TCP/IP Internetworking (Part 2) (February 8, 2016) © Abdou Illia – Spring 2016 1 Border Router vs. Internal Router Border routers connect different networks In this case network 192.168.x.x and network 60.x.x.x). An “x” indicates anything Corporate network 192.168.x.x Subnet 192.168.2.x Internal Router Subnet 192.168.1.x Border Router ISP Network 60.x.x.x Subnet 192.168.3.x 2 Border Router vs. Internal Router (cont.) Internal routers connect different subnets in a network In this case, subnets: 192.168.1.x, 192.168.2.x, and 192.168.3.x. Corporate network 192.168.x.x Subnet 192.168.2.x Internal Router Subnet 192.168.1.x Border Router ISP Network 60.x.x.x Subnet 192.168.3.x 3 IP Routing Router RoutingA Router A Interface 1 Router B IP Routing Packet to 60.3.47.129 Interface 2 Network 60.x.x.x Routing Table for Router A Matches IP Address Next-Hop Route Range Metric Router Router C Network 1 60.3.x.x 9 B 60.3.x.x 2 128.171.x.x 2 B 3 60.3.47.x 8 C Host Host 4 10.5.3.x 6 B 60.3.45.129 60.3.47.129 5 128.171.17.x 2 Local 6 of10.4.3.x 2 C Because multiple alternative routes in router meshes, routers may have several rows that match an IP address. Routers must find All matches and then select the BEST ONE. This is slow and therefore expensive compared to switching. 4 IP Routing (cont.) The Routing Table Each router has a routing table that it uses to make routing decisions Routing Table Rows Each row represents a route for a RANGE of IP addresses—often a network or subnet All packets with destination addresses in this range are routed according to that row Route IP Address Range Governed by the route Metric Next-Hop Router 1 60.3.x.x 9 B 5 IP Routing (cont.) The Routing Table Routing Table Columns Row (route) number: Not in real routing tables IP address range governed by the row Metric for the quality of the route (cost, speed, etc.) Next-hop router that should get the packet next if the row is selected as the best match Route IP Address Range Metric Next-Hop Router 1 2 60.3.x.x 128.171.x.x 9 2 B B 6 IP Routing (cont.) A Routing Decision The router looks at the destination IP address in an arriving packet (in this case, 60.3.47.129). 1. The router determines which rows match (have an IP address range containing the packet’s destination IP address) The router must check ALL rows for possible matches Route IP Address Range Metric Next-Hop Router Arriving Packet 60.3.47.129 1 2 3 60.3.x.x 128.171.x.x 60.3.47.x 9 2 8 B B C Match No Match Match 7 IP Routing (cont.) A Routing Decision 2. After finding all matches, the router then determines the BEST MATCH row 2A. Selects the row with the LONGEST MATCH 60.3.x.x has 16 bits of match 60.3.47.x has 24 bits of match so is a better match 2B. If two or more rows tie for the longest match, router uses the METRIC column value If cost, lowest metric value is best If speed, highest metric value is best Etc. 8 IP Routing (cont.) A Routing Decision 3. After selecting the best-match row, the router sends the packet on to the next-hop router indicated in the best-match row—NextHop Router C in this example. Route IP Address Range Metric Next-Hop Router 1 2 3 60.3.x.x 128.171.x.x 60.3.47.x 9 2 8 B B C Send Packet out to NHR B Best-Match Row 9 Vertical Communication on Routers Router 1 A Packet Decapsulation Frame Internet Layer Process Port 1 DL Port 2 DL Port 3 DL Port 4 DL PHY PHY PHY PHY Notes: A. Router R1 receives frame in Port 1. Port 1 Data Link decapsulates the IP packet. Port 1 Data Link passes packet to internet Layer. 