IP Internet Protocol Address Resolution Protocol (ARP) Reverse Address Resolution Protocol (RARP)...

IPIPInternet ProtocolAddress Resolution Protocol (ARP)Reverse Address Resolution Protocol

(RARP)Internet Control Message Protocol

(ICMP)

Internet ProtocolInternet Protocol

• What role does IP play?• IP packet header• IP routing• Subnet addressing and masks• Special case of IP addresses

What can IP do?What can IP do?

• End-to-end connectivity over a network• Connectionless: no state maintained about

successive packets (flows)• Unreliable: packets may get lost or thrown

away, or received out of order• Best effort service, ``I will do my best, but nothing is guaranteed”

IP: Packet HeaderIP: Packet Header

Payload


• Source address• Destination address• Version: Currently IPV4, also IPV6• Header Length: # of 32 bit words in the

header• Total Length (16 bit number): in bytes

Max packet size = 65535 bytes

Header Payload


• 8-bit Type of Service (TOS)• 3-bit precedence field & D,T,R• TOS bits:

• Minimize delay• Maximize throughput• Maximize reliability• Minimize monetary cost

• Unused bit set to 0


• 8-bit Time to Live (TTL): It’s decremented every time the packet is forwarded

• 16-bit Checksum: Error detection for the header only. 16-bit ones complement

• 8-bit Protocol Field: identifies the protocol that the IP packet is servicing (TCP, UDP, ICMP,...)


• 16-bit Identification: Normally incrementsby one each time a datagram is sent

• 13-bit fragmentation offset in 64-bit chunks• 3-bits of flags

• Don’t Fragment (DF)• More Fragments (MF)• Unused = 0


• Options– Security and handling restrictions– Record route (have each router record

its IP address)– Time stamp (have each router record

its IP address and time)– Loose source routing– Strict source routing– Padding is zeros

IP RoutingIP Routing

Packet

Host/Route

• Is it for me?• Forward accordingto routing table

Ethernet

Interfaces Routing Table Entry• Dest IP address• IP address of next-hop router• Flags• Interface to pass packet to


Actions taken for routing• Search routing table for an entry that exactly

matches the complete destination IP address.If found then forward accordingly

• Default: send according to default entry

IP Routing: AddressingIP Routing: Addressing

Address hierarchy

net id host id

Class A, B, C.

net id host idsubnet id

IP address

Special IP address

SubnetSubnet

A campus network consisting of LANs for various departments

IP Routing: Addressing IP Routing: Addressing HierarchyHierarchy

Net

Subnet Subnet Subnet

Net

Subnet Subnet Subnet

IP Routing: AddressingIP Routing: Addressing

Post Office Routing Table

Destination Address Next POUSA 96822 1234 Dole Street AUSA 96822 4567 E-W Center Rd AUSA 96822 8901 Univ. Ave AUSA 96817 xxx DUSA 12485 xxx GJPN xxx HGBR xxx N

IP Routing: AddressingIP Routing: AddressingRouting Table Look Up• Find an exact, complete match of IP dest addr• If unsuccessful then find a match of subnet id• If unsuccessful then find a match of net id• Go to default

[root@localhost jsac2]# route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

128.172.167.0 * 255.255.255.0 U 0 0 0 eth0

169.254.0.0 * 255.255.0.0 U 0 0 0 eth0

127.0.0.0 * 255.0.0.0 U 0 0 0 lo

default oli1-gw.cns.vcu 0.0.0.0 UG 0 0 0 eth0

IP Routing: MasksIP Routing: MasksSubnet id entry in Routing Table

net id 00000000subnet id

net id, subnet id mask

1111111111111111111111100000000 Mask

Finding a match

IP dest addr Bit-wise AND =?Yes, then a match

IP Routing: MasksIP Routing: MasksNet id entry in Routing Table

net id

Finding a match

Compare net id in table with net id of IP dest addrof packet

IP: Special Case IP IP: Special Case IP AddressesAddresses

netid subnetid hostid Description0 0 Host on this net0 hostid Specify host on this net

127 anything Loopback address-1 -1 Limited broadcast

netid -1 Net directed broadcastnetid -1 Subnet-directed broadcastnetid -1 -1 All-subnets-directed broadcast

subnetid

to netid

1. Uniqueness of IP address

2. Connectionless service?

3. Layered approach?

4. What about Non TCP/UDP protocol?

5. Some use IP address as a test in payload such as FTP, internet telephony protocol H.323

6. We have limit on port number too.

IPv6?

