On the Way to Today`s Internet ARPANET ARPANET
Transcrição
On the Way to Today`s Internet ARPANET ARPANET
Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme On the Way to Today's Internet ARPANET Goal: • Interconnection of computers and networks using uniform protocols Design objective for ARPANET • A particularly important initiative was initiated by the ARPA (Advanced Research Project Agency, with military interests) • The participation of the military was the only sensible way to implement such an ambitious and extremely expensive project • The OSI specification was still in developing phase • The operability of the network should remain intact even after a largest disaster possible, e.g. a nuclear war, thus high connectivity and connectionless transmission • Network computer and host computer are separated ARPA Advanced Research Projects Agency ARPANET 1969 Subnet Result: ARPANET (predecessor of today's Internet) Page 1 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme ARPANET A node consists of • an IMP • a host A subnet consists of: • Interface Message Processors (IMPs), which are connected by leased transmission circuits • High connectivity (in order to guarantee the demanded reliability) The Beginning of ARPANET Stanford Research Institutes (SRI) XDS 940 Host-host Protocol Host Host-IMP Protocol IMP IMP Source IMP to destination IMP protocol IMP IBM 360/75 P -I M IMP tocol pro University of Utah IMP XDS 1-7 Several protocols for the communication between IMP-IMP, host-IMP,… Page 3 DEK PDP-10 IMP University of California Santa Barbara (UCSB) Subnet Chapter 3.2: The Internet Protocol IP Page 2 Chapter 3.2: The Internet Protocol IP California University of California Los Angeles (UCLA) Chapter 3.2: The Internet Protocol IP ARPANET (December 1969) Page 4 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Evolution by ARPANET Interworking Problem: Interworking! Very fast evolution of ARPANET within shortest time: Simultaneously to the ARPANET further (smaller) networks were developed. SRI Utah Illinois WITH All the LANs, MANs, WANs • had different protocols, media,… SRI Utah Illinois USC Stanford • could not be interconnected at first and were not be able to communicate with each another. Harvard Aberdeen WITH UCSB Therefore: UCSB UCLA Harvard UCLA ARPANET in April 1972 USC CMU ARPANET in September 1972 Chapter 3.2: The Internet Protocol IP Page 5 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Development of uniform protocols on the transport- and network level (without a too accurate definition of these levels, in particular without exact coordination with the respective OSI levels). Result: TCP/IP networks. Page 6 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme TCP/IP TCP/IP and the OSI Reference Model Developed 1974: Application Layer Transmission Control Protocol/Internet Protocol (TCP/IP) Application Layer Presentation Layer Requirements: Session Layer • Fault tolerance • Maximal possible reliability and availability • Flexibility (i.e. suitability for applications with very different requirements) Transport Layer Transport Layer (TCP/UDP) Network Layer Internet Layer (IP) Data Link Layer Host-to-Network Layer Physical Layer The result: • Network protocol IP; (Internet Protocol; connectionless) • End-to-end protocols TCP (Transmission Control Protocol; connection-oriented) and UDP (User Datagram Protocol; connectionless) Chapter 3.2: The Internet Protocol IP Page 7 ISO/OSI Chapter 3.2: The Internet Protocol IP TCP/IP Page 8 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme From the ARPANET to the Internet Internet What does it mean: “a computer is connected to the Internet”? • 1983 TCP/IP became the official protocol of ARPANET. ARPANET was connected with many other USA networks. - Use of the TCP/IP protocol suite - Accessibility over an IP address • Intercontinental connecting with networks in Europe, Asia, Pacific. - Ability to send IP packets • The total network evolved this way to a world-wide available network (called “Internet”) and gradually lost its early militarily dominated character. In its early period, the Internet was limited to the following applications: • No central administrated network, but a world-wide union from many individual, different networks under local control (and financing). E-mail • 1990 the Internet consisted of 3,000 networks with 200,000 computers. That was however only the beginning of a rapid evolution. electronic mail (partly because the US post was not very reliable and the different time zones made telephone accessibility of the telephone partner more difficult) Remote login running jobs on external computers File transfer exchange of data between computers Page 9 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Chapter 3.2: The Internet Protocol IP Page 10 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Evolution of the Internet • Until 1990: the Internet was comparatively small, only used by universities and research