CMPE 252A: Computer Networks Set 10:

1
CMPE 252A Computer NetworksSet 10

• IP Internetworking

2
Internetworking

• Arbitrary collection of physical networks
  interconnected to provide an end-to-end
  (host-to-host) packet delivery service.
• Networks differ in many ways
• Service offered datagrams vs connections
• Protocols and mechanisms used
• Address space
• Topology and physical media
• An internetwork should make all these differences
  transparent to end nodes.

3
IP Internetworking

• Based on Cerfs catenet model
• V.G. Cerf, The Catenet Model for
  Internetworking, IEN 48, July 1978.
• Basic premises
• Heterogeneous transmission media
• Heterogeneous hardware and OS in hosts and
  gateways
• Common protocol for network interconnection runs
  in all gateways and hosts!
• Common protocol used for data transfer and
  signaling
• Common address space used to identify where a
  host or router is in the internetwork
• An address states at which network a node
  attaches to the internetwork

4
Catenet Model

• A network is the address of a host in the
  internet
• A single address space, with addresses that are
  globally unique
• A single protocol for delivering all user and
  control data
• Common protocol runs in all gateways and hosts
• A common definition of services

5
Catenet Model

• Routing within each network is transparent to
  internet protocol
• Internet protocol is transparent to
  intra-network routing

6
Service Model Theory and Practice

• The Internet Protocol (IP) evolved from the
  catenet model.
• Theory Datagram Delivery is assumed, so that
  packets can get lost, out of order, and multiple
  copies can be delivered.
• Practice
• TCP needs in-order delivery of packets to work
  efficiently, and (as we will see) Internet
  routing protocols provide a single path for each
  destination and do not adapt very rapidly.
• Too many destinations!

7
IP Internet today

• A single path to each destination, link costs
  are static.
• Starting with NSFNET, routers run IP and the
  Internet is based on routers running IP
  interconnecting autonomous systems.

8
Internet Control Protocols

• In addition to packet forwarding and keeping
  routing tables correct, sending IP packets
  requires a number of control protocols
• Host must be given an IP address (DHCP)
• Application in host has the name of an intended
  destination, and an IP address has to be found
  for that name.
• The application calls a resolver in the Domain
  Name System (DNS) or uses a static hosts file
  (e.g., /etc/hosts)
• Host determines if destination IP address is the
  same or different.
• If different, packet is sent to an attached
  (default) IP router.
• If same, the IP address must be converted to a
  MAC address (ARP).
• Destination router must also map IP address to
  MAC address (ARP).
• Errors may have to be reported to the source of
  an IP packet using a protocol (ICMP).

9
IP Internet Today
A Success tale of two worlds with a little glue
Networking is independent of processing and
storage of content.
10
IP Internet Approach

• Datagram switching (using IP) that
• - Optimizes link utilization by means of
  short-term storage of packets
• - Applies the same limited instruction set on all
  packets
• - Assumes that destinations are points of
  attachment to Internet (host_at_net)
• - Assumes that the context for switching a packet
  is stated in its encapsulated headers
• - Assumes that physical connectivity between
  switch and destination exists

Great if link bandwidth is scarce and storage and
processing are very expensive.
11
IP Internet Approach

• Mapping of application-friendly names to
  globally-unique identifiers linked to the
  topology (IP addresses)
• - Early binding of end points is inefficient
• - DNS is prone to attacks
• - Globally-unique addressing is inefficient
• - Mapping is inefficient if hosts move or many
  hosts can map to the same application-friendly
  name
• - Mapping introduces long latencies and is prone
  to configuration errors
• (35 of DNS queries fail many of them due to
  configuration errors Jung et al, sigcomm IMW01)

12
IP Internet Approach
Reliable connections (using TCP) for reliable
byte delivery between two hosts

• Reliable content delivery via connections
  between specific hosts is wasteful (gt99 use of
  todays networks is for entities to acquire named
  chunks of data (like web pages or email messages)
• Popular sites are hotspots and prone to
  congestion
• Poor reliability from dependence on a channel to
  the data source
• Poor utilization of computing and storage
  resources in the network
• End-to-end connectivity may not be there

Connection requires connectivity and a
bandwidth-delay product that permits
feedback. Flow and congestion control assumes a
sender-receiver session against all others.
13
IP Internet Approach

• Good
• The glue provided by IP.
• Interoperability attained with common packet
  format model
• Bad
• The network behaves as if storage and processing
  were still very expensive!
• End-to-end, we still emulate pipes similar to
  those of the telephone network!

