Chapter 5: IP Supporting Protocols

Computer Networks
Chapter 5: IP Supporting Protocols

Ulm University of Applied Sciences
Prof. Dr. F. Steiper

5.1 Address Resolution Protocol (ARP)
•

ARP (Address Resolution Protocol)
4

4

[Ref1] Chapter 5, pages 591-595

Function
–

Used to convert IP addresses of the network layer to MAC addresses
of the data link layer

–

Particularity:
ARP messages are transported directly in data link layer frames!

RARP: Reverse Address Resolution Protocol
–

Determines the IP address for a MAC address

–

Needs an RARP server

–

Forerunner protocol of DHCP (Dynamic Host Configuration Protocol)

–

Important for computers without a hard drive which cannot store
their own IP configuration

Prof. Dr. F. Steiper

Page 2

Computer Networks (CTS2)

5.1 Address Resolution Protocol (ARP)
•

ARP cache
4

Each computer in the LAN establishes an ARP cache table
–

The ARP specification defines the question/answer protocol
which the computer can use to fill/modify this table

–

Entries age according to a configurable time period
→

–

Typically: 3-5 minutes

Purpose:
Reduction of the rate which ARP messages are sent
→ Acceleration of the address resolution process
→

→

Prof. Dr. F. Steiper

Page 3

Computer Networks (CTS2)

5.1 Address Resolution Protocol (ARP)
•

ARP request
4

Example:
–

A node with IP address 172.16.231.12 sends an ARP request to determine the
MAC address of a node with IP address 172.16.231.64:

Prof. Dr. F. Steiper

Page 4

Computer Networks (CTS2)

5.1 Address Resolution Protocol (ARP)
•

ARP reply
4

Example: ARP reply
–

The ARP request is received by all other nodes on the IP subnet

–

Each node checks if its IP address matches the target IP address in the
ARP request. The one with a match sends an ARP response with the required
MAC address:

Prof. Dr. F. Steiper

Page 5

Computer Networks (CTS2)

5.1 Address Resolution Protocol (ARP)
•

ARP cache management
4

Overwriting of existing cache entries
–

Existing cache entries are overwritten by new ARP info
contained in the MAC/IP entries of the ARP message
→

4

Generation of new cache entries
–

4

If “IP address (target)” = IP address of the receiving node, the entries
“IP address (sender)” and “MAC address (sender)” are used to generate
a new cache entry

These rules apply for both ARP requests and replies!
–
–

Gratuitous ARP: An ARP message addressed to 0xff:ff:ff:ff:ff:ff:ff, to effect
changes to cache entries of all hosts in the local network
Misuse by ARP spoofing attacks:
→

4

This occurs independently of the “IP address (target)” entry in the ARP message!

Corruption of the MAC address of the default gateway for all hosts in the local network

Note
–

Most operating systems (e.g. Windows 2000/NT) also overwrite static
ARP cache entries according to the rules stated above!

Prof. Dr. F. Steiper

Page 6

Computer Networks (CTS2)

5.1 Address Resolution Protocol (ARP)
•

ARP: Sending an IP packet from node A to node B via router R
4

Focus on addressing – at IP and MAC addresses
–

Assume A knows B’s IP address

–

Assume A knows IP address of first hop router, R (how?)

–

Assume A knows R’s MAC address (how?)

Prof. Dr. F. Steiper

Page 7

Computer Networks (CTS2)

5.1 Address Resolution Protocol (ARP)
•

ARP: Sending an IP packet from node A to node B via router R…
–

A creates an IP packet with IP source A, destination B

–

A creates a link-layer frame with R’s MAC address as destination;
frame contains A-to-B IP packet

Prof. Dr. F. Steiper

Page 8

Computer Networks (CTS2)

5.1 Address Resolution Protocol (ARP)
•

ARP: Sending an IP packet from node A to node B via router R…
–

Frame sent from A to R

–

Frame received at R, IP packet removed, passed up to IP

Prof. Dr. F. Steiper

Page 9

Computer Networks (CTS2)

5.1 Address Resolution Protocol (ARP)
•

ARP: Sending an IP packet from node A to node B via router R…
–

R forwards the IP packet with IP source A, destination B

–

R creates link-layer frame with B’s MAC address as destination,
→

Frame contains A-to-B IP packet

Prof. Dr. F. Steiper

Page 10

Computer Networks (CTS2)

