ARPlec

7/27/2019 ARPlec

1/22

#

1Dr. L. Christofi Spring 2009

Lecture 9

Network Layer: Internet Protocol

ACOE412

Data Communications

Spring 2009


0. Overview0. Overview

In this lecture we will cover the following topics:

15.Network Layer: Internet Protocol

15.1 ARP

15.2 IP

15.3 ICMP

15.4 IPv6

15.5 Summary (part 15)

7/27/2019 ARPlec

2/22

#


15.1 NETWORK LAYER PROTOCOLS15.1 NETWORK LAYER PROTOCOLS

In this section, we discuss the five network layer protocols:In this section, we discuss the five network layer protocols:

ARP, IP and ICMPARP, IP and ICMP

Address Resolution ProtocolAddress Resolution Protocol

IPIP

ICMPICMP

IPv6IPv6

Topics discussed in this section:Topics discussed in this section:


Protocols at Network Layer

IP is responsible for host-to-host delivery of datagrams fromsource to destination.

ARP: Find the MAC (Physical) address of the next hop. Data linklayer encapsulates this address into the frame

ICMP: Handle unusual situations such as the occurrence of anerror.

IP is meant for unicast. For Multicast, we need IGMP.

7/27/2019 ARPlec

3/22

#


Address Resolution Protocol (ARP)

Hosts and routers are recognized at the network level by their

IP addresses. IP is unique. At physical network level, we use MAC. MAC is unique locally

but not necessarily universally.

We need both IP and MAC address because a physical network,such as Ethernet, can have two different protocols at thenetwork layer, such as IP and IPX (Novell), at the same time.Likewise, a packet at a network layer such as IP may passthrough different physical networks, such as Ethernet andToken Ring.

IP and MAC address need to be mapped.


Static MappingHaving a table of IP and MAC address mapping in all the

machines.Limitations if MAC address changes due to

Change of network card In LocalTalk, MAC address changes when a machine is turned on A mobile computer can move from one network to another and so can

gain different MAC address.

Dynamic mappingEach machine knows one of the two addresses.

Use a protocol to get the other address.ARP & RARP. RARP is now replaced by DHCP.ARP associates an IP address with its MAC address.

ARP mapping

7/27/2019 ARPlec

4/22

#


ARP Operation

ARP request has the senders IP and MAC & the receivers IP address.Its a broadcast as the physical address of the receiver is unknown.

All hosts in the network processes this request but only the intendedrecipient responds. Response is unicast.


Hardware Type: 16-bits; Defining the type of network; Ethernetis 1.

Protocol Type: 16-bits; IPv4 is 0800.

Hardware and Protocol length is 8-bits.

ARP Packet Format

7/27/2019 ARPlec

5/22

#


Encapsulation of ARP Packet

Start of Frame Delimiter -SDF


Sender knows the IP address of the target.

IP asks ARP to create ARP request message. It includes senders andtargets IP and physical addresses. Target Physical address is all 0s.

Message is passed to data link layer, encapsulated in a frame usingsenders physical address. The physical destination address is thebroadcast address.

All machines drop the packet except the targeted machine. Targetmachine identifies the IP address.

Target machine sends the ARP reply with its physical address.

Sender receives the reply and knows the physical address of target.

IP datagram, carries data for target machine, is now encapsulated ina frame and is unicast to the destination.

Delivery of the Datagram

7/27/2019 ARPlec

6/22

#


Four cases using ARP


Case 1: Map the destination IP address to the physicaladdress of the destination host (host MAC).

Case 2: Map the IP address of the router to the physicaladdress (router MAC).

Case 3: IP of next router is mapped to the physical address

(MAC of next router)

Case 4: Destination IP is mapped to the destination MAC

Four cases using ARP

7/27/2019 ARPlec

7/22

#


A host with IP address 130.23.3.20 and physical address B23455102210has a packet to send to another host with IP address 130.23.43.25 and

physical address A46EF45983AB. The two hosts are on the sameEthernet network. Show the ARP request and reply packets encapsulated

in Ethernet frames.

