E : Internet Routing

Similar documents
Cisco IP Fragmentation and PMTUD

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

CS519: Computer Networks. Lecture 1 (part 2): Jan 28, 2004 Intro to Computer Networking

MPLS Segment Routing in IP Networks

CSCI-1680 Network Layer:

CSE/EE 461 The Network Layer. Application Presentation Session Transport Network Data Link Physical

Internetworking/Internetteknik, Examination 2G1305 Date: August 18 th 2004 at 9:00 13:00 SOLUTIONS

Implementing IP in IP Tunnel

Lecture 3. The Network Layer (cont d) Network Layer 1-1

Telecom Systems Chae Y. Lee. Contents. Overview. Issues. Addressing ARP. Adapting Datagram Size Notes

Lecture 8. Network Layer (cont d) Network Layer 1-1

IPv6: An Introduction

Network Layer: Control/data plane, addressing, routers

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

IPv6. IPv6, MPLS. IPv6. IPv6 Addresses. IPv4 Packet Format. IPv6. History

Lecture 8. Basic Internetworking (IP) Outline. Basic Internetworking (IP) Basic Internetworking (IP) Service Model

Network layer: Overview. Network Layer Functions

IPv6 Protocols and Networks Hadassah College Spring 2018 Wireless Dr. Martin Land

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang

Lecture 8. Reminder: Homework 3, Programming Project 2 due on Thursday. Questions? Tuesday, September 20 CS 475 Networks - Lecture 8 1

IPv6 : Internet Protocol Version 6

History. IPv6 : Internet Protocol Version 6. IPv4 Year-Wise Allocation (/8s)

ECE 158A: Lecture 7. Fall 2015

Communication Systems DHCP

LARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF

Packet Header Formats

Internet Control Message Protocol (ICMP)

Introduction to TCP/IP networking

Lecture Computer Networks

ICS 351: Today's plan. routing protocol comparison encapsulation network dynamics multicasting in general IP multicasting IGMP PIM

Introduction to Internetworking

Mobile & Wireless Networking. Lecture 9: Mobile IP. [Schiller, Section 8.1]

Internetworking Part 2

Packetization Layer Path Maximum Transmission Unit Discovery (PLPMTU) For IPsec Tunnels

Network Interconnection

The Netwok 15 Layer IPv4 and IPv6 Part 3

EE 610 Part 2: Encapsulation and network utilities

IPSec. Overview. Overview. Levente Buttyán

EC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane

Network Layer Part A (IPv6) Network Layer 4-1

Chapter 4: outline. 4.5 routing algorithms link state distance vector hierarchical routing. 4.6 routing in the Internet RIP OSPF BGP

IP - The Internet Protocol

Connection Oriented Networking MPLS and ATM

IPv6 Switching: Provider Edge Router over MPLS

Multi Protocol Label Switching (an introduction) Karst Koymans. Thursday, March 12, 2015

Mobile IP. Mobile IP 1

The Network 15 Layer IPv4 and IPv6 Part 3

Cloud e Datacenter Networking

RMIT University. Data Communication and Net-Centric Computing COSC 1111/2061. Lecture 2. Internetworking IPv4, IPv6

Network Layer (4): ICMP

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964

IPv6 Concepts. Improve router performance Simplify IP header Align to 64 bits Address hierarchy with more levels Simplify routing tables

Initial motivation: 32-bit address space soon to be completely allocated. Additional motivation:

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

Internet Multicast Routing

Cloud e Datacenter Networking

cs144 Midterm Review Fall 2010

Vorlesung Kommunikationsnetze

Internet Protocol version 6

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local

Network Layer: Internet Protocol

MPLS VPN. 5 ian 2010

Network and Security: Introduction

Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN

Review for Chapter 4 R1,R2,R3,R7,R10,R11,R16,R17,R19,R22,R24, R26,R30 P1,P2,P4,P7,P10,P11,P12,P14,P15,P16,P17,P22,P24,P29,P30

Contents. Configuring GRE 1

Da t e: August 2 0 th a t 9: :00 SOLUTIONS

Layering and Addressing CS551. Bill Cheng. Layer Encapsulation. OSI Model: 7 Protocol Layers.

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 12

Networks. an overview. dr. C. P. J. Koymans. Informatics Institute University of Amsterdam. February 4, 2008

CS475 Networks Lecture 8 Chapter 3 Internetworking. Ethernet or Wi-Fi).

CPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer

CSE 4215/5431: Mobile Communications Winter Suprakash Datta

Internet Protocol, Version 6

K2289: Using advanced tcpdump filters

Mobile Communications Chapter 8: Network Protocols/Mobile IP

CompSci 356: Computer Network Architectures. Lecture 13: Dynamic routing protocols: Link State Chapter 3.3.3, Xiaowei Yang

Recap. Recap. Internetworking. First mile problem. Internet. End Users. Last mile problem. Direct link networks Packet switching.

Chapter 2 PROTOCOL ARCHITECTURE

Multiprotocol Label Switching (MPLS) on Cisco Routers

MPLS MULTI PROTOCOL LABEL SWITCHING OVERVIEW OF MPLS, A TECHNOLOGY THAT COMBINES LAYER 3 ROUTING WITH LAYER 2 SWITCHING FOR OPTIMIZED NETWORK USAGE

LISP Router IPv6 Configuration Commands

The Internet Protocol. IP Addresses Address Resolution Protocol: IP datagram format and forwarding: IP fragmentation and reassembly

ETSF05/ETSF10 Internet Protocols Network Layer Protocols

VXLAN Overview: Cisco Nexus 9000 Series Switches

Datagram. Source IP address. Destination IP address. Options. Data

MPLS, THE BASICS CSE 6067, UIU. Multiprotocol Label Switching

Introduction to IPv6. IPv6 addresses

Lecture 14 IP Wrap up. Outline

Aside: Interaction with Link Layer Computer Networking. Caching ARP Entries. ARP Cache Example

The Internet. 9.1 Introduction. The Internet is a global network that supports a variety of interpersonal and interactive multimedia applications.

Computer Network Fundamentals Spring Week 4 Network Layer Andreas Terzis

2D1490 p MPLS, RSVP, etc. Olof Hagsand KTHNOC/NADA

NAT, IPv6, & UDP CS640, Announcements Assignment #3 released

Computer Networking: A Top Down Approach Featuring the. Computer Networks with Internet Technology, William

Computer Networks. Course Reference Model. Topic. Error Handling with ICMP. ICMP Errors. Internet Control Message Protocol 12/2/2014.

IPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.

Goals and topics. Verkkomedian perusteet Fundamentals of Network Media T Circuit switching networks. Topics. Packet-switching networks

Marking Traffic CHAPTER

Module 28 Mobile IP: Discovery, Registration and Tunneling

Transcription:

E6998-02: Internet Routing Lecture 18 Overlay Networks John Ioannidis AT&T Labs Research ji+ir@cs.columbia.edu Copyright 2002 by John Ioannidis. All Rights Reserved.

Announcements Lectures 1-18 are available. There are no more announcements. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 2

Source Routing Normally, the path a packet takes from its source to its destination is determined by each intermediate router. A packet can be source-routed: the source determines all (strict source routing) some (loose source routing) of the routers that the packet will pass through. F H A G B November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 3

Source Routing in IPv4 Recall the IPv4 packet format: v=4 hl tos length id C D M frag off ttl protocol checksum src dst Options (up to 44 bytes) Payload (up to 64K 4*hl bytes) November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 4

Source Routing in IPv4 When sending from a to b (no source routing): 4 5 tos length id C D M frag off ttl protocol checksum a b payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 5

Source Routing in IPv4 When sending from A to B (loose source routing via F, G, H): 4 9 tos length id C D M frag off ttl protocol checksum a f 1 (nop) 131 (LSRR) 15 (length) 4 (pointer) g h b payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 6

Source Routing in IPv4 We re at F 4 9 tos length id C D M frag off ttl protocol checksum a g 1 (nop) 131 (LSRR) 15 (length) 8 (pointer) f h b payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 7

Source Routing in IPv4 We re at G 4 9 tos length id C D M frag off ttl protocol checksum a h 1 (nop) 131 (LSRR) 15 (length) 12 (pointer) f g b payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 8

Source Routing in IPv4 We re at H 4 9 tos length id C D M frag off ttl protocol checksum a b 1 (nop) 131 (LSRR) 15 (length) 16 (pointer) f g h payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 9

Source Routing in IPv4 B sees that the LSRR pointer is beyond the end of the option, so it accepts the packet as its own. Actually, the addresses replaced in the option are not exactly as shown. The next address should be the next-hop interface ( left ). The replaced address is the egress interface ( right ). This way, the LSRR is ready to be reversed and use by B. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 10

