RIP ( Routing Information Protocol) • RFC 1058 and 1723 • Included in BSD UNIX in 1982 • Distance vector algorithm • Distance metric: number of hops (max = 15 hops) • Distance vectors: exchanged every 30 s ec via RIP Response Message (also call ed “RIP advertisement”) • 封封封 UDP 封封封 , 封封封封 520 。
105
Embed
RIP ( Routing Information Protocol) RFC 1058 and 1723 Included in BSD UNIX in 1982 Distance vector algorithm Distance metric: number of hops (max = 15.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
RIP ( Routing Information Protocol)
• RFC 1058 and 1723• Included in BSD UNIX in 1982• Distance vector algorithm• Distance metric: number of hops (max = 15 hops)• Distance vectors: exchanged every 30 sec via RIP Re
RIP: Routing Information ProtocolUses hop count as metric (max: 16 is infinity) Tables (vectors) “advertised” to neighbors every 30 s.
Each advertisement: up to 25 entriesNo advertisement for 180 sec: neighbor/link declared
deadroutes via neighbor invalidatednew advertisements sent to neighbors (Triggered updates)neighbors in turn send out new advertisements (if tables
changed)link failure info quickly propagates to entire netpoison reverse used to prevent ping-pong loops (infinite
distance = 16 hops)
RIPv1 Problems
• Split horizon/poison reverse does not guarantee to solve count-to-infinity problem– 16 = infinity => RIP for small networks only!– Slow convergence
• Broadcasts consume non-router resources
• RIPv1 does not support subnet masks (VLSMs) – No authentication
RIPv2
• Provides:– VLSM support– Authentication– Multicasting (地址为: 224.0.0.0)– Tags to support EGP/BGP routes.
• Uses reserved fields in RIPv1 header.
• First route entry replaced by authentication info.
Routing Information Protocol (RIP v2)
metric
Command (1-6) Version 保留Address Family
32-bit IP address
Next hop (32bit)
24 more routes
32-bit Subnet Mask
路由标记
如果在 Address Family 中的数据为 FFFF, 则整个报文为认证( authentication) 报文。路由标记:可带 AS 号,使 RIP 能够从 EGP/BGP routes. 中接受信息
RIP problems
• Counting-to-infinity problem: – Simple configuration A->B->C. If C fails, B needs
to update and thinks there is a route through A. A needs to update and thinks there is a route thru B.
– No clear solution, except to set “infinity” to be small (eg 16 in RIP)
• Slow convergence after topology change:– Due to count to infinity problem– Also information cannot propagate thru node
until it recalculates routing info.
Properties of Distance Vector Algorithm
• Bad news propagate slowly: the count-to-infinity problem
Properties of Distance Vector Algorithm
• Good news propagate fast
RIP problems (contd)
• Black-holes:– If one node goes broke and advertises route of zero
to several key networks, all nodes immediately point to it.
• Not the optimal routing tables
the simplistic metric resulting in packets being sent over slow links when better paths are available
• Broadcasts consume non-router resources
The Bouncing Effect
A
2
1
1
B
C
B
C 21
dest cost
A
C 11
dest cost
A
B 12
dest cost
X
C Sends Routes to B
A
2 1
B
C
B
C 21
dest cost
A
C 1~
dest cost
A
B 12
dest cost
B Updates Distance to A
A
2 1
B
C
B
C 21
dest cost
A
C 13
dest cost
A
B 12
dest cost
B Sends Routes to C
A
2 1
B
C
B
C 21
dest cost
A
C 13
dest cost
A
B 14
dest cost
C Sends Routes to B
A
2 1
B
C
B
C 21
dest cost
A
C 15
dest cost
A
B 14
dest cost
How are These Loops Caused?
• Observation 1:– B’s metric increases
• Observation 2:– C picks B as next hop to A– But, the implicit path from C to A includes itsel
f!
