* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download ppt
Survey
Document related concepts
SIP extensions for the IP Multimedia Subsystem wikipedia , lookup
Network tap wikipedia , lookup
Point-to-Point Protocol over Ethernet wikipedia , lookup
Deep packet inspection wikipedia , lookup
Backpressure routing wikipedia , lookup
Internet protocol suite wikipedia , lookup
Computer network wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Airborne Networking wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
COMS/CSEE 4140 Networking Laboratory Lecture 05 Salman Abdul Baset Spring 2008 Announcements Lab 4 (1-4) due next week before your lab slot Assignment 2 due next Monday Class participation Help me update the router/linux commands Glossary Lab participation TAs / myself will ask random questions Midterm (March 10th, duration ~1.5 hours) Projects 2 Previous Lecture CIDR multi-homing and IP forwarding The Internet Routing protocols IETF, IRTF, IESG, IRB IANA, ICANN IETF (eight areas, 119 WGs) Distance vector vs. link state Intra-domain vs. inter-domain (IGP vs. EGP) Routing Information Protocol (RIP) 3 Previous Lecture: The Count-toInfinity Problem 1 A A's Routing Table to C via (next hop) C B's Routing Table cost B 1 B via to 2 (next hop) C cost C 1 - oo A 3 - oo now link B-C goes down C B 2 C C C - 2 oo C C C B C oo C 4 C oo 3 C 4 C oo 4 Agenda Routing Information Protocol (RIPv2) Link state protocols Open Shortest Path First (OSPF) Autonomous Systems (AS) 5 The Gang of Four Link State IGP EGP OSPF IS-IS Vectoring RIP BGP 6 RIP - History Late 1960s : Mid-1970s: 1982 1988 1993 1997 1998 Distance Vector protocols were used in the ARPANET XNS (Xerox Network system) routing protocol is the precursor of RIP in IP (and Novell’s IPX RIP and Apple’s routing protocol) Release of routed for BSD Unix RIPv1 (RFC 1058) - classful routing RIPv2 (RFC 1388) - adds subnet masks with each route entry - allows classless routing RIPng (IPv6) Current version of RIPv2 (RFC 2453) and Internet standard (STD 56) (IPv4) 7 Routing Information Protocol RIPv2 Subnet masks, next hop addresses, authentication (plain text), multicast (instead of broad cast) Count-to-infinity solution Split-horizon 1 A B 1 C A never advertises to B that its path to C goes through B Hold-down timer A 1 B 1 C B ignores any updates for the link B-C for a hold-down time Triggered updates A 1 B 1 B immediately advertises that its link is down. C 8 Routing Information Protocol Looping solution (for RIP messages) Link costs UDP port 520 (msgs sent and rcvd on this port) Complete or partial routing table? per table: update (30s + /- 0 to 5) send complete routing table in unsolicited response to every neighbor router. per entry: each entry has a timeout timer (180s) per entry: route-flush timer (120s) Dedicated port Always one or 16 (link-down) RIP timers Maximum number of hops is 16. Complete (may spread over multiple fragments) No reliable delivery Multicast 224.0.0.9 9 RIPv1 Packet Format IP header UDP header RIP Message 1: RIPv1 2: for IP 0…0: request full routing table Command Version Set to 00...0 address family Set to 00.00 32-bit address Unused (Set to 00...0) Address of destination Cost (measured in hops) One RIP message can have up to 25 route entries 20x25=500 bytes + 8 (RIP hdr) + 8 (UDP) + 20 (IP)=536 bytes Unused (Set to 00...0) one route entry (20 bytes) 1: request 2: response metric (1-16) Up to 24 more routes (each 20 bytes) 10 32 bits RIPv2 RIPv2 is an extends RIPv1: Subnet masks are carried in the route information Authentication of routing messages Route information carries next-hop address Exploits IP multicasting Extensions of RIPv2 are carried in unused fields of RIPv1 messages 11 RIPv2 Packet Format IP header UDP header RIP Message 2: RIPv2 2: for IP 0…0: request full routing table Command Version Set to 00...0 address family Set to 00.00 32-bit address Unused (Set to 00...0) Address