institutions. • 1990: The WWW (World Wide Web) - first developed by the CERN for the simplification of communication within the field of high-energy physics became, together with HTML and Netscape browsers, a from nobody foreseen “killer application”; this was the breakthrough for the acceptance of the Internet. • Emergence of so-called Internet Service Providers (ISP), i.e. companies, which make their computers available as access points to the Internet. • Millions of new (predominantly non-academic) users! • New applications, e.g. E-Commerce • 1995: Backbones, ten thousands LANs, millions attached computers, exponentially rising number of users • 1998: The number of attached computers is doubled approx. all 6 months • 1999: The transferred data volume is doubled in less than 4 months 200.000.000 180.000.000 160.000.000 140.000.000 120.000.000 100.000.000 80.000.000 60.000.000 40.000.000 20.000.000 0 1.01.1981 1.01.1982 1.01.1983 1.01.1984 1.01.1985 1.01.1986 1.01.1987 1.01.1988 1.01.1989 1.01.1990 1.01.1991 1.01.1992 1.01.1993 1.01.1994 1.01.1995 1.01.1996 1.01.1997 1.01.1998 1.01.1999 1.01.2000 1.01.2001 1.01.2002 1.01.2003 Evolution of the Internet • At mid of 2005: (estimated) 350 million of hosts attached to the Internet Chapter 3.2: The Internet Protocol IP Page 11 Chapter 3.2: The Internet Protocol IP Page 12 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Evolution in Europe Internet and Intranet Internet • Communication via the TCP/IP protocols • Local operators control and finance • Global coordination by some organizations • Internet Providers provide access points for private individuals Intranet • Enterprise-internal communication with the same protocols and applications as in the Internet. Computers are sealed off from the global Internet (data security) Heterogeneous network structures from different branches can be integrated with TCP/IP easily Use of applications like in the WWW for internal data exchange Date Page 13 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme FTP Telnet Sandglass Model SMTP DNS SNMP TFTP Application Layer E-Mail, File Transfer, Video Conferencing, … HTTP, SMTP, FTP, … Protocols Networks Ethernet ICMP Token Ring Transport Layer UDP TCP IGMP Page 14 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme The TCP/IP Protocol Suite HTTP Chapter 3.2: The Internet Protocol IP IP Token Bus ARP RARP Wireless LAN Internet Layer Because of the small number of central protocols but the large number of applications and communication networks, the TCP/IP protocol stack (and applications/networks) can be represented like a sandglass. Host-tonetwork Layer Twisted Pair, Optical Fiber, Radio, … Chapter 3.2: The Internet Protocol IP Page 15 Chapter 3.2: The Internet Protocol IP Page 16 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Internet Layer IP – Internet Protocol Raw division into three tasks: • Data transfer over a global network • Route decision at the sub-nodes • Control of the network or transmission status IP: connectionless, unreliable transmission of datagrams/packets (“Best Effort”) • Transparent end-to-end communication between the hosts • Routing, interoperability between different network types • IP addressing (IPv4): Routing Protocols → → → → Transfer Protocols: IPv4, IPv6 Uses logical 32-bit addresses Hierarchical addressing 3 network classes 4 address formats (including multicast) • Fragmenting and reassembling of packets Routing Tables • Maximum packet size: 64 kByte (in practice: 1500 byte) “Control” Protocols: ICMP, ARP, RARP, IGMP • At present commonly used: Version 4 of IP protocol: IPv4 Page 17 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IP Packet The IP Header (1) 32 Bits (4 Bytes) Version IHL Type of Service Identification Time to Live Page 18 Chapter 3.2: The Internet Protocol IP Protocol DM FF • Version: IP version number (for simultaneous use of several IP versions) Total Length • IHL: IP Header Length (in words of 32 bit; between 5 and 15, depending upon options) Fragment Offset • Type of Service: Indication of the desired service: Combination of reliability (e.g. file transfer) and speed (e.g. audio) Header Checksum IP Header, usually 20 Bytes 3 bit priority (0 = normal data, 7 = control packet) Source Address Destination Address Options (variable, 0-40 Byte) DATA (variable) Chapter 3.2: The Internet Protocol IP Precedence D T R unused Delay Reliability Throughput • Total Length: Length of the entire packet (in byte, ≤ 216-1 = 65535 bytes) Padding • Identification: definite marking of a packet Header • Time to Live (TTL): Lifetime of packets is limited to maximal 255 Hops (endless circling of packets in the network is prevented). In principle, also the processing time in routers is to be considered, which does not happen in practice. The counter is reduced with each hop, with 0 the packet is discarded. Data Page 19 Chapter 3.2: The Internet Protocol IP Page 20 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme The IP Header (2) Fragmentation • DF: Don't Fragment. All routers must forward packets up to a size of 576 byte, everything beyond that is optional. Larger packets with set DF-bit therefore cannot take each possible way in the network. • MF: More Fragments. “1” - further fragments follow. “0” - last fragment of a datagram) • Fragment Offset: Sequence number of the fragments of a packet (213 = 8192 possible fragments). The offset states, at which place of a packet (counted in multiples of 8 byte) a fragment belongs. From this a maximum length of 8192 * 8 byte = 65536 byte results for a packet. • A too large or too small packet length prevents a good performance. Additionally there are often size restrictions (buffer, protocols with length specifications, standards, allowed access time to a channel,…) • The data length must be a multiple of 8 byte. Exception: the last fragment, there only the remaining data are packed, padding to 8 byte units does not take place. • If the “DF”-bit is set, the fragmentation is prevented. Ident. Flags Offset 777 • Protocol: Which transport protocol is used in the data part (UDP, TCP,…)? To which transport process the packet is to be passed on? x00 Data 0 0 1200 bytes IP header • Header Checksum: 1’s complement of the sum of the 16-bit half words of the header. Must be computed with each hop (since TTL changes) 777 x01 777 • Source Address/Destination address: Network and host numbers of sending and receiving computer. This information is used by routers for the routing decision. 511 0 0 x01 64 512 777 x00 128 Chapter 3.2: The Internet Protocol IP Page 21 1200 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme The IP Header (3) IP Addressing Options: Prepare for future protocol extensions. Coverage: Multiple of 4 byte, therefore possibly padding is necessary. At present, 5 options are defined, however none is supported by common routers: • Security: How secret is the transported information? (Application e.g. in military: Avoidance of crossing of certain countries/networks.) • Strict Source Routing: Complete path defined from the source to the destination host by providing the IP addresses of all routers which are crossed. (Use by system managers e.g. in case of damaged routing tables or for time measurements) • Unique IP address for each host and router. • IP addresses are 32 bits long and are used in the Source Address as well as in Destination Address field of IP packets. • The IP address is structured hierarchical and refers to a certain network, i.e. machines with connection to several networks have several IP addresses. • Structure of the address: Network address for physical network (e.g. 137.226.0.0) and host address for a machine in the addressed network (e.g. 137.226.12.221) 32 bits 126 networks with 224 host each (starting from 1.0.0.0) Class • Loose Source Routing: The carried list of routers must be passed in indicated order. Additional routers are permitted. • Record Route: Recording of the IP addresses of the routers passed. (Maximally 9 IP addresses possible, nowadays too few.) • Time Stamp: Records router addresses (32 bits) as well as a time stamp for each router (32 bits). Application e.g. in fault management. Chapter 3.2: The Internet Protocol IP 1024 Page 22 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme 1023 Page 23 A 0 B 10 C 110 D 1110 Multicast address E 1111 Reserved for future use Network 16383 networks with 216 hosts each (starting from 128.0.0.0) Host Network Host Network Chapter 3.2: The Internet Protocol IP Host 2097151 networks (LANs) with 256 hosts each (starting from 192.0.0.0) Page 24 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IP Addresses IP Addresses and Routing 137.226.112.0 137.226.12.0 137.226.12.1 Ziel-IP Anschluss Netzwerkinterface 12.x.x.x 194.52.124.x b 137.226.x.x 142.117.x.x a 142.117.x.x direkt a 194.52.124.x direkt b x.x.x.x default a 137.226.112.1 Router a 137.226.12.21 137.226.112.78 Binary format 10001001 11100010 00001100 00010101 Dotted Decimal Notation 137.226.12.21 194.52.124.0 • Each node has (at least) one world-wide unique IP address • Router or gateways, which link several networks with one another, have for each network an assigned IP address Page 25 Chapter 3.2: The Internet Protocol IP b 142.117.0.0 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme 137.226.0.0 12.0.0.0 Page 26 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IP Addressing - Examples Address Space The representation of the 32-bit addresses is divided into 4 sections of each 8 bits: 6,25% 137.226.12.174 6,25% 10001001 11100010 00001100 10101110 12,50% Class B address of RWTH Aachen Class B address Subnet (Computer science 4) Terminal “Shadow” 50,00% Special addresses: 0 0 0 .............................................................. 0 0 0 This host 0 0 ................. 0 0 Host in this network Host 1 1 1 .............................................................. 1 1 1 Network 127 1 1 1 ................................. 