CIS 456 Open Systems Networking

1
CIS 456 Open Systems Networking

• Theodore L. Nicholson
• Fall Semester 2001

2
Addressing Improvements

• Lecture 9

3
Addressing Improvements

• The original IP addressing scheme divided the
  32-bit address into tow parts
• A network prefix
• A host address
• The main benefit of this scheme was to keep
  routing tables small

4
Addressing Improvements

• The IP addressing scheme accommodated diverse
  network sizes by dividing addresses into three
  classes
• Class A 8-bit net prefix 24-bit host address
• Class B 16-bit net prefix 16-bit host address
• Class C 24-bit net prefix 8-bit host address

5
Addressing Improvements

• Rapid Internet growth presents three problems
  related to addressing
• Immense administrative overhead is required
  merely to manage networked addresses
• Routing tables become extremely large
• The address space will eventually be exhausted

6
Addressing Improvements

• Minimizing the number of addresses
• Short of abandoning 32-bit addresses, strategies
  are employed to
• Avoid assigning network prefixes when possible
• Use Class C addresses rather than Class B
  addresses
• Modify internal routing algorithms
• Note IPv6 specifies 128 bit addresses (This is
  4 billion times 4 billion times the size of the
  IPv4 address space!)

7
Addressing Improvements

• We will examine three strategies to share one
  network addresses among multiple physical
  networks
• Transparent routers
• Proxy ARP
• IP subnetting

8
Transparent Routers

• Transparent Routers
• A transparent router may be added when a network
  has more host addresses than it needs for its own
  network (Its address space is larger than its
  needs)
• Called transparent because other hosts and
  routers on the network do not know it is a router

9
Transparent Routers
10
Transparent Routers

• ARPANET example
• ARPANET was assigned 10.0.0.0 (Class A)
• Internally, ARPANET treated address as 10.port
  PSN.u.destination PSN
• Thus, 10.2.5.37 and 10.2.9.37 both refer to host
  2 on port 37 (the third octet may be used by a
  transparent router)

11
Transparent Routers

• Advantages
• They reduce the number or required network
  addresses local network does not need its own
  network prefix
• Supports load balancing if two transparent
  routers connect to the same local network traffic
  can be split between them

12
Transparent Routers

• Disadvantages
• Only work with networks which have large address
  space (e.g., Class A)
• Do not provide all standard router services
  (e.g., ICMP)
• Cannot ping a transparent router to see if it is
  working

13
Proxy ARP

• A second technique to map a single network prefix
  to two physical addresses is known as proxy ARP
• Can only be used with networks that use ARP to
  bind IP addresses to physical addresses

14
Proxy ARP
15
Proxy ARP

• Essentially, the router lies about IP to physical
  address bindings
• When a sender on one network broadcasts an ARP
  request for a host on the other network, the
  router responds with its own physical address
• Thus, the ARP table of hosts will contain
  numerous IP addresses mapped to the same physical
  address (of the router)

16
Proxy ARP

• Although nothing in the ARP or IP protocols
  prevent such many to one mapping, such a
  situation is used in spoofing
• Spoofing Pretending to be another machine in
  order to intercept its packets
• ARP software to detect spoofing will report proxy
  ARP

17
Proxy ARP

• Advantages
• Can be added to a single router on a network
  without disturbing the routing tables in other
  hosts or routers on the network
• It completely hides the details of physical
  connections

18
Proxy ARP

• Disadvantages
• Only works on networks that use ARP
• Does not generalize to more complex network
  topologies (e.g., two or more routers connecting
  two physical networks)
• Relies on managers to manually maintain tables of
  machines and addresses

19
Subnet Addressing

• Subnetting is a required part of IP and is the
  most widely used technique for sharing a single
  network address

20
Subnet Addressing
21
Subnet Addressing

• We think of a 32-bit IP address as having an
  internet portion and a local portion, where the
  internet portion identifies a site, possibly with
  multiple physical networks, and the local portion
  identifies a physical network and a host at that
  site

22
Subnet Addressing
23
Subnet Addressing

• Hierarchical addressing
• Top level routing uses network prefix
• Local routing uses subnet portion
• A particular host is resolve by using the entire
  address
• Phone number analogy 10-digit phone number is
  divided into 3-digit area code, 3-digit exchange
  and 4-digit connection

