Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how...
Transcript of Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how...
![Page 1: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/1.jpg)
CSE461UniversityofWashington 1
Topic• FillinginthegapsweneedtomakeforIPforwardingworkinpracBce– GeDngIPaddresses(DHCP)»– MappingIPtolinkaddresses(ARP)»
WhatlinklayeraddressdoIuse?
What’smyIP?
![Page 2: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/2.jpg)
CSE461UniversityofWashington 2
GeDngIPAddresses• Problem:
– AnodewakesupforthefirstBme…– WhatisitsIPaddress?What’stheIPaddressofitsrouter?Etc.
– AtleastEthernetaddressisonNIC
Hey,whereamI?
![Page 3: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/3.jpg)
CSE461UniversityofWashington 3
GeDngIPAddresses(2)1. ManualconfiguraBon(olddays)
– Can’tbefactoryset,dependsonuse2. AprotocolforautomaBcally
configuringaddresses(DHCP)»– ShiXsburdenfromuserstoITfolk
UseA.B.C.DWhat’smyIP?
![Page 4: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/4.jpg)
CSE461UniversityofWashington 4
DHCP• DHCP(DynamicHostConfiguraBon
Protocol),from1993,widelyused
• ItleasesIPaddresstonodes• Providesotherparameterstoo
– Networkprefix– Addressoflocalrouter– DNSserver,Bmeserver,etc.
![Page 5: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/5.jpg)
CSE461UniversityofWashington 5
DHCPProtocolStack• DHCPisaclient-serverapplicaBon
– UsesUDPports67,68
Ethernet
IP
UDP
DHCP
![Page 6: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/6.jpg)
CSE461UniversityofWashington 6
DHCPAddressing• Bootstrapissue:
– HowdoesnodesendamessagetoDHCPserverbeforeitisconfigured?
• Answer:– Nodesendsbroadcastmessagesthatdeliveredtoallnodesonthenetwork
– Broadcastaddressisall1s– IP(32bit):255.255.255.255– Ethernet(48bit):ff:ff:ff:ff:ff:ff
![Page 7: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/7.jpg)
CSE461UniversityofWashington 7
DHCPMessagesClient Server
Onelink
![Page 8: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/8.jpg)
CSE461UniversityofWashington 8
DHCPMessages(2)Client Server
DISCOVER
REQUEST
OFFER
ACK
Broadcast
![Page 9: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/9.jpg)
CSE461UniversityofWashington 9
DHCPMessages(3)• TorenewanexisBnglease,anabbreviatedsequenceisused:– REQUEST,followedbyACK
• Protocolalsosupportsreplicatedserversforreliability
![Page 10: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/10.jpg)
CSE461UniversityofWashington 10
SendinganIPPacket• Problem:
– AnodeneedsLinklayeraddressestosendaframeoverthelocallink
– HowdoesitgetthedesBnaBonlinkaddressfromadesBnaBonIPaddress?
Uhoh… MyIPis1.2.3.4
![Page 11: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/11.jpg)
CSE461UniversityofWashington 11
ARP(AddressResoluBonProtocol)• NodeusestomapalocalIPaddresstoitsLinklayeraddresses
SourceEthernet
Dest.Ethernet
SourceIP
Dest.IP Payload…
Linklayer
FromDHCP
FromNIC
FromARP
![Page 12: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/12.jpg)
CSE461UniversityofWashington 12
ARPProtocolStack• ARPsitsrightontopoflinklayer
– Noservers,justasksnodewithtargetIPtoidenBfyitself
– Usesbroadcasttoreachallnodes
Ethernet
ARP
![Page 13: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/13.jpg)
CSE461UniversityofWashington 13
ARPMessagesNode Target
Onelink
![Page 14: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/14.jpg)
CSE461UniversityofWashington 14
ARPMessages(2)Node Target
REQUEST BroadcastWhohasIP1.2.3.4?
