Chng 3: T ng m ng Internet Layer

Gi ng vin: Ng H ng Sn Khoa CNTT- HBK H N i B mn Truy n thng v M ng my tnh

Bi gi ng c s d ng ngu n ti li u cung c p b i tr ng i h c Keio, Nh t B n

T ng quan
Tu n tr c
V sao ph i phn t ng Ki n trc phn t ng, m hnh OSI/TCP Khi ni m v a ch IP, a ch MAC, s hi u c ng, tn mi n.

Tu n ny
Giao th c t ng m ng Internet Protocol a ch IP v khun d ng gi tin IP Giao th c thng bo i u khi n- ICMP
2

Gi i thi u v giao th c t ng m ng IP
Khi ni m c b n Nguyn l lu-v-chuy n ti p c i m giao th c IP

Internet Protocol
L m t giao th c t ng m ng Hai ch c nng c b n Ch n ng (Routing): Xc nh ng i c a gi tin t ngu n n ch Chuy n ti p (Forwarding): Chuy n d li u t u vo t i u ra c a b nh tuy n (router) VD

application TCP/UDP IP data link physical

1. Send data

application TCP/UDP IP 2. Receive data data link physical

4

Ch n ng v chuy n ti p gi tin
IP packet
Ver IHL TOS

Packet length
Flag Fragment Offset Header Checksum

Identification

TTL

Protocol

payload

IP header

Source IP address Destination IP address

Host Router
ng i ti p theo? Chuy n ti p n router no?

Router

Router
5

Host

Nh c l i: Network layer vs. Transport layer

network: Gi a cc my tr m ho c cc b nh tuy n (Hosts) transport: Gi a cc ti n trnh trn my tr m (Processes)

 c i m c a giao th c IP
Khng tin c y / nhanh
Truy n d li u theo phng th c best effort IP khng c c ch ph c h i l i Khi c n, s s d ng d ch v t ng trn m b o tin c y (TCP)

Giao th c khng lin k t

Cc gi tin c x l c l p

 a ch IP
L p a ch IP CIDR a ch IP khng phn l p M ng con v m t n m ng Cc a ch IP c bi t

 a ch IP (IPv4)
a ch IP : M t s 32-bit nh danh giao di n my tr m, b nh tuy n M i a ch IP c gn cho m t giao di n a ch IP c tnh duy nh t
223.1.1.1 223.1.2.1 223.1.1.2 223.1.1.4 223.1.1.3 223.1.2.9 223.1.2.2

223.1.3.27

223.1.3.1

223.1.3.2

223.1.1.1 = 11011111 00000001 00000001 00000001 223 1 1

9 1

K hi u th p phn c ch m
V d : 203.178.136.63 259.12.49.192 133.27.4.27

8 bits 0 255 integer

o x o

S d ng 4 ph n 8 bits miu t m t a ch 32 bits 3417476964

1 1 0 0 1 0 1 1 1 0 1 1 0 0 1 0 1 0 0 0 1 1 1 1 0 1 1 0 0 1 0 0

203

178

143

100

10

 a ch my tr m, a ch m ng
a ch IP c hai ph n
Host ID a ch my tr m Network ID a ch m ng
Network ID Host ID

1 1 0 0 1 0 1 1 1 0 1 1 0 0 1 0 1 0 0 0 1 1 1 1 0 1 1 0 0 1 0 0

203

178

143

100

Lm th no bi t c ph n no l cho my tr m, ph n no cho m ng?

Phn l p a ch Khng phn l p CIDR
11

Phn l p a ch IP
8bits 8bits 8bits 8bits

Class Class Class Class Class

A B C D E

0 1 1 1 1

0 1 1 1

7 H H H 6bit N H H 0 5 N N H 1 0 Multicast 1 1 Reserve for future use

# of network 128 16384 2^21 # of hosts 2^24 65536 256

Class A Class B Class C

12

H n ch c a vi c phn l p a ch
Lng ph khng gian a ch
Vi c phn chia c ng thnh cc l p (A, B, C, D, E) lm h n ch vi c s d ng ton b khng gian a ch

Cch gi i quy t
CIDR: Classless Inter Domain Routing
Ph n a ch m ng s c di b t k D ng a ch : a.b.c.d/x, trong x (m t n m ng) l s bit trong ph n ng v i a ch m ng

