DOC PREVIEW
Rose-Hulman CSSE 432 - Network Layer

This preview shows page 1-2-3-4-5-6 out of 18 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 18 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 18 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 18 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 18 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 18 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 18 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 18 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

12 –NAT ICMP IPv612 NAT, ICMP, IPv6Network Layer4-1Chapter 4Chapter 4Network LayeryC mp t N t kin : A note on the use of these ppt slides:We’re making these slides freely available to all (faculty, students, readers). Computer Networking: A Top Down Approach Featuring the Internet, 3rdedition. gy(y )They’re in PowerPoint form so you can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) in substantially unaltered form, th t ti th i ( ft ll ’d lik l t b k!)Jim Kurose, Keith RossAddison-Wesley, July 2004. that you mention their source (after all, we’d like people to use our book!) If you post any slides in substantially unaltered form on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material.Thanks and enjoy! JFK/KWRNetwork Layer4-2Thanks and enjoy! JFK/KWRAll material copyright 1996-2004J.F Kurose and K.W. Ross, All Rights ReservedNAT: Network Address Translationlocal networkrest of10.0.0.110004(e.g., home network)10.0.0/24Internet10.0.0.210.0.0.4138.76.29.710.0.0.3Datagrams with source or destination in this networkAlldatagrams leavinglocalnetwork have samesingle source destination in this networkhave 10.0.0/24 address for source, destination (as usual)network have samesingle source NAT IP address: 138.76.29.7,different source port numbersNetwork Layer4-3NAT: Network Address Translation Motivation: local network uses just one IP address as far as outside jword is concerned: no need to be allocated range of addresses from ISP: - just one IP address is used for all devices can change addresses of devices in local network without notifying outside world can change ISP without changing addresses of devices in local gggfnetwork devices inside local net not explicitly addressable, visible by outside world (a security plus).(yp) Support more IPv4 hosts by reusing addressesNetwork Layer4-4NAT: Network Address Translation1: host 10.0.0.1 snds dt m t NAT translation tableWAN side addr LAN side addr2: NAT routersends datagram to 128.119.40, 80WAN side addr LAN side addr138.76.29.7, 5001 10.0.0.1, 3345…… ……changes datagramsource addr from10.0.0.1, 3345 to138 76 29 7 500110.0.0.1S: 10.0.0.1, 3345D: 128.119.40.186, 80110004S: 138.76.29.7, 50012138.76.29.7, 5001,updates table10.0.0.210.0.0.4138.76.29.7S: 128.119.40.186, 80 D: 10.0.0.1, 33454D: 128.119.40.186, 802S: 128 119 40 186 80 310.0.0.3S: 128.119.40.186, 80 D: 138.76.29.7, 500133: Reply arrivesdest. address:138 76 29 7 50014: NAT routerchanges datagramdest addr fromNetwork Layer4-5138.76.29.7, 5001138.76.29.7, 5001 to 10.0.0.1, 3345NAT: Network Address TranslationImplementation: NAT router must:outgoing datagrams:replace(source IP address port #) of outgoing datagrams:replace(source IP address, port #) of every outgoing datagram to (NAT IP address, new port #). . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr.remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pairincoming datagrams:replace(NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT tableNetwork Layer4-6Private network addresses (RFC 3330)3330)Addresses cannot appear on the public Internet.Network Layer4-7Circumventing the NAT firewall (if t)(if you must) You may want to run a server behind your NAT router. How do you l t i s t ffi ?let in some traffic? NAT routers have a limited ability to “port forward”, sending all traffic to a given computer on the internal net and bypassing the flow table. For example: Send all Web traffic (port 80) to 192.168.1.3 Send all mail traffic (port 25) to 192.168.1.5Network Layer4-8NAT: Network Address Translation16-bit port-number field: 16bit portnumber field:  60,000 simultaneous connections with a single LAN-side address! NAT is controversial: routers should only process up to layer 3 violates end-to-end argument• NAT possibility must be taken into account by app designers, e.g. P2P applicationsg,g pp address shortage should instead be solved by IPv6Network Layer4-9ICMP: Internet Control Message Protocol (RFC 792)(RFC 792) used by hosts & routers to ll TypeCodedescriptioncommunicate network-level information error reporting: unreachable host network TypeCodedescription0 0 echo reply (ping)3 0 dest. network unreachable3 1 dest host unreachableunreachable host, network, port, protocol echo request/reply (used by ping)3 2 dest protocol unreachable3 3 dest port unreachable3 6 dest network unknown3 7 dest host unknownyp g) network-layer “above” IP: ICMP msgs carried in IP datagrams3 7 dest host unknown4 0 source quench (congestioncontrol - not used)8 0 echo request (ping)90 tdti t ICMP message: type, code plus first 8 bytes of IP datagram causing error9 0 route advertisement10 0 router discovery11 0 TTL expired12 0 bad IP headerNetwork Layer4-10Traceroute and ICMPTraceroute and ICMP Source sends series of  When ICMP message UDP segments to dest First has TTL =1 Second has TTL=2, etc.arrives, source calculates RTT Traceroute does this 3  Unlikely port number When nth datagram arrives to nth router:timesStopping criterion UDP segment eventually  Router discards datagram And sends to source an ICMP messagegyarrives at destination host Destination returns ICMP “port unreachable” packet Message includes name of router& IP addresspp When source gets this ICMP, stops.Network Layer4-11IPv6IPv6 Initial motivation: 32-bit address space soon b l l ll d to be completely allocated.  128-bit addresses Additi l ti tiAdditional motivation: header format helps speed processing/forwardingheader changes to facilitate QoS header changes to facilitate QoS IPv6 datagram format:fixed-length 40 byte headerfixedlength 40 byte headerNetwork Layer4-12IPv6 Header (Cont)IPv6 Header (Cont)Traffic class:identify priority


View Full Document

Rose-Hulman CSSE 432 - Network Layer

Download Network Layer
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Network Layer and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Network Layer 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?