1 Chapter 5 Basic Packet Processing : Algorithms And Data Structures.
-
date post
22-Dec-2015 -
Category
Documents
-
view
232 -
download
0
Transcript of 1 Chapter 5 Basic Packet Processing : Algorithms And Data Structures.
1
Chapter 5Basic Packet Processing:
Algorithms And Data Structures
2
Outline
State information and Resource Exhaustion Packet Buffer Allocation Packet Buffer Size And Copying Protocol Layering And Copying Heterogeneity And Network Byte Order Bridge Algorithm Table Lookup And Hashing IP Datagram Fragmentation And Reassembly IP Datagram Forwarding IP Fragment Algorithm High-Speed IP Forwarding TCP Connection Recognition Algorithm TCP Splicing Algorithm
3
State information and Resource Exhaustion
Information stored indefinitely in memory is known state information
The amount of state information depends on traffic
To allow it to run arbitrarily long, a network system must be designed with limits on all resources, and the limits must be fixed independent of arriving traffic; designs that violate this principle will not be considered
4
Packet Buffer Allocation
Memory is perhaps the most obvious resource : Asymmetric traffic is common
Buffer management is closely related to Qos Network system usually allocate fixed-size
buffer : Variable-size buffer allocation does not work well → memory fragmentation
How large buffer be : Choose a size appropriate for the network technology
5
Packet Buffer Size And Copying
Using a single set of buffers helps avoid an inefficiency : packet copying
Because copying an entire packet from one locate to another requires time proportional to the entire packet and because memory speed is often a bottleneck, network systems avoid copying whenever possible
6
Protocol Layering And Copying
Higher layer protocols also affect the buffer allocation decision
Layering implies encapsulation
7
Two buffer allocation schemes
Large buffer– Input : Place the incoming frame in a buffer, pass the buffer
address among layers, and arrange for each layer to locate the appropriate header in the buffer
– Output : Leave sufficient space in the buffer before the payload, pass the address of the buffer among layers, and allow each layer to prepend another header
Linked List– Output : Allocate a separate buffer for each header and for the
data; construct a packed by forming a linked list where each node on the list points to one of the header buffers or the data buffer
– Input : Create an initial list of one node that points to the frame buffer; as the packet passed up the stack, append a node to the list that points to the next header
8
Heterogeneity And Network Byte Order
To ensure interoperability among heterogeneous computers, many protocol specify representation and transmission details
Two integer representations
1 2 3 4
4 3 2 1
Increasing memory adresses
Increasing memory adresses
Little endian
Big endian
9
Integer Conversion
Needed when heterogeneous computers communicate Protocols define network byte order Computers convert to network byte order Typical library functions
Function Data size Translation
ntohs 16 bits Network bytes order to host’s byte order
htons 16 bits Host’s byte order to network bytes order
ntohl 32 bits Network bytes order to host’s byte order
htonl 32 bits Host’s byte order to network bytes order
10
Examples Of Algorithms ImplementedWith Software-Based Systems
Layer 2– Ethernet bridge
Layer 3– IP forwarding– IP fragmentation and reassembly
Layer 4– TCP connection recognition and splicing
Other– Hash table lookup
11
Ethernet Bridge
Commercial Ethernet bridges are often implemented in software on conventional hardware : the code run from ROM on an embedded system that consist of a microprocessor, memory, and two network interfaces
The bridge need receives a copy of any fame : the interface operate in promiscuous mode
A physical interface on a bridge must not change the source address in outgoing frames because the bridge must replicate an exact copy the frame
12
Bridge Filtering
Uses source address in frames to identify computers on each network
Uses destination address to decide whether to forward frame
13
Bridge Algorithm
Assume: two network interfaces each operating in promiscuous mode.Create an empty list, L, that will contain pairs of values;Do forever {
Acquire the next frame to arrive;Set l to the interface over which the frame arrived;Extract the source address, S;Extract the destination address, D;Add the pair (S, I) to list L if not already present.If the pair (D, l) appears in list L {
