IP: putting it all together Part 1

1
IP putting it all togetherPart 1

• G53ACC
• Chris Greenhalgh

2
Contents

• Scenario
• Local network communication
• Sending a packet
• ARP
• Receiving a packet
• Remote network communication
• Routing

3
Book coverage

• Assumed from CCN
• Comer ch. 13 (routing), 17 (internet), 22 (IPv6),
  25 (TCP)
• Reviewed
• Comer ch. 18 (addresses), 20 (datagram), 21
  (frag.)
• Additional
• Comer ch. 19 (ARP), 23 (ICMP), 24 (UDP), 26
  (NAT), 27 (Internet routing, part)

4
Scenario

• Sending a UDP packet
• E.g. the ReverseClientUnicast, or DNS client
• Pre-configured machine
• On an Ethernet
• Connected to the Internet
• Running the IP protocol suite
• How does communication "really" work?

5
Scenario ( see text dump)
128.243.22.61 (monet)
Start Here ?
128.243.22.1
Ethernet switch(es)
128.243.21.1
128.243.21/24
Ethernet switch(es)
Router
128.243.22/24
Internet
128.243.21.16 (DNS server)
128.243.22.35 (mcclean)
128.243.21.19
155.198.5.83 (www.ic.ac.uk)
6
e.g. ReverseClientUnicast.java

• int port Integer.parseInt(args1)InetAddre
  ss server InetAddress.getByName(args0)
  DatagramSocket socket new DatagramSocket()
  byte data requestByteStream.toByteArray
  () DatagramPacket request new
  DatagramPacket(data, data.length, server,
  port)socket.send(request)

7
TCP/IP reference model
You are here
ReverseClient, DNS,
TCP, UDP
IP
IEEE802 Ethernet, WiFi,
Comer Fig. 17.4
8
What have you got?(what does the machine know?)

• An array of bytes
• Application layer data
• A destination IP address (not name)
• E.g. 128.243.22.35 (case 1) 128.243.21.19 (case
  2)
• A destination UDP port
• A sending UDP socket (gt source UDP port)
• Local IP configuration (in OS)
• See later

9
Goal send that data to the destination machine

• But physical network transports Ethernet frames
  (only!)

You are here Application Data
10
Transport layer, UDPadd UDP header

• Source port sending socket
• Dest. port from request

• Data app. Data
• Length data length
• Checksum error check (CRC)

11
TCP/IP reference model
You are here
ReverseClient, DNS,
TCP, UDP
IP
IEEE802 Ethernet, WiFi,
Comer Fig. 17.4
12
What have you got now?(what does the machine
know?)

• A UDP header and datagram payload
• Includes source dest. UDP ports
• Application layer data
• A destination IP address (not name)
• E.g. 128.243.22.35 (case 1) 128.243.21.19 (case
  2)
• Local IP configuration (in OS)
• See later

13
Network Layer, IPadd IP header
14
Selected IP header fields

• Version 4
• Type UDP
• Source IP address a local IP, probably not
  filled in yet
• Destination IP from request

• TTL Time To Live (network hops), initially
  high
• Header checksum error check for header
• Fragment offset see fragmentation

15
So

• You have
• IP packet
• With IP destination

• You need
• Ethernet (or other network) Interface to send it
• Ethernet frame
• With Ethernet destination

16
Local IP configuration

• For now assume set by hand, e.g. on monet
• Own IP address, e.g. 128.243.22.61
• Netmask (range of IP addresses on physical
  segment), e.g. 255.255.255.0
• Default router, e.g. 128.243.22.1
• DNS server address
• (See later notes on auto-configuration)
• Built in
• Own Ethernet address (in Network Interface Card
  (NIC) PROM)

17
IP layer what shall I do with this packet?

• IP datagram forwarding rule
• Send it to another physically reachable machine
  which is believed to be closer to the IP
  destination
• But
• Which machine is closer?
• Which physical interface can be used to reach
  that machine?
• ? Consult OS IP routing table

18
Routing table

• Lists a set of rules
• ? What to do with a packet addressed to any
  destination IP address
• Which physical interface to use
• Whether the destination is directly reachable
• If not, which directly reachable machine to pass
  the packet on to

