ECE 526 – Network Processing Systems Design Packet Processing II: algorithms and data structures Chapter 5: D. E. Comer.

ECE 526 – Network ECE 526 – Network Processing Systems Processing Systems

DesignDesignPacket Processing II:  algorithms and

data structures Chapter 5: D. E. Comer

Ning Weng ECE 526 2

Goal and OutlineGoal and Outline• Goal:

─ Understand basic network processing operations─ Learn how to perform operations – data structures &

algorithms

• Outline:─ IP fragmentation and reassembly─ IP forwarding and routing ─ TCP connection recognition and splicing ─ Summary─ For next class

Ning Weng ECE 526 3

IP FragmentationIP Fragmentation• Needed when datagram larger than network MTU

─ Ethernet 1500 Byte

• FLAGs bits in datagram header

Ning Weng ECE 526 4

Fragmentation ExampleFragmentation Example• How to identify a fragment

─ Flags─ Offset: multiple of 64 bit─ Ident: unique to send machine

Ning Weng ECE 526 5

IP Fragmentation AlgorithmIP Fragmentation Algorithm

Ning Weng ECE 526 6

IP ReassemblyIP Reassembly• Process to join fragments and produce original

datagram• Only ultimate destination perform IP reassembly

(NAT: exception)• Four factors influencing reassembly

─ Out of order delivery─ Duplication─ Loss─ Concurrent reception

• Key fields help reassembly─ Source IP address─ ID field─ Flags and Offset

Ning Weng ECE 526 7

Reassembly AlgorithmReassembly Algorithm

Ning Weng ECE 526 8

Reassembly Data StructureReassembly Data Structure• Two parts

─ Buffer larger enough to hold original datagram─ Linked list of pieces that have arrived

Ning Weng ECE 526 9

IP Datagram ForwardingIP Datagram Forwarding• Conceptual mapping

─ (next hop, interface) f(datagram, routing table)

• Routing table─ one entry per destination─ entry contents: IP address, address mask, next-hop

address and N-bit interface number

• Example IP routing table

Ning Weng ECE 526 10

IP Forwarding AlgorithmIP Forwarding Algorithm

Assuming: routing table sorted from most specific to less specific

Can I use hashing?

Ning Weng ECE 526 11

High-Speed ForwardingHigh-Speed Forwarding• Example routing tree

Ning Weng ECE 526 12

Routing Exercises Routing Exercises • Draw tire of the following prefixes:

─ A: 0010*─ B: 010*─ C: 0101*─ D: 0*─ E: 10*─ F: 1011*─ G: 100*

• Which prefixes match the following lookups?─ 01─ 101─ 0001─ 1

Ning Weng ECE 526 13

TCP Connection RecognitionTCP Connection Recognition• Key function of traffic monitors, firewalls and NAT• State of TCP connection

─ Being established ─ Completely established─ Being terminated─ Completely terminated (remove from record)

• Code bits in TCP header:─ Reset:

• error occurred when one end has no record connection • regarded as a completely terminated here

─ Syn: • to start new connection • completely established need “see” syn from both sides

─ Fin: • to terminate connection• completely terminated need “see” fin from both sides

Ning Weng ECE 526 14

TCP Connection Recognition AlgorithmTCP Connection Recognition Algorithm

Ning Weng ECE 526 15

TCP Splicing TCP Splicing • Join two TCP connections

─ Allow data to pass between them─ To avoid termination overhead ─ By translating segment header fields

• Acknowledgment number; sequence number

Ning Weng ECE 526 16

TCP Splicing AlgorithmTCP Splicing Algorithm

Ning Weng ECE 526 17

SummarySummary• Packet processing operations and algorithms

─ Ethernet bridging (layer 2)─ IP fragmentation, reassembly and forwarding (layer 3)─ TCP splicing, connection recognition (layer 4)─ Flow classification (mixed layer)

• Important data structure─ Linked list─ Hashing table─ Routing table─ Tire

• Table lookup─ Hashing─ Full match for layer 2─ Longest prefix match (LPM) for layer 3

Ning Weng ECE 526 18

For Next ClassFor Next Class

• “Networking Algorithmics” ─ Chapter 17: Network Security (handout)

Ning Weng ECE 526 19

BackupBackup