IPv4 datagram format The Internet...
11
1 CS242 Computer Networks Department of Computer Science Wellesley College The Internet protocol Party time! IP 14-2 IPv4 datagram format IPv4 20 bytes no options deluxe or economy? decremented by each router; TTL = 0 marks end of the line more later TCP, UDP? (Plays a role similar to port numbers.) header + data length treats each two bytes of header as a number, adds and takes ones complement *Datagrams requiring low delay, high throughput, or reliability. Cisco interprets first 3 TOS bits as defining different levels of service that routers can provide. IP 14-3 Option field* complicates things Since datagram headers can be of variable length, one cannot determine a priori where the data field will start. Also, some datagrams may require option processing, others no; ergo processing time varies at the router. *Intended to be used only rare and dropped altogether from IPv6. IP 14-4 IP fragmentation and reassembly o Some link-layer protocols carry “big” packets; some do not. o The maximum amount of data a link-layer packet can hold is called its maximum transfer unit (MTU). o What to do when a packet arriving at in link is too big to fit into the out link? Fragmentation 1 large datagram in 3 smaller datagrams Reassembly at destination
Transcript of IPv4 datagram format The Internet...
1
CS242 Computer Networks Department of Computer Science Wellesley College
The Internet protocol Party time!
IP 14-2
IPv4 datagram format
IPv4
20 bytes no options
deluxe or economy?
decremented by each router; TTL = 0 marks end of the line
more later
TCP, UDP? (Plays a role similar to port numbers.)
header + data length
treats each two bytes of header as a
number, adds and takes ones
complement
*Datagrams requiring low delay, high throughput, or reliability. Cisco interprets first 3 TOS bits as defining different levels of service that routers can provide.
IP 14-3
Option field* complicates things
Since datagram headers can be of variable length,
one cannot determine a priori
where the data field will start.
Also, some datagrams may require
option processing, others no;
ergo processing time varies
at the router. *Intended to be used only rare and dropped altogether from IPv6.
IP 14-4
IP fragmentation and reassembly o Some link-layer protocols
carry “big” packets; some do not.
o The maximum amount of data a link-layer packet can hold is called its maximum transfer unit (MTU).
o What to do when a packet arriving at in link is too big to fit into the out link?
Fragmentation 1 large datagram in 3 smaller datagrams
Reassembly at destination
2
IP 14-5
Time to worry
IDx
offset0
fragflag0
length 4000
IDx
offset0
fragflag1
length 1500
IDx
offset1480
fragflag1
length 1500
IDx
offset2960
fragflag0
length 1060
One large datagram becomes several smaller datagrams
Suppose a 4000 byte datagram arriving at a router’s incoming link is to be shipped out an outgoing link whose MTU equals 1500 bytes.
IP 14-6
Hey, that's not my job
IDx
offset0
fragflag0
length 4000
IDx
offset0
fragflag1
length 1500
IDx
offset1480
fragflag1
length 1500
IDx
offset2960
fragflag0
length 1060
End host reassembles the pieces
While the routers in IPv4 fragment the datagram, it is the responsibility of the destination host to put the pieces back together. If one of the pieces is missing, the entire datagram is tossed.
Fragmentation is a pain o Fragmentation and
reassembly puts an additional burden on Internet routers and hosts.
o For this reason is it desirable to keep fragmentation to a minimum.
o This is often done by limiting the TCP and UDP segments to a relatively small size, so that fragmentation of the corresponding datagrams is unlikely.
IP 14-7
Fragmentation is also ripe for exploits o Have to keep track of all
fragments until packet is reassembled? Resource allocation is necessary before all validation is possible
o Lots of fragments from different packets can exhaust available memory; perfect grounds for resource exhaustion attacks.
o Implementation is tricky. Incorrect implementations can be coaxed into crashing machine (a simple denial of service attack).
IP 14-8
3
Implementation Attack: The Ping of Death o Attack: Send ICMP echo with fragmented packets :
ping -L 65510 <victim IP address>o Result:
o Maximum legal size of an ICMP echo packet: 65535 - 20 - 8 = 65507.*
o Fragmentation allows bypassing the maximum size: (offset + size) > 65535. o Reassembled packet would be larger than 65535 bytes
IP 14-9 *65535 is maximum IP datagram, 20 is IP header and 8 is ICMP echo request.
