LIS508 lecture 8:tcp/ip and domains Thomas Krichel 2003-11-25
Structure • IP • TCP • Domains • discussion mostly based on Tanenbaum’s “computer networks” classic book….
Internet Protocol IP • LAN protocols are not part of the Internet. • IP operates on top of LANs to make them interoperable. • IP sets up a set of logical addresses that locate a physical device over the whole range of locations over the Internet. • It provides for the means to send datagrams from one address to the other… • Such datagrams are called packets. The IP service is not reliable!
in the words of rfc791 • “The Internet protocol is designed for use in interconnected systems of packet-switched computer connection networks. The Internet protocol provides for transmitting blocks of data called datagrams from sources to destinations. The Internet protocol also provides for fragmentation and reassembly of long datagram, if necessary, for transmission through 'small packet' networks.” • “There are no mechanisms to augment end-to-end data reliability, flow control, sequencing, or other services commonly found in host-to-host protocols.”
IP address • 32 bit address, usually written as a sequence of four decimal numbers between 0 and 255. • Contains a network part and a host part • dependent on the network mask • depending on the class of the network • All traffic that is not on the local network is sent to a gateway
finding the IP address • A host is on the Internet when it has an IP address that others can reach. Usually that implies knowing • IP address of the machine • network mask • IP address of the gateway • There can be written into a file on the machine. This is usually referred to as a static address.
reading the IP address • An IP address has a network component and a host component. • Class A address a binary number that starts with 0, then has 7bit for network information and 24 for the host on that network • Class B address is a binary number that starts with 10, then has 14 bit for the network and then 16 bits for the host. • Class C address is a binary number starts with 110, then has 21 bit for the network and then 8 bit for the host.
address allocation • traditionally organizations have been given a network, belonging to one of the classes, and then have given out hosts in the organization • Some organizations don't need a big block of addresses • Others are short (and they are usually not in the US!)
address shortage • IP classes waste addresses. • They were set up to simplify routing of packets. • IP version 6 will have 128 bit addresses and a completely different routing algorithm, but until this is implemented, we have address shortage.
static and dynamic addresses • Static IP addresses have problems • waste a lot of address space on machines that are switched off • have to be rewritten when device moves • dynamic addressing has become more common • the most widely used protocol is the dynamic host configuration protocol
dhcp • When connected to a network a client software on a host machine sends out a request on the LAN it is attached to. • A dhcp server will answer and lease an IP address to the host, sending it the network mask and the gateway address as well. • Internet providers work like that to save address space. • Problem: some services require IP addresses to be stable. They can not be run in such a setting.
routing • using IP, all datagrams travel individually. • they may travel through many networks in order to get to their destination • networks are interconnected through routers who make the decision where to send the packet to next. • Such decision are based on routing protocols such as OSPF or BGP etc. This is a very complicated piece of engineering.
frame / packet / segment • The Ethernet frame on the LAN contains the IP packet. • A gateway between two networks takes the packet out of the Ethernet frame of one network, and “wraps” it in a frame used on another network. • Inside the IP packet, there is a TCP segment. The TCP segment tells the destination machine what to do with the data.
transmission control protocol • provides a reliable service of communication • stream orientation: bytes come out from the sender, arrive in the same order at the receiver • packet buffering: fast arrived data is stored at the destination until it can be processed • full duplex: communication in two ways. • if a packet has gone astray, TCP retransmit it. • uses port numbers as addresses to tell the host what to do with arriving packets.
applications and ports • TCP uses port numbers to detect which application protocol to send the data to. • Some 0-1023 ports are well-known • 80 for http -- 22 for ssh • 23 for telnet -- 53 for dns • firewalls can block traffic for specific ports on specific machines and therefore allow or prevent services.
summary : TCP/IP “model” • Application layer • http, smtp, ftp, dns, ntp • Transport layer • tcp, udp • Network layer • IP • Host-to-host layer • LAN and WAN protocols
Critique of tcp/ip • Not a model but a protocol stack • No proper distinction between • Service • Protocol • Interface • Ad hoc set of application protocols
introduction to NAT • The biggest problem facing the Internet is that it is running out of addresses for IPv.4 and that IPv6 is not implemented everywhere. • dhcp relieves this for machines that are on and off. • But many home users want to connect a number of machines independently to the Internet, without having to request a new IP for each new machine.
