Network Layer Protocol & Internet Protocol (IP) · Network Layer Protocol & Internet Protocol (IP)...

Network Layer Protocol & Internet Protocol (IP)

Suguru Yamaguchi Nara Institute of Science and Technology

Department of Information Science

Reading Assignment

Information Network 1 / 2012 2

Network Layer Features   Basic model  Node identification  Node aggregation   End-to-end Packet delivery   Broadcast・Multicast

  Failure isolation and Failure recovery  Connecting heterogeneous datalinks



OSI 7 Layer Reference Model

Application

Presentation

Session

Transport

Network

Data Link

Physical

NFS

XDR

Sun RPC

TCP

IP

IEEE802.3

Ethernet Coax

ES (End System) ES (End System)

Upper Layer Protocol

IS (Intermediate System)

Physical connection Physical connection

Connecting Heterogeneous Data Link


Network

Gateway

The gateway forwards IP packets as an intermediate system according to the routing structure. Connecting directory with datalink in same network.


TCP/IP as a Layered Protocol Architecture

Physical

Network Interface

IP

TCP

Application

Physical

Network Interface

IP

TCP

Application

Physical

Network Interface

IP

IP realizes the end-to-end communication


TCP/IP as a Layered Protocol Architecture

(2) The layer upper to the IP protocol defines the service. Thereby, it does not matter what comes below the data link layer.

(1) Service relationship is defined by service provider.

Node Identification  Globally unique

address space   Address space and

delegation of authority  Network identification

and host identification   Address class


Address class Address space that delegates authority to the layers

Identifying network Identifying host

0xDD 0xA3 0x4A 0x7F

163.221.74.127/24

163 221 74 127

Network area is 24 bits

Ex. IPv4 address

Prefix length

Node Aggregation   163.221/16

  163.221.52/24   163.221.127.0/21   ...

  Prefix length = Binary tree level

  Simple expression → Fast and memory-saving  → Especially in relay node...


Address Aggregation   Aggregating contiguous network blocks


Host 00 Network Number 24

Host 01 Network Number



C

C

C

C

Prefix 22

4C

Address Aggregation


0 1 2 3 12345678 90123456 78901234 56789012 [1] 192.32. 0.0/20 : 11000000.00100000.0000---- -------- [2] 192.24.34.0/23 : 11000000.00011000.0010001- -------- [3] 192.24.32.0/23 : 11000000.00011000.0010000- --------

[4] 192.24.16.0/20 : 11000000.00011000.0001---- -------- [5] 192.24. 0.0/21 : 11000000.00011000.00000--- -------- [6] 192.24. 8.0/22 : 11000000.00011000.000010-- -------- [7] 192.24.12.0/22 : 11000000.00011000.000011-- --------

0 1 2 3 12345678 90123456 78901234 56789012 [1] 192.32. 0.0/20 : 11000000.00100000.0000---- -------- [8] 192.24.32.0/22 : 11000000.00011000.001000-- -------- [4] 192.24.16.0/20 : 11000000.00011000.0001---- --------

[5] 192.24. 0.0/21 : 11000000.00011000.00000--- -------- [9] 192.24. 8.0/21 : 11000000.00011000.00001--- --------

Aggregate; ‏[2] + [3] = [8] (.34/23 + .32/23) [6] + [7] = [9] (.8/22 + .12/22)

End-to-End Packet Delivery


 Network Layer “Cloud”  Hosts are present at the cloud edge   Identified uniquely by IPv4 address

Network Layer

163.221.5.5

163.221.4.4

163.221.3.3

Graph Representation of Networks


14

Hierarchy Perspective: who carries the ladder?

