Computer Networks (ComNet) 4/5 : Networkfourmaux/ARes/AResC4v63_en_4.pdfRouting ComNet: course 4/5...

The network layerIPv4 addressing and control

Routing

Computer Networks (ComNet) 4/5 : Network

Olivier Fourmaux ([email protected])

Version 6.3

Olivier Fourmaux ([email protected]) Computer Networks (ComNet) 4/5 : Network


Routing

ComNet: course 4/5 outline

1 The network layerBackgroundTCP/IP integrationIPv4 packet structure

2 IPv4 addressing and controlCIDR addressingControl messagesRelated mechanisms

3 RoutingBasic algorithmsRouting hierarchyAn interior gateway protocol: OSPFAn exterior gateway protocol : BGP



Routing

Network layer

The network layer forward packets from the source to thedestination by doing hops between the intermediate nodes.

end-to-end

topology knowledge

route computation (routing)

virtual adressing

underlying technology abstraction

underlying dedicated encapsulationfragmentationaddresses translation



Routing

BackgroundTCP/IP integrationIPv4 packet structure







Routing


Network layer: OSI

Presentation

Application

Session

Transport

Data link

Physical

7

6

5

4

3

2

1

Interface Interface

Host A

APDU

Presentation

Application

Session

Transport

Data link

Physical

Host B

Data link Data link

Physical Physical

Router Router

Application protocol

Presentation protocol

Transport protocol

Session protocol

Network Network Network Network



Routing


Network layer: virtual circuit or datagram approach

X. 25

M

M

OSI

M

M ATM

End-to-end concatenated virtual circuits

Router

Host

Multiprotocol router

SNA

1

2

M

M

M

M

2

Host

Router

1

Packets travel individually and can take different routes

Multiprotocol router

pictures from Tanenbaum A. S. Computer Networks 3rd edition



Routing


Network layer: encapsulation

The network layer make abstraction of the underlying technologies

data must be able to be forwarded from networks to networks

upper layers should not make any hypothesis about theunderlying layers

? EthernetATM

��

��

��

��

à more in course 5/5 Support architectures



Routing


Network layer: fragmentation

G1 G2 G3 G4

G1 G2 G3 G4

Packet

Network 1

G1 fragments a large packet

G2 reassembles the fragments

G3 fragments

again

G4 reassembles

again

Network 2

(a)

Packet

G1 fragments a large packet

The fragments are not reassembled until the final destination (a host) is reached

(b)




Routing


Network layer: addressing

The network layer provides a virtual adressing scheme usable onevery underlying network technology

unique identifier for each device

masks technology-specific addressing mechanisms

requires translation of addresses

? EthernetATM

47.00918100000000000CA79E01.00000CA79E01.00

163218239200400

08:00:69:02:01:FC

��

��

��

��

à also more details in course 5/5 Support architecturessupports



Routing


Network layer: routing

Calculating routes

initial (virtual circuits)

for each packet (without memory)

Routing decisions based on:

routing table

staticdynamic

routing algorithmsrouting protocols...

à to be examined in greater detail



Routing








Routing


Network layer: TCP/IP

ARPANET

TELNET

TCP UDP

LAN

DNS

Packet#radio

SMTP

SATNET

FTP

IP

à IP interface is universal



Routing


IPv4

...

... ... ...

... ...

......

��

��

��

��

��

��

��

��

��

��

Routers

Packets

Connectionless best effort service



Routing








Routing


IPv4: packet structure

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)m

ax 1

0 l.

max

65

Koc

tets

��

��

D F

M F

Options

(transport data)

HlenVer TOS

Identifier Frag. offset

TTL Protocol Header checksum

IP source address

IP destination address

Segment / datagram / ...

Packet Length



Routing


IPv4: versions

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length

4 bits

present IP: version 4

IP next generation: version 6à see ING course



Routing


IPv4: header length

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length4 bits (max value: 15)

indicates the number of32 bits lines in the IP header

mandatory because theoption files is variablelength (20 a 60 bytes)value from 5 (no option)to 15 (10 lines of options:40 bytes)



Routing


IPv4: Type Of Service (TOS)

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length

8 bits3 bits for precedence(priority)

000: Routine001: Priority010: Immediate011: Flash100: Flash override110: Internetwork control111: Network control

3 bits for service

DelayThroughputReliability(Cost)

�

not used... à U.E. ING (DiffServ Byte)Olivier Fourmaux ([email protected]) Computer Networks (ComNet) 4/5 : Network


Routing


IPv4: packet size

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)m

ax 1

0 l.

��

��

D F

M F

Options

(transport data)

HlenVer TOS



IP source address


Segment / datagram / ...

