Network Layer,

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Redirect data gram for the type of service and host

Type 5 code 3 points to a better route to the destination host using the desired TOS level

Router redirect

Type 5 codes 0-3

ARP Stack

- sits at the top of the Link Layer - asks node with target IP to identify itself - uses broadcast to reach all nodes

Subnets & Aggregation

- subnets: internally split up one prefix - aggregation: externally join multiple separate IP prefixes

IPv6 transition: IPv4 tunnelling

- tunnel through IPv4 network - IPv6 packet wrapped in IPv4 packet - difficulty is setting up tunnel endpoints and routing

DHCP Messages: Bootstrap

--> Discover <-- Offer --> Request <-- ACK

DHCP Messages: Renew

--> Request <-- ACK

Binary unmasked bit

0

Private or public 23.234.67.10/8

Public IP Address

Private or public 172.15.54.41/16

Public IP address

Code 1-8

0 = Net Unreachable 1 = Host Unreachable 2 = Protocol Unreachable 3 = Port Unreachable 4 = Fragmentation Needed 5 = Source Route Failed 6 = Destination Net Unknown 7 = Destination Host Unknown 8 = Source Host Isolated

what 3 things is the routing table used for?

1. Determine where the packet wants to go 2. the router reads the first field in the IP header which is the Destination Address 3. It looks in the Net field of its routing table for a match

What are the 3 ways a route can be placed in a routing table?

1. Direct Connection 2. Manually configure 3. Dynamically by using a routing protocol

What are the 2 primary routing protocols?

1. Distance vector 2. Link-state

What are the 5 types of ICMP messages

1. Echo Request/Reply 2. Destination Unreachable 3. Time Exceeded 4. Redirect 5. Router Discovery

What does a ICMP Echo Request packet consist of?

1. Ethernet header 2. IP header 3. ICMP header 4. Undefined data

What are the routing protocols used to connect these routing domains knows as?

Exterior Gateway Protocols (EGP)

Command: netstat -r

Linux and Windows

What form do ICMP messages take?

Specially Formatted IP datagrams with specific associated message types and codes

Netmask on routing list

Lists a subnet mask that informs the host how to determine the network and the host portions of the IP address.

IPv4 Route Table

Lists all known IPv4 routes, including direct connections, local network, and local default routes.

IPv6 Route Table

Lists all known IPv6 routes, including direct connections, local network, and local default routes.

BGP route selection

# Router may learn about more than one route to destination AS. Router must select route. # Route selection rules: 1. local preference value attribute: policy decision 2. shortest AS-PATH 3. closest NEXT-HOP router: hot potato routing 4. additional criteria

Transition from IPv4 to IPv6

# not all routers can be upgraded simultaneously * no "flag days" * how will network operate with mixed IPv4 and IPv6 routers? # tunneling: IPv6 datagram carried as payload in IPv4 datagram among IPv4 routers

OpenFlow protocol

# operates between controller, switch # TCP used to exchange messages * optional encryption # three classes of OpenFlow messages: * controller-to-switch * asynchronous (switch to controller) * symmetric (misc)

What does the TTL determine?

How many routers the request can jump too.

Packet Size: Problem

- how do we connect networks with different sized packets? - split up? - discover largest size to use?

NAT: how it works

- internal/external table - usually combines IP:port -- internal IP and external IP -- too few IPs; ports allows for 1-1 matching

:used for small networks, especially those with less than 250 hosts :1st 3bytes-network address + last byte-the host address :1st 3 bits of 1st byte: 1 1 0 + reminder bits; 0s,1s :all network 192-223

Class C IP address

IP addressing: introduction

# IP address: 32-bit identifier for host, router interface # interface: connection between host/router and physical link * router's typically have multiple interfaces * host typically has one or two interfaces (e.g., wired Ethernet, wireless 802.11) # IP addresses associated with each interface!!!!!!!!!!!!

OSPF (Open Shortest Path First)

# "open": publicly available # uses link-state algorithm * link state packet dissemination * topology map at each node * route computation using Dijkstra's algorithm # router floods OSPF link-state advertisements to all other routers in entire AS * carried in OSPF messages directly over IP (rather than TCP or UDP * link state: for each attached link # hierarchical OSPF in large domains (see next slide) # IS-IS routing protocol: nearly identical to OSPF

Internet inter-AS routing: BGP

# BGP (Border Gateway Protocol): the de facto inter-domain routing protocol * "glue that holds the Internet together" # BGP provides each AS a means to: * eBGP: obtain subnet reachability information from neighboring ASes不同as之间 * iBGP: propagate reachability information to all ASinternal routers.同一个as之间 * determine "good" routes to other networks based on reachability information and policy # allows subnet to advertise its existence to rest of Internet: "I am here"

BGP basics

# BGP session: two BGP routers ("peers") exchange BGP messages over semi-permanent TCP connection: * advertising paths to different destination network prefixes (BGP is a "path vector" protocol) # when AS3 gateway router 3a advertises path AS3,X to AS2 gateway router 2c: * AS3 promises to AS2 it will forward datagrams towards X

IPv6: adoption

# Google: 8% of clients access services via IPv6 # NIST: 1/3 of all US government domains are IPv6 capable

how does an ISP get block of addresses?

# ICANN: Internet Corporation for Assigned Names and Numbers http://www.icann.org/ * allocates addresses * manages DNS * assigns domain names, resolves disputes

Problems with NAT

Makes P2P connections complicated if one of Peer A or Peer B is behind a NAT since the server cannot accept TCP connections for the peer.

Path attributes and BGP routes

# advertised prefix includes BGP attributes * prefix + attributes = "route" # two important attributes: * AS-PATH: list of ASes through which prefix advertisement has passed * NEXT-HOP: indicates specific internal-AS router to nexthop AS # Policy-based routing: * gateway receiving route advertisement uses import policy to accept/decline path (e.g., never route through AS Y). * AS policy also determines whether to advertise path to other other neighboring ASes

Internet approach to scalable routing

# aggregate routers into regions known as "autonomous systems" (AS) (a.k.a. "domains") # intra-AS routing * routing among hosts, routers in same AS ("network") * all routers in AS must run same intra-domain protocol * routers in different AS can run different intra-domain routing protocol * gateway router: at "edge" of its own AS, has link(s) to router(s) in other AS'es # inter-AS routing * routing among AS'es * gateways perform interdomain routing (as well as intra-domain routing)

Intra-AS Routing

# also known as interior gateway protocols (IGP) # most common intra-AS routing protocols: * RIP: Routing Information Protocol * OSPF: Open Shortest Path First (IS-IS protocol essentially same as OSPF) * IGRP: Interior Gateway Routing Protocol (Cisco proprietary for decades, until 2016)

Output ports

# buffering required when datagrams arrive from fabric faster than the transmission rate * Datagram (packets) can be lost due to congestion, lack of buffers # scheduling discipline chooses among queued datagrams for transmission * Priority scheduling - who gets best performance, network neutrality

Output port queueing

# buffering when arrival rate via switch exceeds output line speed # queueing (delay) and loss due to output port buffer overflow!

Other changes from IPv4

# checksum: removed entirely to reduce processing time at each hop # options: allowed, but outside of header, indicated by "Next Header" field # ICMPv6: new version of ICMP * additional message types, e.g. "Packet Too Big" * multicast group management functions

Switching via a bus

# datagram from input port memory to output port memory via a shared bus # bus contention: switching speed limited by bus bandwidth # 32 Gbps bus, Cisco 5600: sufficient speed for access and enterprise routers

Input port queuing

# fabric slower than input ports combined -> queueing may occur at input queues * queueing delay and loss due to input buffer overflow! # Head-of-the-Line (HOL) blocking: queued datagram at front of queue prevents others in queue from moving forward

OpenFlow data plane abstraction

# flow: defined by header fields # generalized forwarding: simple packet-handling rules * Pattern: match values in packet header fields * Actions: for matched packet: drop, forward, modify, matched packet or send matched packet to controller * Priority: disambiguate overlapping patterns * Counters: #bytes and #packets

Interconnected ASes

# forwarding table configured by both intraand inter-AS routing algorithm * intra-AS routing determine entries for destinations within AS * inter-AS & intra-AS determine entries for external destinations

network-layer functions

# forwarding: move packets from router's input to appropriate router output # routing: determine route taken by packets from source to destination * routing algorithms

DHCP: Dynamic Host Configuration Protocol

# goal: allow host to dynamically obtain its IP address from network server when it joins network * can renew its lease on address in use * allows reuse of addresses (only hold address while connected/"on") * support for mobile users who want to join network (more shortly) # DHCP overview: * host broadcasts "DHCP discover" msg [optional] * DHCP server responds with "DHCP offer" msg [optional] * host requests IP address: "DHCP request" msg * DHCP server sends address: "DHCP ack" msg # DHCP can return more than just allocated IP address on subnet: * address of first-hop router for client * name and IP address of DNS sever * network mask (indicating network versus host portion of address)

How does a host get IP address?