Data Link Layer Data Link Layer

Network Layer From data link layer to network layer: Native to data link layer Ex: LLC/SNAP, NLPID From network layer

to datalink layer: Native to network layer Ex) ARP (IPv4)‏ ND (IPv6)

Information Network 1 / 2012

Network to Data Link (1) – ARP   Address Resolution Protocol (ARP)

–  RFC 826   A → B: “M”

–  a → all stations: “where is B” –  b → a: “B is at b” –  a → b: “A → B: “M””


A B C a b c Data-link layer

Network layer

Network to Data Link (2) – ARP   The case of routed networks   A → C: “M”

–  a → all stations: “where is R” –  r → a: “R is at r” –  a → r: “A → C: “M””


A B a b

C D c d

R r

Data-link layer Network layer

–  r → all stations: “where is C” –  c → r: “C is at c” –  r → c: “A → C: “M””

Network to Data Link (3) – ARP   The case of bridged networks   A → C: “M”

–  a → all stations: “where is C” –  c → a: “C is at a” –  a → c: “A → C: “M””


A B a b

C D c d

T t

Data-link layer Network layer

Data Link to Network   Several network layer protocols are multiplexed to a single data

link layer.  Multiplexing, de-multiplexing


IPv4 IPv6 ....

Ethernet

IPv4 IPv6 ....

Ethernet Datalink

Network

?

Ethernet: IEEE802.3, 802.2LLC, …


Dst addr Src addr Type FCS DATA (variable)

Length FCS DATA (variable)

Length FCS DATA (variable)

DSAP SSAP CTL DATA (variable) FCS

Protocol ID Type DATA (variable) FCS

6 6 2

1 1 1

2 3

4

(0xFFFFで始まる）

Ethernet2

IEEE802.3 (Length < 0x05DC)

IEEE802.3 Raw

IEEE802.2 LLC

SNAP

Data Link to Network  De-multiplexing with LLC


Source SAP Address Information

1

Control

1 or 2 bytes

Destination SAP Address Source SAP Address

I/G

7 bits 1

C/R

7 bits 1

Destination SAP Address

1 byte

SAP address examples: 06 IP packet E0　Novell IPX FE　OSI packet AA　SubNetwork Access protocol (SNAP)

I/G = Individual or group address C/R = Command or response frame

De-multiplexing with LLC/SNAP


MAC Header FCS

AA AA 03 LLC PDU 1 1 1

Information SNAP Header

Type ORG

SNAP PDU

3 2

Implementing the Communication Model  Unicast

–  Peer to Peer communication •  Source and destination address allocation •  Example p.16, 17, 18 is Unicast

  Broadcast

 Multicast


Broadcast   Sending to all hosts running in the same transmission medium

(data link). –  Broadcast communication availability depends on the datalink. –  Many data links do not support broadcast communication.

 Does not guarantee a perfect broadcast. –  Passive hosts will not receive the broadcast. –  Processing received data depends on the processes run by

receiving hosts.

  IP broadcast   Link-layer broadcast


Bootstrapping with Broadcast   Broadcast communication in multi-access network

–  It is absolutely necessary to resolve address from network layer to data link layer.

–  Automatic configuration is absolutely necessary.

  Bootstrap A: –  a → all stations: “who is router” –  r → a: “router R is at r”


A B C a b c Data-link layer

Network layer

R r

Selective Broadcasting  Multicast

–  Multi-point to Multi-point communication –  Selective broadcasting –  Membership

•  If host is not a member, it won’t be able to listen to communications within the group.

–  Membership management –  Group Management

  IP multicast   Link-layer multicast


What if...?

→ Failure isolation and Failure recovery


Application

Presentation

Session

Transport

Network

Data Link

Physical

physical connection

Application

Presentation

Session

Transport

Network

Data Link

Physical

Failure Isolation: ICMP (1)  RFC792   Failure occurs below the data link layer

–  →Dropping a Packet   In the case a packet did not reach its destination

–  Destination Unreachable –  Returning to the source address.


failure

ICMP Destination Unreachable

Failure Isolation: ICMP (2)   End-to-end reachability verification, faulty section judgement

–  Echo Request, Echo Reply


Application

Presentation

Session

Transport

Network

Data Link

Physical

Application

Presentation

Session

Transport

Network

Data Link

Physical

Connecting Heterogeneous Data Links (1)   Because of heterogeneity...

–  Address architecture is different → Resolving with ARP. –  Multiplexing method is different → Resolving with LLC/SNAP

–  Transmission speed is different •  →Resolving with buffer

–  Maximum Transmission Unit (MTU) size is different •  →Fragmentation


Connecting Heterogeneous Data Links (2) Fragmentation and reassembly   Fragmentation：

–  Fragmenting a packet and keeping fragments within a maximum frame length.