19
Routing table example (from scenario, monet)
G gateway (not direct)

• netstat -r Destination Gateway Genmask
  Fl M R U Iface 128.243.22.0 0.0.0.0
  255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0
  255.0.0.0 U 0 0 0 lo 0.0.0.0
  128.243.22.1 0.0.0.0 UG 0 0 0 eth0
  ifconfig eth0 windows ipconfig /alleth0 Link
  encapEthernet HWaddr 000102AD0F08 inet
  addr128.243.22.61 Bcast128.243.22.255
  Mask255.255.255.0 UP BROADCAST RUNNING
  MULTICAST MTU1500 Metric1

20
Routing table example windows (128.243.22.74 -
not from the scenario)

• gtnetstat rNetwork Destination Netmask
  Gateway Interface Metric
• 0.0.0.0 0.0.0.0
  128.243.22.1 128.243.22.74 10
• 127.0.0.0 255.0.0.0
  127.0.0.1 127.0.0.1 1
• 128.243.22.0 255.255.255.0
  128.243.22.74 128.243.22.74 10
• 128.243.22.74 255.255.255.255
  127.0.0.1 127.0.0.1 10
• gtipconfig /all
• Ethernet adapter Local Area Connection
• Connection-specific DNS Suffix .
• Description . . . . . . . . . . . 3Com
  Gigabit NIC (3C2000)
• Physical Address. . . . . . . . .
  00-0A-5E-54-2B-65
• IP Address. . . . . . . . . . . .
  128.243.22.74
• Subnet Mask . . . . . . . . . . .
  255.255.255.0

This machine(direct)
21
Case 1 send to 128.243.22.35
128.243.22.61 (monet)
Start Here ?
128.243.22.1
Ethernet switch(es)
128.243.21.1
128.243.21/24
Ethernet switch(es)
Router
128.243.22/24
Internet
128.243.21.16 (DNS server)
128.243.22.35 (mcclean)
128.243.21.19
155.198.5.83 (www.ic.ac.uk)
22
Case 1 Send to 128.243.22.35

• Find routing table entry matching destination IP
  address (128.243.22.35)
• ? gateway (if any) and interface
• No gateway (directly reachable destination)?
  send directly to 128.243.22.35
• Interface eth0
• Need Ethernet address for direct destination to
  send on Ethernet

23
Address Resolution Protocol (ARP)

• Internet standard, RFC 826
• Protocol for dynamic mapping of (local) IP
  addresses to (local) Ethernet address

24
ARP request/response packet

• Construct ARP request who has IP 128.243.22.34
• H hardware (Ether.) P protocol (IP)

25
ARP/Ethernet encapsulation

• Place ARP request in Ethernet frame
• Type 806

26
ARP query

• Broadcast on identified outgoing interface

Broadcast request
Unicast response
27
ARP query handling

• all hosts on that Ethernet receive the broadcast
  request and packet to OS
• Each host inspects Ethernet frame type and passes
  to relevant handler (in OS)
• ARP handler inspects request is this my IP
  address?
• Host 128.243.22.35 sees match and builds and
  sends back ARP response128.243.22.35
  Ethernet address 00a0c9ca1dd7
• Sending host caches this information for (near)
  future re-use in an ARP table

28
ARP cache

• Try arp a
• table of IP address ? Ethernet (MAC) address

29
TCP/IP reference model
You are here
ReverseClient, DNS,
TCP, UDP
IP
IEEE802 Ethernet, WiFi,
Comer Fig. 17.4
30
(Finally) Build Ethernet frame

• Source IP sending interface IP
• Source MAC address sending interface MAC
  address
• Destination IP address original destination
• Destination MAC address next hop MAC address
• Ethernet frame type 0800

31
Send on identified network interface

• Ethernet LAN is (logical) broadcast
• Packet typically seen by the Ethernet card of
  every machine on that LAN
• (give or take Ethernet switches which learn and
  route by MAC address)

32
Receiving a packet
33
Incoming Ethernet frame NIC

• Check dest. Ethernet (MAC) address
• Accept if broadcast or NICs MAC address
• Interrupt OS

