Computer Networks Network layer Network Layer q Design

Computer Networks Network layer

Network Layer q Design issues q Routing q Congestion q Different networks, q Internetworking q q Internet Protocols q q Multimedia or Qo. S q q protocols? Interconnection styles Internetwork routing Fragmentation Firewalls Network layer -- June 2004 2

Internetworking: differences q Different networks will always be around o Installed base is large and growing o Networks get cheaper, so #decision makers o New technology new networks new protocols Network layer -- June 2004

Internetworking: differences Item Some differences Service offered Connection-oriented <> connectionless Protocols IP, IPX, CLNP, Apple talk, SNA, … Addressing Flat (802) <> hierarchical (IP) Multicasting Present <> absent Packet size Maximum per network Quality of service Many kinds Error handling Reliable, ordered, … Flow control Sliding window, rate control, … Congestion control Leaky bucket, choke packets, … Security Privacy rules, encryption, … Parameters Timeouts, flow specifications, … Accounting Connect time, available bandwidth, … Network layer -- June 2004 4

Internetworking: differences q Interconnection boxes o Repeaters, hubs o Bridges, switches o Routers o Transport gateways o Application gateways Layer Example 1 Ethernet 2 LANs 3 IP, IPX, Apple talk 4 TCP <> OSI TP 4 5 Mail: SMTP <> X 400 cts u d ro p l a n o ti c M n u f i ult Network layer -- June 2004

Internetworking: styles q Half-[device]s + neutral protocol o Management issue o Cooperation reduced to agreement on protocol Network layer -- June 2004

Internetworking: styles q Concatenated virtual circuits o Set-up of a connection • Recognition of remote destination (host, router) and selection of multiprotocol router for first VC • Multiprotocol router extends VC towards … o Data transfer • Same path for all packets • Conversions (packet format, VC numbers, …) in multiprotocol routers o Essential features • Sequence of VCs • Networks should have same/similar properties • Properties: I dentical to single VCs Network layer -- June 2004

Internetworking: styles q Concatenated virtual circuits o Set-up of a connection • Recognition of remote destination (host, router) and selection of multiprotocol router for first VC • Multiprotocol router extends VC towards … o Data transfer • Same path for all packets • Conversions (packet format, VC numbers, …) in multiprotocol routers o Essential features • Sequence of VCs • Networks should have same/similar properties • Properties: identical to single VCs Network layer -- June 2004

Internetworking: styles q Connectionless internetworking o Datagram approach • Multiple routes • Higher bandwidth • No guarantee for in order delivery o Nearly identical protocols required • Packet conversion • Addressing ( assignment, mapping) o Properties: same as for datagram networks Network layer -- June 2004

Internetworking: styles q Connectionless internetworking o Datagram approach • Multiple routes • Higher bandwidth • No guarantee for in order delivery o Nearly identical protocols required • Packet conversion • Addressing ( assignment, mapping) o Properties: same as for datagram networks Network layer -- June 2004

Internetworking: styles q Tunneling o Interconnect 2 identical networks using a different one o Behaviour: point-to-point line between multiprotocol routers Network layer -- June 2004

Internetworking: routing q Same problem + some complications q 2 levels of routing: o Within a network o Between networks • Intranetwork routing • Interior gateway protocol • Internetwork routing • Exterior gateway protocol q Internetwork routing o Graph construction • Every router can directly access routers on the same network o Packet forwarding + tunneling if necessary q Differences with intranetwork routing o Cross international boundaries adopt national laws o Agreements between operators (transit traffic) Network layer -- June 2004

Internetworking: routing An internetwork: Graph of internetwork o Router A can communicate with routers B and C Network layer -- June 2004 13

Internetworking: fragmentation q Problem: Large packet through network with smaller maximum packet size q Solution: o Break large packet into fragments o Send each fragment as a separate packet o Reassemble: transparent <> non transparent? q Transparent fragmentation o Strategy • Gateway breaks large packet into fragments • Each fragment addressed to same exit gateway • Exit gateway does reassembly Network layer -- June 2004

Internetworking: fragmentation q Transparent fragmentation o Strategy • Gateway breaks large packet into fragments • Each fragment addressed to same exit gateway • Exit gateway does reassembly o Simple, but some problems • Gateway must know when it has all pieces • Performance loss: all fragments through same gateway • Overhead: repeatedly reassemble and refragment o Example: ATM segmentation Network layer -- June 2004 15

Internetworking: fragmentation q Nontransparent fragmentation o Strategy • Gateway breaks large packet into fragments • Each fragment is forwarded to destination o problems • Every host must be able to reassembly • More headers o Example: IP fragmentation Network layer -- June 2004 16

