lab 3: simple router - stanford university

Lab3:SimpleRouter

CS144Lab3sec7onOctober23rd,2009

TomWiltzius

BasedonslidesbyDerrickIsaacson,BenNham,ClayCollier,andMar7nCasado

AssignmentOverview

•  YouuseavirtualnetworktopologyaspartoftheVNSsystem

•  YouwritearouterinC•  YourrouterwillrouterealIPpacketsovertheInternetfromstandardclients(i.e.ping,traceroute,Tp,Firefox…)

•  DueThursday,Oct29th•  Getstarted!

Ge[ngStarted

•  Gettheassignmentcodefrom:http://www.scs.stanford.edu/09au‐cs144/lab/router.tar.gz

•  LookintheINSTRUCTIONSfileforinfoon– Usingyourassignedtopology– Whatthedefaulttopologylookslike–  Informa7onontherou7ngtableforyourtopology

ProtocolsYouNeedtoHandle

•  Ethernet–  AllpacketsgiventoyouarerawEthernetframes

•  IP•  ARP–  NeededtoresolveIPaddressestoMACaddresses

•  ICMPrequests/replies–  Usedbysomeprogramstosendrequests(ping)–  Neededtosendcontrolmessagesbacktohost

•  Seesr_protocol.handNetworkSorcerytodealwiththerawbits

•  Makesureyouunderstandyourpointerarithme7c!

RouterBasics

myth elaine

CampusNetwork

Your Router vns‐firewall

eth0

eth1

eth2

eth0:

192.168.128.6

eth2:

192.168.129.106

eth1:

192.168.128.50

192.168.128.51

192.168.129.107

Tp192.168.128.51

192.168.128.51 192.168.128.51

192.168.128.51

Rou7ngTable

•  Sta7crou7ngtableinthisassignment•  MakesureyouunderstandLPM•  Loadedforyoufromthecommandlineintotherouter

contextoftypestructsr_instance(sr_router.h)•  Entriesarealinkedlistoftypestructsr_rt(sr_rt.h)•  Walkovertherou7ngtablelinearlytodoalongestprefix

matchonit

0.0.0.0

255.255.255.255

255.255.255.255

NetworkMask

eth0172.24.74.170.0.0.0

eth2192.168.129.106192.168.129.106

eth1192.168.128.51192.168.128.51

InterfaceNext‐hopIPaddress

BasicForwardingPrinciples•  RemoveIPdatagramfromEthernetframe.

–  CouldalsobeanARPpayloadinEthernetframe•  Verifychecksum.Ifit’snotvalid,dropthepacket.•  Inspectthepacket’sDA.Assumingthepacketisdes7nedfor

someoneelse:–  Lookupnext‐hopaddressbydoingaLPMontherou7ngtableusing

thepacket’sDA•  Ifitdoesnotexist,sendICMPhostunreachable

–  DecrementTTL,updateheaderchecksum•  IfTTL==0aTerdecremen7ng,sendICMP7meexceeded

–  Fromnext‐hopIPaddress,determineoutgoinginterfaceandnext‐hopMACaddress•  Ifnecessary,sendARPrequesttodetermineMACaddress

–  EncapsulateIPdatagraminEthernetpacket–  Forwardpackettooutgoinginterface

PacketsDes7nedfortheRouter

•  Ifthepacket’sDAisdes7nedtowardsoneofourinterfaces:–  Ifit’sanICMPechorequest,generateanICMPechoreply

– Otherwiseifit’saTCPorUDPpacket,generateanICMPportunreachable(neededfortraceroutetowork)

Checksums

•  IPchecksum– NeedtocheckforallIPpacketheaders;droppacketifchecksumisbad

•  ICMPchecksum– Needtovalidateforincomingpacketsdes7nedforus– Needtocalculateforoutgoingpackets–  Ignoreifforwarding

•  TCP/UDPchecksum–  End‐to‐endchecksum,ignore

•  Usecksumfuncfrompreviouslabtocalculatechecksums

IPAddressesandMACAddresses•  EachIPaddressisassociated

withasingleinterface•  EachinterfacehasaMAC

address•  Therefore,eachIPaddressis

associatedwithasingleMACaddress

•  Routerwith4interfaceshas4IPsand4MACaddresses!–  eth0hassomeIP0–  eth1hassomeIP1–  eth2hassomeIP2–  eth3hassomeIP3

