*Chapter 3Internetworking

ProblemsIn Chapter 2 we saw how to connect one node to another, or to an existing network. How do we build networks of global scale?How do we interconnect different types of networks to build a large global network?

Chapter Outline3.1 Switching and Bridging3.2 Basic Interworking (IP)3.3 Routing3.4 Implementation and Performance

Two limitations on the directly connected networkslimit on how many hosts can be attached, examplesonly two hosts can be attached to a point-to-point linkthe Ethernet specification allows no more than 1,024 hosts

limit on how large of a geographic area a single network can serve, examplesan Ethernet can span only 2,500 mwireless networks are limited by the ranges of their radiospoint-to-point links can be quite long

Goalbuild networks that can be global in scaleProblemhow to enable communication between hosts that are not directly connectedSolutioncomputer networks use packet switches to enable packets to travel from one host to another, even when no direct connection exists between those hosts

Packet switcha device with several inputs and outputs leading to and from the hosts that the switch interconnectsCore job of a switchtake packets that arrive on an input and forward (or switch) them to the right output so that they will reach their appropriate destination

A key problem that a switch must deal with is the finite bandwidth of its outputsif packets destined for a certain output arrive at a switch and their arrival rate exceeds the capacity of that output, then we have a problem of contentionthe switch queues (buffers) packets until the contention subsides, but if it lasts too long, the switch will run out of buffer space and be forced to discard packetswhen packets are discarded too frequently, the switch is said to be congested

3.1 Switching and BridgingSwitcha multi-input, multi-output device, which transfers packets from an input to one or more outputsstar topologyswitched networks are more scalable (i.e., growing to large numbers of nodes) than shared-media networks because of the ability to support many hosts at full speed

A switch provides a star topology

Scalable NetworksThe figure shows the protocol graph that would run on a switch that is connected to two T3 links and one STS-1 SONET link Example protocol graph running on a switch

A switch forwards packets from input port to output portPort selected based on address in packet headerAdvantages cover large geographic area (tolerate latency)support large numbers of hosts (scalable bandwidth)

Example switch with three input and output ports

How does the switch decide on which output port to place each packets?general answerit looks at the header of the packet for an identifier that it uses to make the decisionthree common approachesdatagram (or connectionless) approachvirtual circuit (or connection-oriented approach)source routing

3.1.1 DatagramSometimes called connectionless modelAnalogy: postal systemNo connection setup phaseno round trip delay waiting for connection setupa host can send data as soon as it is ready

Each packet is forwarded independently of previous packets that might have been sent to the same destinationtwo successive packets from host A to host B may follow completely different paths (perhaps because of a change in the forwarding table at some switch in the network)

A switch or link failure might not have any serious effect on communication if it is possible to find an alternate route around the failure and to update the forwarding table accordinglySince every packet must carry the full address of the destination, the overhead per packet is higher than for the connection-oriented model

Source host has no way of knowing if the network is capable of delivering a packet or if the destination host is even up and runningEach switch maintains a forwarding (routing) table

Examplethe hosts have addresses A, B, C, and so ona switch consults a forwarding table (routing table) to decide how to forward a packet

Datagram forwarding: an example network

The table shows the forwarding information that switch 2 needs to forward datagrams

DestinationPortA3B0C3D3E2F1G0H0

3.1.2 Virtual Circuit SwitchingSometimes called connection-oriented modelAnalogy: phone callExplicit connection setup (and tear-down) phaseit requires that a virtual connection from the source host to the destination host is set up before any data is sentTypically wait full RTT (Round Trip Time) for connection setup before sending first data packet

If a switch or a link in a connection failsthe connection is broken and a new one needs to be establishedSubsequence packets follow same circuitEach switch maintains a Virtual Circuit (VC) table

Entry in the VC table on a single switch contains a virtual circuit identifier (VCI) uniquely identifies the connection at this switchwhich will be carried inside the header of the packets that belong to this connection

Incoming InterfaceIncoming VCIOutgoing InterfaceOutgoing VCI25111

Incoming InterfaceIncoming VCIOutgoing InterfaceOutgoing VCI31127

Incoming InterfaceIncoming VCIOutgoing InterfaceOutgoing VCI0714

an incoming interfaceon which packets for this VC arrive at the switchan outgoing interfacein which packets for this VC leave the switcha potentially different VCI that will be used for outgoing packets

Two classes of approaches to establish connection statePermanent Virtual Circuit (PVC)Switched Virtual Circuit (SVC)

Permanent Virtual Circuit (PVC)administrator configures the state, in which case the virtual circuit is permanentadministrator can also delete the state, so a permanent virtual circuit (PVC) might be thought of as a long-lived, or administratively configured VC

Switched Virtual Circuit (SVC)a host may set up and delete a VC by sending messages without the involvement of a network administratorthis is referred to as signaling, and the resulting virtual circuits are said to be switchedan SVC should more accurately be called a signaled VC, since it uses signaling (not switching) to distinguish an SVC from a PVC

Exampleassume that a network administrator wants to manually create a new virtual connection from host A to host Btwo-stage processconnection setupdata transfer

An example of a virtual circuit network(5)(11)(7)(4)

The administrator picks a VCI value that is currently unused on each link for the connectionsupposeVCI = 5, the link from host A to switch 1VCI = 11, the link from switch 1 to switch 2VCI = 7, the link from switch 2 to switch 3VCI = 4, the link from switch 3 to host B

VC table entry at switch 1VC table entry at switch 2VC table entry at switch 3

Incoming InterfaceIncoming VCIOutgoing InterfaceOutgoing VCI25111

Incoming InterfaceIncoming VCIOutgoing InterfaceOutgoing VCI31127

Incoming InterfaceIncoming VCIOutgoing InterfaceOutgoing VCI0714

A packet is sent into a virtual circuit network

A packet makes its way through a virtual circuit network

Hop-by-hop flow controleach node is ensured of having the buffers it needs to queue the packets that arrive on that circuitexample, an X.25 network-a packet-switched network that uses the connection-oriented model

X.25 network employs the following three-part strategybuffers are allocated to each virtual circuit when the circuit is initializedthe sliding window protocol is run between each pair of nodes along the virtual circuit, and this protocol is augmented with flow control to keep the sending node from overrunning the buffers allocated at the receiving node

the circuit is rejected by a given node if not enough buffers are available at that node when the connection request message is processed

Examples of virtual circuit technologiesAsynchronous Transfer Mode (ATM)Frame Relay, e.g., Virtual Private Network (VPN)Frame Relay operates only at the physical and data link layers

ATM Cell FormatsTwo different cell formatsUser-Network Interface (UNI) formathost-to-switch formatinterface between a telephone company and one of its customersNetwork-Network Interface (NNI) formatswitch-to-switch formatinterface between a pair of telephone companies

Architecture of an ATM network

User-Network Interface (UNI) GFC (4 bits): Generic Flow ControlVPI (8 bits): Virtual Path IdentifierVCI (16 bits): Virtual Circuit IdentifierType (3 bits): management, congestion control, AAL5CLP (1 bit): Cell Loss Priority HEC (8 bits): Header Error Check (CRC-8)Network-Network Interface (NNI)GFC becomes part of VPI field (no GFC and becomes 12-bit VPI)

