1 cmpt 471 networking ii ip © janice regan, 2012
TRANSCRIPT
1
CMPT 471Networking II
IP
© Janice Regan, 2012
© Janice Regan, 2012 2
Internet Architecture A user can think of the network as a single
virtual network that connects them to any other user on the Internet
Conceptually TCP/IP provides three sets of services
Internet software is designed around these three conceptual groups of networking services arranged in a hierarchy
The architecture is robust and adaptable
© Janice Regan, 2012 3
IP: conceptual service Layers
Comer 2006: fig 6.1
© Janice Regan, 2012 4
Connectionless Delivery A best effort delivery system that does not
guarantee delivery (unreliable) Each packet is sent independently, packets
related to the same communication may take different routes from source to destination
Different routes may take different amounts of time so packets may arrive out of order
Packets may be lost due to transmission errors or congestion but will not be discarded gratuitously.
The protocol that governs many aspects of this delivery system is the IP protocol.
© Janice Regan, 2012 5
The IP protocol One of the aspects of the datagram delivery system
controlled by the IP protocol is the format of the IP datagram
There are two versions of the IP protocol presently in use IPv4 and IPv6, each with its own packet format.
IPv4 is still the most commonly used version IPv6 is becoming more common (World IPv6 day June 6 2012)
IPv6 was introduced to address shortcomings of IPv4 As we discuss IP we will look at both IPv4 and IPv6 and
the differences between them
© Janice Regan, 2012 6
Change IP, other solutions? Address space exhaustion (temporary solution CIDR)
Two level addressing (network and host) results in many unused addresses. Addresses committed even if not used or potentially used for growth of network.
Growth of networks and the Internet Extended use of TCP/IP
Lack of security and authentication Temporary solution: IPsec retrofit to IPv4 (see security notes)
Requirements for new types of service temporary solution: differential services replaces TOS Not able to guarantee real-time transmission of services like video or
audio
© Janice Regan, 2012 7
Improvements in IPv6 (1) Expanded address space: 128 bit addresses Improved option mechanism: Additional separate
optional headers between IPv6 header and transport layer header Most additional headers are not examined by intermediate
routers, improving processing speed at intermediate routers and simplifying router processing.
It is easier to add options by adding more intermediate headers Address auto configuration: Allows dynamic
assignment of addresses
© Janice Regan, 2012 8
IPv6 Improvements (2) Increased addressing flexibility:
Anycast - delivered to one of a set of nodes Improved scalability of multicast addresses
Support for resource allocation: Labeling of packets to particular traffic flow Allows special handling (e.g. Support real time streams for
applications such as video ) Replaces type of service
New version of ICMP ICMPv6 (RFC 2463) Functionality of ICMPv4 and ARP (RFC 2461) in neighbor
discovery, and IGMP (RFC 2710 3810) in the multicast listener discoverer, all combined in one protocol
© Janice Regan, 2012 9
IPv4 addresses: representation 32 bit global internet (IP) address is used to
uniquely identify a particular network interface connected to a particular host as a destination for communication
Globally applicable and globally unique Expressed a series of 32 binary digits
10000000 00001011 00000011 00011111 Also expressed in dotted decimal notation
Binary digits are separated into four groups of eight digits Each group of 8 digits are translated to a decimal number The decimal number are separated by dots (periods) Example address above becomes 128.11.3.31
© Janice Regan, 2012 10
Structure of an IPv4 address Each IP address is split into two parts (netid, hostid) to
identify the host and the network to which the host is connected
The netid (network address or prefix) identifies the network to which the host belongs.
The number of bits dedicated to the netid will determine the number of possible networks.