•  Conclusion:AnIPaddressnamesaninterface,notahost

eth0

eth1

eth2

eth3

5.10.1.1

12.1.1.20012.1.1.1

12.1.0.1 IP1

IP2

IP0

IP3

IPWithinEthernet

•  Inarouter,weoperateonrawEthernetframes,withanIPorARPpacketaspayload

•  Toforwardapacketonehop,mustknow:– Des7na7onIPaddress– Next‐hopMACaddressofthenext‐hopIPaddress

Byte0 Byte1 Byte2 Byte3

DestMACAddress

DestMACAddress(con7nued) SourceMACAddress

SourceMACAddress(con7nued)

Ethertype Payload

NecessityofARPIPAddress Netmask Gateway Interface

0.0.0.0 0.0.0.0 5.10.1.1 eth0

12.1.0.0 255.255.0.0 12.1.0.1 eth1

12.1.1.0 255.255.255.0 12.1.1.1 eth2

12.1.1.200 255.255.255.255 12.1.1.200 eth3

•  SupposeIgetapacketdes7nedfor128.12.94.3–  Matchesdefaultroute

only(firstentry)

•  NeedtosendrawEthernetframetotheMACaddressof5.10.1.1

•  Butourrou7ngtablehasonlyIPaddresses,notMACaddresses

eth0

eth1

eth2

eth3

5.10.1.1

12.1.1.20012.1.1.1

12.1.0.1

ARPPacketFormat

•  Correspondstostructsr_arphdr–  HTYPE=ar_hrd=htons(ARPHDR_ETHER)–  PTYPE=ar_pro=htons(ETHERTYPE_IP)–  HLEN=ar_hln=#bytesinMACaddress–  PLEN=ar_pln=#bytesinIPaddress–  OPER=ar_op=htons(ARP_REQUEST)orhtons(ARP_REPLY)–  SHA/SPA=senderMAC/IPaddress(copyfromsr_ifofoutgoingIF)–  THA/TPA=targetMAC/IPaddress

Genera7ngARPRequest

•  Request:WhohasIP192.168.1.3?CreateARPrequestwithfields:– SourceHWaddr:MACsrc– Sourceprotocoladdr:IPsrc– TargetHWaddr:FF:FF:FF:FF:FF:FF

– Targetprotocoladdr:192.168.1.3•  ARPrequestsaresenttotheEthernetbroadcastaddress

HandlingARPRequest

•  Getrequest:Whohas192.168.1.3•  IfoneoftheIPsofmyrouteris192.168.1.3,sendanARPreply:IhaveIPof192.168.1.3withMACaddressof00‐11‐22‐33‐44‐55‐66(sixbytesinhex,or48bits)–  SourceHWaddr:00‐11‐22‐33‐44‐55‐66–  Sourceprotocoladdress:192.168.1.3–  TargetHWaddr:MACsrc–  Targetprotocoladdr:IPsrc

•  ARPreplyissentdirectlytoMACsrc

HandlingARPReply

•  Reply:IhaveIPof192.168.1.3withMACaddressof00‐11‐22‐33‐44‐55‐66

•  IfthetargetIPoftheARPreplyistheIPoftheinterfacethiscameinon:– AddtheIPtoMACmappingtotheARPcache

– Sendoffanypacketsthatwerewai7ngonthisARPreply

Lab3ARPFunc7onality

•  GenerateARPrequestsifanexthopMACisnotintheARPcache

•  ProcessARPrepliesthattargetusandplacethemintotheARPcache

•  ProcessARPrequeststhattargetusandgenerateanappropriateARPreply

•  GothroughARPrequestqueueeverysecondandsendoffARPrequestseverysecond(editsr_arpcache_sweepreqsinsr_arpcache.c)

HandlingARP

•  Rou7ngtablecontainsnext‐hopIPs,butyouneedbothanext‐hopIPandanext‐hopMACaddress

