SEC. 5.4
`
`INTERNETWORK.ING
`
`411
`
`The firewall in this configuration has two components: two routers that do
`packet filtering and an application gateway. Simpler configurations also exist, but
`the advantage of this design is that every packet must transit two filters and an
`application gateway to go in or out. No other route exists. Readers who think that
`one security checkpoint is enough clearly have not made an international flight on
`a scheduled airline recently.
`Each packet filter is a standard router equipped with some extra functional(cid:173)
`ity. The extra functionality alllows every incoming or outgoing packet to be
`inspected. Packets meeting some criterion are forwarded normally. Those that
`fail the test are dropped.
`In Fig. 5-43, most likely the packet filter on the inside LAN checks outgoing
`packets and the one on the outside LAN checks incoming packets. Packets cross(cid:173)
`ing the first hurdle go to the application gateway for further examination. The
`point of putting the two packet filters on different LAN s is to ensure that no
`packet gets in or out without having to pass through the application gateway: there
`is no path around it.
`Packet filters are typically driven by tables configured by the system adminis(cid:173)
`trator. These tables list sources and destinations that are acceptable, sources and
`destinations that are blocked, and default rules about what to do with packets
`coming from or going to other machines.
`In the common case of a UNIX setting, a source or destination consists of an IP
`address and a port. Ports indicate which service is desired. For example, port 23
`is for Telnet, port 79 is for Finger, and port 119 is for USENET news. A com(cid:173)
`pany could block incoming packets for all IP addresses combined with one of
`these ports. In this way, no one outside the company could log in via Telnet, or
`look up people using the Finger daemon. Furthermore, the company would be
`spared from having employees spend all day reading USENET news.
`Blocking outgoing packets is trickier because although most sites stick to the
`standard port naming conventions, they are not forced to do so. Furthermore, for
`some important services, such as FTP (File Transfer Protocol), port numbers are
`assigned dynamically. In addition, although blocking TCP connections is diffi(cid:173)
`cult, blocking UDP packets is even harder because so little is known a priori about
`what they will do. Many packet filters simply ban UDP traffic altogether.
`The second half of the firewall mechanism is the application gateway.
`Rather than just looking at raw packets, the gateway operates at the application
`level. A mail gateway, for example, can be set up to examine each message going
`in or coming out. For each one it makes a decision to transmit or discard it based
`on header fields, message size, or even the content (e.g., at a military installation,
`the presence of words like "nuclear" or "bomb" might cause some special action
`to be taken).
`Installations are free to set up one or more application gateways for specific
`applications, but it is not uncommon for suspicious organizations to permit email
`in and out, and perhaps use of the World Wide Web, but ban everything else as
`
`Ex.1006.429
`
`DELL
`
`

`

`412
`
`THE NETWORK LA YER
`
`CHAP. 5
`
`too dicey. Combined with encryption and packet filtering, this arrangement offers
`a limited amount of security at the cost of some inconvenience.
`One final note concerns wireless communication and firewalls. It is easy to
`design a system that is logically completely secure, but which, in practice, leaks
`like a sieve. This situation can occur if some of the machines are wireless and use
`radio communication, which passes right over the firewall in both directions.
`
`5.5. THE NETWORK LA YER IN THE INTERNET
`
`At the network layer, the Internet can be viewed as a collection of subnet(cid:173)
`works or Autonomous Systems (ASes) that are connected together. There is no
`real structure, but several major backbones exist. These are constructed from
`high-bandwidth lines and fast routers. Attached to the backbones are regional
`(midlevel) networks, and attached to these regional networks are the LANs at
`many universities, companies, and Internet service providers. A sketch of this
`quasihierarchical organization is given in Fig. 5-44.
`
`Leased lines
`to Asia
`
`US backbone
`
`European backbone
`
`IP token ring LAN
`
`IP Ethernet
`LAN
`
`Fig. 5-44. The [nternet is an interconnected collection of many networks.
`
`The glue that holds the Internet together is the network layer protocol, IP
`(Internet Protocol). Unlike most older network layer protocols, it was designed
`from the beginning with internetworking in mind. A good way to think of the net(cid:173)
`work layer is this. Its job is to provide a best-efforts way to transport datagrams
`
`Ex.1006.430
`
`DELL
`
`

