Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3...

Chapter 4: Network Layer

4. 1 Introduction 4.2 Virtual circuit

and datagram networks

4.3 What’s inside a router

4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6

4.5 Routing algorithms Link state Distance Vector Hierarchical routing

4.6 Routing in the Internet RIP OSPF BGP

4.7 Broadcast and multicast routing

Hierarchical OSPF

two-level hierarchy: local area, backbone.

Link-state advertisements only within the area

each nodes has detailed knowledge of its area topology

area border routers: “summarize” distances to nets in own area, advertise to other Area Border routers.

backbone routers: run OSPF routing limited to backbone.

boundary routers: connect to other AS’s.

Perhaps some routers don’t need to know about every link.

C

GH

•ABR C announces link C<->A to Area 1•ABR C announces link C<->E to Backbone•ABR C announces a summary of Area 1 to the Backbone•ABR C announces a summary of the Backbone and other areas to Area 1

•C learns about other areas from the other ABR•……

A

E

Area Border Router Summaries

•Routers in area 1 do not need to know about the paths used to reach destinations in other areas•They only need to know that they can be reached.•In this case, reachbility information is sufficient to compute optimal routes•i.e., the ABR only announces which destinations it can reach.•However, no one would make a topology as shown in the figure•Why?•If a single key links break or router crashes, the network would be partitioned (and the network designer would be fired)

Should the summaries include reachbility information or path metrics?

C

GH


A

B

C

D

EF

G

•ABR C announces to Area 1 that it can reach Area 2 in 1 hops (and includes a list of destinations in Area 2)•ABR F announces to Area 1 that it can reach Area 2 in 0 hops•Router A determines the path to D as follows

•The path to Area 2 via F is 2 hops (2 to reach F and then 0 more to Area 2)•The path to Area 2 via C is 2 hops (1 to C and then 1 more to Area 2)•Either path is good to reach D•However, the path via F is better. A does not have sufficient information to determine this.

e.g., if summaries only include reachbility information

area border router


A

B

C

D

EF

G

•ABR G tells all routers in the Backbone that it can reach D in 2 hop.•ABR F tells all routers in the Backbone that it can reach D in 1 hops•ABR C tells all routers in Area 1 that it can reach D in 3 hops•ABR F tells all routers in Area 1 that it can reach D in 1 hop•A decides B is the best next hop toward D

•In this case, reachability information is not enough to compute optimal routes.•Therefore, ABRs provide distance vector type information, i.e., which destinations can be reached and the cost to reach them

•Notice the C does not announce the link CG to Area 1.•Notice that C gets a summary from G, which is distances to destinations, like distance vector.•C uses the distances from G to determine its distances. •C announces these distances to Area 1•This is like a one hop distance vector protocol

area border router


A

B

C

D

EF

G

•This is like a one hop distance vector protocol•Convergence time: 1•Loops are not possible

C

Area 1

G

F

Area 2

Area 3

A in 1 hopB in 2 hops……

The backbone is completely connected because each router essentially sends distance vector updates directly to its neighbor


area border router

3

2

1

1

2


Chapter 4: Network Layer

4. 1 Introduction 4.2 Virtual circuit

and datagram networks

4.3 What’s inside a router

4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6

4.5 Routing algorithms Link state Distance Vector Hierarchical routing

4.6 Routing in the Internet RIP OSPF BGP

4.7 Broadcast and multicast routing

Recall: Subnets

223.1.1.1

223.1.1.3

223.1.1.4

223.1.2.2223.1.2.1

223.1.2.6

223.1.3.2223.1.3.1

223.1.3.27

223.1.1.2

223.1.7.0

223.1.7.1223.1.8.0223.1.8.1

223.1.9.1

223.1.9.2

IP addressing: CIDR

CIDR: Classless InterDomain Routing subnet portion of address of arbitrary length address format: a.b.c.d/x, where x is # bits in

subnet portion of address

11001000 00010111 00010000 00000000

Subnet part or CIDR-block

hostpart

200.23.16.0/23

IP addresses: how to get one?

Q: How does network get subnet part of IP addr?

A: gets allocated portion of its provider ISP’s address space

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23 ... ….. …. ….

Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

Hierarchical addressing: route aggregation

“Send me anythingwith addresses beginning 200.23.16.0/20”

200.23.16.0/23

200.23.18.0/23

200.23.30.0/23

ISP1

Organization 0

Organization 7 Internet

Organization 1

ISP2“Send me anythingwith addresses beginning 199.31.0.0/16”

200.23.20.0/23Organization 2

...

...