Internet Control Protocol

Neighbor Greeting: ARP and Neighbor Greeting: ARP and RARPRARP

End nodes and routers find out their neighbors

Network

Point-to-point link

E R

Configured with IP address and mask for each link


End nodes attached via LANs

Network

R2

E4

R1

E1 E2

E3Ethernet


End nodes attached via LANs

R1

E1 E2

Ethernet

Ethernet packet

dst addr src addr rest of the packet

???

Neighbor Greeting: ARPNeighbor Greeting: ARP

R1

E1 E2

ARP requestbroadcast “E1where are you?”

R1

E1 E2

ARP reply:“I am here (giveethernet address)”

Neighbor Greeting: ARPNeighbor Greeting: ARP

RProxy ARPRouter responding toARP messages foranother node

Gratuitous ARP:Request to your own IP address1. Detect another node with the same IP address2. Update ARP cache entries if hardware addr

changes

Proxy

Neighbor Greeting: RARPNeighbor Greeting: RARP

S

E1 E2

RARP requestbroadcast “What’s myIP address (give ethernet address) ?”

S

E1 E2

RARP reply:“Your IP address isxxxx”

RARP server

Look up IPaddress

Doesn’t know IP addr


Ethernet packet

Header• Ethernet dst and src addresses• Ethernet frame type = 0x0806 for ARP request

or reply = 0x0805 for RARP request or

or reply

Header Payload


Payload• Hardware type = 1 for ethernet• Protocol type = 0x800 for IP• Length in octets of layer 2 address = 6 for ethernet• Length in octets of layer 3 address = 4 for IP• Operation

– 1 = ARP request– 2 = ARP reply– 3 = RARP request– 4 = RARP reply


Payload• Sender layer 2 address• Sender layer 3 address• Target layer 2 address• Target layer 3 address


R1

E1 E2

Ethernet

ARP Cache

IP dest Ethernet physical addr Time outs flushcache of oldentries

Internet Control Message Internet Control Message Protocol: ICMPProtocol: ICMP

• For the control plane• Uses IP packets• Deals with connectivity• Errors• Redirection


IP Header ICMP Message

8-bit Type 8-bit Code 16-bit Checksum


type Description0 echo reply (ping reply)3 destination unreachable4 source quench5 redirect8 echo request (ping request)9 router advertisement10 router solicitation11 time exceeded: Time-to-live = 0


type Description12 Parameter problem: IP header bad or

required option missing13 Time stamp request14 Time stamp reply15 Information request (obsolete)16 Information reply (obsolete)17 address mask request18 address mask reply

ICMP: Address Mask ICMP: Address Mask Request and ReplyRequest and Reply

type code (0) checksum

identifier sequence number

32-bit subnet mask

• It’s used by diskless systems to obtain theirsubnet mask

Used to match requests with replies

ICMP: Time Stamp Request ICMP: Time Stamp Request and Replyand Reply

type code (0) checksum

identifier sequence number

32-bit originate time stamp

It’s used to get the current time (# ms since midnite)

32-bit receive time stamp

32-bit transmit time stamp

req sent

req recvd

reply sent

ICMP: Port Unreachable ICMP: Port Unreachable ErrorError

dstX

Node Z

Can’t forwardto X for somereason

srcY

Header

dstY

srcZICMP

Tells Y that there’s a problem with forwardingto X at Z


Reasons why a packet can’t be forwarded:• Network or host can’t be reached because

– Not in routing table– Administrative or TOS prohibited

• Must fragment but packet indicates no fragmentation• Source route failed• Ports or protocol are unavailable


ICMP unreachable message

type(3) code checksum

Unused (must be 0)

IP header (including options)+ first 8 bytes of original IPdatagram data

First 8 bytes of original IP datagram includes src & dst port numbers for UDP and TCP headers

More on IP Packets: OptionsMore on IP Packets: Options0 15 16 31

Data

Vers HL TOS Total Length

Identification Flags Offset

TTL Protocol Header Checksum

Source Address

Destination Address

Options

More on IP Packets: OptionsMore on IP Packets: Options

• Options field is at most 40 bytes• Record Route Option• Timestamp Option• Source Routing

Record Route OptionRecord Route Option

Packet records route: list of IP addreses

code len ptr IP addr #1 IP addr #2 IP addr #9...