The hostid identifies the particular host (network interface for a multi homed host)
The number of bits dedicated to the hostid will determine the possible number of hosts on the network
© Janice Regan, 2012 11
Network address IPv4 Netid (network address) non zero: hostid all 0’s
never assigned as the source or destination address of an IP packet, or as the address or a single host/router
Used in routing tables and documentation to refer to all hosts on a particular network
A network address is assigned to the network itself, not to an individual host or router
The network address defines the network to the rest of the internet
If an IP address has a netid corresponding to the address of a particular network then that the IP address is the address of a host on that particular network
© Janice Regan, 2012 12
IPv6 Addresses: representation 128 bits long represented as a hexadecimal number
separated by colons. Divided into 8 16 bit blocks each represented by 4
hexadecimal digits. 1080:0000:0000:0000:0008:08A0:200C:417A
Leading zeros can be omitted, but one zero remains if all 4 hexadecimal digits are zero. 1080:0:0:0:8:8A0:200C:417A
One string of single colon separated zeros can be abbreviated to a :: (Not more than one) 1080::0008:08A0:200C:417A
Structure of IPv6 addresses Each IP address is split into 3 parts
Global Routing Prefix: identifies the block of addresses, e.g. multicast, unicast, link local, site local … (48 bits)
Subnet ID: identifies a particular site (16 bits) Interface ID: identifies a particular interface on a
subnet (64 bits) Uses prefixes: e.g. 21DA:D3:0:2F3B::/64 to denote the
network prefix (network address of length 64 is 21DA:D3:0:2F3B)
© Janice Regan, 2012 13
© Janice Regan, 2012 14
“this” address Indicates the absence of a valid address IPv4 Netid zero: hostid nonzero
Interpreted as hostid on “this” network IPv4 0.0.0.0
“this” host when network address is also unknown
IPv6 0:0:0:0:0:0:0:0 Used when booting a host that does not know its
own IP address (usually a diskless host) Cannot be a destination address
© Janice Regan, 2012 15
Loopback address IP address used to send packets from one process to
another through the local interface within a host Packets sent to the loopback address will not leave the local
host, they will never be sent onto any network Packets sent to the loopback address will pass through the
local interface (lo) To record packets sent to the loopback address using tcpdump you
must watch packets going through the local interface Available IPv4 loopback addresses 127.0.0.0 to
127.255.255.254, usually use 127.0.0.1 IPv6 loopback address ::1
© Janice Regan, 2012 16
IPv4 Broadcast address Network broadcast addresses are valid only as a
destination directed broadcast: broadcast to all stations on the local
network from anywhere reached by the internet netid is network address for the network hostid all 1’s A security risk for denial of service attacks, by default directed
broadcast is disabled limited broadcast or local network broadcast:
broadcast to all stations on the local network from within that local network netid and hostid all 1’s. May be used when node starts to establish its IP address
IPv6 Broadcast address? There is no concept of broadcast address
in IPv6 Specialized multicasting is used to replace
broadcasting. No need to reserve the all 1’s address for
broadcast it can be used for a host
© Janice Regan, 2012 17
© Janice Regan, 2012 18
IPv4 Private or Non-Routable addresses Some addresses are reserved for use on local networks
that are not connected to the Internet Routers do not consider these addresses to be valid
Internet addresses, and will not route a packet through the Internet to any of them
These addresses may be used and routed on private internets. They may not be directly connected to the Internet.
10.0.0.0/8 10.0.0.0 to 10.255.255.255 172.16.0.0/12 172.16.0.0 to 172.31.255.255 192.168.0.0/16 192.168.0.0 to 192.168.255.255
© Janice Regan, 2012 19
IPv6 Private or Non-Routable addresses Addresses that may be used on private internets are
also available for IPv6. Packets with these addresses will not be routed out of the private network into the Internet, they may be routed within the private network In early releases of IPv6 such addresses were called site-local
addresses. For site-local addresses the first 10 bits of the address were 1111111011 (FEC0). Site local addresses have been deprecated (no longer supported)
The present range of IPv6 addresses available for private networks is FC00::/7. However, local addresses must have the 8th bit set to 1. Basically this means, any IPv6 address that starts with FDxx is for private networks only (FD00::/8)
© Janice Regan, 2012 20
IPv6 link-local addresses IPv6 also has a new type of non-routable address called
a link-local address. This type of address is for all IPv6 nodes both on the internet and in private networks. Link local addresses are given to every IPv6 node begin with FE80 – FEFF (FE80::/10) are valid only on the local link (the local network
segment Are the type of address used for address resolution
© Janice Regan, 2012 21
multicast addresses A multicast address refers to a group of destination IP addresses
that may be in different networks throughout the internet
For IPv4 multicast addresses start with 1110 Group address uses the remaining 28 bits
For IPv6 multicast addresses Start with 1111 1111 Then has some other special purpose bits followed by 112 bit
multicast group ID IPv4 broadcast is replaced by use of specific aspects of IPv6
multicast
© Janice Regan, 2012 22
IPv6 Addresses for IPv4 IPv4 compatible addresses have the form:
first 80 bits 0 ::0/80 Next 16 bits
1 for addresses of IPv4 only nodes so that IPv6 hosts have an address to send to IPv4 only nodes
0 if there is a corresponding IPv6 address that is for dual stack hosts
(Last 32 bits contain the IPv4 address
© Janice Regan, 2012 23
Hosts A host is a source or destination of IP packets.
