Ch. 4: Network Layer - Forwarding #1 Network Layer: a. Forwarding Goals: understand principles behind network layer services: forwarding routing (path selection) dealing with scale instantiation and implementation in the Internet and in other types of networks Overview: network layer services VC network operation ATM IP addresses & their usage NAT IP header IP fragmentation ICMP IPv6
54
Embed
Ch. 4: Network Layer - Forwarding#1#1 Network Layer: a. Forwarding Goals: r understand principles behind network layer services: m forwarding m routing.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Ch. 4: Network Layer - Forwarding
#1
Network Layer: a. ForwardingGoals: understand principles
each router allocates an ID for the VC• intended for incoming (I/C) packets of the VC• records it + the preceding &following node of path
Backward call-setup pass: each router tells predecessor its ID for the VC
• first predecessor is the originating host• ID will be used for this VC on the link between them
lists in the I/C port’s fwding table the I/C VC-ID and the corresponding O/G port +O/G ID
Runtime: when receiving a packet with an ID : find, in the I/C port’s forwarding table, the I/C ID’s record read from it the outgoing port & the O/G ID send packet on the required port with new ID .
Ch. 4: Network Layer - Forwarding
#8
VC : identifiers preparation
Example: call setup stage
Ch. 4: Network Layer - Forwarding
#9
BW=1Mb BW=1Mb BW=1Mb
In port
VC idin
Outport
VC id out
1
In port
VC idin
Outport
VC id out
1382
In port
VC idin
Outport
VC id out
1
In port
VC idin
Outport
VC id out
1222
In port
VC idin
Outport
VC id out
122298
In port
VC idin
Outport
VC id out
138222
1 12 2
Summary:o VC-ID has a separate value on each linko determined by the receiving router and sent by signaling to sending node
VC id out
38
VC id in
98
VC : identifiers usage
Example: runtime stage
Ch. 4: Network Layer - Forwarding
#10
VCid=38 VCid=22 VCid=98
In port
VC idin
Outport
VC id out
1
In port
VC idin
Outport
VC id out
1382
In port
VC idin
Outport
VC id out
1
In port
VC idin
Outport
VC id out
1222
In port
VC idin
Outport
VC id out
122298
In port
VC idin
Outport
VC id out
138222
2 21 1
Ch. 4: Network Layer - Forwarding
#14
Datagram networks: Internet model no call setup at network layer routers: no state about end-to-end connections
no network-level concept of “connection”
packets typically routed using destination host ID packets between same source-dest pair may take
different paths, if routing tables change
application
transportnetworkdata linkphysical
application
transportnetworkdata linkphysical
1. Send data 2. Receive data
ATM: overview Asynchronous Transfer Mode Fixed packets size: called cells
53 bytes = 5 header + 48 data
All virtual-circuit based Types of virtual circuits
“virtual circuits” aggregated into “virtual paths” Permanent or switched virtual paths used to reduce size of forwarding tables
Architecture is QoS-focused Service Quality types: CBR, VBR, ABR, UBR Constant/Variable/Arbitrary/Unspecified – Bit Rate
Access traffic policing Typical tool: leaky-bucket access control
Ch. 4: Network Layer - Forwarding
#15
Ch. 4: Network Layer - Forwarding
#16
Network Layer Quality of Service
NetworkArchitecture
Internet
ATM
ATM
ATM
ATM
ServiceModel
best effort
CBR
VBR
ABR
UBR
Bandwidth
none
constantrateguaranteedrateguaranteed minimumnone
Loss
no
yes
yes
no
no
Order
no
yes
yes
yes
yes
Timing
no
yes
yes
no
no
Congestionfeedback
no (inferredvia loss/delay)nocongestionnocongestionyes
no
Guarantees ?
Internet model is being extended: Intserv, Diffserv multimedia networking
ATM: Asynchronous Transfer Mode; CBR: Constant Bit Rate; V: Variable; A: available; U: Unspecified
Ch. 4: Network Layer - Forwarding
#17
Datagram or VC network: why?Internet (Datagram) data exchange among
hosts (mostly) “elastic”
service, no strict timing req.
