ITI 510 - PowerPoint PPT Presentation

About This Presentation
Title:

ITI 510

Description:

ITI 510 Computer Networks Meeting 2 Rutgers University Internet Institute Instructor: Chris Uriarte – PowerPoint PPT presentation

Number of Views:103
Avg rating:3.0/5.0
Slides: 45
Provided by: Chris2311
Category:

less

Transcript and Presenter's Notes

Title: ITI 510


1
ITI 510 Computer NetworksMeeting 2
  • Rutgers University Internet Institute
  • Instructor Chris Uriarte

2
Agenda for Meeting 2
  • IP (Internet Protocol)
  • ARP and RARP (Address Resolution Protocol,
    Reverse Address Resolution Protocol)
  • ICMP (Internet Control Messaging Protocol)
  • IP Routing
  • traceroute, ping and arp utilities, host routing
    tables

3
Some Very Basic Network Terms
  • Node generally refers to any addressable device
    on a network like a workstation, server, router,
    etc.
  • Source any nodes that initiates a network
    connection - the sender (source host, source
    node, etc.)
  • Destination any node that receives a network
    packet or is intened as the recipient of a
    network packet (destination host, destination
    node, etc.)
  • Packet, Frame or Datagram - The unit of data that
    is routed between an source and a destination
    node on a network.

4
IP Internet Protocol
  • Developed by the DOD quickly became the network
    protocol for governments, universities and
    businesses.
  • Allows for the seamless integration of major
    network segments, new subnetworks and LANs
    without disrupting existing infrastructures.
  • The protocol that defines the IP Addresses
  • Operates at the Network layer of the OSI model

5
Nodes on an IP Network
  • Nodes on an IP network each have a unique address
    an IP Address
  • Recall, IP addresses contain (4) eight bit
    numbers separated by decimal places e.g.
    126.6.4.4
  • IP address blocks can be divided into subnets
    small networks that contain a range of IP
    addresses.
  • The Subnet Mask is used to define IP subnetworks
    within an IP Block.
  • For example, a network 126.6.4.0 with a Subnet
    Mask of 255.255.255.0 contains the IP addresses
    126.6.4.0 to 126.6.4.255.

6
IP Networks Special Addresses
  • Each IP Subnetwork contains 2 special addresses
    that cannot be used by hosts on the network.
  • The network address is the first IP address in a
    subnetwork and can be used to describe the name
    of a particular IP subnetwork (e.g. the 128.6.4.0
    network). Using a network address in conjunction
    with a subnet mask tells you EXACTLY the IP
    addresses contained in a subnetwork.
  • The broadcast address is the last IP address in a
    subnetwork range and is used to send a packet to
    ALL hosts on a subnetwork. For example, sending
    a packet to 128.6.4.255 on the 128.6.4.0/255.255.2
    55.0 network sends a packet to every host on that
    network)

7
Tying it All Together Network Subnet, Broadcast
Addresses
  • For example
  • If you have an IP network with a network address
    of 64.220.31.0 and a subnet mask of
    255.255.255.0, this means
  • The Network address is 64.220.31.0
  • The Broadcast address is 64.220.31.255
  • The range of useable host IP addresses within
    this network is 64.220.31.1 to 64.220.31.254.

8
Calculating IP Addresses in a Subnet
  • Given a particular IP network address and a
    subnet mask, you can calculate IP addresses by
    comparing the Binary equivalents of the network
    address and the subnet address. Example
  • Network 128.4.3.0 with a subnet of 255.255.255.0
  • Net 10000000.00000100.00000011.00000000
  • Mask 11111111.11111111.11111111.00000000
  • The all-ones portion of the netmask corresponds
    to the network address portion of an IP
    address.
  • The all-zeros portion of the netmask correspond
    to the valid range of host IP addresses in a
    network.
  • In this example 128.4.3.0 (10000000.00000100.00000
    011.00000000) to 128.4.3.255 (10000000.00000100.00
    000011.11111111) are in the subnetwork described
    above.

