Professional Documents
Culture Documents
Adapted from the notes by Lami Kaya and lecture slides from Anan Phonphoem
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.
© The McGraw-Hill Companies, Inc.
Outline
Address Resolution Protocol (ARP)
Internet Control Message Protocol (ICMP)
Dynamic Host Configuration Protocol (DHCP)
Network Address Translation (NAT)
2
Address Resolution Protocol
(ARP)
Address Resolution
Recall the forwarding process
Forwarding uses IP addresses
A MAC address is needed to communicate with
the next hop
IP must translate the next-hop IP address to
a MAC address
The translation process is known as address
resolution
Address resolution is local to a network
4
Address Resolution
One computer can resolve the address of
another computer only if both computers
attach to the same physical network
Resolve
Resolve
5
ARP
RFC 826 - Address Resolution Protocol
ARP maps any network level address (such
as IP) to its corresponding data link address
(such as Ethernet)
Supporting protocol in data link layers
Not data link layer protocol itself
6
ARP Protocol
1 2 7
ARP Protocol
ARP response
I’m IP 158.109.33.200
ARP response My physical address is
01-12-33-3A-C2-23
1 2 8
Conceptual Address Boundary
9
ARP Cache
Sending an ARP request for each datagram is
inefficient
Three frames traverse the network for each datagram
ARP request, ARP response, and the data datagram itself
ARP cache is used to reduce network traffic
ARP saves the information from a response
so it can be used for subsequent packets
The software does not keep the information indefinitely
Instead, ARP maintains a small table of bindings in memory
10
ARP from Command Prompt
entry in ARP table
C:\> arp -a
www.cpe.ku.ac.th (158.108.33.5) at 0:0:e8:15:cc:c
$ ping garnet.cpe.ku.ac.th
:
C:\> arp -a
router.cpe.ku.ac.th (158.108.33.1) at 0:0:c:6:13:4a
cc.cpe.ku.ac.th (158.108.33.2) at 2:60:8c:2e:b5:8b
www.cpe.ku.ac.th (158.108.33.5) at 0:0:e8:15:cc:c
11
Error Reporting Mechanisms
Error Reporting Mechanisms
IP problems
Best effort
Data can be
lost, duplicate, delay, out-of-order
Error detection of IP
checksum
if error, discard frame (cannot send back error
message – no trust in the header)
IP requires additional helpers
Internet Control Message Protocol (ICMP)
13
ICMP
RFC 792
IP supporter
For error generating
Transmission problem
Time to live (TTL) exceed
Destination unreachable
etc.
Serve as useful diagnostic tools
ping, traceroute
14
ICMP
ICMP error messages never generates due to:
ICMP error messages themselves
Broadcast/Multicast (prevent broadcast Storms)
What are Broadcast Storms ?
A large number of broadcast frames transmitted nearly
simultaneous
LAN may freeze!
15
ICMP encapsulation
IP hdr IP data
16
Ethernet Frame Containing
ICMP packet
IP
DA SA T Type Code Other info.
header
Frame (Ethernet) Header IP Header ICMP
0 15 16 31
type:8 code:8 checksum:16
Content specific
18
ICMP Messages
19
Diagnostic Tools: ping
ping request
ping reply
Generate an ICMP echo request
Receive the ICMP echo reply
All TCP/IP node is supposed to implement
ICMP and respond to ICMP echo
20
ping command (#1)
Send a single echo request / wait for a reply
Resend another request if no reply (1 sec.)
Repeat until receive at least one reply or stop after
time out
21
ping command (#2)
Send an echo request message every
seconds
Records the time it takes for each reply
Every echo request contains a unique
sequence number to match replies and
request
Record round-trip timing
Perform packet lost statistics
22
ping example
$ ping iwing.cpe.ku.ac.th
PING iwing.cpe.ku.ac.th (158.108.32.199) from 158.108.32.31 : 56(84) bytes of data.
Warning: time of day goes back, taking countermeasures.
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=0 ttl=252 time=1.187 msec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=1 ttl=252 time=601 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=2 ttl=252 time=594 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=3 ttl=252 time=594 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=4 ttl=252 time=585 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=5 ttl=252 time=590 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=6 ttl=252 time=584 usec
64 bytes from iwing.cpe.ku.ac.th (158.108.32.199): icmp_seq=7 ttl=252 time=587 usec
23
ping as debugging tools
What we get from ping?
