제 11 장

사용자데이터그램프로토콜

2

Content

Introduction

UDP Header

UDP Checksum

IP Fragmentation

ICMP 도달불가에러[단편화요구]

Traceroute를이용한 Path MTU결정 UDP를이용한 Path MTU발견 UDP와ARP간의상호작용 UDP 데이터그램크기의최대값 ICMP 발신지억제에러 UDP 서버설계 Summary

3

Introduction

Simple, datagram-oriented, transport layer protocol

프로세스에의한 output으로하나의 UDP datagram을생성

stream-oriented protocol인 TCP와다름

No reliability

목적지에도착을보장하지못함

4

UDP Header

Port number

sending process와 receiving process 구별

UDP와 TCP port는 IP로부터구별됨 (figure 1.8)

UDP length: UDP header+data의길이

UDP 헤더 : 8 바이트

UDP 데이터

5

UDP Header

16-bit source port number 16-bit destination port number

16-bit UDP length 16-bit UDP checksum

Data(if any)

Figure 11.2 UDP header

6

UDP Checksum

UDP header와 UDP data를체크

IP checksum은 IP header만체크

IP header checksum과유사하지만차이점이있음

UDP datagram의길이는홀수일수있지만, checksum algorithm은

16-bit word

0값의 pad byte를붙임으로서해결

12-byte pseudo-header 포함

데이터가보내질올바른목적지를 2번체크

7

UDP Checksum UDP checksum 계산필드

32-bit source IP address

32-bit destination IP address

16-bit UDP lengthzero 8-bit protocol

16-bit source port number 16-bit dest port number

16-bit UDP length 16-bit UDP checksum

data

Pad byte(0)

8

UDP Checksum

TCP와 UDP는헤더에 checksum을가짐

UDP는 optional, TCP는 mandatory

UDP는 optional이지만, 항상 checksum을사용해야함

tcpdump Output

1 0.0 sun.1900 > gemini.echo: udp 9 (UDP cksum=6e90)

2 0.303755(0.3038)gemini.echo > sun.1900: udp 9 (UDP cksum =0)

3 17.392480(17.0887) sun.1904 > aix.echo: udp 9 (UDP cksum=6e3b)

4 17.614371(0.2219) axi.echo > sun.1904:udp 9 (UDP cksum=6e3b)

9

IP Fragmentation IP fragmentation을하는이유

데이터그램의크기가물리적인네트워크계층이전송할수있는

frame의최대크기보다클때

Fragmentation 과정

IP는상위계층에서전달받은 IP datagram을어느 local interface를

통해전달할것인지를결정(MTU를질의)

MTU와 IP datagram을비교

if ( IP datagram > MTU ) then Fragmentation

Fragmentation 발생위치

송신 host 또는중간 router

10

IP Fragmentation

Reassemble

최종목적지에도달후, reassemble됨

몇몇다른네트워크프로토콜은최종목적지가아닌다음 hop에

서 reassemble하기도함

목적지의 IP Layer가수행

Fragmentation & Reassemble 목적

처리속도를저하시키지않는범위에서 transport layer에서

transparency을제공하기위함

Fragmentation의재 fragmentation이가능

IP header에 reassemble을위한정보를유지

11

IP Fragmentation IP header field

Identification field : 송신자가전송하는각 IP 데이터그램에대하

여유일한값을포함, 번호는해당데이터그램의각단편에복사

Flags field

more fragment bit : fragment가더있다는것을의미하기위함, 마지막

fragment를제외하고각 fragment는이비트를 set

don’t fragment bit : IP는 datagram을단편화하지못함, 그러나 ICMP

error를본래전송자에게보냄

(ICMP error : fragmentation이필요한데 don’t fragment bit가 set되어

있음을의미)

Fragment offset field : 해당 fragment의 offset을나타냄

12

IP Fragmentation Routing of Fragments

각각의 fragment는자신의 IP header를갖는독립된패킷

다른패킷과독립적으로전송, 최종목적지에다른순서로도착

할수있지만 IP header정보로재조립

Fragmentation의단점

fragment를하나라도분실하면 datagram의모든 fragment를재전

송

fragmentation이중간 router에서이루어진경우발신지는

datagram의 fragmentation정보를알수없음

13

IP Fragmentation Example

sock 프로그램을이용해서 fragmentation이일어날때까지

datagram의크기를증가시킨다.

