BGP FlowSpec IPv6 (dra4- ie7- idr- flow- spec- v6-03) Andy Karch Robert Raszuk Keyur Patel
|
|
|
- Wesley Bryan
- 6 years ago
- Views:
Transcription
1 BGP FlowSpec IPv6 (dra4- ie7- idr- flow- spec- v6-03) Andy Karch Robert Raszuk Keyur Patel
2 What is FlowSpec? RFC DisseminaOon of Flow SpecificaOon Rules IPv4- Only BGP NLRI SAFI 133 IP SAFI 134 VPN Match and acoon Match on all IP header fields, not just IP desonaoon AcOons rate- limit, drop, redirect, mark, sample Similar to access- lists, policies, and filters Use- cases DDoS MiOgaOon Traffic Filtering 2
3 DDoS Impact SP BANK GOOD DDoS 3
4 DDoS MiOgaOon Drop at network ingress SP BANK GOOD DDoS 4
5 DDoS MiOgaOon Redirect traffic to DDoS scrubber Scan Ne7low data Find DDOS signature DDoS Controller DDoS Analyser BGP Flow: DDoS flow/prefix AcOon: redirect to DDoS scruber SP BANK DDoS scrubber 5
6 Changes for IPv6 Match Criteria Added IPv6 Flow Label Modified Source Address (prefix offset) DesOnaOon Address (prefix offset) IP Protocol - > Next Header DSCP - > Traffic Class Removed Fragment 6
7 Points for Discussion 1) Prefix Offset 2) Ordering of Traffic Filtering Rules 3) FragmentaOon 7
8 Prefix Offset Don t care bits Field inside IPv6 prefix components DesOnaOon IPv6 Prefix Source IPv6 Prefix New for IPv6 Allows flexible match on part of the IPv6 address Match on end or interior of address. Prefix Encoding Based on MP_REACH_NLRI in BGP UPDATE Encoding: <type (1 octet), prefix length (1 octet), prefix offset (1 octet), prefix> 8
9 Encoding Prefix Offset Problems Do we include the offset bits? Order of Traffic Filtering Rules How does the offset affect ordering? 9
10 Prefix Offset Encoding 0000:0000:0000:0000:1234:5678:9A00:0000 Length Don t care 64 (40 match bits) Do we encode the enore <PrefixLength> bits? The <PrefixOffset> bits are dead weight. Prefix Offset - 64 Prefix - 40 Trailing Bits 0000:0000:0000:0000:1234:5678:9A 00:0000 Do we encode <PrefixLength> - <PrefixOffset> bits? Most efficient, but perhaps <PrefixLength> is misleading. Prefix Offset - 64 Prefix - 40 Trailing Bits 0000:0000:0000: :5678:9A 00:
11 Prefix Offset Encoding Example - offset bits encoded An example of a flow specification encoding for: "all packets to ::1234:5678:9A/ from 192::/8 and port {range [137, 139] or 8080}" destination source port x c b 91 1f A DesOnaOon prefix component length - 16 NLRI Total Length
12 Prefix Offset Encoding Example - offset bits omined An example of a flow specification encoding for: "all packets to ::1234:5678:9A/ from 192::/8 and port {range [137, 139] or 8080}" destination source port x A c b 91 1f DesOnaOon prefix component length - 8 NLRI Total Length 20 12
13 Order of Traffic Filtering Rules Problem: More than one rule may match a parocular traffic flow. SoluOon Requirements: Order must be constant in the network. Order must not depend on the arrival order of the flow specificaoon's rules Analogous to Longest- Prefix- Match 13
14 Order of Traffic Filtering Rules RFC5575 IP prefix values (IP desonaoon and source prefix): 1. Lowest IP value of the common prefix length; 2. if the common prefix is equal, then the most specific prefix has precedence. 3. NO PREFIX OFFSET if (component_type(comp1) == IP_DESTINATION IP_SOURCE) { common = MIN(prefix_length(comp1), prefix_length(comp2)); cmp = prefix_compare(comp1, comp2, common); // not equal, lowest value has precedence // equal, longest match has precedence } else { 14
15 Order of Traffic Filtering Rules Problem Without considering prefix offset, mulople flows that differ only by offset may appear equal in priority! Example <Length 32>, <Offset 1>, <Prefix - 0x )> <Length 32>, <Offset 0>, <Prefix - 0x )> 15
