8/11/2019 Chapter4 5th Aug 2009
1/149
Network Layer 4-1
Chapter 4Network Layer
A note on the use of these ppt slides:Were making these slides freely available to all (faculty, students, readers).Theyre in PowerPoint form so you can add, modify, and delete slides(including this one) and slide content to suit your needs. They obviouslyrepresent a lot of work on our part. In return for use, we only ask thefollowing:
If you use these slides (e.g., in a class) in substantially unaltered form,that you mention their source (after all, wed like people to use our book!) If you post any slides in substantially unaltered form on a www site, that
you note that they are adapted from (or perhaps identical to) our slides, andnote our copyright of this material.
Thanks and enjoy! JFK/KWR
All material copyright 1996-2009
J.F Kurose and K.W. Ross, All Rights Reserved
Computer Networking:A Top Down Approach5 th edition.Jim Kurose, Keith RossAddison-Wesley, April2009.
8/11/2019 Chapter4 5th Aug 2009
2/149
Network Layer 4-2
Chapter 4: Network Layer
Chapter goals: understand principles behind network layerservices:
network layer service modelsforwarding versus routinghow a router worksrouting (path selection)
dealing with scaleadvanced topics: IPv6, mobility
instantiation, implementation in the Internet
8/11/2019 Chapter4 5th Aug 2009
3/149
Network Layer 4-3
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks
4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram formatIPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPFBGP
4.7 Broadcast andmulticast routing
8/11/2019 Chapter4 5th Aug 2009
4/149
Network Layer 4-4
Network layertransport segment fromsending to receiving hoston sending sideencapsulates segmentsinto datagramson rcving side, deliverssegments to transportlayernetwork layer protocolsin every host, routerrouter examines headerfields in all IP datagramspassing through it
applicationtransport
network data linkphysical
applicationtransportnetwork
data linkphysical
networkdata linkphysical network
data linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata link
physical networkdata linkphysical
8/11/2019 Chapter4 5th Aug 2009
5/149
Network Layer 4-5
Two Key Network-Layer Functions
forwarding: movepackets from routersinput to appropriate
router outputrouting: determineroute taken by
packets from sourceto dest.
routing algorithms
analogy:
routing: process of
planning trip fromsource to dest
forwarding: process
of getting throughsingle interchange
8/11/2019 Chapter4 5th Aug 2009
6/149
Network Layer 4-6
1
23
0111
value in arrivingpackets header
routing algorithm
local forwarding tableheader value output link
01000101
01111001
32
21
Interplay between routing and forwarding
8/11/2019 Chapter4 5th Aug 2009
7/149
Network Layer 4-7
Connection setup
3rd important function in some network architectures:ATM, frame relay, X.25
before datagrams flow, two end hosts and intervening
routers establish virtual connectionrouters get involvednetwork vs transport layer connection service:
network: between two hosts (may also involve
intervening routers in case of VCs)transport: between two processes
8/11/2019 Chapter4 5th Aug 2009
8/149
Network Layer 4-8
Network service modelQ: What service model for channel transportingdatagrams from sender to receiver?
Example services for
individual datagrams:guaranteed deliveryguaranteed deliverywith less than 40 msec
delay
Example services for aflow of datagrams:in-order datagramdeliveryguaranteed minimumbandwidth to flowrestrictions onchanges in inter-packet spacing
8/11/2019 Chapter4 5th Aug 2009
9/149
Network Layer 4-9
Network layer service models:
Network Architecture
Internet
ATM
ATM
ATM
ATM
ServiceModel
best effort
CBR
VBR
ABR
UBR
Bandwidth
none
constantrateguaranteedrateguaranteed
minimumnone
Loss
no
yes
yes
no
no
Order
no
yes
yes
yes
yes
Timing
no
yes
yes
no
no
Congestionfeedback
no (inferredvia loss )nocongestionnocongestionyes
no
Guarantees ?
8/11/2019 Chapter4 5th Aug 2009
10/149
Network Layer 4-10
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks
4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram formatIPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPF
BGP4.7 Broadcast andmulticast routing
8/11/2019 Chapter4 5th Aug 2009
11/149
Network Layer 4-11
Network layer connection andconnection-less service
datagram network provides network-layerconnectionless serviceVC network provides network-layerconnection serviceanalogous to the transport-layer services,but:
service: host-to-hostno choice: network provides one or the otherimplementation: in network core
8/11/2019 Chapter4 5th Aug 2009
12/149
Network Layer 4-12
Virtual circuits
call setup, teardown for each call before data can floweach packet carries VC identifier (not destination hostaddress)
every router on source- dest path maintains state foreach passing connectionlink, router resources (bandwidth, buffers) may beallocated to VC (dedicated resources = predictable service)
source -to-dest path behaves much like telephonecircuit
performance-wisenetwork actions along source-to-dest path
8/11/2019 Chapter4 5th Aug 2009
13/149
Network Layer 4-13
VC implementation
a VC consists of:1. path from source to destination2. VC numbers, one number for each link along
path3. entries in forwarding tables in routers along
pathpacket belonging to VC carries VC number(rather than dest address)VC number can be changed on each link.
New VC number comes from forwarding table
8/11/2019 Chapter4 5th Aug 2009
14/149
Network Layer 4-14
Forwarding table12 22 32
1 23
VC number
interfacenumber
Incoming interface Incoming VC # Outgoing interface Outgoing VC #
1 12 3 222 63 1 183 7 2 171 97 3 87
Forwarding table innorthwest router:
Routers maintain connection state information!
8/11/2019 Chapter4 5th Aug 2009
15/149
Network Layer 4-15
Virtual circuits: signaling protocols
used to setup, maintain teardown VCused in ATM, frame-relay, X.25not used in todays Internet
applicationtransportnetwork data linkphysical
applicationtransport
network data linkphysical
1. Initiate call 2. incoming call 3. Accept call 4. Call connected
5. Data flow begins 6. Receive data
8/11/2019 Chapter4 5th Aug 2009
16/149
Network Layer 4-16
Datagram networksno call setup at network layerrouters: no state about end-to-end connections
no network- level concept of connection packets forwarded using destination host address
packets between same source-dest pair may take
different paths
applicationtransportnetwork data linkphysical
application
transportnetwork data linkphysical
1. Send data 2. Receive data
8/11/2019 Chapter4 5th Aug 2009
17/149
Network Layer 4-17
Forwarding table
Destination Address Range Link Interface
11001000 00010111 00010000 00000000 through 0
11001000 00010111 00010111 11111111
11001000 00010111 00011000 00000000 through 1
11001000 00010111 00011000 11111111
11001000 00010111 00011001 00000000 through 2
11001000 00010111 00011111 11111111
otherwise 3
4 billionpossible entries
8/11/2019 Chapter4 5th Aug 2009
18/149
8/11/2019 Chapter4 5th Aug 2009
19/149
Network Layer 4-19
Datagram or VC network: why?
