Scribd
Upload
10 views37 pages

Network Layer - Data Plane

네트워크

Uploaded by

brianchoi506
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views37 pages

Network Layer - Data Plane

네트워크

Uploaded by

brianchoi506
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 37

Network layer: “data plane” roadmap

▪ Network layer: overview


• data plane
• control plane
▪ What’s inside a router
• input ports, switching, output ports
• buffer management, scheduling
▪ IP: the Internet Protocol ▪ Generalized Forwarding, SDN
• datagram format • match+action
• addressing • OpenFlow: match+action in action
• network address translation ▪ Middleboxes
• IPv6
Network Layer: 4-41
ICMP: Internet Control Message Protocol
Network Layer: Internet RIP: Routing Information Protocol
OSPF: Open Shortest Path First
BGP: Border Gateway Protocol

host, router network layer functions:

transport layer: TCP, UDP

IP protocol
routing protocols • datagram format
• path selection • addressing conventions
network • RIP, OSPF, BGP • packet handling conventions
• SDN controller forwarding
layer table ICMP protocol
•(network) error reporting
• router “signaling”

link layer
physical layer

Network Layer: 4-42


IP Datagram format (v4) total datagram length (bytes)
▪ theoretically up to 65,535 bytes
IP protocol version 32 bits
number (v4 or v6), 4 bits
header length (bytes), 4 bits ver head. type of length (16 bits)
len service
3-bit 13-bit fragment
used for fragmentation
8-bit ToS: “type” of service 16-bit identifier flags and reassembly
▪ diffserv (0:5) offset
time to 16-bit header (none in IPv6 header)
• e.g., real-time or not protocol
▪ ECN (6:7) live checksum
Internet checksum
TTL: max # of remaining hops 32-bit source IP address only for header: 1’s
▪ decremented at each router
32-bit destination IP address complement of sum
▪ prevent routing loop
upper layer protocol (e.g., TCP(6), UDP(17)) options (if any, but usually none) e.g., timestamp, record
route taken, specify list
of routers to visit, etc.
overhead payload data (none in IPv6 header)
▪ 20 bytes of TCP (variable length,
▪ 20 bytes of IP typically a TCP Maximum length: 64K bytes
▪ = 40 bytes + app or UDP segment) (Typically, 1500 bytes or less)
layer overhead
Network Layer: 4-43
IP addressing: introduction
223.1.1.1

▪ IP address: 32-bit (4-byte) 223.1.2.1

identifier associated with each 223.1.1.2


223.1.1.4 223.1.2.9
host or router interface
• about 4 billion IP addresses 223.1.3.27
223.1.1.3

▪ interface: connection between 223.1.2.2

host/router and physical link


• router’s typically have multiple interfaces 223.1.3.1 223.1.3.2

• host typically has one or two interfaces


(e.g., wired Ethernet, wireless 802.11)
dotted-decimal IP address notation
▪ IP addresses associated with each 223.1.1.1 = 11011111 00000001 00000001 00000001
interface
• a router has multiple IP addresses 223 1 1 1

Network Layer: 4-44


IP addressing: introduction
223.1.1.1

223.1.2.1

Q: how are interfaces 223.1.1.2


223.1.1.4 223.1.2.9
actually connected? A: wired
Ethernet interfaces
connected by 223.1.1.3
223.1.3.27
223.1.2.2
Ethernet switches

223.1.3.1 223.1.3.2

A: wireless WiFi interfaces


See chapters 6, 7 for more details connected by WiFi base station

Network Layer: 4-45


Subnets
223.1.1.1

▪ What’s a subnet ? 223.1.2.1

• device interfaces that can 223.1.1.2


223.1.1.4 223.1.2.9
physically reach each other
without passing through an 223.1.1.3
223.1.3.27

intervening router 223.1.2.2

• device interfaces with same


subnet part of IP address 223.1.3.1 223.1.3.2

▪ IP addresses have structure:


network consisting of 3 subnets
• subnet part: devices in same subnet
have common high-order bits Q) How’s the subnet part
• host part: remaining low-order bits assigned in the figure?
Network Layer: 4-46
Subnets subnet 223.1.1.0/24
223.1.1.1 subnet 223.1.2.0/24

