Networking essentials lect2

2. 2 C/Embedded Base Camp Networking essentials. Lecture 2 Petro Shevchenko Maksym Vysochinenko October 2021

3. 3 1. Network Layer (L3) 2. IPv4 Packets 3. IPv4 Addresses 4. Network Address Translation (NAT) 5. IPv6 Packets 6. IPv6 Addresses 7. Introduction to Routing 8. ICMP Messages Agenda

4. 4 Network Layer (L3)

5. 5 Network Layer Characteristics The Network Layer • Provides services to allow end devices to exchange data • IP version 4 (IPv4) and IP version 6 (IPv6) are the principle network layer communication protocols. • The network layer performs four basic operations: • Addressing end devices • Encapsulation • Routing • De-encapsulation

6. 6 Network Layer Characteristics IP Encapsulation • IP encapsulates the transport layer segment. • IP can use either an IPv4 or IPv6 packet and not impact the layer 4 segment. • IP packet will be examined by all layer 3 devices as it traverses the network. • The IP addressing does not change from source to destination. Note: NAT will change addressing, but will be discussed in a later module.

7. 7 Network Layer Characteristics Best Effort IP is a “Best Effort” protocol: • IP will not guarantee delivery of the packet. • IP has reduced overhead since there is no mechanism to resend data that is not received. • IP does not expect acknowledgments. • IP does not know if the other device is operational or if it received the packet. IP is unreliable: • It cannot manage or fix undelivered or corrupted packets. • IP cannot retransmit after an error. • IP cannot realign out of sequence packets. • IP must rely on other protocols for these functions.

8. 8 Network Layer Characteristics Media Independent IP is media Independent: – IP does not concern itself with the type of frame required at the data link layer or the media type at the physical layer. – IP can be sent over any media type: copper, fiber, or wireless. Fragmentation is when Layer 3 splits the IPv4 packet into smaller units. – Fragmenting causes latency. – IPv6 does not fragment packets. – Example: Router goes from Ethernet to a slow WAN with a smaller MTU The network layer will establish the Maximum Transmission Unit (MTU). – Network layer receives this from control information sent by the data link layer. – The network then establishes the MTU size.

9. 9 IPv4 Packets

10. 10 IPv4 Packet IPv4 Packet Header Fields (RFC 791) Significant fields in the IPv4 header: ● Version - protocol version (4 or 6) (4 bits) ● IHL - IP header length in 32 bit words (4 bits) ● Type of service - used for QoS (8 bits) ● Total Length - includes IP header and data in bytes (16 bits) ● Identification - used for packet fragmentation (16 bits) ● Flags - used for packet fragmentation (3 bits) ● Fragment Offset - used for packet fragmentation (13 bits) ● Time to Live - maximum datagram lifetime (8 bits) ● Protocol - the next level protocol (8 bits) ● Header Checksum (16 bits) ● Source Address - source IP address (32 bits) ● Destination Address - destination IP address (32 bits) ● Options - may appear or not in datagrams (variable length)

11. 11 IPv4 Packet IPv4 Packet fragmentation Fragmentation fields in the IPv4 header: ● Identification - assigned by the sender to aid in assembling the fragments of a datagram (16 bits) ● Flags (0, 1, 2) (3 bits) ○ Bit 0: reserved, must be zero ○ Bit 1: (DF) 0 = May Fragment, 1 = Don't Fragment. ○ Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments. ● Fragment Offset - indicates where in the datagram this fragment belongs in 64 -bit words (13 bits)

12. 12 IPv4 Packet IPv4 Maximum Transaction Unit Limitations of encapsulation : ● HW MTU - hardware maximum transaction unit (1514 bytes for Ethernet) ● IP MTU - IP maximum transaction unit (1500 bytes for Ethernet) ● TCP MSS - TCP maximum segment size (1460 bytes for Ethernet)

13. 13 IPv4 Packets Limitations of IPv4 IPv4 has three major limitations: – IPv4 address depletion – We have basically run out of IPv4 addressing. – Lack of end-to-end connectivity – To make IPv4 survive this long, private addressing and NAT were created. This ended direct communications with public addressing. – Increased network complexity – NAT was meant as temporary solution and creates issues on the network as a side effect of manipulating the network headers addressing. NAT causes latency and troubleshooting issues.