“smart” end systems can adapt, perform
control, error recovery simple inside network,
complexity at “edge” many link types
different characteristics uniform service difficult
Datagram benefit: Simplicity
ATM (VC) evolved from telephony
but supports also data human conversation:
strict timing &reliability requirements
svc guarantees needed “dumb” end systems
telephones complexity inside
network VC Benefits:
Fast forwarding Traffic Engineering. In order delivery
Ch. 4: Network Layer - Forwarding
#19
IP Addressing Scheme
We need an address to uniquely identify each destination
Routing scalability requires flexibility in aggregation of destination addresses we should be able to aggregate a set of
destinations as a single routing unit necessary for routing table scalability
Preview: the unit of routing in the Internet is a network - the destinations in the routing protocols and tables are networks
Ch. 4: Network Layer - Forwarding
#20
IP Addressing: introduction IP address: 32-bit
identifier for host or router interface (NIC)
interface: connection between host/router and physical link router’s typically have
multiple interfaces a host has typically a
single interface IP addresses
associated with interface, nothost, or router
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
223.1.1.1 = 11011111 00000001 00000001 00000001
223 1 11
Ch. 4: Network Layer - Forwarding
#21
IP Addressing IP address is divided
into two parts: network prefix
• K high order bits host number
• remaining low order bits
This partitioning of the address depends on the context network in which we see this NIC networks are
nested inside each other
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
LAN
Qn: What is the router’s IP address in the drawing we see?
Ch. 4: Network Layer - Forwarding
#22
What is a network in IP view?IP network
terminology: a Subnet is:
a set of devices that can physically reach each other without intervening router(s)
e.g. a LAN
a Network is: a subnet , or: the union of several
subnets that are interconnected by links
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
LAN
three subnets (LANs) 223.1.1.*, 223.1.2.*, 223.1.3.*, together they form a larger network with prefix 223.1 (16 bits) (OR MORE bits?)
Ch. 4: Network Layer - Forwarding 4-23
IP Address Structure (CIDR method) the network prefix consists of the K most significant bits of
the address in some cases it is called the subnet prefix (see subnets
below) the host number = the remaining (32-K) bits the size K of the network prefix differs and must be specified
in each case. Two methods used for this: network mask has all 1‘s in the prefix part and all 0’s
elsewhere short notation is /K (also called the CIDR notation)
11001000 00010111 00010001 10110101/ 23
Exercise 1a) write the following IP address in dotted decimal notationb) specify corresponding netwk mask (binary and dotted
decimal)c) show network prefix & host # parts of that address
(binary)see solutions at end of chapter (in Extra slides)
Ch. 4: Network Layer - Forwarding 4-24
Special Types of IP Address network broadcast address : host # = 11...1
means: all the hosts in the network specified in address prefix
used only as destination address of packets if dest. address = 11… 1 (32 1’s), broadcast on sender’s
subnet
network address : host # = 0 (all zeros) means: the whole network (used only in routing tables)
therefore the IP address of a host/router can not have host number = 0 or = “all ones”Exercise 21. write the network address of the network from Exercise 12. write the broadcast address for that network3. how many IP host addresses are possible in that
network?4. write host & network address with /K notation5. write the first and last host address on that network
Ch. 4: Network Layer - Forwarding 4-25
Subnets
Recipe To determine the
subnets of a network, detach each interface from its host or router, creating islands of isolated networks. Each isolated network is a subnet.
Divide network into subnets and give an address to each
o Write an address for the whole network,including /K
223.1.1.1
223.1.1.3
223.1.1.4
223.1.2.2223.1.2.1
223.1.2.6
223.1.3.2223.1.3.1
223.1.3.27
223.1.1.2
223.1.7.2
223.1.7.1223.1.9.1
223.1.9.2
Subnet 223.1.2.0/24
Subnet 223.1.3.0/24
Subnet 223.1.1.0/24
Subnet 223.1.7.0/24
Subnet 223.1.9.0/24
Whole network: 223.1.0.0/20
Ch. 4: Network Layer - Forwarding
#28
IP Addresses
0network host
10 network host
110 network host
1110 multicast address (*)
A
B
C
D
class1.0.0.0 to127.255.255.255
128.0.0.0 to191.255.255.255
192.0.0.0 to223.255.255.255
224.0.0.0 to239.255.255.255
32 bits
given notion of “network”, let’s re-examine IP addresses:
“classful” addressing:(does not need mask or /K indicator)
(*) this range used as multicast also in CIDR method
Ch. 4: Network Layer - Forwarding
#29
IP addressing: CIDR classful addressing:
inefficient use of address space, address space exhaustion
e.g., class B net allocated enough addresses for 65K hosts, even if only 2K hosts in that network
CIDR: Classless InterDomain Routing network portion of address of arbitrary length address format: a.b.c.d/x, where x is # bits in network
portion of address Requires inclusion of mask or “/K” in routing table
11001000 00010111 00010000 00000000
networkpart
hostpart
200.23.16.0/23
Ch. 4: Network Layer - Forwarding
#30
IP addresses: how to get one?
