Technological Prerequisites

About This Presentation

Title: Technological Prerequisites

Description:

ethernet, dedicated leased lines, dialup, ATM, Frame Relay, FDDI ... Layer 3 is the Internet Protocol (IP) layer. This provides a basic datagram service ... – PowerPoint PPT presentation

Number of Views:16

Learn more at:http://www.ceenet.org

Slides: 150

Subcategory:

Tags: iplayer

Add more tags

more less

About This Presenter

georgemacri

Number of Uploads:7

Total number of views:203

Avg rating:3.0/5.0

Write a Comment

User Comments (0)

Transcript and Presenter's Notes

Title: Technological Prerequisites

1
Technological Prerequisites

George Macri
ltgmacri_at_homemail.comgt
ROMTELECOM S.A.
Romania
5th Network Technologies Workshop
.

2
Technological Prerequisites

Internetworks
Internet Protocols
Internet Addresses
Routing
Subneting
CIDR

3
What internetworks are

Start with lots of little networks
Many different types
ethernet dedicated leased lines dialup ATM
Frame Relay FDDI
Each type has its own idea of addressing and
protocols
Want to connect them all together and provide a
unified view of the whole lot

4
The unifying effect of the network layer

Define a protocol that works in the same way with
any underlying network
Call it the network layer
routers operate at the network layer
There are defined ways of using
protocol over ethernet ATM FDDI
protocol over serial lines (PPP)
protocol over almost anything

5
The 7 Layer OSI Model
6
Protocol Stacks

Layers

Applications
TCP / UDP
Transport layer
IP
Network layer
atm
x.25
hdlc
ethernet
token ring
dialup
frame relay
7
Layer Functions
Mail Web etc.
Application
Presentation
Session
Transport
TCP
End to end reliability
Forwarding best-effort
IP
Network
Data Link
Packet delivery
Physical
Raw signal
8
ISO seven layer model

1 Physical layer
moves bits using voltage current light etc.
2 Data Link layer
bundles bits into frames and moves frames between
hosts on the same link

9
ISO seven layer model

3 Network layer (e.g. IP)
Makes routing decisions
uses destination address in packet
Forwards packet hop by hop
encapsulates network layer packet inside data
link layer frame
different framing on different underlying network
types
Unreliable
Single address space for the entire internetwork

10
ISO seven layer model

4 Transport layer (e.g. TCP)
end to end transport of datagrams
encapsulates datagrams in network layer packets
adds reliability by detecting and retransmitting
lost packets
uses acknowledgements and sequence numbers to
keep track

11
ISO seven layer model

5 Session layer
not used in the TCP/IP network model
6 Presentation layer
not used in the TCP/IP network model
7 Application layer
Uses the underlying layers to carry out work

12
Layer interaction
Application
Application
Presentation
Presentation
Session
Session
Transport
Transport
Network
Network
Network
Network
Link
Link
Link
Link
Physical
Physical
Physical
13
INTERNET PROTOCOLS

Internet protocols
can be used for communications between
heterogeneous systems
can be used for communications between systems
connected in a LAN
can be used for communications between systems
connected in a WAN
can be used for communications between a set of
interconnected networks
Documents called RFCs (Requests For Comments)
which are reviewed and analyzed by the IETF
community improvements additions and
refinements of protocols are published in new
RFCs (see ftp//ftp.rs.internic.net.
ftp//ftp.ripe.net/).
Looking at all RFCs you can see the history of
the development of Internet protocols people and
companies that have contributed to this
TCP and IP are the best known of the Internet
protocols and very often the term TCP/IP refers
to the whole family of protocols.

14
TCP/IP Model
Message Segment Datagram Frame Bit
5 4 3 2 1
15
TCP/IP is a 5 Layered model

Layers 1 and 2 are not actually defined by TCP/IP
as TCP/IP was defined to be independent of
physical media .

Layer 3 is the Internet Protocol (IP) layerThis
provides a basic datagram service
ICMP (Internet Control Message Protocol) is
normally provided in this layerICMP reports
problems in transmission of datagrams
ARP (Adress Resolution Protocol)
RARP (Reverse Address Resolution Protocol)

In layer 4 are 2 possible protocols TCP
(Transport Control Protocol) and UDP (User
Datagram Protocol) .
TCP provides a reliable service with error
correction and flow control .The cost of
providing a reliable service is more overhead in
connection setup and closedown processing power
for correcting errors and data transmission but
some applications need reliability irrespective
of cost.
UDP just extends IPs connectionless datagram
service to applications that do not require
reliability .UDP datagrams can be sent to a
network without the overhead of creating and
maintaining a connection

Layer 5 is the Application layerThis layer
provides services suitable for the different
types of application that might wish to use the
network .It does not provide the application
itself .For example SMTP FTP Telnet ...

