More than you wanted to know about TCPIP Networking

1
More than you wanted to know about TCP/IP
Networking

• IP Protocol family Architecture
• IP (V4 and V6)
• UDP
• TCP
• IP Routing Procedures
• Multicast Routing
• DHCP, Mobile IP, NATs and Firewalls

2
The Internet Protocol Family
FTP Telnet HTTP SMTP . . .
DHCP RTP . . .
Application
Application
Stream Service
Datagram Service
TCP
UDP
Address Resolution
IP
ICMP
ARP
RARP
Control of Network Layer
Physical
network
Figure 8.1
3
Protocol Layering
4
Internet Protocol Structure

• IP Network layer for Internet
• Routing
• Best effort datagram service
• Segmentation and reassembly of data
• Uses helping network level protocols
• ICMP Relays error and control information
• ARP Finds MAC address for IP address
• RARP Finds IP address for MAC address
• Routing and multicast protocols

5
IP V4 Header

• Normally 20 bytes (no options)
• Length limited to 216-1 bytes

Figure 8.4
6
IPV4 Header Fields

• Version (4)
• Internet Header Length (IHL) 5 or more 32 bit
  words (options)
• Type of Service priority, QoS (mostly ignored)
• Total Length (bytes, including header and data)
• Identification, flags, fragment offset used in
  segmentation
• Time to Live (TTL) hops packet stays in network
• Protocol (transport level) TCP6, UDP17, ICMP1
• Header Checksum (0 means no checksum)
• Source/Destination addresses (32 bits each)
• Options/Padding optional features (rarely used)

7
IPV4 Address Classes
Bit position
0 1 2 3 8
16
31
0
Net ID
Host ID
Class A
Net ID
Host ID
1 0
Class B
Net ID
Host ID
1 1 0
Class C
1 1 1 0
Multicast address
Class D
1 1 1 1
Reserved for experiments
Class E

• Provider gets a Net ID and Assigns Host ID
• 3 levels (different numbers of Host IDs
  available)
• dotted decimal notation (a.b.c.d.)

Figure 8.5
8
Subnet Addressing
Original
Net ID
Host ID
1 0
address
Subnetted
Net ID
Host ID
1 0
Subnet ID
address

• Creates a hierarchy within each Network to
  simplify routing
• Host ID is split into subnet and host parts
• Hierarchical structure simplifies address
  assignments and routing decisions
• Subnet Mask extracts the Net and Subnet
• Mask is always leading 1s and trailing 0s
• Mask is used to select portion of address for
  routing.

Figure 8.6
9
Subnetwork Example
H1
H2
150.100.12.176
150.100.12.154
Subnet 150.100.12.128
150.100.12.129
Outside Networks Route on Network ID (150.100)
150.100.0.1
R1
To the rest of
H3
H4
150.100.12.4
the Internet
150.100.12.55
150.100.12.24
Subnet 150.100.12.0
R1 Uses mask (255.255.255.128) to remove host ID
and select route .12.128 goes up .12.0 and .15.0
go down Others not on this network
150.100.12.1
R2
H5
150.100.15.54
150.100.15.11
Subnet 150.100.15.0
R2 Uses mask (255.255.255.128) to remove host ID
and select route .15.0 goes down All others go up
Figure 8.7
10
IP Routing

• Each host and router maintains a routing table
• Entries match a host or Network Address (Look for
  specific host match first!)
• default entry matches anything
• special entry for loopback (127.0.0.1)
• Table specifies the Next Hop (used to determine
  where/how to forward packet)
• Host (H) and Gateway (G) flags indicate whether
  the route is to a Host, a Network, or a router.

