Cis81 E1 6 IPv4Addresses Part3

Chapter 6 IPv4 Addresses Part 3CIS 81 Networking Fundamentals Rick Graziani Cabrillo College [email protected] Last Updated: 4/13/2008

Topics Calculating the number subnets/hosts needed VLSM (Variable Length Subnet Masks) Classful Subnetting IPv6 ICMP: Ping and Traceroute

2

Calculating the number subnets/hosts needed


172.16.1.0 255.255.255.0Network Host

Network 172.16.1.0/24 Need: As many subnets as possible, 60 hosts per subnet

4


Number of hosts per subnet

172.16.1. 0 0 0 0 0 0 0 0 255.255.255. 0 0 0 0 0 0 0 0Network Host 6 host bits


5


Number of subnets

172.16.1. 0 0 0 0 0 0 0 0 255.255.255. 1 1 0 0 0 0 0 0Network Host 255.255.255.192 6 host bits

Network 172.16.1.0/24 Need: As many subnets as possible, 60 hosts per subnet New Subnet Mask: 255.255.255.192 (/26) Number of Hosts per subnet: 6 bits, 64-2 hosts, 62 hosts Number of Subnets: 2 bits or 4 subnets

6


172.16.1.0 255.255.255.0Network Host


7



172.16.1. 0 0 0 0 0 0 0 0 255.255.255. 0 0 0 0 0 0 0 0Network Host 4 host bits


8


Number of hosts per subnet Number of subnets

172.16.1. 0 0 0 0 0 0 0 0 255.255.255. 1 1 1 1 0 0 0 0Network Host 255.255.255.240 4 host bits

Network 172.16.1.0/24 Need: As many subnets as possible, 12 hosts per subnet New Subnet Mask: 255.255.255.240 (/28) Number of Hosts per subnet: 4 bits, 16-2 hosts, 14 hosts Number of Subnets: 4 bits or 16 subnets

9


172.16.1.0 255.255.255.0Network Host

Network 172.16.1.0/24 Need: Need 6 subnets, as many hosts per subnet as possible

10


Number of subnets

172.16.1. 0 0 0 0 0 0 0 0 255.255.255. 0 0 0 0 0 0 0 03 subnet bits Network Host

Network 172.16.1.0/24 Need: Need 6 subnets, as many hosts per subnet as possible

11



Number of subnets

172.16.1. 0 0 0 0 0 0 0 0 255.255.255. 1 1 1 0 0 0 0 03 subnet bits Network Host 255.255.255.224

Network 172.16.1.0/24 Need: Need 6 subnets, as many hosts per subnet as possible New Subnet Mask: 255.255.255.224 (/27) Number of Hosts per subnet: 5 bits, 32-2 hosts, 30 hosts Number of Subnets: 3 bits or 8 subnets

12

VLSM (Variable Length Subnet Masks)

VLSM If you know how to subnet, you can do VLSM. Example: 10.0.0.0/8 Subnet in /16 subnets: 10.0.0.0/16 10.1.0.0/16 10.2.0.0/16 10.3.0.0/16 Etc. Subnet one of the subnets (10.1.0.0/16) 10.1.0.0/24 10.1.1.0/24 10.1.2.0/24 10.1.3.0/24 etc14

VLSM

Host can only be a member of the subnet. Host can NOT be a member of the network that was subnetted. YES!

10.2.1.55/24

10.2.1.55/16

All other /16 subnets are still available for use as /16 networks or to be subnetted.

NO!

15

VLSM Using the chart This chart can be used to help determine subnet addresses. This can any octet. Well keep it simple and make it the fourth octet. Network: 172.16.1.0/24 What if we needed 10 subnets with a minimum of 12 hosts? What would the Mask be? What would the addresses of each subnet be? What would the range of hosts be for each subnet?16

VLSM Using the chart Network: 172.16.1.0/24 What if we needed 5 subnets? What would the Mask be? 255.255.255.240 (/28) What would the addresses of each subnet be? 172.16.1.0/28 172.16.1.32/28 172.16.1.64/28 172.16.1.96/28 172.16.1.128/28 172.16.1.160/28 172.16.1.192/28 172.16.1.224/28 What would the range of valid hosts for each subnet? 172.16.1.0/26: 172.16.1.1-172.16.1.31 172.16.1.32/26: 172.16.1.33-172.16.1.62 172.16.1.64/26: 172.16.1.65-172.16.1.94 172.16.1.96/26: 172.16.1.97-172.16.1.126 Etc.

