COMP 3331/9331:
Computer Networks and
Applications
Week 8 Network Layer Part 2
Reading Guide: Chapter 4: Sections 4.3 & 4.4
Network Layer
Assignment Due Soon
v HARD Deadline: 16th Sept (Fri)
v MAKE SURE YOUR CODE WORKS ON A CSE MACHINE
v Remember to disable all debugging output
v Remember to submit report
v 2 Bonus marks can be used to cover lost marks in any assessable component
v Assignment 2 to be released next week (deadline: Friday, Week 13)
Network Layer 2
Network Layer: outline
4.1 introduction
4.2 virtual circuit and datagram networks
4.3 what’s inside a router
4.4 IP: Internet Protocol
§ datagram format § IPv4 addressing § ICMP
§ IPv6
4.5 routing algorithms § link state
§ distance vector
§ hierarchical routing
4.6 routing in the Internet § RIP
§ OSPF § BGP
4.7 broadcast and multicast routing
Network Layer 3
IP addressing: introduction
v IP address: 32-bit identifier for host, router
223.1.1.1
interface
223.1.1.2
223.1.1.4
223.1.2.1 223.1.2.9
v interface: connection between host/router and physical link
§ router’s typically have multiple interfaces
§ host typically has one or two interfaces (e.g., wired Ethernet, wireless 802.11)
v IP addresses associated with each interface
223.1.1.3
223.1.3.27
223.1.3.1
223.1.2.2
223.1.3.2
223.1.1.1 = 11011111 00000001 00000001 00000001 223 1 1 1
Network Layer 4
IP addressing: introduction
223.1.1.1
223.1.1.2
A: wired Ethernet interfaces connected by Ethernet switches
For now: don’t need to worry about how one interface is connected to another (with no intervening router)
Q: how are interfaces actually connected?
223.1.2.1 223.1.2.9
A: we’ll learn about that in the link layer
223.1.1.4
223.1.1.3
223.1.3.27
223.1.3.1
223.1.2.2
223.1.3.2
A: wireless WiFi interfaces connected by WiFi base station
Network Layer 5
Subnets v IP address:
§ subnet part – high order bits
§ host part – low order bits
v what’s a subnet ?
§ device interfaces with same subnet part of IP address
§ can physically reach each other without intervening router
223.1.1.1
223.1.1.2
223.1.2.1
223.1.1.4 223.1.2.9
223.1.3.27 223.1.2.2
subnet
223.1.3.2
223.1.1.3
223.1.3.1
network consisting of 3 subnets
Network Layer 6
Subnets
recipe
v to determine the subnets, detach each interface from its host or router, creating islands of isolated networks
v each isolated network is called a subnet
223.1.1.0/24
223.1.1.1
223.1.1.2
223.1.2.0/24
223.1.2.1
223.1.1.4 223.1.2.9
223.1.3.27 223.1.2.2
223.1.1.3
223.1.3.1
subnet
223.1.3.2
223.1.3.0/24
subnet mask: /24
Network Layer 7
Subnets 223.1.1.2
how many?
223.1.1.1
223.1.9.2 223.1.7.0
223.1.9.1
223.1.8.1 223.1.8.0
223.1.1.4
223.1.1.3
223.1.2.1
223.1.2.6 223.1.2.2
223.1.7.1
223.1.3.27 223.1.3.1 223.1.3.2
Network Layer 8
Original Internet Addresses
v First eight bits: network address (/8) v Last 24 bits: host address
Assumed 256 networks were more than enough!
Network Layer 9
Next Design: “Classful” Addressing
v Three main classes 0
§ Class A
0 16
§ Class B
8
126 nets ~16M hosts
~16K nets ~65K hosts
~2M nets 254 hosts
0
network
host
1
0
network
host
0
24
1
1
0
network
host
§ Class C
Problem: Networks only come in three sizes!