of destination Cost (measured in hops) One RIP message can have up to 25 route entries Unused (Set to 00...0) metric (1-16) one route entry (20 bytes) 1: request 2: response Up to 24 more routes (each 20 bytes) 12 32 bits RIPv2 Packet Format Used to carry information from other routing protocols (e.g., autonomous system number) RIPv2 Message Command Version Set to 00.00 address family route tag IP address Subnet mask for IP address Subnet Mask Next-Hop IP address Identifies a better next-hop address on the same subnet than the advertising router, if one exists (otherwise 0….0) metric (1-16) Up to 24 more routes (each 20 bytes) 2: RIPv2 one route entry (20 bytes) IP header UDP header Any problems? 13 32 bits RIP Messages Dedicated port for RIP is UDP port 520. Two types of messages: Request messages used to ask neighboring nodes for an update Response messages contains an update 14 Routing with RIP Initialization: Send a request packet (command = 1, address family=0..0) on all interfaces: RIPv1 uses broadcast if possible, RIPv2 uses multicast address 224.0.0.9, if possible requesting routing tables from neighboring routers Request received: Routers that receive above request send their entire routing table Response received: Update the routing table Regular routing updates: Every 30 +/- 5 seconds, send all or part of the routing tables to every neighbor in an response message Triggered Updates: Whenever the metric for a route change, send entire routing table. 15 Agenda Routing Information Protocol (RIPv2) Link state protocols Open Shortest Path First (OSPF) Autonomous Systems 16 Link State Routing Based on Dijkstra’ s Shortest-Path-First algorithm. Each router starts by knowing: Each router advertises to the entire network (flooding): Prefixes of its attached networks. Links to its neighbors. Key idea: synchronize state with directly connected routers Key idea: ACK the flooded messages Prefixes of its directly connected networks Active links to its neighbors. Each router learns: A complete topology of the network (routers, links). Each router computes shortest path to each destination. In a stable situation, all routers have the same graph, and compute the same paths. 17 Dijkstra’s Shortest Path Algorithm for a Graph Input: Graph (N,E) with N the set of nodes and E the set of edges cvw link cost (cvw = 1 if (v,w) E, cvv = 0) s source node. Output: Dn cost of the least-cost path from node s to node n M = {s}; for each n M Dn = csn; while (M all nodes) do Find w M for which Dw = min{Dj ; j M}; Add w to M; for each neighbor n of w and n M Dn = min[ Dn, Dw + cwn ]; Update route; end for end while end for 18 Link state routing: graphical illustration Global view: b 3 a a’s view: 3 a d b 6 b d’s view: c c 1 a c’s view: 2 c 6 a b’s view: 3 1 2 d c b 1 c 2 d 6 19 Collecting all views yield a global & complete view of the network! Operation of a Link State Routing Protocol Received LSAs Link State Database Dijkstra’s Algorithm IP Routing Table LSAs are flooded to other interfaces LSA: link-state advertisement 20 Link State Routing: Properties Each node requires complete topology information Link state information must be flooded to all nodes Guaranteed to converge 21 Distance Vector vs. Link State Routing With distance vector routing, each node has information only about the next hop: Node A: to reach F go to B Node B: to reach F go to D Node D: to reach F go to E Node E: go directly to F Distance vector routing makes poor routing decisions if directions are not completely correct (e.g., because a node is down). A B C D E F If parts of the directions incorrect, the routing may be incorrect until the routing algorithms has re-converged. 