COMPUTER NETWORKS

THE NETWORK LAYER

CONTROL PLANE

1-1
Chapter 5: outline
5.1 Overview of Network layer 5.4 routing protocols
• data plane – link state
• control plane – distance vector
5.2 What’s inside a router 5.5 intra-AS routing in the
5.3 IP: Internet Protocol Internet: OSPF
• datagram format 5.6 routing among the ISPs:
• fragmentation BGP
• IPv4 addressing 5.7 The SDN control plane
• network address 5.8 ICMP: The Internet Control
translation Message Protocol
• IPv6 5.9 Network management and
• NAT SNMP

Network Layer: Data Plane 4-2

Network-layer functions
Recall: two network-layer functions:
▪ forwarding: move packets from
router’s input to appropriate data plane
router output
▪ routing: determine route taken
by packets from source to control plane
destination

Two approaches to structuring network control plane:

▪ per-router control (traditional)
▪ logically centralized control (software defined networking)

Network Layer: Control Plane 5-3

Per-router control plane
Individual routing algorithm components in each and every
router interact with each other in control plane to compute
forwarding tables

Routing
Algorithm
control
plane

data
plane

Network Layer: Control Plane 5-4

 Logically centralized control plane
A distinct (typically remote) controller interacts with local control
agents (CAs) in routers to compute forwarding tables

Remote Controller

control
plane

data
plane

CA
CA CA CA CA

Network Layer: Control Plane 5-5

Routing protocols

Routing protocol goal: determine “good” paths

(equivalently, routes), from sending hosts to receiving
host, through network of routers
▪ path: sequence of routers packets will traverse in
going from given initial source host to given final
destination host
▪ “good”: least “cost”, “fastest”, “least congested”
▪ routing: a “top-10” networking challenge!

Network Layer: Control Plane 5-6

Graph abstraction of the network
5

v 3 w
2 5
u 2 1 z
3
1 2
x 1
y
graph: G = (N,E)

N = set of routers = { u, v, w, x, y, z }

E = set of links ={ (u,v), (u,x), (v,x), (v,w), (x,w), (x,y), (w,y), (w,z), (y,z) }

aside: graph abstraction is useful in other network contexts, e.g.,

P2P, where N is set of peers and E is set of TCP connections

Network Layer: Control Plane 5-7

Graph abstraction: costs
5
c(x,x’) = cost of link (x,x’)
3 e.g., c(w,z) = 5
v w 5
2
u cost could always be 1, or
2
3
1 z inversely related to bandwidth,
1 2 or inversely related to
x 1
y
congestion

cost of path (x1, x2, x3,…, xp) = c(x1,x2) + c(x2,x3) + … + c(xp-1,xp)

key question: what is the least-cost path between u and z ?

routing algorithm: algorithm that finds that least cost path

Network Layer: Control Plane 5-8

Routing algorithm classification
Q: global or decentralized Q: static or dynamic?
information?
static:
global:
▪ routes change slowly over
▪ all routers have complete time
topology, link cost info
dynamic:
▪ “link state” algorithms
▪ routes change more quickly
decentralized:
• periodic update
▪ router knows physically-
connected neighbors, link costs • in response to link cost
to neighbors changes
▪ iterative process of
computation, exchange of info
with neighbors
▪ “distance vector” algorithms
Network Layer: Control Plane 5-9
Chapter 5: outline
5.1 Overview of Network layer 5.4 routing protocols
• data plane – link state
• control plane – distance vector
5.2 What’s inside a router 5.5 intra-AS routing in the
5.3 IP: Internet Protocol Internet: OSPF
• datagram format 5.6 routing among the ISPs:
• fragmentation BGP
• IPv4 addressing 5.7 The SDN control plane
• network address 5.8 ICMP: The Internet Control
translation Message Protocol
• IPv6 5.9 Network management and
• NAT SNMP

Network Layer: Data Plane 4-10

A link-state routing algorithm
Dijkstra’s algorithm
▪ net topology, link costs
known to all nodes
• accomplished via “link state
broadcast”
• all nodes have same info
▪ computes least cost paths
from one node (‘source”)
to all other nodes
• gives forwarding table for that
node
▪ iterative: after k iterations,
know least cost path to k
dest.’s
notation:
▪ c(x,y): link cost from node
x to y; = ∞ if not direct
neighbors
▪ D(v): current value of cost
of path from source to dest.
v
▪ p(v): predecessor node
along path from source to v
▪ N': set of nodes whose least
cost path definitively known
Network Layer: Control Plane 5-11
Dijsktra’s algorithm
1 Initialization:
2 N' = {u}
3 for all nodes v
4 if v adjacent to u
5 then D(v) = c(u,v)
6 else D(v) = ∞
7
8 Loop
9 find w not in N' such that D(w) is a minimum
10 add w to N'
11 update D(v) for all v adjacent to w and not in N' :
12 D(v) = min( D(v), D(w) + c(w,v) )
13 /* new cost to v is either old cost to v or known
14 shortest path cost to w plus cost from w to v */
15 until all nodes in N'