Drop the frame;} Else {
Forward the frame over the other interface;}
}
14
Table Lookup And Hashing
Many network systems use a table to store state information or auxiliary data needed for processing, and lookup must be table for each packet
Software-based systems typically use hashing for table lookup– Double hashing works well if the hash table
contains many empty slots
15
Table Lookup Alogrithm
Given: a key, a table in memory, and the table size N.Produce: a slot in the table that corresponds to the key or an empty
table slot if the key is not in the table.Method: double hashing with open addressingChoose P1 and P2 to be prime numbers;Fold the key to produce an integer, K;Compute table pointer Q equal to (P1 * K) modulo N;Compute increment R equal to (P2 * K) modulo N;While (table slot Q not equal to K and nonempty) {
Q (Q + R) modulo N;}At this point, Q either points to an empty table slot or to the slot
containing the key
16
IP Datagram Fragmentation And Reassembly
Maximum Transmission Unit (MTU) : the largest payload a given network can accommodate
Fragmentation and Reassembly : a router can divide a large datagram into a set of smaller datagram called fragments
Each fragment travels independently Ultimate destination reassembles fragments to
reproduce the original datagram Implemented in software : The task is
straightforward
17
Summarizes
Each fragment is a datagram that begins with a datagram header Header fields in a fragment are derived from the original datagram In a fragment, the following fields differ from the original datagram
– TOTAL LENGTH– FLAGS– FRAGMENT OFFSET– HEADER CHECKSUM
The size of a fragment is determined by the MTU of the outgoing network
The FLAGS and FRAGMENT OFFSET fields together identify a datagram as a fragment; if both contain zero the datagram is not a fragment
18
Uses FLAGS Bits in Datagram Header
0 D M
0 = last fragment; 1 = more fragments
0 = many fragment; 1 = do not fragment
Reserved (must be 0)
FLAGS bits
19
Interpretation Of The Fragment Offset Field
The FRAGMENT OFFSET fields the relationship between data in the fragment and data in the original datagram
The FRAGMENT OFFSET specifies how far into the original payload the data in the fragment belongs
A receiver uses the offset during reassembly to put data from each fragment in its original position
The amount of data in a frame must be a multiple of eight octets
The limit is imposed even if the network MTU allows extra octets
20
IP Fragment Algorithm
Given: IP datagram, D , and a network MTU.Produce: a set of fragments for D.If the DO THE FRAGMENT bit is set {
Stop and report an error ;}Compute the size of the datagram header, H;Chooses N to be the largest multiple of 8 such
that H + K ≤ MTU ;Initialize an offset counter , O , to zero ;Repeat until datagram empty {
Create a new fragment that has a copy of D’s header;Extract up to the next N octets of data from D and Place the data in the fragment ;Set the MORE FRAGMENTS bit in fragment header;Set TOTAL LENGTH field in fragment header to be H + K;Set FRAGMENT OFFSET field in fragment header to be O ;Computer and set the CHECKSUM field in fragment header;Increment O by N/8;
}
21
Fragmenting A Fragment
A datagram may pass over networks with various size MTUs All offset refer to the original datagram : each fragment is
handled independently
The assignment of the MORE FRAGMENTS bit in fragments The same rules apply to fragment or a datagram
M bit in original
M bit in last fragment
M bit in other fragments
0 0 1
1 1 1
22
IP Reassembly
When all fragments arrive, the system reassembles them to produce the original datagram
Out-Of-Order Delivery : routes can change at any time
Duplication : overlap Loss : Not retransmit Concurrent Reception : A receiving system must be
prepared to accept incoming fragment from multiple datagrams concurrently
23
Grouping Fragment Together
The identification field (ID) in a datagram header is unique to a given source
A receiving system uses both the ID and IP source address fields to determine whether two fragment came from the same datagram
24
Fragment Position
The receiver must be able to accommodate a fragment that carries an arbitrary amount of data with an arbitrary offset
Reassembly maintains two pieces of information – The data octets themselves – Information about which data has been received