14. 14 IPv4 Addresses

15. 15 IPv4 Address Structure Network, Host, and Broadcast Addresses • Within each network are three types of IP addresses: • Network address • Host addresses • Broadcast address Network Portion Host Portion Host Bits Subnet mask 255.255.255.0 or /24 255 255 255 11111111 11111111 11111111 0 00000000 Network address 192.168.10.0 or /24 192 168 10 11000000 10100000 00001010 0 00000000 All 0s First address 192.168.10.1 or /24 192 168 10 11000000 10100000 00001010 1 00000001 All 0s and a 1 Last address 192.168.10.254 or /24 192 168 10 11000000 10100000 00001010 254 11111110 All 1s and a 0 Broadcast address 192.168.10.255 or /24 192 168 10 11000000 10100000 00001010 255 11111111 All 1s

16. 16 IPv4 Unicast, Broadcast, and Multicast Unicast • Unicast transmission is sending a packet to one destination IP address. • For example, the PC at 172.16.4.1 sends a unicast packet to the printer at 172.16.4.253.

17. 17 IPv4 Unicast, Broadcast, and Multicast Broadcast • Broadcast transmission is sending a packet to all other destination IP addresses. • For example, the PC at 172.16.4.1 sends a broadcast packet to all IPv4 hosts.

18. 18 IPv4 Unicast, Broadcast, and Multicast Multicast • Multicast transmission is sending a packet to a multicast address group. • For example, the PC at 172.16.4.1 sends a multicast packet to the multicast group address 224.10.10.5.

19. 19 Types of IPv4 Addresses Public and Private IPv4 Addresses • As defined in in RFC 1918, public IPv4 addresses are globally routed between internet service provider (ISP) routers. • However, private addresses are not globally routable. • Private addresses are common blocks of addresses used by most organizations to assign IPv4 addresses to internal hosts. • Private IPv4 addresses are not unique and can be used internally within any network. Network Address and Prefix RFC 1918 Private Address Range 10.0.0.0/8 10.0.0.0 - 10.255.255.255 172.16.0.0/12 172.16.0.0 - 172.31.255.255 192.168.0.0/16 192.168.0.0 - 192.168.255.255

20. 20 Network Address Translation (NAT)

21. 21 IPv4 Packets Network Address Translation (NAT) What is NAT : ● NAT is a method of mapping an IP address space into another by modifying network address information in the IP header ● The purpose of NAT creation is to overcome the shortage of IP addresses available on the Internet ● There are two types of IPv4 addresses: ○ Private IP addresses (RFC 1918): 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 ○ Public IP addresses are IP addresses that are used on the Internet. They are allocated by IANA

22. 22 IPv4 Packets Network Address Translation (NAT) There are three types of NAT: ● Static NAT ● Dynamic NAT ● IP masquerading NAT requires a NAT Translation Table

23. 23 IPv6 Packets

24. 24 IPv6 Packets IPv6 Overview • IPv6 was developed by Internet Engineering Task Force (IETF). • IPv6 overcomes the limitations of IPv4. • Improvements that IPv6 provides: • Increased address space – based on 128 bit address, not 32 bits • Improved packet handling – simplified header with fewer fields • Eliminates the need for NAT – since there is a huge amount of addressing, there is no need to use private addressing internally and be mapped to a shared public address

25. 25 IPv6 packets IPv4 vs IPv6 addressing

26. 26 IPv6 Packets IPv6 Packet Header Fields (RFC 2460) Significant fields in the IPv6 header : ● Version number (6) (4 bits) ● Traffic Class - used for QoS (8 bits) ● Flow Label - Informs device to handle identical flow labels the same way (20 bits) ● Payload length - indicates the length of the data portion of the IPv6 packet (16 bits) ● Next Header - identifier of next level protocol: ICMP, TCP, UDP, etc. ● Hop Limit - Replaces TTL field Layer 3 hop count (8 bits) ● Source Address - source IPv6 address (128 bits) ● Destination Address - destination IPv6 address (128 bits)