9
Moving IP Packets from One Host to Another IP
Routing
  • Sending an IP packet from one host to another
    host on network is known as IP Routing.
  • In a computer network, the host sending a packet
    is known as the source host. The host receiving
    the packet is known as the destination host.
  • When a host wants to transmit a packet to another
    host on an IP Network, several checks are made
  • If the destination host is on the same subnet as
    the source host, the packet is transmitted
    directly to the destination host.
  • If the destination host is on a different subnet,
    the packet is sent to a gateway device, which is
    the essentially a packets exit ramp to other
    networks. This device is usually an IP router.
    The router ties multiple networks together.
  • The source host uses the IP address/subnet mask
    calculations, demonstrated earlier, to determine
    if the destination host is on the same subnet or
    on a different subnet.

10
Basic IP Routing Example
11
Basic Rules for IP Routing
  • ALL devices connecting to an IP network follow
    some very basic rules when determining where to
    send a packet
  • If the destination host is part of the the local
    network or a network the host is directly
    attached to, send the packet directly to the
    host.
  • If the destination host is NOT attached to a
    local network, send the packet to a gateway
    device, which can determine what path the packet
    should take next.
  • The rules above illustrate the concept of
    next-hop routing

12
Next-hop Routing
  • IP does not need to know the complete route that
    must be followed to reach a destination host It
    only needs to find the next hop that will take
    responsibility for delivering the packet.

13
Which Gateway Device?
  • How does a host know what gateway device to use?
    Whats the IP address of the gateway device?
  • Remember, if a source host determines the
    destination host is not on the local network, it
    must forward the packet to a gateway device.
  • Can there be multiple gateway devices on a
    network?
  • What if we want our host to send packets destined
    for network A to gateway device A and packets
    destined for network B to gateway device B.
  • The use of Host Routing Tables allow us to
    address these specific questions.

14
Routing Tables
  • Every device on an IP network has a routing
    table, which is essentially a roadmap for IP
    packets.
  • The routing table tells the host where to send IP
    packets destined for a specific IP address or
    network and the addresses of any associated
    gateway devices.
  • Simple logical IP Routing Table
  • Destination Address Address of Gateway Device
  • 128.6.5.0 128.6.4.254
  • 128.7.7.0 128.6.4.128
  • Any other host/network 128.6.4.1

15
Example Use of a Host Routing Table
16
Default Routes
  • In the previous examples, the Any other
    host/network destination address is known as the
    default route.
  • The default route is the gateway address all
    packets are sent to if the host cannot find a
    more specific route for the destination.
  • Sometimes, the Any other host/network is
    displayed as 0.0.0.0 in the Destination
    column of the routing table.
  • Most PCs on a network are only setup with one
    route the default route. If a destination host
    is not on the local network, the packet is passed
    on to the default route.
  • In the previous slide (diagram), the router
    128.6.4.1 is setup as the default route for host
    A.

17
Examining Host Routing Tables
  • You can view the routing table on your IP host.
    Use
  • netstat rn (UNIX hosts)
  • route print (Windows hosts)
  • For example, on the UNIX host iti.rutgers.edu
    (165.230.30.68)
  • Kernel IP routing table
  • Destination Gateway Genmask
    Flags MSS Window irtt Iface
  • 165.230.30.68 0.0.0.0 255.255.255.255
    UH 0 0 0 eth0
  • 165.230.30.64 0.0.0.0 255.255.255.192 U
    0 0 0 eth0
  • 127.0.0.0 0.0.0.0 255.0.0.0 U
    0 0 0 lo
  • 0.0.0.0 165.230.30.65 0.0.0.0
    UG 0 0 0 eth0

18
The IP Packet
  • The actual IP packet sent from one host to
    another is an arrangement of bits in a very
    specific format.
  • The packet contains the most basic data needed to
    send a packet the address of the source host,
    the address of the destination host and the
    actual data being sent.
  • The packet also contains a number of additional
    mandatory and optional fields that describe
    protocol versions, packet size, checksums, and
    more.

19
Anatomy of an IP Packet
  • An IP Packet contains a 20-byte header, followed
    by the actual data, sometimes referred to as the
    payload.