Internet (datagram) data exchange amongcomputers
elastic service, no stricttiming req.
smart end systems(computers)
can adapt, performcontrol, error recovery
simple inside network,complexity at edge many link types
different characteristicsuniform service difficult
ATM (VC) evolved from telephonyhuman conversation:
strict timing, reliability
requirementsneed for guaranteedservice
dumb end systems telephonescomplexity insidenetwork
8/11/2019 Chapter4 5th Aug 2009
20/149
8/11/2019 Chapter4 5th Aug 2009
21/149
Network Layer 4-21
Router Architecture Overview
Two key router functions: run routing algorithms/protocol (RIP, OSPF, BGP)forwarding datagrams from incoming to outgoing link
8/11/2019 Chapter4 5th Aug 2009
22/149
Network Layer 4-22
Input Port Functions
Decentralized switching : given datagram dest., lookup output portusing forwarding table in input port
memorygoal: complete input port processing atline speed queuing: if datagrams arrive faster thanforwarding rate into switch fabric
Physical layer: bit-level reception
Data link layer:e.g., Ethernetsee chapter 5
8/11/2019 Chapter4 5th Aug 2009
23/149
Network Layer 4-23
Three types of switching fabrics
8/11/2019 Chapter4 5th Aug 2009
24/149
Network Layer 4-24
Switching Via MemoryFirst generation routers:
traditional computers with switching under directcontrol of CPUpacket copied to systems memory speed limited by memory bandwidth (2 bus
crossings per datagram)InputPort
OutputPort
Memory
System Bus
8/11/2019 Chapter4 5th Aug 2009
25/149
Network Layer 4-25
Switching Via a Bus
datagram from input port memory
to output port memory via a sharedbusbus contention: switching speedlimited by bus bandwidth
32 Gbps bus, Cisco 5600: sufficientspeed for access and enterpriserouters
8/11/2019 Chapter4 5th Aug 2009
26/149
Network Layer 4-26
Switching Via An InterconnectionNetwork
overcome bus bandwidth limitationsBanyan networks, other interconnection nets
initially developed to connect processors inmultiprocessoradvanced design: fragmenting datagram into fixedlength cells, switch cells through the fabric.
Cisco 12000: switches 60 Gbps through theinterconnection network
8/11/2019 Chapter4 5th Aug 2009
27/149
Network Layer 4-27
Output Ports
Buffering required when datagrams arrive fromfabric faster than the transmission rateScheduling discipline chooses among queueddatagrams for transmission
8/11/2019 Chapter4 5th Aug 2009
28/149
Network Layer 4-28
Output port queueing
buffering when arrival rate via switch exceedsoutput line speedqueueing (delay) and loss due to output portbuffer overflow!
8/11/2019 Chapter4 5th Aug 2009
29/149
Network Layer 4-29
How much buffering?
RFC 3439 rule of thumb: average bufferingequal to typical RTT (say 250 msec) timeslink capacity C
e.g., C = 10 Gps link: 2.5 Gbit bufferRecent recommendation: with N flows,buffering equal to RTT C.
N
8/11/2019 Chapter4 5th Aug 2009
30/149
Network Layer 4-30
Input Port QueuingFabric slower than input ports combined -> queueingmay occur at input queuesHead-of-the-Line (HOL) blocking: queued datagramat front of queue prevents others in queue frommoving forwardqueueing delay and loss due to input buffer overflow!
8/11/2019 Chapter4 5th Aug 2009
31/149
Network Layer 4-31
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram formatIPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPF
BGP4.7 Broadcast andmulticast routing
8/11/2019 Chapter4 5th Aug 2009
32/149
Network Layer 4-32
The Internet Network layer
forwardingtable
Host, router network layer functions:
Routing protocols
path selectionRIP, OSPF, BGP
IP protocoladdressing conventionsdatagram formatpacket handling conventions
ICMP protocolerror reportingrouter signaling
Transport layer: TCP, UDP
Link layer
physical layer
Networklayer
8/11/2019 Chapter4 5th Aug 2009
33/149
Network Layer 4-33
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram formatIPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPF
BGP4.7 Broadcast andmulticast routing
d f
8/11/2019 Chapter4 5th Aug 2009
34/149
Network Layer 4-34
IP datagram format
ver length
32 bits
data(variable length,typically a TCP
or UDP segment)
16-bit identifier header
checksum time to
live
32 bit source IP address
IP protocol versionnumber
header length(bytes)
max numberremaining hops
(decremented ateach router)
forfragmentation/reassembly
total datagramlength (bytes)
upper layer protocolto deliver payload to
head.len
type ofservice
type of data flgs fragment
offset upperlayer
32 bit destination IP address
Options (if any) E.g. timestamp,record routetaken, specifylist of routersto visit.
how much overheadwith TCP?20 bytes of TCP20 bytes of IP= 40 bytes + app
layer overhead
8/11/2019 Chapter4 5th Aug 2009
35/149
Network Layer 4-35
IP Fragmentation & Reassemblynetwork links have MTU(max.transfer size) - largestpossible link-level frame.
different link types,different MTUs
large IP datagram divided
(fragmented) within net one datagram becomesseveral datagramsreassembled only at finaldestination
IP header bits used toidentify, order relatedfragments
fragmentation:in: one large datagramout: 3 smaller datagrams
reassembly
8/11/2019 Chapter4 5th Aug 2009
36/149
Network Layer 4-36
IP Fragmentation and Reassembly
ID=x
offset=0
fragflag=0
length=4000
ID=x
offset=0
fragflag=1
length=1500
ID=x
offset=185
fragflag=1
length=1500
ID=x
offset=370
fragflag=0
length=1040
One large datagram becomesseveral smaller datagrams
Example 4000 bytedatagramMTU = 1500 bytes
1480 bytes indata field
offset =1480/8
8/11/2019 Chapter4 5th Aug 2009
37/149
Network Layer 4-37
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram formatIPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPF
BGP4.7 Broadcast andmulticast routing
8/11/2019 Chapter4 5th Aug 2009
38/149
Network Layer 4-38
IP Addressing: introduction
IP address: 32-bitidentifier for host,router interface interface: connection
between host/routerand physical linkrouters typically havemultiple interfaceshost typically has one
interfaceIP addressesassociated with eachinterface
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2 223.1.3.1
223.1.3.27
223.1.1.1 = 11011111 00000001 00000001 00000001
223 1 1 1
8/11/2019 Chapter4 5th Aug 2009
39/149
Network Layer 4-39
Subnets
IP address: subnet part (highorder bits)host part (low orderbits)
Whats a subnet ? device interfaces withsame subnet part of IPaddresscan physically reacheach other withoutintervening router
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2 223.1.3.1
223.1.3.27
network consisting of 3 subnets
subnet
8/11/2019 Chapter4 5th Aug 2009
40/149
Network Layer 4-40
Subnets 223.1.1.0/24 223.1.2.0/24
223.1.3.0/24
RecipeTo determine thesubnets, detach eachinterface from itshost or router,creating islands ofisolated networks.Each isolated network
is called a subnet .Subnet mask: /24
8/11/2019 Chapter4 5th Aug 2009
41/149
Network Layer 4-41
Subnets
How many? 223.1.1.1
223.1.1.3
223.1.1.4
223.1.2.2 223.1.2.1
223.1.2.6
223.1.3.2 223.1.3.1
223.1.3.27
223.1.1.2
223.1.7.0
223.1.7.1 223.1.8.0 223.1.8.1
223.1.9.1
223.1.9.2
8/11/2019 Chapter4 5th Aug 2009
42/149
8/11/2019 Chapter4 5th Aug 2009
43/149
Network Layer 4-43
IP addresses: how to get one?