`

`

`

`414
`
`THE NETWORK LA YER
`
`CHAP. 5
`
`applies when no options are present. The maximum value of this 4-bit field is 15,
`which limits the header to 60 bytes, and thus the options field to 40 bytes. For
`some options, such as one that records the route a packet has taken, 40 bytes is far
`too small, making the option useless.
`The Type of service field allows the host to tell the subnet what kind of ser(cid:173)
`vice it wants. Various combinations of reliability and speed are possible. For
`digitized voice, fast delivery beats accurate delivery. For file transfer, error-free
`transmission is more important than fast transmission.
`The field itself contains (from left to right), a three-bit Precedence field, three
`flags, D, T, and R, and 2 unused bits. The Precedence field is a priority, from 0
`(normal) to 7 (network control packet). The three flag bits allow the host to
`specify what it cares most about from the set {Delay, Throughput, Reliability}. In
`theory, these fields allow routers to make choices between, for example, a satellite
`link with high throughput and high delay or a leased line with low throughput and
`low delay. In practice, current routers ignore the Type of Service field altogether.
`The Total length includes everything in the datagram-both header and data.
`The maximum length is 65,535 bytes. At present, this upper limit is tolerable, but
`with future gigabit networks larger datagrams will be needed.
`The Identification field is needed to allow the destination host to determine
`which datagram a newly arrived fragment belongs to. All the fragments of a
`datagram contain the same Identification value.
`Next comes an unused bit and then two 1-bit fields. DF stands for Don't
`Fragment. It is an order to the routers not to fragment the datagram because the
`destination is incapable of putting the pieces back together again. For example,
`when a computer boots, its ROM might ask for a memory image to be sent to it as
`a single datagram. By marking the datagram with the DF bit, the sender knows it
`will arrive in one piece, even if this means that the datagram must avoid a small(cid:173)
`packet network on the best path and take a suboptimal route. All machines are
`required to accept fragments of 576 bytes or less.
`MF stands for More Fragments. All fragments except the last one have this
`bit set. It is needed to know when all fragments of a datagram have arrived.
`The Fragment offset tells where in the current datagram this fragment
`belongs. All fragments except the last one in a datagram must be a multiple of 8
`bytes, the elementary fragment unit. Since 13 bits are provided, there is a max(cid:173)
`imum of 8192 fragments per datagram, giving a maximum datagram length of
`65,536 bytes, one more than the Total length field.
`The Time to live field is a counter used to limit packet lifetimes. It is sup(cid:173)
`posed to count time in seconds, allowing a maximum lifetime of 255 sec. It must
`be decremented on each hop and is supposed to be decremented multiple times
`when queued for a long time in a router. In practice, it just counts hops. When it
`hits zero, the packet is discarded and a warning packet is sent back to the source
`host. This feature prevents datagrams for wandering around forever, something
`that otherwise might happen if the routing tables ever become corrupted.
`
`Ex.1006.432
`
`DELL
`
`

`

`SEC. 5.5
`
`THE NETWORK LAYER IN THE INTERNET
`
`415
`
`When the network layer has assembled a complete datagram, it needs to know
`what to do with it. The Protocol field tells it which transport process to give it to.
`TCP is one possibility, but so are UDP and some others. The numbering of proto(cid:173)
`cols is global across the entire Internet and is defined in RFC 1700.
`The Header checksum verifies the header only. Such a checksum is useful for
`detecting errors generated by bad memory words inside a router. The algorithm is
`to add up all the 16-bit halfwords as they arrive, using one's complement arith(cid:173)
`metic and then take the one's complement of the result. For purposes of this algo(cid:173)
`rithm, the Header checksum is assumed to be zero upon arrival. This algorithm is
`more robust than using a norn1al add. Note that the Header checksum must be
`recomputed at each hop, because at least one field always changes (the Time to
`live field), but tricks can be used to speed up the computation.
`The Source address and Destination address indicate the network number and
`host number. We will discuss Internet addresses in the next section. The Options
`field was designed to provide an escape to allow subsequent versions of the proto(cid:173)
`col to include information not present in the original design, to permit experi(cid:173)
`menters to try out new ideas, and to avoid allocating header bits to information
`that is rarely needed. The options are variable length. Each begins with a I-byte
`code identifying the option. Some options are followed by a I -byte option length
`field, and then one or more data bytes. The Options field is padded out to a multi(cid:173)
`ple of four bytes. Currently five options are defined, as listed in Fig. 5-46, but not
`all routers support all of them.
`
`Option
`
`Description
`
`Security
`
`Specifies how secret the datagram is
`
`Strict source routing
`
`Gives the complete path to be followed
`
`loose source routing Gives a list of routers not to be missed
`
`Record route
`
`Timestamp
`
`Makes each router append its IP address
`
`Makes each router append its address and timestamp
`
`Fig. 5-46. IP options.
`The Security option tells how secret the information is. In theory, a military
`router might use this field to specify not to route through certain countries the mil(cid:173)
`itary considers to be "bad guys." In practice, all routers ignore it, so its only prac(cid:173)
`tical function is to help spies find the good stuff more easily.
`The Strict source routing option gives the complete path from source to desti(cid:173)
`nation as a sequence of IP addresses. The datagram is required to follow that
`exact route. It is most useful for system managers to send emergency packets
`when the routing tables are com1pted, or for making timing measurements.
`The Loose source routing option requires the packet to traverse the list of
`routers specified, and in the order specified, but it is allowed to pass through other
`
`Ex.1006.433
`
`DELL
`
`