BIT 0
BIT 31
20 Bytes Total
20
Examining some of the IP Header Fields
  • Version - Always set to the value 4, which is
    the current version of IP
  • IHL (IP Header Length) The number of 32-bit
    words (rows) that form the header
  • Type of Service (TOS) - Usually set to 0, but may
    indicate particular Quality of Service needs from
    the network. There are essentially handling
    instructions for routers the can treat packets
    differently based on the contents of this field.
    This value can be set, for example, by the host
    operating system, a router or an application.
  • TOS Examples include
  • 0000 Default
  • 0001 Minimize Monetary Cost
  • 0010 Minimize Reliability
  • 0100 Maximize Throughput
  • 1000 - Minimize Delay
  • 1111 Maximize Security

21
IP Header Fields cont.
  • Total Length Represents, in bytes, the size of
    the entire IP packet, including the header and
    data.
  • Identification A 16-bit number which, together
    with the source address, uniquely identifies this
    packet - used during reassembly of fragmented
    datagrams.
  • Flags - a sequence of three flags (one of the 4
    bits is unused) used to control whether routers
    are allowed to fragment, or break apart, a
    packet, and to indicate the parts of a packet to
    the receiver
  • Fragmentation Offset - a byte count from the
    start of the original sent packet, set by any
    router which performs IP router fragmentation.

22
IP Header Fields cont.
  • Time To Live The total number of hops /links
    which the packet may be routed over. When the
    packet hits a router, this value is decremented
    by most routers. Therefore, this value will
    enforce a maximum hop-count on a packet. This is
    used to prevent routing loops.
  • Protocol - A value used to represent what type
    of transport-level (layer 4) protocol or
    messaging protocol packet is being used with this
    IP packet
  • 1 ICMP 2 IGMP 6 TCP 17 UDP
  • e.g. TCP/IP packets always set to 6, UDP/IP
    packets always set to 17, etc.

23
IP Header Fields cont
  • Header Checksum - A mathematical checksum
    inserted by the sender and updated whenever the
    packet header is modified by a router. Used to
    detect processing errors introduced into the
    packet inside a router. Packets with an invalid
    checksum are discarded by all nodes in an IP
    network.
  • Source Address - the IP address of the original
    sender of the packet.
  • Destination Address - the IP address of the
    final destination of the packet.
  • Options - Not normally used, but when used the IP
    header length will be gt 5 32-bit words to
    indicate the size of the options field

24
Sending IP Packets on Local Networks
  • Before sending an IP packet directly to a host on
    a local LAN, it must first be wrapped up in a
    frame that is compatible with a lower-level
    protocol that operates on the Data Link Layer of
    the OSI model - this is usually the Ethernet
    protocol.
  • The Data Link layer is responsible for moving
    packets from node to node on a local network.
  • In addition to a network address, like an IP
    address, every node on an Ethernet network has a
    special hardware address.

25
Ethernet Node Hardware Addresses
  • Each Ethernet node has a unique hardware address
    that is built into the Network Interface Card
    (NIC) that connects it to the network.
  • This address is sometimes referred to as a MAC
    Address.
  • A MAC Address is usually displayed as six groups
    of two hexadecimal digits, separated by colons
  • 08002010d2ae
  • This existence of this address is usually
    transparent to the end user.

26
Transmission of IP Packets over Ethernet
  • When an IP packet is transmitted over an Ethernet
    LAN, the packet is encapsulated by an Ethernet
    packet, which contains the source and destination
    MAC address of the packet.
  • The Ethernet packet (which contains the IP
    Packet) is sent across the LAN to the destination
    host.
  • The destination host receives the Ethernet packet
    and extracts the IP packet it contains, which
    also contains the data (payload).

27
Sending an IP Packet over a LAN
28
MAC address and IP Address Pairings
  • Therefore, a host must not only know the IP
    address of the host it is sending IP data to, but
    it must also know the MAC address associated with
    that destination IP address.
  • How does a host determine the MAC address
    associated with a particular IP address???
  • Answer ARP (Address Resolution Protocol)

29
APR The Address Resolution Protocol
  • ARP is a protocol for mapping an IP address to a
    physical machine address that is recognized in
    the local network. Most commonly, this is used to
    associated IP addresses (32-bits long) with
    Ethernet MAC addresses (48-bits long)
  • A host usually keeps a table, known as the ARP
    cache, which maintains a correlation between each
    MAC address and its corresponding IP address.
  • You can view a hosts ARP cache by issuing the
    arp a command on UNIX and Windows hosts. (UNIX
    users may have to specify the full path to the
    arp utility /sbin/arp a)

30
ARP How the Protocol Works
  • After an IP packet is formed, the host must pass
    the packet down to the Data Link Layer (Layer 2),
    which is responsible for the Ethernet LAN
    protocol.
  • Before the Ethernet packet is formed, a host
    looks in its ARP Cache to see if it has a MAC
    address entry that corresponds to the IP
    destination address.
  • If an entry is found, the Ethernet packet is
    written, which contains the source and
    destination MAC addresses and the IP packet.

