CSC358 Week 8
Adapted from slides by J.F. Kurose and K. W. Ross.All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved
4.1 Overview of Network layer• data plane• control plane
4.2 What�s inside a router4.3 IP: Internet Protocol• datagram format• fragmentation• IPv4 addressing• network address
translation• IPv6
4.4 Generalized Forward and SDN• match• action• OpenFlow examples
of match-plus-action in action
Outline
4-5Network Layer: Data Plane
IPv6: motivation§ initial motivation: 32-bit address space soon to be
completely allocated. § additional motivation:• header format helps speed processing/forwarding• header changes to facilitate QoS
IPv6 datagram format: • fixed-length 40 byte header• no fragmentation allowed
4-6Network Layer: Data Plane
IPv6 datagram format
priority: identify priority among datagrams in flowflow Label: identify datagrams in same �flow.�
(concept of�flow� not well defined).next header: identify upper layer protocol for data
data
destination address(128 bits)
source address(128 bits)
payload len next hdr hop limitflow labelpriver
32 bits4-7Network Layer: Data Plane
How many IP addresses?
§ 2^128 is roughly 3 x 10^38
§ Assume 10 billion people on Earth
§ Each person gets 3 x 10^28
Network Layer 4-8
Other changes from IPv4
§ checksum: removed entirely to reduce processing time at each hop
§ options: allowed, but outside of header, indicated by �Next Header� field
§ ICMPv6: new version of ICMP• additional message types, e.g. �Packet Too Big�• No fragmentation in the intermediate routers. Sender
receives “Packet Too Big ” and resend smaller datagrams.
4-9Network Layer: Data Plane
Transition from IPv4 to IPv6§ not all routers can be upgraded simultaneously
• no �flag days�• how will network operate with mixed IPv4 and
IPv6 routers? § tunneling: IPv6 datagram carried as payload in IPv4
datagram among IPv4 routers
IPv4 source, dest addr IPv4 header fields
IPv4 datagramIPv6 datagram
IPv4 payload
UDP/TCP payloadIPv6 source dest addr
IPv6 header fields
4-10Network Layer: Data Plane
Tunneling
physical view:IPv4 IPv4
A B
IPv6 IPv6
E
IPv6 IPv6
FC D
logical view:
IPv4 tunnel connecting IPv6 routers E
IPv6 IPv6
FA B
IPv6 IPv6
4-11Network Layer: Data Plane
flow: Xsrc: Adest: F
data
A-to-B:IPv6
Flow: XSrc: ADest: F
data
src:Bdest: E
B-to-C:IPv6 inside
IPv4
E-to-F:IPv6
flow: Xsrc: Adest: F
data
B-to-C:IPv6 inside
IPv4
Flow: XSrc: ADest: F
data
src:Bdest: E
physical view:A B
IPv6 IPv6
E
IPv6 IPv6
FC D
logical view:
IPv4 tunnel connecting IPv6 routers E
IPv6 IPv6
FA B
IPv6 IPv6
Tunneling
IPv4 IPv4
4-12Network Layer: Data Plane
IPv6: adoption§ Google: 8% of clients access services via IPv6§ NIST: 1/3 of all US government domains are IPv6
capable
§ Long (long!) time for deployment, use•20 years and counting!•think of application-level changes in last 20 years: WWW, Facebook, streaming media, Skype, …
4-13Network Layer: Data Plane
4.1 Overview of Network layer• data plane• control plane
4.2 What�s inside a router4.3 IP: Internet Protocol• datagram format• fragmentation• IPv4 addressing• network address
translation• IPv6
4.4 Generalized Forward and SDN• match• action• OpenFlow
examples of match-plus-action in action
Outline
4-14Network Layer: Data Plane
Generalized Forwarding and SDN
230100 1101
values in arrivingpacket�s header
logically-centralized routing controller
1
control plane
data plane
Each router contains a flow table that is computed and distributed by a logically centralized routing controller
local flow tableheaders counters actions
4-15Network Layer: Data Plane
OpenFlow data plane abstraction§ flow: defined by header fields§ generalized forwarding: simple packet-handling rules• Pattern: match values in packet header fields• Actions: for matched packet: drop, forward, modify,
matched packet or send matched packet to controller • Priority: disambiguate overlapping patterns• Counters: #bytes and #packets
Flow table in a router (computed and distributed by controller) define router’s match+action rules
4-16Network Layer: Data Plane
OpenFlow data plane abstraction§ flow: defined by header fields§ generalized forwarding: simple packet-handling rules
• Pattern: match values in packet header fields• Actions: for matched packet: drop, forward, modify,
matched packet or send matched packet to controller • Priority: disambiguate overlapping patterns• Counters: #bytes and #packets
1. src=1.2.*.*, dest=3.4.5.* à drop 2. src = *.*.*.*, dest=3.4.*.* à forward(2)3. src=10.1.2.3, dest=*.*.*.* à send to controller
* : wildcard
OpenFlow: Flow Table Entries
SwitchPort
MACsrc
MACdst
Ethtype
VLANID
IPSrc
IPDst
IPProt
TCPsport
TCPdport
Rule Action Stats
1. Forward packet to port(s)2. Encapsulate and forward to controller3. Drop packet4. Send to normal processing pipeline5. Modify Fields