11
Routing Example
H1
150.100.12.154
Subnet 150.100.12.128
150.100.12.129
150.100.12.154 150.100.12.154
emd0 150.100.12.0 150.100.12.4
emd1 150.100.15.0 150.100.12.1 G
emd1 default A.B.C.D G
emd2
150.100.0.1
R1
To the rest of
150.100.12.4
the Internet
Subnet 150.100.12.0
150.100.12.1
default 150.100.12.4 G
emd0 150.100.15.0 150.100.15.11
emd1 150.100.12.0 150.100.12.1 emd0
R2
H5
150.100.15.54
150.100.15.11
Subnet 150.100.15.0
default 150.100.15.54 G
emd0 150.100.15.0 150.100.15.11 emd0
Figure 8.7
12
CIDR Routing

• Problem Subnet addressing not efficient
• Organizations have many subnets and connection
  points
• Subnets appear in core routing tables (too many
  entries)
• Solution Classless InterDomain Routing
• Routing based on prefix (addr/length)
• Subnet numbers assigned so adjacent numbers share
  a gateway
• Supernetting one CIDR entry (205.100.0.0/22)
  covers multiple subnets (205.100.0.0,
  205.100.1.0, . . .)
• Router has to match longest prefix (allows
  specific exceptions to general routes)
• CIDR cuts core routes in half. (still a big
  problem)

13
Address Resolution Protocol
H1
H2
H3
H4
150.100.76.22
150.100.76.23
150.100.76.20
150.100.76.21
ARP request (what is the MAC address of
150.100.76.22?)
H1
H2
H3
H4
ARP response (my MAC address is 08-00-5A-C5-3B-94)

• ARP host/router asks who has an IP address
• Reply gives MAC addr
• Hosts cache results
• Reverse ARP Station asks whats my IP Addr
• Useful for nodes with no storage

Figure 8.8
14
IP Fragmentation
Router
Source
Destination
IP
IP
Network
Network

• Sender sends a packet up to 65,536 bytes
• Routers can fragment based on MTU limits
• Receiving IP layer does reassembly

Figure 8.9
15
Fragmentation Control

• Identification field identifies the original
  packet (e.g. sequence number)
• Flags
• Dont fragment (packet too big generates error
  return)
• More Fragments (set when packet isnt the last)
• Fragment offset specifies where fragment starts
• offset is multiplied by 8 requires breaking on a
  multiple of 8 bytes (i.e rounding the amount in
  each fragment except the last down to a multiple
  of 8)
• Receiver accumulates fragments until all up to
  one with MF0 are received.
• If one piece is lost, whole packet is dropped

16
ICMP
Type
Code
Checksum
Identifier and Sequence Number (echo)
Data (original header)

• Rides on top of IP but considered at same level
• Several types (RFC 792)
• Ping (echo) reports back reachability of the
  destination (type 8/0)
• Report expiration of Time to live (type 11)
• Failure to reach the destination (Type 3)
• Fragmentation error, network failure, host
  unreachable, port unreachable, protocol
  unreachable, . . .
• Other control uses

17
IPV6 motivation

• Out of address space!
• most big network addresses claimed
• Huge issue outside the US
• Simplify header for faster routing
• no checksum
• no fragmentation except at source
• Restructure options
• Labeled flows for QoS routing
• Build security in at IP layer
• Handle packets larger than 64Kbytes

18
IPV6 header
0 4 12
16 24
31
Version Traffic Class
Flow Label
Payload Length Next Header
Hop Limit
Source Address
Destination Address

• Traffic class controls QoS
• Flow Label identifies a host-host packet stream
• Next Header identifies next extension header
• Hop limit like TTL

Figure 8.10
19
IPV6 Addresses

• Unicast, Multicast, Anycast addresses
• 128 bit addresses as 8 16 bit numbers in
  hexadecimal notation
• 4BF5AA122016FEBCBA5F039ABE9A2176
• Shorthand notations
• can be mixed with dotted decimal
• Addresses assigned by prefix (like V4)
• less than 30 used at all
• Special addresses used for interworking with V4
• Tunneling uses addresses a.b.c.d to send IPv6
  over IPv4
• Mapping uses FFFFa.b.c.d to assign V6
  addresses to nodes supporting only V4

20
Service Provider IPV6
n bits
m bits
o bits
p bits
(125-m-n-o-p) bits
010 Registry ID Provider ID
Subscriber ID Subnet ID
Interface ID
Name Registry (one of a small )
Available for user to manage
Identifies a customer
Identifies an ISP or company

• Hierarchical structure (CIDR style routing)
• Flexible divisions

Figure 8.11
21
Extension Headers
Basic header
Next header
TCP segment
TCP
Basic header
Routing header
Fragment header
Authentication header
Next header
Next header
Next header
TCP segment
Next header
routing
fragment
authentication
TCP

