EC312 Lesson 25: Networks, Protocols, Transmission Objectives: (a) (b) (c) (d) (e) Describe the TCP/IP model, the functions performed by each layer, and the process of encapsulation. Define the function of a protocol. Summarize the principles behind the design of the Internet Protocol. Define the structure of an IP address and define the purpose of network masking. Define the process of routing packets and routers creating tables. You were introduced to the idea and framework of networking in Cyber1, and we used that framework to talk about the protocols of wireless networking, but in this lesson, we will get into the details of the TCP/IP model of networking at the bit level and then be able to compare the Controller Area Networks which we will be delving into for the next four lessons. Because the network is built in virtual layers, this model is the same for wireless or wired networks except at the actual physical layer and data link layers. We will build labs and discuss wired technologies in this section. 1. Layers Recall the OSI layer model and its comparison to the TCP/IP model: Each layer performs only a few specific, well-defined functions. This simplifies the design. For example, in an email scenario, at the application layer the initial message is formatted using it’s application protocol (SMTP) and it is only worried about getting the message delivered to the right application (the email application), then at the transport layer the TCP header is added and segments are formatted to provide correct port addresses and ACK sequences and it only worries that that it arrives correctly in the right sequence. The transport layer does not worry about routing, that is left to the next layer down, the network layer, the IP header and format are added with the source and destination IP addresses to its packets and it doesn’t worry about the framing of the data as bits, it lets the data link portion of the network interface layer use a specific protocol like Ethernet to add its header (MAC addresseshardware addresses, source and destination) and footer (CRC) to create the frames to send. The connectors and cables are specified at the physical layer, which also decides the voltage level of the bits that are transferred over the network. The layers are built, one on top of the next. Each layer performs a service for the layer above it. However, how a layer does its job is not known by the layer above. This permits later modifications. If we decided to try to build one big honking software/hardware contraption that does everything at once (i.e., just put the whole kit and kaboodle into one layer), the resulting mess would be extremely difficult to modify later. Splitting functions into layers simplifies the design. Additionally, it allows us to replace a layer with a different implementation that accomplishes the same task using a different mechanism, without disturbing the other layers. 1 2. Encapsulation So think again… how does a layer do its job? Here's how! At the sending end, each layer puts a header on the message received from the layer above. The header contains information necessary for the protocol to do its job. At the receiving end, each layer strips off the corresponding header and forwards the rest up to the layer above. Transport Layer Network Layer Data-Link Layer Physical Layer The application layer (not shown above) passes its message to the transport layer. The transport layer attaches some number of bits, shown as TCP Header in the picture above and sends this onward to the network layer. The network layer then appends some number of bits, shown as IP Header in the picture above, and so on, down the protocol stack. The destination physical layer removes any syncing bits from the data and passes the result up to the data link layer. The data link layer removes the bits from its Ethernet frame header and footer and uses these bits to implement the data link protocol, checking to see if it matches its MAC address. Then the result is passed to the network layer which removes the bits marked IP and uses these bits to implement the network layer protocol, and so forth until the message finally arrives to the application layer whose protocol knows how to interpret the data. 2 Example Suppose an application entity sends 1024 bytes of data and appends 96 bytes of sequencing data. This message is then sent to the data link layer where the maximum packet size is 256, 32 bytes of which are its header. How many packets will be used? How many total bytes must be transmitted? Solution: 3. Protocols It is important to note that actual communication takes place only between the five layers in the same machine and the physical layers of adjacent machines. In the picture below, the dark black lines signify the only true transfer of data—i.e., the only real communication. Apart from the physical layer, no data are actually directly transferred from layer n on one machine to layer n on the other machine. Instead, each layer passes information/data only to the layer immediately above or below it. In fact, it seems as if each layer is on the left is communicating with its peer layer on the right. This communication is termed virtual communication. A protocol is an agreement or a set of rules governing how a task or process should be carried out. One of the functions of the transport layer is to ensure that data is delivered without errors. The transport layers on both machines might, for example, use the Hamming code to ensure that errors are detected and corrected. In this case, the agreed upon protocol for error detection at the transport layer is the Hamming code. If the transport layer in the machine on the left is using the Hamming code to detect errors, but the machine on the right is using the CRC algorithm to detect errors, communication will not be successful. The peer entities at each layer must agree on the protocol. As another example, one of the functions of the physical layer is to determine how logical 1 and logical 0 are represented. If the physical layer of the machine on the left is representing logical one by +5 volts and logical zero as -5 volts, but the machine on the right is doing just the opposite—representing logical one as -5 volts and logical zero as +5 volts—communication will not be successful. The peer entities at each layer must agree on the protocol. 