Packet Length

16 bits (64 Kbytes maximum)

total packet size with headerexpressed in bytes

the network must allow anMTUa > 576 bytesb

aMTU: Maximum Transmission Unitb576 bytes = 512 application level data

+64 protocol overhead(IP and transport headers)



Routing


IPv4: identifier

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length 16 bits (loops every 64 Kpackets)

meant to be a unique value foreach packet

for reassembling the fragmentsof the same packet

typically, increment a counterfor each successive packet



Routing


IPv4: fragmentation

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length

Non transparent fragmentation

1 bit reserved

1 bit DF: Don’t Fragment (1 =fragmentation forbiden)

1 bit MF: More Fragment (0 =for the last fragment)

13 bits fragment offset in 8bytes blocs (shift 3)

examples:0x0000 full packet (offset=0)0x2000 first fragment (offset=0)0x20A0 middle fragment (offset=1280)0x00B0 last fragment (offset=1408)



Routing


IPv4: fragmentation

Number of the first elementary fragment in this packet

Packet number

End of packet bit

27 0 1 A B C D E F G H I J

27 0 0 A B C D E F G H 27 8 1 I J

27 0 0 A B C D E 27 5 0 F G H 27 8 1 I J

Header

1 byte

Header Header

Header Header Header

(a)

(b)

(c)

Beware the offset use single bytes in this example taken from Tanenbaum A. S. Computer Networks 3rd edition



Routing


IPv4: Time To Live (TTL)

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length8 bits

unitial unit: secondsmaximum value set by thesender (255, 128, 64...)decremented in each router

minimum 1 per routeurà number of hops

max 255 seconds or hops

avoid loops



Routing


IPv4: carried protocol

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length

8 bits

demultiplexing for the upperlayer protocols:Unix> cat /etc/protocols

icmp 1 # internet control message protocol

ggp 3 # gateway-gateway protocol

ipencap 4 # IP encapsulated in IP

st 5 # ST datagram mode

tcp 6 # transmission control protocol

egp 8 # exterior gateway protocol

udp 17 # user datagram protocol

rdp 27 # "reliable datagram" protocol

iso-tp4 29 # ISO Transport Protocol class 4

xtp 36 # Xpress Tranfer Protocol

idrp 45 # Inter-Domain Routing Protocol

rsvp 46 # Reservation Protocol

gre 47 # General Routing Encapsulation

ospf 89 # Open Shortest Path First IGP...



Routing


IPv4: header checksum

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

HlenVer TOS



Packet Length

IP source address


Options

16 bits

similar to UDP/TCP checksumbut only on the header

sender:

checksuma =∑

word16bits

receiver:recompute the

∑word16bits

= 0: no error detected (yetstill possible)6= 0: error (silent discard)

aBinary sum over 16 bits with overflowcarried to the least significant bit



Routing


IPv4: source address

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length

32 bits (IPv4 address)

identifies the packet sender

allows a message to be returnedto the sender (ICMP, UDP...)



Routing


IPv4: destination address

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS

Identifier


IP source address


Packet Length

Frag. offset 32 bits (IPv4 address)

used for routing

indicates the network (ornetwork prefix) of the receiveridentifies the interface of thereceiver in its network



Routing


IPv4: options

32 bits (4 octets)

min

5 li

gnes

(m

in 2

0 oc

tets

)

��

��

D F

M F

Options

HlenVer TOS



IP source address


Packet Length

0 to 40 bytes (aligned on a 32bit boundary)

TLV value identical to TCP’s

examples:

record routestrict source routingloose source routingtime stampssecurity...

examined by each router

à To avoid!



Routing

CIDR addressingControl messagesRelated mechanisms







Routing


Addressing: principles

2 variable size partsà network identifier (netId) and host identifier (hostId)associated in the IPv4 address:

Ad. IPv4 : netId hostId

12.2132.77



Routing


Addressing: classes

32 Bits

Range of host addresses

1.0.0.0 to 127.255.255.255

128.0.0.0 to 191.255.255.255

192.0.0.0 to 223.255.255.255

224.0.0.0 to 239.255.255.255

240.0.0.0 to 247.255.255.255

Class

0 Network Host

10 Network Host

110 Network Host

1110 Multicast address

11110 Reserved for future use

A

B

C

D

E




Routing


Addressing: netmask

Binary mask usageclass binairy mask netmask prefix

A 11111111000000000000000000000000 255.0.0.0 /8

B 11111111111111110000000000000000 255.255.0.0 /16

C 11111111111111111111111100000000 255.255.255.0 /24

Extracting the netId132.227. 60.135

&& 255.255. 0. 0132.227. 0. 0

netId.hostId&& netmask

netId. 0. 0

Extracting the hostId132.227. 60.135

&& 0. 0.255.25560.135

netId.hostId&& !netmask

hostId



Routing


Addressing: specific addresses

for each network (netId), 2 reserved addresses:

netId.000....000 à identifies this networknetId.111....111 à this network broadcast

others:

000....000 à source address unknown111....111 à local broadcast127.x.y.z à software loopback



Routing


Addressing: subnetting (1)

Initial size of the identifier of network (netId):

132.77.0.0 /16 (prefix notation)

132.77.0.0 netmask 255.255.0.0 (mask notation)

Subdivision possible:

132.77.12.0 /22

132.77.12.0 netmask 255.255.252.032 Bits

Subnet mask

10 Network Subnet Host

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0




Routing



Ad. IPv4 : netId hostId

7132.77

subnetId

12



Routing



132.77.0.0

132.77.4.0/22

132.77.0.0/22

132.77.12.0/22

3.254

0.1

3.254

0.3

Internet

0.3

3.254

0.5

0.5 0.11

0.7

��

��


netId.000....000

netId.111....111

000....000

111....111

127.x.y.z


Routing


Addressing: allocation

...

... ... ...

......

