Chapter 5The Internet Protocol (IP)

IPv4 Datagram

The header is of variable size, limited to fifteen 32-bit words (60 bytes) by the 4-bit IHL field. A typical IPv4 header contains 20 bytes (no options). The source and destination addresses are 32 bits long. Most of the second 32-bit word is used for the IPv4 fragmentation function. A header checksum helps ensure that the fields in the header are delivered correctly to the proper destination but does not protect the data.

IPv6 Header

The IPv6 header is of fixed size (40 bytes) and contains 128-bit source and destination addresses. The Next Header field is used to indicate the presence and types of additional extension headers that follow the IPv6 header, forming a daisy chain of headers that may include special extensions or processing directives. Application data follows the header chain, usually immediately following a transport-layer header.

data

destination address(128 bits)

source address(128 bits)

payload len next hdr hop limitflow labelpriver

32 bits

The Internet Checksum• One’s complement of one’s complement sum• Same procedure results in all 0’s at the destination if

no errors

Type of Service Field

The original IPv4 Type of Service and IPv6 Traffic Class field structures. The Precedence subfield was used to indicate which packets should receive higher priority (larger values mean higher priority). The D, T, and R subfields refer to delay, throughput, and reliability. A value of 1 in these fields corresponds to a desire for low delay, high throughput, and high reliability, respectively.

Flags

The DS Field contains the DSCP in 6 bits (5 bits are currently standardized to indicate the forwarding treatment the datagram should receive when forwarded by a compliant router). The following 2 bits are used for ECN and may be turned on in the datagram when it passes through a persistently congested router. When such datagrams arrive at their destinations, the congestion indication is sent back to the source in a later datagram to inform the source that its datagrams are passing through one or more congested routers.

Differentiated Services(Intserv/Diffserv slides are from:

http://web.cs.wpi.edu/~rek/Adv_Nets/Spring2002/IntServ_DiffServ.pdf)

• Contrasts with IntServ– Per-flow isolation and guarantee

• In DiffServ, flows are aggregated into classes that receive “treatment” by class.

• More complex operations are pushed out to edge routers and simpler operations done by core routers.

• motivated by:– scalability, flexibility, and better-than-besteffort service

without RSVP signaling.

Diffserv Functional Elements

• Edge Functions– packet classification– packet marking– traffic conditioning

• Core Functions– forwarding based on per-hop behavior (PHB)– associated with packet’s class

Diffserv edge functions

• Packet Classification– classifier selects packets based on values in packet

header fields and steers packet to appropriate marking function

– how classifier obtains the rules for classification not yet addressed [RFC 2475 uses term behavior aggregate rather than class of traffic.]

• administrator could load table of source addresses• done under control of TBA signaling protocol

Diffserv edge functions

• packet marking– DS field value set accordingly at the marker.

• may wish to limit injection rate of specifically marked packets into network, i.e., user promises to keep sending rate within a traffic profile.

• metering function compares the incoming packet• flow with negotiated traffic profile.

– This implies a traffic shaper/dropper function.

Diffserv core routers

• Routers define packet classes and separate incoming packets into classes.

• Treatment is done per class.• Per-hop behavior (PHB) defines differences in

performance among classes.– externally observable performance criteria that do

not specify internal implementation mechanisms at router.

Per-hop behavior (PHB)

• Some Possible Examples of PHB– A given class receives at least 10% of outgoing link

bandwidth over a certain time interval– Class A packets have strict priority over class B

packets.• Current standards for PHB

– Expedited Forwarding (EF) PHB– Assured Forwarding (AF) PHB

Expedited Forwarding (EF) PHB

• EF specifies that the departure rate of a certain class of traffic from router must equal or exceed a configured rate independently of the traffic intensity of any other classes.

• This implies some form of isolation among traffic classes.

{EF abstraction: a link with a minimum guaranteed link capacity}

Assured Forwarding (AF) PHB

• Assured Forwarding divides traffic into multiple classes where each AF class is guaranteed some minimum resources (capacity, buffering)

• Within each class, packets are further partitioned into one of three “drop preference” categories. Congested routers then drop/mark based on their preference values.

• Determining resource allocation per class of service must be done with knowledge about traffic demands for the various traffic classes.

IP OptionsName Number Value Length Description Reference CommentsEnd of List 0 0 1 Indicates no more options. [RFC0791] If requiredNo Op 1 1 1 Indicates no operation to perform (used for

padding).[RFC0791] If required

Source Routing 3 9 131 137 Variable Sender lists router “waypoints” for packet to traverse when forwarded. Loose means other routers can be included between waypoints (3,131). Strict means all waypoints have to be traversed exactly in order (9,137).