5.2 Dynamic Host Configuration Protocol (DHCP)
•

DHCP (Dynamic Host Configuration Protocol )
4

4

Dynamically distributes networking parameters
–

The DHCP operates based on the client–server model

–

Enables computers to request IP addresses and
additional networking parameters

Static allocation
–

4

[Ref1] Chapter 4, pages 371-375
[Ref2] Chapter 5, page 470

The server always gives the client a predefined IP address and
assigns further IP configuration parameters

Dynamic allocation
–

The server assigns the client an IP address from a defined IP address
range, for a limited period of time (lease time)

Prof. Dr. F. Steiper

Page 11

Computer Networks (CTS2)

5.2 Dynamic Host Configuration Protocol (DHCP)
•

Network parameters which can be assigned to a client
4

IP address, subnet mask, default gateway address

4

DNS/Time/WINS server address

4

Name of the local DNS domain, …
–

•

Standardized parameter options:
http://www.iana.org/assignments/bootp-dhcp-parameters

Placement in the Internet Protocol Suite
4

Specified in RFC 2131
Works on the application layer
– Uses the UDP protocol

Application

DHCP

Transport

UDP

Internet

IP(IPv4,IPv6)

–

4

Uses UDP port numbers
DHCP server process: Port 67
– DHCP client process: Port 68
–

Prof. Dr. F. Steiper

Page 12

Host-to
Network

Ethernet

Token
Ring

…

Computer Networks (CTS2)

5.2 Dynamic Host Configuration Protocol (DHCP)
•

DHCP sequence
DHCP Client

DHCP Server 1

DHCP Server 2

131.108.3.45

131.108.3.42

DHCP Discover

Discovery phase

Destination IP: 255.255.255.255
Source IP: 0.0.0.0

DHCP Offer

Offer phase

Destination IP: 255.255.255.255
Source IP = IP address of the
server
DHCP Request

Selection phase

Acknowledgment
phase

DHCP Ack

Destination IP: 255.255.255.255
Source IP: 0.0.0.0
Destination IP: 255.255.255.255
Source IP = IP address of the
server

Time

Prof. Dr. F. Steiper

Ethernet segment

Page 13

Computer Networks (CTS2)

5.2 Dynamic Host Configuration Protocol (DHCP)
•

Lease time sequence
4

After 50% of the lease time has elapsed, the DHCP client must
announce its continued interest in the IP address to the DHCP
server
Requires a DHCP Request/DHCP Ack exchange
– The DHCP server receiving the request can renew the lease time
– If the desired DHCP server does not answer, the
DHCP client can continue to use the IP address
–

4

After 87.5% of the lease time, the DHCP client sends a new DCHP
request as a broadcast
–

4

Every DHCP server can now answer this request

If the lease time expires all the same, the DHCP client must release
its IP address and can no longer use it to communicate
–

Problem:
What happens if the client does not behave according to the protocol?

Prof. Dr. F. Steiper

Page 14

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
[Ref1] Chapter 2, pages 156-170
[Ref2] Chapter 7, pages 611-622
4 Directory service which converts host names into IP addresses and vice versa

•

Main task

•

Other services
4

Host aliasing
–
–

4

Mail server aliasing
–
–
–

4

E-mail addresses should be mnemonic (e.g. bob@hotmail.com)
The canonical hostname of the mail server can be rather complicated
(e.g. relay1.west-coast.enterprise.com)
The e-mail application uses an alias to determine the address of the mail server

Load distribution
–
–
–

4

A canonical hostname is assigned multiple alias names
The alias names are also resolved into the IP address of the host

Groups of IP addresses are associated with a canonical hostname
The DNS request is answered with a changing IP addresses from the group in a “round
robin” process
Often used to distribute the load between replicated servers

Telephone number mapping
–
–

A E.164 telephone number is translated into an IP address or other resource information
Convergence of classic telephone service and Internet telephony (Voice over IP)

Prof. Dr. F. Steiper

Page 15

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

Placement in the Internet Protocol Suite
4

Specified in RFCs 1034/1035 and supplementary RFCs
–

Works on the application layer

–

Uses the UDP protocol as standard
If a DNS message does not fit in a UDP datagram, it switches to TCP!
→ TCP can be used for zone transfers between DNS servers
→

4

Port numbers used
–

DNS server: Port 53 (tcp/udp)
Client sends DNS request
with a source port>1023
→ Server answers with source
port 53
→ For server-to-server
communication (zone transfer)
source port=53
→

Service can
be tested with
telnet using
Port 53

Prof. Dr. F. Steiper

Page 16

Application
Transport

DNS
UDP

Internet

Host-to
Network

TCP
IP(IPv4,IPv6)

Ethernet

Token
Ring

…

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

Structure of the DNS namespace
Organizationally assigned
top level domains

Geographically assigned
top level domains

Root domain

“.”