3 Network Architecture. The set of layers and protocols is termed a network architecture. Protocol Stacks. The protocols used by a system are called the system's protocol stack. Entities at the same layer must use the same protocol, or communication will not be successful Think about how layering helps us in this scenario. We can easily replace a layer with a different implementation that accomplishes the same task using a different mechanism, without disturbing the other layers 4. Layers and protocols for TCP/IP model: The Network Interface Layer is composed of the physical layer and the data link layer The physical layer is concerned with sending bits over a channel: i.e., the mechanical and electrical considerations. Blocks of data at the physical layer are termed bits… so we're not really talking about blocks! The data link layer is concerned with framing the data to be able to pick out the source and destination addresses and type of data. Blocks of data at the data link layer are termed frames. Tasks for the data link layer include: Setting frame boundaries Error control (to make a real link into an error-free link) Link flow control (to stop a fast transmitter from drowning a slow receiver) Control access to shared channels-the Multiple Access Problem The network layer The network layer is concerned with transferring data across a communications network from a source computer to a destination computer. This is the first layer that recognizes the existence of a network. Blocks of data at the network layer are termed packets or datagrams. Tasks for the network layer include: Routing Internetworking-interconnecting distinct networks that use different protocols (different addressing schemes, different packet sizes, etc.) The transport layer Ideally, the transport layer is responsible for the end-to-end transfer of data from a process in the source to a process at the destination, independent of the network. Put another way, ideally the transport layer uses end-toend protocols that do not recognize the existence of an underlying network. Blocks of data at the transport later are termed segments. The application layer The application layer is concerned with general purpose facilities that involve communications: SMTP for email 4 HTTP for accessing the web FTP for file transfer SSH and TELNET for remote log in DNS for directory assistance SNMP for network management Several other functions are also conceptually placed at the application layer: Encoding. For example: Are we using EBCDIC or ASCII? Are we using Big Endian or Little Endian? Encryption Compression Blocks of data at the application layer are termed messages. Practice Problem For the boxes below, fill in the names of the layers for the TCP/IP - 5 layer reference model and then place the appropriate letter in the blank associated with the layer for the proper description of its services. Layer 5 _____ Layer 4 _____ Layer 3 _____ Layer 2 _____ Layer 1 _____ a) Provides a definition of mechanical and electrical standards for communication system b) Concerned with transferring packets across a communication network c) Responsible for end to end transfer of data d) Primary function is to format and transfer files between communication message and the user’s software e) Frames of data are transferred across a single link The Internet Protocol (one of the main protocols at the internet/ network layer) 1. The Kahn/Cerf Protocols A revolutionary solution to the internetworking problem was proposed in the early 70's by Vinton Cerf and Robert Kahn. The two protocols they proposed, later christened the Internet Protocol (IP) and the Transmission Control Protocol (TCP) quickly became the most popular suite of protocols for internetworking and were subsequently adopted as the protocols used by the Internet. 5 These two protocols—IP and TCP—are truly a work of genius. These protocols were intended to allow internetworking for small networks (in 1975 the Internet had a mere 61 nodes). These protocols have successfully scaled to support networks of billions of users. It is estimated that two billion videos are watched on YouTube each day. Trillions of emails are sent each year. Think about all the things you use the Internet for—and then think that it all works because of protocols that were designed in 1975 for a small system, and never intended to scale to large networks. Stated another way: It is amazing that the Internet actually works at all! However, the fact that the Internet uses protocols originally designed to be used on a small network of nerdy academics means that security was never baked into the cake. Security was not needed on a network of 61 nodes, all of whom were friends. With one billion nodes on the network today, well… things are different. The Premises. Kahn and Cerf reasoned that to internetwork efficiently, everyone must agree on three things: A standard for service A global addressing scheme A uniform packet format Regarding the first item above—the standard for service—IP provides connectionless unreliable best-effort packet delivery. Connectionless: Every packet is an independent entity, possibly traveling over different paths from source to destination. Stated another way, there is no network connection that is set up in advance along which all packets will subsequently flow from source to destination. Unreliable: Packets can be lost, delivered out of order, or delivered multiple times; IP will not detect this. Best-effort: There are no guarantees packet delivery will be successful. Basically, IP says: "I'll try, but no guarantees." The standard of service provided by IP can be likened to the Post Office. To see this, suppose that you mail three letters to your family back in Los Angeles, California. Each letter is mailed