Q: How does a host get IP address?
hard-coded by system admin in a fileWindows: control-panel->network->configuration->tcp/ip->propertiesUNIX: /etc/rc.config
DHCP: D ynamic Host Configuration Protocol:dynamically get address from as server
plug-and- play
8/11/2019 Chapter4 5th Aug 2009
44/149
Network Layer 4-44
DHCP: Dynamic Host Configuration Protocol
Goal: allow host to dynamically obtain its IP address fromnetwork server when it joins networkCan renew its lease on address in useAllows reuse of addresses (only hold address while connected an
on) Support for mobile users who want to join network (more shortly)
DHCP overview:host broadcasts DHCP discover msg [optional]
DHCP server responds with DHCP offer msg[optional]host requests IP address: DHCP request msg DHCP server sends address: DHCP ack msg
8/11/2019 Chapter4 5th Aug 2009
45/149
Network Layer 4-45
DHCP client-server scenario
223.1.1.1
223.1.1.2
223.1.1.3
223.1.1.4 223.1.2.9
223.1.2.2
223.1.2.1
223.1.3.2 223.1.3.1
223.1.3.27
A
BE
DHCPserver
arriving DHCPclient needsaddress in thisnetwork
8/11/2019 Chapter4 5th Aug 2009
46/149
Network Layer 4-46
DHCP client-server scenarioDHCP server: 223.1.2.5 arriving
client
time
DHCP discover
src : 0.0.0.0, 68dest.: 255.255.255.255,67yiaddr: 0.0.0.0transaction ID: 654
DHCP offer src: 223.1.2.5, 67dest: 255.255.255.255, 68yiaddrr: 223.1.2.4transaction ID: 654Lifetime: 3600 secs
DHCP request src: 0.0.0.0, 68dest:: 255.255.255.255, 67yiaddrr: 223.1.2.4transaction ID: 655Lifetime: 3600 secs
DHCP ACK src: 223.1.2.5, 67dest: 255.255.255.255, 68yiaddrr: 223.1.2.4transaction ID: 655Lifetime: 3600 secs
8/11/2019 Chapter4 5th Aug 2009
47/149
Network Layer 4-47
DHCP: more than IP address
DHCP can return more than just allocated IPaddress on subnet:
address of first-hop router for client
name and IP address of DNS severnetwork mask (indicating network versus hostportion of address)
8/11/2019 Chapter4 5th Aug 2009
48/149
Network Layer 4-48
DHCP: example
connecting laptop needs its
IP address, addr of first-hop router, addr of DNSserver: use DHCP
router(runs DHCP)
DHCPUDP
IPEthPhy
DHCP
DHCP
DHCP
DHCP
DHCP
DHCPUDPIP
EthPhy
DHCP
DHCP
DHCP
DHCPDHCP
DHCP request encapsulatedin UDP, encapsulated in IP,encapsulated in 802.1EthernetEthernet frame broadcast(dest: FFFFFFFFFFFF) on LAN,received at router runningDHCP server
Ethernet demuxed to IPdemuxed, UDP demuxed toDHCP
168.1.1.1
8/11/2019 Chapter4 5th Aug 2009
49/149
Network Layer 4-49
DCP server formulatesDHCP ACK containingclients IP address, IPaddress of first-hoprouter for client, name &IP address of DNS server
router(runs DHCP)
DHCPUDP
IPEthPhy
DHCP
DHCP
DHCP
DHCP
DHCPUDPIP
EthPhy
DHCP
DHCP
DHCP
DHCP
DHCP
encapsulation of DHCP
server, frame forwardedto client, demuxing up toDHCP at clientclient now knows its IPaddress, name and IPaddress of DSN server, IPaddress of its first-hoprouter
DHCP: example
8/11/2019 Chapter4 5th Aug 2009
50/149
Network Layer 4-50
DHCP: wiresharkoutput (home LAN)
Message type: Boot Reply (2)Hardware type: EthernetHardware address length: 6Hops: 0Transaction ID: 0x6b3a11b7Seconds elapsed: 0Bootp flags: 0x0000 (Unicast)Client IP address: 192.168.1.101 (192.168.1.101)Your (client) IP address: 0.0.0.0 (0.0.0.0)Next server IP address: 192.168.1.1 (192.168.1.1)Relay agent IP address: 0.0.0.0 (0.0.0.0)Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)Server host name not givenBoot file name not givenMagic cookie: (OK)Option: (t=53,l=1) DHCP Message Type = DHCP ACK
Option: (t=54,l=4) Server Identifier = 192.168.1.1Option: (t=1,l=4) Subnet Mask = 255.255.255.0Option: (t=3,l=4) Router = 192.168.1.1Option: (6) Domain Name Server
Length: 12; Value: 445747E2445749F244574092;IP Address: 68.87.71.226;IP Address: 68.87.73.242;IP Address: 68.87.64.146
Option: (t=15,l=20) Domain Name = "hsd1.ma.comcast.net."
reply
Message type: Boot Request (1)Hardware type: EthernetHardware address length: 6Hops: 0Transaction ID: 0x6b3a11b7Seconds elapsed: 0Bootp flags: 0x0000 (Unicast)Client IP address: 0.0.0.0 (0.0.0.0)Your (client) IP address: 0.0.0.0 (0.0.0.0)Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 0.0.0.0 (0.0.0.0)Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)Server host name not givenBoot file name not givenMagic cookie: (OK)Option: (t=53,l=1) DHCP Message Type = DHCP RequestOption: (61) Client identifier
Length: 7; Value: 010016D323688A;Hardware type: EthernetClient MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)
Option: (t=50,l=4) Requested IP Address = 192.168.1.101Option: (t=12,l=5) Host Name = "nomad"Option: (55) Parameter Request List
Length: 11; Value: 010F03062C2E2F1F21F92B1 = Subnet Mask; 15 = Domain Name3 = Router; 6 = Domain Name Server44 = NetBIOS over TCP/IP Name Server
request
8/11/2019 Chapter4 5th Aug 2009
51/149
Network Layer 4-51
IP addresses: how to get one?
Q: How does network get subnet part of IPaddr?A: gets allocated portion of its provider ISPs
address space
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20
Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23
Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23... .. . . Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23
8/11/2019 Chapter4 5th Aug 2009
52/149
Network Layer 4-52
Hierarchical addressing: route aggregation
Send me anything with addressesbeginning200.23.16.0/20
200.23.16.0/23
200.23.18.0/23
200.23.30.0/23
Fly-By-Night-ISP
Organization 0
Organization 7Internet
Organization 1
ISPs-R-Us Send me anything with addressesbeginning199.31.0.0/16
200.23.20.0/23Organization 2
. . .
. . .
Hierarchical addressing allows efficient advertisement of routinginformation:
8/11/2019 Chapter4 5th Aug 2009
53/149
Network Layer 4-53
Hierarchical addressing: more specificroutes
ISPs-R-Us has a more specific route to Organization 1
Send me anything with addressesbeginning200.23.16.0/20
200.23.16.0/23
200.23.18.0/23
200.23.30.0/23
Fly-By-Night-ISP
Organization 0
Organization 7Internet
Organization 1
ISPs-R-Us Send me anything with addressesbeginning 199.31.0.0/16or 200.23.18.0/23
200.23.20.0/23Organization 2
. . .
. . .
8/11/2019 Chapter4 5th Aug 2009
54/149
Network Layer 4-54
IP addressing: the last word...