16 Order of Traffic Filtering Rules IPv6 FlowSpec IP prefix values (IP desonaoon and source prefix): 1. Lowest offset has precendence 1. RATIONALE: Lowest offset matches more bits 2. If the offset is equal, lowest IP value of the common prefix length; 3. if the common prefix is equal, then the most specific prefix has precedence. if (component_type(comp1) == IPV6_DESTINATION IPV6_SOURCE) { // offset not equal, lowest offset has precedence // offset equal... common_len = MIN(prefix_length(comp1), prefix_length(comp2)); cmp = prefix_compare(comp1, comp2, offset, common_len); // not equal, lowest value has precedence // equal, longest match has precedence } else { 16
17 FragmentaOon Defined in RFC5575 Don t Fragment Is a Fragment First Fragment Last Fragment Removed in IPv6 dra4 17
18 Unknown EH FragmentaOon Undetermined Transport Upper- layer protocol field not in first fragment. Last EH next- header field Upper- layer header not in first fragment TCP, UDP, SCTP, ICMP 18
19 Goals 1) Gather feedback and comments 2) Update dra4 Converge on encoding, ordering, fragmentaoon Clarify language Provide encoding examples 3) IdenOfy 2 implementaoons 4) Inter- op in the next few months. 5) Move towards RFC status 19
20 Backup Slides 20
21 Prefix Offset Component (offset bits omined) Type 1 - Destination IPv6 Prefix Encoding: <type (1 octet), prefix length (1 octet), prefix offset (1 octet), prefix> Defines the destination prefix to match. Prefix offset has been defined to allow for flexible matching on part of the IPv6 address where we want to skip (don't care) of N first bits of the address. This can be especially useful where part of the IPv6 address consists of an embedded IPv4 address and matching needs to happen only on the embedded IPv4 address. The encoded prefix contains enough octets for the bits used in matching (length minus offset bits). 21
22 Prefix Offset Component (offset bits encoded) Type 1 - Destination IPv6 Prefix Encoding: <type (1 octet), prefix length (1 octet), prefix offset (1 octet), prefix> Defines the destination prefix to match. Prefix offset has been defined to allow for flexible matching on part of the IPv6 address where we want to skip (don't care) of N first bits of the address. This can be especially useful where part of the IPv6 address consists of an embedded IPv4 address and matching needs to happen only on the embedded IPv4 address. The default value for prefix offset bits SHOULD be 0, where matching uses subsequent bits up to prefix length. Otherwise prefixes are encoded as in BGP UPDATE messages, prefix length in bits is followed by enough octets to contain the prefix information. 22
CS 3516: Advanced Computer Networks
Welcome to CS 3516: Advanced Computer Networks Prof. Yanhua Li Time: 9:00am 9:50am M, T, R, and F Location: Fuller 320 Fall 2017 A-term 1 Some slides are originally from the course materials of the textbook
Chapter 4 Network Layer: The Data Plane. Part A. Computer Networking: A Top Down Approach
Chapter 4 Network Layer: The Data Plane Part A All material copyright 996-06 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach 7 th Edition, Global Edition Jim Kurose,
BGP FlowSpec Route-reflector Support
The BGP (Border Gateway Protocol) Flowspec (Flow Specification) Route Reflector feature enables service providers to control traffic flows in their network. This helps in filtering traffic and helps in
Implementing Access Lists and Prefix Lists
An access control list (ACL) consists of one or more access control entries (ACE) that collectively define the network traffic profile. This profile can then be referenced by Cisco IOS XR softwarefeatures
Ref: A. Leon Garcia and I. Widjaja, Communication Networks, 2 nd Ed. McGraw Hill, 2006 Latest update of this lecture was on
IP Version 4 (IPv4) Header (Continued) Identification (16 bits): One of the parameters of any network is the maximum transmission unit (MTU) parameter. This parameter specifies the maximum size of the
Chapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
CSCI Computer Networks Fall 2016
source: computer-s-webdesign.com CSCI 4760 - Computer Networks Fall 2016 Instructor: Prof. Roberto Perdisci perdisci@cs.uga.edu These slides are adapted from the textbook slides by J.F. Kurose and K.W.