17

16 /30 subnets

VLSM Using the chart What if we needed several (four) /30 subnets for our serial links? Take one of the /27 subnets and subnet it again into /30 subnets.

Still have 7 /27 subnets

16 /30 subnets

18

Classful Subnetting

Classful IP Addressing

In the early days of the Internet, IP addresses were allocated to organizations based on request rather than actual need. When an organization received an IP network address, that address was associated with a Class, A, B, or C. This is known as Classful IP Addressing The first octet of the address determined what class the network belonged to and which bits were the network bits and which bits were the host bits. There were no subnet masks. It was not until 1992 when the IETF introduced CIDR (Classless Interdomain Routing), making the address class meaning less. This is known as Classless IP Addressing. For now, all you need to know is that todays networks are classless, except for some things like the structure of Ciscos IP routing table and for those networks that still use Classful routing protocols. You will learn more about this is CIS 82, CIS 83 and CIS 185.

20

IPv4 Address Classes

21

Address Classes1st octet 2nd octet 3rd octet 4th octet

Class A Class B Class C

Network

Host

Host Host

Host Host Host

Network Network

Network Network Network

N = Network number assigned by ARIN (American Registry for Internet Numbers) H = Host number assigned by administrator

22

Class A addressesNetwork Host8 bits Number between 0 - 127

Default Mask: 255.0.0.0 (/8)

First octet is between 0 127, begins with 0 Host8 bits

Host8 bits

With 24 bits available for hosts, there a 224 possible addresses. Thats 16,777,216 nodes!

There are 126 class A addresses. 0 and 127 have special meaning and are not used. 16,777,214 host addresses, one for network address and one for broadcast address. Only large organizations such as the military, government agencies, universities, and large corporations have class A addresses. For example ISPs have 24.0.0.0 and 63.0.0.0 Class A addresses account for 2,147,483,648 of the possible IPv4 addresses. Thats 50 % of the total unicast address space, if classful was still used in the Internet!

23

Class B addresses

Default Mask: 255.255.0.0 (/16)

First octet is between 128 191, begins with 10 Network Network Host8 bits Number between 128 - 191

Host8 bits

With 16 bits available for hosts, there a 216 possible addresses. Thats 65,536 nodes!

There are 16,384 (214) class B networks. 65,534 host addresses, one for network address and one for broadcast address. Class B addresses represent 25% of the total IPv4 unicast address space. Class B addresses are assigned to large organizations including corporations (such as Cisco, government agencies, and school districts).

24

Class C addresses

Default Mask: 255.255.255.0 (/24)

First octet is between 192 223, begins with 110 Network Network Network Host8 bits Number between 192 - 223

With 8 bits available for hosts, there a 28 possible addresses. Thats 256 nodes!

There are 2,097,152 possible class C networks. 254 host addresses, one for network address and one for broadcast address. Class C addresses represent 12.5% of the total IPv4 unicast address space.

25


No medium size host networks In the early days of the Internet, IP addresses were allocated to organizations based on request rather than actual need.26

Network based on first octet

The network portion of the IP address was dependent upon the first octet. There was no Base Network Mask provided by the ISP. The network mask was inherent in the address itself.

