Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
Network Layer4-1 NAT traversal problem r client want to connect to server with address 10.0.0.1 m...
-
Upload
adelia-greene -
Category
Documents
-
view
236 -
download
0
description
Transcript of Network Layer4-1 NAT traversal problem r client want to connect to server with address 10.0.0.1 m...
Network Layer 4-1
NAT traversal problem client want to connect to
server with address 10.0.0.1 server address 10.0.0.1 local
to LAN (client can’t use it as destination addr)
only one externally visible NATted address: 138.76.29.7
solution 1: statically configure NAT to forward incoming connection requests at given port to server e.g., (123.76.29.7, port
2500) always forwarded to 10.0.0.1 port 25000
10.0.0.1
10.0.0.4
NAT router
138.76.29.7
Client ?
Solution #1 Example: Cisco wireless router
Network Layer 4-2
Network Layer 4-3
NAT traversal problem solution 2: Universal Plug and
Play (UPnP) Internet Gateway Device (IGD) Protocol. Allows NATted host to: learn public IP address
(138.76.29.7) Drill a “hole” in NAT Add a port mappings on
NAT
Require both host and NAT to be UPnP compatible
automate static NAT port map configuration
10.0.0.1
10.0.0.4
NAT router
138.76.29.7
IGD
Network Layer 4-4
NAT traversal problem solution 3: relaying (used in Skype)
NATed server establishes connection to relay
External client connects to relay relay bridges packets between to
connections
10.0.0.1
NAT router
138.76.29.7Client
1. connection torelay initiatedby NATted host
2. connection torelay initiatedby client 3. relaying
established
Network Layer 4-5
DHCP: Dynamic Host Configuration Protocol
Goal: allow host to dynamically obtain its IP address from network server when it joins networkCan renew its lease on address in useAllows reuse of addresses (only hold address while connected an “on”Support for mobile users who want to join network (more shortly)
DHCP overview: host broadcasts “DHCP discover” msg DHCP server responds with “DHCP offer” msg host requests IP address: “DHCP request” msg DHCP server sends address: “DHCP ack” msg
Network Layer 4-6
DHCP client-server scenario
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
DHCP server
arriving DHCP client needsaddress in thisnetwork
Network Layer 4-7
DHCP client-server scenarioDHCP server: 223.1.2.5 arriving
client
time
DHCP discover
src : 0.0.0.0, 68 dest.: 255.255.255.255,67yiaddr: 0.0.0.0transaction ID: 654
DHCP offersrc: 223.1.2.5, 67 dest: 255.255.255.255, 68yiaddrr: 223.1.2.4transaction ID: 654Lifetime: 3600 secs
DHCP requestsrc: 0.0.0.0, 68 dest:: 255.255.255.255, 67yiaddrr: 223.1.2.4transaction ID: 655Lifetime: 3600 secs
DHCP ACKsrc: 223.1.2.5, 67 dest: 255.255.255.255, 68yiaddrr: 223.1.2.4transaction ID: 655Lifetime: 3600 secs
Network Layer 4-8
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and
datagram networks 4.3 What’s inside a
router 4.4 IP: Internet
Protocol Datagram format IPv4 addressing ICMP IPv6
4.5 Routing algorithms Link state Distance Vector Hierarchical routing
4.6 Routing in the Internet RIP OSPF BGP
4.7 Broadcast and multicast routing
Network Layer 4-9
ICMP: Internet Control Message Protocol used by hosts & routers to
communicate network-level information error reporting:
unreachable host, network, port, protocol
echo request/reply (used by ping)
network-layer “above” IP: ICMP msgs carried in IP
datagrams Not built on TCP!
ICMP message: type, code plus first 8 bytes of IP datagram causing error
Type Code description0 0 echo reply (ping)3 0 dest. network unreachable3 1 dest host unreachable3 2 dest protocol unreachable3 3 dest port unreachable3 6 dest network unknown3 7 dest host unknown4 0 source quench (congestion control - not used)8 0 echo request (ping)9 0 route advertisement10 0 router discovery11 0 TTL expired12 0 bad IP header
Network Layer 4-10
Traceroute and ICMP Source sends series of
UDP segments to dest First has TTL =1 Second has TTL=2, etc. Unlikely port number
When nth datagram arrives to nth router: Router discards
datagram And sends to source an
ICMP message (type 11, code 0)
Message includes name of router& IP address
When ICMP message arrives, source calculates RTT
Traceroute does this 3 times
Stopping criterion UDP segment eventually
arrives at destination host
Destination returns ICMP “host unreachable” packet (type 3, code 3)
When source gets this ICMP, stops.