31
How ARP Works, cont.
  • If the host does not find a corresponding MAC
    address entry in the ARP cache, it sends a
    broadcast message to all hosts on the network,
    literally asking Who has IP address 123.4.5.6?.
  • If host 123.4.5.6 is alive on the network, it
    will respond to the source host with its MAC
    address. At this point, the destination host
    will also update its ARP cache with the MAC
    address of the sender.
  • Once the source host receives the MAC address, it
    updates its ARP cache, writes the Ethernet frame
    and sends it to the destination host over the
    network.
  • Each host will maintain the IP-MAC address entry
    in the ARP cache for a period of time before it
    is expired.

32
Reverse ARP (RARP)
  • A variant of ARP, called Reverse ARP, was
    developed to help a network node determine its
    own IP address.
  • Upon bootup, diskless workstations may not
    contain any IP address setting. The workstation
    can issue a RARP broadcast that says My MAC
    address is 08002010d2ae , what is my IP
    address??, in hopes that some other server is
    listening and will provide and answer.
  • In this cases, a centralized server needs to be
    configured with the necessary IP Address/MAC
    Address pairs.
  • RARP, has been superseded by two superior
    protocols, which perform the same functionality
    BOOTP and DHCP.

33
ICMP Internet Control Message Protocol
  • ICMP is a message control and error-reporting
    protocol between a host server and a gateway to
    the Internet.
  • ICMP uses IP datagrams to transport its messages.
  • ICMP messages are processed by the IP software
    portion of the operating system, are not directly
    apparent to the application user.

34
ICMP Message Generation
  • There are a number of situations that may cause
    an ICMP message to be generated
  • A link is down to a host
  • The TTL (Time-to-Live) IP Hop-count have have
    expired.
  • When an error is detected, the IP packet is
    discarded by the router and an ICMP message is
    returned directly to the source host.

35
Types of ICMP Error Messages
  • There are several types of ICMP Messages
  • Destination Unreachable A packet cannot reach
    its destination host, service or application.
    Usually caused by a network link, host or
    application being down.
  • Time Exceeded The Time-To-Live for a packet has
    expired, i.e. the packet hit too many routers in
    its travels. Usually caused by routing loops.
  • Parameter Problem Some piece of data in the IP
    header just doesnt make sense.
  • Redirect The router notifies the host sender to
    use another gateway for the desired path.

36
Transmission of ICMP Messages
  • ICMP Messages are sent in the Data portion of
    an IP packet.
  • The Protocol field in the IP packet is set to
    1, signifies to a host that the data portion of
    the packet contains an ICMP message.
  • The format of an ICMP message will vary based on
    the type of ICMP message.
  • Refer to Feits TCP/IP, Signature Edition pp. 190
    to 198 for specific formats.

37
When ICMP Messages are NOT Sent
  • When a particular problem is encountered sending
    an ICMP message back to a host (we dont want
    ICMP errors to create more ICMP packets).
  • When a problem is encountered with broadcast or
    multicast packets (packets sent to all hosts on a
    network). (we dont want multiple hosts
    responding with ICMP errors)
  • Messages whose source addresses does not identify
    a unique hosts, like 0.0.0.0 or 127.0.0.1

38
The ping Utility
  • Ping is a basic Internet program that lets you
    verify that a particular IP address exists and
    can accept requests.
  • Generally used for network troubleshooting and to
    verify connectivity between hosts.
  • Ping uses the ICMP ECHO function, which simply
    sends ICMP messages round-trip between hosts.
    When a destination host receives an ICMP ECHO
    request, it returns an ICMP ECHO message back to
    the source host.