Network Layer: Control Plane 5-12

Dijkstra’s algorithm: example
D(v) D(w) D(x) D(y) D(z)
Step N' p(v) p(w) p(x) p(y) p(z)
0 u 7,u 3,u 5,u ∞ ∞
1 uw 6,w 5,u 11,w ∞
2 uwx 6,w 11,w 14,x
3 uwxv 10,v 14,x
4 uwxvy 12,y
5 uwxvyz x
9

notes: 5
4
7
❖ construct shortest path tree by
8
tracing predecessor nodes
ties can exist (can be broken 3 w z
❖ u y
arbitrarily) 2
3
7 4
v
Network Layer: Control Plane 5-13
 Dijkstra’s algorithm: another example
Step N' D(v),p(v) D(w),p(w) D(x),p(x) D(y),p(y) D(z),p(z)
0 u 2,u 5,u 1,u ∞ ∞
1 ux 2,u 4,x 2,x ∞
2 uxy 2,u 3,y 4,y
3 uxyv 3,y 4,y
4 uxyvw 4,y
5 uxyvwz
5

v 3 w
2 5
u 2 1 z
3
1 2
x 1
y

* Check out the online interactive exercises for more

examples: http://gaia.cs.umass.edu/kurose_ross/interactive/ Network Layer: Control Plane 5-14
Dijkstra’s algorithm: example (2)
resulting shortest-path tree from u:

v w
u z
x y

resulting forwarding table in u:

destination link
v (u,v)
x (u,x)
y (u,x)
w (u,x)
z (u,x)
Network Layer: Control Plane 5-15
 Dijkstra’s algorithm, discussion
algorithm complexity: n nodes
▪ each iteration: need to check all nodes, w, not in N
▪ n(n+1)/2 comparisons: O(n2)
▪ more efficient implementations possible: O(nlogn)
oscillations possible:
▪ e.g., support link cost equals amount of carried traffic:

1
A 1+e A A A
2+e 0 0 2+e 2+e 0
D 0 0 B D 1+e 1 B D B D 1+e 1 B
0 0
0 e 0 0
C 0 1 1+e 0
1 C C C
1
e
given these costs, given these costs, given these costs,
initially find new routing…. find new routing…. find new routing….
resulting in new costs resulting in new costs resulting in new costs
Network Layer: Control Plane 5-16
Chapter 5: outline
5.1 Overview of Network layer 5.4 routing protocols
• data plane – link state
• control plane – distance vector
5.2 What’s inside a router 5.5 intra-AS routing in the
5.3 IP: Internet Protocol Internet: OSPF
• datagram format 5.6 routing among the ISPs:
• fragmentation BGP
• IPv4 addressing 5.7 The SDN control plane
• network address 5.8 ICMP: The Internet Control
translation Message Protocol
• IPv6 5.9 Network management and
• NAT SNMP

Network Layer: Data Plane 4-17

Distance vector algorithm
Bellman-Ford equation (dynamic programming)

let
dx(y) := cost of least-cost path from x to y
then
dx(y) = min
v
{c(x,v) + dv (y) }

cost from neighbor v to destination y

cost to neighbor v

min taken over all neighbors v of x

Network Layer: Control Plane 5-18
Bellman-Ford example
5
3
clearly, dv(z) = 5, dx(z) = 3, dw(z) = 3
v w 5
2
u 2 1 z B-F equation says:
3
1 2 du(z) = min { c(u,v) + dv(z),
x y
1 c(u,x) + dx(z),
c(u,w) + dw(z) }
= min {2 + 5,
1 + 3,
5 + 3} = 4
node achieving minimum is next
hop in shortest path, used in forwarding table

Network Layer: Control Plane 5-19

Distance vector algorithm
▪ Dx(y) = estimate of least cost from x to y
• x maintains distance vector Dx = [Dx(y): y є N ]
▪ node x:
• knows cost to each neighbor v: c(x,v)
• maintains its neighbors’ distance vectors. For each
neighbor v, x maintains
Dv = [Dv(y): y є N ]

Network Layer: Control Plane 5-20

Distance vector algorithm
key idea:
▪ from time-to-time, each node sends its own distance
vector estimate to neighbors
▪ when x receives new DV estimate from neighbor, it
updates its own DV using B-F equation:
Dx(y) ← minv{c(x,v) + Dv(y)} for each node y ∊ N

❖ under minor, natural conditions, the estimate Dx(y)

converge to the actual least cost dx(y)

Network Layer: Control Plane 5-21

Distance vector algorithm
iterative, asynchronous: each each node:
local iteration caused by:
▪ local link cost change
wait for (change in local link
▪ DV update message from cost or msg from neighbor)
neighbor
distributed:
▪ each node notifies neighbors recompute estimates
only when its DV changes
• neighbors then notify their
neighbors if necessary if DV to any dest has changed,
notify neighbors

