Download Computer Network Security: Bridging, Routing, and Fragmentation and more Lecture notes Network Design in PDF only on Docsity!
Internetworking
(Bridging, Routing,
fragmentation, segmentation)
Chun-Jen (James) Chung
Arizona State University
Bridging (switching) vs. Routing
• Switches (Bridges) – layer 2 device
- Manage traffic between LANs
- Know only about MAC addresses
- Have no knowledge of larger network topology
- Forwarding : taking a packet from an input and
sending it out on the appropriate output port
• Routers – layer 3 device
- Manage traffic between networks
- Know about global space of network addresses
- Can make better decision based on the knowledge of the network topology
- Routing : building up the tables to determine the correct output for a packet
Modified Routing
R
R
R
R
R
R
R
R
N N N N N N N N Network NextHop 1 – 2 2 3 3 4 2 5 2 …
R1’s routing table
Network NextHop 1 1 2 – 3 1 4 4 5 5 …
R2’s routing table
Network NextHop 1 1 2 1 3 – 4 1 5 1 …
R3’s routing table
Network NextHop 1 2 2 2 3 2 4 – 5 2 …
R4’s routing table
Default Routing within Networks
R
R
R
R
R
R
R
R
N N N N N N N N Network NextHop 1 – 2 2 3 3
R1’s routing table
Network NextHop 1 1 2 – 3 1 4 4 5 5 …
R2’s routing table
Network NextHop 1 1 2 1 3 – 4 1 5 1 …
R3’s routing table
Network NextHop 1 2 2 2 3 2 4 – 5 2 …
R4’s routing table
Static Routing
• route command
• Flags
− U: the route is up
− G: the route is to a gateway/rotuer
− H: the route is to a host
• Metric: the number of hops to the destination.
• Ref: the number of TCP connections currently using this route.
• Use: the number of packets that have passed via this route.
traceroute
• A diagnostic tool for displaying the route (path)
and measuring transit delays of packets across an IP
network.
Routing table vs. Forwarding table
• Routing table
– A data table that lists the routes to
particular network destination.
– Contains information about the
topology of the network around it.
• Forwarding table
– Contains only the routes which are
chosen by the routing algorithm as
preferred routes for packet
forwarding.
Network Next Hop 10 172.16.245. Network iface MAC Address 10 eh1 8:0:2b:e3:b:1:
Routing Table
Forwarding Table
ARP
• Address Resolution Protocol
– Resolving IPv4 addresses to MAC addresses
– Maintaining a cache of mappings
broadcast
ARP Process in a LAN
Courtesy of http://www.highteck.net/EN/Ethernet/Ethernet.html
ARP Process through Router
ARP Issues
• Broadcasts
– Overhead on the media
• Security
– ARP Spoofing (ARP Poisoning)
1. Attacker sends spoofed ARP onto a LAN
2. Associate the attacker’s MAC address with
the IP address of a target (e.g., gateway)
3. Attacker intercepts the packets and forward,
modifies the data before forwarding, or
launches a DOS attack
IP Fragmentation
• Different networks different Maximum Transmission Unit (MTU).
- Ethernet:1500 bytes, FDDI:4352 bytes, IEEE 802.11:7981 bytes
• The sending host or intermediate routers may fragment a datagram.
• The receiving host has responsibility for reassembly based on
- same identification, protocol, source IP and destination IP.
• Flag
- MF=1 (More Frag)
- MF=0 (Last Frag)
- DF=1 (Do not Frag)
- DF=0 (Maybe frag)
Number of 8-byte chunks, not bytes
Dynamic Routing Protocol
• Interior Gateway Protocols (IGP) :
for intra-domain routing
– Distance Vector Protocols
– Link-State Protocols
• Exterior Gateway Protocols (EGP) :
for inter-domain routing
– BGP
Autonomous System (AS)
• A set of routers under a single administrative domain,
- operated within a uniform set of routing policies or common metrics
- using an IGP to route packets within the AS
- using an EGP to route packets to other ASes
• Example Autonomous Systems
- A corporation might be an AS
- A corporation with several different physical sites might be multiple
ASes
- An ISP might be an AS
- An ISP might be multiple ASes