1 1 1 4 bytes 4 bytes 4 bytes

39 bytes

ptr=4 ptr=8 ptr=36

• Code = 7• len = total number of bytes• ptr = points to where the next IP addr goes

IP Timestamp OptionIP Timestamp Option

code len ptr timestamp #1 ...

1 1 1 4 bytes 4 bytes

timestamp #9

OF FL

• code = 0x44• len, ptr• FL flags field• OF field: incr every ovflow

Records time stamps along the route

• Records time stamps• Records TS and addr• Init w. addr & TS=0

then TS is filled in

Source Routing OptionSource Routing Option

• Strict source routing• Loose source routing

• List of IP addresses in the packet• Strictly defined = follow list exactly• Loosely defined = follow list but other nodes can

be in between


A,B,C,D

Header

BA C DStrictly defined

Loosely defined

AB

C

D


Packet follows the route in its list

code len ptr IP addr #1 IP addr #2 IP addr #9...

1 1 1 4 bytes 4 bytes 4 bytes

39 bytes

ptr=4 ptr=8 ptr=36

• Code = 0x83 (loose) or 0x89 (strict)• len = total number of bytes• ptr = points to where the next IP addr goes

Source Routing: ExampleSource Routing: Example

S

D

R1 R2R2

Headerdest

Payloadoptions

dest=D{R1,R2,R3}

dest=R1{R2,R3,D}

dest=R2{R1,R3,D}

dest=R3{R1,R2,D}

ptr ptr ptr

D dest=D{R1,R2,R3}

ptr


• Routing principles• ICMP unreachable errors• ICMP redirects• Fast table lookups

Routing PrinciplesRouting Principles

• Routing mechanism: search routing table anddecide which interface to send the packet

• Routing policy: rules to decide which routesgo into the routing tables

Routing Principles: Routing Principles: processing done at the IP processing done at the IP

layerlayer

RoutingTable

routecommand

routingDaemon

netstatecommand

ICMP

redirectsNext interface to forward to

IPlayer

Routing Principles: simple Routing Principles: simple routing tablerouting table

Destination Gateway Flags Refcnt Use Interface140.252.13.65 140.252.13.35 UGH 0 0 emd0127.0.0.1 127.0.0.1 UH 1 0 lo0default 140.252.13.33 UG 0 0 emd0140.252.13.32 140.252.13.34 U 4 25 emd0

Loopback

.35 .34 .33

emd0

# active connections

# packets


Flags• U: Route is up• G: Route is to a gateway (router; “indirect route”).

If not then the dest is directly connected (“direct route)

• H: Host, destination address must be matchedcompletely. Without H, destination is a net orsubnet

• D: Route was created by a redirect• M: Route was modified by a redirect


End

End

R

Directroutes

Indirect route

ICMP Unreachable ErrorsICMP Unreachable Errors

• When a packet cannot be forwarded thenIP sends an ICMP unreachable errormessage back to the source

ICMP RedirectsICMP Redirects

R2

R1

• Dest=X• No Routing Table Entry• Default = R1

1 2

Forward

I just sent a messageout from where I received it

ICMPredirect

3

ICMP redirects updatesrouting tables

ICMP Redirect MessageICMP Redirect Messagetype(5) code(0-3) checksumrouter IP address that should be used

IP header (including options) +first 8 bytes of original IP datagram

code Description0 redirect for network1 redirect for host2 redirect for TOS and network3 redirect for TOS and host

ICMP Router Discovery ICMP Router Discovery MessagesMessages

H

R1 R2

• Boot• No entries in routing table• Send router solicitation

(rs) message

rs

ra + list ra + list

Other nodes reply• Router advertisement

(ra)• List of destinations it

has in its routing tables


type(10) code(0-3) checksumUnused (sent as 0)

Format of ICMP router solicitation message


type(9) code(0) checksum

router address[1]

Format of ICMP router advertisement message

# addr 2 lifetime

preference level[1]router address[2]

preference level[2]

addrentrysize

Fast ForwardingFast Forwarding

Table look-ups are a bottleneck to packet processing

• Let’s assume each IP address (as a destination)in the routing table has a mask.