Network Layer: Control Plane 5-22

 Dx(z) = min{c(x,y) +
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)}
= min{2+0 , 7+1} = 2 Dy(z), c(x,z) + Dz(z)}
= min{2+1 , 7+0} = 3
node x cost to cost to
DV table x y z x y z
x 0 2 7 x 0 2 3

from
from

y ∞∞ ∞ y 2 0 1
z ∞∞ ∞ z 7 1 0

node y cost to
DV table x y z y
2 1
x ∞ ∞ ∞
x z
from

y 2 0 1 7
z ∞∞ ∞

node z cost to
DV table x y z
x ∞∞ ∞
from

y ∞∞ ∞
z 7 1 0
time
Network Layer: Control Plane 5-23
 Dx(z) = min{c(x,y) +
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)}
= min{2+0 , 7+1} = 2 Dy(z), c(x,z) + Dz(z)}
= min{2+1 , 7+0} = 3
node x cost to cost to cost to
table x y z x y z x y z
x 0 2 7 x 0 2 3 x 0 2 3

from
from

y ∞∞ ∞ y 2 0 1

from
y 2 0 1
z ∞∞ ∞ z 7 1 0 z 3 1 0
node y cost to cost to cost to
table x y z x y z x y z y
2 1
x ∞ ∞ ∞ x 0 2 7 x 0 2 3 x z
from

from

y 2 0 1 y 2 0 1 7

from
y 2 0 1
z ∞∞ ∞ z 7 1 0 z 3 1 0

node z cost to cost to cost to

table x y z x y z x y z

x ∞∞ ∞ x 0 2 7 x 0 2 3
from

from
y 2 0 1 y 2 0 1
from

y ∞∞ ∞
z 7 1 0 z 3 1 0 z 3 1 0
time
Network Layer: Control Plane 5-24
 Distance vector: link cost changes
link cost changes: 1
❖ node detects local link cost change y
4 1
❖ updates routing info, recalculates x z
distance vector 50
❖ if DV changes, notify neighbors

“good t0 : y detects link-cost change, updates its DV, informs its neighbors.
news
travels t1 : z receives update from y, updates its table, computes new least
fast” cost to x , sends its neighbors its DV.

t2 : y receives z’s update, updates its distance table. y’s least costs do
not change, so y does not send a message to z.

* Check out the online interactive exercises for more

examples: http://gaia.cs.umass.edu/kurose_ross/interactive/ Network Layer: Control Plane 5-25
Network Layer 4-26
Distance vector: link cost changes
link cost changes: 60
❖ node detects local link cost change y
4 1
❖ bad news travels slow - “count to x z
infinity” problem! 50
❖ 44 iterations before algorithm
stabilizes: see text
poisoned reverse:
❖ If Z routes through Y to get to X :
▪ Z tells Y its (Z’s) distance to X is infinite (so Y won’t route to X
via Z)
❖ will this completely solve count to infinity problem?

Network Layer: Control Plane 5-27

Comparison of LS and DV algorithms
message complexity
▪ LS: with n nodes, E links, O(nE)
msgs sent
▪ DV: exchange between neighbors
only
• convergence time varies
speed of convergence
▪ LS: O(n2)algorithm requires O(nE)
msgs
• may have oscillations
▪ DV: convergence time varies
• may be routing loops
• count-to-infinity problem
robustness: what happens if router
malfunctions (errors)?
LS:
• node can advertise incorrect link
cost
• each node computes only its own
table
DV:
• DV node can advertise incorrect
path cost
• each node’s table used by
others
• error propagate thru
network
Network Layer: Control Plane 5-28
Chapter 5: outline
5.1 Overview of Network layer 5.4 routing protocols
• data plane – link state
• control plane – distance vector
5.2 What’s inside a router 5.5 intra-AS routing in the
5.3 IP: Internet Protocol Internet: OSPF
• datagram format 5.6 routing among the ISPs:
• fragmentation BGP
• IPv4 addressing 5.7 The SDN control plane
• network address 5.8 ICMP: The Internet Control
translation Message Protocol
• IPv6 5.9 Network management and
• NAT SNMP

Network Layer: Data Plane 4-29

Making routing scalable
our routing study thus far - idealized
▪ all routers identical
▪ network “flat”
… not true in practice

scale: with billions of administrative autonomy

destinations:
▪ can’t store all destinations
in routing tables!
▪ routing table exchange
would swamp links!
▪ internet = network of
networks
▪ each network admin may want
to control routing in its own
network

Network Layer: Control Plane 5-30

Internet approach to scalable routing
aggregate routers into regions known as “autonomous
systems” (AS) (a.k.a. “domains”)

intra-AS routing inter-AS routing

▪ routing among hosts, routers in ▪ routing among AS’es
same AS (“network”) ▪ gateways perform inter-
▪ all routers in AS must run same domain routing (as well as
intra-domain protocol intra-domain routing)
▪ routers in different AS can run
different intra-domain routing
protocol
▪ gateway router: at “edge” of its
own AS, has link(s) to router(s)
in other AS’es
Network Layer: Control Plane 5-31
Interconnected ASes