Hosts (host number): hard-coded by system admin in a file
Can see in IPConfig DHCP: Dynamic Host Configuration Protocol:
dynamically get address: “plug-and-play” host broadcasts “DHCP discover” msg DHCP server responds with “DHCP offer” msg host requests IP address: “DHCP request” msg DHCP server sends address: “DHCP ack” msg this is the common practice in LAN (why?) in home access: same procedure using PPP
protocol
Ch. 4: Network Layer - Forwarding
#31
IP addresses: how to get one?
Network (network prefix+mask): get allocated portion of ISP’s address
(a) DA: 11001000 00010111 00010110 10100001 Which interface will be used by this router for following dest addresses?
(d) DA: 11001000 00010111 00011000 11101010
Network Link Interface200.23.16.0 /21 0200.23.24.0 /24 1200.23.20.0 /24 2otherwise 3
(b) DA: 11001000 00010111 00010100 10101010 (c) DA: 11001000 00010111 00011100 10111110
Routing table
Ch. 4: Network Layer - Forwarding
#37
Getting a datagram from source to dest.
IP datagram:
miscfields
sourceIP addr
destIP addr data
datagram remains unchanged (*), as it travels source to destination
forwarding based on addr fields only Main field :
dest. IP addr
Dest. Net. next router Nhops
223.1.1 1223.1.2 223.1.5.2 2223.1.3 223.1.5.2 2
routing table in R
223.1.1.4
223.1.1.2
R223.1.1.1
223.1.1.3
223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
S
223.1.5.1
223.1.5.2
(*) almost
Ch. 4: Network Layer - Forwarding
#38
Getting a datagram from source to dest.
Starting at A, given IP datagram addressed to B:
A looks up its /K(*) in IPConfig
Compares first K bits in dest address with those in its own
find B is on same net. as A same prefix same
subnet link layer will send datagram
directly to B in link-layer frame using ARP table/protocol B and A are directly
connected(*) in the form of subnet mask
miscfields223.1.1.1223.1.1.3data A’s IPConfig:
IP Addr: 223.1.1.1Subnet /K = 24 (*) Dflt Gtwy: 223.1.1.4
A’s ARP Table: 223.1.1.3 => 223.1.1.4 => Etc.
223.1.1.4
223.1.1.2
R223.1.1.1
223.1.1.3
223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
S
223.1.5.1
223.1.5.2
(*) subnet mask = 225.225.225.0
Ch. 4: Network Layer - Forwarding
#39
Getting a datagram from source to dest.
Starting at A, dest. E: look up network address of
E A finds E on another
network /K prefixes don’t match sends to default router R
223.1.1.4 listed in IPConfig
R’s routing table says: next hop router to E is 223.1.5.2: S
link layer sends datagram to router 223.1.5.2 as link-layer frame using ARP & Ethernet
datagram arrives at 223.1.5.2
cont. on next slide..
miscfields223.1.1.1223.1.2.2 data
223.1.1.4
223.1.1.2
R223.1.1.1
223.1.1.3
223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
S
223.1.5.1
223.1.5.2
Dest. Net. Next router Port Hops
223.1.1.0 /24 a 1223.1.2.0 /24 223.1.5.2 b 2223.1.3.0 /24 223.1.5.2 b 2
a
b
a bc
Routing Table
Ch. 4: Network Layer - Forwarding
#40
Getting a datagram from source to dest.
Arrived at 223.1.5,2, continuing to 223.1.2.2
look up network address of E
E on subnet directly attached to router’s interface b
link layer sends datagram to 223.1.2.2 inside link-layer frame via I/F b (223.1.2.9)
datagram arrives at 223.1.2.2!!! (hooray!)
