Computer Network - Tunneling, IP etc.

Transcript

1. Computer Network 
 5.5-5.6.3 2019/06/20 nonylene

2. 5-5. ωοτϫʔΫؒ઀ଓ

3. ωοτϫʔΫؒ઀ଓ 5.5 • ֤ωοτϫʔΫͰ͸ଟ਺ͷ૬ҧ఺͕͋Δ • ྫ: ແઢ -> 802.11 /

   ༗ઢ -> Ethernet • ౷Ұ͸͞Εͳ͍ʢͦΕͧΕར఺͕͋Δʣ • ૬ҧ఺ΛຒΊΔͨΊͷٕज़Λݟ͍ͯ͘ • QoS ͳͲ૬ޓޓ׵͕೉͍͠΋ͷ΋

4. τϯωϦϯά 5.5.3 • IPv4 ͱ IPv6 ͸૬ޓม׵Ͱ͖ͳ͍ • IPv6 (128bit)

   Λ IPv4 (32bit) ʹམͱ͠ࠐΊͳ͍ → IPv6 ͔Β IPv4 Λܦ༝ͯ͠ IPv6 ωοτϫʔΫ ʹૹΓ͍ͨ৔߹ɾɾɾʁ v6 Network v6 Network v4 Network

5. τϯωϦϯά 5.5.3 • IPv4 ωοτϫʔΫ಺Ͱ͸ IPv4 ύέοτʹ IPv6 ύέοτΛೖΕͯૹΔ →

   τϯωϦϯά v6 Network v6 Network v4 Network v6 Packet v4 v6 Packet v6 Packet Tunneling (IPv6 over IPv4)

6. ωοτϫʔΫؒͷϧʔςΟϯά 5.5.4 • ISP ಺ʢΠϯτϥυϝΠϯʣͰ͸ࣗ༝ʹܦ࿏ܾఆ • ISP ಺ͷܦ࿏͸ ISP ֎ʹ͸ग़ͳ͍

   • ಠཱͯ͠ಈ࡞ → ࣗ཯γεςϜʢASʣ • ISP ؒʢΠϯλʔυϝΠϯʣͰ͸ BGP Ͱܦ࿏ަ׵ • ৄࡉ͸ࠓޙ

7. ύέοτͷϑϥάϝϯτԽ 5.5.5 • ֤ωοτϫʔΫͰύέοτͷ࠷େ௕ʢMTUʣ ͕ҟͳΔ • 802.11 -> 2272 bytes

   / Ethernet -> 1500 bytes • ֤ωοτϫʔΫΛ௨Γൈ͚ͯߦ͘ʹ͸ɺ
 ύέοτΛ෼ׂʢϑϥάϝϯτԽʣͯ͠ૹΔ

8. ύέοτͷϑϥάϝϯτԽ 5.5.5 1. ωοτϫʔΫ͝ͱʹ෼ׂɾ݁߹͢Δ • Pros: ୯७ • Cons: ϧʔλʔ΁ͷෛՙ͕େ͖͍

   • ϧʔλʔ͝ͱʹ݁߹ɾ෼ׂॲཧΛ͢Δ͜ͱʹ • ݁߹͸શύέοτ଴ͭඞཁ͕͋Γେม

9. ύέοτͷϑϥάϝϯτԽ 5.5.5 2. ʢωοτϫʔΫ͝ͱʹ෼ׂ͠ʣΫϥΠΞϯτͰ݁߹ • Pros: ϧʔλʔ΁ͷෛՙ͕খ͍͞ • ϧʔλʔ͸ݸผͷύέοτΛ෼ׂ͢Δ͚ͩ •

   Cons: શωοτϫʔΫͰ෼ׂ͞Εͨ··ʹ • IP Ͱ͸ͪ͜ΒΛ࠾༻

10. ύέοτͷϑϥάϝϯτԽ 5.5.5 • ࠜຊతͳରࡦ: ϑϥάϝϯτͤ͞ͳ͍ • ࣄલʹܦ࿏ͷ MTU (PMTU) Λ஌Δ͜ͱͰɺ

    PMTU Ҏ্ͷύέοτΛૹΒͳ͍ → PMTUD (Path MTU Discovery) Λߦ͏

11. ύέοτͷϑϥάϝϯτԽ 5.5.5 • PMTUD (Path MTU Discovery) 1. ϑϥάϝϯτېࢭʢDFʣͰύέοτΛૹΔ 2.

