jan 29, 2008cs573: network protocols and standards1 nat, dhcp autonomous system network protocols...

Jan 29, 2008 CS573: Network Protocols and Standards

1

NAT, DHCPAutonomous System

Network Protocols and Standards

Winter 2007-2008

Jan 29, 2008 CS573: Network Protocols and Standards 2

IPv4 IP Datagram Format IPv4 Addressing ARP and RARP IP Routing Basics Subnetting and Supernetting ICMP Network Address Translation (NAT) Dynamic Addressing


Private Networks Private networks have no “direct”

connection to the Internet Blocks of addresses have been reserved

for the private networks (RFC 1918) Blocks in different classes

10.0.0.0 – 10.255.255.255 (1 class A) 172.16.0.0 – 172.31.255.255 (16 class B) 192.168.0.0 – 192.168.255.255 (256 class

C)


Purpose Machines in the

protected network can access the Internet normally

Packets coming from the protected network all appear to be coming from IP1

Addresses in the protected network are in the private range

Host 1

Host 2

Host N

ProtectedNetwork

Firewall

Internet

IP1 IP2


Implementation Hosts inside the private network are configured

to use the firewall (IP2) as their gateway The firewall rewrites the IP datagram header for

the outbound packets, replacing the source IP with IP1

All packets “seem” to be coming from IP1 The destination IP in the packets received from

the Internet is IP1; it is rewritten replacing IP1 with the IP address of the internal destination

Problem: How to figure out what is the right destination in the private network?


Demultiplexing Incoming Packets There is not enough information in the

IP header to demultiplex incoming packets

It is necessary to use information from the higher layers (transport layer)

Common transport layers: TCP and UDP Transport layer has the concept of port

which identifies which process in the host should finally get the packet


Ports 16-bit numbers

identifying which process should get the packet

UDP and TCP ports exist in different spaces

Each packet carries two port numbers

The source port of the process which generated it in the source host

The destination port of the process which should get it at the destination

IP

TCP UDP

Telnet FTP


Implementation (revisited) Upon receiving an outbound packet from a host in

the private network, the firewall: Rewrites the source IP with its own IP (IP1) Generates a local source port and rewrites the source

port in the packet as this port and makes a record of it Upon receiving an inbound packet from the

Internet, the firewall checks whether the destination port in the packet is in the list of local ports:

If not, the packet is dropped Can not initiate connections from outside!

If yes, the firewall knows where to send this packet


IPv4 IP Datagram Format IPv4 Addressing ARP and RARP IP Routing Basics Subnetting and Supernetting ICMP Network Address Translation (NAT) Dynamic Addressing


BOOTP Alternative to RARP

RARP operates at a low level, requesting direct access to the network hardware

Difficult for an application programmer to build a server

RARP gives “only” the IP address


BOOTP Devised to allow a machine to

obtain: Its IP address Address of a router Subnet mask to use Address of a name server

Can be implemented with an application program Uses UDP/IP for communication


BOOTP Reliability in communication is

based on UDP checksum Timeout and retransmissions

To minimize collisions among many clients, use random timeouts

Increase timeouts with each retransmission Starting with the interval 0-4 seconds Doubling interval each retransmission up to 60s


BOOTP Message Format

OP HTYPE HLEN HOPS

Seconds UnusedTransaction ID

Client IP AddressYour IP Address

Server IP Address

Client Hardware Address (16 octets)Router IP Address

Boot File Name (128 octets)Server Hostname (64 octets)

Vendor-specific area (64 octets)

0 8 16 24 31 bits


BOOTP Message Field OP

Specifies whether a request(1) or reply(2) HTYPE and HLEN

Hardware type and address length (For Ethernet, HTYPE is 1 and HLEN is 6)

HOPS Client passes 0 in this field; BOOTP server increments it if

the request is passed to another server across a router Transaction ID

Contains an integer that machines use to match requests with responses

Seconds Number of seconds since the client started to boot


BOOTP Message Remaining fields in the message

To allow the greatest flexibility Clients fill in as much information as they

know; unknown fields are set to zero Example

If server IP or server hostname are non-zero, only the server with matching address/name will answer the request

If they are zero, any server that receives the request will reply


BOOTP Message Format BOOTP can be used by a client that already

knows its IP address (e.g., to obtain boot file information)

A client that knows its IP address places it in the client IP address field; other clients set this field to zero

If the client’s IP address in the request message is zero, a server returns the client IP address in the “your IP address” field


DHCP Dynamic Host Configuration Protocol RARP and BOOTP designed for relatively static

environment Each host a permanent network connection Manager creates a BOOTP configuration file specifying

BOOTP parameters for each host Manager configures server with mapping of host

identifier to IP address New Requirements

Portable computers Number of computers exceeds available IP host

addresses (although not all will be up and running at the same time)


DHCP DHCP allows:

Manual configuration Automatic configuration Managers let DHCP server assign a

permanent address when a computer first attaches to the network

Dynamic configuration Loaning IP addresses for a limited time

Jan 29, 2008 CS573: Network Protocols and Standards

19

IP Routing Protocols


IP Routing Autonomous System Domain Intra-domain Routing

Interior Gateway Protocols Inter-domain Routing

Exterior Gateway Protocols IP Multicast Routing MPLS


Routing in the Internet Routing Algorithms

Bellman-Ford Dijkstra

Routing Protocols Distance Vector Link State

Routing Hierarchy Interior Gateway Protocols (RIP, OSPF, IGRP) Exterior Gateway Protocols (EGP, BGP, CIDR, Policy

Routing) Multicasting (IGMP)


Internet from the start First, there was ARPANET

Routers had complete information about all the possible destinations – core routers

GGP (gateway-to-gateway) protocol was used for routing – a distance vector protocol

R R

RR

H

H

H


Internet from the start Then, LANs were connected to ARPANET

R RR

ARPANET

LAN LAN LAN

Core Routers


Internet from the start Problems with above configuration:

Routing overhead increased with the number of connected routers

Number of routes increased with the number of connected segments

Frequency of routing exchanges increased Higher likelihood that something went wrong

somewhere requiring updates Number of different types of routers

increased Slow deployment of new versions of routing

algorithms


Internet from the start

Backbone Network

R1

Local Network

Core Router

R2 R3

Local Network Local Network R4 Local Network


Autonomous System

R RR

Backbone Network

AS AS AS

Core Routers

AS: Autonomous System


Autonomous System What is an autonomous system?

A set of routers and networks under the same administration. Examples:

A single router directly connecting one local network to the Internet

A corporate network linking several local networks through a corporate backbone

A set of client networks served by a single ISP

NOTE: From a routing point of view, all parts of an AS must remain connected


Autonomous System Internal connectivity within the AS means:

All routers must be connected Parts of network connected through core AS

(yes, core is an AS!) cannot form an AS All routers must exchange routing information

in order to maintain the connectivity (normally achieved by using a single routing protocol)

Routers inside an AS are called “interior gateway” and the protocol they use is called Interior Gateway Protocol (IGP)


Autonomous System In 1982, the IGP of choice was GGP IGPs in use today are:

RIP OSPF IGRP

Each AS is identified by a 16-bit number

Number is assigned by the numbering authorities


Autonomous System: Benefits Routing overhead is lower Network management becomes easy Easier computation of new routes Distribution of new software versions is

easier Failing elements can be isolated easily AS use an Exterior Gateway Protocol to

exchange information about reachability

jan 29, 2008cs573: network protocols and standards1 nat, dhcp autonomous system network protocols...

Documents

packet slide

source ip

ip ip1

ip address

ip header

destination port

source host

ip datagram header