REPLY
Idoat1:2:3:4:5:6
![Page 15: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/15.jpg)
CSE461UniversityofWashington 15
DiscoveryProtocols• Helpnodesfindeachother
– Therearemoreofthem!• E.g.,zeroconf,Bonjour
• OXeninvolvebroadcast– Sincenodesaren’tintroduced– Veryhandyglue
![Page 16: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/16.jpg)
CSE461UniversityofWashington 16
OtherAspectsofForwarding• It’snotallaboutaddresses…
Payload(e.g.,TCPsegment)
![Page 17: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/17.jpg)
CSE461UniversityofWashington 17
OtherAspects(2)• DecrementTTLvalue
– Protectsagainstloops• Checksheaderchecksum
– Toaddreliability• Fragmentlargepackets
– Splittofititonnextlink• SendcongesBonsignals
– WarnshostsofcongesBon• Generateserrormessages
– Tohelpmangenetwork• HandlevariousopBons
Cominglater
![Page 18: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/18.jpg)
Bigpacket
CSE461UniversityofWashington 18
Topic• Howdoweconnectnetworkswithdifferentmaximumpacketsizes?– Needtosplituppackets,ordiscoverthelargestsizetouse
It’stoobig!Takethat
![Page 19: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/19.jpg)
CSE461UniversityofWashington 19
PacketSizeProblem• Differentnetworkshavedifferentmaximumpacketsizes– OrMTU(MaximumTransmissionUnit)– E.g.,Ethernet1.5K,WiFi2.3K
• Preferlargepacketsforefficiency– Butwhatsizeistoolarge?– Difficultbecausenodedoesnotknowcompletenetworkpath
![Page 20: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/20.jpg)
CSE461UniversityofWashington 20
PacketSizeSoluBons• FragmentaBon(now)
– Splituplargepacketsinthenetworkiftheyaretoobigtosend
– Classicmethod,dated
• Discovery(next)– Findthelargestpacketthatfitsonthenetworkpathanduseit
– IPusestodayinsteadoffragmentaBon
![Page 21: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/21.jpg)
IPv4FragmentaBon• Routersfragmentpacketsthataretoolargetoforward• Receivinghostreassemblestoreduceloadonrouters
CSE461UniversityofWashington 21
Fragment! Reassemble!
Fitsonfirstlink
![Page 22: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/22.jpg)
IPv4FragmentaBonFields• Headerfieldsusedtohandlepacketsizedifferences
– IdenBficaBon,Fragmentoffset,MF/DFcontrolbits
CSE461UniversityofWashington 22
Payload(e.g.,TCPsegment)
![Page 23: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/23.jpg)
CSE461UniversityofWashington 23
IPv4FragmentaBonProcedure• Routerssplitapacketthatistoolarge:
– Typicallybreakintolargepieces– CopyIPheadertopieces– Adjustlengthonpieces– SetoffsettoindicateposiBon– SetMF(MoreFragments)onallpiecesexceptlast
• Receivinghostsreassemblesthepieces:– IdenBficaBonfieldlinkspiecestogether,MFtellsreceiverwhenithasallpieces
![Page 24: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/24.jpg)
IPv4FragmentaBon(2)
CSE461UniversityofWashington 24
ID=0x12efDataLen=2300Offset=0MF=0
ID=DataLen=Offset=MF=
ID=DataLen=Offset=MF=
BeforeMTU=2300
AXerMTU=1500
(Ignorelengthofheaders)
![Page 25: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/25.jpg)
IPv4FragmentaBon(3)
CSE461UniversityofWashington 25
ID=0x12efDataLen=2300Offset=0MF=0
ID=0x12efDataLen=1500Offset=0MF=1
ID=0x12efDataLen=800Offset=1500MF=0
BeforeMTU=2300
AXerMTU=1500
![Page 26: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/26.jpg)
CSE461UniversityofWashington 26
IPv4FragmentaBon(4)• Itworks!