# hard-coded by system admin in a file * Windows: control-panel->network->configuration- >tcp/ip->properties * UNIX: /etc/rc.config # DHCP: Dynamic Host Configuration Protocol: dynamically get address from as server * "plug-and-play

IPv6: motivation

# initial motivation: 32-bit address space soon to be completely allocated. # additional motivation: * header format helps speed processing/forwarding * header changes to facilitate QoS IPv6 datagram format: * fixed-length 40 byte header * no fragmentation allowed

Data plane

# local, per-router function # determines how datagram arriving on router input port is forwarded to router output port # forwarding function

OpenFlow abstraction

# match+action: unifies different kinds of devices # Router * match: longest destination IP prefix * action: forward out a link # Switch * match: destination MAC address * action: forward or flood # Firewall * match: IP addresses and TCP/UDP port numbers * action: permit or deny # NAT * match: IP address and port * action: rewrite address and port

NAT: network address translation

# motivation: local network uses just one IP address as far as outside world is concerned: * range of addresses not needed from ISP: just one IP address for all devices * can change addresses of devices in local network without notifying outside world * can change ISP without changing addresses of devices in local network * devices inside local net not explicitly addressable, visible by outside world (a security plus)

IP fragmentation, reassembly

# network links have MTU (max.transfer size) - largest possible link-level frame * different link types, different MTUs # large IP datagram divided ("fragmented") within net * one datagram becomes several datagrams * "reassembled" only at final destination * IP header bits used to identify, order related fragments

Control plane

# network-wide logic # determines how datagram is routed among routers along end-end path from source host to destination host # two control-plane approaches: * traditional routing algorithms: implemented in routers * software-defined networking (SDN): implemented in (remote) servers

MTU

Maximum Transmission Unit

Switching via interconnection network

# overcome bus bandwidth limitations # banyan networks, crossbar, other interconnection nets initially developed to connect processors in multiprocessor # advanced design: fragmenting datagram into fixed length cells, switch cells through the fabric. # Cisco 12000: switches 60 Gbps through the interconnection network

Why different Intra-, Inter-AS routing ?

# policy: * inter-AS: admin wants control over how its traffic routed, who routes through its net. * intra-AS: single admin, so no policy decisions needed # scale: * hierarchical routing saves table size, reduced update traffic # performance: * intra-AS: can focus on performance * inter-AS: policy may dominate over performance

Switching fabrics

# transfer packet from input buffer to appropriate output buffer # switching rate: rate at which packets can be transferred from inputs to outputs * often measured as multiple of input/output line rate * N inputs: switching rate N times line rate desirable # three types of switching fabrics

Network layer

# transport segment from sending to receiving host # on sending side encapsulates segments into datagrams # on receiving side, delivers segments to transport layer # network layer protocols in every host, router # router examines header fields in all IP datagrams passing through it

SDN: control/data plane interaction example

(1)S1, experiencing link failure using OpenFlow port status message to notify controller (2)SDN controller receives OpenFlow message, updates link status info (3)Dijkstra's routing algorithm application has previously registered to be called when ever link status changes. It is called. (4)Dijkstra's routing algorithm access network graph info, link state info in controller, computes new routes (5)link state routing app interacts with flow-table-computation component in SDN controller, which computes new flow tables needed (6)Controller uses OpenFlow to install new tables in switches that need updating

Communication with Destination Host is Prohibited Administratively

(Code = 10) - sent by a router that's configured to block access to the destination host

Communication with Destination Network is Prohibited Administratively

(Code = 9) - sent by a router that's configured to block access to the destination network

Communication Administratively Prohibited

(Type = 3, Code = 13) - a filtering policy prohibits forwarding the packet

Fragmentation Needed and DF Was Set

(Type = 3, Code = 4) - sent when a router needs to fragment a packet but can't

Source Route Failed

(Type = 3, Code = 5) - sent by a router that can't use strict or loose source routing path specified

IPv6: address size

- 128 bits - 8 groups of 4 hex digits - omit leading zeros, groups of zeros

IPv4: address length

- 32 bits - dotted quad notation: four 8-bit numbers separated by dots

What are some characteristics of the network service model?

- Guaranteed Delivery: Packet will eventually arrive at its destination - Guaranteed Delivery with bounded delay: Packet will arrive at its destination within a certain time frame - In-order Packet Delivery: Packets will arrive in the order they were sent - Guaranteed minimal bandwidth - Guaranteed maximum jitter: The time between the transmission of two successive packets is nearly equal / equal to their receipt at the destination. - Security Services

IP Forwarding

- IP addresses on one network belong to the same prefix

IP: Traceroute

- IP header contains TTL field - decremented every router hop - sends ICMP error if his zero - identifies routers on the path

Routing: scaling techniques

- IP prefixes: route to block of hosts - Network hierarchy: route to network regions - IP prefix aggregation: combine, and split, prefixes

Problems with IPv6

- Large 2^64 subnets potentially takes years to scan - If attacker Trudy gains access to subnet, she can identify other hosts on the local subnet - IPSec is overly complex / overengineered can hinder IPv6 security if used - MitM attack - IPv4 only nodes will be unable to handle IPv6 node features (ICMPv6, IPv6 packets)

List some methods to transition from IPv4 to IPv6

- Shutdown the entire internet and change all IPv4 notes to IPv6: NOT VIABLE - Dual Stack Approach: Create nodes that support both IPv4 and IPv6 - Tunneling: If there are IPv4 routers between IPv6 routers, encapsulate the IPv6 datagram into a IPv4 datagram, then extract it back upon receiving the IPv6 datagram

ICMP Message Format

- Type, Code, Checksum - carried in an IP packet

IP address/length notation

- address is lowest address in prefix - length is prefix bits

IP Prefixes

- addresses allocated in blocks called prefixes - addresses in an L-bit prefix have the same top L bits - there are 2^(32-L) addresses aligned on the 2^(32-L) boundary

NAT: box

- connects an internal network to an external network - many hosts connected using few external addresses - motivated by IP address scarcity

Routing Algorithms: goals

- correct - efficient - fair - fast convergence - scalability

Network Service Models

- datagrams / connectionless - virtual circuits / connection oriented

Routing Algorithms: rules

- decentralised, distributed setting - all nodes alike/equal - nodes information gleaned from neighbours - nodes operate concurrently - node/message/link failures possible

MTU: path to discovery

- discover MTU that will fit (avoid router fragmentation) - host tests path with large packet - routers provide feedback with size that would fit

Packet Size: Solutions

- fragmentation: split up large packets in the network - discovery: find the largest packet that fits on the network path and use it

Datagram Model: forwarding table

- gives next hop for each destination - may change

about IPv4

- length of IPv4 is variable; not all fields need to change - fields are measured in terms of 32-bit words - Shortest IPv4 header: 20 bytes + IP Header Length (IHL) would be 5; 20*8/32=5 -header is followed by variable data field that is a multiple of 8 bits with a maximum length of 65,535 octets

Prefix Specificity

- more specific (long prefix): fewer addresses - less specific (short prefix): longer addresses

DHCP Bootstrap

- node broadcasts message to network - message is all 1s (bits)

Datagram Model: how it works

- packet contains final address - each router uses this to forward packet to next step - each packet may take a different route

Virtual Circuit Model: how it works

- packet contains short label identifying circuit - label is unique for link (and temporary) - packets all follow the same route - each routers has a forwarding table keyed by circuit

ICMP: error reporting

- router encounters error while forwarding - send ICMP error report to IP source address - discards problematic packet - host needs to rectify

Host vs. Router

- routers do the routing and know all the ways to the destination - Hosts send remote traffic (out of prefix) to nearest router

Store and Forward Packet Switching

- routers receive complete packet - stores temporarily (if necessary) before forwarding

IPv4: Fragmentation

- sending router fragments the packet - receiving host reassembles the packet

Binary masked bit

1

Unicast

1 to 1 IP communications

Virtual Circuit Model

1) connection establishment - circuit set up - path is chosen - circuit info stored in routers 2) data transfer - packets forwarded along the path 3) Connection teardown - circuit information removed from servers Statistical sharing of links/no bandwidth needs to be reserved

Class A IPv4

1-126

What parameters are available with TraceRoute (cmd letters)

1. -d : Which instructs TR to not perform a DNS reverse query on the routers 2. -h max_hops: Where max_hops defeines the Max TTL to user 3. -w timeout: Timeout indicates how long to wait for a reply before displaying an asterick

Name 3 aspects of a VC Network

1. A path between source and destination hosts 2. VC numbers where each link is given a number 3. Entries in the forwarding table in each router

What do ICMP Router Advertisements do?

1. Configurations to send periodic ICMP Router Advertisement packets 2. They allow hosts to passivly learn about variable routes

Four steps of DHCP (hint: DORA)

1. DHCP Discover Message - Client connects to DHCP server by sending an encapsulated UDP packet containing destination address 255.255.255.255 and source IP address 0.0.0.0 which is passed to the link layer. 2. DHCP Offer Message - DHCP sends offer message upon receiving discover message containing proposed IP address for client, network mask, and IP address lease time (how long IP address will be valid) 3. DHCP Request Message - Client will receive several server offers and respond with this message that echoes back config parameters 4. DHCP ACK - Server responds to DHCP request with ACK message confirming requested parameters

What is MTU?

