Cse 331 introduction to networks and security
This presentation is the property of its rightful owner.
Sponsored Links
1 / 52

CSE 331: Introduction to Networks and Security PowerPoint PPT Presentation


  • 37 Views
  • Uploaded on
  • Presentation posted in: General

CSE 331: Introduction to Networks and Security. Slide Set 3. Fall 2000 Instructor: Carl A. Gunter. Internetworking. Bridges IP Scaling IP Next Generation IP DNS Multicast. Inter-networking Challenges. H e te r og e N i e t y. Scale. Extended LANs. Idea: extend LAN. More hosts

Download Presentation

CSE 331: Introduction to Networks and Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Cse 331 introduction to networks and security

CSE 331: Introduction to Networks and Security

Slide Set 3

Fall 2000

Instructor: Carl A. Gunter


Internetworking

Internetworking

  • Bridges

  • IP

  • Scaling IP

  • Next Generation IP

  • DNS

  • Multicast


Inter networking challenges

Inter-networking Challenges

HeterogeNiety

Scale


Extended lans

Extended LANs

  • Idea: extend LAN.

    • More hosts

    • Larger area

  • How? Use “amplification”.

    • Inter-LAN packet forwarding

    • called a repeater

    • limited by specification.


Bridges

Bridges

  • Logically, these are switches

  • As part of a logical broadcast:

    • Forward packet on input port to all other ports

  • Self-Learning Bridge

    • Watch source addresses to learn destinations

    • A “transparent” optimization


Learning example

Learning Example


Topology and bridges

Host

Host

Host

Topology and Bridges

  • Consider broadcast emulation:


Problem cycles loops

Problem: Cycles (Loops)

  • Frame gets rebroadcast forever

  • Could avoid by construction, BUT:

    • Hard, especially management

    • Often want redundancy

  • Solution:

    • Restrict Active ports to a “Spanning Tree”

    • Basic design by Radia Perlman


Cse 331 introduction to networks and security

Root

  • Spanning Tree: shortest paths to root

Host

ROOT

Host

Host


Spanning tree algorithm

Spanning Tree Algorithm

  • Messages

    • Sender ID

    • Belief about root ID

    • Distance to root

  • Elect root for family of LAN’s and designated bridge for each LAN.

  • Initially: each bridge considers itself root.

  • Update and forward protocol.


Spanning tree algorithm ctd

Spanning Tree Algorithm, ctd

  • A configuration message is better if

    • provides root with smaller ID

    • provides root with equal ID but shorter distance to root

    • provides equal root ID and distance to root but sending ID has smaller ID

  • Only root bridge sends configuration information at the end. Time out to recover from failure.


Limitations

Limitations

  • Scaling

    • Connections on order of dozens

    • Transparency incomplete

  • Heterogeneity

    • Limited to compatible link layers


Cse 331 introduction to networks and security

IP

  • Terminology

  • Service model

  • Addresses

  • Forwarding

  • ARP

  • ICMP


Internetworks

Internetworks

Router (Gateway)


Internetworks1

Internetworks

Ethernet

H1

H2

H3

Ethernet

H7

R3

H8

R1

H4

Point-to-Point

Link (e.g., ISDN)

FDDI Ring

R2

H6

H5


Ip interoperability

FTP

NFS

HTTP

TCP

UDP

Virtual Network Infrastructure

(runs globally)

IP

ISDN

Ethernet

ATM

IP Interoperability

Overlays (running at hosts)

Networks (run locally)


Ip encapsulation

IP Encapsulation


Service model

Service Model

  • Choose minimal service model

    • All nets can implement

    • “Tin cans and a string” extremum

  • Features:

    • Best-effort (datagram) delivery

    • Reliability, etc. as overlays

    • Packet format


Ipv4 packet format

IPv4 Packet Format

0 4 8 16 19 31

Version Hlen TOS Length

Ident Flags Offset

TTL Protocol Checksum

SourceAddr

DestinationAddr

Options (variable length) Pad

DATA


Fields of ipv4 header

Fields of IPv4 Header

  • Version

    • version of IP, 4 in this case

  • Hlen

    • Header length, in 32-bit words

  • TOS

    • Type of Service (rarely used)

    • Priorities, delay, throughput, reliability


Header fields continued

Header fields, continued

  • Length

    • Length of datagram, in bytes

    • 16 bits, hence max. of 65,536 bytes

  • Fields for fragmentation and reassembly

    • Identifier

    • Flags

    • Offset


Header fields continued1

Header fields, continued

  • TTL

    • Time to live (in reality, hop count)

    • 64 is the current default

  • Protocol

    • e.g., TCP (6), UDP(17), etc. (see hourglass)


Yet more fields

Yet more fields….

  • Checksum

    • Checksum of header; described P&D 3.4

  • SourceAddr, DestinationAddr

    • 32 bit IP addresses - global, IP-defined

  • Options

    • length can be computed using Hlen


Fragmentation and reassembly

Fragmentation and Reassembly

  • Networks differ on maximum packet size

  • IP Fragmentation-and-Reassembly analogous to ATM Segmentation and Reassembly

  • Maximum Transmission Unit (MTU)

    • Path MTU is min MTU for path

  • F-and-R BAD for performance (Mogul,..)