applications
IP
transmission media
14
The Opportunity A New Kind of Network
A richer instruction set for packet switching
that takes advantage of context New routers
store and process content Names of content, not
host addresses, used as the entities for
routing Consumers and providers of content
collaborate based on their context
15
Designing Communication Protocols
16
Research Areas

• Naming
• No DNS, no IPv6, tell the network what you want,
  not where it should be
• Whats a name, whats an object?
• Content dissemination search
• No need for e-t-e connectivity, routing tables
  become distributed search engine for content
• R.T. conversations as objects, rather than
  reserved pipes
• No need for large pkt headers stating context in
  each pkt context establishment is part of
  distributed storage processing
• Handling billions of objects
• Devices
• No host/router divide exploit devic context
• Security
• Protect information objects and expressed
  interests for content wherever they may be
• New apps, no servers!
• New packet switching models
• Others New team-oriented retransmission
  congestion control schemes

17
Hierarchical Routing

• Scale 100s millions of destinations
• Routing table cannot store an entry for each
  destination!
• Routing table exchange would swamp links.
• Administrative autonomy
• Internet is a network of networks
• Each network administrator may want to control
  routing in its own network.

18
Hierarchical Routing

• Aggregate routers into regions, autonomous
  systems (AS)
• Routers in same AS run same routing protocol
• intra-AS routing protocol
• Routers in different AS can run different
  intra-AS routing protocol

• Special routers in AS
• Run intra-AS routing protocol with all other
  routers in AS
• Responsible for routing to destinations outside
  AS
• run inter-AS routing protocol with other gateway
  routers

19
Intra-AS and Inter-AS Routing

• Gateways
• Perform inter-AS routing amongst themselves
• Perform intra-AS routers with other routers in
  their AS

b
c
a
a
C
b
B
d
A
network layer
inter-AS, intra-AS routing in gateway A.c
link layer
physical layer
20
Intra-AS and Inter-AS Routing
b
c
Host D
a
a
C
b
B
d
Intra-AS routing within AS B
A
Host S
Intra-AS routing within AS A
21
Layers in Internet Routing
APPLICATION
APPLICATION
Routing Protocol
Routing Protocol
Routing Table
Routing Table
PRESENTATION
PRESENTATION
SESSION
SESSION
TRANSPORT (TCP or UDP)
TRANSPORT
NETWORK
NETWORK
Routing Table
Routing Table
IP
IP
LINK
LINK
PHYSICAL
PHYSICAL
22
IPv4 Packet Information
0
23
31
3
7
15
version
HLen
TOS
length
flags
identifier
offset
TTL
protocol
checksum
source address
destination address
pad (variable)
Options (variable)
data

• Typically no options and header is 20 bytes

23
IPv4 Datagram Format
IP protocol version number
32 bits
total datagram length (bytes)
header length (words)
type of service
head. len
ver
length
for fragmentation and reassembly
fragment offset
type of data
flgs
16-bit identifier
max number remaining hops (decremented at each
router)
upper layer
time to live
Internet checksum
32 bit source IP address
32 bit destination IP address
upper layer protocol to deliver payload to
e.g., timestamp, record route taken,
specify list of routers to visit.
Options (if any)

• how much overhead with TCP?
• 20 bytes of TCP
• 20 bytes of IP
• 40 bytes app layer overhead

data (variable length, typically a TCP or UDP
segment)
24
IPv4 Addresses

• IP addresses are global and, unlike MAC
  addresses, they are hierarchical.
• IP address has a network part and a host part and
  specifies host_at_network
• A host has an address for each network to which
  it attaches.
• IP addresses are denoted using the dotted-decimal
  notation Each byte of the address is written in
  its decimal form and is separated by a dot from
  the other bytes, e.g.,
• 5.7.2.1 gt 00000101 00000111 00000010 00000001

25
IPv4 Addresses
223.1.1.1

• IP address 32-bit identifier for host, router
  interface
• Interface connection between host or router and
  physical link
• Routers typically have multiple interfaces
• Host may have multiple interfaces
• IP addresses associated with each interface

223.1.2.9
223.1.1.4
223.1.1.3
223.1.1.1 11011111 00000001 00000001 00000001
223
1
1
1
26
IPv4 Addresses

• Routing table entries referring to destinations
  in the same AS refer to networks only.

