Computer Network Programming

Version
Hdr length
Type of service identification flags
Time to leave protocol
Total length
Fragment offset
Header checksum
32 bit source IP address
32 bit destination IP address
Options (if any)
Data
20 byte
Header

•
Version is 4 (IPv4)
• Header length is the number of 32 bits in the header
• Type of service field is used to assign priorities to the packets
• Total length field is the total length of an IP packet
(max 65535).
• Identification field identifies each IP packet sent. It is used in fragmentation.
• Time-to-live field limits the lifetime of an IP packet
– Each router decrements it.

•
Protocol field is used to demultiplex the incoming packet to the appropriate upper layer: TCP, UDP.
•
Header checksum is calculated over the header to check the integrity of the header.
•
Source IP address is the IP address of the sending machine.
•
Destination IP address is the IP address of the receiving machine.
•
Options field can keep additional information. It is optional.

• IPv4 address space is limited and can not support the ever increasing number of hosts in the Internet in the future.
• IPv4 does not support Quality of Service
• Ipv6 has more clean and efficient header
• IETF developed IPv6 to address these problems
• IPv6 is not globally operational. IPv4 is used in most places. But islands of IPv6 networks exists.

Version
Traffic
Class
Payload length
Flow Label
Next Header
128 bit Source Address
Hop Limit
128 bit Destination Address

•
Version : 6 for IPv6.
• Traffic Class: identifies different classes and priorities
• Flow Label : used by the source to label the packets that makes a stream from source to destination
•
Payload Length : the length of the data portion.
• Next Header : identifies the type of the header that is immediately used after the IPv6 header: TCP, UDP..
•
Hop Limit: decremented by 1 by each router that forwards the packet. If reaches to zero, then the packet is discarded.

Application layer
User process
Transport layer
Network layer ICMP
User process
User process
User process
TCP
IP
UDP
IGMP
User level
Processes
API
Kernel
Link layer
ARP
Hardware
İnterface
Ethernet/PPP/...
RARP
Physical Media (Ethernet cable, serial line, ….)

Applications
(User level
Processes)
Process 1 Process 2
TCP/IP protocols are implemented inside the kernel
Operating System Kernel
Process N
HW

Appl.
Appl.
TCP
Appl.
Appl.
Demultiplexing based on port number in TCP/UDP header
UDP
ICMP IGMP
Demultiplexing based on protocol number in IP header
IP
ARP RARP
Demultiplexing based on frametype in the ethernet header
Ethernet
Driver
Incoming frame

• Two examples of different link layer protocols
• Ethernet
– protocol that is used in local area networks (for example in the network in dormitories and departments
– shared pysical link
– responsible from framing.
– implements a MAC protocol
• PPP
– the protocol that is used over telephone lines/serial lines at your home while getting connected to Internet from home
– dedicated physical link
– no MAC protocol is needed.
– Responsible from framing of IP datagrams (packets) over byte stream oriented serial lines.

Your computer at home
Web Browser
TCP
IP
PPP
Serial line modem
Telephone network
Telephone lines
Bilkent Web Server at the University
Web Server
TCP
IP
Ethernet
Local Area Network at School
ISP router
IP
PPP modem
Bilkent Campus
Router
Ethernet
IP
Wide area connectivity
Internet
Wide area connectivity
ISP: Internet service provider

6 bytes dst address
6 2 src address type
46-1500 bytes data
0800 IP datagram
0806 ARP packet
8035 RARP packet
Dst and Src addresses are 6 bytes MAC addresses. They are globally unique.
Example:
00:0e:63:93:2e:86
4
CRC
MTU (maximum tranferable unit) is 1500 bytes.
IP packet should be fragmented to that size if they are larger than 1500 bytes.