Timing information
Connection reliability
Destination is reachable (routable)
IP layer is functional, but no guarantee for other
higher layer protocols
24
ping results
No response
Target host inactive or no connection
Lost packet (significant when >2-3%)
Transmission error on WAN/LAN
Overloading bridges/routers
Varying round-trip time
host/network overloading
No lost and round-trip time is reasonably constant
Congratulations! That’s all we want.
25
Diagnostic Tools: traceroute
Command to determine the active route to a destination
address
How does it work?
send a UDP messages to an unused port on the target host with
ttl=1
router decrease ttl to 0, it has to return an ICMP time exceed
message
traceroute sets ttl =2 and retransmits, this time go one more hop
ttl++ until UDP messages reach the destination.
the target returns an ICMP service unavailable because there is no
UDP port service.
26
How traceroute works?
UDP(TTL =1)
Destination unused port #
27
How traceroute works?
UDP(TTL
TTL = 0=1)
ICMP(time exceed)
UDP(TTL =1)
28
How traceroute works?
UDP(TTL
ICMP(time
TTL = 0=1)
exceed)
UDP(TTL
ICMP(time=2)
=1)
exceed)
UDP(TTL
ICMP(time=2)
exceed)
29
How traceroute works?
UDP(TTL =8)
UDP(TTL =9)
ICMP(port
UDP(TTL =10)
unreachable) ICMP(port UDP(TTL
unreachable)
=0)
30
Traceroute example
$ traceroute iwing.cpe.ku.ac.th
traceroute to iwing.cpe.ku.ac.th (158.108.32.199), 30 hops max, 38 byte
packets
1 fe-cpegw2-server (158.108.32.1) 0.851 ms 0.782 ms 0.683 ms
2 gb-cpegwbb-cpegw (158.108.35.10) 0.387 ms 0.368 ms 0.337 ms
3 gb-cpec4k6-cpec6k (158.108.35.114) 0.685 ms 0.654 ms 0.613 ms
4 iwing (158.108.32.199) 0.506 ms 0.439 ms 0.418 ms
31
Traceroute example
$ traceroute www.umass.edu
traceroute to www.umass.edu (128.119.101.5), 30 hops max, 38 byte packets
1 fe-cpegw2-server (158.108.32.1) 0.855 ms 0.737 ms 0.700 ms
2 gb-cpegwbb-cpegw (158.108.35.10) 0.430 ms 0.409 ms 0.359 ms
3 158.108.254.37 (158.108.254.37) 0.488 ms 0.469 ms 0.401 ms
4 158.108.251.54 (158.108.251.54) 0.558 ms 0.617 ms 0.733 ms
5 158.108.251.57 (158.108.251.57) 1.121 ms 0.919 ms 1.046 ms
6 202.28.213.1 (202.28.213.1) 1.311 ms 1.758 ms 1.154 ms
7 202.28.212.29 (202.28.212.29) 1.531 ms 1.445 ms 1.189 ms
8 202.28.212.2 (202.28.212.2) 1.456 ms 1.532 ms 1.151 ms
9 S1-1.R00.LA-POP.uni.net.th (202.28.28.162) 226.026 ms 226.043 ms 225.962 ms
10 63.216.18.53 (63.216.18.53) 253.741 ms 239.317 ms 249.022 ms
11 snvang-losang.abilene.ucaid.edu (198.32.8.95) 233.765 ms 239.165 ms 240.522 ms
12 dnvrng-snvang.abilene.ucaid.edu (198.32.8.2) 258.216 ms 258.599 ms *
13 kscyng-dnvrng.abilene.ucaid.edu (198.32.8.14) 269.012 ms 268.717 ms 318.331 ms
…
19 nox300gw1-PEER-NoX-UMASS-192-5-89-102.nox.org (192.5.89.102) 310.155 ms 310.240 ms
344.973 ms
20 lgrc-rt-106-8.gw.umass.edu (128.119.2.193) 323.127 ms 325.108 ms 313.802 ms
21 lgrc-rt-106-6.gw.umass.edu (128.119.2.185) 310.291 ms 321.111 ms 309.874 ms
22 * * *
23 * * *
32
Dynamic Host Configuration
Protocol (DHCP)
DHCP
Allows a computer to join a new network and
obtain networking parameters automatically
IP address
Subnet mask
Default router (gateway) address
DNS server's address
etc.
