ICMP 0466-XX-1395 t04000aa@sfc.keio.ac.jp 133.113.215.10 (ipv4) 2001:200:0:8803::53 (ipv6) (FQDN: Fully Qualified Domain Name) ( www.keio.ac.jp 131.113.215.10 /MAC ID 00:11:24:79:8e:82 Port Port = = Port v63ffe:501:100c:d210:2a0:24ff:fe29:314d v4203.178.143.71 v6128bitv432bit () 1
: 2001:200:0:8803::53/64 (64bit) 16 2001 : 200 : 0 : 8803 : 0 : 0 : 0 : 53 = 2001:200:0:8803::/64 (64bit) 2001:200:0:880 3::53/64 2001:200:0:880 3::1/63 2001:200:0:880 3::100/64 ABCARP BCA A D E 203. Address203.178.142.130 110 0 1 011 255. Netmask 0xffffffe0 11111111 178 10110010 255 11111111. 142. 10001111. 255. 11111111 130 01011001 224 11100000 N1 B C DEBCN1 Prefix Length /27 Address & Netmask Network 203. 11001011 178 27 (bit) 10110010. 142. 10001111 64 01000000 Subnet 203.178.142.64/27 R N1 10.1.0.2 R N2 192.168.0.1 A 1.0.0.0126.255.255.2558 B 128.0.0.0191.255.255.25516 C 192.0.0.0223.255.255.25524 D 224.0.0.0239.255.255.255 E 240.0.0.0255.255.255.255 N1 10.0.0.1 N1 N2 10.0.0.0/8 192.168.0.0/16 2
Network Address Translation,LAN 10.0.0.010.255.255.255 172.16.0.0172.31.255.255 192.168.0.0192.168.255.255 Internet global network Router xdsl 192.168.0.10 private network 192.168.0.XXX 20 (ex. 192.168.170.0/24) 21 (ex. 192.168.170.255/24) # 127.0.0.0/8 ( 127.0.0.1) ARP A A ARP Address Resolution Protocol IEEE802.3(Ethernet), 802.5(token ring), 802.11(Wireless) ARP 32bit ARP RARP 48bit MAC ARP ARP Ethernet driver A Ethernet driver ARP ARP Ethernet Broadcast ARP Ethernet driver A A 3
ARP(PC UNIX) ping ARP ARP(Windows) MAC Routing Table Lookup A Dst NH I/F B B N1 C B N1 D B N1 N1 Routing Table Lookup Dst NH I/F A A N1 C C N2 D D N3 B AD N3 N2 C D () interface interface interface interface PtoP ID Ethernet I/F 192.168.1.0/24 --- IF-a 10.0.0.0/8 --- IF-b 192.168.0.0/24 10.1.0.2 IF-b IF-a 192.168.1.1 IF-b 10.0.0.1 R I/F 192.168.0.0/24 --- IF-b 10.0.0.0/8 --- IF-a 192.168.1.0/24 10.0.0.1 IF-a IF-a 10.1.0.2 IF-b 192.168.0.1 R N1 N2 N3 192.168.1.0/24 10.0.0.0/8 192.168.0.0/24 4
netstat -rn %netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 203.178.143.1 UGSc 7 123 vx0 127.0.0.1 127.0.0.1 UH 0 56 lo0 192.168.1 link#1 UC 0 0 de0 => 203.178.143/25 link#2 UC 0 0 vx0 => Destination: Gateway : Netif : Expire :routing table 142.38 142.37 143.71 203.178.143.71203.178.142.38 next hop default 203.178.143.1 Ether 203.178.142 = 203.178.142.38 Enet = 203.178.142.38 Ether 203.178.143 next hop 203.178.142.38 142.35 next hop 203.178.142.35 140.32 143.1 143.72 = 203.178.142.38 Enet = 203.178.143.1 match 203.178.142.130 203.178.128.0/17 match 203.178.142.130 203.178.128.0/20 match 203.178.142.130 203.178.128.0/21 203. 11001011 203. 11001011 203. 11001011 178 10110010 178 10110010 178 10110010. 142. 10001111. 128. 10000000. 128. 10000000 130 01011001 0/17 00000000 0/20 00000000 N1 (Route aggregation) EN1N2 D A D E N2 203. 11001011 178 10110010. 128. 10000000 0/21 00000000 (Route aggregation) 192.168.0.0/24 10.0.0.1 IF-a 192.168.1.0/24 10.0.0.1 IF-a 192. 192.168.0.0/23 10.0.0.1 IF-a 168. 0. 0/24 11000000 10101000 00000000 00000000 192. 168. 1. 0/24 11000000 192. 11000000 10101000 168 10101000 00000001. 0. 00000000 I/F 00000000 0/23 00000000 Class A/B/C/D VLSM/CIDR Variable Length Subnet Mask Classless Inter Domain Routing Rv1/IGRP Classfull v6 5
Mobility!=?! Mobility : A A B B C C 1 () () 16bit(65536) Wellknown(11023) ftp 21 telnet 23 dns 53 http 80 6
