Introduction to IP networking

Similar documents
Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

8.2 The Internet Protocol

IP Network Layer. Datagram ID FLAG Fragment Offset. IP Datagrams. IP Addresses. IP Addresses. CSCE 515: Computer Network Programming TCP/IP

Ethernet. Ethernet. Network Devices

Networking Test 4 Study Guide

Network-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2

TCP/IP Fundamentals. OSI Seven Layer Model & Seminar Outline

How do I get to

IP - The Internet Protocol

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Introduction to TCP/IP

Overview of TCP/IP. TCP/IP and Internet

Network Security TCP/IP Refresher

Lecture Computer Networks

IP address format: Dotted decimal notation:

Internet Control Protocols Reading: Chapter 3

Network layer: Overview. Network layer functions IP Routing and forwarding

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Understanding TCP/IP. Introduction. What is an Architectural Model? APPENDIX

Network layer" 1DT066! Distributed Information Systems!! Chapter 4" Network Layer!! goals: "

Transport and Network Layer

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Internetworking. Problem: There is more than one network (heterogeneity & scale)

Indian Institute of Technology Kharagpur. TCP/IP Part I. Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)

Outline. CSc 466/566. Computer Security. 18 : Network Security Introduction. Network Topology. Network Topology. Christian Collberg

BASIC ANALYSIS OF TCP/IP NETWORKS

IP addressing and forwarding Network layer

Networks: IP and TCP. Internet Protocol

Technical Support Information Belkin internal use only

Network Programming TDC 561

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

Internetworking and IP Address

Transport Layer Protocols

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

The OSI and TCP/IP Models. Lesson 2

Subnetting,Supernetting, VLSM & CIDR

Address Resolution Protocol (ARP), Reverse ARP, Internet Protocol (IP)

TCP/IP Basis. OSI Model

CCNA R&S: Introduction to Networks. Chapter 5: Ethernet

Chapter 4 Network Layer

Lecture 8. IP Fundamentals

First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring

Chapter 3: Review of Important Networking Concepts. Magda El Zarki Dept. of CS UC Irvine

Interconnection of Heterogeneous Networks. Internetworking. Service model. Addressing Address mapping Automatic host configuration

ACHILLES CERTIFICATION. SIS Module SLS 1508

Linux Network Security

TCP/IP Network Essentials. Linux System Administration and IP Services

Lab 2. CS-335a. Fall 2012 Computer Science Department. Manolis Surligas

Future Internet Technologies

Unix System Administration

Classful IP Addressing. Classless Addressing: CIDR. Routing & Forwarding: Logical View of a Router. IP Addressing: Basics

Introduction to IP v6

Data Communication Networks and Converged Networks

Overview of Computer Networks

RARP: Reverse Address Resolution Protocol

Chapter 9. IP Secure

Gary Hecht Computer Networking (IP Addressing, Subnet Masks, and Packets)

Internet Protocols Fall Lectures 7-8 Andreas Terzis

Network Security. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

Troubleshooting Tools

Computer Networks and the Internet

Computer Networks/DV2 Lab

Datacommunication. Internet Infrastructure IPv4 & IPv6

Computer Networks CS321

CHAPTER 0 INTRODUCTION TO TCP/IP

Network Layers. CSC358 - Introduction to Computer Networks

Internet Working 5 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2004

CS 43: Computer Networks IP. Kevin Webb Swarthmore College November 5, 2013

Application. Transport. Network. Data Link. Physical. Network Layers. Goal

Introduction to Analyzer and the ARP protocol

Computer Networks & Security 2014/2015

Communication Systems Internetworking (Bridges & Co)

Internet Protocols. Background CHAPTER

Lecture 28: Internet Protocols

Computer Networks. Lecture 3: IP Protocol. Marcin Bieńkowski. Institute of Computer Science University of Wrocław

Internet Protocol version 4 Part I

IP Addressing. -Internetworking (with TCP/IP) -Classful addressing -Subnetting and Supernetting -Classless addressing

Networking Basics and Network Security

Exercises TCP/IP Networking. Solution. With Solutions

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet

Internet Protocols. Addressing & Services. Updated:

UPPER LAYER SWITCHING

CS 457 Lecture 19 Global Internet - BGP. Fall 2011

The internetworking solution of the Internet. Single networks. The Internet approach to internetworking. Protocol stacks in the Internet

Mobile IP. Bheemarjuna Reddy Tamma IIT Hyderabad. Source: Slides of Charlie Perkins and Geert Heijenk on Mobile IP

Understanding Layer 2, 3, and 4 Protocols

SUPPORT DE COURS. Dr. Omari Mohammed Maître de Conférences Classe A Université d Adrar Courriel : omarinmt@gmail.com

CSE 473 Introduction to Computer Networks. Exam 2 Solutions. Your name: 10/31/2013

Introduction to Computer Networks

CSIS CSIS 3230 Spring Networking, its all about the apps! Apps on the Edge. Application Architectures. Pure P2P Architecture

VLAN und MPLS, Firewall und NAT,

Load Balancing. Final Network Exam LSNAT. Sommaire. How works a "traditional" NAT? Un article de Le wiki des TPs RSM.