Solution 1: Holddowns
• If metric increases, delay propagating information– In our example, B delays advertising route– C eventually thinks B’s route is gone, picks its
own route– B then selects C as next hop
• Adversely affects convergence
Other “Solutions”
• Split horizon– C does not advertise route to B– Rule: It is never useful to send information about
a route back in the direction from which it came
• Poisoned reverse– C advertises route to B with infinite distance– Rule: If two routers have routes pointing at each
other , advertising reverse routes with a metric of 16 breaks the loop immediately
An Example Where Reverse-Poison Fails
1
1 1
1
When the link between C and D fails, C will set its distance to D as However, A will then use B to go to D, and B will use A to go to D because there is no reverse-poison between them After such updates, A (and B) will then report new path to C for D, and C will use the path; we thus have the count-to-infinity problem again
Link State Protocols
• Key: Create a network “map” at each node.
• 1. Node collects the state of its connected links and forms a “Link State Packet” (LSP)
• 2. Flood LSP => reaches every other node in the network and everyone now has a network map.
• 3. Given map, run Dijkstra’s shortest path algorithm (SPF) => get paths to all destinations
• 4. Routing table = next-hops of these paths.
Dijkstra’s algorithm
Net topology, link costs known to all nodes accomplished via “link state
broadcast” all nodes have same info
computes least-cost paths from one node (‘source or root”) to all other nodes gives routing table for that n
ode iterative: after k iterations,
know least cost path to k dest.’s
Notation: c(i,j): link cost from node i
to j. cost infinite if not direct neighbors
D(v): current value of path cost from source to dest. V
p(v): predecessor node along path from source to v, that is next v
N: set of nodes whose least cost path definitively known
Dijkstra’s Algorithm1 Initialization: 2 N = {A} 3 for all nodes v 4 if v adjacent to A 5 then D(v) = c(A,v) 6 else D(v) = infty 7 8 Loop 9 find w not in N such that D(w) is a minimum 10 add w to N 11 update D(v) for all v adjacent to w and not in N: 12 D(v) = min( D(v), D(w) + c(w,v) ) 13 /* new cost to v is either old cost to v or known 14 shortest path cost to w plus cost from w to v */ 15 until all nodes in N
Dijkstra’s algorithm: example
Step012345
start NA
ADADE
ADEBADEBC
ADEBCF
D(B),p(B)2,A2,A2,A
D(C),p(C)5,A4,D3,E3,E
D(D),p(D)1,A
D(E),p(E)infinity
2,D
D(F),p(F)infinityinfinity
4,E4,E4,E
A
ED
CB
F
2
2
13
1
1
2
53
5
Dijkstra’s algorithm, discussion
Algorithm complexity: n nodeseach iteration: need to check all nodes, w, n
ot in Nn*(n+1)/2 comparisons: O(n**2)more efficient implementations possible: O
(nlogn)
OSPF (Open Shortest Path First)
• RFC 2178• A Link State algorithm
– Link costs are configured by network administrator
– Link state packet disseminated to entire AS (via flooding) periodically
– Each router maintains an identical database describing the AS's topology
– Use Dijkstra’s algorithm to compute shortest path routes to all the routers
us intrusion), TCP connections used• Multiple same-cost paths allowed (only one path in RIP)• Allow each link to have different costs for different TOS (Typ
e of Service) IP Packets – E.g, high-bandwidth satellite link configured to have a low cost for no
n-time-critical traffic and have a high cost for delay-sensitive traffic– Can compute different routes for each type of traffic
• Integrated unicast and multicast support: – Multicast OSPF (MOSPF, RFC 1584) provides simple extensions to
OSPF to provide for multicast routing
• Support for hierarchy within a single AS
Hierarchical OSPF• Two-level hierarchy: local area, backbone
– An AS is configured into areas, each area runs its own OSPF link-state routing algorithm
– One area in AS is configured to be the backbone area, job is to route traffic between other areas in the AS
Four types of OSPF routers:• Internal routers: in non-backbone areas and only perform intra-AS routi
ng• Area border routers: belong to both an area and the backbone, route pac
kets to outside the area• Backbone routers: perform routing within the backbone but are not area
border routers• Boundary routers: connect to other ASs, exchange routing information
with routers in other ASs
Hierarchical OSPF