Maximum Transmission Unit is the maximum amount of data that a link-layer frame can carry

Describe the process of forwarding packets from Host A to Host B

1. Host A takes segments from transport layer and encapsulates each segment into a datagram 2. Datagrams are sent to its nearby router R1 3. Host B's nearby router R2 receives the datagrams 4. R2 extracts the transport layer segments from the datagrams and delivers the segments up to the Transport Layer of Host B

Three components of Internet's network layer

1. IP (Internet Protocol) 2. Routing protocol 3. ICMP (Internet Control Message Protocol)

What does a PING packet contain?

1. Identifier field set to 256 2. first echo sent the sequence number value is set to a multiple of 256 3. datafield contains the value = "abcdefghijklmnopqrstuvwabcdefghi"

What are the 3 types of routing operations BGP offers?

1. Inter-autonomous system routing 2. Intra-autonomous system routing 3. Pass-through autonomous system routing

what do routes consist of?

1. Network Address 2. Various metrics 3. vendor-specific information

What information does the ICMP layer provide?

1. Network Connectivity 2. Errors 3. Routing

What are 2 troubleshooting ways that can be used through ICMP

1. Ping 2. TraceRoute

what are the 2 most common IGPs ?

1. RIP (Version 1 and 2) 2. OSPF

Why don't packets just share the same VC number across each link?

1. Replacing the number from link to link decreases the size of the VC field in the packet header (since it can change the VC number to a smaller value) 2. Sharing the same VC number across all links can be very slow and complicated since each router would have to send messages to each other to agree on a common VC number. It's more efficient to have all links independently choose a VC number.

What are routing protocols used for?

1. Share information about the various networks on an internetwork 2. They are used to get packets through an internetwork

Distance Vector Protocols

1. Simplest Protocol 2. Uses end to end hop counts to compare routes

What else can the ICMP layer do?

1. Test network reachability 2. Discover the MTU 3. Discover routers or default gateways

How do Link-State Routing Protocoals differ from distance vector routing protocols?

1. They do not route by rumor 2. They do not periodically broadcast their entire table to all know routers

ICMP packets contain what 3 required fields after the IP header?

1. Type 2. Code 3. Checksum

What are the 2 versions of RIP

1. Version 1 : sends broadcast updates 2. Version 2 : supports non-default subnet masks, can send multicast updates

Message format

1.An ICMP message consist of a 8 byte header and a variable size data section 2.Each field in the message format of ICMP messages is defined as a).Common field for all message types b).Specific field for message types

Types of error handling messages

1.Destination unreachable 2.Source quench 3.Time exceeded 4.Parameter problems 5.Redirection

Types of query messages

1.Echo request and reply 2.Time stamp request and reply 3.Address mask request and reply 4.Router solicitation and reply

Types of ICMP messages

1.Error reporting messages 2.Query messages

Blackhole routers

May have icmp blocked for security reasons - providing no feedback

Error reporting

1.Error reporting messages are used to report problems that a router or a host encounters when it processes an IP packet 2.ICMP always reports error messages to the original source,because the only information available in the datagram about the route is the source and destination IP address 3.ICMP wont be used for correcting errors,it is simply used for reporting them

Query messages

1.ICMP is also used to diagnose some network problems,in addition to error reporting messages.This can be done by using query messages 2.A node sends a message that is answered in a specific format by the destination node 3.A query message is encapsulated in an IP packet,which in turn encapsulated in a data link layer frame

Introduction

1.ICMP stands for Internet Control Message Protocol 2.The Internet Control Message Protocol (ICMP) is a supporting protocol in the Internet protocol suite. It is used by network devices, including routers, to send error messages and operational information indicating 3.ICMP is designed to compensate for the deficiencies of IP

Private IP Class a reserved addresses

10.0.0.0-10.255.255.255

loop back address

127.0.0.0/8

IPv6: address length

128 bits

IPV6 address size

128 bits, 340,282,366,920,938,463,463,374,607,431,768,211,456, or 340 undecillion addresses,

10000000

128 in binary

Class B IPv4

128-191

Private IP Class B reserved addresses

172.16.0.0-172.31.255.255

11000000

192 in binary

Class C IPv4

192-223

Private IP class C reserved addresses

192.168.0.0-192.168.255.255

@static length: all the subnets in the network use the same subnet mask @variable length: allows the subnets that make up the network to use different subnet masks - A small subnet with only a few hosts needs a subnet mask that accommodates only these hosts - A subnet with many hosts may need a different subnet mask to accommodate the hosts -** it is possible to define adequate hosts for each subnet by changing the subnet mask for each network ** Routing protocols RIP version 2 and OSPF support both

2 types of subnetting

Interface List

Lists the Media Access Control (MAC) address and assigned interface number of every network-capable interface on the host including Ethernet, Wi-Fi, and Bluetooth adapters.

11100000

224 in binary

Class D

224-239 used for multicast testing

11110000

240 in binary

Class E

240-255, reserved for future use

11111000

248 in binary

11111100

252 in binary

11111110

254 in binary

Default subnet mask for Class A

255.0.0.0

Default subnet mast for Class B

255.255.0.0

Default subnet mast for class C

255.255.255.0

-Expedited Forwarding PHB; -Assured Forwarding PHB -Default PHB

3 PHBs have been defined by the IETF:

IPv4 packet address

32 bit address on each packet

How many bytes of data is an ICMP Echo request

32 bytes

IPV4 address size

32-bit, 4,294,967,296 unique addresses, Of these, only 3.7 billion addresses are assignable

32 bits

4 sets of 8 bits make up an IP address

classes A, B, C, D, E

5 classes of IP addresses:

What port number does RIP based routers send and receive on?

520

What is the original RFC?

792

Code 9-15

9 = Communication with the destination network is Administratively prohibited 10 = Communication with the destination Host is Administratively prohibited 11 = Destination Net Unreachable for type of service 12 = Destination Host unreachable for Ype of Service 13 = Communication Admin Prohibited 14 = Host Precedence Violation 15 = Precedence cutoff in effect

0.0.0.0

A basic statement allowing IP addresses that do not match the network or routing table to go to the default gateway

Logically centralized control plane

A distinct (typically remote) controller interacts with local control agents (CAs)

Destination Unreachable

A family of messages - sent by a TCP/IP host that encounters a network configuration or service failure Addresses a variety of situations in which a packet becomes undeliverable (Type = 3, Code = 0-15) Provide useful feedback about packet delivery/security issues - used widely by techs and security personnel Can be used by attackers - to determine live hosts and ports that are left open on the network

Define forwarding table

A forwarding table, present in all routers, is used to index the header value of a packet which determines the router's outgoing link interface to which that packet is to be forwarded.

Packet

A piece of a message transmitted over a packet-switching network. See under packet switching

How a router works?

A router uses the information in the routing table to determine the best path to reach those destinations.

Internet routing table expansion

A routing table is used by routers to make best path determinations. As the number of servers (nodes) connected to the Internet increases, so too does the number of network routes. hese IPv4 routes consume a great deal of memory and processor resources on Internet routers.

received Reply

A successfully _________ indicates that packets can be delivered to the destination host and back

ARP

Address Resolution Protocol

the network layer uses four basic processes:

Addressing end devices Encapsulation Routing De-encapsulation.

When is the process guaranteed to converge in distance vector routing (regarding metrics)?

All nodes minimise same metric, this metric increases around loops

Enablepmtubhdetect

Allows for detecting routers that discard packets without sending notifications

Route Tracing

Allows for mapping a path between two hosts - with L3 devices' traversed along the path displayed

Interface on routing list

Lists the address of the physical interface used to send the packet to the gateway that is used to reach the network destination.

The Vector Network converges more slowly than the Link-State Network

True

constant and variable

An ICMP header includes a mandatory ________ portion and optional ___________ portion

:used for multicast groups :no network address <= multicast address are not location dependent (network address specifies the location of the network) :1st 4 bits of 1st byte: 1 1 1 0 :all network 224-239

Class D IP address

: reserved for future use : may never be used as a result of IPv6 -1st 5bits of 1st octet: 1 1 1 1 0; thus 1st octet starts from 240

Class E IP address

Classless IP addressing

Any network number can use any subnet mask.

Lack of end-to-end connectivity

However, because the public IP address is shared, the IP address of an internal network host is hidden. This can be problematic for technologies that require end-to-end connectivity.

:used for large networks :first byte-network address field + three bytes-the host address field :1st bit of 1st byte: 0 + next 7 bits; 0s,1s :all network 0-127

Class A IP address

:used for medium-sized networks :1st 2 bytes-network address field + 2nd 2 bytes-the host address :1st 2bits of 1st byte: 1 0 + next 14bits; 0s,1s :all network 128-191

Class B IP address

Class you would use for a small home network

Class C

:defined for customers who need reliable service from their ISPs even in times of network congestion -First 3 bits (bits 0, 1 and 2) define the priority class -Bits 3 and 4 specify the drop percentage -Bit 5 is always 0

Assured forwarding PHB

APIPA

Automatic Private IP addressing. is on the 169.254.0.0 network. occurs when a client cannot contact the DHCP server.