Packet + byte counters
Link layer Network layer Transport layer
OpenFlow abstraction
§ Router• match: longest
destination IP prefix• action: forward out
a link§ Switch• match: destination
MAC address• action: forward or
flood
§ Firewall• match: IP addresses
and TCP/UDP port numbers• action: permit or
deny § NAT• match: IP address
and port• action: rewrite
address and port
§ match+action: unifies different kinds of devices
4-19Network Layer: Data Plane
Summary: Network Layer Data Plane
Question: how do forwarding tables (destination-based forwarding) or flow tables (generalized forwarding) computed?Answer: by the control plane (next chapter)
4.1 Overview of Network layer: data plane and control plane
4.2 What�s inside a router4.3 IP: Internet Protocol• datagram format• fragmentation• IPv4 addressing• NAT• IPv6
4.4 Generalized Forward and SDN• match plus action• OpenFlow example
4-20Network Layer: Data Plane
Network layer control plane
goals: understand principles behind network control plane
§ traditional routing algorithms§ SDN controllers§ Internet Control Message Protocol§ network management
and their instantiation, implementation in the Internet:§ OSPF, BGP, OpenFlow, ICMP, SNMP
5-21
Network Layer: Control Plane
5.1 introduction5.2 routing protocols§ link state§ distance vector5.3 intra-AS routing in the
Internet: OSPF5.4 routing among the ISPs:
BGP
5.5 The SDN control plane5.6 ICMP: The Internet
Control Message Protocol
5.7 Network management and SNMP
Outline
5-22
Network Layer: Control Plane
Network-layer functions
§ forwarding: move packets from router�s input to appropriate router output
data plane
control plane
Two approaches to structuring network control plane:§ per-router control (traditional)§ logically centralized control (software defined networking)
Recall: two network-layer functions:
5-23Network Layer: Control Plane
§ routing: determine route taken by packets from source to destination
Per-router control plane
RoutingAlgorithm
Individual routing algorithm components in each and every router interact with each other in control plane to compute forwarding tables
dataplane
controlplane
4.1 • OVERVIEW OF NETWORK LAYER 309
tables. In this example, a routing algorithm runs in each and every router and both forwarding and routing functions are contained within a router. As we’ll see in Sec-tions 5.3 and 5.4, the routing algorithm function in one router communicates with the routing algorithm function in other routers to compute the values for its forward-ing table. How is this communication performed? By exchanging routing messages containing routing information according to a routing protocol! We’ll cover routing algorithms and protocols in Sections 5.2 through 5.4.
The distinct and different purposes of the forwarding and routing functions can be further illustrated by considering the hypothetical (and unrealistic, but technically feasible) case of a network in which all forwarding tables are configured directly by human network operators physically present at the routers. In this case, no routing protocols would be required! Of course, the human operators would need to interact with each other to ensure that the forwarding tables were configured in such a way that packets reached their intended destinations. It’s also likely that human configu-ration would be more error-prone and much slower to respond to changes in the net-work topology than a routing protocol. We’re thus fortunate that all networks have both a forwarding and a routing function!
Values in arrivingpacket’s header
1
23
Local forwardingtable
header
0100011001111001
1101
3221
output
Control plane
Data plane
Routing algorithm
Figure 4.2 ♦ Routing algorithms determine values in forward tables
M04_KURO4140_07_SE_C04.indd 309 11/02/16 3:14 PM
5-24Network Layer: Control Plane
dataplane
controlplane
Logically centralized control planeA distinct (typically remote) controller interacts with local control agents (CAs) in routers to compute forwarding tables
Remote Controller
CA
CA CA CA CA
5-25
Network Layer: Control Plane
5.1 introduction5.2 routing protocols§ link state§ distance vector5.3 intra-AS routing in the
Internet: OSPF5.4 routing among the ISPs:
BGP
5.5 The SDN control plane5.6 ICMP: The Internet
Control Message Protocol
5.7 Network management and SNMP
Outline
5-26
Network Layer: Control Plane
Routing protocols
Routing protocol goal: determine “good” paths (equivalently, routes), from sending hosts to receiving host, through network of routers§ path: sequence of routers packets will traverse
in going from given initial source host to given final destination host
§ “good”: least “cost”, “fastest”, “least congested”
§ routing: a “top-10” networking challenge!