• Multiple extension headers can be chained
• Each for a specific purpose
• 00 Hop by hop options
• 43 Routing
• 44 Fragment header
• 51 Authentication
• 52 Security payload header
• 60 Destination options header

Figure 8.12
22
Jumbo packet option
0 8
16
24 31
Next Header 0
194
Opt Len 4
Jumbo Payload Length

• 32 bit length field allows up to 4 gigabytes of
  data in one payload.
• Standard length field set to zero, with a jumbo
  packet option

Figure 813
23
Fragmentation in IPv6
0 8
16
29 31
Next Header Reserved
Fragment Offset
Res M
Identification

• Only the source does fragmentation
• Routers simply report errors using ICMP if packet
  size exceeds MTU on outgoing link
• Source can discover MTU limits by trial
• Simplifies the job of the router
• Source uses packets with the Fragmentation
  extension header
• Offset and Identification fields like before
• M bit indicates more fragments follow

Figure 8.14
24
Source Routing in IPV6
0 8
16 24
31
Next Header Header Length Routing
Type 0 Segment Left
Reserved
Strict/Loose Bit Mask
Address 1
Address 2
. . .
Address 24

• Source host can specify the list of routers to
  traverse
• Length and Segment Left indicate total number of
  routing addresses and number remaining
• Strict/Loose mask determines whether path is
  followed exactly, or only approximately.

Figure 8.15
25
IPV4 to IPV6 Migration

• IPV4 and IPV6 have to coexist for now
• routers have dual protocol stacks and can
  forward one to another
• Getting IPV6 connectivity usually involves
  tunneling

Tunnel
A
B
R
R
IPV6 Net
IPV4 Network
IPV6 Header
IPV4 Header
26
User Datagram Protocol (UDP)
0
16
31
Source Port
Destination Port
UDP Length
UDP Checksum
Data

• Best effort message delivery
• Client/Server Interfaces (SNMP, DNS, TFTP)
• Real time communication (RTP)
• Checksum to check data integrity (no correction)
• Checking is optional
• Checksum of packet and Pseudoheader
• Source/Destination port numbers identify
  applications within a single IP host

Figure 8.16
27
UDP Pseudoheader
0 8
16
31
Source IP Address
Destination IP Address
0 0 0 0 0 0 0 0 Protocol 17
UDP Length

• UDP Checksum covers both Pseudoheader and actual
  datagram
• Information in the pseudoheader verifies that the
  packet reached the right destination and was in
  fact a UDP packet
• Checksum value 0 indicates no checking
• If the checksum algorithm produces 0 as a result,
  a value of all 1s is used instead (also 0 in
  1s complement)

Figure 8.17
28
Transmission Control Protocol (TCP)
Application
Application
byte stream
byte stream
segments
Transmitter
Receiver
Send buffer
Receive buffer
ACKs

• Reliable byte stream service (not messages)
• Information sent in Segments
• ARQ with Selective Reject error control
• Window flow control
• Special procedures for establishing/disconnecting

Figure 8.18
29
TCP Packet Header
0 4 10
16
24 31
Source Port
Destination Port
Sequence Number
Acknowledgement Number
U
A
P
R
S
F
Header
R
C
S
S
Y
I
Reserved
Window Size
Length
G
K
H
T
N
N
Checksum
Urgent Pointer
Options
Padding
Data
Figure 8.20
30
TCP Header Fields

• Source/Destination Port like UDP
• Sequence number (sequence of first byte of data)
• Ack number (acknowledges all previous bytes)
• Flags
• URG Header contains an urgent pointer
• PSH Push data immediately to application
• SYN Synchronize, requests connection and
  initial sequence numbers
• FIN No more data to send (requests a close)
• RST Reset immediate (and ungraceful) close
• Checksum Covers segment and pseudoheader, like
  UDP
• Urgent Pointer Points to the last byte of
  urgent data, relative to segment sequence number
• Window Size number of bytes sender can accept