Ethereal example
Introduction 1-11
“ Real” Internet delays and routes What do “real” Internet delay & loss look like? Traceroute program: provides delay
measurement from source to router along end-end Internet path towards destination. For all i: sends three packets that will reach router i on path
towards destination router i will return packets to sender sender times interval between transmission and reply.
3 probes
3 probes
3 probes
Introduction 1-12
“ Real” Internet delays and routes
1 cs-gw (128.119.240.254) 1 ms 1 ms 2 ms2 border1-rt-fa5-1-0.gw.umass.edu (128.119.3.145) 1 ms 1 ms 2 ms3 cht-vbns.gw.umass.edu (128.119.3.130) 6 ms 5 ms 5 ms4 jn1-at1-0-0-19.wor.vbns.net (204.147.132.129) 16 ms 11 ms 13 ms 5 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136) 21 ms 18 ms 18 ms 6 abilene-vbns.abilene.ucaid.edu (198.32.11.9) 22 ms 18 ms 22 ms7 nycm-wash.abilene.ucaid.edu (198.32.8.46) 22 ms 22 ms 22 ms8 62.40.103.253 (62.40.103.253) 104 ms 109 ms 106 ms9 de2-1.de1.de.geant.net (62.40.96.129) 109 ms 102 ms 104 ms10 de.fr1.fr.geant.net (62.40.96.50) 113 ms 121 ms 114 ms11 renater-gw.fr1.fr.geant.net (62.40.103.54) 112 ms 114 ms 112 ms12 nio-n2.cssi.renater.fr (193.51.206.13) 111 ms 114 ms 116 ms13 nice.cssi.renater.fr (195.220.98.102) 123 ms 125 ms 124 ms14 r3t2-nice.cssi.renater.fr (195.220.98.110) 126 ms 126 ms 124 ms15 eurecom-valbonne.r3t2.ft.net (193.48.50.54) 135 ms 128 ms 133 ms16 194.214.211.25 (194.214.211.25) 126 ms 128 ms 126 ms17 * * *18 * * *19 fantasia.eurecom.fr (193.55.113.142) 132 ms 128 ms 136 ms
traceroute: gaia.cs.umass.edu to www.eurecom.frThree delay measurements from gaia.cs.umass.edu to cs-gw.cs.umass.edu
* means no response (probe lost, router not replying)
trans-oceaniclink
Under Windows is “tracert”
Introduction 1-13
Traceroute from My Home Computer (last year)
Traceroute from My Home Computer (another time)
Introduction 1-14
Introduction 1-15
Online Traceroute Tools Because UCF campus network blocks all
ICMP packets, you need an outside machine to try it. Try on http://tools.pingdom.com/ping/ Try from different countries from
www.traceroute.org Check traceroute virtual path at:
• http://traceroute.monitis.com/
and• http://www.yougetsignal.com/tools/visual-tracert/
Introduction 1-16
Network Layer 4-17
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and
datagram networks 4.3 What’s inside a
router 4.4 IP: Internet
Protocol Datagram format IPv4 addressing ICMP IPv6
4.5 Routing algorithms Link state Distance Vector Hierarchical routing
4.6 Routing in the Internet RIP OSPF BGP
4.7 Broadcast and multicast routing
Network Layer 4-18
IPv6 Initial motivation: 32-bit address space soon
to be completely allocated. Additional motivation:
header format helps speed processing/forwarding
header changes to facilitate QoS Checksum: removed entirely to reduce
processing time at each hopIPv6 datagram format: fixed-length 40 byte header no fragmentation allowedVery slow take off
• IPv4 still has space (CIDR, DHCP, NAT)• Too trouble to upgrade
Network Layer 4-19
IPv6 Header (Cont)Priority: identify priority among datagrams in flowFlow Label: identify datagrams in same “flow.” (concept of“flow” not well defined).Next header: identify upper layer protocol for data
Network Layer 4-20
Transition From IPv4 To IPv6 Not all routers can be upgraded
simultaneous no “flag days” How will the network operate with mixed IPv4
and IPv6 routers? Tunneling: IPv6 carried as payload in IPv4
datagram among IPv4 routers
Network Layer 4-21
TunnelingA B E F
IPv6 IPv6 IPv6 IPv6
tunnelLogical view:
Physical view:A B E F
IPv6 IPv6 IPv6 IPv6IPv4 IPv4
Network Layer 4-22
TunnelingA B E F
IPv6 IPv6 IPv6 IPv6
tunnelLogical view:
Physical view:A B E F
IPv6 IPv6 IPv6 IPv6
C D
IPv4 IPv4Flow: XSrc: ADest: F
data
Flow: XSrc: ADest: F
data
Flow: XSrc: ADest: F
data
Src:BDest: E
Flow: XSrc: ADest: F
data
Src:BDest: E
A-to-B:IPv6
E-to-F:IPv6B-to-C:
IPv6 insideIPv4
B-to-C:IPv6 inside
IPv4
