* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download ch4
Point-to-Point Protocol over Ethernet wikipedia , lookup
Dynamic Host Configuration Protocol wikipedia , lookup
Asynchronous Transfer Mode wikipedia , lookup
Internet protocol suite wikipedia , lookup
Distributed firewall wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Network tap wikipedia , lookup
Deep packet inspection wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Computer network wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Airborne Networking wikipedia , lookup
Wake-on-LAN wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
COM 360 1 Chapter 4 Internetworking 2 Interconnecting Networks Problem: There’s more than one network • Problems of Heterogeneity and Scale – Heterogeneity- users on one type of network want to be able to communicate with users on other types of networks. – Internet Protocol(IP) and how it is used to build heterogeneous, scalable networks. – Principle of Routing- finding loop-free paths – The problem of the growth of the Internet- going from IPv4 to IPv6 3 Simple Internetworking • What is an internetwork? • Internetworks or internets (with lower case i) are large, highly heterogeneous networks with reasonably efficient routing. • They are a collection of networks that are interconnected to provide host-to-host packet delivery service. • With a capital ‘I’ the Internet refers to the global Internetwork. 4 What is an Internetwork? • What is the difference between networks, subnets and internets? – A network is a directly connected or switched network, which uses a single technology (802.5, Ethernet, or ATM) and represents a physical network. – A subnet uses single IP address to denote multiple physical addresses. – An internet is a collection of networks or logical networks, built out of a collection of physical networks. 5 A Simple Internetwork • An internetwork is referred to as a “network of networks” because it is made up of many smaller networks. • For example, an internetwork can connect Ethernets, FDDI rings and Point-to-links (See next slide) • The nodes that connect them are called routers (and sometimes gateways) • The Internet Protocol is the tool used to build heterogenous internetworks. 6 A Simple Internetwork Netw ork 1 (Ethernet) H1 H2 H7 H3 R3 H8 Netw ork 4 (point-to-point) Netw ork 2 (Ethernet) R1 R2 H4 Netw ork 3 (FDDI) H5 HN = host H6 Rn = router 7 Internet Protocol (IP) • IP is the tool used to build scalable, heterogeneous internetworks. • Originally called the Kahn-Cerf protocol after its inventors. • IP runs on all the hosts and routers and defines the infrastructure that allows them to function as a single network. 8 A Simple Internetwork H1 H8 TCP R1 IP ETH R2 IP ETH R3 IP FDDI FDDI IP PPP PPP TCP IP ETH ETH Shows Protocol layers used to connect H1 to H8 ETH is the Protocol that runs over the Ethernet 9 Service Model • When you build an internet, start by defining the service model, or the host-to-host services that you want to provide, over each of the underlying physical networks. – An addressing scheme, which provides a way to identify all hosts in the internet – A datagram (connectionless) model of data delivery. • This service model is called best effort, because although IP makes every effort to deliver datagrams, it makes no guarantees. 10 Datagram Delivery • IP datagram is fundamental to the Internet Protocol • A datagram is a type of packet that is sent in a connectionless manner over a network. • Every datagram carries enough information to let the network forward the packet to its destination. • No set up mechanism is needed – just send it and the network tries to get it to its destination. 11 Best Effort Delivery • If something goes wrong and a packet gets lost, corrupted or misdelivered, or in any way fails to reach its destination, the network does nothing. It is called unreliable service. • Best-effort, connectionless service is the simplest service for an internetwork. • Keeping the routers as simple as possible was one of the original design goals of IP. • The ability of IP to “run over anything” is its most important characteristic. 12 Data Transmission and Frames • • • • • • IP internet layer: Constructs datagram Determines next hop Hands to network interface layer Network interface layer: Binds next hop address to hardware address Prepares datagram for transmission But ... hardware frame doesn't understand IP; how is datagram transmitted? 13 Datagram Encapsulation • Network interface layer encapsulates IP datagram as data area in hardware frame • Hardware ignores IP datagram format • Standards for encapsulation describe details • Standard defines data type for IP datagram, as well as others (e.g., ARP) • Receiving protocol stack interprets data area based on frame type 14 Encapsulation in a Hardware Frame 15 Transmission Across an Internet Each router in the path from the source to the destination: Unencapsulates incoming datagram from frame Processes datagram - determines next hop Encapsulates datagram in outgoing frame Datagram may be encapsulated in different hardware format at each hop • Datagram itself is (almost!) unchanged 16 Datagram Transmission 17 Datagram Delivery • A datagram is fundamental to the IP portocol • A datagram is sent in a connectionless manner over a network • “Best effort” – if something goes wrong, the network does nothing. • Simples type of service- keeping routers simple was one of the design goals • Ability of IP to “run over anything”- main advantage (even a network of carrier pigeons!??) 18 IP Packets • Part of the IP service model is the type of packets it can carry. • IP datagram consists of a header followed by the number of bytes of data. • These are usually represented by 32-bit words, where the top word and the leftmost words are transmitted first. 19 IPv4 Packet Header 0 4 Version 8 HLen 16 TOS 31 Length Ident TTL 19 Flags Protocol Offset Checksum SourceAddr DestinationAddr Options (variable) Pad (variable) Data 20 Packet Format • There are some subtle features of this simple model: – The Version field specifies the current IP version, called IPv4. Putting it first makes it easy to define everything else. – HLEN specifies the length of the header (about 5 words or 20 bytes). – TOS- is the Type of Service field – The LENGTH field (in bytes)- length of datagram, including the header 21 Packet Format • TTL- is the Time to Live field, set to a specific number (64 is current default) which the routers would then decrement, until it reached 0. It purpose is to discard packets that have been circling around and to discard them. • Protocol field identifies the higher level protocol (TCP, UDP) to which this packet should be passed. • Checksum- add the entire header and take the ones complement of the result. 22 Packet Format • SourceAddr- Source Address –enables a recipient to reply • DestinationAddr - Destination Address – this is key to the delivery of the datagram • IP defines its own global address space, independent of the physical network • There are also optional fields, which are rarely used. 23 Fragmentation and Reassembly • Each network technology has its own maximum packet size: – (Ethernet –1500 bytes, FDDI- 4500 bytes) • Two choices for the IP service model: – Make sure all IP datagams are small enough or – Provide a means by which packets can be fragmented and reassembled, when they are too big to be sent though a network technology 24 Fragmentation and Reassembly • Every network has a maximum transmission unit (MTU), which is the largest IP datagram that it can carry in a frame. • This value is smaller than the largest network packet size, because it must fit into the payload of the data link layer frame. • When a host sends a datagram it can choose any size. A reasonable choice is the MTU of the network to which it is directly attached. 25 Datagram Fragmentation • Router uses local MTU to compute the size of each fragment and puts part of the original data in each fragment and rest of the information in the header. 26 Fragmentation and Reassembly • Fragmentation will be necessary if the path to the destination includes a destination with a smaller MTU. • Fragmentation typically occurs in a router (in IPv4). • To enable the fragments to be reassembled at the receiver, each datagram carries the same identifier in the ident field. • The unique identifier is chosen by the sender. • If all fragments do not arrive at the receiver, it discards all datagram fragments and does not attempt to recover them. 27 Fragment Loss IP may drop fragment What happens to original datagram? Destination drops entire original datagram How does destination identify lost fragment? Sets timer with each fragment If timer expires before all fragments arrive, fragment assumed lost Datagram dropped Source (application layer protocol) assumed to retransmit 28 IP Datagram Traversing the Sequence of Physical Networks H1 R1 R1 ETH IP (1400) R2 R2 FDDI IP (1400) R3 R3 H8 PPP IP (512) ETH IP (512) PPP IP (512) ETH IP (512) PPP IP (376) ETH IP (376) This is what happens when H1 sends a datagram to H8. Assume 1500 bytes for an Ethernet, 4500 for FDDI, 532 for PPP. The datagram is broken into 3 fragments at router 2, which are then forwarded. 29 Fragments • Each fragment is a self-contained IP datagram that is transmitted over physical networks, independent of the other fragments. • Each IP datagram is re-encapsulated for each physical network over which it travels. • Fragmentation is done in 8 byte chunks. • The router sets the M bit in the FLAGS field to indicate there are more fragments, and sets the OFFSET field to zero to indicate the first part of the datagram. 30 Header Fields Used in IP Fragmentation (a) Start of header Ident = x 0 Offset = 0 Rest of header 1400 data bytes a) Unfragmented packet Start of header Ident = x 1 Offset = 0 Rest of header 512 data bytes (b) Start of header b) Fragmented packets Ident = x 1 Offset = 64 Rest of header 512 data bytes Start of header Ident = x 0 Offset = 128 Rest of header 376 data bytes 31 Fragmentation • Fragmentation is done in such a way that it could be repeated if a fragment arrived at another network with an even smaller MTU. • The fragments are easily reassembled independent of the order in which they are received. • Reassembly is done at the receiving host and not at each router. Why? • (See p. 243-247 for reassembly code.) 32 Path MTU Discovery • IP reassembly is not a simple process and should be avoided. ( For example, if a fragment is lost, the receiver still tries to reassemble the whole datatgram until it finally must discard it.) • Instead, hosts are encouraged to perform “path MTU discovery” by sending packets small enough to go through the path with the smallest MTU form sender to receiver. It first sends large datagrams, and if they are not successful, then is sends smaller ones, until it discover the smallest MTU from sender to receiver. 33 Global Addresses • Global uniqueness is the first property of an addressing scheme. • Ethernet addresses are flat and without structure. • IP addresses are hierarchical and are made up of several parts that correspond to parts of the network. • IP addresses consist of a network part and a host part. 34 Addresses For the Internet One difference between an internet and a physical network is that an internet is an abstraction imagined by its designers and created by software. • Designers choose addresses, packet formats, and delivery techniques independent of the hardware. One key aspect of virtual network is single, uniform address format Each address must be unique Can't use hardware addresses because different technologies have different address formats. 