– AllowsrepeatedfragmentaBon
• ButfragmentaBonisundesirable– Moreworkforrouters,hosts– Tendstomagnifylossrate– SecurityvulnerabiliBestoo
![Page 27: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/27.jpg)
CSE461UniversityofWashington 27
PathMTUDiscovery• DiscovertheMTUthatwillfit
– SowecanavoidfragmentaBon– Themethodinusetoday
• Hosttestspathwithlargepacket– Routersprovidefeedbackiftoolarge;theytellhostwhatsizewouldhavefit
![Page 28: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/28.jpg)
PathMTUDiscovery(2)
CSE461UniversityofWashington 28
Try1200 Try900
MTU=1200bytes MTU=900MTU=1400
![Page 29: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/29.jpg)
PathMTUDiscovery(3)
CSE461UniversityofWashington 29
Try1200 Try900
Test#2 Test#3Test#1
MTU=1200bytes MTU=900MTU=1400
![Page 30: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/30.jpg)
CSE461UniversityofWashington 30
PathMTUDiscovery(4)• Processmayseeminvolved
– Butusuallyquicktofindrightsize
• PathMTUdependsonthepathandsocanchangeoverBme– Searchisongoing
• ImplementedwithICMP(next)– SetDF(Don’tFragment)bitinIPheadertogetfeedbackmessages
![Page 31: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/31.jpg)
CSE461UniversityofWashington 31
Topic• Whathappenswhensomethinggoeswrongduringforwarding?– Needtobeabletofindtheproblem
Yikes!Whathappened?
XXXXXXX
![Page 32: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/32.jpg)
CSE461UniversityofWashington 32
InternetControlMessageProtocol• ICMPisacompanionprotocoltoIP
– Theyareimplementedtogether– SitsontopofIP(IPProtocol=1)
• ProvideserrorreportandtesBng– Errorisatrouterwhileforwarding– AlsotesBngthathostscanuse
![Page 33: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/33.jpg)
ICMPErrors• Whenrouterencountersanerrorwhileforwarding:
– ItsendsanICMPerrorreportbacktotheIPsourceaddress– ItdiscardstheproblemaBcpacket;hostneedstorecBfy
CSE461UniversityofWashington 33
Reportthentossit!Oh,nowIsee…XXXXXXX
ICMPreport
![Page 34: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/34.jpg)
ICMPMessageFormat• EachICMPmessagehasaType,Code,andChecksum• OXencarrythestartoftheoffendingpacketaspayload• EachmessageiscarriedinanIPpacket
CSE461UniversityofWashington 34
![Page 35: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/35.jpg)
ICMPMessageFormat(2)• EachICMPmessagehasaType,Code,andChecksum• OXencarrythestartoftheoffendingpacketaspayload• EachmessageiscarriedinanIPpacket
CSE461UniversityofWashington 35
Src=router,Dst=AProtocol=1 Type=X,Code=Y Src=A,Dst=B
XXXXXXXXXXXXXXX
PorBonofoffendingpacket,starBngwithitsIPheader
ICMPheaderIPheader ICMPdata
![Page 36: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/36.jpg)
ExampleICMPMessages
CSE461UniversityofWashington 36
Name Type / Code Usage Dest. Unreachable (Net or Host) 3 / 0 or 1 Lack of connectivity Dest. Unreachable (Fragment) 3 / 4 Path MTU Discovery Time Exceeded (Transit) 11 / 0 Traceroute Echo Request or Reply 8 or 0 / 0 Ping
TesBng,notaforwardingerror:HostsendsEchoRequest,anddesBnaBonrespondswithanEchoReply
![Page 37: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/37.jpg)
Traceroute• IPheadercontainsTTL(Timetolive)field
– Decrementedeveryrouterhop,withICMPerrorifithitszero– Protectsagainstforwardingloops
CSE461UniversityofWashington 37
![Page 38: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/38.jpg)
Traceroute(2)• TracerouterepurposesTTLandICMPfuncBonality
– SendsprobepacketsincreasingTTLstarBngfrom1– ICMPerrorsidenBfyroutersonthepath
CSE461UniversityofWashington 38
...LocalHost
RemoteHost1hop 2hops 3hops N-1hops Nhops
![Page 39: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/39.jpg)
CSE461UniversityofWashington 39
Topic• IPversion6,thefutureofIPv4thatisnow(sBll)beingdeployed
WhydoIwantIPv6again?