IPv6 Tunneling vs. IPv4 NAT Similarity:
Both have one IPv4 public IP address, and many computers behind it
Conduct translation/capculing on that special edge router
Difference: Hosts behind NAT are un-addressable
• Cannot communicate with each other Hosts behind Tunneling are addressable
• Can communicate with each other directly
Network Layer 4-23
Network Layer 4-24
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and
datagram networks 4.3 What’s inside a
router 4.4 IP: Internet
Protocol Datagram format IPv4 addressing ICMP IPv6
4.5 Routing algorithms Link state Distance Vector Hierarchical routing
4.6 Routing in the Internet RIP OSPF BGP
4.7 Broadcast and multicast routing
Network Layer 4-25
Routing Algorithm classificationGlobal or decentralized
information?Global: all routers have complete
topology, link cost info “link state” algorithmsDecentralized: router knows physically-
connected neighbors, link costs to neighbors
iterative process of computation, exchange of info with neighbors
“distance vector” algorithms
Static or dynamic?Static: routes change slowly
over timeDynamic: routes change more
quickly periodic update in response to link
cost changes
Network Layer 4-26
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and
datagram networks 4.3 What’s inside a
router 4.4 IP: Internet
Protocol Datagram format IPv4 addressing ICMP IPv6
4.5 Routing algorithms Link state Distance Vector Hierarchical routing
4.6 Routing in the Internet RIP OSPF BGP
4.7 Broadcast and multicast routing
Network Layer 4-27
A Link-State Routing AlgorithmDijkstra’s algorithm net topology, link costs
known to all nodes accomplished via “link
state broadcast” all nodes have same info
computes least cost paths from one node (“source”) to all other nodes gives routing table for
that node iterative: after k iterations,
know least cost path to k destinations
Idea: at each iteration increase
spanning tree by the node that has least cost path to the source
A
ED
CB
F2
21 3
1
12
53
5
Network Layer 4-28
A Link-State Routing AlgorithmNotation: c(i,j): link cost from node
i to j. cost infinite if not direct neighbors
D(v): current value of cost of path from source to dest. V
p(v): predecessor node along path from source to v, that is next v
N: set of nodes already in spanning tree (least cost path known)
A
ED
CB
F2
21 3
1
12
53
5
Examples: c(B,C) = 3 D(E) = 2 p(B) = A N = { A, B, D, E }
Network Layer 4-29
Dijsktra’s Algorithm1 Initialization: 2 N = {A} 3 for all nodes v 4 if v adjacent to A 5 then D(v) = c(A,v) 6 else D(v) = infinity 7 8 Loop 9 find w not in N such that D(w) is a minimum 10 add w to N 11 update D(v) for all v adjacent to w and not in N: 12 D(v) = min( D(v), D(w) + c(w,v) ) 13 /* new cost to v is either old cost to v or known 14 shortest path cost to w plus direct link cost from w to v */ 15 until all nodes in N
Network Layer 4-30
Dijkstra’s algorithm: exampleStep
012345
N D(B),p(B) D(C),p(C) D(D),p(D) D(E),p(E) D(F),p(F)
22
1 3
1
12
53
5
A 2,A 5,A 1,A infinity,- infinity,-AD 2,A 4,D 1,A 2,D infinity,-
ADE 2,A 3,E 1,A 2,D 4,EADEB 2,A 3,E 1,A 2,D 4,E
ADEBC 2,A 3,E 1,A 2,D 4,EADEBCF 2,A 3,E 1,A 2,D 4,E
ED
CB
FA
Network Layer 4-31
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and
datagram networks 4.3 What’s inside a
router 4.4 IP: Internet
Protocol Datagram format IPv4 addressing ICMP IPv6
4.5 Routing algorithms Link state Distance Vector Hierarchical routing
4.6 Routing in the Internet RIP OSPF BGP
4.7 Broadcast and multicast routing
Network Layer 4-32
Distance Vector Algorithm (1)Bellman-Ford Equation (dynamic programming)Definedx(y) := cost of least-cost path from x to y
Then
dx(y) = minv {c(x,v) + dv(y) }
where min is taken over all neighbors of x
Network Layer 4-33
Bellman-Ford example
u
yx
wv
z2
21 3
1
12
53
5 Suppose we know thatdv(z) = 5, dx(z) = 3, dw(z) = 3
du(z) = min { c(u,v) + dv(z), c(u,x) + dx(z), c(u,w) + dw(z) } = min {2 + 5, 1 + 3, 5 + 3} = 4
B-F equation says:
How about du(y)?