19
TCP/IP
20
Internet Protocols
NFS RPC
FTP RFC 959
SNMP
RIP RFC 1058
Routing protocols BGP OSPF IGRP EIGRP
Telnet RFC 854
SMTP RFC 821
DNS RFC 1035
ICMP RFC 792
TCP RFC 793
UDP RFC 768
IP RFC 791
X.25
ARP RFC 826
PPP
HDLC
SLIP
LAPB
Ethernet/IEEE 802.3
LAN
Public telephone network
21
SMTP mail exchange as an example

There is a protocol for mail that defines a set
of commands and messages that one machine sends
to the other for example a conversation between
machines linkguide.ici.ro and mail.iob.ro
Linkguide HELO linkguide.ici.ro
Mail.iob.ro 250 mail.iob.ro - HELO
Linkguide.ici.ro
Linkguide MAIL Fromltgmacri_at_linkguide.ici.rogt
Mail.iob.ro 250 MAIL accepted
Linkguide RCPT Toltmihai_at_mail.iob.rogt
Mail.iob.ro 250 Recipient accepted
Linkguide DATA
Mail.iob.ro 354 Start mail input end with
ltCTRLgtltCRLFgt
Linkguide Date Sat 26 Jul 96 142334 02
Linkguide From gmacri_at_linkguide.ici.ro
Linkguide To mihai_at_mail.iob.ro
Linkguide Subject helo
Linkguide text of the message
Linkguide .
Mail.iob.ro 250 OK
Linkguide QUIT
Mail.iob.ro 221 mail.iob.ro Service closing
transmission channel
The protocol assumes that we have a reliable
way of command and message communication

22
TCP/IP Architecture Terms
Host B
router
IP
eth drv
t.r. drv
Ethernet Driver
23
Encapsulation

Lower layers add headers (and sometimes trailers)
to data from higher layers

Data
Application
Data
Header
Transport
Data
Header
Header
Internet
Data
Header
Header
Header
Network Access
24
IP Addresses

Purpose
Basic Structure
Network mask
Special addresses

25
Purpose of an IP address

Unique Identification of
SourceSometimes used for security or
policy-based filtering of data
DestinationSo the networks know where to send
the data
Network Independent Format
IP over anything

26
Basic Structure of an IP Address

32 bit / 4 byte number(e.g. 204.152.8.1)
Decimal Representation
Binary Representation

204
152
8
1
11001100
10011000 00001000 00000001
27
Address Structure Revisited

Hierarchical Division in IP Address
Network Part (Prefix)
describes which physical network
Host Part (Host Address)
describes which host on that network
Boundary can be anywhere
not necessarily at a multiple of 8 bits

1
205 . 154 . 8
11001101 10011010 00001000 00000001
Network
Host
28
Network Masks

Define which bits are used to describe the
Network Part
Different Representations
decimal dot notation 255.255.248.0
number of network bits /19
Binary AND of 32 bit IP address with 32 bit
netmask yields network part of address

29
Subnetting

One class address (either B or C) space could be
too large for a given organization or for a
certain site of the organization.
Subnetting divides a single network address into
many subnet addresses so that each subnetwork
can have its own unique address.
A subnet is defined by applying a bit mask (the
subnet mask) to the IP address.
If a bit is 1 in the mask the equivalent bit in
the address is interpreted as a network bit.
If a bit in the mask is 0 the bit belongs to the
host part of the address.
Ex mask to divide the 193.226.2.0 address into 4
subnets
11111111 11111111 11111111
11000000

30
Example Prefixes

137.158.128.0/17 (netmask 255.255.128.0)
198.134.0.0/16 (netmask 255.255.0.0)
205.37.193.128/26 (netmask 255.255.255.192)

11111111 11111111 1 0000000 00000000
10001001 10011110 1 0000000 00000000
11111111 11111111 00000000 00000000
11000110 10000110 00000000 00000000
11111111 11111111 11111111 11 000000
11001101 00100101 11000111 10 000000
31
Old-Style Classes of Address

Different classes used to represent different
sizes of network (small medium large)
Class A networks x.0.0.0 - 16.777.215 host
addresses
8 bits network 24 bits host (/8 255.0.0.0)
First byte in range x1-127
Class B networks x.y.0.0 - 65.536 host addresses
16 bits network 16 bits host (/16 255.255.0.0)
First byte in range x128-191 y0-254
Class C networks x.y.z.0 - 256 host address
24 bits network 8 bits host (/24 255.255.255.0)
First byte in range x192-223 yz0-254

32
IP Address Structure - Class-full

Address format 32 bits
Network address
Host address
Class A network8 bits
0
Class B network16 bits
1
0
Class C network24 bits
1
1
0
Class D (multicast)
1
1
1
0
Class E (reserved)
1
1
1
1
33
Special Addresses

All 0s in host part Represents Network
e.g. 193.0.0.0/24
e.g. 138.37.128.0/17
All 1s in host part Broadcast
e.g. 137.156.255.255 (137.156.0.0/16)
e.g. 134.132.100.255 (134.132.100.0/24)
e.g. 190.0.127.255 (190.0.0.0/17)
127.0.0.0/8 Loopback address (127.0.0.1)
0.0.0.0 Various special purposes

34
TCP/IP Basics Physical Datalink
35
The Physical and Datalink layer

Ethernet
IEEE and ISO
Token Ring
FDDI
SLIP
PPP
ISDN

36
Ehernet

Network access protocol
The medium for communication between two machines
directly connected can be coax twisted cable
telephone link radio link satellite link etc.
The lowest layer of protocols provides functions
that manage the data transmission specific to a
certain physical medium.
Classes of links
Point to point
Broadcast
Non-broadcast multi-access
Ethernet/IEEE 802.3 is a coaxial based bus
cabling system developed by Digital Equipment
Corporation Intel Xerox (DIX)
Ethernet was the technological basis for the IEEE
802.3 specification
Both of them specify the CSMA/CD (Carrier Sense
Multiple Access with Collision Detection) also
referred as listen while talk (LWT)
Both are broadcast networks

37
Ethernet Topologies
Fiber concentrator
10/100/1000 Base F
Transceivers
38
The Ethernet frame

This Ethernet frame encapsulates the TCP/IP
protocol and is responsible for transporting it
across the cabling system to layer 2 of the
destination device whether its a Router
Gateway or end node .