Ethernet 의MTU = 1500 bytes

user data = 1500 - 20(IP header) - 8(UDP header) = 1472 bytes

bsdi % sock -u -I -n1 -w1471 svr4 discard

bsdi % sock -u -I -n1 -w1472 svr4 discard

bsdi % sock -u -I -n1 -w1473 svr4 discard

bsdi % sock -u -I -n1 -w1474 svr4 discard

14

IP Fragmentation tcpdump output

1 0.0 bsdi.1112 >svr4.discard: udp 1471

2 21.008303 (21.0083) bsdi.1114 >svr4.discard: udp 1472

3 50.449704 (29.4414) bsdi.1116 >svr4.discard: udp 1473 (frag 26304:1480@0+)

4 50.450040 ( 0.0003) bsdi>svr4: (frag 26304:1@1480)

5 75.328650 (24.8786) bsdi.1118>svr4.discard: udp 1474 (frag 26313:1480@0+)

6. 75.328982 ( 0.0003) bsdi>svr4: (frag 26313:1@1480)

line 1, 2 : not fragmented

line 3, 4, 5, 6 : fragmented

identification number : 26304, 26313

1480= 1472(user data)+8(UDP header)

‘@’ 다음의 number : offset

+ : more fragment , if (not +) then last fragment

15

IP Fragmentation

생성된 fragment의크기는마지막 fragment를제외하고 8

의배수가되어야함

첫번째 fragment를제외한나머지는프로토콜과 source,

destination의 port number를생략함

terminology

IP datagram : IP Layer에서종단간전송의단위

packet : IP Layer와 Link layer간에전달되는데이터의단위 packet

은하나의 IP datagram이되거나 fragment가될수있음

16

IP

header

UDP

headerUDP data (1473 bytes)

20 byte 8 byte

UDP datagram

IP

header

UDP

header

1472 bytes20 byte 8 byte

IP

header

20 byte 1 byte

packet packet

Figure 11.8 Example of UDP Fragmentation

17

1. ICMP Unreachable Error - Fragmentation Required -

router가 fragmentation이필요한 datagram을받은경우, DF

flag가 set되어있을때발생

목적지까지의경로에서가장작은MTU를결정할필요가

있는프로그램은이러한 error를이용

(path MTU discovery Mechanism)

18

type(3) code(4) checksum

Unused (must be 0) MTU of next-hop network

IP header(including options) + first 8bytes of original IP datagram data

0 7 8 15 16 31

8 b

yte

s

Figure 11.9 ICMP unreachable error options)+first 8bytes of original IP datagram data

Newer Format of ICMP Unreachble Error

19

MTU=1500

bsdi

MTU=1500

sun netb solaris

MTU=1500 MTU=1500

SLIP

MTU=552 MTU=?

fragment

fragment

watch with

tcpdump

fragmentation

pingICMP echo

request

Figure 11.10 Systems being used to determine MTU of SLIP link from netb to sun

20

ICMP Unreachable Error(Fragmentation Required)

tcpdump output on bsdi- echo reply 가 sun 에서막힘. 따라서, sun 이 bsdi 에게에러메세지보냄 (다음

그림)

1 0.0 solaris > bsdi : icmp : echo request (DF)

2. 0.000000 (0.0000) bsdi>solaris : icmp : echo reply (DF)

3. 0.000000 (0.0000) sun>bsdi icmp : solaris unreachable -

need to frag, mtu = 0 (DF)

4 0.738400 (0.7384) solaris > bsdi : icmp : echo request (DF)

5. 0.748800 (0.0104) bsdi>solaris : icmp : echo reply (DF)

5. 0.748800 (0.0000) sun>bsdi icmp : solaris unreachable -

need to frag, mtu = 0 (DF)

Solaris 2.2 는대개 DF를 set 한다. 이는 path MTU discovery mechanism의한부분

이다.

21

MTU=1500

bsdi

MTU=1500

sun netb solaris

MTU=1500 MTU=1500

SLIP

MTU=552 MTU=?

ICMP echo

request

ICMP echo

requestICMP echo

request

ICMP echo

reply

ICMP unreachable

fragmentation required

and DF set

Figure 11.12 Packets exchanged in example

22

2. 송신측(sun) Traceroute 을 수정하여path MTU 찾기

Traceroute version을수정하여 path MTU를찾아낼수있음.

example scenario

DF set packet을보냄

1번 packet의크기 = sending interface의MTU

ICMP “can’t fragment” error를받을때마다 packet의크기를줄임

sun -> slip (SLIP link MTU = 295)

23

traceroute output (sun -> slip)

sun % traceroute.pmtu slip

traceroute to slip (140.252.13.65), 30 hop max

outgoing MTU =1500

1 bsdi (140.252.13.35) 15 ms 6ms 6ms

2 bsdi (140.252.13.35) 6 ms

fragmentation required and DF set, trying new MTU = 1492

fragmentation required and DF set, trying new MTU = 1006

fragmentation required and DF set, trying new MTU = 576

fragmentation required and DF set, trying new MTU = 552

fragmentation required and DF set, trying new MTU = 544

fragmentation required and DF set, trying new MTU = 512

fragmentation required and DF set, trying new MTU = 508

fragmentation required and DF set, trying new MTU = 296

2 slip (140.252.13.65) 377 ms 377 ms 377ms

실례

24

sun % traceroute.pmtu slip

traceroute to slip (140.252.13.65), 30 hop max

outgoing MTU = 1500

1 bsdi (140.252.13.35) 53ms 6ms 6ms

2 bsdi (140.252.13.35) 6ms

fragmentation required and DF set, Next hop MTU = 296

2 slip (140.252.13.65) 377ms 378MS 377 MS

올바른MTU를찾기전에 8개의다른값으로시도할필요없다.

router는제대로된값을전달한다.

