1 / 178

The Rapid Fire Survey of IP / UDP / TCP

The Rapid Fire Survey of IP / UDP / TCP. Dirk Grunwald Assoc. Professor Dept. of Computer Science University of Colorado, Boulder. Review. IP (Internet protocol) is designed to connect networks that are Possibly managed by multiple organizations / people

Download Presentation

The Rapid Fire Survey of IP / UDP / TCP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Rapid Fire Survey ofIP / UDP / TCP Dirk GrunwaldAssoc. ProfessorDept. of Computer ScienceUniversity of Colorado, Boulder

  2. Review • IP (Internet protocol) is designed to connect networks that are • Possibly managed by multiple organizations / people • May have different physical connections • May be connected via a sequence of arbitrary intermediaries • A layered approach is used simplify application & protocol design

  3. Protocol Layering FTP FTP TCP TCP IP IP Ethernet Token Ring IP

  4. Review • The link layer deals with the actual transport of bits across a physical medium. • The network layer abstracts the characteristics of the different link layers to a common layer (e.g. IP) and provides management functions at that layer. • The transport layer adds various features: • Reliable communication (tcp) • Arbitrary message sizes (udp) • The application layer is the API provided to the programmer. Protocols are defined above that.

  5. Problems to identify & solve • Addressing • How do we “name” applications? • How do we “name” connections? • How do we “name” computers? • For humans • Across networks • Within a physical network • How do we deal with a decentralized organization? • Who arbitrates decisions? • Who defines standards? • How do we deal with a plurality of physical networks?

  6. Naming & Addresses • Addresses are defined across three layers • Physical / link level • Medium Access Control (MAC) • Network/IP level • IP address • Transport/application level • Ports

  7. Media Access and Control • Media can be arbitrated or be susceptible to collision • Arbitrated – Token Ring or 802.11 in PCF mode • Collision – Ethernet, 802.11 in adhoc mode • A “Collision domain” includes all the nodes that may be affected by a collision

  8. A hub is a single collision domain, although it has a physical “hub and spoke” topology A switch is a set of distinct collision domains.Frames destined for another collision domain are “switched” from one domain to another Hubs & Switches

  9. Addressing at the physical layer • “Ethernet” (or 802.3) networks specify a 48-bit physical “MAC address” • 00-00-f8-75-5b-a6 -- Unique identifier for the network interface card (NIC) • Address ranges are assigned to specific vendorsE.g., “00-00” is Digital Equipment corp. • Certain MAC addresses mean “broadcast”

  10. Addressing at the physical/link layer • Frames are “delivered” to NIC’s with that specific MAC address (or all w/broadcast) • A hub presents each frame to all NIC’s • A switch moves frames from one collision domain to another based on the MAC address • A table is maintained that specifies which MAC addresses are on which collision domain. • Frames destined for an unknown MAC address are broadcast to all collision domains

  11. The reality of the world today • A 10-BaseT ethernet NIC runs ~$9 for a cheapo PCI/ISA10-BaseT via USB is ~$40. 100BaseT via PCI is $30.Gigabit NIC is ~$350. • A 4-port hub costs $40. Switches are >$70. Gigabit is much more (>$2000).

  12. More Realities • Single nodes on switches allow you to use duplex communication • Send & receive concurrently • You need to use high-qualitycabling (“Cat5”) for100 Mb/s networks • Gigabit networks currently require fiber, but cable standard now available. • Modest network bandwidth & contention is a problem you throw money at, not brains. NIC

  13. TokenRing / FDDI • A “token” circulates amoung all computers.You can only transmit if you have the token. • Variations: More than one tokenbased on lengthor e.g. WDM or FDM.

  14. More Addressing • So, at the physical layer, Ethernet/802.3 uses a MAC address • Can locate computers within a single physical network • You want to limit network size - broadcast packets still affect full network. • How do you address at the network and transport level?