Introduction to routing in the Internet
Introduction to routing in the Internet Internet architecture IPv4, ICMP, ARP Addressing, routing principles (Chapters 2 3 in Huitema) Internet-1 Internet Architecture Principles End-to-end principle by
BGP Flowspec Interoperability Interop Tokyo 2015 ShowNet ShowNet NOC Team member Shuichi Ohkubo Presenter :Cisco as ShowNet contributor
IETF94 IDR WG BGP Flowspec Interoperability Test @ Interop Tokyo 2015 ShowNet ShowNet NOC Team member Shuichi Ohkubo Presenter :Cisco as ShowNet contributor Copyright INTEROP TOKYO 2015 ShowNet NOC Team
Introduction to routing in the Internet
Introduction to routing in the Internet Internet architecture IPv4, ICMP, ARP Addressing, routing principles (Chapters 2 3 in Huitema) Internet-1 Internet Architecture Principles End-to-end principle by
Mapping of Address and Port Using Translation
The feature provides connectivity to IPv4 hosts across IPv6 domains. Mapping of address and port using translation (MAP-T) is a mechanism that performs double translation (IPv4 to IPv6 and vice versa)
Business Data Networks and Security 10th Edition by Panko Test Bank
Business Data Networks and Security 10th Edition by Panko Test Bank Chapter 2 Network Standards 1) Internet standards are published as. A) RFCs B) IETFs C) TCP/IPs D) Internet Protocols Question: 1a Objective:
Internet Protocols (chapter 18)
Internet Protocols (chapter 18) CSE 3213 Fall 2011 Internetworking Terms 1 TCP/IP Concepts Connectionless Operation Internetworking involves connectionless operation at the level of the Internet Protocol
Remember Extension Headers?
IPv6 Security 1 Remember Extension Headers? IPv6 allows an optional Extension Header in between the IPv6 header and upper layer header Allows adding new features to IPv6 protocol without major re-engineering
Configuring IP Version 6
CHAPTER 24 Configuring IP Version 6 Internet Protocol version 6 (IPv6), formerly called IPng (next generation), is the latest version of IP. IPv6 offers many advantages over the previous version of IP,
CS 3516: Computer Networks
Welcome to CS 3516: Computer Networks Prof. Yanhua Li Time: 9:00am 9:50am M, T, R, and F Location: AK 219 Fall 2018 A-term 1 Some slides are originally from the course materials of the textbook Computer
Lecture 16: Network Layer Overview, Internet Protocol
Lecture 16: Network Layer Overview, Internet Protocol COMP 332, Spring 2018 Victoria Manfredi Acknowledgements: materials adapted from Computer Networking: A Top Down Approach 7 th edition: 1996-2016,
Chapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
A Segment Routing (SR) Tutorial. R. Bonica NANOG70 June 6, 2017
A Segment Routing (SR) Tutorial R. Bonica NANOG70 June 6, 2017 AKA: SPRING IETF Standardization Source Packet Routing In Networking (SPRING) WG ISIS, OSPF, IDR and MPLS WGs What is SR? A tunneling technology
Configuring Firewall Filters (J-Web Procedure)
Configuring Firewall Filters (J-Web Procedure) You configure firewall filters on EX Series switches to control traffic that enters ports on the switch or enters and exits VLANs on the network and Layer
ECE 428 Internet Protocols (Network Layer: Layer 3)
ECE 428 Internet Protocols (Network Layer: Layer 3) 1 Done so far MAC protocols (with PHYsical layer) Transport bits from one node to another. Key element: Determine WHEN to transmit DLC protocol (running
