network layer where we are in the course
play

Network Layer Where we are in the Course Moving on up to the - PowerPoint PPT Presentation

Oct 23, 2022 •230 likes •524 views

Network Layer Where we are in the Course Moving on up to the Network Layer! Application Transport Network Link Physical CSE 461 University of Washington 2 Topics Network service models Datagrams (packets), virtual circuits

  1. Network Layer

  2. Where we are in the Course • Moving on up to the Network Layer! Application Transport Network Link Physical CSE 461 University of Washington 2

  3. Topics • Network service models • Datagrams (packets), virtual circuits • IP (Internet Protocol) • Internetworking • Forwarding (Longest Matching Prefix) • Helpers: ARP and DHCP • Fragmentation and MTU discovery • Errors: ICMP (traceroute!) • IPv6, scaling IP to the world • NAT, and “ middleboxs ” • Routing Algorithms CSE 461 University of Washington 3

  4. Network Address Translation (NAT)

  5. Problem: Internet Growth • Many billions of hosts • And we’re using 32 - bit addresses! CSE 461 University of Washington 5

  6. The End of New IPv4 Addresses • Now running on leftover blocks held by the regional registries; much tighter allocation policies Exhausted ARIN on 4/11 (US, Canada) and 9/12! APNIC (Asia Pacific) ISPs IANA RIPE (All IPs) (Europe) Companies LACNIC (Latin Amer.) Exhausted AfriNIC on 2/11! (Africa) End of the world ? 12/21/12? CSE 461 University of Washington 6

  7. Solution 1: Network Address Translation (NAT) • Basic idea: Map many “Private” IP addresses to one “Public” IP. • Allocate IPs for private use (192.168.x, 10.x) I’m a NAT box too! Internet CSE 461 University of Washington 7

  8. Layering Review • Remember how layering is meant to work? • “Routers don’t look beyond the IP header.” Well … App App Router TCP TCP IP IP IP IP IP IP 802.11 Ethernet Ethernet 802.11 802.11 802.11 CSE 461 University of Washington 8

  9. Middleboxes • Sit “inside the network” but perform “more than IP” processing on packets to add new functionality • NAT box, Firewall / Intrusion Detection System Middlebox App App TCP App / TCP TCP IP IP IP IP IP IP 802.11 Ethernet Ethernet 802.11 802.11 802.11 CSE 461 University of Washington 9

  10. Middleboxes (2) • Advantages • A possible rapid deployment path when no other option • Control over many hosts (IT) • Disadvantages • Breaking layering interferes with connectivity • strange side effects • Poor vantage point for many tasks CSE 461 University of Washington 10

  11. NAT (Network Address Translation) Box • NAT box maps an internal IP to an external IP • Many internal hosts connected using few external addresses • Middlebox that “translates addresses” • Motivated by IP address scarcity • Controversial at first, now accepted CSE 461 University of Washington 11

  12. NAT (2) • Common scenario: • Home computers use “private” IP addresses • NAT (in AP/firewall) connects home to ISP using a single external IP address Unmodified computers at home Looks like one computer outside ISP NAT box 12

  13. How NAT Works • Keeps an internal/external translation table • Typically uses IP address + TCP port • This is address and port translation What host thinks What ISP thinks Internal IP:port External IP : port 192.168.1.12 : 5523 44.25.80.3 : 1500 192.168.1.13 : 1234 44.25.80.3 : 1501 192.168.2.20 : 1234 44.25.80.3 : 1502 • Need ports to make mapping 1-1 since there are fewer external IPs 13

  14. How NAT Works (2) • Internal  External: • Look up and rewrite Source IP/port External Internal Internal IP:port External IP : port destination source 192.168.1.12 : 5523 44.25.80.3 : 1500 IP=X, port=Y Src = Src = NAT box Dst = Dst = CSE 461 University of Washington 14

  15. How NAT Works (3) • External  Internal • Look up and rewrite Destination IP/port External Internal Internal IP:port External IP : port source destination 192.168.1.12 : 5523 44.25.80.3 : 1500 IP=X, port=Y Src = Src = NAT box Dst = Dst = CSE 461 University of Washington 15

  16. How NAT Works (4) • Need to enter translations in the table for it to work • Create external name when host makes a TCP connection External Internal Internal IP:port External IP : port destination source 192.168.1.12 : 5523 IP=X, port=Y Src = Src = NAT box Dst = Dst = CSE 461 University of Washington 16