24
Subnet Addressing

• Flexibility in address assignment
• Fixed-length subnetting
• Each subnet has the same size subnet prefix
• Variable-length subnetting
• Each subnet may use a different size subnet
  prefix

25
Subnet Addressing
26
Subnet Addressing

• Fixed-length
• Subnet Bits Subnets Hosts
• 0 1 65,534
• 2 2 16,382
• 3 6 8,190
• 4 14 4,094
• 5 30 2,046
• 6 62 1,022
• 7 126 510

27
Subnet Addressing

• Fixed-length
• Subnet Bits Subnets Hosts
• 8 254 254
• 9 510 126
• 10 1022 62
• 11 2046 30
• 12 4094 14
• 13 8190 6
• 14 16382 2

28
Subnet Addressing

• Fixed-length Must choose a compromise size for
  all subnets
• Variable-length Has serious disadvantage of
  address ambiguity (i.e., an address can appear to
  match two different subnets)

29
Subnet Masks

• Subnet Masks A 32-bit subnet mask is ANDed
  with an address to determine which portion of the
  local address corresponds to the subnet address
• For example, a Class B address which uses the
  third quad number for the subnet would use the
  following mask
• 11111111 11111111 11111111 00000000

30
Subnet Masks

• Default Subnet Masks
• Class A
• 11111111.00000000.00000000.00000000
• Class B
• 11111111.11111111.00000000.00000000
• Class C
• 11111111.11111111.11111111.00000000

31
Subnet Masks

• You construct a subnet mask as follows
• Assign a value of 1 to each of the 8, 16, or 24
  bits in the network field
• Assign a value of 1 to each bit in the subnet
  field
• Assign a value of 0 to each bit in the host field

32
Subnet Masks

• 10000000.00000001.10001010.00000001
• 11111111.11111111.11111111.00000000
• 10001010
• Class B (ignore 1st 2nd octet)
• Subnet address 10001010 138 in decimal
• 254 total subnets possible

33
Subnet Masks

• 10000000.00000001.00001010.00000001
• 11111111.11111111.11110000.00000000
• 00000000
• Class B (ignore 1st 2nd octet)
• Subnet address 00000000 0 in decimal
• Not a valid address

34
Subnet Masks

• 10000000.00000001.10001010.00000001
• 11111111.11111111.11110000.00000000
• 10000000
• Class B (ignore 1st 2nd octet)
• Subnet address 10000000 128 in decimal
• How many subnets possible?

35
Subnet Masks

• Since only four bits are borrowed from the host,
  there are a total of 24 2 14 possible subnets
• (0000) 0100 1000 1100
• 0001 0101 1001 1101
• 0010 0110 1010 1110
• 0011 0111 1011 (1111)

36
Subnet Masks

• Note When reporting addresses in decimal, we use
  the entire octet
• 0000 (not used)
• 0001 0000 16 lower range (00010001
  through 00011110 is 1st subnet)
• 1110 0000 224 upper range
• 1111 (reserved)

37
Subnet Masks

• What is range of the third octet which represents
  the first subnet of the prior example?
• 00010001 through 00011110
• (17) through (30)
• i.e., 128.1.17.x 128.1.30.x
• 14 254 3,556 total addresses

38
Subnet Masks

• 11001000.10000101.10101111.00010001
• 11111111.11111111.11111111.11110000
• 00010000
• Class C (ignore 1st 2nd 3rd octet)
• Subnet address 00010000 ? in decimal
• How many subnets possible?

39
Subnet Masks

• 200.133.175.x
• subnets 24-214
• 00010000 16 (but , reserved)
• 00010001 17 through 00011110 30
• 00011111 31 (broadcast address)
• 00100000 32 (but, reserved)
• 00100001 33 through 00101110 46

40
Subnet Masks

• Exercise
• Finish the numbering for all the subnet addresses
  of the prior example

41
Subnet Masks

• Although IP does not require that subnet masks be
  represented by contiguous bits, using a
  non-contiguous mask makes assigning host
  addresses and understanding routing tables tricky
• 11111111 11111111 00011000 01000000