from the same location in Bancroft Hall. You mail Letter #1 on Monday, Letter #2 on Tuesday and Letter #3 on Wednesday. It is quite possible that the letters follow different routes from Annapolis to Los Angeles. For instance, two of the letters might be delivered on a direct flight, while the third might be placed in a bag that has to change planes in Chicago. Letter delivery is connectionless. It is quite possible that your family receives the letters out of order, perhaps receiving Letter 3 before Letter 2. One of your letters might never be delivered—the Post Office estimates that slightly over 1% of all mail is never delivered to the destination (for varying reasons). Letter delivery is unreliable. Unless you pay a premium, there are no guarantees that a letter you place in the mail will actually be delivered. Letter delivery is provided on a best-effort basis. We now address the other two requirements for internetworking. The global addressing scheme will be discussed below, and the uniform packet format will be discussed last. The IP Address 1. A Software Address: To make a group of networks "appear" to be a single network, we must use a single global addressing scheme for all hosts on all networks. IP assigns to each computer a unique 32-bit IP address. 6 This is a "software address"; it is not a hardware address. To send a packet over a TCP/IP network, we must use the destination's IP address. IP addresses have two parts: a Network ID, which is the same for all hosts on particular network, and Host ID, which is a unique suffix for each individual host on this particular network. Network ID Host ID Same for all computers on a particular network Unique suffix for each individual computer on this particular network 2. Dotted Decimal Notation for Reading IP addresses. Let's momentarily gloss over the separation of the IP address into a Network ID and a Host ID, and simply focus on how the 32-bit address is represented. For historical reasons, IP addresses are expressed as decimal numbers (as opposed to a more sensible hexadecimal scheme). The 32-bit IP address is separated into 8-bit chunks (octets). Each octet is then expressed as a decimal value, separated by periods. This is termed the dotted-decimal notation for IP addresses. For example, to express the IP address 10000001000010010100000111001111 in dotted decimal notation, it is first split into four octets: 10000001 00001001 01000001 11001111 and the four octets are each individually converted to a decimal (base-10) number: 10000001 00001001 129 9 01000001 65 11001111 207 We then write the four decimal numbers separated by periods: the IP address is 129.9.65.207. Example Express each of the following IP addresses in dotted-decimal notation. (a) 00001011 00000010 00000000 00100111 (b) 10000000 10000000 11111111 00000000 Solution: (a) (b) Every computer on the Internet must have a unique IP address. That is, no two devices on the Internet cannot have the same IP address at the same time. In theory, since IP addresses are 32 bits, we have 232 (more than 4 billion) IP addresses available. Thus, in theory, more than 4 billion devices could be simultaneously connected to the Internet. 3. The Network Mask Now, let's revisit the notion that the 32 bits in an IP address are divided into a Network ID and a Host ID. To view the Network ID portion of an IP address, we use a network mask. A network mask (which we will just call a mask, since the context is understood) is a 32-bit number consisting of a string of contiguous 1’s followed by contiguous 0’s, where the ones designate the network bits and the zeroes designate 7 the host bits. The mask can be written in slash notation as well. So /12 can be written as 11111111. 11110000.000000000.00000000 or 255.240.0.0. Example Which of the following can serve as masks? (a) (b) (c) (d) 255.2.0.0 255.255.0.0 255.255.0.23 255.255.64.0 Solution: (a) (b) (c) (d) Example Show that the address 255.254.0.0 is a mask by writing out the address as 32 bits. Solution: Example Write the following masks in slash notation. (a) 255.0.0.0. (b) 255.255.255.0 (c) 255.240.0.0 Solution: (a) (b) (c) Example Write the following masks in dotted decimal notation. (a) /16 (b) /9 Solution: (a) 4. Use of Masks (b) Recall that IP addresses have two parts. Network ID Host ID We design masks so that if we bitwise AND the mask with an IP address, we extract the network ID. 8 For example, suppose we are examining a Navy site that is using a mask of /17. Suppose we see that a host on this network has the IP address: 131.122.220.30. What is the network ID? To solve this problem, we first express the mask as a 32-bit IP address: 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 We then express the IP address as a 32-bit quantity: 1 0 0 0 0 0 1 1 . 0 1 1 1 1 0 1 0 . 1 1 0 1 1 1 0 0 . 0 0 0 1 1 1 1 0 We then bitwise AND the mask with the IP address. Recall the table for the bitwise AND operation: A 0 0 1 1 B 0 1 0 1 A AND B 0 0 0 1 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 1 . 0 1 1 1 1 0 1 0 . 1 1 0 1 1 1 0 0 . 0 0 0 1 1 1 1 0 - - - - - - - - - - - - - - - . - - - - - - - - . - - - - - - - 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 Now, converting the result to dotted decimal notation, we have the network ID: 131.122.128.0 Recall the significance of this network address and the mask: Since the mask was given as /17, every host on this network will have the same first 17 bits in common. The network ID—131.122.128.0—specifies the exact values of these first 17 bits. Thus, every host on this network has an IP address that begins: 1 0 0 0 0 0 1 1 . 0 1 1 1 1 0 1 0 . 