Readings 01 - LPouliot/Junior-Spring-NET-330-01-Network-Design GitHub Wiki
Week 1 - Required Reading
From the textbook:
"Introduction to Computer Networks and Cybersecurity"
By: Chwan-Hwa Wu; J. David Irwin
Chapter 10:
Sections:
10.1 - 10.3
10.6
10.9.1 - 10.9.5
The Network Layer
The learning goals for this chapter are as follows:
Understand the role of the network layer in the protocol stack and the issues involved in connection-oriented and connectionless service
Learn the elements, and their functions, in the Internet Protocol version 4 (IPv4) header
Learn the function of the Type of Service field in the IPv4 header
Understand the various portions and functions of the IPv4 address
Learn the function of the Dynamic Host Configuration Protocol (DHCP) server and its relationship with the IP address, subnet mask, DNS server and default gateway
Understand the differences between unicast and multicast routing
Explore the details involved in routing between LANs
Understand the mapping operation performed by the Network Address Translation/Network Address Port Translation (NAT/NAPT)
Understand the protocols for dynamically opening holes with NAPT for application protocols
Learn the diagnostic operation of the Internet Control Message Protocol (ICMP)
Understand the salient operations of mobile IP
10.1 Network Layer Overview
10.1.1 The Need for Network and Link Layers
Why do we need both the network and link layers?
- Performance
- Security
- Cost
The switch cost is affected by the size of memory required for the switch table, and the performance depends on the time needed to search the switch table.
When there is only one layer, either Network or Link, the size of the switch or routing table must be large enough to contain every host in the Internet, which would render the cost prohibitively high, the table would never converge, and the search time would be forever.
When there is only a Link layer and no Network layer, broadcast storms impact performance and security. With a router and layer 2 switch, the network can be split into subnets and address all of these problems. Each layer 2 switch only handles the switching of a subnet and each router only handles the switching among subnets. In this case, the sizes of the layer 2 switch table and layer 3 routing table, as well as the associated search time, are in the usable range.
This separation of link and network layers also reduces the cost. “Divide and conquer” is the methodology for handling packet switching. In order to ensure that the size of the routing tables is reasonable, the routers are separated into two categories: interior gateway and exterior gateway. The former is inside a domain while the latter is outside. Interior gateway routing is performed by campus class routers, while exterior gateway routing is accomplished by carrier class routers
Use of the network layer:
10.1.2 Network Layer Functions
Datagram Routing in the Internet:
Datagrams move hop-by-hop through routers from a source subnet to a destination subnet.
Routers handle the bottom three layers of the protocol stack and process both IP and MAC addresses.
Source hosts encapsulate transport layer segments into datagrams, which move up and down the protocol stack during transit.
Role of Hosts and Routers:
Network layer protocols are implemented in both hosts and routers. Client OS (e.x., Windows XP/7) supports one NIC (network interface card) without routing/forwarding capabilities.
Server OS (e.x., Windows Server 2008) can be configured to route/forward between multiple NICs.
Routing and Forwarding:
- Routing:
Routers maintain routing tables, learning routes through algorithms and communication with other routers.
Routing tables map destination subnet IPs to the next hop interface IPs.
- Forwarding:
Routers or layer 3 switches direct packets from input to output ports based on the routing table.
This process is akin to travelers planning trips and switching flights at airports.
Network Layer Services:
Provides both connectionless (e.x., IP over Ethernet) and connection-oriented (e.x., ATM virtual circuits) services.
ATM (Asynchronous Transfer Mode - high-speed networking technology designed to transmit data efficiently. Asynchronous Transfer Mode transmits data in fixed-size packets called cells, each 53 bytes long (5 bytes for the header and 48 bytes for the payload)) is used for Internet backbone connections and as leased circuits for ISP access links between subscriber and provider edge routers.
10.2 Connection-Oriented Networks
Virtual Circuit Characteristics:
Mimics telephone circuits by establishing a dedicated path from source to destination.
Requires call setup and teardown before data transmission.
Packets are always received in order and carry a Virtual Circuit Identifier (VCI) instead of a destination IP.
Routers/switches along the path maintain state information for each connection.
Resources like bandwidth and buffers are allocated for prioritized traffic.
Virtual Circuit Types and Setup:
Links source and destination interfaces using VCIs, with one unique number for each link.
Forwarding tables for VCs are established through:
Permanent Virtual Circuits (PVCs): Used for leased corporate connections.
Switched Virtual Circuits (SVCs): Use signaling schemes for call setup.
Multiprotocol Label Switching (MPLS) is commonly used for circuit switching due to its efficiency.
VCI Management and Virtual Paths:
VCIs can change at each link/hop, managed by forwarding tables (analogous to changing flight numbers during a journey).