A host usually has 1 network interface, an thus does not forward packets or act as a router
Hosts must still make some routing decisions, in particular which router, directly attached to their own network, to send a particular packet to
A multi-homed host is a host connected to single or multiple networks through more than one network interface A multi homed host may also forward packets acting as a
router. To act as a (slow) router it must be enabled as a router. (have
forwarding activated)
© Janice Regan, 2012 24
Routers A router is a system that forwards packets from one
host to another. A router normally has a processor, network interfaces and a high speed
switching matrix will not normally be the destination of packets (except routing
information packets transmitted using a routing protocol if dynamic routing is in use)
will forward packets using a routing table The processor of a router will normally run the
implementation of the routing protocol that is the IP routing algorithm and the IP forwarding algorithm For static routing will load the routing table at boot time For dynamic routing will maintain the routing table over time
© Janice Regan, 2012 25
Routing protocols Routing protocols specify how information about routing will be
transferred between routers Each router will store information provided by the routing protocol in its
routing table For dynamic routing information will be transferred between routers
continuously For static routing the protocol will specify what can be in the routing
table built by the network administrator An IP routing algorithm uses the information supplied by the routing
protocol to build, and for dynamic routing update, the routing table An IP forwarding algorithm uses the information in the routing table
to determine which interface of the router to transmit the IP packet through to efficiently deliver the packet to its destination (determines the direction of the next hop)
© Janice Regan, 2012 26
Direct Delivery Direct delivery occurs when a datagram is delivered
from one host to another on the same physical network. It is not necessary for the packet to pass through a router If the network specific portion of a packets destination IP
address and source IP address are the same then the packet can usually be delivered directly
Direct delivery is also the last step of the delivery of any IP datagram. Once the datagram has reached a router connected to the same physical network as the destination the datagram is encapsulated in a local MAC frame and directly delivered
© Janice Regan, 2012 27
Indirect Delivery If the final destination of the IP datagram is not on the
local physical network The datagram must be encapsulated in a MAC frame and sent
to a router connected to the local physical network. That router will extract the datagram from the MAC frame and
use it routing capabilities to find another router on an efficient path to the final destination to send the datagram to.
The router then encapsulates the datagram in a MAC frame and transmits it to the next router.
This process continues until the packet reaches a router directly connected to the same local physical network as the destination host.
The datagram can then be directly delivered to the destination.
© Janice Regan, 2012 28
Choosing the next hop If it has been determined that the datagram cannot be
delivered directly then If the datagram originates on the present host then choosing
the next hop means choosing a router, attached to the same physical network as the host, that is an acceptable next hop in the path to the final destination
If the datagram has arrived at the router from another host or router then an efficient next hop in the path to the destination must be found
The next hop (for both cases) is determined by consulting a routing table. That table will indicate where a datagram destined for a particular IP address should be sent to reach that destination efficiently
© Janice Regan, 2012 29
Contents of a IPv4 routing table Each entry in the routing table includes
An address prefix (Destination) and mask (Genmask) which indicate a particular network or networks
The IP address of the next router or host along the path to the final destination (called the gateway)
The network interface that should be used to transmit the packet so it can reach the next hop address
A metric that can be used to compare the relative “goodness” of alternate routes.
