Chapter 18 - William Stallings, Data and Computer Communications, 8/e

1
Internet Protocol and Applications
2
Addressing

• Routing is part of IP, router needs to interpret
  addresses
• Format server. institution. domain

• gt Not an actual Internet address
• gt Identifies a host computer / server owned by
  an institution that is connected to an internet
• gt Domain does not have geographic significance
• Address identifies the following using 32-bits
• Participating network
• Node ID within the network

3
IPv4 Address Formats
4
IP Addresses - Class A

• start with binary 0
• all 0 (in first octet) is reserved
• 01111111 (127) (in first octet) is reserved
• range 1.x.x.x to 126.x.x.x
• all allocated
• Very large networks

5
IP Addresses - Class B

• start with binary 10
• range 128.x.x.x to 191.x.x.x
• second octet also included in network address
• 214 16,384 class B networks
• all allocated
• Fairly large

6
IP Addresses - Class C

• start with binary 110
• range 192.x.x.x to 223.x.x.x
• second and third octet also part of network
  address
• 221 2,097,152 networks
• nearly all allocated
• Relatively small

7
IP Addresses - Class D

• Multicast addressing one address for one group.
• Example Uses
• Software updates to installed machines
• video stream to selected users
• Routing is different from uni-cast routing

8
Classless Addresses

• 32-bit addressing has limitations.
• Example Class B assigned, network has 1000
  machines
• gt Huge unused addresses
• Alternative assign a group of class C networks
• Problems
• - Burden to plan for growth (256-increments)
• - Additional routing table information
  (performance suffers)

9
Classless Addresses

• Classless Inter-domain Routing (CIDR)
• Does not fall into above classes
• Number of bits defining the network number varies
• gt Allows networks of varying sizes
• Commonly used for multiple class C networks.
• For 1000 nodes 211.195.8.0 to 211.195.11.0

10
Classless Addresses

• Classless Inter-domain Routing (CIDR)
• gt First 22-bits are the same
• gt 22-bit network number, 10-bit local identifier
• Router can extract the network number by AND
  operation using a subnet mask
• several smaller groups into a larger group
  super-netting
• gt Fewer network numbers in routers

11
Classless Addresses

• Classless Inter-domain Routing (CIDR)
• Router needs to know the number of bits in the
  network ID
• Network address w. x. y. z is replaced by
• w. x. y. z / m
• m- number of bits in the network ID

12
Subnet Mask Calculation
13
Problems

• Classify the following
• 183.104.200.32, 210.20.34.100, 115.193.23.32
• IP address 140.100.120.02, subnet mask
  255.255.224.0, network number?
• Can 255.255.224.7 be a mask?
• For 8000 IP addresses, find the number of class
  C networks needed and describe CIDR addressing
  scheme (subnet mask).

14
Obtaining an Addresses

• Typical approach
• client machine requests an IP address from the
  server, server runs a protocol Dynamic Host
  Configuration Protocol (DHCP) that assigns an IP
  address from the list it maintains.
• Server is maintained by ISP or LAN manager.
• Internet Corporation for Assigned Names and
  Numbers (ICANN) allocates IP addresses.

15
Obtaining an Address

• Difficult to memorize IP addresses gt get a host
  name registered
• Host name is stored in a distributed directory
  referenced by client programs
• Registration is done through an accredited
  registrar (ICANN accredits)
• www.google.com 216.239.53.99

16
Domain Name System

• Translates text form of an address to the 32-bit
  address.
• It is a distributed database. Why?
• Challenge is to manage millions of addresses
  among servers and to provide a quick translation.
• Concept of domain eases this task
• DNS has hierarchical arrangement of organization.

17
Domain Name System

• Root server
• edu com org
• mit tamu microsoft ieee acm
• Host sends a request to the local name server -
  A. Process is complete if A can provide the
  translation.

18
Domain Name System

• Else, A sends the request to another server B at
  a higher level.
• The process continues until the request is
  resolved.
• The translated address is stored in the local
  cache of all intermediate servers gt avoids
  duplication of the complex translation process

19
IP Header
20
IP packets and Fragmentation

• Different fields of the IP packet we covered
• Different network architectures allow different
  Maximum Transfer Units (MTU)
• IP packet length lt MTU gt smooth entire transfer.
• IP packet length gt MTU gt fragmentation.
• Identification, flags, offset fields aid the
  process of reassembly.

