Protocol Learning Vamei Blog series in IP relay (IP, ARP, RIP and BGP protocol)

Source: Internet
Author: User

Vamei Source: Http://www.cnblogs.com/vamei Welcome reprint, Please also keep this statement. Thank you!

The network layer is the most important layer to achieve the Internet. It is at the network level that each local area network is connected to each other according to the IP protocol, which ultimately forms the internet across the globe. Higher-level protocols, whether TCP or UDP, must pass information through the network layer's IP packets (datagram). The operating system also provides a socket for that layer, allowing the user to manipulate IP packets directly.

IP packets are information that conforms to the IP protocol (that is, the 0/1 sequence), and we call IP packets the IP packet later. the IP packet is divided into two parts: header (header) and data . The data part is the information to be transmitted, the head is to be able to implement the transmission and additional information (this is similar to the head function of the Ethernet frame, if you are unfamiliar with the frame, you can see the small speaker of the article).

format of IP packets

IP protocol can be divided into IPv4 and IPv6 two kinds. IPV6 is an improved version that is used to replace the IPV4 protocol in the future. For the purposes of this article, we can temporarily ignore the difference between the two, just take IPv4 as an example. The following is the format of IPV4

IPV4 Pack We fold the entire sequence in accordance with 4 bytes for better display

Like frames, the head of an IP packet also has multiple areas. We focus our attention on the Red place (source address) and destination (destination address). They are all IP addresses. The address of the IPV4 is 4 bytes in length (that is, 32 bits). We usually divide the address of IPv4 into four decimal numbers, each with a range of 0-255, for example 192.0.0.1 is an IP address. Fill in the IP packet header is the binary form of the address.

An IP address is a global address that identifies a "community" (local area network) and a "house" (host). This is achieved by classifying IP addresses.

IP class from to Subnet Mask

A 1.0.0.0 126.255.255.255 255.0.0.0

B 128.0.0.0 191.255.255.255 255.255.0.0

C 192.0.0.0 223.255.255.255 255.255.255.0

The 32 bits of each IP address are divided into two parts, the first part is used to differentiate the local area network, and the second part is used to differentiate the host. The subnet mask (Subnet mask) tells us that the dividing line between these two parts, such as 255.0.0.0 (i.e., 8 1 and 24 0), indicates that the first 8 bits are used to differentiate the local area network, and the last 24 bits are used to differentiate the host. Since A, B, C classification is already specified, so when an IP address belongs to category B, we know that its first 16 and the last 16 bits represent LAN and host respectively.

------------------------

Add:

The IP network now uses a 32-bit address in dotted decimal notation, such as 172.16.0.0. The address format is: IP address = Network address + host address or IP address = host address + subnet address + host address.

IP Address Type

When the internetwork was originally designed for easy addressing and hierarchical construction of the network, each IP address consisted of two identification codes (IDS), the network ID and the host ID. All hosts on the same physical network use the same network ID, and one host on the network (including workstations on the network, servers, routers, etc.) has a host ID corresponding to it. The IP address is divided into 5 types according to the network ID, Class A address, Class B address, Class C address, Class D address, and Class E address.
1. Class A IP address

A Class A IP address consists of a 1-byte network address and a 3-byte host address, the highest bit of the network address must be "0", and the address range is from 1.0.0.0 to 126.0.0.0. There are 126 available Class A networks, each of which can hold more than 100 million hosts.

2. Class B IP Address

A class B IP address consists of a 2-byte network address and a 2-byte host address, the highest bit of the network address must be "10", and the address range is from 128.0.0.0 to 191.255.255.255. There are 16,382 available Class B networks, each of which can hold more than 60,000 hosts.

3. Class C IP Address

A Class C IP address consists of a 3-byte network address and a 1-byte host address, and the highest bit of the network address must be "110". range from 192.0.0.0 to 223.255.255.255. Class C network can reach more than 2.09 million, each network can accommodate 254 hosts.

