1 / 44

CIDR and ICMP

CIDR and ICMP. NETS3303/3603 Week 5. Proxy ARP Clarifications. 192.168.10.0/24. I do!. Two broadcast domains sharing network address through proxy ARP Someone else could masquerade too. A. B. Who has B’s MAC?. Outcome. CIDR addressing and forwarding Learn about role of ICMP

zoltin
Download Presentation

CIDR and ICMP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIDR and ICMP NETS3303/3603 Week 5

  2. Proxy ARP Clarifications 192.168.10.0/24 I do! • Two broadcast domains sharing network address through proxy ARP • Someone else could masquerade too A B Who has B’s MAC?

  3. Outcome • CIDR addressing and forwarding • Learn about role of ICMP • Protocol specifics • Know about applications that use ICMP

  4. Classless Inter-DomainRouting (CIDR) • Problem • Continued exponential Internet growth • Subnetting insufficient • Limited IP addresses (esp. Class B)

  5. CIDR Addressing • Solution to problem • Temporary fix until next generation of IP • Backward compatible with classful addressing • Permits network prefix to be arbitrary length • CIDR was predicted to work ‘‘for a few years’’ • Extremely successful! • Will work for at least 20 years!

  6. One Motivation For CIDR: Class C • Fewer than seventeen thousand Class B numbers (total) • More than two million Class C network numbers • No one wants Class C (too small) • CIDR allows • Merging Class C numbers into a single prefix • Splitting a Class B along power of two boundaries

  7. CIDR and Supernetting • CIDR’s first use • Supernetting allows to assign a block of class C addresses • E.g.: A medium-sized org expects to have 200 networks (assign class B is wasteful!) • So, an ISP can assign a block of contiguous class C numbers • (192.100.0.0 – 192.100.255.0)

  8. CIDR Notation • Addresses written NUMBER/m • NUMBER is IP prefix • m is ‘‘address mask’’ length • Example: 214.5.48.0/20 • Prefix occupies 20 bits • Suffix occupies 12 bits • Mask values must be converted to dotted decimal when configuring a router (and binary internally) • 255.255.240.0

  9. CIDR & Routing Table • CIDR involves changing forwarding as well as addressing • Store address mask with each route • Send pair of (address, mask) whenever exchanging routing information • Known as a CIDR block

  10. Example of /30 CIDR Block • 128.211.176.212/30 Examples of CIDR Blocks • The corresponding CIDR block: • 128.211.168/21

  11. Implementation Of CIDR Route Lookup • Each entry in routing table has address plus mask • Search is organized from most-specific to least-specific (i.e., entry with longest mask is tested first) • Known as longest-prefix lookup or longest-prefix search

  12. Implementing Longest-Prefix Matching • Unlike classful addressing, the prefix boundary is not obvious • So, cannot easily use hashing • A data structure of choice is binary trie • An ordered tree structure • Support fast lookup for variable key-length • Identifies unique prefix needed to match route

  13. Path for prefix 0101 Example Of Unique Prefixes & Trie

  14. Internet Control Message Protocol • considered part of IP • functionality includes: • error messages (ttl exceeded, destination unreachable, router is out of memory, can’t fragment packet) • network management (ping/traceroute) • end host configuration (router advert, netmask) • error messages go from router/end host to original sender, not between intermediate hops • why? => don’t know route

  15. ICMP Ideas • error messages typically sent to IP sender • later may forward to application • ICMP error messages never generated due to: • ICMP error message (creates loop!) • broadcasts/multicasts packets • Why? prevent broadcast storms • ICMP error messages contains offending IP header + 1st 8 bytes of IP data (contains tcp/udp ports)

  16. Protocols

  17. Encapsulation ICMP transmitted within IP datagram so that it is routable (unlike arp)

  18. Header checksum covers icmp header/data

  19. ICMP messages (not all)

  20. continued…

  21. ICMP redirect • limited form of dynamic routing technique • only done on same link • situation: • 1. assume dumb host with 1 default routing table entry • 2. two routers on same link, one is default, one is route to net X • 3. dumb host sends pkt to net X via default router • 4. default router sends ICMP redirect with correct router address to dumb host

  22. Redirect Illustration

  23. Dest Unreachable • Host or router cannot deliver a datagram • Return IP header & first 8 bytes of payload • Codes • 0 Network unreachable • 1 Host unreachable • 2 Protocol unreachable • 3 Port unreachable • Etc.