ATM cell format at the UNI

ATM Headers

ATM Virtual PathATM uses a 24-bit identifier for vircuit circuits8-bit virtual path identifier (VPI)16-bit virtual circuit identifier (VCI)

Examplea corporation has two sites that connect to a public ATM network, and that at each site the corporation has a network of ATM switches we could establish a virtual path between two sites using only the VPI fieldwithin the corporate sites, however, the full 24-bit space is used for switching

Example of a virtual path

Advantage of virtual pathalthough there may be thousands or millions of virtual connections across the public network, the switches in the public network behave as if there is only one connectionthere needs to be much less connection-state information stored in the switches, avoiding the need for big, expensive tables of per-VCI information

TPVPsand VCs

Example of VPs and VCs

Connection Identifiers

Virtual Connection Identifiers in UNIs and NNIs

ATM Cell

Routing with a Switch

3.1.3 Source RoutingNeither virtual circuits nor conventional datagramsAll the information about network topology that is required to switch a packet across the network is provided by the source host

Various ways to implement source routingmethod1put an ordered list of switch ports in the header and to rotate the list so that the next switch in the path is always at the front of the listfor each packet that arrives on an input, the switch would read the port number in the header and transmit the packet on that output

Source routing in a switched network (where the switch reads the rightmost number)

method2example, rather than rotate the header, each switch just strip the first element as it uses it method3have the header carry a pointer to the current next port entry, so that each switch just updates the pointer rather than rotating the header

Three ways to handle headers for source routing: (a) rotation, (b) stripping, and (c) pointer. The labels are read right to left

3.1.4 Bridges and LAN SwitchesLANs have physical limitations (e.g., 2500m)Bridgeconnect two or more LANsExtended LAN a collection of LANs connected by one or more bridgesaccept and forward strategy (accept all frames transmitted on either of the Ethernets, so it could forward them to the other)

Learning BridgesDo not forward when unnecessarywhenever a frame from host A that is addressed to host B arrives on port 1, there is no need for the bridge to forward the frame out over port 2

Illustration of a learning bridge

How does a bridge come to learn on which port the various hosts reside?each bridge inspects the source address in all the frames it receiveswhen host A sends a frame to a host on either side of the bridge, the bridge receives this frame and records the fact that a frame from host A was just received on port 1in this way, the bridge can build a table just like the following table

HostPortA1B1C1X2Y2Z2

HostPortA1B1C1X2Y2Z2

Spanning Tree AlgorithmProblem: extended LAN has a loop in itframes potentially loop through the extended LAN foreverexamplebridges B1, B4, and B6 form a loop

Extended LAN with loops

Solution: bridges run a distributed spanning tree algorithm spanning tree is a subgraph of a graph that covers (spans) all the vertices, but contains no cycles

Example of (a) a cyclic graph; (b) a corresponding spanning tree

Spanning tree algorithm (developed by Radia Perlman)each bridge has a unique identifier (e.g., B1, B2, B3)the algorithm first elects the bridge with the smallest ID as the root of the spanning treethe root bridge always forwards frames out over all of its ports

each bridge computes the shortest path to the root and notes which of its ports is on this paththis port is selected as the bridges preferred path to the root

finally, all the bridges connected to a given LAN elect a single designated bridge that will be responsible for forwarding frames toward the root bridgeeach LANs designated bridge is the one that is closest to the root, and if two or more bridges are equally close to the root, then the bridges identifiers with the smallest ID wins

Spanning tree with some ports not selected

Bridges have to exchange configuration messages with each other and then decide whether or not they are the root or a designated bridge based on these messagesconfiguration messages containthe ID for the bridge that is sending the messagethe ID for what the sending bridge believes to be the root bridge the distance, measured in hops, from the sending bridge to the root bridge

each bridge records current best configuration message for each portinitially, each bridge believes it is the rootwhen learn not root, stop generating config messagesin steady state, only root generates configuration messageswhen learn not designated bridge, stop forwarding config messagesin steady state, only designated bridges forward config messages

root continues to periodically send config messagesif any bridge does not receive config message after a period of time, it starts generating config messages claiming to be the rootupon receiving a config message over a particular portthe bridge checks to see if that new message is better than the current best configuration message recorded for that

the new configuration message is considered better than the currently recorded information if it identifies a root with a smaller ID or it identifies a root with an equal ID but with a shorter distance or the root ID and distance are equal, but the sending bridge has a smaller ID

Sequence of eventsassume all the bridges boot at about the same time and all the bridges would start off by claiming to be the root(Y, d, X) denotes a configuration message from node X in which it claims to be distance d from root node Y

Sequence of events on the activity at node B3 B3 receives (B2, 0, B2)since 2 < 3, B3 accepts B2 as root [(B2, 1, B3)]B3 adds one to the distance advertised by B2 (0) and thus sends (B2, 1, B3) toward B5 [(B2, 1, B3), (B2, 2, B5)]meanwhile, B2 accepts B1 as root because it has the lower ID, and it sends (B1, 1, B2) toward B3 [(B1, 1, B2), (B1, 2, B3)]

B5 accepts B1 as root and sends (B1, 1, B5) toward B3 [(B1, 1, B5), (B1, 2, B3)]B3 accepts B1 as root, and it notes that both B2 and B5 are closer to the root than it is [(B1, 2, B3), (B1, 1, B2), (B1, 1, B5)]B3 stops forwarding messages on both its interfaces (this leaves B3 with both ports not selected) [(B1, 1, B2), (B1, 1, B5)]

Spanning tree with some ports not selected

Broadcast and MulticastSince most LANs support both broadcast and multicast, then bridges must also support these two featuresBroadcasteach bridge forwards a frame with a destination broadcast address out on each active (selected) port other than the one on which the frame was receivedMulticastimplemented in exactly the same way, with each host deciding itself whether or not to accept the message

Limitations of BridgesDo not scaleDo not accommodate heterogeneity

Do not ScaleIt is not realistic to connect more than a few (tens of) LANs by means of bridgesthe spanning tree algorithm scales linearly, i.e., there is no provision for imposing a hierarchy on the extended LANbridges forward all broadcast frames and broadcast does not scale

Virtual LAN (VLAN)used to increase the scalability of extended LANsallows a single extended LAN to be partitioned into several seemingly separate LANseach virtual LAN is assigned an identifier (sometimes called a color), and packets can only travel from one segment to another if both segments have the same identifierthis limits the number of segments in an extended LAN that will receive any given broadcast packet

Examplefour hosts (W, X, Y, Z) on four different LAN segmentsin the absence of VLANs, any broadcast packet from any host will reach all the other hostssuppose that we define the segments connected to hosts W and X as being in one LAN, VLAN 100also define the segments that connect to hosts Y and Z as being in VLAN 200to do his, we need to configure a VLAN ID on each port of bridges B1 and B2the link between B1 and B2 is considered to be in both VLANs

Two virtual LANs share a common backbone

When a packet sent by host X arrives at bridge B2the bridge observes that it came in a port that was configured as being in VLAN 100it inserts a VLAN header between the Ethernet header and its payloadthe bridge applies normal rules for forwarding to the packet, with the extra restriction that the packet may not be sent out an interface that is not part of VLAN 100thus, even a broadcast packet cant be sent out the interface to host Z, which is in VLAN 200