 Reassembly： –  Reconstructing the fragmented packet at the destination node.


MTU = 1520 MTU = 9128

Fragmentation and Reassembly   IPv4 header

–  Flags = {0, MF, DF} –  Fragment offset: 13 bits


8 31 0 4 16

Ver.

Option (if any)‏

IHL Type of Service Total Length (in Octet)‏

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source Address

Destination Address

BOOTP & DHCP


Dynamic Assignment of IP addresses   It is desirable for several reasons:

–  IP addresses are assigned on-demand –  Avoid manual IP configuration –  Support mobility of laptops / handheld WiFi devices –  etc.


RARP  Reverse Address Resolution Protocol (RFC 903)

–  Works similar to ARP –  Broadcast a request for the IP address associated with a given

MAC address –  RARP server responds with an IP address –  Only assigns IP address (not the default router and subnet mask) –  Obsolete!


RARP

Ethernet MACaddress(48 bit)

ARPIP address(32 bit)

BOOTP   Bootstrap protocol (RFC 951)

–  Predecessor of DHCP –  Host can configure its IP parameters at boot time –  It was designed for a static environment –  Three services

•  IP address assignment. •  Detection of the IP address for a serving machine. •  The name of a file to be loaded and executed by the client machine

(boot file name) –  Not only assign IP address, but also default router, network mask,

etc. –  Sent as UDP messages (UDP Port 67 (server) and 68 (host)) –  Use limited broadcast address (255.255.255.255):

•  These addresses are never forwarded


DHCP (1)  Dynamic Host Configuration Protocol

–  It was developed in 1993 to improve and resolve specific limitations of BOOTP

–  It was devised to automate the configuration –  DHCP is the preferred mechanism for dynamic assignment of IP

addresses –  It use plug-and-play networking to join a new network and obtain an

IP address –  DHCP server can be configured to have two type of addresses :

•  Permanent addresses: assigned to server computers •  Pool of addresses: these are to be allocated on demand

–  DHCP issues a lease on the address for a finite period of time •  If lease expires, computer must renegotiate with the DHCP server


DHCP (2)


BOOTP/DHCP Message Format


Number of Seconds

OpCode Hardware Type

Your IP address

Unused (in BOOTP)Flags (in DHCP)

Gateway IP address

Client IP address

Server IP address

Hardware Address Length Hop Count

Server host name (64 bytes)

Client hardware address (16 bytes)

Boot file name (128 bytes)

Transaction ID

Options

DHCP Operations (1)


DHCP Client00:a0:24:71:e4:44 DHCP Server

DHCPDISCOVERSent to 255.255.255.255

DHCP Server


DHCP Server

DHCPOFFER

DHCPOFFER

DHCP DISCOVER

DHCP OFFER

DHCP Operations (2)



DHCP Server

DHCPREQUEST

DHCPACK


DHCP Server

DHCPREQUEST

DHCPACK

DHCP REQUEST

At this time, the DHCP client can start to use the IP address

Renewing a Lease (sent when 50% of lease has expired)

DHCP Operations (3)



DHCP Server

DHCPRELEASE

DHCP RELEASE

At this time, the DHCP client has released the IP address

Lecture Archive


Lecture Archive (2011) Network Layer Protocols & Internet Protocol (IP)   http://library.naist.jp/Real/9b2cf40300e4f2f41bcbe9166ff8b430/

index.html

Whole class   http://library.naist.jp/mylimedio/search/av2.do?

target=local&bibid=135469


IPv6


The End of IPv4   50 Billion individual elements

on the Internet in 2014


IPv4 Address Allocation


Report Date: 27-Apr-2012 http://labs.apnic.net/ipv4/report.html

Internet Protocol version 6 (IPv6)  Developed in early 90s

–  Deployed since late 90s early 2000  Designed to overcome limitations in IPv4   First issue was to deal with addressing

