Chapter 7 Support infrastructure for networking DHCP, NAPT, ARP, DNS

Chapter 7

Support infrastructure for networkingDHCP, NAPT, ARP, DNS

Contents

• DHCP (Dynamic host configuration protocol)• RFC 1918 non-routable addresses• Network address translation• Address resolution protocol• Domain Name System• Home networking

2

DHCP ARPHome

networkingDNSNATRouting

DHCP

• A big part of the usefulness of IP addresses is the flexibility in their assignment

• However, manual assignment is very prone to errors

3

DHCP ARPHome


IP address allocation efficiency

• With 32-bit addresses, there can be 232 = 4 billion addresses

• However, these addresses are not assigned very efficiently

• Further, at any given time, only a small fraction of the computers are actually communicating with other computers outside the organization

4

DHCP ARPHome


Solving IP address availability

• So, the real fear is that we could be running out of IP addresses

• The long-term solution is to increase the pool of IP addresses– IPv6 is this solution

– Provides trillions of IP addresses/ square foot of the Earth’s surface

• Dynamic host control protocol (DHCP) is one part in a 3-part short-term solution

5

DHCP ARPHome


The DHCP solution

• DHCP enables programmatic assignment and collection of IP addresses

• Defined in RFC 2131 (March 1997)• Addresses may be allocated in 3 ways:

– Automatic

– Manual

– Dynamic6

http://www.ietf.org/rfc/rfc2131.txt

DHCP ARPHome


DHCP dynamic allocation

• Allows automatic reuse of an address when it is no longer needed by the computer to which it was assigned

• Each subnet has access to at least one DHCP server

• All DHCP clients look for a DHCP server upon startup to get network parameters

7

DHCP ARPHome


DHCP server and client settings

DHCP ARPHome


DHCP operation timelineClient

Server (not selected)

Server (selected)

Begins initialization

DHCP DISCOVER DHCP DISCOVER

Determines configuration

Determines configuration

DHCP OFFERDHCP OFFER

Collects replies

Selects configuration

DHCP REQUEST DHCP REQUEST

Commits configuration

DHCP ACK

Initialization complete

Graceful shutdown

Lease discarded

DHCP RELEASE

9

DHCP ARPHome


DHCP dynamic allocation

• The DHCP server provides an IP address for a fixed duration in response to a client’s DHCP request

• The DHCP server also provides all network configuration information the client needs to operate

10

DHCP ARPHome


DHCP – address leasing

• Duration of address assignment is called lease-time

• The client can request the DHCP server for an extension of the lease before the lease expires

• In a typical DHCP client-server interaction– Client sends a DHCP DISCOVER– Server responds with DHCP OFFER– DHCP REQUEST broadcasts client selection– Selected server sends DHCP ACK

11

DHCP ARPHome


Sample dhcpd.confoption domain-name “datacomm.example.com";option domain-name-servers 10.1.1.1, 10.2.1.1, 10.3.1.1;option routers 10.1.1.254;option subnet-mask 255.255.255.128;default-lease-time 21600;

subnet 10.1.1.128 netmask 255.255.255.128 { range 10.1.1.236 10.1.1.253;}

host www {hardware ethernet 00:06:5B:CE:39:05;fixed-address 10.1.1.2;host-name “www.datacomm.example.com";

}

Dynamic allocation range

Manual allocation

Network options

12

DHCP ARPHome


Non-routable Addresses

• Address reuse– Second component of 3-part short-term solution

to the shortage of IP addresses• Certain IP addresses have been defined to be

reusable as many times as necessary

• Defined in RFC 1918 (1996)

13

http://www.faqs.org/rfcs/rfc1918.html

DHCP ARPHome


Non-routable address blocks

• Three blocks have been defined in RFC 1918– 10.0.0.0 - 10.255.255.255 (10/8 prefix)– 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)– 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

• Any person or organization may use these addresses internally without any co-ordination with any Internet registry

• Routers do not advertise routes with non-routable addresses to other organizations

14

DHCP ARPHome


Using non-routable addressesE

xte

rna

l IP

24

.26

.79

.19

Internal IP192.168.2.1 192.168.2.3

192.168.2.2

Home 2NAPT

DHCP ARPHome


Network Address Translation (NAT)

• Third component of 3-part solution to IP address shortage

• Definition (RFC 2663)– Method by which IP addresses are mapped from

one address block to another, providing transparent routing to end hosts

16


DHCP ARPHome


NAT

• NAT is specified in RFC 3022• Until IPv6 is universally deployed, NAT and RFC

1918 expands the availability of IP addresses

• Many experts hate NAT because it does not preserve IP addresses end-to-end

17


DHCP ARPHome


Basic NAT operation

18

192.

168.