56.0.0.0192.33.1.0

140.18.0.0

192.33.1.0

140.18.1.0

56.17.8.0

56.2.8.0

56.17.45.0

10.0.0.0

56.1.7.0

56.1.6.056.1.5.0

56.1.4.0

56.1.3.0

56.2.2.0

140.18.2.0

140.18.11.0140.18.21.0

140.18.22.0 140.18.39.0

��

��

��

��

��

��

��

��



Routing


IPv4: routing process

packet

destination

address direct

access

route to the

host

route to the

network

default route

send to the

destination

send to the next

router

error

yes

yes

no

send to the next

routeryes

send to the next

routeryes

Destination Gateway Genmask Flags Metric Ref Use Iface

192.33.182.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 atm0

154.18.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1

132.77.0.0 154.18.2.254 255.255.0.0 UG 0 0 0 eth1

default 192.33.182.254 0.0.0.0 UG 0 0 0 eth0



Routing


Routing: longest prefix match

40.0.0.0

30.0.0.0

20.0.0.030.3.0.0

30.1.2.3if1

if2if3

IPdest=50.2.9.3


20.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 if1

30.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 if2

40.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 if3

30.3.0.0 20.1.2.3 255.255.0.0 UG 0 0 0 if1

30.1.2.3 20.1.0.1 255.255.255.255 UGH 0 0 0 if1

60.126.6.0 30.0.0.1 255.255.255.0 UG 0 0 0 if2

default 30.0.0.1 0.0.0.0 UG 0 0 0 if2



Routing


Classless addressing

So-called “class-based” IP address allocation is inefficient

adresses allocated by blocks of 256, 65K, or 16M

subnetting allows for better management

classless addressing allows greater flexibility in addressallocation:

the addresses:

192.77.16.0/24

192.77.17.0/24

192.77.18.0/24

192.77.19.0/24

can be regrouped in:

prefix notation: 192.77.16.0/22

mask notation: 192.77.16.0 netmask 255.255.252.0



Routing


Addressing: CIDR (Classless InterDomain Routing)

allows aggregation of continguous addresses (sharing acommon prefix)

allows routers to maintain a single entry in a routing table

initially used by ISPs for grouping class C addresses

the default prefix for a class C address is /24prefixes /23, /22, /21, etc. describe aggregations of class Caddresses

197.88.0.0/16 aggregates 256 class C addresses

used today for all possible address block sizesin the full ex-class A, B, C address space

81.152.12.0/22



Routing


Addressing: CIDR calculus

A CIDR block is the aggregation of a set of addresses

network bits (netId) of a CIDR block consist of the Nleftmost bits (/N defines the network mask of the CIDRblock)host bits (hostId) of a CIDR block consist of the 32− Nremaining bitsset of addresses that can be allocated in a CIDR block:

first host: hostId = 000...0001last host: hostId = 111...1110broadcast address: hostId = 111...1111

example:CIDR block -> 192.77.20.0/22

@ first host : 192.77.20.1

...

@ last host : 192.77.23.254

@ broadcast : 192.77.23.255



Routing


Addressing: CIDR block split

CIDR blocks can be divided into sub-blocks through subnetting

192.77.20.0/22

192.77.20.0/25

192.77.21.128/25

192.77.22.0/25

Internet5

1

3

3

5

11

7

126126

126



Routing


Addressing: allocation

...

... ... ...

......

81.33.1.0\22

10.0.0.0\8

81.33.1.0\23

56.2.0.0\24

140.18.0.0\18

56.2.0.32\30

56.2.0.16\30

56.2.0.20\30

56.2.0.24\30

140.18.0.0\30140.18.0.4\30

140.18.1.0\28

140.18.39.64\26

140.18.21.0\27

140.18.22.128\27

��

��

��

��

��

��

��

��


197.88.0.0/16

81.152.12.0/22


Routing


IPv4: public or private addresses

Public addressing

every Internet host must have a unique valid address

Private addressing

for TCP/IP usage outside of the Internet

independent address management (unique addresses)

recommended address blocks:

unrouted addresses (private addresses):10.0.0.0/8 (1 ex-class A)172.16.0.0/12 (16 ex-class Bs)192.168.0.0/16 (256 ex-class Cs)169.254.0.0/16 (link local block for auto-configuration)

available for each private internetnot sent to the public Internet, even if connectedpossible to communicate to the Internet (proxy, NAT,. . . )



Routing


IPv4: NAT (Network Address Translation)

1

2

3

4

5

6

7NATbox/firewall

PC Leasedline

Packet aftertranslation

Packet beforetranslationCompany

LAN

Companyrouter

Server

ISP’srouter

10.0.0.1 198.60.42.12

Boundary of company premisespictures from Tanenbaum A. S. Computer Networks 4rd edition



Routing


IPv4: NAT, DNAT and NAPT

Several ways to convert addresses:

static NAT : preset address translation

dynamic NAT : on the fly address translation

+ dynamic address table:

private address public adress

10.0.0.3 192.33.182.117

10.0.0.4 192.33.182.118

... ...

NAPT (CISCO NAT overload): on the fly translation with“overload”+ ports + dynamic table (for each protocol):

proto private addr. private port public addr. public port

TCP 10.0.0.3 1027 192.33.182.117 1027

TCP 10.0.0.4 1027 192.33.182.117 1028

UDP 10.0.0.4 31765 192.33.182.117 31765

... ... ... ... ...



