IP Address Assignment, Acquisition, and Hierarchy 409 Whenever a network device wants to send data across a network, it uses information provided by its ARP table. In Figure 7-39, a source device wants to send data to another device. Figure 7-38 ARP Obtains the IP Address Via the MAC Address Table 7-10 ARP Table Entry Internet Address Physical Address Type 68.2.168.1 00-50-57-00-76-84 Dynamic Table 7-11 ARP Table for 198.150.11.36 MAC Address IP Address FE:ED:F9:44:45:66 198.150.11.34 DD:EC:BC:AB:04:AC 198.150.11.33 DD:EC:BC:00:94:D4 198.150.11.35 FE:ED:F9:23:44:EF 198.150.11.36 Host Y Host Z ARP Request Broadcast Host Z MAC ? Host Z ARP Reply Host Y MAC Host Z MAC Example 1: TCP/IP Destination Local Host Y Host Z ARP Request Broadcast Host Z MAC ? Host Z ARP Reply Host Y MAC Router MAC Example 2: TCP/IP Destination not Local Net for Routing Table: Host Z Router A 1102.book Page 409 Tuesday, May 20, 2003 2:53 PM 410 Chapter 7: TCP/IP Protocol Suite and IP Addressing Figure 7-39 ARP Tables ARP Operation Within a Subnet If a host wants to send data to another host, it must know the destination IP and MAC addresses. If it cannot locate a MAC address for the destination IP address in its ARP table, the host initiates a process called an ARP request, as shown in Figure 7-39. An ARP request lets a host discover the destination MAC address. A host builds an ARP request packet and sends it to all devices on the network. This ARP request packet is divided into two parts: ■ The frame header ■ The ARP message To ensure that all devices see the ARP request, the source uses a broadcast MAC address. The broadcast address in a MAC addressing scheme has all places set to hexadecimal F. Thus, a MAC broadcast address has the form FF-FF-FF-FF-FF-FF. Because ARP request packets travel in a broadcast mode, all devices on the local network receive the packets and pass them up to the network layer for further examination. If a device’s IP address matches the destination IP address in the ARP request, that device responds by sending the source its MAC address. This is called the ARP reply. When the originating device receives the ARP reply, it extracts the MAC address from the sender hardware address field and updates its ARP table. The originating device can 197.15.22.33 197.15.22.44 197.15.22.123 197.15.22.4 197.15.22.37 197.15.22.126 ??? Source Destination Destination = 197.15.22.126 Physical Address IP Address 02-60-8C-01-02-03 197.15.22.33 00-00-A2-05-09-89 197.15.22.44 09-00-20-67-92-89 197.15.22.123 08-00-02-90-90-90 197.15.22.4 ARP Table 1102.book Page 410 Tuesday, May 20, 2003 2:53 PM IP Address Assignment, Acquisition, and Hierarchy 411 then properly address its data with both a destination MAC address and a destination IP address. It uses this new information to perform Layer 2 and Layer 3 encapsulations of the data before it sends them out over the network. When the data arrives at the destination, the data link layer makes a match, strips the MAC header, and transfers the data up to the network layer. The network layer examines the data and finds that its IP address matches the destination IP address carried in the IP header. The network layer strips the IP header and transfers the encapsulated data to the next-highest layer in the OSI model, the transport layer (Layer 4). This process is repeated until the rest of the packet’s partially de-encapsulated data reaches the application, where the user data can be read. Default Gateway A default gateway is the IP address of the interface on the router that connects to the network segment on which the source host is located. The default gateway’s IP address must be in the same network segment as the source host, as shown in Figure 7-40. Figure 7-40 Default Gateway Lab Activity Address Resolution Protocol (ARP) In this lab you use the workstation ARP table and the arp -a command to confirm that a computer is successfully resolving network (Layer 3) addresses to MAC (Layer 2) addresses. 1102.book Page 411 Tuesday, May 20, 2003 2:53 PM 412 Chapter 7: TCP/IP Protocol Suite and IP Addressing RARP IP Address Assignment Reverse Address Resolution Protocol (RARP) binds MAC addresses to IP addresses. This binding allows some network devices to encapsulate data before sending it out on the network. A network device or workstation might know its MAC address but not its IP address. Devices using RARP require that a RARP server be present on the net- work to answer RARP requests, as shown in Figure 7-41. Figure 7-41 RARP IP Address Assignment Consider an example in which a source device wants to send data to another device. The source knows the destination’s MAC address but is unable to locate its IP address in the ARP table. For the destination device to retrieve the data, pass it to higher layers of the OSI model, and respond to the originating device, the source must include both its MAC address and IP address. Therefore, the source initiates a process called a RARP request, which helps it detect its own IP address. The device builds a RARP request packet, as shown in Figure 7-42, and sends it out on the network. To ensure that all devices see the RARP request on the network, the device uses a broadcast MAC address. 