Recipe for defining subnets: 223.1.2.1

▪detach each interface from its 223.1.1.2


223.1.1.4 223.1.2.9

host or router, creating


“islands” of isolated networks 223.1.1.3
223.1.3.27
223.1.2.2

▪each isolated network is


subnet
called a subnet 223.1.3.0/24 223.1.3.1 223.1.3.2

Q) What if a device in a subnet mask: /24


subnet has a different high-order 24 bits: subnet part of IP address
subnet part of IP interfaces in a subnet has same subnet address
address? e.g., 223.1.3.xxx
Network Layer: 4-47
Subnets 223.1.1.2

subnet 223.1.1/24
223.1.1.1
▪ how many 223.1.1.4

subnets? 223.1.1.3

▪ 6 subnets 223.1.9.2 223.1.7.0


subnet 223.1.7/24
subnet 223.1.9/24

223.1.9.1 223.1.7.1
223.1.8.1 223.1.8.0

subnet 223.1.2/24 223.1.2.6 subnet 223.1.8/24 223.1.3.27


subnet 223.1.3/24

Note: no need for 223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2


24-bit subnet part
Network Layer: 4-48
IP addressing strategy
CIassful addressing
• only 8-, 16-, 24-bit subnet addresses are allowed
• Class A: 8-bit (1-byte) subnet addresses, 224 = 16,777,216 hosts
• Class B: 16-bit (2-byte) subnet addresses, 216 = 65,534 hosts
• Class C: 24-bit (3-byte) subnet addresses, 28 = 256 hosts

Q) What are the problems of this method?

Network Layer: 4-49


IP addressing strategy
CIDR: Classless InterDomain Routing (pronounced “cider”)
• subnet portion of address of arbitrary length
• address format: a.b.c.d/x, where x is # bits in subnet
portion of address
subnet host
200.23.16.0/23 part part
11001000 00010111 00010000 00000000

subnet host
200.23.16.0/20 part part
11001000 00010111 00010000 00000000

Network Layer: 4-50


IP addresses: how to get one?
That’s actually two questions:
Q1) How does host get IP addr within its network? – host part
Q2) How does network get IP addr for itself? – network part

Q1: How does host get IP address?


▪ hard-coded by sysadmin in config file
▪ Windows: control panel -> network -> configuration -> tcp/ip -> properties
▪ UNIX: /etc/rc.config
▪ DHCP: Dynamic Host Configuration Protocol: dynamically get address
from a server
• referred to as a “plug-and-play” protocol
Network Layer: 4-51
DHCP: Dynamic Host Configuration Protocol
goal: allow host to dynamically obtain its IP address from network server
when it joins network
▪ can renew its lease on address in use
▪ allows reuse of addresses (only hold address while connected/on)
▪ support for mobile users who join/leave network (more shortly)
Q) is DHCP useful for server, client, or both?
DHCP overview:
▪ host broadcasts “DHCP discover” msg
▪ DHCP server responds with “DHCP offer” msg
▪ host requests IP address with “DHCP request” msg
▪ DHCP server assigns IP address with “DHCP ACK” msg
Network Layer: 4-52
DHCP client-server scenario
Typically, DHCP server will be
223.1.1.0/24 DHCP server co-located in router, serving
223.1.1.1 all subnets to which router is
223.1.2.1
attached
223.1.2.5
223.1.1.2
223.1.1.4 223.1.2.9

223.1.3.27
223.1.1.3
223.1.2.2
223.1.2.0/24 arriving DHCP client needs
address in this network
223.1.3.1 223.1.3.2

223.1.3.0/24

Network Layer: 4-53


DHCP client-server scenario
DHCP server: 223.1.2.5 DHCP discover msg Arriving client
src : 0.0.0.0, 68
Broadcast: is there a
dest.: 255.255.255.255,67
DHCPyiaddr:
server 0.0.0.0
out there?
transaction ID: 654