31
Key TCP parameters
Receiver
Transmitter
Receive Window
Send Window
SlastWa-1
RlastWR1
Rlast
...
...
...
Rnext
Rnew
Octets transmitted and ACKed
Slast
Srecent
SlastWs-1
Rlast highest-numbered octet not yet read by the
application Rnext next expected octet Rnew
highest numbered octet received correctly RlastWR
-1 highest-numbered octet that can be
accommodated in receive buffer
Slast oldest unacknowledged octet Srecent
highest-numbered transmitted octet SlastWa-1
highest-numbered octet that can be
transmitted SlastWs-1 highest-numbered octet
that can be accepted from the application
WA WR-(Rnew-Rlast) Srecent-Slast ? WA
Figure 8.19
32
Setting the ACK timer

• Time should be a little more than round trip
  delay
• Problem, round trip delay is unknown
• Estimate using TRTT(new)? TRTT(old)(1-?)Tn
• Problem round trip delay varies.
• Solution Tout TRTTk?RTT, ?RTT delay
  variance
• Problem Variance is not known
• Estimate dRTT(new)? dRTT(old)(1- ?)Tn-TRTT
• Tout TRTT 4 dRTT

33
Key TCP Options

• Maximum Segment Size allows a larger segment
  size to be sent than 65,536 bytes
• Window Scale Indicates that window size will be
  scaled by a factor of N, up to 214 (i.e. Window
  size value of 1 represents window of N bytes)
• Needed on links with long delay/bandwidth product
• Timestamp Indicates segments contain a
  timestamp value
• Useful on fast connections where sequence numbers
  wrap around.

34
Sequence Number Paranoia?

• When TCP was created (1975), a key concern was
  that an old packet with the right sequence
  number would be recognized as valid.
• Wrong data would be recognized as correct
• Solution was large sequence numbers and random
  starting points
• 232 was enormous compared to data that could be
  sent through the 56K links of the time.
• Solution was believed by many to be paranoid
• Technology and Network use are testing the limit
• How fast does a Gigabit connection send 232
  bytes?
• Web browsing opens many TCP connections to same
  site and port number

35
The 3 way handshake to open
Host A
Host B
SYN, Seq_no x
SYN, Seq_no y, ACK, Ack_no x1
Seq_no x1, ACK, Ack_no y1
Figure 8.22
36
failure caused by old packet
Host A
Host B
Message from old connection
SYN, Seq_no n
New Connection
SYN, Seq_no n, ACK, Ack_no n1
Seq_no n1, ACK, Ack_no n1
Delayed segment with
Seq_no n2
Seq_no n2, (real data)
will be accepted!
Real data is rejected!
Figure 8.23
37
Socket based Client/Server
Host B (Server)
Host A (Client)
socket bind listen accept (blocks)
socket connect (blocks)
SYN, Seq_no x
SYN, Seq_no y, ACK, Ack_no x1
connect returns
Seq_no x1, ACK, Ack_no y1
write read (blocks)
accept returns read (blocks)
request message
read returns
write read (blocks)
reply message
read returns
Figure 8.24
38
TCP Flow Control
Host A
Host B
Window is 2048
t0
Seq_no 1, Ack_no 2000, Win 2048, No Data
t1
Seq_no 2000, Ack_no 1, Win 1024, Data
2000-3023
Waits to acknowledge first segment
Cant send more
t2
Seq_no 3024, Ack_no 1, Win 1024, Data
3024-4047
Acknowledges and sets lower window
t3
Seq_no 1, Ack_no 4048, Win 512, Data 1-128
Small window limits segment size
t4
Seq_no 4048, Ack_no 129, Win 1024, Data
4048-4559
Figure 8.25
39
Flow/Congestion control

• TCP uses a flow control window to limit traffic
• Flow control window Min(receiver window,
  congestion window)
• TCP adjusts congestion window via slow start
• Window starts at 1 maximum size segment (PDU)
• Window is increased for every acknowledgement
• Send one, get ack, window goes to 2
• Send two, get 2 acks, window goes to 4
• Send 4, get 4 acks, window goes to 8
• When window exceeds a congestion threshold, it is
  increased only when every packet in the window is
  acknowledged
• Send 8, get 8 acks, window goes to 9.
• Threshold and window adjusted when acks are lost

40
Congestion Control Window
Congestion occurs
Congestion
20
avoidance
Duplicate ACK
15
Congestion
window (segments)
Threshold
10
Slow
start
5
Round-trip times
Timeout
0