2.0/

24

65.3

2.2

6.70

192

.16

8.2

.1

To 131.247.80.88 65.32.0.0/15

NAT routerN

etw

ork

b

ord

er

Internal (home) networkExternal (ISP) network

192.168.2.3

12

3 4

Source address: 192.168.2.2Destination address: 131.247.80.88




192.168.2.2

Direction

Out

In

Field

IP Source

IP destination

Old

192.168.2.2

65.32.26.70

New

65.32.26.70

192.168.2.2

NAT forwarding table

DHCP ARPHome


NAT in use

• The single external IP address can support many clients in the internal network

• The NAT router translates between internal IP addresses and its own external address

• Designed to support outbound connections from the internal network

19

DHCP ARPHome


Using NAPT and RFC 1918 addresses

Carrier

External IP24.26.79.18

192.168.2.2

192.168.2.3

Ext

erna

l IP

24.2

6.79

.19

Internal IP192.168.2.1

Internal IP192.168.2.1 192.168.2.3

192.168.2.2

Home 1

Home 2NAPT

NAPT

20

DHCP ARPHome


Network Address Port Translation

• Abbreviated as NAPT

• Described in RFC 3022• NAPT can vastly expand the availability of

IP addresses by enabling each IP address to serve up to 65,536 separate connections to each remote host

21


DHCP ARPHome


Address Resolution Protocol (ARP)

• ARP is used to find Ethernet addresses at the data-link layer for destinations with a known IP address

• Defined in RFC 826 (1982)• Global routes are composed of a sequence of

next hops

22


DHCP ARPHome


Need for ARP

• But to physically send the packet to the next hop, we need to know its Ethernet (MAC) address

• ARP is used to discover the MAC address of the device at the next hop when its IP address is known

• ARP links addressing at 2 layers – network and data link

23

DHCP ARPHome


ARP operation

24

192.168.2.13

Internet

192.168.2.11

192.168.2.12Router A

192.

168.

2.1

1

Who has 192.168.2.1, tell 192.168.2.11

2

192.168.2.1 is at00:11:43:AB:AA:02

DHCP ARPHome


ARP operation

• Before the first packet in a stream is transmitted, the sender creates a special packet called an ARP request and broadcasts it on the LAN

• The computer/ router with the address replies with its MAC address

25

DHCP ARPHome


ARP packets

• ARP request– Sender MAC Address : 00:11:50:3a:da:22– Sender IP address : 192.168.2.11– Target MAC Address : 00:00:00:00:00:00– Target IP address : 192.168.2.1

• ARP response– Sender MAC Address : 00:18:8b:c9:24:6b– Sender IP address : 192.168.2.1– Target MAC Address : 00:11:50:3a:da:22– Target IP address : 192.168.2.11

Plac

e-ho

lder

ad

dres

s

Resp

ons

e fr

om

targ

et

26

DHCP ARPHome


ARP data

• Resolved MAC addresses are saved in cache for some time

27

DHCP ARPHome


Domain name system (DNS)

• Computers are uniquely identified on the Internet by their IP addresses

• However, IP addresses are not very easy to remember

• The domain name system was developed to make it easier for humans to identify computers

28

DHCP ARPHome


DNS use

29

Internet

Client192.168.2.11

Router A

192

.168

.2.1

1

Standard querywww.ub.edu

2

Standard query responsewww.ub.edu is at 128.205.4.175

DHCP ARPHome


The need for a Name Service

• Initially, the Internet was small, and all users maintained a hosts file to translate names to IP addresses– Entries appeared as follows:

131.247.222.249 www.usf.edu

• The need was recognized for a system

30

DHCP ARPHome


DNS

• The solution was domains and DNS– RFC 1034– RFC 1035

• Domain names are arranged hierarchically, originating from a common root– Hierarchy based on administrative structure, e.g.

• .edu– usf.edu

» coba.usf.edu

• As we move from right to left, domain names identify increasingly specific units of the network

31

ftp://ftp.rfc-editor.org/in-notes/rfc1034.txt

ftp://ftp.rfc-editor.org/in-notes/rfc1035.txt

DHCP ARPHome


Domain naming hierarchy.

com edu org

google youtube

groups www

ucf usf ub

coba ismlab

dcom

caida

Naming universe

Top level domains

Endpoint domains

dcom.ismlab.usf.edu.

www

www.usf.edu.

Intermediate domains

32

DHCP ARPHome


Domain hierarchy

• The name at each hierarchical level is a domain– Domains are sub-domains of their parent domains– The domain’s name includes all names to its right

– Each domain maintains jurisdiction over its immediate sub-domains, and only these sub-domains

– Each domain is responsible to translating these sub-domain names to IP addresses

33

DHCP ARPHome


Domain names

• The rightmost part of all domain names is . which represents the entire Internet

• All domain names are unique

• The hierarchical structure of the Internet enables delegation of naming services

34

DHCP ARPHome


Top level domains

• A number of top-level domains have been created– Root zone database at www.iana.org– Open domains

• Anybody can register– .com, .biz, .org, .net, .info

– Limited domains• Conditions must be satisfied for membership

– .edu, .int, .gov, .mil, .pro (licensed doctors, attorneys and accountants)

– Industry-specific domains

– Country domains

35

http://www.iana.org/domains/root/db/

DHCP ARPHome


DNS lookups

• Every computer on the Internet knows the IP address of a name server it can use

• When a user types a URL, the resolver in the computer first asks its name server for the IP address corresponding to this URL

36

DHCP ARPHome


Typical DNS Query# dig www.buffalo.edu @ mother.usf.edu

;; Got answer:;; QUESTION SECTION:;www.buffalo.edu. IN A

;; ANSWER SECTION:www.buffalo.edu. 86400 IN A 128.205.4.175

;; AUTHORITY SECTION:buffalo.edu. 71951 IN NS ns.buffalo.edu.buffalo.edu. 71951 IN NS sybil.cs.buffalo.edu.Buffalo.edu. 71951 IN NS accuvax.northwestern.edu.