1 1 1 arbitrary Chapter 3.2: The Internet Protocol IP Broadcast in own local area network Klasse Class A Klasse Class B Class C Klasse Class D Klasse Class E Klasse 25,00% Broadcast in the remote network Loop, no sending to the network Page 27 Chapter 3.2: The Internet Protocol IP Page 28 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IP Addresses are scarce… IP Subnets Problem: Class C-networks are very small, Class B-networks often already too large. Therefore exists the possibility of dividing an through the IP-address identified network into so-called subnets. Problems • Nobody had thought about such a strong growth of the Internet (otherwise one would have defined longer addresses from the beginning). • Too many Class A address blocks were assigned in the first Internet years. Examples for subnets: subnet mask 255.255.255.0 • Inefficient use of the address space. Ethernet A 128.10.1.0 Example: if 500 devices in an enterprise are to be attached, a Class B address block is needed, but by this unnecessarily more than 65.000 host addresses are blocked. Solution approach Extension of the address space within IPv6 against the actual version IPv4 ⇒ IP version 6 has 128 bit for addresses ⇒ 7 x 1023 IP addresses per square meter of the earth's surface (including the oceans!) All traffic for 128.10.0.0 Rest of the Internet 128.10.1.3 Router Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Ethernet A Host Ethernet B 128.10.2.0 128.10.2.133 128.10.2.18 128.10.2.3 Ethernet B Host Ethernet B Host But: The success of IPv6 is not by any means safe! (The introduction of IPv6 is tremendously difficult: Interoperability, costs, migration strategies,….) Page 29 Ethernet A Host 128.10.2.1 ⇒ one address per molecule on earth's surface! Chapter 3.2: The Internet Protocol IP 128.10.1.70 128.10.1.26 128.10.1.8 Ethernet A Host Ethernet B Host Page 30 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IP Subnets IP Subnets - Computation of the Destination The entrance router of the RWTH, which receives the IP packet, does not know, where host “12.21” is located. . 12 . 21 137. 226 • Within an IP network address block, several physical networks can be addressed • Some bits of the host address part are used as network ID 0111 1000 10001001 11100010 00001100 • A Subnet mask identifies the „abused” bits IP address AND Class B address Subnet Mask Network 255. Host 255. 00010101 255. 0 1111 1111 1111 1111 1111 1111 0000 0000 11111111111111111111110000000000 Subnet mask 10 Network Subnet Host 137. 226. 12. 0 1000 1001 1110 0010 0000 1100 0000 0000 Network of the addressed host • All hosts of a network should use the same subnet mask • Routers can determine through combination of an IP address and a subnet mask, into which subnet a packet must be sent. Chapter 3.2: The Internet Protocol IP Page 31 The router computes the subnet “137.226.12” and sends the packet to the router, which links this subnet. Chapter 3.2: The Internet Protocol IP Page 32 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Example of a Subnet More flexible Addressing Assigned network address for the RWTH: 137.226.0.0 137.226.12.0 Info IV 137.226.8.0 137.226.112.0 254 hosts per subnet: • Hosts have the addresses 1 – 254 • 0 is reserved for the subnet • 255 is reserved for broadcast in the subnet 137.227.10.0 Subnet mask for each subnet = 255.255.255.0 Problem: static categorization of IP addresses - how to use the very small class C networks efficiently? Remedy: Classless Inter-Domain Routing (CIDR) Weakening of the rigid categorization by replacing the static classes by network prefixes of variable length • Example: 137.250.3/17: The first 17 bits of the IP address are used for the network identification • Used together with routing: Backbone router, e.g. on transatlantic links only considers the first 13 bits; thus small routing tables, little cost of routing decision • Routers of an ISP considers e.g. only the first 15 bits • Routers in company networks consider e.g. the first 25 bits Other format for writing of addresses in subnets: 137.226.12.221/24 Number of bits for “(sub)network address” Chapter 3.2: The Internet Protocol IP Page 33 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme NAT – Network Address Translation NAT Variants • Each internal computer in the Intranet needs an own IP address to communicate with the others. For this purpose, “private” address blocks are reserved, which everyone may use within its own networks and which are never routed in the Internet: • 10.0.0.0 - 10.255.255.255 • 172.16.0.0 - 172.31.255.255 • 192.168.0.0 – 192.168.255.255 NAT is available in several “variants”, known under different names: Basic NAT (also: Static NAT) • Each private IP address is translated into one certain external IP • Either, you need as much external addresses as private ones, otherwise no retranslation is possible when a reply arrives • Or, you manage a pool of external IP addresses and assign one dynamically when a request is sent out • When