Internet Protocol (IP) IP - Network Layer. IP Routing. Advantages of Connectionless. CSCE 515: Computer Network Programming IP routing

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Raritan Valley Community College Academic Course Outline. CISY Advanced Computer Networking

Transcription:

DD2395 p2 2011 Introduction to IP networking Olof Hagsand KTH CSC 1

Example: Packet transfer www.server.org An end host requests a web-page from a server via a local-area network The aim of this lecture is to give an overview of how this works in practice So that you can configure packet filters in the ip-tables lab Some protocols involved: Ethernet, ARP, IP, TCP, DNS, HTTP 2

Internet architecture: Example Every routing domain is independently administrated xdsl Internet Service Provider Firewall/NAT router Backbone routers Regional Provider Internet Exchange / Direct connections IX Backbone Provider IX Internet Service Provider Web-server Ethernet Home Network Host Switch Wireless Home Network 3

Network example: KTH Intranet 4

Network example: OptoSunet core 5

Netnod aggregated traffic www.netnod.se 6

The Hourglass Model email WWW phone... Anything over IP IP over anything All applications depend on IP IP runs over all networks IP is at the heart of all communication SMTP HTTP RTP... TCP UDP IP ethernet PPP CSMA async sonet... copper fiber radio... From Steve Deering, 2000 7

The TCP/IP stack and OSI ref model L7: Application L6: Presentation SMTP HTTP FTP DNS SSH... L5: Session L4: Transport TCP UDP SCTP L3: Network ICMP IGMP IP ARP Router L2: Data Link Ethernet PPP WLAN ATM... Switch L1: Physical 8

Encapsulation User data Include data from higher layer protocols into lower layer protocols using headers Appl header Payload L7 Segment TCP header Payload L4 Datagram IP header Payload L3 Frame Ethernet header Payload 14 20 20 4 Ethernet trailer L2 Ethernet frame 46 to 1500 bytes 9

Ethernet frame: Link-level example: Ethernet DA SA PT Payload CRC 6 6 2 46-1500 4 Ethernet is an example of a link-level protocol, that uses copper or fiber. WLAN is similar to Ethernet but runs on 'air'. One important task of the link-layer is framing 'create packets from the underlying physics' Another is detecting bit errors (cyclic redundancy check) and addressing ('MAC' addresses) A MAC (IEEE 802) address has a flat structure they cannot be aggregated into more abstract addresses: networks Typically only requested on a local-area network on a directly connected network But a local-area network can nowadays be very large 10

Ethernet /WLAN communication Using a link-level protocol, you can now communicate directly over a link 00:1d:e0:08:83:a7 00:16:d3:cc:c0:0d But what about communicating over several hops? 11

Network layer and IP Host/ End system Router Server/ End system.34 Network 1: 192.36.250.0/25.1.......1.107 Network N 130.237.32.0/25 TCP TCP IP IP IP MAC MAC MAC MAC PHY LAN PHY PHY LAN PHY The network layer (IP) primarily adds the ability to cross several networks using 'routing' 12

IPv4 addresses Each interface in an IPv4 Internet is assigned a unique 32-bit internet address Not node addresses! Address types An address has two purposes Identifier: Uniquely identify a host Unicast one-to-one Locator: Give location of the host Anycast - one-to-any Multicast one-to-many It therefore has two parts Broadcast one-to-all Netid (prefix) identifies a network Hostid identifies a node on that network Address Space 2 32 = 4 294 967 296 Slash notation: <netid>/<netidlen> Example: 192.36.120.0/21 Notation Dotted-decimal: 192.36.125.18 Netid Hostid 10111101 11000000 10111101 00100100 10111101 01111101 10111101 00010010 192.36.125.18 13

IPv4 address exhaustion IANA ran out of IPv4 address blocks in February APNIC (asia) is already empty RIPE (europe) end of 2011 ARIN (america) in 2012 What to do then? Address translation (NAT) in different and new variants IPv6! 14

ARP - Address Resolution Protocol Problem: A source wants to send a packet to an interface on a directly attached broadcast network - we know the IP-address of the destination but not the MAC address. Idea: Broadcast a request - On which MAC address can IP-address X be reached?. ARP request The host/router with the destination replies with its MAC address ARP reply The source saves the reply in a cache So you dont need to ask next time 192.36.250.34 00:1d:e0:08:83:a7 192.36.250.1 00:16:d3:cc:c0:0d 15

0 IPv4 Header Version HLEN Type of Total Service length 31 ID Flags Offset TTL Protocol Header Checksum 20 bytes Source IP address Destination IP address Options Version HLEN Header Length Type of Service Total Length Header + Payload Fragmentation ID, Flags, Offset TTL Time To Live Limits lifetime Protocol Higher level protocol Header checksum IP Addresses Source, Destination Options up to 40 bytes 16

ICMP ICMP is a limited signalling protocol for IPv4. Report IP problems back to sender Control and Management Considered a part of IP, but uses IP for transfers. Type 3 4 11 12 Message Destination unreachable Source quench Time exceeded Parameter problem Type 8/0 13/14 17/18 10/9 Message Echo request/reply Timestamp request/reply Address mask request/reply Router solicitation/advertisement 5 Redirection 17

