04net Dhcp Nat
Transcript of 04net Dhcp Nat
-
8/2/2019 04net Dhcp Nat
1/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 1
04netC CSCD58S Computer Networks 1
IP Address Block Allocation
Q: How does an ISP get block of addresses?A: ICANN: Internet Corporation for Assigned
Names and Numbers
allocates IP addresses manages DNS system
assigns domain names, resolves disputes
generates a lot of controversy ;-)
-
8/2/2019 04net Dhcp Nat
2/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 2
04netC CSCD58S Computer Networks 3
IP addresses: how to get one?
Q: How does a host get IP address?
hard-coded by system admin in a file Wintel: control-panel->network->configuration->tcp/ip->properties UNIX: /etc/rc.config
DHCP: Dynamic Host Configuration Protocol:
dynamically get address: plug-and-play (RFC 2131) host broadcasts DHCP discover msg DHCP server responds with DHCP offer msg host requests IP address: DHCP request msg DHCP server sends address: DHCP ack msg
NAT: Network Address Translation use a one (or few) public network addresses to stand in for a
large number of private network addresses, e.g. on a homenetwork.
-
8/2/2019 04net Dhcp Nat
3/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 3
04netC CSCD58S Computer Networks 5
DHCP: Dynamic Host Configuration Protocol
Goal: allow host to dynamically obtain its IP address
from network server when it joins network Allows reuse of addresses (host only holds address while
connected and on)
Host allowed to renew lease on address currently in use
Support for mobile users who want to join network (morelater)
DHCP overview: host broadcasts DHCP discover msg
DHCP server responds with DHCP offer msg
host requests IP address: DHCP request msg
DHCP server sends address: DHCP ack msg
-
8/2/2019 04net Dhcp Nat
4/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 4
04netC CSCD58S Computer Networks 6
DHCP client-server scenario
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
DHCPserver
arriving DHCP
client needsaddress in thisnetwork
-
8/2/2019 04net Dhcp Nat
5/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 5
04netC CSCD58S Computer Networks 7
DHCP client-server scenarioDHCP server: 223.1.2.5 arriving
client
time
DHCP discover
src : 0.0.0.0, 68dest.: 255.255.255.255,67
yiaddr: 0.0.0.0
transaction ID: 654
DHCP offer
src: 223.1.2.5, 67dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4transaction ID: 654Lifetime: 3600 secs
DHCP request
src: 0.0.0.0, 68dest:: 255.255.255.255, 67
yiaddrr: 223.1.2.4transaction ID: 655Lifetime: 3600 secs
DHCP ACKsrc: 223.1.2.5, 67dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4transaction ID: 655Lifetime: 3600 secs
-
8/2/2019 04net Dhcp Nat
6/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 6
04netC CSCD58S Computer Networks 8
DHCP: example connecting laptop needs its
IP address, addr of first-hop router, addr of DNS
server: use DHCP
router(runs DHCP)
DHCPUDP
IPEth
Phy
DHCP
DHCP
DHCP
DHCP
DHCP
DHCPUDP
IPEth
Phy
DHCP
DHCP
DHCP
DHCPDHCP
DHCP request encapsulatedin UDP, encapsulated in IP,encapsulated in 802.1
Ethernet Ethernet frame broadcast
(dest: FFFFFFFFFFFF) on LAN,received at router runningDHCP server
Ethernet demuxed to IPdemuxed, UDP demuxed toDHCP
168.1.1.1
N t k L DHCP NAT 06 M 12
-
8/2/2019 04net Dhcp Nat
7/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 7
04netC CSCD58S Computer Networks 9
DHCP server formulatesDHCP ACK containingclients IP address, IPaddress of first-hoprouter for client, name& IP address of DNSserver
router(runs DHCP)
DHCPUDP
IPEth
Phy
DHCP
DHCP
DHCP
DHCP
DHCPUDP
IPEth
Phy
DHCP
DHCP
DHCP
DHCP
DHCP
encapsulation of DHCPserver, frame forwardedto client, demuxing up toDHCP at client
client now knows its IP
address, name and IPaddress of DNS server,IP address of its first-hop router
DHCP: example
Network Layer DHCP NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
8/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 8
04netC CSCD58S Computer Networks 10
DHCP advantages over fixed address assignment:
simplifies network administration (and reduces errors e.g.