Network Layer 10
Today’s addressing: CIDR
CIDR: Classless InterDomain Routing
§ subnet portion of address of arbitrary length
§ address format: a.b.c.d/x, where x is # bits in subnet portion of address
subnet part
host part
200.23.17.255
11001000 00010111 00010000 00000000 200.23.16.0/23
/23
IP address
200.23.16.0 Network Layer 11
Subnet Address
223.1.1.0/24
223.1.2.0/24
v Subnet Mask
B: 223.1.1.2
§ Used in conjunction to with the network address to indicate how many higher order bits are used for the network part of the address (i.e. network prefix)
• Bit-wise AND
§ 223.1.1.0/24 is equivalent to 223.1.1.0 with subnet mask 255. 255. 255. 0
v Broadcast Address § host part is all 111’s § E.g. 223.1.1.255
v Subnet Address
§ Host part is all 0000’s § E.g. 223.1.1.0
v Both of these are not assigned
223.1.3.0/24
Host B
Dot-decimal address
Binary
IP address
223.1.1.2
11111101.00000001.00000001.00000010
Subnet Mask
255.255.255.0
11111111.11111111.11111111.00000000
Network Part
223.1.1.0
11111101.00000001.00000001.00000000
Host Part
0.0.0.2
00000000.00000000.00000000.00000010
Network Layer 12
IP addresses: how to get one?
Q: How does a host get IP address?
v hard-coded by system admin in a file
§ Windows: control-panel->network->configuration->tcp/ ip->properties
§ UNIX: /etc/rc.config
v DHCP: Dynamic Host Configuration Protocol:
dynamically get address from as server § “plug-and-play”
Network Layer 13
DHCP: Dynamic Host Configuration Protocol
goal: allow host to dynamically obtain its IP address from network server when it joins network
§ can renew its lease on address in use
§ allows reuse of addresses (only hold address while
connected/“on”)
§ support for mobile users who want to join network (more
shortly)
DHCP overview:
§ host broadcasts “DHCP discover” msg
§ DHCP server responds with “DHCP offer” msg § host requests IP address: “DHCP request” msg § DHCP server sends address: “DHCP ack” msg
Network Layer 14
DHCP client-server scenario
223.1.1.0/24
223.1.1.1
DHCP server
223.1.2.9
223.1.2.1
223.1.1.2 223.1.1.4
arriving DHCP client needs address in this network
223.1.1.3
223.1.3.1
223.1.3.27
223.1.2.2
223.1.2.0/24
223.1.3.2
223.1.3.0/24
Network Layer 15
DHCP client-server scenario
DHCP server: 223.1.2.5
DHCP discover
DHCP offer
arriving client
src : 0.0.0.0, 68
dest.: 255.255.255.255,67 yiaddr: 0.0.0.0 transaction ID: 654
DHCP request
src: 0.0.0.0, 68
dest:: 255.255.255.255, 67 yiaddrr: 223.1.2.4 transaction ID: 655
lifetime: 3600 secs
src: 223.1.2.5, 67
dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 654 lifetime: 3600 secs
DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 transaction ID: 655 lifetime: 3600 secs
Network Layer 16
DHCP: more than IP addresses
DHCP can return more than just allocated IP address on subnet:
§ address of first-hop router for client
§ name and IP address of DNS sever
§ network mask (indicating network versus host portion of address)
Network Layer 17
DHCP: example
DHCP
DHCP
v connecting laptop needs its IP address, addr of first-hop router, addr of DNS server: use DHCP
v DHCP request encapsulated in UDP, encapsulated in IP, encapsulated in 802.1 Ethernet
v Ethernet frame broadcast (dest: FFFFFFFFFFFF) on LAN, received at router running DHCP server
v Ethernet demuxed to IP demuxed, UDP demuxed to DHCP
UDP
DHCP
DHCP
IP
Eth
DHCP
Phy
DHCP
DHCP
DHCP
UDP
DHCP
DHCP
IP Eth Phy
168.1.1.1
router with DHCP server built into router
DHCP
Network Layer 18
DHCP: example
IP Eth Phy
IP router with DHCP Eth server built into Phy router
v DCP server formulates DHCP ACK containing client’s IP address, IP address of first-hop router for client, name & IP address of DNS server
