chapter 4 2015.ppt - eced mansoura « academic site · a note on the use of these ppt slides: ......

Chapter 4Network Layer

Computer Networking: A Top Down Approach 6th edition Jim Kurose, Keith RossAddison-WesleyMarch 2012

A note on the use of these ppt slides:We’re making these slides freely available to all (faculty, students, readers). They’re in PowerPoint form so you see the animations; and can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) that you mention their source

(after all, we’d like people to use our book!) If you post any slides on a www site, that you note that they are adapted

from (or perhaps identical to) our slides, and note our copyright of this material.

Thanks and enjoy! JFK/KWR

All material copyright 1996-2013J.F Kurose and K.W. Ross, All Rights Reserved

Network Layer 4-1

Network Layer

Chapter 4: network layer

chapter goals: understand principles behind network layer

services: network layer service models forwarding versus routing how a router works routing (path selection) broadcast, multicast

instantiation, implementation in the Internet

4-2

Network Layer

4.1 introduction4.2 virtual circuit and

datagram networks4.3 what’s inside a router4.4 IP: Internet Protocol

datagram format IPv4 addressing ICMP IPv6

4.5 routing algorithms link state distance vector hierarchical routing

4.6 routing in the Internet RIP OSPF BGP

4.7 broadcast and multicast routing

Chapter 4: outline

4-3

Network Layer

Network layer transport segment from

sending to receiving host on sending side

encapsulates segments into datagrams

on receiving side, delivers segments to transport layer

network layer protocols in every host, router

router examines header fields in all IP datagrams passing through it

applicationtransportnetworkdata linkphysical


networkdata linkphysical network

data linkphysical

networkdata linkphysical







networkdata linkphysicalnetwork

data linkphysical

4-4

Network Layer

Two key network-layer functions

forwarding: move packets from router’s input to appropriate router output

routing: determine route taken by packets from source to dest.

routing algorithms

analogy:

routing: process of planning trip from source to dest

forwarding: process of getting through single interchange

4-5

Network Layer

1

23

0111

value in arrivingpacket’s header

routing algorithm

local forwarding tableheader value output link

0100010101111001

3221

Interplay between routing and forwarding

routing algorithm determinesend-end-path through network

forwarding table determineslocal forwarding at this router

4-6

Network Layer

Connection setup

3rd important function in some network architectures: ATM, frame relay, X.25

before datagrams flow, two end hosts andintervening routers establish virtual connection routers get involved

network vs transport layer connection service: network: between two hosts (may also involve intervening

routers in case of VCs) transport: between two processes

4-7

Network Layer

Network service model

Q: What service model for “channel” transporting datagrams from sender to receiver?

example services for individual datagrams:

guaranteed delivery guaranteed delivery with

less than 40 msec delay

example services for a flow of datagrams:

in-order datagram delivery

guaranteed minimum bandwidth to flow

restrictions on changes in inter-packet spacing

4-8

Network Layer

Network layer service models:

NetworkArchitecture

Internet

ATM

ATM

ATM

ATM

ServiceModel

best effort

CBR

VBR

ABR

UBR

Bandwidth

none

constantrateguaranteedrateguaranteed minimumnone

Loss

no

yes

yes

no

no

Order

no

yes

yes

yes

yes

Timing

no

yes

yes

no

no

Congestionfeedback

no (inferredvia loss)nocongestionnocongestionyes

no

Guarantees ?

4-9

Network Layer







Chapter 4: outline

4-10

Network Layer

Connection, connection-less service

datagram network provides network-layer connectionless service

virtual-circuit network provides network-layer connection service

analogous to TCP/UDP connecton-oriented / connectionless transport-layer services, but: service: host-to-host no choice: network provides one or the other implementation: in network core

4-11

Network Layer

Virtual circuits

call setup, teardown for each call before data can flow each packet carries VC identifier (not destination host

address) every router on source-dest path maintains “state” for

each passing connection link, router resources (bandwidth, buffers) may be

allocated to VC (dedicated resources = predictable service)

“source-to-dest path behaves much like telephone circuit” performance-wise network actions along source-to-dest path

4-12

Network Layer

VC implementation

a VC consists of:1. path from source to destination2. VC numbers, one number for each link along path3. entries in forwarding tables in routers along path

packet belonging to VC carries VC number (rather than dest address)

VC number can be changed on each link. new VC number comes from forwarding table

4-13

Network Layer

VC forwarding table12 22 32

12

3

VC numberinterfacenumber

Incoming interface Incoming VC # Outgoing interface Outgoing VC #

1 12 3 222 63 1 18 3 7 2 171 97 3 87… … … …

forwarding table innorthwest router:

VC routers maintain connection state information!

4-14

Network Layer


Virtual circuits: signaling protocols

used to setup, maintain teardown VC used in ATM, frame-relay, X.25 not used in today’s Internet

1. initiate call 2. incoming call

3. accept call4. call connected5. data flow begins 6. receive data


4-15

Network Layer

Datagram networks no call setup at network layer routers: no state about end-to-end connections no network-level concept of “connection”

packets forwarded using destination host address

1. send datagrams



2. receive datagrams

4-16

Network Layer

1

23

Datagram forwarding table

IP destination address in arriving packet’s header

routing algorithm

local forwarding tabledest address output link

address-range 1address-range 2address-range 3address-range 4

3221

4 billion IP addresses, so rather than list individual destination addresslist range of addresses(aggregate table entries)