22 Distance Vector vs. Link State Routing In link state routing, each node has a complete map of the topology A If a node fails, each node can calculate the new route B C D E A F A Difficulty: All nodes need to have a consistent view of the network A B C D E B C D E A F B C D E B C D E A F B C D E F F A F B C D E 23 F Distance Vector vs. Link State Routing Link State • • • • • • Topology information is flooded within the routing domain Best end-to-end paths are computed locally at each router. Best end-to-end paths determine next-hops. Based on minimizing some notion of distance Works only if policy is shared and uniform Examples: OSPF, IS-IS Vectoring • • • • • • Each router knows little about network topology Only best next-hops are chosen by each router for each destination network. Best end-to-end paths result from composition of all next-hop choices Does not require any notion of distance Does not require uniform policies at all routers Examples: RIP, BGP 24 Agenda Routing Information Protocol (RIPv2) Link state protocols Open Shortest Path First (OSPF) Autonomous Systems 25 OSPF OSPF = Open Shortest Path First (Why Open?) The OSPF routing protocol is the most important link state routing protocol on the Internet (another link state routing protocol is IS-IS (intermediate system to intermediate system) The complexity of OSPF is significant RIP (RFC 2453 ~ 40 pages) OSPF (RFC 2328 ~ 250 pages) History: 1989: RFC 1131 OSPF Version 1 1991: RFC 1247 OSPF Version 2 1994: RFC 1583 OSPF Version 2 (revised) 1997: RFC 2178 OSPF Version 2 (revised) 1998: RFC 2328 OSPF Version 2 (current version) 26 Features of OSPF Provides authentication of routing messages Enables load balancing by allowing traffic to be split evenly across routes with equal cost (problem: reordering) Type-of-Service routing allows to setup different routes dependent on the TOS field Supports subnetting Supports multicasting Allows hierarchical routing 27 Hierarchical OSPF 28 Hierarchical OSPF Two-level hierarchy: local area, backbone. Link-state advertisements only in area each nodes has detailed area topology; only know direction (shortest path) to nets in other areas. Area border routers: “summarize” distances to nets in own area, advertise to other Area Border routers. Backbone routers: run OSPF routing limited to backbone. 29 Example Network 10.1.1.2 .1 4 .2 .2 3 .4 .4 3 .3 5 1 .5 .5 10.1.5.0/24 10.1.2.3 .6 .5 .3 .3 .6 10.1.7.0 / 24 .2 2 1 .4 10.1.4.0 / 24 10.1.1.0 / 24 Router IDs can be selected independent of interface addresses, but usually chosen to be the smallest interface address 2 10.1.3.0 / 24 .1 10.1.7.6 10.1.4.4 10.1.6.0 / 24 10.1.1.1 10.1.5.5 • Link costs are called Metric • Metric is in the range [0 , 216] • Metric can be asymmetric 30 Link State Advertisement (LSA) 10.1.1.1 10.1.1.2 10.1.1.0 / 24 3 2 .2 .2 .4 .4 .3 .5 .3 .6 .5 .5 10.1.5.0/24 10.1.2.3 .6 10.1.7.0 / 24 10.1.4.0 / 24 .3 .4 10.1.6.0 / 24 .1 .2 10.1.3.0 / 24 4 .1 10.1.7.6 10.1.4.4 10.1.5.5 The LSA of router 10.1.1.1 is as follows: Link State ID: 10.1.1.1 = Router ID Advertising Router: 10.1.1.1 = Router ID Number of links: 3 = 2 links plus router itself Description of Link 1: Description of Link 2: Description of Link 3: Link ID = 10.1.1.2, Metric = 4 Link ID = 10.1.2.2, Metric = 3 Link ID = 10.1.1.1, Metric = 0 31 Network and Link State Database 10.1.1.1 10.1.1.0 / 24 Each router has a database which contains the LSAs from all other routers .2 .2 .4 10.1.4.0 / 24 .4 .4 .3 .5 .3 .3 .6 10.1.7.0 / 24 10.1.6.0 / 24 .1 .2 10.1.7.6 10.1.4.4 10.1.3.0 / 24 .1 10.1.1.2 .6 .5 .5 10.1.5.0/24 10.1.5.5 10.1.2.3 LS Type Link StateID Adv. Router Checksum LS SeqNo LS Age Router-LSA 10.1.1.1 10.1.1.1 0x9b47 0x80000006 0 Router-LSA 10.1.1.2 10.1.1.2 0x219e 0x80000007 1618 Router-LSA 10.1.2.3 10.1.2.3 0x6b53 0x80000003 1712 Router-LSA 10.1.4.4 10.1.4.4 0xe39a 0x8000003a 20 Router-LSA 10.1.5.5 10.1.5.5 0xd2a6 0x80000038 18 Router-LSA 10.1.7.6 10.1.7.6 0x05c3 0x80000005 1680 32 Link State Database The collection of all LSAs is called the link-state database Each router has an identical link-state database Useful for debugging: Each router has a complete description of