Network Layer (4)

Classless Addressing• Addresses allocated in contiguous blocks

– Number of addresses assigned always power of 2• Network portion of address is of arbitrary

length• Address format: a.b.c.d/x

– x is number of bits in network portion of address

11001000 00010111 00010000 00000000

networkpart

hostpart

200.23.16.0/23

Classless addressing

• Example. – Cambridge 194.24.0.0/21 194.24.0.0 -- 194.24.7.255– Edinburgh 194.24.8.0/22 194.24.8.0 -- 194.24.11.255 – (Available) 194.24.12.0/22 194.24.12.0 -- 194.24.15.255 – Oxford 194.24.16.0/20 194.24.16.0 -- 194.24.31.255

223.1.1.1

223.1.1.2

223.1.1.3

223.1.1.4 223.1.2.9

223.1.2.2

223.1.2.1

223.1.3.2223.1.3.1

223.1.3.27

LAN

first 24 bits are network address

IP Addressing

IP Addressing

223.1.3.2223.1.3.1

223.1.3.27

223.1.1.1

223.1.1.3

223.1.1.4

223.1.2.2223.1.2.1

223.1.2.6

223.1.1.2

223.1.7.0

223.1.7.1223.1.8.0223.1.8.1

223.1.9.1

223.1.9.2

Interconnected system consisting

of six networks

CIDR

• A router keeps routing table with entries– IP address, 32-bit mask, outgoing line

• When an IP packet arrives, the router checks its routing table to find the longest match.

CIDR

• Example. – Cambridge 194.24.0.0/21 194.24.0.0 -- 194.24.7.255– Edinburgh 194.24.8.0/22 194.24.8.0 -- 194.24.11.255 – (Available) 194.24.12.0/22 194.24.12.0 -- 194.24.15.255 – Oxford 194.24.16.0/20 194.24.16.0 -- 194.24.31.255

• When a packet addressing to 194.24.17.1 arrives, where should it be sent to?

CIDR – Entry aggregation• How does a router

in Tallahassee route packet to C,E and O, assuming that he has only two outgoing links?

• All to New York.• Can he reduce the

size of his routing table?

C

E

O

N

TH

CIDR Entry Aggregation

• From 194.24.0.0 to 194.24.31.255, all to N.

• So aggregate the three entries into one 194.24.0.0/19.

• The N router can do the same thing.

C

E

O

N

TH

CIDR

• If later the free address space 194.24.12.0/22 194.24.12.0 -- 194.24.15.255 is assigned to Pittsburgh and has to go through Houston, what should the router at Tallahassee do?

C

E

O

N

TH

P

CIDR

• When a packet arrives addressing 194.24.15.8, the router checks the routing table and there will be two matches: 194.24.12.0/22 and 194.24.0.0/19. Pick the longest match.

NAT – Network Address Translation

• IP address is a scarce resource.• So, give a company only one or a few IP

addresses used by the gateway router.• Within the company, each machine has an

unique IP address, chosen from – 10.0.0.0/8– 172.16.0.0/12– 192.168.0.0/16– These addresses can only appear within a company

but never on the outside Internet

NAT

• Whenever a machine wants to send a packet to the outside, the packet will be sent to the NAT box.

• The NAT box will convert the internal IP address to the real IP address of the company, and pass the packet to the gateway router.

• When there is a packet destined for an internal machine arrived at the router, what should the router and NAT box do?

• For IP packets carrying TCP or UDP, use port number. Other protocols are much more compliated.

NAT

• For IP packets carrying TCP or UDP, use port number.

• When an outgoing packet arrives at the NAT box, – The IP address is replaced – The source port number is replaced – Header checksum is recomputed

• When a reply came for this process, use the replaced source port number as index to find the correct IP address and original port number.

ICMP• ICMP – Internet Control Message Protocol• Each ICMP message is encapsulated in an IP

packet– Treated like any other datagram, but no error

message sent if ICMP message causes error• Some interesting messages:

– Time exceeded: When an IP packet arrived at a router is dropped because the TTL field becomes 0, the router will send an ICMP TIME EXCEEDED message back to the source. Used in traceroute.

– Echo and Echo reply: ping.

Computer Science, FSU 16

Address Resolution

• IP address is virtual– Not understood by underlying the hardware of physical networks

• IP packets need to be transmitted by the underlying physical network

• Address resolution– Translating IP address to physical address– Address Resolution Protocol (ARP)

Computer Science, FSU 17

ARP Example

Computer Science, FSU 18

ARP Cache

• Each computer maintains a cache table– IP address hardware address mapping– Only about computers on the same network

• Exchanges ARP messages– To resolve IP addresses with unknown hardware

addresses

Computer Science, FSU 19

ARP Protocol• When a node sends an IP packet

– To another node on the same physical network

• Look up destination address in the ARP table• If not found

– Broadcast a request to the local network– Whose IP address is this?

Computer Science, FSU 20

ARP Response

• The target node responds to sender (unicast?)– With its physical address– Adds the requester into its ARP table (why?)

• On receiving the response– Requester updates its table

• Other nodes upon receiving the request– Refresh the requester entry if already there– No action otherwise (why?)