223.1.1.
27
IPv4 Addressing Problems

• There were too few networks left due to the class
  structure used in IP address assignments!
• There are many more IP devices and appliances
  coming.
• Routing tables cannot have millions of entries.
• Solutions
• Aggregation of addresses without classes (CIDR)
• New and much bigger global address space (IPv6)
• Locally unique addresses (NAT and other
  techniques)

28
Class-based IPv4 Addresses (past)
8
16
24
31
0
network
host
0
Class A
16 million
host
network
Class B
10
65,534
host
network
110
Class C
254
multicast address
Class D
1110
reserved address
Class E
11110
29
IP Addressing CIDR

• Classful addressing
• Inefficient use of address space, address space
  exhaustion.
• A class B address has enough addresses for 65K
  hosts, even if only a few more than 256 hosts
  are located in that network
• CIDR Classless InterDomain Routing
• Eliminate the strict assignment of address
  portion in class-full addressing.
• Enable a network portion of address of arbitrary
  length.
• CIDR Address Format
• a.b.c.d/x, where x is bits in network
  portion of address

30
Assigning IP Addresses to Hosts

• Hard-coded by system administrator in a file
• Wintel
• control-panel-gtnetwork-gtconfiguration-gt
• tcp/ip-gtproperties
• UNIX /etc/rc.config
• Obtain address from as server dynamically
• (plug-and-play)
• This is the purpose of
• DHCP Dynamic Host Configuration Protocol

31
Assigning Network Portion of IP Address to a
Network

• An ISP obtains a block of the address space.
• Net is allocated portion of its provider ISPs
  address space.

ISP's block 11001000 00010111 00010000
00000000 200.23.16.0/20 Organization 0
11001000 00010111 00010000 00000000
200.23.16.0/23 Organization 1 11001000
00010111 00010010 00000000 200.23.18.0/23
Organization 2 11001000 00010111 00010100
00000000 200.23.20.0/23 ...
..
. . Organization 7
11001000 00010111 00011110 00000000
200.23.30.0/23
32
Assigning Blocks of Addresses to ISPs

• IANA Internet Assigned Numbers Authority
• Domain names Manage the DNS root, .int, .arpa
  domains.
• Number resources Coordination of global pool of
  IP and AS numbers via Regional Internet
  Registries
• Protocol assignments Manage Internet protocol
  numbering systems together with standards bodies.
• Operated by Internet Corporation for Assigned
  Names and Numbers (ICANN) under a US Department
  of Commerce contract
• http//www.iana.org/
• http//www.icann.org/
• Take a look and remind yourselves how it works.

33
Hierarchical Addressing for Route Aggregation
Allow efficient advertisement of routing
information
Organization 0
Organization 1
Send me anything with addresses beginning
200.23.16.0/20
Organization 2
My-ISP
Internet
Organization 7
Send me anything with addresses beginning
199.31.0.0/16
Another-ISP
34
Hierarchical Addressing and More Specific Routes
Another-ISP has a more specific route to
Organization 1
Organization 0
Send me anything with addresses beginning
200.23.16.0/20
Organization 2
My-ISP
Internet
Organization 7
Send me anything with addresses beginning
199.31.0.0/16 or 200.23.18.0/23
Another-ISP
Organization 1
35
Internet Routing Protocols

• Itra-domain routing
• RIP, OSPF, EIGRP
• Single-path routing protocols, static link costs
• Performance (shortest path)
• Inter-domain routing
• Border Gateway Protocol (BGP)
• Single path
• Policy based

36
RIP

• Based on DBF
• Used in small internets
• Problems Counting to infinity and looping,
  single-path routing, link cost should be 1 or
  infinity
• Update specifies only a destination network and a
  distance to it hence, no variable subnet masks
  are allowed in local internet and a static
  subnetting convention must be used for all
  routers
• Router sends its routing table to its neighbors
  every 30 sec. or when it must update its routing
  table.
• Runs on top of UDP.

37
RIPv2

• Adds the next hop to a destination and subnet
  mask in each update.
• Variable subnets are allowed.
• Performance does not improve much.

38
OSPF Open Shortest Path First

• Dijkstras SPF used to compute shortest paths
  locally based on topology map.
• Flooding is used to disseminate topology maps.
• Sequence numbers and age fields are used to
  validate link-state updates.
• Runs on top of IP and implements its own reliable
  transmission of link-state updates.
• Designated routers are used to reduce overhead
  within a LAN, and areas connected by a backbone
  are used to reduce overhead across LANs.
• A handshake is used to reduce overhead of sending
  large portions of the topology map between
  neighbors.
• HELLOs used to identify neighbors.