• Two kinds of congestion detection
• Timeout lost data or ACK, reset to one segment
• duplicate ACK (out of order arrival) cut in half

Figure 7.63
41
Efficiency issues

• Small messages (1 byte) still require lots of
  header (40 bytes TCP/IPnetwork layer)
• 1 byte messages are common with terminal (Telnet)
  sessions
• Sending individual bytes also increases
  processing
• Solution (Nagle algorithm) buffer until
  round-trip time to improve efficiency on slow
  networks
• Default Maximum Segment Size of 536 bytes
• More than 10 overhead due to headers
• Can use options to raise MSS size.
• LANs will still impose a limit and force
  fragmentation
• Small windows force more messages and lower
  efficiency (Silly window syndrome)
• Solution Hold back on advertising a small
  window (wait for timeout or for more space to be
  available)

42
Closing a TCP Connection
Host A
Host B
FIN, seq 5086
ACK 5087
Data, seq. 303, ACK 5087
Deliver 150 bytes
ACK 453
FIN, seq. 453, ACK 5087
ACK 454

• FIN requests the connection be closed
• After sending FIN, host waits for ACK and resends
  FIN if needed
• Not possible to avoid all possible errors.

Figure 8.27
43
CLOSED
passive open, create TCB
applic.close
active open,create TCB send SYN
LISTEN
receive SYN, send SYN, ACK
receive RST
send SYN
applic. close or timeout, delete TCB
SYN_SENT
SYN_RCVD
receive SYN, send ACK
receiveACK
receive SYN, ACK, send ACK
applic. close, send FIN
ESTABLISHED
receive FIN, send ACK
applic. close, send FIN
CLOSE_WAIT
receive FIN send ACK
applic. close send FIN
CLOSING
FIN_WAIT_1
receive ACK
LAST_ACK
receive ACK
receive ACK
receive FIN, ACK send ACK
receive FIN send ACK
2MSL timeout delete TCB
FIN_WAIT_2
TIME_WAIT
Figure 8.28
44
IP Routing
Transit AS
Stub AS
Multi-homed AS
Transit AS

• Network is organized into Autonomous Systems (AS)
• Single owner/administrator for routing (not
  single protocol)
• 3500 registered, 6500 maximum
• 3 kinds of AS
• Stub one connection to the rest of the network
• Multi-homed more than one connection, no
  through traffic
• Transit multiple connections, routes traffic
  through
• Two Routing Protocols
• Interior Gateway Protocol (IGP) Within an AS
• Exterior Gateway Protocol (EGP) Between ASs

45
Routing Information Protocol (RIP)
0 8
16
31
1 request 2 response
Command Version
Zero
Address Family Identifier (IP2)
Zero
IP Address (Individual Host or Network)
Up to 25 entries
Zero
Zero
Cost Metric ( of hops 1-15 or 16 for unreachable)
. . .

• Used to exchange routing costs periodically (30
  seconds)
• Designed for local networks (small)
• Split Horizon/Poisoned reverse path computation
• Version 2 (RFC 2453) supports CIDR routing (RFC
  2453)
• Still limited (slow recovery, low intelligence)

Figure 8.32
46
Open Shortest Path First (OSPF)

• Each router learns the whole network topology
• Routers monitor cost of direct links
• Routers periodically flood the network with link
  cost data
• Each router builds a complete topology (Dijkstra)
• Some benefits
• Rapid recovery after failure
• Different paths for different traffic classes
• Load balancing over multiple paths
• More flexible link and route cost (65K)
• Scaling based on 2-level hierarchy of areas
• Backbone area connects others.
• Flooding/topology computation limited within
  areas
• Routers that border areas learn and advertise
  ability to route into them.

47
Area Hierarchy
To another AS
R1
N1
N5
R3
R6
R7
N2
N4
R2
N6
R4
R5
N3
Area 0.0.0.0
Area 0.0.0.1
R8
Area 0.0.0.2
internal router (all links internal)
Backbone router (on the backbone)
N7
AS Boundary Router (Connects to other ASs)
Area 0.0.0.3
Border router (connects areas)
R router N network
Figure 8.33
48
OSPF Operation

• Protocol operates directly over IP (protocol 89)
• Message exchanges use IP Multicasting (224.0.0.5)
• Routers discover their neighbors through Hello
  protocol messages
• Router adjacency is established
• Two routers that share a point to point link are
  adjacent
• All routers on a single multi-access network are
  adjacent to a chosen designated router which
  computes routes.
• Routers exchange link state advertisements with
  adjacent routers and advertise inter-AS and
  inter-area routes.