4-17

Network Layer

Destination Address Range

11001000 00010111 00010000 00000000through11001000 00010111 00010111 11111111

11001000 00010111 00011000 00000000through11001000 00010111 00011000 11111111

11001000 00010111 00011001 00000000through11001000 00010111 00011111 11111111

otherwise

Link Interface

0

1

2

3

Datagram forwarding table

4-18

Network Layer

Datagram or VC network: why?Internet (datagram) data exchange among

computers “elastic” service, no strict

timing req.

many link types different characteristics uniform service difficult

“smart” end systems (computers) can adapt, perform control,

error recovery simple inside network,

complexity at “edge”

ATM (VC) evolved from telephony human conversation:

strict timing, reliability requirements

need for guaranteed service “dumb” end systems

telephones complexity inside

network

4-19

Network Layer







Chapter 4: outline

4-20

Network Layer

Router architecture overviewtwo key router functions: run routing algorithms/protocol (RIP, OSPF, BGP) forwarding datagrams from incoming to outgoing link

high-seed switching

fabric

routing processor

router input ports router output ports

forwarding data plane (hardware)

routing, managementcontrol plane (software)

forwarding tables computed,pushed to input ports

4-21

Network Layer

linetermination

link layer

protocol(receive)

lookup,forwarding

queueing

Input port functions

decentralized switching: given datagram dest., lookup output port

using forwarding table in input port memory (“match plus action”)

goal: complete input port processing at ‘line speed’

queuing: if datagrams arrive faster than forwarding rate into switch fabric

physical layer:bit-level reception

data link layer:e.g., Ethernetsee chapter 5

switchfabric

4-22

Network Layer

Switching fabrics transfer packet from input buffer to appropriate

output buffer switching rate: rate at which packets can be

transfer from inputs to outputs often measured as multiple of input/output line rate N inputs: switching rate N times line rate desirable

three types of switching fabrics

memory

memory

bus crossbar

4-23

Network Layer

Switching via memory

first generation routers: traditional computers with switching under direct control

of CPU packet copied to system’s memory speed limited by memory bandwidth (2 bus crossings per

datagram)

inputport(e.g.,

Ethernet)

memory

outputport(e.g.,

Ethernet)

system bus

4-24

Network Layer

Switching via a bus

datagram from input port memoryto output port memory via a shared bus

bus contention: switching speed limited by bus bandwidth

32 Gbps bus, Cisco 5600: sufficient speed for access and enterprise routers

bus

4-25

Network Layer

Switching via interconnection network

overcome bus bandwidth limitations banyan networks, crossbar, other

interconnection nets initially developed to connect processors in multiprocessor

advanced design: fragmenting datagram into fixed length cells, switch cells through the fabric.

Cisco 12000: switches 60 Gbpsthrough the interconnection network

crossbar

4-26

Network Layer

Output ports

buffering required when datagrams arrive from fabric faster than the transmission rate

scheduling discipline chooses among queued datagrams for transmission

linetermination

link layer

protocol(send)

switchfabric

datagrambuffer

queueing

This slide in HUGELY important!

3-27

Network Layer

Output ports

buffering required when datagrams arrive from fabric faster than the transmission rate

scheduling discipline chooses among queued datagrams for transmission

linetermination

link layer

protocol(send)

switchfabric

datagrambuffer

queueing

This slide in HUGELY important!

Datagram (packets) can be lost due to congestion, lack of buffers

Priority scheduling – who gets best performance, network neutrality

3-28

Network Layer

Output port queueing

buffering when arrival rate via switch exceeds output line speed

queueing (delay) and loss due to output port buffer overflow!

at t, packets morefrom input to output

switchfabric

one packet time later

switchfabric

4-29

Network Layer

How much buffering?

RFC 3439 rule of thumb: average buffering equal to “typical” RTT (say 250 msec) times link capacity C e.g., C = 10 Gpbs link: 2.5 Gbit buffer

recent recommendation: with N flows, buffering equal to

RTT C.N

4-30

Network Layer

Input port queuing

fabric slower than input ports combined -> queueing may occur at input queues queueing delay and loss due to input buffer overflow!

Head-of-the-Line (HOL) blocking: queued datagram at front of queue prevents others in queue from moving forward

output port contention:only one red datagram can be

transferred.lower red packet is blocked

switchfabric

one packet time later: green packet

experiences HOL blocking

switchfabric

4-31

Network Layer







Chapter 4: outline

4-32

Network Layer

The Internet network layer

forwardingtable

host, router network layer functions:

routing protocols• path selection• RIP, OSPF, BGP

IP protocol• addressing conventions• datagram format• packet handling conventions

ICMP protocol• error reporting• router “signaling”

transport layer: TCP, UDP

link layer

physical layer

networklayer

4-33

Network Layer

ver length

32 bits

data (variable length,typically a TCP

or UDP segment)

16-bit identifier

headerchecksum

time tolive

32 bit source IP address

head.len

type ofservice

flgsfragment

offsetupperlayer

32 bit destination IP address

options (if any)

IP datagram formatIP protocol version

numberheader length

(bytes)

upper layer protocolto deliver payload to

total datagramlength (bytes)

“type” of data forfragmentation/reassemblymax number

remaining hops(decremented at

each router)

e.g. timestamp,record routetaken, specifylist of routers to visit.

how much overhead? 20 bytes of TCP 20 bytes of IP = 40 bytes + app

layer overhead

4-34

IP Packet Header Fields

The unit of transfer in an IP network is called an IP datagram. It consists of an IP header and data relevant to higher-level

protocols. IP can provide fragmentation and re-assembly of datagrams. The maximum length of an IP datagram is 65,535 octets. All IP hosts must support 576 bytes datagrams without

fragmentation. Fragments of a datagram each have a header. The header is

copied from the original datagram. If one of the fragments gets lost, the complete datagram is

considered lost. IP does not provide any acknowledgment mechanism.