[RFC0791] Rare, often filtered

Security and Handling Labels

2 5 130 133 11 Specifies how to include security labels and handling restrictions with IP datagrams in U.S. military environments.

[RFC1108] Historic

Record Route 7 7 Variable Records the route taken by a packet in its header.

[RFC0791] Rare

Timestamp 4 68 Variable Records the time of day at a packet’s source and destination.

[RFC0791] Rare

Stream ID 8 136 4 Carries the 16-bit SATNET stream identifier. [RFC0791] Historic

EIP 17 145 Variable Extended Internet Protocol (an experiment in the early 1990s)

[RFC1385] Historic

Traceroute 18 82 Variable Adds a route-tracing option and ICMP message (an experiment in the early 1990s).

[RFC1393] Historic

Router Alert 20 148 4 Indicates that a router needs to interpret the contents of the datagram.

[RFC2113] [RFC5350]

Occasional

Quick-Start 25 25 8 Indicates fast transport protocol start (experimental).

[RFC4782] Rare

Example

IPv6 headers form a chain using the Next Header field. Headers in the chain may be IPv6 extension headers or transport headers. The IPv6 header appears at the beginning of the datagram and is always 40 bytes long.

Next Header FieldHeader Type Order Value ReferencesIPv6 header 1 41 [RFC2460][RFC2473]

Hop-by-Hop Options (HOPOPT) 2 0 [RFC2460]; must immediately follow IPv6 header

Destination Options 3,8 60 [RFC2460]Routing 4 43 [RFC2460][RFC5095]

Fragment 5 44 [RFC2460]Encapsulating Security Payload (ESP) 7 50 (See Chapter 18)

Authentication (AH) 6 51 (See Chapter 18)Mobility (MIPv6) 9 135 [RFC6275](None—no next header) Last 59 [RFC2460]

ICMPv6 Last 58 (See Chapter 8)UDP Last 17 (See Chapter 10)TCP Last 6 (See Chapters 13–17)

Various other upper-layer protocols Last — See [AN] for complete list

IPv6 Options

Hop-by-hop and Destination Options are encoded as type-length-value sets. The first byte gives the option type, including subfields indicating how an IPv6 node should behave if the option is not recognized, and whether the option data might change as the datagram is forwarded. The Opt Data Len field gives the size of the option data in bytes.

Value Action00 Skip option, continue processing

01 Discard the datagram (silently)

10 Discard the datagram and send an ICMPv6 Parameter Problem message to the source address

11 Same as 10, but send the ICMPv6 message only if the offending packet’s destination was not multicast

Change (Chg) : set to 1 if the option field can be modified by intermediate routers

Routing Header type 0 (RH0)

Routing Header type 0 (RH0)

RH0 is currently deprecated due to security concernsRH2 is similar, but it allows only one intermediate host

Fragmentation

Fragmentation: Example

Direct/Indirect Delivery

What is mobility?(Slides on mobility are from Kurose and Ross)

• spectrum of mobility, from the network perspective:

no mobility high mobility

mobile wireless user, using same access point

mobile user, passing through multiple access point while maintaining ongoing connections (like cell phone)

mobile user, connecting/ disconnecting from network using DHCP.

Mobility: Vocabularyhome network: permanent “home” of mobile(e.g., 128.119.40/24)

Permanent address: address in home network, can always be used to reach mobilee.g., 128.119.40.186

home agent: entity that will perform mobility functions on behalf of mobile, when mobile is in a remote location

wide area network

correspondent

Mobility: more vocabulary

Care-of-address: address in visited network.(e.g., 79,129.13.2)

wide area network

visited network: network in which mobile currently resides (e.g., 79.129.13/24)

Permanent address: remains constant (e.g., 128.119.40.186)

foreign agent: entity in visited network that performs mobility functions on behalf of mobile.

correspondent: wants to communicate with mobile

How do you contact a mobile friend:

• search all phone books?

• call her parents?• expect her to let you

know where he/she is?

I wonder where Alice moved to?

Consider friend frequently changing addresses, how do you find her?

Mobility: approaches

• Let routing handle it: routers advertise permanent address of mobile-nodes-in-residence via usual routing table exchange.

– routing tables indicate where each mobile located– no changes to end-systems

• Let end-systems handle it:

– indirect routing: communication from correspondent to mobile goes through home agent, then forwarded to remote

– direct routing: correspondent gets foreign address of mobile, sends directly to mobile

Mobility: approaches

• Let routing handle it: routers advertise permanent address of mobile-nodes-in-residence via usual routing table exchange.