1 1 1
Flag
0x7E
Addr
0xFF control
0x03
2
Protocol
<= 1500 data
2
CRC
1
Flag
0x7E
0021 IP datagram
C021 Link control packet
8021 Network control packet
All occurances of 0x7E is byte stuffed: replaced with 0x7d 0x5e
0x7d is transmitted as 2 byte sequence 0x7d 0x5d.
MTU is 1500, but can be negotiated
Connection oriented protocol: a PPP connection is established before you send data. That is why you are waiting for some time when connecting from home. Dialing time + PPP connection time

• There is an other interface on every computer which is loopback. Its IP address is always 127.0.0.1
• It does not have any hardware attached to it.
• If you send data to this address, data comes back to your computer: so it is loopback.
IP
127.0.0.1/8 loopback ethernet

• You can have multiple network interfaces in your computer: loopback, ethernet interface, token ring interface….
• You will have an IP address and subnet mask configured for each interface.
• Those machines that have more than one physical network interface are called multihomed machines.

You can use ifconfig command to see the configured interfaces in a UNIX machine (ipconfig for WINDOWS). You use the same command to configure/modify the properties of an interface (assign
IP address/subnet mask etc.) ifconfig -a gives all the configured interfaces example: lo0: flags=849<UP,LOOPBACK,RUNNING,MULTICAST> mtu 8232 inet 127.0.0.1 netmask ff000000 le0: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 1500 inet 139.179.21.217 netmask ffffff00 broadcast 139.179.21.255
Two interfaces are configures for this machine: loopback and an ethernet interface. ifconfig le0 gives information only on interface le0.

• netstat command gives information about the network connections that the machine has currently, the routing table content etc. It is a command that displays the content of various network related data structures in the kernel. netstat -nr shows the content of the routing table on that machine
Example: aspendos{korpe}:> netstat -nr
Routing Table:
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
139.179.21.0 139.179.21.217 U 3 924 le0
224.0.0.0 139.179.21.217 U 3 0 le0 default 139.179.21.240 UG 0 851
127.0.0.1 127.0.0.1 UH 0 63282 lo0

129.192.56.10
S Internet
The frames in a LAN are sent to each other using MAC addresses as the identities of the hosts. c
Packets are coming for C (dst IP address = 139.179.10.6)
Router
R
139.179.10.1 IP address of R
00:0e:63:93:2e:86 MAC address of R
LAN(Ethernet)
A B
00:00:20:79:04:14
C
139.179.10.6
D

• When stations in a shared LAN send frames(packets) to eachother, they use the MAC addresses (link layer addresses) as the destination address of the frames
• For example, route R will put the IP packet inside an ethernet frame while sending the packet to host C. the ethernet frame will contain the MAC address of
C as in its dst address field
• When host A (or B etc.) want to send an IP packet to
C, it does the same thing.
• All stations in a LAN talk to eachother using their
MAC addresses.

The IP packets that is send from Router R to C will be (assume the packets are originated at computer S ) like the following:
IP packet will be put into an Ethernet frame:
Ethernet frame that is originated at router R and destined to C
Dst addr Src addr
00:00:20:79:04:14 00:0e:63:93:2e:86
Type
0x800 IP datagram CRC
Other fields of IP hdr
Src address Dst address
129.192.56.10 139.179.10.6
data

• Assume in a LAN a host want to send a frame to the other host on the same LAN.
• How does the sender host knows the
Ethernet address of the receiving host?
• We need an address resolution protocol

A
B
C
R
D E F
A wants to send a frame to E (it can also be router R)
A will build an ethernet frame but it does not know the MAC addres of E.
Address Resolution Protocol (ARP): provides mapping from IP addresses to MAC addresses.

IP Address
ARP RARP
MAC Address
RARP: reverse address resolution protocols.

• Host that want to send a frame, broadcasts an ARP request packet on the LAN
• The broadcast address is ff:ff:ff:ff:ff:ff (this will be the dst address field in ethernet frame)
• The ARP packet contains the IP address that host wants the MAC address for.
• All hosts on the LAN receive the ARP request packet.

• The destination host that has the IP address matching the IP address in the ARP request packet, replies back to the sending host with a ARP replay packet and includes its MAC address in the packet.
• The sending host takes the unicast reply and learns the MAC address of the destination
• Note that the ARP reply is not broadcasted but directly sent to the sender of the ARP request packet.

