SlideShare a Scribd company logo

DHCP,ARP in networks

Download as PPTX, PDF
S
ssuser15869a

It's all about the networking. It includes DHCP and ARP

Technology
1 of 61
Missing pieces + Putting the pieces together EE 122, Fall 2013 Sylvia Ratnasamy http://inst.eecs.berkeley.edu/~ee122/ Material thanks to Ion Stoica, Scott Shenker, Jennifer Rexford, Nick McKeown, and many other colleagues
Today • Missing pieces – DHCP – ARP • Putting the pieces together – “What happens when I click on a link?” • More missing pieces
Naming • Application layer: URLs and domain names – names “resources” -- hosts, content, program – (recall: mixes the what and where of an object) • Network layer: IP addresses – host’s network location • Link layer: MAC addresses – host identifier • Use all three for end-to-end communication!
Discovery • A host is “born” knowing only its MAC address • Must discover lots of information before it can communicate with a remote host B – what is my IP address? – what is B’s IP address? (remote) – what is B’s MAC address? (if B is local) – what is my first-hop router’s address? (if B is not local) – …
ARP and DHCP • Link layer discovery protocols – “Address Resolution Protocol”, “Dynamic Host Configuration Protocol” – confined to a single local-area network (LAN) – rely on broadcast capability of a LAN Hosts Router
ARP and DHCP • Link layer discovery protocols • Serve two functions – Discovery of local end-hosts • for communication between hosts on the same LAN
ARP and DHCP • Link layer discovery protocols • Serve two functions – Discovery of local end-hosts – Bootstrap communication with remote hosts • what’s my IP address? • who/where is my local DNS server? • who/where is my first hop router?
DHCP • “Dynamic Host Configuration Protocol” – defined in RFC 2131 • A host uses DHCP to discover – its own IP address – its netmask – IP address(es) for its DNS name server(s) – IP address(es) for its first-hop “default” router(s)
DHCP: operation 1. One or more local DHCP servers maintain required information – IP address pool, netmask, DNS servers, etc. – application that listens on UDP port 67
DHCP: operation 1. One or more local DHCP servers maintain required information 2. Client broadcasts a DHCP discovery message – L2 broadcast, to MAC address FF:FF:FF:FF:FF:FF
DHCP: operation 1. One or more local DHCP servers maintain required information 2. Client broadcasts a DHCP discovery message 3. One or more DHCP servers responds with a DHCP “offer” message – proposed IP address for client, lease time – other parameters
DHCP: operation 1. One or more local DHCP servers maintain required information 2. Client broadcasts a DHCP discovery message 3. One or more DHCP servers responds with a DHCP “offer” message 4. Client broadcasts a DHCP request message – specifies which offer it wants – echoes accepted parameters – other DHCP servers learn they were not chosen
DHCP: operation 1. One or more local DHCP servers maintain required information 2. Client broadcasts a DHCP discovery message 3. One or more DHCP servers responds with a DHCP “offer” message 4. Client broadcasts a DHCP request message 5. Selected DHCP server responds with an ACK (DHCP “relay agents” used when the DHCP server isn’t on the same broadcast domain -- see text)
DHCP uses “soft state” • Soft state: if not refreshed, state is forgotten – hard state: allocation is deliberately returned/withdrawn – used to track address allocation in DHCP • Implementation – address allocations are associated with a lease period – server: sets a timer associated with the record of allocation – client: must request a refresh before lease period expires – server: resets timer when a refresh arrives; sends ACK – server: reclaims allocated address when timer expires • Simple, yet robust under failure – state always fixes itself in (small constant of) lease time
Soft state under failure • What happens when host XYZ fails? – refreshes from XYZ stop – server reclaims a.b.c.d after O(lease period) Router XYZ DHCP Server a.b.c.d is mine from (now’, now’+lease) a.b.c.d is XYZ’s from (now, now+c.lease)
Soft state under failure • What happens when server fails? – ACKs from server stop – XYZ releases address after O(lease period); send new request – A new DHCP server can come up from a `cold start’ and we’re back on track in ~lease time Router XYZ DHCP Server a.b.c.d is mine from (now, now+lease) a.b.c.d is XYZ’s from (now, now+c.lease)
Soft state under failure • What happens if the network fails? – refreshes and ACKs don’t get through – XYZ release address; DHCP server reclaims it Router XYZ DHCP Server a.b.c.d is mine from (now, now+lease) a.b.c.d is XYZ’s from (now, now+c.lease)
Router Host Host Host Host DHCP Server Are we there yet? DNS Server What I learnt from DHCP my IP: 1.2.3.48 netmask: 1.2.3.0/24 (255.255.255.0) DNS: 1.2.3.156 router: 1.2.3.19