An attractive feature of VLANsit is possible to change the logical topology without moving any wires or changing any addresses exampleif we want to make the segment that connects to host Z be part of VLAN 100, and thus enable X, W and Z be on the same virtual LAN, we would just need to change one piece of configuration on bridge B2

Do not Accommodate HeterogeneityBridges are fairly limited in the kinds of networks they can interconnectBridges make use of the networks frame header and so can support only networks that have exactly the same format for addressesBridges can be used to connect Ethernets to Ethernets, 802.5 (Token Ring) to 802.5, and Ethernets to 802.5 rings, since both networks support the same 48-bit address formatBridges do not readily generalize to other kinds of networks, such as ATM

*3.2 Basic Internetworking (IP)3.2.1 What is an Internework?3.2.2 Service Model3.2.3 Global Addresses3.2.4 Datagram Forwarding in IP3.2.5 Subnetting and Classless Addressing3.2.6 Address Translation (ARP)3.2.7 Host Configuration (DHCP)3.2.8 Error Reporting (ICMP)3.2.9 Virtual Networks and Tunnels

*3.2.1 What is an Internework?Concatenation of networks

A simple internetwork. Hn =host, Rn = router

*An internetwork is a network of networks in the figure, we see Ethernets, an FDDI ring, and a point-to-point linkeach of these is a single-technology networkthe nodes that interconnect the networks are called routers (sometimes called gateways)The following figure shows how H1 and H8 are logically connected by the internet, including the protocol graph running on each node

*A simple internetwork of protocol stackProtocol layers used to connect H1 to H8.ETH: the protocol that runs over Ethernet.

*3.2.2 Service ModelService model for an internetworka host-to-host service only if this service can somehow be provided over each of the underlying physical networksIP service model has two partsaddressing schemeprovides a way to identify all hosts in the internetworkdatagram (conectionless) model of data deliveryThis service model is sometimes called best effort although IP makes every effort to deliver datagrams, it makes no guarantees

*Datagrama type of packet sent in a connectionless manner over a networkevery datagram carry enough information to let the network forward the packet to its correct destinationno need for any advance setup mechanism to tell the network what to do when the packet arrives

*Best-effort delivery (unreliable service)if something goes wrong and has the following situationspackets are lostpackets are delivered out of orderduplicate copies of a packet are deliveredpackets can be delayed for a long timethe network does not make any attempt to recover from the failure

*Datagram format

*Datagram formata succession of 32-bit wordsthe top word is transmitted firstthe leftmost byte of each word is transmitted first

*1st word of the headerVersion: the version of IPthe current version of IP is 4 (IPv4) HLen: the length of the header in 32-bit wordsmost of the time, the header is 5 words (20 bytes) long

TOS: the 8-bit type of serviceallow packets to be treated differently based on application needsexample, the TOS value might determine whether or not a packet should be placed in a special queue that receives low delay*

*Length: 16 bits of the header contain the length of the datagram, including the headerthe field counts bytes rather than wordsthe maximum size of an IP datagram is 65,535 bytesthe physical network over which IP is running may not support such long packetsIP supports a fragmentation and reassembly process

2nd word of the header contains information about fragmentationOffset: 12-bit counts 8-byte chunk, not bytesthe distance (number of chunks) between the start of the original data and the start of the current fragment*

*3rd word of the headerTTL: one-byte time to live a specific number of seconds that the packet would be allowed to liverouters along the path would decrement this field until it reached 0Protocol: one-byte demultiplexing key identifies the higher-level protocol to which this IP packet should be passedvalues defined for TCP (6), UDP (17)

Checksum: calculated by considering the entire IP header as a sequence of 16-bit wordsadding them up using ones complement arithmetic, and taking the ones complement of the result*

*the fourth word of the header: SourceAddr the fifth word of the header: DestinationAddrthere may be a number of options at the end of the headerthe presence or absence of options may be determined by examining the header length (HLen) field

*Fragmentation and ReassemblyEach network technology tends to have its own idea of how large a packet can be, example, Ethernet can accept packets up to 1,500 bytes longFDDI packets may be 4,500 bytes longEvery network type has a maximum transmission unit (MTU)the largest IP datagram that it can carry in a framethis value is smaller than the largest packet size on that network because the IP datagram needs to fit in the payload of the link-layer frame

*Fragmentation typically occurs when necessary (MTU < Datagram)to enable these fragments to be reassembled at the receiving host, they all carry the same identifier in the Ident fieldthis identifier is chosen by the sending host and is intended to be unique among all the datagrams that might arrive at the destination from this source over some reasonable time period

*since all fragments of the original datagram contain this identifier, the reassembling host will be able to recognize those fragments that go togethershould all the fragments not arrive at the receiving host, the host gives up on the reassembly process and discards the fragments that did arriveIP does not attempt to recover from missing fragments

*exampleconsider what happens when host Hl sends a datagram to host H8assuming that the MTU is 1,500 bytes for the two Ethernets, 4,500 bytes for the FDDI network, and 532 bytes for the point-to-point networka 1,420-byte datagram (20-byte IP header plus 1,400 bytes of data) sent from H1 makes it across the first Ethernet and the FDDI network without fragmentation but must be fragmented into three datagrams at router R2these three fragments are then forwarded by router R3 across the second Ethernet to the destination host

*

* IP datagrams traversing the sequence of physical networks

*each fragment is itself a self-contained IP datagram that is transmitted over a sequence of physical networks, independent of the other fragmentseach IP datagram is reencapsulated for each physical network over which it travels

*(a)(b)Header fields used in IP fragmentation: (a) unfragmented packet; (b) fragmented packets.

*The unfragmented packet has 1,400 bytes of data and a 20-byte IP headerwhen the packet arrives at router R2, which has an MTU of 532 bytes, it has to be fragmenteda 532-byte MTU leaves 512 bytes for data after the 20-byte IP header, so the first fragment contains 512 bytes of datathe router sets the M bit in the Flags field, meaning that there are more fragments to followit sets the Offset to 0, since this fragment contains the first part of the original datagram

*the data carried in the second fragment starts with the 513th byte of the original data, so the field in this header is set to 64 (= 512/8)the third fragment contains the last 376 bytes of data, and the offset is now 2 512 / 8 = 128 (since this is the last fragment, the M bit is not set)

*3.2.3 Global AddressesEthernet addresses are globally uniquethat alone does not suffice for an addressing scheme in a large internetworkEthernet addresses are also flatthey have no structure and provide very few clues to routing protocols

*IP addresses are hierarchicalmade up of two parts that correspond to some sort of hierarchy in the internetworknetwork partidentifies the network to which the host is attachedall hosts attached to the same network have the same network parthost partidentifies each host uniquely on that particular network

*example 1the addresses of the hosts on network 1 would all have the same network part and different host partsexample 2the routers are attached to two networksthey need to have an address on each network, one for each interface, e.g., router Rlan IP address on the interface to network 2 that has the same network part as the hosts on network 2an IP address on the interface to network 3 that has the same network part as the hosts on network 3IP addresses belong to interfaces than to hosts

*IP addresses are divided into three different classeseach of the following figure defines different-sized network and host partsthere are also class D addresses specify a multicast group, and class E addresses that are currently unused in all cases, the address is 32 bits long