    ϧʔλʔ͔Βͷ ICMP ΤϥʔΛݟΔ • PMTU Λ௒͍͑ͯΔͱ Packet Too Big ͕ฦΔ͸ͣ 3. ૬खʹಧ͘·Ͱ MTU Λௐ੔͢Δ

12. ύέοτͷϑϥάϝϯτԽ 5.5.5 • PMTUD ͷσϝϦοτ • ஗Ԇ࣌ؒͷ૿େ • PMTUD Blackhole

    ໰୊ • ϧʔλʔ͕ ICMP ΛϑΟϧλͯ͠Δͱ෼͔Βͳ͍ʂ

13. 5-6. Πϯλʔωοτʹ͓͚Δ ωοτϫʔΫ૚

14. ωοτϫʔΫ૚ 5.6 • ૬ޓ઀ଓ͞ΕͨωοτϫʔΫɾAS ͷू߹ • ༷ʑͳܦ࿏͕͋Δ • IP (Internet

    Protocol) Ͱ΍ΓऔΓ͞Ε͍ͯΔ • ͲͷΑ͏ͳܦ࿏ͰύέοτΛ௨͔͢ → IP ϧʔςΟϯά

15. IPv4 5.6.1 • Internet Protocol (Version 4) • ΞυϨε௕͸ 32

    bit ʢ͔͠ͳ͍ʂʂʣ

16. IPv4 5.6.1 • Internet Header Length (4 bit) • ϔομ௕͸Մม

17. IPv4 5.6.1 • Types of Service (8 bit) • ݱࡏ͸

    QoS (6 bit) ͱ ECN (2 bit) ʹ࢖ΘΕΔ

18. IPv4 5.6.1 • Total Length (16 bit) • ύέοτ௕

19. IPv4 5.6.1 • Identification (16 bit) • ϑϥάϝϯτԽͨ͠ύέοτΛࣝผ͢Δ

20. IPv4 5.6.1 • Flags (3 bit) • ະ࢖༻ / Don’t

    Fragment / More Fragment

21. IPv4 5.6.1 • TTL (8 bit) • ϧʔλʔΛܦ༝͢Δ͝ͱʹ 1 ݮΒ͞ΕΔ

22. IPv4 5.6.1 • TTL (8 bit) • 0 ʹͳΔͱഁغʢϧʔϓରࡦʣ

23. IPv4 5.6.1 • Protocol (8 bit) • Data ͷϓϩτίϧʢTCP /

    UDP ͳͲʣΛ൑ผ

24. IPv4 5.6.1 • Checksum (8 bit) • IP ϔομʔ͕ਖ਼͘͠ૹΒΕ͍ͯΔ͔Λ֬ೝ

25. IPv4 5.6.1 • Checksum (8 bit) • 16 bit ͝ͱͷ1ͷิ਺࿨ͷ1ͷิ਺

26. IPv4 5.6.1 • Options (Մม௕) • ͦͷଞͷ௥Ճ৘ใɺ͋·Γ࢖ΘΕͳ͍

27. • IP ΞυϨε͸Կͷ৘ใΛؚΜͰ͍Δͷ͔ʁ • αϒωοτ • ωοτϫʔΫ಺Ͱࡉ෼Խͨ͠ωοτϫʔΫʢޙड़ʣ • αϒωοτ಺ͷϗετ൪߸ IP

    ΞυϨε 5.6.2 203.0.113.1

28. IP ΞυϨε 5.6.2 203.0.113.1 11001011.00000000.01110001.00000001 ↓ Bin

29. • ྫ͑͹αϒωοτͷϗετ͕ 254 ݸͩͱ… • αϒωοτʹଐ͢ΔΞυϨε܈͸͜͏ͳΔ IP ΞυϨε 5.6.2 203.0.113.1~254

    11001011.00000000.01110001.XXXXXXXX

30. • ྫ͑͹αϒωοτͷϗετ͕ 254 ݸͩͱ… • ԼҐ 8 bit ͰϗετΛද͢͜ͱʹͳΔ IP

    ΞυϨε 5.6.2 203.0.113.1~254 11001011.00000000.01110001.XXXXXXXX ϗετ

31. 203.0.113.1~254 • ྫ͑͹αϒωοτͷϗετ͕ 254 ݸͩͱ… • ্Ґ bits ͸ॴଐ͢ΔαϒωοτΛද͢ IP

    ΞυϨε 5.6.2 11001011.00000000.01110001.XXXXXXXX αϒωοτ