Network Layer 4-35

Network Layer

IP fragmentation, reassembly

network links have MTU (max.transfer size) -largest possible link-level frame different link types,

different MTUs large IP datagram divided

(“fragmented”) within net one datagram becomes

several datagrams “reassembled” only at

final destination IP header bits used to

identify, order related fragments

fragmentation:in: one large datagramout: 3 smaller datagrams

reassembly

…

…

4-36

Network Layer

ID=x

offset=0

fragflag=0

length=4000

ID=x

offset=0

fragflag=1

length=1500

ID=x

offset=185

fragflag=1

length=1500

ID=x

offset=370

fragflag=0

length=1040

one large datagram becomesseveral smaller datagrams

example: 4000 byte datagram MTU = 1500 bytes

1480 bytes in data field

offset =1480/8

IP fragmentation, reassembly

4-37

Network Layer







Chapter 4: outline

4-38

The Internet Protocol (IP)

The IP protocol operates at the network layer level of theOSI reference model and is a part of the TCP/IP suite ofprotocols for providing a best effort network layer service.

Best-effort means that the packets sent by IP may be lost,arrive out of order, or even be duplicated. IP assumes higherlayer protocols will address these anomalies.

In IP networks, each computer is identified by one or moreglobally unique IP addresses. The network layer ProtocolsData Units (PDUs) are known as either "packets" or"datagrams".

Each packet carries the IP address of the sending computerand also the address of the intended recipient or recipientsof the packet. Other management information is alsocarried.

Network Layer 4-39

Network Layer

IP addressing: introduction

IP address: 32-bit identifier for host, router interface

interface: connection between host/router and physical link router’s typically have

multiple interfaces host typically has one or

two interfaces (e.g., wired Ethernet, wireless 802.11)

IP addresses associated with each interface

223.1.1.1

223.1.1.2

223.1.1.3

223.1.1.4 223.1.2.9

223.1.2.2

223.1.2.1

223.1.3.2223.1.3.1

223.1.3.27

223.1.1.1 = 11011111 00000001 00000001 00000001

223 1 11

4-40

Network Layer

IP addressing: introduction

Q: how are interfaces actually connected?

223.1.1.1

223.1.1.2

223.1.1.3

223.1.1.4 223.1.2.9

223.1.2.2

223.1.2.1

223.1.3.2223.1.3.1

223.1.3.27

A: wired Ethernet interfaces connected by Ethernet switches

A: wireless WiFi interfaces connected by WiFi base station

For now: don’t need to worry about how one interface is connected to another (with no intervening router)

4-41

IP Addressing (1)

In IP version 4, IP addresses are represented by a 32-bitunsigned binary value. It is usually expressed in a dotteddecimal format. For example, 9.167.5.8 is a valid IPaddress.

To identify a host on the Internet, each host is assigned anaddress, the IP address, or in some cases, the Internetaddress.

When the host is attached to more than one network, itis called multi-homed and has one IP address for eachnetwork interface (at least).

The IP address consists of a pair of numbers: IP address = <network number><host number>

Network Layer 4-42

IP Addressing (2)

The network number (network prefix) portion of the IPaddress is administered by one of three InternationalRegional Internet Registries (RIR).

For example, 128.2.7.9 is an IP address with 128.2 beingthe network number and 7.9 being the host number,according a predefined rule.

The binary format of the IP address 128.2.7.9 is:10000000 00000010 00000111 00001001

IP addresses are used by the IP protocol to uniquelyidentify a host on the Internet.

Each IP datagram contains a source IP address and adestination IP address.

Network Layer 4-43

IP Addressing (3)

To send a datagram to a certain IP destination, the targetIP address must be translated or mapped to a physicaladdress (MAC address).

For example, on LANs, the Address Resolution Protocol(ARP) is used to translate IP addresses to physical MACaddresses.)

There are many approaches used to assign IP addressesfor networks through dividing the addresses to pre-defined classes or predefined network sizes (by definingnumber of hosts per network).

Network Layer 4-44

Class-based IP addresses (1)

In this approach, the address range is divided intofive classes.

The first bits of the IP address specify how therest of the address should be separated into itsnetwork and host part.

The number of bits assigned to the networknumber determines the available number ofnetworks of this class

The number of bits assigned to the host numberdetermines the available number of hosts for onenetwork.

Network Layer 4-45


Network Layer 4-46


Class A addresses: These addresses use 7 bits for the<network> and 24 bits for the <host> portion of the IPaddress. This allows for (126) networks each with(16777214) hosts; a total of over 2 billion addresses. 12.123.12.11 108.123.123.22 89.88.12.33

Class B addresses: They use 14 bits for the<network> and 16 bits for the <host> portion of the IPaddress. This allows for (16382) networks each with(65534) hosts; a total of over 1 billion addresses. 130.123.23.45 190.33.34.66 181.184.22.1

Network Layer 4-47


Class C addresses: They use 21 bits for the<network> and 8 bits for the <host> portion of the IPaddress. That allows for (2097150) networks each with(254) hosts; a total of over half a billion addresses. 193.227.50.11 201.122.123.22 199.33.33.44

Class D addresses: These addresses are reserved formulticasting (a sort of broadcasting, but in a limited area,and only to hosts using the same class D address). 224.0.0.1 224.1.1.1

Class E addresses: They are reserved for future use.