Last time. Wireless link-layer. Introduction. Characteristics of wireless links wireless LANs networking. Cellular Internet access
Last time Wireless link-layer Introduction Wireless hosts, base stations, wireless links Characteristics of wireless links Signal strength, interference, multipath propagation Hidden terminal, signal fading
Routing and router security in an operator environment
DD2495 p4 2011 Routing and router security in an operator environment Olof Hagsand KTH CSC 1 Router lab objectives A network operator (eg ISP) needs to secure itself, its customers and its neighbors from
Lecture 3. The Network Layer (cont d) Network Layer 1-1
Lecture 3 The Network Layer (cont d) Network Layer 1-1 Agenda The Network Layer (cont d) What is inside a router? Internet Protocol (IP) IPv4 fragmentation and addressing IP Address Classes and Subnets
SEN366 (SEN374) (Introduction to) Computer Networks
SEN366 (SEN374) (Introduction to) Computer Networks Prof. Dr. Hasan Hüseyin BALIK (12 th Week) The Internet Protocol 12.Outline Principles of Internetworking Internet Protocol Operation Internet Protocol
IPv6 Source Addresses
IPv6 Source Addresses What Could Possibly Go Wrong? Jen Linkova, furry@google.com Methodology and Data Set Logging all IPv6 packets from reserved/invalid sources entering Google network from Internet Collecting
Chapter 5 Network Layer
Chapter 5 Network Layer Network Layer IPv4 2 IP Header Application Header + data 3 IP IP IP IP 4 Focus on Transport Layer IP IP 5 Network Layer The Network layer (Layer 3) provides services to exchange
(Chapters 2 3 in Huitema) E7310/Internet basics/comnet 1
Introduction to routing in the Internet Ethernet, switching vs. routing Internet architecture IPv4 Addressing Routing principles Protocols: IPv4, ICMP, ARP (Chapters 2 3 in Huitema) E7310/Internet basics/comnet
IP : Internet Protocol
1/20 IP : Internet Protocol Surasak Sanguanpong nguan@ku.ac.th http://www.cpe.ku.ac.th/~nguan Last updated: July 30, 1999 Agenda 2/20 IP functions IP header format Routing architecture IP layer 3/20 defines
IP CONSORTIUM TEST SUITE Internet Protocol, Version 6
IP CONSORTIUM TEST SUITE Internet Protocol, Version 6 Technical Document Last Update: January 25, 2002 Internet Protocol Consortium 7 Leavitt Lane, Room 106 Durham, NH 03824-3525 Research Computing Center
Troubleshooting High CPU Caused by the BGP Scanner or BGP Router Process
Troubleshooting High CPU Caused by the BGP Scanner or BGP Router Process Document ID: 107615 Contents Introduction Before You Begin Conventions Prerequisites Components Used Understanding BGP Processes
Computer Networks ICS 651. IP Routing RIP OSPF BGP MPLS Internet Control Message Protocol IP Path MTU Discovery
Computer Networks ICS 651 IP Routing RIP OSPF BGP MPLS Internet Control Message Protocol IP Path MTU Discovery Routing Information Protocol DV modified with split horizon and poisoned reverse distance
Network layer overview
Network layer overview understand principles behind layer services: layer service models forwarding versus rou:ng how a router works rou:ng (path selec:on) broadcast, mul:cast instan:a:on, implementa:on
The Internet. The Internet is an interconnected collection of netw orks.