The concept has been termed plug-and-play
networking
34
DHCP Message Format
35
DHCP Operation
Client DHCP Server
DHCP OFFER
DHCP REQUEST
DHCP ACK
36
DHCP Discover Message
Broadcast by clients
37
DHCP Offer Message
Sent directly to client
38
Assigned Address Types
We can configure a DHCP server to supply
two types of addresses:
Permanently assigned addresses
Typically assigned to servers
A pool of dynamic addresses to be allocated on
demand
Typically assigned to arbitrary hosts
39
Address Leasing
DHCP issues a lease on the address for a
finite period
Thus allows a DHCP server to reclaim addresses
When a lease expires, a host can choose to
relinquish the address or renegotiate with
DHCP to extend the lease
If approved, a computer continues to operate
without any interruption
If a server denies an extension request, the host
must stop using the address
40
DHCP Relay Agents
DHCP discover messages are broadcast locally
These messages are not forwarded by routers
DHCP Server
10.1.4.2
10.1.2.11
10.1.1.10
10.1.4.1
10.1.1.11 DHCP
DISCOVER
10.1.1.1 10.1.2.1
New client
Router
10.1.1.12
10.1.2.12
10.1.4.2
10.1.2.11
2
10.1.1.10
DHCP DISCOVER
(Unicast)
10.1.4.1 1
10.1.1.11 DHCP
10.1.1.1 10.1.2.1 DISCOVER
New client
Router &
10.1.1.12
DHCP Relay 10.1.2.12
10.1.4.2 3
10.1.2.11
DHCP OFFER
10.1.1.10
5
4
10.1.4.1 DHCP Client
10.1.1.11 OFFER accepts IP
10.1.1.1 10.1.2.1
New client
Router &
10.1.1.12
DHCP Relay 10.1.2.12
46
Private Addresses
Internet routers will not route packets whose
destination addresses fall within these ranges
47
Basic NAT Operation
Address Translation Table:
Inside Outside
10.0.0.3 158.108.3.4
NAT Router
SA = 10.0.0.3 SA = 158.108.3.4
DA = 128.23.2.2 DA = 128.23.2.2
SA = 128.23.2.2 SA = 128.23.2.2
DA = 10.0.0.3 DA = 158.108.3.4
48
Address Pooling
SA = 10.0.0.2 SA = 158.108.3.5
NAT Router
DA = 130.2.1.5 DA = 130.2.1.5
SA = 10.0.0.3 SA = 158.108.3.4
DA = 128.23.2.2 DA = 128.23.2.2
49
Advantages of Using NAT
Eliminates need to reassign addresses when
changing to a new ISP
Protects network security
Balances load
SA = 202.1.3.8
DA = 158.108.1.6
10.1.1.1
Internet
SA = 128.23.2.2
DA = 158.108.1.6
10.1.1.2
Preserves IP addresses
50
Port Translation
Single public IP address is mapped to
multiple hosts in a private network
In this case, NAT router modifies the port
numbers for outgoing traffic
Known as NAPT or PAT
51
NAPT Operation
Address Translation Table:
Inside Outside
10.0.0.3:2322 158.108.3.4:4511
NAT Router
SA = 10.0.0.3:2322 SA = 158.108.3.4:4511
DA = 128.23.2.2:80 DA = 128.23.2.2:80
SA = 128.23.2.2:80 SA = 128.23.2.2:80
DA = 10.0.0.3:2322 DA = 158.108.3.4:4511
52
NAT/NAPT for Home Users
Wireless router has NAT/NAPT functionality
built in
Along with DHCP and switch functionalities
Map all IP
addresses to single
192.168.1.11 routable address
Wireless Router
Internet
DSL/Cable Modem
192.168.1.9
192.168.1.5 192.168.1.6
53
NAT Performance
How much work does NAT do?
IP Header TCP Header
vsn len tos total length source port destination port
identification flgs fragment offset sequence number
TTL protocol header checksum acknowledgment number
source IP address hlen rsv flags window size
destination IP address TCP checksum urgent pointer
IP option TCP option
DATA DATA
PORT 15,2,10,12,7,208
RETR myfile.zip
Establish data connection; send file Establish data connection; send file
Issues with NAT
Increases resource and performance
requirements for routers
Not just address/port substitution
Checksum, L4 header, ALG
Break end-to-end transparency paradigm
NAT modifies packets in route
Cripples certain applications/protocols
More Information
RFC 3022 – Traditional IP Network Address
Translator