39
MAC addressing

The ethernet frame uses addresses referred to as
MAC (Medium Access Control)
MAC addresses identify the specific network cards
These are 48 bits long
Each network card has a unique address configured
by its manufacturer

The LAN card will accept only 3 types of MAC
address .
Unicast - Frames with destination to the exact
MAC address .
Broadcast - Has all 48 bits set to binary 1 (or
Hex FF FF FF FF FF FF) .This type of frame is
used when the sender does not know the
destination MAC address it tries to communicate
so we broadcast to all .
Multicast - Addressing to groups of LAN cards
that are related in some way .The LAN cards have
to be configured to know they are part of a
multicast group .

41
The type field

The Type field identifies different protocols .
A computer running multiple protocols can easily
differentiate between them and path the
contents to the relevant layer .
TCP/IP Generally uses 3 Ethernet types registered
in IEEE .

42
CRC - Cyclic Redundancy Check

At the end of the frame is a CRC .
This is a 32 bit value that is calculated from
all the bits of the Ethernet frame and its
contents but ignoring the preamble and the CRC
itself .
The remote node does the same calculation and
compares the CRC .If the value is different
the LAN card will not pass the Frame to the
network layer .

43
The service provided by Ethernet

The medium access mechanism used by Ethernet is
CSMA/CD (Carrier Sense Multiple Access with
Collision Detection) .
This allows nodes on the network to manage shared
access to the cable but it restricts the length
of the cabling and the number of nodes that use
it .
They are not specific to Protocol therefore for
TCP/IP .

44
Ethernet Packet size

Minimum packet size - 64 octets
Maximum packet size - 1518 octets
The sizes above include all the frame apart from
the preamble .
Because of the frame header fields the CRC and
the overhead of the IP and TCP or UDP higher
layer protocols the amount left for useful
application data is less then 1518 .

To give an example The Ethernet frame overhead
consists of 18 octets and the higher layer
protocols often need 40 octets .That leaves 1460
(1518-40-181460) octets for application data .

46
IEEE and ISO systems

IEEE 802.3 uses CSMA/CD .
IEEE 802.4 uses a token mechanism on a bus .
IEEE 802.5 and FDDI (IS9314) use a token passing
mechanism on a ring .

47
LLC (Logical Link Layer)

For LANs layer 2 is split to 2 sublayers .
The lower is MAC and above we have the LLC
which has the standard number IEEE 802.2 .
One of the major functions of LLC is to
differentiate between the different types of
network layer protocols in a similar way to the
type field of Ethernet .

48
Ethernet
49
Token Ring
50
FDDI
51
Encapsulation

The type field specifies the upper-layer protocol
to receive the data after Ethernet processing is
complete
The CRC (Cyclic Redundancy check) is created by
the sender and recalculated by the receiver
The frame length (header data and CRC) 64-1518
bytes

Application
Application
Data
TCP
TCP
T
Data
T
Data
IP
Data
I
T
I
T
Data
IP
E
I
T
Data
Ethernet
E
I
T
Data
C
C
Ethernet
Ethernet
52
The IEEE 802.3 frame

The IEEE 802.3 frame has the same general format
as DIX Ethernet (Ethernet_II) frame .
The Type field in Ethernet DIX is the Length
field in IEEE 802.3
THE FCS (Frame Check Sequence) is instead of CRC
As there is no Type field it is not possible to
detect which network layer protocol is carried in
the MAC layerThe MAC frame consists of only
addresses length and FCS.It is the function of
LLC to separate the different network layer
protocols .

53
IEEE 802.3 frame
46-1500 Octets
54
Bridging TCP/IP

Bridging between IEEE LANs is often promoted as
transparent to any protocol above the MAC layer
.This will bring expectations that there are no
particular problems with TCP/IP .
There are 4 issues that need consideration
The length field for the 802.3 bus.
Encapsulation on bus networks.
The maximum frame sizes.
The representation of MAC addresses.

55
Length fields

The IEEE 802.3 CSMA/CD network has a length field
immediately before the LLC .Other IEEE networks
do not .
Bridging will at least involve changing the
content of the frame and recalculating the FCS
.This action will be totally transparent to the
network planners .

56
Frame size

For TCP/IP the transmitted frame size is
determined by the Maximum Transfer Unit (MTU) set
in the driver software for the LAN interface .
It is possible on most TCP/IP implementations to
modify the MTU to match the number of data octets
carried by the Link Layer protocol .Setting the
MTUs of each interface on a Token Ring to 1492
will prevent its frames from being to large for
bridging to IEEE 802.3 .This reduction will
limit Token Ring efficiency .

57
Representation of MAC addresses

The IEEE 802.1 committee defined how LANs should
represent 48 bit MAC addresses as a bit stream on
the cable .IEEE 802.3 and 802.5 committee chose
to represent these addresses higher in the
protocol .
IEEE 802.3 and 802.5 represent differently the
MAC address .
Bridges now have to be wise and not only reverse
the address but also to calculate the FCS .