Solution

Figure in next slide shows the ARP request and reply packets. Note thatthe ARP data field in this case is 28 bytes, and that the individual

addresses do not fit in the 4-byte boundary. That is why we do not showthe regular 4-byte boundaries for these addresses. Note that we usehexadecimal for every field except the IP addresses.

Example


Example

Start of Frame Delimiter -SDF

7/27/2019 ARPlec

8/22

#


Host-to-host network layer delivery protocol for the Internet. Unreliable and connectionless datagram protocol Best-effort: no error control or flow control. Has error detection mechanism to discard the packets that

are corrupted. For reliability, use IP with TCP. Each datagram is delivered independently and via different

routes. Datagrams: Packets of IP layer.

Variable-length packet consisting of header [20 to 60 bytes]and data.

IP


IP datagram

HLEN must be multiplied by 4 to get the length in bytes

Differentiated services: QoS

Total length = length of data + header length

TTL: number of hops; approx 2 times the maximum number of routesbetween any two hosts.

Protocol: Defines the higher level protocol that uses IP layer.

7/27/2019 ARPlec

9/22

#


Protocols: Multiplexing

Value Protocol

1 ICMP

2 IGMP

6 TCP

17 UDP

89 OSPF


Checksum only covers the header and not data.Data checksum is handled by higher-level protocols that

encapsulate the data in the IP datagram.Header changes when packets travels on the network but

data does not change.

Calculate ChecksumDivide the IP header into 16-bit sections.Value of checksum field is set to zero.

All the sections are added and the sum is complemented.The result is inserted in the checksum field.

Checksum

7/27/2019 ARPlec

10/22

#


Example of checksum calculation


Fragmentation

Fragmentation

Each router on the network decapsulates the IP datagram from theframe it receives, process it, and then encapsulates it in another frame.

Format and size depends on the incoming and outgoing physicalnetwork.

IP datagram must be divided to make it possible to pass through thesephysical networks. This is called fragmentation

Maximum Transfer Unit (MTU)

To make IP independent of the physical network, the maximum lengthof IP is equal to the largest maximum transfer unit (MTU) 65,535 bytes.

7/27/2019 ARPlec

11/22

#


Identification: Same for all the fragments. Helps destination inreassembly of fragments.

Flags: 3-bit field.

First bit is reserved.

Second bit is called Dont fragment bit. If set, dont fragment thepacket. If set and still needs fragmentation, discard the packet andsend an ICMP message to the source host.

Third field is more fragment bit. If 0 means that this is the lastfragment.

Fragmentation offset

13-bit field shows the relative position of this fragment with respect tothe whole datagram.

It is the offset of the data in the original datagram measured in unitsof 8 bytes.

Forces hosts or routers that fragment datagrams to choose the size ofeach fragment so that the first byte number is divisible by 8.

Fragmentation Fields


Example

If needed, the packets are fragmented. Each fragmented

datagram has a header of its own. A fragmented datagram mayitself be fragmented if it encounters a network with an evensmaller MTU.

Fragmentation is done at source or at the routers on the fly. Re-assembly is done only at the destination.

7/27/2019 ARPlec

12/22

#


ICMP: Internet Control Message Protocol

IP lacks error control.

No error-reporting or checking. What happens if router can not find a final destination? What if time-to-live filed has zero value? What will happen if final destination has not received all the fragments

within a pre-determined time limit?

Lacks of assistance mechanisms.A host sometimes needs to determine if a router or another host is alive.And sometimes a network manager needs information from another host

or router.

ICMP (Internet Control Message Protocol) is a network layer protocol. ICMP Messages are encapsulated inside IP datagrams before going to

the lower layer. Protocol field in IP header is 1 for ICMP.


ICMP Encapsulation

7/27/2019 ARPlec

13/22

#


Types of ICMP Messages

1. Error-Reporting Messages

2. Query Messages

Error-Reporting Messages:

Chance of error always exists and ICMP handles errorreporting

Error reporting messages are always sent to the originalsource.