Network Layer 4-34
Distance Vector Algorithm (3) Dx(y) = estimate of least cost from x to y Distance vector: Dx = [Dx(y): y є N ] Node x knows cost to each neighbor v:
c(x,v) Node x maintains Dx = [Dx(y): y є N ] Node x also maintains its neighbors’
distance vectors For each neighbor v, x maintains
Dv = [Dv(y): y є N ]
Network Layer 4-35
Distance vector algorithm (4)Basic idea: Each node periodically sends its own distance
vector estimate to neighbors When a node x receives new DV estimate from
neighbor, it updates its own DV using B-F equation:
Dx(y) ← minv{c(x,v) + Dv(y)} for each node y ∊ N
Under minor, natural conditions, the estimate Dx(y) converge the actual least cost dx(y)
Network Layer 4-36
Distance Vector Algorithm (5)Iterative,
asynchronous: each local iteration caused by:
local link cost change DV update message from
neighborDistributed: each node notifies
neighbors only when its DV changes neighbors then notify
their neighbors if necessary
wait for (change in local link, cost of msg from neighbor)
recompute estimates
if DV to any dest has changed, notify neighbors
Each node:
Network Layer 4-37
∞2 0 1
x y zxyz
0 2 7∞∞ ∞∞∞ ∞fro
mcost to
from
from
x y zxyz
0
from
cost to
x y zxyz
∞ ∞∞∞ ∞
cost to
x y zxyz
∞∞ ∞7 1 0
cost to
∞ ∞ ∞
2 0 17 1 0
time
x z12
7
y
node x table
node y table
node z table
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)} = min{2+0 , 7+1} = 2
Dx(z) = min{c(x,y) + Dy(z), c(x,z) + Dz(z)} = min{2+1 , 7+0} = 3
32
Network Layer 4-38
x y zxyz
0 2 7∞∞ ∞∞∞ ∞fro
mcost to
from
from
x y zxyz
0 2 3
from
cost tox y z
xyz
0 2 3
from
cost to
x y zxyz
∞ ∞∞∞ ∞
cost tox y z
xyz
0 2 7
from
cost tox y z
xyz
0 2 3
from
cost to
x y zxyz
0 2 3fro
mcost to
x y zxyz
0 2 7
from
cost tox y z
xyz
∞∞ ∞7 1 0
cost to
∞2 0 1
∞ ∞ ∞
2 0 17 1 0
2 0 17 1 0
2 0 13 1 0
2 0 13 1 0
2 0 1
3 1 02 0 1
3 1 0
time
x z12
7
y
node x table
node y table
node z table
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)} = min{2+0 , 7+1} = 2
Dx(z) = min{c(x,y) + Dy(z), c(x,z) + Dz(z)} = min{2+1 , 7+0} = 3
Network Layer 4-39
Comparison of LS and DV algorithmsMessage complexity LS: with n nodes, E links,
O(nE) msgs sent DV: exchange between
neighbors only convergence time varies
Speed of Convergence LS: O(n2) algorithm requires
O(nE) msgs may have oscillations
DV: convergence time varies may be routing loops count-to-infinity problem
Robustness: what happens if router malfunctions?
LS: node can advertise
incorrect link cost each node computes only
its own tableDV:
DV node can advertise incorrect path cost
each node’s table used by others
• error propagate thru network