10 Vertical Communication on Routers Router 1 B Internet Layer Process Port 1 DL Port 2 DL Port 3 DL Port 4 DL PHY PHY PHY PHY Packet Encapsulation Frame Router 2 B. Internet layer sends packet out on Port 4. Data Link process on Port 4 encapsulates packet in a DL frame. Data Link process passes frame to Port 4 PHY. 11 Summary Questions (Part 1) How many layers are there in a router? Can a router be a software program? Suppose that Computer 1 sends a message to Computer 2. Assume that there are two routers (R1 and R2) along the route that leads to Computer 2. Assume that a frame from the message is received by R1 in Port 2. Which of the following will happen next? a) b) c) d) The Data Link layer process in Port 1 will de-encapsulate the IP packet from the frame The Physical layer will pass the frame to the Data Link layer process in Port 2 The Data Link layer process in Port 2 will de-encapsulate the IP packet from the frame None of the above 12 IP Addresses Browser Network Packet Webserver Software Packet Route Router User PC (Host) IP Address=128.150.50.9 Webserver (Host) IP Address=139.67.14.57 Host name=eiu.edu 13 IP Address IP is a connectionless protocol IP address is like postal addresses Postal addresses are hierarchical: state, city, postal zone, street, house address IP Addresses have the following hierarchy Network number (tells what network the host is on) Subnet number (tells what segment of network the host is on) Computer number (identifies a particular computer on the segment) Routers look at network part (and segment part for some) to make routing decisions Final router looks at Host part 14 Hierarchical IP Address Network Part (not always 16 bits) Subnet Part (not always 8 bits) Host Part (not always 8 bits) Total always is 32 bits. 139.67.130.13 The Internet EIU Network (139.67) 13 School of Business Subnet (130) Host 13 139.67.130.13 15 IP Address notations IP addresses Are really strings of 32 bits (1s and 0s) Example: 10000000101010100001000100001101 Usually represented by four number segments separated by dots: dotted decimal notation Example: 128.171.17.13 127.18.47.145 127.47.17.47 16 IP Address structure Each IP Address has two main parts: Network Part Local Part Each Organization is given the Network Part by an IP address Registrar (see www.arin.net) For Eastern Illinois University, this is 139.67 All IP Addresses for Eastern’s computers begin with that Network Part IP Address 139.67 American Registry for Internet Numbers 17 Check EIU’s IP registration info IP Address structure Network Parts is 8 to 24 bits long For Eastern, it is 16 bits long 16 bits is only an example Network Part (8 to 24 bits) Local Part Total address is 32 bits, so if the network part is 8 bits, the local part is 24 bits 18 Assigning Parts Most Organizations have multiple segments within the organizational network So, usually Local Part is broken in two parts a Segment Part to represent each segment Remaining Bits are the Host Part, designating a particular computer on that segment Local Part Network Part Segment Part Host Part IP Address (32 bits total) 19 Network classes Question: Determine the number of maximum networks and hosts for each class. Classful IP Addressing Class Leftmost Network Part bits Length Address range Class A 0xxx 8 bits 0.x.x.x to 127.x.x.x Class B 10xx 16 bits 128.0.x.x to 191.255.x.x Class C 110x 24 bits 192.0.0.x to 223.255.255.x # of networks # of host/ network Classless IP Addressing (since 1993) Most networks too big for "class C“. Therefore received a "class B" set of addresses instead. With the rapid growth of the Internet, there is a shortage of class B addresses Classful IP addressing is replaced by Classless IP addressing e.g., instead of a full class B, business gets "a set of /16 20 addresses" IP Address Spoofing IP address spoofing is sending a message with a false IP address with the intent to mislead the receiving device and gain access 1. Trust Relationship Trusted Server 60.168.4.6 Victim Server 60.168.47.47 From: 60.168.4.6 To: 60.168.47.47 2. Spoofed Source IP Address 60.168.4.6 is used. Attacker’s Client PC 1.34.150.37 Reasons for IP spoofing: Anonymity Exploiting trust relationship 21