Routing


IPv4: NAPT mechanisms

Where are addresses modified?+ at the interface card:

NAT on entry à routing process à NAT on exit

Additional changes:

the header checksum must be recalculated

NAT IP, TCP et UDP (address + pseudo-header)NAPT IP, TCP et UDP (address + pseudo-header + port)

the address and port parameters of application-layer protocolsmust also be modified (PORT command in FTP)

ICMP messages are analyzed



Routing


IPv4: NAT and IETF (RFC 1631)

NAPT very widely used today

companies (flexibility)service providers (lack of addresses)individuals (who only receive one address)

creates some problemsarchitectural:

ports should identify processes and not machinestransport-layer changes made by the networkend-to-end principle: hosts should communicate directly

security: incompatible with authenication mechanismstechnical: how to “enter” a NATed network?

solutionsshort term à static conversions conversions, middleboxeslong term à IPv6



Routing








Routing


IPv4: ICMP (Internet Control Message Protocol, RFC 792)

Encapsulated in IP packets (but belonging to layer 3)à testing and diagnosing the network

ICMP Type Code Description

0 0 ←↩echo reply

3 0 destination network unreachable

3 1 destination host unreachable

3 2 destination protocol unreachable

3 3 destination port unreachable

3 6 destination network unknown

3 7 destination host unknown

4 0 source quench

8 0 7→echo request

9 0 router advertisement

10 0 router discovery

11 0 TTL expired

11 1 reassembly time exeeded

12 0 IP header badOlivier Fourmaux ([email protected]) Computer Networks (ComNet) 4/5 : Network


Routing


ICMP: echo

��

��

ping

ICMP : Echo Request

ICMP : Echo Response

Type Code Checksum Identifier Seq. Num. Data8 (Echo Request) 00 (Echo Response) 0

1 octet 1 2 2 2 ...

Testing equipment reachability

used by the ping command:

indicates that the destination is connected and reachable by IPsending several probes allows one to estimate the RTT andloss rate



Routing


ICMP: destination unreachable

��

��IP

TCP UDP

App

Routeur

Host

Host Unreach.

Net Unreach.

Proto. Unreach.

Port Unreach.

CiscoSystems Cisco 7000 SERIES

Type Code Checksum Unused Data3 0 (Net Unreachable) IP Header

1 (Host Unreachable) + 64 bits2 (Protocol Unreachable)3 (Port Unreachable)

1 octet 1 4 2 (IHL * 4) + 8

Message sent when the destination cannot be reachedthe IP header and some transport layer information arereturned

@ source = originator of the ICMP message@ destination = @ source of the packet in question



Routing


ICMP: timeout

��

��

Routeur

TTL Exceeded

Frag. Reass. Time Exceed




Type Code Checksum Unused Data11 0 (Time To Live Exceeded) IP Header

1 (Frag. Reass. Time Exceeded) + 64 bits

1 octet 1 4 2 (IHL * 4) + 8

Message sent when the TTL or the reassembly time has expired

the IP header and some transport layer information is returned

@ source = initiator of the ICMP message@ destination = @ source of the packet in question

used by the traceroute command



Routing


ICMP: other messages

Source Quench (Type 4)indicates congestion at the source

no signal to indicate that congestion has ended

Redirection (Type 5)signals that a better route is available

minimal host configuration

other messages mainly for autoconfiguration



Routing








Routing


IPv4: RARP (Reverse Address Resol. Protocol, RFC 903)

Inverse of the ARP protocol (broadcast networks)

obtaining an @ IP from a @ MAC on startup

diskless hosts (X terminals, printers,. . . )mobile hosts (laptops changing networks. . . )

use of a server (rarpd)

relating /etc/ethers and /etc/hosts

packet format identical to ARPtype Ethernet: 0x8035

code 3 for an RARP requestcode 4 for an RARP reply

autoconfiguration example:

new host starts an RARP exchangethe host requests the netmask via ICMPthe host requests its startup program from teh RARP servervia tftp



Routing


IPv4: BOOTP (BOOT Protocol, RFC 951 and 1542)

portable protocol, over UDP

query on port 68, reply on port 67which IP addresses to use when none are known?

broadcast @ IP (255.255.255.255)default @ IP (0.0.0.0)

allows a host to contact a server on another network

via BOOTP relay agents

many extensions (RFC 1533)

netmasklist of routers in the subnetlist of NTP serverslist of DNS name serverslist of print servers (LPD and others)hostname and domainnamedefault TTL. . .



Routing


IPv4: DHCP (Dynamic Host Config. Protocol, RFC 2131)

New protocol replacing, and backward-compatible with, BOOTP

dynamic attribution of IP addresses, on limited time leases

leases periodically renewed as necessary

new DHCP options (extend BOOTP):

DHCPDISCOVER Cà S find server

DHCPOFFER Sà C offer to client

DHCPREQUEST Cà S confirm offer

DHCPACK Sà C acknowledge configuration

DHCPNACK Sà C decline configuration

DHCPDECLINE Cà S refuse invalid configuration

DHCPRELEASE Cà S release configuration

DHCPINFORM Cà S request other than IP @

DHCPFORCERENEW Sà C request reconfiguration



Routing


IPv4: DHCP exchanges

��

��

ClientDHCP

ServeurServeurDHCP 1

DHCP 2

DHCPACK

DHCPDISCOVERDHCPDISCOVER

DHCPOFFER

DHCPRELEASE

DHCPREQUEST

DHCPOFFER



Routing


Tunneling

Internet

B

T1>T2 A>B

�� A>B

��

A

A>B

��

T1 T2

encapsulation, rather than translationcross zones governed by different protocols

e.g., connect islands of non-universal protocols (IP multicast,IPv6,. . . ).

flow control between T1 and T2 (IPv4 in IPv4, VPN,. . . )VPN. . .