  15. IP Addressing • Each host in the internet has a unique 32-bit address • I’m lying • There are three address types • Unicast communication -- destined for a single host • Broadcast communication -- destined for all hosts on a network • Multicast communication -- destined for a set of hosts that belong to a multicast group. • Note the use of “network” and “host” • Network ID’s are assigned by the InterNIC

  16. IP Addressing Class A 0 netid/7 hostid/24 Class B 1 0 netid/14 hostid/16 Class C 1 1 0 netid/21 hostid/8 Class E 1 1 1 0 multicast group/28 Class F 1 1 1 1 multicast group/28 Class Range (as “dotted quad”)A 0.0.0.0 to 127.255.255.255B 128.0.0.0 to 191.255.255.255C 192.0.0.0 to 223.255.255.255D 224.0.0.0 to 239.255.255.255E 240.0.0.0 to 255.255.255.255

  17. Problems & Subnets • A few companies got class A networks(e.g., Digital, Xerox) • Many educational institutions got class B networksE.g., my primary computer is 128.138.241.78 • Most people get class C networks. E.g., my cable modem in Palo Alto was 208.166.41.96 • Allegedly, broadcasts would go to an entire network • Obviously impractical for a Class A network.That’s 16,777,216 hosts • We’ll discuss subnetting and routing later

  18. Mapping names to numbers • Obviously, it’s hard to remember that 128.138.241.78 is my computer • But, numbers are more useful when actually switching messages • The Domain Naming System maps names to IP addresses • A tree-structured distributed database and naming scheme • Each separately administered subtree is a “zone” • Network Solutions handles registration of each “top level domain” (e.g., colorado.edu). • Sub-domains are then administered by individual groups • cs.colorado.edu • We’ll discuss how names are “resolved” later

  19. Transport Level Naming • Each NIC receives messages for a number of applications • How do we differentiate the data intended for different apps? • Each IP connection has an associated 16-bit port number. • Port numbers are contained in each TCP & UDP packet • Some port numbers are “well known services” • E.g., telnet is always port number 23 • Port numbers from 0..1023 are for well known services.Those port numbers are assigned by the Internet Assigned Numbers Authority (IANA)

  20. Transport Naming in Unix • Unix uses “reserved ports” for security • Only the superuser can create ports in the range of 0..1023. • This is used for simplistic authentication • On most unix systems, /etc/services lists the reserved ports systat 11/tcp users daytime 13/tcp daytime 13/udp netstat 15/tcp qotd 17/tcp quote text chargen 19/tcp ttytst source chargen 19/udp ttytst source ftp-data 20/tcp ftp 21/tcp ssh 22/tcp # SSH Remote Login Server ssh 22/udp # SSH Remote Login Server

  21. Representing TCP & UP • UDP is a “datagram” or “message” oriented protocol • Maps well to Ethernet, etc • TCP is a “stream oriented” • Appears to be an infinite stream of bytes • This maps to frames by “packetization” IP Packet IP Packet IP Packet IP Packet IP Packet

  22. Encapsulation • Application level communication typically has three levels of addressing • Application information (e.g., HTML headers) • Transport information (port) • Network information (IP address) • Link information (MAC address) • Each layer is “encapsulated” in the preceding layer. • We “mux” or encapsulate the message when it’s sent • We “demultiplex” the message when it arrives • Leads to layered software design

  23. Encapsulation as it goes down the “protocol stack” User Data App. App Hdr User Data TCP Hdr App Hdr User Data TCP IP Hdr TCP Hdr App Hdr User Data IP EthernetHeader IP Hdr TCP Hdr App Hdr User Data Ethernettrailer Ethernet 14 20 20 4 46-1500 bytes

  24. Demultiplexing Ethernetdriver EthernetFrame ARP IP RARP Other IPHeader ICMP TCP UDP IGMP TCP/UDPHeader App App App App

  25. Standards Bodies • Lots of arbitrary constants here! • Naming, IP assignment, protocol & header formats, etc • Largely “volunteer” organization • Internet Society -- "We are the most public secret cabal in the history of the world." - Jon Postel • Internet Architecture Board (IAB) - technical oversight & coordination body • Internet Engineering Task Force (IETF) - near-term, standards-oriented. Develops specifications that become internet standards • Internet Research Task Force (IRTF) - R&D arm

