Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6 4.5 Routing algorithms Link state Distance Vector Hierarchical routing 4.6 Routing in the Internet RIP OSPF BGP 4.7 Broadcast and multicast routing
40
Embed
Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet Protocol m Datagram.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Chapter 4: Network Layer
4. 1 Introduction 4.2 Virtual circuit
and datagram networks
4.3 What’s inside a router
4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6
4.5 Routing algorithms Link state Distance Vector Hierarchical routing
4.6 Routing in the Internet RIP OSPF BGP
4.7 Broadcast and multicast routing
Hierarchical OSPF
two-level hierarchy: local area, backbone.
Link-state advertisements only within the area
each nodes has detailed knowledge of its area topology
area border routers: “summarize” distances to nets in own area, advertise to other Area Border routers.
backbone routers: run OSPF routing limited to backbone.
boundary routers: connect to other AS’s.
Perhaps some routers don’t need to know about every link.
C
GH
•ABR C announces link C<->A to Area 1•ABR C announces link C<->E to Backbone•ABR C announces a summary of Area 1 to the Backbone•ABR C announces a summary of the Backbone and other areas to Area 1
•C learns about other areas from the other ABR•……
A
E
Area Border Router Summaries
•Routers in area 1 do not need to know about the paths used to reach destinations in other areas•They only need to know that they can be reached.•In this case, reachbility information is sufficient to compute optimal routes•i.e., the ABR only announces which destinations it can reach.•However, no one would make a topology as shown in the figure•Why?•If a single key links break or router crashes, the network would be partitioned (and the network designer would be fired)
Should the summaries include reachbility information or path metrics?
C
GH
Area Border Router Summaries
A
B
C
D
EF
G
•ABR C announces to Area 1 that it can reach Area 2 in 1 hops (and includes a list of destinations in Area 2)•ABR F announces to Area 1 that it can reach Area 2 in 0 hops•Router A determines the path to D as follows
•The path to Area 2 via F is 2 hops (2 to reach F and then 0 more to Area 2)•The path to Area 2 via C is 2 hops (1 to C and then 1 more to Area 2)•Either path is good to reach D•However, the path via F is better. A does not have sufficient information to determine this.
e.g., if summaries only include reachbility information
area border router
Area Border Router Summaries
A
B
C
D
EF
G
•ABR G tells all routers in the Backbone that it can reach D in 2 hop.•ABR F tells all routers in the Backbone that it can reach D in 1 hops•ABR C tells all routers in Area 1 that it can reach D in 3 hops•ABR F tells all routers in Area 1 that it can reach D in 1 hop•A decides B is the best next hop toward D
•In this case, reachability information is not enough to compute optimal routes.•Therefore, ABRs provide distance vector type information, i.e., which destinations can be reached and the cost to reach them
•Notice the C does not announce the link CG to Area 1.•Notice that C gets a summary from G, which is distances to destinations, like distance vector.•C uses the distances from G to determine its distances. •C announces these distances to Area 1•This is like a one hop distance vector protocol
area border router
Area Border Router Summaries
A
B
C
D
EF
G
•This is like a one hop distance vector protocol•Convergence time: 1•Loops are not possible
C
Area 1
G
F
Area 2
Area 3
A in 1 hopB in 2 hops……
The backbone is completely connected because each router essentially sends distance vector updates directly to its neighbor
A in 2 hopB in 3 hops……
area border router
3
2
1
1
2
A in 4 hopB in 5 hops……
Chapter 4: Network Layer
4. 1 Introduction 4.2 Virtual circuit
and datagram networks
4.3 What’s inside a router
4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6
4.5 Routing algorithms Link state Distance Vector Hierarchical routing
4.6 Routing in the Internet RIP OSPF BGP
4.7 Broadcast and multicast routing
Recall: Subnets
223.1.1.1
223.1.1.3
223.1.1.4
223.1.2.2223.1.2.1
223.1.2.6
223.1.3.2223.1.3.1
223.1.3.27
223.1.1.2
223.1.7.0
223.1.7.1223.1.8.0223.1.8.1
223.1.9.1
223.1.9.2
IP addressing: CIDR
CIDR: Classless InterDomain Routing subnet portion of address of arbitrary length address format: a.b.c.d/x, where x is # bits in
subnet portion of address
11001000 00010111 00010000 00000000
Subnet part or CIDR-block
hostpart
200.23.16.0/23
IP addresses: how to get one?
Q: How does network get subnet part of IP addr?