Transport layer Provides service to end-applications: ports TCP Connection-oriented Reliable Full-duplex Data as byte-stream UDP Packet-oriented Unreliable Full-duplex Data in packets Mostly used Network-friendly Real-time traffic Reliability in application 18

TCP Connection Establishment Client SYN seq=x Server 3-way handshake: Guarantees both sides ready to transfer data SYN seq=y, ACK x+1 Allows both sides to agree on initial sequence numbers ACK y+1 Initial sequence number (ISN) must be chosen so that each incarnation of a specific TCP connection between two end-points has a different ISN. Normally, client initiates the connection Note: two well-known TCP attacks: - SYN flooding - Sequence number attacks 19

TCP end-to-end reliability Flow control : sender shall not overrun receiver Sliding window Receiver announces how much data it can receive using ACKs Avoid Stop and go silly windows Congestion control: Back-off when packets are lost in network Slow-start to quickly reach network capacity Congestion avoidance to slowly reach limit Fast retransmit Dont drop to zero at loss Actual window size: min(receive window, congestion window) 20

Sliding window Receiver: receiver window acknowledges data sent and what it is prepared to receive Sender window size opened and/or closed Receiving an ACK shifts the window by a constant value. Stop and go: Send data, wait for ACKs Silly window: Send one byte Receive window usable window Segment no 1 2 3 4 5 6 7 8 9 10 11 12 sent and acknowledged sent, not ACKed can send ASAP can t send until window moves 21

Congestion avoidance CWND size (in segments) 26 24 22 Slow start 20 18 16 Threshold = 16 14 12 10 08 06 04 02 Congestion avoidance After timeout Threshold = ½ current CWND CNWD = MSS Time-out (at cwnd = 20) Threshold = 10 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 No of transmitted segments 22

Fast Retransmit and Recovery CWND size (in segments) 26 24 22 20 18 16 14 12 10 08 06 04 02 Threshold = 16 Duplicate ACK After 3 duplicate ACKs: Threshold = ½ current CWND CNWD = Threshold Perform Cong. Avoid. Threshold = 10 ACK no 1 2 3 4 5 6 7 8 8 8 8 8 8 13 14 15 1 2 3 4 5 6 7 8 9 10 11 8 12 13 14 15 Segment no 23

DNS: Why do we need names? In the underlying network and transport layers it is all about addresses. Interfaces, TCP, routing, etc. In IP, names are translated directly to addresses And then we deal with addresses only No names in the network Why don't we just stick with addresses? Names are better for humans fe80::216:d3ff:fecc:c00d Names add another layer of indirection One name can map to several logical addresses One logical adress can map to several names Names can be used for other things than just addressing load balancing, mail direction, descriptions, finding services, 24

DNS architecture Names are structured hierarchically - in a tree form The DNS architecture is client-server Client is called resolver Server is called name server The resolver queries the nameservers hierarchically Ultimately, you ask one of 13 root name-servers Replies are cached at several places in the system 25

DNS tree. com edu se uk arpa kth co ac in-addr ip6 csc 192 netlab 71 xen 24 5 26

Resolving process Iterative query Resolving server Query Referral to se root nameserver. Query Referral to kth se nameserver se Query xen.netlab.csc.kth.se Query Referral to csc kth nameserver kth Client Stub-Resolver Response: 192.71.24.5 Recursive query Query Referral to netlab Query Response: 192.71.24.5 csc nameserver netlab nameserver csc netlab xen 27

clients/peers Applications server Most applications use TCP sockets to connect between clients and servers or directly between peers - p2p Applications are typically end-to-end Anybody can create an application Anybody can also attack Firewalls and NAT increase the security but also hinder the freedom of applications Especially for peer-to-peer applications Firewalls are in general application-aware 28

Example: packet transfer 192.36.250.1 130.237.32.107 An end host communicating with a server via a wireless LAN DNS: Resolve the name to an IP address www.kth.se -> 130.237.32.107 Make a routing lookup to get next-hop Nexthop(130.237.32.107) -> 192.36.250.1 ARP: Translate the IP address of nexthop to MAC address 192.36.250.1-> 00:e0:35:64:e9:e7 Send TCP/IP SYN packet to 130.237.32.107 with port 80 to next hop using wireless LAN MAC address 00:e0:35:64:e9:e7 TCP/IP SYN+ACK packet returns from remote peer Send HTTP Request on the TCP connection HTTP Response comes back with content 29

DD2395 lab packet filter firewall Inside Firewall? Outside The lab configuration consists of three virtual hosts running on xen.netlab.csc.kth.se There is an outside host, an inside host, and a packet-filter firewall that you have control over. There is also an unknown server. Your first task is to scan the server to detect its address & capabilities You use 'nmap' for this Your second task is to program packet-filters on the firewall Protect internal servers and clients from access and attacks from the outside while allowing access of the outside from the inside You use the Linux 'ip-tables' to acheive this. Read the lab instructions thoroughly, read about ip-tables and nmap! 30

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information