNS, …

You are here

12

What have you got now?What have you got now?(what does the machine know?)(what does the machine know?)

A UDP header and datagram payloadA UDP header and datagram payload– Includes source & dest. UDP portsIncludes source & dest. UDP ports– Application layer dataApplication layer data

A destination IP address (not name) A destination IP address (not name) – E.g. E.g. 128.243.22.35 (case 1); 128.243.22.35 (case 1);

128.243.21.19 (case 2)128.243.21.19 (case 2) Local IP configuration (in OS) Local IP configuration (in OS)

– See laterSee later

13

Network Layer, IP:Network Layer, IP:add IP headeradd IP header

14

Selected IP header fieldsSelected IP header fields

Version = 4Version = 4 Type = UDPType = UDP Source IP address =Source IP address =

a local IP, probably a local IP, probably not filled in yetnot filled in yet

Destination IP =Destination IP =from requestfrom request

TTL = TTL = “Time To Live” “Time To Live” (network hops), (network hops), initially highinitially high

Header checksum = Header checksum = error check for headererror check for header

Fragment offset – Fragment offset – see fragmentationsee fragmentation

15

So…So…

You have:You have:– IP packetIP packet

– With IP destinationWith IP destination

You need:You need:– Ethernet (or other Ethernet (or other

network) Interface to network) Interface to send itsend it

– Ethernet frameEthernet frame

– With Ethernet With Ethernet destinationdestination

16

Local IP configurationLocal IP configuration

For now assume set by hand, e.g. on monet:For now assume set by hand, e.g. on monet:– Own IP address, e.g. 128.243.22.61Own IP address, e.g. 128.243.22.61– Netmask (range of IP addresses on physical segment), Netmask (range of IP addresses on physical segment),

e.g. 255.255.255.0e.g. 255.255.255.0– Default router, e.g. 128.243.22.1Default router, e.g. 128.243.22.1– DNS server addressDNS server address– (See later notes on auto-configuration)(See later notes on auto-configuration)

Built in:Built in:– Own Ethernet address Own Ethernet address

(in Network Interface Card (NIC) PROM)(in Network Interface Card (NIC) PROM)

17

IP layer: IP layer: what shall I do with this packet?what shall I do with this packet?

IP datagram forwarding rule:IP datagram forwarding rule:– Send it to another physically reachable machine which Send it to another physically reachable machine which

is believed to be closer to the IP destinationis believed to be closer to the IP destination

But:But:– Which machine is closer? Which machine is closer?

– Which physical interface can be used to reach that Which physical interface can be used to reach that machine? machine?

Consult OS IP routing table…Consult OS IP routing table…

18

Routing tableRouting table

Lists a set of rules:Lists a set of rules: What to do with a packet addressed to What to do with a packet addressed to

any destination IP addressany destination IP address– Which physical interface to useWhich physical interface to use– Whether the destination is directly reachableWhether the destination is directly reachable– If not, which directly reachable machine to pass If not, which directly reachable machine to pass

the packet on tothe packet on to

19

Routing table example Routing table example (from scenario, monet)(from scenario, monet)

# netstat -r # netstat -r Destination Gateway Genmask Fl M R U Iface Destination Gateway Genmask Fl M R U Iface 128.243.22.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0128.243.22.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 128.243.22.1 0.0.0.0 UG 0 0 0 eth0 0.0.0.0 128.243.22.1 0.0.0.0 UG 0 0 0 eth0

# ifconfig # ifconfig eth0eth0 [windows: ipconfig /all] [windows: ipconfig /all]eth0 Link encap:Ethernet HWaddr 00:01:02:AD:0F:08 eth0 Link encap:Ethernet HWaddr 00:01:02:AD:0F:08 inet addr:128.243.22.61 Bcast:128.243.22.255 inet addr:128.243.22.61 Bcast:128.243.22.255 Mask:255.255.255.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

G = gateway (not direct)

20

Routing table example: windows Routing table example: windows (128.243.22.74 - not from the scenario)(128.243.22.74 - not from the scenario)