DHCP offer msg


src: 223.1.2.5, 67
Broadcast: I’m a DHCP
dest: 255.255.255.255, 68
server!
yiaddr:Here’s an IP
223.1.2.4
address you can use
transaction ID: 654
lifetime: 3600 secs
The two steps above can
DHCP request msg be skipped “if a client
src: 0.0.0.0, 68 remembers and wishes to
Broadcast: OK. I would
dest:: 255.255.255.255, 67 reuse a previously
yiaddr: 223.1.2.4 allocated network address”
like totransaction
use this ID:IP 655
address!
[RFC 2131]
lifetime: 3600 secs

DHCP ACK msg


src: 223.1.2.5, 67
dest: 255.255.255.255, 68
Broadcast: OK. You’ve
yiaddr: 223.1.2.4
gottransaction
that IP address!
ID: 655
lifetime: 3600 secs
Network Layer: 4-54
DHCP client-server scenario
DHCP server: 223.1.2.5 DHCP discover msg Arriving client
src : 0.0.0.0, 68
dest.: 255.255.255.255,67
yiaddr: 0.0.0.0
transaction ID: 654

DHCP offer msg


src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddr: 223.1.2.4
transaction ID: 654
lifetime: 3600 secs
The two steps above can
DHCP request msg be skipped “if a client
src: 0.0.0.0, 68 remembers and wishes to
dest:: 255.255.255.255, 67 reuse a previously
yiaddr: 223.1.2.4 allocated network address”
transaction ID: 655
[RFC 2131]
lifetime: 3600 secs

DHCP ACK msg


src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddr: 223.1.2.4
transaction ID: 655
lifetime: 3600 secs
Network Layer: 4-55
DHCP: more than IP addresses
DHCP can return more than just allocated IP address on
subnet:
▪ address of first-hop router for client (aka default gateway)
▪ name and IP address of DNS sever
▪ network mask (indicating network versus host portion of address)

Network Layer: 4-56


DHCP: example
DHCP DHCP ▪ Connecting laptop will use DHCP
DHCP UDP
DHCP IP
to get IP address, address of first-
DHCP Eth hop router, address of DNS server.
Phy
▪ DHCP REQUEST message encapsulated
DHCP

in UDP, encapsulated in IP, encapsulated


DHCP DHCP 168.1.1.1 in Ethernet
DHCP UDP
IP
▪ Ethernet frame broadcast (dest:
DHCP

DHCP Eth router with DHCP


Phy server built into FFFFFFFFFFFF) on LAN, received at router
router running DHCP server

▪ Ethernet frame de-mux’ed to IP, IP to


UDP, UDP to DHCP
Network Layer: 4-57
DHCP: example
DHCP DHCP ▪ DHCP server formulates DHCP ACK
DHCP UDP containing client’s IP address, IP
DHCP IP address of first-hop router for client,
DHCP Eth
Phy name & IP address of DNS server

▪ encapsulated DHCP server reply


DHCP DHCP forwarded to client, de-muxing up to
UDP
DHCP
DHCP IP
DHCP at client
DHCP Eth router with DHCP
DHCP
Phy server built into ▪ client now knows its IP address, name
router and IP address of DNS server, IP
address of its first-hop router

Network Layer: 4-58


IP addresses: how to get one?
Q2: how does network get subnet part of IP address?
A: gets allocated portion of its provider ISP’s address space
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

ISP can then allocate out its address space in 8 blocks:


Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23
Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23
Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23
... ….. …. ….
Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

Network Layer: 4-59


Hierarchical addressing: route aggregation
hierarchical addressing allows efficient advertisement of
routing information:
Organization 0
200.23.16.0/23 Note: typically routing based on subnet
Organization 1
200.23.18.0/23
“Send me anything
with addresses
route aggregation
Organization 2 beginning (aka addr. aggregation)
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
beginning
199.31.0.0/16”

Network Layer: 4-60


Hierarchical addressing: more specific routes
▪ Organization 1 moves from Fly-By-Night-ISP to ISPs-R-Us
▪ ISPs-R-Us now advertises a more specific route to Organization 1
Organization 0
200.23.16.0/23 Note: typically routing based on subnet
Organization 1
200.23.18.0/23
“Send me anything
with addresses
route aggregation
Organization 2 beginning (aka addr. aggregation)
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
Organization 1 beginning
199.31.0.0/16” It’s OK because of
200.23.18.0/23 “or 200.23.18.0/23” longest prefix matching rule

