Outline: Internet Protocol

Service model
Header format
Fragmentation and reassembly
Options
Auxiliary protocols:
- ARP
- ICMP

IP Service Model

A service model defines what services a network provides.

IP only guarantees best effort delivery of datagrams. In other words, IP may drop, delay, reorder, and corrupt messages.

Because this guarantee is very weak, IP can be implemented with relatively little effort on top of almost any other network technology. For example, IP runs on top of Ethernet, FDDI, ATM, and point-to-point links with very little overhead.

The most challenging networks for implementing IP might be the connection oriented network technologies (ATM, X.25). We can do this by caching connections.

IP Header

{\tiny

    0                   1                   2                   3   
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |Version| HLen  |Type of Service|          Total Length         |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |         Identification        |Flags|      Fragment Offset    |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  Time to Live |    Protocol   |         Header Checksum       |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                       Source Address                          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                    Destination Address                        |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                    Options                    |    Padding    |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

}

Notes:

IP and all internet protocols use big-endian format. Explain briefly.

Why the version number comes first. The IP described here is IPv4. Talk briefly about IPv6 being "up and coming".

What do we need HLen?

Does anybody use Type of Service?

Leave fragmentation for later.

Explain TTL is a hop count (and that's what it's called in IPv6).

Standard protocols above IP include: ICMP (1), TCP (6), UDP (17, 0x11).

Explain about checksum.

Leave options for later.

Fragmentation and Reassembly

When data crosses multiple networks, and since different networks may have different MTUs (Maximum Transmission Units), a packet which may be acceptable at the network of origin may need to be fragmented to go through some networks.

RFC 791

Following are quotes from RFC 791, the definition of IP. (http://www.cis.ohio-state.edu/htbin/rfc/rfc791.html).

Every internet module must be able to forward a datagram of 68 octets without further fragmentation. This is because an internet header may be up to 60 octets, and the minimum fragment is 8 octets.

Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled.

Fragmentation, transmission and reassembly across a local network which is invisible to the internet protocol module is called intranet fragmentation and may be used.

Fragmentation

Because packets and fragments may be delivered out of order, the packet ID field (16 bits) is used to distinguish between fragments belonging to different packets. Fragments with the same ID can be assumed to belong to the same packet. The sender is responsible for making the packet ID unique.

Also because packets may be delivered out of order, the fragment offset field records the position of the first byte in the fragment relative to the start of the packet.

An IP packet may be up to 2^{16} - 1 bytes long, but the fragment offset field is only 13 bits. The fragment offset is in multiples of 8 bytes (64 bits), and each fragment but the last must be a multiple of 8 bytes.

Fragmentation: procedure

If we are fragmenting an n-byte packet into f fragments, we make f-1 copies of the IP header, including some of the options. The first fragment goes out with the original header (and the "more fragments" bit set); the other fragments go out with the copied header, the fragment offset updated, and (except for the last fragment of a packet), the "more fragments" bit set.

Fragmentation can happen anywhere in the network; reassembly only takes place at the final receiver.

Reassembly: procedure

Look to see if we are already reassembling a packet with this source address and ID number. If not, allocate a reassembly context.
Start or re-start a timer for this packet.
Add the fragment to the packet as indicated by the offset field.
If the packet is now complete, deliver it as indicated by the protocol field.

If at any time the per-packet timer expires, discard the reassembly context for that packet.

IP Options

IP options are encoded in a standard format that allows processing even if we do not know the meaning of the option we are processing. {\tiny

   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  Option ID    |   Length      | Option Value ....
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

} The options are simply stored in the header one after the other, with padding if required to give a multiple of 4 bytes for the header as a whole. The header length is 5 (20 bytes) if there are no options, and greater otherwise.

Notes:

TCP also has options, and they have a similar format but of course different semantics.

Notice the option ID is only 1 byte long -- only 256 possible options.

IP Option Examples

[0] End of List
[1] No-op
[7] Record Route
[68] Time Stamp
[137] Source Route

ARP

The IP datagram forwarding algorithm specifies that a datagram be forwarded on an attached network to either the destination (whose IP address is in the packet) or to a router (whose IP address is known).

ARP converts the IP address of an interface on an attached network to a hardware address.

It does this by broadcasting a request which lists the desired IP address, and caching the (non-broadcast) request.

If host A asks for my address, I will cache A's IP and hardware addresses, since it is likely A will want to talk to me soon. The ARP messages carry source and destination hardware and physical addresses.

Notes:

Except the request cannot carry the destination hardware address... :-)

ICMP

The Internet Control Message Protocol logically sits on top of IP (protocol value 1). In practice, it is a part of IP. Functions are:

connectivity testing ("ping" uses the ICMP echo messages).
error reporting (packet dropped because: ...)
basic routing (redirect, default router information, address masks)

In general, every host on the Internet implements some subset of ICMP, which is why ping is useful.

Traceroute

One possible error reported using ICMP is "Time Exceeded", if the TTL field reaches 0.

What if we send packets with TTL 1, 2, 3, ...?

The first router will send an ICMP error for the first packet, the second router will send one for the second packet, and so on until we reach the destination. If we keep track of which routers send us ICMP packets, we will know what route our packets are following.

Traceroute is installed on the ICS machines. Try using it with www.stanford.edu and www.mit.edu, and compare the results.

Summary

We've seen the mechanics of IP: what bits are carried, how data is fragmented and reassembled, how errors are detected and reported across the network, how we actually send data to the next hop.

With this information, we can build an Internet node or even a simple router (as long as we have a "default router" to give messages to). To build an entire internet, we will need to know how to route.

We have also not explored some of the limitations of IP. These are addressed by a new version of the IP protocol, IPv6.