1. Netzwerkgrundlagen - Von Ethernet bis IP
FrOSCon 13 Network Track
Falk Stern, Maximilian Wilhelm
1 / 33

2. Agenda
1. Who's who
2. Models
3. Ethernet
4. IPv4
5. Linux Hands-on
2 / 33

3. Who's who Falk Stern
Full Stack Infrastructure Engineer
IPv6 fanboy
Runs his own Kubernetes cluster in his basement
Consultant @ Profi Engineering Systems AG
Contact
@wrf42
falk@fourecks.de
3 / 33

4. Who's who Maximilian Wilhelm
Networker
OpenSource Hacker
Fanboy of
(Debian) Linux
ifupdown2
Occupation:
By day: Senior Infrastructure Architect, Uni Paderborn
By night: Infrastructure Archmage, Freifunk Hochstift
In between: Freelance Solution Architect for hire
Contact
@BarbarossaTM
max@sdn.clinic
4 / 33

5. Who's who
Models
Layer models - ISO/OSI, TCP/IP & Hybrid
5 / 33

6. Who's who
Models
Layer models - ISO/OSI, TCP/IP & Hybrid
Physical
Wires, Wireless - 802.3 & 802.11 (Bit)
Data Link
Addressing stations on the same physical medium (Ethernet MAC) (Frame)
Network
Adressing stations somewhere in the entire network (IPv4, IPv6) (Packet)
Transport
How to transport data? (Datagram, Segment)
Session, Presentation, Application
Which data to transport? (SSH, IRC, HTTP, etc.)
6 / 33

7. Who's who
Models
Ethernet
Ethernet
7 / 33

8. Who's who
Models
Ethernet
Hardware - What does it look like?
Source: Wikimedia commons
8 / 33

9. Who's who
Models
Ethernet
Ethernet
Developed between 1973 and 1974 at Xerox
Inspired by ALOHAnet, the Packet Radio Network on Hawaii
At first available with 2,94 Mbps, 10 Mbps available commercially since 1980
Further development lead to IEEE standard 802.3 in 1983
CSMA/CD - "Carrier Sense, Multiple Access, Collision Detect"
Ethernet today:
Common access port speed: 1 Gbit/s
Common uplink/server interfaces speed: 10 - 40 Gbit/s
Up to 400-Gbit/s available commercially
Interfaces for copper or multi-mode / single-mode fiber
Preamble SFD
Source
MAC
Address
Destination
MAC
Address
EtherType FCSPayload
Source: Wikimedia Commons
9 / 33

10. Who's who
Models
Ethernet
Ethernet Technology
Repeater
Maximum Segmentlength in on network segment around 100m
Repeater amplify and repeat signals
Extend broadcast domains
Extend collision domains
Bridges
Extend broadcast domains
Limit collision domains
Important Rule: Frames must not be send out on port where they were received
10 / 33

11. Who's who
Models
Ethernet
Ethernet Devices
Hubs
Repeater with many ports
Switches
Bridges with many ports
Three possible actions to happen with any frame:
Forward
Replicate
Drop
11 / 33

12. Who's who
Models
Ethernet
Addresses
Format: AA:BB:CC:DD:EE:FF
Identify stations on the same physical medium
Should to unique (on the medium)
1st octet 2nd octet 3rd octet 4th octet 5th octet 6th octet
6 octets
or
Organisationally Unique
Identifier (OUI)
Network Interface Controller
(NIC) Specific
3 octets 3 octets
b7 b6 b5 b4 b3 b2 b1 b0
8 bits
0:
1:
unicast
multicast
0:
1:
globally unique (OUI enforced)
locally administered
Source: Wikipedia Commons
12 / 33

13. Who's who
Models
Ethernet
Linux command line example
$ ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue
state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s25: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
state DOWN mode DEFAULT group default qlen 1000
link/ether 70:5a:0f:cf:21:f3 brd ff:ff:ff:ff:ff:ff
3: wlo1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq
state UP mode DORMANT group default qlen 1000
link/ether 64:80:99:cf:66:6f brd ff:ff:ff:ff:ff:ff
13 / 33