*IP addresses: (a) class A; (b) class B; (c) class C

*the class of an IP address is identified in the most significant few bitsif the first bit is 0, it is a class A addressif the first bit is 1 and the second is 0, it is a class Bif the first two bits are 1 and the third is 0, it is a class C addressof the approximately 4 billion (= 232)possible IP addressesone-half are class Aone-quarter are class Bone-eighth are class C

*Class A addresses7 bits for the network part and 24 bits for the host part126 (= 27-2) class A networks (0 and 127 are reserved)each network can accommodate up to 224-2 (about 16 million) hosts (again, two are reserved values)Class B addresses14 bits for the network part and 16 bits for the host part65,534 (= 216-2) hosts

*Class C addresses21 bits for the network part and 8 bits for the host part2,097,152 (= 22l) class C networks254 hosts (host identifier 255 is reserved for broadcast, and 0 is not a valid host number)

*IP addresses are written as four decimal integers separated by dotseach integer represents the decimal value contained in 1 byte (= 0~255) of the address, starting at the most significantExample, 171.69.210.245 Internet domain names (DNS)also hierarchicaldomain names tend to be ASCII strings separated by dots, e.g., cs.nccu.edu.tw

*3.2.4 Datagram Forwarding in IP Forwardingthe process of taking packet from an input and sending it out on the appropriate outputRoutingthe process of building up the tables that allow the correct output for a packet to be determined

*Strategyevery datagram contains destinations addressif connected to destination networkthen forward to hostif not directly connectedthen forward to some routerforwarding table maps network number (NetworkNum) into next hop (NextHop)each host has a default routereach router maintains a forwarding table

*Datagram forwarding algorithmif (NetworkNum of destination = NetworkNum of one of my interfaces) then deliver packet to destination over that interface else if (NetworkNum of destination is in my forwarding table) then deliver packet to NextHop route else deliver packet to default router

*For a host with only one interface and only one default router in its forwarding table(simplified algorithm)if (NetworkNum of destination = my NetworkNum) then deliver packet to destination directly else deliver packet to default router

*Example1suppose H1 wants to send a datagram to H2since they are on the same physical network, H1 and H2 have the same network number in their IP addressH1 deduces that it can deliver the datagram directly to H2 over the Ethernetthe one that needs to be resolved is how Hl finds out the correct Ethernet address for H2

*Example2suppose H1 wants to send a datagram to H8since they are on different physical networksH1 deduces that it needs to send the datagram to a routerHl sends the datagram over the Ethernet to R1R1 knows that it cannot deliver a datagram directly to H8 because neither of Rls interfaces is on the same network as H8

*suppose R1s default router is R2; R1 then sends the datagram to R2 over the token ring networkassume R2 has the forwarding table shown as follows, it looks up H8s network number (network 1) and forwards the datagram to R3

*Forwarding table for router R2

Network NumberNext Hop1R32R13Interface 14Interface 0

*R3 forwards the datagram directly to H8it is possible to include the information about directly connected networks in the forwarding tableexample, we could label the network interfaces of router R2 as interface 0 for the point-to-point link (network 4) and interface l for the token ring (network 3)

Network NumberNext Hop1R32R13Interface 14Interface 0

*3.2.5 Subnetting and Classless AddressingSubnetting deals with address space utilizationOriginal intent of IP addressesthe network part would uniquely identify exactly one physical networkProblem of address assignment : inefficiencyclass C with 2 hosts (2/255 = 0.78% efficiency)class B with 256 hosts (256/65535 = 0.39% efficiency)

*Subnetadd another level to address / routing hierarchyreduce the total number of network numbers that are assignedideatake a single IP network number and allocate the IP addresses with that network number to several physical networksa perfect use of subnetting is a large campus or corporation that has many physical networks

*Subnet maskdefine variable partition of host parta single network number can be shared among multiple networks involves configuring all the nodes on each subnet with a subnet mask

*subnet mask enables a subnet numberhosts may be on different physical networks but share a single network numberexample, to share a single class B address among several physical networks, we could use a subnet mask of 255.255.255.0 (all 1s in the upper 24 bits and 0s in the lower 8 bits)the top 24 bits are network numberthe lower 8 bits are host number the top 16 bits identify the network in a class B address

*three parts addressnetwork part (16 bits)subnet part (8 bits)host part (8 bits)

*Subnetted Address

*Subnet Example

*Exactly one subnet mask per subnetH1IP address: 128.96.34.15subnet mask: 255.255.255.128subnet number: 128.96.34.0Defines the subnet number of the host and of all other hosts on the same subnettake bitwise AND of IP address and subnet maskexample, 128.96.34.15 AND 255.255.255.128 equals 128.96.34.0

*When a host wants to send a packet to a certain IP addressperform a bitwise AND of its own subnet mask and the destination IP addressif the result equals the subnet number of the sending hostthe destination host is on the same subnet and the packet can be delivered directly over the subnet

*if the results are not equalthe packet needs to be sent to a router to be forwarded to another subnetexample, if H1 is sending to H2, then H1 ANDs its subnet mask (255.255.255.128) with the address for H2 (128.96.34.139) to obtain 128.96.34.128128.96.34.128 does not match the subnet number for H1 (128.96.34.0), so H1 and H2 are on different subnetsH1 has to send packet to its default router R1 then to H2

*Router with/without subnettingsimple IPentries of forwarding tables is of the form (NetworkNum, NextHop)support subnettingentries of forwarding tables is of the form (SubnetNumber, SubnetMask, NextHop)

*find the right entry in the tablethe router ANDs the packet's destination address with the SubnetMask for each entry in turnif the result matches the SubnetNumber of the entry, then this is the right entry to useit forwards the packet to the next hop router indicatedrouter Rl of the subnet example would have the following entries

*

*continuing with the example, a datagram from H1 being sent to H2Rl would AND H2's address (128.96.34.139) with the subnet mask of the first entry (255.255.255.128)compare the result (128.96.34.128) with the network number for that entry (128.96.34.0)since this is not a match (the first entry), it proceeds to the next entrythis time a match does occur (the second entry), so Rl delivers the datagram to H2 using interface 1, which is the interface connected to the same network as H2

*Datagram Forwarding AlgorithmD = destination IP addressfor each entry (SubnetNum, SubnetMask, NextHop) D1 = SubnetMask & D if D1 = SubnetNum if NextHop is an interface deliver datagram directly to D else deliver datagram to NextHop (router)

*Classless Routing (CIDR)Classless InterDomain Routing (CIDR, pronounced "cider")CIDR addresses two scaling concerns in the Internetthe growth of backbone routing tables as more and more network numbers need to be storedthe potential for the 32-bit IP address space to be exhausted well before the 4 billionth (= 232) host is attached to the InternetCIDR assigns block of contiguous network numbers to nearby networks

*CIDR tries to balance the followingminimize the number of routes that a router needs to knowthe need to hand out addresses efficientlyCIDR helps to aggregate routesuses a single entry in a forwarding table to reach a lot of different networks by breaking the rigid boundaries between address classes

*example, consider a hypothetical AS (Autonomous System) with 16 class C network numbersinstead of handing out 16 addresses at random, we can hand out a block of contiguous class C addressessuppose we assign the class C network numbers from 192.4.16 through 192.4.31the top 20 bits of all the addresses in this range are the same (11000000 00000100 0001)

*what we have effectively created is a 20-bit network number-something that is between a class B network number and a class C number

