20 Switched Local Area Networks n n n
- Slides: 28
20. Switched Local Area Networks n n n Addressing in LANs (ARP) Spanning tree algorithm Forwarding in switched Ethernet LANs Virtual LANs Layer 3 switching Datacenter networks Roch Guerin (with adaptations from Jon Turner and John De. Hart, and material from Kurose and Ross)
Virtual LANs (VLAN) n Allows hosts to be divided among different VLANs id=3 C D A B E F id=7 » Ethernet packets do not propagate beyond VLAN boundaries » to go between VLANs, packet must pass through a router • but many switches support router-like functions that handle this • VLANs often correspond to IP subnets, but need not n VLANs can increase network’s traffic capacity n Packet’s VLAN is identified by VLAN id carried in packet » 12 bit VLAN “tag” inserted just before the “ethertype” field » packets with VLAN id X are sent only on ports that belong to X • “host ports” typically belong to one VLAN • VLAN tag is typically added/removed by switches at “host ports” » routers and servers often participate in multiple VLANs • in this case, “endpoint” adds the VLAN tag 2
Ethernet Frame With VLAN Tag preamble (7 bytes) start of frame destination address source address x 8100 pri d vlan id type (2 bytes) n Tag starts with two-byte value x 8100 » takes place of type field, allowing packet to be identified as tagged packet n Priority field (3 bits) » 0 for best-effort, 7 for highest priority n Drop Eligible Bit » indicates packet that can be preferentially discarded during congestion n VLAN Identifier (12 bits) » value of 0 means “no vlan” data (46 -1500 bytes) CRC n Double tagging » a vlan tag that starts with 0 x 9100, identifies the first in a pair of tags » allows ISPs to use VLAN tags while carrying “customer-tagged” packets 3
VLANs and Overlay Networks n VLANs can be used to implement virtual links joining routers » configured by network managers » can be “provisioned” to provide guaranteed bandwidth » support for “private WANs” n “overlay” links Routers treat these much like physical links Ethernet switches VLAN paths » link rates can be configured so several overlay links can share physical links – no constraint on individual link rates • and several overlay links can share a single router port » makes it easy to add new links between routers, as needed » overlay link rates can be changed in response to traffic • may require re-routing of some overlay links » effectively replaces router ports with cheaper switch ports 4
Some New-ish Developments n Faster STP response to topology changes » original protocol can take nearly a minute to converge on new spanning tree after a link fails » Rapid Spanning Tree Protocol cuts time to under 10 seconds n Computing multiple spanning trees » when VLANs were first introduced, all VLANs used the same spanning tree • manual configuration required to use all available links » Multiple Spanning Tree Protocol allows automatic configuration of multiple subtrees (that is, may restrict a tree to a region) • VLANs are mapped to trees (so several VLANs may share a tree) n Shortest Path Bridging (standardized in 2012) » link-state protocol (based on IS-IS) • switches distribute topology information, compute shortest-pathtrees and configure local routing tables » Utilizes more of the network paths than STP allowed 5
MPLS n Multiprotocol Label Switching extends IP to provide “virtual links” within IP networks MPLS header edge router core router » MPLS-only switches are potentially less expensive than routers » MPLS features often added to standard routers » allows finer-grained management of traffic than IP routing alone MPLS headers added by “edge routers” (before IP header) n Core routers switch packets using “labels” in MPLS headers n » labels used to select entries in MPLS routing tables » packets may contain multiple “stacked” headers » routing table entries can be configured to select output based on label, replace label value with another, push/pop headers 6
Base MPLS Label Distribution n Relies on fact that all routers in a domain share the same routing table » Routers distribute labels together with route entries • Bandwidth can be included in modified routing protocols » IP packets are “pre-pended” with corresponding label by ingress routers » Routers swap labels at each hop based on downstream mapping » Egress router removes label before forwarding the IP packet R 6 D R 4 R 5 modified link state flooding A 7
Base MPLS Label Distribution Src In label R 6 R 5 Out label Dest Out iface 10 A 0 12 D 0 8 A 1 R 6 In label Out label Dest Out iface 10 6 A 1 12 9 D 0 0 R 4 R 5 0 1 D 1 R 3 0 0 A R 2 In label Out label Dest 8 6 A Out iface 0 In label Out label Dest Out iface 6 - A 0 8
Base MPLS Label Distribution Src In label R 6 DA=A R 5 Out label Dest Out iface 10 A 0 12 D 0 8 A 1 DA=A In label Out label Dest Out iface 10 6 A 1 12 9 D 0 L=10, DA=A 0 D 1 1 R 3 R 4 L=8, DA=A L=6, DA=A 0 0 R 2 In label Out label Dest 8 6 A Out iface 0 L=6, DA=A A DA=A In label Out label Dest Out iface 6 - A 0 9