  26. Standards are embodied by RFC’s • Request for Comment (RFC) • Unique monotoniclly assigned numbers. RFC’s can not be revised, only re-issued. • All RFC’s are available on-line • www.faqs.org has nice searchable index • www.ietf.org has information on drafts and working groups

  27. Standards • Ethernet defined by Digital, Xerox and Intel • Later, the IEEE published a different set of standards • http://grouper.ieee.org/groups/802/ • 802 defines a “logical link control” common to all 802 nets • 802.3 covers many CSMA/CD networks • 802.4 covers token bus networks • 802.5 covers token ring networks • 802.11 covers wireless ethernet

  28. Standards • In the IP world, • RFC 894 defines IP-in-ethernet • RFC 1042 defines IP-in-802 • The host requirements RFC says that all hosts connected to 10-Mbit Ethernet cable should • Be able to send/receive using RFC 894 • Be able to send/receive a mix of RFC 1042 and 894 packets • May be able to send packets using RFC 1042. If either can be sent, you must default to 894 packets

  29. Ethernet & 802.3 Encapsulation • Destination MAC or hardware address • Each NIC has a unique hardware address • Source MAC or hardware address • Protocol type to allow sharing the same physical media with several different protocols • Type fields are defined by RFC 1700, which makes RFC 1340 obsolete • Some data • A checksum

  30. Ethernet Encapsulation (RFC 894) 6 6 2 46-1500 bytes 4 DestAddr. SrcAddr. Type ... CRC Payload 0800 IP Datagram 46-1500 bytes 0806 ARP request/reply PAD 28 bytes 18 bytes 8035 RARP request/reply PAD

  31. Variations • Observation • Ethernet MAC information is fixed and can be pre-computed • Data is typically fixed size • Other fields (IP and TCP headers) can vary in size and also have CRC fields for end-to-end IP checksums • RFC 893 describes “trailer encapsulation” • The IP and TCP headers move to the end of the frame • Helps in computing IP checksum • Allows more efficient use of scatter/gather DMA hardware

  32. 802.3 Encapsulation • Explicit length - number of bytes up to but not including the CRC • 802.2 LLC - link layer control common to all 802 networks and needed for e.g. wireless communication • DSAP - desination service access point (0xaa) • SSAP - source service access point (0xaa) • Control field is set to 3 • 802.2 SNAP - sub-network access protocol • Fixed origin code (0) • Type field, as in the Ethernet type field

  33. DestAddr. SrcAddr. Lth OrigCode Type ... CRC 802.3 Encapsulation 802.2LLC 802.2SNAP 802.3 MAC DSAP AA Control SSAP AA Payload has same format as Ethernet encapsulation

  34. SLIP - Serial Line IP • Specified in RFC 1055 • IP datagram is terminated by the special END (0xc0) character. Most implementations transmit END at the start as well. • If a byte in the IP datagram contains END, the 2 byte sequence 0xdb, 0xdc is transmitted (byte stuffing). • 0xdb is the SLIP escape (ESC) character. • If a byte in the IP datagram equals the SLIP ESC, the 2 byte sequence 0xdb, 0xdd is transmitted

  35. SLIP Encapsulation w/Byte Stuffing IP Datagram C0 DB DB DC DB DD C0

  36. Problems with SLIP • Each endpoint must know the IP address of the other endpoint. • There’s no TYPE field -- thus, SLIP only supports a single protocol • There’s no checksum - thus, all retransmissions are initiated by end-to-end re-transmissions

  37. PPP - Point-to-Point Protocol • Encapsulate IP datagrams on a serial link • A Link Control Protocol (LCP) to establish, configure and test the data-link connection. • This allows connection feature negotiation • A family of Network Control Protocols specific to different network layer protocols • IP • OSI networks (X.25) • DECnet • AppleTalk

  38. PPP Protocol • Byte stuffing as in SLIP/CSLIP protocol • Bytes with values less than 0x20 are also escaped to avoid problems with flow-control • Most implementations can negotiate to eliminate ADDR and CNTL fields, reducing overhead to 1 byte. FLAG Addr Cntl Proto Payload CRC FLAG