Possible implementation specific additional information
© Janice Regan, 2012 30
A sample IPv4 routing tableDestination Gateway Genmask Metric Iface
172.17.1.253 * 255.255.255.255 0 Eth1
172.16.1.253 * 255.255.255.255 0 Eth0
172.16.0.0 * 255.255.0.0 0 Eth0
172.17.0.0 * 255.255.0.0 0 Eth1
172.18.0.0 172.16.1.254 255.255.0.0 1 Eth0
172.19.0.0 172.17.1.2 255.255.0.0 1 Eth0
127.0.0.0 * 255.0.0.0 0 Lo
224.0.0.0 * 240.0.0.0 0 Eth0
0.0.0.0 172.16.1.1 0.0.0.0 0 Eth0
© Janice Regan, 2012 31
Obtaining IPv4 routing info The LINUX netstat function will let you look at
the routing table on a host or LINUX router. The flag –r will give you the information you want, omitting this flag will give you additional information on things in addition to the routing table
To add or remove static entries from the routing table use the LINUX command route.
Route with no arguments will also show you the routing table (route may be disabled, but netstat is usually available)
© Janice Regan, 2012 32
The IPv4 forwarding algorithm Extract the IP destination address from the packet If the destination address is on the local network
directly deliver the datagram OTHERWISE For each routing table entry use the mask (bitwise
and the mask with the destination IP address) to extract the prefix from the destination address and compare it to the prefix in the table. Remember any entries that match
Choose the matching entry with the longest prefix match
If there is no match send a routing error back to the source
© Janice Regan, 2006 33
Using a netmask to extract netid IP address 198.53.147.45 converted to binary
11000110 00110101 10010011 00101101
Netmask 255.255.255.0 (class C) converted to binary 11111111 11111111 11111111 00000000
AND IP address and Netmask
11000110 00110101 10010011 00101101
11111111 11111111 11111111 00000000
11000110 00110101 10010011 00000000 Convert result of and to dotted decimal to get the
network address (netid) 198.53.147.0
© Janice Regan, 2012 34
Contents of a IPv6 routing table Each entry in the routing table includes
An network prefix and which indicate a particular network or networks (address and size addr/size)
The IP address of the next hop router or host along the path to the final destination (called the next hop router)
The network interface that should be used to transmit the packet so it can reach the next hop address
A metric that can be used to compare the relative “goodness” of alternate routes.
Possible implementation specific additional information
A sample routing table IPv6
© Janice Regan, 2006 35
Destination Next Hop Flag Met Ref Use If::1/128 :: Un 0 1 41 lofdd0:8184:d967:25::a19:106/128 fdd0:8184:d967:29::a1d:109 UG 1024 0 203 eth1fdd0:8184:d967:26::/64 fdd0:8184:d967:30::a1e:108 UG 1024 0 122 eth2fdd0:8184:d967:29::/128 :: Un 0 2 0 lofdd0:8184:d967:29::a1d:10a/128 :: Un 0 1 350 lofdd0:8184:d967:29::/64 :: U 256 0 1 eth1fdd0:8184:d967:30::/128 :: Un 0 2 0 lofdd0:8184:d967:30::a1e:10a/128 :: Un 0 1 392 lofdd0:8184:d967:30::/64 :: U 256 0 1 eth2 fe80::250:56ff:fea4:1795/128 :: Un 0 1 74 lofe80::250:56ff:fea4:59c9/128 :: Un 0 1 63 lofe80::250:56ff:fea4:764f/128 :: Un 0 1 0 lofe80::/64 :: U 256 0 0 eth1fe80::/64 :: U 256 0 0 eth2fe80::/64 :: U 256 0 0 eth0::/0
Notes about the routing table The addresses that start fdd0 are IPv6
private network global addresses The addresses that start fe80 are link
local addresses /128 addresses refer to a single host :/0 is the default address
© Janice Regan, 2012 36
© Janice Regan, 2012 37
Obtaining IPv6 routing info The LINIX netstat function will show you the
IPv6 routing table. netstat –r6 The LINIX ip function can be used to look at the
IPv6 routing table. ip –6 route route -6 will also show the IPv6 routing table To add or remove static entries from the routing
table use the LINUX command ip (or route). Using these commands in the command line will
make the change until the host is rebooted Placing the commands in the /etc/network/interfaces
file will make the change persistent after reboot
© Janice Regan, 201238
The IPv6 forwarding algorithm
Next hop determination IPv6 maintains a cache known as the destination
cache. In the destination cache all the next hop destinations for all the destinations of recent packets are stored. The cache also holds other information about the path to
the destination
When a packet arrives to be forwarded the first step is the check for the destination address in the destination cache.