using addresses of those range, the internal computers can communicate with each other • But: packets with those addresses are not forwarded by a router. Thus: routers, which are attached to the “external world” need a global address • Assign a few IP addresses to a company which are known by a “NAT box” which usually is installed with the router 192.168.0.2 Chapter 3.2: The Internet Protocol IP Currently mapped: 137.226.12.32 192.168.0.2 137.226.12.32 137.226.12.33 192.168.0.5 137.226.12.33 192.168.0.4 137.226.12.34 --- 137.226.12.34 192.168.0.5 137.226.12.35 --- 137.226.12.35 Map to 192.168.0.2 192.168.0.3 192.168.0.3 192.168.0.2 192.168.0.3 Internet 192.168.0.4 Page 35 Private IP Private IP Internet router with NAT box • When data are leaving the own network, an address translation takes place: the NAT box exchanges the private address with a globally valid one • Side effect: hiding of the internal network structure (security) Page 34 Chapter 3.2: The Internet Protocol IP 192.168.0.5 Chapter 3.2: The Internet Protocol IP router with NAT box 192.168.0.4 192.168.0.5 Page 36 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme NAT Variants NAPT – Network Address Port Translation Disadvantages of static NAT: • With static mapping, you need as much official IP addresses as you have computers • With dynamic mapping, you need less official IP addresses, but for times of high traffic you nevertheless need nearly as much addresses as local computers • Those approaches help to hide the network structure, but not to save addresses Hiding NAT (also: NAPT: Network Address Port Translation, Masquerading) • Translate several local addresses into the same external address • Now: some more details are necessary to deliver a response 192.168.0.2 192.168.0.3 router with NAT box destination? to: 137.226.12.32 Internet 192.168.0.4 192.168.0.5 Private IP Map to 192.168.0.2 137.226.12.32 192.168.0.3 137.226.12.32 192.168.0.4 137.226.12.32 192.168.0.5 137.226.12.32 Chapter 3.2: The Internet Protocol IP Protocol Port (local) IP (local) Port (global) IP (global) Page 37 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IP (destination) Port (destination) TCP 1066 10.0.0.1 1066 198.60.42.12 137.226.12.221 21 TCP 1500 10.0.0.7 1500 198.60.42.12 207.17.4.21 80 Page 38 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Problems with NAPT The new IP - IPv6 IPv6 (December 1995, RFC 1883) Publication of the standard (January 1995, RFC 1752) NAPT works well with communication initiated from the Intranet. But: how could someone from outside give a request to the Intranet (e.g. to the webserver)? • NAPT box needs to be a bit more “intelligent” • Some static information has to be stored, e.g. “each incoming request with port 80 has to be mapped to the private address of the webserver” • Still problems with applications like e.g. ICQ • Thus, only more IP addresses really help to solve the problem Specification for IPng (December 1994, RFC 1726) First requirements for IPng (December 1993, RFC 1550) . Simpler structure of the headers More automatism Simpler configuration Performance improvements Migration strategies More security Larger address space IPv4 (September 1981, RFC 791) Chapter 3.2: The Internet Protocol IP Page 39 Chapter 3.2: The Internet Protocol IP Page 40 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IPv6 IPv6 - Characteristics • Address size – 128-bit addresses (8 groups of each 4 hexadecimal numbers) Why changing the protocol, when IPv4 works well? • Improved option mechanism – Simplifies and accelerates the processing of IPv6 packets in routers • Dramatically increasing need for new IP addresses • Auto-configuration of addresses – Dynamic allocation of IPv6-addresses • Improved support of real time applications • Security mechanisms (Authentication and data protection) • Improvement of the address flexibility – Anycast address: Reach any one out of several • Differentiation of types of service, in particular for real time applications • Support of mobility (hosts can go on journeys without address change) • Support of the reservation of resources – Marking of packets for special traffic • Simplification of the protocol in order to ensure a faster processing • Security mechanisms – Authentication and Privacy • Reduction of the extent of the routing tables • Option for further development of the protocol • Simpler header structure: – IHL: redundant, no variable length of header by new option mechanism – Protocol, fragmentation fields: redundant, moved into the options – Checksum: Already done by layer 2 and 4 Page 41 Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Chapter 3.2: The Internet Protocol IP Page 42 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IPv6 Main Header • Version: IP version number • Priority: 4 bits for priority. 