`

`416
`
`THE NETWORK LA YER
`
`CHAP. 5
`
`routers on the way. Normally, this option would only provide a few routers, to
`force a particular path. For example, to force a packet from London to Sydney to
`go west instead of east, this option might specify routers in New York, Los
`Angeles, and Honolulu. This option is most useful when political or economic
`considerations dictate passing through or avoiding certain countries.
`The Record route option tells the routers along the path to append their IP
`address to the option field. This allows system managers to track down bugs in
`the routing algorithms ("Why are packets from Houston to Dallas all visiting
`Tokyo first?") When the ARPANET was first set up, no packet ever passed
`through more than nine routers, so 40 bytes of option was ample. As mentioned
`above, now it is too small.
`Finally, the Timestamp option is like the Record route option, except that in
`addition to recording its 32-bit IP address, each router also records a 32-bit time(cid:173)
`stamp. This option, too, is mostly for debugging routing algorithms.
`
`5.5.2. IP Addresses
`
`Every host and router on the Internet has an IP address, which encodes its net(cid:173)
`work number and host number. The combination is unique: no two machines
`have the same IP address. All IP addresses are 32 bits long and are used in the
`Source address and Destination address fields of IP packets. The formats used
`for IP address are shown in Fig. 5-47. Those machines connected to multiple net(cid:173)
`works have a different IP address on each network.
`
`- - - - - - - - - - 32 B i ts - - - - - - - - - - -
`
`'-I -1..I __,__,__1 -'1--'-1 __,_1 __,__,____.1--'-1 _,_,_1 __,_1 _,1'-'--1 _,l--'-1 __,_1 __,__,_1 _,1--'-1 __..1 _,_I __,_1 __,__,____.--'-1 _,_1 -'----'I Range of host
`addresses
`
`Class
`
`A I 0 I Network
`
`Host
`
`B I 1 O I
`C I 110
`
`Network
`
`Host
`
`Network
`
`Host
`
`\ 1.0.0.0 to
`127 .255.255.255
`
`128.0.0.0 to
`191.255.255.255
`
`192.0.0.0 to
`223.255.255.255
`
`D I 1110
`r-:-=
`240.0.0.0 to
`E ~o--'-_____ R_e_se_rv_e_d_fo_r_fu_tu_r_e _us_e ______ __, 247.255.255.255
`
`224.0.0.0 to
`239.255.255.255
`
`Multicast address
`
`Fig. 5-47. IP address formats.
`
`The class A, B, C, and D formats allow for up to 126 networks with 16 mil(cid:173)
`lion hosts each, 16,382 networks with up to 64K hosts, 2 million networks, (e.g.,
`
`Ex.1006.434
`
`DELL
`
`