Sending Packets Over Link-Layer • Link layer only understands MAC addresses – Translate the destination IP address to MAC address – Encapsulate the IP packet inside a link-level frame Router Host Host Host Host DNS 1.2.3.48 1.2.3.156 58-23-D7-FA-20-B0 90-E2-A1-09-66-1B 1.2.3.53 1.2.3.156 IP packet
ARP: Address Resolution Protocol • Every host maintains an ARP table – list of (IP address  MAC address) pairs • Consult the table when sending a packet – Map destination IP address to destination MAC address – Encapsulate the (IP) data packet with MAC header; transmit • But: what if IP address not in the table? – Sender broadcasts: “Who has IP address 1.2.3.156?” – Receiver responds: “MAC address 58-23-D7-FA-20-B0” – Sender caches result in its ARP table
What if the destination is remote? • Look up the MAC address of the first hop router – 1.2.3.48 uses ARP to find MAC address for first-hop router 1.2.3.19 rather than ultimate destination IP address • How does the red host know the destination is not local? – Uses netmask (discovered via DHCP) • How does the red host know about 1.2.3.19? – Also DHCP host host DNS ... host host host ... router router 1.2.3.0/24 (255.255.255.0) 5.6.7.0/24 1.2.3.156 1.2.3.48 1.2.3.19 router
Security Analysis of ARP • Impersonation – Any node that hears request can answer … – … and can say whatever they want • Actual legit receiver never sees a problem – Because even though later packets carry its IP address, its NIC doesn’t capture them since not its MAC address
Steps in Sending a Packet What do hosts need to know? And how do they find out?
Steps in reaching a Host • First look up destination’s IP address • Need to know where local DNS server is – DHCP • Also needs to know its own IP address – DHCP
Sending a Packet • On same subnet: – Use MAC address of destination. – ARP • On some other subnet: – Use MAC address of first-hop router. – DHCP + ARP • And how can a host tell whether destination is on same or other subnet? – Use the netmask – DHCP
Example: A Sending a Packet to B How does host A send an IP packet to host B? A R B
Example: A Sending a Packet to B A R B 1. A sends packet to R. 2. R sends packet to B.
28 Host A Decides to Send Through R A R B • Host A constructs an IP packet to send to B – Source 111.111.111.111, destination 222.222.222.222 • Host A has a gateway router R – Used to reach destinations outside of 111.111.111.0/24 – Address 111.111.111.110 for R learned via DHCP
29 Host A Sends Packet Through R • Host A learns the MAC address of R’s interface – ARP request: broadcast request for 111.111.111.110 – ARP response: R responds with E6-E9-00-17-BB-4B • Host A encapsulates the packet and sends to R A R B
30 R Decides how to Forward Packet • Router R’s adapter receives the packet – R extracts the IP packet from the Ethernet frame – R sees the IP packet is destined to 222.222.222.222 • Router R consults its forwarding table – Packet matches 222.222.222.0/24 via other adapter (port) A R B Two points: • Routing table points to this port • Destination address is within mask of port’s address (i.e., local)
31 R Sends Packet to B • Router R’s learns the MAC address of host B – ARP request: broadcast request for 222.222.222.222 – ARP response: B responds with 49-BD-D2-C7-56-2A • Router R encapsulates the packet and sends to B A R B
Key Ideas in Both ARP and DHCP • Broadcasting: used for initial bootstrap • Caching: remember the past for a while – Store the information you learn to reduce overhead – Remember your own address & other host’s addresses – Key optimization for performance • Soft state: eventually forget the past – Associate a time-to-live field with the information – … and either refresh or discard the information – Key for robustness
Discovery mechanisms We’ve seen two broad approaches – Broadcast (ARP, DHCP) • flooding doesn’t scale • no centralized point of failure • zero configuration – Directory service (DNS) • no flooding • root of the directory is vulnerable (caching is key) • needs configuration to bootstrap (local, root servers, etc.) Can we get the best of both? – Internet-scale yet zero config?
• Are we there yet? – Yes!
Putting the pieces together • Assume: `cold start’ -- nothing cached anywhere • Assume: yourDNS on a different subnet from yourDHCP • Ignore intra- and interdomain routing protocols Google’s datacenter Dorm You yourDHCP UCB yourDNS R router Count the number of protocols that come into play! Walk through the steps required to download www.google.com/index.html from your laptop
Step 1: Self discovery • You use DHCP to discover bootstrap parameters – your IP addr (u.u.u.u) – your DNS server’s IP (u.dns.ip.addr) – R’s IP address (r.r.r.r) – .. • Exchange between you and yourDHCP • Protocol count = 4 Dorm You yourDHCP R router Ethernet UDP DHCP IP