Routing


VPNs (Virtual Private Networks)

layer 3 VPN: integrates security and automation

IPSEC: confidentiality and integrity (RFC 4301 a 4309)AAA (Authentification, Autorisation, Accounting)

other VPN approaches at layer 2 (PPP. . . )

Office 1

Office 3

(a)

Office 2 Office 1

Office 3

(b)

Leased line Firewall Internet

Tunnel

Office 2




Routing


Address filtering

Firewall...

Corporate network

Security perimeter

Inside LAN

Outside LAN

Firewall

Packet filtering router

Packet filtering router

Application

gateway

Connections to outside networks

Bac

kbon

e




Routing

Basic algorithmsRouting hierarchyAn interior gateway protocol: OSPFAn exterior gateway protocol : BGP







Routing


Network layer recap

The network layer conveys packets from source to destinationthrough a series of hops across intermediate nodes

end-to-end conveyance

virtual addressing

local topological knowledgeinformation required in order to direct the PDUs

static: manual configurationdynamic: routing algorithms and protocols

scaling to the size of the networkhierarchical structure (ASes)

internal routing: RIP, EIGRP, OSPF, IS-ISexternal routing: BGP-4



Routing


Routing

...

... ... ...

... ...

......

��

��

��

��

��

��

��

��

RIP

OSPF

BGP

AS 7936

AS 890AS 9088



Routing


Host routing: GNU/Linux

Unix> /sbin/ifconfig eth0

eth0 Link encap:Ethernet HWaddr 00:20:ED:87:FD:E6

inet addr:132.227.61.122 Bcast:132.227.61.255 Mask:255.255.255.0

UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1

RX packets:1115393 errors:0 dropped:0 overruns:0 frame:0

TX packets:966470 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:445681702 (425.0 Mb) TX bytes:370060277 (352.9 Mb)

Interrupt:9 Base address:0x6f00

Unix> /sbin/route

Kernel IP routing table


132.227.61.0 * 255.255.255.0 U 0 0 0 eth0

127.0.0.0 * 255.0.0.0 U 0 0 0 lo

default 132.227.61.200 0.0.0.0 UG 0 0 0 eth0



Routing


Host routing: MS Windows

C:\Program Files\Support Tools>ipconfig

Ethernet carte Connexion au reseau local :

Suffixe DNS spec. a la connexion. :

Adresse IP. . . . . . . . . . . . : 132.227.61.136

Masque de sous-reseau . . . . . . : 255.255.255.0

Passerelle par defaut . . . . . . : 132.227.61.200

C:\Program Files\Support Tools>route print

===========================================================================

Liste d’Interfaces

0x1 ........................... MS TCP Loopback interface

0x1000003 ...00 03 47 7c b9 d5 ...... Intel(R) PRO Adapter

===========================================================================

Itineraires actifs :

Destination reseau Masque reseau Adr. passerelle Adr. interface Metr.

0.0.0.0 0.0.0.0 132.227.61.200 132.227.61.136 1

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

132.227.61.0 255.255.255.0 132.227.61.136 132.227.61.136 1

132.227.61.136 255.255.255.255 127.0.0.1 127.0.0.1 1

132.227.61.255 255.255.255.255 132.227.61.136 132.227.61.136 1

224.0.0.0 224.0.0.0 132.227.61.136 132.227.61.136 1

255.255.255.255 255.255.255.255 132.227.61.136 132.227.61.136 1

Passerelle par defaut : 132.227.61.200

===========================================================================



Routing


Router

��

��

��

��

��

��

��

��

��

��

��

��

Out

port

In

portRouting

Switching

matrix

Routing and forwarding

interfaces (physical terminations, encapsulation...)

queues

forwarding system (shared memory, bus, or crossbar)

routing system

table, routing algorithms and protocols



Routing


Types of routing

��

��

Workgroup SwitchCatalyst

��

��

CiscoSystemsCisco 7000 SERIES

CiscoSystems Cisco 7000SERIES

CiscoSystems

��

��

Router configuration

static

dynamic (in particular, when there are redundant links)routing protocols and algorithms

computers: Unix programs routed, gated, GNU Zebra,Quagga...dedicated hardware: Cisco, Juniper, Alcatel, HP, Huawei...



Routing








Routing


Routing algorithms

Single criterion optimization

shortest path

distance vectorlink state

routing policy

path vector

multicast routing

shortest pathlowest cost (Steiner trees)centered trees

see the ING course for more details



Routing


Distance vector routing

Simple algorithm based on:

information exchanged between adjancent routers (directconnection)

distance vector (6= routing table)

neighbor-to-neighbor propagation of reachability information

... but limited to small networks

used in sites with just a few routers, to avoid manualconfiguration

problem with second-hand information



Routing


Distance vector routing basics

A BC

D

E

Initially, routers only know their own links. They broadcast their“distance vectors” (routing tables without interface information) totheir neighbors.à Distributed Bellman-Ford (or Ford-Fulkerson 1962) algorithmUpon receiving a vector, the router updates its routing table:

add new entries, noting the arrival interface

update the costs of entries

if a shorter path is proposedif a longer path is proposed on the interface already selected

à successive exchanges should lead to convergence



Routing


Example of a table constructed from distance vectors

(a)

A B C D

E

I J K L

F GH

Router

012254014231817219

2429

243618277

2031200

112233

2031198

301960

147

229

2128362422403119221009

8202820173018121006

15

AAIHIIHHI−

KK

To A I H K Line

New estimated delay from J

ABCDEFGHIJKL

JA JI JH JKdelay delaydelaydelay

is is is is8 10 12 6

New routing table for J

Vectors received from J's four neighbors

(b)

pictures from Tanenbaum A. S. Computer Networks 3rd editionOlivier Fourmaux ([email protected]) Computer Networks (ComNet) 4/5 : Network