`

`SEC. 5.5
`
`THE NETWORK LAYER IN THE INTERNET
`
`417
`
`LANs), with up to 254 hosts each, and multicast, in which a datagram is directed
`to multiple hosts. Addresses !beginning with 11110 are reserved for future use.
`Tens of thousands of networks are now connected to the Internet, and the number
`doubles every year. Network numbers are assigned by the NIC (Network Infor(cid:173)
`mation Center) to avoid conflicts.
`Network addresses, which are 32-bit numbers, are usually written in dotted
`decimal notation. In this format, each of the 4 bytes is written in decimal, from 0
`to 255. For example,
`the hexadecimal address C0290614
`is written as
`192.41.6.20. The lowest IP address is 0.0.0.0 and the highest is 255.255.255.255.
`The values 0 and -1 have special meanings, as shown in Fig. 5-48. The value
`0 means this network or this host. The value of -1 is used as a broadcast address
`to mean all hosts on the indicated network.
`
`0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 O 0 0 0 0 0 0 I This host
`
`~o_o ______ o_o~j _______ H_o_st ______ ~I A host on this network
`
`1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 J Broadcast on the
`'-------------·-----------~-local network
`
`1 1 1 ·1
`Network
`1 1 1 1
`'----------~--------------~distant network
`
`I Broadcast on a
`'-----1_2_1 __ -'--_______ (A_n_yt_h._in_g) ________ __,I Loopback
`
`Fig. 5-48. Special IP addresses.
`
`The IP address 0.0.0.0 is used by hosts when they are being booted but is not
`used afterward. IP addresses with 0 as network number refer to the current net(cid:173)
`work. These addresses allow machines to refer to their own network without
`knowing its number (but they have to know its class to know how many Os to
`include). The address consisting of all ls allows broadcasting on the local net(cid:173)
`work, typically a LAN. The addresses with a proper network number and all ls in
`the host field allow machines to send broadcast packets to distant LAN s anywhere
`in the Internet. Finally, all addresses of the form 127.xx.yy.zz are reserved for
`loopback testing. Packets sent to that address are not put out onto the wire; they
`are processed locally and treated as incoming packets. This allows packets to be
`sent to the local network without the sender knowing its number. This feature is
`also used for debugging network software.
`
`5.5.3. Subnets
`
`As we have seen, all the hosts in a network must have the same network
`number. This property of IP addressing can cause problems as networks grow.
`For example, consider a company that starts out with one class C LAN on the
`
`Ex.1006.435
`
`DELL
`
`

`

`418
`
`THE NETWORK LAYER
`
`CHAP. 5
`
`Internet. As time goes on, it might acquire more than 254 machines, and thus
`need a second class C address. Alternatively, it might acquire a second LAN of a
`different type and want a separate IP address for it (the LANs could be bridged to
`form a single IP network, but bridges have their own problems). Eventually, it
`might end up with many LANs, each with its own router and each with its own
`class C network number.
`As the number of distinct local networks grows, managing them can become a
`serious headache. Every time a new network is installed the system administrator
`has to contact NIC to get a new network number. Then this number must be
`announced worldwide. Furthermore, moving a machine from one LAN to another
`requires it to change its IP address, which in tum may mean modifying its config(cid:173)
`uration files and also announcing the new IP address to the world. If some other
`machine is given the newly-released IP address, that machine win get email and
`other data intended for the original machine until the address has propagated all
`over the world.
`The solution to these problems is to allow a network to be split into several
`parts for internal use but still act like a single network to the outside world. In the
`Internet literature, these parts are called subnets. As we mentioned in Chap. 1,
`this usage conflicts with "subnet" to mean the set of all routers and communica(cid:173)
`tion lines in a network. Hopefully it will be clear from the context which meaning
`is intended. In this section, the new definition will be the one used. If our grow(cid:173)
`ing company started up with a class B address instead of a class C address, it
`could start out just numbering the hosts from 1 to 254. When the second LAN
`arrived, it could decide, for example, to split the 16-bit host number into a 6-bit
`subnet number and a 10-bit host number, as shown in Fig. 5-49. This split allows
`62 LANs (0 and -1 are reserved), each with up to 1022 hosts.
`
`- - - 32 Bits - - - - -
`
`I I
`
`I
`
`I
`
`I
`
`I
`
`I
`
`I
`
`c Host
`
`Subnet
`Network
`1 0
`Subnet ~~-----------~
`1
`mask
`1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0
`
`Fig. 5-49. One of the ways to subnet a class B network.
`
`Outside the network, the subnetting is not visible, so allocating a new subnet
`does not require contacting NIC or changing any external databases. In this
`example, the first subnet might use IP addresses starting at 130.50.4.1, the second
`subnet might start at 130.50.8.1, and so on.
`To see how subnets work, it is necessary to explain how IP packets are pro(cid:173)
`cessed at a router. Each router has a table listing some number of (network, 0) IP
`addresses and some number of (this-network, host) IP addresses. The first kind
`
`Ex.1006.436
`
`DELL
`
`