35 IP Addressing Scheme Addressing in TCP/IP is specified by the Internet Protocol (IP) Each host is assigned a 32-bit number (4 octets, separated by “dots”) –referred to as dotted octet ( e.g. 216.72.32.10) Called the IP address or Internet address Unique across entire Internet • Different from a domain name: linux.sjcny.edu 36 IP Address Hierarchy Each IP address is divided into a prefix and a suffix Prefix identifies network to which computer is attached Suffix identifies computer within that network Each physical network is assigned a unique network number Address format makes routing efficient Each computer is assigned a unique address Network assignments are coordinated globally but suffixes can be assigned locally. 37 IP Addresses • The network part of the IP address identifies the network to which the host is attached • All hosts attached to the same network have the same network part in their IP address. • The host part or suffix, identifies each host uniquely on that network. 38 Classes of IP Addresses Designers chose a compromise - multiple address formats that allow both large and small prefixes Original scheme called classful IP addressing, divided the IP address space into 3 primary classes, where each class had a different size prefix and suffix Each format is called an address class • Class of an address is identified by first four bits 39 IP Addressing Octet (8-bit) boundaries are used to partition an address into prefix and suffix Class A, B and C are primary classes Used for ordinary host addressing Class D is used for multicast, a limited form of broadcast Internet hosts join a multicast group Packets are delivered to all members of group Routers manage delivery of single packet from source to all members of multicast group Used for MBone (multicast backbone) Class E is reserved ( for future use) 40 Computing the Class of an Address IP software computes the class of the destination address when it receives a packet. IP addresses are self-identifying because the class can be computed directly from the first few bits of the address The first 4 (leading) bits of the address denote the class: – Class A begins with 0 – Class B begins with 10 – Class C begins with 110 41 Computing the Class of an Address 42 IP Address Classes Prefix designates the network, suffix designates the host. 43 Primary IP Address Classes 7 (a) 0 24 Netw ork Host 14 (b) 1 0 16 Netw ork 1 1 0 B) Class B Host 21 (c) a) Class A Netw ork 8 Host C) Class C 44 Dotted Decimal Notation Class A, B and C all break between prefix and suffix on byte boundary Dotted decimal notation is a convention for representing 32-bit internet addresses in decimal Convert each byte of address into decimal; separate octet by periods ("dots'') Dotted decimal notation treats each octet as an unsigned binary integer Smallest value is 0.0.0.0 and largest is 255.255.255.255 45 Dotted Decimal Notation What would SJC’s address be in binary ( 216.73.32.0)? 46 Classes and Dotted Decimal Notation While dotted decimal makes separating network address from host address easier, determining class is not so obvious Look at first dotted decimal number, and use this table to calculate the class: 47 Division of Address Space • Addressing scheme is flexible and allows networks of various sizes to be accommodated efficiently • Original idea was that Internet would consist of small number of wide area networks (Class A), a few site (or campus) sized (Class B) networks, and a large number of LANs (Class C) • Additional flexibility was needed and removed some of the distinction between classes present in this “classful” scheme. 48 Division of Address Space IP Class scheme does not yield equal number of networks in each class Class A: First bit must be 0 7 remaining bits identify Class A net 27 (= 128) possible class A nets Number of bits allocated to a prefix or suffix determines how many unique numbers can be assigned A prefix of n bits allows 2n unique network numbers, while a suffix of n bits allows 2n hosts number on a 49 given network Number of Networks and Hosts 50 Authority for Addresses • An organization obtains unique network numbers from an Internet Service Provider (ISP), which coordinates with the Internet Assigned Number Authority. A network administrator can assign prefixes in a private internet. • (See Internic, ICANN, Educause, etc.) 51 Insufficient Addresses Large organizations may not be able to get as many addresses in the Internet as they need Example - UPS needs addresses for millions of computers One solution - set up private internet and allocate addresses from entire 32-bit address space • Others do not use all their assigned addresses • For example, SUNY Stony Brook has a Class B license but probably only uses 3000-40,000 • of its 216 addresses (65,536 possible). 52 A Classful Addressing Scheme Select address class (usually class C) for each network depending on expected number of hosts: Chosen by the internet service provider for the internet Chosen by the network administrator in a private network Assign network numbers from appropriate classes Assign host suffixes to form internet addresses for all hosts 53 Classful Addressing with Private internets • Consider an organization with a private TCP/IP with 4 networks, connected by routers. A prefix is chosen denoting the class (A,B,C) depending on the size of the network; In the next example, there is one Class A network (prefix 10), two class B prefixes (128.100 and 128.211) and one class C (192.5.48). The IP address assigned to the host begins with the prefix assigned to the host's physical network Suffixes, which are assigned by the local network administrator, can be arbitrary numbers, often chosen sequentially. 54 Classful Addressing with Private internets 55 Subnet and Classless Addressing • Two mechanism were invented to overcome the addressing limitations: – 1. – 2. Subnet addressing Classless addressing • These are so closely related that they can be thought of as a single abstraction: instead of having 3 distinct address classes, allow the division between prefix and suffix to occur on an arbitrary bit boundary. 56 Address Masks • How can an IP address be divided at an arbitrary boundary? • It requires an additional piece of information to be stored with each address. This information specifies the exact boundary between the network prefix and the host suffix. 57 Address Masks • To use classless or subnet addressing the routers must store 2 pieces of information: – the 32 bit address and – another 32 bit value that specifies the boundary between the prefix and suffix. • This second value is called the called the subnet mask and 1 bits mark the network prefix and zero bits mark the host portion. This makes computation efficient. 58 Routers and Addresses • Routers compare the network prefix portion of the address to a value in their routing tables. • Suppose a router is given a destination address, D and a pair (A,M) that represents the 32 bit address and the 32 bit subnet mask. • To make the comparison, the router tests the logical "and" condition to set the host bits of address D to zero and then compares the result with the network prefix A: A == ( D & M) 59 Routers and Addresses • For example consider this 32 bit mask: (255.255.0.0 in decimal) 11111111 11111111 00000000 00000000 and the network prefix (128.10.0.0 in decimal): 10000000 00001010 00000000 00000000 • Now consider the 32 bit destination address 128.10.2.3 which has the binary equivalent of 10000000 00001010 00000010 00000011 • The logical "and" between the destination address and the address mask produces the result: 10000000 00001010 00000000 00000000 • which is equal to the prefix 128.10.0.0 60 CIDR (Classless Interdomain Routing) Notation • Inside the computer each address mask is stored as a 32 bit value in binary, which is then expressed in dotted octet notation. • The new CIDR notation append a slash and the size of the mask in decimal notation: For example 128.10.0.0/16 61 CIDR Address Block Example • Suppose an ISP has a single Class B license 128.211.00.0. Using a classful address scheme, he/she can only assign the prefix to one customer, who can have up to 216 host addresses. • Using CIDR, the ISP could assign the entire prefix to a single organization by using 128.211.0.0/16 • Or he could partition the address into three pieces (two of them big enough for 2 customers with 12 computers each and the remainder available for future use. 62 CIDR Address Block Example • One customer could be assigned 128.211.0.16/28 • and the other could be assigned 128.211.0.32/28 • Both customers have the same mask size (28 bits), but the prefixes differ and each has a unique prefix. More importantly the ISP retains most of the addresses, which can then be assigned to other customers. 63 CIDR Host Address 64 Special IP Addresses IP assigned a set of addresses that are reserved and never assigned to hosts: Network Address • IP reserves host address zero and uses it to denote a network. (For example,128.211.0.0 is a Class B network) Direct Broadcast Address • It is formed by adding a suffix consisting of all 1's to the network prefix (For example, 128.211.111.111) Limited Broadcast Address A broadcast on a local physical network (or limited to a "single wire") is used during system startup by a computer that does not yet know the network number. The address with all 1's is a limited broadcast. 65 Special IP Addresses This Computer Address • A computer needs to know its own IP address to send or receive internet packets. The TCP/IP protocol allows a computer to obtain its address automatically but strangely enough, when using these startup protocols the computer cannot supply a correct IP source address. To handle such cases, IP reserves the address that consists of all zeroes to mean "this computer". 66 Special IP Addresses Loopback Address • A loopback address is used to test network applications. IP reserves the network prefix 127 for use with loopback and programmers usually use the host number 1 (forming the address 127.0.0.1) for loopback testing. • During loopback no packets actually leave the machine - the IP software forwards packets from one application program to another on the same computer. Therefore the loopback address never appears in a packet traveling across the network. 67 Summary of Special IP Addresses • Special addresses are reserved and should never be assigned to host computers. • Each special address is restricted to certain uses. 68 Datagram Forwarding in IP • Forwarding is the process of taking a packet from an input and sending it out on the appropriate output. • Routing is the process of building the tables that allow the correct output for a packet to be determined. 69 Bridges, Switches, Routers • All forward messages form one link to another. • Bridges are data link-level nodes and forward frames from one link to another (in a LAN). • Switches are network layer nodes, which forward packets in a switched network. • Routers are internet-level nodes which forward datagrams from one network to another. • Bridges and switches are often called “Layer2 Switches, meaning above the physical and below the internet layer. 