58
Example of vendor-dependant Ethernet addresses

Prefix Manufacturer
00000C Cisco
000095 Proteon
0000A2 Wellfleet
0000C0 Western Digital
00AA00 Intel
02608C 3Comm
080009 Hewlett-Packard
080010 ATT
08000B Unisys
080020 Sun
08002B DEC
080046 Sony
08005A IBM
AA0003 DEC
AA0004 DEC

59
TCP/IP Basics Serial Connections
60
SLIP - Serial Line Internet Protocol

In some situations it is advantageous to use
asynchronous Serial lines to carry TCP/IP
protocols either by
Dialup modems
Modems on private wires
through an asynchronous network
Direct connection between 2 computers

61
SLIP functionality
Asynchronous connections V.24/RS232C
Direct connection
Modem link
LAN
PCs with SLIP
Host
Dialup modem link
62
SLIP frame format

SLIP defines 2 special characters
SLIP END - 0xC0
SLIP ESC - 0xDB
Datagrams sent using SLIP are framed SLIP END
characters .

63
SLIP frame format
64
PPP - Point to Point Protocol

PPP came to overcome a number of limitations of
SLIP .
PPP has been designed to operate over both
asynchronous (start/stop) connections and bit
oriented synchronous systems .

PPP provides more then just a simple connection
between hosts .It also defines several
management and testing functions to deal with
line quality option negotiation and the setup
of IP addresses .

66
The service provided by PPP

PPP provides a Point to Point connection between
2 TCP/IP systems for the transfer of IP datagrams
.
PPP can operate over virtually any serial link
interface .
The only limitation is that it requires a full
duplex connection .

It does not need serial interface control signals
but the standard recommends it for performance
improvements .
There is no restriction for the speed used for
PPP .

68
The PPP frame

The address field is all 1s.
The control octet contains the value 0x03.
The protocol field defines the protocol carried
by this frame
Link Control Protocol - 0xC021
Network Control Protocol - 0x8021
Internet Protocol - 0x0021

PPP can multiplex data from many sources which
makes it practical for high speed connections
between bridges or routers.

70
TCP/IP Basics Network Layer
71
Why do we need IP protocol layer

Although the services provided by TCP protocol
are needed by many applications there are still
some kind of applications that dont need them
However there are some services that every
application needs.
The services that every application needs are put
together into the IP protocol layer
IP protocol provides the basic service for the
transmission of a datagram from one machine to
another machine which do not need to be connected
directly
As a result TCP calls on the services of IP
Like TCP IP protocol layer can be viewed as a
library of routines that TCP calls on but which
is also available to applications that dont use
TCP

72
IP - Internet Protocol

IP is described as a connectionless datagram
service .
Datagrams are packets of information that can be
destined for one many or all stations (unique
multicast or broadcast) - provide addressing.
There is no requirement for the intended
recipient/s to acknowledge whether the datagram
was received (no flow control no end-to-end data
reliability).
As IP is connectionless no specific route is
defined between 2 communicating nodes so
datagrams traveling can travel through different
routes and reach destination in a different order
(no sequencing and allow for fragmentation).
One of the major roles of IP layer is to make it
unnecessary for higher layer protocols to
understand anything about the physical
capabilities of the media supporting them .Note
This is important for application developers
writing programs on top of the transport layer
with no variations because of the different kind
of media used .

73
The IP Architecture
Message Segment Datagram Frame Bit
5 4 3 2 1
( )
1
0800
( )
( )
( )
8035
0806
74
Encapsulation

Both the header and data of the IP datagram
become the datalink frame of whichever network
they happen to be on.This is called encapsulation
.
Protocol number identifies the protocol in the
layer above IP to which the data is passed
(/etc/protocols)
0 IP pseudo protocol number
1 ICMP
6 TCP
17 UDP

75
Fragmentation and Reassemble

IEEE 802.3 and Ethernet systems have maximum data
sizes of 1492 and 1500 octets respectively .IEEE
802.5 frames is not defined but in practice it
is usually no greater then 8192 octets .
This size limit seen by IP is known as the
Maximum Transfer Unit (MTU) .
The MTU can be adjusted for each interface but
its not necessary unless bridging different LAN
technologies .

76
IP datagram Format
77

Version - 4 bitsVersion of the IP
protocolCurrent version is 4
Internet Header Length - 4 bitsFor easy finding
of beginning of data .Normally the value is 5
indicated no options are used .
Type Of Service - 8 bitsThe first of 3 bits are
used to indicate 1 of 8 levels of priority .Some
Routers Ignore these flags .

Total length - 16 bitsThe total length of the IP
datagramThe size of data is computed from the
total length field and IHL .
Identification - 16 bitsThis is an integer value
used to help identify all fragments of a datagram
.This field is unique for each new datagram .

Flags - 3 bitsThe 2 low order bits are used as
flags to control fragmentation .The low order
bit if 0 indicates the last fragment of a
datagram - MF (More Flag) .The middle bit is
used to indicate that the datagram should not be
fragmented - DF (Do not Fragment) .
Fragment Offset - 13 bitsUsed in a fragmented
datagram to indicate the position that the
fragment occupies .

Time To Live (TTL) - 8 bitsThis prevents
datagrams to get routed in a loop .If its set
to 0 a router should discard the datagram .The
recommended value is 32 but it can be set to a
maximum of 255 too .
Protocol - 8 bitsThe transport layer protocol
carried by this datagram .It tells the IP layer
where to path the datagram .17 - UDP6 - TCP1 -
ICMP

Header checksum - 16 bitsIt protects only the
header and not the data .The reason is because
the checksum must be recalculated every time it
passes through a router .Other parameters change
too .
Source IP address - 32 bits
Destination IP address - 32 bits
Data variableThis includes the headers of higher
layer protocols and users data .