the network If neighboring routers discover each other for the first time, they will exchange their link-state databases The link-state databases are synchronized using reliable flooding (flooded packets are acknowledged using ‘Link State Acknowledgement’ packet) 33 OSPF Packet Format OSPF Message IP header OSPF Message Header OSPF packets are not carried as UDP payload! OSPF has its own IP protocol number: 89 TTL: set to 1 (in most cases) Body of OSPF Message Message Type Specific Data LSA LSA Header Destination IP: neighbor’s IP address or 224.0.0.5 (ALLSPFRouters) or 224.0.0.6 (AllDRouters) LSA ... ... LSA LSA Data 34 OSPF Packet Format OSPF Message Header 2: current version is OSPF V2 version Message types: 1: Hello (tests reachability) 2: Database description 3: Link state request 4: Link state update 5: Link state acknowledgement Standard IP checksum taken over entire packet Authentication passwd = 1: Authentication passwd = 2: Body of OSPF Message type message length source router IP address ID of the Area from which the packet originated Area ID checksum authentication type authentication authentication 32 bits 64 cleartext password 0x0000 (16 bits) KeyID (8 bits) Length of MD5 checksum (8 bits) Nondecreasing sequence number (32 bits) 0: no authentication 1: Cleartext password 2: MD5 checksum (added to end packet) Prevents replay 35 attacks OSPF LSA Format LSA Link Age LSA Header LSA Header LSA Data Link Type Link State ID advertising router link sequence number checksum length Link ID Link 1 Link Data Link Type #TOS metrics Metric Link ID Link 2 Link Data Link Type #TOS metrics Metric 36 Discovery of Neighbors Routers multicasts OSPF Hello packets on all OSPF-enabled interfaces. If two routers share a link, they can become neighbors, and establish an adjacency 10.1.10.1 10.1.10.2 Scenario: Router 10.1.10.2 restarts OSPF Hello OSPF Hello: I heard 10.1.10.2 After becoming a neighbor, routers exchange their link state databases 37 Neighbor discovery and database synchronization Scenario: Router 10.1.10.2 restarts Discovery of adjacency 10.1.10.1 10.1.10.2 OSPF Hello OSPF Hello: I heard 10.1.10.2 After neighbors are discovered the nodes exchange their databases Database Description: Sequence = X Sends database description. (description only contains LSA headers) Acknowledges receipt of description Database Description: Sequence = X, 5 LSA headers = Router-LSA, 10.1.10.1, 0x80000006 Router-LSA, 10.1.10.2, 0x80000007 Router-LSA, 10.1.10.3, 0x80000003 Router-LSA, 10.1.10.4, 0x8000003a Router-LSA, 10.1.10.5, 0x80000038 Router-LSA, 10.1.10.6, 0x80000005 Database Description: Sequence = X+1, 1 LSA header= Router-LSA, 10.1.10.2, 0x80000005 Database Description: Sequence = X+1 Sends empty database description Database description of 10.1.10.2 38 Regular LSA exchanges 10.1.10.1 Link State Request packets, LSAs = Router-LSA, 10.1.10.1, Router-LSA, 10.1.10.2, Router-LSA, 10.1.10.3, Router-LSA, 10.1.10.4, Router-LSA, 10.1.10.5, Router-LSA, 10.1.10.6, 10.1.10.1 sends requested LSAs 10.1.10.2 10.1.10.2 explicitly requests each LSA from 10.1.10.1 Link State Update Packet, LSAs = Router-LSA, 10.1.10.1, 0x80000006 Router-LSA, 10.1.10.2, 0x80000007 Router-LSA, 10.1.10.3, 0x80000003 Router-LSA, 10.1.10.4, 0x8000003a Router-LSA, 10.1.10.5, 0x80000038 Router-LSA, 10.1.10.6, 0x80000005 39 Dissemination of LSA-Update A router sends and refloods LSA-Updates, whenever the topology or link cost changes. (If a received LSA does not contain new information, the router will not flood the packet) Exception: Infrequently (every 30 minutes), a router will flood LSAs even if there are not new changes. Acknowledgements of LSA-updates: explicit ACK, or implicit via reception of an LSA-Update Question: If a new node comes up, it could build the database from regular LSA-Updates (rather than exchange of database description). What role do the database description packets play? 40 Agenda