70 Datagram Forwarding in IP Main ideas needed to forward IP packets: • Every IP datagram contains the IP address of the destination host. • The network part of the IP address uniquely identifies a single physical network on the larger Internet. • All hosts and routers that share the same network part of their address are connected to the same physical network and can communicate by sending frames over that network. • Every physical network that is part of the Internet has at least one router that is also connected to at least one other network and can exchange packets with hosts or routers on either network. 71 Forwarding An IP Datagram • IP packets are sent from a source to a destination host, possibly passing through several routers. • Any node (host or router) tries to determine if it is connected to the same physical network as the destination, by comparing the network address part of the destination address with the network address part of each interface address. ( Hosts have one address, routers have two or more, since they are connected to multiple networks.) • If there is a match, the destination is on the same network and the packet is delivered. 72 Forwarding An IP Datagram • If the node is not connected to the same physical network as the destination, it sends the datagram to a router, called the next hop router. • The router finds the correct next hop by consulting its forwarding or routing table. • The table is primarily a list of (NetworkNum, NextHop) pairs. • There is usually a default router if none of the entries match the destination’s network number. 73 Forwarding Algorithm if (Destination NetworkNum = = NetworkNum of one of my interfaces) deliver packet to destination over the interface else if (Destination NetworkNum is in my forwarding table) deliver packet to NextHop router else deliver packet to default router. 74 Forwarding Example Netw ork 1 (Ethernet) H1 H2 H7 H3 R3 Netw ork 4 (point-to-point) Netw ork 2 (Ethernet) R1 H8 Suppose H1 wants to send a datagram to H2- on same network sends directly. What about H1 to H8? (R1, R2, R3) R2 Routing table for R2 H4 Netw ork 3 (FDDI) NetworkNum NextHop H5 H6 1 R3 2 R1 75 Forwarding Tables • Simple enough to be manually configured • Usually built by routing protocol • Routers contain tables that list only a set of network numbers, not all the hosts. Sometimes they also contain interface information. 76 Routers and IP Addressing IP address depends on network address What about routers - connected to two networks? IP address specifies an interface, or network attachment point, not a computer Router has multiple IP addresses - one for each interface 77 Principle of Scalability • An important principle of building a scalable is to reduce the amount of information stored in each node. • Most common way to do that is a hierarchical aggregation. IP uses a 2 level hierarchy, with networks at the top level and nodes at the bottom. • Information is aggregated by letting routers deal only with reaching the right network, and the information that a router needs is represented by a single piece of information. 78 Router Implementation • Control processor is responsible for running the routing protocols. • The switching fabric transfers packets from one port to another. • Routers differ from switches: – Must handle variable length packets 79 Block Diagram of a Router Control processor Switching fabric Input port Output port 80 Address Translation (ARP) • IP addresses are virtual because they are maintained by software • Neither LAN nor WAN hardware understands the relationship between – an IP address prefix and a network nor – an IP address suffix and a particular computer • Upper levels of protocol stack use protocol addresses • Network hardware must use hardware address for eventual delivery 81 Address Translation (ARP) • Protocol address must be translated into hardware address for delivery and there are three methods: 1. Used with WAN hardware- uses table look up 2. Uses a mathematical function to translate the addresses 3. Uses a distributed system in which two computers exchange messages 82 Protocol Addresses and Packet Delivery • An application places the data in a packet, which contains the protocol address of the destination • Software in the host or router uses the destination address to select the next hop for the packet and transfers the packet. • Both the next hop and the destination address are IP addresses. • But there is a problem with this! 83 Protocol Addresses and Packet Delivery • Problem: The physical hardware does not understand IP addressing and addresses in a frame must be physical addresses. • Solution: Protocol addresses of next hop must be translated into hardware addresses 84 Address Translation • Address Translation Upper levels use only protocol addresses – – • "Virtual network" addressing scheme Hides hardware details Translation occurs at data link layer – – Upper layer hands down protocol address of destination Data link layer translates into hardware address for use by hardware layer 85 Address Resolution • Finding or mapping or translating hardware address for protocol address: – • • • Called address resolution Data link layer resolves protocol address to hardware address Resolution is local to a network Network component only resolves address for other components on same network 86 Address Resolution 87 Address Resolution Techniques Three techniques are used for address resolution depending on the protocol: • Table lookup – – • Bindings or mappings are stored in a table memory with protocol address as key Data link layer looks up protocol address to find hardware address Closed-form computation – – – – • Protocol address based on hardware address Data link layer computes the hardware address from protocol address by using basic Boolean and arithmetic operatons Simply choose hardware address to be hostid and any host can determine hardware address as: hardware_address = ip_address & 0xff Dynamic Message Exchange – – Network messages used for "just-in-time" resolution Data link layer sends message requesting hardware address; destination responds with its hardware address 88 Address Resolution • • • • • • • A resolves protocol address for B for protocol messages from an application on A sent to an application on B A does not resolve a protocol address for F Through the internet layer, A delivers to F by routing through R1 and R2 A resolves R1 hardware address and sends packet to router. Software on R1 resolves the address for R2 R2 receives the packet and resolves the address for F Network layer on A passes packet containing destination protocol address F for delivery to R1 which forwards it to R2 and then to F 89 Address Translation (ARP) • IP datagrams contain IP addresses, but the host or router to which it is sent only understands network addresses. • Need to translate the IP addresses to link-level addresses. • One solution is to map an IP address to a physical address by encoding the host’s physical address into the host part of the IP address. • More general solution is for each host to maintain a table of address pairs and to map an IP address to a physical address. • Better approach – each host dynamically learns the contents of the table using the network and ARP. 90 Address Translation (ARP) • Goal of Address Resolution Protocol (ARP) is to enable each host on the network to build a table of mappings between IP addresses and data link level addresses. • Set of mappings stored in a host is called the ARP cache or ARP table. • ARP takes advantage of the fact that many technologies support broadcast. 91 ARP Packet Format 0 8 16 Hardware type = 1 HLen = 48 PLen = 32 31 ProtocolType = 0x0800 Operation SourceHardwareAddr (bytes 0 ― 3) SourceHardwareAddr (bytes 4― 5) SourceProtocolAddr (bytes 0― 1) SourceProtocolAddr (bytes 2 ― 3) TargetHardwareAddr (bytes 0― 1) TargetHardwareAddr (bytes 2― 5) TargetProtocolAddr (bytes 0 ― 3) Used to map IP addresses into Ethernet Addresses 92 ARP Message Delivery • • • • • • • • ARP request message dropped into hardware frame and broadcast Uses separate protocol type in hardware frame (ethernet = 806) Sender inserts IP address into message and broadcast Every other computer examines request Computer whose IP address is in request responds, others discard it Puts hardware address in response Unicasts to sender Original requester can then extract hardware address and send IP packet to destination 93 ARP Message Exchange 94 ATMARP • ARP procedure will not work with an ATM network because it depends on the fact that ARP packets can be broadcast to all hosts on a single network. • On solution is to use LAN emulation, which makes an ATM network behave like a shared media LAN. • LAN can be inefficient in a wide area ATM network. • There is a different ARP procedure called ATMARP that does not depend on LAN emulation or broadcast. • ATMARP relies on a server to resolve addresses. 95 Logical IP Subnets • A large ATM can be subdivided into several smaller subnets, which behaves like a single network. • All nodes on the same subnet have the same IP network number and can communicate directly. • An advantage of the LIS model is that we can connect a large number of hosts and routers to a big ATM network with out necessarily giving them all addresses from the same IP network. • This makes it easier to manage address assignment and improves scalability 96 Logical IP Subnets R 10.0.0.2 12.0.0.3 10.0.0.1 12.0.0.5 H1 LIS 10 LIS 12 H2 ATM netw ork An example of an ATP network divided into two LIS. One has an IP address of 10 and the other is 12. 97 Summary of Basic IP Mechanisms • Heterogeneity-IP defines best effort service based on unreliable datagrams: 1. Uses a common packet format with fragmentation and reassembly 2. Uses a common global address space and ARP for identifying all hosts • Scalability-IP hierarchical aggregation reduces the amount of information needed to forward packets. IP addresses are partitioned into network and host components. Packets are routed first to a network and then delivered to the correct host on that network. 98 Host Configuration (DHCP) • Ethernet addresses are configured into the NIC card by the manufacturer and assures that these addresses are unique. • IP addresses, by contrast, must be unique on an internetwork, and also must reflect the structure of that network with a network part and a host part. • A host also needs the address of a default router- the place to which it can send packets. • Dynamic Host Configuration Protocol (DHCP) 99 Host Configuration (DHCP) • Most operating systems provide a way to manually configure the IP information needed by a host, but there are disadvantages to this: 1. This is a lot of work 2. It is error prone, since every host must get a unique number • • Usually automated methods are required, using a protocol called Dynamic Host Configuration Protocol (DHCP). There is at least one DHCP server that is the central repository for the host configuration information. 100 Host Configuration (DHCP) • DHCP relies on a server that is responsible for providing configuration information to hosts. • Configuration information for each host is stored in the server and automatically retrieved when it is booted or connected to the network. • Administrator can assign addresses or allow the DHCP server to maintain an available pool of addresses that it provides to hosts on demand. 