39
OSPF
A2
A3
A4

• Areas must be connected by a connected backbone
  (area 0)

40
OSPF
EA1 EA2 EAn
41
OSPF

• Areas need unique IDS, an IP address.
• Zero or more address ranges can be reached in an
  area.
• Different types of routers have different views
  of topology.
• End result is a hybrid of link-state and distance
  information.

42
Topology Information at Backbone Router
A2
A1
EA1 EA2 EAn
A3
A4
43
Topology Information at Area Border Router
R
R
R
R
R
44
Topology Information atInternal Router
A2
A1
R
R
R
EA1 EA2 EAn
R
R
A4
A3
45
OSPF
R
R
R
R

• In a broadcast LAN, designated router eliminates
  too many link state updates.
• LSUs, HELLOs and topology updates sent unicast to
  designated router, which keeps all routers in LAN
  updated.

46
Differences between Intra- and Inter-AS Routing

• Policy
• Inter-AS admin wants control over how its
  traffic routed, who routes through its net.
• Intra-AS single administration, so no policy
  decisions needed (usually changing with traffic
  engineering)
• Scale
• Hierarchical routing saves table size, reduced
  update traffic
• Performance
• Intra-AS can focus on performance
• Inter-AS policy dominates over performance

47
Inter-AS routing in the Internet BGP
48
BGP

• BGP (Border Gateway Protocol) the de facto
  standard for Internet inter-AS routing.
• Path Vector protocol
• Similar to Distance Vector protocol
• Each Border Gateway broadcast to neighbors
  (peers) entire path (i.e., sequence of ASs) to
  destination
• BGP routes to networks (ASs), not individual
  hosts
• e.g., Gateway X may send its path to dest. Z
• Path (X,Z) X,Y1,Y2,Y3,,Z

49
BGP

• Gateway X send its path to peer gateway W
• W may or may not select path offered by X
• cost, policy (dont route via competitors AS),
  loop prevention reasons.
• If W selects path advertised by X, then
• Path (W,Z) w, Path (X,Z)
• Note X can control incoming traffic by
  controlling its route advertisements to peers
• e.g., if X does not want to forward traffic to Z
  then do not advertise any routes to Z

50
Controlling Who Routes to You

legend

provider

B

network

X

W

A

customer

network

C

Y

• A,B,C are provider networks
• X,W,Y are customer (of provider networks to which
  they attach directly)
• X is dual-homed attached to two networks
• X does not want to forward from B via X to C
• .. so X will not advertise to B a route to C

Figure 4.5
-
BGPnew
a simple BGP scenario

51
Controlling Who Routes to You

legend

provider

B

network

X

W

A

customer

network

C

Y

• A advertises to B the path AW
• B advertises to X the path BAW
• Should B advertise to C the path BAW?
• No... B gets no revenue for routing CBAW
  since neither W nor C are Bs customers
• B wants to force C to route to W via A
• B wants to route only to/from its customers!

Figure 4.5
-
BGPnew
a simple BGP scenario

52
BGP Operation

• Receiving and filtering route advertisements from
  directly attached neighbor(s).
• Route selection.
• To route to destination X, which path )of several
  advertised) will be taken?
• Sending route advertisements to neighbors.

53
BGP Messages

• BGP messages exchanged using TCP.
• BGP messages
• OPEN opens TCP connection to peer and
  authenticates sender
• UPDATE advertises new path (or withdraws old)
• KEEPALIVE keeps connection alive in absence of
  UPDATES also ACKs OPEN request
• NOTIFICATION reports errors in previous msg
  also used to close connection

54
Additional Control

• More than just route computation and forwarding!

55
Sending Datagrams from Source to Destination

• IP datagram remains unchanged, as it travels
  from source to destination

source IP addr
misc fields
dest IP addr
data
56
Sending Datagrams from Source to Destination
misc fields
data
223.1.1.1
223.1.1.3

• Starting at A, send IP datagram addressed to B
• Look up net. address of B in forwarding table
• Find B is on same net as A
• Link layer sends datagram directly to B inside
  link-layer frame
• B and A are directly connected

57
Sending Datagrams from Source to Destination
misc fields
data
223.1.1.1
223.1.2.2

• Starting at A, dest. E
• Look up network address of E in forwarding table
• E is on a different network
• A, E not directly attached
• Routing table next hop router to E is 223.1.1.4
• Link layer sends datagram to router 223.1.1.4
  inside link-layer frame
• Datagram arrives at 223.1.1.4