1 - News, 4 ftp, 6 - telnet, 8 to 15 - real time traffic • Flow label: virtual connection with certain characteristics/requirements • PayloadLen: packet length after the 40byte header • Next Header: 8-bit selector. Indicates the type of the following extension header (or the transport header) • HopLimit: At each node decremented by one. At zero the packet is discarded • Source Address: The address of the original sender of the packet • Destination Address: The address of the receiver (not necessarily the final destination, if there is an optional routing header) • Next Header/Data: if an extension header is specified, it follows after the main header. Otherwise, the data are following Chapter 3.2: The Internet Protocol IP IPv6 Extension Headers 1 4 Version (4) 16 8 Priority (4) 24 32 Flow label (24) PayloadLen (16) Next Header (8) HopLimit (8) Source Address (128) Optional data follows in extension headers. There are 6 headers defined: • Hop by Hop (information for single links) All routers have to examine this field. Momentarily only the support of Jumbograms (packets exceeding the normal IP packet length) is defined (length specification). • Routing (definition of a full or partly specified route) Destination Address (128) • Fragmentation (administration of fragments) Difference to IPv4: Only the source can do fragmentation. Routers for which a packet is too large, only send an error message back to the source. • Authentication (of the sender) Next Header/Data • Ciphered data • Destination options (additional information for the destination) The prefix of an address characterizes geographical areas, providers, local internal areas,… Page 43 Chapter 3.2: The Internet Protocol IP Page 44 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme IPv4 vs. IPv6: Header 4 VerEn sion 8 IHL 16 Type TypeOF of Service service Identification Time to Live Coexistence of IPv4 and IPv6 32 4 16 VerEn PrioPrio sion rity Totally Total Length length Fragment offset Protocol 8 Flow Flow Label label PayloadLen Header Checksum 32 Next NEXT Header headers Hop Hop Limit limit SOURCE Source ADDRESS Address SOURCE Source ADDRESS Address SOURCE Source ADDRESS Address Destination DestinationADDRESS Address SOURCE Source ADDRESS Address Options Option (variable)/Padding (variable)/Padding SOURCE Source ADDRESS Address DATA Data Destination DestinationADDRESS Address IPv6 cannot be introduced “over night”… for some time both IP variants will be used in parallel. • New network interface card drivers support both versions of IP, thus they are able to communicate with the newer version • But: how to enable two modern IPv6-based hosts to communicate if only an IPv4based network is in between? 1. Header Conversion Router translates an incoming IPv6 packet into a IPv4 packet, receiving router retranslates payload Destination DestinationADDRESS Address IPv6 header payload IPv4 header Destination DestinationADDRESS Address Destination DestinationADDRESS Address IPv6 network NEXT Next Header header/DATA / Data Page 45 Routers which “speak” IPv4 and IPv6 in parallel Chapter 3.2: The Internet Protocol IP Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Virtual Private Network (VPN) 2. Tunneling Router at the entry to the IPv4-based network encapsulate an incoming IPv6 packet into a new IPv4 packet with destination address of the next router also supporting IPv6 • • IPv6 header IPv4 header payload IPv6 header Internet • • mostly IPv4 IPv6 network IPv6 network Page 46 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Coexistence of IPv4 and IPv6 payload IPv6 header mostly IPv4 Chapter 3.2: The Internet Protocol IP IPv6 header payload Internet The IPv6 header is longer, but this is only caused by the longer addresses. Otherwise it is “better sorted” and thus faster to process by routers. payload But: reconstruction of e.g. flow label??? IPv6 “tunnel” through IPv4 By a Virtual Private Network (VPN) a network infrastructure is understood, in which distributed components belonging to one logical private network communicate with one another over a public network (e.g. Internet) VPNs are used frequently for the connection of geographically distributed organizations (Intranet in the Internet) VPNs ensure authenticated access and permit the protection of sensitive data in distributed networks by encryption of data The logical connection between private components over a public network is achieved again by tunneling an IPv4 connection with e.g. IPsecure IPv6 network • More overhead because of two headers for one packet, but no information loss due to header conversion VPN Tunneling is a general concept also used for multicast, VPN, etc: it simply means “pack a whole packet as it is into a new packet of different protocol” Chapter 3.2: The Internet Protocol IP Page 47 Chapter 3.2: The Internet Protocol IP Page 48 Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Tunneling Mechanism Tunneling here: Encapsulate packets into encrypted IP packets, e.g. by using IPsecure. Packets directed to the remote network part by this remain unchanged, but are the payload of an encrypted packet. Chapter 3.2: The Internet Protocol IP Page 49