The Internet The Internet is an interconnected collection of netw orks. Internetw orking-1 Internetworking! Communications Network: A facility that provides a data transfer service among stations attached
Lecture 8. Network Layer (cont d) Network Layer 1-1
Lecture 8 Network Layer (cont d) Network Layer 1-1 Agenda The Network Layer (cont d) What is inside a router Internet Protocol (IP) IPv4 fragmentation and addressing IP Address Classes and Subnets Network
Where we are in the Course
Network Layer Where we are in the Course Moving on up to the Network Layer! Application Transport Network Link Physical CSE 461 University of Washington 2 Network Layer How to connect different link layer
Packet Header Formats
A P P E N D I X C Packet Header Formats S nort rules use the protocol type field to distinguish among different protocols. Different header parts in packets are used to determine the type of protocol used
Opaque Information Distribution
1 of 9 10/24/2006 13:09 Network Working Group R. Raszuk, Editor INTERNET DRAFT Cisco Systems P. Marques, Editor Category: Standards Track Juniper Networks Expires: April
BGP. BGP Overview. Formats of BGP Messages. I. Header
Overview Three early versions of are -1 (RFC1105), -2 (RFC1163) and -3 (RFC1267). The current version in use is -4 (RFC1771). -4 is rapidly becoming the defacto Internet exterior routing protocol standard
Lab 4: Routing using OSPF
Network Topology:- Lab 4: Routing using OSPF Device Interface IP Address Subnet Mask Gateway/Clock Description Rate Fa 0/0 172.16.1.17 255.255.255.240 ----- R1 LAN R1 Se 0/0/0 192.168.10.1 255.255.255.252
Configuring IPv6 ACLs
CHAPTER 37 When the Cisco ME 3400 Ethernet Access switch is running the metro IP access image, you can filter IP Version 6 (IPv6) traffic by creating IPv6 access control lists (ACLs) and applying them
IPv6 Access Control Lists
Access lists determine what traffic is blocked and what traffic is forwarded at device interfaces and allow filtering of traffic based on source and destination addresses, and inbound and outbound traffic
QUIZ: Longest Matching Prefix
QUIZ: Longest Matching Prefix A router has the following routing table: 10.50.42.0 /24 Send out on interface Z 10.50.20.0 /24 Send out on interface A 10.50.24.0 /22 Send out on interface B 10.50.20.0 /22
Intended status: Standards Track. K. Patel Cisco J. Haas Juniper Networks June 30, 2014
Routing Area Working Group Internet-Draft Intended status: Standards Track Expires: January 1, 2015 S. Litkowski Orange A. Simpson Alcatel Lucent K. Patel Cisco J. Haas Juniper Networks June 30, 2014 Applying
Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet
Chapter 2 - Part 1 The TCP/IP Protocol: The Language of the Internet Protocols A protocol is a language or set of rules that two or more computers use to communicate 2 Protocol Analogy: Phone Call Parties
Chapter 5 OSI Network Layer
Chapter 5 OSI Network Layer The protocols of the OSI model Network layer specify addressing and processes that enable Transport layer data to be packaged and transported. The Network layer encapsulation
V Commands. virtual ip, page 2 virtual ipv6, page 5 vrf, page 8. Cisco Nexus 7000 Series NX-OS Intelligent Traffic Director Command Reference 1
virtual ip, page 2 virtual ipv6, page 5 vrf, page 8 1 virtual ip virtual ip To configure the virtual IPv4 address of an Intelligent Traffic Director (ITD) service, use the virtual ip command. To remove
Internet. Organization Addresses TCP/IP Protocol stack Forwarding. 1. Use of a globally unique address space based on Internet Addresses
Internet Organization Addresses TCP/IP Protocol stack Forwarding Jörg Liebeherr, 1998-2003 1 What defines the Internet? 1. Use of a globally unique address space based on Internet Addresses 2. Support
SharkFest 18 US. BGP is not only a TCP session https://goo.gl/mh3ex4
SharkFest 18 US BGP is not only a TCP session https://goo.gl/mh3ex4 Learning about the protocol that holds networks together Werner Fischer Principal Consultant avodaq AG History and RFCs Direction for
TCP /IP Fundamentals Mr. Cantu