58
Sending Datagrams from Source to Destination
misc fields
Forwarding table at router
223.1.1.1
223.1.2.3
data

• Arriving at 223.1.4, destined for 223.1.2.2
• Look up network address of E in routers
  forwarding table
• E on same network as routers interface 223.1.2.9
  
• Router and E are directly attached
• Link layer sends datagram to 223.1.2.2 inside
  link-layer frame via interface 223.1.2.9
• Datagram arrives at 223.1.2.2

59
Fragmentation

• Packet length is in bytes and includes header
  maximum length is then 65,535 bytes
• MAC protocol my not support such long packets,
  and an IP packet may have to be fragmented.
• Ethernet accepts frames of up to 1500 bytes and
  FDDI of up to 4500 bytes
• Each fragment is a self-contained datagram.
• Fragmentation is handled with
• The packet ID, which is the same for all fragment
• The offset, which states the byte (position) of
  the fragment
• A flag indicating that there a more fragments for
  the same ID coming.

60
Fragmentation Example
Length 3980 B ID 50
D
ID 50 length 1480B flag 1 (more)
S
ID 50 length 1480B flag 1 (more)
ID 50 length 1020B flag 0 (last)

• Each datagram has a 20-byte header.
• Re-assembly done at IP module of destination D.
• Fragmentation is avoided in general by limiting
  the size of TCP segments to 536 B, because all
  data-link protocols must support MTUs of 576 B.
  (536 20 of IP header 20 of TCP header).

61
IPv4 Header

• TTL (time to live indicates how long the packet
  can stay in the network it is specified in hops
  and is decremented each time the packet is
  forwarded.
• Default is 64 hops nodes can play with the field
  to limit the scope
• Protocol specifies the type of payload
• Checksum is computed considering the entire
  header as a sequence of 16-bit words, adding them
  up with 1s complement arithmetic and taking the
  1s complement of the result.
• This checksum is NOT as powerful as a CRC but is
  simple to do in software.
• Why this way? Because it is done at each hop
  (software)
• What if we process headers in hardware?

62
Error Reporting

• In general, errors can be reported to the origin
  of a packet or to intermediate relays or both.
• In the IP Internet, errors are reported to the
  source using ICMP (internet control message
  protocol).
• The choice stems from using IP for all signaling
  and user data transfer in the Internet.
• ICMP messages are encapsulated in IP.
• An IP packet specifies the source and destination
  and not the relays (options are not supported in
  general)

63
ICMP Internet Control Message Protocol
Type Code description 0 0 echo
reply (ping) 3 0 dest. network
unreachable 3 1 dest host
unreachable 3 2 dest protocol
unreachable 3 3 dest port
unreachable 3 6 dest network
unknown 3 7 dest host unknown 4
0 source quench (congestion
control - not used) 8 0
echo request (ping) 9 0 route
advertisement 10 0 router
discovery 11 0 TTL expired 12 0
bad IP header

• Used by hosts and routers for
• Error reporting unreachable host, network, port,
  protocol
• Echo request/reply (used by ping)
• Network-layer above IP
• ICMP messages are carried in IP datagrams
• ICMP message type, code plus first 8 bytes of IP
  datagram causing error

64
Address Resolution Protocol

• Goal Enable a host to build a table of mappings
  between IP addresses and MAC addresses in a
  dynamic manner.
• Mappings are called ARP cache or ARP table.
• Approach
• ARP is designed assuming a fully connected,
  broadcast link layer (LAN) and the requestor is
  responsible for persisting.
• Hosts and routers broadcast requests and
  responses and listen to requests and responses
  from any other node in the LAN.
• Different approach would be needed in a multihop
  LAN.

65
ARP
8
16
24
31
0
protocol type
hardware type
sender MAC address

target MAC address
sender IP address
target MAC address
target IP address

• Hardware type hardware interface type (e.g.,
  Ethernet is 1)
• HLEN and PLEN length of MAC address and
  high-level protocol address
• Protocol type type of high-level protocol
  address (e.g., IP)
• OPERATION ARP request (1), ARP response (2),
  RARP request (3), RARP response (4).