  39. MTU • Most link layers have a limit to the size of an IP datagram, or Message Transmission Unit (MTU) • If an IP datagram > MTU, then it is fragmented (Chap 11.5) Network MTU (bytes)Hyperchannel 6553516Mb token ring 179144MB token ring 4464FDDI 4352Ethernet 1500IEEE 802.3 1492X.25 576PPP 296

  40. Path MTU • Messages traverse a route or path through a network. • The smallest MTU along that path is called the Path MTU. • Not always constant, since the route between two nodes in the network can vary • Also, routing isn’t a bijective relationship, and thus the A->B MTU may differ from the B->A MTU • RFC 1191 defines “path MTU discovery”, which is the process of automatically discovering the smallest MTU along a path. • Everyone does this

  41. The IPv4 Protocol • IP is a “best effort connectionless” protocol • It’s a datagram/packet oriented protocol • You can get an IP packet from anyone without any “setup” or “connection establishment” • Packets are normally routed using destination routingYou specify where packet is to go, not how it gets there • You can optionally specify source routingYou specify route for packet as part of the packet • Each packet is routed independently • Can be delivered out of order • Might not be delivered at all

  42. Conventions in IPv4 - Network Byte Order • IP data is layed out in “Big Endian” OrderByte transmission order: 0, 1, 2, 3 • Representing a 16-bit integer in memory • Big endian “0,1” - (SPARC, M68k) • Little endian “1,0” - (x86, Alpha) • “Network byte order” is defined to be big endian 0 15 16 31 0 1 2 3

  43. Conventions in IPv4 • When we need to set fields in an IP header, we will need to use translation functions to be portable. • Actually, you need this for all binary fields • htons - host to network short (16-bit) • port_number = htons (port_number); • ntohs - network to host short • htonl - host to network long (32-bit) • htonl (interface_addr.get_ip_address ()); • ntohl - network to host long

  44. What’s Stored in an IPv4 Packet? • Version - 4 bit field specifying the IP version. Currently 4 • Header length - specified in 32 bit words. Range is 5..15 words, or 20..60 bytes • Type of Service (8 bits) • 3 bit precedence field (ignored today), one “must be zero” field • 4-bit field specifying desired service qualities. • Minimize Delay • Maximum Throughput • Maximize Reliability • Minimize Monetary Cost • Only one bit can be set. None set is “normal service” • Largely ignored by routers & IP implementations

  45. What’s Stored in an IPv4 Packet • Message length, in bytes • Datagram identification field that must be unique • Used with flags & fragment offset if a message must be fragmented • Time to live field - upper limit on the number of “hops” a message can go before being dropped • Protocol - identifies TCP, UDP, ICMP, etc • Header checksum - checksum of just the TCP/IP header • Source address • Destination address • Options

  46. IPv4 Protocol Layout Version Hdr Lth Type of Svc Total length (in bytes) 16-bit Packet Identification Flags Fragment Offset Time To Live Protocol Header Checksum Source IP Address Destination IP Address ... (options, if any)... Data

  47. Parsing the IPv4 Packet • Data starts at “Total Length - Header Length” • Maximum IP data gram is 65535 bytes • Hosts are not required to receive packets >576 bytes • Ethernet MTU is 1540 bytes • Most implementations allow for ~8192 byte IP datagrams (because of Network File System)

  48. IPv4 Options • Security & handling restrictions • Have each router record its IP address • Have each router record its IP address and timestamp • Loose source routing - specify a list of IP addresses that must be traversed by the packet • Strict source routing - enforce that list • 60-byte limit on IP headers limits utility of these options • We need to worry about source routing when we talk about AdHoc routing

  49. R1 R3 DST SRC R2 Hop-by-Hop IP Routing • Datagram arrives • For this host? => Deliver to TCP, UDP, etc • Else => Lookup next hop in routing table If there’s an entry, forward the message Else => discard the datagram

  50. Routing Tables • Routing table Contents • Destination IP address (either HOST or NET address) • IP address of the “next hop” router • Flags (HOST/NET, Router/Direct) • Network interface to use • Routing lookup: • Search for an entry that matches the destination IP address • Handles directly connected or point-to-point links • Search for an entry that matches the destination network • If found, send to the directly-connected router or interface • Search for a default route

More Related