virtualizacion red

7/22/2019 Virtualizacion Red

1/111

Networks &Virtualization

Hub, Bridgeand Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Networks & Virtualization

Jose L. MuozTelematics Engineering

Universitat Politcnica de Catalunya (UPC)

1/111


2/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Outline

1 Hub, Bridge and Switch

2 Routers

3 Servers

4 Unix Boxes

5 Virtualization

2/111


3/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Outline1 Hub, Bridge and Switch

Hub

BridgeSwitch

2 Routers

Motivation

Internet

AddressesSending Packets: Routing Basics

Receiving Packets

More About Addresses

3 Servers

4 Unix Boxes

Intro

Rings

System Calls

Network API5 Virtualization

3/111


4/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

The Hub I

First generation of Ethernet uses a bus and CSMA-CD

for multiple access. Bus Coaxial:

Another physical medium: copper twisted pair cable.

4/111


5/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

The Hub II

Preamble

S

F

D

Dest.

Address

Source

AddressL/T MAC user data FCS

Transmission order

(Bytes) 7 1 6 6 2 46 - 1500 4

7 x (10101010) (10101011)CRC of 32 bits

CRC com!tation

802.3/DIX Frame

The medium is a single link bus (coaxial cable).

The transmission of frames is asynchronous and aManchester line code is used to transmit each symbol (inthis case symbol=bit).

Multiple stations are allowed to be connected to the link(multi-point) and the MA is based on CSMA-CD.

Each station is identified by a MAC address of 6 bytes (48bits).

There is a 2-byte (16 bits) field (T/L) for multiplexing MAC

users.5/111


6/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

The Hub III

For two stations? crossover cable.

Crossover cabletx

rx

Ethernet

Card

For more stations?

First approach: a hub to keep the bus and CSMA-CD.

6/111


7/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

The Hub IV

tx

rx

tx

rx

tx

rx

tx

rx

Port 1

Port 2

Port 3

Port 4

Can we improve the performance of a Bus?

7/111


8/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools


Hub

BridgeSwitch

2 Routers

Motivation

Internet


Receiving Packets


3 Servers

4 Unix Boxes

Intro

Rings

System Calls

Network API5 Virtualization

8/111


9/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Bridge Concept

The idea is to separate collision domains.

However, take into account that this idea is going to

break the concept one MAC for one link.

We are going to develop a data link layer network

capable of managing different links.

9/111


10/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Bridge Model

Tp Tx

Qwest Q

east

QeastQwest

Tx Tp

WestEast

A bridge is not a physical device like the hub because thebridge processes the frames: makes store and forwardanalyzing the destination address of each frame:

If the destination MAC address belongs to the same collision domainof the incoming port, the bridge drops the frame. If the destination MAC address belongs to the other collision domain,

the bridge sends the frame through the other port.

Question: how does the bridge know which MAC addressesbelong to each collision domain?

10/111


11/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

MAC Learning and forwarding I

Ethernet uses an algorithm called MAC learning. MAC learning is transparent since it does not require

signaling, feedback or coordination with other devices.

The bridge learns mappings between MAC addresses andcollision domains by observing the source address of each

received frame. When a MAC address is not included in the MAC table, the

frame is always transmitted to the other collision domain.

But when a MAC has been learned, the frame onlytransmitted to the other collision domain if destination MAC

of the frame is mapped there.11/111


12/111



Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

MAC Learning and forwarding II

In our example,

When A sent the frame, the bridge learned that theMAC of A is in the west collision domain. Later, when B sends a frame to A, this frame is not

transmitted through the east port because the bridgeknows that the MAC of A is in the west domain.

Notice that when B sends the frame to A, the bridgelearns that B is also in the west collision domain.

12/111


13/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

MAC Learning and forwarding III

The MAC address table is in fact a switching tablethat

is populated with the MAC learning algorithm.

The MAC table is a switch that is set to:

On(send) when the destination MAC address of theframe is mapped in the other collision domain.

Off(drop) when the destination MAC address of the

frame is mapped in the same collision domain. In this context, forwarding can be used as synonym of

switching.

Notice that the MAC learning algorithm runs as an

uncoordinated processin each bridge1, in the sense

that the algorithm does not require any coordination

with other network devices.