*IP addresses: (a) class A; (b) class B; (c) class C

*CIDR allows the prefixes (network numbers) can be of any length convention: place a /X after the prefix where X is the prefix length in bitsthe example above, the 20-bit prefix for all the networks 192.4.16 through 192.4.31 is represented as 192.4.16/20if we want to represent a single class C network number, its prefix is 24 bits long, we would write it 192.4.16/24

*Routing protocol can use CIDR to deal with "classless" addressesit must understand that a network number may be of any lengthnetwork numbers are represented by (length, value) pairslength: gives the number of bits in the network prefix, e.g., 20 in the above example

*Internet Service Provider (ISP) network has to provide Internet connectivity to a large number of corporations and campuses (customers)if we assign prefixes to the customers in such a way that many different customer networks connected to the provider network share a common, shorter address prefix, then we can get even greater aggregation of routes

*example, assume that eight customers served by the provider network have each been assigned adjacent 24-bit network prefixesthose prefixes all start with the same 21 bitsall of the customer are reachable through the same provider networkit can advertise a single route to all of them by just advertising the common 21-bit prefix they share

* Route aggregation with CIDR128135

10000000

10000111

*IP Forwarding RevisitedCIDR means that prefixes may be of any length, from 2 to 32 bitsit is possible to have prefixes in the forwarding table that "overlap," in the sense that some addresses may match more than one prefixexample1we might find both 171.69 (a 16-bit prefix) and 171.69.10 (a 24-bit prefix) in the forwarding table of a single routera packet destined to, say, 171.69.10.5, clearly matches both prefixes171.69.10 would be the longest match in this case

*example2a packet destined to 171.69.20.5 would match 171.69 and not 171.69.10in the absence of any other matching entry in the routing table, 171.69 would be the longest match

*3.2.6 Address Translation (ARP)IssueIP datagrams contain IP addresses, but the physical interface hardware on the host or router to which you want to send the datagram only understands the addressing scheme of that particular network

Resolutiontranslate the IP address to a link-level address that makes sense on this network (e.g., a 48-bit Ethernet address)encapsulate the IP datagram inside a frame that contains that link-1evel address and send it either to the ultimate destination or to a router that promises to forward the datagram toward the ultimate destination*framelink-leveladdressIP datagramEncapsulation

*Simple way to map an IP address into a physical network addressencode a hosts physical address in the host part of its IP addressexample, a host with physical address 00100001 01001001 (the decimal value 33 in the upper byte and 73 in the lower byte) might be given the IP address 128.96.33.73it is limited in that the networks physical addresses can be no more than 16 bits long in this exampleNetwork partHost part(physical address)

*More general solutioneach host maintains a table of address pairs (map IP addresses into physical addresses)Alternative solutionAddress Resolution Protocol (ARP)enable each host on a network to build up a table of mappings between IP addresses and link-level addressessince these mappings may over time (e.g. because an Ethernet card in a host breaks and is replaced by a new one with a new address), the entries are timed out periodically and removed

*this happens on the order of every 15 minutesthe set of mappings currently stored in a host is known as the ARP cache or ARP table

*The ARP packet containsHardwareTypethe type of physical network (e.g., Ethernet)ProtocolTypethe higher-layer protocol (e.g., IP)HLen (hardware address length) and PLen (protocol address length)the length of the link-layer address and higher-layer protocol address

*Operationspecifies whether this is a request or a responseAddressessource hardware (Ethernet) address (6 bytes)source protocol (IP) address (4 bytes)target hardware (Ethernet) address (6 bytes)target protocol (IP) address (4 bytes)

*ARP Packet Format

*

3.2.7 Host Configuration (DHCP)Dynamic Host Configuration Protocol (DHCP)relies on the existence of a DHCP server that is responsible for providing configuration information to hoststhere is at least one DHCP server for an administrative domainat the simplest level, the DHCP server can function just as a centralized repository for host configuration information

*a more sophisticated use of DHCP saves the network administrator from even having to assign addresses to individual hoststhe DHCP server maintains a pool of available addresses that it hands out to hosts on demandthis considerably reduces the amount of configuration an administrator must do by allocating a range of IP addresses (all with the same network number) to each network

DHCP server discoveryto contact a DHCP server, a newly booted or attached host sends a DHCPDISCOVER message to a special IP (broadcast) address (255.255.255.255)it will be received by all hosts and routers on that networkin the simplest case, one of these nodes is the DHCP server for the networkthe server would then reply to the host that generated the discovery message (all the other nodes would ignore it)

*

*DHCP uses the concept of relay agentthere is at least one relay agent on each network, and it is configured with just one piece of information: the IP address of the DHCP server when a relay agent receives a DHCPDISCOVER message, it unicasts it to the DHCP server and awaits the response, which it will then send back to the requesting client

*A DHCP relay agent receives a broadcast DHCPDISCOVER message from a host and sends a unicast DHCPDISCOVER to a remote DHCP Server.

*DHCP packet format

*

*

*

*Hardware address length (HLen): 8 bitsHop count (Hops): 8 bitsused by relay agentsTransaction ID (Xid): 32 bitsa random number chosen by the clientused by the client and server to associate messages and responses between a client and a serverNumber of seconds (Secs): 16 bitsthe elapsed time in seconds since the client began an address acquisition or renewal processFlags: 16 bitsdefined in RFC 1542B (Broadcast): 1 bit

*

Client IP address (ciaddr): 32 bitsYour IP address (yiaddr): 32 bitsServer IP address (siaddr): 32 bitsGateway IP address (giaddr): 32 bitsClient hardware address (chaddr): 16 bytes

*Server host name (sname): 64 bytesBoot filename (file): 128 bytesBOOTP/DHCP options: variable lengththe first four bytes contain the (decimal) values 99, 130, 83 and 99the remainder of the field consists of a list of tagged parameters that are called optionsall of the vendor extensions used by BOOTP are also DHCP options

*3.2.8 Error Reporting (ICMP)Internet Control Message Protocol (ICMP)defines a collection of error messages that are sent back to the source host whenever a router is unable to process an IP datagram successfullyICMP segment structure

*ICMP header (starts at bit 160 of the IP header)TypeICMP type as specified aboveCode (see the following table)further specification of the ICMP typee.g. an ICMP Destination Unreachable might have this field set to 1 through 15 each bearing different meaningChecksumcontains error checking data calculated from the ICMP header+data, with value 0 for this field

*IDcontains an ID value, should be returned in case of ECHO REPLYSequencecontains a sequence value, should be returned in case of ECHO REPLY

*List of permitted control messages (incomplete list)

*

*

*3.2.9 Virtual Networks and TunnelsVirtual Private Network (VPN)a more controlled connectivitycorporations with many sites often build private networks by leasing transmission lines from the phone companies and using those lines to interconnect sitescommunication is restricted to take place only among the sites of that corporation, which is often desirable for security reasonsto make a private network virtual, the leased transmission lines - which are not shared with any other corporations -would be replaced by some sort of shared network

An example of virtual private networks: (a) two separate private networks; (b) two virtual private networks sharing common switches.