What are the different types of switches?

Backbone, edge, border, core, edge

Name three service models

Best Effort: Basically euphemism for "no service at all" ABR: Available Bit Rate: Average service CBR: Constant Bit Rate: Best service

advantages of IPv6 simplified header

Better routing efficiency for performance and forwarding-rate scalability No requirement for processing checksums Simplified and more efficient extension header mechanisms (as opposed to the IPv4 Options field) A Flow Label field for per-flow processing with no need to open the transport inner packet to identify the various traffic flows

192.168.10.255

Broadcast

What are the ways a node might send info to more than one destination?

Broadcast - send to all Multicast - send to all members of a group Anycast - send to any member of a group

CIDR

CIDR: Classless InterDomain Routing # subnet portion of address of arbitrary length # address format: a.b.c.d/x, where x is # bits insubnet portion of address

ISPs

Carriers

CIDR

Classless Interdomain Routing. States the number of masked bits in the subnet mask.

CIDR: /28

Classless inter-domain routing notation identifies how many total bits identify network mask

0x00

Code value for both ICMP Request and Reply

13

Communication Admin Blocked

Define Virtual Circuit Network (VC Networks)

Computer networks that only provide a connection service in the network layer

Define Datagram Networks

Computer networks that provide only connectionless service in the network layer

Edge router

Connect different AS's together

Define connection setup

Connection setup is how routers establish a connection between each other before packets can be sent.

The basic characteristics of IP are

Connectionless Best Effort (unreliable) Media Independent

what type of process is an ICMP Echo request?

Connectionless Process

Destination IP Address in IPv4

Contains a 32-bit binary value that represents the destination IP address of the packet.

Source IP Address in IPv4

Contains a 32-bit binary value that represents the source IP address of the packet.

Version in IPv4

Contains a 4-bit binary value identifying the IP packet version. For IPv4 packets, this field is always set to 0100.

Internet Header Length (IHL) in IPv4

Contains a 4-bit binary value identifying the number of 32-bit words in the header. The IHL value varies due to the Options and Padding fields. The minimum value for this field is 5 (i.e., 5×32 = 160 bits = 20 bytes) and the maximum value is 15 (i.e., 15×32 = 480 bits = 60 bytes).

Time-to-Live (TTL) in IPv4

Contains an 8-bit binary value that is used to limit the lifetime of a packet.It is specified in seconds but is commonly referred to as hop count.

Payload

Contains the Layer 4 segment information and the actual data.

DHCP Stack

DHCP UDP IP Ethernet

SDN perspective: data plane switches

Data plane switches # fast, simple, commodity switches implementing generalized dataplane forwarding (Section 4.4) in hardware # switch flow table computed, installed by controller # API for table-based switch control (e.g., OpenFlow) * defines what is controllable and what is not # protocol for communicating with controller (e.g., OpenFlow)

the best-effort service where a node tries to deliver as many packets with the default marking as soon as possible -codepoint is 000000

Default PHB

127.0.0.1

Default loopback address. used for testing only, cannot be configued as an ip address on a client.

What happens when the TTL value reaches zero?

Deletes the packet Optionally notify the sender that the packet was deleted

Source quench

Type 0x04 code 0x00

0

Destination Network Unreachable

3

Destination Unreachable

3

Destination Unreachable Host/Network

1

Destination host unreachable

What do packets contain?

Destination identifier, source identifier, payload (info about layers, about transport, application)

:DiffServ Code Point (DSCP); used to provide QoS -6bits :explicit congestion notification (ECN); used for flow control -last 2 bits

DiffServ field is subdivided into two parts:

The local table of the host typically contains:

Direct connection

Two types of routes found on a routing table

Directly-connected routes Remote routes

What algorithm can you use to compute the shortest paths between nodes in link state routing?

Djikstra

DHCP

Dynamic Host Configuration Protocol

Router solicitation

Type 10 code 0. A host has no default gateway and may send icmp solicitation at boot

In link state routing, how does every node knows the topology (map) of the whole network?

Each node floods its local link state - on receiving a new LS message, routers forward the message to all its neighbours apart from the one it received the message from. Can now find the shortst path.

Link state routing

Each node maintains its local link state - a list of its directly attached links and their costs. Each node forwards info it knows onto next nodes it didn't receive data from.

hop

Each route the packet takes to reach the destination host

Generalized Forwarding and SDN

Each router contains a flow table that is computed and distributed by a logically centralized routing controller

8

Echo

0

Echo Reply Packet

0 -> 8

Echo Reply from Echo Request

8

Echo request Packet

Enablepmtudiscovery

Enables or disables pmtu discovery on the host

what does EIGRP stand for?

Enhanced Interior Gateway Routing Protocol

What does the Checksum field provide?

Error detection for the ICMP header

What is the mathematical principle behind distance vector routing?

Eventually ask nodes will converge to the same route if nodes keep making updates

Distance vector routing

Every node can talk to its immediate neighbours, providing updates about the "whole" network to its neighbours

Define connection state information

Every time a connection is established or released, the forwarding table entry must be updated.

Consider a datagram that is 1500 bytes long that needs to travel through a network with MTU of 620 bytes (Assume no options used=the header is 20 bytes long + at most 600 bytes of the data can be accommodated in a packet) the original packet will be divided into three fragments: -Fragment 1 (offset 0) has 600 bytes; Fragment 1 (Offset 0/8 = 0) -Fragment 2 (offset 600) has 600 bytes; Fragment 2 (Offset 600/8 = 75) -Fragment 3 (offset 1200) has 300 bytes; Fragment 3 (Offset 1200/8 = 150) *Each fragment contains a header that duplicates most of the original header (20bytes in this case)

Example of MTU Practice

Describe IPv6 format

Expanded Addressing: Source and destination address increased from 32 to 128 bits Streamlined 40-byte header: Faster processing for each IP datagram Flow label and priority: Describes what kind of data will be sent (e.g. video treated as flow, emails not flow). This label specifications are still being discussed today. BIG DIFFERENCES: - No more fragmentation, packet is dropped if too large for the output link of the router - No more checksum since Transport Layer already handles this function - No more options field

describes a mechanism to build low-loss, low-delay, low-jitter, assured bandwidth E2E service within a particular DS domain : used for a traffic class that is required to be granted enough resources to ensure that it receives its minimum guaranteed rate : ex; voice :codepoint is 000010

Expedited Forwarding PHB

allows end-to-end notification of network congestion without dropping packets -00: indicates that the node is non-ECN capable, or non-ECN transport (Non-ECT) -01: ECN capable transport, ECT(0) -10: ECN capable transport, ECT(1) -11: Congestion encountered (CE)

Explicit Congestion Notification (ECN)

ICMP type numbers

ICMP type numbers

Differentiated Services (DS) in IPv4

Formerly called the Type of Service (ToS) field, the DS field is an 8-bit field used to determine the priority of each packet. The first 6 bits identify the Differentiated Services Code Point (DSCP) value that is used by a quality of service (QoS) mechanism. The last 2 bits identify the explicit congestion notification (ECN) value that can be used to prevent dropped packets during times of network congestion.

What do switches do?

Forward packets

Forwarding is carried out in the ... plane whilst routing is carried out in the .... plane?

Forwarding - data plane Routing - control plane

Driving Analogy for forwarding and routing

Forwarding is the process of getting through a single street while routing is the process of planning how to get from starting point to destination.

Difference between fowarding and routing

Forwarding is the transfer of a packet from an incoming link to an outgoing link within a SINGLE router. "Picking which output link to use from the given input" Routing involves ALL network routers that use routing protocols to determine the paths that packets take from source to destination. "Finding the overall path"

Imagine that you are a router and you receive a IP datagram that is larger than the output link's MTU. What do you do?

Fragment the data of the IP datagram into 2 smaller datagrams and send both of these smaller fragments to the output link.

In an IP router, does the software or hardware implement the data plane, where per-packet processing is carried out (implements what is in the routing table)?

Hardware

10

Host Admin Blocked

7

Host Unknown

Code 1

Host Unreachable

indicates the IP version number

IPv4 header-version 4bits

Why change from IPv4 to IPv6?

IPv4 is running out of available addresses. IPv6 addresses are increased from 32 to 128 bits.

Integrated security

IPv6 natively supports authentication and privacy capabilities.

Fields used in IPV4 Headings when a packet has to be fragmented due to MTU

Identification Flags Fragment Offset

IP Header

Identifies the packet characteristics.

Why is there an issue of there being an inconsistent link-state database in link state routing?

If a link goes down, some routers would know about failure before others - the shortest paths are therefore no longer consistent, causes loops

Parameter problem

If a router or the destination host discovers an ambiguous or missing value in the field of the datagram,it discards the datagram and sends the parameter message back to the source

Gateway on routing list

Lists the address used by the local computer to get to a remote network destination. If a destination is directly reachable, it will show as "on-link" in this column.