Implementation Attack: Teardrop
o Fragmented (i.e. broken) packet is reassembled using offset fields o Attack: Send fragments that overlap o Goal: Crash, reboot and hang machine
Normal fragment concatenation: Overlapping fragments:
IP 14-10
Teardrop: Mechanism Deep in the protocol implementation if (prev != NULL && offset < prev->end) // if there are overlapping fragments { i = prev->end – offset;
offset += i; /* ptr into datagram */ fp->len = end - offset; /* number of bytes to copy */ … }
end
First Second
prev->end offset (before)
offset (after) Copy this
IP 14-11
Teardrop Attack o Create second fragment that fits entirely within first, so offset
now points outside of the second datagram's buffer!
o Program calculates the number of bytes to copy • fp->len = end - offset;
• Very large unsigned number! Can write huge number of bytes in places they’re not supposed to be, causing machine to crash.
o Attacker takes advantage of knowledge of implementation details/bugs.
First Second
prev->end
offset
end
IP 14-12
4
IP 14-13
IPv4 addressing o A host typically has a
single link into the network through which IP talks.
o The boundary between a host and the link is called an interface
o Routers are connected to multiple links through multiple interfaces.
o IP addresses are associated with interfaces.
IP 14-14
IPv4 addresses are 32 bits long o These addresses are usually written using a dotted-
decimal notation so IP address
11000001 00100000 11011000 00001001
is usually written 193.32.216.9. o Each interface on every host and router in the global
Internet must have an IP address that is globally unique.
IP 14-15
A method to their madness IP network interconnected by a single physical link sharing the same “network prefix.”
Each subnet itself has an address. E.g., subnet consists of 3 hosts & 1 router interface has address: 223.1.1.0/24
Network definition recipe o First detach each
interface from its host or router.
o This creates islands of isolated networks, with interfaces terminating the endpoints of the isolated networks.
o Each isolated network is called a subnet.
o The current Internet consists of millions of such networks.
IP 14-16 *How many subnets are shown and what are they?
5
IP 14-17
IPv4 address formats
Class A
Class B
Class C
Class D
Class E 11110 was reserved for future use.
o Wellesley College was a Class B network. There were up to 214 such networks each with up to 216 interfaces.
o The problem with classful addressing is that a class C network does not have nearly enough addresses for most organizations, while a class B has too many.
IP 14-18
Classless Interdomain Routing (CIDR) o In 1993, the IETF [RFC
1519] did away with classful addressing.
o The network part of an IP address can now be any number of bits longs.
o The x most significant bits of an address of the form a.b.c.d/x constitutes the network portion of the IP address.
o Only the x leading prefix bits are considered by routers outside the organization’s network.
IP 14-19
Classless Interdomain Routing (CIDR) o A router outside the
organization forwards a datagram to a destination address inside the organization using only the leading x bits of the address.
o This considerably reduces the size of the forwarding table in these routers, a single entry of the form a.b.c.d/x suffices.
*The /x is known as the subnet mask. IP 14-20
Obtaining a network address o An ISP obtains a block of IP addresses (a.b.c.d/x) from an
Internet registry, then further divides the block to create its own internal networks. ISP block 200.23.16.0/20 11001000 00010111 00010000 00000000
Organization 0 200.23.16.0/23 11001000 00010111 00010000 00000000 Organization 1 200.23.18.0/23 11001000 00010111 00010010 00000000
. . . . . .
Organization 7 200.23.30.0/23 11001000 00010111 00011110 00000000
6
IP address management authority o IP addresses are managed
under the authority of the Internet Corporation for Assigned Names and Numbers (ICANN).
o The ICANN not only allocates IP addresses, but also to manage the DNS root servers and assign domain names.
o The ICANN allocates addresses to regional internet registries (ARIN, RIPE, and APNIC), which handle the allocation/management of addresses within their regions.
IP 14-21 IP 14-22
In practice this looks like
*The ability to use a single prefix to advertise multiple networks is referred to as address aggregation.
IP 14-23
But suppose Organization 1 moves
Bug!