3.중간 ROUTER (bsdi) 에서 ICMP 수정

25

4. Path MTU Discovery with UDP UDP를이용하는 application과 path MTU discovery

mechanism 간의 상호작용을알아본다.

Example

– application이중간의 link에대해서상당히큰 datagram을 write 한다

– solaris : source host, slip : destination host

– sending data : solaris -> slip

– size of data : 650 bytes

– SLIP link MTU behind slip : 296

– 268 byte (296-20-8) 이상되는 UDP datagram( DF set)은 router bsdi가

ICMP error를생성하게한다.

– solaris % sock -u -i -n10 -w650 slip discard

26

MTU=1500

bsdi

MTU=1500

sun netb solaris

MTU=1500 MTU=1500

SLIP

MTU=552 MTU=1500

SLIPslip

MTU=296 MTU=296

run

tcpdump

here

650-byte UDP datagram with DF bit set

ICMP can’t fragment error

Figure 11.13 Systems used for path MTU discovery using UDP

27

tcpdump output on sun

1 0.0 solaris.36196>slip.discard:udp 650 (DF)

2 0.004218 (0.0042) bsdi>solaris: icmp:

slip unreachable - need to frag, mtu=0 (DF)

3 4.980528 (4.9763) solaris.36196>slip.discard:udp 650 (DF)

4 4.984503 (0.0040) bsdi>solaris: icmp:

slip unreachable - need to frag, mtu=0 (DF)

5 9.870407 (4.9763) solaris.36196>slip.discard:udp 650 (frag 47942:552@0+)

6 9.960056 (0.0896) solaris>slip: (frag 47942:106@552)

7 14.940338 (4.9763) solaris.36196>slip.discard:udp 650 (DF)

8 14.944466 (0.0040) bsdi>solaris: icmp:

slip unreachable - need to frag, mtu=0 (DF)

9 19.890015 (4.9763) solaris.38196>slip.discard:udp 650 (frag 47944:552@0+)

10 19.950463 (0.0604) solaris>slip: (frag 47944:106@552)

19 44.940485 (5.0100) solaris.36196>slip.discard:udp 650 (DF)

20 44.944432 (0.0040) bsdi>solaris: icmp:

slip unreachable - need to frag, mtu=0 (DF)

28

ICMP source Quench Error 처리할수없을정도로빠르게 datagram을받을때,

system(host or router)에의해서생성되기도한다.

시스템의 buffer가넘쳐서 datagram을버릴지라도 “source quench”

의전송은반드시이루어져야하는아니다.

Example

bsdi -> sun : Ethernet, sun -> : SLIP

SLIP link = 100 * Ethernet link 이기때문에 sun의버퍼가쉽게넘

칠것이다.

100개의 1024-byte datagram을전송 : bsdi -> sun -> solaris

bsdi % sock -u -i -w1024 -n 100 solaris discard

29

ICMP source Quench Error

type(4) code(0) checksum

Unused (must be 0)

IP header(including options) + first 8bytes of original IP dagagram data

0 7 8 15 16 31

8 b

yte

s

Figure 11.18 ICMP source quench error

30

ICMP source Quench Error

tcpdump output

1 0.0 bsdi.1403 > solaris.discard:udp 1024

26 lines thar we don’t show

27 0.10 (0.00) bsdi.1403>solaris.dicard: udp 1024

28 0.11 (0.01) sun>bsdi: icmp: source quench

29 0.11 (0.00) bsdi.1403>solaris.discard:udp 1024

30 0.11 (0.00) sun>bsdi: icmp: source quench

142 lines thar we don’t show

173 0.71 (0.06) bsdi.1403>solaris.discard:udp 1024

174 0.71 (0.00) sun>bsdi: icmp: source quench

31

Summary UDP is a simple protocol.

UDP가 user process에제공하는서비스는단지 port number들과optional checksum뿐이다.

ICMP unreachable error는 new path MTU discovery feature

이다.

Traceroute와 UDP를이용한 path MTU discovery

UDP와ARP간의 interaction

대부분의ARP implementation들은ARP 응답을기다리는동안, 주어진목적지에가장최근에전송된 datagram을보류한다.

ICMP source quech error는처리할수없을정도로빠르게datagram을받을때발생할수있다.

UDP를이용하면, 쉽게 error를발생시킬수있다.