Agenda Problem: There is more than one network!
Internetworking: IP – Companion Protocol
Internetworking (Bab 4.1) • • • • • • •
Teknologi Jaringan Komputer Johny Moningka (
[email protected])
Basis internetwork Service model & Format Packet Global Address Address Translation: ARP (Bab 4.1.5) Host Configuration: DHCP (Bab 4.1.6) Error Reporting: ICMP (Bab 4.1.7) Virtual Private Networks (Bab 4.1.8)
Fakultas Ilmu Komputer Universitas Indonesia Semester 2003/2004 Versi: 1.01
2
IPv4 Address Translation support
Case: IP & Ethernet
Identifikasi alamat IP host ke LAN physical addresses (i.e alamat Ethernet) Masalah:
App
Hdr
Ethernet: H1 -> R1
H7
H3
IP Datagram Hdr
Paket data yang dikirimkan dalam internetworking Versi: 1.1
IP address diberikan sesuai dengan physical address (encode) Jarang digunakan: sulit untuk penyesuaian dan mapping.
R3
H8 Hdr
Fixed table
Ethernet: R3 -> H8
Terdapat tabel translasi yang disimpan pada suatu “central repository” Tabel didistribusikan melalui central tsb
R1 R4 (point-to-point)
Automatically generated table
R2
Data
5
Data
Hdr
Hard-coded
Network 1 (Ethernet)
Network 2 (Ethernet) Data
Ethernet
Data
4
IP: H1-> H8
Hdr
Data
H2
IP
TCP Segment
Hdr
IP to Physical Address Translation Data
H1
Network
Data
Ethernet Frame
Forwarding IP Packet
IP: H1 -> H8
TCP / UDP
Paket data yang disampaikan dari satu node ke node yang lain (direct, pulsa signal/fisik) Versi: 1.1
Hdr
Transport
Link
Mekanisme: korelasi antara IP address suatu host dengan alamat fisik/hardware network adapter 3
Paket data yang dibuat oleh end-system (host)
Layer
Rute IP dapat melalui berbagai transit jaringan fisik yang berbeda (address berbeda). Data (paket IP) harus disampaikan ke jaringan fisik dimana host tujuan berada Host (tujuan) hanya dapat menerima (mendengar) paket melalui physical address (network adapter/interface)
Data
Versi: 1.1
Hdr
Terdapat protokol khusus (mis. ARP) untuk membangun tabel pada setiap host Update & clean-up: timeout untuk entry tabel.
IP: H1-> H8 (R2 => R4) Versi: 1.1
6
Versi: 1.1
1
Address Resolution Protocol (ARP)
Example
ARP (RFC 826):
H1 akan mengirim paket ke IP address: 150.100.76.22, tapi tidak ada informasi physical address pada tabel ARP.
Sistim menyimpan tabel mapping alamat-alamat IP dan alamat physical Jika (alamat IP tidak berada dalam tabel) Broadcast ARP Request (kemampuan broadcast) Target respond (IP address) => alamat physical Protokol ARP bertugas: inquiry (broadcast) untuk mendapatkan data pasangan alamat IP dan physical address.
H1
H2
H3
H4
150.100.76.20 150.100.76.21 150.100.76.22 150.100.76.23
Setiap node akan meproses broadcast paket ARP dan membandingkan IP (target) dengan IP sendiri
H1: ARP request “what is the MAC address of 150.100.76.22”? H1
H2
H3
Jika sama => ARP response ke node originator request ARP
H4 Figure 8.8
H3: ARP response “My MAC address is 08-00-5A-C5-3B-94” 7
Versi: 1.1
Example: ARP & Default Router
8
Versi: 1.1
ARP Packet Format 0
Source host A first decides whether dest. Host is on the same network
8
16
Hardware type = 1 HLen = 48
PLen = 32
31 ProtocolT ype = 0x0800 Operation
SourceHardwareAddr (bytes 0 – 3)
by comparing the network ids of the 2 addresses
SourceHardwareAddr (bytes 4 – 5) SourceProtocolAddr (bytes 0 – 1)
if yes, find destination’s physical address via ARP, send data if not: ?