If the destination is in the destination cache then the packet is forwarded to the next hop and other parameters given in the cache.
Next hop determination The destination address is obtained from
the packet. For each destination entry in the routing
table the first N bits (where /N is specified for that destination) are compared to the first N bits of the destination address
If the first N bits are the same the destination is a match
© Janice Regan, 2012 39
Next hop determination The list of matches is examined, and the
match with the largest number of matching bits is chosen (most specific matching route)
If there are multiple matches with the maximum number of bits choose the match with the lowest value of metric
Use the selected entry to get the next hop IP and interface (same as IPv4)
© Janice Regan, 201240
© Janice Regan, 2012 41
The IPv6 forwarding algorithm When a packet is sent and its destination is
not in the destination cache, then its destination, and the corresponding next hop destination are saved in the destination cache and the timers for the lifetime of the cache entry are started
When a packet is sent and its destination is in the destination cache, then the timers for the lifetime of the cache entry are updated
© Janice Regan, 2012 42
IPv4 Protocol Header
Maximum length 60 octets, minimum length 20 octets (see arrow) Options field may span as many as 20 rows (40 octets)
Comer 2006: fig 6.3
© Janice Regan, 2012 43
IPv4 Header Fields (1) Version(4 bits): 4 for IPv4 Internet header length or HLEN( 4 bits): length of IP
header in 32 bit words. Minimum header length is 20 octets, so header length would be at least 5. Used to locate the start of the payload
Service Type (8 bits): Contains bits to set priority (0 lowest to 7 highest) and to select routing based on optimization of reliability, precedence, delay or throughput parameters (TOS replaced by Differential Services, more later)
Total length (16 bits): This includes the header and the data payload. Packet length is measured in octets. Maximum length of a packet is 216 -1 = 65,535 octets
© Janice Regan, 2012 44
IPv4 Header Fields (2) Identification (16 bits): Identifies a particular datagram
or packet. The same Identification is used for each fragment of a fragmented datagram. The final receiver will use the Identification for reassembly. The sender of the datagram must generate a unique identification for each datagram sent.
Flags(3 bits): More bit, Don’t fragment bit, third bit (highest order bit) is undefined
Fragment offset (13 bits): Position of the fragment in the present packet within the unfragmented payload. (Must be a multiple of 64 bits from start of the unfragmented payload, measured in 64 bit units)
© Janice Regan, 2012 45
IPv4 Header Fields (3) Time to live (8 bits): Measured in seconds, but must
decrement by at least 1 at each IS. Since transmission time in modern system are very rarely in excess of one second this is essentially a hop counter (Default 64)
Protocol (8 bits): protocol of next higher layer (transport layer) to receive data field at destination
Header checksum (16 bits): 16 bit ones complement sum of all 16 bit words in header (header checksum field is zero during the calculation). Checksum does not include data, verification that data is not corrupted is left to higher layers in the protocol stack. Reverified and recomputed at each IS. IP packet is discarded if checksum does not match.