3c
3a 2c
3b 2a
AS3 2b
1c AS2
1a 1b
1d AS1 ▪ forwarding table configured
by both intra- and inter-AS
routing algorithm
Intra-AS Inter-AS • intra-AS routing
Routing
algorithm
Routing
algorithm determine entries for
destinations within AS
Forwarding
table • inter-AS & intra-AS
determine entries for
external destinations

Network Layer: Control Plane 5-32

 Inter-AS tasks
▪ suppose router in AS1
receives datagram destined
outside of AS1:
• router should forward
packet to gateway router,
but which one?
AS1 must:
1. learn which dests are
reachable through AS2,
which through AS3
2. propagate this reachability
info to all routers in AS1
job of inter-AS routing!

3c
3a
3b
AS3 2c other
1c 2a networks
other 1a 2b
networks 1b AS2
AS1 1d

Network Layer: Control Plane 5-33

Intra-AS Routing
▪ also known as interior gateway protocols (IGP)
▪ most common intra-AS routing protocols:
• RIP: Routing Information Protocol
• distance-vector routing protocol which employs the hop
count as a routing metric.
• OSPF: Open Shortest Path First (IS-IS protocol
essentially same as OSPF)
• link-state routing protocol that uses flooding of link-state
information and a Dijkstra’s least-cost path algorithm.
• IGRP: Interior Gateway Routing Protocol (Cisco
proprietary for decades, until 2016)

Network Layer: Control Plane 5-34

OSPF (Open Shortest Path First)
▪ “open”: publicly available
▪ uses link-state algorithm
• link state packet dissemination
• topology map at each node
• route computation using Dijkstra’s algorithm
▪ router floods OSPF link-state advertisements to all other
routers in entire AS
• carried in OSPF messages directly over IP (rather than TCP or
UDP
• link state: for each attached link
▪ IS-IS routing protocol: nearly identical to OSPF

Network Layer: Control Plane 5-35

OSPF “advanced” features
▪ security: all OSPF messages authenticated (to prevent
malicious intrusion)
▪ multiple same-cost paths allowed (only one path in RIP)
▪ for each link, multiple cost metrics for different TOS (e.g.,
satellite link cost set low for best effort ToS; high for
real-time ToS)
▪ integrated uni- and multi-cast support:
• Multicast OSPF (MOSPF) uses same topology data base
as OSPF
▪ hierarchical OSPF in large domains.

Network Layer: Control Plane 5-36

Hierarchical OSPF
boundary router
backbone router

backbone
area
border
routers

area 3

internal
routers
area 1
area 2

Network Layer: Control Plane 5-37

Hierarchical OSPF
▪ two-level hierarchy: local area, backbone.
• link-state advertisements only in area
• each nodes has detailed area topology; only know
direction (shortest path) to nets in other areas.
▪ area border routers: “summarize” distances to nets in own
area, advertise to other Area Border routers.
▪ backbone routers: run OSPF routing limited to backbone.
▪ boundary routers: connect to other AS’es.

Network Layer: Control Plane 5-38

Chapter 5: outline
5.1 Overview of Network layer 5.4 routing protocols
• data plane – link state
• control plane – distance vector
5.2 What’s inside a router 5.5 intra-AS routing in the
5.3 IP: Internet Protocol Internet: OSPF
• datagram format 5.6 Inter-AS (routing among
• fragmentation the ISPs): BGP
• IPv4 addressing 5.7 The SDN control plane
• network address 5.8 ICMP: The Internet Control
translation Message Protocol
• IPv6 5.9 Network management and
• NAT SNMP

Network Layer: Data Plane 4-39

Internet inter-AS routing: BGP
▪ BGP (Border Gateway Protocol): the de facto inter-
domain routing protocol
• “glue that holds the Internet together”
▪ BGP provides each AS a means to:
• eBGP: obtain subnet reachability information from
neighboring ASes
• iBGP: propagate reachability information to all AS-internal
routers.
• determine “good” routes to other networks based on
reachability information and policy
▪ allows subnet to advertise its existence to rest of
Internet: “I am here”
Network Layer: Control Plane 5-40
eBGP, iBGP connections

2b

2a ∂
2c
1b 3b
2d
1a 1c ∂
3a 3c
AS 2
1d 3d

AS 1 eBGP connectivity AS 3
iBGP connectivity

1c gateway routers run both eBGP and iBGP protools

Network Layer: Control Plane 5-41

BGP basics
▪ BGP session: two BGP routers (“peers”) exchange BGP messages
over semi-permanent TCP connection:
• advertising paths to different destination network prefixes (BGP is
a “path vector” protocol)
▪ when AS3 gateway router 3a advertises path AS3,X to AS2 gateway
router 2c:
• AS3 promises to AS2 it will forward datagrams towards X

