The Internet and TCP/IP Phones OFF Please Brian Bramer Home: www.cse.dmu.ac.uk/~bb
Transcription
The Internet and TCP/IP Phones OFF Please Brian Bramer Home: www.cse.dmu.ac.uk/~bb
Phones OFF Please The Internet and TCP/IP Brian Bramer Home: www.cse.dmu.ac.uk/~bb Email: [email protected] Topics: 1. The Evolution of TCP/IP 2. TCP/IP Protocol Architecture 3. The Internet Protocol Layer 3.1 IP Addresses 3.1.1 The Subnet Mask 3.2 DHCP 3.3 IP Domains and DNS 3.4 Problems with IP addressing 4. TCP and UDP Protocols 4.1 Client and Server Ports 5. TCP/IP Applications 6. NAT Appendix A- The IP Datagram Packet Appendix B- Routing IP Datagram 1. The Evolution of TCP/IP (and the Internet) • Problem: • organisations had serious problems transferring information between computers. • i.e. incompatible operating systems, hardware, character codes, number systems, etc. • and resource sharing. • In summary: • In 1960’s U.S. DoD funded an experiment to interconnect research sites. • December 1968 ARPA awarded a contract to design and deploy a packet switching network. • September 1969, the first node at UCLA. • End of 1969 - four nodes installed. • 1971 - ARPANET spanned continental U.S. • 1973 - had connections to Europe. • ARPANET developed X.25. • 1974 TCP/IP proposed & implemented. • 1983, the US DoD mandated that all of their computer systems would use the TCP/IP. • 1983, ARPANET split into two components: • ARPANET - interconnects research! development and academic sites. • MILNET - carries military traffic and became part of the Defence Data Network. •1983 - University of California’s 4.2BSD UNIX included TCP/IP. • 1986 - the NSF built a backbone network to interconnect four NSF-funded regional supercomputer centres and the National Centre for Atmospheric Research (NeAR). • NSFNET was originally intended as a backbone for other networks and limited traffic to non-commercial use. • Thus • ARPANET started with four nodes in 1969. • 600 nodes before it was split in 1983. • 160000 in 1989. • 19500000 in 1997. • today is unknown but is in 100’s of millions. 2. The TCP/IP Protocol Architecture • Communication over Internet is mostly TCP/IP (Transmission Control Protocol/Internet protocol). • TCP/IP "stack" is software which allows applications to communicate over network. • TCP/IP support is either built into OS (e.g. UNIX) or available as an add-on. • Application is what the users see, e.g. programs such as ftp, email, web browser, telnet, etc. •TCP (transmission control protocol) • takes messages from the application • breaks them up into packets • sends them to the remote system • where the message is put back together and passed to the application • TCP corrects for errors in transmission (e.g. due to noise) and looks after flow control (a slow system talking to a fast one). • IP (Internet protocol) looks after addressing of machines and routing the packets over the underlying network. • Low level stuff is the Network Interface Layer connecting to the underlying network(s). • TCP/IP was developed by the USA Dept of Defence to operate over multiple unreliable local or wide area networks connecting many different types of computer systems. 3 The Internet Protocol Layer • IP provides services that are roughly equivalent to the OSI Network Layer. • provides a datagram (connectionless) transport service across the network. • sometimes referred to as unreliable because does not guarantee delivery nor notify the end host system about packets lost, i.e. TCP/IP was assumed to run over unreliable networks. • IP datagrams contain a message, or one fragment of a message, that may be up to 65,535 bytes (octets) in length. • IP does not provide a mechanism for flow control (the TCP layer can provide this if necessary). • Working: • two host computers communicating using TCP/IP via two nodes, e.g. routers. • e.g. a user on a home network communicating with it’s ISP server. • Host 1 is communicates via Subnet 1 (home network) to Gateway 1 (router/modem). • Gateway 1 communicates via subnet 2 (telephone lines) with ISP’s modem Gateway2. • Gateway 2 communicates with Host 2 via the ISP’s internal network Subnet 3. • IP interfaces with each subnet in turn using it to transmit datagrams (DG) to the next node (using whatever physical, datalink and network layer that subnet has) until they reach the destination. • The TCP layer can create a virtual circuit (correcting for errors, flow control, etc.) between the hosts for the applications which exchange messages. 