Network Layer 4-48

Class-based IP addresses (5)1

Class A:

Bits:

0NNNNNNN Host Host Host

8 9 16 17 24 25 32

Range (1-126)

1

Class B:

Bits:

10NNNNNN Network Host Host

8 9 16 17 24 25 32

Range (128-191)

1

Class C:

Bits:

110NNNNN Network Network Host

8 9 16 17 24 25 32

Range (192-223)1

Class D:

Bits:

1110MMMM Multicast Group Multicast Group Multicast Group

8 9 16 17 2425 32

Range (224-239)

Network Layer 4-49


The number of small- to medium-sized networks has been growing very rapidly.

It was feared that if this growth had been allowed to continue unabated, all of the available Class B network addresses would have been used by the mid-1990s.

This was termed the IP address exhaustion problem. This issue has been solved in two ways, introducing another IP addressing scheme called IPV6 and the other by further dividing IP classes into sub-classes or more precisely, sub-networks.

Network Layer 4-50

Reserved IP addresses

A component of an IP address with a value all bits 0 or all bits 1 has a special meaning: All bits 0: An address with all bits zero in the host number

portion is interpreted as this host (IP address with <hostaddress>=0). All bits zero in the network number portion meansthis network (IP address with <network address>=0).

All bits 1: An address with all bits one is interpretedas all networks or all hosts. For example,128.2.255.255 means all hosts on network 128.2 (classB address): This is called a directed broadcast address.

Loopback: The class A network 127.0.0.0 is defined asthe loopback network. Addresses from that network areassigned to interfaces that process data within the localsystem.

Network Layer 4-51

Intranets - private IP addresses

Another approach to conserve the IP address space isAddress Allocation for Private Internets.

This relaxes the rule that IP addresses must be globallyunique. It reserves part of the global address space for usein networks that do not require connectivity to theInternet.

Three ranges of addresses have been reserved for thispurpose: 10.0.0.0: A single Class A network. 172.16.0.0 to 172.31.0.0: 16 contiguous Class B networks. 192.168.0.0 to 192.168.255.0: 256 contiguous Class C nets.

Hosts having only a private IP address do not have direct IP layerconnectivity to the Internet. All connectivity to external Internethosts must be provided with application gateways such as proxy or(Network Address Translation) NAT servers.

Network Layer 4-52

IP subnets (1)

Due to the explosive growth of the Internet, the principleof assigned IP addresses became too inflexible

To avoid having to request additional IP networkaddresses, the concept of IP subnetting was introduced.

The assignment of subnets is done locally. The entirenetwork still appears as one IP network to the outsideworld.

The host number part of the IP address is subdivided intoa second network number and a host number. Thissecond network is termed a subnetwork or subnet.

The main network now consists of a number of subnets.The IP address is interpreted as:

<network number><subnet number><host number>

Network Layer 4-53

Network Layer

Subnets

IP address Host part:subnet part - high order bitshost part - low order bits

what’s a subnet ?device interfaces with same subnet part of IP address can physically reach each other without intervening router

network consisting of 3 subnets

223.1.1.1

223.1.1.3

223.1.1.4 223.1.2.9

223.1.3.2223.1.3.1

subnet

223.1.1.2

223.1.3.27223.1.2.2

223.1.2.1

4-54

Network Layer

how many? 223.1.1.1

223.1.1.3

223.1.1.4

223.1.2.2223.1.2.1

223.1.2.6

223.1.3.2223.1.3.1

223.1.3.27

223.1.1.2

223.1.7.0

223.1.7.1223.1.8.0223.1.8.1

223.1.9.1

223.1.9.2

Subnets

4-55

IP subnets (2)

The division is done using a 32-bit subnet mask. Bits with a value of zero bits in the subnet mask indicate

positions ascribed to the host number. Bits with a value of one indicate positions ascribed to the

subnet number. Like IP addresses, subnet masks are usually written in

dotted decimal form. Examples:

A class A network 10.10.2.0 with subnet mask 255.255.255.0 isdivided into (256) subnets each contains (256-2) hosts.

A class C network 193.22.50.0 with subnet mask 255.255.255.192is divided into (4) subnets each contains (64-2) hosts.

This a fixed size subnetting.

Network Layer 4-56

Using Variable Length Subnet-mask (VLSM) (1)

Limitation of using only a single subnet mask across agiven network-prefix was that an organization is lockedinto a fixed-number of fixed-sized subnets.

VLSM allows an organization to use more than one subnetmask within the same network address space. It is oftenreferred to as ‘subnetting a subnet’, and can be used tomaximize addressing efficiency.

This procedure gives us what is also called “ClasslessInter-Domain Routing” (CIDR) The network portion of the address is determined by the

network subnet mask or prefix-length (/8, /19, etc.) The first octet (first two bits) of the network address (or

network-prefix) is NOT used to determine the network and host portion of the network address.

Network Layer 4-57

Network Layer

IP addressing: CIDR

CIDR: Classless InterDomain Routing subnet portion of address of arbitrary length address format: a.b.c.d/x, where x is # bits in

subnet portion of address

11001000 00010111 00010000 00000000

subnetpart

hostpart

200.23.16.0/23

4-58


Example: 10.0.0.0/8 “subnetted using /16”Subnet 1st host Last host Broadcast10.0.0.0/16 10.0.0.1 10.0.255.254 10.0.255.25510.1.0.0/16 10.1.0.1 10.1.255.254 10.1.255.255 10.2.0.0/16 “sub-subnetted using /24”

Subnet 1st host Last host Broadcast10.2.0.0/24 10.2.0.1 10.2.0.254 10.2.0.25510.2.1.0/24 10.2.1.1 10.2.1.254 10.2.1.25510.2.2.0/24 10.2.2.1 10.2.2.254 10.2.2.255 Etc.10.2.255.0/24 10.2.255.1 10.2.255.254 10.2.255.255

10.3.0.0/16 10.3.0.1 10.3.255.254 10.0.255.255Etc.