13

M t n m ng
M t n m ng chia m t a ch IP lm 2 ph n
Ph n ng v i my tr m Ph n ng v i m ng

Dng ton t AND

Tnh a ch m ng Tnh kho ng a ch IP

14

M t m t n m ng
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0

255

255

255

224

255.255.255.224 /27 0xFFFFFFe0

S l m t trong cc s :
0 128 192 224 240 248 252 254 255
15

Cch tnh a ch m ng
Network part 203 . 178 . 142 . Host Part 130

IP Address Netmask (/27)

AND

11001011 10110010 10001110 10000010 255 . 255 . 255 . 224

11111111 11111111 11111111 11100000

27 (bit)
203 . 178 . 142 . 128 11001011 10110010 10001111 10000000

Network address

203.178.142.128/27
16

M t n m ng v kch th c m ng
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0

255

255

255

192

Kch th c
Theo ly th a 2

Trong tr ng h p /26
Ph n my tr m = 6 bits 26=64 D i a ch c th gn:
0 - 63 64 - 127 128 - 191 192 - 255
17

RFC1878

 a ch m ng hay my tr m (1)
133 27 4 160 10000101000110110000010010100000
11111111111111111111111111000000

10000101000110110000010010000000

133

27

128

18

 a ch m ng hay my tr m (2)
133 27 4 160 10000101000110110000010010100000
11111111111111111111111111100000

10000101000110110000010010000000

133

27

128

19

Cc d ng a ch
a ch m ng
a ch IP gn cho m t m ng

a ch my tr m
a ch IP gn cho m t card m ng

a ch qu ng b
a ch dng g i cho t t c cc my tr m trong m ng Ton bit 1 ph n ng v i a ch my tr m
20

 a ch IP v m t n m ng
a ch no l a ch my tr m, a ch m ng, a ch qu ng b? (1) 203.178.142.128 /25 (2) 203.178.142.128 /24 (3) 203.178.142.127 /25 (4) 203.178.142.127 /24 Lu : V i cch a ch ha theo CIDR, a ch IP v m t n m ng lun ph i i cng nhau

21

M ng con - subnet
L m t ph n c a m t m ng no
ISP th ng c gn m t kh i a ch IP M t vi m ng con s c t o ra
223.1.1.1 223.1.2.1 223.1.1.2 223.1.1.4 223.1.1.3 223.1.2.9 223.1.2.2

223.1.3.27

T o subnet nh th no
S d ng m t m t n m ng di hn

subnet
223.1.3.1 223.1.3.2

M ng v i 3 m ng con
22

V d : Chia lm 2 subnets
11001000 00010111 00010000 00000000 200. 23. 16. 0 /24

11001000 00010111 00010000 00000000 200. 23. 16. 0 11001000 00010111 00010000 10000000 200. 23. 16. 128

/25 /25

23

V d : Chia lm 4 subnets
M ng v i m t n /24 C n t o 4 m ng con
M M M M ng v ng v ng v ng v i 14 my tnh i 30 my tnh i 31 my tnh i 70 my tnh /28 /27 /26 /25

/28

/27

/26

/25

/24

24

Khng gian a ch IPv4

Theo l thuy t
C th l 0.0.0.0 255.255.255.255 M t s a ch c bi t

a ch IP c bi t (RFC1918)
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 127.0.0.0 224.0.0.0 239.255.255.255

Private address Loopback address Multicast address

a ch lin k t n i b : 169.254.0.0/16
25

Lu v a ch IP
Internet ang s d ng IPv4: 32 bits
133.113.215.10 (IPv4)

IPv6 v s c s d ng r ng ri hn: 128bits

2001:200:0:8803::53 (IPv6)

IPv6 s c c p k hn sau.