–  From 232 to 2128 (4.3 x 109 to 3.4 x 1038)   Enhance the security

–  IPsec is built in to IPv6 from the start   IPv6 global addressing enables you to

–  minimize devices, –  minimize delay, and –  simplify development

 Headers allow development of new quality and streaming services


IPv4 vs IPv6 (1)   Address architecture

–  Hierarchic structure –  Introduction of the concept of scope –  Clear definition of address classes

 Multicast Standardization –  Discontinuation of broadcast

  Able to deal with high-speed networks –  Simplified header format

•  Suppression of unused fields •  Static length •  Discontinuation of checksums •  Discontinuation of IP header options

–  Discontinuation of en-route packet fragmentation


IPv4 vs IPv6 (2)   Link layer and network layer address resolution

–  ARP -> NDP (Neighbor Discovery Protocol)‏ –  Unreachability detection

  Security –  IPsec as a standard

  Flexibility –  IP extension header

•  MobileIPv6 •  IPsec


IPv6 Address Format


IPv6 Address (1)   IPv4 address:

–  32 Bits (4 Bytes) –  4 decimal numbers separated by a dot –  192.168.1.240

  IPv6 address: –  128 Bits (16 Bytes) –  8 Groups separated by colons ( : ) –  Each group represent 4 Hexadecimal digits –  2001:0db8:85a3:0000:0000:8a2e:0370:7334 –  Allowing to remove leading zeros and skip consecutive zero

sequence •  2001:0db8:85a3:0000:0000:8a2e:0370:7334 •  2001:db8:85a3:0:0:8a2e:370:7334 •  2001:db8:85a3::8a2e:370:7334


IPv6 Address (2)   IPv4 compatibility address

–  ::IPv4 address –  ::203.178.142.1 –  Address used for auto-tunneling

  IPv4-mapped address –  ::ffff:IPv4 address –  ::ffff:203.178.142.1 –  Address expression to show a node implements IPv4 only


Scope (1)   Link-Local

–  To be used for •  auto-address configuration •  neighbor discovery

–  Valid in the scope of the given link, not routable –  fe80::/ 10 prefix

 Global –  Global/Universal address –  Routable –  Connect to any global scope address anywhere


Scope (2)


HOST HOST

Organization

Router

HOST

Link-local

Link-local

Global

Organization

IPv4 Header


version HL ToS Total Length

Iden4fica4on Flag Fragment Offset

TTL Protocol Header Checksum

Source address (32 bits)

Des4na4on address (32 bits)

Op4ons Padding

4 32 16 20 8

  Total length: 20 bytes + options   Fields in red are suppressed or renamed in IPv6

bit

IPv6 Header


version Traffic class Flow label

Payload length Next header Hop limit

Source address (128 bits)

Des4na4on address (128 bits)

4 32 16 24 12 bit

  Fixed length: 40 bytes   All optional/additional info is encoded in Extension Header   It isn’t protected by checksum

Address Structure (1)   Separating network prefix and interface ID

–  Network prefix (Upper 64 bits)‏ –  Interface ID (Lower 64 bits)‏: MAC address (EUI-64)

•  E.g. 00:e0:18:98:93:6d (MAC address) → 2001:200:16a:e320:2e0:18ff:fe98:936d


Interface ID Network Prefix

64 bits 64 bits

interface id subnet id global routing prefix 001

3 45 16 64

IANA → RIR RIR→ LIR /48 block for end user

Address Structure (2)   Address assignment following the network topology


FP TLA ID RE NLA ID SLA ID Interface ID

3 13 13 6 13 16 64

FP TLA ID RE NLA ID SLA ID Interface ID

3 13 8 24 16 64

sub-TLA

RFC2374

RFC2450

FP Format Prefix RE Reserved TLA ID Top-Level Aggregation Identifier NLA ID Next-Level Aggregation Identifier SLA ID Site-Level Aggregation Identifier

Address Assignment


APNIC

WIDE

NAIST USM

2001:200::/29 - 2001:3f8::/29

2001:200::/35

2001:200:16a::/48 2001:200:703::/48

TLA　ID

sub-TLA

NLA　ID

Top Level Aggregator (TLA)   Assigned from RIRs (ARIN, RIPE, APNIC)   /29 address space