AS 3 3b
AS 1 1b
3a 3c
1a 1c
AS 2 2b 3d X
1d
BGP advertisement:
2a 2c AS3, X

2d
Network Layer: Control Plane 5-42
Path attributes and BGP routes
▪ advertised prefix includes BGP attributes
• prefix + attributes = “route”
▪ two important attributes:
• AS-PATH: list of ASes through which prefix advertisement has
passed
• NEXT-HOP: indicates specific internal-AS router to next-hop
AS
▪ Policy-based routing:
• gateway receiving route advertisement uses import policy to
accept/decline path (e.g., never route through AS Y).
• AS policy also determines whether to advertise path to other
other neighboring ASes

Network Layer: Control Plane 5-43

 BGP path advertisement
AS3 3b
AS1 1b
3a 3c
1a 1c
AS2 2b 3d X
1d AS3,X
AS2,AS3,X
2a 2c

2d

▪ AS2 router 2c receives path advertisement AS3,X (via eBGP) from AS3
router 3a
▪ Based on AS2 policy, AS2 router 2c accepts path AS3,X, propagates (via
iBGP) to all AS2 routers
▪ Based on AS2 policy, AS2 router 2a advertises (via eBGP) path AS2, AS3, X
to AS1 router 1c
Network Layer: Control Plane 5-44
 BGP path advertisement
AS3 3b
AS1 1b
3a 3c
1a 1c
AS2 2b 3d X
1d AS3,X
AS2,AS3,X
2a 2c

2d

gateway router may learn about multiple paths to destination:

▪ AS1 gateway router 1c learns path AS2,AS3,X from 2a
▪ AS1 gateway router 1c learns path AS3,X from 3a
▪ Based on policy, AS1 gateway router 1c chooses path AS3,X, and
advertises path within AS1 via iBGP
Network Layer: Control Plane 5-45
BGP messages
▪ BGP messages exchanged between peers over TCP connection
▪ BGP messages:
• OPEN: opens TCP connection to remote BGP peer and
authenticates sending BGP peer
• UPDATE: advertises new path (or withdraws old)
• KEEPALIVE: keeps connection alive in absence of UPDATES;
also ACKs OPEN request
• NOTIFICATION: reports errors in previous msg; also used to
close connection

Network Layer: Control Plane 5-46

 BGP, OSPF, forwarding table entries
Q: how does router set forwarding table entry to distant prefix?

AS3 3b
AS1 1b
1
3a 3c
1a 2 1c
local link
1
AS2 2b 3d X
interfaces 2
1d AS3,X
at 1a, 1d AS2,AS3,X
2a 2c
physical link
2d

dest interface ▪ recall: 1a, 1b, 1c learn about dest X via iBGP
… … from 1c: “path to X goes through 1c”
X 1 ▪ 1d: OSPF intra-domain routing: to get to 1c,
… … forward over outgoing local interface 1

Network Layer: Control Plane 5-47

BGP, OSPF, forwarding table entries
Q: how does router set forwarding table entry to distant prefix?

AS3 3b
AS1 1b
1
3a 3c
1a 2 1c
AS2 2b 3d X
1d
2a 2c

2d

dest interface ▪ recall: 1a, 1b, 1c learn about dest X via iBGP
… … from 1c: “path to X goes through 1c”
X 2 ▪ 1d: OSPF intra-domain routing: to get to 1c,
… … forward over outgoing local interface 1
▪ 1a: OSPF intra-domain routing: to get to 1c,
forward over outgoing local interface 2
Network Layer: Control Plane 5-48
BGP route selection
▪ router may learn about more than one route to
destination AS, selects route based on:
1. local preference value attribute: policy decision
2. shortest AS-PATH
3. closest NEXT-HOP router: hot potato routing
4. additional criteria

Network Layer: Control Plane 5-49

Hot Potato Routing
AS3 3b
AS1 1b
3a 3c
1a 1c
AS2 2b 3d X
1d 112
AS3,X
152
AS1,AS3,X 2a 263 2c
201
OSPF link weights
2d

▪ 2d learns (via iBGP) it can route to X via 2a or 2c

▪ hot potato routing: choose local gateway that has least intra-domain
cost (e.g., 2d chooses 2a, even though more AS hops to X): don’t
worry about inter-domain cost!

Network Layer: Control Plane 5-50

BGP: achieving policy via advertisements
legend: provider
B network
X
W A
customer
C network:

Suppose an ISP only wants to route traffic to/from its customer networks
(does not want to carry transit traffic between other ISPs)
▪ A advertises path Aw to B and to C
▪ B chooses not to advertise BAw to C:
▪ B gets no “revenue” for routing CBAw, since none of C, A, w are B’s
customers
▪ C does not learn about CBAw path
▪ C will route CAw (not using B) to get to w
Network Layer: Control Plane 5-51
BGP: achieving policy via advertisements
legend: provider
B network
X
W A
customer
C network:

Suppose an ISP only wants to route traffic to/from its customer networks
(does not want to carry transit traffic between other ISPs)