26

Gn /c IP?
Q: Lm th no my c a ch IP?
Do ng i qu n tr gn tr c ti p Windows: control-panel->network>configuration->tcp/ip->properties UNIX: /etc/rc.config DHCP: Dynamic Host Configuration Protocol: Giao th c c u hnh a ch ng plug-and-play
27

DHCP: Dynamic Host Configuration Protocol

M c ch: Cho php my tr m nh n m t a ch IP ng khi k t n i vo m ng
- C th renew, release - H tr ng i dng hay ph i di chuy n (mobile)

T ng quan v DHCP : My tr m qu ng b thng i p DHCP discover My ch DHCP tr l i v i DHCP offer My tr m xin a ch v i : DHCP request My ch DHCP c p a ch v i: DHCP ack
28

Ho t ng c a DHCP client-server
A
223.1.1.1 223.1.1.2 223.1.1.4

DHCP server
223.1.2.9

223.1.2.1

B
223.1.1.3 223.1.3.1 223.1.3.27

223.1.2.2

DHCP client

223.1.3.2

29

DHCP client-server scenario

DHCP server: 223.1.2.5
DHCP discover src : 0.0.0.0 dest.: 255.255.255.255 yiaddr: 0.0.0.0 transaction ID: 654 DHCP offer src: 223.1.2.5, 67 dest: 255.255.255.255 yiaddrr: 223.1.2.4 transaction ID: 654 Lifetime: 3600 secs DHCP request src: 0.0.0.0 dest:: 255.255.255.255, 67 yiaddrr: 223.1.2.4 transaction ID: 655 Lifetime: 3600 secs DHCP ACK src: 223.1.2.5 dest: 255.255.255.255 yiaddrr: 223.1.2.4 transaction ID: 655 Lifetime: 3600 secs
30

arriving client

time

C p a ch IP cho m ng?
Q: M t m ng con l y a ch IP t u? A: Chia ra t khng gian a ch c a ISP (Internet Service Provider)
ISP's block Organization 0 Organization 1 Organization 2 ... Organization 7 11001000 00010111 00010000 00000000 11001000 00010111 00010000 00000000 11001000 00010111 00010010 00000000 11001000 00010111 00010100 00000000 .. . 11001000 00010111 00011110 00000000 200.23.16.0/20 200.23.16.0/23 200.23.18.0/23 200.23.20.0/23 . 200.23.30.0/23

31

Qu n l /c IP Q: ISP l y a ch IP t u ? A: ICANN: Internet Corporation for Assigned

Names and Numbers C p pht a ch Qu n DNS.

32

Khun d ng gi tin IP

33

Ph n u gi tin IP
total datagram length (words) IP protocol version number header length (bytes) QoS support max number remaining hops (decremented at each router) upper layer protocol to deliver payload to ver head. len 32 bits DS length fragment flgs offset header checksum

16-bit identifier upper time to layer live

for fragmentation/ reassembly

32 bit source IP address 32 bit destination IP address Options (if any) E.g. timestamp, record route taken, specify list of routers to visit.
34

data (variable length, typically a TCP or UDP segment)

IP header (1)
Phin b n giao th c (4 bits)
IPv4 IPv6

di ph n u: 4bits
Tnh theo t (4 bytes) Min: 5 Max: 60

35

IP header (2)
DS (Differentiated Service : 8bits)
Tn c: Type of Service Hi n t i c s d ng trong qu n l QoS Diffserv

36

IP header (3)
di ton b , tnh c ph n u (16 bits)
Theo bytes Max: 65536

ID S hi u gi tin
Dng xc nh m t chu i cc gi tin c a m t gi tin b phn m nh

Flag C Fragmentation offset V tr gi tin phn m nh trong gi tin ban u

37

IP header (4)
TTL, 8 bits Th i gian s ng
di ng i gi tin c th i qua Max: 255 Router gi m TTL i 1 n v khi x l Gi tin b h y n u TTL b ng 0

Protocol giao th c t ng trn

Giao th c giao v n pha trn (TCP, UDP,) Cc giao th c t ng m ng khc (ICMP, IGMP, OSPF ) cng c tr ng ny

38

IP header (4)
Checksum M ki m sot l i a ch IP ngu n
32 bit, a ch c a tr m g i

a ch IP ch
32 bit, a ch c a tr m ch

39

Phn m nh gi tin (1)

ng truy n c m t gi tr MTU (Kch th c n v d li u t i a) Cc ng truy n khc nhau c MTU khc nhau M t gi tin IP l n qu MTU s b
Chia lm nhi u gi tin nh hn c t p h p l i t i tr m ch
40