101 Host Configuration (DHCP) • First problem faced by DHCP server is that of server discovery. • To contact an DHCP server, a newly booted or attached host sends a DHCPDISCOVER message to a special IP address (25.255.255.255) that is an IP broadcast address. • It is received by all hosts an routers on the network. (Routers do not forward these packets beyond this network.) • The server would reply to the host and the other nodes would ignore it. 102 Relay Agent • Since requiring a DHCP server on every network would need a large number of servers, the DHCP uses the concept of a relay agent. • There is at least one relay agent on each network and it is configured with just one piece of information- the IP address of the DHCP server. • When it receives a DHCPDISCOVER message, it unicasts to the DHCP server and waits for the response which it sends back to the requesting 103 client. DHCP Unicast to server DHCP relay Other netw orks DHCP server Broadcast Host A DHCP relay agent receives a broadcast DHCPDISCOVER message from a host and sends a unicast DHCPDISCOVER message to the DHCP server. 104 DHCP Packet • A DHCP packet is actually sent using a protocol called UDP (User Datagram Protocol) that runs over IP. • The UDP packet provides a demultiplexing key that says “This is a DHCP packet.” • Client puts its address in the chaddr field. • DHCP server responds by filling in the yiaddr field (“your” IP address). These addresses are “leased” and the host needs to renew the lease if it is still connected. • Other information such as the default router can be included in the options field. 105 DHCP Packet Format Operation HType HLen Hops Xid Secs Flags ciaddr yiaddr siaddr giaddr chaddr (16 bytes) sname (64 bytes) file (128 bytes) options 106 DHCP Management • By allowing network managers to configure a range of IP addresses per network rather than one IP address per host, DHCP improves the manageability of the network. • DHCP may also introduce some more complexity to the network since it makes binding between physical hosts and IP addresses more dynamic. • This makes the manager’s job more difficult when it is necessary to locate a malfunctioning host. 107 Error Reporting (ICMP) • How does the Internet treat errors? • IP drops datagrams when a fragment fails to arrive at a destination. • It has a companion protocol, called the Internet Control Message Protocol (ICMP), that defines a collection of error messages that are sent back to the source when an router or host is unable to process a datagram successfully. • Examples: host is unreachable, TTL is 0, header checksum failed, etc. 108 ICMP Messages 109 Error Reporting (ICMP) • ICMP also defines other control messages that a router can send back to a source host. • ICMP-Redirect tells the source host that there is a better route to the destination. • The source host adds this new route to its forwarding table and uses it for future datagrams addressed to that destination. 110 ICMP Transport ICMP uses IP to transport an error message Router creates the datagram and encapsulates the ICMP message in the datagram. 111 Using ICMP Messages to Test Reachability An internet host, A, is reachable from another host, B, if datagrams can be delivered from A to B The ping program tests reachability - sends datagram from B to A that A echoes back to B Ping uses ICMP echo request and echo reply messages • Internet layer includes code to reply to incoming ICMP echo request messages 112 Using ICMP To Trace a Route List of all routers on path from A to B is called the route from A • to B traceroute uses UDP (User Datagram Protocol) to nonexistent port and TTL field to find route via expanding ring search Sends ICMP echo messages with increasing TTL Router that decrements TTL to 0 sends ICMP time exceeded message, with router's address as source address First, with TTL 1, gets to first router, which discards and sends time exceeded message Next, with TTL 1, gets through first router to second router Continue until message from destination received traceroute must accommodate varying network delays 113 Must also accommodate dynamically changing routes Using ICMP For Path MTU Discovery Fragmentation should be avoided How can source configure outgoing datagrams to avoid fragmentation? Source determines path MTU - smallest network MTU on path from source to destination Source probes path using IP datagrams with don't fragment flag Router responds with ICMP fragmentation required message • Source sends smaller probes until destination 114 reached Virtual Networks and Tunnels • On most internets, it is possible for nodes to communicate with other nodes on different networks. • There are situations, where controlled connectivity s required- these are virtual private networks (VPN). • Communication is restricted to take place only among these sites (often of a corporation), providing security. 115 Virtual Private Networks • To make a private network virtual, the leased transmission lines, that are not shared, are replaced by some sort of shared network. • A Virtual Circuit is a reasonable replacement because it provides a logical point-to-point connection between two sites. 116 Virtual Private Networks C a) Two separate private networks Physical links A B Corporation X private netw ork K L M Corporation Y private netw ork (a) b) Two virtual private networks sharing common switches K C L Physical links A M B Virtual circuits (b) 117 Virtual Private Networks and Tunnels • Two separate corporations may migrate to a virtual circuit network. • The limited connectivity of a private network is maintained, but since the networks share switches, we say that two virtual private networks have been created. • An ATM or Frame Relay can provide the connectivity or an IP network can be used by providing a tunnel. 118 Tunnels • An IP tunnel is a virtual point-to-point link between a pair of nodes that are separated by an arbitrary number of networks. • This virtual link is created within the router at the entrance by providing it with the IP address of the router at the far end of the tunnel. 119 Routing Through a Tunnel • When a router at the entrance wants to send a packet over this virtual link, it encapsulates the a packet inside an IP datagram. • The destination address is the address of the router at the end of the tunnel, and the source address is the router at the entrance. • The virtual link, looks similar to a normal link in the routing table. 120 A Tunnel Through an Internetwork 1 0 Netw ork 1 R1 virtual Internetw ork R2 Netw ork 2 10.0.0.1 IP header, Destination = 2.x IP header, Destination = 10.0.0.1 IP header, Destination = 2.x IP payload IP header, Destination = 2.x IP payload IP payload R1 has two physical interfaces: Interface 0 connects to Network 1, interface 1 connects to the Internetwork and is the 121 default. It also has a virtual interface to the tunnel. Tunneling • Suppose a tunnel has been configured from R1 to R2 and assigned a virtual interface number of 0. The forwarding table might look like this: NetworkNum NextHop 1 Interface 0 2 Virtual Interface 0 Default Interface 1 122 Tunneling Example • Suppose R1 receives a packet from Network 1 that is addressed to network 2. • To send it out on the virtual interface, the router adds an IP header addressed to R2 and then proceeds to forward the packet as I it had been received. • R2’s address is 10.0.0.1 since the network number of this address is 10 not 1 or 2 • When R2 receives the packet it removes the IP header and processes it. 123 Why Tunnels? • Why create a tunnel? – Greater security- it becomes a private link across a public network. – R1 and R2 have properties like multicast routing and by connecting them with a tunnel, all these routers appear to be connected. This is how the MBone (multicast backbone ) is built. – Tunnels can carry packets from protocols other than IP across an IP network. As long as the routers can handle other protocols, the IP tunnel looks to them like a point-to-point link over which they can send non-IP packets. – Tunnels also provide a mechanism by which we can force a packet to be delivered to a particular place. 124 Disadvantages of Tunnels • It increases the length of packets causing a waste of bandwidth for short packets. • Routers at the endpoints must also do more work as they add and remove tunnel headers. • There is also a management cost to set up the tunnels and and make sure they are correctly handled by the routing protocols. 125 Routing • A switch or router needs to be able to look at a packet’s destination address and then to determine which of the output ports is the best one for that destination. • In datagram networks, including IP networks, routing is an issue for every packet. • In virtual circuits routing is an issue only for the connection request packets; all subsequent packets follow the same path. • The switch makes a decision by consulting a forwarding table. 126 Forwarding and Routing • The fundamental problem of routing is “How do switches and routers acquire the information in their forwarding tables?” • Forwarding consists of taking a packet, consulting a table and sending the packet in the direction determined by the table. This is a relatively simple and well-defined process performed locally at a node. • Routing is the process by which the forwarding tables are built. This depends on complex distributed algorithms that continue to evolve. 127 Forwarding and Routing Tables • Forwarding table and routing table are sometimes used interchangeably but there is a distinction. • The forwarding table is used when a packet is being forwarded and must contain enough information to accomplish that task. This requires that a row in the table must contain the mapping from a network number to an outgoing interface and some MAC information, such as the Ethernet address of the next hop. • The routing table, built up by the routing algorithm as a precursor to the forwarding table, contains mappings from network numbers to next hop and information about how this was learned. 128 Forwarding and Routing Tables • There are reasons for implementing these tables as separate data structures: – The forwarding table needs to be structured to optimize the process of looking up a network number when forwarding a packet. – The routing table needs to be optimized for calculating changes in topology. – The forwarding table is sometimes implemented in specialized hardware, but this is rarely done with the routing table. 129 Routing and Forwarding Tables Network Number 10 Next Hop 171.69.245.1 0 a) A Routing Table Network Interface MAC Address Number 10 if0 8:0:2b:e4:b:1:2 b) A Forwarding Table- the MAC Address is provided by the Address Resolution Protocol (ARP) 130 Scalability • Key question in building a mechanism for the Internet is “Does this solution scale?” • The answer for the previous algorithms and protocols is “NO”, since they are designed for networks of modest size…(< 100) nodes. • These do serve as building blocks for a hierarchical infrastructure that is used in the Internet today. 131 Domains • These protocols collectively are called intradomain routing protocols or interior gateway protocols(IGPs). • A routing domain is an internet in which all the routers are under the same administrative control (e.g. Single campus or single ISP) • For now, we are considering the problem of routing in a small to midsize network, not the full Internet. 