39
The traceroute Utility
  • Traceroute is a network debugging utility that
    attempts to trace the path a packet takes through
    the network - its route.
  • It provides a visual depiction of each router a
    packet encounters between a source and
    destination host. Example
  • iti /usr/sbin/traceroute www.upenn.edu
  • traceroute to NISC9.upenn.edu (128.91.2.28), 30
    hops max, 38 byte packets
  • 1 nb-gw (165.230.30.65) 0.824 ms 0.809 ms
    0.718 ms
  • 2 rucs-gw (128.6.227.1) 0.850 ms 0.629 ms
    0.588 ms
  • 3 transition2-gw (165.230.12.145) 0.994 ms
    1.417 ms 1.188 ms
  • 4 pcp01-hill012-svcs.Rutgers.EDU
    (198.151.130.2) 1.395 ms 1.046 ms 1.092 ms
  • 5 rutgers-gw.Rutgers.EDU (198.151.130.194)
    8.809 ms 110.798 ms 1.546 ms
  • 6 jn1-at1-1-0-502.wor.vbns.net (204.147.128.26)
    3.182 ms 3.041 ms 2.917 ms
  • 7 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136)
    9.027 ms 8.344 ms 8.481 ms
  • 8 abilene-vbns.abilene.ucaid.edu (198.32.11.9)
    12.166 ms 11.791 ms 12.325 ms
  • 9 local.abilene.magpi.net (198.32.42.133)
    15.652 ms 15.592 ms 15.284 ms
  • 10 less.upenn.magpi.net (198.32.42.234) 15.283
    ms 15.567 ms 15.652 ms
  • 11 DEFAULT1-GW-FE2.UPENN.EDU (165.123.217.2)
    20.907 ms DEFAULT1-GW-FE.UPENN.EDU
    (165.123.237.2) 16.578 ms DEFAULT1-GW-FE2.UPENN.E
    DU (165.123.217.2) 16.421 ms
  • 12 NISC9.UPENN.EDU (128.91.2.28) 17.149 ms
    16.147 ms 16.265 ms

40
Traceroute, cont.
  • How traceroute works
  • Traceroute transmits packets with small TTL
    values. Recall that the TTL (Time To Live) is an
    IP header field that is designed to prevent
    packets from running in loops. Every router that
    handles a packet subtracts one from the packet's
    TTL. If the TTL reaches zero, the packet has
    expired and is discarded.
  • Traceroute depends on the common router practice
    of sending an ICMP Time Exceeded message, back to
    the sender when a TTL timeout occurs.
  • By using small TTL values which quickly expire,
    traceroute causes routers along a packet's normal
    delivery path to generate these ICMP messages
    which identify the router.
  • A TTL value of one should produce a message from
    the first router a TTL value of two generates a
    message from the second etc.

41
Traceroute, cont.
  • In a typical traceroute session, a group of
    packets with TTL1 are sent. A single router
    should respond, using the IP address of the
    interface it transmits the ICMP Timeout messages
    on.
  • The user is told this IP address, and DNS is used
    to convert this into a hostname, if available.
    Also, round trip times are reported for each
    packet in the group.
  • Traceroute reports any additional ICMP messages
    (such as destination unreachable errors) using a
    rather cryptic syntax
  • - !N means network unreachable, !H means host
    unreachable, etc.
  • Once this first group of packets has been
    processed (this can take 10 seconds or no time at
    all), the second group (TTL2) begins
    transmitting, and the whole process repeats

42
Traceroute, usage
  • UNIX Hosts
  • traceroute ltIP Address or Hostnamegt - e.g.
  • traceroute www.yahoo.com
  • Windows Hosts
  • tracert ltIP Address or Hostnamegt - e.g.
  • tracert www.yahoo.com

43
Recommended Reading
  • Chapters 4, 6, 7, and 8 in TCP/IP, Signature
    Edition by Sidnie Feit.

44
Next Meeting
  • Introduction to Interconnection Devices (routers,
    hubs, switches, bridges, etc.)
  • Dynamic Routing Protocols
  • UDP (User Datagram Protocol0
  • TCP (Transmission Control Protocol)
Write a Comment
User Comments (0)
About PowerShow.com