▪ A,B,C are provider networks

▪ X,W,Y are customer (of provider networks)
▪ X is dual-homed: attached to two networks
▪ policy to enforce: X does not want to route from B to C via X
▪ .. so X will not advertise to B a route to C
Network Layer: Control Plane 5-52
Why different Intra-, Inter-AS routing ?
policy:
▪ inter-AS: admin wants control over how its traffic routed,
who routes through its net.
▪ intra-AS: single admin, so no policy decisions needed
scale:
▪ hierarchical routing saves table size, reduced update
traffic
performance:
▪ intra-AS: can focus on performance
▪ inter-AS: policy may dominate over performance

Network Layer: Control Plane 5-53

Chapter 5: outline
5.1 Overview of Network layer 5.4 routing protocols
• data plane – link state
• control plane – distance vector
5.2 What’s inside a router 5.5 intra-AS routing in the
5.3 IP: Internet Protocol Internet: OSPF
• datagram format 5.6 routing among the ISPs:
• fragmentation BGP
• IPv4 addressing 5.7 The SDN control plane
• network address 5.8 ICMP: The Internet Control
translation Message Protocol
• IPv6 5.9 Network management and
• NAT SNMP

Network Layer: Data Plane 4-54

Software defined networking (SDN)
▪ Internet network layer: historically has been
implemented via distributed, per-router approach
• monolithic router contains switching hardware, runs
proprietary implementation of Internet standard protocols
(IP, RIP, IS-IS, OSPF, BGP) in proprietary router OS (e.g.,
Cisco IOS)
• different “middleboxes” for different network layer
functions: firewalls, load balancers, NAT boxes, ..

▪ ~2005: renewed interest in rethinking network

control plane

Network Layer: Control Plane 5-55

Recall: per-router control plane
Individual routing algorithm components in each and every
router interact with each other in control plane to compute
forwarding tables

Routing
Algorithm
control
plane

data
plane

Network Layer: Control Plane 5-56

 Recall: logically centralized control plane
A distinct (typically remote) controller interacts with local control
agents (CAs) in routers to compute forwarding tables

Remote Controller

control
plane

data
plane

CA
CA CA CA CA

Network Layer: Control Plane 5-57

Software defined networking (SDN)
Why a logically centralized control plane?
▪ easier network management: avoid router
misconfigurations, greater flexibility of traffic flows
▪ table-based forwarding (recall OpenFlow API) allows
“programming” routers
• centralized “programming” easier: compute tables centrally
and distribute
• distributed “programming: more difficult: compute tables as
result of distributed algorithm (protocol) implemented in
each and every router
▪ open (non-proprietary) implementation of control
plane

Network Layer: Control Plane 5-58

 Analogy: mainframe to PC evolution *

Ap Ap Ap Ap Ap Ap Ap Ap Ap Ap
App
Specialized p p p p p p p p p p
Applications Open Interface

Specialized Windows Mac

or Linux or
Operating (OS) OS
System
Open Interface
Specialized
Hardware
Microprocessor

Vertically integrated Horizontal

Closed, proprietary Open interfaces
Slow innovation Rapid innovation
Small industry Huge industry
* Slide courtesy: N. McKeown Network Layer: Control Plane 5-59
Traffic engineering: difficult traditional routing

5
3
2 v w 5

u 2 1
3 z
1
2
x 1 y

Q: what if network operator wants u-to-z traffic to flow along uvwz,

x-to-z traffic to flow xwyz?
A: need to define link weights so traffic routing algorithm
computes routes accordingly (or need a new routing algorithm)!

Link weights are only control “knobs”: wrong!

Network Layer: Control Plane 5-60
Traffic engineering: difficult
5
3
2 v w 5

u 2 1
3 z
1
2
x 1 y

Q: what if network operator wants to split u-to-z traffic

along uvwz and uxyz (load balancing)?
A: can’t do it (or need a new routing algorithm)

Network Layer: Control Plane 5-61

 Networking 401
Traffic engineering: difficult
5
3
v
v
w
w
2 5

zz
u 2 1
3
1
2
xx yy
1

Q: what if w wants to route blue and red traffic differently?

A: can’t do it (with destination based forwarding, and LS, DV

routing)

Network Layer: Control Plane 5-62

 Software defined networking (SDN)
4. programmable
control applications
routing
access
control
… load
balance
3. control plane
functions external
to data-plane
switches
Remote Controller

control
plane

data
plane

CA 2. control, data
plane
CA CA CA CA separation

1: generalized“ flow-
based” forwarding
(e.g., OpenFlow)
Network Layer: Control Plane 5-63
 SDN perspective: data plane switches
Data plane switches network-control applications

▪ fast, simple, commodity switches

routing
…
implementing generalized data-
plane forwarding (Section 4.4) in access load
balance
control
hardware
▪ switch flow table computed, northbound API
control
plane
installed by controller
▪ API for table-based switch control SDN Controller
(e.g., OpenFlow) (network operating system)
• defines what is controllable and what
is not southbound API
▪ protocol for communicating with
controller (e.g., OpenFlow) data
plane