v encapsulation of DHCP server, frame forwarded to client, demuxing up to DHCP at client
v client now knows its IP address, name and IP address of DSN server, IP address of its first-hop router
DHCP
DHCP
UDP
DHCP
DHCP
DHCP
DHCP
DHCP
UDP
DHCP
DHCP
DHCP
DHCP
Network Layer 19
DHCP: Wireshark output (home LAN)
request
Message type: Boot Request (1) Hardware type: Ethernet Hardware address length: 6 Hops: 0
Transaction ID: 0x6b3a11b7
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Request Option: (61) Client identifier
Length: 7; Value: 010016D323688A;
Hardware type: Ethernet
Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)
Option: (t=50,l=4) Requested IP Address = 192.168.1.101 Option: (t=12,l=5) Host Name = “nomad”
Option: (55) Parameter Request List
Length: 11; Value: 010F03062C2E2F1F21F92B
1 = Subnet Mask; 15 = Domain Name 3 = Router; 6 = Domain Name Server 44 = NetBIOS over TCP/IP Name Server ……
Message type: Boot Reply (2) Hardware type: Ethernet Hardware address length: 6 Hops: 0
Transaction ID: 0x6b3a11b7
reply
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
Client IP address: 192.168.1.101 (192.168.1.101)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 192.168.1.1 (192.168.1.1)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP ACK Option: (t=54,l=4) Server Identifier = 192.168.1.1 Option: (t=1,l=4) Subnet Mask = 255.255.255.0
Option: (t=3,l=4) Router = 192.168.1.1
Option: (6) Domain Name Server
Length: 12; Value: 445747E2445749F244574092; IP Address: 68.87.71.226;
IP Address: 68.87.73.242;
IP Address: 68.87.64.146
Option: (t=15,l=20) Domain Name = “hsd1.ma.comcast.net.”
Network Layer 20
DHCP: further details
v DHCP uses UDP and port numbers 67 (server side) and 68 (client side)
v Usually the MAC address is used to identify clients § DHCP server can be configured with a “registered list” of
acceptable MAC addresses
v DHCP offer message includes ip address, length of lease, subnet mask, DNS servers, default gateway
v DHCP security holes
§ DoS attack by exhausting pool of IP addresses § Masquerading as a DHCP server
§ Authentication for DHCP – RFC 3118
Network Layer 21
IP addresses: how to get one?
Q: how does network get subnet part of IP addr?
A: gets allocated portion of its provider ISP’s address
space
ISP’s block
Organization 0 Organization 1 Organization 2
… Organization 7
11001000 00010111 00010000 00000000
11001000 00010111 00010000 00000000 11001000 00010111 00010010 00000000 11001000 00010111 00010100 00000000
….. …. 11001000 00010111 00011110 00000000
200.23.16.0/20
200.23.16.0/23 200.23.18.0/23 200.23.20.0/23
…. 200.23.30.0/23
Network Layer 22
CIDR: Addresses allocated in contiguous prefix chunks
Recursively break down chunks as get closer to host
12.0.0.0/15 12.2.0.0/16 12.3.0.0/16
:
12.3.0.0/22 : 12.3.4.0/24 :
12.0.0.0/8
:
: 12.3.254.0/23
:
: 12.253.0.0/19 12.253.32.0/19
12.253.0.0/16 :
12.253.64.0/19
12.253.64.108/30 12.253.96.0/18 12.253.128.0/17
Network Layer 23
Hierarchical addressing: route aggregation
hierarchical addressing allows efficient advertisement of routing information:
Organization 0
200.23.16.0/23
Organization 1
200.23.18.0/23 Organization 2
. .
“Send me anything with addresses beginning 200.23.16.0/20”
“Send me anything with addresses beginning 199.31.0.0/16”
Internet
200.23.20.0/23
. Organization 7 .
200.23.30.0/23
Fly-By-Night-ISP
ISPs-R-Us
Network Layer 24
Quiz: What should we do if organization 1 decides to switch to ISPs-R-Us
Organization 0
200.23.16.0/23
Organization 1
200.23.18.0/23 Organization 2
. .