Phn m nh: in: 1 gi tin l n out: 3 gi tin nh hn

H p nh t

Phn m nh (2)
Tr ng Identification
ID c s d ng tm cc ph n c a gi tin

Flags c (3 bits)
D phng Khng c php phn m nh Cn phn m nh
Dng t p h p gi tin

41

Phn m nh (3)
l ch - Offset
V tr c a gi tin phn m nh trong gi tin ban u Theo n v 8 bytes
0 1399

Offset = 0/8 = 0

1400

2800

3999

1400

2799

Offset = 1400/8 = 175

2800

3999

Offset = 2800/8 = 350

42

Checksum
M ki m sot l i cho ph n u T i bn g i
t checksum = 0 T ng theo cc s 16 bits o bit t t c

T i bn nh n
T ng t t c theo cc s 16 bit Ph i thu c ton cc bit 1 N u khng, gi tin b l i
43

Ty ch n
Dng thm vo cc ch c nng m i
C th t i 40 bytes
Code (8) Length (8) Data (Variable length)

copy

Class

Number Number: 00000: End of option 00001: No operation 00011: Loose source route 00100: Timestamp 00111: Record route 01001: Strict source route

Copy: 0: copy only in first fragment 1: copy into all fragment Class: 00: Datagram control 01: Reserved 10: Debugging and measurement 11: Reserved

44

Internet Control Message Protocol

T ng quan Khun d ng gi tin Ping v Traceroute

45

T ng quan v ICMP (1)

IP l giao th c khng tin c y, khng lin k t
Thi u cc c ch h tr v ki m sot l i

ICMP c s d ng thng tin

t ng m ng trao i

Bo l i: bo gi tin khng n c m t my tr m, m t m ng, m t c ng, m t giao th c. Thng i p ph n h i

46

T ng quan v

ICMP (2)

Cng l giao th c t ng m ng, song pha trn IP: Thng i p ICMP ch a trong cc gi tin IP ICMP message: Type, Code, cng v i 8 bytes u tin c a gi tin IP b l i

ICMP message

IP header

ICMP message

47

Nh c l i: IP header v tr ng Protocol
Ver HLEN DS Total Length Flags Fragmentation offset

Identification TTL Protocol

Header Checksum

Source IP address Destination IP address Option

Protocol: 1: ICMP 2: IGMP 6: TCP 17: UDP 89: OSPF

C th xem s hi u giao th c t i
/etc/protocols C:\WINDOWS\system32\drivers\etc\protocols
48

Khun d ng gi tin ICMP

Type: d ng gi tin ICMP Code: Nguyn nhn gy l i Checksum M i d ng c ph n cn l i tng ng
0 78 15 16 31

Type

Code Rest of the header Data

Checksum

49

M t s d ng gi tin ICMP
3 4 ICMP Message Type Error-reporting messages 5 11 12 8 or 0 Query messages 13 or 14 17 or 18 9 or 10 Destination Unreachable Source quench Redirection Time exceeded Parameter problem Echo reply or request Time stamp request or reply Address mask request or reply Router advertisement or solicitation
50

ICMP v cc cng c debug

ICMP lun ho t ng song trong su t v i ng i s d ng NSD c th s d ng ICMP thng qua cc cng c debug
ping traceroute

51

Ping v ICMP
ping
S d ng ki m tra k t n i G i gi tin ICMP echo request Bn nh n tr v ICMP echo reply

M i gi tin c m t s hi u gi tin Tr ng d li u ch a th i gian g i gi tin

Tnh c th i gian i v v - RTT (round-trip time)
52

RTT (Round-Trip Time)

Sender
0 L/R

Receiver

RTT

eply R
RTT + L / R

time

time

53

Ping: V d
C:\Documents and Settings\hongson>ping www.yahoo.co.uk Pinging www.euro.yahoo-eu1.akadns.net [217.12.3.11] with 32 bytes of data: Reply from 217.12.3.11: bytes=32 time=600ms TTL=237 Reply from 217.12.3.11: bytes=32 time=564ms TTL=237 Reply from 217.12.3.11: bytes=32 time=529ms TTL=237 Reply from 217.12.3.11: bytes=32 time=534ms TTL=237 Ping statistics for 217.12.3.11: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 529ms, Maximum = 600ms, Average = 556ms