4. Class D addresses are used for multipoint broadcasts (multicast).

Class D IP Address the first byte begins with "Lll0", which is a specially reserved address. It does not point to a particular network, which is currently used in multipoint broadcasts (multicast). Multicast addresses are used to address a group of computers at a time, identifying a group of computers that share the same protocol.

5. Class E IP Address

Start with "llll0" and use reservations for the future.

Full 0 ("0. 0. 0. 0 ") address corresponds to the current host. Full "1" IP address ("255". 255. 255. 255 ") is the broadcast address of the current subnet.

Of the 3 main types of IP addresses, 3 zones are reserved as private addresses, with the following ranges of addresses:

Class A address: 10.0.0.0~10.255.255.255

Class B Address: 172.16.0.0~172.31.255.255

Class C Address: 192.168.0.0~192.168.255.255

The first set of numbers for Class A addresses is 1~126. Note that the numbers 0 and 127 are not used as Class A addresses, the number 127 is reserved for the internal loopback function, and the number 0 indicates that the address is a local host and cannot be transmitted.

The first set of numbers for Class B addresses is 128~191.

The first set of numbers for Class C addresses is 192~223.


1. Class A Address

The Class A address is represented by: 0.0.0.0~126.255.255.255, the default netmask is: The 255.0.0.0;a class address is assigned to a particularly large network usage. Class A networks use the first set of numbers to represent the address of the network itself, followed by three sets of numbers as the addresses of the hosts connected to the network. A large network assigned to a large number of hosts (direct individual users) and a small number of local network networks. For example, the network of IBM Corporation.

2. Class B Address

Class B addresses are represented by: 128.0.0.0~191.255.255.255, and the default netmask is: 255.255.0.0;b class addresses are assigned to a typical medium-sized network. Class B networks use the first to second set of numbers to represent the address of the network, followed by two sets of numbers representing the host addresses on the network.

3. Class C Address

Class C addresses are represented in the following range: 192.0.0.0~ 223.255.255.255, the default netmask is: 255.255.255.0;c class address assigned to small networks, such as the general LAN and campus network, it can be connected to the minimum number of hosts, the use of the user is divided into a number of network segments for management. Class C networks Use the first three sets of numbers to represent the address of the network, and the last set of numbers as the host address on the network.

In fact, there are also Class D addresses and Class E addresses. However, these two types of addresses are particularly useful, and here is simply a brief introduction: Class D addresses are called broadcast addresses and are used by special protocols to send information to selected nodes. Class E addresses are reserved for future use.

------------------------

Nic and Router

The postman and the post office say that the IP address is assigned to each house (computer) "ZIP code". But this statement is not accurate. The IP address actually identifies the NIC (NIC, network Interface card). A network card is a computer hardware that, after receiving the network information, gives the information to the computer (processor/memory). When the computer needs to send information, it should also be sent through the network card. A computer can have more than one network card, such as a laptop with an Ethernet card and a WiFi card. When the computer receives or sends the message, it must decide which network card to pass.

Nic

a router (router) is actually a dedicated computer with multiple network cards. It allows the network card to be connected to different networks, which makes up the post office in the postman and the Post Office . For example, the router in the middle position has two network cards, the addresses are 199.165.145.17 and 199.165.146.3. They were connected to two networks: 199.165.145 and 199.165.146.

IP Packet Relay

The transmission of IP packets is to pass through the router's relay. A routing table (routing table) is stored in each host and Route. The routing table specifies the route to be taken by IP packets waiting to be sent, based on the IP address of the destination. Like the Signpost, if the address is "Tokyo", then please turn left, if the address is "Sydney", then please right.

A Real World Routing table

For example, we generate from host 145.17 to send to 146.21 of the IP packet: Roll out stationery, write the beginning of the letter (the rest of the data can be TCP packets, can be UDP packets, can be arbitrarily scrambled words, we do not care), annotated destination IP address (199.165.146.21) And the issuing IP address (199.165.145.17). Host 145.17 then refers to its own routing table, which has three rows of records:

145.17 routing Table (Genmask is a subnet mask, iface is used to indicate which NIC interface is used)

Destination Gateway Genmask Iface

199.165.145.0 0.0.0.0 255.255.255.0 eth0

0.0.0.0 199.165.145.17 0.0.0.0 eth0

Here are two lines of records.