3.1 IP Addresses • Every machine requires a unique address so it can be identified and packets routed to it. • IP addresses are 32 bits in length typically written as a sequence of four 8-bit numbers (range 0 to 255) e.g. 199.182.20.17. • IP addresses are hierarchical for routing purposes and are subdivided into two subfields: • Network Identifier (NET ID) subfield identifies the TCP/IP sub-network and is used for high-level routing between networks • as the country code, city code, or area code is used in the telephone network. • The Host Identifier (HOST_ID) subfield indicates the specific host within a sub-network. • To accommodate different size networks, IP defines several address classes, A, B, C D and E. • Class A intended for very large networks and can address up to 16,777,216 (224) hosts/network. • The first digit of a Class A addresses will be a number between 1 and 126. • Relatively few Class A addresses have been assigned; e.g. 9.0.0.0 (IBM) • Class B intended for moderate sized networks -can address up to 65,536 (216) hosts/network. • The first digit of a Class B address will be a number between 128 and 191, e.g. DMU • Class C intended for small networks and can address only up to 256 hosts per network. • The first digit of a Class C address will be a number between 192 and 223. • Most addresses assigned to networks today are Class C • The remaining two address classes are used for special functions only and are not commonly assigned to individual hosts. 3.1.1 The subnet mask • An additional addressing tool is the subnet mask which is used to indicate to applications the portion of the address that identifies the network from the portion that identifies the individual hosts. • The subnet mask is written in dotted decimal and the number of is indicates the significant NET_ID bits. • A Class B address would have a subnet mask of 255.255.0.0 since the first l6 bits are NET_ID. 3.2 DHCP (Dynamic Host Configuration Protocol) • A machine can have a static IP address which is the same each time it connects or a dynamic address which is assigned when it connects to the Internet (and can be different each time). • DHCP is the protocol for assigning dynamic IP addresses – the ISP has a range of IP addresses available which are assigned when devices connect and become free on disconnection. • Machines permanently (e.g. DMU labs) attached to TCP/IP network are permanently allocated an IP address by the network manager. • When you dial-in from home to access the Internet via ISP Dial-in service the IP address is assigned by the ISP’s DHCP server: • the server has a number of addresses available for dial-in clients and assigns the next free one at disconnection the IP address is then available for another client • Some ISPs offer static IP address to broadband users, e.g. if you runs servers on your home PC. 3.3 IP Domains and Host Names • Most IP hosts have both a numeric IP address and a name. • Internet hosts use a hierarchical naming structure comprising a top-level domain (TLD), domain and subdomain (optional), and host name • e.g. www.dmu.ac.uk = 146.227.1.23 • The domain name structure is best read from right-to-left, Internet host names end with a top- level domain name. 3.3.1 Domain Name Servers (DNS) • Domain names are convenient for people, however, the name must be translated back to a numeric address for routing purposes: • names and numbers are stored by a "domain name server" (DNS) • Client programs may query the DNS to find a number before making a connection, e.g. UNIX nslookup command • e.g. www.dmu.ac.uk = 146.227.1.23 3.4 Problems with IP addressing and IPv6 • Problems with the current IP addressing (called IPv4) based on a 32-bit number: • Exhaustion of address space – the Internet is running out of IP addresses. • Poor routing ability IPv4 - addresses bear no relation to physical location, making routing difficult and creating large routing tables • Limited support for multicast – Ipv4 has class D which is very limited for commercial applications • Inefficient/inflexible header – all IP packets carry the same header overhead no matter what their requirements are. • IPv6 has a 128 bit address space which is usually written as eight 16-bit numbers • e.g., FEDC:BA98:7654:3210:FEDC:BA98:7654:3210. • four times the number of bits (128 vs. 32) i.e.340,282,366,920,938,463, 463,374,607,431,768,211,456 • In addition to extended addressing IPv6 offers • improved security: encrypting along with authentication and security headers. • Improved multicasting • sender and a receiver to establish a high-quality, high-bandwidth secure paths. 