Routing


Limits of distance vector routing

These algorithms suffer from many problems:

slow convergence

risks of routing loops

“split horizon”

CE

A BD

A=infinite

A=4 from E

vectors sent for the routing table’s entire network

limited network size



Routing


Link state routing

How to scale to large networks while avoiding neighbor-to-neighborinformation propagation?

know your neighbors

summarize your local information

broadcast the local information to all routers

create a graph representing the network

calculate the shortest path towards all routers



Routing


Link state: learning one’s neighbors

Goal: create an equivalent graph

send detection packets on each link

multi-access media (LANs) replaced by a single virtual node

A C

G

H

B

E

F

D

CiscoSystems Cisco 7000SERIES CiscoSystems Cisco 7000SERIES CiscoSystems Cisco 7000SERIES



CiscoSystems Cisco 7000SERIES CiscoSystems Cisco 7000SERIES

Measurements can be used to weight the links



Routing


Link state: building control packets

B C

E F

A D61

2

8

5 7

4 3

(a)

A

Seq.

Age

B C D E F

B 4

E 5

Seq.

Age

A 4

C 2

Seq.

Age

B 2

D 3

Seq.

Age

C 3

F 7

Seq.

Age

A 5

C 1

Seq.

Age

B 6

D 7

F 6 E 1 F 8 E 8

Link State Packets

(b)




Routing


Link state: broadcasting control packets

Each router must receive messages from all other routers:

reliable distribution is necessary

sequence numbersage of the connection

information conveyed from router to router without changingmessage content

Problem of consistancy while a change is being broadcastà Hierarchical system for large networks



Routing


Link state: route computation

Dijkstra’s shortest path algorithm:

A D1

2

6

G

4

(a)

F (∞, −) D (∞,−)

A

B 7 C

2

H

33

2

2 FE

1

22

6

G

4

A

(c)

A

B (2, A) C (9, B)

H (∞, −)

E (4, B)

G (6, A)

F (6, E) D (∞,−)A

(e)

A

B (2, A) C (9, B)

H (9, G)

E (4, B)

G (5, E)

F (6,E) D (∞,−)A

(f)

A

B (2, A) C (9, B)

H (8, F)

E (4, B)

G (5, E)

F (6, E) D (∞,1)A

(d)

A

B (2, A) C (9, B)

H (∞, −)

E (4, B)

G (5, E)

F (∞, −) D (∞, −)A

H

E

G(b)

B (2, A) C (∞, −)

H (∞, −)

E (∞, −)

G (6, A)




Routing








Routing


Wide area network organization: the Internet

"A"

"C"

"D"

"E""F"

"B"



Routing


ASes (Autonomous Systems, RFC 1930)

AS "A"

AS "F"

AS "D"

AS "E"

AS "C"

AS "B"

RIP 2

OSPF

OSPF

RIP 2

IS−IS

EIGRP

An AS consists of one or more IP address prefixes that areinterconnected and managed by one or more network operatorsand that deploy a single and clearly defined routing policy.



Routing


ASes: external organization (1)

Inter-AS relationships are based on the notions of client andprovider

ISP "2"

Enterprise

Telecom

Client CNRS

Renater

operator "X"

Telecomoperator "Y"

Institution

Provider

ISP "1"

University



Routing


ASes: external organization (2)

Economic relationships:

Peer

Provider

Peer

Client

$$$

providers charge their clientspeers exchange traffic without charge

the contracts are secret!

Tier-1 providers are not anyone’s clients11 tier-1s: L3 (Level(3), ex-Genuity/BBN), GBLX (GlobalCrossing), AT&T (Worldnet), NTT (ex-Verio), Quest,Sprint, Tata (ex-Teleglobe), Verizon (ex-UUnet), Savvis(ex-MCI), TeliaSonera, Tinet (ex-Tiscali).

a network that can reach every other network on the Internetwithout purchasing IP transit or paying settlementslarge providers, who own their own physical global-scaleinfrastructure



Routing


ASes: simple routing

For a stub network (on the edge of the Internet):

Stub network

ISP "1"

Telecomoperator "X"

Institution

à Direct announcements:

its prefixes are announced so that it can receive arriving traffic

the stub network sends all of its departing traffic to the rest ofthe Internet



Routing


ASes: routing across multiple ASes

For transit networks:

ISP "1" ISP "2"

UniversityInstitution

Renater

Telecom Telecom

operator "X"

Enterprise

operator "Y"

CNRS

à How to decide on one among many possible routes?



Routing


ASes: routing criteria

Policy-based routing (commercial criteria):

AS A

AS B New York

Baltimore

San Francisco

AS X

AS YLondre

Paris

Bruxelle

AmsterdamLondre

Paris

à Not necessarily the shortest path!