Next… • You are ready to contact www.google.com  need an IP address for www.google.com  need to ask google’s DNS server  need to ask my DNS server to ask google’s DNS…  I know my DNS server’s IP addr is u.dns.ip.addr  create a packet to send… Ethernet UDP DNS IP destination MAC? source: u.u.u..u dst: u.dns.ip.addr
Step 2: Getting out the door • You use ARP to discover the MAC address of R • Exchange between you and R • Protocol count = 5 Dorm You yourDHCP R router Ethernet ARP dst MAC?
Step 3: Send a DNS request • Exchange between you and yourDNS • Now ready to send that packet • Protocol count = 6 Ethernet UDP DNS IP source: u.u.u..u dst: u.dns.ip.addr R’s MAC You UCB yourDNS R router
Step 4: yourDNS does its thing • yourDNS resolves www.google.com • Protocol count = 6 yourDNS root name server top-level name server google’s name server www.google.com’s IP address is g.g.g.g You
Google’s datacenter You UCB R Step 5: Getting the content (at last) • Exchange between you and google’s server at g.g.g.g Ethernet TCP HTTP IP source: u.u.u..u dst: g.g.g.g R’s MAC • Protocol count = 8
Recap: Name discovery/resolution • MAC addresses? – my own: hardcoded – others: ARP (given IP address) • IP addresses? – my own: DHCP – others: DNS (given domain name) • how do I bootstrap DNS communication? (DHCP) • Domain names? – search engines
Switched Ethernet
Why Switched Ethernet? switch A B C D • Enables concurrent communication • Host A can talk to C, while B talks to D • No collisions  no need for CSMA, CD • No constraints on link lengths, etc.
Switched Ethernet • Constraints (for backward compatibility) • same framing (MAC address structure, headers) • maintain plug-n-play aspect • (Old) Ethernet achieved plug-n-play by leveraging a broadcast medium • how do we do this in a switched topology? • Natural first thought: flood (to mimic broadcast)
Problem: Flooding can lead to loops 1 2 4 3 B A C D Example: A wants to broadcast a message - A sends packet to 1 - 1 Floods to 2 and 4 - 2 Floods to B and 3 - 4 Floods to D and 3 - 3 Floods packet from 2 to C and 4 - 3 Floods packet from 4 to C and 2 - 4 Floods packet from 3 to D and 1 - 2 Floods packet from 3 to B and 1 - 1 Floods packet from 2 to A and 4 - 1 Floods packet from 4 to B and 2 - …. - A “broadcast storm” if the network contains a cycle of switches
Easiest Way to Avoid Loops • Use a topology where loops are impossible! • Take arbitrary topology • Build spanning tree (algorithm covered later) – Sub-graph that covers all vertices but contains no cycles – Ignore all links not on the spanning tree • Only one path to destinations on spanning trees – So don’t have to worry about loops!
Consider graph
A Spanning Tree 49
Another Spanning Tree 50
Flooding on a Spanning Tree • Switches flood using the following rule: – (Ignoring all ports not on spanning tree!) • Originating switch sends “flood” packet out all ports • When a “flood” packet arrives on one incoming port, send it out all other ports
Flooding on Spanning Tree
Flooding on Spanning Tree
But isn’t flooding wasteful? • Yes, but we can use it to bootstrap more efficient forwarding • Idea: watch the packets going by, and learn from that – There is a single path between any two nodes – If node A sees a packet from node B come in on a particular port, it knows what port to use to reach B!
Nodes can “learn” routing tables • Switch can learn how to reach nodes by remembering where flooding packets came from! • If flood packet from Node A entered switch from port 4, then switch uses port 4 to reach Node A 55
Learning from Flood Packets 56 Node A Node A can be reached through this port Node A can be reached through this port Once a node has sent a flood message, all other switches know how to reach it…. Node B
Node B Responds 57 Node A Node B can be reached through this port When a node responds, some of the switches learn where it is Node B Node B can be reached through this port Node B can be reached through this port Node B can be reached through this port
General Approach • Flood first packet to node you are trying to reach • All switches learn where you are • When destination responds, some switches learn where it is… – Only some switches, because packet to you follows direct path, and is not flooded
Self-Learning Switch When a packet arrives • Inspect source MAC address, associate with incoming port • Store mapping in the switch table • Use time-to-live field to eventually forget mapping A B C D Packet tells switch how to reach A.
Self Learning: Handling Misses When packet arrives with unfamiliar destination • Forward packet out all other ports • Response will teach switch about that destination A B C D
Summary of Learning Approach • Avoids loop by restricting to spanning tree • This makes flooding possible • Flooding allows packet to reach destination • And in the process switches learn how to reach source of flood • No route “computation”