32. 203.0.113.1~254 • ྫ͑͹αϒωοτͷϗετ͕ 254 ݸͩͱ… IP ΞυϨε 5.6.2 ωοτϫʔΫ෦ ϗετ෦

    11001011.00000000.01110001.XXXXXXXX ஫: ωοτϫʔΫ෦Λαϒωοτ෦ͱ෼͚Δ͜ͱ΋͋Δ (See: rfc 1983)

33. • αϒωοτͷද͠ํ ᶃϓϨϑΟοΫε • αϒωοτ෦ͷ bit ਺Λද͢ IP ΞυϨε 5.6.2

    11001011.00000000.01110001.XXXXXXXX 203.0.113.0/24 24bit 8bit Prefix

34. • αϒωοτͷද͠ํ ᶃϓϨϑΟοΫε • ΞυϨε͸αϒωοτ಺ͷ࠷খͷΞυϨε IP ΞυϨε 5.6.2 11001011.00000000.01110001.XXXXXXXX 203.0.113.0/24

    24bit 8bit Prefix

35. • αϒωοτͷද͠ํ ᶄαϒωοτϚεΫ • ϗετͷΞυϨεͱ૊Έ߹Θͤͯද͢ • ྫ • ΞυϨε: 203.0.113.1

    • αϒωοτϚεΫ: 255.255.255.0 IP ΞυϨε 5.6.2

36. • ωοτϫʔΫͷද͠ํ ᶄαϒωοτϚεΫ • ࿦ཧੵΛऔΔ͜ͱͰαϒωοτ͕෼͔Δ IP ΞυϨε 5.6.2 11001011.00000000.01110001.00000001 11111111.11111111.11111111.00000000

    × 11001011.00000000.01110001.00000000 ʹ ΞυϨε: 203.0.113.1 αϒωοτϚεΫ: 255.255.255.0 αϒωοτ: 203.0.113.0/24

37. • αϒωοτ • ωοτϫʔΫͷதͰ۠੾ͬͨωοτϫʔΫ • ωοτϫʔΫ͸֎෦͔Βड͚ͨ΋ͷͰɺ
 αϒωοτ͸૊৫಺Ͱ෼͚Δ΋ͷʢେମʣ IP ΞυϨε 5.6.2

    ωοτϫʔΫ 203.0.113.0/24 αϒωοτ3
 203.0.113.128/25 αϒωοτ1 203.0.113.0/26 αϒωοτ2
 203.0.113.64/26 ஫: ͜ͷεϥΠυͰ͸ωοτϫʔΫͱαϒωοτͷҙຯ߹͍Λ෼͚͍ͯΔ

38. • CIDR (Classless InterDomain Routing) • ύέοτͷ഑ૹͷ࢓૊Έ • େ͖ͳΞυϨεۭؒͰ·ͱΊͯܦ࿏Λࢦఆ IP

    ΞυϨε 5.6.2 Oxford Cambridge Edinburgh London New York 198.51.100.0/24 198.51.100.32/27 198.51.100.64/26 198.51.100.128/25

39. • CIDR (Classless InterDomain Routing) • New York ͸ London

    ʹ͑͞഑ૹ͢Ε͹ྑ͍ → ϧʔςΟϯάςʔϒϧ͕গͳͯ͘ࡁΉ IP ΞυϨε 5.6.2 Oxford Cambridge Edinburgh London New York 198.51.100.0/24 198.51.100.32/27 198.51.100.64/26 198.51.100.128/25

40. • CIDR (Classless InterDomain Routing) • ඃΔ৔߹͸ Prefix ͕࠷΋௕͍ܦ࿏Λ࠾༻ •

    Longest Prefix Matching ͱ͍͏ IP ΞυϨε 5.6.2 London New York 198.51.100.0/24 Seattle 198.51.100.8/29 198.51.100.32/27 198.51.100.64/26 198.51.100.128/25