Routing


ASes: routing policies

Taking policy constraints into account:

new rules:

an AS accepts traffic from or to its clientsan AS refuses transit traffic between two of its competitors’clients

need for a new type of routing!

simple goal:

an ISP routes traffic coming from one of its clientsthe traffic is routed to a peer ISP or a provider ASthe ISP of the receiver routes the traffic to its client (thereceiver)

but there are complexities:

one client can be attached to several ISPs (multihoming)often, there are many possible paths



Routing


ASes: hierarchical routing

AS "A"

AS "F"

AS "D"

AS "E"

AS "C"

AS "B"

RIP 2

OSPF

OSPF

RIP 2

IS−IS

EIGRPBGP

BGP

BGP

BGP

BGP

BGP

BGP

Two types of protocol:

IGPs (Interior Gateway Protocols)Routing within an AS (based on shortest paths)

RIP-2, EIGRP, IS-IS, OSPF

EGPs (Exterior Gateway Protocols)Routing between ASes (based on policy considerations)

there is only one: BGP-4



Routing








Routing


OSPF: Open Shortest Path First

created in 1988 by the IETF so as to:go beyond the approach taken by RIP

rapid convergencescale to large networks

take into account the most general case

LANs (broadcast)NBMAspoint-to-point networks

obtain the network topologycalculate the shortest paths on the network graphbe non-proprietary



Routing


OSPF: areas (1)

A

B D E

CF

GH

AS XAS Y

OSPF

To limit the impact of changes (messages, recalculation. . . )

areas: OSPF sub-zones of an AS

32 bit identifierattached to a backbone (Zone 0)



Routing


OSPF: areas (2)

��

��

��

��

��

��

Area 0

Area 1 Area 3

H

AS YA

B D E

CF

G

AS X

3 types de area:

stub area: without transit traffic (Area 1)NSSA: Not So Stubby Areatransit area: (Areas 0 and 3)



Routing


OSPF: areas (3)

��

��

��

��

��

��

Area 3Area 1

Area 0 A

CF

GH

AS XAS Y

DB E

3 types of router:

AS border: talks to the outside (A and H)area border: belonging to two areas (B, D, and E)internal: belonging to one area (C, F, and G)



Routing


OSPF: intra-area routing

Area 3

Area 0

Area 1

A

B D E

CF

AS X

GH

AS Y

Broadcasting information within an area

LAN (broadcast): designated router

flooding (without retransmitting information alreadyreceived)

G’s announcements to D and F are redundant



Routing


OSPF: inter-area exchanges

Area 0

Area 1 Area 3

H

AS YA

B D E

CF

G

AS X

Announcements between areasArea 1 receives announcements from the backbone and Area 3from B

B is the default router

Area 3 receives announcements from the backbone and fromArea 1 from D and E à can choose D or E



Routing


OSPF: communicating outside the AS

Area 3Area 1

Area 0

H

AS YA

B D E

CF

G

AS X

Exchanging announcements outside the AS

inform regarding local accessibility

careful not to transform the network into a transit network



Routing


OSPF: protocols

Version 2 (RFC 2328) incompatible with OSPF v1

complex definition with several sub-protocols

hello: test neighbors and elect a designated router (LAN)base transfer: synchronisationupdate: send the link statesacknowledgement: confirm updatesrequest the link states: know the area’s routers (NBMA)

encapsulation in IP packets (protocol 89)

use of multicast if available:

224.0.0.5: all routers of the network224.0.0.6: the designated routers



Routing


OSPF: generic header

0 7 15 23 bit 31

Version Type Packet length

Router ID

Area ID

Checksum Authentication type

Authentication

Data

Version = 2

Type = 1 (Hello), 2 (database description), 3 (link state request), 4 (link state update), 5 (link stateacknowledgement)

Packet length = size with header

Router ID = unique even if there are multiple interfaces

Area ID = area where the router is located

Authentication = allows use of MD5

Data... many structures: see RFC 2328



Routing








Routing


BGP: introduction

De facto external routing protocol

chronology of standards:

EGP (1984): RFC 904BGP-1 (1989): RFC 1195BGP-2 (1990): RFC 1163BGP-3 (1991): RFC 1267BGP-4 (1995): RFC 1771, 1772, and 1773

CIDR supportlarge scale adoption as of ‘95, with the commercialization ofthe Internet

path vector protocol:

similar to distance vector protocolsallows application of policy constraints



Routing


BGP: topology

AS 7486

AS 947

AS

5511

AS 24

BGP is based on a set of interconnected ASes

each AS has a unique 16 bit identifierattributed by a registrar (ARIN, RIPE-NCC...)

as for network prefixes

approx. 25,000 have been assigned (64512 to 65535 areprivate)



Routing


BGP: AS/network relationship

An AS is not necessarily a networkTier-1s often split their networks:

ATT: 5074, 6341, 7018...MCI (UUnet): 284, 701, 702, 12199...Sprint: 1239, 1240, 6211, 6242...

AS 5074 AS 6341 AS 7018

an AS number can be shared:AS 7046: Crestar Bank + NJIT + Hood Clg (clients AS 701)

AS 7046 AS 7046 AS 7046

AS 701

and many stub networks have no need of BGP or an ASnumber (static routing at the network’s edge)



Routing


BGP: border gateway

AS 7486

AS 947

AS

5511

AS 24

passageways to other ASes

associated with two types of connection:

external (eBGP)internal (iBGP)



Routing


BGP: eBGP connections

AS 7486

AS 947

AS

5511

AS 24

exterior BGP

interconnection between ASes by border routers

BGP signaling over a direct TCP connection on port 179



Routing


BGP: iBGP connections

AS 7486

AS 947

AS

5511

AS 24

interior BGP

interconnection between the border routers of an AS

TCP connections on port 179, routed using the AS’s IGP

full mesh



Routing


BGP: information exchanged

AS 30

AS 9654

AS 211 AS 1022

AS 832781.217.16.0 /22

AS 723

81.217.16.0 /22 (723, 211, 9654)