*In the above figure Frame Relay or ATM network is used to provide the controlled connectivity among siteslimited connectivity of a real private network is maintainedIP Tunnela virtual point-to-point link between a pair of nodes that are actually separated by an arbitrary number of networks

*A tunnel through an internetwork (the change in encapsulation of the packet as it moves across the network)

*A tunnel has been configured from R1 to R2 and assigned a virtual interface number 0The forwarding table in R1 might therefore look like the following tableR1 has two physical interfacesinterface 0 connects to network 1interface 1 connects to a large internetwork and is thus the default for all traffic that does not match something more specific in the forwarding table

*R1 has a virtual interface, which is the interface to the tunnelsuppose R1 receives a packet from network 1 that contains an address in network 2the forwarding table says this packet should be sent out virtual interface 0in order to send a packet out this interface, the router takes the packet, adds an IP header addressed to R2, and then proceeds to forward the packet as it had just been receivedR2s address is 10.0.0.1since the network number of this address is 10, not 1 or 2, a packet destined for R2 will be forwarded out the default interface into the internetwork

*Forwarding table for router R1

NetworkNumNextHop1Interface 02Virtual interface 0DefaultInterface 1

*3.3 Routing3.3.1 Network as a Graph3.3.2 Distance Vector (RIP)3.3.3 Link State (OSPF)3.3.4 Metrics

*Routea way or course taken in getting from a starting point to a destinationsend or direct along a specified courseRoutingfind the path or course of forwarding according to information contained in packet (destination)Difference between network-layer and link-layerformat of forwarding table way of updating the table

*Link-layerForwarding tablemapping from destination physical address (MAC address) to port of forwardingUpdate of the tablemanually configured

*IP (Network) LayerForwarding tablemapping from destination network id (NetNum) to next-hop (or interface) of forwardingUpdate the tablemanually configured (static route)dynamically learned from routing protocol

*Forwarding vs. RoutingForwardingtaking a packet looking at its destination address consulting a table sending the packet in a direction determined by that tablelocally done at a nodeRoutingthe process by which forwarding tables are builtdepends on a distributed algorithm

*Forwarding Table vs. Routing TableForwarding tableused when a packet is being forwarded and so must contain enough information to accomplish the forwarding functiona row in the forwarding table contains the mapping from a network number to an outgoing interface and some MAC information, such as the Ethernet address of the next hop

*Routing tablethe table that is built up by the routing algorithms as a precursor to building the forwarding tableit contains mappings from network numbers to next-hops (IP addresses)

*Example, in the following tablesthe routing table tells us that network number 10 is to be reached by a next hop router with the IP address 171.69.245.10the forwarding table contains the information about exactly how to forward a packet to that next hopsend it out interface number 0 with a MAC address of 8:0:2b:e4:b:l:2 (the last piece of information is provided by the Address Resolution Protocol)

*Example rows from (a) routing and (b) forwarding tables(a)(b)

Network NumberNext Hop10171.69.245.10

Network NumberInterfaceMAC address10if08:0:2b:e4:b:1:2

*3.3.1 Network as a Graph

*Basic problem of routingfind the lowest-cost path between any two nodes, where the cost of a path equals the sum of the costs of all the edges that make up the path

*Solutionrouting is achieved in most practical networks by running routing protocols among the nodesthese protocols provide a distributed, dynamic way to solve the problem of finding the lowest-cost path in the presence of node or link failureaddition of new node or new linkchanges of link costit is difficult to make centralized solutions scalable, so all the widely used routing protocols use distributed algorithms

*Elements of a routing protocollocal data structure the routing tableformat of messages for exchanging routing informationStatic vs. dynamic routingstaticmanually set forwarding tablenot adaptive to changes in network topology

*dynamicabstract: weighted graphvertex: router edge: linkweight: costcriterion: best path from source to destinationbest: path cost is minimummetrics for the costhop delayloss fee of charge

*staticdynamic

*3.3.2 Distance Vector (RIP)Distance-Vector Algorithm (Bellman-Ford Algorithm)each node constructs a one-dimensional array (a vector) containing the "distances" (costs) to all other nodes and distributes that vector to its immediate neighborsresponse when receiving an announcement from a neighborfor every entry in the announcement, store it ifthe announced distance is shorter than what in the tablea better route is foundthe announcer is just the next-hop in the tablethe metric to destination has been changedotherwise discard it

*assumptioninitially, each node knows the cost of the link to each of its directly connected neighborsbroken links are assigned an infinite cost,

*Local data structurerouting tabledestinationcost to the destinationcorresponding next-hopTTL (Time to Live) of the route

*Messages exchanged among verticesDistance Vector (DV)C[n]: distance (cost) from current vertex to the destination vertex, n periodically announced to all the neighborsDV is telling neighbors how far I am to all the others

*Distance Vector AlgorithmIn this examplethe cost of each link is set to 1a least-cost path is simply the one with the fewest hops

*Initial State

Destination YNode Xs Routing Table: Cost / Next-HopAsBsCsDsEsFsGsA01/A1/A1/A1/AB1/B01/BC1/C1/C01/CD1/D01/DE1/E0F1/F01/FG1/G1/G0

*As routing tableBACDEFGDistance Vector sent by A

Destination YCost/ Next-HopABCDEFG0/1/B1/C2/C1/E1/F2/F

*After One Step

Destination YNode Xs Routing Table: Cost / Next-HopAsBsCsDsEsFsGsA01/A1/A2/C1/A1/A2/FB1/B01/B2/C2/A2/AC1/C1/C01/C2/A2/A2/DD2/C2/C1/D02/G1/DE1/E2/A2/A02/AF1/F2/A2/A2/G2/A01/FG2/F2/D1/G1/G0

*After Two Stepsconvergence: no more changes when getting further announcement

Destination YNode Xs Routing Table: Cost / Next-HopAsBsCsDsEsFsGsA01/A1/A2/C1/A1/A2/FB1/B01/B2/C2/A2/A3/FC1/C1/C01/C2/A2/A2/DD2/C2/C1/D03/A2/G1/DE1/E2/A2/A3/C02/A3/FF1/F2/A2/A2/G2/A01/FG2/F3/C2/D1/G3/A1/G0

*Two different circumstances for a node to send a routing update to its neighborsperiodic updateeach node automatically sends an update message every so often, even if nothing has changedtriggered updatehappens whenever a node receives an update from one of its neighbors that causes it to change one of the routes in its routing tablei.e., whenever a node's routing table changes, it sends an update to its neighbors, which may lead to a change in their tables, causing them to send an update to their neighbors

*Link FailuresExample 1 (stable)F detects that link to G has failedF sets distance to G to infinity and sends update to A [F(G, , G)]A sets distance to G to infinity since it uses F to reach G [A(G, , F)]-------------------------------------------------------------------------A receives periodic update from C with 2-hop path to G A sets distance to G to 3 and sends update to F [A(G, 3, C)]F decides it can reach G in 4 hops via A [F(G, 4, A)]Pattern(Dest, Cost, NextHop)

*Example 2 (count to infinity)link from A to E failsA advertises distance of infinity to E [A(E, , E)]B and C advertise a distance of 2 to E [B(E, 2, A)] [A(E, 3, B)][C(E, 2, A)][A(E, 3, C)]B hears that E can be reached in 2 hops from CB decides it can reach E in 3 hops; advertises this to A [B(E, 3, C)]A decides it can reach E in 4 hops; advertises this to C [A(E, 4, B)]C decides that it can reach E in 5 hops [C(E, 5, A)]