80
Routing IP Datagrams
Target
81
IP Routing
Subnet
Default Gateway
Direct Connection

local host
default gateway

local host
same subnet
next-hop

SubNet

local host
same subnet
default gateway

82
IP algorithm

1. Search the routing table for an entry that
matches the complete destination IP address
(network ID or host ID). If found send the
packet to the indicated next-hop router or to the
directly connected interface. (second interface
or ppp)
2. Search the routing table for an entry that
matches just the destination network ID. If
found send the packet to the indicated next-hop
router or to the directly connected interface.
(local networks)
3. Search the routing table for an entry labeled
default. If found send the packet to the
indicated next-hop router

83
ARP - Address Resolution Protocol

If we wish to connect to a remote computer we
must know its IP address but we do not need to
know its MAC address .
ARP was invented for this reason .It relates
IPs to MAC addresses only on media that supports
broadcasts .
Each node maintains a cache called the ARP cache
which holds a table of IPs against MAC
addresses .

84
How ARP works

When IP is requested to send a datagram to
another IP address it first looks in the ARP
cache to find the corresponding MAC address .If
there is no entry it then attempts to look for it
using ARP .
In order to do this ARP sends an ARP request
datagram to all LAN cards using a broadcast
address .

ARP uses its own Ethernet type 0x0806 for these
requests so they are passed to the ARP software
in all nodes within the broadcast area .
All cards on a network read this request datagram
and any that discover a match between their IP
and the requested IP reply with an ARP response .
If a response is received the answer is entered
to the ARP cache for future use .If none is
received the request is repeated .
ARP datagrams are not passed through routers as
a router operates at the IP layer and will not
relay MAC broadcast traffic .This makes routers
a good buffer between broadcast domains and
prevent flooding networks .

86
ARP commands

arp command can be used to display the content of
the ARP table
Formats
arp -a ! displays all the entries in the ARP
table
arp lthostnamegt ! displays the entry for
lthostnamegt specified
arp -d lthostnamegt ! deletes an entry for
lthostnamegt
arp -s lthastnamegt ltether-addressgt ! adds a new
entry

87
RARP - Reverse ARP

RARP is intended for use with devices that cannot
store their IP address usually diskless
workstations.
RARP like ARP operates directly over the
datalink layer and has an Ethernet type 0x8035 .
Nodes acting as RARP servers that find a match
for the MAC address in their RARP tables will
reply with the corresponding IP address in a RARP
response .

This system requires that at least one server is
present and that the server has a table defining
which IP addresses should be used by each MAC
address .

89
ICMP - Internet Control Message Protocol

Even though IP is a datagram service and there is
no delivery guarantee ICMP is provided within
IP and can generate error messages regarding
datagram delivery .
ICMP uses IP datagrams to carry its messages back
and forth between relevant nodes .

ICMP error messages are generated by a node
recognizing there is a transmission problem and
they are sent back to the originating address of
the datagram that caused the problem .

91
(No Transcript)
92
General format of ICMP message

Type (8) specifies the type of ICMP message
Code (8) used to specify parameters of the
message that can be encoded in a few bits
Checksum (16) checksum of the entire ICMP
message
Parameters (32) used to specify more lengthy
parameters
Information (variable)provides additional
information related to the message
ECHO and ECHO REPLY - mechanism for testing if
communication is possible between two entities. A
host can send the ICMP ECHO message to see if a
remote IP is up and operational. When a system
receives an echo message it send the same packet
back to the source host in an ICMP ECHO REPLY
message. The ping command uses this message.
A TIME EXCEEDED message is sent by a gateway if
the ttl value of a datagram expires (becomes
zero). This facility is used by the traceroute
command.

Type (8 bits)
Code (8 bits)
Checksum (16 bits)
Parameters (32 bits)
Information (variable)
93
Type field
Message Type

Echo reply Destination unreachable Source
quench Redirect Echo request Time exceeded for
datagram Parameter problem on datagram Time stamp
request Time stamp reply Information
request Information reply Address mask
request Address mask response
94
The ping command

ping
it is a simple function extremely useful for
testing the network connection
it allows the network administrator to determine
whether further testing should be directed toward
the network (the lower layers) or the application
(the upper layers)
if ping shows that packets can travel to the
destination system and back the problem is
probably in the upper layers
If packets cant make the round-trip lower
protocol layers are probably at fault
Basic format
ping lthostgt ltpacketsizegt ltcountgt
lthostgt The host name or IP address of the remote
host being testyed.
ltpacketsizegt Defines the size in bytes of the
test packets. This field is only required if the
count field is going to be used. Default packet
size is 56 bytes.
ltcountgt The number of packets to be sent in the
test. Default number is usually 5.