10.255.0.0/16 10.255.0.1 10.255.255.254 10.255.255.255

Network Layer 4-59


Example: 207.21.24.0/24 network subnetted into eight /27 (255.255.255.224) subnets

• This network has seven /27 subnets with 30 hosts each ANDeight /30 subnets with 2 hosts each.

• /30 subnets are very useful for serial networks.

207.21.24.192/27 subnet, subnetted into eight /30 (255.255.255.252) subnets

Network Layer 4-60


Example for subnetting and VLSM:• Site A has two Ethernet networks• Site B has one Ethernet network• Site C has one Ethernet network

We have207.21.24.0 /24

How many network addresses are needed?How many hosts are needed for the largest LAN?How many bits need to be borrowed to address this

network (i.e. what is the subnet mask used)?

Site A Site B Site C

25 users 25 users 10 users 8 users

Network Layer 4-61


1. Addressing a Network with Standard Subnettinga. we need 4 LANs and 2 WANs

• We have 207.21.24.0 /24



b. With fixed subnetting a subnet must offer number of hosts no less than 25

host.

c. Borrowing 3 bits will meet the current needs of the company, but it leaves little room for growth.

d. Each network will have 30 usable addresses, including the point-to-point WAN links (which only require two addresses).

Subnet # Subnet AddressBits Masked

0 207.21.24.0 /271 207.21.24.32 /272 207.21.24.64 /273 207.21.24.96 /274 207.21.24.128 /275 207.21.24.160 /276 207.21.24.192 /277 207.21.24.224 /27

Network Layer 4-62


To begin subnetting this network using VLSM, identify the LAN with the largest number of hosts.

Subnet the address 207.21.24.0 /24 based on this information to /27 subnets. Subnet 1 & 2 can be used to address Site A Ethernet networks. Subnet 5 can be subnetted to accommodate Site B & C Ethernet

networks. Subnet 6 can be subnetted to accommodate the WAN links



WAN links

Sub-subnet 0 207.21.24.192 /30Sub-subnet 1 207.21.24.196 /30Sub-subnet 2 207.21.24.200 /30Sub-subnet 3 207.21.24.204 /30Sub-subnet 4 207.21.24.208 /30Sub-subnet 5 207.21.24.212 /30Sub-subnet 6 207.21.24.216 /30Sub-subnet 7 207.21.24.220 /30

Free Addresses

WAN 1 & 2

Subnet # Subnet Address

0 207.21.24.0 /271 207.21.24.32 /272 207.21.24.64 /273 207.21.24.96 /274 207.21.24.128 /275 207.21.24.160 /276 207.21.24.192 /277 207.21.24.224 /27

Site A

Free Addresses

Site B & C

Network Layer 4-63


Through applying VLSM, the topology was able tobe addressed and still have two complete subnetsavailable for future growth.



207.21.24.196 /30207.21.24.192 /30

207.21.24.176 /28207.21.24.160 /28207.21.24.64 /27207.21.24.32 /27

Network Layer 4-64


Exercise 1 Your company has been assigned IP network 195.39.71.0

/24. Given that headquarters (60 hosts) is connected tofive branch offices (12 hosts each) by a WAN link, and toan ISP (the ISP owns the addresses on that link),determine an appropriate IP addressing scheme.

Headquarters

Branch 1

60 users

12 users 12 users 12 users 12 users 12 usersBranch 2 Branch 3 Branch 4 Branch 5

ISP

Network Layer 4-65


Address provided by ISP195.39.71.64 /26

195.39.71.128/28 195.39.71.144/28 195.39.71.160/28 195.39.71.176/28 195.39.71.192/28

Network Layer 4-66

Network Layer

IP addresses: how to get one?

Q: How does a host get IP address?

hard-coded by system admin in a file Windows: control-panel->network->configuration-

>tcp/ip->properties UNIX: /etc/rc.config

DHCP: Dynamic Host Configuration Protocol: dynamically get address from as server “plug-and-play”

4-67

Network Layer

DHCP: Dynamic Host Configuration Protocol

goal: allow host to dynamically obtain its IP address from network server when it joins network can renew its lease on address in use allows reuse of addresses (only hold address while

connected/“on”) support for mobile users who want to join network (more

shortly)DHCP overview: host broadcasts “DHCP discover” msg [optional] DHCP server responds with “DHCP offer” msg [optional] host requests IP address: “DHCP request” msg DHCP server sends address: “DHCP ack” msg

4-68

Network Layer

DHCP client-server scenario

223.1.1.0/24

223.1.2.0/24

223.1.3.0/24

223.1.1.1

223.1.1.3

223.1.1.4 223.1.2.9

223.1.3.2223.1.3.1

223.1.1.2

223.1.3.27223.1.2.2

223.1.2.1

DHCPserver

arriving DHCPclient needs address in thisnetwork

4-69

Network Layer

DHCP server: 223.1.2.5 arrivingclient

DHCP discover

src : 0.0.0.0, 68 dest.: 255.255.255.255,67

yiaddr: 0.0.0.0transaction ID: 654

DHCP offer

src: 223.1.2.5, 67 dest: 255.255.255.255, 68

yiaddrr: 223.1.2.4transaction ID: 654lifetime: 3600 secs

DHCP request

src: 0.0.0.0, 68 dest:: 255.255.255.255, 67


DHCP ACK

src: 223.1.2.5, 67 dest: 255.255.255.255, 68


DHCP client-server scenario

Broadcast: is there a DHCP server out there?