5-27Network Layer: Control Plane
u
yx
wv
z2
21
3
1
1
2
53
5
graph: G = (N,E)
N = set of routers = { u, v, w, x, y, z }
E = set of links ={ (u,v), (u,x), (v,x), (v,w), (x,w), (x,y), (w,y), (w,z), (y,z) }
Graph abstraction of the network
5-28Network Layer: Control Plane
Graph abstraction: costs
u
yx
wv
z2
21
3
1
1
2
53
5 c(x,x�) = cost of link (x,x�)e.g., c(w,z) = 5
cost could be inversely related to bandwidth, or inversely related to congestion
cost of path (x1, x2, x3,…, xp) = c(x1,x2) + c(x2,x3) + … + c(xp-1,xp)
key question: what is the least-cost path between u and z ?routing algorithm: algorithm that finds that least cost path
5-29Network Layer: Control Plane
Routing algorithm classification
Q: global or decentralized information?
global:§ all routers have complete
topology, link cost info§ �link state� algorithmsdecentralized: § router knows physically-
connected neighbors, link costs to neighbors
§ iterative process of computation, exchange of info with neighbors
§ �distance vector� algorithms
Q: static or dynamic?
static:§ routes change slowly over
timedynamic: § routes change more
quickly• periodic update• in response to link
cost changes
5-30Network Layer: Control Plane
5.1 introduction5.2 routing protocols§ link state§ distance vector5.3 intra-AS routing in the
Internet: OSPF5.4 routing among the ISPs:
BGP
5.5 The SDN control plane5.6 ICMP: The Internet
Control Message Protocol
5.7 Network management and SNMP
Outline
5-31Network Layer: Control Plane
A link-state routing algorithmDijkstra�s algorithm§ net topology, link costs
known to all nodes• accomplished via �link state
broadcast�• all nodes have same info
§ computes least cost paths from one node (�source�) to all other nodes• gives forwarding table for
that node
§ iterative: after k iterations, know least cost path to k dests
notation:§ c(x,y): link cost from
node x to y; = ∞ if not direct neighbors
§ D(v): current value of cost of path from source to dest v
§ p(v): predecessor node along path from source to v
§ N': set of nodes whose least cost path definitively known 5-32Network Layer: Control Plane
Dijsktra�s algorithm1 Initialization:2 N' = {u} 3 for all nodes v 4 if v adjacent to u 5 then D(v) = c(u,v) 6 else D(v) = ∞7 8 Loop9 find w not in N' such that D(w) is a minimum 10 add w to N'11 update D(v) for all v adjacent to w and not in N' : 12 D(v) = min( D(v), D(w) + c(w,v) ) 13 /* new cost to v is either old cost to v or known 14 shortest path cost to w plus cost from w to v */ 15 until all nodes in N'
5-33Network Layer: Control Plane
Dijkstra�s algorithm: example
Step012345
N'uuxuxyuxyvuxyvwuxyvwz
D(v),p(v)2,u2,u2,u
D(w),p(w)5,u4,x3,y3,y
D(x),p(x)1,u
D(y),p(y)∞2,x
D(z),p(z)∞ ∞ 4,y4,y4,y
u
yx
wv
z2
21
3
1
1
2
53
5
5-34Network Layer: Control Plane
u
yx
wv
z
Dijkstra�s algorithm: example (2)
u
yx
wv
z
resulting shortest-path tree from u:
vxywz
(u,v)(u,x)
(u,x)(u,x)(u,x)
destination link
resulting forwarding table in u:
5-35Network Layer: Control Plane
Dijkstra�s algorithm, discussion
algorithm complexity: n nodes§ each iteration: need to check all nodes, w, not in N§ n(n+1)/2 comparisons: O(n2)§ more efficient implementations possible: O(nlogn)
Each node knows the entire graph’s topology.