The first line indicates that if the IP destination is the host of the 199.165.145.0 network, then it is only necessary to transmit the NIC directly on the eth0 ("local community": direct delivery ) without going to router (Gateway 0.0.0.0 = " Local Courier ").

The second line indicates that all IP destinations that do not conform to the first line should be sent to Gateway 199.165.145.17, which is the middle router access to the IP address of the ETH0 network card (Post office in Eth0 branch).

Our IP packet destination is 199.165.146.21, does not conform to the first line, so follow the second line, send to the middle of the router. Host 145.17 will put the IP packet into the payload of the frame, and write the 199.165.145.17 corresponding MAC address on the head of the frame, so that it can be transmitted in the local area network according to the method of the small horn .

The middle router receives the IP packet (actually the frame that receives the Ethernet protocol, then reads the IP packet from the payload in the frame), extracts the destination IP address, and then controls its own routing table:

Destination Gateway Genmask Iface

199.165.145.0 0.0.0.0 255.255.255.0 eth0

199.165.146.0 0.0.0.0 255.255.255.0 eth1

0.0.0.0 199.165.146.8 0.0.0.0 eth1

From the first two lines we see that because router spans the eth0 and eth1 two networks, it can directly transfer IP packets through the network cards on the eth0 and eth1.

The third line indicates that if it is an IP address other than the previous two lines, it needs to be sent to 199.165.146.8 (router on the right) via eth1.

Our destination matches the second line, so put the IP in a new frame,

Write the 199.165.146.21 MAC address on the head of the frame and send it directly to host 146.21.

(Under Linux, you can use $route-N to view routing table)

IP packets can be further relayed to reach the farther host. IP packet from the host, according to the router along the way routing table guidance, in router indirect force. IP packet finally arrives at a router, this router and the target host is located in a local area network, can establish the communication of the connection layer directly. Finally, the IP packets are sent to the target host. Such a process is called routing (we call the IP packet relay good, the word route is really mixed too much meaning).
Throughout the process, the IP packet is continuously encapsulated by the host and route into the frame (envelope) and disassembled, and then the connection layer is used to transfer frames between each NIC in the LAN. Throughout the process, the contents of our IP packets remain intact and have not changed. The ultimate effect is that an IP packet is transferred from one host to another. With IP packets, we don't have to worry about what happens to the underlying (such as the connection layer).

ARP protocol

In the above process, we actually assume that each host and route can understand the IP address and MAC address of the local network correspondence, this is the implementation of IP packet Encapsulation (encapsulation) to the basic conditions of the frame. The IP address corresponds to the MAC address for each host and route that is propagated to the LAN through the ARP protocol. each host or route has an ARP cache to store how the IP address and MAC address in the LAN correspond .

The ARP protocol (ARP between the connection layer and the network layer, the ARP packet needs to wrap in one frame) works as follows: The host emits an ARP packet that contains its own IP address and MAC address. Through the ARP packet, the host asks for all hosts and routes on the LAN in the form of broadcast: I am the IP address xxxx, my MAC address is xxxx, anyone know 199.165.146.4 MAC address? The host that owns the IP address replies to the requesting hosts: Oh, I know, this IP address belongs to one of my NICs, and its MAC address is xxxxxx. Because the host that sends the ARP request takes a broadcast form and comes with its own IP address and MAC address, the other hosts and routes check their ARP cache at the same time, and if not, update their own ARP cache.

This way, after several ARP requests, the ARP cache is stable. If the device changes on the LAN, ARP repeats the above procedure.

(Under Linux, you can use the $arp command to view the ARP process.) The ARP protocol is used only for IPv4. The IPV6 uses Neighbor Discovery protocol to replace the functionality of ARP. )

Generation of Routing table

We also have another assumption that there is a reasonable routing table on each host and route. This routint table describes the topology (topology) structure of the network. If you know your network connection, you can write your own host's routing table. However, a router may have multiple exits, so routing table can be very long. More importantly, other routers around the connection may change (such as a new router or router is broken), and we need routing table to move traffic to other exits in a timely manner. We need a smarter way to detect the surrounding network topology and automatically generate routing table.