Hierarchical addressing allows efficient advertisement of routing information:

This way, the whole 32 bit address does not need to be examined

Border Router

Hierarchical addressing: more specific routes

ISP2 has a more specific route to Organization 1

“Send me anythingwith addresses beginning 200.23.16.0/20”

200.23.16.0/23

200.23.18.0/23

200.23.30.0/23

ISP1

Organization 0

Organization 7

Organization 1

ISP2“Send me anythingwith addresses beginning 199.31.0.0/16or 200.23.18.0/23”


...

...InternetBorder Router

Longest prefix matching

Prefix Match Link Interface200.23.16.0/20 0 200.23.18.0/23 1199.31.0.0/16 1 otherwise 2

Border Router Forwarding Table

If a packet with destination address 200.23.18.12 arrives at the boarder router, then is it forwarding to interface 0 or 1?Since interface 1 has a longer match, it goes to interface 1

A Problem with Longest Match and subnetting

“Send me anythingwith addresses beginning ……”

200.23.16.0/23

200.23.18.0/23

200.23.30.0/23

ISP1

Organization 0

Organization 7 Internet

Organization 1

ISP2“Send me anythingwith addresses beginning …..


...

...

In order to improve reliability, organization 7 has a backup link with ISP1.This way, if ISP1 has problems or ISP1’s provider has problems, then organization 7 is still reachable.Will this work?

Border Router

Hierarchical Routing

scale: with 200 million destinations: can’t store all dest’s in routing tables!

Memory for address table must be very fast• How fast? How long can an address lookup take on a

10GBit interface?• E.g., 64B/1010=50nsec

routing table exchange would swamp links! There are ~ 1 million links If link state was flooded every 30 minutes

seconds and each link state is 20B, then each router receives and processes 100kbps in link announcements

But, perhaps, only changes in link state could be distributed.

administrative autonomy internet = network of networks each network admin wants to control

routing in its own network ATT does not want Sprint to know what

their topology is• Trade secret• Improves security

ATT wants to select a routing protocol and parameters without getting Sprint’s permission

Our routing study thus far has been an idealization all routers identical network “flat”… not true in practice

Hierarchical Routing

aggregate routers into regions, “autonomous systems” (AS)

Single administrative domain Routers in the same AS run

same routing protocol “intra-AS” routing protocol routers in different AS can run

different intra-AS routing protocol

An ISP may be made of 1 or more ASs

ATT-USA = 1 AS and ATT-Europe is another

Some stub networks are an AS• UD is an AS• Some companies have routers

but are not ASs ASs have their own number,

assigned by ICANN There are ~50K ASs

Gateway router Direct link to router in another

AS Gateway routers run a common

inter-networking routing protocol

C

A

B

10.1.1.0/24

10.1.2.0/24

10.1.4.0/22

Prefix Interface10.1.1.0/24 4

10.1.4.0/223

Forwarding table

AS1

AS2E

These tables are made with RIP, OSPF, ISIS, etc

Stub network (at the edge of the network)

Service provider of AS1 (e.g., AS1=UD and AS2=cogent)

The rest of the internet

Simple example

Connections to other ASs and the rest of the Internet

(Recall that ASs (ISPs) sometimes meet at NAPs. E.g., google: MAE-East)An AS could also meet its provider at a POP.

1

23

4

10.1.2.0/242

1

23


10.1.4.0/223

Forwarding table

10.1.2.0/242

Prefix10.1.1.0/24 3

10.1.4.0/223

Forwarding table

10.1.2.0/242

32

1

AS2E

Service provider of AS1 (e.g., AS1=UD and AS2=cogent)

The rest of the internet

Q: How can routers in AS1 know where to send pkts with destination not in AS1?

A: Easy, if a pkt is for an “unknown” address, then send it to B.Specifically, B advertises a link to prefix 0.0.0.0/0This is called a default route, and it can be statically set (no need for any routing protocol beside OSPF)

C

A

B

10.1.1.0/24

10.1.2.0/24

10.1.4.0/22


10.1.4.0/223

Forwarding table

AS1


Stub network (at the edge of the network)

1

23

4

10.1.2.0/242

1

23


10.1.4.0/223

Forwarding table

10.1.2.0/242

Prefix10.1.1.0/24 3

10.1.4.0/223

Forwarding table

10.1.2.0/242

32

1

0.0.0.0/0 10.0.0.0/0 1

0.0.0.0/0 1

C

A

B

10.1.1.0/24

10.1.1.1/24

10.1.4.0/22

AS1

AS2

AS3

1.1.0.0/16

1.2.0.0/16

2.2.0.0/16

D

E


We need to put prefixes 1.1.0.0/16, 1.2.0.0/16, 2.2.0.0/16 in the forwarding tables

How to get there?1. B must learn from E that 1.1.0.0/16 and 1.2.0.0/16 are reachable through E2. A must learn that 2.2.0.0/16 is reachable through D3. B and A must distribute this information throughout AS1

