IPv4 (Part III)4 Network Address Translation (NAT) nPrivate Network nGood practice to use private...

1

IPv4 (Part III)

รศ.ดร.อนันต์ ผลเพิ/ม

Asso. Prof. Anan Phonphoem, Ph.D.anan.p@ku.ac.th

http://www.cpe.ku.ac.th/~ananComputer Engineering Department

Kasetsart University, Bangkok, Thailand

Jan 2020

2

Outlinen IP Fundamental Operationn Internet Protocoln Addressingn Supporting Protocol

n ARPn ICMP: ping + tracerouten NATn DHCP

3

Network Address Translation (NAT)

4

Network Address Translation (NAT)

n Private Networkn Good practice to use private address

n Map local addresses to (real) public IP address(es)

n Security (not expose internal details)n Alleviate IP depletion

5

Private IP address

Class RFC 1918 CIDR prefixA 10.0.0.0 – 10.255.255.255 10.0.0.0/8

B 172.16.0.0 – 172.31.255.255 172.16.0.0/12

C 192.168.0.0 – 192.168.255.255 192.168.0.0/16

6

Stub Networkn Operates at the border of a stub network

7

ADSL Router

WLAN ADSL Router

Stub Network Example ADSL Connection

ADSL Modem InternetISP

Telephone Line

ADSL Modem

ADSL Modem

8

NAT

“One” or “Pool” of IP addresses

Example

9

Internet

Site using private addresses

172.18.3.1

172.18.3.2

172.18.3.20

Source: 172.18.3.1 Source: 200.24.5.8

Destination: 200.24.5.8Destination: 172.18.3.1

200.24.5.8172.18.3.254

10

Configure NAT

n Static Translationn Dynamic Translation

11

Static Translation

12

Dynamic Translation

Many-to-one Mapping ???Many inside IP à one outside IP

13

PAT: Port Address Translation (Overloaded NAT)

14

PAT

179.9.8.80

15

Disadvantages of NAT

n Delayn Loss of end-to-end abilityn Might not work with some applications

16

Outlinen IP Fundamental Operationn Internet Protocoln Addressingn Supporting Protocol

n ARPn ICMP: ping + tracerouten NATn BOOTP/DHCP ß Application Protocol

17

Bootstrap Protocol (BOOTP)

18

BOOTPn RFC951 (Sep 1985) for RARP

replacementn Diskless terminaln Discover its own IP addressn Download executable image filen Small program built in chip

n BOOTH and TFTPn Application Protocol

n Encapsulated in IP and UDP

http://www.davewentzel.com/sites/default/files/vt510.jpg

19

TCP/IP Protocol Suite (Internet Model)

Applications User service and interface5

Transport Process delivery + Error (TCP/UDP)4

Network Packet end-to-end (across network)3

Data Link2

Physical (mechanical and electrical spec)1

Provide framesNode-to-node (same network segment)Transmission bit streams

Move packets from source to destination

Reliable end-to-end (whole message)

20

TCP/IP protocol Suite

Application

TCP UDP

IP

Datalink

Physical

21

BOOTP packet format

22

Operation

23

Dynamic Host Configuration Protocol (DHCP)

24

DHCP

n BOOTP Enhancementn RFC 1531 (Oct 1993 – 8 yrs. After BOOTP)n Same message structure as BOOTPn Can choose among many DHCP servers

25

DHCP packet

26

Operation

CIADDR : Client IP AddressGIADDR: Gateway IP AddressCHADDR: Client Hardware Address

27

DHCP Message

28

DHCP transition diagram

29

DHCP Relay

Gateway

192.168.1.0

192.168.2.0

30

DHCP Relay

Gateway

192.168.1.0

192.168.2.0

31

Summaryn IP Fundamental Operationn Internet Protocoln Addressingn Supporting Protocol

n ARPn ICMP: ping + tracerouten NATn BOOTP/DHCP ß Application Protocol

Homework

32

1. Find out an application (e.g. games) does not work with NAT ? Please explain why.

2. According to DHCP, identify one problem/attack that might occur.

Note:• Reference• ~2 pages (1 page for each problem)