2 hosts using same IP address due to misconfiguration) improves utilization of address space
support for roaming users
each DHCP server controls a block of IP addressesthat it makes available to individual hosts on demand
IP addresses are leased
client should renew after about 2/3 of lease has expired soft state, leases revert if not renewed
client can send DHCPRelease or just allow the lease toexpire
Network Layer DHCP NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
9/16
Network Layer - DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 9
04netC CSCD58S Computer Networks 11
Network Address Translation (NAT)
interim solution to IP address space exhaustion a kludge (but a useful one)
sits between a network and the Internet
job is to translate local network layer addressesto global IP addresses
shares a single (or pool of) IP address(es) among alarger number of hosts
uses special unallocated (non-public) addresses(RFC 1597) within the local network 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
Network Layer - DHCP NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
10/16
Network Layer DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 10
04netC CSCD58S Computer Networks 12
NAT: Network Address Translation
Motivation: local network uses just one IP address as
far as outside word is concerned: no need to be allocated range of addresses from
ISP: - just one IP address is used for all localnetwork devices
can change addresses of devices in local networkwithout notifying outside world
can change ISP without changing addresses ofdevices in local network
devices inside local net not explicitly addressableby or visible to outside world (a security plus).
Network Layer - DHCP, NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
11/16
Network Layer DHCP, NAT 06 Mar 12
CSCD58 Computer Networks 11
04netC CSCD58S Computer Networks 13
NAT: Network Address Translation
192.168.0.1
192.168.0.2
192.168.0.3
192.168.0.4
138.76.29.7
local network
(e.g., home network)192.168.0/24
rest of
Internet
Datagrams with source ordestination in this network
have 192.168.0/24 address forsource, destination (as usual)
All datagrams leaving localnetwork have same single source
NAT IP address: 138.76.29.7,different source port numbers
Network Layer - DHCP, NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
12/16
y ,
CSCD58 Computer Networks 12
04netC CSCD58S Computer Networks 14
NAT: Network Address Translation
for outgoing datagrams: replace of every outgoing datagramwith . . . remote clients/servers will respond using
asdestination addr.
remember (using NAT translation table)every to translation pair
incoming datagrams: replace in dest fields of everyincoming datagram with corresponding stored in NAT table
Network Layer - DHCP, NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
13/16
CSCD58 Computer Networks 13
04netC CSCD58S Computer Networks 16
NAT: Network Address Translation
10.0.0.1
10.0.0.2
10.0.0.3
S: 10.0.0.1, 3345D: 128.119.40.186, 80
110.0.0.4
138.76.29.7
1: host 10.0.0.1sends datagram to128.119.40.186, 80
NAT translation tableWAN side addr LAN side addr
138.76.29.7, 5001 10.0.0.1, 3345
S: 128.119.40.186, 80D: 10.0.0.1, 3345 4
S: 138.76.29.7, 5001D: 128.119.40.186, 802
2: NAT router
changes datagramsource addr from10.0.0.1, 3345 to138.76.29.7, 5001,updates table
S: 128.119.40.186, 80D: 138.76.29.7, 5001 3
3: Reply arrivesdest. address:138.76.29.7, 5001
4: NAT routerchanges datagramdest addr from138.76.29.7, 5001 to 10.0.0.1, 3345
Network Layer - DHCP, NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
14/16
CSCD58 Computer Networks 14
04netC CSCD58S Computer Networks 19
NAT traversal problem client wants to connect to
server with address 10.0.0.1 server address 10.0.0.1 local
to LAN (client cant use it asdestination addr)
only one externally visibleNAT address: 138.76.29.7
solution 1: staticallyconfigure NAT to forwardincoming connectionrequests at given port to
server e.g., (123.76.29.7, port 2500)
always forwarded to 10.0.0.1port 25000
10.0.0.1
10.0.0.4
NATrouter
138.76.29.7
Client?
Network Layer - DHCP, NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
15/16
CSCD58 Computer Networks 15
04netC CSCD58S Computer Networks 20
NAT traversal problem solution 2: Universal Plug and
Play (UPnP) Internet GatewayDevice (IGD) Protocol. AllowsNATd host to: learn public IP address
(138.76.29.7) add/remove port mappings
(with lease times)
i.e., automated user-
configurable static NATport map configuration
10.0.0.1
10.0.0.4
NATrouter
138.76.29.7
IGD
Network Layer - DHCP, NAT 06 Mar 12
-
8/2/2019 04net Dhcp Nat
16/16
CSCD58 Computer Networks 16
04netC CSCD58S Computer Networks 21
NAT traversal problem solution 3: relaying (used in Skype)
NATed client establishes connection to relay External client connects to relay
relay bridges packets between to connections
138.76.29.7
Client
10.0.0.1
NATrouter
1. connection torelay initiatedby NATd host
2. connection torelay initiatedby client
3. relayingestablished