132 Network as a Graph • Routing in essence is a problem of graph theory. • The nodes may be hosts, switches, routers or networks. • The edges of the graph correspond to the network links. Each edge has an associated cost, which indicates the desirability of sending traffic over that link. 133 Network Represented as a Graph A 3 4 C 6 1 2 1 B 9 E F 1 D 134 The Routing Problem • The basic problem of routing is finding the lowest cost path between any two nodes, where the cost of a path equals the sum of the cost of all the edges on the path. • For a simple path calculate all the shortest paths and store them on each node. • Such a static approach has shortcomings: – It does not deal with node or link failures – It does not consider the addition of new nodes or links – It implies that edge costs do not change 135 Routing Protocols • Routing is achieved by running protocols among the nodes. These protocols provide a distributed, dynamic way to solve the problem of finding the lowest cost path in the presence of link and node failures and changing edge costs. • It is difficult to make centralized solutions scalable so the widely used protocols are distributed and are areas of challenges and research. 136 Distributed Protocols • Distributed algorithms raise the possibility that two routers will at one instant have different ideas about the shortest path to some destination. • Packets can become stuck in a loop if each router thinks the other one is closer to the destination. This discrepancy must be resolved as soon as possible. • Assume the edge costs in a network are known. • The two main classes of routing protocols are distance vector and link state. 137 Distance Vector (RIP) • RIP ( Routing Information Protocol) dynamically builds a routing table using the distance vector algorithm. • The idea behind the distance vector algorithm is that each node constructs a one dimensional array (vector) containing the distances (costs) to all other nodes and distributes that vector to its immediate neighbors. • Each node knows the cost of its directly connected neighbors. • A link that is down is assigned an infinite cost. 138 Distance Vector Routing • In the next graph, the cost of each link is set to 1, so that the least cost path is simply the one with the fewest hops. • We represent each node’s knowledge as a table. • Note that each node only “knows” the information in on row of the table (the one in the left column that bears its name) • The global view is not available at any single point in the network. 139 Distance Vector Routing B C A D E F G 140 Global View of Initial Distances Information Stored at Node Distance to Reach Node A B C D E F G A 0 1 1 1 1 B 1 0 1 C 1 1 0 1 D 1 0 1 E 1 0 F 1 0 1 G 1 1 0 141 Initial Routing Table at Node A Destination Cost Next Hop B 1 B C 1 C D - E 1 E F 1 F G 142 Routing At Node A • Initially the routing table at each node reflects the beliefs that a packet can reach a connected node in one hop and that others are unreachable. • The next step in distance-vector routing is that every node sends a message to its directly connected neighbors containing its list of distances. • The router “learns” the new paths and can update its table with the new costs for next hops. • It takes only a few exchanges before each node has a complete routing table. 143 Final Routing Table At Node A Destination Cost Next Hop B 1 B C 1 C D 2 C E 1 E F 1 F G 2 F 144 Final Routing Tables • The process of getting constant routing information to all the nodes is called convergence. • There is no one node in the network that has all the information in this next table. • Each node knows only the content of its own routing table. • This distributed algorithm enables all nodes to achieve a consistent view of the network without a centralized authority. 145 Final Distances Stored at Each Node (Global View) Information Stored at Node Distance to Reach Node A B C D E F G A 0 1 1 2 1 1 2 B 1 0 1 2 2 2 3 C 1 1 0 1 2 2 2 D 2 2 1 0 3 2 1 E 1 2 2 3 0 2 3 F 1 2 2 2 2 0 1 G 2 3 2 1 3 1 0 146 Other Distance Vector Issues • When does a given node send a routing update to its neighbors? – Periodic update – sends every so often (several seconds to several minutes) even if nothing changes. Lets others know it is still running. – Triggered update- sent when a node receives an update from a neighbor that causes a change in its routing table. 147 Other Distance Vector Issues • What happens when a link or node fails? – The nodes, that notice the failure, send a new list of distances to their neighbors and tables are updated. • How does a node detect a failure? – Nodes test links by sending control packets and wait for an acknowledgement. – Nodes determine a link is down when it does not receive a periodic update. 148 Count to Infinity Problem • Sometimes the network does not stabilize. • ( See example p. 278) Each node advertises an unreachable link and the hop count increases on each router table in a cycle. • Partial solution uses a relatively small number s an approximation to infinity. • Split horizon solution- when a node sends an update, it does not include those it learned from a neighbor back to the neighbor. • These solutions do not work for large routing tables. 149 Routing Information Protocol (RIP) • Use is widespread since it was distributed with Berkely Unix. • It s also simple and based on the distance-vector algorithm. • Routing in internetworks differ slightly. • In an internetwork, the goal of the routers is to learn how to forward packets to other networks. • Instead of advertising the cost of reaching other routers, they advertise the cost of reaching other networks. 150 Example Network Running RIP 1 4 A B 2 5 C 3 D 6 Router C advertises to router A that it can reach networks 2,3 at a cost of 0 networks 5,6 at a cost of 1, and network 4 at a cost of 2. 151 RIP Packet Format 0 8 Command 16 Version Family of net 1 31 Must be zero Address of net 1 Address of net 1 Distance to net 1 Family of net 2 Address of net 2 Address of net 2 Distance to net 2 152 RIP • RIP is a straightforward implementation of distancevector routing and one of the most widely used. • Built on distance-vector algorithm. • Routers running RIP send their advertisements every 30 seconds. • A router sends an update message when its table changes. • RIP supports multiple address families, not just IP • It tries to find the minimum hop route. • Valid distances are 1-15, with 16 representing infinity, which limits it t running on fairly small networks. 153 Link State (OSPF) • Open Shortest Path First Protocol (OSPF) is the most widely used link-state routing protocol. • Link-state routing is the second major class of intradomain routing protocols. • Assumptions are similar to distance-vector routing. Each node knows the state and the cost of the link to its neighbors. • Need to provide each node with enough information to find the least cost path to any destination. 154 Link State (OSPF) • Basic idea: Every node knows how to reach its neighbor and if this knowledge is disseminated to every node, then every node will have enough knowledge of the network to build a complete map of the network. • This is a sufficient condition for finding the shortest path to any point in the network. 155 Link State (OSPF) • Link-state routing protocols rely on two mechanism: – Reliable dissemination of link-state information – The calculation of routes from the sum of all the accumulated link-state knowledge. 156 Reliable Flooding • Reliable flooding is the process of making sure that all the nodes participating in the routing protocol get a copy of the link-state information form all other nodes. • Basic idea is for a node to send information out on all of its directly connected links, with each receiving node forwarding it out on all its links. 157 Reliable Flooding • Each node creates an update packet, called a link state packet (LSP) that contains the following information: – The ID of the node that created the LSP – A list of directly connected neighbors of that node, with the cost of each one – A sequence number – A time to live for this packet 158 Reliable Flooding • First two ( node ID and list of neighbors) are needed to enable route calculation • Last two (sequence number and time to live (TTL) for this packet) are needed to make the process of flooding the packet to all nodes reliable. • Reliability includes making sure that you have the most recent copy of the information, since there may be multiple contradictory LSPs. • Making the flooding reliable is quite difficult. 159 Link State Packet Flooding a) LSP arrives at node X X A C B b) X floods LSP to A and C c) A and C flood LSP to B but not X d) Flooding is complete D X A C B (a) X A C B (c) D (b) D X A C B D (d) 160 Link State Packets • Like RIP, each node generates LSPs: – When a periodic timer expires – When there is a change in topology • The newest information must be flooded to all nodes as quickly as possible, while old information must be removed and not allowed to circulate. 161 Goals For LSPs • Minimize the total amount of routing traffic: – Avoid generating LSPs unless necessary by using very long timers. Assume messages saying “no change” do not need to be sent often. – Make sure that old information is replaced by newer information by inserting sequence numbers. Each time a new LSP packet is generated, increment the sequence number. – The TTL value assures that old information is eventually removed. ( When TTL=0 delete.) 162 Route Calculation • When a node has a copy of the LSP from every other node, it can compute a complete map for the topology of the network. • From this map it is able to determine the best route to the destination using Dijkstra’s shortestpath algorithm. (See p. 280-283) 163 Dijkstra’s Shortest-Path Algorithm • Main idea: – Start with a set of nodes (M) which contains this node s. – Initialize the table of costs ( C(n)s) to other nodes using the known costs to directly connected nodes. – Look for the node reachable at the lowest cost C(w) and add it to M. – Update table of costs considering reaching nodes through w. – Repeat until all nodes are included in M. 164 Link State Routing B 5 A 3 10 C 11 2 D See p. 287 – Steps for building the routing table for node D 165 Link State Routing Properties • Advantages: – It has been proven to stabilize quickly. – It does not generate much traffic – It responds quickly to topology changes or node failures. • Disadvantages: – Amount of information stored at each node (one LSP for every node in the network) can be quite large 166 Distance –Vector vs Link State Routing • In distance vector, each node talks only to its directly connected neighbor, but tells them everything it has learned (distance to all nodes). • In link-state, each node talks to all other nodes, but tells them only what it knows for sure (only the state of its directly connected links) 167 Open Shortest Path First Protocol (OSPF) • “Open” – indicates that it is an open, nonproprietary standard created under the Internet Engineering Task Force (IETF). • “SPF” comes from an alternate name for linkstate routing. • Internet Routing protocol based on the link state algorithm in which every node constructs the topography of the Internet and uses it to make forwarding decisions. 