54

Traceroute: Cng c d v t ng i
C:\Documents and Settings\hongson>tracert www.jaist.ac.jp Tracing route to www.jaist.ac.jp [150.65.5.208] over a maximum of 30 hops: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 ms <1 ms <1 ms 192.168.1.1 15 ms 14 ms 13 ms 210.245.0.42 13 ms 13 ms 13 ms 210.245.0.97 14 ms 13 ms 14 ms 210.245.1.1 207 ms 230 ms 94 ms pos8-2.br01.hkg04.pccwbtn.net [63.218.115.45] * 403 ms 393 ms 0.so-0-1-0.XT1.SCL2.ALTER.NET [152.63.57.50] 338 ms 393 ms 370 ms 0.so-7-0-0.XL1.SJC1.ALTER.NET [152.63.55.106] 402 ms 404 ms 329 ms POS1-0.XR1.SJC1.ALTER.NET [152.63.55.113] 272 ms 288 ms 310 ms 193.ATM7-0.GW3.SJC1.ALTER.NET [152.63.49.29] 205 ms 206 ms 204 ms wide-mae-gw.customer.alter.net [157.130.206.42] 427 ms 403 ms 370 ms ve-13.foundry2.otemachi.wide.ad.jp [192.50.36.62] 395 ms 399 ms 417 ms ve-4.foundry3.nezu.wide.ad.jp [203.178.138.244] 355 ms 356 ms 378 ms ve-3705.cisco2.komatsu.wide.ad.jp [203.178.136.193] 388 ms 398 ms 414 ms c76.jaist.ac.jp [203.178.138.174] 438 ms 377 ms 435 ms www.jaist.ac.jp [150.65.5.208]

Trace complete.
55

Traceroute v ICMP: C ch ho t ng
Bn g i truy n gi tin cho bn nh n Gi th nh t c TTL =1 Gi th 2 c TTL=2, Khi gi tin th n n router th n: Router h y gi tin G i tr l i m t gi tin ICMP (type 11, code 0) C ch a tn v a ch IP c a router khi nh n c gi tin tr l i, bn g i s tnh ra RTT

56

Traceroute v ICMP
i u ki n k t thc Gi tin n c ch ch tr v gi tin ICMP host unreachable (type 3, code 3) Khi ngu n nh n c gi tin ICMP ny s d ng l i M i gi tin l p l i 3 l n
3 probes 3 probes
57

3 probes

Traceroute: V d
C:\Documents and Settings\hongson>tracert www.jaist.ac.jp Tracing route to www.jaist.ac.jp [150.65.5.208] over a maximum of 30 hops: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 ms <1 ms <1 ms 192.168.1.1 15 ms 14 ms 13 ms 210.245.0.42 13 ms 13 ms 13 ms 210.245.0.97 14 ms 13 ms 14 ms 210.245.1.1 207 ms 230 ms 94 ms pos8-2.br01.hkg04.pccwbtn.net [63.218.115.45] * 403 ms 393 ms 0.so-0-1-0.XT1.SCL2.ALTER.NET [152.63.57.50] 338 ms 393 ms 370 ms 0.so-7-0-0.XL1.SJC1.ALTER.NET [152.63.55.106] 402 ms 404 ms 329 ms POS1-0.XR1.SJC1.ALTER.NET [152.63.55.113] 272 ms 288 ms 310 ms 193.ATM7-0.GW3.SJC1.ALTER.NET [152.63.49.29] 205 ms 206 ms 204 ms wide-mae-gw.customer.alter.net [157.130.206.42] 427 ms 403 ms 370 ms ve-13.foundry2.otemachi.wide.ad.jp [192.50.36.62] 395 ms 399 ms 417 ms ve-4.foundry3.nezu.wide.ad.jp [203.178.138.244] 355 ms 356 ms 378 ms ve-3705.cisco2.komatsu.wide.ad.jp [203.178.136.193] 388 ms 398 ms 414 ms c76.jaist.ac.jp [203.178.138.174] 438 ms 377 ms 435 ms www.jaist.ac.jp [150.65.5.208]

Trace complete.
58

T ng k t
Giao th c IP
a ch v khun d ng gi tin M ng con, m t n m ng

Giao th c ICMP
Khun d ng gi tin Ping, Traceroute

59

Tu n t i: ti p t c v t ng m ng
V n ch n ng B nh tuy n, b ng ch n ng Ch n ng tnh v ch n ng ng

60