…

net

ibm

com

de

hp

Page 17

…

Top level
domains

Second level
domains

hs-ulm

inf

Prof. Dr. F. Steiper

at

imz

Subdomains

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

DNS root servers
4

http://www.heise.de/newsticker/meldung/32451

Currently there are 13 root servers
–

Almost all servers actually consist of multiple anycast instances
Identical copies of a server with the same IP numbers
→ DNS requests are forwarded to the “next” instance respectively
→

http://www.root-servers.org/
Prof. Dr. F. Steiper

Page 18

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

DNS zones
4

DNS zones are the administration units of the DNS namespace
–

A zone is a subset of
a domain

–

E.g. the domain “hs-ulm”
can own the subdomains
“inf” and “imz”
One zone could contain all
entries from “hs-ulm.de”
and “imz.hs-ulm.de„
→ The other zone contains the entries for “inf.hs-ulm.de”
→

4

A zone is administrated by a authoritative “primary server”
–

Changes to the entries of a zone are only possible via the primary
server

–

The entries for zones are stored in “zone files”

–

An entry in a zone file is called a “resource record”

Prof. Dr. F. Steiper

Page 19

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

DNS resource records
4

The entries in zone files are called resource records (RR)
–

The most important types of resource records:

Prof. Dr. F. Steiper

Page 20

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

DNS server configurations
4

Primary (master) server
The only instance which can modify a zone file
– Authoritative source for all info of a zone;
so can answer requests for zone information “authoritatively”
–

4

Secondary (slave) server
Receives a copy of the complete set of zone files from
the primary server
– It is therefore an authoritative source, like the primary server
– There can be multiple secondary servers for each zone
–

4

Caching-only (forwarder)
Does not provide its own zone info
– Can forward requests to other DNS servers
– Can successfully store name resolutions temporarily and answer
them directly later; it delivers “non-authoritative” answers
–

Prof. Dr. F. Steiper

Page 21

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

Reverse address resolution
4

Used to map an IP address to a “fully qualified domain name (FQDN)”
–

4

Solved by integration of the domain “in-addr.arpa.”

Example:
“35.1.168.192.in-addr.arpa.”

Prof. Dr. F. Steiper

Page 22

IP address:
192.168.1.35

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

Recursive DNS query chain
4

Root name server

Example:
determine IP address
for “gaia.cs.umass.edu”:

3

2
7

Local name server
dns.eurocom.fr
1

8

6

Intermediary nameserver
dns.umass.edu
5

4

Requesting host
surf.eurocom.fr

gaia.cs.umass.edu
Prof. Dr. F. Steiper

Page 23

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

DNS caching
4

Advantage of the recursive DNS query chain
–

All the DNS servers involved learn the result of the name resolution
→

–

Can be used to speed up DNS queries

DNS caching mechanism:
“Captured” information is buffered in local memory
→ If the same query is made again, it can be answered directly
→

–

Problem:
The answers do not come from an authoritative name server
→ The answers might contain outdated data
→ Cache entries must be deleted after a certain period of time;
entries must usually be discarded after a few hours.
→

Prof. Dr. F. Steiper

Page 24

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

Iterative DNS queried chain
4

Example:
determine IP
address for
“r1.rz.fh-hof.de”:

Root name server: “”.“
2
3

4
5

Local name server
dns.xyz.us
1

10

Name server: “de“
6
7
8

Name server: “fh–hof.de“

9

Requesting host
ws1.xyz.us
Name server: “rz.fh-hof.de”

r1.rz.fh-hof.de
Prof. Dr. F. Steiper

Page 25

Computer Networks (CTS2)

5.3 Domain Name Service (DNS)
•

Combined query chains
Root name server

Root servers are queried
iteratively.
Recursive would mean that
the query status would have
to be buffered!

2

Iterative
request

3
4
7

Local Name Server

Intermediary Name Server

dns.eurocom.fr

dns.umass.edu

1

6

8

5

The recursive query chain is
advantageous for cache
management for the
intermediary DNS server
involved.

Requesting host

surf.eurocom.fr

gaia.cs.umass.edu
Prof. Dr. F. Steiper

Page 26

Computer Networks (CTS2)