TCP/IP Internetworking
(Part 2)
(February 8, 2016)
© Abdou Illia – Spring 2016
1
Border Router vs. Internal Router
 Border routers connect different networks
 In this case network 192.168.x.x and network 60.x.x.x).
 An “x” indicates anything
Corporate network 192.168.x.x
Subnet 192.168.2.x
Internal
Router
Subnet
192.168.1.x
Border
Router
ISP Network
60.x.x.x
Subnet 192.168.3.x
2
Border Router vs. Internal Router (cont.)
 Internal routers connect different subnets in a
network

In this case, subnets: 192.168.1.x, 192.168.2.x, and
192.168.3.x.
Corporate network 192.168.x.x
Subnet 192.168.2.x
Internal
Router
Subnet
192.168.1.x
Border
Router
ISP Network
60.x.x.x
Subnet 192.168.3.x
3
IP Routing
Router
RoutingA
Router A
Interface
1
Router B
IP Routing
Packet to 60.3.47.129 Interface
2
Network
60.x.x.x
Routing Table for Router A
Matches
IP Address
Next-Hop
Route
Range Metric Router
Router C
Network
1
60.3.x.x
9
B
60.3.x.x
2 128.171.x.x 2
B
3
60.3.47.x
8
C
Host
Host
4
10.5.3.x
6
B
60.3.45.129
60.3.47.129
5 128.171.17.x 2
Local
6 of10.4.3.x
2
C
Because
multiple alternative
routes in router meshes,
routers may have several rows that match an IP address.
Routers must find All matches and then select the BEST ONE.
This is slow and therefore expensive compared to switching.
4
IP Routing (cont.)
 The Routing Table
 Each router has a routing table that it uses to
make routing decisions
 Routing Table Rows


Each row represents a route for a RANGE of IP
addresses—often a network or subnet
All packets with destination addresses in this range
are routed according to that row
Route
IP Address Range
Governed by the route
Metric
Next-Hop
Router
1
60.3.x.x
9
B
5
IP Routing (cont.)
 The Routing Table

Routing Table Columns




Row (route) number: Not in real routing tables
IP address range governed by the row
Metric for the quality of the route (cost, speed, etc.)
Next-hop router that should get the packet next if the
row is selected as the best match
Route
IP Address
Range
Metric
Next-Hop
Router
1
2
60.3.x.x
128.171.x.x
9
2
B
B
6
IP Routing (cont.)
 A Routing Decision
 The router looks at the destination IP address in
an arriving packet (in this case, 60.3.47.129).
 1. The router determines which rows match (have
an IP address range containing the packet’s
destination IP address)

The router must check ALL rows for possible
matches
Route
IP Address
Range
Metric
Next-Hop
Router
Arriving Packet
60.3.47.129
1
2
3
60.3.x.x
128.171.x.x
60.3.47.x
9
2
8
B
B
C
Match
No Match
Match
7
IP Routing (cont.)
 A Routing Decision
 2. After finding all matches, the router then
determines the BEST MATCH row

2A. Selects the row with the LONGEST MATCH
 60.3.x.x has 16 bits of match
 60.3.47.x has 24 bits of match so is a better
match

2B. If two or more rows tie for the longest match,
router uses the METRIC column value
 If cost, lowest metric value is best
 If speed, highest metric value is best
 Etc.
8
IP Routing (cont.)
 A Routing Decision