“Send me anything with addresses beginning 200.23.16.0/20”
“Send me anything with addresses beginning 199.31.0.0/16”
Internet
200.23.20.0/23
. Organization 7 .
200.23.30.0/23
Fly-By-Night-ISP
ISPs-R-Us
A: Move 200.23.18.0/23 to ISPs-R-Us (and break up Fly-By-Night’s/20 block).
B: Give new addresses to Organization 1 (and force them to change all their addresses) C: Some other solution
Network Layer 25
Hierarchical addressing: more specific routes
ISPs-R-Us has a more specific route to Organization 1
Organization 0 200.23.16.0/23
Organization 2 200.23.20.0/23
. Organization 7 .
200.23.30.0/23
Organization 1 200.23.18.0/23
. .
Fly-By-Night-ISP
ISPs-R-Us
Longest prefix matching
“Send me anything with addresses beginning 200.23.16.0/20”
Internet
“Send me anything
with addresses beginning 199.31.0.0/16 or 200.23.18.0/23”
Network Layer 26
Example: continued
v But how will this work?
v Routers in the Internet will have two entries in
their tables
§ 200.23.16.0/20 (Fly-by-Night-ISP) § 200.23.18.0/23 (ISPs-R-Us)
v Longest prefix match
200.23.31.255
5
White Paper on IP addresses linked to page – Very informative
/20 200.23.19.25
200.23.18.0
200.23.16.0
IP address
Network Layer 27
/23
More on IP addresses
v IP addresses are allocated as blocks and have geographical significance
v It is possible to determine the geographical location of an IP address
Source: www.xkcd.com
http://www.geobytes.com/IpLocator.htm
Network Layer
28
IP addressing: the last word…
Q: how does an ISP get block of addresses?
A: ICANN: Internet Corporation for Assigned
Names and Numbers http://www.icann.org/ § allocates addresses
§ manages DNS
§ assigns domain names, resolves disputes
v Regional Internet Registries (RIR) act as intermediaries
§ RIPE NCC (Riseaux IP Europiens Network Coordination Center) for Europe, Middle East, Africa
§ APNIC (Asia Pacific Network Information Center) for Asia and Pacific
§ ARIN (American Registry for Interent Numbers) for the Americas, Caribbean, sub-Saharan Africa
§ LACNIC (Latin America and Caribbean) Network Layer 29
Made-up Example in More Detail
v ICANN gives APNIC several /8s
v APNIC gives Telstra one /8, 129.0/8
§ Network Prefix: 10000001
v Telstra gives UNSW a /16, 129.94/16
§ Network Prefix: 1000000101011110
v UNSW gives CSE a /24, 12.197.242/24
§ Network Prefix: 100000010101111011110010 v CSE gives me a specific address 129.94.242.51
§ Address: 10000001010111101111001000110011
Network Layer 30
Quiz: Header Fields
v
A. B. C. D. E.
Which of the following fields is not part of either a TCP or UDP header?
Source port Source IP address Receive window
Length Checksum
Network Layer 31
Quiz: DHCP
v What transport protocol does DHCP use? A. UDP
B. TCP
C. IP
D. HTTP
Network Layer 32
Quiz: IP Addressing
v How many IP addresses belong to the subnet 128.119.254.0/25 ? What are the IP addresses at the two end-points of this range ?
Answer: 27 = 128 addresses (126 are usable)
subnet part
host part
128.119.254.127
10000000 01110111 11111110 00000000 128.119.254.0/25
/25
IP address
128.119.254.0 Network Layer 33
Quiz: Subnets
v How many subnets are there in this network?
223.1.2.1
223.1.2.6
223.1.8.1
223.1.2.2
223.1.8.0
223.1.3.1
223.1.3.27 223.1.3.2
Network Layer 34
Quiz: Subnets
v The two subnets 128.119.245.129/25 and 128.119.245.4/26 have overlapping IP addresses.
