Download Computer Networks

Computer Networks
Network layer
Network layer -- June 2004
1
Network Layer
 Design issues
 Routing
 Congestion
 Different networks,
 Internetworking

 Internet Protocols

 Multimedia or QoS


protocols?
Interconnection styles
Internetwork routing
Fragmentation
Firewalls
Network layer -- June 2004
2
Internetworking: differences
 Different networks will always be around
o Installed base is large and growing
o Networks get cheaper, so #decision makers 
o New technology  new networks  new protocols
Network layer -- June 2004
3
Internetworking: differences
Item
Some differences
Service offered
Connection-oriented <> connectionless
Protocols
IP, IPX, CLNP, Apple talk, SNA,…
Addressing
Flat (802) <> hierarchical (IP)
Multicasting
Present <> absent
Packet size
Maximum per network
Quality of service
Many kinds
Error handling
Reliable, ordered, …
Flow control
Sliding window, rate control,…
Congestion control
Leaky bucket, choke packets,…
Security
Privacy rules, encryption,…
Parameters
Timeouts, flow specifications,…
Accounting
Connect time, available bandwidth,…
Network layer -- June 2004
4
Internetworking: differences
 Interconnection boxes
o Repeaters, hubs
o Bridges, switches
o Routers
o Transport gateways
o Application gateways
Layer
Example
1
Ethernet
2
LANs
3
IP, IPX, Apple talk
4
TCP <> OSI TP4
5
Mail: SMTP <> X400
Network layer -- June 2004
5
Internetworking: styles
 Half-[device]s + neutral protocol
o Management issue
o Cooperation reduced to agreement on protocol
Network layer -- June 2004
6
Internetworking: styles
 Concatenated virtual circuits
o Set-up of a connection
• Recognition of remote destination (host, router) and selection
of multiprotocol router for first VC
• Multiprotocol router extends VC towards …
o Data transfer
• Same path for all packets
• Conversions (packet format, VC numbers,…) in multiprotocol
routers
o Essential features
• Sequence of VCs
• Networks should have same/similar properties
• Properties: I dentical to single VCs
Network layer -- June 2004
7
Internetworking: styles
 Concatenated virtual circuits
o Set-up of a connection
• Recognition of remote destination (host, router) and selection
of multiprotocol router for first VC
• Multiprotocol router extends VC towards …
o Data transfer
• Same path for all packets
• Conversions (packet format, VC numbers,…) in multiprotocol
routers
o Essential features
• Sequence of VCs
• Networks should have same/similar properties
• Properties: identical to single VCs
Network layer -- June 2004
8
Internetworking: styles
 Connectionless internetworking
o Datagram approach
• Multiple routes
• Higher bandwidth
• No guarantee for in order delivery
o Nearly identical protocols required
• Packet conversion
• Addressing ( assignment, mapping)
o Properties: same as for datagram networks
Network layer -- June 2004
9
Internetworking: styles
 Connectionless internetworking
o Datagram approach
• Multiple routes
• Higher bandwidth
• No guarantee for in order delivery
o Nearly identical protocols required
• Packet conversion
• Addressing ( assignment, mapping)
o Properties: same as for datagram networks
Network layer -- June 2004
10
Internetworking: styles
 Tunneling
o Interconnect 2 identical networks using a different one
o Behaviour: point-to-point line between multiprotocol routers
Network layer -- June 2004
11
Internetworking: routing
 Same problem + some complications
 2 levels of routing:
o Within a network
o Between networks
• Intranetwork routing
• Interior gateway protocol
• Internetwork routing
• Exterior gateway protocol
 Internetwork routing
o Graph construction
• Every router can directly access routers on the same network
o Packet forwarding + tunneling if necessary
 Differences with intranetwork routing
o Cross international boundaries adopt national laws
o Agreements between operators (transit traffic)
Network layer -- June 2004
12
Internetworking: routing
An internetwork:
Graph of internetwork
o Router A can communicate with routers
B and C
Network layer -- June 2004
13
Internetworking: fragmentation
 Problem: Large packet through network with smaller
maximum packet size
 Solution:
o Break large packet into fragments
o Send each fragment as a separate packet
o Reassemble: transparent <> non transparent?