;; ADDITIONAL SECTION:ns.buffalo.edu. 71951 IN A 128.205.1.2sybil.cs.buffalo.edu. 53404 IN A 128.205.32.8accuvax.northwestern.edu. 11624 IN A 129.105.49.1

;; Query time: 3 msec;; SERVER: 131.247.100.1#53(mother.usf.edu)

Query Name server

IP address

Name servers

Security measure

NS IP address

Success

37

DHCP ARPHome


DNS Operation

• Domains are called zones in the context of the domain name service

• Name servers have two kinds of data

• If the name for a foreign zone is requested, a recursive query results if there is no entry in cache

38

DHCP ARPHome


Recursive DNS query resolutionLocal name server

Client resolver

“.”

name server

usf.edu.name server

edu.

name server

.

orgcom

edu

usf ub

Res

olv

er q

uer

yW

hat

is th

e IP

add

ress

of

ww

w.u

sf.e

du?

An

swer

The

IP a

ddre

ss o

f ww

w.u

sf.e

du is

131.

247

.80.

88

Query for the IP address of www.usf.edu

Referral to .edu name server


Referral to usf.edu name server


IP address of www.usf.edu

1

2

3

4

5

6

7

8

39

DHCP ARPHome


DNS query resolutionpns:~# dig +trace www.usf.edu; <<>> DiG 9.2.4 <<>> +trace www.usf.edu

. 77639 IN NS E.ROOT-SERVERS.NET.(and other root name servers)

edu. 172800 IN NS E.GTLD-SERVERS.NET.(and other .edu name servers)

usf.edu. 172800 IN NS justincase.usf.edu.usf.edu. 172800 IN NS mother.usf.edu.(and other usf.edu name servers)

www.usf.edu. 600 IN A 131.247.80.88

40

DHCP ARPHome


IP address volatility and the benefit of DNS

DHCP ARPHome


DNS Configuration$TTL 86400

@ IN SOA pns.example.com. hostmaster.example.com. (serial 2008072701

)

IN NS pns.example.com.IN MX 10 mail.example.com.

pns A 192.168.16.129www A 192.168.16.129 mail A 192.168.16.130

test NS demodemo A 192.168.16.143

Time to live

NS start of authority Admin email: [email protected]

Name server update counter

Resource recordswww.example.com is at

192.168.16.129

Delegation: NS for test.example.com is atdemo.example.com (192.168.16.143)

42

DHCP ARPHome


DNS Configuration

• The administrator for the .com. domain delegates authority for example.com

• The example.com name server authoritatively defines the IP addresses for all resources in its domain

• example.com delegates responsibility for test.example.com to demo.example.com

43

DHCP ARPHome


DNS Configuration

• TTL– Zones will not change for the next 86400 seconds

(1 day)• Foreign NS can cache query results for 1 day

• Serial– NS keeps track of last serial number– If serial number > last serial number

• NS broadcasts entire zone table to backup NS

44

DHCP ARPHome


Putting it all together: Home networking

• We have now seen all the components used to build home networks using off-the-shelf wireless routers

• The wireless router acts as a NAPT router and DHCP, DNS server

45

DHCP ARPHome


Home networking

(1) ipconfig output on home computer

(2) Wireless router status page

Wireless router provides network services on internal

address

WAN address visible to outside world

(3) External IP address

46

DHCP ARPHome


Home networking

• WAN IP address can be looked up at ARIN website

Summary

• Why DHCP• Why non-routable IP addresses• Why ARP• Why DNS• Components of home network

Case study – Yahoo! Stores

• DNS and virtual hosting enable ISP services• For example, consider Yahoo! stores# nslookup www.green-tooth.com

– Non-authoritative answer:– www.green-tooth.com canonical name = stores.yahoo.net.– stores.yahoo.net Address: 68.142.205.137– www.invitationshack.com canonical name = stores.yahoo.net.– stores.yahoo.net Address: 68.142.205.137

Case study – Yahoo! stores

Internet

DNS server

Client

Web sites folder

example_com

example_org

example_net

www.example.org

www.example.net

www.example.com

www.example.org

www.example.net

www.example.com

Web server

Hands-on exercise

• nslookup

Network design exercise

• Services requiring externally addressable IP addresses

• Add Internet connection• Include NAPT device

Documents

Chapter 7 Support infrastructure for networking DHCP, NAPT, ARP, DNS