168 Open Shortest Path First Protocol (OSPF) • Features added to basic link-state algorithm: – Authentication of routing messages – all updates are required to be authenticated, eliminating misconfiguration and malicious users. – Additional hierarchy- makes systems more scalable, b allowing a domain to be partitioned into areas, allowing a router to get to the right are rather than to every network within the domain. – Load balancing- allows multiple routes to the same place to be assigned the same cost and will cause traffic to be evenly distributed evenly over these routes. 169 OSPF Header Format 0 8 Version 16 Type 31 Message length SourceAddr AreaId Checksum Authentication type Authentication There are different types of OSPF messages, but all begin With the same header: version =2, type may be 1-5, Authentication= 0 if not required,1 for password, 2, for 170 Cryptographic checksum. OSPF Link-State Advertisement LS Age Options Link-state ID Advertising router Type=1 LS sequence number LS checksum Length 0 Flags 0 Number of links Link ID Link data Link type Num_TOS Metric Optional TOS information More links 171 Metrics • Ways to calculate the link costs or metrics: – Assign a cost of 1 to all links – lowest cost route will be the one with the least hops. • Disadvantage: – Does not distinguish links on a latency basis ( satellite link with 250ms latency looks just as good as a link with 1 ms latency) – Does not distinguish links on a capacity basis ( 9.6Kbps link looks the same as a 45 Mbps link) – Does not distinguish between links based on their current load (hardest and most complex problem) – ARPANET routing Metrics 172 ARPANET Routing Metrics • Measured the number of packets that were queued, waiting to be transmitted on each link ( link with 10 packets was assigned a larger cost). Did not work well…did not consider bandwidth or latency. • Second version “new routing mechanism” considered bandwidth and latency and used delay rather than queue length as a measure of load: Delay = (DepartureTime – ArrivalTime)+TrasmissionTime + Latency 173 ARPANET Routing Metrics • Still had problems: – Worked well under light loads – Under heavy loads a congested link advertised a very high cost causing traffic to move off that link leaving it idle and then advertising a very low cost, creating instability. – Range of link values was much too large 174 ARPANET Routing Metrics • Third version- “revised ARPANET routing metric” addressed the problems: – Major changes were to compress the dynamic range of the metric, to account for the link type, and to smooth the variation of the metric with time. – Smoothing was achieved by transforming the delay measurement to a link utilization. There was a hard measurement as to how much the metric could change form one cycle to the next. 175 ARPANET Routing 225 9.6-Kbps satellite link 9.6-Kbps terrestrial link 140 56-Kbps satellite link 56-Kbps terrestrial link 90 75 60 30 25% 50% Utilization 75% 100% Revised ARPANET routing metric versus link utilization 176 Monitoring Routing Behavior • How well does the system work? • Study was conducted in 1995 by Vern Paxon using the Unix traceroute to study, 40,000 routes between 37 Internet sites. • He found 1 in 30 encountered serious end to end problems, which lasted about 30 seconds. • His overall conclusion was that the Internet routing is becoming less and less predictable over time. 177 Routing For Mobile Hosts • In IP addressing and routing there is an assumption about that lack of mobility of hosts. • A host address consists of a network number and a host part and the network number indicates which network the host is attached to. • What happens if a host is disconnected from one network and connected to another one? • If we don’t change the IP address of the host it becomes unreachable. • A Solution - Provide the host with a new address when it connects to a new network, using DHCP. 178 Mobile IP • Suppose the user is using an application, while roaming and changing from Network A to Network B. Changing the address won’t allow the application to keep working. • Mobile IP solves this problem. Mobility support requires at least one router, the home agent. The mobile host is assumed to have a permanent IP address, called its home address, equal to its home agent. • A second router, the foreign agent, is usually required. This is the router to which the mobile node attaches when it is away from its home network. 179 Mobile IP • Both home and foreign agents periodically announce their presence on the networks to which they are attached. • A mobile host also may solicit an advertisement when it attaches to a new network. This enables it to learn the address of its home agent before it leaves the home network. • When it attaches to the new network, it registers with the foreign agent providing the address of its home agent. • The foreign agent then contacts the home agent 180 providing a care-of-address. Mobile Host and Mobility Agents Sending host Home agent (10.0.0.3) Foreign agent (12.0.0.6) Internetw ork Home netw ork (netw ork 10) Mobile host (10.0.0.9) 181 Packet Delivery to Mobile Host • Any host that ties to send a packet to the mobile host will send it with a destination address equal to the home address of that node. • Normal IP addressing will cause it to arrive on the home network of the mobile node on which the home agent is sitting. 182 Problems of Packet Delivery To a Mobile Node • How does the home agent intercept a packet that is destined for a mobile node? Uses Proxy ARP • How does the home agent then deliver the packet to the foreign agent? Uses tunneling • How does the foreign agent deliver the packet to the mobile node? Uses the hardware address of mobile node. • What about traffic in the opposite direction? Normal delivery (except if both are mobile). • ( See details of possible solutions pp.297-298) 183 Route Optimization in Mobile IP • Routes from sending node to mobile node can be suboptimal (like on a cell phone). • In general the goal is to deliver packets as directly as possible without passing through a home agent – called “triangle routing problem”, since path from sender to mobile node via a home agent takes two sides of a triangle rather than the third side, which is the direct path. 184 Triangle Routing • Basic idea is to let the sending node know the care-ofaddress of the mobile node. • The sending node can then create its own tunnel to the foreign agent. • If sender can learn the care-of-address and create its own tunnel, the route can be optimized. • If the route is not optimized, the home agent send a binding update message back to the source. • The source creates an entry in a “binding cache”, consisting of mappings from mobile node addresses to care-of-addresses. • Problem – binding cache can become outdated 185 Mobile Routing • Mobile routing provides some security challenges and areas of active research: • An attacker wishing to intercept packets destined for other nodes in the network could contact the home agent for that node and announce itself as the new foreign agent for that node. Preventing this requires authentication mechanisms. • Security and performance aspect require some other routing algorithms ( for example, to avoid passing through an un-trusted network) • There is also the problem of “ad hoc” mobile networksenabling a group of mobile nodes to form a network 186 without fixed nodes – an area of research. Global Internet We have seen how to: • Connect a heterogeneous collection of networks to create an internetwork and • Use the simple hierarchy of the IP address to make routing somewhat scalable. • Today’s Internet has tens of thousands of networks connected to it and routers cannot “know” all that information 187 Global Internet • The Internet is not just random interconnections of Ethernets, but reflects the “shape” of many organizations • In the 1990’s this shape was rather simple, but with time it has grown much more complex. • The original topology consisted of “end users” sites (e.g. Stanford Univ.) that connected to “service provider” networks (e.g. BARRNET). • Many providers served limited geographic regions and were called regional networks. • Regional networks were connected to a nation wide backbone, funded by NSF – called NSFNET. 188 Tree Structure of the Internet in 1990 NSFNET backbone Stanford ISU BARRNET MidNet regional ■■■ Westnet regional regional Berkeley PARC UNM NCAR UNL KU UA 189 Global Internet • This topology consists of end user sites connected to service provider networks • Each provider and end user was an administratively independent entity. • As a result, different networks had different routing protocols and acted as a single autonomous system (AS). • The fact that the Internet has a structure is useful in terms of scalability and address utilization. • Subnetting deals with address utilization. 190 Global Internet • Global Scalability has two issues: • Scalability of routing – need to find ways of minimizing the number of network numbers that get carried around in routing protocols and stored in routing tables of routers. • Address utilization- need to make sure the IP address space does not get consumed too quickly. 191 Subnetting • The original intent of IP addresses was that the network part would uniquely identify exactly one physical network. But this has drawbacks: – For every network, the site needs at least a class C address. – For every network with more than 255 hosts they need a class B address. – A network with two nodes uses an entire class C address wasting 253 addresses; one with a class B address wastes over 65,000 addresses. • This is an example of address assignment inefficiency. 192 Subnetting • Assigning one network number per physical network uses up address space too quickly. • Assigning many network numbers has another drawback for routing. State information is stored in a node to build forwarding tables that tell a router how to reach other networks. The more network numbers the bigger the routing tables get. 193 Subnetting • Subnetting provides an elegantly simple way to reduce the total number of network numbers that are assigned. • Idea: take a single IP network number and allocate the IP addresses with that number to several physical networks, which are now called subnets. • Subnets should be close to each other. • A single network number can be shared by configuring all the nodes on each subnet with a subnet mask. 194 Subnet Masks • With simple IP addresses, all the hosts on the same network have the same network number. • The subnet mask introduces a subnet numberall hosts on the same physical network will have the same subnet number. • A subnet mask introduces another level of hierarchy to the IP address. • We now think of the address of having 3 parts: a network part, a subnet part and a host part. 195 Subnet Masks • Suppose we want to share a single class B address among several physical networks. • We could use a subnet mask of 255.255.255.0 so that the first 24 bits (255s- all 1s) are the network number and the lower 8 bits (0- all zeros). • In a class B address, the first 16 bits identify the network so we can think of the address as having 3 parts: a network part, a subnet part, and a host part. • We have used the host part now to represent the subnet and host. 196 Subnet Addressing Netw ork number Host number Class B address 111111111111111111111111 00000000 Subnet mask (255.255.255.0) Netw ork number Subnet ID Host ID Subnetted address 197 An Example of Subnetting Subnet mask: 255.255.255.128 Subnet number: 128.96.34.0 128.96.34.15 128.96.34.1 R1 H1 Subnet mask: 255.255.255.128 Subnet number: 128.96.34.128 128.96.34.130 128.96.34.139 128.96.34.129 H3 R2 H2 128.96.33.1 128.96.33.14 Subnet mask: 255.255.255.0 Subnet number: 128.96.33.0 198 Subnetting Example • Host is configured with both IP address and subnet mask. • All hosts on a given subnet have the same mask. • Bitwise AND of these defines the subnet number of the host and all other hosts on the same subnet. 