Q: How does an ISP get block of addresses?A: ICANN: I nternet Corporation for Assigned
Names and Numbers
allocates addressesmanages DNSassigns domain names, resolves disputes
8/11/2019 Chapter4 5th Aug 2009
55/149
Network Layer 4-55
NAT: Network Address Translation
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
138.76.29.7
local network(e.g., home network)
10.0.0/24
rest ofInternet
Datagrams with source ordestination in this networkhave 10.0.0/24 address forsource, destination (as usual)
All datagrams leaving localnetwork have same single source
NAT IP address: 138.76.29.7,different source port numbers
8/11/2019 Chapter4 5th Aug 2009
56/149
Network Layer 4-56
NAT: Network Address Translation
Motivation: local network uses just one IP address asfar as outside world is concerned:
range of addresses not needed from ISP: just one IPaddress for all devicescan change addresses of devices in local networkwithout notifying outside worldcan change ISP without changing addresses ofdevices in local networkdevices inside local net not explicitly addressable,visible by outside world (a security plus).
8/11/2019 Chapter4 5th Aug 2009
57/149
Network Layer 4-57
NAT: Network Address TranslationImplementation: NAT router must:
outgoing datagrams: replace (source IP address, port#) of every outgoing datagram to (NAT IP address,new port #)
. . . remote clients/servers will respond using (NATIP address, new port #) as destination addr.
remember (in NAT translation table) every (sourceIP address, port #) to (NAT IP address, new port #)translation pair
incoming datagrams: replace (NAT IP address, newport #) in dest fields of every incoming datagramwith corresponding (source IP address, port #)stored in NAT table
8/11/2019 Chapter4 5th Aug 2009
58/149
Network Layer 4-58
NAT: Network Address Translation
10.0.0.1
10.0.0.2
10.0.0.3
S: 10.0.0.1, 3345D: 128.119.40.186, 80
110.0.0.4
138.76.29.7
1: host 10.0.0.1sends datagram to128.119.40.186, 80
NAT translation tableWAN side addr LAN side addr138.76.29.7, 5001 10.0.0.1, 3345
S: 128.119.40.186, 80D: 10.0.0.1, 3345 4
S: 138.76.29.7, 5001D: 128.119.40.186, 802
2: NAT routerchanges datagramsource addr from10.0.0.1, 3345 to138.76.29.7, 5001,
updates table
S: 128.119.40.186, 80D: 138.76.29.7, 5001 33: Reply arrivesdest. address:138.76.29.7, 5001
4: NAT routerchanges datagramdest addr from138.76.29.7, 5001 to 10.0.0.1, 3345
8/11/2019 Chapter4 5th Aug 2009
59/149
Network Layer 4-59
NAT: Network Address Translation
16-bit port-number field:60,000 simultaneous connections with a singleLAN-side address!
NAT is controversial:routers should only process up to layer 3violates end-to-end argument
NAT possibility must be taken into account by app
designers, eg, P2P applicationsaddress shortage should instead be solved byIPv6
8/11/2019 Chapter4 5th Aug 2009
60/149
Network Layer 4-60
NAT traversal problem
client wants to connect toserver with address 10.0.0.1server address 10.0.0.1 localto LAN (client cant use it asdestination addr)
only one externally visibleNATted address: 138.76.29.7solution 1: staticallyconfigure NAT to forwardincoming connection
requests at given port toservere.g., (123.76.29.7, port 2500)always forwarded to 10.0.0.1port 25000
10.0.0.1
10.0.0.4
NATrouter
138.76.29.7
Client ?
8/11/2019 Chapter4 5th Aug 2009
61/149
Network Layer 4-61
NAT traversal problem
solution 2: Universal Plug andPlay (UPnP) Internet GatewayDevice (IGD) Protocol. AllowsNATted host to:
learn public IP address(138.76.29.7)add/remove port mappings(with lease times)
i.e., automate static NAT portmap configuration
10.0.0.1
10.0.0.4
NATrouter
138.76.29.7
IGD
8/11/2019 Chapter4 5th Aug 2009
62/149
Network Layer 4-62
NAT traversal problem
solution 3: relaying (used in Skype)NATed client establishes connection to relayExternal client connects to relayrelay bridges packets between to connections
138.76.29.7Client
10.0.0.1
NATrouter
1. connection torelay initiatedby NATted host
2. connection torelay initiatedby client
3. relayingestablished
8/11/2019 Chapter4 5th Aug 2009
63/149
8/11/2019 Chapter4 5th Aug 2009
64/149
Network Layer 4-64
ICMP: Internet Control Message Protocol
used by hosts & routers tocommunicate network-levelinformation
error reporting:unreachable host, network,
port, protocolecho request/reply (usedby ping)
network- layer above IP: ICMP msgs carried in IPdatagrams
ICMP message: type, code plusfirst 8 bytes of IP datagramcausing error
Type Code description0 0 echo reply (ping)3 0 dest. network unreachable3 1 dest host unreachable3 2 dest protocol unreachable
3 3 dest port unreachable3 6 dest network unknown3 7 dest host unknown4 0 source quench (congestion
control - not used)8 0 echo request (ping)9 0 route advertisement10 0 router discovery11 0 TTL expired12 0 bad IP header
8/11/2019 Chapter4 5th Aug 2009
65/149
Network Layer 4-65
Traceroute and ICMP
Source sends series ofUDP segments to dest
First has TTL =1Second has TTL=2, etc.Unlikely port number
When nth datagram arrivesto nth router:
Router discards datagramAnd sends to source anICMP message (type 11,code 0)Message includes name ofrouter& IP address
When ICMP messagearrives, source calculatesRTTTraceroute does this 3times
Stopping criterionUDP segment eventuallyarrives at destination hostDestination returns ICMP
host unreachable packet(type 3, code 3)When source gets thisICMP, stops.
8/11/2019 Chapter4 5th Aug 2009
66/149
Network Layer 4-66
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram formatIPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPF
BGP4.7 Broadcast andmulticast routing
8/11/2019 Chapter4 5th Aug 2009
67/149
8/11/2019 Chapter4 5th Aug 2009
68/149
Network Layer 4-68
IPv6 Header (Cont)
Priority: identify priority among datagrams in flowFlow Label: identify datagrams in same flow.(concept offlow not well defined).
Next header: identify upper layer protocol for data
8/11/2019 Chapter4 5th Aug 2009
69/149
Network Layer 4-69
Other Changes from IPv4
Checksum : removed entirely to reduceprocessing time at each hopOptions: allowed, but outside of header,
indicated by Next Header field ICMPv6: new version of ICMPadditional message types, e.g. Packet Too Big multicast group management functions
8/11/2019 Chapter4 5th Aug 2009
70/149
Network Layer 4-70
Transition From IPv4 To IPv6
Not all routers can be upgraded simultaneousno flag days How will the network operate with mixed IPv4 andIPv6 routers?