21
Fragmentation

• Flag More fragment bit (MFB) 1 for each
  fragment except the last.
• Do not fragment bit 1, server responds with
  error if IP packet length gt MTU, used repeatedly
  to determine MTU
• Fragment offset field measures offset in units of
  8 bytes.
• IP packet of 4000 data bytes, MTU 1400 bytes.
  Show fragments with offset, MFB.

22
IP routing

• Is based on routing tables stored at routers and
  the interpretation of IP addresses
• Physical address one used by underlying physical
  network.
• Example Ethernet addresses enclosed in IEEE
  802.3 frames, these are 48-bit numbers assigned
  to the network interface cards
• Physical addresses have local significance but
  none at the global IP scale.

23
IP routing

• IP packets are enclosed in frames if they travel
  through LAN,
• If the frame goes to a router, IP layer extracts
  the packet, examines address, determines where to
  send.
• If the packet needs to go to a machine in the
  attached LAN, IP puts it in a frame and sends it
  to the destination direct routing.
• How to obtain the physical address?

24
IP routing

• Dynamic Binding (Address Resolution Protocol)
• Router sends a broadcast-request with an IP
  address for a response of physical address.
• Appropriate device responds with physical address
  gt stored in router-cache
• The cache needs periodic update to accommodate
  changes.

25
Routers

• Router 1 is connected to a network (LAN) with
  IP addresses 143.200.x.y
• Router 2 is connected to a network (LAN) with IP
  addresses 143.100.x.y
• Router 1 and Router 2 are connected.
• Router 1 gets a packet with destination
  143.200.10.5 gt direct delivery gt get physical
  address (using ARP or cache) gt send a frame

26
Routers

• Router 1 gets a packet with destination
  143.100.20.4 gt not connected to the LAN gt get
  the next hop (from routing table) gt send the
  packet to router 2.
• After receiving the packet, router 2 follows the
  same process as described in the earlier case.
• traceroute / tracert command can be used to
  display intermediate routers between the host and
  a specified destination

27
Routers

• Issues
• Finding the next hop the router looks it up in
  the table, challenge is to look it up fast,
  otherwise, packets accumulate gt cause delay gt
  buffer overflow (in extreme case)
• Hash structure works fast for searching the table
  (Content Addressable Memory)
• Next hop entry is stored at a location generated
  from a hash function of the destination.

28
Routers

• Issues
• Finding the next hop
• In that case there is no searching and next hop
  is found quickly.
• Moving packet from input to output port
• Bus gt simple, one at a time (slow)
• Switch gt connects two end points, flexible
  connection, complex control

29
Routers

• Issues
• Scheduling packets for transmission gt refers to
  order in which packets are transmitted,
• FIFO simple, but Quality of Service dictates
  the priority of packets (mail versus real time
  audio)
• Routers A, B, C connects 7 networks (total),
  each of A, B, C connects to three networks, only
  two networks connect to two routers, others to
  one each. How many common next-hop are in routing
  table of the middle router?

30
Problems

• What percentage of total IP addresses each
  class represents?
• Network address 192.168.100.0
• Subnet mask 255.255.255.192
• How many subnets possible? How many hosts in
  each?
• A company has six departments each having ten
  computers (or networked devices). Find the subnet
  mask for the network of each department.

31
Problems

• A CIDR address is specified as
  192.168.100.0/25. How many host addresses are on
  the network?
• Given the network address of 192.168.100.0 and
  the subnet mask of 255.255.255.192, find the
  number of subnets created and the number of hosts
  per subnet.

32
Routing Using Subnets
33
Multicast routing

• One to selected many
• Internet Group Management Protocol (IGMP)
  operates between a host and the local router
• - Allows the host to join and leave various
  multicast groups
• IP packets are used with protocol field 2 to
  exchange messages.
• Router sends a query to find out group members.

