Computer Networks
Chapter 5: IP Supporting Protocols
Ulm University of Applied Sciences
Prof. Dr. F. Steiper
5.1 Address Resolution Protocol (ARP)
•
ARP (Address Resolution Protocol)
4
4
[Ref1] Chapter 5, pages 591-595
Function
–
Used to convert IP addresses of the network layer to MAC addresses
of the data link layer
–
Particularity:
ARP messages are transported directly in data link layer frames!
RARP: Reverse Address Resolution Protocol
–
Determines the IP address for a MAC address
–
Needs an RARP server
–
Forerunner protocol of DHCP (Dynamic Host Configuration Protocol)
–
Important for computers without a hard drive which cannot store
their own IP configuration
Prof. Dr. F. Steiper
Page 2
Computer Networks (CTS2)
5.1 Address Resolution Protocol (ARP)
•
ARP cache
4
Each computer in the LAN establishes an ARP cache table
–
The ARP specification defines the question/answer protocol
which the computer can use to fill/modify this table
–
Entries age according to a configurable time period
→
–
Typically: 3-5 minutes
Purpose:
Reduction of the rate which ARP messages are sent
→ Acceleration of the address resolution process
→
→
Prof. Dr. F. Steiper
Page 3
Computer Networks (CTS2)
5.1 Address Resolution Protocol (ARP)
•
ARP request
4
Example:
–
A node with IP address 172.16.231.12 sends an ARP request to determine the
MAC address of a node with IP address 172.16.231.64:
Prof. Dr. F. Steiper
Page 4
Computer Networks (CTS2)
5.1 Address Resolution Protocol (ARP)
•
ARP reply
4
Example: ARP reply
–
The ARP request is received by all other nodes on the IP subnet
–
Each node checks if its IP address matches the target IP address in the
ARP request. The one with a match sends an ARP response with the required
MAC address:
Prof. Dr. F. Steiper
Page 5
Computer Networks (CTS2)
5.1 Address Resolution Protocol (ARP)
•
ARP cache management
4
Overwriting of existing cache entries
–
Existing cache entries are overwritten by new ARP info
contained in the MAC/IP entries of the ARP message
→
4
Generation of new cache entries
–
4
If “IP address (target)” = IP address of the receiving node, the entries
“IP address (sender)” and “MAC address (sender)” are used to generate
a new cache entry
These rules apply for both ARP requests and replies!
–
–
Gratuitous ARP: An ARP message addressed to 0xff:ff:ff:ff:ff:ff:ff, to effect
changes to cache entries of all hosts in the local network
Misuse by ARP spoofing attacks:
→
4
This occurs independently of the “IP address (target)” entry in the ARP message!
Corruption of the MAC address of the default gateway for all hosts in the local network
Note
–
Most operating systems (e.g. Windows 2000/NT) also overwrite static
ARP cache entries according to the rules stated above!
Prof. Dr. F. Steiper
Page 6
Computer Networks (CTS2)
5.1 Address Resolution Protocol (ARP)
•
ARP: Sending an IP packet from node A to node B via router R
4
Focus on addressing – at IP and MAC addresses
–
Assume A knows B’s IP address
–
Assume A knows IP address of first hop router, R (how?)
–
Assume A knows R’s MAC address (how?)