Tunneling: IPv6 carried as payload in IPv4datagram among IPv4 routers
T li
8/11/2019 Chapter4 5th Aug 2009
71/149
Network Layer 4-71
TunnelingA B E F
IPv6 IPv6 IPv6 IPv6
tunnelLogical view:
Physical view:A B E F
IPv6 IPv6 IPv6 IPv6IPv4 IPv4
T li
8/11/2019 Chapter4 5th Aug 2009
72/149
Network Layer 4-72
TunnelingA B E F
IPv6 IPv6 IPv6 IPv6
tunnelLogical view:
Physical view:A B E F
IPv6 IPv6 IPv6 IPv6
C D
IPv4 IPv4
Flow: XSrc: ADest: F
data
Flow: XSrc: ADest: F
data
Flow: XSrc: ADest: F
data
Src:BDest: E
Flow: XSrc: ADest: F
data
Src:BDest: E
A-to-B:IPv6
E-to-F:IPv6B-to-C:IPv6 inside
IPv4
B-to-C:IPv6 inside
IPv4
8/11/2019 Chapter4 5th Aug 2009
73/149
Network Layer 4-73
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram formatIPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPF
BGP4.7 Broadcast andmulticast routing
8/11/2019 Chapter4 5th Aug 2009
74/149
8/11/2019 Chapter4 5th Aug 2009
75/149
Network Layer 4-75
u
y x
w v
z2
2 1
3
1
1
2
5 3
5
Graph: G = (N,E)
N = set of routers = { u, v, w, x, y, z }
E = set of links ={ (u,v), (u,x), (v,x), (v,w), (x,w), (x,y), (w,y), (w,z), (y,z) }
Graph abstraction
Remark: Graph abstraction is useful in other network contexts
Example: P2P, where N is set of peers and E is set of TCP connections
8/11/2019 Chapter4 5th Aug 2009
76/149
Network Layer 4-76
Graph abstraction: costs
u
y x
w v
z2
2
1 3
1
1
2
5 3
5 c(x,x) = cost of link (x,x)
- e.g., c(w,z) = 5
cost could always be 1, or
inversely related to bandwidth,or inversely related tocongestion
Cost of path (x 1, x2, x3,, xp) = c(x1,x2) + c(x2,x3) + + c(xp-1,xp)
Question: Whats the least -cost path between u and z ?
Routing algorithm: algorithm that finds least-cost path
8/11/2019 Chapter4 5th Aug 2009
77/149
Network Layer 4-77
Routing Algorithm classification
Global or decentralizedinformation? Global:
all routers have completetopology, link cost infolink state algorithms
Decentralized: router knows physically-connected neighbors, linkcosts to neighborsiterative process ofcomputation, exchange ofinfo with neighborsdistance vector algorithms
Static or dynamic?Static: routes change slowlyover time
Dynamic: routes change morequickly
periodic updatein response to linkcost changes
h k
8/11/2019 Chapter4 5th Aug 2009
78/149
Network Layer 4-78
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram formatIPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPF
BGP4.7 Broadcast andmulticast routing
8/11/2019 Chapter4 5th Aug 2009
79/149
Network Layer 4-79
A Link-State Routing Algorithm
Dijkstras algorithm net topology, link costsknown to all nodes
accomplished via linkstate broadcastall nodes have same info
computes least cost pathsfrom one node (source) toall other nodes
gives forwarding table for that nodeiterative: after kiterations, know least costpath to k dest.s
Notation: c(x,y): link cost from nodex to y; = if not directneighbors
D(v): current value of costof path from source todest. vp(v): predecessor nodealong path from source to vN': set of nodes whoseleast cost path definitivelyknown
k l h
8/11/2019 Chapter4 5th Aug 2009
80/149
Network Layer 4-80
Dijsktras Algorithm
1 Ini t ial izat ion: 2 N' = {u}3 for all nodes v4 if v adjacent to u5 then D(v) = c(u,v)6 else D(v) = 78 L o o p 9 find w not in N' such that D(w) is a minimum10 add w to N'11 update D(v) for all v adjacent to w and not in N' :12 D(v) = min( D(v), D(w) + c(w,v) )13 /* new cost to v is either old cost to v or known14 shortest path cost to w plus cost from w to v */15 un t i l al l nodes in N '
k l h l
8/11/2019 Chapter4 5th Aug 2009
81/149
Network Layer 4-81
Dijkstras algorithm: example
Step0123
45
N'u
uxuxy
uxyv
uxyvwuxyvwz
D(v),p(v)2,u2,u2,u
D(w),p(w)5,u4,x3,y3,y
D(x),p(x)1,u D(y),p(y) 2,x
D(z),p(z)
4,y4,y
4,y
u
y x
w v z
2 2
1 3
1
1 2
5 3
5
ijk l i h l (2)
8/11/2019 Chapter4 5th Aug 2009
82/149
Network Layer 4-82
Dijkstras algorithm: example (2)
u
y x
w v
z
Resulting shortest-path tree from u:
vx ywz
(u,v)(u,x)(u,x)(u,x)(u,x)
destination link
Resulting forwarding table in u:
Dijk l i h di i
8/11/2019 Chapter4 5th Aug 2009
83/149
Network Layer 4-83
Dijkstras algorithm, discussion Algorithm complexity: n nodes
each iteration: need to check all nodes, w, not in Nn(n+1)/2 comparisons: O(n 2)more efficient implementations possible: O(nlogn)
Oscillations possible: e.g., link cost = amount of carried traffic
A D
C B
1 1+e
e 0
e 1 1
0 0
A
D
C B
2+e 0
0 0 1+e 1
A
D
C B
0 2+e
1+e 1 0 0
A
D C
B 2+e 0
e 0 1+e 1
initially recompute routing recompute recompute
Ch 4 N k L
8/11/2019 Chapter4 5th Aug 2009
84/149
Network Layer 4-84
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram format
IPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternet
RIPOSPF
BGP4.7 Broadcast andmulticast routing
Di V Al i h
8/11/2019 Chapter4 5th Aug 2009
85/149
Network Layer 4-85
Distance Vector Algorithm
Bellman-Ford Equation (dynamic programming)Definedx(y) := cost of least-cost path from x to y
Then
dx(y) = min {c(x,v) + dv(y) }
where min is taken over all neighbors v of x
v
8/11/2019 Chapter4 5th Aug 2009
86/149
8/11/2019 Chapter4 5th Aug 2009
87/149
Di t t l ith (4)
8/11/2019 Chapter4 5th Aug 2009
88/149
Network Layer 4-88
Distance vector algorithm (4)
Basic idea: From time-to-time, each node sends its owndistance vector estimate to neighborsAsynchronous
When a node x receives new DV estimate fromneighbor, it updates its own DV using B-F equation:D x (y) min v {c(x,v) + D v (y)} for each node y N
Under minor, natural conditions, the estimateD x (y) converge to the actual least cost dx(y)
Di t V t Al ith (5)
8/11/2019 Chapter4 5th Aug 2009
89/149
Network Layer 4-89
Distance Vector Algorithm (5)
Iterative, asynchronous:each local iteration causedby:local link cost changeDV update message from
neighborDistributed: each node notifiesneighbors only when its DVchanges
neighbors then notifytheir neighbors ifnecessary
wait for (change in local linkcost or msg from neighbor)
recompute estimates
if DV to any dest haschanged, notify neighbors
Each node:
Dx(y) = min{c(x,y) + D y(y), c(x,z) + Dz(y)}= min{2+0 , 7+1} = 2
D x (z) = min{c(x,y) +D y (z), c(x,z) + D z (z) }
8/11/2019 Chapter4 5th Aug 2009
90/149
Network Layer 4-90
x y z
x yz
0 2 7
f r o m
cost to
f r o m
f r o m
x y z
x yz
0
f r o m
cost to
x y zx
yz
cost to
x y zx
yz
7 1 0
cost to
2 0 1
2 0 17 1 0
time
x z1 2
7
y
node x table
node y table
node z table
{ , } y= min{2+1 , 7+0} = 3
32
Dx(y) = min{c(x,y) + D y(y), c(x,z) + Dz(y)}= min{2+0 , 7+1} = 2
D x (z) = min{c(x,y) +D y (z), c(x,z) + D z (z) }
8/11/2019 Chapter4 5th Aug 2009
91/149
Network Layer 4-91
x y z
x yz
0 2 7
f r o m
cost to
f r o m
f r o m
x y zx
yz
0 2 3
f r o m
cost tox y z
x yz
0 2 3
f r o m
cost to
x y zx
yz
cost tox y z
x yz
0 2 7
f r o m
cost to
x y zx
yz
0 2 3
f r o m
cost to
x y zx
yz
0 2 3
f r o m
cost to
x y zx
yz
0 2 7
f r o m
cost to
x y zx
yz
7 1 0
cost to
2 0 1
2 0 17 1 0
2 0 17 1 0
2 0 13 1 0
2 0 13 1 0
2 0 1
3 1 02 0 1
3 1 0
time
x z1 2
7
y
node x table
node y table
node z table
{ , }= min{2+1 , 7+0} = 3
Di t V t li k t h g
8/11/2019 Chapter4 5th Aug 2009
92/149
Network Layer 4-92
Distance Vector: link cost changes
Link cost changes: node detects local link cost changeupdates routing info, recalculatesdistance vectorif DV changes, notify neighbors
good newstravelsfast
x z 1 4
50
y 1
At time t 0 , y detects the link-cost change, updates its DV,and informs its neighbors.