27. 27 IPv6 Packets IPv6 Path MTU Discovery 1. The source host sends a packet no larger than its MTU to the destination host. 2. If the MTU of a device's output interface is smaller than the packet, the device performs the following operations ● Discards the packet. ● Returns an ICMPv6 error message containing the interface MTU to the source host. 1. Upon receiving the ICMPv6 error message, the source host performs the following operations: ● Uses the returned MTU to limit the packet size. ● Performs fragmentation. ● Sends the fragments to the destination host. 1. Step 2 and step 3 are repeated until the destination host receives the packet. In this way, the source host finds the minimum MTU of all links in the path to the destination host.

28. 28 IPv6 Addresses

29. 29 IPv6 Addresses IPv6 Addresses Scope ● Global Unicast Addresses (starts at 0x2 or 0x3) ○ Operate on the Internet ○ Allocated by IANA ● Unique Local Addresses (starts at 0xFD) ○ not routed on the Internet ○ used without IANA permissions ● Link-local Addresses (starts at 0xFE80) ○ not routed ○ assigned automatically Unique Local Address: L = 1 the prefix is locally assigned L = 0 for future use

30. 30 IPv6 Addresses Special IPv6 Addresses There are special IPv6 addresses: ● Current host ::/128 ● Default route ::/0 ● Loopback ::1/128 ● All hosts in the communication channel FF02::1 ● All routers in the communication channel FF02::2 A host can create link-local address from MAC address: ● Insert 0xFFFE in the middle of IPv6 address ● Use vendor code of MAC address at the left side ● Use unique number of MAC address at the right side ● Invert Local Administered flag

31. 31 IPv6 Address Types Unicast, Multicast, Anycast There are three broad categories of IPv6 addresses: • Unicast – Unicast uniquely identifies an interface on an IPv6-enabled device. • Multicast – Multicast is used to send a single IPv6 packet to multiple destinations. • Anycast – This is any IPv6 unicast address that can be assigned to multiple devices. A packet sent to an anycast address is routed to the nearest device having that address. Note: Unlike IPv4, IPv6 does not have a broadcast address. However, there is an IPv6 all-nodes multicast address that essentially gives the same result.

32. 32 Dynamic Addressing for IPv6 GUAs RS and RA Messages Devices obtain GUA(Global Unicast Addresses) addresses dynamically through Internet Control Message Protocol version 6 (ICMPv6) messages. – Router Solicitation (RS) messages are sent by host devices to discover IPv6 routers – Router Advertisement (RA) messages are sent by routers to inform hosts on how to obtain an IPv6 GUA and provide useful network information such as: • Network prefix and prefix length • Default gateway address • DNS addresses and domain name – The RA can provide three methods for configuring an IPv6 GUA : • SLAAC - Stateless Address Autoconfiguration • SLAAC with stateless DHCPv6 server • Stateful DHCPv6 (no SLAAC)

33. 33 Introduction to Routing

34. 34 Introduction to Routing Dual stack concept IPv6 tunneling Proxying and translation (NAT-PT) Independent communication

35. 35 Introduction to Routing Host Routing Tables • On Windows, route print or netstat -r to display the PC routing table • Three sections displayed by these two commands: – Interface List – all potential interfaces and MAC addressing – IPv4 Routing Table – IPv6 Routing Table

36. 36 Introduction to Routing IP Router Routing Table There three types of routes in a router’s routing table: • Directly Connected – These routes are automatically added by the router, provided the interface is active and has addressing. • Remote – These are the routes the router does not have a direct connection and may be learned: • Manually – with a static route • Dynamically – by using a routing protocol to have the routers share their information with each other • Default Route – this forwards all traffic to a specific direction when there is not a match in the routing table