TCP /IP Fundamentals Mr. Cantu OSI Model and TCP/IP Model Comparison TCP / IP Protocols (Application Layer) The TCP/IP subprotocols listed in this layer are services that support a number of network functions:
FINAL EXAM - SLOT 2 TCP/IP NETWORKING Duration: 90 min. With Solutions
First name: Family name: FINAL EXAM - SLOT 2 TCP/IP NETWORKING Duration: 90 min. With Solutions Jean-Yves Le Boudec, Patrick Thiran 2011 January 15 INSTRUCTIONS 1. The exam is in two time slots. Slot 1
COMPUTER NETWORK. Homework #3. Due Date: May 22, 2017 in class
Computer Network Homework#2 COMPUTER NETWORK Homework #3 Due Date: May 22, 2017 in class Question 1 Host A and B are communicating over a TCP connection, and Host B has already received from A all bytes
Data Communication & Networks G Session 7 - Main Theme Networks: Part I Circuit Switching, Packet Switching, The Network Layer
Data Communication & Networks G22.2262-001 Session 7 - Main Theme Networks: Part I Circuit Switching, Packet Switching, The Network Layer Dr. Jean-Claude Franchitti New York University Computer Science
Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing
Network layer: Overview Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing 1 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every
Introduction to Internetworking
Introduction to Internetworking Introductory terms Communications Network Facility that provides data transfer services An internet Collection of communications networks interconnected by bridges and/or
ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2016 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Presentation 2 Security/Privacy Presentations Nov 3 rd, Nov 10 th, Nov 15 th Upload slides to Canvas by midnight
HW3 and Quiz. P14, P24, P26, P27, P28, P31, P37, P43, P46, P55, due at 3:00pm with both soft and hard copies, 11/11/2013 (Monday) TCP), 20 mins
HW3 and Quiz v HW3 (Chapter 3): R1, R2, R5, R6, R7, R8, R15, P14, P24, P26, P27, P28, P31, P37, P43, P46, P55, due at 3:00pm with both soft and hard copies, 11/11/2013 (Monday) v Quiz: 10/30/2013, Wednesday,
Network Working Group Request for Comments: 1940 Category: Informational. Y. Rekhter cisco Systems K. Varadhan D. Zappala USC.
Network Working Group Request for Comments: 1940 Category: Informational D. Estrin USC T. Li Y. Rekhter cisco Systems K. Varadhan D. Zappala USC May 1996 Source Demand Routing: Packet Format and Forwarding
CompSci 356: Computer Network Architectures. Lecture 8: Spanning Tree Algorithm and Basic Internetworking Ch & 3.2. Xiaowei Yang
CompSci 356: Computer Network Architectures Lecture 8: Spanning Tree Algorithm and Basic Internetworking Ch 3.1.5 & 3.2 Xiaowei Yang xwy@cs.duke.edu Review Past lectures Single link networks Point-to-point,
TCP/IP Overview. Basic Networking Concepts. 09/14/11 Basic TCP/IP Networking 1
TCP/IP Overview Basic Networking Concepts 09/14/11 Basic TCP/IP Networking 1 What is TCP/IP? TCP/IP is a name refers to an entire collection of data communication protocols: TCP: Transmission Control Protocol
Network layer: Overview. Network Layer Functions
Network layer: Overview Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing 1 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every
Internetwork Protocols
Internetwork Protocols Background to IP IP, and related protocols Internetworking Terms (1) Communications Network Facility that provides data transfer service An internet Collection of communications
Configuring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964
The requirements for a future all-digital-data distributed network which provides common user service for a wide range of users having different requirements is considered. The use of a standard format
Topic 4a Router Operation and Scheduling. Ch4: Network Layer: The Data Plane. Computer Networking: A Top Down Approach
Topic 4a Router Operation and Scheduling Ch4: Network Layer: The Data Plane Computer Networking: A Top Down Approach 7 th edition Jim Kurose, Keith Ross Pearson/Addison Wesley April 2016 4-1 Chapter 4:
CS118 Discussion 1A, Week 6. Zengwen Yuan Dodd Hall 78, Friday 10:00 10:50 a.m.