`

`SEC. 5.5
`
`THE NETWORK LA YER IN THE INTERNET
`
`41.9
`
`tells how to get to distant networks. The second kind tells how to get to local
`hosts. Associated with each table is the network interface to use to reach the des(cid:173)
`tination, and certain other information.
`When an IP packet arrives, its destination address is looked up in the routing
`table. If the packet is for a distant network, it is forwarded to the next router on
`the interface given in the table. If it is a local host (e.g., on the router's LAN), it
`is sent directly to the destination. If the network is not present, the packet is for(cid:173)
`warded to a default router with more extensive tables. This algorithm means that
`each router only has to keep track of other networks and local hosts, not (network,
`host) pairs, greatly reducing the size of the routing table.
`When subnetting is introduced, the routing tables are changed, adding entries
`of the form (this-network, subnet, 0) and (this-network, this-subnet, host). Thus a
`router on subnet k knows how to get to all the other subnets and also how to get to
`all the hosts on subnet k. It does not have to know the details about hosts on other
`subnets. In fact, all that needs to be changed is to have each router do a Boolean
`AND with the network's subnet mask (see Fig. 5-49) to get rid of the host
`number and look up the resulting address in its tables (after determining which
`network class it is). For example, a packet addressed to 130.50.15.6 and arriving
`at a router on subnet 5 is ANDed with the subnet mask of Fig. 5-49 to give the
`address 130.50.12.0. This address is looked up in the routing tables to find out
`how to get to hosts on subnet 3. The router on subnet 5 is thus spared the work of
`keeping track of the data link addresses of hosts other than those on subnet 5.
`Subnetting thus reduces router table space by creating a three-level hierarchy.
`
`5.5.4. Internet Control Protocols
`
`In addition to IP, which is used for data transfer, the Internet has several con(cid:173)
`trol protocols used in the network layer, including ICMP, ARP, RARP, and
`BOOTP. In this section we will look at each of these in turn.
`
`The Internet Control Message Protocol
`
`The operation of the Internet is monitored closely by the routers. When some(cid:173)
`thing unexpected occurs, the event is reported by the ICMP (Internet Control
`Message Protocol), which is also used to test the Internet. About a dozen types
`of ICMP messages are defined. The most important ones are listed in Fig. 5-50.
`Each ICMP message type is encapsulated in an IP packet.
`The DESTINATION UNREACHABLE message is used when the subnet or a router
`cannot locate the destination, or a packet with the DF bit cannot be delivered
`because a "small-packet" network stands in the way.
`The TIME EXCEEDED message is sent when a packet is dropped due to its
`counter reaching zero. This event is a symptom that packets are looping, that
`there is enormous congestion, or that the timer values are being set too low.
`
`Ex.1006.437
`
`DELL
`
`

`

`420
`
`THE NETWORK LA YER
`
`CHAP. 5
`
`Message type
`
`Description
`
`Destination unreachable
`
`Packet could not be delivered
`
`Time exceeded
`
`Time to live field hit O
`
`Parameter problem
`
`Invalid header field
`
`Source quench
`
`Choke packet
`
`Redirect
`
`Echo request
`
`Echo reply
`
`Teach a router about geography
`
`Ask a machine if it is alive
`
`Yes, I am alive
`
`Timestamp request
`
`Same as Echo request, but with timestamp
`
`Timestamp reply
`
`Same as Echo reply, but with timestamp
`
`Fig. 5-50. The principal ICMP message types.
`
`The PARAMETER PROBLEM message indicates that an illegal value has been
`detected in a header field. This problem indicates a bug in the sending host's IP
`software, or possibly in the software of a router transited.
`The SOURCE QUENCH message was formerly used to throttle hosts that were
`sending too many packets. When a host received this message, it was expected to
`slow down. It is rarely used any more because when congestion occurs, these
`packets tend to add more fuel to the fire. Congestion control in the Internet is
`now done largely in the transport layer and will be studied in detail in Chap. 6.
`The REDIRECT message is used when a router notices that a packet seems to
`be routed wrong. It is used by the router to tell the sending host about the prob(cid:173)
`able error.
`The ECHO REQUEST and ECHO REPLY messages are used to see if a given des(cid:173)
`tination is reachable and alive. Upon receiving the ECHO message, the destination
`is expected to send an ECHO REPLY message back. The TIMESTAMP REQUEST and
`TIMESTAMP REPLY messages are similar, except that the arrival time of the mes(cid:173)
`sage and the departure time of the reply are recorded in the reply. This facility is
`used to measure network performance.
`In addition to these messages, there are four others that deal with Internet
`addressing, to allow hosts to discover their network numbers and to handle the
`case of multiple LANs sharing a single IP address. ICMP is defined in RFC 792.
`
`The Address Resolution Protocol
`
`Although every machine on the Internet has one (or more) IP addresses, these
`cannot actually be used for sending packets because the data link layer hardware
`does not understand Internet addresses. Nowadays, most hosts are attached to a
`
`Ex.1006.438
`
`DELL
`
`