Multiple VCs between the same starting and ending switches can be grouped into a Virtual Path (VP), identified by a Virtual Path Identifier (VPI).
Example 10.1: ATM Switch Operations in Forwarding Cells from Input Port to Output Port
ATM switch operation using VPI/VCI in the cell header.
ATM Switch Operation:
Each ATM switch uses cell switching tables for input and output ports.
Tables can be configured for Permanent Virtual Circuits (PVCs) by operators or for Switched Virtual Circuits (SVCs) via signaling schemes.
Cell Routing and Translation:
Example: A cell with VPI/VCI = 2/4 at input port 7 is routed to output port 5, where the VPI/VCI is modified to 6/4 for the next switch.
Multicast routing is possible; e.g., a VPI/VCI of 1/3 could route to multiple output ports (2, 5, and 6).
VCs with the same starting and ending switches can be grouped into virtual paths (VPs) to simplify management.
VPIs may be unified for similar routes, while differing VPIs are assigned distinct paths.
Analogy with Airport Operations:
Input and output ports correspond to incoming and outgoing gates.
VPI/VCI values correspond to flight numbers, and switching tables are compareble to flight information displays.
Signal scheme for SVC: the edge routers handle the call setup procedure.
SVC Signaling Scheme:
Involves setup, maintenance, and teardown phases.
Datagrams are guaranteed to arrive in order.
Used in ATM, frame relay, and the Internet backbone.
Connection Setup in SVCs:
Signaling packets traverse intermediate switches, which check for QoS compliance and destination reachability based on ATM addresses.
If an intermediate switch fails either check, it sends a rejection packet back to the source.
If all checks are satisfied, the destination sends an acceptance message back through the path, establishing routing table entries.
Data Flow:
Once the connection is established, cells flow from the source (left edge router) to the destination (right edge router) over the SVC.
10.3 Connectionless Datagram Forwarding
AIP datagram network.
The IP network is connectionless, and no call setup is required at the network layer. The routers possess no state information concerning end-to-end connections, and packets are forwarded using the destination host IP address.
However, packets between the same source-destination pair may take different paths through the network and may not arrive in the original order sent by the source host. There is no QoS and no reliable delivery guarantee.
Example 10.2: The IP Address Prefix Employed in a Routing/Forwarding Table
Table 10.1:
- The Destination IP Address Range and Corresponding Router Interface for Forwarding
| Destination address range | Router interface | |
|---|---|---|
| 11001000 11010111 00000000 00000000 | ||
| through | 0 | |
| 11001000 11010111 00001111 11111111 | ||
| 11001000 11010111 00001000 00000000 | ||
| through | 1 | |
| 11001000 11010111 00001000 11111111 | ||
| 11001000 11010111 00010000 00000000 | ||
| through | 2 | |
| 11001000 11010111 00011111 11111111 | ||
| otherwise | 3 |
Table 10.1 illustrates a simple example of the IP address prefix present in a forwarding table. As indicated, the table lists the destination IP address range-vs.-router interface. So, if the destination IP address range falls between the first address line and the second, the datagram is routed/forwarded to router interface 0.
The router interface for the remaining destination address ranges is handled in a similar manner. For destination IP addresses that do not belong to the first 3 ranges, the default route is interface 3. A router follows the order of the entries and the default route is the last entry that forwards the datagrams containing the unspecified destination IP address in the previous entries.
The section IP address in Table 10.1 (here it's the sections without the numbers) is the IP address prefix and the routing/forwarding decision is based on this prefix
Table 10.2
- A Prefix-vs.-Router Interface Example
| IP address prefix for router interface | Router interface |
|---|---|
| 11001000 11010111 0000 | 0 |
| 11001000 11010111 00001000 | 1 |
| 11001000 11010111 0001 | 2 |
| otherwise | 3 |
Table 10.2 illustrates the destination IP address prefix, which is the important part of the IP address that is actually compared by a router. To configure a router, one may simply choose to set the routing table directly by specifying the prefix for each router interface. This is a simple task for a small network and it is referred to as static route configuration.
Example 10.3: The IP Address Prefix in Decimal Representation for Each Router Interface
Table 10.3
- The IP Address Prefix in Decimal Representation for Each Router Interface
| IP address prefix for router interface | Router interface |
|---|---|
| 200.215.0 | 0 |
| 200.215.8 | 1 |
| 200.215.16 | 2 |
| otherwise | 3 |
The IP address prefix in decimal representation for each router interface is shown in Table 10.3.
Each byte of the binary form of an IP address is converted to decimal. Given the destination IP address prefix of 200.215.x.x and the use of Table 10.3, the router uses the longest prefix entry for the router interface in the routing table as a match against the incoming destination IP address to determine the output interface.