4 The Transport Layer – TCP and UDP • The TCP/IP protocol suite comprises two protocols that correspond roughly to the OSI Transport and Session Layers; • TCP (Transmission Control Protocol) provides a virtual circuit (connection-oriented) service. • TCP includes rules for formatting messages, establishing and terminating virtual circuits, sequencing, flow control, and error correction. • Most of the applications in the TCP/IP suite use the TCP reliable transport. • UDP provides an end-to-end datagram (connectionless) service. • Some applications, such as those that involve a simple query and response, are better suited to the datagram service of UDP because there is no time lost to virtual circuit establishment and termination. 4.1 Clients and servers and TCP and UDP ports • Consider a server program running on a machine in a TCP/IP network and providing a service (mail, WWW, etc) to remote clients. • To send a message to the server (e.g. to collect email) the client has to send a packet to: • a particular program, e.g. the email server • running on a particular machine, e.g. DMU’s email server • Requirement b) is satisfied by knowing the machine’s Domain Name or IP address, e.g. DMU’s email server is helios.dmu.ac.uk on IP address 146.227.1.2. • However, a particular machine may be running several services so how is a packet delivered to the correct program? • This achieved by ‘ports’ via which programs communicate. • When TCP/IP is running on a particular machine TCP and UDP each have 65536 ports numbered 0 to 65535 many of which are reserved for standard services. • For example, consider a student accessing the DMU web page on http://www.dmu.ac.uk/ • When a server is started it attaches to a TCP or UDP port, e.g. a HTTP (WWW) server listens on TCP port 80. • The student would run a web client program. • The student would enter the URL http://www.dmu.ac.uk/. • The web client would contact a DNS server to obtain the webs server’s IP address; DMU’s web server was running on parkway.dmu.ac.uk with IP address 146.227.1.23. • Web client would send a packet to IP address 146.227.1.23 port 80 requesting a web page. • Packet would specify the clients IP address (e.g. 146.227.23.9) and a spare port on the client machine (e.g. 5023) for the reply to be sent to – the client now ‘listens’ on this port • the web server receives the packet, gets the web page off disk, constructs a packet and sends it to the client’s IP address and specified port, e.g. 146.227.23.9 port 5023 • A server program is usually capable of processing requests from many simultaneous clients. • Port numbers below 1024 are reserved for ‘standard’ services and many not be used by users, e.g. • E-mail - SMPT (you send the email to ) port 25 and POP3 (you get the email from) port 110 • Remote login (telnet) - port 23 • finger - port 79 • File transfer (FTP) - 20 (FTP data transfer), 21 (FTP control) In Summary • Applications and utilities reside in host, or end-communicating, systems. • TCP provides a reliable, virtual circuit connection between the two hosts. • UDP provides an end-to-end datagram connection at this layer. • IP provides a datagram (DG) transport service over any intervening sub-networks, including local and wide area networks. • The underlying sub-network may employ nearly any common local or wide area network technology. 5 TCP/IP Applications • The Application Layer protocols include: • Telnet: Short for Telecommunication Network, a virtual terminal protocol allowing a user logged on to one TCP/IP host to access other hosts on the network. • FTP: The File Transfer Protocol allows a user to transfer files between local and remote host computer. • SMTP: The Simple Mail Transfer Protocol is the standard protocol for the exchange of electronic mail. • HTTP: The Hypertext Transfer Protocol is the basis for exchange of information over the Internet (WWW). • Finger: Used to determine the status of other hosts and/or users. • POP: The Post Office Protocol defines a simple interface between a user’s mail reader software and an electronic mail server; the current version is POP3. • DNS: The Domain Name System defines the structure of Internet names and their association with IP addresses, as well as the association of mail, name, and other servers with domains. • SNMP: The Simple Network Management Protocol defines procedures and management information databases for managing TCP/IP-based network devices. • Ping: A utility that allows a user at one system to determine the status of other hosts and the latency in getting a message to that host. Uses ICMP Echo messages. • Whois/NICNAME: Utilities that search databases for information about Internet domain and domain contact information. • Traceroute: A tool that displays the route that packets will take when travelling to a remote host. Common TCP/IP servers attached to their TCP and UDP ports. 