27


Class D Addresses A Class D address begins with binary 1110 in the first octet. First octet range 224 to 239. Class D address can be used to represent a group of hosts called a host group, or multicast group. Class E Addresses First octet of an IP address begins with 1111 Class E addresses are reserved for experimental purposes and should not be used for addressing hosts or multicast groups.28

Fill in the information1. 192.168.1.3 Class _____ Default Mask:______________ Network: _________________ Broadcast: ________________ Hosts: _________________ through ___________________ 2. 1.12.100.31 Class ______ Default Mask:______________ Network: _________________ Broadcast: ________________ Hosts: _________________ through _____________________ 3. 172.30.77.5 Class ______ Default Mask:______________ Network: _________________ Broadcast: ________________ Hosts: _________________ through _____________________

29

Fill in the information1. 192.168.1.3 Class C Default Mask: 255.255.255.0 Network: 192.168.1.0 Broadcast: 192.168.1.255 Hosts: 192.168.1.1 through 192.168.1.254 2. 1.12.100.31 Network: 1.0.0.0 Hosts: 1.0.0.1 Class A through Default Mask: 255.0.0.0 Broadcast: 1.255.255.255 1.255.255.254

3. 172.30.77.5 Class B Default Mask: 255.255.0.0 Network: 172.30.0.0 Broadcast: 172.30.255.255 Hosts: 172.30.0.1. through 172.30.255.254

30

Class separates network from host bits The Class determines the Base Network Mask!1. 192.168.1.3 Class C Default Mask: 255.255.255.0 Network: 192.168.1.0

2. 1.12.100.31

Class A

Default Mask: 255.0.0.0 Network: 1.0.0.0

3. 172.30.77.5

Class B

Default Mask: 255.255.0.0 Network: 172.30.0.0

31

Know the classes!Class A B C D E First Bits 0 10 110 1110 1111 First Octet 0 127 128 - 191 192 - 223 224 239 240 - 25532

Network Bits 8 16 24

Host Bits 24 16 8

IP addressing crisis

Address Depletion Internet Routing Table Explosion

33

IPv4 Addressing

Subnet Mask One solution to the IP address shortage was thought to be the subnet mask. Formalized in 1985 (RFC 950), the subnet mask breaks a single class A, B or C network in to smaller pieces. This does allow a network administrator to divide their network into subnets. Routers still associated an network address with the first octet of the IP address.34

All Zeros and All Ones SubnetsUsing the All Ones Subnet There is no command to enable or disable the use of the all-ones subnet, it is enabled by default. Router(config)#ip subnet-zero The use of the all-ones subnet has always been explicitly allowed and the use of subnet zero is explicitly allowed since Cisco IOS version 12.0. RFC 1878 states, "This practice (of excluding all-zeros and all-ones subnets) is obsolete! Modern software will be able to utilize all definable networks." Today, the use of subnet zero and the all-ones subnet is generally accepted and most vendors support their use, though, on certain networks, particularly the ones using legacy software, the use of subnet zero and the all-ones subnet can lead to problems. CCO: Subnet Zero and the All-Ones Subnet http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note091 86a0080093f18.shtml35

Long Term Solution: IPv6 (coming) IPv6, or IPng (IP the Next Generation) uses a 128-bit address space, yielding 340,282,366,920,938,463,463,374,607,431,768,211,456 possible addresses. IPv6 has been slow to arrive IPv6 requires new software; IT staffs must be retrained IPv6 will most likely coexist with IPv4 for years to come. Some experts believe IPv4 will remain for more than 10 years.

36

Short Term Solutions: IPv4 Enhancements

Discussed in CIS 83 and CIS 185 CIDR (Classless Inter-Domain Routing) RFCs 1517, 1518, 1519, 1520 VLSM (Variable Length Subnet Mask) RFC 1009 Private Addressing - RFC 1918 NAT/PAT (Network Address Translation / Port Address Translation) RFC More later when we discuss TCP37

11111111.00000000.00000000.00000000 11111111.10000000.00000000.00000000 ISPs no longer restricted to 11111111.11000000.00000000.00000000 three classes. Can now 11111111.11100000.00000000.00000000 allocate a large range of 11111111.11110000.00000000.00000000 network addresses based 11111111.11111000.00000000.00000000 on customer requirements 11111111.11111100.00000000.00000000 11111111.11111110.00000000.00000000 11111111.11111111.00000000.00000000 11111111.11111111.10000000.00000000 11111111.11111111.11000000.00000000 11111111.11111111.11100000.00000000 11111111.11111111.11110000.00000000 11111111.11111111.11111000.00000000 11111111.11111111.11111100.00000000 11111111.11111111.11111110.00000000 11111111.11111111.11111111.00000000 11111111.11111111.11111111.10000000 11111111.11111111.11111111.11000000 11111111.11111111.11111111.11100000 11111111.11111111.11111111.11110000 11111111.11111111.11111111.11111000 11111111.11111111.11111111.11111100 11111111.11111111.11111111.11111110 11111111.11111111.11111111.11111111