At time t 1 , z receives the update from y and updates its table.It computes a new least cost to x and sends its neighbors its DV
At time t 2 , y receives z s update and updates its distance table.y s least costs do not change and hence y does not send anymessage to z .
Distance Vector: link cost changes
8/11/2019 Chapter4 5th Aug 2009
93/149
Network Layer 4-93
Distance Vector: link cost changes
Link cost changes: good news travels fastbad news travels slow -count to infinity problem! 44 iterations before
algorithm stabilizes: seetextPoisoned reverse:
If Z routes through Y toget to X :
Z tells Y its (Zs) distanceto X is infinite (so Y wontroute to X via Z)
will this completely solvecount to infinity problem?
x z 1 4
50
y 60
8/11/2019 Chapter4 5th Aug 2009
94/149
Chapter 4: Network Layer
8/11/2019 Chapter4 5th Aug 2009
95/149
Network Layer 4-95
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram format
IPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternetRIPOSPF
BGP4.7 Broadcast andmulticast routing
Hierarchical Routing
8/11/2019 Chapter4 5th Aug 2009
96/149
Network Layer 4-96
Hierarchical Routing
scale: with 200 milliondestinations:cant store all dests inrouting tables!routing table exchangewould swamp links!
administrative autonomy internet = network ofnetworkseach network admin maywant to control routing in itsown network
Our routing study thus far - idealizationall routers identicalnetwork flat
not true in practice
Hierarchical Routing
8/11/2019 Chapter4 5th Aug 2009
97/149
Network Layer 4-97
Hierarchical Routing
aggregate routers intoregions, autonomoussystems (AS) routers in same AS run
same routing protocolintra -AS routing protocolrouters in different AScan run different intra-
AS routing protocol
Gateway routerDirect link to router inanother AS
Interconnected ASes
8/11/2019 Chapter4 5th Aug 2009
98/149
Network Layer 4-98
3b
1d
3a
1c2a AS3
AS1
AS21a
2c 2b
1b
Intra-ASRoutingalgorithm
Inter-ASRoutingalgorithm
Forwardingtable
3c
Interconnected ASes
forwarding tableconfigured by bothintra- and inter-ASrouting algorithm
intra-AS sets entriesfor internal destsinter-AS & intra-Assets entries forexternal dests
Inter-AS tasks AS1 must:
8/11/2019 Chapter4 5th Aug 2009
99/149
Network Layer 4-99
3b
1d
3a
1c2a AS3
AS1AS2
1a
2c 2b
1b
3c
suppose router in AS1receives datagramdestined outside ofAS1:
router shouldforward packet to
gateway router, butwhich one?
AS1 must:1. learn which dests are
reachable throughAS2, which throughAS3
2. propagate thisreachability info to all
routers in AS1Job of inter-AS routing!
Example: Setting forwarding table in router 1d
8/11/2019 Chapter4 5th Aug 2009
100/149
Network Layer 4-100
suppose AS1 learns (via inter-AS protocol) that subnetx reachable via AS3 (gateway 1c) but not via AS2.inter-AS protocol propagates reachability info to allinternal routers.router 1d determines from intra-AS routing info thatits interface I is on the least cost path to 1c.
installs forwarding table entry (x,I)
3b
1d
3a
1c2a AS3
AS1AS2
1a
2c 2b
1b
3c
x
Example: Choosing among multiple ASes
8/11/2019 Chapter4 5th Aug 2009
101/149
Network Layer 4-101
p g g p
now suppose AS1 learns from inter-AS protocol thatsubnet x is reachable from AS3 and from AS2.to configure forwarding table, router 1d mustdetermine towards which gateway it should forwardpackets for dest x.
this is also job of inter-AS routing protocol!
3b
1d
3a
1c 2a AS3
AS1AS2
1a
2c 2b
1b
3c x
Example: Choosing among multiple ASes
8/11/2019 Chapter4 5th Aug 2009
102/149
Network Layer 4-102
Learn from inter-ASprotocol that subnet
x is reachable viamultiple gateways
Use routing info
from intra-ASprotocol to determinecosts of least-cost
paths to eachof the gateways
Hot potato routing:Choose the gateway
that has thesmallest least cost
Determine fromforwarding table theinterface I that leads
to least-cost gateway.Enter (x,I) in
forwarding table
now suppose AS1 learns from inter-AS protocol thatsubnet x is reachable from AS3 and from AS2.to configure forwarding table, router 1d mustdetermine towards which gateway it should forwardpackets for dest x.
this is also job of inter-AS routing protocol!hot potato routing: send packet towards closest oftwo routers.
8/11/2019 Chapter4 5th Aug 2009
103/149
8/11/2019 Chapter4 5th Aug 2009
104/149
Chapter 4: Network Layer
8/11/2019 Chapter4 5th Aug 2009
105/149
Network Layer 4-105
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram format
IPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternetRIPOSPFBGP
4.7 Broadcast andmulticast routing
RIP ( Routing Information Protocol)
8/11/2019 Chapter4 5th Aug 2009
106/149
Network Layer 4-106
RIP ( Routing Information Protocol)
distance vector algorithmincluded in BSD-UNIX Distribution in 1982distance metric: # of hops (max = 15 hops)
D C
B A
u vw
x
yz
destination hopsu 1v 2w 2x 3
y 3z 2
From router A to subnets:
RIP advertisements
8/11/2019 Chapter4 5th Aug 2009
107/149
Network Layer 4-107
RIP advertisements
distance vectors: exchanged amongneighbors every 30 sec via ResponseMessage (also called advertisement )
each advertisement: list of up to 25destination subnets within AS
RIP: Example
8/11/2019 Chapter4 5th Aug 2009
108/149
Network Layer 4-108
RIP: Example
Destination Network Next Router Num. of hops to dest.w A 2y B 2
z B 7x -- 1. . ....
w x y z
A
C
D B
Routing/Forwarding table in D
RIP: Example
8/11/2019 Chapter4 5th Aug 2009
109/149
Network Layer 4-109
Destination Network Next Router Num. of hops to dest.w A 2y B 2z B A 7 5x -- 1. . ....