OSPF in IP Packets
• OSPF is a link-state routing protocol– Relies on IP packets for delivery of routing
• If W selects path advertised by X, then Path (W,Z) = W, Path (X,Z) = W,X,Y1,Y2,Y3,Z• Note: X can control incoming traffic by controlling its
route advertisements to peers:– E.g., don’t want to route traffic to Z don’t advertise
any routes to Z
BGP (cont’d)• BGP messages exchanged using TCP, port 179• BGP messages:
– OPEN: opens TCP connection to peer, identifies and authenticates itself, sent when a BGP gateway wants to first establish contact with a BGP peer
– UPDATE: advertises new path (or withdraws old path)– KEEPALIVE: keeps connection alive in absence of UPDA
TES; also ACKs OPEN message– NOTIFICATION: reports errors in previous message; also
used to close connection
Autonomous Systems (AS)
AS = set of routers and networks under the same administrationNo theoretical limit to the size of the ASAll parts within an AS remain connected.
If two networks rely on core-AS to connect, they don’t belong to a single AS
AS is identified by a 16-bit AS numberAt least one border router per AS.
This router also collects reachability information (“external routes”) and diffuses it internally and vice versa
Autonomous Systems (Continued)
• AS types: – Stub AS => only single connection to one other AS =>
it carries only local traffic.– Multihomed AS: Connected to multiple AS, but does n
ot allow transit traffic– Transit AS: carries transit traffic under policy restrictio
ns
• Traffic types: – Local = traffic originating or terminating at AS. – Transit = non-local traffic
Many Routing Processes Can Run on a Single Router
Forwarding Table
OSPFDomain
RIPDomain
BGP
OS kernel
OSPF Process
RIP Process
RIP Routing tables
OSPF Routing tables
BGP Process
BGP Routing tables
Forwarding Table Manager
IPv6
The New Internet Protocol
Outline
• The Protocol (new ICMP)• Addressing and Routing (provider addressing)• Autoconfiguration• Security• Support of Real-time Communication• Deployment Strategy
The Design of IPv6
• IPv4 design was very good IPv6 should keep most of it
• It could only increase the size of addresses and keep every thing the same
• Experience brought lessons for improvement
IPv6 Header (40 bytes)
Version Prio Flow Label
Payload Length Next Header Hop Limit
Source Address
Destination Address
0 3116
40 bytes
128 bits
128 bits
IPv4 Header (20 bytes)
Version
identification DF MF Fragment offset
Source Address
Destination Address
0 3116
20 bytes 32 bits
32 bits
Hd len ToS
Tot len
Hd chksumprotocolTTL
Options (if any)
Note that while
the IPV6 address are four times as large as the IPV4 address,
the header length is only twice as big.
Notations of IPv6 Addresses
• 128 bit is represented as:– 8 integers (16-bit) separated by colons
• each integer is represented by 4 hex digits
Example:
FEDC:BA98:7654:3210:FEDC:BA98:7664:3210
Simplifications
• Skip leading zeros– Example:1080:0000:0000:0000:0008:0800:200C:417A – is reduced to: 1080:0:0:0:8:800:200C:417A
• A set of consecutive nulls is replaced by :: (at most one :: inside an address) – the above address is reduced to:
– Header length – type of service– identification, flags, fragment offset– Header Checksum
• Added:– Priority– Flow label
• Renamed:– length -> Payload length– Protocol -> Next header– time to live -> Hop Limit
• Redefined: Option mechanism
Simplifications• Fixed format headers
– no options -> no need for header length– options expressed as Extension headers
• No header checksum– reduce cost of header processing, no checksum updates at
each router– minimal risk as encapsulation of media access protocols
(e.g..., Ethernet, PPP) have checksum
• No segmentation– hosts should use path MTU discovery– otherwise use the minimum MTU (536 bytes)
Renaming
• Total Length Payload Length– not include header length– max length 64Kbytes with provision for larger packets
using “jumbo gram” option• Protocol Type Next header, can be set to:
– Protocol type (UDP,TCP, etc..)– Type of first extension header
• TTL Hop limit– “Truth in advertising!”,– number of hops NOT number of seconds
New Fields
• Flow label & Priority– to facilitate the handling of real time traffic
Options Extension Headers
Routers treats packets with options as “second class citizens” because it is slow to process, thus programmers tend not use them and options almost became obsolete.