Network Layer: 4-61


IP addressing: the last words ...
Q: how does an ISP get block of Q: are there enough 32-bit IP
addresses? addresses?
A: ICANN: Internet Corporation for ▪ ICANN allocated last chunk of
Assigned Names and Numbers IPv4 addresses to RRs in 2011
http://www.icann.org/ ▪ NAT (next) helps IPv4 address
• allocates IP addresses, through 5 space exhaustion
regional registries (RRs) (who may
then allocate to local registries) ▪ IPv6 has 128-bit address space
• manages DNS root zone, including
delegation of individual TLD (.com, "Who the hell knew how much address
.edu , …) management space we needed?" Vint Cerf (reflecting on
decision to make IPv4 address 32 bits long)
• assigns domain names
Network Layer: 4-62
Network layer: “data plane” roadmap
▪ Network layer: overview
• data plane
• control plane
▪ What’s inside a router
• input ports, switching, output ports
• buffer management, scheduling
▪ IP: the Internet Protocol ▪ Generalized Forwarding, SDN
• datagram format • match+action
• addressing • OpenFlow: match+action in action
• network address translation ▪ Middleboxes
• IPv6
Network Layer: 4-63
NAT: network address translation
NAT: all devices in local network share just one IPv4 address as
far as outside world is concerned
rest of local network (e.g., home
Internet network) 10.0.0/24

10.0.0.1
138.76.29.7 10.0.0.4

10.0.0.2

10.0.0.3

all datagrams leaving local network have datagrams with source or destination in
same source NAT IP address: 138.76.29.7, this network have 10.0.0/24 address for
but different source port numbers source, destination (as usual)
Network Layer: 4-64
NAT: network address translation
▪ all devices in local network have 32-bit addresses in a “private” IP
address space (10/8, 172.16/12, 192.168/16 prefixes) that can only
be used in local network class A class B class C
▪ advantages:
▪ just one IP address needed from provider ISP for all devices
▪ can change addresses of host in local network without notifying
outside world
▪ can change ISP without changing addresses of devices in local
network
▪ security: devices inside local net not directly addressable, visible
by outside world

Network Layer: 4-65


NAT: network address translation
Implementation of NAT router (transparently)
▪ outgoing datagrams: replace (source IP address, port #) of each
outgoing datagram with (NAT IP address, new port #)
• remote hosts will respond to (NAT IP address, new port #) as
destination address
▪ NAT router: remember/store each (source IP address, port #) to (NAT
IP address, new port #) translation pair in NAT translation table
▪ incoming datagrams: replace (NAT IP address, new port #) in
destination fields of each incoming datagram with corresponding
(source IP address, port #) stored in NAT translation table
Network Layer: 4-66
NAT: network address translation
NAT translation table
2: NAT router changes 1: host 10.0.0.1 sends
WAN side addr LAN side addr datagram to
datagram source address 138.76.29.7, 5001 10.0.0.1, 3345
from 10.0.0.1, 3345 to 128.119.40.186, 80
138.76.29.7, 5001, …… ……
updates table
S: 10.0.0.1, 3345
D: 128.119.40.186, 80
10.0.0.1
1
S: 138.76.29.7, 5001
2 D: 128.119.40.186, 80 10.0.0.4
10.0.0.2
138.76.29.7 S: 128.119.40.186, 80
D: 10.0.0.1, 3345
4
S: 128.119.40.186, 80 10.0.0.3
D: 138.76.29.7, 5001 3
3: reply arrives, destination
address: 138.76.29.7, 5001

Network Layer: 4-67


NAT: network address translation
▪ NAT has been controversial:
• routers “should” only process up to layer 3
• address “shortage” should be solved by IPv6
• violates end-to-end argument (port # manipulation by network-layer device)
• NAT traversal: what if client wants to connect to host behind NAT?
• NAT traversal techniques: e.g., port forwarding, STUN, TURN, UPnP, etc.
▪ but NAT is here to stay:
• extensively used in home and institutional nets, 4G/5G cellular nets