42
Subnet Masks

• Using binary numbers is not the only way to
  represent a subnet mask
• Dotted Decimal
• 3 Tuple

43
Subnet Masks

• Dotted Decimal
• 255.255.255.0
• If the above mask were applied to a Class B
  address, the indication is that the third octet
  specifies the subnet

44
Subnet Masks

• 3 Tuple
• network, subnet, host
• -1, -1, 0
• Where -1 means all 1s
• e.g., 128.10, -1, 0
• Would be the mask for a Class B address where
  the third octet is used for subnet

45
Subnet Masks

• 3 Tuples may also be used to represent sets of
  addresses and abstract ideas
• e.g.,
• network, -1, -1
• Represents addresses with a valid network, a
  subnet field and a host field containing all ones

46
Subnet Routing

• Illegal Subnet Topology

47
Subnet Routing

• To achieve optimal routing, a machine M must use
  subnet routing for an IP network address N,
  unless there is a single path P such that P is a
  shortest path between M and every physical
  network that is a subset of N

48
Subnet Routing

• Subnetting Guidelines
• All subnets of a given network IP address must be
  contiguous, the subnet masks should be uniform
  across all networks, and all machines should
  participate in subnet routing

49
The Subnet Routing Algorithm

• Route_IP_Datagram(datagram, routing_table)
• Extract destination IP address, ID, from
  datagram
• For each entry in the routing table
• Let N be the bitwise-AND of ID and the subnet
  mask
• If N equals the network address field of the
  entry then route the datagram to the specified
  next hop address
• If no matches were found, declare a routing error

50
Anonymous Networking

• When a pair of routers is connected through a
  leased digital circuit (e.g., a T1 line) no
  hardware address is required
• The routing table will contain a default entry
  which sends all packets to the directly connected
  router
• The IP of the router is usually listed in the
  table only for human system administrators

51
Anonymous Networking
52
Supernetting

• Shortage of Class B addresses
• Only thousands of Class B addresses but millions
  of Class C addresses
• Transparent Routers, Proxy ARP and Subnetting are
  used to subdivide a single network address
• Supernetting combines a number of network
  addresses into a single one

53
Supernetting

• For example
• Rather than give an organization a Class B
  address (where the third octet would be used to
  subnet the address space), a contiguous set of
  256 Class C addresses may be given

54
Supernetting

• Intended for use in large organizations (that
  would normally have required a Class B address)
  and for commercial Internet Service Providers
  (ISPs)

55
Supernetting

• Solves the address exhaustion problem but creates
  a new difficulty addressing
• Under normal classed based addressing, instead of
  holding a single address for a Class B address,
  routing tables would have to hold 256 entries to
  resolve addresses to the same number of hosts

56
Supernetting

• Solution
• Classless Inter-Domain Routing (CIDR)
• Conceptually, CIDR collapses a block of
  contiguous Class C addresses into a single entry
  represented by a pair
• (network address, count)
• e.g., (192.5.48.0, 3)

57
CIDR

• The single address and count pair
• (192.5.48.0, 3)
• would be used to specify the three network
  addresses 192.5.48.0
• 192.5.49.0
• 192.5.50.0

58
CIDR

• CIDR does not restrict network numbers to Class C
  addresses nor does it use an integer count to
  specify a block size.
• Instead, CIDR requires each block of addresses to
  be a power of two and uses a bit mask to identify
  the size of the block

59
CIDR

• CIDR two required items lowest address in
  block and a bit mask for the size of the block

60
CIDR

• Example Suppose an organization is assigned a
  block of 2048 contiguous addresses starting at
  128.211.168.0
• 11111111.11111111.11111000.00000000
• 10000000.11010011.10101000.00000000
• 10000000.11010011.10101111.11111111

61
CIDR

• 128.211.168.0
• 10000000.11010011.10101000.00000000
• 128.211.175.255
• 100000000.11010011.10101111.11111111

62
CIDR

• Although a mask is used to officially specify a
  mask, CIDR informally uses slash notation to
  represent the mask length
• starting address/length of bit mask
• e.g., 128.211.168.0/21