1 ... The remaining bits (shown as the three dots above) are used to constitute the host ID. Example Suppose an organization has been given a mask /24. One of its machines has IP address 200.137.34.56. What is the network ID? Solution: Example Suppose an organization has been given a mask /13. One of its machines has IP address 200.137.34.56. What is the network ID? Solution: 9 5. Obtaining an IP Address Each host on the Internet must have a unique IP address. It would be very bad for two (or more) people to have the same IP address. This latter (bad) event is termed an address conflict. So, we must ensure there are no address conflicts. When an organization needs IP addresses, it is given a block of addresses. So… how does an organization get a block of IP addresses to dole out to its hosts? To ensure there are no address conflicts, (i.e., to ensure uniqueness) an organization—the Internet Assigned Numbers Authority (IANA)—gives out network addresses. So…bottom line…when an organization needs IP addresses, it is given a network address (usually from an ISP). The organization then uses the remaining bits in the IP address (corresponding to the host bits) to distribute unique IP addresses to its hosts. Summary of what you need to know: Given that you have a host with address W.X.Y.Z / n determine the number of addresses you have in your block, as well as the first address (i.e., the network address) and last address (i.e., the broadcast address). Example (a) Can more than one organization assign the number 172.18.3.1 to one of its machines? (b) If no, why not? If yes, does this violate the cardinal rule: No two machines on the Internet can have the same IP address at the same time? (c) What happens if I try to launch a packet with the destination address 172.18.3.1 onto the Internet? Solution: (a) (b) (c) Routing If the destination IP address is not in our same network (i.e., if it does not have the same network ID), we cannot directly deliver the IP packet. We must route the IP packet using routers: The source computer sends the IP packet to the first router, who passes the IP packet to the next router, and so forth, until the final router delivers the IP packet to the destination. Routers operate at the network layer; a key network layer functions is routing: choosing an appropriate path for packet flow. 10 2. Routing Tables We route IP packets by using a routing table, which must (somehow) convey the route to the final destination. Each entity—host or router--maintains an IP routing table which provides information on how to reach possible destinations. A host or router consults a routing table when making routing decisions. Consider this naïve proposal for the use of a routing table: Maintain in each entity a routing table which lists every possible destination IP address, and the full path needed from the entity to reach each possible destination. In this scheme, a routing table might have billions of entries (since there might be billions of IP addresses in use at any time), and each of these entries would have multiple pieces of data associated with it (the full route to the destination for this entry in the table). This approach is not practical; the resulting routing tables would be gargantuan. Think of how slow routing would be if the decision on where to send each and every packet required consultation with a table of billions of entries. Moreover, think of the problem of constantly updating these huge tables as IP addresses are reassigned to different hosts throughout the Internet. So, early on, three clever ideas were employed to make routing tables as small as possible. First clever idea: For each destination IP address, only store in the routing table the IP address of the next hop. Second clever idea: Instead of having routing table entries for each and every destination host, store routing table entries for destination networks. Third clever idea: Default Routing So, let's summarize the decisions that are made in routing, and show the form of the routing table. Step 1. A packet shows up at a router X, needing to be routed to its final destination. Step 2. Router X examines the destination's IP address and extracts the network address. In order to extract the network address, the routing table for each network address must have the associated mask. So, a column for the mask is included as the first column in the routing table for Router X, shown below. 11 Figure 22.5 Simplified forwarding module in classless address So, Router X applies the mask in the first line of the table to the destination IP address: igure 22.5 Simplified forwarding module in classless address 22.8 and checks to see if the extracted network ID matches the Network address show on the first line: igure 22.5 Simplified forwarding module in classless address 22.8 If it matches … Joy! … send the packet to the Next-hop address which is on this Interface: gure 22.5 Simplified forwarding module in classless address If it does not match, repeat the process for the second line of the routing table. 12 Example Figure 22.6 Configuration for Example 22.1 The router R1 in the figure below connects the four different networks shown. The four networks connect to the router’s four interfaces, labeled m0, m1, m2 and m3. 180.70.65.128/26 180.70.65.135/26 m3 (a) Why does the router R1 have 4 different IP addresses? Solution: (b) 22.11 How would you verify that the router address 180.70.65.135/26 on the m0 interface is indeed on the network 180.70.65.128/26 ? Solution: (c) Your friend says: "Wait just a minute! The two different networks 180.70.65.128/26 and 180.70.65.192/26 look very similar. Are these really two different networks…i.e., are these really two non-overlapping blocks of addresses?" How would you reply? Solution: (d) Construct the routing table. Table 22.1 Routing table for router R1 in Figure 22.6 /26 We will see later that it is best to order the table by decreasing mask value…but let's proceed. (e) Suppose an IP packet with destination IP address 180.70.65.140 arrives at router R1. Explain how the routing table is used to make a routing decision. Solution: 22.12 13 (f) Suppose an IP packet with destination IP address 201.4.22.35 arrives at router R1. What does it do? Solution: The packet-switching concept showing nodes (routers) in the backbone of the network and the routes they take to send the packets to their destinations. The next layer provides a means for those packets to be collected and sent to the correct application processes. 14