Cse 331 introduction to networks and security

Ethernet

H1

H2

H3

Ethernet

MTU = 1500

MTU = 1500

H7

R3

H8

R1

H4

Point-to-Point

Link (e.g., ISDN)

FDDI Ring

R2

MTU = 4500

MTU = 532

H6

H5

H1

R1

R2

R3

H8

P2P IP (512)

P2P IP (512)

ETH IP (512)

ETH IP (512)

ETH IP (1400)

ETH IP (376)

FDDI IP (1400)

P2P IP (376)


Cse 331 introduction to networks and security

Unfragmented packet

Fragmented packets


Ip addresses

IP addresses

  • Hierarchical, not flat as in Ethernet

  • Written as four decimal numbers separated by dots: 158.130.14.2

7

24

A

Network

Host

0

14

16

B

Host

1

0

Network

21

8

C

Host

1

1

0

Network


Network classes

Network Classes


Forwarding

Forwarding

  • If (network # dest == network # interface) then deliver to destination over interface

  • else if (network # dest in forwarding table) deliver packet to NextHop router

  • else deliver packet to default router


Cse 331 introduction to networks and security

ARP

  • ARP - Address Resolution Protocol

    • Mapping between IP and link layer addresses using broadcast


Arp packet format

ARP Packet Format


Arp and icmp

ARP and ICMP

  • ICMP - Internet Control Message Protocol

    • ping

    • redirect

    • error messages


Scaling problems

Scaling Problems

  • Not enough network numbers.

  • Routing information too cumbersome.


Subnets

Subnets

  • Solution: Subnetting

    • All nodes are configured with subnet mask

    • Allows definition of a subnet number

      • All hosts on a physical subnetwork share the same subnet number

Subnet Mask (255.255.255.0)

111111111111111111111111 00000000

Subnetted Address:

Network number Subnet ID Host ID


Subnets cont d

Subnets, cont’d

  • Mask is bitwise-ANDed with address

  • This is done at routers

  • Router tables in this model:

    • <Subnet #, Subnet Mask, NextHop>

  • Subnetting allows a set of physical networks to look like a single logical network from elsewhere


Forwarding algorithm

Forwarding Algorithm

D = destination IP address

for each forwarding table entry

(SubnetNumber, SubnetMask, NextHop)

D1 = SubnetMask & D

if D1 = SubnetNumber

if NextHop is an interface

deliver datagram directly to destination

else

deliver datagram to NextHop (router)


Ip routing

IP Routing

  • Begin by partitioning problem:

    • Interdomain Routing - between administrative domains (e.g., companies)

    • Intradomain Routing - inside administrative domains


Intradomain routing

Intradomain Routing

  • RIP - Routing Information Protocol

    • Uses distance vector algorithm

    • Limited to small nets; <15 hops

    • See packet format p. 245 P&D

  • OPSF - Open Shortest Path First

    • Augmented version of link-state

    • Augmentation includes authentication, load-balancing, and defined areas


Synchronous bellman ford

2

2

1

1

1

1

0

0

0

Synchronous Bellman-Ford

Destination


Asynchronous version

3

3

2

2

2

4

1

1

1

1

0

0

0

0

0

Asynchronous Version


Counting to infinity

1

3

3

6

3

2

0

2

2

2

5

5

1

4

4

4

Counting to Infinity

Loops may form and stability cannot occur without “counting to infinity”. Problem in RIP addressed in AODV at the cost of greater complexity.


Interdomain routing

Interdomain Routing

  • EGP - Exterior Gateway Protocol

    • Early; constrained Internet to tree and hence shares some problems of bridging (scalability, path exploitation, etc. ….. )


Interdomain routing cont

Interdomain Routing, cont.

  • BGP - Border Gateway Protocol

    • Arbitrary topology

    • Lego-like interconnection of Administrative Domains

      • local traffic: originates or terminates in A.D.

      • transit traffic: passes through

      • stub: one A.D.-A.D. link

      • multihomed: multiple A.D. links, no transit

      • transit: connections to other A.D.s; carry transit


Intradomain routing cont

Intradomain Routing, cont.

  • BGP

    • A border gateway is an IP router that forwards packets between A.D.s

    • A.D. has one “BGP speaker”

    • BGP advertises reachability, not costs

    • And it advertises paths between A.D.s

    • Thus, not LSP or DV.

    • Router state ~# A.D.s, hence large


Next generation ip

Next Generation IP

  • Lots of addresses (128 bits)

  • Real-time

  • Security

  • Autoconfiguration

  • Mobile hosts and other enhanced routing functions


Packet format

Packet Format

0

31

Ver. Prio FlowLabel

PayloadLEN NextHeader HopLimit

Source Address (128 bits)

Destination Address (128 bits)

Next Header/Data


Domain name system

Cheltenham.cs.arizona.edu

192.12.69.60

Domain Name System

  • System for mapping mnemonic names for computers into IP addresses.

  • Domain Hierarchy

  • Name Servers

  • Name Resolution


Records on name servers

Records on Name Servers

  • < Name, Value, Type, Class >

  • Types

    • A Host to address mappings

    • NS Name server address mappings

    • CNAME Aliases

    • MX Mail server mappings

  • Class IN for IP addresses


Name resolution

Name Resolution


  • Login