A: gets allocated portion of its provider ISP’s address space
“Send me anythingwith addresses beginning 200.23.16.0/20”
200.23.16.0/23
200.23.18.0/23
200.23.30.0/23
ISP1
Organization 0
Organization 7 Internet
Organization 1
ISP2“Send me anythingwith addresses beginning 199.31.0.0/16”
200.23.20.0/23Organization 2
...
...
Hierarchical addressing allows efficient advertisement of routing information:
This way, the whole 32 bit address does not need to be examined
Border Router
Hierarchical addressing: more specific routes
ISP2 has a more specific route to Organization 1
“Send me anythingwith addresses beginning 200.23.16.0/20”
200.23.16.0/23
200.23.18.0/23
200.23.30.0/23
ISP1
Organization 0
Organization 7
Organization 1
ISP2“Send me anythingwith addresses beginning 199.31.0.0/16or 200.23.18.0/23”
200.23.20.0/23Organization 2
...
...InternetBorder Router
Longest prefix matching
Prefix Match Link Interface200.23.16.0/20 0 200.23.18.0/23 1199.31.0.0/16 1 otherwise 2
Border Router Forwarding Table
If a packet with destination address 200.23.18.12 arrives at the boarder router, then is it forwarding to interface 0 or 1?Since interface 1 has a longer match, it goes to interface 1
A Problem with Longest Match and subnetting
“Send me anythingwith addresses beginning ……”
200.23.16.0/23
200.23.18.0/23
200.23.30.0/23
ISP1
Organization 0
Organization 7 Internet
Organization 1
ISP2“Send me anythingwith addresses beginning …..
200.23.20.0/23Organization 2
...
...
In order to improve reliability, organization 7 has a backup link with ISP1.This way, if ISP1 has problems or ISP1’s provider has problems, then organization 7 is still reachable.Will this work?
Border Router
Hierarchical Routing
scale: with 200 million destinations: can’t store all dest’s in routing tables!
Memory for address table must be very fast• How fast? How long can an address lookup take on a
10GBit interface?• E.g., 64B/1010=50nsec
routing table exchange would swamp links! There are ~ 1 million links If link state was flooded every 30 minutes
seconds and each link state is 20B, then each router receives and processes 100kbps in link announcements
But, perhaps, only changes in link state could be distributed.
administrative autonomy internet = network of networks each network admin wants to control
routing in its own network ATT does not want Sprint to know what
their topology is• Trade secret• Improves security
ATT wants to select a routing protocol and parameters without getting Sprint’s permission
Our routing study thus far has been an idealization all routers identical network “flat”… not true in practice
Hierarchical Routing
aggregate routers into regions, “autonomous systems” (AS)
Single administrative domain Routers in the same AS run
same routing protocol “intra-AS” routing protocol routers in different AS can run
different intra-AS routing protocol
An ISP may be made of 1 or more ASs
ATT-USA = 1 AS and ATT-Europe is another
Some stub networks are an AS• UD is an AS• Some companies have routers
but are not ASs ASs have their own number,
assigned by ICANN There are ~50K ASs
Gateway router Direct link to router in another
AS Gateway routers run a common
inter-networking routing protocol
C
A
B
10.1.1.0/24
10.1.2.0/24
10.1.4.0/22
Prefix Interface10.1.1.0/24 4
10.1.4.0/223
Forwarding table
AS1
AS2E
These tables are made with RIP, OSPF, ISIS, etc
Stub network (at the edge of the network)
Service provider of AS1 (e.g., AS1=UD and AS2=cogent)
The rest of the internet
Simple example
Connections to other ASs and the rest of the Internet
(Recall that ASs (ISPs) sometimes meet at NAPs. E.g., google: MAE-East)An AS could also meet its provider at a POP.
1
23
4
10.1.2.0/242
1
23
Prefix Interface10.1.1.0/24 3
10.1.4.0/223
Forwarding table
10.1.2.0/242
Prefix10.1.1.0/24 3
10.1.4.0/223
Forwarding table
10.1.2.0/242
32
1
AS2E
Service provider of AS1 (e.g., AS1=UD and AS2=cogent)
The rest of the internet
Q: How can routers in AS1 know where to send pkts with destination not in AS1?