  17. NAT Downsides • Connectivity has been broken! • Can only send incoming packets after an outgoing connection is set up • Difficult to run servers or peer-to-peer apps (Skype) • Doesn’t work when there are no connections (UDP) • Breaks apps that expose their IP addresses (FTP) CSE 461 University of Washington 17

  18. NAT Upsides • Relieves much IP address pressure • Many home hosts behind NATs • Easy to deploy • Rapidly, and by you alone • Useful functionality • Firewall, helps with privacy • Kinks will get worked out eventually • “NAT Traversal” for incoming traffic CSE 461 University of Washington 18

  19. IPv6

  20. Problem: Internet Growth • Many billions of hosts • And we’re using 32-bit addresses! CSE 461 University of Washington 20

  21. IP Version 6 to the Rescue • Effort started by the IETF in 1994 • Much larger addresses (128 bits) • Many sundry improvements • Became an IETF standard in 1998 • Nothing much happened for a decade • Hampered by deployment issues, and a lack of adoption incentives • Big push ~2011 as exhaustion looms CSE 461 University of Washington 21

  22. IPv6 32 bits • Features large addresses • 128 bits, most of header • New notation • 8 groups of 4 hex digits (16 bits) • Omit leading zeros, groups of zeros Ex: 2001:0db8:0000:0000:0000:ff00:0042:8329  2001:db8 :: ff00:42:8329 CSE 461 University of Washington 22

  23. IPv6 (2) 32 bits • Lots of other changes • Only public addresses • No more NAT! • Streamlined header processing • No checksum (why’s that faster?) • Flow label to group of packets • IPSec by default • Better fit with “advanced” features (mobility, multicasting, security) CSE 461 University of Washington 23

  24. IPv6 Stateless Autoconfiguration (SLAAC) 32 bits • Replaces DHCP (sorta …) • Uses ICMPv6 • Process: • Send broadcast message • Get prefix from router • Attach MAC to router Prefix CSE 461 University of Washington 24

  25. IPv6 Transition • The Big Problem: • How to deploy IPv6? • Fundamentally incompatible with IPv4 • Dozens of approaches proposed • Dual stack (speak IPv4 and IPv6) • Translators (convert packets) • Tunnels (carry IPv6 over IPv4) CSE 461 University of Washington 25

  26. Tunneling • Native IPv6 islands connected via IPv4 • Tunnel carries IPv6 packets across IPv4 network CSE 461 University of Washington 26

  27. Tunneling (2) • Tunnel acts as a single link across IPv4 network Tunnel User User CSE 461 University of Washington 27

  28. Tunneling (3) • Tunnel acts as a single link across IPv4 network • Difficulty is to set up tunnel endpoints and routing Tunnel User User IPv6 IPv6 IPv6 IPv6 IPv6 IPv6 IPv4 IPv4 Link Link Link Link Link Link Native IPv6 Native IPv4 Native IPv6 CSE 461 University of Washington 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 Network Layer Network Layer Recall: Circuit Switching vs. Packet Interplay between routing

1 Network Layer Network Layer Recall: Circuit Switching vs. Packet Interplay between routing

Network Layer Network Layer Chapter 4: Network Layer Mobile network Chapter goals: Global ISP understand principles behind network layer Network Layer services: Home network network layer service models Regional ISP forwarding

550 views • 3 slides
5 Network Layer Network Layer Network Layer Network Layer Example: Choosing among multiple ASes

5 Network Layer Network Layer Network Layer Network Layer Example: Choosing among multiple ASes

Network Layer Network Layer Network Layer Network Layer Network Layer Comparison of LS and DV algorithms Message complexity Robustness: what happens 1 Introduction 5 Routing algorithms if router malfunctions? LS: with n nodes, E

325 views • 4 slides
7 Network Layer Network Layer Network Layer Network Layer Subnets Classful Address

7 Network Layer Network Layer Network Layer Network Layer Subnets Classful Address

Network Layer Network Layer Network Layer Network Layer IP Fragmentation & Reassembly IP Fragmentation and Reassembly network links have MTU length ID fragflag offset (max.transfer size) - largest possible link-level frame.