/8 (255.0.0.0) /9 (255.128.0.0) /10 (255.192.0.0) /11 (255.224.0.0) /12 (255.240.0.0) /13 (255.248.0.0) /14 (255.252.0.0) /15 (255.254.0.0) /16 (255.255.0.0) /17 (255.255.128.0) /18 (255.255.192.0) /19 (255.255.224.0) /20 (255.255.240.0) /21 (255.255.248.0) /22 (255.255.252.0) /23 (255.255.254.0) /24 (255.255.255.0) /25 (255.255.255.128) /26 (255.255.255.192) /27 (255.255.255.224) /28 (255.255.255.240) /29 (255.255.255.248) /30 (255.255.255.252) /31 (255.255.255.254) /32 (255.255.255.255)

16,777,216 host addresses 8,388,608 host addresses 4,194,304 host addresses 2,097,152 host addresses 1,048,576 host addresses 524,288 host addresses 262,144 host addresses 131,072 host addresses 65,536 host addresses 32,768 host addresses 16,384 host addresses 8,192 host addresses 4,096 host addresses 2,048 host addresses 1,024 host addresses 512 host addresses 256 host addresses 128 host addresses 64 host addresses 32 host addresses 16 host addresses 8 host addresses 4 host addresses 2 host addresses 38 Host Route

Active BGP entries March, 2006

http://bgp.potaroo.net/39

ISP/NAP Hierarchy - Th : h h h y . J ff D y (Tries to be anyways!)

f

40

IPv6

Why Do We Need a Larger Address Space? Internet population Approximately 973 million users in November 2005 Emerging population and geopolitical and address space Mobile users PDA, pen-tablet, notepad, and so on Approximately 20 million in 2004 Mobile phones Already 1 billion mobile phones delivered by the industry Transportation 1 billion automobiles forecast for 2008 Internet access in planes Example: Lufthansa Consumer devices Sony mandated that all its products be IPv6-enabled by 2005 Billions of home and industrial appliances

42

IP Address Allocation History100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% 1980 1985 1990 1995 2000 2005 2010

1981, IPv4 Protocol was published. 1985, 1/16 of IPv4 address space in use. 2001, 2/3 of IPv4 address space in use.43

Larger Address Space

IPv4 32 bits or 4 bytes long 4,200,000,000 possible addressable nodes IPv6 128 bits or 16 bytes: four times the bits of IPv4 3.4 * 1038 possible addressable nodes 340,282,366,920,938,463,374,607,432,768,211,456 5 * 1028 addresses per person 50,000,000,000,000,000,000,000,000,00044

Larger Address Space Enables Address Aggregation

Aggregation of prefixes announced in the global routing table Efficient and scalable routing

45

IPv6 Address assignment features: Using DHCP and Stateless Autoconfiguration. Built-in Support for Mobility: IPv6 supports mobility such that IPv6 hosts can move around the Internetwork, retain their IPv6 address and without losing current application sessions. Aggregation: IPv6s huge address space makes for much easier aggregation of blocks of addresses in the Internet, making routing in the Internet more efficient. No need for NAT/PAT: The huge public IPv6 address space removes the need for NAT/PAT, which avoids some NAT-induced application problems and makes for more efficient routing. No Broadcasts: IPv6 does not use layer 3 broadcast addresses, instead relying on multicasts to reach multiple hosts. Transition tools: IPv6 has many rich tools to help with the transition from IPv4 to IPv6.46

Three types of IPv6 Addresses

The three types of IPv6 address follow: 1. Unicast Global Unicast Link Local Unicast Unique Local Unicast 2. Multicast 3. Anycast Unlike IPv4, there is no IPv6 broadcast address. There is, however, an "all nodes" multicast address, which serves essentially the same purpose as a broadcast address.47

Unicast Addresses

A unicast address is an address that identifies a single device. A global unicast address is a unicast address that is globally unique. Has global scope. Globally unique and can therefore be routed globally with no modification.