A. True B. False
subnet part
host part
10000000 01110111 11111110 10000001
128.119.254.129/25
subnet part
host part
10000000 01110111 11111110 00000100 128.119.254.4/26
Network Layer 35
Network Layer 4-36
Private Addresses
v Defined in RFC 1918:
– 10.0.0./8 (16,777,216 hosts)
– 172.16.0.0/12 (1,048,576 hosts) – 192.168.0.0/16 (65536 hosts)
v These addresses cannot be routed – Anyone can use them
– Often used for NAT
Network Layer 37
NAT: network address translation
rest of Internet
local network (e.g., home network) 10.0.0/24
10.0.0.4
10.0.0.1 10.0.0.2
10.0.0.3
all datagrams leaving local network have same single source NAT IP address: 138.76.29.7,different source port numbers
datagrams with source or destination in this network have 10.0.0/24 address for source, destination (as usual)
138.76.29.7
Network Layer 38
NAT: network address translation
implementation: NAT router must:
§ outgoing datagrams: replace (source IP address, port #) of
every outgoing datagram to (NAT IP address, new port #)
. . . remote clients/servers will respond using (NAT IP address, new port #) as destination addr
§ remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair
§ incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table
Network Layer 39
NAT: network address translation
2: NAT router changes datagram source addr from 10.0.0.1, 3345 to 138.76.29.7, 5001, updates table
2
3: reply arrives dest. address: 138.76.29.7, 5001
1: host 10.0.0.1 sends datagram to 128.119.40.186, 80
NAT translation table
WAN side addr
138.76.29.7, 5001
……
LAN side addr
10.0.0.1, 3345
……
S: 10.0.0.1, 3345
D: 128.119.40.186, 80
S: 138.76.29.7, 5001 D: 128.119.40.186, 80
10.0.0.4
138.76.29.7
3
1
4
10.0.0.1 10.0.0.2
10.0.0.3
S: 128.119.40.186, 80 D: 10.0.0.1, 3345
S: 128.119.40.186, 80 D: 138.76.29.7, 5001
4: NAT router
changes datagram
dest addr from
138.76.29.7, 5001 to 10.0.0.1, 3345
Network Layer 40
NAT Advantages
Local network uses just one IP address as far as outside world is concerned:
§ rangeofaddressesnotneededfromISP: justone IP address for all devices
§ can change addresses of devices in local network without notifying outside world
§ can change ISP without changing addresses of devices in local network
Network Layer 41
Quiz: NAT
v Devices inside the local network are not explicitly addressable or visible by outside world.
A: This is an advantage B: This is a disadvantage
Network Layer 42
NAT: network address translation
v 16-bit port-number field:
§ 60,000 simultaneous connections with a single
LAN-side address! v NAT is controversial:
§ routers should only process up to layer 3 § violates end-to-end argument
• NAT possibility must be taken into account by app designers, e.g., P2P applications
§ address shortage should instead be solved by IPv6
Network Layer 43
NAT: Practical Issues
v NAT modifies port # and IP address
§ RequiresrecalculationofTCPandIPchecksum
v Some applications embed IP address or port numbers in their message payloads
§ DNS, FTP (PORT command), SIP, H.323
§ For legacy protocols, NAT must look into these packets and translate the embedded IP addresses/port numbers
§ Duh, What if these fields are encrypted ?? (SSL/TLS, IPSEC, etc)
§ Q: In some cases why may NAT need to change TCP sequence number??
v If applications change port numbers periodically, the NAT must be aware of this
v NAT Traversal Problems
§ E.g: How to setup a server behind a NAT router?
§ How to talk to a Skype user behind a NAT router?
§ Possibleworkaroundsinnextfewslides
NetworkLayer 44
NAT traversal problem
v client wants to connect to server with address 10.0.0.1
§ server address 10.0.0.1 local to
LAN (client can’t use it as
destination addr) ?