Internetworking: fragmentation q Fragment numbering o Hierarchical numbering • Packet 0 packets 0. 0, 0. 1, 0. 2 • Problem: retransmission + different fragmentations o Basic block numbering: in every packet • Original packet number • Sequence number of first block Network layer -- June 2004

Internetworking: firewalls q Protection needed against o Information leaking out • Trade secrets, product development plans, … o Information leaking in • Viruses, worms, … o Old medieval analogy • Castle + deep moat around it • Single draw bridge o Example firewall • 2 routers for packet filtering • Application gateway Network layer -- June 2004

Internetworking: firewalls q Packet filtering q Application gateway o Acceptable sources + destinations o Decisions made per application o Filters on • Address: IP • Service port (TCP header) • both Network layer -- June 2004 • Header fields, • Message size • content 19

Network Layer q Design issues q Routing q Congestion q Internetworking q IP protocol q Internet Control Protocols q Routing q Internet Protocols q Internet multicasting q Multimedia or Qo. S q Mobile IP q IPv 6 Network layer -- June 2004 20

Internet: IP protocol q View on Internet: o Collection of Autonomous Systems (AS) o Glue: IP designed for internetworking Network layer -- June 2004

Internet: IP protocol q IP protocol o best effort service o Datagrams: up to 64 Kbytes q IP header o 20 byte fixed part + optional part o Transmitted in big endian order ( l -> r) Network layer -- June 2004

Internet: IP header Version of IP protocol: now 4 IHL Length of header Type of service 3 bit precedence field; priority: 0 (normal) to 7 (control) 3 flags: Delay, Throughput, Reliability Total length Length of header + data Identification Unique number for datagram (between source & destination) DF Don’t fragment this packet MF More fragments to come Fragment offset Relative position of fragment in original packet ( 8 bytes mult. ) Time to live Hop counter Protocol of higher layer Header checksum 16 bit sum of half words using 1 -complement Source address IP address Destination address IP address Network layer -- June 2004 23

Internet: IP header q Options: maximum length = 40 bytes Option Description Security Specifies how secret the datagram is Strict source routing Gives the complete path to be followed Loose source routing Gives a list of routers not to be missed Record route Makes each router append its IP address timestamp Makes each router append its IP address and timestamp o Too small: 40 bytes -> only 10 IP addresses! Network layer -- June 2004

Internet: IP addresses q IP address = 32 bits o Network number o Host number (on network) class A #networks #hosts 126 16. 000 B 16. 382 64. 000 C 2. 000 254 Network layer -- June 2004

Internet: IP addresses q Dotted notation: 134. 58. 47. 25 q Assignment: o ICANN Internet Corporation for Assigned Names and Numbers o Arin (American Registry for Internet Numbers) for N & S America o RIPE (Réseaux IP Européennes) for Europe o APNIC (Asia Pacific Network Information Centre) q Special addresses: Network layer -- June 2004

Internet: IP subnets q Subnetting: different views on same network o Internal: network split up in different parts o External: a single net q Why? o Avoid use of different C networks for a single organisation o Allow structuring of class A & B networks Network layer -- June 2004

Internet: IP subnets q Subnetting: different views on same network o Internal: network split up in different parts o External: a single net q Why? o Avoid use of different C networks for a single organisation o Allow structuring of class A & B networks q Network <> host? o Subnet mask Network layer -- June 2004

Internet: IP subnets Routing: table entries No subnets With subnets (network, 0) : how to get distant network (this-network, host) : … to local host (network, 0) : how to get to distant network (this-network, subnet, 0) : …to host on another subnet (this-network, this-subnet, host) : … to local host Advantages: o Smaller tables o Management of networks easier (not easy!) Network layer -- June 2004 29

Internet: CIDR q Exponential growth of Internet o Running out of addresses • B is too large <> C is too small • Assign many Cs iso a single B Routing table explosion o Hierarchical routing o No support in IP addressing scheme o CIDR solution: o Allocate blocks of class C addresses o Introduce hierarchy for remaining addresses o Classless routing CIDR: classless Inter. Domain Routing Network layer -- June 2004

Internet: CIDR o CIDR solution: o Allocate blocks of class C addresses o Variable size described by o IP address o Mask indicating meaningful bits in address o Allocation scheme: block of X addresses starts on X-byte boundary o 2048 addresses (8 C classes): 194. 24. 0. 0 to 194. 24. 7. 255 o 4096 addresses (16 C classes): 194. 24. 16. 0 to 194. 24. 31. 255 o Introduce hierarchy for remaining addresses o Classless routing From To 194. 0. 0. 0 195. 255 Europe 198. 0. 0. 0 199. 255 North America 200. 0 201. 255 Central + South America 202. 0. 0. 0 203. 255 Asia + Pacific Network layer -- June 2004 Region