ICMP uses the source IP address to send the errormessage to the source (originator) of the datagram.


Error-Reporting Messages

7/27/2019 ARPlec

14/22

#



Destination unreachable

Router can not route a datagram or a host cannot deliver adatagram, the datagram is discard and message sent to thesource.

Source Quench IP is connectionless protocol and so no control of flow or

congestion.Source has no idea whether the destination host has been

overwhelmed with datagrams.When a router or host discards a datagram due to congestion, it

sends a source-quench message to the sender of the datagram. To inform sender about the loss of the datagram To warn the source that there is congestion in the path and that the

source should slow down the sending process.


Time-exceeded: Generated in two cases When a router receives a datagram with TTL as 0, then the router discards

the datagram and sends a message to the source. When all fragments that make up a message do not arrive at the

destination host within a certain time limit.

Parameter Problem If a router or the destination host discovers an ambiguous or missing value

in any field of the datagram, it discards the the datagram and sends amessage back to the source.

Redirection Routing decision on routers is made using routing protocols but in the case

of hosts, there is no routing protocol.

A host may send a datagram, which is destined for another network, to thewrong router. In this case, the router that receives the datagram willforward the datagram to the correct router. However, to update therouting table of a host, it sends a redirection message back to this host.


7/27/2019 ARPlec

15/22

#


Query Messages

In the case of query message, a node sends a message that is answeredin a specific format by the destination node.

Echo request and reply: for diagnostic purposes

Time-stamp request and reply: to determine the round trip time and alsoto synchronize the clocks in two machines.

Address mask request and reply: Request by a host to know its subnetmask to the router.

Router solicitation and advertisement: Solicitation is request by host to

know the route to send a packet. Reply comes from the router asadvertisement.


IPv4

Two level address structure. Inefficient.

For real-time audio and video transmission, there is nominimum delay strategies and reservation of resources.

No security mechanism [encryption and authentication ofdata].

IPv6 [IPng: IP next generation]

Larger address space: 128 bits long.

Better header format: Options are separated from baseheader. This simplifies and speeds up the routing processbecause most of the options do not need to be checked byrouters.

IPv6

7/27/2019 ARPlec

16/22

#


IPv6 [IPng: IP next generation]New options: For additional functionalities.

Allowance for extension

Support for resource reservation: Type-of-service has beenremoved but a mechanism called flow label has been added toenable the source to request special handling of the packet.This mechanism can be used to support traffic such as real-time audio and video.

Support for more security: encryption and authenticationoptions in IPv6 provide confidentiality and integrity of thepacket.

IPv6


IPv6 Address

Hexadecimal colon notation

Divided into 8 sections, each 2 bytes in length

Two bytes in hexadecimal requires four hexadecimal digits.

Abbreviation Leading zeros of a section (four digits between two colons) can be

omitted.

Only the leading zeros can be dropped, not the trailing zeros.

7/27/2019 ARPlec

17/22

#


Abbreviated Address

Abbreviations are possible if there are consecutive sections consistingof zeros only.

We can remove the zeros altogether and replace them with a doublesemicolon. But only once per address.


CIDR Address

IPv6 allows classless addressing and CIDR notation.

Categories of addresses

Unicast: Single computer.

Anycast: A group of computers with addresses that have the sameprefix. All computers connected to the same physical network sharethe same prefix address. A packet sent to an anycast address mustbe delivered to exactly one of the members of the group.

Multicast: Group of computers that may or may not share the sameprefix and may or may not be connected to the same physicalnetwork. A packet sent to a multicast address must be delivered toeach member of the set.

7/27/2019 ARPlec

18/22

#


Format of an IPv6 Datagram


Base header: 40 bytes; Data + extension header= 65535 bytes

Ver: 4 bit; Priority: 4 bit

Flow label: 24 bit; Payload length: length of IP datagram excludingthe base header.

Next header: 8-bit field defining the header that follows the baseheader in the datagram. Sometimes, the pointer points to the upper-layer protocols header.

