PowerPoint Presentation
Network Layer
All material copyright 1996-2012
J.F Kurose and K.W. Ross, All Rights Reserved
George Parisis
School of Engineering and Informatics
University of Sussex
Network Layer
4-*
introduction
virtual circuit and datagram networks
what’s inside a router
IP: Internet Protocol
datagram format
IPv4 addressing (NAT)
ICMP, IPv6
routing algorithms
link state, distance vector
hierarchical routing
routing in the Internet
RIP, OSPF
BGP
broadcast routing
Outline
Network Layer
Network Layer
4-*
NAT: network address translation
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
138.76.29.7
local network
(e.g., home network)
10.0.0/24
rest of
Internet
datagrams with source or
destination in this network
have 10.0.0/24 address for
source, destination (as usual)
all datagrams leaving local
network have same single source NAT IP address: 138.76.29.7,different source port numbers
Network Layer
Network Layer
4-*
motivation: local network uses just one IP address as far as outside world is concerned:
range of addresses not needed from ISP: just one IP address for all devices
can change addresses of devices in local network without notifying outside world
can change ISP without changing addresses of devices in local network
devices inside local net not explicitly addressable, visible by outside world (a security plus)
NAT: network address translation
Network Layer
Network Layer
4-*
implementation:
outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #)
. . . remote clients/servers will respond using (NAT IP address, new port #) as destination address/port
remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair
incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table
NAT: network address translation
Network Layer
Network Layer
4-*
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
138.76.29.7
NAT translation table
WAN side addr LAN side addr
138.76.29.7, 5001 10.0.0.1, 3345
…… ……
3: reply arrives
dest. address:
138.76.29.7, 5001
4: NAT router
changes datagram
dest addr from
138.76.29.7, 5001 to 10.0.0.1, 3345
NAT: network address translation
S: 10.0.0.1, 3345
D: 128.119.40.186, 80
1
1: host 10.0.0.1
sends datagram to
128.119.40.186, 80
4
S: 128.119.40.186, 80
D: 10.0.0.1, 3345
S: 138.76.29.7, 5001
D: 128.119.40.186, 80
2
2: NAT router
changes datagram
source addr from
10.0.0.1, 3345 to
138.76.29.7, 5001,
updates table
3
S: 128.119.40.186, 80
D: 138.76.29.7, 5001
Network Layer
Network Layer
4-*
16-bit port-number field:
60,000 simultaneous connections with a single LAN-side address!
NAT is controversial:
routers should only process up to layer 3
violates end-to-end argument
NAT possibility must be taken into account by app designers, e.g., P2P applications
address shortage should instead be solved by IPv6
NAT: network address translation
Network Layer
Network Layer
4-*
NAT traversal problem
client wants to connect to server with address 10.0.0.1
server address 10.0.0.1 local to LAN (client can’t use it as destination addr)
only one externally visible NATed address: 138.76.29.7
solution1: statically configure NAT to forward incoming connection requests at given port to server
e.g., (123.76.29.7, port 2500) always forwarded to 10.0.0.1 port 25000
10.0.0.1
10.0.0.4
NAT
router
138.76.29.7
client
?
Network Layer
Network Layer
4-*
NAT traversal problem
solution 2: Universal Plug and Play (UPnP) Internet Gateway Device (IGD) Protocol. Allows NATed host to:
learn public IP address (138.76.29.7)
add/remove port mappings (with lease times)
i.e., automate static NAT port map configuration
10.0.0.1
NAT
router
IGD
Network Layer
Network Layer
4-*
NAT traversal problem
solution 3: relaying (used in Skype)
NATed client establishes connection to relay
external client connects to relay
relay bridges packets between to connections
138.76.29.7
client
1. connection to
relay initiated
by NATed host
2. connection to
relay initiated
by client
3. relaying
established
NAT
router
10.0.0.1
Network Layer
Network Layer
4-*
introduction
virtual circuit and datagram networks
what’s inside a router
IP: Internet Protocol
datagram format
IPv4 addressing (NAT)
ICMP, IPv6
routing algorithms
link state, distance vector
hierarchical routing
routing in the Internet
RIP, OSPF
BGP
broadcast routing
Outline
Network Layer
Network Layer
4-*
ICMP: internet control message protocol
used by hosts & routers to communicate network-level information
error reporting: unreachable host, network, port, protocol
echo request/reply (used by ping)
network-layer “above” IP:
ICMP msgs carried in IP datagrams
ICMP message: type, code plus first 8 bytes of IP datagram causing error
Type Code description
0 0 echo reply (ping)
3 0 dest. network unreachable
3 1 dest host unreachable
3 2 dest protocol unreachable
3 3 dest port unreachable
3 6 dest network unknown
3 7 dest host unknown
4 0 source quench (congestion
control – not used)
8 0 echo request (ping)
9 0 route advertisement
10 0 router discovery
11 0 TTL expired
12 0 bad IP header
Network Layer
Network Layer
4-*
Traceroute and ICMP
source sends series of UDP segments to dest
first set has TTL =1
second set has TTL=2, etc.