Explicit Routing n Overcome the shortest path, destination-based constraint of standard IP forwarding Packets to: 158. 130. 0. 0/16 R 1 R 2 R 3 IP Forwarding » Greater flexibility and control in distributing traffic across links <158. 130. 14. 67> 12
Explicit Routing n Overcome the shortest path, destination-based constraint of standard IP forwarding » Greater flexibility and control in distributing traffic across links Packets to: 158. 130. 0. 0/16 R 1 From R 1 R 2 From R 2 R 3 From R 3 MPLS Forwarding <158. 130. 14. 67> 13
Layer 3 Switching n Many switches have extensive support for IP routing » routing features first added to connect subnets in different VLANs » feature sets have expanded as way to “add value” to products n Example features » » n IP forwarding, ARP, ICMP, DHCP, RIP, . . . Diffserv Qo. S with 8 queues per link IGMP support (snooping and querier functions) Access Control lists (firewall functions) Getting harder to distinguish routers and switches » routers support different kinds of layer 2 links (not just Ethernet) and support multiple L 3 protocols (not just IP) » routers have more extensive feature sets, more configurable » routers have larger routing tables & buffers, flexible queueing » switches generally less expensive
Data Center Networks n 10’s to 100’s of thousands of hosts, often closely coupled, in close proximity: » e-business (e. g. , Amazon) » content-servers (e. g. , You. Tube, Akamai, Apple, Microsoft) » search engines, data mining (e. g. , Google) n Challenges » multiple applications, each serving many clients » managing/balancing load » multiple “tenants” • must keep tenants isolated • actions of one tenant must not interfere with another Inside a 40 -ft Microsoft container, Chicago data center
Scaling Up n Example » Each rack has pod switch . . . Top-Of-Rack switch . . . servers Networking challenges . . . • 32 servers each with 32 cores • TOR switch with 10 G and/or 40 G links » 32 rack pod has 1024 servers, and 32 K cores » 64 pod configuration has 32 K servers, 1 M cores n backbone switch pod » addressing – too many L 2 addresses for typical switches » must balance load across many paths • Ethernet routing too restrictive (even with advanced routing features) • basic options: per packet load-balancing, flow-based load balancing » requires new class of data center switches n Some analysis of Amazon’s AWS scale: » http: //www. enterprisetech. com/2014/11/14/rare-peek-massive-scale-aws/
Blurring the L 2/L 3 Boundary n Market forces are pushing Ethernet beyond the LAN » traditionally, large volume of switch market has kept prices low » smaller sales volume for routers kept prices high n Technology improvements support greater capability » early switches were simple and cheap (no VLANs, a few thousand routing table entries) » modern switches can have >100 K routing table entries and support thousands of VLANs, extensive IP features, . . . » market expectations have kept prices moderate, even as feature sets have ballooned n Not clear how successful some advanced features will be » big attraction of Ethernet is simple operation, but advanced features compromise simplicity » challenge for new switches to interoperate with “legacy” switches 17
Putting It Together – An End-to-End Scenario DNS server browser Comcast network 68. 80. 0. 0/13 IGP/ BGP school network 68. 80. 2. 0/24 IGP? BGP web page IGP/ BGP web server 64. 233. 169. 105 Google’s network 64. 233. 160. 0/19 18
Sample Comcast/ISP Network IGP, e. g. , OSPF or IS-IS, used only for routers and router interfaces addresses, i. e. , so that BGP knows how to route to BGP NEXT_HOPs n All routers speak BGP and all customer & peer routes are distributed using BGP all forwarding decisions rely on a recursive lookup (built into forwarding tables) n 19
A day in the life… connecting to the Internet v DHCP UDP IP Eth Phy DHCP connecting laptop needs to get its own IP address, addr of first-hop router, addr of DNS server: use DHCP v DHCP DHCP UDP IP Eth Phy v router (runs DHCP) v DHCP request encapsulated in UDP (port 68) encapsulated in IP, encapsulated in 802. 3 Ethernet frame broadcast (dest: FFFFFF) on LAN, received at router running DHCP server Ethernet demuxed to IP demuxed, UDP demuxed to DHCP (port 68) 20
A day in the life… connecting to the Internet v DHCP UDP IP Eth Phy DHCP v DHCP DHCP UDP IP Eth Phy router (runs DHCP) v DHCP server formulates DHCP ACK containing client’s IP address, IP address of first-hop router for client, name & IP address of DNS server encapsulation at DHCP server, frame forwarded (switch learning) through LAN, demultiplexing at client DHCP client receives DHCP ACK reply (to port 67) Client now has IP address, knows name & addr of DNS server, IP & MAC (learning) address of its first-hop router 21
A day in the life… ARP (reaching “local” hosts) v Connecting to my printer (I know its IP address) v Eth Phy v ARP query v Eth Phy ARP reply ARP v v My address: 10. 1. 1. 17 and my subnet 10. 1. 0. 0/16 My printer’s address: 10. 1. 21. 1 We are on the same subnet, and can therefore communicate directly over Ethernet (no need for a router) ARP query for IP addres of printer broadcast, received by printer, which replies with ARP reply giving its MAC address client now knows MAC address of printer, and so can directly communicate over Ethernet 22