>netstat –r>netstat –rNetwork Destination Netmask Gateway Interface MetricNetwork Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 128.243.22.1 128.243.22.74 100.0.0.0 0.0.0.0 128.243.22.1 128.243.22.74 10 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 128.243.22.0 255.255.255.0 128.243.22.74 128.243.22.74 10128.243.22.0 255.255.255.0 128.243.22.74 128.243.22.74 10 128.243.22.74 255.255.255.255 127.0.0.1 127.0.0.1 10128.243.22.74 255.255.255.255 127.0.0.1 127.0.0.1 10 …… >ipconfig /all>ipconfig /all …… Ethernet adapter Local Area Connection:Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :Connection-specific DNS Suffix . : Description . . . . . . . . . . . : 3Com Gigabit NIC (3C2000)Description . . . . . . . . . . . : 3Com Gigabit NIC (3C2000) Physical Address. . . . . . . . . : 00-0A-5E-54-2B-65Physical Address. . . . . . . . . : 00-0A-5E-54-2B-65 IP Address. . . . . . . . . . . . : 128.243.22.74IP Address. . . . . . . . . . . . : 128.243.22.74 Subnet Mask . . . . . . . . . . . : 255.255.255.0Subnet Mask . . . . . . . . . . . : 255.255.255.0 ……

This machine(direct)

21

Case 1: send to Case 1: send to 128.243.22.35128.243.22.35128.243.22.61

(monet)

128.243.22.35(mcclean)

128.243.21.16(DNS server)

Router

Ethernet switch(es)

Ethernet switch(es)

128.243.22/24

128.243.21/24

128.243.22.1

128.243.21.1

128.243.21.19155.198.5.83(www.ic.ac.uk)

Internet

StartHere

22

Case 1: Send to 128.243.22.35 Case 1: Send to 128.243.22.35

Find routing table entry matching Find routing table entry matching destination IP address (128.243.22.35)destination IP address (128.243.22.35)

gateway (if any) and interfacegateway (if any) and interface– No gateway (directly reachable destination)No gateway (directly reachable destination)

send directly to 128.243.22.35 send directly to 128.243.22.35– Interface “eth0”Interface “eth0”

Need Ethernet address for direct destination Need Ethernet address for direct destination to send on Ethernet…to send on Ethernet…

23

Address Resolution Protocol Address Resolution Protocol (ARP)(ARP)

Internet standard, RFC 826Internet standard, RFC 826 Protocol for dynamic mapping of (local) IP Protocol for dynamic mapping of (local) IP

addresses to (local) Ethernet addressaddresses to (local) Ethernet address

24

ARP request/response packetARP request/response packet

Construct ARP request “who has IP Construct ARP request “who has IP 128.243.22.34”:128.243.22.34”:– ““H” = “hardware” (Ether.); “P” = “protocol” (IP)H” = “hardware” (Ether.); “P” = “protocol” (IP)

25

ARP/Ethernet encapsulationARP/Ethernet encapsulation

Place ARP request in Ethernet framePlace ARP request in Ethernet frame– Type 806Type 806

26

ARP queryARP query

Broadcast on identified outgoing interface:Broadcast on identified outgoing interface:

Broadcast request

Unicast response

27

ARP query handlingARP query handling– all hosts on that Ethernet receive the broadcast all hosts on that Ethernet receive the broadcast

request and packet to OSrequest and packet to OS– Each host inspects Ethernet frame type and passes Each host inspects Ethernet frame type and passes

to relevant handler (in OS)to relevant handler (in OS)– ARP handler inspects request: is this my IP ARP handler inspects request: is this my IP

address?address?– Host 128.243.22.35 sees match and builds and Host 128.243.22.35 sees match and builds and

sends back ARP responsesends back ARP response“128.243.22.35 = “128.243.22.35 = Ethernet address 0Ethernet address 00:a0:c9:ca:1d:d7”0:a0:c9:ca:1d:d7”

– Sending host caches this information for (near) Sending host caches this information for (near) future re-use in an ARP table…future re-use in an ARP table…

28

ARP cacheARP cache

Try #Try # arp –aarp –a– table of IP address table of IP address Ethernet (MAC) address Ethernet (MAC) address