14. Who's who
Models
Ethernet
Spanning Tree
Protocol for loop prevention within ethernet networks
Create logical tree of network topology based on BPDUs
Will block connections which will produce loops
Only deactivate STP if you really know better
Seriously!
14 / 33

15. Who's who
Models
Ethernet
IPv4
15 / 33

16. Who's who
Models
Ethernet
IPv4
IPv4 Adresses
Identify stations within and beyond subnets
Up to - but not limited to - the Internet
32bit long
Composed of 4 octets
127.0.0.1
94.45.240.1
Subdived into network and host part
What is now known as the Internet started as a research project in the 1970s to
design and develop a set of protocols that could be used with many different
network technologies to provide a seamless, end- to-end facility for
interconnecting a diverse set of end systems.
Source: RFC4632, Section 2
16 / 33

17. Who's who
Models
Ethernet
IPv4
Network Classes (historical!)
Deprecated since 1993 (RFC1519)!!1!
Long live CIDR / VLSM
Correct and complete definition given for historical attribution only!
DO NOT USE IN REAL LIFE ANYMORE! SRSLY!
Class Binary Prefix IP Space Default Mask
A 0... 0.0.0.0 - 127.255.255.255 /8
B 10.. 128.0.0.0 - 191.255.255.255 /16
C 11.. 192.0.0.0 - 223.255.255.255 /24
D 1110 224.0.0.0 - 239.255.255.255
E 1111 240.0.0.0 - 255.255.255.255
17 / 33

18. Who's who
Models
Ethernet
IPv4
Subnetting - CIDR / VLSM
Classless InterDomain Routing
Variable Length Subnet Mask
Introduced in 1993, RFC4632 (original RFC1519)
Prefix Notation -> Number of bits in network part of address
255.255.255.0 == 24 Bit netmask == /24
18 / 33

19. Who's who
Models
Ethernet
IPv4
Pre xes to know/ Private stu
Loopback
127.0.0.0/8
RFC1918 - Private Address Space
10.0.0.0/8, 172.16.0.0/12 und 192.168.0.0/16
RFC3927 - APIPA / Link-Local
169.254.0.0/16
RFC6598 - Shared Address Space (CGN)
100.64.0.0/10
RFC5737 - Documentation prefixes
192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24
RFC8190 - Special-Purpose IP Address Registries
Complete list of special prefixes
19 / 33

20. Who's who
Models
Ethernet
IPv4
ARP - Address Resolution Protocol
Glue between Ethernet and IP
Simple protocol to resolve MAC address of IP peer
Two messages types
who-has
is-at
A B
ARP WHO-HAS 192.168.1.1
192.168.1.1 IS-AT C0:FF:EE:BA:BE:01
A B
20 / 33

21. Who's who
Models
Ethernet
IPv4
Routing
Every device speaking IP has a routing table
German translation according to IBM: "Leitwegtabelle"
Packets are forwarded according to longest prefix match
Default Gateway or Gateway of last resort used if no entry matches
Hot Potato principle
Packets forwarded to next hop w/o knowledge of their routing table
Asymmetric routing
Path to destination and return path don't have to be identical
Routing table of your laptop right now:
Prefix Iface / Next Hop
94.45.240.0/20 wlan0
0.0.0.0/0 94.45.240.1
21 / 33

22. Who's who
Models
Ethernet
IPv4
Source Address Selection
With every routing decision for a locally originated connection a source address is
selected based on the routing table.
Usually the (primary) IP configured on the outgoing interface
May be explicitly set to any IP
For example IP on loopback interface
Prefix Iface / Next Hop Src Address
94.45.240.0/20 wlan0 94.45.242.23
192.168.0.0/24 eth0 192.168.0.42
0.0.0.0/0 94.45.240.1
22 / 33