Broadcast: I’m a DHCP server! Here’s an IP address you can use

Broadcast: OK. I’ll take that IP address!

Broadcast: OK. You’ve got that IP address!

4-70

Network Layer

DHCP: more than IP addresses

DHCP can return more than just allocated IP address on subnet: address of first-hop router for client name and IP address of DNS sever network mask (indicating network versus host portion

of address)

4-71

Network Layer

connecting laptop needs its IP address, addr of first-hop router, addr of DNS server: use DHCP

router with DHCP server built into router

DHCP request encapsulated in UDP, encapsulated in IP, encapsulated in 802.1 Ethernet

Ethernet frame broadcast (dest: FFFFFFFFFFFF) on LAN, received at router running DHCP server

Ethernet demuxed to IP demuxed, UDP demuxed to DHCP

168.1.1.1

DHCPUDP

IPEthPhy

DHCP

DHCP

DHCP

DHCP

DHCP

DHCPUDP

IPEthPhy

DHCP

DHCP

DHCP

DHCPDHCP

DHCP: example

4-72

Network Layer

DHCP server formulates DHCP ACK containing client’s IP address, IP address of first-hop router for client, name & IP address of DNS server

encapsulation of DHCP server, frame forwarded to client, demuxing up to DHCP at client

DHCP: example

router with DHCP server built into router

DHCP

DHCP

DHCP

DHCP

DHCPUDP

IPEthPhy

DHCP

DHCPUDP

IPEthPhy

DHCP

DHCP

DHCP

DHCP

client now knows its IP address, name and IP address of DSN server, IP address of its first-hop router

4-73

Network Layer

IP addresses: how to get one?

Q: how does network get subnet part of IP addr?A: gets allocated portion of its provider ISP’s address

space

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23

... ….. …. ….

Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

4-74

Network Layer

IP addressing: the last word...

Q: how does an ISP get block of addresses?A: ICANN: Internet Corporation for Assigned

Names and Numbers http://www.icann.org/ allocates addresses manages DNS assigns domain names, resolves disputes

4-75

Network Layer

NAT: network address translation

10.0.0.1

10.0.0.2

10.0.0.3

10.0.0.4

138.76.29.7

local network(e.g., home network)

10.0.0/24

rest ofInternet

datagrams with source or destination in this networkhave 10.0.0/24 address for source, destination (as usual)

all datagrams leaving localnetwork have same single

source NAT IP address: 138.76.29.7,different source

port numbers4-76

Network Layer

motivation: local network uses just one IP address as far as outside world is concerned: range of addresses not needed from ISP: just one

IP address for all devices can change addresses of devices in local network

without notifying outside world can change ISP without changing addresses of

devices in local network devices inside local net not explicitly addressable,

visible by outside world (a security plus)


4-77

Network Layer

implementation: NAT router must:

outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #)

. . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr

remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair

incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table


4-78

Network Layer

10.0.0.1

10.0.0.2

10.0.0.3

S: 10.0.0.1, 3345D: 128.119.40.186, 80

1

10.0.0.4

138.76.29.7

1: host 10.0.0.1 sends datagram to 128.119.40.186, 80

NAT translation tableWAN side addr LAN side addr

138.76.29.7, 5001 10.0.0.1, 3345…… ……

S: 128.119.40.186, 80 D: 10.0.0.1, 3345 4

S: 138.76.29.7, 5001D: 128.119.40.186, 802

2: NAT routerchanges datagramsource addr from10.0.0.1, 3345 to138.76.29.7, 5001,updates table

S: 128.119.40.186, 80 D: 138.76.29.7, 5001 3

3: reply arrivesdest. address:138.76.29.7, 5001

4: NAT routerchanges datagramdest addr from138.76.29.7, 5001 to 10.0.0.1, 3345


4-79

Network Layer

16-bit port-number field: 60,000 simultaneous connections with a single

LAN-side address! NAT is controversial: routers should only process up to layer 3 violates end-to-end argument

• NAT possibility must be taken into account by app designers, e.g., P2P applications

address shortage should instead be solved by IPv6


4-80

Network Layer







Chapter 4: outline

4-81

Network Layer

ICMP: internet control message protocol

used by hosts & routers to communicate network-level information error reporting:

unreachable host, network, port, protocol

echo request/reply (used by ping)

network-layer “above” IP: ICMP msgs carried in IP

datagrams

ICMP message: type, code plus first 8 bytes of IP datagram causing error

Type Code description0 0 echo reply (ping)3 0 dest. network unreachable3 1 dest host unreachable3 2 dest protocol unreachable3 3 dest port unreachable3 6 dest network unknown3 7 dest host unknown4 0 source quench (congestion

control - not used)8 0 echo request (ping)9 0 route advertisement10 0 router discovery11 0 TTL expired12 0 bad IP header

4-82

Network Layer

Traceroute and ICMP source sends series of

UDP segments to dest first set has TTL =1 second set has TTL=2, etc. unlikely port number

when nth set of datagrams arrives to nth router: router discards datagrams and sends source ICMP

messages (type 11, code 0) ICMP messages includes

name of router & IP address

when ICMP messages arrives, source records RTTs

stopping criteria: UDP segment eventually

arrives at destination host destination returns ICMP “port unreachable”message (type 3, code 3)

source stops

3 probes

3 probes

3 probes

4-83

Network Layer

IPv6: motivation initial motivation: 32-bit address space soon to be

completely allocated. additional motivation: header format helps speed processing/forwarding header changes to facilitate QoS

IPv6 datagram format: fixed-length 40 byte header no fragmentation allowed 128-bit addressing

4-84

Network Layer







Chapter 4: outline

4-85

Network Layer

1

23

IP destination address in arriving packet’s header

routing algorithm

local forwarding tabledest address output link

address-range 1address-range 2address-range 3address-range 4

3221

Interplay between routing, forwarding

routing algorithm determinesend-end-path through network

forwarding table determineslocal forwarding at this router

4-86

1

23

Dest IP

routing algorithms

local forwarding tableprefix output port

138.16.64/22124.12/16

212/8…………..

