Computer Networks Lecture 3: IP Protocol Marcin Bieńkowski Institute of Computer Science University of Wrocław Computer networks (II UWr) Lecture 3 1 / 24
In previous lectures We learned about layer 1 (physical) and layer 2 (data link) Layer 2: Allows sending frames between two directly connected computers. Connectionless, not reliable. Acknowledgements are optional in layer 2 (Ethernet does not have them). Direct connection = point-to-point link or same network connected by layer 1 devices (hubs) or layer 2 devices (switches). Computer networks (II UWr) Lecture 3 2 / 24
Outline 1 Network layer 2 Addressing CIDR Special addresses 3 Routing 4 Cooperation with layer 2 Computer networks (II UWr) Lecture 3 3 / 24
Network layer (1) Network layer Also connectionless and not reliable Gives the layer 4 the possibility of sending packet between ANY two computers. Requires a fixed common addressing in the whole network (IP in the Internet) Layer 4 does not care about number and type of intermediate routers. Computer networks (II UWr) Lecture 3 4 / 24
Network layer (2) Network layer Allows joining two different layer 2 networks. R Computer networks (II UWr) Lecture 3 5 / 24
IP addresses Addressing Each network card is assigned a unique 4-byte address. Computers from one network has addresses from a contiguous subset of addresses Networks are connected by routers. Notation: dot-separated decimal (e.g., 156.17.4.1) Computer networks (II UWr) Lecture 3 6 / 24
CIDR (1) Addressing CIDR Classless InterDomain Routing Way of describing IP ranges sharing a common bit prefix We write IP/length, where IP is the first address from the range, and length is the length of the common prefix. Example We want to describe IP addresses whose binary representation starts with 10011100.00010001.00000100.0010: First IP address from the range: 10011100.00010001.00000100.00100000= 156.17.4.32 prefix length = 28 Description = 156.17.4.32/28 Computer networks (II UWr) Lecture 3 7 / 24
CIDR (2) Addressing CIDR CIDR used mostly for describing single networks 156.17.4.32/28 denotes all the addresses between 156.17.4.32 and 156.17.4.47 First address in the network is reserved (network address) Last address is also reserved: broadcast address. Remaining ones can be assigned to computers. Computer networks (II UWr) Lecture 3 8 / 24
Subnetting (1) Addressing CIDR CIDR allows creating hierarchies of networks and subnetworks Figure from http://en.wikipedia.org/wiki/classless_inter-domain_routing Note: Top block 208.128.0.0/11 received directly from IANA. Note: 208.130.29.33/32 = range consisting of one IP address = single computer, not really a network. Computer networks (II UWr) Lecture 3 9 / 24
Subnetting (2) Addressing CIDR Range can be split into two ranges of equal sizes: Example 156.17.4.64/26 = 156.17.4.64/27 + 156.17.4.96/27 = 156.17.4.64/28 + 156.17.4.80/28 + 156.17.4.96/28 + 156.17.4.112/28 Is 156.17.4.95 a broadcast address? It depends! It is in the networks 156.17.4.80/28 and 156.17.4.64/27 but not in 156.17.4.64/26! Computer networks (II UWr) Lecture 3 10 / 24
Subnetting (2) Addressing CIDR Range can be split into two ranges of equal sizes: Example 156.17.4.64/26 = 156.17.4.64/27 + 156.17.4.96/27 = 156.17.4.64/28 + 156.17.4.80/28 + 156.17.4.96/28 + 156.17.4.112/28 Is 156.17.4.95 a broadcast address? It depends! It is in the networks 156.17.4.80/28 and 156.17.4.64/27 but not in 156.17.4.64/26! Computer networks (II UWr) Lecture 3 10 / 24
Subnetting (2) Addressing CIDR Range can be split into two ranges of equal sizes: Example 156.17.4.64/26 = 156.17.4.64/27 + 156.17.4.96/27 = 156.17.4.64/28 + 156.17.4.80/28 + 156.17.4.96/28 + 156.17.4.112/28 Is 156.17.4.95 a broadcast address? It depends! It is in the networks 156.17.4.80/28 and 156.17.4.64/27 but not in 156.17.4.64/26! Computer networks (II UWr) Lecture 3 10 / 24
CIDR Notation Addressing CIDR We add /xx (called subnet mask) to all IP addresses. Example: 156.17.4.32/28: denotes whole network 156.17.4.33/28: the first computer in this network... 156.17.4.46/28: the last computer in this network 156.17.4.47/28: broadcast address of this network Given an address and subnet mask, how to check whether it is network, broadcast or host address? Computer networks (II UWr) Lecture 3 11 / 24
CIDR Notation Addressing CIDR We add /xx (called subnet mask) to all IP addresses. Example: 156.17.4.32/28: denotes whole network 156.17.4.33/28: the first computer in this network... 156.17.4.46/28: the last computer in this network 156.17.4.47/28: broadcast address of this network Given an address and subnet mask, how to check whether it is network, broadcast or host address? Computer networks (II UWr) Lecture 3 11 / 24
CIDR caveats Addressing CIDR Question: how many addresses in a CIDR network range with subnet mask /27 can be assigned to hosts? Answer: 2 5 2. Similar answers for other subnet masks, but: /32: denotes a single host IP; /31: point to point connection, two host IPs, no network or broadcast address. Computer networks (II UWr) Lecture 3 12 / 24