 Transparent fragmentation
o Strategy
• Gateway breaks large packet into fragments
• Each fragment addressed to same exit gateway
• Exit gateway does reassembly
Network layer -- June 2004
14
Internetworking: fragmentation
 Transparent fragmentation
o Strategy
• Gateway breaks large packet into fragments
• Each fragment addressed to same exit gateway
• Exit gateway does reassembly
o Simple, but some problems
• Gateway must know when it has all pieces
• Performance loss: all fragments through same gateway
• Overhead: repeatedly reassemble and refragment
o Example: ATM segmentation
Network layer -- June 2004
15
Internetworking: fragmentation
 Nontransparent fragmentation
o Strategy
• Gateway breaks large packet into fragments
• Each fragment is forwarded to destination
o problems
• Every host must be able to reassembly
• More headers
o Example: IP fragmentation
Network layer -- June 2004
16
Internetworking: fragmentation
 Fragment numbering
o Hierarchical numbering
• Packet 0  packets 0.0, 0.1, 0.2
• Problem: retransmission + different fragmentations
o Basic block numbering: in every packet
• Original packet number
• Sequence number of first block
Network layer -- June 2004
17
Internetworking: firewalls
 Protection needed against
o Information leaking out
• Trade secrets, product development plans, …
o Information leaking in
• Viruses, worms, …
o Old medieval analogy
• Castle + deep moat around it
• Single draw bridge
o Example firewall
• 2 routers for packet filtering
• Application gateway
Network layer -- June 2004
18
Internetworking: firewalls
 Packet filtering
 Application gateway
o Acceptable sources + destinations
o Decisions made per
application
o Filters on
• Address: IP
• Service port (TCP header)
• both
Network layer -- June 2004
• Header fields,
• Message size
• content
19
Network Layer
 Design issues
 Routing
 Congestion
 Internetworking
 IP protocol
 Internet Control Protocols
 Routing
 Internet Protocols
 Internet multicasting
 Multimedia or QoS
 Mobile IP
 IPv6
Network layer -- June 2004
20
Internet: IP protocol
 View on Internet:
o Collection of Autonomous Systems (AS)
o Glue: IP designed for internetworking
Network layer -- June 2004
21
Internet: IP protocol
 IP protocol
o best effort service
o Datagrams: up to 64 Kbytes
 IP header
o 20 byte fixed part + optional part
o Transmitted in big endian order ( l -> r)
Network layer -- June 2004
22
Internet: IP header
Version
Version of IP protocol: now 4
IHL
Length of header
Type of service
3 bit precedence field; priority: 0 (normal) to 7 (control)
3 flags: Delay, Throughput, Reliability
Total length
Length of header + data
Identification
Unique number for datagram (between source & destination)
DF
Don’t fragment this packet
MF
More fragments to come
Fragment offset
Relative position of fragment in original packet ( 8 bytes mult.)
Time to live
Hop counter
Protocol
Protocol of higher layer
Header checksum
16 bit sum of half words using 1-complement
Source address
IP address
Destination address IP address
Network layer -- June 2004
23
Internet: IP header
 Options: maximum length = 40 bytes
Option
Description
Security
Specifies how secret the datagram is
Strict source routing
Gives the complete path to be followed
Loose source routing
Gives a list of routers not to be missed
Record route
Makes each router append its IP address
timestamp
Makes each router append its IP address and timestamp
o Too small: 40 bytes -> only 10 IP addresses!
Network layer -- June 2004
24
Internet: IP addresses
 IP address = 32 bits
o Network number
o Host number (on network)
class
A
#networks
#hosts
126 16.000.000
B
16.382
64.000
C
2.000.000
254
Network layer -- June 2004
25
Internet: IP addresses
 Dotted notation: 134.58.47.25
 Assignment:
o ICANN Internet Corporation for Assigned Names and Numbers
o Arin (American Registry for Internet Numbers) for N & S America
o RIPE (Réseaux IP Européennes) for Europe
o APNIC (Asia Pacific Network Information Centre)
 Special addresses:
Network layer -- June 2004
26
Internet: IP subnets
 Subnetting: different views on same network
o Internal: network split up in different parts
o External: a single net
 Why?