Recommended

Lecture 23 DHCP and NAT.pptx
Lecture 23 DHCP and NAT.pptxLecture 23 DHCP and NAT.pptx
Lecture 23 DHCP and NAT.pptx
HanzlaNaveed1
 
08Mapping.ppt
08Mapping.ppt08Mapping.ppt
08Mapping.ppt
MalikNuman8
 
Address Resolution Protocol Cache Poisoning
Address Resolution Protocol Cache PoisoningAddress Resolution Protocol Cache Poisoning
Address Resolution Protocol Cache Poisoning
pifiye9333
 
Fundamental networking concepts
Fundamental networking conceptsFundamental networking concepts
Fundamental networking concepts
reachsrirams
 
06 coms 525 tcpip - dhcp and dns
06 coms 525 tcpip - dhcp and dns06 coms 525 tcpip - dhcp and dns
06 coms 525 tcpip - dhcp and dns
Palanivel Kuppusamy
 
MULTIMEDIA COMMUNICATION & NETWORKS
MULTIMEDIA COMMUNICATION & NETWORKSMULTIMEDIA COMMUNICATION & NETWORKS
MULTIMEDIA COMMUNICATION & NETWORKS
Kathirvel Ayyaswamy
 
IP/MAC Address Translation
IP/MAC Address TranslationIP/MAC Address Translation
IP/MAC Address Translation
Ismail Mukiibi
 
IP Addressing.ppt
IP Addressing.pptIP Addressing.ppt
IP Addressing.ppt
AbrahamGadissa
 

Recommended

Lecture 23 DHCP and NAT.pptx
Lecture 23 DHCP and NAT.pptxLecture 23 DHCP and NAT.pptx
Lecture 23 DHCP and NAT.pptx
HanzlaNaveed1
 
08Mapping.ppt
08Mapping.ppt08Mapping.ppt
08Mapping.ppt
MalikNuman8
 
Address Resolution Protocol Cache Poisoning
Address Resolution Protocol Cache PoisoningAddress Resolution Protocol Cache Poisoning
Address Resolution Protocol Cache Poisoning
pifiye9333
 
Fundamental networking concepts
Fundamental networking conceptsFundamental networking concepts
Fundamental networking concepts
reachsrirams
 
06 coms 525 tcpip - dhcp and dns
06 coms 525 tcpip - dhcp and dns06 coms 525 tcpip - dhcp and dns
06 coms 525 tcpip - dhcp and dns
Palanivel Kuppusamy
 
MULTIMEDIA COMMUNICATION & NETWORKS
MULTIMEDIA COMMUNICATION & NETWORKSMULTIMEDIA COMMUNICATION & NETWORKS
MULTIMEDIA COMMUNICATION & NETWORKS
Kathirvel Ayyaswamy
 
IP/MAC Address Translation
IP/MAC Address TranslationIP/MAC Address Translation
IP/MAC Address Translation
Ismail Mukiibi
 
IP Addressing.ppt
IP Addressing.pptIP Addressing.ppt
IP Addressing.ppt
AbrahamGadissa
 
vulnerabilities in IP.pdf
vulnerabilities in IP.pdfvulnerabilities in IP.pdf
vulnerabilities in IP.pdf
MuhammadSufyanAbbasi1
 
How to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingHow to Prevent DHCP Spoofing
How to Prevent DHCP Spoofing
KHNOG
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
Shyama Bhuvanendran
 
Chapter 25. implementing i pv6 routing
Chapter 25. implementing i pv6 routingChapter 25. implementing i pv6 routing
Chapter 25. implementing i pv6 routing
Vishnu Vardhan
 
TCP-IP PROTOCOL
TCP-IP PROTOCOLTCP-IP PROTOCOL
TCP-IP PROTOCOL
Osama Ghandour Geris
 
Networking Puzzle
Networking PuzzleNetworking Puzzle
Networking Puzzle
Aalok Shah
 
lecture5.pptx
lecture5.pptxlecture5.pptx
lecture5.pptx
Llobarro2
 
Sept 2017 internetworking
Sept 2017 internetworkingSept 2017 internetworking
Sept 2017 internetworking
shahin raj
 