34
Incoming Ethernet frame OS

• OS is interrupted by NIC and retrieves received
  Ethernet frame
• Inspects frame type field and handles contents
  (payload) accordingly
• 0806 ? ARP (already considered)
• 0800 ? IP v.4

35
Incoming IP packet (OS)

• Inspects IP header
• Check header checksum, discard if corrupted
• Check destination IP address
• If (one of our) local address(es), continue local
  processing
• Otherwise, consider for forwarding
• Forwarding enabled (e.g. router) ? see later
• Forwarding disabled (e.g. most hosts) ? discard

36
Incoming IP packet with local destination (OS)

• (Fragments reassembled first see later)
• Check IP packet type
• 1 ICMP Internet Control Message
• 2 IGMP Internet Group Management
• 4 IP in IP (encapsulation)
• 6 TCP Transmission Control
• 17 UDP User Datagram
• Pass to relevant handler

37
Incoming (e.g.) UDP datagram with local IP
address (OS)

• Inspects UDP header
• Check UDP checksum, discard if corrupt
• Check destination UDP port
• If not bound to an application? Send an error
  response (ICMP Destination Unreachable see
  later)
• If currently bound to an application socket?
  pass payload plus source IP and source UDP port
  to application socket

38
Receiving application (e.g. ReverseServerUnicast.
java)

• int port Integer.parseInt(args0)DatagramSock
  et socket new DatagramSocket(port)byte
  requestBytes new byte65536DatagramPacket
  request new DatagramPacket(requestBytes,
  requestBytes.length)socket.receive(request)
  ?

39
Case 2 send to 128.243.21.19 (different network)
128.243.22.61 (monet)
Start Here ?
128.243.22.1
Ethernet switch(es)
128.243.21.1
128.243.21/24
Ethernet switch(es)
Router
128.243.22/24
Internet
128.243.21.16 (DNS server)
128.243.22.35 (mcclean)
128.243.21.19
155.198.5.83 (www.ic.ac.uk)
40
Case 2 Send to 128.243.21.19

• Begins as before
• Construct UDP header
• Construct IP header
• ? Complete IP datagram

41
Case 2 Routing at sender
G gateway (not direct)

• Find routing table entry matching destination IP
  address (128.243.22.35) (may appear as
  default)
• netstat -r Destination Gateway Genmask
  Fl M R U Iface 128.243.22.0 0.0.0.0
  255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0
  255.0.0.0 U 0 0 0 lo 0.0.0.0
  128.243.22.1 0.0.0.0 UG 0 0 0 eth0
• Doesn't match local network, So use default route
• Gateway (next directly reachable hop) router
  128.243.22.1
• Outgoing network interface eth0 (IP
  128.243.22.61)

42
Case 2 Sending non-local

• Destination IP address is 128.243.21.19
• Destination Ethernet address is Ethernet address
  of gateway/next hop machine
• ? do ARP to find Ethernet address corresponding
  to IP 128.243.22.1
• Router replies with its MAC address on that LAN
• Send IP packet in Ethernet frame on LAN to router
  MAC address

43
Routing handling of packet

• Initially as for normal host receive
• NIC accepts Ethernet frame addressed to it
• Passes to OS via interrupt
• OS determines frame type and passes for handling
  as IP
• Checks packet is not corrupt
• Checks destination IP address
• If local, continue processing for local delivery
• If not local

44
Router packet forwarding

• OS checks packet Time To Live (TTL)
• may discard packet, else decrement TTL
• Now send as a normal packet
• router OS checks own routing tables
• finds next hop IP destination for network portion
  of IP address
• resolves low-level address of next hop (e.g.
  Ethernet, using ARP)
• sends packet on next hop interface

45
Routing in routers

• Routers are pre-configured with details of
  directly connected networks
• Routers exchange routing packets with all
  directly connected routers
• e.g. RIP, BGP, OSPF
• Routers progressively discover all networks and
  which interface is "closest" to them, i.e. what
  the next hop interface should be.

46
Wide-area routing

• For scalability (localisation of information)
  routing is normally divided
• Within a site or organisation autonomous
  unit
• Between autonomous units

Note different protocols, different levels of
granularity