63
CIDR

• CIDR Dotted Decimal
• /1 128.0.0.0
• /2 192.0.0.0
• /3 224.0.0.0
• /4 240.0.0.0
• /5 248.0.0.0
• /6 252.0.0.0
• /7 254.0.0.0
• /8 255.0.0.0 Class A
• /9 255.128.0.0
• /10 255.192.0.0

64
CIDR

• CIDR Dotted Decimal
• /11 255.224.0.0
• /12 255.240.0.0
• /13 255.248.0.0
• /14 255.252.0.0
• /15 255.254.0.0
• /16 255.255.0.0 Class B
• /17 255.255.128.0
• /18 255.255.192

65
CIDR

• CIDR Dotted Decimal
• /19 255.255.224.0
• /20 255.255.240.0
• /21 255.255.248.0
• /22 255.255.252.0
• /23 255.255.254.0
• /24 255.255.255.0 Class C
• /25 255.255.255.128
• /26 255.255.255.192

66
CIDR

• CIDR Dotted Decimal
• /27 255.255.255.224
• /28 255.255.255.240
• /29 255.255.255.248
• /30 255.255.255.252
• /31 255.255.255.254
• /32 255.255.255.255

67
CIDR

• Notice the pattern
• 10000000 128
• 11000000 192
• 11100000 224
• 11110000 240
• 11111000 248
• 11111100 252
• 11111110 254
• 11111111 255

68
CIDR

• Classless addressing allows complete flexibility
  in allocating blocks of various sizes

69
CIDR

• Example
• An ISP which is assigned 128.211.0.0/16 may give
  one customer 128.211.168.0/21 (2048 addresses)
  while it gives another customer
  128.211.176.212/29 (2 addresses)

70
CIDR

• 128.211.168.0/21
• Mask
• 11111111.11111111.11111000.00000000
• 128.211.168.0
• 10000000.11010011.10101000.00000000
• 128.211.175.255
• 100000000.11010011.10101111.11111111

71
CIDR

• 128.211.176.212/29
• mask
• 11111111.11111111.11111111.11111000
• 128.211.176.212
• 10000000.11010011.10110000.11010100
• 128.211.176.215
• 10000000.11010011.10110000.11010111

72
CIDR

• Classless addressing treats IP addresses as
  arbitrary integers and allows a network
  administrator to assign addresses in contiguous
  blocks where the number of addresses in a block
  is a power of two

73
CIDR

• Data Structures and Algorithms
• Speed
• Primary lookup
• Secondary table update
• CIDR addresses are not self-identifying
• Cannot use simple hash-based scheme

74
CIDR

• Binary Trie (pronounce try)

75
CIDR

• In a binary trie, the data is stored
  hierarchically according to value
• 32-bit Address Unique Prefix
• 00110101.00000000.00000000.00000000 001
• 01000110.00000000.00000000.00000000 0100
• 01010110.00000000.00000000.00000000 0101
• 01100001.00000000.00000000.00000000 011
• 10101010.11110000.00000000.00000000 1010
• 10110000.00000010.00000000.00000000 10110
• 10111011.00001010.00000000.00000000 10111

76
CIDR

• The trie itself only identifies potential
  candidates

77
CIDR

• To guarantee that a router does not forward
  datagrams unless the entire network prefix in the
  destination matches the route, each exterior node
  in the trie must contain a 32-bit address, A, and
  a 32-bit mask, M
• When the search reaches an exterior node compare
  (M AND destination) to A

78
CIDR

• In practice, non-unique prefixes often exist in
  the same routing table
• Prefix Next Hop
• 128.10.0.0/16 10.0.0.2
• 128.10.2.0/24 10.0.0.4

79
CIDR

• To cover the case where prefixes overlap, a
  longest-match algorithm must be used
• Each interior node contains an address/mask pair
• Later matches replace earlier matches as the trie
  is traversed

80
CIDR

• Trie Optimization
• If the top branches of a trie do not distinguish
  addresses (because all addresses share that
  portion of the prefix) it makes sense to either
  skip them or compress them

81
CIDR

• A PATRICIA trie allows each node to specify a
  value to test along with a number of bits to skip
• A Level-Compressed trie eliminates one or more
  levels in the trie
• Although these optimizations require more
  overhead, they are justified because a table is
  typically searched much more frequently than it
  is modified

82
CIDR

• Next Class
• Protocol Layering