Dhcp Snooping
Dhcp SnoopingDhcp Snooping
Dhcp Snooping
Prateek Baharani
 
Networking.pdf
Networking.pdfNetworking.pdf
Networking.pdf
DarshaniKarunarathne
 
DHCP.pptx
DHCP.pptxDHCP.pptx
DHCP.pptx
GayathriPG3
 
DHCP
DHCPDHCP
DHCP
selvakumar_b1985
 
Module-4 Short notes.pptx
Module-4 Short notes.pptxModule-4 Short notes.pptx
Module-4 Short notes.pptx
AzmiNizar1
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminsky
Dan Kaminsky
 
DHCP basics
DHCP basicsDHCP basics
DHCP basics
Mansi Kansara
 
Dhcp presentation
Dhcp presentationDhcp presentation
Dhcp presentation
Indian Institute of Technology, Bombay
 
Computer Networking: A Top-Down Approach
Computer Networking: A Top-Down Approach Computer Networking: A Top-Down Approach
Computer Networking: A Top-Down Approach
PolRobinson
 
L9 Protocol Suits
L9 Protocol SuitsL9 Protocol Suits
L9 Protocol Suits
ImranulHasan6
 
Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...
Adam Dunkels
 
162 15-768
162 15-768162 15-768
162 15-768
faisal123000
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Zilliz
 

More Related Content

Similar to DHCP,ARP in networks

Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminsky
Dan Kaminsky
 

Similar to DHCP,ARP in networks (20)

vulnerabilities in IP.pdf
vulnerabilities in IP.pdfvulnerabilities in IP.pdf
vulnerabilities in IP.pdf
 
How to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingHow to Prevent DHCP Spoofing
How to Prevent DHCP Spoofing
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
 
Chapter 25. implementing i pv6 routing
Chapter 25. implementing i pv6 routingChapter 25. implementing i pv6 routing
Chapter 25. implementing i pv6 routing
 
TCP-IP PROTOCOL
TCP-IP PROTOCOLTCP-IP PROTOCOL
TCP-IP PROTOCOL
 
Networking Puzzle
Networking PuzzleNetworking Puzzle
Networking Puzzle
 
lecture5.pptx
lecture5.pptxlecture5.pptx
lecture5.pptx
 
Sept 2017 internetworking
Sept 2017 internetworkingSept 2017 internetworking
Sept 2017 internetworking
 
Dhcp Snooping
Dhcp SnoopingDhcp Snooping
Dhcp Snooping
 
Networking.pdf
Networking.pdfNetworking.pdf
Networking.pdf
 
DHCP.pptx
DHCP.pptxDHCP.pptx
DHCP.pptx
 
DHCP
DHCPDHCP
DHCP
 
Module-4 Short notes.pptx
Module-4 Short notes.pptxModule-4 Short notes.pptx
Module-4 Short notes.pptx
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminsky
 
DHCP basics
DHCP basicsDHCP basics
DHCP basics
 
Dhcp presentation
Dhcp presentationDhcp presentation
Dhcp presentation
 
Computer Networking: A Top-Down Approach
Computer Networking: A Top-Down Approach Computer Networking: A Top-Down Approach
Computer Networking: A Top-Down Approach
 
L9 Protocol Suits
L9 Protocol SuitsL9 Protocol Suits
L9 Protocol Suits
 
Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...Building day 2 upload Building the Internet of Things with Thingsquare and ...
Building day 2 upload Building the Internet of Things with Thingsquare and ...
 
162 15-768
162 15-768162 15-768
162 15-768
 

Recently uploaded

Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Recently uploaded (20)

Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

DHCP,ARP in networks

  • 1. Missing pieces + Putting the pieces together EE 122, Fall 2013 Sylvia Ratnasamy http://inst.eecs.berkeley.edu/~ee122/ Material thanks to Ion Stoica, Scott Shenker, Jennifer Rexford, Nick McKeown, and many other colleagues
  • 2. Today • Missing pieces – DHCP – ARP • Putting the pieces together – “What happens when I click on a link?” • More missing pieces
  • 3. Naming • Application layer: URLs and domain names – names “resources” -- hosts, content, program – (recall: mixes the what and where of an object) • Network layer: IP addresses – host’s network location • Link layer: MAC addresses – host identifier • Use all three for end-to-end communication!
  • 4. Discovery • A host is “born” knowing only its MAC address • Must discover lots of information before it can communicate with a remote host B – what is my IP address? – what is B’s IP address? (remote) – what is B’s MAC address? (if B is local) – what is my first-hop router’s address? (if B is not local) – …
  • 5. ARP and DHCP • Link layer discovery protocols – “Address Resolution Protocol”, “Dynamic Host Configuration Protocol” – confined to a single local-area network (LAN) – rely on broadcast capability of a LAN Hosts Router
  • 6. ARP and DHCP • Link layer discovery protocols • Serve two functions – Discovery of local end-hosts • for communication between hosts on the same LAN
  • 7. ARP and DHCP • Link layer discovery protocols • Serve two functions – Discovery of local end-hosts – Bootstrap communication with remote hosts • what’s my IP address? • who/where is my local DNS server? • who/where is my first hop router?
  • 8. DHCP • “Dynamic Host Configuration Protocol” – defined in RFC 2131 • A host uses DHCP to discover – its own IP address – its netmask – IP address(es) for its DNS name server(s) – IP address(es) for its first-hop “default” router(s)
  • 9. DHCP: operation 1. One or more local DHCP servers maintain required information – IP address pool, netmask, DNS servers, etc. – application that listens on UDP port 67
  • 10. DHCP: operation 1. One or more local DHCP servers maintain required information 2. Client broadcasts a DHCP discovery message – L2 broadcast, to MAC address FF:FF:FF:FF:FF:FF
  • 11. DHCP: operation 1. One or more local DHCP servers maintain required information 2. Client broadcasts a DHCP discovery message 3. One or more DHCP servers responds with a DHCP “offer” message – proposed IP address for client, lease time – other parameters
  • 12. DHCP: operation 1. One or more local DHCP servers maintain required information 2. Client broadcasts a DHCP discovery message 3. One or more DHCP servers responds with a DHCP “offer” message 4. Client broadcasts a DHCP request message – specifies which offer it wants – echoes accepted parameters – other DHCP servers learn they were not chosen
  • 13. DHCP: operation 1. One or more local DHCP servers maintain required information 2. Client broadcasts a DHCP discovery message 3. One or more DHCP servers responds with a DHCP “offer” message 4. Client broadcasts a DHCP request message 5. Selected DHCP server responds with an ACK (DHCP “relay agents” used when the DHCP server isn’t on the same broadcast domain -- see text)
  • 14. DHCP uses “soft state” • Soft state: if not refreshed, state is forgotten – hard state: allocation is deliberately returned/withdrawn – used to track address allocation in DHCP • Implementation – address allocations are associated with a lease period – server: sets a timer associated with the record of allocation – client: must request a refresh before lease period expires – server: resets timer when a refresh arrives; sends ACK – server: reclaims allocated address when timer expires • Simple, yet robust under failure – state always fixes itself in (small constant of) lease time
  • 15. Soft state under failure • What happens when host XYZ fails? – refreshes from XYZ stop – server reclaims a.b.c.d after O(lease period) Router XYZ DHCP Server a.b.c.d is mine from (now’, now’+lease) a.b.c.d is XYZ’s from (now, now+c.lease)
  • 16. Soft state under failure • What happens when server fails? – ACKs from server stop – XYZ releases address after O(lease period); send new request – A new DHCP server can come up from a `cold start’ and we’re back on track in ~lease time Router XYZ DHCP Server a.b.c.d is mine from (now, now+lease) a.b.c.d is XYZ’s from (now, now+c.lease)
  • 17. Soft state under failure • What happens if the network fails? – refreshes and ACKs don’t get through – XYZ release address; DHCP server reclaims it Router XYZ DHCP Server a.b.c.d is mine from (now, now+lease) a.b.c.d is XYZ’s from (now, now+c.lease)
  • 18. Router Host Host Host Host DHCP Server Are we there yet? DNS Server What I learnt from DHCP my IP: 1.2.3.48 netmask: 1.2.3.0/24 (255.255.255.0) DNS: 1.2.3.156 router: 1.2.3.19