29

TCP/IP reference modelTCP/IP reference model

IEEE802Ethernet,WiFi, …

IP

TCP, UDP

Comer Fig. 17.4

ReverseClient, DNS, …

You are here

30

(Finally) Build Ethernet frame(Finally) Build Ethernet frame Source IP = sending interface IPSource IP = sending interface IP Source MAC address = sending interface MAC Source MAC address = sending interface MAC

addressaddress Destination IP address = original destinationDestination IP address = original destination Destination MAC address = next hop MAC Destination MAC address = next hop MAC

addressaddress Ethernet frame type = 0800Ethernet frame type = 0800

31

Send on identified network Send on identified network interfaceinterface

Ethernet LAN is (logical) broadcastEthernet LAN is (logical) broadcast– Packet typically seen by the Ethernet card of Packet typically seen by the Ethernet card of

every machine on that LANevery machine on that LAN (give or take Ethernet switches which learn and (give or take Ethernet switches which learn and

route by MAC address)route by MAC address)

32

Receiving a packet…Receiving a packet…

33

Incoming Ethernet frame: NICIncoming Ethernet frame: NIC

Check dest. Ethernet (MAC) addressCheck dest. Ethernet (MAC) address– Accept if broadcast or = NIC’s MAC addressAccept if broadcast or = NIC’s MAC address– Interrupt OS…Interrupt OS…

34

Incoming Ethernet frame: OSIncoming Ethernet frame: OS

OS is interrupted by NIC and retrieves OS is interrupted by NIC and retrieves received Ethernet framereceived Ethernet frame

Inspects frame type field and handles Inspects frame type field and handles contents (payload) accordingly:contents (payload) accordingly:– 0806 0806 ARP (already considered) ARP (already considered)– 0800 0800 IP v.4… IP v.4…

35

Incoming IP packet (OS)Incoming IP packet (OS)

Inspects IP headerInspects IP header– Check header checksum, discard if corruptedCheck header checksum, discard if corrupted– Check destination IP addressCheck destination IP address

If (one of our) local address(es), continue local If (one of our) local address(es), continue local processing… processing…

Otherwise, consider for forwardingOtherwise, consider for forwarding– Forwarding enabled (e.g. router) Forwarding enabled (e.g. router) see later see later

– Forwarding disabled (e.g. most hosts) Forwarding disabled (e.g. most hosts) discard discard

36

Incoming IP packet with local Incoming IP packet with local destination (OS)destination (OS)

(Fragments reassembled first – see later)(Fragments reassembled first – see later) Check IP packet type:Check IP packet type:

– 1 ICMP Internet Control Message 1 ICMP Internet Control Message – 2 IGMP Internet Group Management 2 IGMP Internet Group Management – 4 IP in IP (encapsulation) 4 IP in IP (encapsulation) – 6 TCP Transmission Control 6 TCP Transmission Control – 17 UDP User Datagram17 UDP User Datagram

Pass to relevant handler… Pass to relevant handler…

37

Incoming (e.g.) UDP datagram Incoming (e.g.) UDP datagram with local IP address (OS)with local IP address (OS)

Inspects UDP headerInspects UDP header– Check UDP checksum, discard if corruptCheck UDP checksum, discard if corrupt– Check destination UDP portCheck destination UDP port

If not bound to an applicationIf not bound to an application Send an error response (ICMP Destination Send an error response (ICMP Destination Unreachable – see later)Unreachable – see later)

If currently bound to an application socketIf currently bound to an application socket pass payload plus source IP and source UDP port pass payload plus source IP and source UDP port to application socket…to application socket…

38

Receiving application Receiving application (e.g. ReverseServerUnicast.java)(e.g. ReverseServerUnicast.java)

int port = Integer.parseInt(args[0]);int port = Integer.parseInt(args[0]);DatagramSocket socket = DatagramSocket socket = new DatagramSocket(port); new DatagramSocket(port);……byte [] requestBytes = new byte[65536];byte [] requestBytes = new byte[65536];DatagramPacket request = DatagramPacket request = new DatagramPacket(requestBytes, new DatagramPacket(requestBytes, requestBytes.length); requestBytes.length);socket.receive(request)socket.receive(request);;……