We take the Beijing subway as an example. If you travel from the airport to Chaoyang Gate, then you can take terminal 2nd ->> Sanyuan bridge ->> dongzhimen ->> Chaoyang Gate. Terminal 2nd and Chaoyang Gate are respectively departure and destination hosts. And the Sanyuan Bridge and Dongzhimen are the middle of the two router. If the three- dimensional bridge ->> East straight door section because of maintenance outage, we need to change the three-way bridge routing table, thus to the Chaoyang Gate passengers (IP packet) instructions: Please follow the following Route Sanyuan Bridge ->> peony Habitat. Then follow the routing table of the Peony House to the Chaoyang Gate (Peony ju ->> dongzhimen ->> Chaoyang Gate).

a co-routing used to generate a table  discussion is RIP (Routing information Protocol). It decides routing table by distance, so it belongs to Distance-vector protocol. For RIP, The so-called distance is the number of routers from the origin to the destination route (hop numbers). For example, above from the airport to the Chaoyang gate, according to terminal 2nd ->> Sanyuan bridge ->> dongzhimen < Span style= "color: #000000;" >->> Chaoyang Gate route, path two routers, distance is 2. We can initially generate the routing table of the ternary bridge manually. Subsequently, according to the RIP protocol, the ternary bridge to the surrounding routers and hosts broadcast their own distance to each IP (such as to the airport = 0, Tuanjiehu = 0, Guomao = 1, Wangjing west = 1, Jianguomen =2). Routers and hosts that receive RIP packets are based on rip package and The distance from the host that sent the RIP packet, calculated the distances to each IP. The distance between Dongzhimen and Sanyuan Bridge is 1. Dongzhimen received three-dimensional bridge RIP package (distance to the airport is 0), then the East Direct gate Route Sanyuan Bridge to the airport distance of 1+0=1. If the Dongzhimen own RIP records than this far (such as dongzhimen->> peony Habitat->> Sanyuan Bridge->> Airport = 2). Then dongzhimen change their routing table: the traffic to the airport is sent to Sanyuan Bridge instead of the Peony House. If the Dongzhimen's own RIP record is not bad, then the Dongzhimen Keep routing table unchanged. This process repeats the RIP broadcast/calculate distance/update routing table at various points, and eventually all hosts and routers can generate the most logical path (merge).

(the basic logic of RIP is: If a distance B is 6, and I am 1 from a, then my path from A to B is 7)

RIP for technical reasons (looping hops) that IP over 15 is unreachable. So RIP is more used as part of the Internet (such as the entire China Telecom network). Such an internet part often belongs to the same ISP or has the same management body, so it is called the Autonomous Systems (as,autonomous system). hosts and routes within the autonomous system are based on the leading external border routers to communicate with other autonomous systems. Each border router uses BGP (Border Gateway Protocol) to generate its own routing table to other as, while the autonomous system references the border router, using RIP to determine routing table . BGP's basic work process is similar to rip, but while considering distances, it also balances other factors such as policy, connectivity, and so on, and then determines the direction of traffic (routing table).

Summary

we started with the process of IP packet relay based on routing table. In order to successfully implement the relay, we went further into ARP and RIP/BGP. All three protocols assist with IP transmission. ARP allows each computer and router to know the corresponding relationship between the IP address and MAC address of their local area network, thus successfully implementing IP packet-to-frame encapsulation. The RIP protocol can generate a reasonable routing table within an autonomous system. The BGP protocol can generate routing table outside of an autonomous system.

Throughout the process, we have focused on the transmission of IP packets, deliberately ignoring some of the details. The above IP relay process is suitable for IPv6.

Welcome to the "Protocol Forest" series

Protocol Learning Vamei Blog series in IP relay (IP, ARP, RIP and BGP protocol)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.