![Page 40: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/40.jpg)
CSE461UniversityofWashington 40
• AtleastabillionInternethostsandgrowing…
• Andwe’reusing32-bitaddresses!
InternetGrowth
![Page 41: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/41.jpg)
TheEndofNewIPv4Addresses• NowrunningonleXoverblocksheldbytheregionalregistries;muchBghterallocaBonpolicies
CSE461UniversityofWashington 41
IANA(AllIPs)
ARIN(US,Canada)
APNIC(AsiaPacific)
RIPE(Europe)LACNIC
(LaBnAmer.)AfriNIC(Africa)
ISPs
Companies
Exhaustedon2/11! Endoftheworld?12/21/12?
Exhaustedon4/11and9/12!
![Page 42: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/42.jpg)
CSE461UniversityofWashington 42
IPVersion6totheRescue• EffortstartedbytheIETFin1994
– Muchlargeraddresses(128bits)– Manysundryimprovements
• BecameanIETFstandardin1998– Nothingmuchhappenedforadecade– Hamperedbydeploymentissues,andalackofadopBonincenBves
– Bigpush~2011asexhausBonlooms
![Page 43: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/43.jpg)
IPv6Deployment
CSE461UniversityofWashington 43
Timeforgrowth!
Source:GoogleIPv6StaBsBcs,30/1/13
PercentageofusersaccessingGoogleviaIPv6
![Page 44: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/44.jpg)
CSE461UniversityofWashington 44
IPv6• Featureslargeaddresses
– 128bits,mostofheader
• NewnotaBon– 8groupsof4hexdigits(16bits)– Omitleadingzeros,groupsofzeros
Ex:2001:0db8:0000:0000:0000:ff00:0042:8329à
32bits
![Page 45: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/45.jpg)
CSE461UniversityofWashington 45
IPv6(2)• Lotsofother,smallerchanges
– Streamlinedheaderprocessing– Flowlabeltogroupofpackets– Beserfitwith“advanced”features(mobility,mulBcasBng,security)
32bits
![Page 46: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/46.jpg)
CSE461UniversityofWashington 46
IPv6TransiBon• TheBigProblem:
– HowtodeployIPv6?– FundamentallyincompaBblewithIPv4
• Dozensofapproachesproposed– Dualstack(speakIPv4andIPv6)– Translators(convertpackets)– Tunnels(carryIPv6overIPv4)»
![Page 47: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/47.jpg)
Tunneling• NaBveIPv6islandsconnectedviaIPv4
– TunnelcarriesIPv6packetsacrossIPv4network
CSE461UniversityofWashington 47
![Page 48: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/48.jpg)
Tunneling(2)• TunnelactsasasinglelinkacrossIPv4network
CSE461UniversityofWashington 48
User UserTunnel
![Page 49: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/49.jpg)
Tunneling(3)• TunnelactsasasinglelinkacrossIPv4network
– DifficultyistosetuptunnelendpointsandrouBng
CSE461UniversityofWashington 49
IPv6
Link
User User
IPv4Link
IPv6IPv6
Link
IPv6
LinkIPv4Link
IPv6 IPv6
Link
NaBveIPv4NaBveIPv6 NaBveIPv6
Tunnel
![Page 50: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/50.jpg)
CSE461UniversityofWashington 50
Topic• WhatisNAT(NetworkAddressTranslaBon)?Howdoesitwork?– NATiswidelyusedattheedgesofthenetwork,e.g.,homes
I’maNATboxtoo!
Internet
![Page 51: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/51.jpg)
LayeringReview• Rememberhowlayeringismeanttowork?