1As we will see, among other reasons, this lack of coordination of the

MAC learning makes it not scalable for big networks. As we will see, a

global coordinated process (routing) will be necessary for such networks.13/111


14/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools


Hub

BridgeSwitch

2 Routers

Motivation

Internet


Receiving Packets


3 Servers

4 Unix Boxes

Intro

Rings

System Calls

Network API5 Virtualization14/111

N k


15/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Switch Concept I

Extending the concept of bridge to a device with more

than two ports, we arrive to the concept of switch. Simply stated,a switch is a multi-port bridge.

MAC Address Table

Port1 Port2 Port3 Port4 Port5

A

When the switch receives a frame with an unknownMAC, it maps the MAC to the port and sends the frame

for all its ports except through the incoming port.

When a MAC is learned, the frame is sent only to the

associated port.

15/111

N t k &


16/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Switch Concept II

In the example, D responds to A sending a new frame.

As we can observe, with this frame, the switch learns

that D is place in port 4.

On the other hand, now the switch only sends the

frame to port 1, which is the port in which we previously

mapped the MAC address of A.

MAC Address Table

Port1 Port2 Port3 Port4 Port5

A D

16/111

Networks &


17/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Implementation of a Switch I

Next, we describe a possible simplified implementationof a switch with 4 ports full-duplex of 10 Mpbs:

We use a CPU to process the frames and to managethe MAC Address Table.

Queues are used in each port for buffering incoming

and outgoing frames. The switching capacity required is: 4 ports X 10 Mbps X2 (full-duplex) = 80 Mbps

To implement this switching capacity, we use an internalshared bus of 40 Mbps. This bus is usually called backplane.

In this example, we manage the back plane bus withTDM deterministic multiplexing using four time slots.

Then, each port can switched with another port everyfour time slots at a rate of 40Mbps.

17/111

Networks &


18/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Implementation of a Switch II

Notice that with this design, finally, we obtain a switch of

4 ports without collisions, at a rate of 10Mpbs, that canbe used for a full-duplex communication.

1

Back plane CPU

MACAddressTable

2 3 4

Simplified architecture of a switch

1

Switch

2 3 4

18/111

Networks &


19/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Data Link Layer Networks I

The next step is to build a data link layer network by

interconnecting several L2 switches.

Switch 1. MAC Address Table

Por t1 Por t2 Por t3 Port4 Port5

A


Port1 Por t2 Por t3 Port4 Port5

A


Port1 Por t2 Port3 Port4 Port5

A

19/111

Networks &


20/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Data Link Layer Networks IISwitch 1. MAC Address Table

Por t1 Por t2 Por t3 Po rt 4 Po rt 5

A


Po rt 1 Por t2 Por t3 Port 4 Po rt 5

A

G


Port 1 Por t2 Po rt 3 Port 4 Port 5

G A

Once all the MAC addresses have been learned,broadcasting is not used any more and the frame follows isforwarded using the switching table (MAC address table).

There are not collisions because the frames are alwaystransmitted alone (through cables or back planes).

20/111

Networks &


21/111



Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

L2 Broadcast I

A frame with a broadcast address as destination means that

the frame is addressed to all the stations in the L2 switchednetwork.

The broadcast MAC address is FF:FF:FF:FF:FF:FF.


Port1 Port 2 Port3 Port 4 Port5

A B C F

D G

E


Port1 Port 2 Port3 Port 4 Port5

C D E A

B

F

G


Port1 Port2 Port3 Port 4 Port5

F G A

B

C

D

E

21/111

Networks &


22/111

Virtualization


Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

L2 Broadcast II

When a switch receives a frame with a broadcast address, it

sends the frame through all its ports except through theincoming port (idem as in MAC learning).

However, you should not overuse broadcast.

To you show why, lets consider the following example:

Let us consider that we have an Ethernet network with

20 stations (hosts) built with a full-duplex switch of 20ports.

We are going to consider unicast and broadcast traffic. We will make the assumption that each station sends

exactly the same bit rate to the other stations and that

all the stations also send exactly the same bit rate. Under these conditions, we want to find the maximumsustained bit rate (A.K.A maximum bit rate in thesteady state) that a station can send without causingbuffer overflows.

