Lec 4 - Network Layer - Data Plane
网络层
Goal
- Principles behind network layer services, focusing on the data plane:
- Network layer service routing
- how a router works
- addressing
- generalized forwarding
- Internet architecture
- Instantiation, implementation in the Internet
- IP protocol
- NAT
- Routing protocols
控制平面:全局
数据平面:局部
Overview:
- Data Plane
- Control Plane
Network-layer services and protocols
- transport segment from sending to receiving host
- sender: encapsulates segments into datagrams, passes tp link layer
- receiver: deliver segments to transport layer protocol
- network layer protocols in every Internet decvice: hosts, routers
- routers:
- examines header fields in all IP datagrams passing through it
- moves datagrams from input ports to output ports to transfer datagrams along end-end path
Two key network-layer functions
network-layer functions:
- forwarding: move packets from a router’s input link to appropriate router output link
- router: determine route taken by oackets from source to destination
- routing algorithms
analogy: taking a trip
- forwarding: process of getting through single interchange
- routing: process of planning trip from source to destination
Network layer: data plane, control plane
Data plane:
- local, per-router function
- determines how datagram arriving on router input port is forwarded to router output port
Control plane
- network-wide logic
- determines how datagram is routed among routers along end-end path from source host to destination host
- two control-plane approaches:
- traditional routing algorithms: implemented in routers
- software-defined networking(SDN): implemented in (remote) servers
Per-router control plane
Individual routing algorithm components in each and every router interact in the control plane
SoftWare-Defined Networking(SDN)control plane
Remote controller computes, installs forwarding tables in routers
Inside a router
Router acrchiteture overview
High-level view of generic router architecture:
Input port functions
分散的切换
- destination-based forwarding: forward based only on destination IP address(traditional)
- generalized forwarding: forward based on any set of header field values
Destination-based forwarding
Longest prefix matching
Longest prefix match
when looking for forwarding table entry for given destination address, use longest address prefix that matches destination address.
Example 1: interface:0
Example 2: interface:1
Switching fabrics
Transfer packet from input link to appropriate output link
switching rate: rate at which packets can be transfer from inputs to outputs
often measured as multiple of input/output line rate
N inputs: switching rate N times line rate desirable
three major types of switching fabrics:
Switching via memory
First generation routers:
- traditional computers with switching under direct control of CPU
- packet copied to system’s memory
- speed limited by memory bandwidth(2 bus crossing per data gatagram)
Switching via a bus
- datagram from input port memory to output port memory via a shared bus
- bus connection: switching speed limited by bus bandwidth
- 32 Gbps bps, Cisco 5600: sufficient speed for access routers
Switching via interconnection network
- Crossbar, Clos networks, other interconnection nets initially deceloped to connecr processors in multiprocessor
- multistage switch: nxn switch from miltiple stages of smaller switches
- exploiting parallelism:
- fragment datagram into fixed length cells on entry
- switch cells through the fabric, reassemble datagram at exit
Input port queuing
- If switch fabric slower than input ports combined -> queueing may occur at input queues
- queueing delay and loss due to input buffer overflow!
- Head-of-the-Line(HOL) blocking: queued datagram at front of queue prevents others in queue from moving forward
Output port queuing
- Buffering required when datagrams arrive from fabric faster than link transmission rate.
Drop policy: which datagrams to drop if no free buffers?
Datagrams can be lost due to congestion, lack of buffers
- Scheduling discipline chooses among queued datagrams for transmission
Priority scheduling - who gets best performance, network neutrality
IP: the Internet Protocol - Datagram format
Network Layer: Internet
host, router network layer functions:
IP Datagram format
IP fragnebtation/reassembly
- network links have MTU(max, transfer size) - largest possible link-level frame
- different link types, different MTUs
- large IP datagram divided(“fragmented”) within net
IP: the Internet Protocol - Addressing
IP addressing: introduction
- IP address: 32-bit identifier associated with each host or router interface
- interface: connection between host/router and physical link
- router’s typically have mulriple interfaces
- host typically has one or two interfaces(e.g., wired Ethernet, wireless 802.11)
Subnets
Recipe for defining subnets:
- detach each interface from its host or router, creating “islands” of isolated networks
- each isolated network is called a subnet
IP addressing: CIDR
CIDR: Classless Inter Domain Routing(pronounced “cider”)
- subnet protion of address of arbitrary length
- address format: a.b.c.d/x, where x is # bits subnet portion of address
IP: the Internet Protocol - get an IP Address
IP addresses: how to get one?
