Network Layer - The Internet Protocol - part 2 - Slide# 13
Transitioning from IPv4 to IPv6
Problems will occur - Can't upgrade all routers simultaenously Therefore, to allow networks to operate with mixed router (IPvX) addressing, there is a solution known as : TUNNELING: IPv6 Datagram is carried as a payload in IPv4 datagram among(through) IPv4 routers. ^ It is encapsulated within the IPv4 packet just as if it where a datagram being transmitted. (Slide ends with tunneling/encapsulation info)
IPv6 Motivations
Initially it was because the 32 bit (IPv4) address space is soon to be completely allocated. Additionally: - header format helps speed up processing and forwarding - Headers have been changed to facilitate QoS
NAT stands for?
Network Address Translation
Nat Traversal problem(s)
- 1) If an external client tries to connect to a SERVER via the local NAT IP address, it can't (its only visible locally) - Only 1 external IP address is visible and that is where the client needs to connect Solution 1) Statically configure NAT to forward incoming connection requests at given port to server
NAT Info:
- 16 bit port-field number -- 60k connections lan side!
IPv6 changes from IPv4
- Checksum: removed entirely to reduce processing time at each hop - Options: Allowed, but outside of the header. They are indicated by "next header" field - ICMPv6: New version of ICMP - - Has additional message types(codes) such as "packet too big" (thats what she said) -- Multicast group management functions
What does Internet Control Message Protocol do? (ICMP)
- Error Reporting: unreachable host, network port, protocol - echo request/reply: (used by ping)
NAT Motivation
- Local networks use just one IP address as far as the outside world is concenerned, this is good for limited ipv4 addressing as well as being a security advantage. - Internal IPs can change without having to notify the outside world, as they are for intra-network addressing only. - The ISP of the NAT can also be changed without affecting the local IP addresses
Why is NAT considered controversial?
- Nat is controversial because routers should only process up to layer 3. - Also, it violates end-to-end argument. Also NAT must be taken into account by app developers. -** INSTEAD, the address shortage should be fixed by using IPv6, not via NAT
IPv6 Datagram Format (2)
- Priority: identifies priority of datagrams in a flow - Flow label: Identifies datagrams that are in the SAME flow (verbatim off slide -> "Concept of "flow" not well defined") - Next header: Identifies upper layer protocal for data
IPv6 Datagram Format
- The IPv6 Headers have a fixed-length of 40 bytes - No fragmentation allowed
What does an ICMP message consist of?
ICMP messages consist of: Type: Code: First 8 bits of IP datagram causing the error ex. type 0, code 0, is PING!
How are ICMP messages carried?
ICMP packages are carried in the network-layer, "above" IP: ICMP msgs are carried in IP datagrams
What does ICMP stand for?
ICMP stands for Internet Control Message Protocol
How does a NAT router work (2) ?
For incoming datagrams: -Router replaces the NAT IP address with its corresponding local IP address, this is done by the port number that was assigned for the originating outgoing datagram by the NAT Router - The router must remember every translation pair it is using for incoming/outgoing IPs & Port numbers in the NAT Translation Table
How does a NAT router work?
For outgoing datagrams a nat router must: - replace source IP address & port number for every outgoing datagram with the NAT IP address and a new port number - The above info that was replaced will be how return packets are addressed
Nat Traversal Problem(s) 2
Solution 2) UPnP - IGD - Universal Plug and Play Internet Gateway Device Protocol. This allows the NATed host to: - Learn public IP address - Add/remove port mappings (with lease times) i.e. it can automatically configure static NAT port map configurations
Nat Traversal Problem(s) 3
Solution 3) Relaying (like SKYPE) - NATed client establishes connection to relay - external client connects to relay - Relay bridges packets between the two connections!
Traceroute and ICMP
Traceroute is done by: Source sends out a series(x3) of UDP segments to the destination and uses an unlikely port number (to generate an error message). The TTL is set starting at 1 for the first hop, and continues for nth TTL for nth router Once the nth packet gets to the nth router, it is discarded and an ICMP messaage is sent back to source (Type 11, code 0) - "Port unreachable" The above message will stop the source from sending out more UDP packets if the returning IP address is that of its intended destination. This reply message includes the name of router & IP address. Upon arrival, the originating source records the RTTs(round trip times)
T/F: All datagrams leaving the local network have the SAME single source NAT IP address? What about their Port numbers?
True, all datagrams leaving a NAT router/network have the same source NAT IP address. They are differentiated from each other by the port number(both outgoing and incoming have various port numbers)