41. • ಛผͳΞυϨεͷྫ • 255.255.255.255: ϒϩʔυΩϟετΞυϨε • ಉαϒωοτͷશϗετʹ౤͛Δ • 127.0.0.0/8: ϧʔϓόοΫ

    • ࣗ෼ͷϗετʢlocalhostʣ IP ΞυϨε 5.6.2

42. • NAT • IPv4 ΞυϨε͸ 2^32 = ໿43ԯݸ͔͠ͳ͍ • ͱ͜ΖͰ஍ٿͷਓޱ͸75ԯਓ

    → ଍Γͳ͍ʂʂʂʂ ɾ IPv6 Λ࡞͚ͬͨͲҠߦાஔ͕ඞཁ… IP ΞυϨε 5.6.2

43. • NAT • গ਺ͷIPΞυϨεΛωοτϫʔΫ಺Ͱ࢖͍ճ͢ • ಺෦༻ͷΞυϨεۭؒΛ֎෦͔Β෼཭͢Δ IP ΞυϨε 5.6.2 ૊৫಺ωοτϫʔΫ

    
 192.168.1.0/24 
 203.0.113.7/32 Internet

44. • NAT • NAT ശͰIPΞυϨεͱϙʔτΛม׵͢Δ IP ΞυϨε 5.6.2 Internet 192.168.1.0/24

    198.51.100.1:80 192.168.0.5 NAT Box ͸ϧʔλʔ಺Ͱಈ࡞͢Δ͜ͱ͕ଟ͍ NAT Box

45. • NAT ͷϙʔτɾΞυϨεม׵ʢOutboundʣ • ωοτϫʔΫ಺෦͔Β֎෦΁઀ଓ IP ΞυϨε 5.6.2 Internet 198.51.100.1:80

    192.168.1.0/24 192.168.0.5 NAT Box

46. • NAT ͷϙʔτɾΞυϨεม׵ʢOutboundʣ • NATശ͸ૹ৴ݩ IPɾϙʔτΛࣗ෼ͷ֎෦ IP ʹ IP ΞυϨε

    5.6.2 Internet 198.51.100.1:80 192.168.0.5 -> 
 203.0.113.7 src addr: 4345 -> 
 6342 src port: 192.168.1.0/24 192.168.0.5 NAT Box

47. • NAT ͷϙʔτɾΞυϨεม׵ʢOutboundʣ • NATശ͸ૹ৴ݩΛ֎෦ʹม׵ͨ͠ύέοτΛૹ৴ IP ΞυϨε 5.6.2 Internet 198.51.100.1:80

    203.0.113.7 src addr: 6342 src port: 198.51.100.1:80 192.168.1.0/24 192.168.0.5 NAT Box

48. • NAT ͷϙʔτɾΞυϨεม׵ʢInboundʣ • NATശ͕มߋͨ͠IPɾϙʔτѼ΁ύέοτ͕དྷΔ IP ΞυϨε 5.6.2 Internet 203.0.113.7:6342

    192.168.1.0/24 192.168.0.5 NAT Box

49. • NAT ͷϙʔτɾΞυϨεม׵ʢInboundʣ • NATശ͸Ѽઌ IPɾϙʔτΛ಺෦ͷIPʹ໭͢ IP ΞυϨε 5.6.2 Internet

    203.0.113.7-> 192.168.0.5 dst addr: 6342 -> 4345 dst port: 203.0.113.7:6342 192.168.1.0/24 192.168.0.5 NAT Box

50. • NAT ͷϙʔτɾΞυϨεม׵ʢInboundʣ • NATശ͸ѼઌΛ಺෦ʹมߋͨ͠ύέοτΛૹ৴ IP ΞυϨε 5.6.2 Internet 203.0.113.7:6342

    192.168.1.0/24 192.168.0.5 192.168.0.5:4345 192.168.0.5 dst addr: 4345 dst port: NAT Box

51. • NAT ͷϙʔτɾΞυϨεม׵ʢInboundʣ • ֎෦ͱ಺෦͔ΒݟΔͱ௨ৗͷૹड৴ʹͳΔ IP ΞυϨε 5.6.2 Internet 192.168.1.0/24