Internet: CIDR q 3 blocks assigned: q Entries in router tables: Gent 2048 194. 24. 0. 0 194. 24. 7. 255 Leuven 4096 194. 24. 16. 0 194. 24. 31. 255 Hasselt 1024 194. 24. 8. 0 194. 24. 11. 255 Address Mask (last 2 bytes) 194. 24. 0. 0 255. 248. 0 1111 1000 0000 194. 24. 16. 0 255. 240. 0 1111 0000 194. 24. 8. 0 255. 252. 0 1111 1100 0000 q Route 194. 24. 17. 4? or … 0001 0000 0100 o Test: address & mask … 1111 1000 0000 … 0001 0000 <> 194. 24. 0. 0 … 1111 0000 … 0001 0000 Network layer -- June 2004 = 194. 24. 16. 0

Internet: NAT q Network Address translation o Simple solution to the shortage of IP addresses o Examples? q Technique: s? t e k c a o non routable addresses inside a domain p y l p e o Translate address to a routable one when R packet leaves domain Network layer -- June 2004

Internet: NAT q Use TCP/UDP port number to differentiate between different local computer systems q NAT translation table (local IP address, source port) (external IP address, unique port) q 1 IP address can be used for up to ~ 64 K hosts Network layer -- June 2004

Internet: NAT q Objections to NAT o Violates architectural model of IP • IP address uniquely identifies a single computer o Crash of NAT box all “connections” lost • Connection oriented flavor o o Violates fundamental rule of protocol layers Only works for TCP & UDP Addresses inside body are not translated Ugly and temporary hack delays real solution: IPv 6 Network layer -- June 2004

Network Layer q Design issues q Routing q Congestion q Internetworking q Internet Protocols q Multimedia or Qo. S q IP protocol q Internet Control Protocols o ICMP o ARP o RARP q Routing q Internet multicasting q Mobile IP q IPv 6 Network layer -- June 2004 36

Internet: ICMP q ICMP: Internet Control Message Protocol o Used by routers to report unexpected events o Definition: RFC 792 Message type Description Destination unreachable Packet could not be delivered Time exceeded Time to live field 0 Parameter problem Invalid header field Source quench Choke packet Redirect Teach a router about geography Echo request Ask a machine if it is alive Echo reply Yes, I am alive Timestamp request Same as echo, but with timestamp Timestamp reply Same as echo reply, but with timestamp Network layer -- June 2004

Internet: ARP q ARP: address resolution protocol o How do IP addresses get mapped onto data link layer addresses? o Problem: o Solution: configuration files 192. 31. 65. 7 E 1 192. 31. 65. 5 E 2 unsatisfactory Network layer -- June 2004

Internet: ARP q Basic ARP protocol o Broadcast: who owns IP address 192. 31. 65. 5? o Host with that IP address should reply with its data link address q Optimisations: cache mappings! o Values in ARP request (every system on net) o Values in ARP reply (sender of ARP request only) o Gratuitous ARP: upon boot host can send ARP request with its own mapping answer: duplicate IP address in use! Network layer -- June 2004

Internet: ARP q How to handle remote hosts? o Proxy ARP: routers serving the net should reply o Sending host forwards packet to router Network layer -- June 2004

Internet: RARP q RARP: Reverse Address Resolution Protocol o Problem: • Given a data link address • What is the corresponding IP address o Why needed? • Allows a newly booted workstations to get its IP address o Solutions: + RARP protocol + RARP server!! - IP address embedded in OS image (different image for every WS) + BOOTP protocol o Limitation of RARP: server needed on each net as broadcast is not forwarded Network layer -- June 2004

Internet: BOOTP q Bootstrap protocol o Uses UDP messages • Broadcast to port 67 • Forwarded over routers o Gives additional information • IP address of file server holding the OS • IP address of default router • Subnet mask to use Network layer -- June 2004

Internet: DHCP q DHCP: Dynamic Host Configuration Protocol o Special server + relay agents o Static + dynamic assignment of IP addresses (leasing) o Newly booted machine: broadcasts a DHCP Discover packet Network layer -- June 2004

Network Layer q Design issues q Routing q Congestion q Internetworking q Internet Protocols q Multimedia or Qo. S q IP protocol q Internet Control Protocols q Routing o OSPF o BGP q Internet multicasting q Mobile IP q IPv 6 Network layer -- June 2004 44