TLA ID RE

3 13 8 24

NLA ID FP

TLA ID NLA ID SubTLA ID

Previous assignment

Current assignment

3 13 13 19

FP

Next Level Aggregator (NLA)   ISPs and organizations acquire addresses from TLA   Enabling to set a subnet   From /35 to /48 address spaces


TLA ID RE

3 13 8 24

NLA ID FP


Previous assignment

Current assignment

3 13 13 19

FP

Site Level Aggregator (SLA)  Organizations acquire addresses from NLA.   From /49 to /64 address spaces



3 13 13 19 16

FP SLA ID

Unicast Address  Unicast Address

–  Assigned to a single interface –  Address valid at the link scope –  fe80::2e0:18ff:fe98:936d


1111111010

10 bits 64 bits

00000 ......... 0000

56 bits

interface Id

Multicast Address  Multicast Address

–  Assigned to several interfaces and delivered to all these interfaces


11111111 8 bits 112 bits

flgs scope

4 4

group ID

0 reserved 1 node-local scope 2 link-local scope 5 site-local scope 8 organization-local scope E global scope F reserved

0000 permanent(defined)address 0001 temporary address

Format Prefix (1)


Usage Prefix Occupation Reserved 0000 0000 1/256 Unassigned 0000 0001 1/256 Reserved for NSAP Allocation 0000 001 1/128 Reserved for IPX Allocation 0000 010 1/128 Unassigned 0000 011 1/128 Unassigned 0000 1 1/32 Unassigned 0001 1/16 Aggregatable Global Unicast Address 001 1/8

Unassigned 010 1/8 Unassigned 011 1/8 Unassigned 100 1/8 Unassigned 101 1/8

Format Prefix (2)


Usage Prefix Occupation Unassigned 110 1/8 Unassigned 1110 1/16 Unassigned 1111 0 1/32 Unassigned 1111 10 1/64 Unassigned 1111 110 1/128 Unassigned 1111 1110 0 1/512 Link-Local Unicast Address 1111 1110 10 1/1024 Multicast Address 1111 1111 1/256

Unassigned is dealt with as Unicast from now on.

Defined Multicast Address FF00:0:0:0:0:0:0:0 reserved FF01:0:0:0:0:0:0:0 reserved : FF0F:0:0:0:0:0:0:0 reserved FF01:0:0:0:0:0:0:1 All IPv6 nodes address (node-local) FF02:0:0:0:0:0:0:1 All IPv6 nodes address (link-local) FF01:0:0:0:0:0:0:2 All IPv6 routers address (node-local) FF02:0:0:0:0:0:0:2 All IPv6 routers address (link-local) FF02:0:0:0:0:0:0:C DHCP servers / relay agents FF02:0:0:0:0:1:x:x Solicited-Node address


ICMPv6 & NDP


Control Protocols   IPv4 control protocols:

–  ICMP –  ARP –  IGMP

  IPv6 control protocol: –  Internet Control Message Protocol version 6 (ICMPv6)


ICMPv6  Many messages are the same as the IPv4 counterpart:

–  Type 1: Destination Unreachable –  Type 2: Packet Too Big (MTU) –  Type 3: Time Exceeded –  Type 4: Parameter Problem –  Type 128/129: Echo Request/ Echo Reply

 Must not be fragmented  Must not be originated in response to

–  ICMPv6 error or redirect messages –  multicast/broadcast packets addresses


Type Code Checksum

Message body

8 bits 8 bits 16 bits

Neighbor Discovery Protocol (NDP)  Uses ICMPv6 messages  Used to

–  Neighbor Solicitation (NS) •  determine link-layer address of neighbor

–  Neighbor Advertisement (NA) •  actively keep track of neighbor reachability

–  Router Solicitation (RS) •  determine on-link routers and default route

–  Router Advertisement (RA) •  send network information from routers to hosts

–  Redirect •  router can inform a node about better first-hop routers

  Protocol used for host auto-configuration   All ND messages must have hop limit = 255

–  must originate and terminate from the same link Information Network 1 / 2012 71