A day in the life… ARP (before DNS, before HTTP) v before DNS DNS ARP query sending HTTP request, need IP address of www. google. com: DNS UDP IP ARP Eth Phy v ARP reply Eth Phy v router (runs DHCP) v DNS query created, encapsulated in UDP, encapsulated in IP, encapsulated in Eth. To send frame to router, need MAC address of router interface: ARP query broadcast, received by router, which replies with ARP reply giving MAC address of router interface client now knows MAC address of first hop router, so can now send frame containing DNS query 23
A day in the life… using DNS DNS UDP IP Eth Phy DNS DNS server Comcast network 68. 80. 0. 0/13 v router (runs DHCP) v DNS UDP IP Eth Phy IP datagram containing DNS query forwarded via LAN switch from client to 1 st hop router IP datagram forwarded from campus network into comcast network, routed (tables created by OSPF, IS-IS, EIGRP and/or BGP routing protocols) to DNS server v Demux’ed to DNS server v DNS server replies to client with IP address of www. google. com 24
A day in the life…TCP connection carrying HTTP TCP IP Eth Phy SYNACK SYN SYNACK SYN TCP IP Eth Phy web server 64. 233. 169. 105 router (runs DHCP) v to send HTTP request, client first opens TCP socket to web server v TCP SYN segment (step 1 in 3 -way handshake) interdomain routed to web server v web server responds with TCP SYNACK (step 2 in 3 way handshake) v TCP connection established! 25
A day in the life… HTTP request/reply HTTP TCP IP Eth Phy HTTP HTTP v web page finally (!!!) displayed v HTTP HTTP TCP IP Eth Phy web server 64. 233. 169. 105 router (runs DHCP) v v v HTTP request sent into TCP socket IP datagram containing HTTP request routed to www. google. com web server responds with HTTP reply (containing web page) IP datagram containing HTTP reply routed back to 26 client
Exercise c 1. In the diagram at right, suppose that host d is on vlan 7 at switch D, host f is on vlan 3 at switch F and router c is on switch C and has connections to both VLANs. What sequence of links is used by a packet going from d to f assuming no other routers? d id=3 C D A B F E id=7 f 27
Exercise c 1. In the diagram at right, suppose that host d is on vlan 7 at switch D, host f is on vlan 3 at switch F and router c is on switch C and has connections to both VLANs. What sequence of links is used by a packet going from d to f assuming no other routers? d id=3 C D A B F E id=7 f The packet would need to be delivered to router c so that it can be forwarded from vlan 7 to vlan 3. Assuming that host d knows the MAC address of router c and that entries are present in the switch forwarding tables of vlan 7 for that MAC address, the packet from host d is forwarded on links D-F, F-E, E-B, and B -C. Assuming that router c knows the MAC address of host f and that entries are present in the switch forwarding tables of vlan 3 for that MAC address, the packet from host d is forwarded on links C-A, A-E, and E-F. 28
Exercise 2. C D E The diagram at right represents a core network for some ISP. Assume all the nodes are MPLS switches F A B and that each connects to one or more edge routers. Describe how MPLS can be used to distribute traffic between switches C and F to use two different paths. Show MPLS routing table entries for all the switches along these paths, using different labels on each hop. Can you spread the load like this if the nodes were all conventional routers, using OSPF-routing?
Exercise 2. C D E The diagram at right represents a core network for some ISP. Assume all the nodes are MPLS switches F A B and that each connects to one or more edge routers. Describe how MPLS can be used to distribute traffic between switches C and F to use two different paths. Show MPLS routing table entries for all the switches along these paths, using different labels on each hop. Can you spread the load like this if the nodes were all conventional routers, using OSPF-routing? Two link disjoint paths between C and F are C-E-D-F and C-B-A-F. Two realize those paths, we need two distinct labels (or sets of labels). C would have two labels, say L 1 and L 2, associated with subnets connected to F. Each label would point to a different next hop, e. g. , L 1 points to E and L 2 to B. Next would need associated label mappings at the intermediate MPLS switches on each path. Specifically, B would have an entry mapping incoming label L 2 to next hop A with an outgoing label of L 2 A (which could be equal to L 2), similarly, A would have an entry mapping incoming label L 2 A to next hop F and outgoing label L 2 F. A similar set of mappings would be present on the path C-E-D-F for label L 1. In this case, a similar outcome could be realized with OSPF, if both paths were equal cost shortest paths. In this case, traffic would be load-balanced across both paths. 30