Back to A A fills out the left addresses of F, G, H: 4 9 tos length id C D M frag off ttl protocol checksum a f-left 1 (nop) 131 (LSRR) 15 (length) 4 (pointer) g-left h-left b payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 11

At F F puts its egress address in the option. 4 9 tos length id C D M frag off ttl protocol checksum a g-left 1 (nop) 131 (LSRR) 15 (length) 8 (pointer) f-right h-left b payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 12

At G G puts its egress address in the option. 4 9 tos length id C D M frag off ttl protocol checksum a h-left 1 (nop) 131 (LSRR) 15 (length) 12 (pointer) f-right g-right b payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 13

At H About to take the last hop 4 9 tos length id C D M frag off ttl protocol checksum a b 1 (nop) 131 (LSRR) 15 (length) 16 (pointer) f-right g-right h-right payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 14

Reversing the Source Routing To source-route the packet back to A, B reverses the Recorded Route: 4 9 tos length id C D M frag off ttl protocol checksum b h-right 1 (nop) 131 (LSRR) 15 (length) 4 (pointer) g-right f-right a payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 15

Back at H Otherwise, LSRR processing proceeds the same way. 4 9 tos length id C D M frag off ttl protocol checksum b g-right 1 (nop) 131 (LSRR) 15 (length) 8 (pointer) h-left f-right a payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 16

Back at G On to F 4 9 tos length id C D M frag off ttl protocol checksum B f-right 1 (nop) 131 (LSRR) 15 (length) 12 (pointer) h-left g-left a payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 17

Back at F Final hop 4 9 tos length id C D M frag off ttl protocol checksum b a 1 (nop) 131 (LSRR) 15 (length) 16 (pointer) h-left g-left f-left payload November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 18

Back at A again A now gets the packet with the same LSRR it sent it out. We could have used SSRR, but we would have had to list (and know) all intermediate routers. There is also a RR option that just records the route. Not very useful, only good for 10 hops. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 19

Source Routing Considered Harmful All routers in the path (not just the ones listed in the LSRR option) are affected. Routers are optimized for packets with no options. If options are present, CPU has to get involved. Slows things down. Routing systems should know best path. But LSRR allows packets to go through when routing is broken. Source should not dictate return path to destination. Return path may not even be routable. But destination can always ignore it. Security issues. But hosts shouldn t be relying on IP address for auth. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 20

E fakes A s address E E fakes A s address. src:a M has a (fake) static route to a. dst:ml E sends a source-routed packet to B lsrr: b via M. M a ml mr A a B November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 21

M Colludes M forwards the packet. B gets a packet. Believes it s from A. E M a ml mr src:a dst:b lsrr: mr A a B November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 22

B Responds B reverses the LSRR Thinking it s sending to A. Packet is source-routed to M. E M a ml mr A a src:b dst:mr lsrr: a B November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 23

M is Still Colluding E M dutifully forwards the packet to E. src:b E successfully has a connection to B. dst:a lsrr: ml M a ml mr A a B November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 24

Source Routing in IPv6 Routing Header (43). It s a routing header, so it appears directly after the IPv6 header (and any hop-by-hop options). 6 TC Flow Label pyld len 43 hlim src first hop NH len 0 SL 0 <len> addresses November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 25

Tunneling Source routing is a form of tunneling. Tunnel: a (virtual) link between two network nodes. At the same layer in the network stack. Uses underlying network as virtual wire. switching fabric. Routing is circumvented. In the LSRR examples, we cause traffic to follow a different path from what the underlying routing would have dictated. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 26

Encapsulation Putting one kind of network frame inside another. An IP packet is encapsulated in ethernet, PPP, etc. frames. An IP packet may be encapsulated in another IP packet. IP protocol 4 ( IP-in-IP ). GRE encapsulation, IPIP (proto 94) encapsulation. An IP packet may also be encapsulated in a higher-level protocol. IP over UDP (over IP). IP over HTTP (over TCP (over IP)). Encapsulation is another Tunneling technique. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 27

Virtual Private Networks (VPNs) What s a Private Network? Private as in mine, not as in secret. Consider a geographically-distributed organization. Various parts want to connect to each other, and potentially to the Internet. 12.2.0.0/18 12.2.64.0/18 The Internet 12.2.192.0/18 12.2.128.0/18 November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 28