o Avoid use of different C networks for a single organisation
o Allow structuring of class A & B networks
Network layer -- June 2004
27
Internet: IP subnets
 Subnetting: different views on same network
o Internal: network split up in different parts
o External: a single net
 Why?
o Avoid use of different C networks for a single organisation
o Allow structuring of class A & B networks
 Network <> host?
o Subnet mask
Network layer -- June 2004
28
Internet: IP subnets
Routing: table entries
No subnets
With subnets
(network, 0) :
how to get distant network
(this-network, host) :
… to local host
(network, 0) :
how to get to distant network
(this-network, subnet, 0) :
…to host on another subnet
(this-network, this-subnet, host) :
… to local host
Advantages:
o Smaller tables
o Management of networks easier (not easy!)
Network layer -- June 2004
29
Internet: CIDR
 Exponential growth of Internet
o Running out of addresses
• B is too large <> C is too small
• Assign many Cs iso a single B
Routing table explosion
o Hierarchical routing
o No support in IP addressing scheme
o CIDR solution:
o Allocate blocks of class C addresses
o Introduce hierarchy for remaining addresses
o Classless routing
CIDR: classless InterDomain Routing
Network layer -- June 2004
30
Internet: CIDR
o CIDR solution:
o Allocate blocks of class C addresses
o Variable size described by
o IP address
o Mask indicating meaningful bits in address
o Allocation scheme: block of X addresses starts on X-byte boundary
o 2048 addresses (8 C classes): 194.24.0.0 to 194.24.7.255
o 4096 addresses (16 C classes): 194.24.16.0 to 194.24.31.255
o Introduce hierarchy for remaining addresses
o Classless routing
From
To
194.0.0.0
195.255.255.255
Europe
198.0.0.0
199.255.255.255
North America
200.0.0.0
201.255.255.255
Central + South America
202.0.0.0
203.255.255.255
Asia + Pacific
Network layer -- June 2004
Region
31
Internet: CIDR
 3 blocks assigned:
 Entries in router
tables:
Gent
2048
194.24.0.0
194.24.7.255
Leuven
4096
194.24.16.0
194.24.31.255
Hasselt
1024
194.24.8.0
194.24.11.255
Address
Mask
Mask (last 2 bytes)
194.24.0.0
255.255.248.0 1111 1000 0000 0000
194.24.16.0
255.255.240.0 1111 0000 0000 0000
194.24.8.0
255.255.252.0 1111 1100 0000 0000
 Route 194.24.17.4? or
… 0001 0001 0000 0100
o Test: address & mask … 1111 1000 0000 0000
… 0001 0000 0000 0000
<> 194.24.0.0
… 1111 0000 0000 0000
… 0001 0000 0000 0000
Network layer -- June 2004
= 194.24.16.0
32
Internet: NAT
 Network Address translation
o Simple solution to the shortage of IP addresses
o Examples?
 Technique:
o non routable addresses inside a domain
o Translate address to a routable one when packet leaves
domain
Network layer -- June 2004
33
Internet: NAT
 Use TCP/UDP port number to differentiate between
different local computer systems
 NAT translation table
(local IP address, source port)
 (external IP address, unique port)
 1 IP address can be used for up to ~ 64K hosts
Network layer -- June 2004
34
Internet: NAT
 Objections to NAT
o Violates architectural model of IP
• IP address uniquely identifies a single computer
o Crash of NAT box  all “connections” lost
• Connection oriented flavor
o
o
o
o
Violates fundamental rule of protocol layers
Only works for TCP & UDP
Addresses inside body are not translated
Ugly and temporary hack delays real solution: IPv6
Network layer -- June 2004
35
Network Layer
 Design issues
 Routing
 Congestion
 Internetworking
 Internet Protocols
 Multimedia or QoS
 IP protocol
 Internet Control Protocols
o ICMP
o ARP
o RARP
 Routing
 Internet multicasting
 Mobile IP
 IPv6
Network layer -- June 2004
36
Internet: ICMP
 ICMP: Internet Control Message Protocol
o Used by routers to report unexpected events
o Definition: RFC 792
Message type
Description
Destination unreachable
Packet could not be delivered
Time exceeded
Time to live field 0
Parameter problem
Invalid header field
Source quench
Choke packet
Redirect
Teach a router about geography
Echo request
Ask a machine if it is alive
Echo reply
Yes, I am alive
Timestamp request
Same as echo, but with timestamp
Timestamp reply
Same as echo reply, but with timestamp
Network layer -- June 2004
37
Internet: ARP
 ARP: address resolution protocol
o How do IP addresses get mapped onto data link layer
addresses?