IPv4 packet has two parts

IP Header Payload

A remote host is determined by

IP address and subnet mask of the destination device.

Limitations of IPV4

IP address depletion Internet routing table expansion Lack of end-to-end connectivity

: the concept of networks and hosts (A host is any device on the network that can transmit and receive IP packets : IP address permits to be uniquely identified

IP addressing

ICMP

IP protocol for error and information messages (ping)

-Each byte of the address is represented by its decimal value and the different values are separated by dots in the form a.b.c.d -Valid IP addresses range from 0.0.0.0 to 255.255.255.255

IP version 4, IPv4, Addressing

used to define quality of service (QoS) for different network applications

IPv4 header-DSCP (Differentiated Services Code Point) 6bits

indicates the final destination of the packet

IPv4 header-Destination address 32bits

used to practice end-to-end notification of network congestion without dropping packets

IPv4 header-ECN (Explicit Congestion Notification) 2bits

:used to control or identify fragments :They are (in order, from most significant to least significant) -bit 0: Reserved and must be set to zero -bit 1: Don't Fragment (DF); f the DF flag is set, and fragmentation is required to route the packet, then the packet is dropped -bit 2: More Fragments (MF) : flags are used to fragment and reassemble packets *fragment(n)a part broken off; a small, detached portion; an imperfect part

IPv4 header-Flags 3bits

indicates where this fragment belongs in original packet; measured in 64-bit (or 8-byte) units : flags are used to fragment and reassemble packets

IPv4 header-Fragment Offset 13bits

used for error detection of the header

IPv4 header-Header Checksum 16bits

indicates packet header length in 32-bit words

IPv4 header-IHL (IP Header Length) 4bits

indicates which packet fragments belong together to avoid mismatch; it is incremented with each packet transmitted : flags are used to fragment and reassemble packets

IPv4 header-Identification 16bits

used to encode options requested by sender and is particularly used for source routing in which the IP addresses to visit are placed in the field. (Field may be empty)

IPv4 header-Options variable

used to ensure that packet header is a multiple of 32 bits

IPv4 header-Padding variable

indicates the higher-level protocol (TCP or UDP) should receive packet

IPv4 header-Protocol 8bits

indicates the originator of the packet

IPv4 header-Source address 32bits

indicates amount of time packet is allowed to stay in network

IPv4 header-Time to Live 8bits

specifies packet length in bytes of the header and data

IPv4 header-Total length 16bits

Gateway

Lists the address used by the local host to forward packets to a remote network destination. On-link indicates that the host is currently connected to it.

Roundabout Analogy for input ports, output ports, and switching fabric (Router Architecture)

Imagine a roundabout with an attendant at its entry station. The car arrives at the roundabout and the attendant looks up your final destination and tells you which roundabout exit to take. You then go through the roundabout and take the corresponding exit. Entry station is the input ports Roundabout is the switching fabric Roundabout Exit is the output ports

De-encapsulation

If the destination IP address within the header matches its own IP address, the IP header is removed from the packet. After the packet is de-encapsulated by the network layer, the resulting Layer 4 PDU is passed up to the appropriate service at the transport layer.

In connectionless the sender doesn't know?

If the receiver is present If the packet arrived If the receiver can read the packet

What is the problem with distance vector routing?

If use maximum capacity metric, cost doesn't change around loop - so might send back round due to link being max capacity and looping round. Routers might lie.

ICMP

Internet Control Message Protocol: Used with devices to communicate to each other. Ping is part of ICMP. Devices automatically use ping to ensure devices are connected.

Metric on routing list

Lists the cost of each route and is used to determine the best route to a destination.

Metric

Lists the cost of each route to a destination. Lower numbers indicate preferred routes.

What is difference between forwarding and routing in terms of routers communicating?

In forwarding, individual routers use the routing state to send packets on - has to happen whenever packets arrive. Whereas in routing, route is established already, packet only has to follow on that path.

History of IPV6

In the early 1990s, the Internet Engineering Task Force (IETF) grew concerned about the issues with IPv4 and began to look for a replacement

Improvements in IPV6

Increased address space Improved packet handling Eliminates the need for NAT Integrated security

Per-router control plane

Individual routing algorithm components in each and every router interact in the control plane

Name four components of a router

Input Ports: Performs the lookup function via forwarding table to determine which output port will be used for an incoming packet. Switching Fabric: Connects input ports to output ports Output Ports: Stores packets received from the switching fabric and transmits packets to output port Routing Processor: Executes routing protocols and maintains routing tables

What constitutes the data plane in a router?

Input linecards, interconnect fabric, output linecards

Describe how the forwarding table is setup when the address is 32-bits

Instead creating a forwarding table that's 2^32 entries, you can split the address into ranges. Look at the diagram below

3 sections of routing menu

Interface List IPv4 Route Table - Lists all known IPv4 routes, including direct connections, local network, and local default routes. IPv6 Route Table - Lists all known IPv6 routes, including direct connections, local network, and local default routes.

Define interface

Interface is the boundary between the host and its physical link. IP addresses are assigned to each interface. Since routers have multiple links, routers need multiple interfaces to use those links.

What are the routing protocols used inside a routing domain

Interior Gateway Protocols (IGP)

What are Exterior Gateway Protocols also known as?

Interior-Domain Routing Protocols

What are nterior Gateway protocols also know as?

Interior-Domain Routing Protocols

ICMP

Internet Control Message Protocol

What does ICMP stand for?

Internet Control Message Protocol

Redirect data gram for the network

Type 5 code 0 points to a better route to the destination network

The fields used to identify and validate the packet include:

Internet Header Length (IHL) eferred to as the Packet Length, this 16-bit field defines the entire packet (fragment) size, including header and data, in bytes. The minimum length packet is 20 bytes (20-byte header + 0 bytes data) and the maximum is 65,535 bytes. Header Checksum - The 16-bit field is used for error checking of the IP header. The checksum of the header is recalculated and compared to the value in the checksum field. If the values do not match, the packet is discarded.

IP

Internet Protocol

2 most common network layer protocols

Internet Protocol version 4 (IPv4) Internet Protocol version 6 (IPv6)

IF

Lists the interface numbers from the Interface List section of the netstat -r command. The interface numbers correspond to the network capable interface on the host, including Ethernet, Wi-Fi, and Bluetooth adapters.

Echo request and reply

It is used for diagnosis.This pair of messages are used by the network managers and users to identify the network problems

Time stamp request and reply

It is used to determine RTT needed for an IP datagram or synchronize the clocks in 2 machines

Address mask request and reply

It is used to know network address,subnet address and host ID

Router solicitation and advertisement messages

It is used to know the address of routers connected and to know if they are alive and functioning

Redirection

It is used to update the routing table of the host

IP was designed as a protocol with low overhead means what?

It provides only the functions that are necessary to deliver a packet from a source to a destination over an interconnected system of networks. The protocol was not designed to track and manage the flow of packets

A host can send a packet to

Itself,locally,and remotely

Difference between link state vs distance vector in terms of immediate neighbours?

LS - tell all nodes about your immediate neighbours vs in DV, just tell immediate neighbours about least cost distance to all nodes.

Disadvantages of LS over DV

LS has higher messaging overhead (lots of info from telling all nodes), LS has higher processing complexity (has to be done in all routers)

Advantages of LS over DV

LS is less vulnerable to looping - nodes have global info linking

Difference between Link State Routing algorithm and Distance Vector algorithm

LSR = centralised solution, each node tries to find its own best route to the next place vs distance vector is a distributed protocol where nodes collectively try to find best route to destination.

What's inside a router?

Linecards for input, route/control processor, interconnect (switching fabric), linecards for output

LSP

Link State Package

What are the intra-domain routing protocols that each AS runs?

Link State protocol (e.g. Open Shortest Path First), Distance vector protocol (e.g. Routing Info Protocol)

Network Destination

Lists the reachable networks.

Network Destination on routing list

Lists the reachable networks.

Routing Table

MAC table is data link layer Routing Table is network layer. Routing tables use IP addresses

tracert

MS trace route command

Define network service model

The network service model defines the characteristics of end-to-end transport of packets between sending and receiving end systems.

What are some functions of the Network Layer?

Services provided to the transport layer Routing Connection Management (if applicable) Flow Control Error Control Node Identification (Addressing) Segmentation / Reassembly

What metrics might you use in distance vector routing?

Minimise latency, minimise loss rate, minimise price

224-239.0.0.0

Multicast IP range Class D

Generically speaking, what is the point of the network layer?

Naming + addressing

Code 0

Net Unreachable

NAT

Network Address Translation

9

Network Admin Block

6

Network Unknown

Does flooding happen in distance vector routing, and if not what happens instead?

No - instead each router exchanges distance vector info (provisional shortest paths to each other router) with its neighbouring routers

Connectionless

No connection with the destination is established before sending data packets. requires no initial exchange of control information to establish an end-to-end connection before packets are forwarded

Are the fields that fallow the CheckSum field always the same?