`

`

`

`422
`
`THE NETWORK LA YER
`
`CHAP. 5
`
`Ethernet addresses. This solution is certainly possible, but for organizations with
`thousands of machines, keeping these files up to date is an error-prone, time(cid:173)
`consuming job.
`A better solution is for host 1 to output a broadcast packet onto the Ethernet
`asking: "Who owns IP address 192.3 l.65.5?" The broadcast will arrive at every
`machine on Ethernet 192.31.65.0, and each one will check its IP address. Host 2
`alone will respond with its Ethernet address (E2). In this way host 1 learns that IP
`address 192.31.65.5 is on the host with Ethernet address E2. The protocol for ask(cid:173)
`ing this question and getting the reply is called ARP (Address Resolution Proto(cid:173)
`col). Almost every machine on the Internet runs it. It is defined in RFC 826.
`The advantage of using ARP over configuration files is the simplicity. The
`system manager does not have to do much except assign each machine an IP
`address and decide about subnet masks. ARP does the rest.
`At this point, the IP software on host 1 builds an Ethernet frame addressed to
`E2, puts the IP packet (addressed to 192.31.65.5) in the payload field, and dumps
`it onto the Ethernet. The Ethernet board of host 2 detects this frame, recognizes it
`as a frame for itself, scoops it up, and causes an interrupt. The Ethernet driver
`extracts the IP packet from the payload and passes it to the IP software, which
`sees that it is correctly addressed, and processes it.
`Various optimizations are possible to make ARP more efficient. To start
`with, once a machine has run ARP, it caches the result in case it needs to contact
`the same machine shortly. Next time it will find the mapping in its own cache,
`thus eliminating the need for a second broadcast. In many cases host 2 will need
`to send back a reply, forcing it, too, to run ARP to determine the sender's Ethernet
`address. This ARP broadcast can be avoided by having host 1 include its IP to
`Ethernet mapping in the ARP packet. When ARP broadcast arrives at host 2, the
`pair (192.31.65.7, El) is entered into host 2's ARP cache for future use. In fact,
`all machines on the Ethernet can enter this mapping into their ARP caches.
`Yet another optimization is to have every machine broadcast its mapping
`when it boots. This broadcast is generally done in the form of an ARP looking for
`its own IP address. There should not be a response, but a side effect of the broad(cid:173)
`cast is to make any entry in everyone's ARP cache. If a response does arrive, two
`machines have been assigned the same IP address. The new one should inform
`the system manager and not boot.
`To allow mappings to change, for example, when an Ethernet board breaks
`and is replaced with a new one (and thus a new Ethernet address), entries in the
`ARP cache should time out after a few minutes.
`Now let us look at Fig. 5-51 again, only this time host 1 wants to send a
`packet to host 6 (192.31.63.8). Using ARP will fail because host 4 will not see
`the broadcast (routers do not forward Ethernet-level broadcasts). There are two
`solutions. First, the CS router could be configured to respond to ARP requests for
`network 192.31.63.0 (and possibly other local networks). In this case, host 1 will
`make an ARP cache entry of (192.31.63.8, E3) and happily send all traffic for host
`
`Ex.1006.440
`
`DELL
`
`