A: Easy, if a pkt is for an “unknown” address, then send it to B.Specifically, B advertises a link to prefix 0.0.0.0/0This is called a default route, and it can be statically set (no need for any routing protocol beside OSPF)
C
A
B
10.1.1.0/24
10.1.2.0/24
10.1.4.0/22
Prefix Interface10.1.1.0/24 4
10.1.4.0/223
Forwarding table
AS1
These tables are made with RIP, OSPF, ISIS, etc
Stub network (at the edge of the network)
1
23
4
10.1.2.0/242
1
23
Prefix Interface10.1.1.0/24 3
10.1.4.0/223
Forwarding table
10.1.2.0/242
Prefix10.1.1.0/24 3
10.1.4.0/223
Forwarding table
10.1.2.0/242
32
1
0.0.0.0/0 10.0.0.0/0 1
0.0.0.0/0 1
C
A
B
10.1.1.0/24
10.1.1.1/24
10.1.4.0/22
AS1
AS2
AS3
1.1.0.0/16
1.2.0.0/16
2.2.0.0/16
D
E
These tables are made with RIP, OSPF, ISIS, etc
We need to put prefixes 1.1.0.0/16, 1.2.0.0/16, 2.2.0.0/16 in the forwarding tables
How to get there?1. B must learn from E that 1.1.0.0/16 and 1.2.0.0/16 are reachable through E2. A must learn that 2.2.0.0/16 is reachable through D3. B and A must distribute this information throughout AS1
Steps 1 and 2 need a exterior inter-networking routing protocolStep 3 needs an interior inter-networking routing protocolEBGP and IBGP – border gateway routing protocol can accomplish this
Prefix Interface10.1.1.0/24 4
10.1.4.0/223
Forwarding table
12
3
4
10.1.2.0/242
Prefix10.1.1.0/24 3
10.1.4.0/223
Forwarding table
10.1.2.0/242
3 2
1
1
2
3 Prefix Interface10.1.1.0/24 3
10.1.4.0/223
Forwarding table
10.1.2.0/2424
to the rest of the Internet
3b
1d
3a
1c2aAS3
AS1
AS21a
2c2b
1b
Intra-ASRouting algorithm
Inter-ASRouting algorithm
Forwardingtable
3c
Interconnected ASes
forwarding table configured by both intra- and inter-AS routing algorithm intra-AS sets entries
for internal dests inter-AS & intra-As
sets entries for external dests
Example: Setting forwarding table in router 1d
suppose AS1 learns (via inter-AS protocol) that subnet x is reachable via AS3 (gateway 1c) but not via AS2.
inter-AS protocol propagates reachability info to all internal routers. router 1d determines from intra-AS routing info that its interface I is on the
least cost path to 1c. installs forwarding table entry (x,I)
Alternatively, 1d has two table entries One entry says x is reachable via 1c (determined by IBGP) A second entry says which is the next hop to reach 1c (determined by intra-routing protocol)
3b
1d
3a
1c2aAS3
AS1
AS21a
2c2b
1b
3c
x…
Example: Choosing among multiple ASes now suppose AS1 learns from inter-AS protocol that subnet
x is reachable from AS3 and from AS2. to configure forwarding table, router 1d must determine
towards which gateway it should forward packets for dest x. this is also job of inter-AS routing protocol! If both gateways are equivalent, then the intra-AS
routing protocol will route packets to the best gateway• This is called hot potato routing: send packet towards closest of two
routers.
3b
1d
3a
1c2aAS3
AS1
AS21a
2c2b
1b
3cx… …
A
128.4.0.0/16
Hot Potato Routing
AS1
AS2
Pkt arrives with dest in 124.4.0.0/16
•AS2 could give send the pkt to gateway B – hot potato routing.•But AS1 would prefer AS2 to carry its own traffic.•So AS1 might require that AS2 gives higher priority to gateway A.•But how can AS1 enforce AS2 to do this?
B
Learn from inter-AS protocol that subnet x is reachable via multiple gateways
Use routing infofrom intra-AS
protocol to determine
costs of least-cost paths to each
of the gateways
Hot potato routing:Choose the
gatewaythat has the
least cost
Determine fromforwarding table the Interface that leads
to least-cost gateway. Enter (x,I) in
forwarding table
Example: Choosing among multiple ASes
now suppose AS1 learns from inter-AS protocol that subnet x is reachable from AS3 and from AS2.
to configure forwarding table, router 1d must determine which gateway it should forward packets for dest x. this is also job of inter-AS routing protocol!
hot potato routing: send packet towards closest of two routers.
Internet inter-AS routing: BGP
BGP (Border Gateway Protocol): the de facto standard
BGP provides each AS a means to:1. Obtain subnet reachability information from
neighboring ASs.2. Propagate reachability information to all AS-
internal routers.3. Determine “good” routes to subnets based
on reachability information and policy. allows subnet to advertise its existence
to rest of Internet: “I am here”
BGP basics pairs of routers (BGP peers) exchange routing info over semi-
permanent TCP connections: BGP sessions BGP sessions need not correspond to physical links.
when AS2 advertises a prefix to AS1: AS2 promises it will forward datagrams towards that
prefix. AS2 can aggregate prefixes in its advertisement
• But this can cause problems when some prefixes have backup links
3b
1d
3a
1c2aAS3
AS1
AS21a
2c
2b
1b
3ceBGP session
iBGP session
Distributing reachability info using eBGP session between 3a and 1c, AS3 sends prefix
reachability info to AS1. 1c can then use iBGP do distribute new prefix info to all
routers in AS1 1b can then re-advertise new reachability info to AS2
over 1b-to-2a eBGP session when router learns of new prefix, it creates entry for
prefix in its forwarding table.