Prof. Dr. F. Steiper
Page 7
Computer Networks (CTS2)
5.1 Address Resolution Protocol (ARP)
•
ARP: Sending an IP packet from node A to node B via router R…
–
A creates an IP packet with IP source A, destination B
–
A creates a link-layer frame with R’s MAC address as destination;
frame contains A-to-B IP packet
Prof. Dr. F. Steiper
Page 8
Computer Networks (CTS2)
5.1 Address Resolution Protocol (ARP)
•
ARP: Sending an IP packet from node A to node B via router R…
–
Frame sent from A to R
–
Frame received at R, IP packet removed, passed up to IP
Prof. Dr. F. Steiper
Page 9
Computer Networks (CTS2)
5.1 Address Resolution Protocol (ARP)
•
ARP: Sending an IP packet from node A to node B via router R…
–
R forwards the IP packet with IP source A, destination B
–
R creates link-layer frame with B’s MAC address as destination,
→
Frame contains A-to-B IP packet
Prof. Dr. F. Steiper
Page 10
Computer Networks (CTS2)
5.2 Dynamic Host Configuration Protocol (DHCP)
•
DHCP (Dynamic Host Configuration Protocol )
4
4
Dynamically distributes networking parameters
–
The DHCP operates based on the client–server model
–
Enables computers to request IP addresses and
additional networking parameters
Static allocation
–
4
[Ref1] Chapter 4, pages 371-375
[Ref2] Chapter 5, page 470
The server always gives the client a predefined IP address and
assigns further IP configuration parameters
Dynamic allocation
–
The server assigns the client an IP address from a defined IP address
range, for a limited period of time (lease time)
Prof. Dr. F. Steiper
Page 11
Computer Networks (CTS2)
5.2 Dynamic Host Configuration Protocol (DHCP)
•
Network parameters which can be assigned to a client
4
IP address, subnet mask, default gateway address
4
DNS/Time/WINS server address
4
Name of the local DNS domain, …
–
•
Standardized parameter options:
http://www.iana.org/assignments/bootp-dhcp-parameters
Placement in the Internet Protocol Suite
4
Specified in RFC 2131
Works on the application layer
– Uses the UDP protocol
Application
DHCP
Transport
UDP
Internet
IP(IPv4,IPv6)
–
4
Uses UDP port numbers
DHCP server process: Port 67
– DHCP client process: Port 68
–
Prof. Dr. F. Steiper
Page 12
Host-to
Network
Ethernet
Token
Ring
…
Computer Networks (CTS2)
5.2 Dynamic Host Configuration Protocol (DHCP)
•
DHCP sequence
DHCP Client
DHCP Server 1
DHCP Server 2
131.108.3.45
131.108.3.42
DHCP Discover
Discovery phase
Destination IP: 255.255.255.255
Source IP: 0.0.0.0
DHCP Offer
Offer phase
Destination IP: 255.255.255.255
Source IP = IP address of the
server
DHCP Request
Selection phase
Acknowledgment
phase
DHCP Ack
Destination IP: 255.255.255.255
Source IP: 0.0.0.0
Destination IP: 255.255.255.255
Source IP = IP address of the
server
Time
Prof. Dr. F. Steiper
Ethernet segment
Page 13
Computer Networks (CTS2)
5.2 Dynamic Host Configuration Protocol (DHCP)
•
Lease time sequence
4
After 50% of the lease time has elapsed, the DHCP client must
announce its continued interest in the IP address to the DHCP
server
Requires a DHCP Request/DHCP Ack exchange
– The DHCP server receiving the request can renew the lease time
– If the desired DHCP server does not answer, the
DHCP client can continue to use the IP address
–
4
After 87.5% of the lease time, the DHCP client sends a new DCHP
request as a broadcast
–
4
Every DHCP server can now answer this request
If the lease time expires all the same, the DHCP client must release
its IP address and can no longer use it to communicate
–
Problem:
What happens if the client does not behave according to the protocol?
Prof. Dr. F. Steiper
Page 14
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
[Ref1] Chapter 2, pages 156-170
[Ref2] Chapter 7, pages 611-622
4 Directory service which converts host names into IP addresses and vice versa
•
Main task
•
Other services
4
Host aliasing
–
–
4
Mail server aliasing
–
–
–
4
E-mail addresses should be mnemonic (e.g. bob@hotmail.com)
The canonical hostname of the mail server can be rather complicated
(e.g. relay1.west-coast.enterprise.com)
The e-mail application uses an alias to determine the address of the mail server
Load distribution
–
–
–
4
A canonical hostname is assigned multiple alias names
The alias names are also resolved into the IP address of the host
Groups of IP addresses are associated with a canonical hostname
The DNS request is answered with a changing IP addresses from the group in a “round
robin” process
Often used to distribute the load between replicated servers
Telephone number mapping
–
–
A E.164 telephone number is translated into an IP address or other resource information
Convergence of classic telephone service and Internet telephony (Voice over IP)
Prof. Dr. F. Steiper
Page 15
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
Placement in the Internet Protocol Suite
4
Specified in RFCs 1034/1035 and supplementary RFCs
–
Works on the application layer
–
Uses the UDP protocol as standard
If a DNS message does not fit in a UDP datagram, it switches to TCP!
→ TCP can be used for zone transfers between DNS servers
→
4
Port numbers used
–
DNS server: Port 53 (tcp/udp)
Client sends DNS request
with a source port>1023
→ Server answers with source
port 53
→ For server-to-server
communication (zone transfer)
source port=53
→
Service can
be tested with
telnet using
Port 53
Prof. Dr. F. Steiper
Page 16
Application
Transport
DNS
UDP
Internet
Host-to
Network
TCP
IP(IPv4,IPv6)
Ethernet
Token
Ring
…
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
Structure of the DNS namespace
Organizationally assigned
top level domains
Geographically assigned
top level domains
Root domain
“.”