49
OSPF Common header
1 Hello 2 DB description Link state
request Link state update Acknowledge
0 8
16
31
Version Type
Packet Length
Senders IP address
Router ID
Area packet belongs to
Area ID
Checksum
Authentication Type
Authenticate the sender
Authentication
Authentication
Figure 8.34
50
Hello Packet
0
16 24
31
Network Mask
Priority for designated router selection highest
number wins the job
Interval between packets
Hello Interval Options
Priority
Nonresponse interval
Dead Interval
Designated Router
Backup Designated Router
Neighbor 1
One for each neighbor discovered
. . .
Neighbor n
Figure 8.35
51
Database Update Packet
I first packet M More follow
0
16
24 29 31
Message size limit
M S
Interface MTU
Options Zero I M
Sequence for this data
Database Description Sequence Number
Router Network or Summary
Identifies Domain for routes
One for each link entry

• Packets exchanged by Adjacent routers after
  neighbor discovery
• One acts as master, one slave in each pair

Figure 8.36
52
Update request and Update response
0

31
Link State Type
Link State ID
Advertising Router
. . .
Figure 8.38
53
Border Gateway Protocol

• Allows routers in different ASs to exchange
  information and route packets
• Focus on policy, not optimality
• BGP speaking routers establish TCP links to other
  BGP speaker (Port 179)
• Exchange information to build a reachability tree
• Describe paths of the ASs traversed
• ASs can selectively refuse traffic.

54
AS routing Graph
AS2
AS1
AS6
AS5
AS3
AS7
AS4

• What is the path From AS4 to AS7?

Figure 8.40
55
External and Internal BGP
iBGP
R2
R3
AS2
eBGP
eBGP
R1
R4
AS3
AS1

• Internal BGP insures routes advertised from one
  AS are consistent
• All border gateways in an AS (logically) Mesh
  Connected via iBGP
• CIDR used to reduce volume of routes exchanged

Figure 8.41
56
BGP Open Message
0 8
16 24
31
Authenticates Sender
Marker
Length Type
OPEN Version
time between keep alive messages
My Autonomous System
Hold Time
BGP Identifier
Senders IP address (same for all for one sender)
Optional parameters length
Optional Parameters
Figure 8.44
57
BGP Update Message Contents
Unfeasible Routes Length (2 octets)
Routes being removed
Withdrawn Routes (variable)
Total Path Attribute Length (2 octets)
Path Attributes (variable)
Total Path Length and IP address space reachable
Network Layer Reachability Information (variable)
Figure 8.47
58
BGP Path Attributes
Attribute Type Attribute Length
Attribute Value

• Origin Internal to AS, External, or other
• AS_Path Path of ASs traversed (built
  dynamically)
• Next Hop IP address to use to reach NLRI
• Multi-exit hints on preferred choice for
  multiply connected ASs
• Local Pref Preference for a paritcular route

Figure 8.48
59
BGP Next Hop Information
10.1.2.0/24
10.10.1.2
R4
AS2
R1
10.10.4.2
10.10.3.0/24
eBGP
iBGP
10.10.4.1
iBGP
iBGP
R3
10.10.1.1
10.10.1.3
R2
AS1
- Reach 10.1.2.0/24 via
- Reach 10.1.2.0/24 via
next hop 10.10.1.2
next hop 10.10.1.2
- Reach 10.10.3.0/24 via
- Reach 10.10.3.0/24 via
next hop 10.10.4.1
next hop 10.10.4.2

• External routes use IP for the border gateway in
  next AS
• Internal routes use IP for next router on
  internal path

Figure 8.50
60
Multicast Routing
G1
G1
1
2
7
3
2
4
2
3
2
4
1
1
5
2
G1
3
3
5
8
4
1
2
1
4
S
G1
1
3
5
4
2
2
4
6
3
1
3
2
1
1
3
G2
4
3
G3
G3