`

`SEC. 5.5
`
`THE NETWORK LA YER IN THE INTERNET
`
`423
`
`4 to the local router. This solution is called proxy ARP. The second solution is
`to have host 1 immediately see that the destination is on a remote network and just
`send all such traffic to a default Ethernet address that handles all remote traffic, in
`this case E3. This solution does not require having the CS router know which
`remote networks it is serving.
`Either way, what happens is that host 1 packs the IP packet into the payload
`field of an Ethernet frame addressed to E3. When the CS router gets the Ethernet
`frame, it removes the IP packet from the payload field and looks up the IP address
`in its routing tables. It discovers that packets for network 192.31.63.0 are sup(cid:173)
`posed to go to router 192.31.60.7. If it does not already know the FDDI address
`of 192.31.60.7, it broadcasts an ARP packet onto the ring and learns that its ring
`address is F3. It then inserts the packet into the payload field of an FDDI frame
`addressed to F3 and puts it on the ring.
`At the EE router, the FDDI driver removes the packet from the payload field
`and gives it to the IP software, which sees that it needs to send the packet to
`192.31.63.8. If this IP address is not in its ARP cache, it broadcasts an ARP
`request on the EE Ethernet and learns that the destination address is E6 so it
`builds an Ethernet frame addressed to E6, puts the packet in the payload field, and
`sends it over the Ethernet. When the Ethernet frame arrives at host 4, the packet
`is extracted from tlie frame and passed to the IP software for processing.
`Going from host 1 tp a distant network over a WAN works essentially the
`same way, except that this time the CS router's tables tell it to use the WAN
`router whose FDDI address is F2.
`
`The Reverse Address Resolution Protocol
`
`ARP solves the problem of finding out which Ethernet address corresponds to
`a given IP address. Sometimes the reverse problem has to solved: Given an Eth(cid:173)
`ernet address, what is the corresponding IP address? In particular, this problem
`occurs when booting a diskless workstation. Such a machine will normally get
`the binary image of its operating system from a remote file server. But how does
`it learn its IP address?
`The solution is to use the JRARP (Reverse Address Resolution Protocol)
`(defined in RFC 903). This protocol allows a newly-booted workstation to broad(cid:173)
`cast
`its Ethernet address and
`say:
`"My 48-bit Ethernet address
`is
`14.04.05.18.01.25. Does anyone out there know my IP address?" The RARP
`server sees this request, looks up the Ethernet address in its configuration files,
`and sends back the corresponding IP address.
`Using RARP is better than embedding an IP address in the memory image
`because it allows the same image to be used on all machines. If the IP address
`were buried inside the image, each workstation would need its own image.
`A disadvantage of RARP is that it uses a destination address of all ls (limited
`broadcasting) to reach the RARP server. However, such broadcasts are not
`
`Ex.1006.441
`
`DELL
`
`

`

`424
`
`THE NETWORK LA YER
`
`CHAP. 5
`
`forwarded by routers, so a RARP server is needed on each network. To get
`around this problem, an alternative bootstrap protocol called BOOTP has been
`invented (see RFCs 951, 1048, and 1084). Unlike RARP, it uses UDP messages,
`which are forwarded over routers. It also provides a diskless workstation with
`additional information, including the IP address of the file server holding the
`memory image, the IP address of the default router, and the subnet mask to use.
`BOOTP is described in RFC 951.
`
`5.5.5. The Interior Gateway Routing Protocol: OSPF
`
`As we mentioned earlier, the Internet is made up of a large number of auto(cid:173)
`nomous systems. Each AS is operated by a different organization and can use its
`own routing algorithm inside. For example, the internal networks of companies
`X, Y, and Z would usually be seen as three ASes if all three were on the Internet.
`All three may use different routing algorithms internally. Nevertheless, having
`standards, even for internal routing, simplifies the implementation at the boun(cid:173)
`daries between ASes and allows reuse of code. In this section we will study rout(cid:173)
`ing within an AS. In the next one, we will look at routing between ASes. A rout(cid:173)
`ing algorithm within an AS is called an interior gateway protocol; an algorithm
`for routing between ASes is called an exterior gateway protocol.
`The original Internet interior gateway protocol was a distance vector protocol
`(RIP) based on the Bellman-Ford algorithm. It worked well in small systems, but
`less well as ASes got larger. It also suffered from the count-to-infinity problem
`and generally slow convergence, so it was replaced in May 1979 by a link state
`protocol. In 1988, the Internet Engineering Task Force