•  Whatyouhavetodo:–  GenerateARPrequestsandparseARPreplies–  ListentoARPrequestsandsendARPreplies–  Don’tsendarequestforeachpacket;instead,useanARPcache–  Requestsshould7meoutaTer5triesofabout1secondeach–  ARPcacheentriesshould7meoutaTerabout15seconds

ARPCache

……

00:e0:81:04:08:9b172.24.74.130

EthernetMACAddressIPaddress

ARPCacheClass

•  We’vegivenyouanARPcacheclasscontaining–  ARPrequestqueue–  ARPcache

•  ARPcacheentries7meoutautoma7callyaTer15seconds•  Thecacheclassisessen7allytwolinkedlists:oneforthe

cache,andoneforrequests.Therearefunc7onstohandlequeryingandinser7ngintothesetwolists.

•  ARPrequestqueuewrioensothatitiseasytoconsolidateARPrequestsacrossmul7plepackets,andenforcetheARPrequest7meout

•  Seepseudocodeinsr_arpcache.hformoredetailedinfo

ICMP

•  Usedtosendcontrolmessagesbacktosendinghost

•  MustprocessICMPEchoRequest•  Mustgenerate–  ICMPEchoReply–  ICMPDes7na7onHostUnreachable–  ICMPDes7na7onPortUnreachable–  ICMPTimeExceeded

•  CheckNetworkSorcerypagesondetailsofhowtoformatthesemessage

BasicLab4FlowDiagramReceiveRaw

EthernetFrame

ProcessIPPacket

ProcessPacketSenttoSelf

ForwardPacket

ProcessARPRequest/Reply

IfICMPechoreq,sendICMPechoreply

IfIP+TCP/UDP,sendICMPportunreachable

DoLPMonrou7ngtable

Seepreviousslides

SendICMPhostunreachable

CheckARPcache

Sendframetonexthop

AddrequesttoARPqueue,sendingifnecessary

Nomatch

Ifalreadysent57mes

Match

Nohit

Hit

NotsenttoselfSenttoself

MoreLab4Thoughts

•  Organizeyourcode–  S7ckingeverythingsr_router.cwillprobablygiveyouaheadache

– Makesomenewfiles(sugges7ons,notnecessary):•  sr_arp.c/hforhandling/genera7ngARPpackets•  sr_icmp.c/hforhandling/genera7ngICMPpackets•  sr_ip.c/hfortohandlegenera7ngIPpackets•  AddthesourcesandheaderstotheMakefile

•  Doonethingata7me–  NeedARPtosendanythingatall–  IfyoujustdotheforwardingpathwithoutICMP,shouldbeabletoroutepacketstotheappservers

–  CanaddICMPsupportlast

RequiredFunc7onality

•  Forwardingpacketsshouldwork•  HandlesandgeneratesARPrequests/repliescorrectly•  YoucandownloadafileusinghopandTpfromoneofthe

appserversbehindtherouter•  Youcantraceroute(tracepath)toandthroughtherouter•  Youcanpingtoandthroughtherouter•  ICMPhostandportunreachablemessagesaregenerated

correctly•  ICMP7meexceededmessagesaregeneratedcorrectly•  Noshortcutstaken(don’tforwardapackettoevery

interface)•  Shouldnotcrash,evenwithamalformedpacket

MainFunc7onsandStructures

•  Insr_router.h:–  structsr_instanceisthecontextoftherouter

•  Insr_router.c:–  sr_handlepacketiscalledforeverypacketthatgoesthroughthe

router—youhavetofillitout•  sr_protocol.hcontainsconveniencestructsforaccessing

fieldsinpackets–  Note:onlythebasicICMPheaderisprovided;sr_protocol.h

doesn’tincludestructsforallthevariousICMPpackettypesyou’llneedsoyou’llhavetomakeyourown

•  sr_if.hcontainsmethodsforge[nginforma7onabouttherouter’sinterfaces

•  ARPCacheinsr_arpcache.h

Sugges7ons

•  Thinkbeforecoding—there’sagoodamountofcodetowrite

•  ReadthroughtheNetworkSorcerypagestounderstandtheprotocols

•  ReadtheFAQ•  Postandcheckthenewsgroup•  Startearly