  24. Source Quench • Primitive flow control mechanism • No flow control in IP itself (data rate) • Source quench alerts sender • A packet was discarded • Slow down transmission rate • Returned is IP header plus 8 bytes of data

  25. Time Exceeded • If TTL value 0, discard packet and issue ICMP time exceeded, code 0 • If all fragments not received within a certain time limit, discard fragments and issue ICMP time exceeded, code 1

  26. Parameter problem • If the IP header format wrong • Issue ICMP parameter problem • Code 0 faulty header field, pointer field in ICMP addresses start byte of problem in IP header • Code 1 required part of option is missing

  27. ping - ICMP echo request/reply • ping program, useful diagnostic tool, uses ICMP echo request/reply packets • Linux implementation uses “raw” sockets - i/f directly to ip layer, bypass transports • ping would send 1 pkt per second • some newer pings require -s to do that and only do one ping with this output: • hostname is alive

  28. ping • ping adds identifier/sequence number fields to packets • sequence # allows you to see if packets lost • ping will also do roundtrip timing

  29. More ping • so what do you learn using ping? • timing info, does it take too long ? • are packets being lost (why? didn’t tell you) • you can route • end system’s tcp/ip stack is working at least • echo reply sent by end system’s ICMP module

  30. ping example • $ ping cse.ogi.edu PING cse.ogi.edu (129.95.20.2): 56 data bytes 64 bytes from 129.95.20.2 icmp_seq=0 time=8ms 64 bytes from 129.95.20.2 icmp_seq=1 time=8ms 64 bytes from 129.95.20.2 icmp_seq=2 time=20ms ---cse.ogi.edu PING statistics --- 3 packets transmitted, 3 packets received, 0% loss round-trip (ms) min/avg/max = 8/12/20

  31. traceroute • traceroute (a command) allows you to determine the routers from one end to another % traceroute north.pole.com • uses ICMP ttl exceeded and UDP port unreachable (or ICMP echo reply) messages to do the job

  32. traceroute example • % traceroute cse.ogi.edu (from sirius.cs.pdx.edu) traceroute to cse.ogi.edu (129.95.20.2), 30 hops max ... 1. pdx-gwy (131.252.20.1) 3 ms 4 ms 3 ms 2. 198.104.197.58 (198.104.197.58) 7 ms 4 ms 8 ms 3. portland1-gw.nwnet.net (198.104.196.193) 6 ms 5 ms 5 ms 4. ogi-gw-nwnet.net (198.104.196.129) 8 ms 7 ms 7 ms 5. cse.ogi.edu (129.95.20.2) 14 ms 7 ms 9 ms

  33. traceroute algorithm • ttl = 1 (to 1st router) while we haven’t got UDP port unreachable send raw/ip packet with ttl == 1 get response if rcv ttl error compute roundtrip time else if UDP port unreachable quit print output ttl++ end

  34. Address mask • If host does not know its netmask, issue ICMP Address mask request (Type 17) • Router on network replies with mask • Can be unicast or broadcast • Often used at bootstrapping

  35. Router solicitation • Host wants to learn about network topology issues ICMP RS message (type 10) • Routers reply with a router advertisement (type 9)

  36. Packet-pair • Problem, what is the bandwidth of the links between my machine and destination? • Use packet-pair to find bottleneck link speed

  37. Bandwidth Estimation Algorithm • Issue two packets back-to-back • Each link will space packets • Remote host might compact again • Read time between packets on return path

  38. Packet-pair

  39. IP Final frontier, Mobility • Once a socket opened, address cannot change • Change address – lose connection • Change place of attachment – lose routing • One solution MobileIP - RFC2002

  40. MobileIP • MIP allows hosts to migrate to foreign networks • Communication handled by Home Agent in home network • Helper router in foreign network Foreign Agent

  41. 3 2 1 MIP HA Foreign Network Home Network FA

  42. IP IP IP Tunnelling IP Router

  43. IP IP Tunnelling IP IP FA

  44. Summary • CIDR substantially overcame IPv4 address issues • Required routing table and prefix-lookup change too • ICMP provides error and management support • Many useful network tools exploit ICMP to help check network health • Next: Autonomous System and Routing architecture

More Related