48

Global Unicast AddressesReplaced with

Note: This format, specified in RFC 3587, obsoletes and simplifies an earlier format that divided the IPv6 unicast address into Top Level Aggregator (TLA), Next-Level Aggregator (NLA), and other fields. However, you should be aware that this obsolescence is relatively recent and you are likely to encounter some books and documents that show the old IPv6 address format.

49

Unicast Addresses

The host portion of the address is called the Interface ID. Host can have more than one IPv6 interface Address more correctly identifies an interface on a host than a host itself. A single interface can have multiple IPv6 addresses, and can have an IPv4 address in addition.

50

Unicast Addresses

Another big difference between IPv4 addresses and IPv6 addresses: location of the Subnet Identifier Subnet Identifier is part of the network portion of the address rather than the host portion.

51

Unicast Addresses

The Interface ID is a consistent size for all IPv6 addresses, simplifying the parsing of the address. And making the Subnet ID a part of the network portion creates a clear separation of functions: The network portion provides the location of a device down to the specific data link and the host portion provides the identity of the device on the data link.

52

Background

IPv4 will exist for some time, as the transition begins to IPv6. Other new protocols have been developed in support of IPv6: Routing protocols (OSPFv3) so routers can learn about IPv6 network addresses. ICMPv6

53

ICMP

55

ICMP: Ping and Trace

Ethernet Header (Layer 2)Ethernet Destination Address (MAC) Ethernet Source Address (MAC) Frame Type

IP Header (Layer 3)Source IP Add. Dest. IP Add. Protocol field

ICMP Message (Layer 3)Type 0 or 8 Code 0 Checksum ID Seq. Num. Data

Ether. Tr.FCS

Partial list

ICMP (Internet Control Message Protocol) ICMP: A Layer 3 protocol Used for sending messages Encapsulated in a Layer 3, IP packet Uses Type and Code fields for various messages57

ICMP




Ether. Tr.FCS

Unreachable Destination or Service Used to notify a host that the destination or service is unreachable. When a host or router receives a packet that it cannot deliver, it may send an ICMP Destination Unreachable packet to the host originating the packet. The Destination Unreachable packet will contain codes that indicate why the packet could not be delivered. From a router: 0 = network unreachable Does not have a route in the routing table 1 = host unreachable Has a route but cant find host. (end router) From a host: 2 = protocol unreachable 3 = port unreachable Service is not available because no daemon is running providing the service or because security on the host is not allowing access to the service.

58

172.30.1.20

172.30.1.25

59




Ether. Tr.FCS

Ping Uses ICMP message encapsulated within an IP Packet Protocol field = 1 Does not use TCP or UDP Format ping ip address (or ping for extended ping) ping 172.30.1.25

60

Et er et ea er ( ayer 2)Ethernet estination ddress ) ( Ethernet ource ddress ) ( rame Type

I ea er ( ayer 3)Source I A . 172.30.1.20 Dest. I A . 172.30.1.25 rotocol field 1

I essage - Echo Request ( ayer 3)Type 8 ode 0 hecksum I eq. um. ata

Ether. r.

Echo Request The sender of the ping, transmits an ICMP message, Echo Request Echo Request - Within ICMP Message Type = 8 Code = 0

61

Ether et eader ( ayer 2)Ethernet estination ddress ( ) Ethernet ource ddress ( ) rame Type

I eader ( ayer 3)Source I Add. 172.30.1.25 Dest. I Add. 172.30.1.20 rotocol field 1

I essage - Echo Reply ( ayer 3)Type 0 ode 0 hecksum I eq. um. ata

Ether. r.

Echo Reply The IP address (destination) of the ping, receives the ICMP message, Echo Request The ip address (destination) of the ping, returns the ICMP message, Echo Reply Echo Reply - Within ICMP Message Type = 0 Code = 0

62

Ping example

63

Pings may fail

Q: Are pings forwarded by routers? A: Yes! This is why you can ping devices all over the Internet. Q: Do all devices forward or respond to pings? A: No, this is up to the network administrator of the device. Devices, including routers, can be configured not to reply to pings (ICMP echo requests). This is why you may not always be able to ping a device. Also, routers can be configured not to forward pings destined for other devices.