CIDR caveats Addressing CIDR Question: how many addresses in a CIDR network range with subnet mask /27 can be assigned to hosts? Answer: 2 5 2. Similar answers for other subnet masks, but: /32: denotes a single host IP; /31: point to point connection, two host IPs, no network or broadcast address. Computer networks (II UWr) Lecture 3 12 / 24
CIDR caveats Addressing CIDR Question: how many addresses in a CIDR network range with subnet mask /27 can be assigned to hosts? Answer: 2 5 2. Similar answers for other subnet masks, but: /32: denotes a single host IP; /31: point to point connection, two host IPs, no network or broadcast address. Computer networks (II UWr) Lecture 3 12 / 24
Address classes Addressing CIDR If you assign address 10.0.0.1 to a network card, it will be interpreted as 10.0.0.1/8. Why? Reason stems from pre-cidr IP classes If the first IP bit is 0, assume subnet mask /8 (A class network). Example: 6.0.0.0/8 If the first IP bits are 10, assume subnet mask /16 (B class network). Example: 156.17.0.0/16 If the first IP bits are 110, assume subnet mask /24 (B class network). Example: 200.200.200.0/24 Computer networks (II UWr) Lecture 3 13 / 24
Loopback Addressing Special addresses Network 127.0.0.0/8 Interface lo (loopback) By connecting with any computer from this network (usually with 127.0.0.1), you connect with yourself. Application: it is possible to write, test and use network programs without the network. Computer networks (II UWr) Lecture 3 14 / 24
Private addresses Addressing Special addresses Reserved ranges of IP addresses Packet with such addresses should not be passed through routers. Can be used in local networks (same addresses in different networks). Ranges: 10.0.0.0/8 (one A class network); 172.16.0.0/12 (16 B class networks); 192.168.0.0/16 (256 C class networks). If computers with private IP addresses want to communicate with the outside world, the connecting router has to perform Network Address Translation (NAT). Computer networks (II UWr) Lecture 3 15 / 24
Private addresses Addressing Special addresses Reserved ranges of IP addresses Packet with such addresses should not be passed through routers. Can be used in local networks (same addresses in different networks). Ranges: 10.0.0.0/8 (one A class network); 172.16.0.0/12 (16 B class networks); 192.168.0.0/16 (256 C class networks). If computers with private IP addresses want to communicate with the outside world, the connecting router has to perform Network Address Translation (NAT). Computer networks (II UWr) Lecture 3 15 / 24
IP packet header Routing WWW Computer networks (II UWr) Lecture 3 16 / 24
Routing tables Routing Each router has a routing table consisting of entries like: If the destination address of the packet belongs to network S, send it through interface I to the next router (gateway) B Static routing = entries are entered by hand by the administrator. Computer networks (II UWr) Lecture 3 17 / 24
Routing Static routing example 81.219.234.0/24 10.0.0.0/9 81.219.234.7 10.0.0.2 81.219.234.3 10.127.255.254 10.128.0.0/9 The Internet 10.128.0.1 Router with two network cards: eth0 = 81.219.234.7, eth1 = 10.0.0.2. Entries: 81.219.234.0/24, through eth0, no gateway 10.0.0.0/8, through eth1, no gateway 10.128.0.0/9, through eth1, gateway = 10.127.255.254 127.0.0.0/8, through lo, no gateway 0.0.0.0/0, through eth0, gateway = 81.219.234.3 Longest matching prefix rule. Computer networks (II UWr) Lecture 3 18 / 24
Entries aggregation Routing Many entries worse performance Entries aggregation If there are multiple entries with the same rule, you may aggregate them if they describe correct CIDR range. Also, sometimes some entries can be removed without changing the meaning of the routing table. Computer networks (II UWr) Lecture 3 19 / 24
Entries aggregation Routing Many entries worse performance Entries aggregation If there are multiple entries with the same rule, you may aggregate them if they describe correct CIDR range. Also, sometimes some entries can be removed without changing the meaning of the routing table. Example 1: entries 10.0.0.0/24, through eth1, gateway = 10.1.0.1 10.0.1.0/24, through eth1, gateway = 10.1.0.1 10.0.2.0/23, through eth1, gateway = 10.1.0.1 can be replaced with: 10.0.0.0/22, through eth1, gateway = 10.1.0.1 Computer networks (II UWr) Lecture 3 19 / 24
Entries aggregation Routing Many entries worse performance Entries aggregation If there are multiple entries with the same rule, you may aggregate them if they describe correct CIDR range. Also, sometimes some entries can be removed without changing the meaning of the routing table. Example 2: entries 10.0.1.0/24, through eth1, gateway = 10.1.0.1 10.0.2.0/24, through eth1, gateway = 10.1.0.1 cannot be aggregated. Why? Computer networks (II UWr) Lecture 3 19 / 24