5-36Network Layer: Control Plane
5.1 introduction5.2 routing protocols§ link state§ distance vector5.3 intra-AS routing in the
Internet: OSPF5.4 routing among the ISPs:
BGP
5.5 The SDN control plane5.6 ICMP: The Internet
Control Message Protocol
5.7 Network management and SNMP
Outline
5-37Network Layer: Control Plane
Distance vector algorithm
Bellman-Ford equation (dynamic programming)
letdx(y) := cost of least-cost path from x to y
thendx(y) = min {c(x,v) + dv(y) }
v
cost to neighbor v
min taken over all neighbors v of x
cost from neighbor v to destination y
5-38Network Layer: Control Plane
Bellman-Ford example
u
yx
wv
z2
21
3
1
1
2
53
5clearly, dv(z) = 5, dx(z) = 3, dw(z) = 3
du(z) = min { c(u,v) + dv(z),c(u,x) + dx(z),c(u,w) + dw(z) }
= min {2 + 5,1 + 3,5 + 3} = 4
node achieving minimum is nexthop in shortest path, used in forwarding table
B-F equation says:
5-39Network Layer: Control Plane
Distance vector algorithm
§ Dx(y) = estimate of least cost from x to y• x maintains distance vector Dx = [Dx(y): y є N ]
§ node x:• knows cost to each neighbor v: c(x,v)• maintains its neighbors� distance vectors. For
each neighbor v, x maintains Dv = [Dv(y): y є N ]
5-40Network Layer: Control Plane
key idea:§ from time-to-time, each node sends its own
distance vector estimate to neighbors§ when x receives new DV estimate from neighbor,
it updates its own DV using B-F equation:
Dx(y) ← minv{c(x,v) + Dv(y)} for each node y ∊ N
v under minor, natural conditions, the estimate Dx(y) converge to the actual least cost dx(y)
Distance vector algorithm
5-41Network Layer: Control Plane
iterative, asynchronous:each local iteration caused by:
§ local link cost change § DV update message from
neighbordistributed:§ each node notifies
neighbors only when its DV changes• neighbors then notify their
neighbors if necessary
wait for (change in local link cost or msg from neighbor)
recompute estimates
if DV to any dest has changed, notify neighbors
each node:
Distance vector algorithm
5-42Network Layer: Control Plane
Each node only needs to know their neighbours.
x y zxyz
0 2 7∞ ∞ ∞∞ ∞ ∞
from
cost to
from
from
x y zxyz
0
x y zxyz
∞ ∞
∞ ∞ ∞
cost to
x y zxyz
∞ ∞ ∞7 1 0
cost to
∞2 0 1
∞ ∞ ∞
2 0 17 1 0
time
x z12
7
y
node xtable
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)}= min{2+0 , 7+1} = 2
Dx(z) = min{c(x,y) +Dy(z), c(x,z) + Dz(z)}
= min{2+1 , 7+0} = 3
32
node ytable
node ztable
cost to
from
5-43Network Layer: Control Plane
x y zxyz
0 2 3
from
cost to
x y zxyz
0 2 7
from
cost tox y z
xyz
0 2 3
from
cost to
x y zxyz
0 2 3fro
mcost to
x y zxyz
0 2 7
from
cost to
2 0 17 1 0
2 0 13 1 0
2 0 13 1 0
2 0 1
3 1 02 0 1
3 1 0
time
x y zxyz
0 2 7∞ ∞ ∞∞ ∞ ∞
from
cost to
from
from
x y zxyz
0
x y zxyz
∞ ∞
∞ ∞ ∞
cost to
x y zxyz
∞ ∞ ∞7 1 0
cost to
∞2 0 1
∞ ∞ ∞
2 0 17 1 0
time
x z12
7
y
node xtable
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)}= min{2+0 , 7+1} = 2
Dx(z) = min{c(x,y) +Dy(z), c(x,z) + Dz(z)}
= min{2+1 , 7+0} = 3
32
node ytable
node ztable
cost to
from
5-44Network Layer: Control Plane
Distance vector: link cost changes
link cost changes:v node detects local link cost change v updates routing info, recalculates
distance vectorv if DV changes, notify neighbors
�goodnews travelsfast�
x z14
50
y1
t0 : y detects link-cost change, updates its DV, informs its neighbors.
t1 : z receives update from y, updates its table, computes new least cost to x , sends its neighbors its DV.
t2 : y receives z�s update, updates its distance table. y�s least costs do not change, so y does not send a message to z.
5-45Network Layer: Control Plane
Dy(x) Dz(x)
4 5
1 5
1 2
1 2
Distance vector: link cost changes
link cost changes:v node detects local link cost change v bad news travels slow - �count to
infinity� problem!v 44 iterations before algorithm
stabilizes: see text x z14
50
y60
solution: poisoned reverse:v If Z routes through Y to get to X :
§ Z tells Y its (Z�s) distance to X is infinite (so Y won�t route to X via Z)
v will this completely solve count to infinity problem?