© Janice Regan, 2012 46
IPv4 Header Fields (4) Source address (32 bits): IP address of the originating
station Destination address (32 bits): IP address of final
destination Options (variable): Examples include
Security Strict source routing (specify all ISs) Loose source routing (Specify some ISs) record route (records address at each hop) timestamp (records address and timestamp at each hop)
Padding (variable) To add zero bits at the end of the options so the header
length is a multiple of 32 bits long
© Janice Regan, 2012 47
IP v6 Header
Figure 33.2 Comer (2000)
© Janice Regan, 2012 48
IPv6 packet Structure
IPv6
header
Fragment
header
Hop by Hop
header
Destination options
header
Routing
header
Authentication
header
DATAEncapsulating Securityheader
DestinationOptions
header
Transport
header
© Janice Regan, 2012 49
IP v6 Header Fields (1) Version (4 bits): 6 Traffic Class (8 bits): Experimental: indicates class or
priority of packet. Still undefined, provides way for application to experiment with class
Flow Label (20 bits): Experimental: Indicates that packet belongs to a specific sequence of packets that can be reference by flow number. Used by hosts requesting special handling of such a sequence of packets. Multiple sequences can flow between the same hosts, each packet in a sequence must have identical Hop by Hop and routing headers and IPv6 addresses.
© Janice Regan, 2012 50
IP v6 Header Fields (2) Payload length (16 bits): Includes all extension headers
plus user data. For lengths greater than 65,535 bytes it is set to zero, and jumbo payload option in the hop by hop header is used
Next Header (8 bits): Indicates the type of the first extension header or in the absence of extension headers the protocol for the next layer up (same as for IPv4).
Hop Limit (16 bits): maximum number of allowed hops (0-255). When number is exceeded ICMPv6 Time Exceeded message is sent
Source Address (128 bits) Destination address (128 bits)
Comparing IPv4/IPv6 Header Size For IPv4 the header length field and the total
length field are used to indicate the size of the IP packet Two numbers are needed because the header has
a variable length 20-60 octets The options field can be 0-40 octets long so the
HLEN is needed to indicate the size of the header For IPv6 no header length is needed because
the main header is a fixed length, One field is used to indicate the next header.
© Janice Regan, 2012 51
IPv4 vs. IPv6 Packet size IPv4 Payload size
(amount of data) is given by Total length minus header length
IPv6 Payload size directly
stored in header
© Janice Regan, 2012 52
Quality of service IPv4 Difficult to manage
QOS. Some ways available using the service type field
IPv6 Much better methods
for managing QOS being studied
Still Experimental Methods use traffic
class and flow label field
© Janice Regan, 2012 53
Time to live : Hop Limit IPv4 Number of seconds
in the lifetime of the packet
Each router checks, decrements value, drops if <0 left
Minimum decrement 1s is >actual time
IPv6 Integer, number of
times the packet can be forwarded
Each router decrements value drops if 0 (before or after decrement)
Decrement always 1
© Janice Regan, 2012 54
Fragmentation IPv4 Fragmentation at any
intermediate router Use the flags,
fragment offset and identification fields to manage fragments
IPv6 Fragmentation only at the
source Use information in the IPv6
fragmentation header Path discovery may be used Router that cannot forward
packet sends ICMPv6 too big message causing source to retransmit with smaller packets
© Janice Regan, 2012 55
© Janice Regan, 2012 56
Encapsulation: IP datagrams
Comer 2006: fig 6.6
© Janice Regan, 2012 57
Where does IPv4 fragmentation occur?
Comer 2006: fig 6.7
© Janice Regan, 2012 58
IPv4 Fragmentation (1) Uses fields in header
Data Unit Identifier (ID): uniquely identifies end system originated datagram and contains Source and destination address Protocol layer generating data (e.g. TCP) Identification supplied by that layer
Total Length and HLEN: Length of user data in octets is the total length – the header length
Offset: Position of fragment of user data in original datagram, (offset from start of original datagram) in multiples of 64 bits (8 octets)
More flag: Indicates that this is not the last fragment
© Janice Regan, 2012 59
IP Fragmentation (2) Copy the header frame of the incoming datagram
into each fragment Divide the incoming user data field into equal parts
along 64bit boundaries (last fragment may be shorter).
For of each datagram except the last, set Data Length to the length of the data fragment in that datagram and set more flag to 1. Add the length of the previous data segment in octets to the Offset.
