Data Packets and NAT
Dr John C. Murray Principal Lecturer
• Ping
Workshop Recap
Pinging www.google.com [173.194.41.178] with 32 bytes of data: Reply from 173.194.41.178: bytes=32 time=20ms TTL=54
Ping statistics for 173.194.41.178:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds: Minimum = 16ms, Maximum = 24ms, Average = 19ms
———————————————————— Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
What is TTL • Time To Live
• Has two main functions:
– Stops a packet becoming immortal
– Gives a rough guide of hops and hop types
– http://www.binbert.com/blog/2009/12/default- time-to-live-ttl-values/
Questions
Questions
• How does the system detect a packet or collision?
– 10BaseT networks use reflective voltage. – Ohms law, R = V/I ∴V = I x R
–V=RxI
received terminator transmitted
• Multiple packets on the line:
• R x 2∙I = 2∙V terminator transmitted received
Questions
• What about on WiFi?
– CSMA/CD vs CSMA/CA – DetectionvsAvoidance
• What about Ethernet Cat5 cables?
• Full vs Half Duplex
• Advantages of Full Duplex? – No need for CSMA
Questions
Network Topologies
• Types of Network Topologies
– Decentralised • Bus
• Peer-to-Peer • Ring
• MANET
– Centralised • Star
Centralised
• Efficient use of transmit power
– Compared with peer-to-peer, nodes can reach other nodes twice the distance with same signal power
• Hub can provide connection to backbone network
• Nodes can be made simple and Hub complex
– Helpful for power control
– a central point can determine required power for nodes to minimize interference and conserve battery
Centralised – Disadvantages
• Single point of failure
• Delay due to multiple transmit/receive operations
• Cannot cover wide areas
– where connection exceeds range of single link – Not suitable for ad-hoc networks
• Requiers signifiant infrastructure setup
Decentralised
– No single point of failure
– No store-and-forward delay
– No routing so complexity of nodes reduced
– Can provide a node that is a gateway to backbone network
• Disadvantages
– Performance degradation in large networks
– Transmitters operating at high power levels (to reach far station) will interfere with unintended receivers in close proximity (wifi only)
• Advantages
Summary
• Network Topologies
• Advantages and Disadvantages
• Networks need ‘control’
• When and who sends message? • Collisions
• Routing
• Ensure messages arrive
• How does this all work? – It’s down to the packet
Questions
A Packet
• What is a Packet?
– Formatted Data sent over a network
– Consists of Header (control Information) and User Data (payload information)
Structure
– IP Addresses
• Source / Destination
– Protocol
– MAC Addresses – Packet number
• Payload – Data
• Header
IP Packet
Offset Octet
0
1
2
3
Octet
Bit
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
0
0
Version
HLen
DSCP
ECN
Total Length
4
32
Identification
Flags
Fragment Offset
8
64
Time to Live
Protocol
Header Checksum
12
96
Source IP Address
16
128
Destination IP Address
20
160
Options
DATA (Payload)
Header Details
• Version: IP Version – IPv4
– IPv6
• HLen: Header Length – 32-Bit words
– Typically 5 of them
• Length: Packet Length – Bytes (inc. Header data)
Header Details
• TTL: Time to Live – If ZERO discarded
• Protocol
– TCP = 6, ICMP = 1, UDP = 17...
• Header Checksum
– Error checking (more on this later) – Weak as only 16 Bits
Header Details
• SourceAddress
– 32-Bit IP address of sender
• DestinationAddress
– 32-Bit IP address of destination
• Like addresses on envelope
• World unique? – NAT!
Getting From A to B
• So, how does the packet get across the network?
– Decentralised network? • Point-to-Point
• Network Hoping
– Centralised network? • Routers
• Bridges • Switches
Travelling
Address
• IPAddress
– Like a postal address
– You have a Destination and a Sender
• Composed of 4 parts
– AAAA.BBBB.CCCC.DDDD
– 255.255.255.255
– IPv4
– Maximum of 256^4 = 4,294,967,296
How do we get around this?
• NAT
– NetworkAddressTranslation – Usedfor‘Private’Networks
• NAT is a Router Function
– IPAddressesofIPdatagramsare‘replaced’attheboundaryofa private network
– Enables hosts on a private network to communicate with the internet
– NAT connects private networks by replacing IP address-port pairs with another ‘internet facing’ IP address-port pair.
Private Networks
• Private IP networks are not directly connected to the internet.
• IP addresses on a private network can be arbitrarily assigned
– They are not guaranteed to be unique
• What ‘private’ network addresses do we know?
RFC Name
IP Address range
Number of Addresses
Host Size
Mask Bits
24-Bit block
10.0.0.0 – 10.255.255.255
16,777,216
24 Bits
8 Bits
20-Bit block
172.16.0.0 – 172.31.255.255
1,048,576
20 BIts
12 Bits
16-Bit block
192.168.0.0 – 192.168.255.255
65,536
16 Bits
16 Bits
Private Networks
Private Network 1 Private Network 2
Basics of NAT
Pooling IP Addresses
• Premise:
– Large Corporate networks have many hosts (university have 1,000’s)
• But only a limited number of external IP addresses • (194...fortheuniversity)
• NAT Solution:
– NAT device, located at the boundary between the internal network and the public Internet
– Manages a pool of public IP addresses
– When a host internally sends an IP packet externally
– NAT device picks a public IP address from the address pool, and binds this address to the private address of the host
Pool of Addresses
IP Masquerading
• More common method or terminology – Part of NAT
• Here a single IP address can be mapped to multiple internal hosts.
• Assigns private addresses to the hosts of the company network
• NAT also modifies the port numbers for outgoing traffic.
IP Masquerading
Advantages of NAT
• Added Security
– Hiding the ‘real’ IP address of a host
• Allows more machines than IP addresses
• No need to be allocated range of addresses from ISP – just one IP address is used for all devices
• can change addresses of devices in local network without notifying outside world
• can change ISP without changing addresses of devices in local network
Disadvantages of NAT
• Performance
– By modifying the IP header by changing the IP address
– NAT routers need to recalculate the IP header checksum
– Modifying port number requires that NAT routers recalculate TCP checksum
• Fragmentation
– A datagram that is fragmented before it reaches a NAT device must not be assigned a different IP address or different port numbers for each of the fragments.
Disadvantages of NAT
• NAT destroys universal end-to-end reachability of hosts on the Internet.
• What does that mean?
– A host in the public Internet cannot initiate communication to a host in a private network.
– The problem is worse, when two hosts that are in a private network need to communicate with each other.
IPv6
• Initial motivation:
– 64-bit address space....
– How many IP address is this?
• PROBLEM SOLVED! ?
Questions