948 views • 5 slides
4 Network Layer Network Layer Network Layer Network Layer Switching Via Memory Three types of

4 Network Layer Network Layer Network Layer Network Layer Switching Via Memory Three types of

Network Layer Network Layer Network Layer Network Layer Routing Table Aggregation - > 4 billion Forwarding table Longest prefix matching possible entries Prefix Match Link Interface Destination Address Range Link Interface 11001000

288 views • 3 slides
Network Layer Where we are in the Course Moving on up to the Network Layer! Application

Network Layer Where we are in the Course Moving on up to the Network Layer! Application

Network Layer Where we are in the Course Moving on up to the Network Layer! Application Transport Network Link Physical CSE 461 University of Washington 2 Topics Network service models Datagrams (packets), virtual circuits

840 views • 42 slides
Network Layer (Routing) Where we are in the Course Moving on up to the Network Layer!

Network Layer (Routing) Where we are in the Course Moving on up to the Network Layer!

Network Layer (Routing) Where we are in the Course Moving on up to the Network Layer! Application Transport Network Link Physical CSE 461 University of Washington 2 Topics Network service models Datagrams (packets), virtual

757 views • 40 slides
Network layer (IP) Network layer Transport segment from sending to receiving host Network

Network layer (IP) Network layer Transport segment from sending to receiving host Network

Network layer (IP) Network layer Transport segment from sending to receiving host Network layer protocols in every host, router Many historical examples, but only one really matters Network layer functions 1. Connection setup 5.

1.56k views • 113 slides
7 Network Layer Network Layer BGP basics Internet inter-AS routing: BGP when AS2 advertises

7 Network Layer Network Layer BGP basics Internet inter-AS routing: BGP when AS2 advertises

Network Layer Network Layer RIP ( Routing Information Protocol) RIP advertisements distance vectors: exchanged among distance vector algorithm neighbors every 30 sec via Response included in BSD-UNIX Distribution in 1982 Message

746 views • 3 slides
Network Layer Addressing, forwarding, routing Why do we need a Network layer? Cannot afford

Network Layer Addressing, forwarding, routing Why do we need a Network layer? Cannot afford

Network Layer Addressing, forwarding, routing Why do we need a Network layer? Cannot afford to directly connect everyone Why do we need a Network layer? Cannot broadcast all packets globally Network layer functions Addressing A

656 views • 41 slides
Network Layer Part A (IPv6) Network Layer 4-1 Chapter 4: outline 4.1 Overview of Network

Network Layer Part A (IPv6) Network Layer 4-1 Chapter 4: outline 4.1 Overview of Network

Network Layer Part A (IPv6) Network Layer 4-1 Chapter 4: outline 4.1 Overview of Network 4.4 Generalized Forward and layer SDN data plane match control plane action 4.2 What s inside a router OpenFlow examples of

941 views • 55 slides
Network Layer (Routing) Recap: Why do we need a Network layer? Internetworking Need to

Network Layer (Routing) Recap: Why do we need a Network layer? Internetworking Need to

Network Layer (Routing) Recap: Why do we need a Network layer? Internetworking Need to connect different link layer networks Addressing Need a globally unique way to address hosts Routing and forwarding Now Need to

1.56k views • 124 slides
Network Layer Goals: Overview: understand principles last time behind network layer

Network Layer Goals: Overview: understand principles last time behind network layer

Network Layer Goals: Overview: understand principles last time behind network layer network layer services services: virtual circuit and datagram forwarding networks routing (path selection) whats inside a router?

709 views • 24 slides
Network Layer Understand principles behind network layer services: network layer service

Network Layer Understand principles behind network layer services: network layer service

Chapter 4: Network Layer Chapter goals: Network Layer Understand principles behind network layer services: network layer service models CS 3516 Computer Networks CS 3516 Computer Networks forwarding versus routing how a

628 views • 18 slides
1 Transport Layer Transport Layer RTT Estimation RTT Estimation Basic Idea SampleRTT :

1 Transport Layer Transport Layer RTT Estimation RTT Estimation Basic Idea SampleRTT :

Transport Layer Transport Layer Outline Mobile network Transport-layer Connection-oriented Global ISP services transport: TCP Transport Layer Multiplexing and segment structure Home network demultiplexing reliable data

264 views • 5 slides
Chapter 4: Network Layer Chapter goals: understand principles behind network layer services:

Chapter 4: Network Layer Chapter goals: understand principles behind network layer services:

Chapter 4: Network Layer Chapter goals: understand principles behind network layer services: routing (path selection) dealing with scale how a router works instantiation and implementation in the Internet Network Layer 4-1

1.81k views • 103 slides
1 Transport Layer Transport Layer Outline Message, Segment, Datagram Transport-layer

1 Transport Layer Transport Layer Outline Message, Segment, Datagram Transport-layer

Transport Layer Transport Layer Chapter 3: Transport Layer Mobile network Our goals: Global ISP understand principles learn about transport Chapter 3 behind transport layer protocols in the Transport Layer Internet: layer

678 views • 5 slides
1 Overview Introduction DNSSEC mechanisms To authenticate servers (TSIG ) To

1 Overview Introduction DNSSEC mechanisms To authenticate servers (TSIG ) To

Welcome! DNS/DNSSEC Deployment tutorial Champika Wijayatunga <champika@apnic.net> 2 August 2006, Karachi, Pakistan In conjunction with SANOG 8 Background The original DNS protocol wasnt designed with security in mind It has

705 views • 15 slides
Policy Options for Encouraging Membership of an NIR @APNIC 35 Sanjeev Gupta

Policy Options for Encouraging Membership of an NIR @APNIC 35 Sanjeev Gupta

Policy Options for Encouraging Membership of an NIR @APNIC 35 Sanjeev Gupta <sanjeev@dcs1.biz> DCS1 Pte Ltd The standard picture We will see more NIRs in this RIR We now have seven There are other countries big enough to run an

517 views • 14 slides
Towards a Common Java LDAP API Emmanuel Lecharny Apache Directory elecharny@apache.org Ludovic

Towards a Common Java LDAP API Emmanuel Lecharny Apache Directory elecharny@apache.org Ludovic

Towards a Common Java LDAP API Emmanuel Lecharny Apache Directory elecharny@apache.org Ludovic Poitou OpenDS ludovic.poitou@sun.com A poor man's choice: JNDI or JLDAP/Netscape LDAP SDK Good News: Apache Directory Client API OpenDS

678 views • 20 slides
RUN-TIME ATTACK DETECTION IN CRYPTOGRAPHIC APIS Marco Squarcina 1 , joint work with Riccardo

RUN-TIME ATTACK DETECTION IN CRYPTOGRAPHIC APIS Marco Squarcina 1 , joint work with Riccardo

RUN-TIME ATTACK DETECTION IN CRYPTOGRAPHIC APIS Marco Squarcina 1 , joint work with Riccardo Focardi 1 August 23, 2017 1 Universit Ca Foscari Venezia (IT) / Cryptosense (FR) 30th IEEE Computer Security Foundations Symposium (CSF2017) Santa

1.1k views • 46 slides
Assessment, 5-years-on: Major Changes! Al Morton Note: Assessment not equal to

Assessment, 5-years-on: Major Changes! Al Morton Note: Assessment not equal to

Broadband QoS and QoE Assessment, 5-years-on: Major Changes! Al Morton Note: Assessment not equal to Regulation! Outline Turn-back the clock Improved Internet speed tests can enhance QoS and QoE , What were our

393 views • 14 slides
IPv6 The Big Picture Rob Evans, Janet Rob.Evans@ja.net Reminder of IPv4 address allocation

IPv6 The Big Picture Rob Evans, Janet Rob.Evans@ja.net Reminder of IPv4 address allocation

IPv6 The Big Picture Rob Evans, Janet Rob.Evans@ja.net Reminder of IPv4 address allocation Top level: IANA Internet Assigned Numbers Authority Number of IPv4 addresses left: 0 Next level: Regional Internet Registries AFRINIC

168 views • 14 slides
IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o

IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o

IPv6 Address Management The First Five Years 1 #whoami o o www.ernw.de o o https://insinuator.net/tag/ipv6/ o 2 Agenda o o o 3 3 Very Quick Stats (1) Source: http://6lab.cisco.com/stats/cible.php?coun try=DE&option=all 4

1.11k views • 48 slides
Automated Incident No/fica/on Helper Javier Berciano (@jberciano)

Automated Incident No/fica/on Helper Javier Berciano (@jberciano)

Automated Incident No/fica/on Helper Javier Berciano (@jberciano) INTECO-CERT (hDp://cert.inteco.es) INTECO & INTECO-CERT Automated Incident No6fica6on Helper

503 views • 33 slides

More recommend