Qn: What tables consulted in last two bullets?
miscfields223.1.1.1223.1.2.2 data
223.1.1.4
223.1.1.2
R223.1.1.1
223.1.1.3
223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2223.1.3.1
223.1.3.27
A
BE
S
223.1.5.1
223.1.5.2
Dest. Net. Next router Port Hops
223.1.1.0 /24 223.1.5.1 a 2223.1.2.0 /24 b 1223.1.3.0 /24 c 1
a
b
a bc
Ch. 4: Network Layer - Forwarding
#41
Network Address Translation (NAT): Outline
Datagrams with source or destination in this networkhave 192.168.1/24 address for source /destination (as usual)
192.168.1.2
192.168.1.3
192.168.1.4
192.168.1.1
138.76.29.7
private network(e.g., home network)
192.168.1.0/24
rest ofInternet
All datagrams leaving privatenetwork have same single source NAT IP address: 138.76.29.7,different source port numbers
A private network uses just one public IP address as far as outside world is concerned Each device on the private network is assigned a private IP address
Here Here
Ch. 4: Network Layer - Forwarding
#42
NAT: ImplementationNAT router must:
for outgoing datagrams: replace (source IP address, port #) of every
outgoing datagram by (NAT IP address, new port #). . . remote clients/servers will respond using (NAT
IP address, new port #) as destination addr. remember (in NAT translation table) every (source
IP address, port #) to (NAT IP address, new port #) translation pair
for incoming datagrams: replace (NAT IP address, new port #) in dest fields
of every incoming datagram with corresponding (source IP address, port #) stored in NAT table
Ch. 4: Network Layer - Forwarding
#43
NAT: Network Address Translation
192.168.1.2
S: 192.168.1.2, 3345D: 128.119.40.186, 80 1
192.168.1.1
138.76.29.7
1: host 192.168.1.2 sends datagram to 128.119.40.186, 80
4: NAT routerchanges datagramdest addr from138.76.29.7, 5001 to 192.168.1.2, 3345 after consulting translation table
192.168.1.3
192.168.1.4
Ch. 4: Network Layer - Forwarding
#44
NAT: Advantages
No need to be allocated range of addresses from ISP: - just one public IP address is used for all devices 16-bit port-number field allows 60,000
simultaneous connections with a single LAN-side address !
can change ISP without changing addresses of devices in private network
can change addresses of devices in private network without notifying outside world
Devices inside private net not explicitly addressable, visible by outside world (a security plus)
Ch. 4: Network Layer - Forwarding
#45
NAT: Drawbacks
If both hosts are behind distinct NATs, they will have difficulty establishing connection
NAT is controversial: violates layer modularity principle:
routers should process up to only layer 3 causes problem for some application protocols:
• if application writes an explicit IP address within the L5 header, the peer application will get a useless internal-NAT IP address as an argument
proper address shortage solution : IPv6 !
Network Layer4-46 אפקה
תשע"ב ס"ב
IP datagram format
ver total length
32 bits
data )variable length,
typically a TCP or UDP segment(
16-bit identifier
Header checksum
time tolive
32 bit source IP address
IP protocol versionnumber
header length #) of 32-bit words(
max numberremaining hops
)decremented at each router(
forfragmentation/
reassembly(**)
total datagramlength (bytes)
which upper layer prot.should receive payload
head.len
type ofservice
quality of svc (*)
flgsfragment
offsetprotocol
32 bit destination IP address
Options (if any) & paddingE.g. timestamp,record routetaken, specifiedlist of routers to use.