324…

How does entry get in forwarding table?

entry

Network Layer 4-87

High-level overview1. Router becomes aware of prefix2. Router determines output port for prefix3. Router enters prefix-port in forwarding table

How does entry get in forwarding table?

Network Layer 4-88

Routing and Routing protocols

Routing algorithms are used to build and maintain the IProuting table on a device.

There are two primary methods used to build the routingtable: Static routing: Static routing use preprogrammed definitions

representing paths through the network. Dynamic routing: Dynamic routing algorithms allow routers to

automatically discover and maintain awareness of the paths through the network. This automatic discovery can use a number of currently available dynamic routing protocols. They can be classified into three broad categories:

• Distance vector protocols• Link state protocols• Hybrid (Hierarchal) protocols

Network Layer 4-89

Network Layer

Routing algorithm classification

Q: global or decentralized information?

global: all routers have complete

topology, link cost info “link state” algorithmsdecentralized: router knows physically-

connected neighbors, link costs to neighbors

iterative process of computation, exchange of info with neighbors

“distance vector” algorithms

Q: static or dynamic?static: routes change slowly over

timedynamic: routes change more

quickly periodic update in response to link

cost changes

4-90

Network Layer

Comparison of LS and DV algorithms

message complexity LS: with n nodes, E links, O(nE)

msgs sent DV: exchange between neighbors

only convergence time varies

speed of convergence LS: O(n2) algorithm requires

O(nE) msgs may have oscillations

DV: convergence time varies may be routing loops count-to-infinity problem

robustness: what happens if router malfunctions?

LS: node can advertise incorrect

link cost each node computes only its

own table

DV: DV node can advertise

incorrect path cost each node’s table used by

others • error propagate thru

network

4-91

Static Routing (1)

Static routing is manually performed by the networkadministrator.

The administrator is responsible for discovering andpropagating routes through the network.

These definitions are manually programmed in everyrouting device in the environment.

Once a device has been configured, it simply forwardspackets out the predetermined ports. There is nocommunication between routers regarding the currenttopology of the network.

Normally, static routes are used only in simple networktopologies.

Network Layer 4-92

Static Routing (2)

In small networks, this process is relatively simpleto administer. However, there are severaldisadvantages to this approach for maintaining IProuting tables: Static routes require a considerable amount of coordination and

maintenance in non-trivial network environments. Static routes cannot dynamically adapt to the current operational

state of the network. If a destination subnetwork becomes unreachable, the static

routes pointing to that network remain in the routing table. Traffic continues to be forwarded toward that destination.

Unless the network administrator updates the static routes to reflect the new topology, traffic is unable to use any alternate paths that may exist.

Network Layer 4-93

Static Routing (3)

An example of constructing a routing table using static routing is givenhere.

180.10.0.0 E1

E010.0.0.0

0

0

110.0.0.0 S0 2….

180.10.0.0 S0

S010.0.0.0

1

1

110.0.0.0 S1 1….

180.10.0.0 S0

S010.0.0.0

2

2

110.0.0.0 E1 0….

Network Layer 4-94

Distance Vector Routing (1)

Distance vector algorithms are examples of dynamicrouting protocols which allow each device in the networkto automatically build and maintain a local routing table.

The principle behind distance vector routing is that: Each router in the internetwork maintains the distance or cost from itself

to every known destination. This value represents the overall desirability of the path. Paths associated

with a smaller cost value are more attractive to use than paths associated with a larger value. The path represented by the smallest cost becomes the preferred path to reach the destination.

This information is maintained in a distance vector table. The table is periodically advertised to each neighboring router. Each router processes these advertisements to determine the best paths

through the network.

Network Layer 4-95

Distance Vector Routing (2)

The main advantage of distance vector algorithms is thatthey are typically easy to implement and debug. They arevery useful in small networks with limited redundancy.

However, there are several disadvantages with this type ofprotocol due to the length of time for every device in thenetwork to produce an accurate routing table that iscalled the convergence time.

While the routing tables are converging, networks aresusceptible to inconsistent routing behavior. This cancause routing loops or other types of unstable packetforwarding.

Routing Information Protocol (RIP) and BorderGateway Protocol (BGP) are two popular examples ofdistance vector routing protocols.

Network Layer 4-96

Link state routing (1)

The growth in the size and complexity of networks inrecent years has necessitated the development of morerobust routing algorithms. These algorithms address theshortcoming observed in distance vector protocols.

These algorithms use the principle of a link state todetermine network topology.

A link state is the description of an interface on a router(for example, IP address, subnet mask, type of network)and its relationship to neighboring routers.

The collection of these link states forms a link statedatabase.

The process used by link state algorithms to determinenetwork topology is straightforward:

Network Layer 4-97

Link state routing (2)

Each router identifies all other routing devices on the directlyconnected networks.

Each router advertises a list of all directly connected networklinks and the associated cost of each link. This is performedthrough the exchange of link state advertisements (LSAs) withother routers in the network.

Using these advertisements, each router creates a databasedetailing the current network topology. The topology database ineach router is identical.