  • 19. Sending Packets Over Link-Layer • Link layer only understands MAC addresses – Translate the destination IP address to MAC address – Encapsulate the IP packet inside a link-level frame Router Host Host Host Host DNS 1.2.3.48 1.2.3.156 58-23-D7-FA-20-B0 90-E2-A1-09-66-1B 1.2.3.53 1.2.3.156 IP packet
  • 20. ARP: Address Resolution Protocol • Every host maintains an ARP table – list of (IP address  MAC address) pairs • Consult the table when sending a packet – Map destination IP address to destination MAC address – Encapsulate the (IP) data packet with MAC header; transmit • But: what if IP address not in the table? – Sender broadcasts: “Who has IP address 1.2.3.156?” – Receiver responds: “MAC address 58-23-D7-FA-20-B0” – Sender caches result in its ARP table
  • 21. What if the destination is remote? • Look up the MAC address of the first hop router – 1.2.3.48 uses ARP to find MAC address for first-hop router 1.2.3.19 rather than ultimate destination IP address • How does the red host know the destination is not local? – Uses netmask (discovered via DHCP) • How does the red host know about 1.2.3.19? – Also DHCP host host DNS ... host host host ... router router 1.2.3.0/24 (255.255.255.0) 5.6.7.0/24 1.2.3.156 1.2.3.48 1.2.3.19 router
  • 22. Security Analysis of ARP • Impersonation – Any node that hears request can answer … – … and can say whatever they want • Actual legit receiver never sees a problem – Because even though later packets carry its IP address, its NIC doesn’t capture them since not its MAC address
  • 23. Steps in Sending a Packet What do hosts need to know? And how do they find out?
  • 24. Steps in reaching a Host • First look up destination’s IP address • Need to know where local DNS server is – DHCP • Also needs to know its own IP address – DHCP
  • 25. Sending a Packet • On same subnet: – Use MAC address of destination. – ARP • On some other subnet: – Use MAC address of first-hop router. – DHCP + ARP • And how can a host tell whether destination is on same or other subnet? – Use the netmask – DHCP
  • 26. Example: A Sending a Packet to B How does host A send an IP packet to host B? A R B
  • 27. Example: A Sending a Packet to B A R B 1. A sends packet to R. 2. R sends packet to B.
  • 28. 28 Host A Decides to Send Through R A R B • Host A constructs an IP packet to send to B – Source 111.111.111.111, destination 222.222.222.222 • Host A has a gateway router R – Used to reach destinations outside of 111.111.111.0/24 – Address 111.111.111.110 for R learned via DHCP
  • 29. 29 Host A Sends Packet Through R • Host A learns the MAC address of R’s interface – ARP request: broadcast request for 111.111.111.110 – ARP response: R responds with E6-E9-00-17-BB-4B • Host A encapsulates the packet and sends to R A R B
  • 30. 30 R Decides how to Forward Packet • Router R’s adapter receives the packet – R extracts the IP packet from the Ethernet frame – R sees the IP packet is destined to 222.222.222.222 • Router R consults its forwarding table – Packet matches 222.222.222.0/24 via other adapter (port) A R B Two points: • Routing table points to this port • Destination address is within mask of port’s address (i.e., local)
  • 31. 31 R Sends Packet to B • Router R’s learns the MAC address of host B – ARP request: broadcast request for 222.222.222.222 – ARP response: B responds with 49-BD-D2-C7-56-2A • Router R encapsulates the packet and sends to B A R B
  • 32. Key Ideas in Both ARP and DHCP • Broadcasting: used for initial bootstrap • Caching: remember the past for a while – Store the information you learn to reduce overhead – Remember your own address & other host’s addresses – Key optimization for performance • Soft state: eventually forget the past – Associate a time-to-live field with the information – … and either refresh or discard the information – Key for robustness
  • 33. Discovery mechanisms We’ve seen two broad approaches – Broadcast (ARP, DHCP) • flooding doesn’t scale • no centralized point of failure • zero configuration – Directory service (DNS) • no flooding • root of the directory is vulnerable (caching is key) • needs configuration to bootstrap (local, root servers, etc.) Can we get the best of both? – Internet-scale yet zero config?
  • 34. • Are we there yet? – Yes!
  • 35. Putting the pieces together • Assume: `cold start’ -- nothing cached anywhere • Assume: yourDNS on a different subnet from yourDHCP • Ignore intra- and interdomain routing protocols Google’s datacenter Dorm You yourDHCP UCB yourDNS R router Count the number of protocols that come into play! Walk through the steps required to download www.google.com/index.html from your laptop
  • 36. Step 1: Self discovery • You use DHCP to discover bootstrap parameters – your IP addr (u.u.u.u) – your DNS server’s IP (u.dns.ip.addr) – R’s IP address (r.r.r.r) – .. • Exchange between you and yourDHCP • Protocol count = 4 Dorm You yourDHCP R router Ethernet UDP DHCP IP