Q: How does a hostget IP address within its network (host part of address)?
Q: How does a networkget IP address for itself (network part of address)
How does hostget IP address?
- hard-coded by sysadmin in config file (e.g., /etc/rc.config in UNIX)
- DHCP:Dynamic Host Configuration Protocol: dynamically get address from as server•“plug-and-play”
DHCP: Dynamic Host Configuration Protocol
goal: host dynamically obtain IP address from network server when it “joins” network
- can renew its lease on address in use
- allows reuse of addresses (only hold address while connected/on)
- support for mobile users who join/leave network
DHCP overview
- host broadcasts DHCP discovermsg [optional]
- DHCP server responds with DHCP offermsg [optional]
- host requests IP address: DHCP request msg
- DHCP server sends address: DHCP ackmsg
DHCP client-server scenario
DHCP: more than IP addresses
DHCP can return more than just allocated IP address on subnet:
- address of first-hop router for client
- name and IP address of DNS server
- network mask(indicating network versus host portion of address)
IP addresses: how to get one
Hierarchical addressing: route aggregation
hierarchical addressing allows efficient adverrisement of routing information:
IP addressing: last words
IP: the Internet Prorocol - Network address translation & IPv6
NAT: network address translation
NAT: all devices in local network share just one IPv4 address as far as outside world is concerned
IPv6: motivation
- initial motivation: 32-bit IPv4 address space would be completely allocated
- additional motivation:
- speed processing/forwarding: 40-byte fixed length header
- enable different network-layer treatment of “flows”
IPv6 datagram format
Transition from IPv4 to IPv6
- not all routers can be upgraded simultaneously
- no “flag days”
- how will network operate with mixed IPv4 and IPv6 routers
- tunneling: IPv6 datagram carried as payload in IPv4 datagram among IPv4 routers(“packet within a packet”)
- tunneling used extensively in other contexts(4G/5G)
Tunneling and encapsulation
Tunneling
IPv6: adoption
- Long(long!) time for deployment, use
- 25 years and counting
- think of application-level changes in last 25 years: WWW, social media, streaming media, gaming, telepresence,….
Generalized Forwarding, SDN - Match + action & OpenFlow
Generalized forwarding: match plus action
Review: each router contains a forwarding table (aka: flow table)
- “match plus action” abstraction: match bits in arriving packet, take acton
- destination-based forwarding” forward based on dest. IP address
- generalized forwarding:
- many header fields can determine action
- many action possible: drop/copy/modify/log packet
Flow table abstraction
- flow: defined by header field values(in link-, network-, transport-layer fields)
- generalized forwarding: simple packet-handling rules
- match: pattern values in packet header fields
- actions: for matched packet: drop, forward, modify matched packet, or send matched packet to controller
- priority: disambiguate overlapping patterns
- counters: #bytes and #packets
OpenFlow: flow table entries
- example
OpenFlow abstraction
- match + action: abstraction unifies different kinds of devices
Router
- match: longest destination IP prefix
- action: forward out a link
Switch
- match: destination MAC address
- action: forward or flood
Firewall
- match: IP address and TCP/UDP port numbers
- action: permit or deny
NAT
- match:IP address and port
- action: rewrite address and port
Example
Generalized forwarding: summary
Lec5 - Network Layer - Control Plane
Goals:
- Principles behind network control plane:
- tradtional routing algorithms
- SDN controllers
- Instantiation, implementation in the Internet:
- OSPF,BGP
- OpenFlow
Introduction
Network-layer functions
- forwarding(转发): move packets from router’s input to appropriate router output
- routing(路由): determine route taken by packet from source to destination
Per-router control plane
Individual routing algorithm components in each and every
router interact in the control plane
Software-Defined Networking(SDN) control plane
Remote controller computes, installs forwarding tables in routers
Routing Algorithms
Routing protocols
Graph abstraction: link costs
Routing algorithm classification
Intra-AS Routing in the Internet: OSPF
Making routing scalable
Inrernet approach to scalable routing
aggregate routers into regions known as “autonomous systems” (AS) (a.k.a. “domains”)
inter-AS(aka “inter-domain”): routing among AS’es