Network Address Translation • Your provider gives you one IP address for a hub that connects you with the outside world. • Internally, you connect a number of machines to the hub. Each machine has an internet address, but these addresses are only valid for your LAN. • 10.0.0.0 -- 172.16.0.0 -- 192.168.0.0 • have been set aside for that. The hub uses dhcp to assign such addresses
NAT at work • The hub has two IP addresses, an internal one and an external one . • When a host on the LAN wants to connect a remote (non-LAN) service, it tells the hub • its internal address and port • the destination address and port • The hub exchanges the internal IP with the external one and uses a special port for this connection. • When the response comes to the special port on the hub, it is forwarded to the LAN host.
NAT critique • violates the principle that each machine on the Internet has its own IP address • brings the Internet back to the stage of connection-oriented networking • protocol layering is screwed: IP layer makes assumptions about TCP, which is an upper layer. • some protocols, such as ftp use IP addresses in a way that NAT does not know about. They can not run with NAT, unless further tweaking is done.
Application layer • This is the top level of the network, applications that run on it. • In fact, the Domain Name System occupies a special role because most other application layer protocols relay on it. • Off the top of my head, only peer-to-peer communication systems don’t really use DNS
Host names • A host name associates a human-friendly name with an IP address. • Example: arcano.openlib.org = 188.8.131.52 • Finding an IP for a name is called a name lookup. The reverse is a reverse lookup. • Names are a sequence of labels, separated by dot. • Names may contain letters, numbers and hyphens. They may not start with a hyphen. • Names solve from right to left, contrary to addresses, that resolve from left to right.
purpose • Allows to keep constant name for • changing machines • changing the location of the machine. • Makes it easier for humans to remember access points to services. • Establish brand names and have an economic value
History of DNS • In the 70s, one single file HOSTS.TXT was maintained at SRI-NIC, downloaded frequently by all hosts on the Internet. • Problems • traffic and load • name collisions • Consistency • 1984, Paul Mockapetris releases RFC822 and RFC883 that describe the Domain Name System DNS. • Names are words separated by dots.
DNS and domains • DNS is • distributed database • client server architecture • Name servers have information about names. • general purpose • Allows a lot of different properties to be associated with names • hierarchical structure • Top component of name is to the right. • independent of physical structure
Berkeley Internet Name Domain • BIND is an implementation of the Domain Name System (DNS) protocols and provides an openly redistributable reference implementation of the major components of the Domain name system, including • a Domain Name System server (named) • a Domain Name System resolver library • tools for verifying the proper operation of the DNS server
Top level domains • For the US, delimited by function: .com, .net, .org, .int, .biz, .info etc. • For other countries, use name of the country, .to, .su, .ru. • Below that you can register names, such as myprof.com • And then, you can create your own names like krichel.myprof.com, daluca.myprof.com, and associate properties with them.
To register names • There is a market of name registrars around. • You have to check that the name is not already taken, e.g. “whois openlib.org” • Domain Name: OPENLIB.ORG • Registrar: NETWORK SOLUTIONS, INC. • Whois Server: whois.networksolutions.com • Referral URL: http://www.networksolutions.com • Name Server: UTSERV.MCC.AC.UK • Name Server: FAFNER.OPENLIB.ORG • Many registrars will run a server for you, I run my own.
openlib.org. IN SOA wotan.liu.edu. tkrichel.wotan.liu.edu. ( 2001111300 ; Serial 10800 ; Refresh after 3 hours 3600 ; Retry after 1 hour 640800 ; Expire after 1 week 86400 ; Minimum ttl of 1 day ) openlib.org. IN NS wotan.liu.edu. ; primary server, the one which holds the authoritative info (this file) openlib.org. IN NS utserv.mcc.ac.uk. ; secondary servers, At least one is necssesary. openlib.org. IN A 184.108.40.206 mail.openlib.org. IN CNAME wotan.liu.edu. openlib.org. IN MX 1 mail.openlib.org. trabbi.openlib.org. IN TXT "hello world"
http://openlib.org/home/krichel Thank you for your attention!