SourceProtocolAddr (bytes 2 – 3) TargetHardwareAddr (bytes 0 – 1) TargetHardwareAddr (bytes 2 – 5) TargetProtocolAddr (bytes 0 – 3)
ARP Request Format • HardwareType: type of physical network (e.g., Ethernet) • ProtocolType: type of higher layer protocol (e.g., IP) • HLEN & PLEN: length of physical and protocol addresses • Operation: request or response • Source/Target-Physical/Protocol addresses 9
Versi: 1.1
Agenda
10
Host Configuration Bagaimana host mendapatkan IP address:
Problem: There is more than one network!
Statik: setup (hard coded) oleh network admin.
Internetworking (Bab 4.1) • • • • • • •
11
Versi: 1.1
Menambahkan suatu host baru ke dalam jaringan IP
Basis internetwork Service model & Format Packet Global Address Address Translation: ARP (Bab 4.1.5) Host Configuration: DHCP (Bab 4.1.6) Error Reporting: ICMP (Bab 4.1.7) Virtual Private Networks (Bab 4.1.8)
Informasi apa saja yang diperlukan? (statis) Remember: host sering berpindah, konfigurasi (router) berubah dst => IP address tergantung koneksi dengan jaringan (logical) Tidak dapat disetup oleh “manufacturer” komputer/OS: IP address independent dari komputer. Versi: 1.1
12
Versi: 1.1
2
DHCP Server
Dynamic Host Configuration Protocol (DHCP)
Cara dinamik alokasi IP address untuk otomatisasi pemberian IP address komputer
How does a host find the address of a DHCP server? Host sends a DHCP DISCOVER “limited IP broadcast packet”, with destination address 255.255.255.255 Routers never forward such a packet, so it stays within LAN
Pengelola jaringan (administrator): centralized control untuk distribusi IP address (policy dan setup) Efektif: jaringan yang besar dan dinamis (mis. mobile computer). Perlu server yang menjadi rujukan (DHCP server).
IP Router 255.255.255.255
LAN1
LAN2 DHCP Server
Requesting Host 13
Versi: 1.1
DHCP: Server Response
14
DHCP: request reply DHCP: Dynamic Host Configuration
DHCP server selects a dynamic IP addr. from pool
Protocol: dynamically get address from DHCP server: “plug-and-play”
Maps host’s MAC address to the dynamic IP address Hosts cannot keep dynamic IP addresses indefinitely Timeout/lease by DHCP
host requiring IP addr broadcasts “DHCP discover” msg DHCP server responds with “DHCP offer” msg host requests IP address: “DHCP request” msg DHCP server sends address: “DHCP ack” msg
• 3 days for Windows NT, 8 days for Windows 2000, • Configurable when starting DHCP server
Host must periodically renew lease, otherwise IP address goes back into pool of available addresses
DHCP is implemented as an application-level protocol on top of UDP and IP 15
Versi: 1.1
Agenda
16
Versi: 1.1
Internet Control Message Protocol ICMP is an integral part of the TCP/IP specification (defined in RFC-792)
Problem: There is more than one network! Internetworking (Bab 4.1) • • • • • • •
Versi: 1.1
ftp://ftp.isi.edu/in-notes/rfc792.txt
Basis internetwork Service model & Format Packet Global Address Address Translation: ARP (Bab 4.1.5) Host Configuration: DHCP (Bab 4.1.6) Error Reporting: ICMP (Bab 4.1.7) Virtual Private Networks (Bab 4.1.8)
Why need ICMP? “best effort” does not mean careless IP does not have a means itself to provide feedback information about problems in packet delivery
ICMP is not make IP delivery reliable 17
Versi: 1.1
18
report information or errors only, does not prescribe cures
Versi: 1.1
3
ICMP Message Format (1)
ICMP Message Format (2)
ICMP messages berada di dalam (encapsulated) sebagai data IP datagrams IP-level routing used to move ICMP messages through a network IP uses protocol type = 1 to indicate ICMP payload
TYPE: Type of ICMP message CODE: Used by some types to indicate a specific condition CHECKSUM: Checksum over full message Contents depend on TYPE and CODE 19
Versi: 1.1
Example ICMP Message Types
20
Agenda
Queries
Problem: There is more than one network!