37. 37 Introduction to Routing Static Routing Static Route Characteristics: • Must be configured manually • Must be adjusted manually by the administrator when there is a change in the topology • Good for small non-redundant networks • Often used in conjunction with a dynamic routing protocol for configuring a default route

38. 38 Introduction to Routing Dynamic Routing Dynamic Routes Automatically: • Discover remote networks • Maintain up-to-date information • Choose the best path to the destination • Find new best paths when there is a topology change Dynamic routing can also share static default routes with the other routers. Commonly used protocols – EIGRP, OSPF, BGP.

39. 39 ICMP Messages

40. 40 ICMP Messages ICMPv4 and ICMPv6 Messages • Internet Control Message Protocol (ICMP) provides feedback about issues related to the processing of IP packets under certain conditions. • ICMPv4 is the messaging protocol for IPv4. ICMPv6 is the messaging protocol for IPv6 and includes additional functionality. • The ICMP messages common to both ICMPv4 and ICMPv6 include: • Host reachability • Destination or Service Unreachable • Time exceeded Note: ICMPv4 messages are not required and are often not allowed within a network for security reasons.

41. 41 ICMP Messages Host Reachability ICMP Echo Message can be used to test the reachability of a host on an IP network. In the example: • The local host sends an ICMP Echo Request to a host. • If the host is available, the destination host responds with an Echo Reply.

42. 42 Ping and Traceroute Tests Ping – Test Connectivity • The ping command is an IPv4 and IPv6 testing utility that uses ICMP echo request and echo reply messages to test connectivity between hosts and provides a summary that includes the success rate and average round-trip time to the destination. • If a reply is not received within the timeout, ping provides a message indicating that a response was not received. • It is common for the first ping to timeout if address resolution (ARP or ND) needs to be performed before sending the ICMP Echo Request.

43. 43 Ping and Traceroute Tests Ping the Loopback Ping can be used to test the internal configuration of IPv4 or IPv6 on the local host. To do this, ping the local loopback address of 127.0.0.1 for IPv4 (::1 for IPv6). • A response from 127.0.0.1 for IPv4, or ::1 for IPv6, indicates that IP is properly installed on the host. • An error message indicates that TCP/IP is not operational on the host.

44. 44 Ping and Traceroute Tests Ping a Remote Host Ping can also be used to test the ability of a local host to communicate across an internetwork. A local host can ping a host on a remote network. A successful ping across the internetwork confirms communication on the local network. Note: Many network administrators limit or prohibit the entry of ICMP messages therefore, the lack of a ping response could be due to security restrictions.

45. 45 Ping and Traceroute Tests Traceroute – Test the Path • Traceroute (tracert) is a utility that is used to test the path between two hosts and provide a list of hops that were successfully reached along that path. • Traceroute provides round-trip time for each hop along the path and indicates if a hop fails to respond. An asterisk (*) is used to indicate a lost or unreplied packet. • This information can be used to locate a problematic router in the path or may indicate that the router is configured not to reply. Note: Traceroute makes use of a function of the TTL field in IPv4 and the Hop Limit field in IPv6 in the Layer 3 headers, along with the ICMP Time Exceeded message.

46. 46 Ping and Traceroute Tests Traceroute – Test the Path (Cont.) • The first message sent from traceroute will have a TTL field value of 1. This causes the TTL to time out at the first router. This router then responds with a ICMPv4 Time Exceeded message. • Traceroute then progressively increments the TTL field (2, 3, 4...) for each sequence of messages. This provides the trace with the address of each hop as the packets time out further down the path. • The TTL field continues to be increased until the destination is reached, or it is incremented to a predefined maximum.

47. 47 Thank You

Networking essentials lect2

Networking essentials lect2

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados(20)

Similar a Networking essentials lect2

Similar a Networking essentials lect2(20)

Mais de Roman Brovko

Mais de Roman Brovko(20)

Último

Último(20)

Networking essentials lect2