22/111

Networks &


23/111

Virtualization


Hub

BridgeSwitch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

L2 Broadcast III

We define [kbps] as the total maximum bit rate that a portcan generate in the steady state without causing bufferoverflow.

We want to calculatefor the following cases:

a) The stations are connected with a 10 Mbps full-duplexEthernet switch of 20 ports. For each station, the 100% of itstraffic is unicast.

b) The stations are connected with a 10 Mbps full-duplexEthernet switch of 20 ports. For each station, the 90% of itstraffic is unicast and a 10% is broadcast.

23/111

Networks &


24/111

Virtualization


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

L2 Broadcast IV

a) The incoming traffic to a certain port Y has to be 10 Mbps.Then:

/19

Unicast XY

19

Ports X=Y

= 10 Mbps

= 10 Mbps;/19 = 526.32 Kbps

b) Broadcast is a limiting factor because it generates traffic in thereception of all the ports of the switch. The equation is that allthe incoming traffic into a certain port Y has to be 10 Mbps.Therefore:0.9/19

Unicast XY

19

Ports X=Y

+ 0.1

Broadcast X

19

Ports X=Y

= 10 Mbps

= 3.5714 Mbps; /19 = 187.97 Kbps

24/111

Networks &Vi li i


25/111

Virtualization


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Outline


2 Routers

3 Servers

4 Unix Boxes

5 Virtualization

25/111

Networks &Vi t li ti


26/111

Virtualization


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools


Hub

BridgeSwitch

2 Routers

Motivation

Internet


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API

5 Virtualization26/111



27/111

Virtualization


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Why a Network Layer?

Simply stated, we need a network layer to

interconnect links and data link networks. L1/L2 technologies:

Do not provide universal interconnection:There are multiple data link technologies with differentframe formats, address formats, etc.

Do not scale well:For example, MAC address organization and MAClearning in Ethernet are not designed to scale tonetworks with millions of interconnected devices.

We need a new layer that hides to the user the

underlying details and formats of each particular L2implementation, while providing global communications.

The design of this layer must be scalable, effectively

supporting much more than millions of interconnected

devices.

27/111



28/111

Virtualization


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools


Hub

BridgeSwitch

2 Routers

Motivation

Internet


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API




29/111

Virtualization


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Network Interconnection:

Internet

The network layer (or layer 3) makes it possible to

create aunique logical networkmade of multiple

data link layer technologies.

This logical network is called the interconnection

network, internetwork or Internet. To identify each network device in the Internet, L3

defines logical addresses.

L3 addresses are a separate address space from

MAC (L2) addresses. When a user utilizes the network layer, the user only

must know the logical address (@L3) of the destination

device but not L2 parameters like the MAC address.

29/111


C


30/111

Virtualization


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Internet Communications

1 Logical Addresses

The sender musthave a logical address assignedtoits network device, also called Network Interface Card(NIC).

The sender must alsoknow the logical address thathas been assigned to the destination device.

2 Interconnection

There must be a path maybe crossing several links anddata link networks that interconnects the source and thedestination.

3 Routers

There must be nodes to transfer L3 PDUs (packets)from one link or data link network to another.

These nodes are known as Internet gateways,Internet routers or simply routers.

Routers must be configured to properly route networkpackets.

30/111


E l i f IP P k


31/111

Virtualization


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Encapsulation of IP Packets

The network layer PDUs are known as datagrams,network packets, IP packets or simply packets.

IP packets are formed taking data from an L3 user,

adding the L3 overhead and sending the packet to L2 to

be encapsulated and then transmitted in a frame.

IP packets can be encapsulated over Ethernet MAC

(IPoEth) as:

31/111


Mi i I t t


32/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Mini Internet

Note. We will use @ to mean address.

32/111


O tli


33/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More AboutAddresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools


Hub

Bridge

Switch

2 Routers

Motivation

Internet


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API



L i l Ph @


34/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

VirtualizationIntroduction

User Mode Linux

UML Networks

Simtools

Logical vs. Phy @L2 Addresses

Thephysical addressis also called layer 2 address,

MAC address, link address or hardware address.

The physical address might have different formats in

different data link technologies (or even not use them).

In general, L2 addresses are not placed in the networkaccording to any specific policy (only must be unique

inside the link).