1102.book Page 412 Tuesday, May 20, 2003 2:53 PM IP Address Assignment, Acquisition, and Hierarchy 413 Figure 7-42 ARP/RARP Message Structure The various parts of the RARP header structure are as follows: ■ Hardware type—Specifies a hardware interface type for which the sender requires a response. ■ Protocol type—Specifies the type of high-level protocol address the sender has supplied. ■ HLen—Hardware address length ■ PLen—Protocol address length ■ Operation—Values are as follows: — 1: ARP request — 2: ARP response — 3: RARP request — 4: RARP request — 5: Dynamic RARP request — 6: Dynamic RARP reply — 7: Dynamic RARP error — 8: InARP request — 9: InARP reply ■ Sender (HA) hardware address—HLen bytes in length ■ Sender (PA) protocol address—PLen bytes in length ■ Target (HA) hardware address—HLen bytes in length ■ Target (PA) protocol address—PLen bytes in length RARP Header Structure 1102.book Page 413 Tuesday, May 20, 2003 2:53 PM 414 Chapter 7: TCP/IP Protocol Suite and IP Addressing RARP uses the same packet format as ARP. But in a RARP request, the MAC headers and operation code are different from an ARP request. The RARP packet format con- tains places for MAC addresses of both destination and source. The source IP address field is empty. The broadcast goes to all devices on the network; therefore, the destina- tion MAC address is set to all binary 1s. Workstations running RARP have codes in ROM that direct them to start the RARP process. Figure 7-43 shows the RARP process. Figure 7-43 RARP Process Bootstrap Protocol (BOOTP) IP Address Assignment Like RARP, BOOTP operates in a client/server environment and requires only a single packet exchange to obtain IP information. However, unlike RARP, which sends back only a four-octet IP address, BOOTP packets can include the IP address as well as the address of a router (default gateway), the address of a server, and vendor-specific infor- mation, as shown in Figure 7-44. One of the problems with BOOTP is that it was not designed to provide dynamic address assignment. With BOOTP, a network administrator creates a configuration file that specifies the parameters for each device. The administrator must add hosts and maintain the BOOTP database. Also, even though the addresses are dynamically assigned, there is still a one-to-one relationship between the number of IP addresses and the number of hosts. This means that for every host on the network, there must be a BOOTP profile with an IP address assignment. No two profiles can have the same IP address, because those profiles might be used at the same time, and that would mean that two hosts have the same IP address. MAC address 02-60-8C-01-02-03 MAC address 00-00-A2-05-09-89 MAC address 08-00-2-90-90-90 MAC address 08-00-02-89-90-8 MAC address 08-00-20-67-92-89 MAC address 02-00-A2-04-09-89 Source IP Address ? Source IP Address ? Source IP Address ? RARP Server source IP address 197.15.22.126 Source IP Address ? Source IP Address ? Source 1102.book Page 414 Tuesday, May 20, 2003 2:53 PM IP Address Assignment, Acquisition, and Hierarchy 415 Figure 7-44 BOOTP Message Structure A device uses BOOTP when it starts up to obtain an IP address. BOOTP uses UDP to carry messages; the UDP message is encapsulated in an IP packet. A computer uses BOOTP to send a broadcast IP packet (using a destination IP address of all 1s— 255.255.255.255—in dotted-decimal notation). A BOOTP server receives the broad- cast and then sends back a broadcast. The client receives a frame and checks the MAC address. If it finds its own MAC address in the destination address field and a broad- cast in the IP destination field, it takes and stores the IP address and other information supplied in the BOOTP reply message. Dynamic Host Configuration Protocol (DHCP) IP Address Assignment Dynamic Host Configuration Protocol (DHCP) is the successor to BOOTP. Unlike BOOTP, DHCP allows a host to obtain an IP address dynamically without the net- work administrator’s having to set up an individual profile for that machine. All that is required for using DHCP is a defined range of IP addresses on a DHCP server. As hosts come online, they contact the DHCP server and request an address. The DHCP server chooses an address and leases it to that host. With DHCP, the entire computer’s TCP/IP configuration can be obtained in one message. This includes all the data supplied by the BOOTP message, plus a leased IP address and subnet mask. BOOTP Message Structure 1102.book Page 415 Tuesday, May 20, 2003 2:53 PM 416 Chapter 7: TCP/IP Protocol Suite and IP Addressing The major advance that DHCP makes over BOOTP is that it allows users to be mobile. This allows them to freely change network