For the last datagram set Data Length to the length of the remaining data, Add the length of the previous data segment in octets to the Offset.
© Janice Regan, 2012 60
Fragmentation
Comer 2000: fig 6.8
75
150 )
© Janice Regan, 2012 61
Fragmentation Example
Comer 2000: fig 7.
© Janice Regan, 2012 62
Dealing with Failure Re-assembly may fail if some fragments get
lost Need to detect failure Re-assembly time out
Assigned to first fragment to arrive If timeout expires before all fragments arrive, discard
partial data Use packet lifetime (time to live in IP)
If time to live runs out, kill partial data
© Janice Regan, 2012 63
IPv6 Fragmentation Header
Node may perform path MTU discovery to find smallest maximum transmission unit (MTU) of intermediate networks or use minimum MTU size of 1280 octets
If a packet is too large an ICMPv6 too big message is sent to the source by the router that cannot forward the message.
The router then retransmits smaller source fragments Size of fragments now match MTU of network through which the
router that sent the ICMPv6 too big message must send packets Fragmentation algorithm is the same as IPv4, but in IPv6 header
includes all extension headers present as well as main header
Figure 33.4Comer (2000)
MTU discovery
© Janice Regan, 2012 64
NET 3MTU 1280
NET 3MTU 1500
NET 2MTU 1350
ICMP TOO BIG message MTU = 1350
ICMP TOO BIG message MTU =1280
IP packet MTU = 1500
IP packet MTU = 1350
IP packet MTU =1280
© Janice Regan, 2012 65
IPv6: more flexible options In IPv4 all options were inserted into the variable length option field
(maximum length 40 bytes) Only so many options would fit Every host/router needed to read all the options to see if any of them
applied to it IPv6 has a fixed length header, with a next header field. All options
are handled in separate (one for each option) optional headers with a predefined order. Easier to add a new option, and to see which options are being used
(increased flexibility) Not all options need to be read / processed by every intermediate
node on the path (increased efficiency) Each header used the next header field to indicate the type of header
that follows it (or the transport protocol header of the IP datagram)
© Janice Regan, 2012 66
IP v6 Header
Figure 33.2 Comer (2000)
© Janice Regan, 2012 67
IPv6 packet Structure
IPv6
header
Fragment
header
Hop by Hop
header
Destination options
header
Routing
header
Authentication
header
DATAEncapsulating Securityheader
DestinationOptions
header
Transport
header
Headers shown in yellow are optional and replace the options field in IPv4. Because the headers are optional some or all may not be present for any given packet. Need to know which header follows next, use the “next header” field to tell what header comes next
IPV4 Protocol field Originally meant to record a code that
indicated the protocol being used in the transport layer (the layer above the network layer where the IP protocols run) for example TCP or UDP
Now also used to retrofit some of the most needed functionality of IPv6 into IPv4 Used as a next header field for IPv4 to help
implement IPSec etc.
© Janice Regan, 2012 68
© Janice Regan, 2012 69
IPv4 Protocol Header
Now look at remaining header fields protocol, options, padding
Comer 2006: fig 6.3
© Janice Regan, 2012 70
IPv4 packet Structure retrofit
IPv4
header
Authentication
header
DATAEncapsulating Securityheader
Transport
header
Using the protocol field in the IPv4 header allows the headers for IPsec, to be inserted into IPv4 packets. This enables authentication and encryption of packets
© Janice Regan, 2012 71
IPv4 Options Options are used primarily for network testing and debugging Length of the options field varies (# and type of options) Each option is inserted into the options field starts with an 8 bit
code field which contains A one bit copy flag: set to 1 if the option is to be copied to all
fragments if the datagram is fragmented, 0 if option is to be copied only to the first fragment header
option class (datagram or network control 0, measurement/debug 2) Option number
Information required by the option follows the 8 bit code, the amount of information varies according to the option selected
.