3b
1d
3a
1c2aAS3
AS1
AS21a
2c
2b
1b
3ceBGP session
iBGP session
Aggregation Problem
1.1.1.0/24
ISP1.1.2.0/24
1.1.3.0/24
1.1.4.0/24
ISPY
1.1.0.0/22
ISP
1.1.4.0/24
1.1.0.0/22
ISPW
ISP ISPISPX
1.1.4.0/24
From ISP W, the next hop to 1.1.4.0/24 is X, it should be Y
Path attributes & BGP routes
advertised prefix includes BGP attributes. prefix + attributes = “route”
two important attributes: AS-PATH: contains ASs through which prefix
advertisement has passed: e.g, AS 67, AS 17, … NEXT-HOP: indicates specific internal-AS router
to next-hop AS. (there may be multiple routers with links from current AS to next-hop-AS. Each router can advertise the path)
when gateway router receives route advertisement, uses import policy to accept/decline.
BGP route selection
router may learn about more than 1 route to some prefix. Router must select route.
elimination rules:1. local preference value attribute: policy
decision2. shortest AS-PATH 3. closest NEXT-HOP router: hot potato
routing4. additional criteria
BGP messages
BGP messages exchanged using TCP. BGP messages:
OPEN: opens TCP connection to peer and authenticates sender
UPDATE: advertises new path (or withdraws old)
KEEPALIVE keeps connection alive in absence of UPDATES; also ACKs OPEN request
NOTIFICATION: reports errors in previous msg; also used to close connection
TCP reset security risk
BGP routing policy
A,B,C are provider networks X,W,Y are customer (of provider networks) X is dual-homed: attached to two networks
X does not want to route from B via X to C .. so X will not advertise to B a route to C
A
B
C
W X
Y
legend:
customer network:
provider network
BGP routing policy (2)
A advertises path AW to B B advertises path BAW to X Should B advertise path BAW to C?
No way! B gets no “revenue” for routing CBAW since neither W nor C are B’s customers
B wants to force C to route to w via A B wants to route only to/from its customers!
A
B
C
W X
Y
legend:
customer network:
provider network
BGP route processing
BGP advertises and withdraws paths with the UPDATE message UPDATE has three fields
Router to withdraw Attributes of routes to prefixes in NLRI NLRI
The NLRI is a list of prefixes that the list of attributes applies to. If two prefixes have different attributes, then these two prefixes need to be announced with different UPDATE messages.
In OSPF each path is a list of routes and a total cost (two attributes). In BGP, routes have many attributes, the cost (in AS hops) is only one of the attributes
input policy engine
routingdecision
routingtable
output policy engine
configuration configuration
from peers
to peers
RIBs Routing information base (RIB) – a list of routes (including attributes)
Adj-RIB-In: RIB learned from neighbor (many of these) Adj-RIB-Out: RIB to be sent to neighbor (many of these) Loc-RIB: RIB for local use (only one of these)
Adj-rib-inpeer
InputPolicyengine
Adj-rib-inpeer
Adj-rib-inpeer
Adj-rib-inpeer
BGP decision
Loc-RIB
InputPolicyengine
Adj-rib-out peer
Adj-rib-out peer
Adj-rib-out peer
Adj-rib-out peer
Sample routing environment
AS1
AS2
inputpolicy engine
•deny 0/0 from AS1•Give 192.213.1.0/24 from AS1 better preference•Accept other routes
192.213.1.0/240/0
192.213.1.0/24193.214.10.0/240/0
decisionprocess
routes
•Use 0/0 from AS2•Use 192.213.1.0/24 from AS1•Use 193.214.10.0/24 from AS2•Use 172.16.10.0/24 from AS5 (this AS)
AS3
AS4
outputpolicy engine
•Do not propagate 0/0•Do not send 193.214.10.0/24 to AS4•Give 192.213.1.0/24 with metric = 10 to AS3
Now use whois -h whois.arin.net "a ASXX" to learn about ASs where XX is an AS number. E.g., whois -h whois.arin.net "a AS34" gives information about AS34
Try with some other AS
Check out a collection of path announcements Open bgp030408p39.Partial