    192.168.0.5 NAT Box ஫: Symmetric NAT ͳͲผͷํࣜ΋͋Δ

52. • ϓϥΠϕʔτΞυϨε • Πϯλʔωοτ্ʹ͸ଘࡏ͠ͳ͍ → NAT ಺Ͱ࢖༻ • 192.168.0.0/16 •

    172.16.0.0/12 • 10.0.0.0/8 IP ΞυϨε 5.6.2

53. • NAT ͷ࣮৘ • Α͘ϑΝΠΞʔ΢ΥʔϧͱҰମԽ͍ͯ͠Δ • ֎෦͔Βͷ༧ظͤ͵ΞΫηεΛ๷͗΍͍͢ • ϙʔτ࿙ΕͯͨΓͱ͔ •

    IP ͨ͘͞Μ͋ͬͯ΋ NAT ࢖ΘΕͯͨΓ͢Δ IP ΞυϨε 5.6.2

54. • NAT ͷ൓࿦ɾσϝϦοτ • IP Ϟσϧʹ൓͍ͯ͠Δ • ʢͦͷ··Ͱ͸ʣ֎෦͔Β௨৴Λ։࢝Ͱ͖ͳ͍ • Ұ෦ϓϩτίϧͰ௨৴Ͱ͖ͳ͘ͳΔ

    • TCP / UDP Ҏ֎͸Ͳ͏͢Δͷ͔ • ࣮ࡍ: ICMP ͸ผͷࣝผࢠΛ࢖͏ͳͲ IP ΞυϨε 5.6.2

55. IPv6 5.6.3 • Internet Protocol (Version 6) • IPv4 ͔Βͷվળ఺

    • ΞυϨε௕͕ 128 bit ʹ • NAT ΋͍Βͳ͍ʂ • ϔομ͕γϯϓϧʹ

56. IPv6 5.6.3 • Internet Protocol (Version 6) • IPv4 ͔Βͷվળ఺

    • ηΩϡϦςΟ (IPSec) ʹ഑ྀ • ࣗಈͰ IP Λઃఆ͢Δ࢓૊Έ͕͋Δ (RA)

57. IPv6 5.6.3 • Internet Protocol (Version 6)

58. IPv6 5.6.3 • Traffic Class (DS) (8 bit) • QoS

    (6 bit), ECN (2 bit)

59. IPv6 5.6.3 • Flow Label (20 bit) • ίωΫγϣϯΛܗ੒͍ͨ͠ͱ͖ʹ࢖͏ࣝผࢠ

60. IPv6 5.6.3 • Payload Length (16 bit) • ϖΠϩʔυ௕ʢIPv4 ͸

    IP ύέοτશମʣ

61. IPv6 5.6.3 • Next Header (8 bit) • ֦ுΦϓγϣϯ or

    ϖΠϩʔυͷλΠϓ (TCP ౳)

62. IPv6 5.6.3 • Hop Limit (8 bit) • IPv4 Ͱݴ͏

    TTL ʢ໊લ͕࣮༻ʹଈͨ͠ʣ

63. IPv6 5.6.3 • Address (128 bit) • 2^128 = 3.4

    * 10^38 ݸʂ

64. IPv6 5.6.3 • ֦ுϔομʔͷྫ • ϑϥάϝϯτԽ • ϧʔλʔͰ͸ͳ͘ E2E Ͱߦ͏

    • ೝূʢAHʣɾ҉߸ԽʢESPʣ • ϧʔςΟϯάࢦఆ

65. IPv6 5.6.3 • ΞυϨεܗࣜ • IPv4 ͱ͸ҧ͍ Hex • 0

    ΛলུͰ͖Δ 2001:0db8:132f:0000:0000:aa12:0023:0001 2001:db8:132f::aa12:23:1

66. IPv6 5.6.3 • IPv6 ͷݱঢ় • ੈքతʹ࢖ΘΕ͖͍ͯͯΔʢ೔ຊ΋૿Ճதʣ Ҿ༻ݩ: https://www.google.com/intl/ja/ipv6/statistics.html#tab=ipv6-adoption

67. ࢀߟจݙ • ΞϯυϦϡʔɾSɾλωϯό΢ϜɺσΠϏουɾJ ɾ΢Τβϩʔϧ
 ʮίϯϐϡʔλωοτϫʔΫ ୈ5൛ʯ, 2013, ೔ܦBPࣾ