Neighbor Solicitation (NS)   Sent by node to determine link-layer address of a neighbor   Similar to an IPv4 ARP request   Packet description

–  Source address: Link-Local address –  Destination: Solicited-node multicast address or all nodes multicast

(FF02::1) –  Data contains Link-Layer address of source –  Query: “please send me your link-layer address” –  ICMP type 135


Neighbor Advertisement (NA)  Response to Neighbor Solicitation   Similar to an IPv4 ARP response   Includes my MAC address, so you can send me information   Packet description

–  Source address: Link-Local address of source –  Destination: Destination address of the NS request –  Data contains Link-Layer address of source –  ICMP type 136


Router Solicitation (RS)  Nodes request routers to send Router Advertisement

immediately   Packet description

–  Source: Link-Local address –  Destination: Multicast address all routers (FF02::2) –  ICMP type 133


Router Advertisement (RA)  Routers advertise periodically

–  Max time between advertisement ~ 4 – 8,000 sec. –  The advertisement has a lifetime

  Specifies if stateful or stateless auto-configuration is to be used   Packet description

–  Source: Router Link-Local address –  Destination: All nodes multicast address (FF02::1) –  Data: prefix, lifetimes, default router, options –  ICMP type 134


Duplicate Address Detection (DAD)   Similar to IPv4 ARP self

–  nodes can check whether an address is already in use   Packet description

–  Source: Unspecified –  Destination: Solicited-node multicast address –  Data: Link-layer address of source –  Query: “please send me your link-layer address” –  ICMP type 135

  If no NA is received, address is ok


Auto-configuration States   Stateful

–  Manual IP configuration –  DHCPv6 configuration

  Stateless –  Applies to hosts only (not to routers) –  No manual configuration required

•  Specifies the prefix, default route, and lifetime •  RA doesn’t specify the DNS servers

–  Assumes interface has unique identifies –  Assumes multicast capable link –  Uses Duplicate Address Detection


Auto-configuration Example


Internet Protocol Security (IPsec)


IP Security Overview   IPSec is not a single protocol

–  IPSec provides a set of security algorithms   IPSec provides a general security framework for a pair of

communicating entities –  Across LAN, Private & Public WANs –  Across Internet

  Applications of IPSec –  Secure branch office connectivity over the Internet –  Secure remote access over the Internet –  Establishing extranet and intranet connectivity with partners –  Enhancing electronic commerce security


IPsec Scenario


IPsec Services   Access Control  Connectionless integrity  Data origin authentication  Rejection of replayed packets  Confidentiality (encryption)   Limited traffic flow confidentiality


IPsec Protocols   Authentication Header (AH)

–  provide connectionless integrity and data origin authentication for IP datagrams

  Encapsulating Security Payload (ESP) –  provides confidentiality services –  ESP with Authentication

  Security Associations (SA) –  provides the bundle of algorithms and data that provide the

parameters necessary to operate the AH and ESP operations


Protocols & Services


AH ESP

(encryption only)

ESP (encryption &

authentication)

Access control yes yes yes

Connectionless integrity yes yes

Data origin authentication yes yes

Rejection of replay attacks yes yes yes

confidentiality no yes yes

Limited traffic flow confidentiality no yes yes

IPsec Modes of Operations   Transport

–  IPSec protects IP payload –  IPSec headers added before IP payload –  No change in IP header

  Tunnel –  IPSec protects total IP packet –  IPSec headers encapsulates IP packet –  New IP header is created


Security Services


Protocols Transport Mode SA Tunnel Mode SA

AH Authenticates IP payload and selected portions of IP header and IPv6 extension headers

Authenticates entire inner IP packet plus selected portions of outer IP header

ESP Encrypts IP payload and any IPv6 extesion header Encrypts inner IP packet

ESP with authentication

Encrypts IP payload and any IPv6 extesion header. Authenticates IP payload but no IP header

Encrypts inner IP packet. Authenticates inner IP packet.