3. After selecting the best-match row, the
router sends the packet on to the next-hop
router indicated in the best-match row—NextHop Router C in this example.
Route
IP Address
Range
Metric
Next-Hop
Router
1
2
3
60.3.x.x
128.171.x.x
60.3.47.x
9
2
8
B
B
C
Send Packet
out to
NHR B
Best-Match Row
9
Vertical Communication on Routers
Router 1
A
Packet
Decapsulation
Frame
Internet Layer Process
Port 1
DL
Port 2
DL
Port 3
DL
Port 4
DL
PHY
PHY
PHY
PHY
Notes:
A. Router R1 receives frame in Port 1.
Port 1 Data Link decapsulates the IP packet.
Port 1 Data Link passes packet to internet Layer.
10
Vertical Communication on Routers
Router 1
B
Internet Layer Process
Port 1
DL
Port 2
DL
Port 3
DL
Port 4
DL
PHY
PHY
PHY
PHY
Packet
Encapsulation
Frame
Router 2
B. Internet layer sends packet out on Port 4.
Data Link process on Port 4 encapsulates packet in a DL frame.
Data Link process passes frame to Port 4 PHY.
11
Summary Questions (Part 1)
 How many layers are there in a router?
 Can a router be a software program?
 Suppose that Computer 1 sends a message to
Computer 2. Assume that there are two routers (R1
and R2) along the route that leads to Computer 2.
Assume that a frame from the message is received
by R1 in Port 2. Which of the following will happen
next?
a)
b)
c)
d)
The Data Link layer process in Port 1 will de-encapsulate
the IP packet from the frame
The Physical layer will pass the frame to the Data Link
layer process in Port 2
The Data Link layer process in Port 2 will de-encapsulate
the IP packet from the frame
None of the above
12
IP Addresses
Browser
Network
Packet
Webserver
Software
Packet
Route
Router
User PC
(Host)
IP Address=128.150.50.9
Webserver
(Host)
IP Address=139.67.14.57
Host name=eiu.edu
13
IP Address
 IP is a connectionless protocol
 IP address is like postal addresses
 Postal addresses are hierarchical: state, city, postal zone, street, house
address
 IP Addresses have the following hierarchy

Network number (tells what network the host is on)

Subnet number (tells what segment of network the host is on)

Computer number (identifies a particular computer on the segment)
 Routers look at network part (and segment part for some) to make
routing decisions
 Final router looks at Host part
14
Hierarchical IP Address
Network Part (not always 16 bits)
Subnet Part (not always 8 bits)
Host Part (not always 8 bits)
Total always is 32 bits.
139.67.130.13
The Internet
EIU Network
(139.67)
13
School of Business
Subnet
(130)
Host 13
139.67.130.13
15
IP Address notations
 IP addresses

Are really strings of 32 bits (1s and 0s)


Example: 10000000101010100001000100001101
Usually represented by four number segments
separated by dots: dotted decimal notation

Example: 128.171.17.13
127.18.47.145
127.47.17.47
16
IP Address structure
 Each IP Address has two main parts:
Network Part
Local Part
 Each Organization is given the Network Part by
an IP address Registrar (see www.arin.net)
 For Eastern Illinois University, this is 139.67

All IP Addresses for Eastern’s computers begin
with that Network Part
IP Address
139.67
American Registry for Internet Numbers
17
Check EIU’s IP registration info
IP Address structure
 Network Parts is 8 to 24 bits long
 For Eastern, it is 16 bits long

16 bits is only an example
Network Part
(8 to 24 bits)
 Local Part
 Total address is 32 bits, so if the network part is 8 bits, the
local part is 24 bits
18
Assigning Parts
 Most Organizations have multiple segments
within the organizational network
 So, usually Local Part is broken in two parts


a Segment Part to represent each segment
Remaining Bits are the Host Part, designating
a particular computer on that segment
Local Part
Network Part
Segment Part
Host Part
IP Address (32 bits total)
19
Network classes
Question: Determine the number
of maximum networks and hosts
for each class.
 Classful IP Addressing
Class
Leftmost Network Part
bits
Length
Address range
Class A
0xxx
8 bits
0.x.x.x to 127.x.x.x
Class B
10xx
16 bits
128.0.x.x to 191.255.x.x
Class C
110x
24 bits
192.0.0.x to 223.255.255.x
# of
networks
# of host/
network
 Classless IP Addressing (since 1993)
 Most networks too big for "class C“. Therefore received a
"class B" set of addresses instead.
 With the rapid growth of the Internet, there is a shortage
of class B addresses
 Classful IP addressing is replaced by Classless IP
addressing
 e.g., instead of a full class B, business gets "a set of /16
20
addresses"
IP Address Spoofing
 IP address spoofing is sending a message with a false IP address
with the intent to mislead the receiving device and gain access
1. Trust Relationship
Trusted Server
60.168.4.6
Victim Server
60.168.47.47
From: 60.168.4.6
To: 60.168.47.47
2.
Spoofed Source IP Address
60.168.4.6 is used.
Attacker’s Client PC
1.34.150.37
 Reasons for IP spoofing:


Anonymity
Exploiting trust relationship
21