Routing Information Protocol (RIPv2) Link state protocols Open Shortest Path First (OSPF) Autonomous Systems 41 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and that has a unified routing policy Each autonomous system is assigned an Autonomous System Number (ASN). Columbia campus network (AS14) Rogers Cable Inc. (AS812) Sprint (AS1239, AS1240, AS 6211, …) Interdomain routing is concerned with determining paths between autonomous systems (interdomain routing) Routing protocols for interdomain routing are called exterior gateway protocols (EGP) 42 Autonomous Systems (AS) Ethernet Router Ethernet Ethernet Autonomous System 1 Router Router Router Ethernet Router Ethernet Autonomous System 2 Router Ethernet 43 Interdomain and Intradomain Routing AS 2 AS 5 AS 1 AS 6 AS 7 AS 3 AS 4 Routing protocols for intradomain routing are called interior gateway protocols (IGP) Objective: shortest path Routing protocols for interdomain routing are called exterior gateway protocols (EGP) 44 Objective: satisfy policy of the AS Interdomain vs. Intradomain AS 2 AS 2 EGP (e.g., BGP) IGP (e.g., OSPF) Intradomain routing IGP (e.g., RIP) Routing is done based on metrics Routing domain is one autonomous system Interdomain routing Routing is done based on policies Routing domain is the entire Internet 45 Interdomain Routing Interdomain routing is based on connectivity between autonomous systems Interdomain routing can ignore many details of router interconnection AS 1 AS 2 AS 3 46 AS Graphs AT&T North America From: T. Griffin, BGP Tutorial, ICNP 2002 47 Multiple Routing Protocols Multiple routing protocols can run on the same router Each routing protocol updates the routing table RIP Process BGP Process OSPF Process routing protocol routing protocol routing table updates routing table routing table lookup incoming IP datagrams IP Forwarding outgoing IP datagrams 48 Autonomous Systems Terminology local traffic = traffic with source or destination in AS transit traffic = traffic that passes through the AS Stub AS = has connection to only one AS, only carry local traffic Multihomed AS = has connection to >1 AS, but does not carry transit traffic Transit AS = has connection to >1 AS and carries transit traffic 49 Stub and Transit Networks AS 1 AS 1, AS 2, and AS 5 are stub networks AS 2 is a multihomed stub network AS 3 and AS 4 are transit networks AS 2 AS 3 AS 4 AS 5 50 Selective Transit Example: AS 1 Transit AS 3 carries traffic between AS 1 and AS 4 and between AS 2 and AS 4 But AS 3 does not carry traffic between AS 1 and AS 2 The example shows a routing policy. AS 2 AS 3 AS 4 51 Customer/Provider AS 2 Customer/ Provider Customer/ Provider AS 4 Customer/ Provider AS 6 AS 5 Customer/ Provider AS 6 Customer/ Provider AS 6 A stub network typically obtains access to the Internet through a transit network. Transit network that is a provider may be a customer for another network Customer pays provider for service 52 Customer/Provider and Peers AS 1 AS 2 AS 3 Peers Peers Customer/ Provider Customer/ Provider Customer/ Provider AS 4 AS 5 Customer/Provider AS 6 Customer/ Provider AS 6 AS 6 Transit networks can have a peer relationship Peers provide transit between their respective customers Peers do not provide transit between peers Peers normally do not pay each other for service 53 Shortcuts through peering AS 1 AS 2 AS 3 Peers Peers Customer/ Provider Customer/ Provider AS 4 AS 5 Customer/ Provider AS 6 Peers Customer/Provider Customer/ Provider AS 6 AS 6 Note that peering reduces upstream traffic Delays can be reduced through peering But: Peering may not generate revenue 54 This week’s lab /etc/quagga/ripd.conf eth1 does not work on some machines (PC1 and PC2 of rack 3) Set eth1 to a completely different IP address e.g., 202.11.12.15 and use eth2 Enable debugging – and observe /etc/quagga/ripd.log Count-to-infinity disable split-horizon, triggered updates and set holddown timer to zero. 55