95
ping example

Examples
ping ftp.ripe.net
info.ripe.net is alive
ping -s ftp.ripe.net 100 10
PING info.ripe.net 100 data bytes
108 bytes from info.ripe.net (39.13.5.97)
icmp_seq0. time1070. ms
108 bytes from info.ripe.net (39.13.5.97)
icmp_seq1. time990. ms
108 bytes from info.ripe.net (39.13.5.97)
icmp_seq2. time990. ms
108 bytes from info.ripe.net (39.13.5.97)
icmp_seq3. time990. ms
108 bytes from info.ripe.net (39.13.5.97)
icmp_seq4. time990. ms
108 bytes from info.ripe.net (39.13.5.97)
icmp_seq5. time990. ms
108 bytes from info.ripe.net (39.13.5.97)
icmp_seq6. time990. ms
108 bytes from info.ripe.net (39.13.5.97)
icmp_seq7. time980. ms
----info.ripe.net PING Statistics----
8 packets transmitted 8 packets received 0
packet loss
round-trip (ms) min/avg/max 980/998/1070

96
traceroute - Tracing routes

is the program that can help the network
administrator locate the problem when something
is down between the local host and a remote
destination
traces the route of UDP packets from the local
host to a remote host
prints the name (if it can be determined) and IP
address of each gateway along the route to the
remote host
uses two techniques small ttl values and
invalid port number

97
traceroute - Tracing routes

Operation
traceroute sends out 3 UDP packets with ttl value
set to one
the first gateway decrement ttl and gets the
value zero.
The first gateway will send back to the source
host an ICMP TIME EXCEEDED message as error
message
traceroute displays one line of output for each
gateway from which it receives an ICMP TIME
EXCEEDED message
traceroute will then increment by one the ttl
value and sends again 3 UDP packets
the flow of packets tracing to a host three hops
away is illustrated below
When the destination host receives a packet from
traceroute it returns back an ICMP Unreachable
Port message. This happens because traceroute
intentionally uses an invalid port number (33434)
to force this error.
When traceroute receives the Unreachable Port
message it knows that it has reached the
destination host and it terminates the trace.
In this way traceroute is able to develop a list
of the gateways starting at one hop away and
increasing one hop at a time until the remote
host is reached.

98
traceroute example

traceroute ftp.ripe.net
traceroute to info.ripe.net (39.13.5.97) 30 hops
max 40 byte packets
1 agsici1.ici.ro (192.162.16.25) 20 ms 10 ms
0 ms
2 Vienna-EBS1.Ebone.NET (192.121.159.97) 870
ms 870 ms 870 ms
3 Paris-EBS2.Ebone.net (192.121.156.17) 900 ms
890 ms 890 ms
4 Stockholm-ebs.ebone.net (192.121.154.21) 920
ms 930 ms 960 ms
5 Amsterdam-ebs.Ebone.NET (192.121.155.13) 970
ms 990 ms 970 ms
6 Amsterdam.ripe.net (193.0.15.130) 1000 ms
970 ms 970 ms
7 info.ripe.net (39.13.5.97) 1040 ms 970 ms
990 ms

99
Flow of traceroute packets
ping program
First router
Second router
Third router
ttl1
decrements ttl to 0 return error TIME EXCEEDED
decrements ttl to 1 forward
ttl2
decrements ttl to 0 return error TIME EXCEEDED
ttl3
decrements ttl to 2 forward
decrements ttl to 1 forward
received at destination port unreachable
Return error port unreachable
100

ICMP has its own IP protocol number (1) so the
IP layer knows when it receives them.
Even though ICMP uses the IP layer it is
considered as being within IP because it does
not necessarily provide any service to the layers
above.

101
ICMP types 0 and 8 - echo

The most common ICMP messages used for
diagnostics are type 0 and 8.
These are generated by Ping.Ping sends ICMP type
8 datagrams to a node and expects an ICMP type 0
reply returning the data sent in the request.

102
ICMP echo datagram (0 or 8)
103
Note

How can Ping generate ICMP echo requests if ICMP
does not provide a service to Ping
A Ping implementation does not use ICMP to
generate the request.It merely mimics what ICMP
would do as a program that operates over the IP
layer.Ping generates an IP datagram with a data
field that equates to ICMP echo request (protocol
number 1 and the first octet of data is 8 - ICMP
echo request).It then adds the rest of the
fields including the data pattern that it expects
to be echoed.

104
ICMP type 3 - destination unreachable

If a router is unable to deliver a datagram it
can return the destination unreachable ICMP
datagram to indicate why.
The code field is used to identify the cause of
failure.
The values in the code field help to pinpoint the
reason for the datagram failure to arrive its
destination.

105
ICMP type 3 - Destination Unreachable
106
Code value
Meaning

0 Network unreachable
1 Host unreachable
2 Protocol unreachable
3 Port unreachable
4 Fragmentation needed and
the do not fragment bit
set
5 Source route failed

107

If a router is unable to deliver a datagram it
can return the destination unreachable ICMP
datagram to indicate why .
Network unreachable - The network specified in
the IP address cannot be found .
The IP address and routing tables should be
checked .
This error message is only generated by a router
.
We can find where the error occurred from the
source address in IP header that carried the ICMP
message .
Host unreachable - The datagram reached the
router which is directly connected to the
destination network but failed to communicate
with the host.This message is generated by a
router only .

108

Protocol unreachable - The datagram reached the
destination host but the particular protocol
carried in the datagram is not available .
Port unreachable - A host sends the message that
the particular application layer service is not
available .
Fragmentation needed and the do not fragment bit
set - Normally comes from a router indicating
that it needs to fragment the datagram but is
instructed not to by the do not fragment (DF) bit
in the flags field of the IP header .This fault
is uncommon DF is normally used on diskless
workstations booting via TFTP .
TFTP has only 512 octets of user data .
Check MTU size .