…
net
ibm
com
de
hp
Page 17
…
Top level
domains
Second level
domains
hs-ulm
inf
Prof. Dr. F. Steiper
at
imz
Subdomains
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
DNS root servers
4
http://www.heise.de/newsticker/meldung/32451
Currently there are 13 root servers
–
Almost all servers actually consist of multiple anycast instances
Identical copies of a server with the same IP numbers
→ DNS requests are forwarded to the “next” instance respectively
→
http://www.root-servers.org/
Prof. Dr. F. Steiper
Page 18
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
DNS zones
4
DNS zones are the administration units of the DNS namespace
–
A zone is a subset of
a domain
–
E.g. the domain “hs-ulm”
can own the subdomains
“inf” and “imz”
One zone could contain all
entries from “hs-ulm.de”
and “imz.hs-ulm.de„
→ The other zone contains the entries for “inf.hs-ulm.de”
→
4
A zone is administrated by a authoritative “primary server”
–
Changes to the entries of a zone are only possible via the primary
server
–
The entries for zones are stored in “zone files”
–
An entry in a zone file is called a “resource record”
Prof. Dr. F. Steiper
Page 19
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
DNS resource records
4
The entries in zone files are called resource records (RR)
–
The most important types of resource records:
Prof. Dr. F. Steiper
Page 20
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
DNS server configurations
4
Primary (master) server
The only instance which can modify a zone file
– Authoritative source for all info of a zone;
so can answer requests for zone information “authoritatively”
–
4
Secondary (slave) server
Receives a copy of the complete set of zone files from
the primary server
– It is therefore an authoritative source, like the primary server
– There can be multiple secondary servers for each zone
–
4
Caching-only (forwarder)
Does not provide its own zone info
– Can forward requests to other DNS servers
– Can successfully store name resolutions temporarily and answer
them directly later; it delivers “non-authoritative” answers
–
Prof. Dr. F. Steiper
Page 21
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
Reverse address resolution
4
Used to map an IP address to a “fully qualified domain name (FQDN)”
–
4
Solved by integration of the domain “in-addr.arpa.”
Example:
“35.1.168.192.in-addr.arpa.”
Prof. Dr. F. Steiper
Page 22
IP address:
192.168.1.35
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
Recursive DNS query chain
4
Root name server
Example:
determine IP address
for “gaia.cs.umass.edu”:
3
2
7
Local name server
dns.eurocom.fr
1
8
6
Intermediary nameserver
dns.umass.edu
5
4
Requesting host
surf.eurocom.fr
gaia.cs.umass.edu
Prof. Dr. F. Steiper
Page 23
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
DNS caching
4
Advantage of the recursive DNS query chain
–
All the DNS servers involved learn the result of the name resolution
→
–
Can be used to speed up DNS queries
DNS caching mechanism:
“Captured” information is buffered in local memory
→ If the same query is made again, it can be answered directly
→
–
Problem:
The answers do not come from an authoritative name server
→ The answers might contain outdated data
→ Cache entries must be deleted after a certain period of time;
entries must usually be discarded after a few hours.
→
Prof. Dr. F. Steiper
Page 24
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
Iterative DNS queried chain
4
Example:
determine IP
address for
“r1.rz.fh-hof.de”:
Root name server: “”.“
2
3
4
5
Local name server
dns.xyz.us
1
10
Name server: “de“
6
7
8
Name server: “fh–hof.de“
9
Requesting host
ws1.xyz.us
Name server: “rz.fh-hof.de”
r1.rz.fh-hof.de
Prof. Dr. F. Steiper
Page 25
Computer Networks (CTS2)
5.3 Domain Name Service (DNS)
•
Combined query chains
Root name server
Root servers are queried
iteratively.
Recursive would mean that
the query status would have
to be buffered!
2
Iterative
request
3
4
7
Local Name Server
Intermediary Name Server
dns.eurocom.fr
dns.umass.edu
1
6
8
5
The recursive query chain is
advantageous for cache
management for the
intermediary DNS server
involved.
Requesting host
surf.eurocom.fr
gaia.cs.umass.edu
Prof. Dr. F. Steiper
Page 26
Computer Networks (CTS2)