Uses a reassembly buffer
40 40 40 ^
Reassembly bufferFragment in reassenbly buffer
25
IP Reassembly Algorithm
Give: a fragment, F ,add to a partial reassemblyMethod: maintain a set of fragment for each datagramExtract the IP source address, S , and ID fields from F;Combine S and ID to produce a lookup key, K;Find the fragment set with key K or create a new set;Insert F into the set;If the set combine all the data for the datagram {
From a completely reassembled datagram and process it;
}
26
IP Datagram Forwarding
IP forwarder uses the address in each incoming packet to determine how to forward the packet
IP forwarding operates in layer 3, forwards IP datagrams, and use layer 3 (i.e., IP) address
Use routing table for each forwarding decision Conceptual mapping
– (next hop, interface) f(datagram, routing table)
27
IP Routing Table
One entry per destination Entry contains
– 32-bit IP address of destination– 32-bit address mask– 32-bit next-hop address– N-bit interface number
28
Example IP Routing Table
Values stored in binary Interface number is for internal use only Zero mask produces default route
Destination
Address
Address
Mask
Next-Hop
Address
Interface
Number
192.5.48.0 255.255.255.0 128.210.30.5 2
128.10.0.0 255.255.0.0 128.210.141.12 1
0.0.0.0 0.0.0.0 128.210.30.5 2
29
IP Forwarding Algorithm
Given: destination address A and routing table R.Find: a next hop and interface used to route datagrams to A.For each entry in table R {
Set MASK to the Address Mask in the entry;Set DEST to the Destination Address in the entry;If (A & MASK) == DEST {
Stop; use the next hop and interface in the entry;
}}If this point is reached, declare error: no route exists;
30
High-Speed IP Forwarding
Binary trie is the most popular Uses individual bits of the lookup key to navigate
through the trie — the search starts at the root and proceeds toward the leaves
At each node, a bit of the lookup key specifies whether to follow the left subtree or the right subtree
Each terminal node must contain a complete IP Address
31
Binary Trie
string prefix node
01011 0 A
10000 10000 B
10001 10001 C
10101 101 D
11001 1100 E
11010 11010 F
11011 11011 G
11101 111 H
A
B C
D
F G
E
H
0
0
0
0
0
0
0
0 1
1
1
1 1
1
1
32
TCP Connection
Keep information about the state of each connection
Involves a pair of endpoints Started with SYN segment Terminated with FIN or RESET segment Identified by 4-tuple
– ( src addr, dest addr, src port, dest port )
33
TCP Connection Recognition Algorithm
Given: a copy of traffic passing across a network.Produce: a record of TCP connections present in the traffic.Initialize a connection table, C, to empty;For each IP datagram that carries a TCP segment {
Extract the IP source, S, and destination, D, addresses;Extract the source, P1, and destination, P2, port numbers;Use (S,D,P1,P2) as a lookup key for table C andcreate a new entry, if needed;If the segment has the RESET bit set, delete the entry;Else if the segment has the FIN bit set, mark the connectionclosed in one direction, removing the entry from C ifthe connection was previously closed in the other;Else if the segment has the SYN bit set, mark the connection asbeing established in one direction, making it completelyestablished if it was previously marked as beingestablished in the other;
}
34
TCP Splicing
Join two TCP connections Allow data to pass between them To avoid termination overhead translate
segment header fields Acknowledgement number Sequence number
35
Illustration Of TCP Splicing
Host A Host Bsplicer
TCP connection #1 TCP connection #2
Sequence 200 Sequence 50 Sequence 800 Sequence 1200
Connection
&Direction
Sequence
Number
Income #1
Outgoing #2
200
860
Change 660
Connection
&Direction
Sequence
Number
Income #2
Outgoing #1
1200
50
Change -1150
36
TCP Splicing Algorithm
Given: two TCP connections.Produce: sequence translations for splicing the connection.Compute D1, the difference between the starting sequences
on incoming connection 1 and outgoing connection 2;Compute D2, the difference between the starting sequences
on incoming connection 2 and outgoing connection 1;For each segment {
If segment arrived on connection 1 {Add D1 to sequence number;Subtract D2 from acknowledgement number;
} else if segment arrived on connection 2 {Add D2 to sequence number;Subtract D1 from acknowledgement number;
}}
37
QUESTION?