Entries aggregation Routing Many entries worse performance Entries aggregation If there are multiple entries with the same rule, you may aggregate them if they describe correct CIDR range. Also, sometimes some entries can be removed without changing the meaning of the routing table. Example 3: if all entries are: 10.0.0.0/8, through eth1, gateway = 10.1.0.1 10.0.0.0/24, through eth1, gateway = 10.1.0.1 you may remove the second rule. Computer networks (II UWr) Lecture 3 19 / 24
Entries aggregation Routing Many entries worse performance Entries aggregation If there are multiple entries with the same rule, you may aggregate them if they describe correct CIDR range. Also, sometimes some entries can be removed without changing the meaning of the routing table. Example 4: but from entries 10.0.0.0/8, through eth1, gateway = 10.1.0.1 10.0.0.0/16, through eth0, gateway = 20.0.0.1 10.0.0.0/24, through eth1, gateway = 10.1.0.1 you cannot remove anything. Computer networks (II UWr) Lecture 3 19 / 24
Entries aggregation Routing Many entries worse performance Entries aggregation If there are multiple entries with the same rule, you may aggregate them if they describe correct CIDR range. Also, sometimes some entries can be removed without changing the meaning of the routing table. Example 4: but from entries 10.0.0.0/8, through eth1, gateway = 10.1.0.1 10.0.0.0/16, through eth0, gateway = 20.0.0.1 10.0.0.0/24, through eth1, gateway = 10.1.0.1 you cannot remove anything. Note: there are modern routers where you can write a rule as 10.0.0.0/16 EXCEPT 10.0.0.0/24... Computer networks (II UWr) Lecture 3 19 / 24
Cooperation with layer 2 Cooperation with layer 2 (1) Problem: Layer 2 does not understand IP addresses Solution: ARP (Address Resolution Protocol). Broadcasts queries of type: who has IP adress.... One node should reply with an answer I do. Computer networks (II UWr) Lecture 3 20 / 24
Cooperation with layer 2 Cooperation with layer 2 (2) Problem: What if we need MAC IP conversion? Protocols: RARP (Reverse ARP) Why should we care? Layer 2 should be independent of layer 3! Automatic assigning of IP addresses Crucial for diskless computers (know only their MAC address) BOOTP (RARP + possibility of downloading operating system image) DHCP (works also between local networks) Automatic configuration (APIPA = Automatic Private IP Addressing (169.254.0.0/16)) Computer networks (II UWr) Lecture 3 21 / 24
Cooperation with layer 2 Cooperation with layer 2 (2) Problem: What if we need MAC IP conversion? Protocols: RARP (Reverse ARP) Why should we care? Layer 2 should be independent of layer 3! Automatic assigning of IP addresses Crucial for diskless computers (know only their MAC address) BOOTP (RARP + possibility of downloading operating system image) DHCP (works also between local networks) Automatic configuration (APIPA = Automatic Private IP Addressing (169.254.0.0/16)) Computer networks (II UWr) Lecture 3 21 / 24
Cooperation with layer 2 Helper layer 3 protocol ICMP = Internet Control Message Protocol For testing of layer 3. Encapsulated in IP packets. Different types of messages, most popular are: Echo request Echo reply Destination unreachable (for some reason) Time exceeded (TTL = 0). Tools based on ICMP: ping and traceroute Computer networks (II UWr) Lecture 3 22 / 24
Cooperation with layer 2 MTU = Maximum Transmission Unit MTU is a property of the second layer For Ethernet: MTU = 1500 For wireless networks: MTU = 2304 R Router may divide packets into smaller parts (IP fragmentation) Router replaced by bridge faster, but cannot cope with different MTU! Computer networks (II UWr) Lecture 3 23 / 24
Cooperation with layer 2 MTU = Maximum Transmission Unit MTU is a property of the second layer For Ethernet: MTU = 1500 For wireless networks: MTU = 2304 R Router may divide packets into smaller parts (IP fragmentation) Router replaced by bridge faster, but cannot cope with different MTU! Computer networks (II UWr) Lecture 3 23 / 24
Cooperation with layer 2 MTU = Maximum Transmission Unit MTU is a property of the second layer For Ethernet: MTU = 1500 For wireless networks: MTU = 2304 R Router may divide packets into smaller parts (IP fragmentation) Router replaced by bridge faster, but cannot cope with different MTU! Computer networks (II UWr) Lecture 3 23 / 24
Cooperation with layer 2 IP fragmentation (cont.) Problem: Fragmenting is usually undesirable (performance loss, increases complexity) Solution: Set DF (don t fragment) bit in IP header if there is need of fragmentation, packet is dropped, and router sends back an ICMP message (destination unreachable, can t fragment). Sending computer can adjust packet size accordingly Iterate till packet gets through : technique called path MTU discovery. Computer networks (II UWr) Lecture 3 24 / 24