In Ethernet (and similar nets like WLAN), the @ has 6

bytes (e.g. 08:0B:F0:AF:DC:09). The @ MAC is hard-coded by the vendor in

the Ethernet NIC and in principle, it can not

be changed. tx

rx

@MAC

34/111


Logical vs Phy @


35/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Logical vs. Phy @L3 Addresses

Thelogical addressor layer 3 address is de facto the

IP address.

Network layer protocols different from IP are rarely

used today.

IP addresses are independent of any particularhardware or link technology and they uniquely and

universally identify a network device in the Internet.

An IP address is logically assigned to a NIC

(configured). In Unix-like OSes, you can use the

ifconfig command to configure @IP to

NICs. txrx

@MAC

OS

@IP

35/111


IP Address


36/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

IP Address

IP addresses are assigned following some grouping

policy or network addressing plan to be able toaggregate them in the routing process.

The most widely deployed version of the IP protocol isversion 4.

IPv4 addresses have 4 bytes.

The address space is 232 4300 millions of addresses. An example of a representation of an IPv4 address is:

192.168.1.7. This is the dotted decimal notation in which each byte is

represented between 0 and 255.

A configuration example of a IPv4 address in Unix:# ifconfig eth0 192.168.0.1

The next version of IP, version 6, expands this size to

128 bits.

36/111


Outline


37/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools


Hub

Bridge

Switch

2 Routers

Motivation

Internet


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API



Motivation


38/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Motivation

We want Internet routers to operate at wire speed.

Thus, a routing table with 4300 millions of entries

(one per IP address) is not practical.

IP routes packets using network addresses instead of

IP addresses to implement a scalable routing.

In Ethernet addresses are not organized.

In addition, Ethernet MAC learning is clearly not

scalable for millions of devices because it generates

broadcast all over the network.

This is the reason why Ethernet despite being the wiredlink technology most widely used, cannot be directly

deployed as universal network.

38/111


Network & Broadcast


39/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Network & Broadcast

Addresses I

To implement the network addressing plan, IP dividesthe address in two parts: a network number and a

device number.

NetID HostID NetID HostID

0 31

The portion of the IP address that identifies the network

is called theNetID.

The portion of the IP address that identifies a particular

device like host or a router is called the HostID. Let us consider that:

We have the IP address 192.168.0.1. The address division is 24/8: 24 bits for NetID and 8 bits

for HostID.

39/111


Network & Broadcast


40/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Network & Broadcast

Addresses II

Then, NetID=192.168.0 (24 bits) and hostID=1 (8 bits).

For IP routing, we do not directly use the NetID, but the

network address, which is a 32-bit string simply

constructed by concatenating 0s to the NetID.

In our example is the network address is 192.168.0.0.

Reserved HostIDs

HostID=0s is reserved for thenetwork address.

HostID=1s is reserved for thenetwork broadcast address.

In our example, 192.168.0.255 is thenetwork

broadcast address.

40/111


Addressing Plan


41/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Addressing Plan

To be scalable, IP provides an addressing plan or a way

of assigning IP addresses. The basic rule for assigning IP addresses is that:

IP Addressing Plan

All the devices of a data link must use IP addresses

with the same NetID.

In this way, we can aggregate for IP routing all the

devices that are near, i.e. in the same L2.

In our example, a router with a single entry for the

network 192.168.0.0 can route devices from192.168.0.1 to 192.168.0.254 (254 devices).

In addition, 192.168.0.255 can be used to send a

broadcast message to all the devices in the L2 network.

41/111


Features of IP Routing


42/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Features of IP Routing

IP uses theaddressing planmentioned to know if a

device is the local data link.

For devices that are not in a local link, IP uses a hop

by hoprouting mechanism: only need to know the next

node (next hop).

Users of a system only must know IP addresses but not

L2 parameters (like MAC address).

IP isscalablecompared with Ethernet because: Routing tables group addresses:

The amount of information that a router needs to keep is

proportional to the number of networks in the Internet,

not the number of devices.

Routers filter L2 traffic:

Routers only forward (route) IP packets between data

link networks. Frames which do not contain IP are not forwarded.