No they vary depending on the particular ICMP message that is sent

Router capacity formula

No. of external router ports * speed (line rate) of a port

What happens if the router malfunctions in DV?

Node can advertise incorrect path cost, each nodes''s table is used by others and the error propagates through the network :( the lie spreads...

What happens if the router malfunctions in LS?

Nodes can advertise incorrect link cost, each node computes only its own table

legacy network layer protocols

Novell Internetwork Packet Exchange (IPX) AppleTalk Connectionless Network Service (CLNS/DECNet)

Size of distance vector

Number of routers in the network

Message complexity in DV

O(#iterations * E)

Processing complexity in DV

O(#iterations * N)

How many messages are needed to flood link state messages

O(N * E) where N = no. nodes, E = no. edges in graph

How many entries are there in the forwarding table

O(N)

Message complexity in LS

O(N*E) messages

Processing complexity in LS

O(N^2)

10.0.0.0

Private Class A

172.16-31.0.0

Private Class B

192.168.0-255.0

Private Class C

Private or public 192.168.1.8/24

Private IP Address

Multicast

One to a group IP communications

Broadcast

One to many IP communications

What information is contained in a ICMP error report

Only information about processing of NON-ICMP IP datagrams

Media Independent

Operation is independent of the medium carrying the data.

Best Effort (unreliable)

Packet delivery is not guaranteed. IP does not have the capability to manage and recover from undelivered or corrupt packets. There is no synchronization data included in the packet header for tracking the order of packet delivery. There are also no acknowledgments of packet delivery with IP, and there is no error control data to track whether packets were delivered without corruption.

What is the basic transport unit (PDU) of the Network Layer?

Packets / Datagrams

12

Parameter Problem

What are the inter-domain protocols that establish routes between domains (i.e. AS's)?

Path vector e.g. Borer Gateway Protocol (BGP)

Destination unreachable fragmentation needed and don't fragment was set

Pmtu the router discards the packet if it is too large.

What is the problem with using metrics in distance vector routing?

Problem is if nodes use different criteria e.g. routing algorithm where paths are describes by delay, cost, loss.

Linecards for output

Processes packets before they leave

Linecards for input

Processes packets on their way in

How can you see ICMP messages?

Protocol Analyzers

Dynamic Host Configuration Protocol (DHCP)

Protocol that allows a host to obtain IP address automatically. Can be configured so host receives same or different IP address upon every connection

Internet Control Message Protocol (ICMP)

Protocol used by hosts and routers to communicate messages (typically error messages) to each other.

Route/control processor

Pushes forwarding tables to the linecards, making decisions over long time horizons (network change)

How might you combine more than one metric that you are trying to maximise/minimise?

Put weights next to each of metrics

Routing algorithm classification

Q: global or decentralized information? global: # all routers have complete topology, link cost info # "link state" algorithms decentralized: # router knows physicallyconnected neighbors, link costs to neighbors # iterative process of computation, exchange of info with neighbors # "distance vector" algorithms Q: static or dynamic? static: # routes change slowly over time dynamic: # routes change more quickly * periodic update * in response to link cost changes

a term used to characterize the performance of a network as seen by the users of the network

Quality of service (QoS)

5

Redirect

Autonomous System (AS)

Region of a network under a single administrative entity

Describe: Redirect

Reports alternate more optimal routes

Describe: Destination Unreachable

Reports on reasons why a network not is inaccessible. Important for troubleshooting

Interior routers in an AS

Responsible for constructing and updating the forwarding tables at routers

What constitutes the control plane in a router?

Route/control processor - part of network that deals with paths between hosts. Routing protocols are also part of the control plane, establishing paths between nodes.

10

Router solicitation

How do routers determine whether the arriving datagram is whole or a fragment?

Routers check the identifier, flags, and fragmentation offset of the datagram. The identification number identifies whether the datagrams is whole or fragmented. The offset specifies where the fragment fits in the original IP datagram. The flag bit is 1 if fragmented and flag bit is 0 if it is the last fragment.

Local network route

The network which the host is connected to is automatically populated in the host routing table.

What does adding weighted hop counts do?

Slows routes given a higher hop count

In an IP router, does the software or hardware implement the control plane, doing processing on changes in the network?

Software

What do routers do?

Routes packets - works in "control plane", computes paths the packets will flow.

Routing

Routing is the process of moving packets across a network from one host to a another

How is the forwarding table constructed in link state routing?

Run Djikstra to give the shortest path to all destinations from a node.

SDN perspective: SDN controller

SDN controller (network OS): # maintain network state information # interacts with network control applications "above" via northbound API # interacts with network switches "below" via southbound API # implemented as distributed system for performance, scalability, fault-tolerance, robustness

Forwarding decisions =

SIMPLE. Have to decide which outgoing port to use in single transmission time.

What are the two issues in link state routing?

Scalability, Transient disruptions

IPsec

Security when transferring packets that encrypt the payload of the datagram that can only be decrypted by the sender. Sublayer underneath IP networking layer.

average response time

Sending several Requests one after another allows for measuring an ____________ (measured in ms)

How can you edit ICMP messages?

Software thats made to edit ICMP

4

Source Quench

Source quench

Source quench message in ICMP is used to add a kind of flow control to the IP. When the router or host discards the datagram due to congestion,it sends a source quench message to the sender of the datagram

Next Hop

The next place the router needs to go to to deliver the packet. Think of hops as the number of routers that it goes to

Network Address Translation (NAT)

Standard that enables local-area network (LAN) to use one set of IP address for internal traffic and another set of IP addresses for external traffic. Two purposes: 1. Acts like a firewall for hiding internal IP addresses 2. Enables use of more internal IP addresses. Companies outside with the same IP address will not conflict the internal IP address Uses the NAT Translation Table for WAN to LAN IP address conversion

Stateless Address Autoconfiguration?

Stateless Address Autoconfiguration (SLAAC): - Hosts can obtain an IPv6 address without DHCP server 1. DHCPv6 Client issues RS (router solicitation) which requests for a RA (router advertisement) 2. Router responds with RA containing prefix, prefix length, other info 3. Client will generate its own global IPv6 address from prefix in RA

Define subnet mask

Subnet masks denote which part of the address denotes the subnet address. E.G. 223.1.1.0 /24 where /24 denotes that the 24 leftmost bits define the subnet address If another host wanted to connect to this subnet, the IP address of the host must have the address of 223.1.1.xxx

Define subnet

Subnets are the interfaces used to connect hosts and routers. Example shown below.

Name three switching techniques of the switching fabric

Switching via memory: Interrupt is triggered to routing processor when packet arrives at input port, packet is copied into processor memory, processor uses destination address from packet header to lookup correct output port on forwarding table, packet is copied from memory to output port Switching via bus: Input port sends packet containing the output port header through a single shared bus. The output port the matches the packet header will keep the packet. This is similar to the roundabout analogy except only 1 car can access the roundabout at time Switching via an interconnection network / crossbar: Just look at the diagram

IP is the network layer service implemented by

TCP/IP protocol suite.

What can you use to stop loops from happening?

TTL

Header Checksum in IPv4

The 16-bit field is used for error checking of the IP header. The checksum of the header is recalculated and compared to the value in the checksum field. If the values do not match, the packet is discarded.

Identifier

The 16-bit long _________ field typically carries an OS-specific value (MS OS - 0x0100 or 256 decimal)

Sequence

The 16-bit long __________Number starts with certain initial value - incremented by a certain value in every Request sent (MS OS - increments by decimal 256)

Type, Code, and Checksum

The 4-byte long constant portion contains three required fields

Improved packet handling

The IPv6 header has been simplified with fewer fields. This improves packet handling by intermediate routers and also provides support for extensions and options for increased scalability/longevity.

Who does the ICMP report reachability information to?

The Originator Only

What does the response time from a ping request show you?

The Round Trip time the request took to get their and back

Describe: Time Exceeded

The Time To Live (TTL) value expired in transit

variable portion

The _________________contains message-specific fields that carry additional information

192.168.10.10

The address of the local host.

What do routers select to send on to other nodes in distance vector routing?

The best option from the set of options it has (i.e. shortest path to each node)

Global routing state

The collection of routing state in each of the routers

Define router forwarding plane

The collective functions of the input ports, output ports, and switching fabric

What is the main difference of the connection setup in the transport layer vs network layer?

The connection setup in the transport layer do not involve routers while network layer connection setup includes each router along the path that are fully aware of all the VCs passing through it.

If the control plan fails, what happens to the data path?

The data path is not affected - will keep going using the last table update

default gateway.