o Problem:
o Solution: configuration files
192.31.65.7
E1
192.31.65.5
E2
unsatisfactory
Network layer -- June 2004
38
Internet: ARP
 Basic ARP protocol
o Broadcast: who owns IP address 192.31.65.5?
o Host with that IP address should reply with its data link address
 Optimisations: cache mappings!
o Values in ARP request
(every system on net)
o Values in ARP reply
(sender of ARP request only)
o Gratuitous ARP: upon boot host can send
ARP request with its own mapping
answer: duplicate IP address in use!
Network layer -- June 2004
39
Internet: ARP
 How to handle remote hosts?
o Proxy ARP: routers serving the net should reply
o Sending host forwards packet to router
Network layer -- June 2004
40
Internet: RARP
 RARP: Reverse Address Resolution Protocol
o Problem:
• Given a data link address
• What is the corresponding IP address
o Why needed?
• Allows a newly booted workstations to get its IP address
o Solutions:
+ RARP protocol + RARP server!!
- IP address embedded in OS image (different image for every WS)
+ BOOTP protocol
o Limitation of RARP: server needed on each net as broadcast is not
forwarded
Network layer -- June 2004
41
Internet: BOOTP
 Bootstrap protocol
o Uses UDP messages
• Broadcast to port 67
• Forwarded over routers
o Gives additional information
• IP address of file server holding the OS
• IP address of default router
• Subnet mask to use
Network layer -- June 2004
42
Internet: DHCP
 DHCP: Dynamic Host Configuration Protocol
o Special server + relay agents
o Static + dynamic assignment of IP addresses (leasing)
o Newly booted machine: broadcasts a DHCP Discover packet
Network layer -- June 2004
43
Network Layer
 Design issues
 Routing
 Congestion
 Internetworking
 Internet Protocols
 Multimedia or QoS
 IP protocol
 Internet Control Protocols
 Routing
o OSPF
o BGP
 Internet multicasting
 Mobile IP
 IPv6
Network layer -- June 2004
44
Internet: routing
 History:
o First protocol: RIP (distance vector)
o Since 1979: replaced by link state
o In 1990 new standard: OSPF
 Protocols:
o Interior gateway protocol: OSPF – Open Shortest Path
First
o Exterior gateway protocol: BGP – Border gateway
protocol
Network layer -- June 2004
45
Internet routing: OSPF
 Requirements for OSPF:
o Algorithm in open literature
o Support for various distance metrics
o Dynamic algorithm
o Support for routing based on type of service
o Do load balancing over multiple lines
o Support for hierarchical systems
o Security to prevent false updates
o Support for routers connected through tunnel
 OSPF supports as connections and networks
o Point-to-point lines between routers
o Multi access networks with broadcasts
o (multi access) networks without broadcasts
Network layer -- June 2004
46
Internet routing: OSPF
 Abstract view on network
o Directed graph
o Node for each router + network
o Arcs:
• 2 arcs for each point-to-point line
• 2 arcs for each network node to the routers
connected to the network
o Example
Network layer -- June 2004
47
Internet routing: OSPF
 Abstract view on network
o Directed graph
o Node for each router + network
o Arcs:
• 2 arcs for each point-to-point line
• 2 arcs for each network node to the routers
connected to the network
Network layer -- June 2004
48
Internet routing: OSPF
 Network divided into areas
o Areas do not overlap
o Area = set of contiguous networks
o Topology of area not visible outside area
Provisions for very
large networks
 Backbone area
o Interconnects areas
o Router connected to at least 2 areas is part of backbone
 Classes of routers
o
o
o
o
Internal routers (within an area)
Area border routers (interconnect areas)
Backbone routers
AS boundary router
 3 kinds of routes
o Intra-area: shortest path
o Interarea: from source to backbone to destination
o Inter AS
Network layer -- June 2004
49
Internet routing: OSPF
Provisions for very large networks
Network layer -- June 2004