– “Routersdon’tlookbeyondtheIPheader.”Well…
CSE461UniversityofWashington 51
TCP
IP
802.11
App
IP
802.11
IPEthernet
TCP
IP
802.11
App
IP
802.11
IPEthernet
Router
![Page 52: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/52.jpg)
Middleboxes• Sit“insidethenetwork”butperform“morethanIP”processingonpacketstoaddnewfuncBonality– NATbox,Firewall/IntrusionDetecBonSystem
CSE461UniversityofWashington 52
TCP
IP
802.11
App
IP
802.11
IPEthernet
TCP
IP
802.11
App
IP
802.11
IPEthernet
Middlebox
App/TCP
![Page 53: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/53.jpg)
CSE461UniversityofWashington 53
Middleboxes(2)• Advantages
– ApossiblerapiddeploymentpathwhenthereisnootheropBon
– Controlovermanyhosts(IT)
• Disadvantages– BreakinglayeringinterfereswithconnecBvity;strangesideeffects
– Poorvantagepointformanytasks
![Page 54: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/54.jpg)
CSE461UniversityofWashington 54
NAT(NetworkAddressTranslaBon)Box• NATboxconnectsaninternalnetworktoanexternalnetwork– Manyinternalhostsareconnectedusingfewexternaladdresses
– Middleboxthat“translatesaddresses”
• MoBvatedbyIPaddressscarcity– Controversialatfirst,nowaccepted
![Page 55: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/55.jpg)
CSE461UniversityofWashington 55
NAT(2)• Commonscenario:
– Homecomputersuse“private”IPaddresses– NAT(inAP/firewall)connectshometoISP
usingasingleexternalIPaddress
ISP
Unmodifiedcomputersathome Lookslikeonecomputeroutside
NATbox
![Page 56: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/56.jpg)
CSE461UniversityofWashington 56
HowNATWorks• Keepsaninternal/externaltable
– TypicallyusesIPaddress+TCPport– ThisisaddressandporttranslaBon
• Needportstomakemapping1-1sincetherearefewerexternalIPs
Internal IP:port External IP : port 192.168.1.12 : 5523 44.25.80.3 : 1500 192.168.1.13 : 1234 44.25.80.3 : 1501 192.168.2.20 : 1234 44.25.80.3 : 1502
WhatISPthinksWhathostthinks
![Page 57: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/57.jpg)
HowNATWorks(2)• InternalàExternal:
– LookupandrewriteSourceIP/port
CSE461UniversityofWashington 57
Internal IP:port External IP : port 192.168.1.12 : 5523 44.25.80.3 : 1500
NATbox
ExternaldesBnaBonIP=X,port=Y
Internalsource
Src=Dst=
Src=Dst=
![Page 58: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/58.jpg)
HowNATWorks(3)• ExternalàInternal
– LookupandrewriteDesBnaBonIP/port
CSE461UniversityofWashington 58
Internal IP:port External IP : port 192.168.1.12 : 5523 44.25.80.3 : 1500
NATbox
Externalsource
IP=X,port=YInternal
desBnaBon
Src=Dst=
Src=Dst=
![Page 59: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/59.jpg)
HowNATWorks(4)• NeedtoentertranslaBonsinthetableforittowork
– CreateexternalnamewhenhostmakesaTCPconnecBon
CSE461UniversityofWashington 59
Internal IP:port External IP : port 192.168.1.12 : 5523
NATbox
ExternaldesBnaBonIP=X,port=Y
Internalsource
Src=Dst=
Src=Dst=
![Page 60: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/60.jpg)
CSE461UniversityofWashington 60
NATDownsides• ConnecBvityhasbeenbroken!
– CanonlysendincomingpacketsaXeranoutgoingconnecBonissetup
– Difficulttorunserversorpeer-to-peerapps(Skype)athome
• Doesn’tworksowellwhentherearenoconnecBons(UDPapps)
• BreaksappsthatunwiselyexposetheirIPaddresses(FTP)
![Page 61: Filling in the gaps we need to make for IP forwarding work ... · Layering Review • Remember how layering is meant to work? – “Routers don’t look beyond the IP header.”](https://reader034.fdocuments.in/reader034/viewer/2022042417/5f3268bd80b68f0b3179f83e/html5/thumbnails/61.jpg)
CSE461UniversityofWashington 61
NATUpsides• RelievesmuchIPaddresspressure
– ManyhomehostsbehindNATs• Easytodeploy
– Rapidly,andbyyoualone• UsefulfuncBonality
– Firewall,helpswithprivacy
• Kinkswillgetworkedouteventually– “NATTraversal”forincomingtraffic