SDN-controlled switches
Network Layer: Control Plane 5-64
 SDN perspective: SDN controller
SDN controller (network OS): network-control applications

▪ maintain network state

routing
…
information
load
▪ interacts with network control access
control balance
applications “above” via
northbound API northbound API
control
plane
▪ interacts with network switches
“below” via southbound API SDN Controller
▪ implemented as distributed (network operating system)
system for performance,
scalability, fault-tolerance, southbound API

robustness
data
plane

SDN-controlled switches
Network Layer: Control Plane 5-65
 SDN perspective: control applications
network-control apps: network-control applications

▪ “brains” of control: implement

routing
…
control functions using lower-
level services, API provided by access load
balance
control
SND controller
▪ unbundled: can be provided by 3rd northbound API
control
plane
party: distinct from routing
vendor, or SDN controller SDN Controller
(network operating system)

southbound API

data
plane

SDN-controlled switches
Network Layer: Control Plane 5-66
 Components of SDN controller

routing access load

control balance
Interface layer to
network control apps: Interface, abstractions for network control apps
abstractions API network
graph
RESTful
API
… intent

Network-wide state
management layer: statistics … flow tables
state of networks SDN
links, switches, Network-wide distributed, robust state management
controller
services: a distributed
database
Link-state info host info … switch info

communication layer: OpenFlow … SNMP

communicate Communication to/from controlled devices
between SDN
controller and
controlled switches

Network Layer: Control Plane 5-67

OpenFlow protocol
▪ operates between
OpenFlow Controller controller, switch
▪ TCP used to exchange
messages
• optional encryption
▪ three classes of
OpenFlow messages:
• controller-to-switch
• asynchronous (switch to
controller)
• symmetric (misc)

Network Layer: Control Plane 5-68

OpenFlow: controller-to-switch messages

Key controller-to-switch messages

▪ features: controller queries switch OpenFlow Controller
features, switch replies
▪ configure: controller queries/sets
switch configuration parameters
▪ modify-state: add, delete, modify
flow entries in the OpenFlow
tables
▪ packet-out: controller can send this
packet out of specific switch port

Network Layer: Control Plane 5-69

OpenFlow: switch-to-controller messages
Key switch-to-controller messages
▪ packet-in: transfer packet (and its OpenFlow Controller
control) to controller. See packet-out
message from controller
▪ flow-removed: flow table entry deleted
at switch
▪ port status: inform controller of a
change on a port.

Fortunately, network operators don’t “program” switches by

creating/sending OpenFlow messages directly. Instead use higher-
level abstraction at controller
Network Layer: Control Plane 5-70
SDN: control/data plane interaction example
Dijkstra’s link-state 1 S1, experiencing link failure using
Routing OpenFlow port status message
to notify controller
4 5
network
graph
RESTful
API
… intent 2 SDN controller receives
OpenFlow message, updates link
statistics
3
… flow tables
status info
Dijkstra’s routing algorithm
Link-state info host info … switch info
3
application has previously
2 registered to be called when ever
OpenFlow
… SNMP
link status changes. It is called.

4 Dijkstra’s routing algorithm

1 access network graph info, link
state info in controller, computes
s2 new routes
s1
s4
s3
Network Layer: Control Plane 5-71
SDN: control/data plane interaction example
Dijkstra’s link-state
Routing

4 5
network
graph
RESTful
API
… intent 5 link state routing app interacts
with flow-table-computation
statistics
3
… flow tables
component in SDN controller,
which computes new flow tables
Link-state info host info … switch info
needed

2 6 Controller uses OpenFlow to

OpenFlow
… SNMP
install new tables in switches that
need updating

s2
s1
s4
s3
Network Layer: Control Plane 5-72
OpenDaylight (ODL) controller
Traffic …
Engineering ▪ ODL Lithium
controller
REST API
▪ network apps may be
Network service Basic Network Service Functions
contained within, or be
apps external to SDN
Access
topology
manager
switch
manager
stats
manager
controller
Control
host
▪ Service Abstraction
forwarding
manager manager Layer: interconnects
internal, external
Service Abstraction Layer (SAL) applications and
services
OpenFlow 1.0
… SNMP OVSDB

Network Layer: Control Plane 5-73

ONOS controller
Network …
control apps
▪ control apps separate
northbound from controller
abstractions,
REST API Intent
protocols ▪ intent framework:
high-level specification
hosts paths flow rules topology of service: what rather
than how
ONOS
devices links statistics distributed ▪ considerable emphasis
core
on distributed core:
service reliability,
device link host flow packet southbound replication
OpenFlow Netconf OVSDB
abstractions,
protocols performance scaling

Network Layer: Control Plane 5-74

SDN: selected challenges
▪ hardening the control plane: dependable, reliable,
performance-scalable, secure distributed system
• robustness to failures: leverage strong theory of reliable
distributed system for control plane
• dependability, security: “baked in” from day one?
▪ networks, protocols meeting mission-specific
requirements
• e.g., real-time, ultra-reliable, ultra-secure
▪ Internet-scaling