CS118 Discussion 1A, Week 6 Zengwen Yuan Dodd Hall 78, Friday 10:00 10:50 a.m. 1 Outline Network Layer Overview: data v.s. control plane IPv4/IPv6, DHCP, NAT Project 2 spec Midterm review 2 Network layer:
Internet Protocol, Version 6
Outline Protocol, Version 6 () Introduction to Header Format Addressing Model ICMPv6 Neighbor Discovery Transition from to vs. Taken from:chun-chuan Yang Basics: TCP/ Protocol Suite Protocol (IP) Features:
Multiprotocol BGP (MBGP)
Multiprotocol BGP (MBGP) Module 5 2000, Cisco Systems, Inc. 1 Copyright 1998-2000, Cisco Systems, Inc. Module5.ppt 1 Module Objectives Understand that MBGP is NOT a replacement for PIM Understand the basic
RMIT University. Data Communication and Net-Centric Computing COSC 1111/2061. Lecture 2. Internetworking IPv4, IPv6
RMIT University Data Communication and Net-Centric Computing COSC 1111/2061 Internetworking IPv4, IPv6 Technology Slide 1 Lecture Overview During this lecture, we will understand The principles of Internetworking
IPv4 ACLs, identified by ACL numbers, fall into four categories, as shown in Table 1. Table 1 IPv4 ACL categories
Table of Contents ACL Configuration 1 ACL Overview 1 IPv4 ACL Classification 1 IPv4 ACL Rule Order 1 Rule Numbering Step with IPv4 ACLs 3 Effective Time Period of an IPv4 ACL 3 IP Fragments Filtering with
ET4254 Communications and Networking 1
Topic 9 Internet Protocols Aims:- basic protocol functions internetworking principles connectionless internetworking IP IPv6 IPSec 1 Protocol Functions have a small set of functions that form basis of
Access List Commands
Access List Commands This module describes the Cisco IOS XR software commands used to configure IP Version 4 (IPv4) and IP Version 6 (IPv6) access lists. An access control list (ACL) consists of one or
Lecture 11: IPv6. CSE 123: Computer Networks Alex C. Snoeren. HW 2 due NOW
Lecture 11: IPv6 CSE 123: Computer Networks Alex C. Snoeren HW 2 due NOW Longest Matching Prefix Forwarding table contains many prefix/length tuples They need not be disjoint! E.g. 200.23.16.0/20 and 200.23.18.0/23
Unit 5: Internet Protocols skong@itt-tech.edutech.edu Internet Protocols She occupied herself with studying a map on the opposite wall because she knew she would have to change trains at some point. Tottenham
Introduction to Internetworking
Introduction to Internetworking Stefano Vissicchio UCL Computer Science COMP0023 Internetworking Goal: Connect many networks together into one Internet. Any computer can send to any other computer on any
Internet Protocol version 6
Internet Protocol version 6 Claudio Cicconetti International Master on Communication Networks Engineering 2006/2007 IP version 6 The Internet is growing extremely rapidly. The
Link download full: Test Bank for Business Data Networks and Security 9th Edition by Panko https://digitalcontentmarket.org/download/business-data-networks-and-security-9thedition-by-panko/ Business Data
Chapter 4: Network Layer
Mecanismes d Echange d Informations Chapter 4 Network Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint
Enhancing DDoS protection TAYLOR HARRIS SECURITY ENGINEER
Enhancing DDoS protection TAYLOR HARRIS SECURITY ENGINEER Overview DDoS Evolution Typical Reactive/Proactive Mitigation Challenges and Obstacles BGP Flowspec Automated Flowspec Mitigation 2 DDoS Evolution
CMSC 332 Computer Networks Network Layer
CMSC 332 Computer Networks Network Layer Professor Szajda CMSC 332: Computer Networks Where in the Stack... CMSC 332: Computer Network 2 Where in the Stack... Application CMSC 332: Computer Network 2 Where
Configuring ACLs. ACL overview. ACL categories. ACL numbering and naming
Contents Configuring ACLs 1 ACL overview 1 ACL categories 1 ACL numbering and naming 1 Match order 2 ACL rule numbering 3 Implementing time-based ACL rules 3 IPv4 fragments filtering with ACLs 3 Flow templates
H3C S9500 QoS Technology White Paper
H3C Key words: QoS, quality of service Abstract: The Ethernet technology is widely applied currently. At present, Ethernet is the leading technology in various independent local area networks (LANs), and
The Interconnection Structure of. The Internet. EECC694 - Shaaban
The Internet Evolved from the ARPANET (the Advanced Research Projects Agency Network), a project funded by The U.S. Department of Defense (DOD) in 1969. ARPANET's purpose was to provide the U.S. Defense
Simple Inter-AS CoS. draft-knoll-idr-qos-attribute draft-knoll-idr-cos-interconnect
Simple Inter-AS CoS draft-knoll-idr-qos-attribute draft-knoll-idr-cos-interconnect Thomas Martin Knoll Chemnitz University of Technology Communication Networks Phone +49 (0)371 531 33246 Email knoll@etit.tu-chemnitz.de
Access List Commands
Access List Commands This module describes the Cisco IOS XR software commands used to configure IP Version 4 (IPv4) and IP Version 6 (IPv6) access lists. An access control list (ACL) consists of one or
Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields.