199 Forwarding Table with Subnetting The router ANDs the destination address with the subnet mask and if it matches, it forwards the packet to the next hop router indicated. Otherwise it is sent to the default router. Subnet Number Subnet Mask NextHop 128.96.34.0 255.255.25.128 Interface 0 128.96.34.128 255.255.25.128 Interface 1 128.96.33.0 255.255.25.0 R2 200 Subnetting and Scalability • Subnetting solves the scalability problem: – It improves address assignment efficiency by not requiring a new class B or C address every time we add a new physical network. – It helps aggregate information – a complex physical network can look like a single network, reducing the amount of information that the routers need to store. 201 Classless Routing (CIDR) • Classsless Interdomain Routing (“cider”) is a technique that addresses two scaling concerns in the Internet: – growth of backbone routing tables as more network numbers need to be stored in them and – The potential for the 32-bit address space to be exhausted – (often due to inefficiency) – Inefficiency arises because the classes force assigning addresses in fixed “chunks” • Subnetting helps but does not solve the problem. 202 CIDR • CIDR tries to balance the need to minimize the number of routes that a router needs to know against the need to hand out addresses efficiently. • To do this CIDR aggregates routes, and lets us use a single entry in a forwarding table to tell how to reach a lot of networks. • It does this by breaking the rigid boundaries between address classes. • All we need now is a routing protocol to deal with “classless” addresses, which means that it must understand a network number of any length. • Modern routing protocols, such as BGP-4 do that. 203 Modern Routing Protocols • In the Border Gateway Protocol (BGP-4) routing protocol, network numbers are represented by (length, value) pairs, similar to the (mask, value) subnet pairs. • The length give the number of bits in the network prefix . • Assigning addresses carefully so that all corporations/campuses connected to a provider share a common prefix aggregates routes even more. 204 Route Aggregation With CIDR Corporation X (11000000000001000001) Border gatew ay (advertises path to 11000000000001) Regional netw ork Corporation Y (11000000000001000000) Both corporations are reachable through the same provider network and can advertise a single route to both. 205 IP Forwarding Revisited • IP forwarding finds the network number in the packet and then looks it up in a forwarding table. • Problem with using CIDR- prefixes may be any length form 2 to 32 bits. • Some addresses may match more than one prefix in the table. The rule is “longest match”. • Efficiently finding the longest match is an area of active research. 206 Interdomain Routing (BGP) • Basic principle behind autonomous systems (AS) or domains is providing ways to aggregate information in a large internet, improving scalability. • Two parts of the routing problem: – Routing within a single autonomous system (intradomain) – Routing between autonomous systems or domains (interdomain) 207 A Network With Two Autonomous Systems R1 R3 R2 Autonomous system 1 R4 Autonomous system 2 R5 •Each AS can run its own Intradomain routing protocol. •The Interdomain routing problem Is reduced to sharing reachability Information with one another. R6 208 Border Routers • Default routes also reduce the amount of routing information. • Router connecting to the Internet, usually at the boundary between the AS and the Internet, is called a border router. • To send packets to the Internet they go to the border router – the default route, which eventually connects to a backbone. 209 Interdomain Routing Protocols • Exterior Gateway Protocol (EGP)- forced a treelike topology on the Internet, with a single backbone and AS connected as parents and children- not as peers. • Replaced by the Border Gateway Protocol (BGP), which assumes an arbitrarily interconnected set of AS. 210 Today’s Multibackbone Internet Large corporation “Consumer”ISP Peering point Backbone service provider “Consumer”ISP Large corporation Peering point “Consumer”ISP Small corporation Today’s Internet consists of service provider networks, operated by private companies, rather than the government, and sites are connected to each other in arbitrary ways. Providers connect to one another at “peering points”. 211 Types of AS • Local traffic – originates at or terminates on nodes within the AS (autonomous systems) • Transit Traffic- passes through an AS • Types of AS: – Stub AS – only a single connection to one other AS and carries only local traffic – Multihomed AS – connection to more than one AS- but does not carry transit traffic (e.g. corporation) – Transit AS- has connections to more than one other AS and carries both local and transit traffic, such as a backbone. 212 Interdomain Routing • Interdomain routing is hard: – Matter of scale – backbone router must be able to forward any packet anywhere in the Internet. Needs routing table to provide a match for any valid IP address ( with about 140,000 prefixes) – Autonomous nature of the domains- each with their own protocols. – Issue of trust – don’t always want to trust routes from others – Need to support flexible policies, such as prevention of transit traffic. 213 Border Gateway Protocol • BGP does not belong to either of the other protocol classes (distance vector or link state). • BGP advertises complete paths as an enumerated list of Ass to reach a particular network. • The administrator picks at least one node to be the “BGP speaker” for the AS and to exchange reachability information. • In addition there might be border gateways, which are routers through which packets enter and leave the AS. 214 Border Gateway Protocol • An important job of BGP is to prevent looping paths, which is done by carrying complete path information. If an AS “sees” itself in the path, it does not use it. • AS numbers carried in the BGP must be unique. They are 16 bit numbers, assigned by a central authority, allowing for 65,000 ASs. • An AS will only advertise routes that it considers good enough for itself. • BGP speakers can withdraw routes if a link goes down. • BGP is designed for CIDR and writes addresses as 194.4.16/20 for a 20 bit prefix. • BGP runs on top of TCP- the reliable transport protocol. 215 Example of a Network Running BGP Customer P (AS 4) 128.96 192.4.153 Customer Q (AS 5) 192.4.32 192.4.3 Customer R (AS 6) 192.12.69 Customer S (AS 7) 192.4.54 192.4.23 Regional provider A (AS 2) Backbone netw ork (AS 1) Regional provider B (AS 3) Assume providers are transit networks and the customer networks are stubs. A BGP speaker for the AS of provider A (AS2) can advertise reachability information for customers P and Q 216 BGP-4 Update Packet Format 0 15 Unfeasible routes length Withdraw n routes (variable) Total path attribute length Path attributes (variable) Netw ork layer reachability info (variable) 217 Building Scalable Networks • How does all this help build scalable networks? – Number of nodes participating in the BGP protocol represents the number of AS, which s much smaller than the number of networks. – Finding a route is finding a path to the right border router 218 Intergrating Interdomain and Intradomain Routing • How do all the other routers get the information? • For Stubs router “injects” a default route. • Border routers inject specific routes they have learned from outside the AS. • Routers in the backbone have too much information and use a variation of BGP, called interior BGP (IBGP) to distribute the information that is learned. 219 Routing Areas • An area is a set of routers that are administratively configured to exchange linkstate information with each other. The backbone is known as area 0. • A router that is a member of both the backbone area and a non-backbone area is a border router (ABR). These are distinct form the routers at an edge of an AS. 220 A Domain Divided Into Areas Area 3 Area 1 Area 0 R9 R7 R8 R3 R1 R4 R2 Area 2 R6 R5 221 Routing Areas • How does a router in one area determine the right next hop for a packet in another area? • Imagine the path in three parts: – It travels from source network to the backbone area. – Then it travels from backbone to destination network. • The area border routers summarize the routing information that they have learned and make it available to other areas. • Areas make a trade off between scalability and optimality of routing and it forces all packets to travel via the backbone area even if a shorter path is available. 222 IP Version 6 (IPv6) • Motivation for new IP version is to deal with scaling problems. • Subnetting and CIDR have helped with the address depletion problem as well as the growth of routing table information needed in routers. • There is need for an address space greater than 32 bits. 223 Historical Perspective • IETF began looking at extending the IP address space in 1991. • Since the IP is contained in every header, increasing it changes the packet header. • Effort to redefine it was called IP Next Generation (IPng), now called IPv6. • Current version is IPv4. (The number 5 was used for an experimental protocol.) 224 Historical Perspective • In addition to scalable routing and addressing, some of the other “wish list” were: – Support for real-time services and multimedia – Security support – Autoconfiguration ( ability of hosts to automatically configure themselves with IP address, domain name) – Enhanced routing functionality – 128 bit addresses – Plan to move from current to new version – Proposal called Simple Internet Protocol Plus (SIPP) 225 Addresses and Routing • IPv6 provides 128 bit address space, instead of the 32 bit address of IPv4. • IPv6 can potentially address 3.4 x 1028 nodes or approximately 1500 addresses per square foot of the earth’s surface ( which should be sufficient even when toasters on Venus have IP addresses!) 226 Address Space Allocation • IPv6 addresses do not have classes, but the address space is still divided based on the leading bits. ( See list of prefixes p. 321) • IPv4 class A,B,C are all contained in the prefix 001. • Aggregatable Global Unicast Addresses are like IPv4 classless addresses, only longer. • Some addresses (NSAP) are reserved for ISO protocols and IPX Novel network-layer protocols. 227 Address Space Allocation • Idea behind “link local use”addresses is to enable a host to construct an address that will work on the network to which it is connected without being concerned about global uniqueness of the address. • Site local use addresses are intended to allow a valid address to be constructed on a site, that is not connected to the larger Internet, where global uniqueness is not an issue. • Multicast address space severs the same function as class D addresses. • A node may be assigned an IPv4 compatible IPv6 address by zero-extending its 32 bit address to 128 bits. 228 Address Prefix Assignments IPv6 addresses are classless with the leading bits specifying the different uses. IPv4 A,B,C classes are contained in the “Everything else” range. Prefix 00…0 ( 128 bits) 00.. 