Authentication Header (1)   It uses hashing operation to hide packet information   It provides

–  connectionless integrity, –  data authentication, and –  replay protection

 Guards against replay attacks  Header before applying AH


Authentication Header (2)


Tunnel Mode (AH Authentication)

Transport Mode (AH Authentication)

Encapsulating Security Payload (1)   It encrypts the packet’s payload with a symmetric key   It provides

–  confidentiality, –  data integrity, –  data origin authentication, and –  an anti-replay service

  Encryption –  Three-key triple DES –  RC5 –  IDEA –  Three-key triple IDEA –  CAST –  Blowfish


  Authentication –  HMAC-MD5-96 –  HMAC-SHA-1-96

Encapsulating Security Payload (2)


Transport Mode

Tunnel Mode

RFCs   IPSec documents:

–  RFC 2401: An overview of security architecture –  RFC 2402: Description of a packet authentication extension to IPv4

and IPv6 –  RFC 2406: Description of a packet encryption extension to IPv4

and IPv6 –  RFC 2408: Specification of key management capabilities


IPv6 Transition


Dual Stack  Dual stack host can speak both IPv4 and IPv6

–  Most workstations are IPv6-enabled


IPv4 IPv6

Application Layer

Transport Layer (TCP/UDP)

Network Interface Layer

Tunneling  Connection of IPv6 domains via IPv4 clouds   6to4

–  the most common IPv6 over IPv4 tunneling protocol –  Tunnel endpoints must have public IPv4 addresses

  Teredo –  encapsulating IPv6 inside IPv4/UDP


IPv6/Dual Network

6to4 Router Adds v4 header

IPv6/Dual Network IPv4 Core

IPv4 Router Forwards as Usual

Destination 6to4 router removes IPv4 header

Delivery Generation

Address Translation  NAT64

–  Packet headers are translated according to Stateless IP/ICMP Translation Algorithm (SIIT)

–  IPv6 (address + port) is mapped to IPv4 (address + port) –  IPv4 is mapped into IPv6 as Pref64::IPv4

•  Pref64 is an /96 IPv6 address pool


More Details  Many resources available

–  ARIN •  http://www.getipv6.info/index.php/Main_Page

–  APNIC •  http://www.apnic.net/community/ipv6-program

–  RIPE •  http://www.ripe.net/lir-services/resource-management/number-

resources/ipv6 –  AfriNIC

•  http://www.afrinic.net/IPv6/index.htm –  LACNIC

•  http://portalipv6.lacnic.net/en


IPv6 Advantages  More efficient address space allocation   End-to-end addressing; no NAT anymore   Fragmentation only by the source host  Routers don’t calculate header checksum (speed up)  Multicasting instead of broadcasting   Built-in security mechanisms   Single control protocol (ICMPv6)   Auto-configuration   etc.


Assignment 2


Network Configuration (1)  Goal: To understand the dynamics of IPv6 and to be able to

troubleshoot connectivity in an IPv6 network  What to do:

–  Download the provided network topology from the link below: •  http://iplab.naist.jp/class/infoN/2012/materials/sample.pkt

–  Configure the IPv6 addresses on the routers in the topology –  Enable Auto Config in IPv6 of the PCs in the network –  Test network connectivity by using Neighbor Discovery Protocol –  Configure the RIPng in the routers –  Disconnect one link between two routers and test network

connectivity again. Observe the communication between the two disconnected routers.


Network Configuration (2)   Essay

–  Briefly explain the following: •  IPv6 (i.e., addressing and subnetting) •  Neighbor Discovery protocol •  Routing •  RIPng

–  For the last step in the instructions, can the routers still communicate? Answer by yes or no, then explain why.


Submission  Deadline: May 16, 2012 (Wed) at 17:00 JST  Compress your Packet Tracer file and essay in one folder with

your name and student ID (e.g., DoudouFall1234567.zip) then send it to:

– [email protected]   For questions and concerns about the assignment, you may

contact the TAs by email ([email protected]) or meet them in A307 Internet Engineering Laboratory


Network Layer Protocol & Internet Protocol (IP) · Network Layer Protocol & Internet Protocol (IP)...

Documents

Transcript of Network Layer Protocol & Internet Protocol (IP) · Network Layer Protocol & Internet Protocol (IP)...