Each router uses the information in the topology database tocompute the most desirable routes to each destination network.This information is used to update the IP routing table.

Open Shortest-Path First (OSPF) algorithm is oneexample of such class of dynamic routingprotocols.

Network Layer 4-98

Network Layer

Hierarchical routing

scale: with 600 million destinations:

can’t store all dest’s in routing tables!

routing table exchange would swamp links!

administrative autonomy internet = network of

networks each network admin may

want to control routing in its own network

our routing study thus far - idealization all routers identical network “flat”… not true in practice

4-99

Network Layer

aggregate routers into regions, “autonomous systems” (AS)

routers in same AS run same routing protocol “intra-AS” routing

protocol routers in different AS

can run different intra-AS routing protocol

gateway router: at “edge” of its own AS has link to router in

another AS

Hierarchical routing

4-100

Network Layer

3b

1d

3a

1c2aAS3

AS1

AS21a

2c2b

1b

Intra-ASRouting algorithm

Inter-ASRouting algorithm

Forwardingtable

3c

Interconnected ASes

forwarding table configured by both intra-and inter-AS routing algorithm intra-AS sets entries

for internal dests inter-AS & intra-AS

sets entries for external dests

4-101

Network Layer

Intra-AS Routing

also known as interior gateway protocols (IGP) most common intra-AS routing protocols: RIP: Routing Information Protocol OSPF: Open Shortest Path First IGRP: Interior Gateway Routing Protocol

(Cisco proprietary)

4-102

Network Layer







Chapter 4: outline

4-103

Network Layer

R1

R2

R3 R4

sourceduplication

R1

R2

R3 R4

in-networkduplication

duplicatecreation/transmissionduplicate

duplicate

Broadcast routing deliver packets from source to all other nodes source duplication is inefficient:

source duplication: how does source determine recipient addresses?

4-104

Network Layer

In-network duplication

flooding: when node receives broadcast packet, sends copy to all neighbors problems: cycles & broadcast storm

controlled flooding: node only broadcasts pkt if it hasn’t broadcast same packet before node keeps track of packet ids already broadacsted or reverse path forwarding (RPF): only forward packet

if it arrived on shortest path between node and source spanning tree: no redundant packets received by any node

4-105

Network Layer

A

B

G

DE

c

F

A

B

G

DE

c

F

(a) broadcast initiated at A (b) broadcast initiated at D

Spanning tree

first construct a spanning tree nodes then forward/make copies only along

spanning tree

4-106

Address Resolution Protocol (ARP) (1)

The (ARP) is used to map IP network addresses to thehardware addresses used by a data link protocol such asIP-to-MAC mapping in Ethernet networks.

The term address resolution refers to the process offinding an address of a computer in a network.

The ARP client and server processes operate on allcomputers using IP over Ethernet.

The address resolution procedure is started by sending apiece of information by a client process on the localcomputer to a server process executing on a remotecomputer; The procedure is completed when the clientreceives a response from the server containing therequired address.

Network Layer 4-107


There are four types of ARP messages that may be sent by the ARP protocol. These are identified by four values in the "operation" field of an ARP message. The types of message are:1. ARP request 2. ARP reply 3. RARP request 4. RARP reply

To reduce the number of address resolution requests, aclient normally caches resolved addresses for a (short)period of time.

The ARP cache is therefore periodically flushed of allentries. This deletes unused and incorrect entries andfrees space in the cache.

Network Layer 4-108


The process of ARP may be summarized asfollows: The ARP client must first be used to identify the MAC

address of the remote computer if it is known. The ARP client sends a request message ("who is

X.X.X.X tell Y.Y.Y.Y", where X.X.X.X and Y.Y.Y.Y areIP addresses) using the Ethernet broadcast address,and an Ethernet protocol type of value 0x806 (ARPprotocol number). Since it is broadcast, it is receivedby all systems in the same collision domain (LAN).

This is ensures that the target of the query will receivea copy of the query. Only this system responds. Theother systems discard the packet silently.

Network Layer 4-109


The target system forms an ARP response ("X.X.X.Xis hh:hh:hh:hh:hh:hh", where hh:hh:hh:hh:hh:hh is theEthernet source address of the target computer).

This packet is unicast to the address of the computerwas sent the query (in this case Y.Y.Y.Y). Since theoriginal request also included the hardware address(Ethernet source address) of the requesting computer,this is already known, and doesn't require another ARPmessage to find this out.

The ARP client of the querying computer will store therequired MAC address in its cache for future use.

The reverse address resolution (RARP) is performedthe same way as the ARP address resolution. The samepacket format is used as for ARP.

Network Layer 4-110


Hardware Type: indicates the physical address type (for Ethernet is1).

Protocol Type: contains the protocol address type (for IP is 0x800). Hardware Address Length: the physical address length (for

Ethernet is 6). Protocol Address Length: the protocol address length (for IPv4 is

4). Operation: is the command; in our case we'll see ARP Request and

ARP Replay Sender HA, IP: the H/W and IP address of the sender Target HA, IP: the H/W and IP address of the target

Network Layer 4-111

Network Layer



datagram format, IPv4 addressing, ICMP, IPv6

4.5 routing algorithms link state, distance vector,

hierarchical routing

4.6 routing in the Internet RIP, OSPF, BGP


4.8 Address Resolution Protocol

Chapter 4: done!

understand principles behind network layer services: network layer service models, forwarding versus routing

how a router works, routing (path selection), broadcast, multicast

instantiation, implementation in the Internet

4-112

chapter 4 2015.ppt - eced mansoura « academic site · a note on the use of these ppt slides: ......

Documents