23. Who's who
Models
Ethernet
IPv4
MTU/MSS
Maximum Transmission Unit
Maximum size of a frame
Usually 1500 Bytes in Ethernet networks
Usually >= 9000 Bytes in service provider backbones (Jumbo Frames)
Maximum Segment Size
Maximum size of a segment which fits into a TCP packet
MTU - 60 Bytes
23 / 33

24. Who's who
Models
Ethernet
IPv4
Where to get IP addresses?
24 / 33

25. Who's who
Models
Ethernet
IPv4
IP delegation hierarchy
Source: Obtaining IPv4 -
Andrew de la Haye - RIPE Regional Meeting 2014
25 / 33

26. Who's who
Models
Ethernet
IPv4
Linux
Network con guration on Linux
26 / 33

27. Who's who
Models
Ethernet
IPv4
Linux
Network con guration on Linux
R.I.P. ifconfig
R.I.P. route
R.I.P. arp
R.I.P. vlan
R.I.P. brctl
R.I.P. tunctl
<Moment of Silence/>
Long live iproute2
27 / 33

28. Who's who
Models
Ethernet
IPv4
Linux
iproute - Networkers Swiss Army Nife
Functions segregated into sub commands
Lazy admin friendly: Commands can be shortend
ip link
Layer2 configuration
Vlans
Bridges
ip addr
Layer3 configuration / IP addresses
ip route
Routing
ip neigh
ARP / ND
28 / 33

29. Who's who
Models
Ethernet
IPv4
Linux
ip link
ip link set { DEVICE | dev DEVICE } [ { up | down } ]
[ promisc { on | off } ]
[ name NEWNAME ]
[ address LLADDR ]
[ mtu MTU ]
[ master DEVICE ]
[ nomaster ]
[...]
ip link show [ DEVICE ]
29 / 33

30. Who's who
Models
Ethernet
IPv4
Linux
ip addr
Usage: ip addr {add|change|replace} IFADDR dev STRING [ LIFETIME ] [...]
ip addr del IFADDR dev STRING
ip addr {show|flush} [ dev STRING ] [ scope SCOPE-ID ]
[ to PREFIX ] [ FLAG-LIST ] [ label PATTERN ]
IFADDR := PREFIX | ADDR peer PREFIX
[ broadcast ADDR ] [ anycast ADDR ]
[ label STRING ] [ scope SCOPE-ID ]
SCOPE-ID := [ host | link | global | NUMBER ]
[...]
30 / 33

31. Who's who
Models
Ethernet
IPv4
Linux
ip route
Usage: ip route { list | flush } SELECTOR
ip route { add | del | change | append | replace } ROUTE
SELECTOR := [ root PREFIX ] [ match PREFIX ] [ exact PREFIX ]
[ table TABLE_ID ] [ proto RTPROTO ] [ type TYPE ] [ scope SCOPE ]
ROUTE := NODE_SPEC [ INFO_SPEC ]
NODE_SPEC := [ TYPE ] PREFIX [ tos TOS ]
[ table TABLE_ID ] [ proto RTPROTO ] [ metric METRIC ]
INFO_SPEC := NH OPTIONS FLAGS [ nexthop NH ]...
NH := [ via ADDRESS ] [ dev STRING ] [ weight NUMBER ] NHFLAGS
[...]
31 / 33

32. Who's who
Models
Ethernet
IPv4
Linux
ip neigh
Usage: ip neigh { add | del | change | replace }
{ ADDR [ lladdr LLADDR ] [ nud STATE ] | proxy ADDR } [ dev DEV ]
ip neigh { show | flush } [ proxy ] [ to PREFIX ] [ dev DEV ] [ nud STATE ]
[ vrf NAME ]
STATE := { permanent | noarp | stale | reachable | none |
incomplete | delay | probe | failed }
32 / 33

33. Who's who
Models
Ethernet
IPv4
Linux
Questions
Questions?
33 / 33