The router connected to the local network segment and forwards packets out to a remote destination because a host device does not maintain routing information but default gateway does

Local default route

The default route represents the route that packets must take to reach all remote network addresses. The default route is created when a default gateway address is present on the host. The default gateway address is the IP address of the network interface of the router that is connected to the local network. The default gateway address can be configured on the host manually or learned dynamically.

how to determine class of IPv4 address

The first octet determines class of the ip address

Fragmentation Reassembly Time Exceeded

The host returns a ____________________message to the sender (Type = 11, Code = 1)

255.255.255.255

The last two addresses represent the limited broadcast IP address values for use through either the loopback interface (127.0.0.1) or the host IP address (192.168.10.10). These addresses can be used to find a DHCP server before the local IP is determined.

maximum transmission unit (MTU)

The maximum size of the packet the media can carry

Routing

The network layer provides services to direct packets to a destination host on another network and chooses the best path.

Redirect data gram for the host

Type 5 code 1 shows a better route to the destination host

Redirect data gram for the type of service and network

Type 5 code 2 points to a better route to the destination network using the desired tos level

Next Header in IPV6

This 8-bit field is equivalent to the IPv4 Protocol field. It indicates the data payload type that the packet is carrying, enabling the network layer to pass the data to the appropriate upper-layer protocol. This field is also used if there are optional extension headers added to the IPv6 packet.

Hop Limit in IPV6

This 8-bit field replaces the IPv4 TTL field. This value is decremented by one by each router that forwards the packet. When the counter reaches 0 the packet is discarded and an ICMPv6 message is forwarded to the sending host, indicating that the packet did not reach its destination.

Describe how datagram networks work

The sender end system stamps the packet with its destination address and pops the packet into the network. Each router that passes the packet determines the output link by looking at their forwarding table. Information may arrive out of order. *Note that datagram networks do not maintain connection state information

an observable forwarding behavior of a network node toward a group of IP packets that have the same DSCP value

The six DSCP are used to define a per-hop behavior (PHB); PHB:

Stateful DHCP

The standard DHCP server consisting of DORA (Discover, Offer, Request, ACK)

Where is the routing table located?

The the memory of the router

0x01

The value _________ in an IP header's Protocol field informs a receiver that an ICMP header follows

192.168.10.0 - 192.168.10.255

These addresses all relate to the host and local network. All packets with destination addresses that fall into this category will exit out of the 192.168.10.10 interface.

224.0.0.0

These are special multicast class D addresses reserved for use through either the loopback interface (127.0.0.1) or the host IP address (192.168.10.10).

ff00::/8

These are special reserved multicast class D addresses equivalent to the IPv4 224.x.x.x addresses.

127.0.0.0- 127.255.255.255

These loopback addresses all relate to the direct connection and provide services to the local host.

Remote routes

These routes come from remote networks connected to other routers. Routes to these networks can either be manually configured on the local router by the network administrator or dynamically configured by enabling the local router to exchange routing information with other routers using dynamic routing protocols

Communication administratively prohibited messages

These three messages may help revealing the traffic filtering policy used - often disabled administratively

Destination Address in IPV6

This 128-bit field identifies the IPv6 address of the receiving host.

Source Address in IPV6

This 128-bit field identifies the IPv6 address of the sending host.

Fragment Offset in IPv4

This 13-bit field identifies the order in which to place the packet fragment in the reconstruction of the original unfragmented packet.

Payload Length in IPV6

This 16-bit field is equivalent to the Total Length field in the IPv4 header. It defines the entire packet (fragment) size, including header and optional extensions.

Identification in IPv4

This 16-bit field uniquely identifies the fragment of an original IP packet.

Flow Label in IPV6

This 20-bit field provides a special service for real-time applications. It can be used to inform routers and switches to maintain the same path for the packet flow so that packets are not reordered.

Flags in IPv4

This 3-bit field identifies how the packet is fragmented. It is used with the Fragment Offset and Identification fields to help reconstruct the fragment into the original packet.

Protocol in IPv4

This 8-bit binary value indicates the data payload type that the packet is carrying, which enables the network layer to pass the data to the appropriate upper-layer protocol. Common values include ICMP (1), TCP (6), and UDP (17).

Traffic Class in IPV6

This 8-bit field is equivalent to the IPv4 Differentiated Services (DS) field. It also contains a 6-bit Differentiated Services Code Point (DSCP) value used to classify packets and a 2-bit Explicit Congestion Notification (ECN) used for traffic congestion control.

Version in IPV6

This field contains a 4-bit binary value identifying the IP packet version. For IPv6 packets, this field is always set to 0110.

Direct connection

This is a route to the loopback interface (127.0.0.1)

::1/128

This is equivalent to the IPv4 loopback address and provides services to the local host.

::/0

This is the IPv6 equivalent of the local default route.

2001:0:9d38:953c:2c30:3071:e718:a926/128

This is the global unicast IPv6 address of the local computer.

2001::/32

This is the global unicast network prefix.

fe80::2c30:3071:e718:a926/128

This is the link local IPv6 address of the local computer.

fe80::/64

This is the local link network route address and represents all computers on the local link IPv6 network.

11

Time Exceeded

TTL

Time To Live

13

Timestamp

14

Timestamp Reply

What are Interior Gateway protocols used for?

To exchange routing information within an Autonomous System

What is the role of the network layer?

To move packets from a sending host to a receiving host using its two primary functions: forwarding and routing.

0 1 2; precedence 3 4thbit; D: Delay bit; when set it means to minimize delay 4 5thbits; T: Throughput bit; when set it means to maximize throughput 5 6thbits; R: Reliability bit; when set it means to maximize reliability 7,8 bits are reserved

ToS field

What is ICMP most commonly used for?

Troubleshooting, Connectivity Tests, Path Discovery

RIP communications are UDP based (T or F)

True

an 8-bit field in which the 3 most significant bits are called the IP precedence bits

Type of Service (ToS) field in the original IP header specifications => Differentiated Services (DiffServ)

0x08

Type values __________ identify ICMP Request

0x00

Type values ___________ identify ICMP Reply

Describe: Router Discovery

Used to discover information about routers on the local network segment

What are Exterior Gateway Protocols ?

Used to exchange routing inforamtion between autonomous systems.

Describe: Echo Request/Reply

Used to test reachability. Ping and Trace route are utilities that use this

UDP

User Datagram Protocol

How does a TraceRoute work?

Using the ICMP Echo request While manipulating the TTL value in the IP header

Traceroute

Utility to trace each router hop

Name the three phases in a virtual circuit

VC Setup: Transport layer contacts network layer, network layer determines path between sender and receiver, network layer determines VC number for each link in that path, forwarding table is updated. Data Transfer: Start transferring packets when the connection is established VC Teardown: The VC connection is released and the forwarding table is updated

Significant fields in the IPv4 header include

Version Differentiated Services (DS) Time-to-Live (TTL) - Contains an 8-bit binary value that is used to limit the lifetime of a packet. It is specified in seconds but is commonly referred to as hop count. The packet sender sets the initial time-to-live (TTL) value and is decreased by one each time the packet is processed by a router, or hop. If the TTL field decrements to zero, the router discards the packet and sends an Internet Control Message Protocol (ICMP) Time Exceeded message to the source IP address. The traceroute command uses this field to identify the routers used between the source and destination. Protocol - This 8-bit binary value indicates the data payload type that the packet is carrying, which enables the network layer to pass the data to the appropriate upper-layer protocol. Common values include ICMP (1), TCP (6), and UDP (17). Source IP Address - Contains a 32-bit binary value that represents the source IP address of the packet. Destination IP Address - Contains a 32-bit binary value that represents the destination IP address of the packet.

Describe the IPv4 datagram

Version #: (4-bits) whether it's IPv4 or IPv6 Header length: 4-bits that determine where in the IP datagram the data actually begins Type of service: Bits used to describe which type of datagram is to be used (low delay, high throughput, reliability, etc) Datagram length: Deterimes the total length of IP datagram measured in bytes. Field is 16-bits long Identifier, Flags, Frag Offset: Used for IP fragmentation Time-to-live: How long the datagram can circulate before it is dropped Protocol: Field used to dictate which transport layer protocol will be used (e.g. 6 for TCP and 17 for UDP) Header Checksum: Detects bit errors of the datagram. If the checksum does not match with the computed checksum, error is detected. Source / Destination IP addresses: As it says Options: As it says Data (Payload): As it says *IP datagram carries 20 bytes of header. If TCP segment, datagram carries 40 bytes of header.

Time exceeded

When a datagram reaches the router,the time to live field gets decremented by 1,when the value reaches 0,a time exceeded message must be sent by the router to the original source

Destination unreachable

When a host cannot deliver or the router cannot route the datagram sends a destination unreachable message back to the source host who initiated the datagram

In connectionless the reciever doesn't know?

When it is coming

How does a routing loop occur?

When one router believes the best path to a network is via a second router, and at the same time, the second router believes the best path to that network is through the first router

Function of DHCP servers

Whenever a hosts connects or disconnects, the DHCP servers will allocate or deallocate an IP address

Software defined networking (SDN)

Why a logically centralized control plane? # easier network management: avoid router misconfigurations, greater flexibility of traffic flows # table-based forwarding (recall OpenFlow API) allows "programming" routers * centralized "programming" easier: compute tables centrally and distribute * distributed "programming: more difficult: compute tables as result of distributed algorithm (protocol) implemented in each and every router # open (non-proprietary) implementation of control plane

Where are ICMP messages located?