7 NAT (Network Address Translation Protocol) • An organisation may be assigned one IP address (or a small number) yet have many machines, e.g. an domestic ADSL line is assigned one IP address yet a house may have four or five PCs. • NAT is an Internet standard that enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. • A NAT box located where the LAN meets the Internet makes all necessary IP address translations. • For example, IP addresses in the range 192.168.0.1 to 192.168.255.255 (65536 addresses) are assigned for internal network use and may not appear on the internet itself. • When an outgoing packet arrives at the NAT: • the source IP address (say 192.168.0.4) is replaced by the organisations true IP address • the source port (say 5000) is replaced by an index (say 1025) into a table in the router and the source IP address and port are stored into the table • The packet is then sent to the Internet. • When an incoming packet is received by the NAT: • the destination port (1025) is extracted and used as an index into the table • the local IP address (192.168.0.4) and port (5000) are extracted and put into the packet • the packet is sent to the correct process on the correct local machine. • Because internal IP addresses are hidden NAT also provides a type of firewall in that unsolicited packets arriving at the NAT are rejected (in a secure environment additional firewalls should be implemented). • The exception to this is when machines on the internal network run servers which must be accessed from outside. • Port Redirection is used which will pass packets for a particular destination port to a specified machine on the network, e.g. if 192.168.0.4 is running a HTTP server (WWW) packets arriving at the NAT for port 80 will be sent to port 80 on 192.168.0.4. • In addition NAT helps with the problem of IPv4’s exhaustion of address space by allowing a number of machines to use one (or a smaller number) of IP addresses. Appendix A The IP datagram packet 0 4 8 16 24 Version Header lgth Service Type IP version number used Expressed in 32 bit units What quality of service is required? 32 Total Length Of the entire datagram Identification Flags e.g. Fragment Offset From which datagram does this fragment come? 'don't cut me up!', Position of this fragments data within the data for the overall datagram Time to live or 'There are more fragments on the way!' Protocol Header Checksum The maximum time, in secs, this Which Transport Layer protocol datagram is allowed to survive in is involved? the internet Source IP address Destination IP address IP options (if any) To enable new ideas to be tested temporarily e.g. security features, time-stamping etc. Data Padding To protect the header bits. Data bits are protected by the Transport Layer error control mechanism. Appendix B Routing IP Datagrams B1. IP address classes • An IP address allows you to define • A network id, • A host id on that network • The unique address of a host is of the form • (netid, hostid) or (netid, {sub-netid, hostid}) • An IP address for a host at DMU might be: 146 . 227 . LANx . hosty • A sender indicates a destination using a (netid, hostid) IP address written into an IP datagram. The datagram is sent to a router. • Repeat…… the datagram arrives at a router. The router examines the netid part of the address: • if • the netid matches a network currently attached to the router: • the router encapsulates the packet in the correct frame and adds the correct hardware address of the destination device. If it doesn't know the hardware address, it broadcasts an ARP request to find it out; • the packet is sent over the network to the destination device; • the destination unwraps the packet and passes it up to TCP running in the Transport Layer • else • the router uses its routing table to determine the next hop; • the packet is passed to the next router; Until the packet arrives at a router at which the netid matches an attached network