50
Internet routing: OSPF
 Provisions for very large networks
Network layer -- June 2004
51
Internet routing: OSPF
 Exchanging information
o Between adjacent routers
o on LAN one router is elected as designated router
o Designated router is adjacent to all neighbouring routers
 Flooding to all routers in an area
 Within routers of any area
o Construct graph
o Compute shortest paths between routers in area
 Extra for backbone area
o Accept info from area border routers
o Compute SP between backbone router and all routers in AS
o Propagate this info back to area border routers, which advertise it
within their areas
Network layer -- June 2004
52
Internet routing: OSPF
 How handle different types of service
o Multiple graphs with as cost metric
• Delay
• Throughput
• reliability
o Triples computation
o Separate routes for optimising …
Network layer -- June 2004
53
Internet routing: BGP
 Allow many kinds of routing policies:
o Examples:
• No transit traffic
• Only transit X if there is no alternative
• Traffic from or to Y should not transit Z
o Policies require manual configuration!
 BGP view of the Internet
o BGP routers + interconnecting lines
o 3 kind of networks:
• stub networks : 1 connection in BGP graph
• multi connected networks
• transit networks (operated as backbones)
 BGP algorithm
Network layer -- June 2004
54
Internet routing: BGP
 BGP algorithm
o Distance vector protocol +
o Each router keeps track of exact path used
o Route violating a policy
 distance = 
o Uses reliable TCP connections???
Network layer -- June 2004
55
Network Layer
 Design issues
 Routing
 Congestion
 Internetworking
 IP protocol
 Internet Control Protocols
 Routing
 Internet Protocols
 Internet multicasting
 Multimedia or QoS
 Mobile IP
 IPv6
Network layer -- June 2004
56
Internet multicasting
 Use of class D IP addresses
o Each group identified by class D address
o Best effort delivery to all members of group
o Permanent addresses
•
•
•
•
224.0.0.1: all systems on LAN
224.0.0.2: all routers on LAN
224.0.0.5: all OSPF routers on LAN
224.0.0.6: all designated OSPF routers on LAN
o Temporary addresses for temporary groups
• Create group
• Host can join/leave group
• IGMP: Internet Group Management Protocol
Network layer -- June 2004
57
Internet multicasting
 Multicast router
o Keeps track of the groups to which hosts on its LAN belong
o Modified distance vector protocol
o Each router constructs spanning tree per group
o Heavy use of tunneling (why?)
Network layer -- June 2004
58
Internet: mobile IP
 Unattractive solutions:
o Give new IP address to mobile host
o Use complete IP address for routing
 IETF: desirable goals
o (home) IP address usable everywhere
o No software changes to fixed hosts
o No changes to router software and tables
o No detours for most packets to mobile hosts
o No overhead when mobile host is at home
 Solution
Network layer -- June 2004
59
Internet: mobile IP
 Solution (see general scheme for details)
o Home agent
• Gratuitous ARP to invalidate cached entries
o Foreign agent + registering
o ARP + home agent responding
o Tunnel to foreign agent + inform sender
 Handling of other problems:
o Locating agents
• Broadcast
o Host leaving without deregistration
• Registration valid for fixed time interval
o Security
• Use authentication protocol
Network layer -- June 2004
60
Network Layer
 Design issues
 Routing
 Congestion
 Internetworking
 IP protocol
 Internet Control Protocols
 Routing
 Internet Protocols
 Internet multicasting
 Multimedia or QoS
 Mobile IP
 IPv6
Network layer -- June 2004
61
Internet: IPv6
 Major goals for new IP
o Support billion of hosts
o Reduce size of routing
tables
o Simplify protocol
o Better security
(authentication + privacy)
o More attention for type of
service
o Aid multicasting
o Better support for mobility
o Allow protocol to evolve