34
Multicast routing

• Host responds indicating it belongs / no more
  belongs to a particular multicast group
  (Identified by a class D address).
• The challenge is to convey this message to all
  routers and to implement some multicast routing
  algorithm.
• Example network with multicast group hosts in
  selected networks
• - Only a few routers are of importance

35
Multicast routing

• If only uni-cast packets are sent, number of
  copies are more,
• through multicasting, source sends only a copy,
  then it is replicated only one for each network
  having multicast group members.
• gt much less packets in the networks,
  significant difference in large groups.
• Router needs to know what to do with such a
  packet.

36
Multicast routing

• A spanning tree of routers can be formed that
  reaches all the hosts in a group multicast
  tree.
• Different trees for different multicast groups
  becomes very huge at global scale.
• gt Very few IP routers support multicasting.
• Distance Vector Multicast Routing Protocol
  (DVMRP) uses Reverse Path Broadcasting (RPB).

37
Multicast routing

• RPB assumes that a router knows the next link
  along the shortest path to a given node.
• Router action (after receiving a multicast
  packet)
• Identify the source and the port where received
• Look up the source in the routing table and find
  the next hop in a path to the source

38
Multicast routing

• If the next hop corresponds to the port where the
  packet arrived, then send the packet over all
  other ports.
• Otherwise, drop the packet.
• gt Avoids packet-travel in loops (forward only to
  lead away from source)
• But, may still add redundancy in packet-travel.
• Pruning is needed to limit the forwarding from a
  router.

39
Multicast routing

• When a router gets a multicast packet but has no
  group member attached, it uses IGMP with a prune
  message to the sender.
• gt Sender no longer sends such packets.
• If a host subsequently joins the group, that
  router sends a Graft message for resumption of
  multicast packets.

40
Example Multicasting
41
(No Transcript)
42
(No Transcript)
43
Other routing

• Resource Reservation Protocol (RSVP)
• - Deals with QoS over Internet
• Embeds messages in IP packets (protocol field
  value 46)
• Messages contain requests that certain resources
  be reserved to meet QoS, for example buffer
  space.
• A router chooses the maximum to satisfy several
  different requests.

44
Other routing

• Internet Control Message Protocol (ICMP)
• Is used for reporting errors and for providing
  router-updates on conditions that can develop in
  the Internet.
• Protocol field 1
• Typical messages Destination unreachable, Echo
  request, Echo reply.

45
ICMP Message Formats
46
Checksum

• Ones complement of 16-bit (ones complement)
  addition of all 16-bit words in the header.
• ones complement addition carry added
• with LSB of result
• Header with ten octets, checksum in the last
  two octets 01 00 F6 F7 F4 F5 F2 03 00 00
• - Find checksum and resulting header
• - Verify the checksum (final value FFFFH)

47
Why Change IP?

• Address space exhaustion
• two level addressing (network and host) wastes
  space
• network addresses used even if not connected
• growth of networks and the Internet
• extended use of TCP/IP
• multiple vs. single address per host
• requirements for new types of service

48
IPv6 Enhancements

• expanded 128 bit address space
• improved option mechanism
• most options not examined by intermediate routers
• dynamic address assignment
• increased addressing flexibility
• Any-cast multicast
• support for resource allocation
• labeled packet flows

49
IPSec

• RFC 1636 (1994) identified security need
• encryption authentication to be in IPv6
• but designed also for use with current IPv4
• applications needing security include
• branch office connectivity
• remote access over Internet
• extranet intranet connectivity for partners
• electronic commerce security

50
IPSec Scenario
51
IPSec Benefits

• provides strong security for external traffic
• resistant to bypass
• below transport layer, hence transparent to
  applications
• can be transparent to end users
• can provide security for individual users if
  needed

52
IPSec Functions

• Authentication Header(AH)
• for authentication only
• Encapsulating Security Payload (ESP)
• for combined authentication/encryption
• a key exchange function
• manual or automated
• VPNs usually need combined function

53
Transport Protocol

• Defines what one device can say to another on
  behalf of the user defines end user protocol
• Reliable communication between sites with
  logical connection
• Connection management establishing, maintaining,
  and ending a connection.
• Establishes parameters sequence numbers used for
  bytes, number of bytes an entity can receive.