109

Source route failed - If we specified a route and
the datagram failed to complete the route we
will get this error .The point of failure will
be the router that generated the ICMP message .

110
ICMP type 4 code 0 - Source Quench

The format of the datagram is the same as
destination unreachable but with a type of 4
and a code of 0 .
Source quench gives a router or a host the
ability to request that a source of datagrams
will slow down .
Source quench will occur if a node is running low
on buffer resources and is unable to process
datagrams quickly enough .

111
(No Transcript)
112
ICMP type 5 - route change request

It is used only by routers .
A router that knows that it is not the optimum
router for a particular destination uses the
relevant field of a route change request to
suggest a more suitable router .

113
ICMP type 11 - time exceeded for datagram

The format is the same as destination unreachable
.
It can be sent in 2 situations
From a router - Indicating that the TTL in the IP
header has been decremented to 0 .It indicates
that the original Time To Live was not suitable
to the number of hops needed .
From a node - An attempt to recreate the original
datagram by reassembly of fragments failed .The
code value is 1 .

114
ICMP type 12 - Parameter problem message

Indicates that a wrong argument has been used
with an option field in the IP header .It can
also indicate an error in the implementation of
IP .
Its sent only if the datagram has been discarded
.
The pointer field indicates the position of the
octet position of the suspect field .

115
ICMP types 1314 - Time stamp request reply

This message is used to obtain the time from a
clock in a distant machine .
It is rarely used today .

116
ICMP types 1516 - information request

This message is used to obtain the network number
of the requesting host if its unknown .
It can be used in dial in systems using SLIP as
a method for allocating the appropriate network
addresses for each end of the link .

117
ICMP types 1718 - Address mask request

Used to allow a node to discover the subnet mask
of the network it is connected to .
The node can send the request to a known address
or to broadcast .

118
Transport Protocol Ports
The address of an application within a host

Port 0 - Special use
Ports 1 - 255 - Well-known ports
Ports 256 - 1023 - Reserved ports
Ports 1024 - 4999 - Dynamic client ports
Ports 5000 - 65535 - Fixed server ports

119
User Datagram Protocol

Connectionless delivery service
Uses the IP layer service
Does not add reliability to the IP protocol
Enables distinguishing among multiple
destinations within a host computer

End point
120
UDP Protocol Header Format

Fragmentation
What if the packet size is larger then 1500
It is divided to 1500xN frames.
fragmentation flags are set

121
Flow using Datagrams (UDP)
Server
Client
socket()
socket()
bind()
sendto()/recvfrom()
sendto()/recvfrom()
closesocket()
closesocket()
122
Transmission Control Protocol

Connection based communication
Uses the IP layer service
Provides reliable service
Enables distinguishing among multiple
destinations within a host computer

123
TCP - Transmission Control Protocol

TCP is the protocol layer responsible for making
sure that the commands and messages are
transmitted reliably from one application program
running on a machine to another one on the other
machine
A message is transmitted and then a positive
acknowledgement is being waited for
If the positive acknowledgement does not arrive
in a certain period of time the message is
retransmitted
Messages are numbered in sequence so that no one
is being lost or duplicated
Messages are delivered at the destination in the
same order they were sent by the source
If the text of a mail is too large the TCP
protocol will split it into several fragments
called datagrams and it makes sure that all the
datagrams arrive correctly at the other end where
they are reassembled into the original message
The TCP protocol layer provides all the functions
that are needed for many applications and it is
better to put them together on a separate
protocol rather than being part of each
application
TCP can be viewed as forming a library of
routines that many applications can use when they
need reliable network communication with an
application on another computer
TCP provides also flow control and congestion
control

124
TCP Protocol Format
Source Port
Destination Port
Sequence Number
Acknowledgment Number
Offset Reserv Flags(6)
Window (16 bits)
Checksum (16)
Urgent Pointer
Options(If any)
Padding
Data (variable
length)
0 4 10
16 24
31
125
Establishing and closing TCP Connections
FIN
SYN
time
ACK
SYNACK
FIN
ACK
ACK
Close
Open
Three-way handshake
126
Sliding Windows
segment 1
ack1
time
segment 2
ack2
Positive acknowledgment with retransmission
Sliding window transmission
127
Application Addresses Sockets

On a network server normally several application
programs are running at the same time FTP
server telnet server mail server www server
gopher server etc.
TCP must know to which program to deliver the
received message
If you want to connect to the FTP server it is
not enough to know the IP address of the server
you have to specify that you want to talk to the
FTP server program
This is done by having the well-known sockets
- TCP ports - (see the file /etc/services on a
UNIX machine)
In a file server session e.g. two different
applications are involved FTP server and FTP
client
The client program gets commands from the user
and passes them to the FTP server program
There is no need for the client FTP program to
use a well know socket number because nobody is
trying to find it as opposed to the FTP server
program which have to have a well-known socket
number so that people can open connections to it
and start sending commands
The client FTP program asks the network software
to assign it a port number that is guarantee to
be unique for example 1236 if that number was
free
A connection is identified by four numbers
connection 1 192.162.16.2 1236 193.230.3.120
21
connection 2 192.162.16.2 1237 193.230.3.120
21
Two connections are different if at least one
number is different