As a result, the destination IP address: 200.215.8.193 (11001000 11010111 00001000 10100001) is routed to interface 1 because there is a match through the first 24 bits. The destination IP address: 200.215.0.204 (11001000 11010111 00000000 10101010) is routed to interface 0 because there is a match through the first 20 bits.
Table 10.4
- The IP Address Prefix in the Representation Containing Its Number of Bits for Each Router Interface
| IP address prefix for router interface | Router interface |
|---|---|
| 200.215.0/20 | 0 |
| 200.215.8/20 | 1 |
| 200.215.16/24 | 2 |
| otherwise | 3 |
In order to clearly specify the length of an IP address prefix, the number of bits in this prefix must be included in the table as shown in Table 10.4.
The IPv4 datagram format.
The Internet Protocol version 4 (IPv4) datagram format is outlined in Figure 10.6 [3]. The length of the IP header is a multiple of 32 bits and, in the absence of options, an IP header is typically 20 bytes in length.
Table 10.5
- A Description of Each IP Header Field
| IP header field | Description |
|---|---|
| The IP protocol version number | It is 4 bits long and 0100 for IPv “4.” |
| The 4-bit header length | Specifies the number of 32-bit words in the header. |
| 8-bit type of service | As an example, voice over IP in order to prioritize traffic. |
| The datagram length in the number of bytes | Includes header and data and comprises the remaining 16 bits. |
| The ID and Flag fields | Used to identify and control fragments. |
| The fragment offset | Used for fragmentation/reassembly. |
| The time to live | The allowed maximum number of remaining hops, decremented at each router. |
The header fields and their use are listed in Table 10.5.
Table 10.6
- The Value in the Protocol Field That Identifies the Transport Layer Protocol
Used in the payload of the IP datagram, e.g., TCP has a value of 6 as shown in Table 10.6 .
Example 10.4: The IP Datagram Format
The following packet is sent from 192.168.1.20 to the broadcast address 255.255.255.255:
- Ipv4: Src = 192.168.1.20, Dest = 255.255.255.255, Next Protocol = UDP, Packet ID = 52540, Total IP Length = 137
- Versions: IPv4, Internet Protocol; Header Length = 20
Version: (0100....) IPv4, Internet Protocol
HeaderLength: (....0101) 20 bytes (0x5)
- DifferentiatedServicesField: DSCP: 0, ECN: 0
DSCP: (000000..) Differentiated services codepoint 0
ECT: (......0.) ECN-Capable Transport not set
CE: (.......0) ECN-CE not set
TotalLength: 137 (0x89)
Identification: 52540 (0xCD3C)
- FragmentFlags: 0 (0x0)
Reserved: (0...............)
DF: (.0..............) Fragment if necessary
MF: (..0.............) This is the last fragment
Offset: (...0000000000000) 0
TimeToLive: 64 (0x40)
NextProtocol: UDP, 17(0x11)
Checksum: 28011 (0x6D6B)
SourceAddress: 192.168.1.20
DestinationAddress: 255.255.255.255
10.9 The IPv4 Address
10.9.1 Network Interface and IP address
Figure 10.12
- An IP addressing scheme.
An IPv4 address is a 32-bit identifier for a host or router interface, as shown in Figure 10.12. Although the IPv4 address is listed for convenience as a 4-byte decimal number, e.g., 131.204.1.1, it is the corresponding binary number, i.e., 10000011 110011001100 00000001 00000001, that is actually used in processing an IP address.
The first 8 bits correspond to 131, the next 8 bits correspond to 204, etc. In this case, the interface is a network module (or NIC) with one physical link. Client hosts typically have one interface, while routers typically have at least two. Servers may have one or more interfaces. There is one IP address and one MAC address associated with each interface.
10.9.2 Subnet
Figure 10.13
- A Network consisting of three subnets.
The network in Figure 10.12 can be viewed as shown in Figure 10.13 as an interconnection of three subnets. Each IP address has a subnet part, i.e., the high order bits (or prefix), and a host part (or host ID), i.e., the low order bits.
Hosts within the same subnet have interfaces with a common portion, i.e., the high order bits, of the IP address, and can communicate with one another without the services of the router. The IP address prefix for three subnets is 131.204.1, 131.204.2, and 131.204.3. The host part of the IP address for the left-top host is 2.
Figure 10.14
- A subnet is an isolated island of interfaces.
Traditionally, the gateway of each subnet has a host part (or host ID) = 1. For example, 131.204.1.1 is the gateway of subnet 131.204.1.0, where the host ID = 0 represents the subnet and cannot be used to represent any interface. In Figure 10.14, a subnet is represented by its IP address prefix and the number of bits contained in this prefix. For example, 131.204.1.0/24 identifies the left-top subnet which has a 24-bit prefix.