64

Traceroute

Traceroute is a utility that records the route (router IP addresses) between two devices on different networks.

65

Tracroute http://en.wikipedia.org/wiki/Traceroute On modern Unix and Linux-based operating systems, the traceroute utility by default uses UDP datagrams with a destination port number starting at 33434. The traceroute utility usually has an option to specify use of ICMP echo request (type 8) instead. The Windows utility uses ICMP echo request, better known as ping packets. Some firewalls on the path being investigated may block UDP probes but allow the ICMP echo request traffic to pass through. There are also traceroute implementations sending out TCP packets, such as tcptraceroute or Layer Four Trace. In Microsoft Windows, traceroute is named tracert. A new utility, pathping, was introduced with Windows NT, combining ping and traceroute functionality. All these traceroutes rely on ICMP (type 11) packets coming back.66

Trace (Traceroute)

Trace ( Cisco = traceroute, tracert,) is used to trace the probable path a packet takes between source and destination. Probable, because IP is a connectionless protocol, and different packets may take different paths between the same source and destination networks, although this is not usually the case. Trace will show the path the packet takes to the destination, but the return path may be different. This is more likely the case in the Internet, and less likely within your own autonomous system. Linux/Unix Systems Uses ICMP message within an IP Packet Both are layer 3 protocols. Uses UDP as a the transport layer. We will see why this is important in a moment.67

Trace10.0.0.0/8 RTA RTB 172.16.0.0/16 RT 192.168.10.0/24 RT

.1

.2

.1

.2

.1

.2

Format (trace, traceroute, tracert) RTA# traceroute ip address RTA# traceroute 192.168.10.2

68

Trace10.0.0.0/8 RTA RTB 172.16.0.0/16 RTC 192.168.10.0/24 RTD .1 .2 .1 .2 .1 .2

DA = 192.168.10.2, TTL = 1

Data Link Header (Layer 2) Data Link Data Link Destination Source Address Address

IP Header (Layer 3) Source IP Add. 10.0.0.1 Dest. IP Add. 192.168.10.2 Protocol field 1 TTL 1

ICMP Message - Echo Request (trace) Type 8 Code 0 Chk sum ID Seq. Num Data

UDP (Layer 4) DestPort 35,000

DataLink Tr. FCS

How it works (using UDP) - Fooling the routers & host! Traceroute uses ping (echo requests) Traceroute sets the TTL (Time To Live) field in the IP Header, initially to 1 When a router receives an IP Packet, it decrements the TTL by 1. If the TTL is 0, it will not forward the IP Packet, and send back to the source an ICMP time exceeded message.

69

Trace10.0.0.0/8 RTA RTB 172.16.0.0/16 RTC 192.168.10.0/24 RTD .1 .2 .1 .2 .1 .2

DA = 192.168.10.2, TTL = 1 ICMP Time Exceeded, SA = 10.0.0.2

Data Li (Layer 2) Data i k Desti ati ress

eader Data i k rce ress .

IP eader (Layer ) S rce IP Add. . . . De t. IP Add. . . . Pr t c l field

ICMP Me Type s Code

age - Time Exceeded k ID . . eq Data

DataLi Tr.

RTB - TTL: When a router receives an IP Packet, it decrements the TTL by 1. If the TTL is 0, it will not forward the IP Packet, and send back to the source an ICMP time exceeded message. ICMP Message: Type = 11, Code = 070

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



.

IP Header (Layer 3) Source IP Add. 10.0.0.2 Dest. IP Add. 10.0.0.1 Protocol field 1

ICMP Message - Time Exceeded Type 11 Code 0 Chk sum ID Seq . Nu m. Data

DataLink Tr. FCS

RTB Sends back a ICMP Time Exceeded message back to the source, using its IP address for the source IP address. Router Bs IP header includes its own IP address (source IP) and the sending hosts IP address (dest. IP).