54
Transport Protocol

• Entities exchange segments, do error checking,
  acknowledging, and flow control, leaving
  transmission details to lower levels.
• Establish connection Two way handshake
• A send connection request
• B receive connection request, establish
  connection, send acknowledgement
• A receive acknowledgement, establish connection

55
Transport Protocol

• A and B exchange data and eventually disconnect.
• Problem if the first request is delayed and
  eventually shows up at a much later time
• B thinks it as another connection.
• Worse if some of As data were seriously delayed
  and finally arrived after the retransmitted one.

56
Transport Protocol

• Three way handshake is used with initial sequence
  numbers each entity uses.
• A send TCP segment with SYN 1 and sequence
  x
• B - send TCP segment with SYN 1,
  acknowledgement x1 and sequence y
• A send TCP segment with acknowledgement y1

57
Transport Protocol

• A send TCP data segments, sequence beginning
  with x1 and acknowledgements beginning with y1
• B send TCP data segments, sequence beginning
  with y1 and acknowledgements beginning with x1

58
TCP Header
59
Transport Protocol

• Disconnect Protocol
• A receive a CLOSE primitive from the
  application, send TCP segment with FIN 1 and
  sequence p (current sequence count)
• B receive disconnect request and notify the
  application of finished data, send TCP segment
  with acknowledgement p1

60
Transport Protocol

• B receive a CLOSE primitive from the
  application, send TCP segment with FIN 1, and
  acknowledgement p1, sequence q (current
  sequence count)
• A send TCP segment with acknowledgement q1

61
Transport Protocol

• Flow Control
• - In TCP, sequence number refers to byte
  sequence, not packet / segment sequence
• - Each entity can alter the size of the others
  sending window dynamically using Window field.
• Flow control is implemented using credit
  mechanism (window advertisement)

62
Transport Protocol

• A credit specifies the maximum number of bytes
  this entity can receive (and buffer) from the
  other entity.
• This is in addition to those already received and
  buffered.
• A initial sequence 100, can buffer upto 200
  bytes (credit)
• B initial sequence 700, can buffer upto 200
  bytes (credit)

63
Transport Protocol

• Each segment contains 100 bytes.
• (All these have been agreed upon by three way
  handshake)
• A starts by sending two segments
• Data , s 101, a 701
• Data , s 201, a 701
• Waits for more credit.

64
Transport Protocol

• B responds by sending two segments
• Data , s 701, a 301, c 0
• Data , s 801, a 301, c 200
• A responds by sending two segments
• Data , s 301, a 901
• Data , s 401, a 901
• (Credit restrictions also apply to B, omitted
  here for simplicity)

65
Transport Protocol

• Allows the protocol to be robust taking
  advantage of changing conditions to adjust
  credit
• Identify applications requiring real-time
  quality of service.
• - Downloading audio files
• - Accessing a remote host
• - Watching a live training session
• - Watching a broadcast news

66
Transport Protocol

• - using FTP to download small file
• - using FTP to download very large file
• Assume
• -TCP entities A, B have initial sequence numbers
  400, 900 respectively
• - segment size 100 data bytes, initial credit
  of each 200 bytes.
• - each entity delivers a segment to the
  application, as soon as it receives gt freeing up
  buffer

67
Transport Protocol

• - A is capable of sending segments at interval of
  time T (starting at Time 0) (permitting flow
  control) , B is capable of sending segments at
  interval of time 3T (starting at T 1.5T)
  (permitting flow control)
• - Transmission time between A and B is
  negligible.
• Diagram showing segment exchange (D, S, A, C)
  upto time 12T.

68
Transport Protocol

• In TCPs flow control logic, an entity uses the
  credit field to determine when it can send new
  segments. What is the purpose of acknowledgement
  then?
• A network has an IP packet size of 128 bytes
  and maximum packet lifetime of 30s. If 8-bit
  packet sequence number is used, what is the
  maximum data rate achieved?

69
Transport Protocol

• Round trip time (RTT) between two hosts is 100
  ms and both hosts use a TCP window of 32 Kbytes.
  What is the maximum throughput that can be
  achieved by TCP in this scenario?
• Two hosts are connected by a 100 Mbps link and
  RTT between them is 1 ms. What is the minimum TCP
  window size in order to achieve maximum
  throughput between two hosts? (Assume no
  overhead)

70
Transport Protocol

• A host is receiving data from a remote peer by
  TCP segments with 1460 bytes of payload. Assume
  only TCP and IP header overheads for
  acknowledgements. If TCP acknowledges every other
  segment, what is the minimum uplink bandwidth
  needed to achieve data throughput of 1
  Mbytes/sec?