66
ARP

• Implementation considerations
• Minimize the number of ARP requests sent
• Queue requests for the same IP address
• Learn form requests from others
• Only one node is the target of an ARP
• A node can act as a proxy for others
• Reverse ARP (RARP) provides the requestor with
  its own IP address
• Nodes responding should play response avoidance
  using randomized timers

67
Dynamic Host Configuration

• Host must be assigned an IP address, because it
  is not committed to hardware as a MAC address.
• Configuring hosts with proper IP addresses is
  involved.
• DHCP (dynamic host configuration protocol) is a
  solution to this configuration and management
  problem.
• DHCP is intended to support manual, automatic and
  dynamic configurations
• DHCP is designed to work with no pre-configured
  addresses of servers and across networks.

68
DHCP
Derived from BOOTP Host knows nothing, relay is
configured with IP address of server Sever
assigns IP addresses statically or
dynamically Relies on end-to-end level datagrams
(UDP) UDP specifies DHCP
my IP???
69
DHCP Dynamic Host Configuration Protocol

• Goal Allow host to dynamically obtain its IP
  address from network server when it joins
  network.
• Can renew its lease on address in use
• Allows reuse of addresses (only hold address
  while connected an on
• Support for mobile users who want to join network
  (more shortly)
• DHCP overview
• host broadcasts DHCP discover msg
• DHCP server responds with DHCP offer msg
• host requests IP address DHCP request msg
• DHCP server sends address DHCP ack msg

70
Special IP Addresses

• All 0s IP address means This host
• Address with net.host 0.host means
• host in this network
• All 1s IP address means
• Broadcast on this network
• Address with net.host net.1111 means
  broadcast on net
• 127.anything means loopback

71
DHCP Client-Server Scenario
223.1.2.1
DHCP

223.1.1.1
server

223.1.1.2
223.1.2.9
223.1.1.4
223.1.2.2
arriving DHCP client needs address in
this network
223.1.1.3
223.1.3.27

223.1.3.2
223.1.3.1

72
DHCP Client-Server Scenario
arriving client
DHCP server 223.1.2.5
DHCP offer
src 223.1.2.5, 67 dest 255.255.255.255,
68 yiaddrr 223.1.2.4 transaction ID
654 Lifetime 3600 secs
DHCP request
src 0.0.0.0, 68 dest 255.255.255.255,
67 yiaddrr 223.1.2.4 transaction ID
655 Lifetime 3600 secs
time
DHCP ACK
src 223.1.2.5, 67 dest 255.255.255.255,
68 yiaddrr 223.1.2.4 transaction ID
655 Lifetime 3600 secs
73
NAT Network Address Translation
74
NAT Network Address Translation
rest of Internet
local network (e.g., home network) 10.0.0/24
10.0.0.1
10.0.0.4
10.0.0.2
138.76.29.7
10.0.0.3
Datagrams with source or destination in this
network have 10.0.0/24 address for source,
destination (as usual)
All datagrams leaving local network have same
single source NAT IP address 138.76.29.7, differe
nt source port numbers
75
NAT Motivation

• Local network uses just one IP address as far
  as outside world is concerned
• No need to be allocated range of addresses from
  ISP - just one IP address is used for all
  devices
• Can change addresses of devices in local network
  without notifying outside world
• Can change ISP without changing addresses of
  devices in local network
• Devices inside local net not explicitly
  addressable, visible by outside world (a security
  plus).

76
Functions of NAT Router

• Outgoing datagrams
• Replace (source IP address, port ) of every
  outgoing datagram to (NAT IP address, new port )
• . . . remote clients/servers will respond using
  (NAT IP address, new port ) as destination addr.
• Remember (in NAT translation table)
• every (source IP address, port ) to (NAT IP
  address, new port ) translation pair
• Incoming datagrams
• Replace (NAT IP address, new port ) in dest
  fields of every incoming datagram with
  corresponding (source IP address, port ) stored
  in NAT table

77
NAT Example
NAT translation table WAN side addr LAN
side addr
138.76.29.7, 5001 10.0.0.1, 3345

10.0.0.1
10.0.0.4
10.0.0.2
138.76.29.7
10.0.0.3
4 NAT router changes datagram dest addr
from 138.76.29.7, 5001 to 10.0.0.1, 3345
3 Reply arrives dest. address 138.76.29.7,
5001
78
NAT Issues

• 16-bit port-number field
• 60,000 simultaneous connections with a single
  LAN-side address!
• NAT is controversial
• Routers should only process up to layer 3
• Violates end-to-end argument
• NAT possibility must be taken into account by app
  designers, e.g., P2P applications
• Should address shortage be solved using IPv6
  instead? (a new address space of globally unique
  IDs)