*Loop-breaking heuristics (partial solutions)set infinity to 16split horizonsplit horizon with poison reverse

*Solution-1 (set infinity to 16)use some relatively small number as an approximation of infinity, which at least bounds the amount of time that it takes to count to infinityexample, set the maximum number of hops to get across a certain network is never going to be more than 16 (set 16 to be infinity value)drawbackproblem occurs if our network grew to a point where some nodes were separated by more than 16 hops

*Solution-2 (split horizon)when a node sends a routing update to its neighbors, it does not send those routes it learned from each neighbor back to that neighborexample, if B has the route (E, 2, A) in its table, then it knows it must have learned this route from A, and so whenever B sends a routing update to A, it does not include the route (E, 2, A) in that update

*Solution-3 (split horizon with poison reverse)(B actually sends that route back to A, but it puts negative information in the route to ensure that A will not eventually use B to get to E)Let B be a neighbor of Aif in the routing table of B, the next hop entry for destination Z is A, B informs A that its distance to Z is infinite [B(Z, cost, A) A(Z, , B)]

*Solution 2 & 3 only work for routing loops that involve two nodesexample, for larger routing loops if B and C had waited for a while after hearing of the link failure from A before advertising routes to Ethey would have found that neither of them really had a route to E

(,E)(4,C)ABCDGFE(,-)(3,B)(,-)(3,F)

*Routing Information Protocol (RIP)A DV (Distance Vector) routing protocolRather than advertising the cost of reaching other routers, the routers advertise the cost of reaching networksexample, in the following figure, router C would advertise to router A the fact that it can reachnetworks 2 and 3 at cost 0 [C(Net2, 0, Net2)C(Net3, 0, Net3)]networks 5 and 6 at cost 1 [C(Net5, 1, Net3)C(Net6, 1, Net3)]network 4 at cost 2 [C(Net4, 2, Net3)]

*Example network running RIP

*RIP packet formatthe majority of the packets is taken up with (network-address, distance) pairsexampleif router A learns from router B that network X can be reached at a lower cost via B than via the existing next hop in the routing table, thenA updates the cost and next hop information for the network number accordingly

*RIP packet format

*RIPa fairly straightforward implementation of distance-vector routingrouters running RIP send their advertisements every 30 secondsa router also sends an update message whenever an update from another router causes it to change its routing table

*metrics or costs for routingall link costs being equal to 1always try to find the minimum hop routevalid distances are 1 through 15, with 16 representing infinity (this limits RIP to running on fairly small networks-those with no paths longer than 15 hops)

*3.3.3 Link State (OSPF)Distance-Vector approachtell neighbors where I can go, and how farLink-State approachtell all which neighbors I havekeyreliable dissemination of link-state informationcalculation of routes from sum of link-state knowledge

*Link-state routingthe second major class of intradomain routing protocolassumptionseach node is assumed to be capable of finding out the state of the link to its neighbors (up or down) and the cost of each link

*basic ideaevery node knows how to reach its directly connected neighbors, and if we make sure that the totality of this knowledge is disseminated to every node, then every node will have enough knowledge of the network to build a complete map of the networklink-state routing protocols rely on two mechanismsreliable dissemination of link-state informationcalculation of routes from the sum of all the accumulated link-state knowledge

*Link-State Message Data StructureLSP (Link-State Packet)an update packet created by each nodeinformation for route calculationthe ID of the node that created the LSPa list of directly connected neighbors of the node, with the cost of the link to each one

*information for reliabilitya sequence numberensure having the most recent copyreset to zero when routing process restarted a time to live (TTL) for this packettoooooold packets are discarded

*Reliable FloodingSend local LSP out on all of its directly connected links Each node receiving the LSP forwards it out on all of its linksstores each nodes recent LSPforwards LSP to neighbors except the sender itselfmakes confirmation and retransmission with neighbors

*The following figure shows an LSP being flooded in a small networkeach node becomes shaded as it stores the new LSP(a) the LSP arrives at node X, which sends it to neighbors A and C(b) A and C do not send it back to X, but send it on to B(c) B receives two identical copies of the LSP, it will accept whichever arrived first and ignore the second as a duplicate(d) B passes the LSP onto D, who has no neighbors to flood it to, and the process is complete

*

*New LSP GenerationTwo circumstances to generate new LSPexpiry of a periodic timerwith period in tens minutes change in topologydirectly connected links go downdetected by link-layer protocolsimmediate neighbors go downdetected by periodic hello message

*Calculation of RouteDijkstras Shortest Path AlgorithmNotationsN: vertex set of the graphl: l(i, j) is the (non-negative) cost of the edge (i, j) s: current vertexM: set of ever calculated verticesC(n): cost of path from s to n

*Calculate a minimum-cost tree from s

M = {s}for each n in N-{s}C(n) = l(s,n)while (N != M)M = M union {w} such that C(w) is the minimum for all w in (N-M)for each n in (N-M)C(n) = MIN(C(n),C(w)+l(w,n))

*In practice, each switch computes its routing table directly from the LSPs it has collected using a forward search approach for Dijkstris algorithmeach switch maintains two lists, known as Tentative and Confirmed.each of these lists contains a set of entries of the form (Destination, Cost, NextHop)

*Forward Search Approach for Dijkstra Algorithm1. Initialize the Confirmed list with an entry for myself; this entry has a cost of 0.2. For the node just added to the Confirmed list in the previous step, call it node Next, select its LSP3. For each neighbor (Neighbor) of Next, calculate the cost (Cost) to reach this Neighbor as the sum of the cost from myself to Next and from Next to Neighbor(a) If Neighbor is currently not on either the Confirmed or the Tentative list, then add (Neighbor, Cost, NextHop) to the Tentative list, where NextHop is the direction I go to reach Next(b) If Neighbor is currently on the Tentative list, and the Cost is less than the currently listed cost for Neighbor, then replace the current entry with (Neighbor, Cost, NextHop), where NextHop is the direction I go to reach Next4. If the Tentative list is empty, stop. Otherwise, pick the entry from the Tentative list with the lowest cost, move it to the Confirmed list, and return to step 2

*ExampleLink-state routing: an example network

(B, 11, B) (C, 2, C)(B, 5, C) (A, 12, C)(A, 10, C)

*Open Shortest Path First Protocol (OSPF)OSPFone of the most widely used link-state routing protocolsOpen: refers to the fact that it is an open, nonproprietary standard, created under the auspices of the IETFSPF: comes from an alternative name for link-state routing

*OSPF adds the following features to the basic link-state algorithmauthentication of routing messagesadditional hierarchyOSPF introduces another layer of hierarchy into routing by allowing a domain to be partitioned into areasa router within a domain does not necessarily need to know how to reach every network within that domain, but know only how to get to the right areathis reduces the amount of information that must be transmitted to and stored in each node

*load balancingOSPF allows multiple routes to the same place to be assigned the same cost and will cause traffic to be distributed evenly over those routes

*There are several different types of OSPF messages, but all begin with the same headerOSPF header formatVersion: 2Type: 1 through 5SourceAddr: identifies the sender of the messageAreaId: a 32-bit identifier of the area in which the node is located

Checksumthe entire packet, except the authentication data, is protected by a 16-bit checksum using the same algorithm as the IP headerAuthentication type0: no authentication is used1: a simple password is used2: a cryptographic authentication checksum is used*