• Routers duplicate packets to distribute to a
  group
• Distribution along a spanning tree insures only
  one copy/link
• Multicast Backbone (MBONE) builds spanning trees

Figure 8.52
61
Reverse Path Broadcasting (RPB)
G1
R2
Source
R1
R3
G2

• When router receives a packet from a source
• Decides whether or not it is on the shortest path
  from the source
• If so it forwards the packet on all other
  links(e.g. R1 to R2 and R3)
• If not it drops it (e.g. R3 drops packet from R2)

62
RPB Example, step 1.
G1
G1
1
2
7
3
2
4
2
3
4
2
1
1
5
2
G1
3
3
8
5
4
1
2
S
4
G1
1
1
3
5
4
2
2
4
6
1
3
3
2
1
1
G2
3
4
3
G3
G3
Figure 8.53
63
RPB Step 2
G1
G1
1
2
7
3
2
2
4
3
4
2
1
1
5
2
5
G1
3
3
8
4
2
1
S
4
G1
1
1
3
5
4
2
2
4
6
1
3
2
3
1
1
G2
3
4
3
G3
G3

• Red packets will be dropped

Figure 8.54
64
RPB Step 3
G1
G1
1
2
7
3
2
4
2
3
4
2
1
1
5
2
5
3
G1
3
8
4
1
2
4
S
G1
1
1
3
5
4
2
2
4
6
3
1
3
2
1
1
G2
3
4
3
G3
G3

• Packets go to routers and networks not part of
  G1
• Truncated RPB eliminates messages messages to
  hosts not in group
• To optimize routers must know group membership

Figure 8.55
65
Internet Group Management Protocol

• Allows hosts to signal Group membership to
  Routers to optimize broadcast distribution
• Routers poll hosts with broadcast address
• Hosts respond with groups they want to join (1
  message for each)
• First packet of each unique (source, group)
  distributed to all as before.
• Routers with no recipient issue prune messages
  to remove themselves from the broadcast
• Hosts can join a broadcast, generating graft
  message from their serving router.

Figure 8.56
66
Broadcast Routing after pruning
G1
G1
1
2
7
3
2
4
2
3
4
2
1
1
5
2
G1
3
3
5
8
4
1
2
1
4
S
G1
1
3
5
4
2
2
4
6
3
1
3
2
1
1
G1
3
4
3
G3
G3
Figure 8.57
67
Dynamic IP Addresses -DHCP

• Problem How to assign IP address to a machine
• Many machines have temporary connectivity
• IP addresses are scarce
• Solution Allow a machine to request IP address
  and configuration info
• Builds on older Bootstrap Protocol (Bootp)
• Allows client to get an IP address, subnet mask,
  gateway, and other information
• Assigned address is a license with a limited
  lifetime

68
Network Address Translation
H1
Local Net
Internet
Real IP Address
Local Addr
Local Addr
NAT
H1
H1

• Problem not enough real IP addresses
• Network Address Translator (NAT)
• Has external connection with real IP address
• Assigns unique local addresses via DHCP
• NAT translates addresses in packets
• Maintains a table mapping port number(external)
  to local address and port
• Translates addresses in packets going through it
• Not a perfect solution
• Local systems not visible outside (could be a
  security benefit)
• Difficult to allow incoming connection requests
• NAT must understand all protocols to translate
  properly

69
Mobile IP
Foreign network
Home network
Foreign agent
Mobile host
2
Home agent
Internet
3
1
Correspondent host

• Mobile host registers with an agent in the
  serving network
• Home agent knows where a mobile host is located
• Home agent intercepts packets bound for mobile
  host
• Home agent forwards packets to mobile host via a
  foreign agent
• Request is tunneled (IP packet embedded in
  another IP packet)
• Mobile host can reply directly, but continues to
  use same address

Figure 8.29
70
Optimizing Mobile IP
Foreign network
Home network
Foreign agent
Mobile host
2a
Home agent
Internet
3
4
1
2b
Correspondent host

• Home agent sends a binding message to
  corresponding host with address of foreign agent
• Corresponding host remembers the binding and
  tunnels traffic bound for the Mobile host
  directly to the Foreign Agent
• Difficult to deploy Corresponding host needs
  to be modified!

Figure 8.31