Routing/Forwarding table in D
w x y
z
A
C
DB
Dest Next hopsw - 1x - 1z C 4. ...
Advertisementfrom A to D
RIP: Link Failure and Recovery
8/11/2019 Chapter4 5th Aug 2009
110/149
Network Layer 4-110
RIP: Link Failure and Recovery If no advertisement heard after 180 sec -->
neighbor/link declared deadroutes via neighbor invalidatednew advertisements sent to neighbors
neighbors in turn send out new advertisements (iftables changed)link failure info quickly (?) propagates to entire net
poison reverse used to prevent ping-pong loops
(infinite distance = 16 hops)
RIP Table processing
8/11/2019 Chapter4 5th Aug 2009
111/149
Network Layer 4-111
RIP Table processing
RIP routing tables managed by application-level process called route-d (daemon)advertisements sent in UDP packets, periodicallyrepeated
physicallink
network forwarding(IP) table
Transprt(UDP)
routed
physicallink
network(IP)
Transprt(UDP)
routed
forwardingtable
Chapter 4: Network Layer
8/11/2019 Chapter4 5th Aug 2009
112/149
Network Layer 4-112
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram format
IPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternetRIPOSPFBGP
4.7 Broadcast andmulticast routing
8/11/2019 Chapter4 5th Aug 2009
113/149
OSPF advanced features (not in RIP)
8/11/2019 Chapter4 5th Aug 2009
114/149
Network Layer 4-114
OSPF advanced features (not in RIP)
security: all OSPF messages authenticated (toprevent malicious intrusion)multiple same-cost path s allowed (only one path inRIP)For each link, multiple cost metrics for differentTOS (e.g., satellite link cost set low for best effort;high for real time)integrated uni- and multicast support:
Multicast OSPF (MOSPF) uses same topology database as OSPF
hierarchical OSPF in large domains.
Hierarchical OSPF
8/11/2019 Chapter4 5th Aug 2009
115/149
Network Layer 4-115
Hierarchical OSPF
Hierarchical OSPF
8/11/2019 Chapter4 5th Aug 2009
116/149
Network Layer 4-116
Hierarchical OSPF
two-level hierarchy: local area, backbone.Link-state advertisements only in areaeach nodes has detailed area topology; only knowdirection (shortest path) to nets in other areas.
area border routers: summarize distances to netsin own area, advertise to other Area Border routers.backbone routers: run OSPF routing limited tobackbone.
boundary routers: connect to other ASs.
Chapter 4: Network Layer
8/11/2019 Chapter4 5th Aug 2009
117/149
Network Layer 4-117
Chapter 4: Network Layer
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside arouter4.4 IP: InternetProtocol
Datagram format
IPv4 addressingICMPIPv6
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternetRIPOSPFBGP
4.7 Broadcast andmulticast routing
Internet inter-AS routing: BGP
8/11/2019 Chapter4 5th Aug 2009
118/149
Network Layer 4-118
Internet inter AS routing: BGP
BGP (Border Gateway Protocol): the defacto standardBGP provides each AS a means to:1. Obtain subnet reachability information from
neighboring ASs.2. Propagate reachability information to all AS-
internal routers.3. Determine good routes to subnets based on
reachability information and policy.allows subnet to advertise its existence torest of Internet: I am here
BGP basics
8/11/2019 Chapter4 5th Aug 2009
119/149
Network Layer 4-119
pairs of routers (BGP peers) exchange routing infoover semi-permanent TCP connections: BGP sessions
BGP sessions need not correspond to physicallinks.when AS2 advertises a prefix to AS1:
AS2 promises it will forward datagrams towardsthat prefix.AS2 can aggregate prefixes in its advertisement
3b
1d
3a
1c2a AS3
AS1
AS21a
2c 2b
1b
3c eBGP session
iBGP session
8/11/2019 Chapter4 5th Aug 2009
120/149
Path attributes & BGP routes
8/11/2019 Chapter4 5th Aug 2009
121/149
Network Layer 4-121
Path attributes & BGP routes
advertised prefix includes BGP attributes.prefix + attributes = route
two important attributes:AS-PATH: contains ASs through which prefixadvertisement has passed: e.g, AS 67, AS 17NEXT-HOP: indicates specific internal-AS routerto next-hop AS. (may be multiple links fromcurrent AS to next-hop-AS)
when gateway router receives routeadvertisement, uses import policy toaccept/decline.
BGP route selection
8/11/2019 Chapter4 5th Aug 2009
122/149
Network Layer 4-122
BGP route selection
router may learn about more than 1 routeto some prefix. Router must select route.elimination rules:
1.local preference value attribute: policydecision
2. shortest AS-PATH3. closest NEXT-HOP router: hot potato routing
4. additional criteria
BGP messages
8/11/2019 Chapter4 5th Aug 2009
123/149
Network Layer 4-123
g
BGP messages exchanged using TCP.BGP messages:OPEN: opens TCP connection to peer andauthenticates sender
UPDATE: advertises new path (or withdraws old)KEEPALIVE keeps connection alive in absence ofUPDATES; also ACKs OPEN requestNOTIFICATION: reports errors in previous msg;also used to close connection
BGP routing policy
8/11/2019 Chapter4 5th Aug 2009
124/149
Network Layer 4-124
g p y
A,B,C are provider networksX,W,Y are customer (of provider networks)X is dual-homed: attached to two networks
X does not want to route from B via X to C.. so X will not advertise to B a route to C
AB
C
WX
Y
legend :
customernetwork:
providernetwork
BGP routing policy (2)
8/11/2019 Chapter4 5th Aug 2009
125/149
Network Layer 4-125
g p y ( )
A advertises path AW to BB advertises path BAW to XShould B advertise path BAW to C?
No way! B gets no revenue for routing CBAWsince neither W nor C are Bs customersB wants to force C to route to w via AB wants to route only to/from its customers!
AB
C
WX
Y
legend :
customernetwork:
providernetwork
Why different Intra- and Inter-AS routing ?