42/111


Sending Packets


43/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Sending Packets

43/111


Outline


44/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools


Hub

Bridge

Switch

2 Routers

Motivation

Internet


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API

5 Virtualization 44/111


Processing IP Packets


45/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Processing IP Packets

We already talked about how tosendpackets even to

not directly connected networks.

But, whenreceivingpackets, several questions arise:

What do we need to receive packets? How do we process received packets?

45/111


Outline


46/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools


Hub

Bridge

Switch

2 Routers

Motivation

Internet


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API



Private Communications


47/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

When globally routable addresses are not necessary, we canuse the private IP address space.

The private address space can be used simultaneously byany number of private networks.

Private addressing is not reserved for any specificorganization but anyone can use these addresses withoutapproval from a regional Internet registry (RIR).

Private networks are commonly used for home, office, and

enterprise local area networks (LANs).

However, private IP addresses cannot be used toidentify devices in the public network.

Usually, the public network is what we call the Internet

while private networks are called Intranets. 47/111


Network Address Translation


48/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

To connect a private network to the Internet, a solution is toreconfigure the private IP addresses by replacing them by

public IP addresses. Another solution is to use NAT (Network AddressTranslation).

NAT is typically performed by the router that connects theIntranet to the Internet.

The router that implements NAT must process the packetsand replace private addresses by public addresses.

There are several ways of implementing NAT. The most simple is static NAT, in which we have a public

address per each private address that we want to translate.

48/111


Names & Dynamic IPs


49/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

y

Dynamic IPs.

Nowadays it is not usual to manually configure your IPaddresses.

Instead, a server and a protocol called DHCP(Dynamic Host Configuration Protocol)are used.

Names.

Today, it is neither common to use IP addresses to referto IP destinations.

Instead of IP addresses, which are hard to remember,users utilize names like in your phone address book.

The address book for the Internet names is placed in

servers and a protocol is used to access them. This system is called DNS (Domain Name System). In a Unix system, you can use the hostcommand to

query your DNS:$ host 147.83.2.3

49/111


Outline


50/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools


2 Routers

3 Servers

4 Unix Boxes

5 Virtualization

50/111


Internet Applications I


51/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

The DNS and DHCP services (applications or

protocols), and other services such as e-mail, Web,whois, etc. use the IP network with a client/server

model.

51/111


Client/Server Model


52/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Server processes or network daemons runcontinuously in background.

Clients initiate the communication with servers.

Clients must know the address of the server.

In the Internet: The address of a process is composed of three

parameters:IP address, transport protocol and port. The transport protocols (L4) provide multiplexing

identifiers for their users (applications). The transport multiplexing ID has a size of 16 bits and it

is calledport. There are two transport protocols: TCP and UDP.

52/111


Internet Transport Protocols


53/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

User Datagram Protocol (UDP): UDP is the simplest transport protocol. UDP is a message-oriented protocol or datagram protocol. Each UDP datagram (message) is encapsulated in a IP datagram. For its users, UDP only offers multiplexing and a checksum for

discarding wrong data. For multiplexing, UDP uses the source and destination ports.

Transport Control Protocol (TCP): TCP provides applications with a full-duplex communication,

encapsulating its data over IP datagrams. TCP communication is connection-oriented because there is a

handshake of three messages before data can be sent. The TCP communication is managed as a data flow (TCP is not

message-oriented). Apart from multiplexing capabilities, TCP is a reliable protocol. TCP adds support to detect errors or lost data and to trigger

retransmission until the data is correctly and completely received.

53/111


Well-known Ports


54/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

The client needs to know IP, protocol and port to create

a socket (communication) with a server. The client usually knows the IP (or name) of the server

and there is a well-known transport protocol and port

per service.

For example, HTTPservers (for the Web) useTCP/80, DNS servers useUDP/53 for name queriesand the DHCP servers

use UDP/67.

Example clients: hostcommand (DNS), firefox

(DNS and HTTP), etc.

54/111


Internet is not so Simple


55/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

55/111


Outline


56/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools


2 Routers

3 Servers

4 Unix Boxes

5 Virtualization

56/111




57/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools


Hub

Bridge

Switch2 Routers

Motivation

Internet

Addresses

Sending Packets: Routing Basics

Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API



Unix Boxes


58/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

A Linux system can be used as:

Switch or bridge (withbrctlutils). Router (activating forwarding and also dynamic routing

with Quagga).

