ip routing n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
IP Routing PowerPoint Presentation
Download Presentation
IP Routing

Loading in 2 Seconds...

play fullscreen
1 / 36

IP Routing - PowerPoint PPT Presentation


  • 258 Views
  • Uploaded on

IP Routing. Routing - the process of choosing a path over which to send packets Router - a computer that performs routing Routing is one of the Internet Protocol’s primary functions. IP Routing. Criteria that could (ideally) be used to make routing decisions: Network characteristics

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'IP Routing' - misha


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
ip routing
IP Routing
  • Routing - the process of choosing a path over which to send packets
  • Router - a computer that performs routing
  • Routing is one of the Internet Protocol’s primary functions
ip routing1
IP Routing
  • Criteria that could (ideally) be used to make routing decisions:
    • Network characteristics
    • Network topology
    • Network load
    • Datagram length
    • Type of service requested in the datagram’s header
  • IP routing software:
    • Normally does not consider most of these factors
    • Makes decisions based on fixed assumptions about shortest paths
review internet architecture

R3

R4

R5

Net 1

Net 2

R1

R2

Host

Review: Internet Architecture
hosts vs routers
Hosts vs. Routers
  • Hosts make routing decisions
  • Hosts don’t typically transfer packets from one network to another
  • Routers make routing decisions
  • Routers typically transfer packets from one network to another
direct vs indirect delivery
Direct vs. Indirect Delivery
  • Direct delivery - transmit datagram across a single physical network to the destination
  • Indirect delivery - transmit datagram across multiple physical networks (with the aid of routers) to the destination
  • How does a machine know which method of delivery to use?
direct delivery
Direct Delivery
  • Map the destination IP address to a physical address
  • Encapsulate the datagram in a physical frame
  • Send the frame over the physical network to the destination
indirect delivery
Indirect Delivery
  • Encapsulate the datagram in a frame
  • Choose a router on the physical network
  • Send the frame to that router
  • Router forwards the datagram on towards its final destination
    • How does the host choose a router?
    • How does the router forward the datagram?
the ip routing table
The IP Routing Table
  • Routing table - each machine stores information about destination networks and how to reach them
  • Using only netid portion of the IP address keeps routing tables:
    • Small
    • Relatively stable
next hop routing cont
Next-Hop Routing (cont)
  • Routing table at machine M contains pairs (N,R)
    • N is the IP address of a destination network
    • R is the IP address of the “next” router (R and M must share a physical network)
  • Routing table size:
    • Depends on the number of networks in the internet
    • Only grows when new networks are added
properties of next hop routes
Properties of Next-Hop Routes
  • All traffic destined for a given network takes the same path
  • Only the final router can determine whether a host exists or is operational
  • Routes are not necessarily symmetric
default routes
Default Routes
  • No route in the routing table = datagrams sent to the default router
  • Both simplifies routing tables and reduces their size:
host specific routes
Host-Specific Routes
  • Routing tables are allowed to include per-host routes as a special case:
the ip routing algorithm
The IP Routing Algorithm

Extract the destination IP address, D, from the datagram and compute the netid, N

If N matches any directly connected network address deliver the datagram directly

else if the routing table contains a host-specific address for D send the datagram to the next-hop specified in the table

else if the routing table contains a route for network N send the datagram to the next-hop specified in the table

else if the routing table contains a default router send the datagram there

else declare a routing error

why not use physical addresses
Why not Use Physical Addresses?
  • Routing tables store the IP address of the next hop
  • IP addresses must be translated into physical addresses
ip routing summary
IP Routing - Summary
  • Routing is one of the Internet Protocol’s primary functions
  • Routing is the process of choosing a path over which to send packets
  • Questions not answered:
    • How does a host or router initialize its routing table?
    • How are routing tables updated as the network changes?
error and control messages in the internet protocol
Error and Control Messages in the Internet Protocol
  • Extranormal communication among routers and hosts is sometimes necessary to:
    • Report errors
    • Handle abnormal conditions
    • Update routing information
  • The Internet Protocol defines a single mechanism for these types of messages
the internet control message protocol icmp
The Internet ControlMessage Protocol (ICMP)
  • Normally generated by and intended for the IP software
  • Two levels of encapsulation:
icmp is for error reporting
ICMP is for Error Reporting
  • Errors are reported to a datagram’s original sender
  • It is the sender’s responsibility to take appropriate action
  • Exception: ICMP messages are not generated for errors that result from datagrams carrying ICMP messages
icmp message format
ICMP Message Format
  • All ICMP messages begin with the same three fields:
    • TYPE (1 octet) - identifies the message
    • CODE (1 octet) - information about the subtype
    • CHECKSUM (2 octets) - covers the ICMP message
  • ICMP error messages always include the header and first 64 data bits of the datagram causing the problem
the icmp type field
The ICMP TYPE Field