7 Ethernet Ethernet
8 Ethernet Internet Control Message Protocol +
ICMP: Network Unreachable ICMP: Port Unreachable Host B Router!! Host B Host A Header 20byte ICMP Router ICMP message Router Host B Host A Header 20byte ICMP Router ICMP message Host B traceroute traceroute(1) Van Jacobson UDP TTL1 TTL=0ICMP time exceed 1 TTL=1 ICMP Time Exceed traceroute(2) traceroute(3) TTL1 TTL TTL02ICMP Time Exceed 2 ICMP Port Unreachable TTL=1 TTL=2 TTL=1 TTL=4 TTL=3 TTL=2 ICMP Time Exceed ICMP Port Unreachable 9
traceroute n windowstracert -d gen@kneuklid% tracert www.google.com Tracing route to www.google.com [216.239.33.101] over a maximum of 30 hops: 1 * * * Request timed out. 2 <1 ms <1 ms <1 ms cisco11.fujisawa.wide.ad.jp [203.178.137.78] 3 2 ms 1 ms 1 ms foundry2.otemachi.wide.ad.jp [203.178.138.227] 4 2 ms 2 ms 2 ms as6461.nspixp2.wide.ad.jp [202.249.2.102] 5 2 ms 8 ms 3 ms so-2-1-0.cr2.nrt3.jp.mfnx.net [208.184.210.74] 6 114 ms 113 ms 114 ms so-3-2-1.cr1.sjc3.us.mfnx.net [64.125.30.10] 7 105 ms 105 ms 105 ms pos9-1.mpr1.pao1.us.mfnx.net [208.184.232.178] 8 104 ms 104 ms 103 ms pos9-0.mpr2.pao1.us.mfnx.net [208.184.232.182] 9 119 ms 119 ms 119 ms bpr1-so-5-0-0.paloaltopaix.cw.net [206.24.241.41] 10 119 ms 119 ms 122 ms agr1-loopback.santaclara.cw.net [208.172.146.101] 11 119 ms 119 ms 119 ms dcr1-so-6-0-0.santaclara.cw.net [208.172.156.37] 12 120 ms 120 ms 120 ms cable-and-wireless-internal-isp.santaclara.cw.net [208.172.156.74] 13 117 ms 117 ms 117 ms bbr02-g6-0.sntc05.exodus.net [64.56.192.18] 14 118 ms 118 ms 118 ms bbr01-p7-0.sntc03.exodus.net [206.79.9.181] 15 117 ms 117 ms 117 ms dcr04-g1-2.sntc03.exodus.net [216.33.153.84] 16 121 ms 121 ms 121 ms csr01-ve240.sntc03.exodus.net [216.33.153.197] 17 107 ms 107 ms 107 ms google-exodus.exodus.net [64.68.64.210] 18 118 ms 105 ms 105 ms exbi2-1-1.net.google.com [216.239.47.6] 19 107 ms 106 ms 106 ms www.google.com [216.239.33.101] Trace complete. traceroute www.google.com 216.239.33.101 2 30 3 3TTL1 5 1 2 ( ) (/)UDP () + / 10
OSI Web /UDP / LAN IM xdsl/ () 16bit(65536) (FAX) FAX FAX( ) UDP/ UDP(User Datagram Protocol) CL (Connectionless) (Transmission Control Protocol) CO (Connection Oriented) Virtual Circuit 11
UDP ftp client #2048 transport layer ftp service #21 UDP dns service #53 #23 telnet service UDP Ethernet network layer physical layer Ethernet UDP UDP ICMP Port Unreachable UDP NFS, T, SNMP DNS, / / RTP Real-time Transport Protocol UDP,etc. RTP/UDP Vo DVTS 12
5(1024 Internet Explorer, 80, TracerouteTTL 12 state diagram 3Way Handshake SYN SYN + ACK PiggyBack ACK 13
FIN FIN FIN + ACK FIN + ACK FIN FIN + ACK FIN ACK FIN + ACK MSL(TIME_WAIT) CLOSING FIN CLOSING FIN FIN + ACK FIN + ACK CLOSING FIN+ACK FIN MSL TTL 3012 RST RST *) UDPICMP Port Unreachable ACK ACK 14
PiggyBack ACK ACK SYN SYN PiggyBack Data+ACK FIN+ACK SYN SYN+ACK ACK () () 15
ACK ACK 7 6 8 1 2 3 5 4 8 1 8 1 7 6 2 3 7 6 2 3 5 4 5 4 7 6 5 8 1 2 3 4 MSS1/2 MSS1/2 16
RTT 3 2 1 3 1 2 2 1 3 1 Network Packet loss 3 2 1 Back-off 64sec 1byte Back-off 5>, 6, 12, 24, 48, 60, 60, 60 (sec) 2 2set 75sec10 RST telnet, rlogin, ssh http, Vo ftp, scp SYNFIN UDP : hostahost B permit hostb to hosta deny all to hosta hostassh permit all to hostb port=22 deny all to hostb 17
: : 1: http 2: QoS: Quality of Service Address, Port MPLS Cut through QoS Routing 18