IP address ICMP Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields. The TYPE field identifies the ICMP message, the CODE field
Zone-Based Firewall Logging Export Using NetFlow
Zone-Based Firewall Logging Export Using NetFlow Zone-based firewalls support the logging of messages to an external collector using NetFlow Version 9 export format. NetFlow Version 9 export format uses
Lecture 5 The Network Layer part II. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 5 The Network Layer part II Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it IP datagram format IP protocol version number header length (bytes) type of data max number remaining
Network Layer/IP Protocols
Network Layer/IP Protocols 1 Outline IP Datagram (IPv4) NAT Connection less and connection oriented service 2 IPv4 packet header 3 IPv4 Datagram Header Format version of the IP protocol (4 BIts) IP header
SDN Workshop. Contact: WSDN01_v0.1
SDN Workshop Contact: training@apnic.net WSDN01_v0.1 Issue Date: [Date] Revision: [xx] BGP-LS SDN Workshop WSDN01_v0.1 Issue Date: [Date] Revision: [xx] Overview In a nutshell Motivations Introduction
Principles. IP QoS DiffServ. Agenda. Principles. L74 - IP QoS Differentiated Services Model. L74 - IP QoS Differentiated Services Model
Principles IP QoS DiffServ Differentiated Services Architecture DSCP, CAR Integrated Services Model does not scale well flow based traffic overhead (RSVP messages) routers must maintain state information
This document is not restricted to specific software and hardware versions.
Contents Introduction Prerequisites Requirements Components Used Background Information Configure Network Diagram Configuration DN Bit Verify Troubleshoot Related Cisco Support Community Discussions Introduction
Chapter 20 Network Layer: Internet Protocol 20.1
Chapter 20 Network Layer: Internet Protocol 20.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 20-1 INTERNETWORKING In this section, we discuss internetworking,
UNIT I Review Computer Networks and the Internet
SIDDHARTH GROUP OF INSTITUTIONS :: PUTTUR Siddharth Nagar, Narayanavanam Road 517583 QUESTION BANK (DESCRIPTIVE) Subject with Code : Advanced Computer Networks ( 16CS5802 ) Course & Branch: M.Tech - CSE
Networking: Network layer
control Networking: Network layer Comp Sci 3600 Security Outline control 1 2 control 3 4 5 Network layer control Outline control 1 2 control 3 4 5 Network layer purpose: control Role of the network layer
EE 610 Part 2: Encapsulation and network utilities
EE 610 Part 2: Encapsulation and network utilities Objective: After this experiment, the students should be able to: i. Understand the format of standard frames and packet headers. Overview: The Open Systems
CSE 3214: Computer Network Protocols and Applications Network Layer
CSE 314: Computer Network Protocols and Applications Network Layer Dr. Peter Lian, Professor Department of Computer Science and Engineering York University Email: peterlian@cse.yorku.ca Office: 101C Lassonde
Configuring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
Da t e: August 2 0 th a t 9: :00 SOLUTIONS
Interne t working, Examina tion 2G1 3 0 5 Da t e: August 2 0 th 2 0 0 3 a t 9: 0 0 1 3:00 SOLUTIONS 1. General (5p) a) Place each of the following protocols in the correct TCP/IP layer (Application, Transport,
Chapter 4: network layer. Network service model. Two key network-layer functions. Network layer. Input port functions. Router architecture overview
Chapter 4: chapter goals: understand principles behind services service models forwarding versus routing how a router works generalized forwarding instantiation, implementation in the Internet 4- Network