Routers will only look at the routing header if they recognize one of their addresses in the destination field of the main header
Fragment Header• Routers do not fragment oversized packets
• Sender is to fragment &
Receiver is to reassemble
Next Header Reserved Fragment offset Res M
Identification
Destination Option Header
Will only be examined by the station
specified in the destination address.
Next Header Hdr Ext Len
Options
Option Type Opt Data Len Option Data
Hop-by-Hop Option Header
Will be examined by each router.
Has same form as destination options hdr.
194 Opt Len = 4
Jumbo Payload Length
To satisfy networking requirement of supercomputers,the Jumbo payload option is used to send very large packets (the IPv6 length field is set to zero):
ICMP…. Streamlined
• Removed unused functions in ICMP of v4
• Incorporate IGMP of v4
Type Code Checksum
Message Body
ICMP Error Messages
1 Destination Unreachable. Codes: 0 No route to destination 1 destination prohibited 3 Address unreachable 4 Port unreachable
2 Packet Too Big contain next hop MTU. used for path MTU discovery
3 Time Exceeded. Codes: 0 Hop limit exceeded 1 Fragment reassebly time exceed
4 Parameter ProblemNo error message in response to multicast or ICMP packets
Other ICMP messages128 Echo Request129 Echo Reply
130 Group Membership Query131 Group Membership Report132 Group Membership Termination
• Do we need more than 255 Hops?– allowing hop count to be very large, looping packets
will be relayed many times before being discarded
• Should packets be larger than 64K?– allowing very large packets increase the size of queues
and the variability of queuing delays
• Can we live without checksum?– Some IPv4 routers started to cut corners by not
verifying checksums to gain advantage over competition. By removing checksum altogether offers all routers the same advantage.
Real-time Support & Flows
• A proper handling of flows is required for high-quality multimedia communications in the new Internet
• A flow is a sequence of packets sent from a particular source to a particular (unicast or multicast) destination for which the source desires special handling by the intervening routers.
Real-time flows & Data Queues
S
R1
R2
R3
data
The flow label & source address are used to assert which packets belong to what flows
In IPv6 port numbers deep inside due to daisy chaining Even may not be visible due to encryption
SecurityIf security is provided at the IP level it
becomes standard service that all applications can use
It is absolutely necessary to implement if we want to develop of commercial use the Internet, e.g...., to deter sniffing attacks on passwords and credit card numbers.
HeadersAuthentication header
Guarantee that the source address is authentic &
the packet has not been altered during transmission.
Encryption headerGuarantee that only legitimate receivers
will be able to read the content of the packet
Transitioning the Internet
• At the beginning, all IPv6-capable hosts will also be IPv4-capable so as to retain connectivity with the existing Internet.
• To transform IPv4 into a dual-stack IPv6-capable host, it should include:– The IPv6 basic code– Handling IPv6 within TCP & UDP– Modify socket interface to support new addresses– Handling the interface with the name service
The 6-Bone• The Similar to the M-Bone, Initially the
connectivity is achieved by tunneling
• IPv6 packet will be encapsulated within IPv4 packets.