Within a network, like the one shown in Figure 10.14, a subnet can be determined by simply detaching each interface from its hosts and router. A switch/hub is a layer 2 device that does not have any interface and is transparent. Then, these interfaces form an island of isolated networks, each one of which is a subnet.
10.9.3 Network ID, Subnet ID and Host ID
Figure 10.16
- An example IP address.
Table 10.12
- Address Class Parameters
| Class | Prefix length | MSB | The range of MSByte |
|---|---|---|---|
| Class A | Network ID: 1 byte | MSB = 0 | 0 < MSByte < 127 |
| Class B | Network ID: 2 byte | MSBs = 10 | 128 ≤ MSByte ≤ 191 |
| Class C | Network ID: 3 byte | MSBs = 110 | 192 ≤ MSByte ≤ 223 |
| Class D | MSBs = 1110 | 224 ≤ MSByte ≤ 239 (Multicast) |
Table 10.13
- Early Recipients of a Class A IP Address
| Class A IP address | Organization | Assigned date |
|---|---|---|
| 008.0.0.0 | Level 3 Communications, Inc. | 1992-12 |
| 009.0.0.0 | IBM | 1992-08 |
| 012.0.0.0 | AT&T Bell Laboratories | 1995-06 |
| 013.0.0.0 | Xerox Corporation | 1991-09 |
| 015.0.0.0 | Hewlett-Packard Company | 1994-07 |
| 017.0.0.0 | Apple Computer Inc. | 1992-07 |
| 018.0.0.0 | MIT | 1994-01 |
IP Address Structure:
An IP address consists of a network ID, subnet ID, and host ID.
Auburn University's network address is 131.204.0.0/16 (Class B) with a 16-bit prefix.
The broadcast address is 131.204.255.255.
Reserved addresses:
131.204.0.0 represents the network.
131.204.255.255 is the broadcast address.
Address Classes:
Class A: One-byte network ID (e.g., MIT’s network ID = 18), with 3 bytes for subnet and host IDs.
Class B: Two-byte network ID.
Class C: Three-byte network ID.
Class D: Used for multicast groups (e.g., Dow Jones multicast IP = 224.0.18.2).
Special IP Addresses:
Loopback Range: 127.0.0.0 to 127.255.255.255 used for local host communication (e.g., 127.0.0.1 returns messages to the sender).
Zero Address Range: 0.0.0.0 to 0.255.255.255 is not part of the normal Class A range.
0.0.0.0 is used to represent any IP address for default routing.
Address Allocation:
ICANN is responsible for allocating IP addresses, managing DNS, assigning domain names, and resolving disputes.
Some Class A addresses were allocated in the early 1990s. IPv4 assignment details are maintained by ICANN.
Notable Example:
A hacker prank involved convincing an administrator that sensitive data was stored at 127.0.0.1, leading to confusion and a failed lawsuit.
10.9.4 Private IP Addresses
Table 10.14
- The Range of Private Addresses
| Class | Private start address | Private finish address |
|---|---|---|
| A | 10.0.0.0 | 10.255.255.255 |
| B | 172.16.0.0 | 172.31.255.255 |
| C | 192.168.0.0 | 192.168.255.255 |
Private IP Addresses:
Reserved ranges exist for Classes A, B, and C to address IPv4 shortages (e.g., 10.0.0.0 for large networks, 192.168.1.0 for smaller networks).
These addresses are used within private networks and cannot be routed on the public Internet.
Role of NAT/NAPT:
A Network Address Translation (NAT) or Network Address Port Translation (NAPT) router maps private IP addresses to a single public IP address provided by an ISP.
Most small office/home office (SOHO) routers support NAPT.
Functionality:
Private IP addresses are blocked by ISP firewalls but can communicate freely within a private network behind a NAT/NAPT router.
Outgoing datagrams from private hosts use the public IP address as the source address when accessing the Internet.
Address Range Examples:
Large Networks: 10.0.0.0 can accommodate up to 16 million hosts.
Small Networks: 192.168.1.0 can support up to 254 interfaces.
Benefit:
Proper use of private IP addresses with NAT/NAPT significantly alleviates IPv4 address shortages.
10.9.5 Classless Inter-Domain Routing
Due to the shortage of Class A and B IP addresses, most organizations are allocated the use of multiple Class C IP addresses. The result is the routing table size is bloated by unnecessary entries that slow down the routers. . Classless Inter-Domain Routing (CIDR) [6] eliminates the class limitation resulting from the network ID. The subnet part of the IP address can be of arbitrary length, and the CIDR address format is of the form a.b.c.d/x, where x is the number of bits in the subnet part of the IP address or the IP address prefix.
The subnet mask is another representation for specifying the number of bits in the subnet part of the IP address or the IP address prefix. A subnet mask contains all 1’s in the subnet portion and all 0’s in host part.