• An IP address that would be flagged H (requiringa complete match) would have a mask 1111....11111

• Table look-up: find the longest prefix match

Fast Forwarding: ExampleFast Forwarding: Example

Routing table entries:1. value: 11001111 01011100 00000000 10000111 mask: 11111111 11111111 11111111 111111112. value: 11001111 01011100 00000000 00000000 mask: 11111111 11111111 00000000 000000003. value: 11001111 01011100 00000000 00000000 mask: 11111111 11111111 11100000 00000000

11001111 01011100 00000000 10000111

Longest prefix match

Fast Forwarding: ExampleFast Forwarding: Example

Routing table entries:1. value: 11001111 01011100 00000000 10000111 mask: 11111111 11111111 11111111 111111112. value: 11001111 01011100 00000000 00000000 mask: 11111111 11111111 00000000 000000003. value: 11001111 01011100 00000000 00000000 mask: 11111111 11111111 11100000 00000000

11001111 01011100 00001000 10000111

Longest prefix match

Fast ForwardingFast Forwarding

• Tries• Hash functions and binary search

TriesTries

Binary tree root

leaf

Each node hasat most two children

TriesTries

• Binary tree• Each node represents a prefix or part of a prefix• Each node has a pointer to data for that prefix

E.g., outgoing interface for the prefix• A child node extends a parent node by an

additional bit

TriesTries

01*0 1

010 011

No childrenso it is the longestprefix with these bits

1

0111*

Prefix for a subnet

Not a prefix

Prefix for a subnet

TriesTries{ }

0 1

00* 01 10 11*

000 001*

0001*

010

0101*

101* 111*

1010*

TriesTries

Searching a trie:• Start from the root• Continue going down the trie matching the IP

address of the packet• If any * is encountered then record that as

the “longest prefix so far”• Return the longest prefix so far

Tries: ImprovementsTries: Improvements

Collapsing a long nonbranching path

1

11

111

1111*

1

1111*


• Trading memory for search time: k-ary treesI.e., trees with up to k children per child

• Trees are shorter so search time is faster• k should be a power of two, e.g., 8 or 16


101

1010* 1011

10100* 10110*

Binary Trie

101

10100 10101 10110 10111

What forwarding infoshould be stored ateach entry?


101

1010* 1011

10100* 10110*

Binary Trie

101

10100 10101 10110 10111

10100*1010*

1010* 10110*

Tries: Hashing and Binary Tries: Hashing and Binary SearchSearch

Implementation of a routing table:

Suppose the table was for exact IP address matches

Implementation 1:• Have a memory with 32 address bits• Each address A has an entry for the IP dest A• Problem: Big memory (4 billion) even though the

number of IP destinations may be much smaller

Tries: Hashing and Binary Tries: Hashing and Binary SearchSearch

Routing TableAddresses Entries(32 bits)

Sparsely filled

IP Packet

dst

Returnoutgoinginterface

Tries: Hashing functionTries: Hashing function

Smaller Routing TableAddresses Entries(16 bits)

denser

IP Packet

dst

Returnoutgoinginterface

h(dst)

Tries: Hashing FunctionTries: Hashing Function

• The hashing function maps the 32-bit number (IP address) into a 16-bit number (memory address of the routing table).

• Mapping tries to be uniform. Ideally each 32-bit number gets mapped to a distinct 16-bit number

• Example hashing function:

h(dst) = (a * dst + b) mod 216


• Two distinct IP addresses dstA and dstB couldgive the same hashing function output, i.e.,h(dstA) = h(dstB). CONTENTION!

IP Packet

dst

h(dst)

Store alldsts thatmap to thesame outputas a linkedlist


• That’s for complete IP address matches• What about for longest prefixes?

– Each prefix entry (e.g., 01001*) is mappedby the hashing function to a linked list

Tries: Linear SearchTries: Linear Search

How do we find the longest prefix match?

Approach 1 (linear search): IP address11001111 01011100 00001000 10000111

To find an entry, search for• 1 (first bit)• then 11 (first 2 bits)• then 110 (first 3 bits)• and so on for all possible 32-bit prefixes

Tries: Binary SearchTries: Binary Search

Approach 2 (binary search): IP address11001111 01011100 00001000 10000111

To find an entry, search for• 11001111 01011100 (first 16 bits)• if unsuccessful search for first 8 bits• else search for first 24 bits• and so on until we find the longest prefix match

Tries: Binary SearchTries: Binary Search

Approach 2 (binary search): Suppose the table has the following entries

11001111 01011100 00001000 10000111*

11001111 0101110*

Then it must also have the entries

11001111 01011100 0&

11001111 01011100 00&

Etc

& means thatthere’s a biggerprefix

IP Internet Protocol Address Resolution Protocol (ARP) Reverse Address Resolution Protocol (RARP)...

Documents

Transcript of IP Internet Protocol Address Resolution Protocol (ARP) Reverse Address Resolution Protocol (RARP)...