IND426 Tutorial 7 (Solutions)

(Roberto Togneri 1998)

There is no options+padding and the data is that of an ICMP packet:

Type(8) = 8 (ICMP Request Packet, from ping) Code(8) = 0 Checksum(16) = 0x5b90 Identifier(16) = 0xf270 Sequence Number(16) = 0x0000 (this is the first ping packet)

1.

The UNIX tcpdump has produced the following output trace for an IP datagram on the network (only the first 68 bytes of the IP datagram are displayed):
4500 0054 5402 0000 4001 9166 825f 483d 825f 4845 0800 5b90 f270 0000 7444 3034 1183 0900 0809 0a0b 0c0d 0e0f 1011 1213 1415 1617 1819

Hence this is an ECHO Request ICMP packet sent from host 130.95.72.61 to host 130.95.72.69. An ECHO Reply ICMP packet will be generated if host 130.95.72.69 is up and running.

Analyse and interpret all the IP header fields and determine the function of the datagram, the source, the destination and any consequences arising from processing the datagram. Solution

2.

(a)

(b)

(c)

IPv4 has a header checksum which checks over the IP header but not the data. Given that it is the data which is important for the end-user why doesn't the checksum extend to both the data and header? For efficiency the ordering of the fields in the IP header should be in the order of processing. Given the importance of the destination address in routing why are the source and destination address fields in the latter part of the header rather than at the beginning? ARP and ICMP are request/response IP protocols. Why is ICMP encapsulated in an IP datagram whereas ARP is not?

4500
Version = 4 (IP version 4) IHL = 5 (5 32-bit words 20 octets) Type of Service = 00 (unused)

0054
Total Length = 84 octets (64 bytes of data)

5402
Identifier = 0x5402

Solution (a) Correct reception of the IP datagram is of concern to any routers along the way and the final destination. Routers are only concerned with the integrity of the IP header which is used to make correct routing decisions and hence only the IP header needs to be checked. If data were also included (so that corrupt data can be immediately discarded) this would require a more complex checksum operation for checking the integrity of data and for generating checksums. It would also mean the data would need to be stored for such processing. For the destination user the transport layer can be used to check the integrity of the IP datagram data. (b) The non-address fields of the IP header are important for identifying datagrams and fragments, allocating buffer space, checking the integrity of the IP header and determining whether this packet has exceeded its TTL and these operations need should be performed first. The address fields are important for routing and for checking that the datagram has arrived at the correct host and these operations can be performed after the datagram has correctly arrived and is ready for the 'next' step. However with fixed-size fields once the IP version number is known (which must be the first field!) the location of the other fields may not be that important. On the otherhand, the earlier the address fields occur in the header the sooner the router can start the route decision process, and this may be a good argument for relocating the address fields near the beginning rather than at the end of the header. (c) The ICMP packet is transported (i.e. routed) across the Internet and this can only be done by IP, hence it needs to be enclosed within an IP datagram. The ARP packet is only defined within the local directly connected LAN and does present any IP level functionality (e.g. routing) so there is no need for an IP header.

0000
Flags = 0 Fragment Offset = 0

4001 9166 825f 483d 825f 4845

this is a complete datagram

Time to live = 64 hops Protocol = 0x01 ICMP packet! Header Checksum = 0x9166

130.95.72.61 Destination Address = 82.5f.48.45 130.95.72.69

Source Address = 82.5f.48.3d

3.

Consider three IP sub-networks A, B and C which are fully interconnected by three different links. The same supplier and technology is used to connect B to A and C but a supplier which is 3 times more expensive was used to connect A and C. Initially the routing table for each host is set to use the directly connected link to the appropriate destination network using the default link costs. (a) Show what happens to As routing table by detailing the next and subsequent RIP update operations. Hence describe the steady-state routing between the three networks. (b) Assume the steady-state in (a) applies and router B goes down. Detail the next and subsequent RIP updates and show what happens to As routing table. How many updates are required to reach steady-state and how does this compare with (a)? Assume that the running costs to use the link form the link costs used by RIP. Solution (a) Assume link costs are as follows: {A and B} = {B and C} = 1 and {A and C} = 3 Initial Routing Table for A and updates from B and C
Dest Next-Hop Cost
Costs from B Costs from C

Second update
Dest Next-Hop Cost

A 0 B C 7 C C 3 The update to the routing table for C is similarly affected. On the third update from C the cost of going to B through C is now 7 (cost to B from C) + 3 (link cost to C) = 10, so: Third update
Dest Next-Hop Cost

A 0 B C 10 C C 3 and hence the cost will be 13 at the fourth updated, and 16 at the fifth update and since 16 is treated as infinity A realises that there is no route to B after the fifth RIP update. In (a) the steady-state was reached after the first update, but when B goes down 5 updates are needed.