how much overhead with
TCP?20 bytes of TCP +20 bytes of IP =40 bytes +
app layer overhead
(*)seldom used
see also Extra slides
(**)we skip the details
Network Layer4-47
IPv6 Initial motivation: 32-bit address space
soon to be completely allocated. Additional motivation:
IPv6 header format helps speed processing IPv6 datagram format:
16-byte (128 bit) IP address fixed-length 40 byte header
• no options allowed inside the header• each option gets its own header after the main IP
header fragmentation discouraged
• allowed only using an options header
Network Layer4-48 אפקה
תשע"ב ס"ב
IPv6 Datagram FormatPriority: identify priority among datagrams in flowFlow Label: identify datagrams in same “flow.” (designed to enable Virtual Circuits over IP ).Next header: identify upper layer protocol that should
receive “data“ (“protocol” could also be an option type of IPv6)
40 bytes header
bytes
=TTL
Network Layer4-49
Transition From IPv4 To IPv6 Not all routers can be upgraded simultaneously
How will the network operate with mixed IPv4 & IPv6 routers? Tunneling: IPv6 datagrams are carried as payload in IPv4
datagrams when travelling through IPv4 routers source and destination network are IPv6, but need to transit
an existing IPv4 network
How is tunneling done? gateway router in source network takes the IPv6 datagram as
payload and encapsulates it into an IPv4 datagram• i.e. adds an IPv4 header in front of it
the IPv4 destination is the gateway router of the destination network, which removes the IPv4 header and routes by IPv6
Gateway router must support IPv4, IPv6 and tunneling
Network Layer4-50 אפקה
תשע"ב ס"ב
TunnelingA B E F
IPv6 Island IPv6
tunnelLogical view:
Physical view:A B E F
IPv6 IPv6
C D
IPv4 IPv4
Flow: XSrc: A
Dest: F
data
Flow: XSrc: A
Dest: F
data
Flow: XSrc: A
Dest: F
data
Src:BDest: E
Flow: XSrc: A
Dest: F
data
Src:BDest: E
A-to-B:IPv6
E-to-F:IPv6
B-to-C:IPv6 inside
IPv4
B-to-C:IPv6 inside
IPv4
IPv4 IPv4
IPv4 IPv4
IPv6 IPv6
IPv6 IPv6
IPv6 Island
Network Layer4-51
Usage of Tunneling Tunneling is used to move a packet
between similar networks A, B through a network Cthat is unable to understand its L3 header
Possible reasons:1. C uses a different protocol (e.g. IPv6 vs IPv4)2. A wants to encipher the data and the header
(VPN application)3. All networks use same protocol, but the
destination node is currently at a foreign networkand wishes to use its usual IP address.(Mobile IP application)
IPv6 status report Operating systems –
wide support – early 2000 Windows (2000, XP, Vista), BSD, Linux, Apple
Networking infrastructure Cisco
Deployment Slow
Penetration Host - minor (less than 1%) Used in 2008 in China Olympic games
Motivation: CIDR & NAT
Ch. 4: Network Layer - Forwarding
#52
Extra
Ch. 4: Network Layer - Forwarding
#53
Ch. 4: Network Layer - Forwarding
4-54
IP Fragmentation & Reassembly network links have MTU
(max.transfer size) - largest possible link-level frame. different link types,
different MTUs large IP datagram divided
(“fragmented”) within net one datagram becomes
several datagrams “reassembled” only at
final destination IP header bits used to
identify, order related fragments
fragmentation: in: one large datagramout: 3 smaller datagrams
reassembly
Ch. 4: Network Layer - Forwarding
4-55
IP Fragmentation and Reassembly
ID=x
offset=0
fragflag=0
length=4000
ID=x
offset=0
fragflag=1
length=1500
ID=x
offset=185
fragflag=1
length=1500
ID=x
offset=370
fragflag=0
length=1040
One large datagram becomesseveral smaller datagrams
Example 4000 byte
datagram MTU = 1500
bytes
1480 bytes in data field
offset =1480/8
Ch. 4: Network Layer - Forwarding
4-56
ICMP: Internet Control Message Protocol
used by hosts & routers to communicate network-level information error reporting:
unreachable host, network, port, protocol
echo request/reply (used by ping)
network-layer “above” IP: ICMP msgs carried in IP
datagrams ICMP message: type, code
plus first 8 bytes of IP datagram causing error
Type Code description0 0 echo reply (ping)3 0 dest. network unreachable3 1 dest host unreachable3 2 dest protocol unreachable3 3 dest port unreachable3 6 dest network unknown3 7 dest host unknown4 0 source quench (congestion control - not used)8 0 echo request (ping)9 0 route advertisement10 0 router discovery11 0 TTL expired12 0 bad IP header
Ch. 4: Network Layer - Forwarding
4-57
Traceroute and ICMP
Source sends series of UDP segments to dest First has TTL =1 Second has TTL=2, etc. Unlikely port number
When nth datagram arrives to nth router: Router discards