128
Application Addresses Sockets
Socket IP address port
Message
Segment
Datagram
Frame
129
Well-known TCP ports
21 - FTP server 23 - telnet server 25 - SMTP
mail server 53 - domain nameserver 109 - POP2
server 110 - POP3 server
130
Flow using Streams (TCP)
Server
Client
socket()
bind()
socket()
listen()
connect()
accept()
send()/recv()
send()/recv()
closesocket()
closesocket()
131
ROUTING

The source and the destination hosts are on the
same LAN
There is no decisions for routing
The packet is transmitted on the cable (coax
twisted cable optical fiber)
Every computer connected to the LAN will receive
it.
That computer which finds that the destination
Ethernet address in the header is equal to his
Ethernet address will get the message the others
will discard it.
Note that the address of each computer on the LAN
begins with the same network number
Routing table for host A

132
Example of complex configuration
A .1
G .4
ec0
eth0
.4 .1
Routing tables net
gw int. M 193.230.5 none
eth0 193.230.6.2
sl0 193.230.4 193.230.5.1 eth0
193.230.3 193.230.5.1 eth0 192.162.16
193.230.5.1 eth0 default
193.230.6.2 sl0 I 193.230.5 none
eth0 193.230.4.1
sl0 193.230.3 193.230.4.1 sl0
192.162.16 193.230.4.1 sl0 default
193.230.5.5 eth0 H 193.230.3 none
ec0 193230.4.2
sl0 192.162.16 193.230.1 ec0
default 193.230.4.2 sl0 A 192.162.16
none eth0 default
192.162.16.4 eth0
D
193.230.3.
eth0
ec0
ec1
H
.2 .1
192.162.16.
sl0
193.230.4.
sl0
.2 .1
J .2
K .3
L .4
I
eth0
193.230.5.
.5 .1
M
sl0
193.230.6.
backbone network with Internet connectivity
sl0
.2
N
133
Routing table initialization and updating

Initialization of routing table
Normally at startup time by executing script
command files
Static routes
route add ltnetwork-addressgt ltgw-addressgt
ltmetricgt
route add 192.162.16.0 192.162.16.4 1
route add 193.230.3.0 192.162.16.4 1
route add default 192.162.16.4 1
netstat -rn displays the routing table on a UNIX
machine
Static routes have the disadvantage that they do
not adapt to the changes in the network topology
Dinamic routing protocols are run to update the
routing table so that they reflect the changes in
topology
Router classes
dedicated routers - special purpose equipment
Cisco Wellfleet Proteon Telebit
cheap router sollution - public domain software
for PCs
ka9q PCROUTE Linux Free BSD etc.

134
Routing protocols

Types of routing protocols
Interior Gateway Protocol (IGP) RIP IGRP OSPF
Hello
Exterior routing Protocol (EGP) BGP EGP

AS1
AS2
EGP
IGP
IGP
135
Autonomous System Number

An Autonomous System Number (AS) is a set of
routers under a single technical administration
using an interior gateway protocol and an
exterior gateway protocol to route packets to
other ASs.
An AS is a connected group of IP networks run by
one or more network operators which has a single
and defined routing policy.
AS number is a 16 bit number (65535 unique AS
numbers).
It is a finite amount of address space.
Sometimes the term AS is misunderstood and used
for grouping together a set of prefixes which
belong under the same administrative umbrella.
AS number are assigned by RIPE in Europe

136
Example for routing
static
IGRP
IGRP
National Network
IGRP
IGRP
BGP4
BGP4
EUROPANET
EBONE
Access to Internet
137
CIDR - Classless Inter-Domain Routing
Internet
customers
Internet Service Provider
193.230.3.0
193.230.0.0
193.230.1.0
193.230.02.0
host
network
Class-full representation
00000000
00000000
11000001
193.230.0.0
11100110
00000000
11100110
11000001
00000001
193.230.1.0
00000000
00000010
11100110
11000001
193.230.2.0
1110010
00000011
00000000
11000001
193.230.3.0
Host
Prefix
Classless representation
138
Example of CIDR configuration (supernetting)

Using BGP4 routing protocol all the 4 C class
addresses (193.230.0.0 193.230.1.0 193.230.2.0
193.230.3.0) can be advertised like one entry in
the routing table
router bgp 3233
agregate-address 193.230.0.0 255.255.252.0
summary-only
neighbor 19212115997 remote-as 1755
neighbor 193.226.27.86 remote-as 2614
Using BGP4 routing protocols all the 256 C
addresses of the block 193.230.0.0 -
193.230.255.255 can be advertised like one entry
in the routing table
router bgp 3233
agregate-address 193.230.0.0 255.255.0.0
summary-only
neighbor 19212115997 remote-as 1755
neighbor 193.226.27.86 remote-as 2614

139
IPng Features/Functionality

Expanded Address Space
Autoconfiguration
Real-time/Multimedia support
Integrated Security support
IPv4 IPv6 Transition Strategy

140
IP Version 6 - So whats really changed !

Address space
quadrupled to 16 bytes
Fixed Length
(optional headers daisy-chained)
No Check sum
(Done by Link Layer)
No hop-by-hop
segmentation
(Path MTU discovery)
Flow Label/Priority
(Integrated QoS support)

IPv4 Header
Total Length
IHL
Type of Service
Version
Identification
Flags
Fragment Offset
Protocol
Time to Live
Header Checksum
Source Address
Destination Address
Padding
Options
IPv6 Header
Priority
Flow Label
Version
Payload Length
Next Header
Hop Limit
Source Address
Destination Address
141
IPv6 Autoconfiguration