- gateways perform inter-domain routing(as well as intra-domain routing)
intra-AS(aka “intra-domain”): routing within same AS(“network”)
- all routers in AS must run same intra-domain protocol
- routers in different AS can run different intra-domain routing protocols
- gateway router: at “edge” of its own AS, has link(s) to router(s) in other AS’ es
Interconnected ASes
Inter-AS routing: routing within an AS
most common intra-AS routing protocols:
- RIP:Routing Information Protocol
- classic DV: DVs exchanged every 30 secs
- no longer widely used
- EIGRP: Enhanced Interior Gateway Routing Protocol
- DV based
- formerly Cisco-proprietary for decades (became open in 2013)
- OSPF: Open Shortest Path First
- link-state routing
- IS-IS protocol (ISO standard, not RFC standard) essentially same as OSPF
OSPF(Open Shortest Path First) routing
- “open”: publiciy available
- classic link-state
- each router floods OSPF link-state advertisements (directly over IP rather than using TCP/UDP) to all other routers in entire AS
- multiple link costs metrics possible: bandwidth, delay
- each router has full topology, uses Dijkstra’s algorithm to compute forwarding table
- secruity: all OSPF messages authenticated(to prevent maliciious intrusion(恶意入侵))
Hierarchical OSPF
Routing Among the ISPs: BGP
Internet inter-AS routing: BGP
- BGP(Border Gateway Protocol): the de facto inter-domain routing protocol
- “glue that holds the Internet together”
- allows subnet to advertise its existence, and the destinations it can reach, to rest of Internet: “I am here, here is who I can reach, and how”
- GBP provides each AS a means to:
- eBGP: obtain subnet reachability information from neighboring ASes
- iBGP: propagate reachability information to all AS-internal routers.
- determine “good” routes to other networks based on reachability information and policy
eBGP, iBGP connections
BGP basics
- BGP session: two BGP router(“peers”) exchange BGP messages over semi-perimanent TCP connection:
- advertising path to different destination network prefixes(BGP is a “path vector” protocol)
- when AS3 gateway 3a advertises path AS3, x to AS2 gateway 2c:
- AS3 promises to AS2 it will forward datagrams towards X
- AS3 promises to AS2 it will forward datagrams towards X
Path attributes and BGP routes
- BGP adverised router: prefix + attributes
- prefix: destination being advertised
- two important attributes:
- AS-PATH: list of ASes through which prefix advertisement has passed
- NEXT-HOP: indicates specific internal-AS router to next-hop AS
- policy-based routing:
- gateway receiving route advertisement uses import policy to accept/decline path (e.g., never route through AS Y).
- AS policy also determines whether to advertise path to other other neighboring ASes
BGP path advertisement
BGP route selection
- router may learn about more than one route to destination AS, selects route based on:
- local preference value attribute: policy decision
- shortest AS-PATH
- closest NEXT-HOP router: hot potato routing
- additional criteria
- RouteViews Project: http://www.routeviews.org
- telent route-views.linx.routeviews.org
- show ip bgp 130.127.0.0/16 longer-prefixes
Why different Intra-, inter-AS routing?
policy:
- inter-AS: admin wants control over how its traffic routed, who routes through its network
- intra-AS: single admin, so policy less of an issue
scale:
- hierachical routing saves table size, reduced update traffic
performance:
- intra-AS: can focus on performance
- inter-AS: policy dominates over performance
Software defined networking(SDN)
- Internet network layer: historically implemented via distributed, per-router control approach:
- monolithic router contains switching hardware, rums proprietary implementation of Internet standard protocols (IP, RIP, IS-IS, OSPF, BGP) in proprietary router OS(e.g., Cisco IOS)
- different “middleboxes” for different network layer functions: firewalls, load balancers, NAT boxes, …
Software-Defined Networking(SDN) control plane
Remote controller computes, installs forwarding tables in routers
Software defined networking(SDN)
SDN analogy: mainframe to PC revolution
Traffic engineering: difficult with traditional routing
The SDN Control Plane - Implementation
Software defined networking(SDN)
OpenFlow protocol
- operates between controller, switch
- TCP used to exchange messages
- optional encryption
- three classes of OpenFlow messages:
- controller-to-switch
- asynchronous(switch to controller)
- symmetric(e.g. check liveness)
SDN: control/data plane interaction example