10.0.0.1
10.0.0.4
NAT router
client
§ only one externally visible NATed address: 138.76.29.7
v solution1: statically configure NAT to forward incoming connection requests at given port to server
§ e.g., (123.76.29.7, port 2500) always forwarded to 10.0.0.1 port 25000
138.76.29.7
Network Layer 45
NAT traversal problem
v solution 2: Universal Plug and Play (UPnP) Internet Gateway Device (IGD) Protocol. Allows NATed host to:
v learn public IP address (138. 76. 29. 7)
v add/remove port mappings (with lease times)
i.e., automate static NAT port map configuration
10.0.0.1
IGD
NAT router
Network Layer 46
NAT traversal problem
v solution 3: relaying (used in Skype)
§ NATed client establishes connection to relay § external client connects to relay
§ relay bridges packets between to connections
2. connection to relay initiated
by client
client
1. connection to relay initiated
by NATed host
138.76.29.7
10.0.0.1
3. relaying established
NAT router
Network Layer 47
NAT: Devil in the details
v Despite the problems, NAT has been widely deployed
v Most protocols can be successfully passed through a NAT, including
VPN
v Modern hardware can easily perform NAT functions at > 100 Mbps
v IPv6 is still not widely deployed commercially, so the need for NAT is real
v After years of refusing to work on NAT, the IETF has been developing “NAT control protocols” for hosts
v Lot of practical variations
§ Full-cone NAT, Restricted Cone NAT, Port Restricted Cone NAT, Symmetric NAT, …..
• The devil is in the detail
v External link under lecture notes for further reading (not examinable)
Network Layer 48
Network Layer: outline
4.1 introduction
4.2 virtual circuit and datagram networks
4.3 what’s inside a router
4.4 IP: Internet Protocol
§ datagram format § IPv4 addressing § ICMP
§ IPv6
4.5 routing algorithms § link state
§ distance vector
§ hierarchical routing
4.6 routing in the Internet § RIP
§ OSPF § BGP
4.7 broadcast and multicast routing
Network Layer 49
ICMP: internet control message protocol
v used by hosts & routers to communicate network- level information
§ error reporting: unreachable host, network, port, protocol
§ echo request/reply (used by ping)
v network-layer “above” IP: § ICMP msgs carried in IP
datagrams
v ICMP message: type, code plus first 8 bytes of IP datagram causing error
Type Code description
0 0
3 0
3 1
3 2
3 3
3 6
3 7
4 0
echo reply (ping)
dest. network unreachable dest host unreachable dest protocol unreachable dest port unreachable
dest network unknown dest host unknown
source quench (congestion control – not used)
echo request (ping)
route advertisement
router discovery
8 0
9 0
10 0
110 TTL expired 120 bad IP header
Network Layer 50
Traceroute and ICMP
v source sends series of UDP segments to dest
§ first set has TTL =1
§ second set has TTL=2, etc. § unlikely port number
v when nth set of datagrams arrives to nth router:
§ router discards datagrams
§ and sends source ICMP
messages (type 11, code 0)
§ ICMP messages includes name of router & IP address
v when ICMP messages arrives, source records RTTs
stopping criteria:
v UDP segment eventually arrives at destination host
v destination returns ICMP “port unreachable” message (type 3, code 3)
v source stops
3 probes
3 probes 3 probes
Network Layer 51
IPv6: motivation
v initial motivation: 32-bit address space soon to be completely allocated.
v additional motivation:
§ header format helps speed processing/forwarding § header changes to facilitate QoS
IPv6 datagram format:
§ fixed-length 40 byte header § no fragmentation allowed
https://www.google.com/intl/en/ipv6/statistics.html
Network Layer 52
IPv6 datagram format
priority: identify priority among datagrams in flow (traffic class) flow Label: identify datagrams in same “flow.”