39

Case 2: send to 128.243.21.19 Case 2: send to 128.243.21.19 (different network)(different network)

128.243.22.61(monet)

128.243.22.35(mcclean)

128.243.21.16(DNS server)

Router

Ethernet switch(es)

Ethernet switch(es)

128.243.22/24

128.243.21/24

128.243.22.1

128.243.21.1

128.243.21.19155.198.5.83(www.ic.ac.uk)

Internet

StartHere

40

Case 2: Send to 128.243.21.19 Case 2: Send to 128.243.21.19

Begins as before:Begins as before:– Construct UDP headerConstruct UDP header– Construct IP header Construct IP header Complete IP datagramComplete IP datagram

41

Case 2: Routing at senderCase 2: Routing at sender

Find routing table entry matching destination IP address Find routing table entry matching destination IP address (128.243.22.35) (may appear as “default”):(128.243.22.35) (may appear as “default”):

# netstat -r # netstat -r Destination Gateway Genmask Fl M R U Iface Destination Gateway Genmask Fl M R U Iface 128.243.22.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 128.243.22.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 128.243.22.1 0.0.0.0 UG 0 0 0 eth0 0.0.0.0 128.243.22.1 0.0.0.0 UG 0 0 0 eth0

Doesn't match local network, So use default routeDoesn't match local network, So use default route– Gateway (next directly reachable hop) = router 128.243.22.1 Gateway (next directly reachable hop) = router 128.243.22.1 – Outgoing network interface = eth0 (IP 128.243.22.61)Outgoing network interface = eth0 (IP 128.243.22.61)

G = gateway (not direct)

42

Case 2: Sending non-localCase 2: Sending non-local

Destination IP address is 128.243.21.19Destination IP address is 128.243.21.19 Destination Ethernet address is Ethernet Destination Ethernet address is Ethernet

address of gateway/next hop machineaddress of gateway/next hop machine do ARP to find Ethernet address do ARP to find Ethernet address

corresponding to IP 128.243.22.1 corresponding to IP 128.243.22.1 – Router replies with its MAC address on that Router replies with its MAC address on that

LANLAN Send IP packet in Ethernet frame on LAN Send IP packet in Ethernet frame on LAN

to router MAC address… to router MAC address…

43

Routing handling of packetRouting handling of packet

Initially as for normal host receiveInitially as for normal host receive– NIC accepts Ethernet frame addressed to itNIC accepts Ethernet frame addressed to it– Passes to OS via interruptPasses to OS via interrupt– OS determines frame type and passes for OS determines frame type and passes for

handling as IPhandling as IP– Checks packet is not corruptChecks packet is not corrupt– Checks destination IP addressChecks destination IP address

If local, continue processing for local deliveryIf local, continue processing for local delivery If not local…If not local…

44

Router packet forwardingRouter packet forwarding

OS checks packet Time To Live (TTL)OS checks packet Time To Live (TTL)– may discard packet, else decrement TTLmay discard packet, else decrement TTL

Now send as a normal packetNow send as a normal packet– router OS checks own routing tablesrouter OS checks own routing tables

finds next hop IP destination for network portion of finds next hop IP destination for network portion of IP addressIP address

– resolves low-level address of next hop (e.g. resolves low-level address of next hop (e.g. Ethernet, using ARP)Ethernet, using ARP)

– sends packet on next hop interfacesends packet on next hop interface

45

Routing in routersRouting in routers

Routers are pre-configured with details of Routers are pre-configured with details of directly connected networksdirectly connected networks

Routers exchange routing packets with all Routers exchange routing packets with all directly connected routersdirectly connected routers– e.g. RIP, BGP, OSPFe.g. RIP, BGP, OSPF

Routers progressively discover all networks Routers progressively discover all networks and which interface is "closest" to them, i.e. and which interface is "closest" to them, i.e. what the next hop interface should be.what the next hop interface should be.

46

Wide-area routing Wide-area routing For scalability (localisation of information) For scalability (localisation of information)

routing is normally divided:routing is normally divided:– Within a site or organisation = “autonomous Within a site or organisation = “autonomous

unit”unit”– Between autonomous unitsBetween autonomous units

Note: differentprotocols, different levelsof granularity