• Table entries deleted if not refreshed for a while

DHCP

• DHCP – Dynamic Host Configuration Protocol• A new machine asks for an IP address

– Broadcast DHCP DISCOVER packet– A DHCP relay agent got this packet and relay it to

the DHCP server– The DHCP server assigns an IP address– Periodically renew

Hierarchical Routing

• aggregate routers into regions, “autonomous systems” (AS)

• routers in same AS run same routing protocol– “intra-AS” routing protocol– routers in different AS can run

different intra-AS routing protocol

• special routers in AS• run intra-AS routing

protocol with all other routers in AS

• also responsible for routing to destinations outside AS– run inter-AS routing

protocol with other gateway routers

gateway routers

Intra-AS and Inter-AS routing

Gateways:•perform inter-AS routing amongst themselves•perform intra-AS routing with other routers in their AS

inter-AS, intra-AS routing in

gateway A.c

network layer

link layer

a

b

b

aaC

A

Bd

A.aA.c

C.bB.a

cb

c

Inter-AS routingbetween A and B

Intra-AS and Inter-AS routing

Host h2a

b

b

aaC

A

Bd c

A.aA.c

C.bB.a

cb

Hosth1

Intra-AS routingwithin AS A

Intra-AS routingwithin AS B

Why different Intra- and Inter-AS routing ?

Policy: • Inter-AS: admin wants control over how its traffic

routed, who routes through its net. • Intra-AS: single admin, so no policy decisions neededScale:• hierarchical routing saves table size, reduced update

trafficPerformance: • Intra-AS: can focus on performance• Inter-AS: policy may dominate over performance

Intra-AS Routing• Also known as Interior Gateway Protocols (IGP)• Most common IGPs:

– RIP: Routing Information Protocol– OSPF: Open Shortest Path First– IGRP: Interior Gateway Routing Protocol (Cisco

proprietary)

OSPF

• Represents the network as a graph, and runs the shortest path algorithm to find the path to any router.

• Divide the network into areas for scalability. – The backbone area is called area 0– Within one area, a router has the same link state

database as all other routers. Routers belonging to two areas keeps two databases. Link state in one area is not told to other areas.

– Route: local area backbone local area

OSPF

• Each router knows the shortest path to reach routers within his area.

• Backbone routers also accept information from area border routers to compute the shortest path to reach other routers. Then advertise this information to the border routers, who tells routers inside the area. – To be able to select the best exit router in an area

OSPF

• To learn the link state, use flooding – Inefficient to talk to every router on the same LAN– So, select a designated router and let it to be

adjacent to all other routers on the same LAN. Only exchange link state between the adjecent routers

• Messages include– HELLO, LINK STATE UPDATE, LINK STATE ACK,

DATABASE DESCRIPTION, LINK STATE REQUEST

Inter-AS routing

Internet Inter-AS routing: BGP

• BGP (Border Gateway Protocol): the de facto standard• Path Vector protocol:

– similar to Distance Vector protocol– each Border Gateway broadcast to neighbors

(peers) entire path (I.e, sequence of ASs) to destination

– E.g., Gateway X may send its path to dest. Z:

Path (X,Z) = X,Y1,Y2,Y3,…,Z

Internet Inter-AS routing: BGP

• BGP messages exchanged using TCP.• BGP messages:

– OPEN: opens TCP connection to peer and authenticates sender

– UPDATE: advertises new path (or withdraws old)– KEEPALIVE keeps connection alive in absence of

UPDATES; also ACKs OPEN request– NOTIFICATION: reports errors in previous msg;

also used to close connection

Internet Inter-AS routing: BGP

Suppose: gateway X send its path to peer gateway W• W may or may not select path offered by X

– cost, policy (don’t route via competitors AS), loop prevention reasons.

• If W selects path advertised by X, then:Path (W,Z) = W, Path (X,Z)

• Note: X can control incoming traffic by controlling its route advertisements to peers:

– e.g., don’t want to route traffic to Z don’t advertise any routes to Z

BGP: an example

NLRI=128.186.0.0/16ASPATH=[0]

128.186.0.0/16

NLRI=128.186.0.0/16ASPATH=[10]

NLRI=128.186.0.0/16ASPATH=[10]

NLRI=128.186.0.0/16ASPATH=[210]

NLRI=128.186.0.0/16ASPATH=[610]

NLRI=128.186.0.0/16ASPATH=[610]

NLRI=128.186.0.0/16ASPATH=[210]

NLRI=128.186.0.0/16ASPATH=[7610]

NLRI=128.186.0.0/16ASPATH=[4210]

NLRI=128.186.0.0/16ASPATH=[3210]

[3210]*[4210][7610]

BGP• Line FG goes down.• Node F wants to

find path to D.– B: BCD– E: EFGCD– I: IFGCD

• F can quickly decide to ignore the paths from I and E.

AG

F

EI J

H

DC

B

Virtual Circuit

• Destination information is large and the table is large – Consider 32 bit IP address. A full table will have 4G

entries. • If an IP packet is 1250 byte long and the link speed is

10Gbps, how much time do you have for this lookup?• (1. You don’t have to implement the full table. 2. You

can also use pipeline.)

Virtual Circuit• Circuit means a path between the source and the

destination. • Real circuit switching has a physical path set up between

the source and the destination, like telephone network– When you dial, a request is sent to the network, network finds if

there are free links on the path and reserve that link for you.• Virtual circuit is different – used in packet switching

networks. – No real path set up, because it is packet switching (although link

bandwidth can be reserved). – But still has the connection phase. The purpose is to let the

routers know how to route the packets of this virtual circuit.

Virtual Circuits• When setting up the virtual

circuit, a VC identifier is picked. The router knows where to forward a packet with a certain VC identifier.

• Each packet will carry the VC identifier, which is much shorter than the full destination address, so allows more efficient table lookup.

• Resources can also be reserved. QoS.

• A practical problem in a distributed environment – different stations may pick the same VC identifier.

• Labels can be swapped without causing confusion.

B

E

F

D

CA

H1

H2

A’s TableIn OutH1, 1 C, 1H2, 1 C, 2

H3

C’s TableIn OutA, 1 E, 1A, 2 D, 1