1 ( 128 bits) 1111 1111 1111 1110 10 1111 1110 11 Everything else Use Unspecified Loopback Multicast Addresses Link Local Unicast Site Local Unicast Global Unicast 229 Address Notation • There is special notation for writing IPv6 addresses. The standard is x: x: x: x: x: x: x: x: where each x: is a hexadecimal representation of a 16 bit piece of the address, (for example: 47CD:1234:4422:AC02:0022:1234:A456:0124 • Any IPv6 address can be written using this notation • An address with a large number of contiguous 0’s can be compressed by omitting the zeros 47CD:0000:0000:0000:0000:0000:A456:0124 can be written as 47CD:: A456:0124 230 Transition From IPv4 to IPv6 • Internet is too big to have a “flag day” to switch over from IPv4 to IPv6. • IPv6 must be deployed incrementally so that hosts and routers that understand only IPv4 can function for as long as possible. • Two mechanisms have been defined to help in this transition:dual-stack and tunneling. 231 Transition From IPv4 to IPv6 • Dual stacks: IPv6 nodes run bothIPv4 and IPv6 and use the version field to decide which stack should process the arriving packet. • The basic tunneling technique in which an IP packet is sent as the payload of another IP packet. Tunneling is used to encapsulate an IPv6 within a IPv4 header and is deciphered at the end point of the tunnel. 232 Aggregatable Global Unicast Addresses • IPv6 must provide plain old unicast addressing, in a way that supports the rapid rate of addition of new hosts. • At the heart of IPv6 is the address allocation plan that determines how addresses beginning with the 001 prefix will be assigned to service providers, autonomous systems, network hosts, and routers. Similar to CIDR in IPv4. 233 IPv6 Provider based Unicast Address 3 m n o p 125- m- n- o- p 010 RegistryID ProviderID SubscriberID SubnetID InterfaceID Natural divisions may be made on the basis of continents. For example, the RegistryID might be an identifier assigned to a European address registry, with different Ids assigned to other continents or countries. One problem might occur if a subscriber is connected to more than one provider. Which prefix should be used? Could have 3 prefixes: one for subscribers of X only, one for Y only and one for X and Y. 234 IPv6 Packet Format • Header is simpler than IPv4 packet. It removes unnecessary functionality from the protocol. • Version field is set=6 for IPv6 • Traffic class and Flow Label fields relate to quality of service issues. • PAyloadLen gives the length of the packet. • NextHeader field replaces the option and protocol fields of IPv4. Options are included in a special header following the IP header. 235 IPv6 Packet Header 0 Version 12 4 TrafficClass PayloadLen 31 24 16 Flow Label NextHeader HopLimit SourceAddress DestinationAddress Next header/data 236 IPv6 Packet Format • Fragmentation is an optional header, which means that IPv4 fragmentation fields are not included in the IPv6 header. • HopLimit field is simply the TTL of IPv4, renamed to reflect the way it is actually used. • The bulk of the header is the source and destination addresses (each 16 bytes or 128 bits long) • IPv6 header is always 40 bytes long compared to the IPv4 header which is 20 bytes, without the options. 237 IPv6 Options • The way IPv6 handles options is an improvement over IPv4. If IPv4 options were present.,every router had to parse the entire options field at the end of the header. • IPv6 treats options as an extension header, that must appear in a specific order, so each router can determine if any of the options are relevant. This is much more efficient. • The options headers, formatted as extensions, also allows them to be of different lengths. • NextHeader identifies the type of header to follow, or in last header is the key to identify the higher-layer 238 protocol (e.g. TCP) IPv6 Fragmentation Extension Header 0 8 NextHeader 16 Reserved 29 Offset 31 RES M Ident Present if fragmentation is necessary. The NextHeader field of the packet would be set=44 to indicate that the next header is a fragmentation header. The NextHeader field of the fragmentation header would contain a value describing the header that follows. 239 Autoconfiguration • Every host connected to the Internet needs to be configured with information such as valid IP address, a subnet mask for the link to which it attaches and the address of the name server (DNS). • One goal of IPv6 is to provide support for autoconfiguration or “Plug and Play operation”. 240 Autoconfiguration • Autoconfiguration problem has two parts: – Obtain an interface ID that is unique on the link to which the host is attached. – Obtain the correct address prefix for the subnet 241 Network Address Translation • Another technology, called Network Address Translation (NAT) is now in use and may delay the switch to IPv6. • Idea: all hosts that might communicate with one another over the Internet, do not need to have globally unique addresses. A host can be assigned a “private address” that is not necessarily globally unique, only unique in a limited scope. • The class A network number 10 is used (originally assigned to the ARPANET, which is no longer in use) 242 Address Routing Capabilities • Another of IPv6’s extension headers is the routing header. In its absence, routing for IPv6 is similar to IPv4 under CIDR. • The routing header contains a list of IPv6 addresses that represent nodes or areas the packet should visit en route to its destination. 243 Address Routing Capabilities • To provide the ability to specify topological entities rather than individual nodes, IPv6 defines an anycast address. • An anycast address is assigned to a set of interfaces and packets sent to that address will go to the “nearest” of these interfaces, with nearest being determined by the routing protocols. • The anycast address and the routing header will provide enhanced routing support to mobile hosts. 244 Other Features • Primary motivation for the IPv6 is to support the continued growth of the Internet.Once the header was to be changed for the sake of addresses it opened the door to other changes: – – – – – Autoconfiguration Source-directed routing Mobility Network Security A New Service model • The main driving force for IPv6 is still the need for larger addresses. 245 Multicast • Multiaccess networks like Ethernet and token rings implement multicast in hardware. • Multicast can also be extended in software across an internet. • Multicast will also be supported in IPv6, with the differences being restricted to the address format. • Applications want to send a packet to more than one destination, or to a multicast address. • Internet can be implemented on top of networks that support hardware multicast by extending the routing and forwarding functions. 246 Multicast Service Model • Service model for IP multicast: – IP multicast uses the idea of a multicast group that receivers may join ( for example, using the Internet to distribute a pay-per-view movie). – Each group has a specially assigned address, and senders use that address as the destination for their packets. ( Like IPv4 class D address.) – Hosts join multicast groups using the Internet Group Management Protocol (IGMP). They use this to notify the router of their desire to receive packets sent to a certain multicast group. 247 MultiProtocol Label Switching • Multiprotocol Label switching (MPLS) tries to combine some of the properties of virtual circuit with the flexibility and robustness of datagrams. – MPLS relies on IP addresses and IP routing protocols – MPLS enabled routers also forward packets by examining relatively short fixed-length labels, with local scope. 248 MultiProtocol Label Switching • Used to enable IP capabilities on devices that cannot forward IP datagrams in the normal way. • To forward IP packets along “explicit routes” – precalculates routes that don’t mathc normal IP routing. • To support certain virtual private network services. • ( See pp. 340- 352 for details) 249 Summary • IP tackles heterogenity by defining a simple, common service model for an internetwork, which is based on best-effort delivery of IP datagrams. • An important part of this model is the global addressing scheme, which enables any two nodes to uniquely identify each other and exchange data. • The ARP mechanism is used to translate global IP addresses into local link-layer addresses. 250 Summary • A critical aspect of the operation of an internet is the determination of efficient routes. Internet routing algorithms solve this: distance-vector and link-state. (RIP and OSPF) • IP deals with major scaling issues: efficient use of address space and the growth of routing tables as the Internet grows. – Hierarchical IP address format – manage scale – Subnetting- makes more efficient use of network numbers and consolidates routing information – CIDR- achieves further routing aggregation – Autonomous systems(AS)- partition into inter and intradomain routing, each of which is smaller than the total routing problem. 251 Summary • These mechanisms are unable to keep up with the growth of the Internet. • A new address format will be needed (IPv6). • IPv6 provides a 128 bit address with CIDRlike addressing and routing. • See also • http://playground.sun.com/pub/ipng/html/ipng-main.html 252 Figure 4.36 B A R1 R2 R4 R3 R6 R5 R7 C 253 B Source R1 R2 A Figure 4.37 R5 R4 R3 R7 R6 C Source B A R1 R2 R4 R3 R5 R6 R7 C B A R1 R2 R3 R4 C R6 R5 R7 Source 254 Figure 4.38 RP RP Join R3 R2 R4 R3 R2 R4 Join R1 R5 R1 R5 (a) (b) RP Join RP R3 R2 R3 R4 R2 Join Join R1 R5 (c) R4 R1 R5 (d) RP = Rendezvous point Shared tree Source-specific tree for source R1 255 Figure 4.39 RP G RP G G R3 R2 R4 RP G G R1 R5 G Host 256 Figure 4.40 10.1.1/24 R3 1 0 R1 0 R2 Prefix Interface Prefix Interface 10.1.1 0 10.1.1 1 10.3.3 0 10.3.3 0 ■■■ 10.3.3/24 R4 ■■■ 257 Figure 4.41ab 10.1.1/24 Label = 15, Prefix = 10.1.1 R3 1 0 R1 Prefix 0 R2 Interface 10.3.3/24 Label Prefix 10.1.1 0 15 10.1.1 1 10.3.3 0 16 10.3.3 0 ■■■ R4 Interface ■■■ (a) 10.1.1/24 R3 1 R1 Prefix 10.1.1 10.3.3 R2 0 Remote Interface Label 0 15 0 16 0 10.3.3/24 R4 Label Prefix 15 10.1.1 Interface 1 16 10.3.3 0 ■■■ ■■■ (b) 258 Figure 4.41c Label = 24, Prefix = 10.1.1 10.1.1/24 R3 1 0 R1 0 R2 10.3.3/24 R4 Prefix 10. 1. 1 Interface 0 Remote Label 15 10. 3. 3 0 16 Label Prefix 15 10.1.1 16 10.3.3 ■■■ Interface 1 Remote Label 24 0 ■■■ (c) 259 Figure 4.42 (a) ATM cell header GFC VPI VCI PTI CLP HEC DATA Label (b) “ Shim “ header (for PPP, Ethernet, etc.) PPP header Label header Layer 3 header 260 Figure 4.43 R6 R1 R5 R2 R3 R4 (a) R6 R1 LSR1 LSR3 R5 R2 LSR2 R4 R3 (b) 261 Figure 4.44 R1 R6 R7 R3 R2 R4 R5 262 Figure 4.45 ATM cells arrive ATM cells sent Tail Head R2 Cells sent into tunnel at head R3 Tunneled data arrives at tail 263 Figure 4.46 6. ATM cells sent 202 Tail R2 R3 DL 101 TL DL 101 5. Demux label examined 4. Packet is forw arded to tail 264 Figure 4.47 VPN A / Site 2 VPN B / Site 2 VPN B / Site 1 Provider netw ork VPN A / Site 3 VPN A / Site 1 VPN B / Site 3 265 Figure 4.48 A 3 C 6 8 1 B F 2 D 2 E 266 Figure 4.49 A 2 1 B 5 E 2 D 2 C 3 3 F 267 Figure 4.50 E A B 268 Figure 4.51 E A B and E A B D 269 Figure 4.52 A B F G C 270 Figure 4.53 5 D 2 2 A 5 E 1 2 B 4 C 271 Figure 4.54 6 B 1 A 3 5 C 1 D 3 1 E 272 Figure 4.55 A C B 273 Figure 4.56 A Provider P 1 2 Provider Q 4 B 3 Provider R 274 Figure 4.57 A C R1 RB R2 Rest of Internet D B 275 Figure 4.58 C A B 276 Figure 4.59 R1 R2 D R3 R4 R6 R5 R7 E 277 Figure 4.60 R8 R1 R7 S1 R2 R6 S2 R4 R5 278