Within the IP datagram payload

Pmtu of 576

X.25 mtu size - minimum size that must be supported by any tcp/ip host

Do we construct a forwarding table at each node in Link state routing?

Yes

Can packet loss occur in the routing process?

Yes, if there is no memory available for input queues and output queues, packet loss will occur.

Net Unreachable

_________ (Type = 3, Code = 0) - sent by a router that knows the destination network but believes the route to it is down this time (or too far to reach)

Time to Live Exceeded

_________ in Transit message to the sender (Type = 11, Code = 0)

Host Unreachable

___________(Type = 3, Code = 1) - sent by a router that doesn't know the destination network or is unable to locate the destination host

Port Unreachable

___________(Type = 3, Code = 3) - sent by a host that isn't running the UDP service requested by the client

Checksum

a 16-bit value for integrity verification for the ICMP header only (similar to IPv4, deprecated)

What is a Border Gateway Protocol?

a Distance vector protocol and is the replacement for EGP

What is RIP?

a basic distance vector routing protocol

Routing Table

a data file in RAM that is used to store route information about directly connected network, as well as entries of remote networks the device has learned about

Who must manage issues in IP

a higher level protocol aka TCP aka a Connection-oriented protocols, require that control data be exchanged to establish the connection.

Interfaces in IPv6 commonly have two IPv6 addresses

a link local address and a global unicast address

What does the TraceRoute utility identify?

a path from the sender to the target host

The network layer encapsulates what

a segment with an IP header=packet or Transport Layer PDU+IP header=packet.

the definition of Internet Protocol for this layer (layer3-network layer)

a simple connectionless datagram protocol that provides no error recovery and no delivery guarantee

The process of mapping the IP Address to the MAC Address for actual delivery of frames : address resolution is done through dynamic binding, which is required because the NIC may be changed

address resolution

Public IP address

addresses that are displayed directly to the internet.

two things what the network layer is concerned

addressing and routing

routing algorithms

algorithms that calculate the paths taken by packets as they flow from a sender to a receiver. May be centralized (e.g., with an algorithm executing on a central site and downloading routing information to each of the routers) or decentralized (i.e., with a piece of the distributed routing algorithm running in each router)

Code

an 8-bit value that identifies a message subtype within specific type given by the Type value

Type

an 8-bit value that identifies a type of the ICMP message (specific values are managed by IANA)

fragmenting the packet or fragmentation.

an intermediate device, usually a router, must split up a packet when forwarding it from one medium to a medium with a smaller MTU.

Internetworking: key feature

hides network differences with a common protocol

Gateway address

ip address of the host that enables access to the internet or to other networks. Gateway address should always be on the same network as the computer connecting to it.

DNS server address

ip address of the host that takes care of domain name translation to IP

routers

base their forwarding decision on the value in the network-layer (layer 3) field

trace

cisco route command

show ip route command on router

command can be used to display the routing table of a router.

Internetworking

connecting different networks

Input port functions

decentralized switching: # using header field values, lookup output port using forwarding table in input port memory ("match plus action") # goal: complete input port processing at 'line speed' # queuing: if datagrams arrive faster than forwarding rate into switch fabric # destination-based forwarding: forward based only on destination IP address (traditional) # generalized forwarding: forward based on any set of header field values

Directly Connected Routes

directly connected, physical plug in

Addressing end devices

end devices must be configured with a unique IP address for identification on the network. An end device with a configured IP address is referred to as a host.

default route

equivalent for default gateway, it has to be the same and match

ICMP: primary purpose

error report and testing

Switching via memory

first generation routers: # traditional computers with switching under direct control of CPU # packet copied to system's memory # speed limited by memory bandwidth (2 bus crossings per datagram)

1st part: Network Address 2nd part: Host Address

format of IP address

IPv4 history

has been in use since 1983 when it was deployed on the Advanced Research Projects Agency Network (ARPANET),

MTU: desirable packet size

larger b/c more efficient

DHCP: purpose

lease IP addresses to nodes

transport layer

manages the data transport between the processes running on each host

Every network specifies the maximum length of packets that pass through it

maximum transfer unit (MTU)

Metric

mesurement, how routeres measure their conection

192.168.10.0

network address

SDN perspective: control applications

network-control apps: # "brains" of control: implement control functions using lower-level services, API provided by SND controller # unbundled: can be provided by 3rd party: distinct from routing vendor, or SDN controller

ARP: purpose

node uses it to map a local IP address to its Link Layer addresses

Private IP address

one that is not displayed directly to the internet and is normally behind a firewall

Making routing scalable

our routing study thus far - idealized # all routers identical # network "flat" ... not true in practice scale: with billions of destinations: # can't store all destinations in routing tables! # routing table exchange would swamp links! administrative autonomy # internet = network of networks # each network admin may want to control routing in its own network

Loopback

ping yourself, testing yourself

IPv6 datagram format

priority: identify priority among datagrams in flow flow Label: identify datagrams in same "flow." (concept of"flow" not well defined). next header: identify upper layer protocol for data

pp38-

private internets

Routing

process of deciding in which direction to send traffic

Forwarding

process of sending a packet on its way

extension headers (EH)

provide optional network layer information. used for fragmentation, security, to support mobility, and more.

Network Address Translation (NAT)

provides a way for multiple devices to share a single public IP address.

The network layer, or OSI Layer 3

provides services to allow end devices to exchange data across the network. to transport packets between hosts while placing as little burden on the network as possible. The network layer is not concerned with, or even aware of, the type of communication contained inside of a packet

Subnets

recipe # to determine the subnets, detach each interface from its host or router, creating islands of isolated networks # each isolated network is called a subnet

Total Length in IPv4

referred to as the Packet Length, this 16-bit field defines the entire packet (fragment) size, including header and data, in bytes. The minimum length packet is 20 bytes (20-byte header + 0 bytes data) and the maximum is 65,535 bytes.

Command that shows routing table

route print or netstat -r

9

router Advertisements

remote Routes

routes that are not directly connected, at least one other router

router

select paths for and direct packets toward the destination host in a process known as routing. Only concerned with layer 3 network layer and doesn't touch the segment.

:method used to convey number of bits for a given network :describes how the host address bits have been partitioned: how many bits are used for the subnet and how many bits are used for the actual host address

subnet mask

-It uses the same dotted-decimal notation as the IP address -Each bit in the IP address has a corresponding mask bit -If a bit in the IP address is part of the network address, including the subnet, its mask bit is set to 1; otherwise it is set to 0 -Thus, only the bits used for the actual host address have their mask bits set to 0; all other bits have their mask bits set to 1

subnet mask operates in the following manner

:a networking technique used to simplify network administration : worked by borrowing bits from the host address to create two or more subnetworks (or subnets), leaving the network address space untouched since network addresses are unique :permits us to divide the original host address space into two subspaces: a subnet address space and a new host address space

subnetting

-version; 4bits -IHL (IP Header Length); 4bits -DSCP (Differentiated Services Code Point); 6 bits -ECN (Explicit Congesting Notification); 2bits -Total length; 16 bits -Identification; 16 bits -Flags; 3bits -Fragment Offset; 13 bits -Time to Live; 8bits -Protocol; 8bits - Header Checksum; 16bits -Source address; 32 bits -Destination address; 32 bits -Option; variable -Padding; variable

the format of IPv4 header

node.

the host or computer portion of the address

one major characteristic of the media that the network layer considers

the maximum size of the PDU that each medium can transport. This characteristic is referred to as the maximum transmission unit (MTU). The network layer then determines how large packets should be.

Encapsulation

the network layer adds IP header information, such as the IP address of the source (sending) and destination (receiving) hosts. After header information is added to the PDU, the PDU is called a packet.

routing

the network layer must determine the route or path taken by packets as they flow from a sender to a receiver. They do this through routing algorithms. For example, a routing algorithm would determine the path along which packets flow from H1 to H2.

net.

the network portion of the ip address

If reliability overhead were included in IP

then communications that do not require connections or reliability would be burdened with the bandwidth consumption and delay produced by this overhead.

ICMP: stack

top of IP stack

link-layer switch

type of packet switches that base their forwarding decision on values in the fields of the link-layer (layer 2) frame

Source Tree

union of all shortest paths from a source

Sink Tree

union of all shortest paths towards a destiation

IPv4: Networking layer

uses datagrams

command traceroute field

uses this field to identify the routers used between the source and destination.

forwarding

when a packet arrives at a router's input link, the router must move the packet to the appropriate output link. For example, a packet arriving from Host H1 to Router R1 must be forwarded to the next router on a path to Host H2.

Longest prefix matching

when looking for forwarding table entry for given destination address, use longest address prefix that matches destination address.

Command: route print

windows only

Core router

within single AS, join routers together


Ensembles d'études connexes

Underwriting Basics, 4th Edition Course

View Set

Course 5: Sec 2: Search and Display Marketing

View Set

emergency and mass casualty incidents - exam 3

View Set

Criminalistics chapters 1-3 (exam 1)

View Set