– routing tables indicate where each mobile located– no changes to end-systems

• let end-systems handle it:

– indirect routing: communication from correspondent to mobile goes through home agent, then forwarded to remote

– direct routing: correspondent gets foreign address of mobile, sends directly to mobile

not scalable

to millions of mobiles

Mobility: registration

End result:• Foreign agent knows about mobile• Home agent knows location of mobile

wide area network

home networkvisited network

1

mobile contacts foreign agent on entering visited network

2

foreign agent contacts home agent home: “this mobile is resident in my network”

Mobility via Indirect Routing

wide area network

homenetwork

visitednetwork

3

2

41

correspondent addresses packets using home address of mobile

home agent intercepts packets, forwards to foreign agent

foreign agent receives packets, forwards to mobile

mobile replies directly to correspondent

Indirect Routing: comments

• Mobile uses two addresses:

– permanent address: used by correspondent (hence mobile location is transparent to correspondent)

– care-of-address: used by home agent to forward datagrams to mobile

• foreign agent functions may be done by mobile itself• triangle routing: correspondent-home-network-mobile

– inefficient when

correspondent, mobile

are in same network

Indirect Routing: moving between networks

• suppose mobile user moves to another network– registers with new foreign agent– new foreign agent registers with home agent– home agent update care-of-address for mobile– packets continue to be forwarded to mobile (but

with new care-of-address)

• mobility, changing foreign networks transparent: ongoing connections can be maintained!

Mobility via Direct Routing

wide area network

homenetwork

visitednetwork

4

2

51correspondent requests, receives foreign address of mobile

correspondent forwards to foreign agent

foreign agent receives packets, forwards to mobile

mobile replies directly to correspondent

3

Mobility via Direct Routing: comments

• overcome triangle routing problem• non-transparent to correspondent:

correspondent must get care-of-address from home agent– what if mobile changes visited network?

wide area network

1

foreign net visited at session start

anchorforeignagent 2

4

new foreignagent

35

correspondentagent

correspondent

new foreignnetwork

Accommodating mobility with direct routing• anchor foreign agent: FA in first visited network• data always routed first to anchor FA• when mobile moves: new FA arranges to have data

forwarded from old FA (chaining)

Mobile IP

• RFC 3220• has many features we’ve seen:

– home agents, foreign agents, foreign-agent registration, care-of-addresses, encapsulation (packet-within-a-packet)

• three components to standardize:– indirect routing of datagrams– agent discovery– registration with home agent

Mobile IP

Mobile IP: indirect routing

Permanent address: 128.119.40.186

Care-of address: 79.129.13.2

dest: 128.119.40.186

packet sent by correspondent

dest: 79.129.13.2 dest: 128.119.40.186

packet sent by home agent to foreign agent: a packet within a packet

dest: 128.119.40.186

foreign-agent-to-mobile packet

Mobile IP: agent discovery• agent advertisement: foreign/home agents advertise

service by broadcasting ICMP messages (typefield = 9)

RBHFMGV bits reserved

type = 16

type = 9 code = 0 = 9

checksum = 9

router address

standard ICMP fields

mobility agent advertisement

extension

length sequence #

registration lifetime

0 or more care-of-addresses

0 8 16 24

R bit: registration required

H,F bits: home and/or foreign agent

Mobile IP: registration example

visited network: 79.129.13/ 24 home agent

HA: 128.119.40.7 f oreign agent

COA: 79.129.13.2 COA: 79.129.13.2

….

I CMP agent adv. Mobile agent MA: 128.119.40.186

registration req.

COA: 79.129.13.2 HA: 128.119.40.7 MA: 128.119.40.186 Lifetime: 9999 identification:714 ….

registration req.

COA: 79.129.13.2 HA: 128.119.40.7 MA: 128.119.40.186 Lifetime: 9999 identification: 714 encapsulation format ….

registration reply

HA: 128.119.40.7 MA: 128.119.40.186 Lifetime: 4999 Identification: 714 encapsulation format ….

registration reply

HA: 128.119.40.7 MA: 128.119.40.186 Lifetime: 4999 Identification: 714 ….

time

Host Processing Models

• Destination Checks– Strong host

• Must arrive on the destination IP address interface

– Weak host• Arrival on any interface is ok

• Source Checks– Strong host

• Send only on the interface matching with source address

– Weak host• Sending out on any interface is ok

An Example

How do you route from 203.0.113.2 to 192.0.2.1?

Through interface 203.0.113.1?

No, if Host A is using weak model