(concept of“flow” not well defined). next header: identify upper layer protocol for data
ver
pri
flow label
payload len
source address (128 bits)
destination address (128 bits)
data
next hdr
hop limit
32 bits
Network Layer 53
Other changes from IPv4
v checksum: removed entirely to reduce processing time at each hop
v options: allowed, but outside of header, indicated by “Next Header” field
v ICMPv6: new version of ICMP
§ additional message types, e.g. “Packet Too Big” § multicast group management functions
Network Layer 54
Transition from IPv4 to IPv6
v not all routers can be upgraded simultaneously
§ no “flag days”
§ how will network operate with mixed IPv4 and IPv6 routers?
v tunneling: IPv6 datagram carried as payload in IPv4 datagram among IPv4 routers
IPv4 header fields
IPv4 source, dest addr
IPv6 header fields
IPv6 source dest addr
UDP/TCP payload
IPv6 datagram
IPv4 datagram
IPv4 payload
Network Layer 55
Tunneling
A B
IPv6 IPv6
IPv4 tunnel E connecting IPv6 routers
F
logical view:
physical view:
IPv6 IPv6
ABCDEF
IPv6 IPv6 IPv4 IPv4 IPv6 IPv6
Network Layer 56
Tunneling
A B
IPv6 IPv6
IPv4 tunnel E connecting IPv6 routers
F
logical view:
physical view:
IPv6 IPv6
ABCDEF
IPv6
IPv6 IPv4
IPv4 IPv6 IPv6
flow: X src: A dest: F
data
src:B dest: E
Flow: X Src: A Dest: F
data
src:B dest: E
flow: X src: A dest: F
data
Flow: X Src: A Dest: F
data
A-to-B: IPv6
B-to-C: IPv6 inside IPv4
B-to-C: E-to-F: IPv6 inside IPv6
IPv4
Network Layer 57
Quiz: NAT
v
A host with a private IP address 192.168.0.2
opens a TCP socket on its local port 4567 and connects to a web server at 34.5.6.7. The NAT’s public IP address is 22.33.44.55. Which of the following mapping entries could the NAT create
as a result? 22.33.44.55 192.168.0.2
[22.33.44.55, 3333]à[192.168.0.2, 80] [34.5.6.7, 80] à [22.33.44.55, 4567] [192.168.0.2, 80]à[34.5.6.7, 4567]
A. B. C. D.
NAT router
[22.33.44.55, 3967]à[192.168.0.2, 4567]
34.5.6.7
Network Layer 58
Quiz: NAT
v
A host with a private IP address 192. 168. 0. 2 opens a
socket on its local port 4567 and connects to a web
server at 34.5.6.7. The NAT’s public IP address is
22.33.44.55. Suppose the NAT created the mapping
[22.33.44.55, 3967]à[192.168.0.2, 4567] as a result.
TCP
What are the source and destination port numbers in the
SYNACK response from the server? 80, 3967
4567, 80
3967, 80
3967, 4567
22.33.44.55
NAT router
192.168.0.2
A. B. C. D.
34.5.6.7
Network Layer 59
Quiz: IPv6
v Which of the following is not true?
A. IPv6 increases the size of the IP address space
from 2^32 to 2^128.
B. IPv6 removes checksums and fragmentation compared to IPv4.
C. IPv6 has fixed length headers.
D. IPv6 adds reliability at the network layer.
Network Layer 60
Network Layer: outline
4.1 introduction
4.2 virtual circuit and datagram networks
4.3 what’s inside a router
4.4 IP: Internet Protocol § datagram format
§ IPv4 addressing
§ ICMP
§ IPv6
4.5 routing algorithms § link state
§ distance vector
§ hierarchical routing
4.6 routing in the Internet § RIP
§ OSPF § BGP
4.7 broadcast and multicast routing
Network Layer 61
IP Routers
v Core building block of the Internet infrastructure
v $120B+ industry
v Vendors: Cisco, Huawei, Juniper, Alcatel-Lucent (account for >90%)
Network Layer 62
Router definitions
1 N
N-1
2 3
…
5
R bits/sec 4
• N = number of external router “ports” • R = speed (“line rate”) of a port
• Router capacity = N x R
Network Layer 63
Networks and routers
UNSW
home,
small business
Optus
core
edge (ISP)
core
edge (enterprise)
IBM
UoW
Network Layer 64
Examples of routers (core)
Juniper T4000
• R= 10/40 Gbps • NR=4Tbps
Cisco CRS
• R=10/40/100 Gbps • NR = 322 Tbps
72 racks, 1MW
Network Layer 65
Examples of routers (edge)
Cisco ASR 1006
• R=1/10 Gbps • NR = 40 Gbps
Juniper M120
• R= 2.5/10 Gbps • NR = 120 Gbps
Network Layer 66
Examples of routers (small business)
Cisco 3945E
• R = 10/100/1000 Mbps • NR < 10 Gbps
Network Layer 67
What’s inside a router?