5-46Network Layer: Control Plane
Dy(x) Dz(x)
4 5
6 5
6 7
… …
48 49
50 49
50 50
51 50
51 50
Dy(x) Dz(x)
4 5 (inf)
60 5 (inf)
60 50
51 50
This table is just meant to give a rough idea of the change of the values. To be more precise, you should put a distance table next to each node in the graph and update/trace them.
Comparison of LS and DV algorithms
message complexity§ LS: with n nodes, E links, O(nE)
msgs sent § DV: exchange between neighbors
only• convergence time varies
speed of convergence§ LS: O(n2) algorithm requires
O(nE) msgs
§ DV: convergence time varies• may be routing loops• count-to-infinity problem
robustness: what happens if router malfunctions?
LS:• node can advertise incorrect
link cost• each node computes only its
own tableDV:
• DV node can advertise incorrect path cost
• each node�s table used by others
• error propagate thru network
5-47Network Layer: Control Plane
No clear obvious winner. Both are used in the Internet.
5.1 introduction5.2 routing protocols§ link state§ distance vector5.3 intra-AS routing in
the Internet: OSPF5.4 routing among the ISPs:
BGP
5.5 The SDN control plane5.6 ICMP: The Internet
Control Message Protocol
5.7 Network management and SNMP
Outline
5-48Network Layer: Control Plane
Making routing scalable
scale: with billions of destinations:
§ can�t store all destinations in routing tables!
§ routing table exchange would swamp links!
administrative autonomy§ internet = network of
networks§ each network admin may
want to control routing in its own network
our routing study thus far - idealized § all routers identical§ network �flat�… not true in practice
5-49Network Layer: Control Plane
aggregate routers into regions known as �autonomous systems� (AS) (a.k.a. “domains”)
inter-AS routing§ routing among AS’es§ gateways perform inter-
domain routing (as well as intra-domain routing)
Internet approach to scalable routing
intra-AS routing§ routing among hosts, routers
in same AS (“network”)§ all routers in AS must run same intra-domain protocol
§ routers in differentAS can run different intra-domain routing protocol
§ gateway router: at “edge” of its own AS, has link(s) to router(s) in other AS’es
5-50Network Layer: Control Plane
3b
1d
3a
1c2aAS3
AS1AS2
1a
2c2b
1b
Intra-ASRouting algorithm
Inter-ASRouting algorithm
Forwardingtable
3c
Interconnected ASes
§ forwarding table configured by both intra-and inter-AS routing algorithm• intra-AS routing
determine entries for destinations within AS
• inter-AS & intra-AS determine entries for external destinations
5-51Network Layer: Control Plane
Inter-AS tasks§ suppose router in AS1
receives datagram destined outside of AS1:• router should forward
packet to gateway router, but which one?
AS1 must:1. learn which dests are
reachable through AS2, which through AS3
2. propagate this reachability info to all routers in AS1
job of inter-AS routing!
AS3
AS2
3b
3c3a
AS1
1c1a
1d1b
2a2c
2bothernetworks
othernetworks
5-52Network Layer: Control Plane
Intra-AS Routing
§ also known as interior gateway protocols (IGP)§ most common intra-AS routing protocols:• RIP: Routing Information Protocol• OSPF: Open Shortest Path First (IS-IS protocol
essentially same as OSPF)• IGRP: Interior Gateway Routing Protocol
(Cisco proprietary for decades, until 2016)
5-53Network Layer: Control Plane
OSPF (Open Shortest Path First)
§ �open�: publicly available§ uses link-state algorithm • link state packet dissemination• topology map at each node• route computation using Dijkstra�s algorithm
§ router floods OSPF link-state advertisements to all other routers in entire AS• carried in OSPF messages directly over IP (rather than
TCP or UDP• link state: for each attached link
5-54Network Layer: Control Plane
OSPF �advanced� features
§ security: all OSPF messages authenticated (to prevent malicious intrusion)
§ multiple same-cost paths allowed (only one path in RIP)
§ for each link, multiple cost metrics for different ToS(e.g., satellite link cost set low for best effort ToS; high for real-time ToS)
§ integrated uni- and multi-cast support: • Multicast OSPF (MOSPF) uses same topology data
base as OSPF§ hierarchical OSPF in large domains.
5-55Network Layer: Control Plane
Top Related