unlikely port number
when nth set of datagrams arrives to nth router:
router discards datagrams
and sends source ICMP messages (type 11, code 0)
ICMP messages includes name of router & IP address
when ICMP messages arrives, source records RTTs
stopping criteria:
UDP segment eventually arrives at destination host
destination returns ICMP “port unreachable” message (type 3, code 3)
source stops
3 probes
3 probes
3 probes
Network Layer
Network Layer
4-*
IPv6: motivation
initial motivation: 32-bit address space soon to be completely allocated.
additional motivation:
header format helps speed processing/forwarding
header changes to facilitate Quality of Service (QoS)
IPv6 datagram format:
fixed-length 40 byte header
no fragmentation allowed
Network Layer
Network Layer
4-*
IPv6 datagram format
priority: identify priority among datagrams in flow
flow Label: identify datagrams in same “flow.”
(concept of “flow” not well defined).
next header: identify upper layer protocol for data
data
destination address
(128 bits)
source address
(128 bits)
payload len
next hdr
hop limit
flow label
pri
ver
32 bits
Network Layer
Network Layer
4-*
Other changes from IPv4
checksum: removed entirely to reduce processing time at each hop
options: allowed, but outside of header, indicated by “Next Header” field
ICMPv6: new version of ICMP
additional message types, e.g. “Packet Too Big”
multicast group management functions
fragmentation not supported (Packet Too Big)
Network Layer
IPv6: adoption
Google: 8% of clients access services via IPv6
NIST: 1/3 of all US government domains are IPv6 capable
Long (long!) time for deployment, use
20 years and counting!
think of application-level changes in last 20 years: WWW, Facebook, streaming media, Skype, …
Why?
4-*
Network Layer: Data Plane
Network Layer: Data Plane
Network Layer
4-*
Transition from IPv4 to IPv6
not all routers can be upgraded simultaneously
no “flag days”
how will network operate with mixed IPv4 and IPv6 routers?
dual stack (DNS to check IPv6 capabilities)
tunneling: IPv6 datagram carried as payload in IPv4 datagram among IPv4 routers
IPv4 source, dest addr
IPv4 header fields
IPv4 datagram
IPv6 datagram
IPv4 payload
UDP/TCP payload
IPv6 source dest addr
IPv6 header fields
Network Layer
Network Layer
4-*
Tunneling
physical view:
IPv4
IPv4
C
D
A
B
IPv6
IPv6
E
IPv6
IPv6
F
E
IPv6
IPv6
F
A
B
IPv6
IPv6
logical view:
IPv4 tunnel
connecting IPv6 routers
Network Layer
Network Layer
4-*
physical view:
C
D
Tunneling
IPv4
IPv4
flow: X
src: A
dest: F
data
A-to-B:
IPv6
Flow: X
Src: A
Dest: F
data
src:B
dest: E
B-to-C:
IPv6 inside
IPv4
flow: X
src: A
dest: F
data
E-to-F:
IPv6
Flow: X
Src: A
Dest: F
data
src:B
dest: E
B-to-C:
IPv6 inside
IPv4
A
B
IPv6
IPv6
E
IPv6
IPv6
F
E
IPv6
IPv6
F
A
B
IPv6
IPv6
logical view:
IPv4 tunnel
connecting IPv6 routers
Network Layer
Network Layer
4-*
Summary
NAT
ICMP
IPv6
Network Layer