0 1 2 3 4 5 6 Copy Option Class Option Number
© Janice Regan, 2012 72Comer 2000: fig 6.11
© Janice Regan, 2012 73
Record Route option The source creates an initially empty list of N IP
addresses. When the IP datagram with record route set reaches a router the following occurs If the pointer (points to the next empty octet) is less than the
length (pointer to the end of space reserved for addresses) then the router’s IP address is inserted starting at octet pointer. The value of pointer is then incremented by 4 (32 bits). Then the IP datagram is forwarded
If the pointer (points to the next empty octet) is >= the length, no IP address is inserted. Then the IP datagram is forwarded
When the datagram arrives at the destination the path information can be extracted from the header
Should have the copy bit set to 0, class 0, option 7
© Janice Regan, 2012 74
Options field for Record Route
0 168 24
Code length pointer
<---------------------First IP Address ------------------------->
<---------------------Second IP Address ---------------------->
<--------------------- … ------------------------->
24 40 56
© Janice Regan, 2012 75
IP header and Sockets To get the present IPv4 header use
getsockopt(sockfd, IPPROTO_IP, IP_OPTIONS, void *ptr, socklen_t *hdrlen);when the function returns *ptr will point at the IP header of length hdrlen in octets
To set any value or option in the IP header for a particular TCP connection or UDP socket.setsockopt(sockfd, IPPROTO_IP, IP_OPTIONS, void *ptr, socklen_t *hdrlen);where ptr points at an IPv4 header with the desired options added or values modified, and hdrlen is the length of that header in octets
© Janice Regan, 2012 76
Options field for Timestamp
0 168 3224
Code length pointer
<------------------ IP Address of first hop -------------------->
<------------------IP Address of second hop ----------------->
<--------------------- … ------------------------->
<------------------Timestamp of first hop -------------------->
<------------------Timestamp of second hop ----------------->
oflow Flags (1 or 3)
© Janice Regan, 2012 77
Options field for Timestamp
0 168 3124
Code length pointer
<------------------ Timestamp of first hop ------------------>
<-------------------Timestamp of third hop ----------------->
<--------------------- … ----------------------->
<------------------ Timestamp of second hop --------------->
<------------------Timestamp of fourth hop ---------------->
oflow Flags (0)
© Janice Regan, 2012 78
Oflow and Timestamp Option
The flags field indicates how much information to save at each router
The Oflow field contains a numerical count of the routers that were not able to insert a timestamp into the header
Comer 2006: fig 6.15
© Janice Regan, 2012 79
Timestamp option The source creates an empty list of N IP addresses.
When the IP datagram with record route set reaches a router the following occurs If the pointer (points to the next empty octect) is less than the
length then the router’s IP address and or timestamp is inserted starting at octet pointer. The value of pointer is them incremented by 4 (32 bits) or 8 (64 bits). Then the IP data gram is forwarded
If the pointer (points to the next empty octect) is >= the length, no IP address is inserted. Then the IP datagram is forwarded
When the datagram arrives at the destination the path information can be extracted from the header
Should have the copy bit set to 0, class 2, option 4
© Janice Regan, 2012 80
Source Route Option Provides a way for the sender to specify a particular
path through the network Loose source routing specifies a list of IP addresses the
datagram must traverse, it may traverse others Strict source routing specifies, in sequence, every IP
address the packet may visit If the address in destination address field has been
reached and the length is not two, the next address in the source route replaces the address in the destination address field, and that address is deleted from the source route and the length is reduced by four.
© Janice Regan, 2012 81
Options field for Source Route
0 16832
24
Code length pointer
<------------------ IP Address of first hop -------------------->
<------------------IP Address of second hop ----------------->
<--------------------- … ------------------------->
48
© Janice Regan, 2012 82
IPv6 Source Routing Header
Figure 33.5 Comer (2000)
© Janice Regan, 2012 83
Source Routing Header List of one or more intermediate nodes to be
visited (loose source routing some intermediate nodes in the path or tight source routing all intermediate nodes in the path)
Next Header Header extension length Routing type: routing header variant, if not
understood packet will be discarded Segments left
i.e. number of nodes still to be visited
© Janice Regan, 2012 84
© Janice Regan, 2012 85