Type Field ICMP Message Type

------------- --------------------------

0 Echo Reply

3 Destination Unreachable

4 Source Quench

5 Redirect

8 Echo Request

11 Time Exceeded for Datagram

12 Parameter Problem on Datagram

13 Timestamp Request

14 Timestamp Reply

15 Information Request (obsolete)

16 Information Reply (obsolete)

17 Address Mask Request

18 Address Mask Reply

echo request and reply messages
Echo Request and Reply Messages
  • IDENTIFIER and SEQUENCE NUMBER
    • Used by the sender to match replies with requests
destination unreachable messages
Destination Unreachable Messages
  • Sent when a router cannot deliver or forward a datagram
destination unreachable code field
Destination UnreachableCODE Field

Code Value Meaning

-------------- -----------

0 Network Unreachable

1 Host Unreachable

2 Protocol Unreachable

3 Port Unreachable

4 Fragmentation needed and DF set

5 Source Route Failed

6 Destination Network unknown

7 Destination Host Unknown

8 Source Host Isolated

9 Comm. Administratively prohibited (network)

10 Comm. Administratively prohibited (host)

11 Network unreachable for type of service

12 Host unreachable for type of service

congestion and datagram flow control
Congestion and DatagramFlow Control
  • Most routers have a limited queue in which to store arriving datagrams
  • Congestion - a router is overrun with traffic
    • High-speed computer sends datagrams faster than a router can retransmit them
    • Many computers send datagrams to the same router at once
source quench message
Source Quench Message
  • Congested routers send one for every datagram they drop:
source quench messages
Source Quench Messages
  • Hosts that receive source quench messages should stop sending datagrams to that router (temporarily)
  • When it hasn’t received a source quench message in a while, the host can start gradually increasing its traffic again
redirect messages

H

R2

Net 3

Net 2

Net 1

R1

Redirect Messages
  • Hosts initialize routing table at startup
  • When a router detects a host using a nonoptimal route it sends the host a ICMP redirect message
redirect messages1
Redirect Messages

Code Value Meaning

-------------- -----------

0 Redirect datagrams for the Net (obsolete)

1 Redirect datagrams for the Host

2 Redirect datagrams for the Type of Service and Net

3 Redirect datagrams for the Type of Service and Host

time exceeded messages
Time Exceeded Messages
  • Code 0 - Datagram dropped because TTL reached 0
  • Code 1 - Datagram dropped because fragment reassembly time exceeded
icmp security issues
ICMP – Security Issues
  • ICMP can be a source of security vulnerabilities:
    • Flaws in ICMP implementation can be exploited
      • Recall the teardrop vulnerability in IP
    • ICMP is well suited for denial-of-service attacks
      • Anyone notice the –f (flood) option to ping?
      • According to the man page:

“This can be very hard on a network and should be used with caution.”

ping of death
Ping of Death
  • Attacker constructs an ICMP echo request message containing 65,510 data octets and sends it to a victim host:
ping of death cont
Ping of Death (cont)
  • The total size of the resulting datagram (65538 octets) is larger than the 65,536 octet limit specified by IP
  • Several systems did not handle this oversized IP datagram properly
    • Hang
    • Crash
    • Reboot
  • Fixed by software patches
smurf
Smurf
  • Attacker sends ICMP echo request messages to a broadcast address at an intermediate site
    • Broadcast address = a copy of the datagram is delivered to every host connected to a specified network
    • For some broadcast address, a single request could generate replies from dozens or hundreds of hosts
  • The source address in each request packet is spoofed so that replies are sent to a victim machine
  • Result: the victim’s machine/network is flooded by ICMP echo replies
  • Many sites have reconfigured their machines so that their machines do not respond to ICMP echo requests sent to a broadcast address
icmp summary
ICMP - Summary
  • ICMP provides a mechanism for extranormal communication among routers and hosts
    • Echo request/reply
    • Destination unreachable
    • Source quench
    • Redirect
    • Time exceeded
  • Sometimes incoming ICMP messages are blocked for security reasons