o Permit coexistence of old
and new IP
 Features of IPv6
o Not compatible with IPv4
o Compatible with other
Internet protocols
o Longer addresses
o Simplification of header
o Better support for options
o Big advance in security
o More attention to type of
service
Network layer -- June 2004
62
Internet: IPv6
 Procedure
o Call for proposal by IETF
o 21 responses
o Dec 92: 7 serious proposals
o 3 better proposals published in IEEE network
o SIPP (Simple Internet Protocol Plus) or IPv6: combined version
Network layer -- June 2004
63
Internet: IPv6 header
Network layer -- June 2004
64
Internet: IPv6 header
 Version: identifies protocol version
 Priority
o 0 – 7: transmissions capable of slowing down
o 8 – 15: real-time traffic
o Higher values: more important traffic
 Flow label: Identification of flow with specific requirements
o Pseudoconnection between source and destination
o To be used by routers for special treatment of all packets of a flow
 Payload length: number of bytes in packet after header
 Next header
o Which extension follows this one
o (last extension header) which transport protocol to select
 Hop limit: decremented at each hop
 Addresses of source & destination: 16 bytes or 128 bits
Network layer -- June 2004
65
Internet: IPv6 addresses
 Size of address space:
o 128 bits  2128  1038 addresses
o 7 x 1023 addresses /m2 land + water on entire earth
o Most pessimistic scenario: 1000 addresses / m2 (land + water)
 Notation
o 8 groups of 4 hexadecimal digits with colons as separators
• 8000:0000:0000:0000:0123:4567:89AB:CDEF
o Short cuts:
• Sequence of 0000  “::” : 8000::0123:4567:89AB:CDEF
• IPv4 : ::134:58:91:254
 Assignment
o Provider-based + geographic-based addresses
o Overview …
Network layer -- June 2004
66
Prefix
Usage
Fraction
0000 0000
Reserved (including IPv4)
0000 0001
Unassigned
0000 001
OSI NSAP addresses
1/128
0000 010
Novell Netware IPX addresses
1/128
0000 011
Unassigned
1/128
0000 1
Unassigned
1/32
0001
Unassigned
1/16
001
Unassigned
1/8
010
Provider-based addresses
1/8
011
Unassigned
1/8
100
Geographic-based addresses
1/8
101
Unassigned
1/8
110
Unassigned
1/8
1110
Unassigned
1/16
1111 0
Unassigned
1/32
1111 10
Unassigned
1/64
1111 110
Unassigned
1/128
1111 1110 0
Unassigned
1/512
1111 1110 10
Link local use addresses
1/1024
1111 1110 11
Site local use addresses
1/1024
1111 1111
Multicast
Network layer -- June 2004
1/256
1/256
1/256
67
Internet: IPv6
 Extension headers
o Extra info, efficiently encoded
o Overview …
Extension Header
Description
Hop-by-hop options
Miscellaneous information for routers
Routing
Full or partial route to follow
Fragmentation
Management of datagram fragments
Authentication
Verification of the sender’s identity
Encrypted security payload Information about the encrypted contents
Destination options
Additional information for the destination
Network layer -- June 2004
68
Internet: IPv6
 Extension headers
o Encoding:
• Fixed format or
• variable number of variable length fields
– Type, length value encoding
Network layer -- June 2004
69
Internet: IPv6
 Jumbogram extension header
o Datagrams > 64 Kbyte
Network layer -- June 2004
70
Internet: IPv6
 Routing extension header
o Bit map: strict source routing <> loose source routing
Network layer -- June 2004
71
Internet: IPv6
 Fragmentation extension header:
o Fragmentation only by source host
 simplification of routers,
o Identical fields:
• Datagram identifier
• Fragment number
• MF bit
Network layer -- June 2004
72
Internet: IPv6
 Controversies:
o Address length
o Length of hop limit field:
• Number of hops should never exceed ~100  8 bits
o Maximum packet size
o Removal of checksum
o Security
• in network layer? Yes  standard service
No  never good enough
• Export restriction?
• How? replaceable algorithms
Network layer -- June 2004
73
Computer Networks
Network layer
Network layer -- June 2004
74