81.217.16.0 /22(1022,211,9654)

What information is exchanged between ASes?

mainly IP prefixes and the AS paths towards them



Routing


BGP: messages

Only 4 BGP messages:

OPEN: open the connection

KEEPALIVE: maintain the connection

sent periodically

NOTIFICATION: close the connection

UPDATE: exchange the prefixes with attributesinitially, all the informationlater, updates

announcing of new routeswithdrawing of previously announced routes



Routing


BGP: attributes (1)

Value Code Reference

----- --------------------------------- ---------

1 ORIGIN [RFC 1771]

2 AS_PATH [RFC 1771]

3 NEXT_HOP [RFC 1771]

4 MULTI_EXIT_DISC [RFC 1771]

5 LOCAL_PREF [RFC 1771]

...

8 COMMUNITY [RFC 1997]

...

19-254 Unassigned

255 reserved for development

Announcement = prefix + some attributes (not all)



Routing


BGP: attributes (2)

ORIGIN : where one has learned about the prefix

IGP = from within the ASEGP = from outside the ASINCOMPLETE = manual configuration

AS PATH : series of ASes traversed by the announcement

allows loop detection

NEXT HOP : to whom to send traffic for the announced prefix

last router of the preceding AS

12.125.33.9

80.132.50.7

135.207.0.0 /16

135.207.0.0 /16

NH =12.125.33.9

135.207.0.0 /16

NH =12.125.33.9

135.207.0.0 /16

NH =80.132.50.7

AS 947 AS 26AS 8524



Routing


BGP: attributes (3)

MULTI EXIT DISC : when there are many exits from an AS

prefer the smaller value

192.33.182.0 \24

(24, 947) MED=200

(24, 947) MED=300

192.33.182.0 \24

192.33.182.0 \24

Priority

AS 947

AS 7486

AS 24



Routing


BGP: attributes (4)

LOCAL PREF : administrative preference

prefer the highest value

192.33.182.0 \24 (9611, 947) LP=50

192.33.182.0 \24

Priority

192.33.182.0 \24 (24, 743, 947) LP=80

AS 24AS 743

AS 9611

AS 7486

AS 947



Routing


BGP: advertisements

Sending an UPDATE message

which prefixes to announce

sender’s choice

which attribute values to assign?it depends on the attribute

AS PATH = prior AS PATH precedent + current AS’s numberMULTI EXIT DISC = depends upon the sender...

Receiving an UPDATE message

which information to take into account?

prefix choice (filtering)possible to modify the attributes

what to do with the accepted information?choose routes

use of a decision algorithm...



Routing


BGP: route selection algorithm

Strongest to weakest choice criteria:

1 highest LOCAL PREF2 shortest AS PATH

but not necessarily the shortest path

3 smallest MULTI EXIT DISC

4 priority to paths learned via eBGP over iBGP5 shortest path to reach the NEXT HOP

IGP metrics

6 smallest router ID



Routing


BGP: policy choices?

Yet another attribute...

COMMUNITY : allows “coloring” of routes

list of values indicating the communities towhich a prefix belongs

32 bits (16 bits AS coloring + 16 bits freelychosen)announcements are usually colored upon entryto an AS

client communitypeer communityprovider community

allows filtering at the AS exit

e.g., do not inject prefixes from one peer toanother peer(thereby turning the AS into a transit AS)



Routing


BGP: importing routes

Clients

FPCL

L L

L

L

LL

L

L

L

LL

C CC C

C

C

C

CC

C

C

C

C

CP

P

P P

P

PP

P

P

P

PP

P

P

P

FF

F

F

F

F

FF

F

F

F

Providers

Peers

F

Peers

Provider route

Peer route

Client route

Local route



Routing


BGP: exporting routes

Clients

FPCL

L L

L

L

LL

L

L

L

LL

CC

C

CC

C

C

C

C

C

P

P

P

P

PP

P

P

P

F

F

F

FF

F

F

F

anti

P F

C

CC

CP

PP P

P

P

F

F

F

F

LL

L

L

L

LL

L

L

L L

L L

L

L

L

C

C

C

C

C

C

C

CC

C C

C

Providers

Peers Peers

FilterProvider route

Peer route

Client route

Local route



Routing


BGP: connectivity

Does BGP guarantee connectivity?

no, some networks can remain unreachabledepends upon the policies encountered on the announced paths:

AS "A" AS "B"

AS "X"

if “X” does not announce “A” to “B”...



Routing


BGP: convergence

Does BGP guarantee convergence to a stable route?

without changes, there can be oscillations (“route flapping”)one router announces a prefix, then abandons it

associated with broken links

with changes, the number of annoncements is high

some ASes cansee 106 UPDATE per day



Routing


BGP: problems

errors carry throughout the Internet

a misconfigured AS can indicate that it has the best route forall destinations...

exponential growth in the number of announcements

more and more ASessmaller and smaller prefixesno aggregation due to multihoming

complex to manage

the graph of the ASes depends on one’s perspective

attempt to dampen route flapping

use of route dampening


Computer Networks (ComNet) 4/5 : Networkfourmaux/ARes/AResC4v63_en_4.pdfRouting ComNet: course 4/5...

Documents

Transcript of Computer Networks (ComNet) 4/5 : Networkfourmaux/ARes/AResC4v63_en_4.pdfRouting ComNet: course 4/5...