Steps 1 and 2 need a exterior inter-networking routing protocolStep 3 needs an interior inter-networking routing protocolEBGP and IBGP – border gateway routing protocol can accomplish this


10.1.4.0/223

Forwarding table

12

3

4

10.1.2.0/242

Prefix10.1.1.0/24 3

10.1.4.0/223

Forwarding table

10.1.2.0/242

3 2

1

1

2

3 Prefix Interface10.1.1.0/24 3

10.1.4.0/223

Forwarding table

10.1.2.0/2424

to the rest of the Internet

3b

1d

3a

1c2aAS3

AS1

AS21a

2c2b

1b

Intra-ASRouting algorithm

Inter-ASRouting algorithm

Forwardingtable

3c

Interconnected ASes

forwarding table configured by both intra- and inter-AS routing algorithm intra-AS sets entries

for internal dests inter-AS & intra-As

sets entries for external dests

Example: Setting forwarding table in router 1d

suppose AS1 learns (via inter-AS protocol) that subnet x is reachable via AS3 (gateway 1c) but not via AS2.

inter-AS protocol propagates reachability info to all internal routers. router 1d determines from intra-AS routing info that its interface I is on the

least cost path to 1c. installs forwarding table entry (x,I)

Alternatively, 1d has two table entries One entry says x is reachable via 1c (determined by IBGP) A second entry says which is the next hop to reach 1c (determined by intra-routing protocol)

3b

1d

3a

1c2aAS3

AS1

AS21a

2c2b

1b

3c

x…

Example: Choosing among multiple ASes now suppose AS1 learns from inter-AS protocol that subnet

x is reachable from AS3 and from AS2. to configure forwarding table, router 1d must determine

towards which gateway it should forward packets for dest x. this is also job of inter-AS routing protocol! If both gateways are equivalent, then the intra-AS

routing protocol will route packets to the best gateway• This is called hot potato routing: send packet towards closest of two

routers.

3b

1d

3a

1c2aAS3

AS1

AS21a

2c2b

1b

3cx… …

A

128.4.0.0/16

Hot Potato Routing

AS1

AS2

Pkt arrives with dest in 124.4.0.0/16

•AS2 could give send the pkt to gateway B – hot potato routing.•But AS1 would prefer AS2 to carry its own traffic.•So AS1 might require that AS2 gives higher priority to gateway A.•But how can AS1 enforce AS2 to do this?

B

Learn from inter-AS protocol that subnet x is reachable via multiple gateways

Use routing infofrom intra-AS

protocol to determine

costs of least-cost paths to each

of the gateways

Hot potato routing:Choose the

gatewaythat has the

least cost

Determine fromforwarding table the Interface that leads

to least-cost gateway. Enter (x,I) in

forwarding table

Example: Choosing among multiple ASes

now suppose AS1 learns from inter-AS protocol that subnet x is reachable from AS3 and from AS2.

to configure forwarding table, router 1d must determine which gateway it should forward packets for dest x. this is also job of inter-AS routing protocol!

hot potato routing: send packet towards closest of two routers.

Internet inter-AS routing: BGP

BGP (Border Gateway Protocol): the de facto standard

BGP provides each AS a means to:1. Obtain subnet reachability information from

neighboring ASs.2. Propagate reachability information to all AS-

internal routers.3. Determine “good” routes to subnets based

on reachability information and policy. allows subnet to advertise its existence

to rest of Internet: “I am here”

BGP basics pairs of routers (BGP peers) exchange routing info over semi-

permanent TCP connections: BGP sessions BGP sessions need not correspond to physical links.

when AS2 advertises a prefix to AS1: AS2 promises it will forward datagrams towards that

prefix. AS2 can aggregate prefixes in its advertisement

• But this can cause problems when some prefixes have backup links

3b

1d

3a

1c2aAS3

AS1

AS21a

2c

2b

1b

3ceBGP session

iBGP session

Distributing reachability info using eBGP session between 3a and 1c, AS3 sends prefix

reachability info to AS1. 1c can then use iBGP do distribute new prefix info to all

routers in AS1 1b can then re-advertise new reachability info to AS2

over 1b-to-2a eBGP session when router learns of new prefix, it creates entry for

prefix in its forwarding table.

3b

1d

3a

1c2aAS3

AS1

AS21a

2c

2b

1b

3ceBGP session

iBGP session

Aggregation Problem

1.1.1.0/24

ISP1.1.2.0/24

1.1.3.0/24

1.1.4.0/24

ISPY

1.1.0.0/22

ISP

1.1.4.0/24

1.1.0.0/22

ISPW

ISP ISPISPX

1.1.4.0/24

From ISP W, the next hop to 1.1.4.0/24 is X, it should be Y

Path attributes & BGP routes

advertised prefix includes BGP attributes. prefix + attributes = “route”

two important attributes: AS-PATH: contains ASs through which prefix

advertisement has passed: e.g, AS 67, AS 17, … NEXT-HOP: indicates specific internal-AS router

to next-hop AS. (there may be multiple routers with links from current AS to next-hop-AS. Each router can advertise the path)

when gateway router receives route advertisement, uses import policy to accept/decline.