Network Layer: Control Plane 5-75

Chapter 5: outline
5.1 Overview of Network layer 5.4 routing protocols
• data plane – link state
• control plane – distance vector
5.2 What’s inside a router 5.5 intra-AS routing in the
5.3 IP: Internet Protocol Internet: OSPF
• datagram format 5.6 routing among the ISPs:
• fragmentation BGP
• IPv4 addressing 5.7 The SDN control plane
• network address 5.8 ICMP: The Internet Control
translation Message Protocol
• IPv6 5.9 Network management and
• NAT SNMP

Network Layer: Data Plane 4-76

ICMP: internet control message protocol

▪ used by hosts & routers to

communicate network-level Type Code description
0 0 echo reply (ping)
information 3 0 dest. network unreachable
• error reporting: unreachable 3 1 dest host unreachable
host, network, port, protocol 3 2 dest protocol unreachable
• echo request/reply (used by 3 3 dest port unreachable
ping) 3 6 dest network unknown
▪ network-layer “above” IP: 3 7 dest host unknown
• ICMP msgs carried in IP 4 0 source quench (congestion
datagrams control - not used)
8 0 echo request (ping)
▪ ICMP message: type, code 9 0 route advertisement
plus first 8 bytes of IP 10 0 router discovery
datagram causing error 11 0 TTL expired
12 0 bad IP header

Network Layer: Control Plane 5-77

Traceroute and ICMP
▪ source sends series of UDP
segments to destination
• first set has TTL =1
• second set has TTL=2, etc.
• unlikely port number
▪ when datagram in nth set
arrives to nth router:
• router discards datagram and
sends source ICMP message
(type 11, code 0)
• ICMP message include name of
router & IP address
▪ when ICMP message arrives,
source records RTTs
stopping criteria:
▪ UDP segment eventually
arrives at destination host
▪ destination returns ICMP
“port unreachable” message
(type 3, code 3)
▪ source stops

3 probes 3 probes

3 probes
Network Layer: Control Plane 5-78
Chapter 5: outline
5.1 Overview of Network layer 5.4 routing protocols
• data plane – link state
• control plane – distance vector
5.2 What’s inside a router 5.5 intra-AS routing in the
5.3 IP: Internet Protocol Internet: OSPF
• datagram format 5.6 routing among the ISPs:
• fragmentation BGP
• IPv4 addressing 5.7 The SDN control plane
• network address 5.8 ICMP: The Internet Control
translation Message Protocol
• IPv6 5.9 Network management and
• NAT SNMP

Network Layer: Data Plane 4-79

What is network management?
▪ autonomous systems (aka “network”): 1000s of interacting
hardware/software components
▪ other complex systems requiring monitoring, control:
• jet airplane
• nuclear power plant
• others?

"Network management includes the deployment, integration

and coordination of the hardware, software, and human
elements to monitor, test, poll, configure, analyze, evaluate,
and control the network and element resources to meet the
real-time, operational performance, and Quality of Service
requirements at a reasonable cost."

Network Layer: Control Plane 5-80

Infrastructure for network management
definitions:
managing entity
agent data
managing
managed device
managed devices
entity data
contain managed
agent data
objects whose data is
network gathered into a
management
protocol agent data
managed device Management
managed device
Information Base (MIB)

agent data
agent data
managed device
managed device

Network Layer: Control Plane 5-81

 SNMP protocol
Two ways to convey MIB info, commands:

managing managing
entity entity

request
trap msg
response

agent data agent data

managed device managed device

request/response mode trap mode

Network Layer: Control Plane 5-82
SNMP protocol: message types
Message type Function
GetRequest
GetNextRequest manager-to-agent: “get me data”
GetBulkRequest (data instance, next data in list, block of data)

InformRequest manager-to-manager: here’s MIB value

SetRequest manager-to-agent: set MIB value

Response Agent-to-manager: value, response to

Request

Trap Agent-to-manager: inform manager

of exceptional event

Network Layer: Control Plane 5-83

SNMP protocol: message formats
Get/set header Variables to get/set
PDU Error
Request Error ….
type Status Name Value Name Value
ID Index
(0-3) (0-5)

PDU Trap
Agent Specific Time
type Enterprise Type Name Value ….
Addr code stamp
4 (0-7)
Trap header Trap info

SNMP PDU

More on network management: see earlier editions of text!

Network Layer: Control Plane 5-84

Chapter 5: summary
we’ve learned a lot!
▪ approaches to network control plane
• per-router control (traditional)
• logically centralized control (software defined networking)
▪ traditional routing algorithms
• implementation in Internet: OSPF, BGP
▪ SDN controllers
• implementation in practice: ODL, ONOS
▪ Internet Control Message Protocol
▪ network management

next stop: transportation layer!

Network Layer: Control Plane 5-85