71
Transport Protocol

• TCP uses four timers
• Retransmission timer Handles retransmission time
  - waiting time for an acknowledgement of a
  segment, controls a lost or discarded segment.
• Calculation of retransmission time It should be
  variable and dynamically adjusted for each
  connection and may change during the same
  connection

72
Transport Protocol

• It is based on RTT, most common is the following
  retransmission time 2 (RTT)
• RTT is calculated by measuring the time between
  sending a segment and receiving acknowledgement.
• Updated RTT a (previous RTT) (1- a) (current
  RTT).
• a is usually 0.9, for two consecutive RTT 250
  and 70µs, Updated RTT 232µs, timer 464µs

73
Transport Protocol

• Problem When receiving ACK for a retransmitted
  segment, sender does not know if it is for the
  original or for the second one
• Karns solution do not consider RTT for a
  retransmitted segment to update RTT, consider
  only the ones with no retransmission.

74
Transport Protocol

• Persist timer deals with zero window-size
  advertisement
• - receiver sends a zero window ACK, sender stops
• - receiver sends an ACK with non-zero window but
  it is lost
• - both continue to wait (deadlock)
• Recovery sender starts persist timer after
  receiving zero window ACK.

75
Transport Protocol

• - when it times out, a probe segment is sent
  alerting the receiver that the ACK is lost and be
  resent.
• Keep-Alive timer used in most implementations to
  prevent long idle connection, each time one end
  receive segment from other side, timer is reset,
  otherwise (after 2H) a probe is sent, after
  several probes terminates the connection.

76
Transport Protocol

• Silly Window Syndrome A serious problem occurs
  if
• - the sending application creates data slowly
• - the receiving application consumes data slowly
• 1-byte data gt 41-byte datagram (20-byte TCP
  header, 20-byte IP header)
• gt huge overhead

77
Transport Protocol

• Solution at the senders end
• Nagles Algorithm
• - Sending TCP sends the first piece of data (even
  if 1-byte)
• - Sending TCP accumulates data in the buffer and
  waits for either an ACK or to fill a maximum size
  segment. Now, it can send the segment.
• - Above step is repeated for rest of the
  transmission.

78
Transport Protocol

• Solution at the receivers end
• Clarks solution To send an ACK as the data
  arrive but to announce window size of zero until
  there is enough space for maximum size segment or
  half-buffer is empty.
• Delayed ACK Receiver waits until there is a
  decent amount of space in the buffer before
  sending ACK. It reduces traffic.

79
Transport Protocol

• TCP is sending data at 1 Mbytes/sec. If the
  sequence number starts with 7000, how long it
  takes before the sequence number goes back to
  zero?

80
Congestion Control

• flow control is also used for congestion control
• recognize increased transit times dropped
  packets
• react by reducing flow of data
• RFCs 1122 2581 detail extensions
• two categories of extensions
• retransmission timer management
• window management

81
Problems on Multicasting

• Consider four interconnected (Ring topology)
  routers, each attached to only one network. Each
  network has 50 hosts belonging to a multicast
  group. If one host sends a packet to this group,
  find the following
• - Number of packets (copies of the original one)
  travelling between routers if multiple
  Unicasting is followed.

82
Problems on Multicasting

• - Number of packets (copies of the original one)
  travelling between routers if Multicasting is
  followed.

83
Problems on Multicasting

• Flooding implies that a router retransmits the
  packet to all outgoing interfaces except the one
  in which it was received.
• Packets have unique identifier so that a router
  does not flood the same packet more than once.
  For the network shown on slide 40, find the
  packets travelling on the links and the networks
  if flooding is used.

84
Example Multicasting
85
Problem on Encryption

• An encrypted message is 20 5 21 3 49 4 49 3 4
  15, k 7 and n 55. A through Z were initially
  coded as 1 to 26 and a blank (space) as 27.
  Decrypt this message using RSA.

86
Transport Protocol

• Two / Three way handshake
• Flow / Congestion control
• Different Timers
• Silly Window