71

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



.


ICMP Message - Time Exceeded Type 11 Code 0 Chk sum ID Seq . Nu m. Data

DataLink Tr. FCS

RTA, Sending Host The traceroute program of the sending host (RTA) will use the source IP address of this ICMP Time Exceeded packet to display at the first hop. RTA# traceroute 192.168.10.2 Type escape sequence to abort. Tracing the route to 192.168.10.2 1 10.0.0.2 4 msec 4 msec 4 msec72

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RT

.1

.21

.1

.2

.1

.2

IC

Ti

, A

10.0.0.2


IP Header (Layer 3) Source IP Add. 10.0.0.1 Dest. IP Add. 192.168.10.2 Protocol field 1 TTL 2

RTA The traceroute program increments the TTL by 1 (now 2 ) and resends the ICMP Echo Request packet.73

A

192.168.10.2, TTL

A

192.168.10.2, TTL

2

ICMP Message - Echo Request (trace) Type 8 Code 0 Chk sum ID Seq. Num Data

UDP (Layer 4) DestPort 35,000

DataLink Tr. FCS

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



RTB This time RTB decrements the TTL by 1 and it is NOT 0. (It is 1.) So it looks up the destination ip address in its routing table and forwards it on to the next router. RTC RTC however decrements the TTL by 1 and it is 0. RTC notices the TTL is 0 and sends back the ICMP Time Exceeded message back to the source. RTCs IP header includes its own IP address (source IP) and the sending hosts IP address (destination IP address of RTA). The sending host, RTA, will use the source IP address of this ICMP Time Exceeded message to display at the second hop.74

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



RTA to RTBs

e

TTL

RTB to RTCs

e


.

`

.

TTL

RTC to RTAIP Header (Layer 3) Source IP Add. 172.16.0.2 Dest. IP Add. 10.0.0.1 Protocol field 1 ICMP Message - Time Exceeded Type 11 Code 0 Chk sum ID Seq . Nu m. Data DataLink Tr. FCS

aaa q

a VTg

d

b a` dc` b `

` a a a`

`

YY

Data i k rce ress

T

e

k

ID

eq.

Data

BA

r Wg

Q

iXp W

PIH

iX hg

fe G EG

F

CE

VVU VVU XTW ST S SR SR DC BA


ader

I eader (Layer ) Source IP Add. . . . Dest. IP Add. 9 . . . Protocol field

IC

))) 9

) $"5

2

0 )( 21( ( 0 ( ) ) )(

0 (

''

Data i k rce ress

T

e

k

ID

eq.

Data

essage -

o Request (trace)

DP (Layer 4) DestPort 5, DataLi Tr.

@ %5

7&8 %

7& 65

43

$$# $$# &"% !" ! ! !


eader

IP eader (Layer ) Source IP Add. . . . De t. IP Add. 9 . . . Protocol field

ICMP Me

age - Ec o Re

e t (trace)

DP (Layer 4) De tPort 5,

DataLi Tr.

75

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



s

.

Code

The sending host, RTA: The traceroute program uses this information (Source IP Address) and displays the second hop. RTA# traceroute 192.168.10.2 Type escape sequence to abort. Tracing the route to 192.168.10.2 1 10.0.0.2 4 msec 4 msec 4 msec 2 172.16.0.2 20 msec 16 msec 16 msec76

Data i k rce ress

.

Type

k

ID

eq

Data

.

ts

v

u

xw

y

xy w x x u ts


eader

IP eader (Layer ) Source IP Add. . . . Dest. IP Add. . . . Protocol field

ICMP Message - Time Exceeded

DataLi Tr.

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



DA = 192.168.10.2, TTL = 3


eader Data i k rce ress

IP eader (Layer ) Source IP Add. . . . Dest. IP Add. 9 . . . Protocol field TTL

IC P T e

essage - cho Request (trace) k s ID eq. Data

DP (Layer 4) DestPort 5,

DataLi Tr.

e

The sending host, RTA: The traceroute program increments the TTL by 1 (now 3 ) and resends the Packet.