TYPE = 8: Echo request TYPE = 0: Echo reply TYPE = 13: Time stamp request TYPE = 14: Time stamp reply
Internetworking (Bab 4.1) • • • • • • •
Errors TYPE = 3: Destination unreachable • • • •
Versi: 1.1
CODE = 0: Network unreachable CODE = 1: Host unreachable CODE = 2: Protocol unreachable CODE = 3: Port unreachable
Basis internetwork Service model & Format Packet Global Address Address Translation: ARP (Bab 4.1.5) Host Configuration: DHCP (Bab 4.1.6) Error Reporting: ICMP (Bab 4.1.7) Virtual Private Networks (Bab 4.1.8)
TYPE = 11: Time exceeded • CODE = 0: Time-to-live equals 0 in transit 21
Versi: 1.1
Virtual Private Networks
22
Virtual Networks
Goal: mengendalikan koneksi
Contoh:
Konektivitas IP => jaringan publik Bagaimana melindungi/membatasi koneksi ke jaringan yang digunakan bersama?
Prasyarat: memanfaatkan jaringan komputer Internet utk menghubungkan berbagai kantor cabang + kantor pusat => suatu jaringan private (mis. koneksi dan data dilindungi). Solusi: melindung paket IP (asli) => enkapsulasi pada saat di forward dlm jaringan Internet
Virtual Private Network Mekanisme membangun koneksi dengan fitur tambahan (virtual) diatas koneksi IP datagram. Koneksi IP: sebagai jembatan (shared networks) Virtual networks: services baru dengan fitur baru untuk mengontrol koneksi, mislkan keamanan (data disandikan enkripsi) 23
Versi: 1.1
Versi: 1.1
• Membuat “tunnel” (dedicated channel): virtual end-point pada pasangan-pasangan node (routers) dari jaringan lokal di kantor. • IP address dari end-point router menjadi bagian virtual connections tsb => enkapsulai paket IP ke dalam paket IP dgn target address end-point tsb. 24
Versi: 1.1
4
Tunneling
Example: Tunneling
IP Tunnel
R1: 2 physical interface (0: internal, 1: external); 1 virtual (tunnel). R1 proses paket IP tujuan network 2 => enkapsulasi paket IP, dengan alamat R2 (10.0.0.1); => paket IP baru dgn tujuan R2 Forward melalui jaringan internet ke R2 R2 proses paket => strip header IP => IP paket dgn tujuan host di network 2.
Tunnel: membungkus paket ke dalam paket Virtual point-to-point link antar dua pasang node IP (mis. R1 dan R2 => setup virtual tunnel)
Network Network 11
R1
Internetwork Internetwork
Network Network 22
R2
IP Tunnel 10.0.0.1 IP Dest = 2.x IP Payload
IP Dest = 10.0.0.1 IP Dest = 2.x IP Payload
IP Dest = 2.x IP Payload
25
Versi: 1.1
26
Network Number
Next Hop
1
Interface 0
2
Virtual Interface 0
Default
Interface 1
Versi: 1.1
Tunneling Keuntungan Transparent transmission of packets over a heterogeneous network Only need to change relevant routers
Kerugian Increases packet size Processing time needed to encapsulate and unencapsulate packets Management at tunnel-aware routers
27
Versi: 1.1
5