Each part advertises its more-specific prefix. Pollutes the routing tables. Was not possible in pre-cidr days. Is still not possible when using private address space. Lots of security implications. 12.2.0.0/18 12.2.64.0/18 The Internet 12.2.224.0/19 12.2.128.0/18 November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 29

The old way: Get point-to-point circuits from telco. The somewhat more modern way: Get fixed ATM or FR virtual circuits from telco. Only the aggregate gets advertised to the network. But: high cost of point-to-point links. 12.2.0.0/18 12.2.64.0/18 The Internet 12.2.224.0/19 12.2.128.0/18 November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 30

The VPN way: Looks like a partitioned network. Heal the partition with tunnels. (There are lots of other ways to heal the partition). 12.2.0.0/18 12.2.64.0/18 The Internet 12.2.224.0/19 12.2.128.0/18 November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 31

VPN Implementation Each tunnel endpoint has a real IP address (since the inside space can be private address space). Forwarding rules on each tunnel endpoint. Look like routes. Usually implemented with a virtual interface. If destination prefix is foo/n then tunnel via bar. Encapsulation can be as simple as IP in IP (protocol 4). Inner header vs. outer header. GRE encapsulation (RFC1701 and 1702). IPsec encapsulation (RFC2401-series RFCs). Other forms of IP-in-foo encapsulation. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 32

Problems with IP Encapsulation Max IP packet size and Path MTU: Encapsulation adds an extra header to the packet. Max packet size gets reduced by that amount. Not usually a problem (no one sends 65K datagrams). As does PMTU. Hosts should be running PMTU discovery. Or interfaces should be configured with lower MTUs. Who gets ICMP messages? If generated while traversing the tunnel. If generated by the tunnel endpoints. If generated by the end hosts. What to do with TOS, DF, TTL. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 33

Overlay Networks Any network at layer-n that (recursively) uses layer-n for forwarding. Uses existing network as a switching fabric (a virtual linklayer). Bypasses existing routing. Examples: VPNs. Multicast. Mobile IP. Peer-to-peer networks (these can also be at higher layers). Route traffic around faults, congestion, etc. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 34

Overlay Networks cont d Overlay networks are used when a different forwarding path is required from the one provided by the underlying routing. This is functionally equivalent to source routing. Obviously! Example: Mobile IP Packet to 12.2.24.19 128.59.0.0/16 Mobile 12.2.24.19 (ha) 128.59.22.31 (coa) 12.2.0.0/16 HA November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 35

Overlay Networks Extend Routing Tunneling can also be used to create new routing infrastructures out of existing ones. Examples: M-BONE (Multicast backbone). 6BONE (IPv6 backbone). November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 36

MBONE Multicast was not natively supported by routing protocols in 1992. Most providers still don t have it turned on. MBONE is a collection of routers that forward multicast traffic. Links between these routers are tunnels. They have their own routing protocol. Next Hop is really next router in the overlay network. Outside (tunnel) header src and dst addresses are those of the sending and receiving mbone routers. Inside source address is the (unicast) address of the originator. Inside destination address is the multicast destination address. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 37

MBONE cont d Each MBONE router receives a (tunneled) packet. Strips the encapsulation. Decides which tunnels to forward the packet to. (This is multicast, there will usually be more than one). Re-encapsulates the packet for each destination router. If the router has (local) hosts in the multicast group, it also sends a copy of the (multicast) packet to the corresponding link-layer multicast address. If the router sees a multicast destination address on one of its interfaces, it picks it up and forwards it. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 38

6BONE Same idea, for IPv6. Couldn t wait for providers to offer natively-routed IPv6. Preconfigured tunnels. Outer (tunnel) header is IPv4. Inner header is IPv6. Allocated 3ffe::/15, further allocations from there. Runs multiprotocol extensions to BGP. IPv4 links look like link-layer links. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 39

Six-to-four Automatic way to tunnel v6 in v4. First sixteen bits are (hex) 2002. Next 32 bits show (ipv4) tunnel endpoint. Packets from 2002:803b:1012::/48 to 2002:c014:e10f::/48 get tunneled from 128.59.16.18 to 192.20.225.15. November 7th, 2002 Lecture 18 of E6998-02: Internet Routing 40

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback