Вы находитесь на странице: 1из 37


Alexander Zangerl (az@bond.edu.au)

Bond University


1 / 37

global network of networks, network of connecting hosts

is a public, cooperative, and self-sustaining facility accessible to people worldwide hosts can transparently communicate with each other based on IP packet-switching uses:
IP, Internet Protocol


2 / 37

TCP/IP Stack
protocol family used on the Internet consists of:
Application Layer Transport Layer Network Layer Interface to Link Layer


3 / 37

IP, Internet Protocol

is a:
connection-less protocol

used to deliver packets across multiple links Data Link technology independent own logical addressing scheme and path determination packet-switched: every packet carries source and destination address connection-less: no continuing connection between end-hosts, no path is established before transmitting and no context is saved unreliable delivery (reliability provided by transport layer) Features:
delays of packets: router too busy loss of packets: buer overow in router duplication of packets: retransmission by sender out-of-sequence: packets can go dierent path (reordered at transport layer) fragmentation: links with less bandwidth (reassembling of fragmented packets done by IP)
TCP/IP 4 / 37

IP, Internet Protocol (cont.)

IPv4, IP version 4 IPv6, IP version 6


5 / 37

small units of data called packets are routed through a network based on the destination address contained within each packet

breaking data up into packets allows the same data path to be shared among many users on the network


6 / 37

connection-less protocol
communication method in which communication occurs between hosts with no previous setup

each packet is treated independently and may take dierent routes example
IP, UDP, X.25


7 / 37

connection-oriented protocol
communication method in which communication occurs between hosts only after a connection is established

three well-dened phases: connection establishment, data transfer, connection release virtual circuit between two endpoints features
high level of reliability



8 / 37

IPv4, IP version 4
IPv4 was initially deployed on 1 January 1983 widely used version of IP addresses today 32 bit long, split up into classes problems
address shortage problem due to classful addressing wasteful, not all addresses can be used rapid growth in the size of the Internet causes bigger routing tables


9 / 37

IPv6, IP version 6
next generation protocol to replace the current IPv4

deployment of the IPv6 protocol began in 1999 designed to solve problems of IPv4: address depletion, security, auto-conguration, extensibility, and more larger IP address space, addresses are 128 bit long issues
due to longer addresses the packet becomes longer, impact of TCP and timing application programs until now they assume IP address 4 bytes long (rewriting necessary)

http://www.ipv6.org/ http://www.potaroo.net/ispcolumn/ 2003-07-v4-address-lifetime/ale.html


10 / 37

IP address
logical address used to communicate over the Internet (public IP address) identies network and/or specic host on a network assigning of IP addresses by public and private organisations IPV4: 32-bits (four octets), numeric address, range: 0 to theoretically 4,294,967,296 unique addresses notation
written as four numbers separated by periods: binary : 100000000.10000010.01111011.00001010 decimal: 2156034826


11 / 37

IP Address Space
is hierarchically ordered (otherwise, everybody would have to know everybody elses IP address + location -> unworkable) hierarchy of IP Networks each of which has specic size old-style: addresses belong to a number of classes which determine size nowadays: every network has its own, specic size currently two types of IP addresses in active use: IPv4 and IPv6 both are assigned in a delegated manner users are assigned IP addresses by ISPs ISPs obtain allocations of IP addresses blocks from a local, national or regional Internet registry (LIR, NIR, RIR)


12 / 37

IP Address Space (cont.)

http: //www.iana.org/assignments/ipv4-address-space consists of:
Class A Class B Class C Class D Class E Reserved IP addresses Private IP address


13 / 37

IP Network
contains a number of related IP host addresses relationship: topological neighbours, i.e. in the same LAN benet
IP path determination only requires knowledge of networks, not individual host addresses

like postal addresses: city vs. street number vs. unit number every IP network has start and end address start and end must fall on particular numbers reason:
IP address is split into network and host part at a bit-boundary.

two addresses in every IP net reserved/special purpose: rst (=the net itself), last (=broadcast)


14 / 37

Network mask
denes where boundary between network and host parts of IP address is (design decision: network part is left part of address, host right) netmask has a binary 1 for network bits, a 0 for host bits result:
IP address AND netmask = network-part of that IP address masks o the network part, host part is zeroed

can be given in three equivalent ways: mask-length, dotted-quad or binary example:

/27 1111 1111 1111 1111 1111 1111 1110 0000

each denes a network with the last 5 bits for hosts

TCP/IP 15 / 37

Network mask (cont.)

each such network has 25=32 addresses (30 host-usable ones)

note: netmask cannot have any holes


16 / 37

Class A
uses rst octet to determine network, remaining octets identify host starts with 0xxxx rst octet from 1 to 126 total number of networks: 127 total number of possible hosts in each network: 16,777,214 class A IP addresses assigned to large corporations (IBM, Xerox, Apple, AT&T, Hewlett Packard,..)


17 / 37

Class B
uses rst two octets to determine network, remaining octets identify host starts with 10xx rst octet from 128 to 191 total number of networks: 16,384 total number of possible hosts in each network: 65,534 class B IP addresses assigned to mid-sized corporations


18 / 37

Class C
uses rst three octets to determine network, remaining octet identies host starts with 110x rst octet from 192 to 223 total number of networks: 2,097,152 total number of possible hosts in each network: 254 class C IP addresses assigned to small companies


19 / 37

Class D
not available for general use used for multicasting (video conference) starts with 1110 rst octet from 224 to 239


20 / 37

Class E
starts with 1111 rst octet from 240 to 254 not available for general use experimental purposes only


21 / 37

Private IP address

are used on private intranets that are isolated from the Internet no router will forward packets with this addresses IANA has reserved blocks of the IP address space for private intranets through through through


22 / 37

Reserved IP addresses
few IP addresses are reserved for special use by TCP/IP loopback address (indicates your own workstation) commonly used for troubleshooting, local loops and network testing broadcast messages currently unassigned IP address


23 / 37

IP Packet
consists of:
IP-header Packet payload


24 / 37

header is 20 bytes long (longer if options are present) Parts:
version: IPv4 or IPv6 total length: length of header and data fragment oset: if fragmented when routed over link with less bandwidth time to live: number of hops which the packet may be routed over, decremented by routers to prevent routing loops protocol: type of packet being carried (TCP, UDP, ICMP..) header checksum: covers IP header not data, recalculated when TTL decreases source address and destination address: IP address of the original sender and nal destination

is checked by router to make routing decision addresses never change enroute (unless NAT-ed), TTL and checksum change every time router is passed
TCP/IP 25 / 37

act of moving information across a network from a source to destination determines optimal routing paths and directs packets through a network default routing: in case destination network unknown, default gateway used host routing: optionally, adds routes for specic hosts


26 / 37

Routing Decision
decision has to made by every machine sending or forwarding IP packet this includes the originator, too! choice is made based on neighborhood relation with target: question:
is the target in the same IP network or not?

netmask is used to get network part of target IP if same as our network part: target is a neighbor! instances:
Direct Transmission Forwarding to other Router Dropping the packet


27 / 37

Direct Transmission
if the target is nearby, we can talk to it directly nearby: member of the same IP network, i.e. same LAN result:
Layer 2 is used to send the packet directly


28 / 37

Forwarding to other Router

if we cant reach the target directly, but if we know somebody who might: the packet can be forwarded to that intermediary result:
Layer 2 is used to send the packet to this router

note: most hosts know up to one router, aka. default gateway


29 / 37

Dropping the packet

if we cant reach the target directly, and if we know no router to help us out: only remaining choice is failure result:
the packet is dropped, lost.

optionally an ICMP error indication can be sent to originator


30 / 37

device which determines the next network point to which a packet should be forwarded toward its destination

uses network part of destination IP address and routing table to determine next hop routes networks only (keeps routing table smaller) connects (at least 2) networks can be special hardware or software for home users rst router will be at ISP, for company within its network


31 / 37

Routing Table
allows router to determine best path to destination address entries: network, network mask, next router, cost default gateway: in case network completely unknown static routing uses precongured entries, have to be changed manually dynamic routing uses routing protocols (RIP, OSPF,...) for periodically updating routes known by peer routers


32 / 37

dividing network into subnets and still be connected to the Internet with a single shared network address

useful for security and performance reasons trac can be better controlled

closest router uses subnet mask to route packets from subnet to subnet tutorial

bits from host portion are borrowed to identify subnets: -> losing addresses subnet mask tells how many bits are used for subnetting rst address on each subnet cannot be used: represents subnet itself last address on each subnet cannot be used: is broadcast address
TCP/IP 33 / 37

CIDR, Classless Inter-Domain Routing

addressing scheme for the Internet which allows for more ecient allocation of IP addresses performs route aggregation single route can cover the address space of several old-style network numbers 32-bit IP address and information on how many bits are used for the network prex (e.g. ISPs have pool of IP addresses from which customer gets a portion (block) distant routers route only IP address blocks, not individual networks ISP routes then to its customers observation
the bigger the ISP the larger the blocks

in 90ies ISPs collected IP addresses back from their users and reallocated them 91 /8 blocks are available in 2003

http: //www.iana.org/assignments/ipv4-address-space
TCP/IP 34 / 37

4 sequential class C networks used as block supernetting address: 22 bits have been used for network addressing hosts from to block starts with


35 / 37

NAT, Network Address Translation

maps local private network address(es) to one or more public IP address(es) unmaps back incoming packets

security: hiding internal addresses gain IP space by using private IP addresses

outgoing: replace private IP address with public and forward packet incoming: replacing public IP address with private IP address and forward packet keep a connection table for this mapping external trac uses public IP


36 / 37

connection, usually encrypted, that connects two computers across another, usually untrusted network

generally done by encapsulating the private network data within the public network transmission unit (wrap x in y) observation
routing nodes on the public network are unaware that the transmission is part of a private network

original entire packet (incl. header) is encrypted, put into another packet and sent over Internet example
Generic Routing Encapsulation (GRE) Protocol PPTP extension of PPP, mostly for Windows IPSEC (Internet Security Protocol): supports secure exchange of packets at the IP layer deployed widely to implement VPN


37 / 37