BGP route selection

router may learn about more than 1 route to some prefix. Router must select route.

elimination rules:1. local preference value attribute: policy

decision2. shortest AS-PATH 3. closest NEXT-HOP router: hot potato

routing4. additional criteria

BGP messages

BGP messages exchanged using TCP. BGP messages:

OPEN: opens TCP connection to peer and authenticates sender

UPDATE: advertises new path (or withdraws old)

KEEPALIVE keeps connection alive in absence of UPDATES; also ACKs OPEN request

NOTIFICATION: reports errors in previous msg; also used to close connection

TCP reset security risk

BGP routing policy

A,B,C are provider networks X,W,Y are customer (of provider networks) X is dual-homed: attached to two networks

X does not want to route from B via X to C .. so X will not advertise to B a route to C

A

B

C

W X

Y

legend:

customer network:

provider network

BGP routing policy (2)

A advertises path AW to B B advertises path BAW to X Should B advertise path BAW to C?

No way! B gets no “revenue” for routing CBAW since neither W nor C are B’s customers

B wants to force C to route to w via A B wants to route only to/from its customers!

A

B

C

W X

Y

legend:

customer network:

provider network

BGP route processing

BGP advertises and withdraws paths with the UPDATE message UPDATE has three fields

Router to withdraw Attributes of routes to prefixes in NLRI NLRI

The NLRI is a list of prefixes that the list of attributes applies to. If two prefixes have different attributes, then these two prefixes need to be announced with different UPDATE messages.

In OSPF each path is a list of routes and a total cost (two attributes). In BGP, routes have many attributes, the cost (in AS hops) is only one of the attributes

input policy engine

routingdecision

routingtable

output policy engine

configuration configuration

from peers

to peers

RIBs Routing information base (RIB) – a list of routes (including attributes)

Adj-RIB-In: RIB learned from neighbor (many of these) Adj-RIB-Out: RIB to be sent to neighbor (many of these) Loc-RIB: RIB for local use (only one of these)

Adj-rib-inpeer

InputPolicyengine

Adj-rib-inpeer

Adj-rib-inpeer

Adj-rib-inpeer

BGP decision

Loc-RIB

InputPolicyengine

Adj-rib-out peer

Adj-rib-out peer

Adj-rib-out peer

Adj-rib-out peer

Sample routing environment

AS1

AS2

inputpolicy engine

•deny 0/0 from AS1•Give 192.213.1.0/24 from AS1 better preference•Accept other routes

192.213.1.0/240/0

192.213.1.0/24193.214.10.0/240/0

decisionprocess

routes

•Use 0/0 from AS2•Use 192.213.1.0/24 from AS1•Use 193.214.10.0/24 from AS2•Use 172.16.10.0/24 from AS5 (this AS)

AS3

AS4

outputpolicy engine

•Do not propagate 0/0•Do not send 193.214.10.0/24 to AS4•Give 192.213.1.0/24 with metric = 10 to AS3

•193.214.10.0/24 path=(AS5, AS2)•192.213.1.0/24 path=(AS5, AS1) metric=10•172.16.10.0/24 path=(AS5)

•172.16.10.0/24 path=(AS5)•192.213.1.0/24 path=(AS5 AS1)

Fun with BGP

Routeviews.org collects and archives BGP announcements

One way to use routeviews is with dig At the linux prompt dig txt 4.128.aspath.routeviews.org Outputs various stuff and

• Answer section:– 4.128.aspath.routeviews.org 600 IN TXT “5056 1238 174 34”

“128.4.0.0” “16”• Syntax = ASPath “Prefix” “prefix length”

Now use whois -h whois.arin.net "a ASXX" to learn about ASs where XX is an AS number. E.g., whois -h whois.arin.net "a AS34" gives information about AS34

Try with some other AS

Check out a collection of path announcements Open bgp030408p39.Partial

http://www.eecis.udel.edu/~bohacek/Classes/ELEG651Spring2008/bgp030508p39.Partial

An old (2003) partial list of BGP announcements received by several routers Check which ASs peer with UD (ASN 34)

Why different Intra- and Inter-AS routing ?

Policy: Inter-AS: admin wants control over how its traffic

routed, who routes through its net. Intra-AS: single admin, so no policy decisions

needed

Scale: hierarchical routing saves table size, reduced

update trafficPerformance: Intra-AS: can focus on performance Inter-AS: policy may dominate over performance

Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3...

Documents

Transcript of Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3...