  • 37. Next… • You are ready to contact www.google.com  need an IP address for www.google.com  need to ask google’s DNS server  need to ask my DNS server to ask google’s DNS…  I know my DNS server’s IP addr is u.dns.ip.addr  create a packet to send… Ethernet UDP DNS IP destination MAC? source: u.u.u..u dst: u.dns.ip.addr
  • 38. Step 2: Getting out the door • You use ARP to discover the MAC address of R • Exchange between you and R • Protocol count = 5 Dorm You yourDHCP R router Ethernet ARP dst MAC?
  • 39. Step 3: Send a DNS request • Exchange between you and yourDNS • Now ready to send that packet • Protocol count = 6 Ethernet UDP DNS IP source: u.u.u..u dst: u.dns.ip.addr R’s MAC You UCB yourDNS R router
  • 40. Step 4: yourDNS does its thing • yourDNS resolves www.google.com • Protocol count = 6 yourDNS root name server top-level name server google’s name server www.google.com’s IP address is g.g.g.g You
  • 41. Google’s datacenter You UCB R Step 5: Getting the content (at last) • Exchange between you and google’s server at g.g.g.g Ethernet TCP HTTP IP source: u.u.u..u dst: g.g.g.g R’s MAC • Protocol count = 8
  • 42. Recap: Name discovery/resolution • MAC addresses? – my own: hardcoded – others: ARP (given IP address) • IP addresses? – my own: DHCP – others: DNS (given domain name) • how do I bootstrap DNS communication? (DHCP) • Domain names? – search engines
  • 44. Why Switched Ethernet? switch A B C D • Enables concurrent communication • Host A can talk to C, while B talks to D • No collisions  no need for CSMA, CD • No constraints on link lengths, etc.
  • 45. Switched Ethernet • Constraints (for backward compatibility) • same framing (MAC address structure, headers) • maintain plug-n-play aspect • (Old) Ethernet achieved plug-n-play by leveraging a broadcast medium • how do we do this in a switched topology? • Natural first thought: flood (to mimic broadcast)
  • 46. Problem: Flooding can lead to loops 1 2 4 3 B A C D Example: A wants to broadcast a message - A sends packet to 1 - 1 Floods to 2 and 4 - 2 Floods to B and 3 - 4 Floods to D and 3 - 3 Floods packet from 2 to C and 4 - 3 Floods packet from 4 to C and 2 - 4 Floods packet from 3 to D and 1 - 2 Floods packet from 3 to B and 1 - 1 Floods packet from 2 to A and 4 - 1 Floods packet from 4 to B and 2 - …. - A “broadcast storm” if the network contains a cycle of switches
  • 47. Easiest Way to Avoid Loops • Use a topology where loops are impossible! • Take arbitrary topology • Build spanning tree (algorithm covered later) – Sub-graph that covers all vertices but contains no cycles – Ignore all links not on the spanning tree • Only one path to destinations on spanning trees – So don’t have to worry about loops!
  • 51. Flooding on a Spanning Tree • Switches flood using the following rule: – (Ignoring all ports not on spanning tree!) • Originating switch sends “flood” packet out all ports • When a “flood” packet arrives on one incoming port, send it out all other ports
  • 54. But isn’t flooding wasteful? • Yes, but we can use it to bootstrap more efficient forwarding • Idea: watch the packets going by, and learn from that – There is a single path between any two nodes – If node A sees a packet from node B come in on a particular port, it knows what port to use to reach B!
  • 55. Nodes can “learn” routing tables • Switch can learn how to reach nodes by remembering where flooding packets came from! • If flood packet from Node A entered switch from port 4, then switch uses port 4 to reach Node A 55
  • 56. Learning from Flood Packets 56 Node A Node A can be reached through this port Node A can be reached through this port Once a node has sent a flood message, all other switches know how to reach it…. Node B
  • 57. Node B Responds 57 Node A Node B can be reached through this port When a node responds, some of the switches learn where it is Node B Node B can be reached through this port Node B can be reached through this port Node B can be reached through this port
  • 58. General Approach • Flood first packet to node you are trying to reach • All switches learn where you are • When destination responds, some switches learn where it is… – Only some switches, because packet to you follows direct path, and is not flooded
  • 59. Self-Learning Switch When a packet arrives • Inspect source MAC address, associate with incoming port • Store mapping in the switch table • Use time-to-live field to eventually forget mapping A B C D Packet tells switch how to reach A.
  • 60. Self Learning: Handling Misses When packet arrives with unfamiliar destination • Forward packet out all other ports • Response will teach switch about that destination A B C D
  • 61. Summary of Learning Approach • Avoids loop by restricting to spanning tree • This makes flooding possible • Flooding allows packet to reach destination • And in the process switches learn how to reach source of flood • No route “computation”