Input and Output for
the same port are on one
physical linecard
Processes packets
Linecards (output)
before they leave
2
Transfers packets
from input to
output ports
Processes packets on their way in
Linecards (input)
Route/Control Processor
1
Interconnect (Switching) Fabric
1
2
N
N
Network Layer 68
What’s inside a router?
Linecards (input)
(1) Implement IGP
and BGP protocols; (2) Push forwarding
compute routing tables tables to the line cards
Linecards (output)
Route/Control Processor
1
2
Interconnect (Switching) Fabric
1
2
N
N
Network Layer 69
What’s inside a router?
Linecards (input)
Constitutes the control plane
Constitutes the data plane
Linecards (output)
Route/Control Processor
1
2
Interconnect Fabric
1
2
N
N
Network Layer 70
Input Linecards
v Tasks
§ Receive incoming packets (physical layer stuff)
§ Update the IP header
• TTL, Checksum, Options (maybe), Fragment (maybe)
§ Lookup the output port for the destination IP address in the
Forwarding Table using Longest Prefix Matching
§ Queue the packet at the switch fabric
v Challenge: speed!
§ 100B packets @ 40Gbpsànew packet every 20 nano secs!
v Typically implemented with specialized hardware § ASICs, specialised “network processors”
§ “exception” processing often done at control processor
Network Layer 71
l
l l
Output Linecard
Packet classification: map each packet to a “flow”
l Flow (for now): set of packets between two particular endpoints
Buffer management: decide when and which packet to drop Scheduler: decide when and which packet to transmit
Buffer management
flow 1 flow 2
flow n
Classifier
Scheduler
1 2
Network Layer 72
Output Linecard
l Packet classification: map each packet to a “flow”
l Flow (for now): set of packets between two particular endpoints
l Buffer management: decide when and which packet to drop l Scheduler: decide when and which packet to transmit
l Used to implement various forms of policy
l Deny all e-mail traffic from ISP-X to Y (access control)
l Route IP telephony traffic from X to Y via Z (policy)
l Ensure that no more than 50 Mbps are injected from ISP-X (QoS)
Network Layer 73
Simplest: FIFO Router
v No classification
v Drop-tail buffer management: when buffer is full drop the
incoming packet
v First-In-First-Out (FIFO) Scheduling: schedule packets in the same order they arrive
Buffer
Scheduler
1 2
Network Layer 74
Packet Classification
v Classify an IP packet based on a number of fields in the packet header, e.g.,
§ source/destination IP address (32 bits)
§ source/destination TCP port number (16 bits) § Type of service (TOS) byte (8 bits)
§ Type of protocol (8 bits)
v In general fields are specified by range
§ classification requires a multi-dimensional range search!
Buffer management
flow 1 flow 2
flow n
Classifier
Scheduler
1 2
Network Layer 75
Scheduler
v One queue per “flow”
v Scheduler decides when and from which queue to send a
packet
v Goals of a scheduling algorithm: § Fast!
§ Depends on the policy being implemented (fairness, priority, etc.)
Buffer management
flow 1 flow 2
flow n
Classifier
Scheduler
1 2
Network Layer 76
Example: Priority Scheduler
v Priority scheduler: packets in the highest priority queue are always served before the packets in lower priority queues
High priority
Medium priority
Low priority
Priority Scheduler
Network Layer 77
Example: Round Robin Scheduler
v Round robin: packets are served from each queue in turn
High priority
Medium priority
Low priority
Fair Scheduler
Network Layer 78
Bursty Loss From Drop-Tail Queuing
v TCP depends on packet loss
§ Packet loss is indica