77

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1DA

.2

.11

.2

.1

.2

192.168.10.2, TTL ceeded, SA

IC P Ti e

10.0.0.2

DA

192.168.10.2, TTL

IC P Ti e

ceeded, SA

DA

192.168.10.2, TTL

RTA to RTBs

e

TTL

s

e

TTL

.Data Li (Layer 2) Data i k Desti ati ress eader

RTC to RTDs

e

TTL

Data i k rce ress

T

e

k

ID

eq.

Data

78

{z

~ ~

IP eader (Layer ) Source IP Add. . . . Dest. IP Add. 9 . . . Protocol field

IC P

essage - cho Request (trace)

ooo x

}

|

o jht

p on qn p n

n o o on

| {z

p n

mm

Data i k rce ress

T 8

e

k

ID

eq.

Data


y kt

e

vlw k

d

vl ut

sr

gf

jji jji lhk gh g gf


eader

RTB to RTC

IP eader (Layer ) Source IP Add. . . . Dest. IP Add. 9 . 8. . Protocol field

IC P


Data i k rce ress

T

e

k

ID

eq.

Data



eader

IP eader (Layer ) Source IP Add. . . . Dest. IP Add. 9 . . . Protocol field

2 172.16.0.2

IC P



DataLi Tr.

DataLi Tr.

DataLi Tr.

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



DA = 192.168.10.2, TTL = 3

RTB This time RTB decrements the TTL by 1 and it is NOT 0. (It is 2.) So it looks up the destination ip address in its routing table and forwards it on to the next router. RTC This time RTC decrements the TTL by 1 and it is NOT 0. (It is 1.) So it looks up the destination ip address in its routing table and forwards it on to the next router. RTD RTD however decrements the TTL by 1 and it is 0. However, RTD notices that the Destination IP Address of 192.168.0.2 is its own interface. Since it does not need to forward the packet, the TTL of 0 has no affect.

79


eader Data i k rce ress

IP eader (Layer ) Source IP Add. . . . Dest. IP Add. 9 . . . Protocol field TTL

IC P T e

essage - cho Request (trace) k s ID eq. Data


DataLi Tr.

e


.


ICMP Message Port Unreachable Type 3 Code 3 Chk sum ID Seq . Nu m. Data

DataLink Tr. FCS

RTD RTD sends the packet to the UDP process. UDP examines the unrecognizable port number of 35,000 and sends back an ICMP Port Unreachable message to the sender, RTA, using Type 3 and Code 3.80

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



DA = 192.168.10.2, TTL = 3 ICMP Port Unreachable, SA = 192.168.10.2


.


ICMP Message Port Unreachable Type 3 Code 3 Chk sum ID Seq . Nu m. Data

DataLink Tr. FCS

Sending host, RTA RTA receives the ICMP Port Unreachable message. The traceroute program uses this information (Source IP Address) and displays the third hop. The traceroute program also recognizes this Port Unreachable message as meaning this is the destination it was tracing.81

10.0.0.0/8 RTA RTB

172.16.0.0/16 RTC

192.168.10.0/24 RTD

.1

.2

.1

.2

.1

.2



DA = 192.168.10.2, TTL = 3 ICMP Port Unreachable, SA = 192.168.10.2

Sending host, RTA RTA, the sending host, now displays the third hop. Getting the ICMP Port Unreachable message, it knows this is the final hop and does not send any more traces (echo requests). RTA# traceroute 192.168.10.2 Type escape sequence to abort. Tracing the route to 192.168.10.2 1 10.0.0.2 4 msec 4 msec 4 msec 2 172.16.0.2 20 msec 16 msec 16 msec 3 192.168.10.2 16 msec 16 msec 16 msec

82

Recommended Reading

For more information on ICMP and other TCP/IP topics, I recommend: TCP/IP Illustrated, Volume I R.W. Stevens

83

Chapter 6 IPv4 Addresses Part 3CIS 81 Networking Fundamentals Rick Graziani Cabrillo College [email protected] Last Updated: 4/13/2008

Cis81 E1 6 IPv4Addresses Part3

Documents

Transcript of Cis81 E1 6 IPv4Addresses Part3