Hop limit: TTL.

Source / Destination Address: 16-bytes (128 bit). IP Add.

Fragmentation in IPv6 is possible only at the source.

Source must find the MTU using MTU discovery technique. ORMTU=576 bytes (smallest possible size)

Format of an IPv6 Datagram

7/27/2019 ARPlec

19/22

#


Comparison of Network Layers in v4 and v6

ICMPv6 is designed for IPv6

Some protocols that were independent in version 4 are now partof ICMPv6.

ARP and IGMP in version 4 are combined in ICMPv6.

RARP is dropped from the suite because it is seldom used.


IP Transition Strategies

Dual Stack: station should run IPv4 and IPv6 simultaneously until all theInternet uses IPv6. (Host DNS Query)

Tunneling: A strategy used when two computers using IPv6 want to

communicate with each other when the packet must pass through aregion that uses IPv4. To pass this region, IPv4 address is needed. IPv6packet is encapsulated in an IPv4 packet when it enters the region, andthe IPv6 packet leaves its capsule when it exits the region.

7/27/2019 ARPlec

20/22

#


Dual Stack and Tunneling


Header Translation

When the majority of the Internet has moved to IPv6 but somesystems still use IPv4.

Sender wants to use IPv6, but the receiver does not understand

IPv6. Tunneling does not work in this situation because the packet mustbe in the IPv4 format to be understood by the receiver. In this case,the header format must be changed totally through headertranslation.

7/27/2019 ARPlec

21/22

#


15.5 SUMMARY (part 15)

The Address Resolution Protocol (ARP) is a dynamic mapping method that finds a

physical address, given an IP address.

An ARP request is broadcast to all devices on the network.

An ARP reply is unicast to the host requesting the mapping.

IP is an unreliable connectionless protocol responsible for source-to-destinationdelivery.

Packets in the IP layer are called datagrams.

A datagram consists of a header (20 to 60 bytes) and data.

The MTU is the maximum number of bytes that a data link protocol can excapsulate.MTUs vary from protocol to protocol.

Fragmentation is the division of a datagram into smaller units to accommodate the

MTU of a data link protocol.

The fields in the IP header that relate to fragmentation are the identification number,the fragmentation flags, and the fragmentation offset.

The Internet Control Message Protocol (ICMP) sends five types of error-reportingmessages and four pairs of query messages to support the unreliable andconnectionless Internet Protocol (IP).

ICMP messages are encapsulated in IP datagrams.

The destination-unreachable error message is sent to the source host when adatagram is undeliverable.


15.5 SUMMARY continued (part 15) The source-quench error message is sent in an effort to alleviate congestion.

The time-exceeded message notifies a source host that (1) the time-to-live field hasreached zero or (2) fragments of a message have not arrived in a set amount oftime.

The parameter-problem message notifies a host that there is a problem in the headerfield of a datagram.

The redirection message is sent to make the routing table of a host more effective.

The echo-request and echo-reply messages test the connectivity between twosystems.

The time-stamp-request and time-stamp-reply messages can determine the roundtriptime between two systems or the difference in time between two systems.

The address-mask request and address-mask reply messages are used to obtain thesubnet mask.

The router-solicitation and router-advertisement messages allow hosts to updatetheir routing tables.

IPv6, the latest verstion of the Internet Protocol, has a 128-bit address space, aresource allocation, and increased security measures.

IPv6 uses hexadecimal colon notation with abbreviation methods available.

Three strategies used to make the transition from version 4 to version 6 are dualstack, tunneling, and header translation.

7/27/2019 ARPlec

22/22


References

W. Stalling, Local and Metropolitan Area Networks,6th edition, Prentice Hall, 2000

F. Halsall, Data Communications, Computer Networks andOpen Systems, 4th edition, Addison Wesley, 1995

B.A. Forouzan, Data Communications and Networking,4th edition, McGraw-Hill, 2007

W. Stallings, Data and Computer Communications,7th edition, Prentice Hall, 2004

Documents

ARPlec