18
Organization 0 in Fly-by-night 200.23.16.0/23 11001000 00010111 00010000 00000000 Organization 1 in ISPs-R-Us 200.23.18.0/23 11001000 00010111 00010010 00000000
IP 14-24
Obtaining a host address o Once an organization has
obtained a block of addresses from an ISP, it can assign individual IP addresses to hosts by either
o Manually configuring each host (easy to understand; nightmare to administer), or
o Using dynamic host configuration protocol (DHCP).*
*Allows host to also get subnet mask, the address of its first-hop router, and the address of its local DNS server.
7
Plug-and-play protocol o Wendy Wellesley walking
across campus with her lap is likely accessing different subnets, requiring different IP addresses. Enter DHCP.
o Furthermore, not all students are likely to be online at once allowing ISPs to get away with a smaller blocks of IP addresses than the size of the customer base.
IP 14-25 IP 14-26
Dynamic host configuration protocol*
*A client-server protocol . If no server is present on the subnet, a DHCP relay agent (router) that knows the server's address is needed.
Client broad- casts a UDP datagram on port 67
IP 14-27
DHCP client-server interaction
Newbie arrives and broadcasts a DHCP discover message using IP 255.255.255.255
IP 14-28
DHCP client-server interaction
DHCP server responses with a 255.255.255.255 broadcast message containing newbie's transaction ID & offering IP address, network mask, & an IP address lease time.
8
IP 14-29
DHCP client-server interaction
Newbie accepts with a DCHP request message echoing back the parameters.
IP 14-30
DHCP client-server interaction
DHCP confirms requested parameters
Once the client receives DHCP ACK ... o ... the interaction is complete
and the client can use the DHCP-allocated IP address for the duration of the lease.
o There is a mechanism for renewing the lease if necessary.
IP 14-31
This week’s puzzler o LTS often set up devices like
printers so that they have a static IP, but they're still configured through DHCP.
o A client sends a broadcast message asking for an IP address. If it had one before, it usually tries to ask for that one again. But no guarantees.
o This is bad news for anyone trying find a particular printer.
IP 14-32
9
The rest of the story o If the requested address is
not available, the dhcp server picks a dynamic address form a pool of addresses ...
o ... UNLESS the client is specifically defined in the dhcp server as having a particular IP address.
o This is done by hand-entering a line into the dhcp config file which contains the MAC address of the client and its fixed IP address.
IP 14-33
Booming economies o To install an office subnet
a range of addresses would be needed.
o If the subnet grew bigger, a larger block would have to be allocated.
o What if the ISP had already allocated the contiguous portions of the office's current address range?
IP 14-34
IP 14-35
Network Address Translation (NAT)
An office with one IP address sets up a small network. All datagrams arriving at the NAT router have the same destination IP.
The NAT translation table at the NAT router uses port numbers as well as IP address to route within the network.
Address space 10.0.0.0/8 is one of three portions of IP space reserved for a private network.
NAT-enabled routers hide LAN details o A NAT-enabled router
behaves to the outside world like a single device with a single IP.
o It gets its address and the ISP's DHCP server,
o ... and runs a DHCP server to provide addresses to computers within the NAT-DHCP-router-controlled network.
IP 14-36
10
Not everyone is happy with NAT 1. Port numbers are meant for
addressing processes, not for addressing hosts.
2. Routers are suppose to process packets only up to layer 3.
3. NAT protocol violates the so-called “end-to-end argument”; that is, hosts should be talking directly with each other, without interfering nodes modifying IP addresses and port numbers.
4. We should use IPv6 to solve the shortage of IP addresses.
IP 14-37 IP 14-38
IPv6 datagram format Assign priorities and/or special handling instructions
What about fragmentation?
No checksums?
Identifies protocol to which contents will be delivered. (options sneak in)
IP 14-39
Transitioning from IPv4 to IPv6 o Estimates vary, but 32-bit
IP addresses are projected to run out sometime in the "next few years".
o Flag day?
IP 14-40
January 1, 1983 o The Internet transitioned
from ARPANET Network Control Program (NCP) to TCP.
o Even back then, when the Internet was tiny and still administered by a small number of wizards, flag day was bad news.
11
IP 14-41
Tunneling