Internet: routing q History: o First protocol: RIP (distance vector) o Since 1979: replaced by link state o In 1990 new standard: OSPF q Protocols: o Interior gateway protocol: OSPF – Open Shortest Path First o Exterior gateway protocol: BGP – Border gateway protocol Network layer -- June 2004

Internet routing: OSPF q Requirements for OSPF: o Algorithm in open literature o Support for various distance metrics o Dynamic algorithm o Support for routing based on type of service o Do load balancing over multiple lines o Support for hierarchical systems o Security to prevent false updates o Support for routers connected through tunnel q OSPF supports as connections and networks o Point-to-point lines between routers o Multi access networks with broadcasts o (multi access) networks without broadcasts Network layer -- June 2004

Internet routing: OSPF q Abstract view on network o Directed graph o Node for each router + network o Arcs: • 2 arcs for each point-to-point line • 2 arcs for each network node to the routers connected to the network o Example Network layer -- June 2004

Internet routing: OSPF q Abstract view on network o Directed graph o Node for each router + network o Arcs: • 2 arcs for each point-to-point line • 2 arcs for each network node to the routers connected to the network Network layer -- June 2004

Internet routing: OSPF q Network divided into areas o Areas do not overlap o Area = set of contiguous networks o Topology of area not visible outside area Provisions for very large networks q Backbone area o Interconnects areas o Router connected to at least 2 areas is part of backbone q Classes of routers o Internal routers (within an area) o Area border routers (interconnect areas) o Backbone routers o AS boundary router q 3 kinds of routes o Intra-area: shortest path o Interarea: from source to backbone to destination o Inter AS Network layer -- June 2004

Internet routing: OSPF Provisions for very large networks Network layer -- June 2004

Internet routing: OSPF q Provisions for very large networks Network layer -- June 2004

Internet routing: OSPF q Exchanging information o Between adjacent routers o on LAN one router is elected as designated router o Designated router is adjacent to all neighbouring routers q Flooding to all routers in an area q Within routers of any area o Construct graph o Compute shortest paths between routers in area q Extra for backbone area o Accept info from area border routers o Compute SP between backbone router and all routers in AS o Propagate this info back to area border routers, which advertise it within their areas Network layer -- June 2004

Internet routing: OSPF q How handle different types of service o Multiple graphs with as cost metric • Delay • Throughput • reliability o Triples computation o Separate routes for optimising … Network layer -- June 2004

Internet routing: BGP q Allow many kinds of routing policies: o Examples: • No transit traffic • Only transit X if there is no alternative • Traffic from or to Y should not transit Z o Policies require manual configuration! q BGP view of the Internet o BGP routers + interconnecting lines o 3 kind of networks: • stub networks : 1 connection in BGP graph • multi connected networks • transit networks (operated as backbones) q BGP algorithm Network layer -- June 2004

Internet routing: BGP q BGP algorithm o Distance vector protocol + o Each router keeps track of exact path used o Route violating a policy distance = o Uses reliable TCP connections? ? ? Network layer -- June 2004

Network Layer q Design issues q Routing q Congestion q Internetworking q IP protocol q Internet Control Protocols q Routing q Internet Protocols q Internet multicasting q Multimedia or Qo. S q Mobile IP q IPv 6 Network layer -- June 2004 56

Internet multicasting q Use of class D IP addresses o Each group identified by class D address o Best effort delivery to all members of group o Permanent addresses • • 224. 0. 0. 1: all systems on LAN 224. 0. 0. 2: all routers on LAN 224. 0. 0. 5: all OSPF routers on LAN 224. 0. 0. 6: all designated OSPF routers on LAN o Temporary addresses for temporary groups • Create group • Host can join/leave group • IGMP: Internet Group Management Protocol Network layer -- June 2004

Internet multicasting q Multicast router o Keeps track of the groups to which hosts on its LAN belong o Modified distance vector protocol o Each router constructs spanning tree per group o Heavy use of tunneling (why? ) Network layer -- June 2004

Internet: mobile IP q Unattractive solutions: o Give new IP address to mobile host o Use complete IP address for routing q IETF: desirable goals o (home) IP address usable everywhere o No software changes to fixed hosts o No changes to router software and tables o No detours for most packets to mobile hosts o No overhead when mobile host is at home q Solution Network layer -- June 2004

Internet: mobile IP q Solution (see general scheme for details) o Home agent • Gratuitous ARP to invalidate cached entries o Foreign agent + registering o ARP + home agent responding o Tunnel to foreign agent + inform sender q Handling of other problems: o Locating agents • Broadcast o Host leaving without deregistration • Registration valid for fixed time interval o Security • Use authentication protocol Network layer -- June 2004

Network Layer q Design issues q Routing q Congestion q Internetworking q IP protocol q Internet Control Protocols q Routing q Internet Protocols q Internet multicasting q Multimedia or Qo. S q Mobile IP q IPv 6 Network layer -- June 2004 61

Internet: IPv 6 q Major goals for new IP o Support billion of hosts o Reduce size of routing tables o Simplify protocol o Better security (authentication + privacy) o More attention for type of service o Aid multicasting o Better support for mobility o Allow protocol to evolve o Permit coexistence of old and new IP q Features of IPv 6 o Not compatible with IPv 4 o Compatible with other Internet protocols o Longer addresses o Simplification of header o Better support for options o Big advance in security o More attention to type of service Network layer -- June 2004 62

Internet: IPv 6 q Procedure o Call for proposal by IETF o 21 responses o Dec 92: 7 serious proposals o 3 better proposals published in IEEE network o SIPP (Simple Internet Protocol Plus) or IPv 6: combined version Network layer -- June 2004

Internet: IPv 6 header Network layer -- June 2004

Internet: IPv 6 header q Version: identifies protocol version q Priority o 0 – 7: transmissions capable of slowing down o 8 – 15: real-time traffic o Higher values: more important traffic q Flow label: Identification of flow with specific requirements o Pseudoconnection between source and destination o To be used by routers for special treatment of all packets of a flow q Payload length: number of bytes in packet after header q Next header o Which extension follows this one o (last extension header) which transport protocol to select q Hop limit: decremented at each hop q Addresses of source & destination: 16 bytes or 128 bits Network layer -- June 2004

Internet: IPv 6 addresses q Size of address space: o 128 bits 2128 1038 addresses o 7 x 1023 addresses /m 2 land + water on entire earth o Most pessimistic scenario: 1000 addresses / m 2 (land + water) q Notation o 8 groups of 4 hexadecimal digits with colons as separators • 8000: 0000: 0123: 4567: 89 AB: CDEF o Short cuts: • Sequence of 0000 “: : ” : 8000: : 0123: 4567: 89 AB: CDEF • IPv 4 : : : 134: 58: 91: 254 q Assignment o Provider-based + geographic-based addresses o Overview … Network layer -- June 2004

Prefix Usage Fraction 0000 Reserved (including IPv 4) 0000 0001 Unassigned 0000 001 OSI NSAP addresses 1/128 0000 010 Novell Netware IPX addresses 1/128 0000 011 Unassigned 1/128 0000 1 Unassigned 1/32 0001 Unassigned 1/16 001 Unassigned 1/8 010 Provider-based addresses 1/8 011 Unassigned 1/8 100 Geographic-based addresses 1/8 101 Unassigned 1/8 110 Unassigned 1/8 1110 Unassigned 1/16 1111 0 Unassigned 1/32 1111 10 Unassigned 1/64 1111 110 Unassigned 1/128 1111 1110 0 Unassigned 1/512 1111 1110 10 Link local use addresses 1/1024 1111 1110 11 Site local use addresses 1/1024 1111 Multicast Network layer -- June 2004 1/256 67

Internet: IPv 6 q Extension headers o Extra info, efficiently encoded o Overview … Extension Header Description Hop-by-hop options Miscellaneous information for routers Routing Full or partial route to follow Fragmentation Management of datagram fragments Authentication Verification of the sender’s identity Encrypted security payload Information about the encrypted contents Destination options Additional information for the destination Network layer -- June 2004

Internet: IPv 6 q Extension headers o Encoding: • Fixed format or • variable number of variable length fields – Type, length value encoding Network layer -- June 2004

Internet: IPv 6 q Jumbogram extension header o Datagrams > 64 Kbyte Network layer -- June 2004

Internet: IPv 6 q Routing extension header o Bit map: strict source routing <> loose source routing Network layer -- June 2004

Internet: IPv 6 q Fragmentation extension header: o Fragmentation only by source host simplification of routers, o Identical fields: • Datagram identifier • Fragment number • MF bit Network layer -- June 2004

Internet: IPv 6 q Controversies: o Address length o Length of hop limit field: • Number of hops should never exceed ~100 8 bits o Maximum packet size o Removal of checksum o Security • in network layer? Yes standard service No never good enough • Export restriction? • How? replaceable algorithms Network layer -- June 2004

Computer Networks Network layer