• When the sender host learns the MAC address of the receiver host, it stores this mapping in its cache (ARP table).
• All subsequent frames that are destined to this host use this MAC address (without invoking the ARP protocol)
• The mapping is stored for some period of time (like 20 minutes) and then deleted.

arp
arp allows you to display and modify (if you are a superuser in UNIX) the ARP table arp -a shows the content of the table aspendos{korpe}:> arp -a
Net to Media Table
Device IP Address Mask Flags Phys Addr
------ -------------------- --------------- ----- --------------le0 hitit 255.255.255.255 00:40:61:00:3e:2a le0 cisco3 255.255.255.255 00:e0:63:93:2e:86 le0 gordion 255.255.255.255 08:00:20:79:04:14 le0 pcmfbe.ef.bilkent.edu.tr 255.255.255.255 00:05:1c:01:d1:28 le0 139.179.54.1 255.255.255.255 00:e0:63:93:2e:86 le0 best.ee.bilkent.edu.tr 255.255.255.255 00:40:61:00:0d:c2 le0 didim.ee.bilkent.edu.tr 255.255.255.255 08:00:20:73:99:b6 le0 ph-mali.bcc.bilkent.edu.tr 255.255.255.255 00:e0:63:93:2e:86 le0 139.179.13.1 255.255.255.255 00:e0:63:93:2e:86 le0 pcscanner 255.255.255.255 00:80:ad:b7:c3:34

Ethernet
Header
ARP request/reply packet format
Ether dst addess
Ether src addess
Ether frame type
Hw type
Prot Type
Hw Size
Proto Size
2
1
1
6
2
2
6 bytes
6
Sender Ether address
4
Sender Sender IP address
6
Target Ether address
Target IP address 4

Frame 5 (42 on wire, 42 captured)
Arrival Time: Feb 19, 2002 22:48:18.612874000
Time delta from previous packet: 1.356006000 seconds
Time relative to first packet: 5.372405000 seconds
Frame Number: 5
Packet Length: 42 bytes
Capture Length: 42 bytes
Ethernet II
Destination: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
Source: 08:00:46:48:43:9f
Host 139.179.137.84 wants to learn the MAC address of the router whose
IP address is 139.179.137.1
Type: ARP (0x0806)
Address Resolution Protocol (request)
Hardware type: Ethernet (0x0001)
Protocol type: IP (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (0x0001)
Sender hardware address: 08:00:46:48:43:9f
Sender protocol address: 139.179.137.84
Target hardware address: 00:00:00:00:00:00
Target protocol address: 139.179.137.1

Frame 6 (60 on wire, 60 captured)
Arrival Time: Feb 19, 2002 22:48:18.613552000
Time delta from previous packet: 0.000678000 seconds
Time relative to first packet: 5.373083000 seconds
Frame Number: 6
Packet Length: 60 bytes
Capture Length: 60 bytes
Ethernet II
Destination: 08:00:46:48:43:9f
Source: 00:e0:63:90:b7:9a (CABLETRO_90:b7:9a)
Type: ARP (0x0806)
Trailer: 00000000000000000000000000000000...
Address Resolution Protocol (reply)
Hardware type: Ethernet (0x0001)
Protocol type: IP (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: reply (0x0002)
Sender hardware address: 00:e0:63:90:b7:9a
Sender protocol address: 139.179.137.1
Target hardware address: 08:00:46:48:43:9f
Target protocol address: 139.179.137.84
Answer comes here

• A diskless system like an X-terminal want to learn its IP address automatically when booted.
• It sends an RARP request, requesting the IP address corresponding to its MAC address.
• A RARP server that keeps all the mapping of MAC addresses to IP addresses replies back with the corresponding IP address for the diskless system

• The diskless system sends the RARP request to the broadcast address. ff:ff:ff:ff:ff:ff
• Only the RARP server replies back and it replies back directly to the diskless system.