For doing NAT (with iptables). As firewall (also withiptables). As almost any type of server: DHCP server, DNS

server, Web server, etc.

Everything for free, it is open source!!

58/111




59/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

, g

Hub

Bridge

Switch2 Routers

Motivation

Internet

Addresses


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API

5 Virtualization 59/111 Networks &

Virtualization

Linux Rings


60/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Modular design

Kernel. Kernelmanages hardware

and essentialoperations with thehardware.

User space.Processes of users.

Hardware

Kernel (ring0)

User Space (ring1)

60/111


Hardware


61/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Central Processing Unit (CPU). The CPU is

responsible executing programs.

Memory.Memory is used to store both program

instructions and data. Input/Output (I/O) Devices.The kernel manages

requests from user applications to perform input and

output operations and provides convenient methods for

using each device.

61/111


H b B id



62/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Hub

Bridge

Switch2 Routers

Motivation

Internet

Addresses


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API



H b B id

System Calls


63/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

The kernel provices an interface to user applications

managing low level operations with the hardware.

It runs in supervisor mode.

Unix systems provide a library or API that sits between

user programs and the Kernel.

C library such as glibc provides wrapper functions for

the system calls. For example:

i n t k i l l ( p i d _t p id , i n t s i g ) ;

63/111


Hub Bridge

Modules


64/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

The Linux Kernel is a monolithic hybrid kernel.

Monolithic means the kernel is alone in supervisormode.

Hybrid means that kernel extensions, called modules,

can be loaded and unloaded into the kernel upon

demand while the kernel is running. Device drivers are one type of module.

When you build a Linux kernel you can decide if you

include a certain module inside the kernel (statically

compiled module) or if you allow this module to be

loaded at run time by your kernel (dynamic module).

The commands to list , insert and remove modules

are:lsmod, insmod, modprobeandrmmod.

64/111


Hub Bridge



65/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

Hub

Bridge

Switch2 Routers

Motivation

Internet

Addresses


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API



Hub Bridge

What is an API


66/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API


User Mode Linux

UML Networks

Simtools

An application programming interface (API) is an

interface implemented by a software program to enable

interaction with other software.

Usually, an API is presented as set of functions

collected in a library (C/C++ library).

It may include specifications for routines, datastructures, object classes and protocols used to

communicate between the consumer and implementer

of the API.

An API tries to hide implementation details of someservices to costumer, and provides an easy access to

those services.

66/111


Hub Bridge

Network API


67/111


Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

VirtualizationIntroductionUser Mode Linux

UML Networks

Simtools

Network Services are usually provided by the kernel of

the OS. Application programers access to Network Services

through a Network API.

The protocols of the TCP/IP architecture that have an

API aretransport protocols.

67/111


Hub, Bridge

Network API Characteristics


68/111

ub, dgeand Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

VirtualizationIntroductionUser Mode Linux

UML Networks

Simtools

Generic (multiple protocols)

Independence from OS

For the TCP/IP architecture:

There is not an standard Network API Some TCP/IP Network APIs are

Berkeley Sockets (BSD Sockets) TLS-XTI (Transport Layer Interface) Winsock MacTCP

The basic transport protocols are TCP and UDP.

The API allows a programmer to build TCP and UDPclient/server applications.

68/111


Hub, Bridge

API Functions


69/111

, gand Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

In unix-like systems, Sockets API is part of the OS

(system calls). Allows the user to:

Specify local & remote parameters of a connection. Start a connection. Wait for a connection.

Send and receive data. Finish connections. Manage errors.

It is not expected that any application accesses using

any lower layer of the TCP/IP protocol stack.

The network parameters (like IP addresses, routing

tables, etc.) have to be configured by the super user of

the system.

69/111


Hub, Bridge

netcat


70/111

and Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Useful tool for networks: Swiss Army Knife ofnetworking.