*OSPF header format

*Five OSPF message typesType 1: "hello" message, which a router sends to its peers to notify them that it is still alive and connectedType 2~5: used to request, send, and acknowledge the receipt of link-state messagesBasic building block of link-state messages in OSPF is link-state advertisement (LSA)one message may contain many LSAs

*OSPF packet format for link-state advertisement (Type 1)

*OSPF link-state advertisement (LSA)Type 1 LSA: advertise the cost of links between routersType 2 LSA: advertise networks to which the advertising router is connectedLS Agethe equivalent of a time to live, except that it counts up and the LSA expires when the age reaches a defined maximum valueTypetells us that this is a type 1 LSA

*Link-state ID & Advertising routerin a type 1 LSA, these two fields are identicaleach carries a 32-bit identifier for the router that created this LSALS sequence numberdetect old or duplicate LSAsLS checksumverify that data has not been corruptedit covers all fields in the packet except LS Age

*Lengththe length in bytes of the complete LSALink ID, Link Data, & metriceach link in the LSA is represented by a Link ID, some Link Data, and a metricTOSallow OSPF to choose different routes for IP packets based on the value in their TOS field

*3.3.4 Metrics Original ARPANET metricmeasures number of packets queued on each linktook neither latency nor bandwidth into considerationNew ARPANET metricstamp each incoming packet with its arrival time (AT)record departure time (DT)when link-level ACK arrives, the node compute the packet delay Delay = (DT-AT) + Transmit + Latencyif timeout (ACK did not arrive), DT is reset to the time the packet was retransmitted link cost = average delay over some time period

3.4 Implementation and Performance3.4.1 Switch BasicsA very simple way to build a switchbuy a general-purpose workstation and equip it with a number of network interfacesrun suitable software to receive packets on one of its interfacesperform any of the switching functions send packets out another of its interfaces

A workstation used as packet switch

The figure shows a workstation with three network interfaces used as a switcha path that a packet might take from the time it arrives on interface 1 until it is output on interface 2

we assume DMA (Direct Memory Access)the workstation has a mechanism to move data directly from an interface to its main memory, i.e., direct memory access (DMA)once the packet is in memory, the CPU examines its header to determine on which interface the packet should be outit then uses DMA to move the packet out to the appropriate interfacethe packet does not go to the CPU because the CPU inspects only the header of the packet

Main problem with using a workstation as a switchits performance is limited by the fact that all packets must pass through a single point of contentionin the example shown, each packet crosses the I/O bus twice and is written to and read from main memory oncethe upper bound on aggregate throughput of such a device is, thus, either half the main memory bandwidth or half the I/O bus bandwidth, whichever is less (usually its the I/O bus bandwidth)

examplea workstation with a 133-MHZ, 64-bit wide I/O bus can transmit data at a peak rate of a little over 8 Gbps (= 133 220 64)since forwarding a packet involves crossing the bus twice, the actual limit is 4 Gbpsthis upper bound also assumes that moving data is the only problema fair approximation for long packetsa bad one when packets are shortthe cost of processing each packet- (1) parsing its header and (2) deciding which output link to transmit it on-is likely to dominate

example, a workstation can perform all the necessary processing to switch 1 million packets each second (packet per second (pps) rate)if the average packet is short, say, 64 bytesthroughput = pps (bits per packet) = 1 106 64 8 (bits per second) = 512 106 (bits per second)this 512 Mbps would be shared by all users connected to the switchexample, a 10-port switch with this aggregate throughput would only be able to cope with an average data rate of 51.2 Mbps on each port

To address this problema large array of switch designs that reduce the amount of contention and provide high aggregate throughputsome contention is unavoidableif every input has data to send to a single output, then they cannot all send it at onceif data destined for different outputs is arriving at different inputs, a well-designed switch will be able to move data from inputs to outputs in parallel, thus increasing the aggregate throughput

3.4.2 PortsA 4 4 switch

The 4 4 switch in the figure consists of ports (input ports and output ports)communicate with the outside worldcontain fiber-optic receivers and buffers to hold packets that are waiting to be switched or transmitted, and often a significant amount of other circuitry that enables the switch to functionswitch fabricwhen presented with a packet, deliver it to the right output portcontrol processor (at least one) in charge of the whole switch

Input portthe first place to look for performance bottleneckshas to receive a steady stream of packets, analyze information in the header of each one to determine which output port (or ports) the packet must be sent and pass the packet on to the fabricAnother key function of ports: bufferingit can happen in either the input or the output portit can also happen within the fabric (sometimes called internal buffering)

simple input buffering has some serious limitationsexample, an input buffer implemented as a FIFOas packets arrive at the switch, they are placed in the input bufferthe switch then tries to forward the packets at the front of each FIFO to their appropriate output portif the packets at the front of several different input ports are destined for the same output port at the same time, then only one of them can be forwarded; the rest must stay in their input buffers

Simple illustration of head-of-line blocking

drawback (head-of-line blocking)occurs at input bufferingthose packets left at the front of the input buffer prevent other packets further back in the buffer from getting a chance to go to their chosen outputsbufferingwherever contention is possibleinput port (contend for fabric)internal (contend for output port)output port (contend for link)

3.4.3 Fabrics Should be able to move packets from input ports to output ports with minimal delay and in a way that meets the throughput goals of the switchParallelisma high-performance fabric with n ports can often move one packet from each of its n ports to one of the output ports at the same time

Types of fabricshared busshared memorycrossbarself-routing

Shared busfound in a conventional workstation used as a switchthe bus bandwidth determines the throughput of the switch, high-performance switches usually have specially designed busses rather than the standard busses found in PCsShared memorypackets are written into a memory location by an input port and then read from memory by the output portsthe memory bandwidth determines switch throughput, so wide and fast memory is typically used in this sort of designit usually uses a specially designed, high-speed memory bus

Crossbara matrix of pathways that can be configured to connect any input port to any output portin their simplest form, they require each output port to be able to accept packets from all inputs at once

A 4 4 crossbar switches

Self-routingrely on some information in the packet header to direct each packet to its correct outputusually a special self-routing header is appended to the packet by the input port after it has determined which output the packets needs to go tothis extra header is removed before the packet leaves the switchself-routing fabrics are often built from large numbers of very simple 22 banyan switching fabrics

A self-routing header is applied to a packet at input to enable the fabric to send the packet to the correct output, where it is removed (a) packet arrives at input port; (b) input port attaches self-routing header to direct packet to correct output (c) self-routing header is removed at output port before packet leaves switch

Banyan Networkconstructed from simple 2 x 2 switching elementsself-routing header attached to each packetelements arranged to route based on this headerlook at 1 bit in each self-routing headerroute packets toward the upper output if it is zero or toward the lower output if it is one

if two packets arrive at the same time and both have the bit set to the same value, then they want to be routed to the same output and a collision will occurthe banyan network routes all packets to the correct output without collisions if the packets are presented in ascending order

Routing packets through a banyan network. The 3-bit numbers represent values in the self-routing headers of four arriving packets.

**********************************************************************************************************************************************************Precursor;************************************************Auspice;***Cryptographic********The ARPANET, developed by DARPA of the United States Department of Defense, was the world's first operational packet switching network, and the predecessor of the global Internet.