Network Layer: 4-68


IPv6: motivation
▪ initial motivation: 32-bit IPv4 address space would be
completely allocated
▪ additional motivation:
• speed up processing/forwarding: 40-byte fixed length header
• facilitate QoS: enable different network-layer treatment of “flows”
▪IPv6 datagram format:
• 128-bit address
• enough addressing space for everything on earth
• fixed-length 40-byte header, no fragmentation allowed
• faster processing
Network Layer: 4-69
IPv6 datagram format
flow label: identify
traffic class (8 bits): 32 bits datagrams in same “flow”
identify priority among ver tc flow label (20 bits) (but concept of “flow”
datagrams in flow payload len (16 bits) next hdr hop limit not well defined)
source address
128-bit (128 bits)
IPv6 addresses destination address next header (8 bits):
(128 bits) identify protocol to which
data will be delivered
payload (data) (e.g., TCP or UDP)

Network Layer: 4-70


Other changes from IPv4
What’s missing (compared with IPv4)
▪ no checksum:
▪ removed entirely to reduce processing time at each hop
▪ no options:
▪ still available, moved from main header to extension headers
▪ indicated by “Next Header” field
▪ no fragmentation/reassembly:
▪ ICMPv6: new version of ICMP
▪ router drops bit datagram and sends an ICMP error message (“Packet Too Big”)

Network Layer: 4-71


Transition from IPv4 to IPv6
▪ not all routers can be upgraded simultaneously
• no “flag days”
• how will network operate with mixed IPv4 and IPv6 routers?
▪ tunneling: IPv6 datagram carried as payload in IPv4 datagram among
IPv4 routers (“packet within a packet”)
• tunneling used extensively in other contexts (4G/5G)

IPv4 header fields IPv6 header fields


IPv4 payload
IPv4 source, dest addr IPv6 source dest addr
UDP/TCP payload

IPv6 datagram
IPv4 datagram
Network Layer: 4-72
Tunneling and encapsulation
A B Ethernet connects two E F
Ethernet connecting IPv6 routers
two IPv6 routers: IPv6 IPv6 IPv6 IPv6

IPv6 datagram
Link-layer frame The usual: datagram as payload in link-layer frame

IPv4 network A B E F
connecting two
IPv6 routers IPv6 IPv6/v4 IPv6/v4 IPv6

IPv4 network

Network Layer: 4-73


Tunneling and encapsulation
A B Ethernet connects two E F
Ethernet connecting IPv6 routers
two IPv6 routers: IPv6 IPv6 IPv6 IPv6

IPv6 datagram
Link-layer frame The usual: datagram as payload in link-layer frame

IPv4 tunnel A B IPv4 tunnel E F


connecting IPv6 routers
connecting two
IPv6 routers IPv6 IPv6/v4 IPv6/v4 IPv6

IPv6 datagram
IPv4 datagram tunneling: IPv6 datagram as payload in a IPv4 datagram
Network Layer: 4-74
Tunneling
A B IPv4 tunnel E F
connecting IPv6 routers
logical view:
IPv6 IPv6/v4 IPv6/v4 IPv6

A B C D E F
physical view:
IPv6 IPv6/v4 IPv4 IPv4 IPv6/v4 IPv6

flow: X src:B src:B src:B flow: X


src: A dest: E dest: E src: A
dest: F
dest: E
dest: F
Flow: X Flow: X Flow: X
Src: A Src: A Src: A
Note source and data Dest: F Dest: F Dest: F data
destination
addresses! data data data

A-to-B: E-to-F:
B-to-C: B-to-C: B-to-C:
IPv6 IPv6
IPv6 inside IPv6 inside IPv6 inside
IPv4 IPv4 IPv4
Network Layer: 4-75
IPv6: adoption
▪ Google1: ~ 40% of clients access services via IPv6 (2023)
▪ NIST: 1/3 of all US government domains are IPv6 capable

Network Layer: 4-76


IPv6: adoption
▪ Google1: ~ 40% of clients access services via IPv6 (2023)
▪ NIST: 1/3 of all US government domains are IPv6 capable

▪ Long (long!) time for deployment, use


• 25 years and counting!
• think of application-level changes in last 25 years: WWW, social
media, streaming media, gaming, telepresence, …
• Why?

1 https://www.google.com/intl/en/ipv6/statistics.html
Network Layer: 4-77

You might also like