connections from location to location. There is no longer a requirement for a fixed profile for every device attached to the network as there is with the BOOTP system. The key to this DHCP advancement is its capabil- ity to lease an IP address to a device and then reclaim that IP address for another user after the first user releases it. This means that there is now a one-to-many ratio of IP addresses and that an address is available to anyone who connects to the network. DHCP uses the same message format as BOOTP, as shown in Figure 7-45, with the following exceptions. The unused field in the BOOTP format now represents a Flags field. The most-significant bit is the only flag defined currently. It represents a broad- cast message. DHCP and BOOTP also define the vendor-specific area, as follows: ■ 1-byte Option field ■ 1-byte Length field ■ Variable-length (specified by the Length field) Option Data field Figure 7-45 DHCP Message Structure For DHCP message types, the values for the fields are as follows: ■ 53 for the Option field, indicating a DHCP message ■ 1 for the Length field, indicating that the Data field is 1 byte long 0-7 Bits 16-24 Bits Seconds (2 Bytes) Siaddr (4 Bytes) Giaddr (4 Bytes) DHCP Message Structure 25-31 Bits8-15 Bits Op (1) Htype (1) Hlen (1) Hops (1) Xid (4 Bytes) Flags (2 Bytes) Ciaddr (4 Bytes) Yiaddr (4 Bytes) Chaddr (16 Bytes) Server Host Name (32 Bytes) Boot File Name (64 Bytes) Vendor Specific Area (32 Bytes) 1102.book Page 416 Tuesday, May 20, 2003 2:53 PM IP Address Assignment, Acquisition, and Hierarchy 417 When a DHCP client boots, it enters an initialize state. It sends DHCPDISCOVER broadcast messages, which are UDP packets with the port number set to the BOOTP port. After sending the DHCPDISCOVER packets, the client moves into the select state and collects DHCPOFFER responses from DHCP servers. The client then selects the first response it receives and negotiates the lease time (how long it can keep the address without renewing it) with the DHCP server by sending a DHCPREQUEST packet. Next, the DHCP server acknowledges a client request with a DHCPACK packet. The client can now enter the bound state and begin using the address. Figure 7-46 summarizes the DHCP state. Figure 7-46 DHCP Startup States Problems in Address Resolution One of the major problems in networking is how to communicate with other network devices. In TCP/IP communications, a datagram on a LAN must contain both a desti- nation MAC address and a destination IP address. In Figure 7-47, computer 176.10.16.1 wants to send data to 176.10.16.4. It has its IP address, but data transmission requires both the IP and MAC address of 176.10.16.4. How does it get that MAC address to perform the data transmission? Lab Activity DHCP Client Setup In this lab, you set up a networked computer as a DHCP client to use DHCP services. 1102.book Page 417 Tuesday, May 20, 2003 2:53 PM 418 Chapter 7: TCP/IP Protocol Suite and IP Addressing Figure 7-47 Address Resolution Issues These addresses must be correct and match the destination host’s MAC and IP addresses, or the destination host discards them. So on LANs there must be a way to automati- cally resolve (or translate) IP addresses to MAC addresses. Doing the resolution manu- ally would be much too rigid and time-consuming for the user. This solution covers only LAN issues; a different set of issues are raised when data is sent outside the LAN. There are two parts to the problem in communicating with devices that are not on the same physical network segment: ■ Obtaining the MAC address of the intermediate devices ■ Transferring the data packets from one network segment to another to get to the destination host Figure 7-48 illustrates this problem with an example. Computer 192.168.10.34 needs to communicate with computer 192.168.1.1. How does it get the MAC address for 192.168.1.1, and would it do any good if it could get the MAC address? Remember that MAC addresses are useful only in LANs. They won’t be any help outside the 192.168.10.0 network. So you need the router’s MAC address to get the data out of the LAN and on to the WAN system. Figure 7-48 Remote Address Resolution Issues 176.10.16.2 176.10.16.3 176.10.16.4 176.10.16.7 176.10.16.6 176.10.16.5 176.10.16.1 chpt_07.fm Page 418 Tuesday, May 27, 2003 9:12 AM . field and updates its ARP table. The originating device can 19 7 .15 .22 .33 19 7 .15 .22 .44 19 7 .15 .22 . 12 3 19 7 .15 .22 .4 19 7 .15 .22 .37 19 7 .15 .22 . 12 6 ??? Source Destination Destination = 19 7 .15 .22 . 12 6 Physical. Address 02- 60-8C- 01- 02- 03 19 7 .15 .22 .33 00-00-A2-05-09-89 19 7 .15 .22 .44 09-00 -20 -67- 92- 89 19 7 .15 .22 . 12 3 08-00- 02- 90-90-90 19 7 .15 .22 .4 ARP Table 11 02. book Page 410 Tuesday, May 20 , 20 03 2: 53 PM IP. Resolution Issues 17 6 .10 .16 .2 17 6 .10 .16 .3 17 6 .10 .16 .4 17 6 .10 .16 .7 17 6 .10 .16 .6 17 6 .10 .16 .5 17 6 .10 .16 .1 chpt_07.fm Page 418 Tuesday, May 27 , 20 03 9 : 12 AM