8/11/2019 Chapter4 5th Aug 2009
126/149
Network Layer 4-126
y g
Policy: Inter-AS: admin wants control over how its trafficrouted, who routes through its net.Intra-AS: single admin, so no policy decisions needed
Scale: hierarchical routing saves table size, reduced updatetraffic
Performance: Intra-AS: can focus on performanceInter-AS: policy may dominate over performance
8/11/2019 Chapter4 5th Aug 2009
127/149
8/11/2019 Chapter4 5th Aug 2009
128/149
In-network duplication
8/11/2019 Chapter4 5th Aug 2009
129/149
Network Layer 4-129
p
flooding: when node receives brdcst pckt,sends copy to all neighborsProblems: cycles & broadcast storm
controlled flooding: node only brdcsts pktif it hasnt brdcst same packet before
Node keeps track of pckt ids already brdcstedOr reverse path forwarding (RPF): only forwardpckt if it arrived on shortest path between
node and sourcespanning treeNo redundant packets received by any node
Spanning Tree
8/11/2019 Chapter4 5th Aug 2009
130/149
Network Layer 4-130
A
B
G
D E
c
F
A
B
G
D
E
c
F
(a) Broadcast initiated at A (b) Broadcast initiated at D
p g
First construct a spanning treeNodes forward copies only along spanningtree
Spanning Tree: Creation
8/11/2019 Chapter4 5th Aug 2009
131/149
Network Layer 4-131
A
B
G
D E
c
F 1
2
3
4
5
(a) Stepwise constructionof spanning tree
A
B
G
D E
c
F
(b) Constructed spanningtree
Center node
Each node sends unicast join message to centernode
Message forwarded until it arrives at a node alreadybelonging to spanning tree
Multicast Routing: Problem Statement
8/11/2019 Chapter4 5th Aug 2009
132/149
gGoal: find a tree (or trees) connectingrouters having local mcast group members
tree: not all paths between routers usedsource-based: different tree from each sender to rcvrsshared-tree: same tree used by all group members
Shared tree Source-based trees
Approaches for building mcast trees
8/11/2019 Chapter4 5th Aug 2009
133/149
Approaches for building mcast trees
Approaches:source-based tree: one tree per source
shortest path trees
reverse path forwardinggroup-shared tree: group uses one treeminimal spanning (Steiner)center-based trees
we first look at basic approaches, then specificprotocols adopting these approaches
Shortest Path Tree
8/11/2019 Chapter4 5th Aug 2009
134/149
mcast forwarding tree: tree of shortestpath routes from source to all receiversDijkstras algorithm
R1
R2
R3
R4
R5
R6 R7
21
63 4
5
i
router with attachedgroup member
router with no attachedgroup memberlink used for forwarding,i indicates order linkadded by algorithm
LEGENDS: source
Reverse Path Forwarding
8/11/2019 Chapter4 5th Aug 2009
135/149
g
if (mcast datagram received on incoming linkon shortest path back to center)then flood datagram onto all outgoing links
else ignore datagram
rely on routers knowledge of unicastshortest path from it to sendereach router has simple forwarding behavior:
Reverse Path Forwarding: example
8/11/2019 Chapter4 5th Aug 2009
136/149
result is a source-specific reverse SPT may be a bad choice with asymmetric links
R1
R2
R3
R4
R5
R6 R7
router with attachedgroup member
router with no attached
group memberdatagram will beforwarded
LEGENDS: source
datagram will not beforwarded
8/11/2019 Chapter4 5th Aug 2009
137/149
Shared-Tree: Steiner Tree
8/11/2019 Chapter4 5th Aug 2009
138/149
Steiner Tree: minimum cost treeconnecting all routers with attached groupmembersproblem is NP-completeexcellent heuristics existsnot used in practice:
computational complexityinformation about entire network neededmonolithic: rerun whenever a router needs to
join/leave
Center-based trees
8/11/2019 Chapter4 5th Aug 2009
139/149
single delivery tree shared by allone router identified as center of treeto join:
edge router sends unicast join-msg addressedto center router join-msg processed by intermediate routersand forwarded towards center
join-msg either hits existing tree branch forthis center, or arrives at centerpath taken by join-msg becomes new branch oftree for this router
Center-based trees: an example
8/11/2019 Chapter4 5th Aug 2009
140/149
Suppose R6 chosen as center:
R1
R2
R3
R4
R5
R6 R7
router with attachedgroup memberrouter with no attachedgroup memberpath order in which joinmessages generated
LEGEND
21
3
1
Internet Multicasting Routing: DVMRP
8/11/2019 Chapter4 5th Aug 2009
141/149
g g
DVMRP: distance vector multicast routingprotocol, RFC1075flood and prune: reverse path forwarding,source-based tree
RPF tree based on DVMRPs own routing tablesconstructed by communicating DVMRP routersno assumptions about underlying unicast
initial datagram to mcast group floodedeverywhere via RPFrouters not wanting group: send upstream prunemsgs
DVMRP: continued
8/11/2019 Chapter4 5th Aug 2009
142/149
soft state: DVMRP router periodically (1 min.)forgets branches are pruned:mcast data again flows down unpruned branchdownstream router: reprune or else continue to
receive datarouters can quickly regraft to tree
following IGMP join at leafodds and ends
commonly implemented in commercial routersMbone routing done using DVMRP
Tunneling
8/11/2019 Chapter4 5th Aug 2009
143/149
Q: How to connect islands of multicastrouters in a sea of unicast routers?
mcast datagram encapsulated inside normal (non -multicast-
addressed) datagramnormal IP datagram sent thru tunnel via regular IP unicast toreceiving mcast routerreceiving mcast router unencapsulates to get mcast datagram
physical topology logical topology
PIM: Protocol Independent Multicast
8/11/2019 Chapter4 5th Aug 2009
144/149
p
not dependent on any specific underlying unicastrouting algorithm (works with all)
two different multicast distribution scenarios :
Dense :group membersdensely packed, inclose proximity.
bandwidth moreplentiful
Sparse:# networks with groupmembers small wrt #interconnected networks
group members widelydispersed bandwidth not plentiful
Consequences of Sparse-Dense Dichotomy:
8/11/2019 Chapter4 5th Aug 2009
145/149
q p y
Dense group membership byrouters assumed untilrouters explicitly prune
data-driven constructionon mcast tree (e.g., RPF)bandwidth and non-group-router processing
profligate
Sparse :no membership untilrouters explicitly joinreceiver- driven
construction of mcasttree (e.g., center-based)bandwidth and non-group-router processing
conservative
PIM- Dense Mode
8/11/2019 Chapter4 5th Aug 2009
146/149
flood-and-prune RPF , similar to DVMRP butunderlying unicast protocol provides RPF infofor incoming datagramless complicated (less efficient) downstreamflood than DVMRP reduces reliance onunderlying routing algorithmhas protocol mechanism for router to detect itis a leaf-node router
PIM - Sparse Mode
8/11/2019 Chapter4 5th Aug 2009
147/149
center-based approachrouter sends join msgto rendezvous point(RP)
intermediate routersupdate state andforward join
after joining via RP,router can switch tosource-specific tree
increased performance:less concentration,shorter paths
R1
R2
R3
R4
R5
R6R7
join
join
join
all data multicastfrom rendezvouspoint
rendezvouspoint
PIM - Sparse Mode
8/11/2019 Chapter4 5th Aug 2009
148/149
sender(s):unicast data to RP,which distributes downRP-rooted tree
RP can extend mcasttree upstream tosourceRP can send stop msg
if no attachedreceiversno one is listening!
R1
R2
R3
R4
R5
R6R7
join
join
join
all data multicastfrom rendezvouspoint
rendezvouspoint
Chapter 4: summary
8/11/2019 Chapter4 5th Aug 2009
149/149
4. 1 Introduction4.2 Virtual circuit anddatagram networks4.3 Whats inside a
router4.4 IP: InternetProtocol
Datagram format
IPv4 addressingICMP
4.5 Routing algorithmsLink stateDistance VectorHierarchical routing
4.6 Routing in theInternetRIPOSPFBGP
4.7 Broadcast andl i i