A 0 1 3 B B 1 0 1 C C 3 1 0 RIP algorithm computes (New Cost) = minimum over B and C of {(Cost from B) + (Link cost to B)}. This does not change the cost or next-hop from A to B. But the cost from A to C through B is 1 (cost from B to C) + 1 (link cost from A to B) = 2 and this is a lower cost than 3, so: First update to Routing Table for A
Dest Next-Hop Cost

4.

(a) (b)

(c)

A 0 B B 1 C B 2 Second and subsequent updates do not change this cost. The steady-state routing is for A to use B to get to either B (direct) to C (through B) and similarly for C. Thus the link {A and C} is not used. (b) Steady-state Routing Table for A: Steady-state
Dest Next-Hop Cost

What are the pros and cons of intermediate reassembly of an internet segmented datagram versus reassembly only at the final destination? Would the spanning tree approach (as is used by bridges) be good for an internet including routers? Explain. And should internetworking be concerned with a networks internal routing? Why or why not? All hosts within the UWA campus have been assigned the class B network address 130.95.0.0. However within the UWA campus different departments and groups are assigned class C addresses (e.g. 130.95.72.0, 130.95.208.0, 130.95.128.0, etc.). Explain how this would simplify the routing of IP datagrams from hosts outside UWA to hosts within UWA? [Hint: consider the case where arbitrary class C network addresses were assigned to different departments and groups]

A 0 B B 1 C B 2 B now goes down and A no longer receives updates from B so the entry for B is expired and the next update from C is used to provide a path to B through C at a cost of 1 (cost to B from C) + 3 (link cost to C) = 4, and a direct path to C at a cost of 3, so: First update
Dest Next-Hop Cost

Solution (a) If intermediate reassembly is not allowed, the datagram must eventually be segmented to the smallest allowable size along the route. Once the datagram has passed through the network that imposes the smallest-size restriction, the segments may be unnecessarily small for later networks, degrading performance. Furthermore, if a fragment is lost this would be detected at the next reassembly point and the complete datagram can be discarded immediately On the other hand, intermediate reassembly requires compute and buffer resources at the intermediate routers. Furthermore, all segments of a given original datagram would have to pass through the same intermediate node for reassembly, which would prohibit dynamic routing (b) A spanning tree approach would not be a good idea since such an approach does not scale up to the size of the Internet. It also does not permit load balancing and adaptive routing around congested and unreachable routers without a recalculation of the spanning tree. No there is no need for IP to be concerned with the internal mechanisms of the network used to transport IP datagrams (be it Ethernet or ATM). One good reason is that this would violate the principle of separation of layers which is of necessity for handling the diversity of computer communications.

A 0 B C 4 C C 3 The update to the routing table for C is similarly affected. On the second update from C the cost of going to B through C is now 4 (cost to B from C ) + 3( link cost to C) = 7, so:

(c) The routing tables for hosts outside of UWA need only have one entry for all the hosts located within UWA:
Destination = 130.95.0.0 Gateway = XX.XX.XX.XX Netmask = 255.255.0.0 Interface = YY

It is assumed that the class B address 130.95.0.0 is exclusive to UWA and all networking to and from UWA is across a single gateway or interface. With arbitrary class C sub-networks each sub-network would have to have a separate entry in the routing table even though the path taken would be the same for sub-networks located on the UWA campus.

5.

(a)

(b)

Because of fragmentation, an IP datagram can arrive in several pieces (fragments), not necessarily in the correct order. The IP entity at the receiving-end system must accumulate these fragments until the original datagram is reconstituted. Describe in as much detail as you can how the IP entity is triggered to invoke the reassembly procedure and how the reassembly procedure is implemented. Discuss any special issues and considerations which you are unable to implement. [Note: if you are an IT or CS major derive the pseudo-code of the routing including the necessary structures that are needed] The IP checksum needs to be recalculated at routers because of changes to the IP header, such as the ttl field. It is possible to recalculate the checksum from scratch. But is there an easier way?

Solution (a) When the IP entity sees either a non-zero Fragment Offset or the M bit set to 1 the reassembly routine is triggered. The Total Length is used to allocate the buffer space used to reassemble the datagram and each fragment received is copied to the correct location (buffer address) based on the Fragment Offset field. The main problem is knowing when the datagram is ready. Counting the fragments received is no good since duplicates are possible. One solution is to use a linked-list structure to track the holes, in a similar fashion to the free memory or free block management used by operating systems in memory and file management. (b) Since the old checksum, Cold, is formed by the ones complement of the sum, Sold, by ones complement of all 16-bit words in the header (i.e. Cold = ~(Sold)), if Z represents the change in one of these 16-bit words (e.g. if the ttl field is decremented by 1 than Z = -1) then, Snew = Sold + Z, and Cnew = ~(Snew) = ~(Sold + Z) = Cold + ~(Z), hence: Cnew = Cold + ~(Z)