It can be used to open raw TCP and UDP sockets in

client and server modes.

netcatas client:

$ nc hostname port

We can use the -l (listening) option to make netcat

work as a server:

$ nc -l -p port

70/111


Hub, Bridge

Outline


71/111

and Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools


2 Routers

3 Servers

4 Unix Boxes

5 Virtualization

71/111


Hub, Bridged S i h


Hub


72/111

and Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Hub

Bridge

Switch2 Routers

Motivation

Internet

Addresses


Receiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API



Hub, Bridged S it h

Elements I


73/111

and Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Virtualization is a methodology for dividing the

resources of a physical computer into multipleoperating system (OS) environments.

Virtualized enviroments have three basic elements

Hypervisor or Physical Host (Phyhost). This is thehardware, the operating system and any other softwareneeded to run the virtual machines.

Guests. These are the virtual systems running over thephyhost.

Virtual switches.The virtual network is composed of avirtual switches that connect the guests like in a real

network. As an additional feature, the phyhost canprovide connectivity for its guests, allowing them toexchange traffic with real networks like Internet.

73/111



Elements II


74/111

and Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

The guests have to be accesible by some method: via a

CLI, a GUI or by some network service (SSH, etc.).

The phyhost can have a virtual network interface(TUN/TAP interface) that can be connected to the

virtual switch.

74/111



Types of virtualization I


75/111

and Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Hardware Emulation or Virtual machines (VMs).

This approach allows an hypervisor (phyhost) to run an

arbitrary guest operating system. The guest OS is not

modified and it is not aware that it is not running on real

hardware. Paravirtualization.In this virtualization approach most

of the work of the VMM is implemented in the guest OS

code, which is modified to avoid the use of privileged

instructions. The paravirtualization approach is used by

projects such as Wine and User Mode Linux (UML).

75/111



Types of virtualization II

Virtualization on the OS level, a.k.a. containers


76/111

and Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Virtualization on the OS level, a.k.a. containers

virtualization.OS-level virtualization systems have

been designed to provide the required isolation andsecurity to run multiple applications or copies of the

same OS (but different distributions of the OS) on the

same server. OpenVZ, Virtuozzo etc.

76/111




Hub


77/111

and Switch

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Hub

Bridge

Switch2 Routers

Motivation

Internet

Addresses

Sending Packets: Routing BasicsReceiving Packets


3 Servers

4 Unix BoxesIntro

Rings

System Calls

Network API




What is User Mode Linux


78/111

a d S tc

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

User Mode Linux (UML) was created as a kerneldevelopment tool to be able to boot a kernel in the user

space of another kernel.

UML is a type of paravirtualization.

In particular, UML is designed to be run over anotherLinux kernel.

So UML does not require an intermediate virtualization

layer or VMM in the phyhost.

To run an UML machine we need a compiled UML

kernel and a Linux filesystem.

78/111



*Build your UML Kernel

and Filesystem I


79/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Kernel

phyhost:~$ mkdir ~/uml

phyhost:~$ cd ~/uml

phyhost:~/uml$

phyhost:~/uml$ tar -jxvf linux-XXX.tar.bz2

phyhost:~/uml$ cd linux-XXX

phyhost:~/uml/linux-XXX$

phyhost:~/uml/linux-XXX$ sudo apt-get install build-essential

phyhost:~/uml/linux-XXX$ make mrproper ARCH=um

phyhost:~/uml/linux-XXX$ make defconfig ARCH=umphyhost:~/uml/linux-XXX$ make ARCH=um

phyhost:~/uml/linux-XXX$ strip linux

Filesystem

phyhost# apt-get install debootstrap

phyhost$ cd ~/umlphyhost:~/uml$ dd bs=1M if=/dev/zero of=debian7.fs count=2048

phyhost:~/uml$ mkfs.ext4 debian7.fs -F

phyhost:~/uml$ mkdir image

phyhost:~/uml$ sudo mount -o loop debian7.fs image/

phyhost:~/uml$ sudo debootstrap --arch i386 wheezy image/

ftp://ftp.de.debian.org/debian/

79/111




and Filesystem II


80/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Kernel Modulesphyhost$ cd ~/uml/linux-XXX/

phyhost:~/uml/linux-XXX# make modules_install

INSTALL_MOD_PATH=../image ARCH=um

fstab

1 / dev / ubda / e xt 4 d e f a u l t s 0 12 pro c / proc proc d e f a u l t s 0 0

Password forroot

phyhost:~/uml# chroot image

phyhost# passwd

80/111




and Filesystem III


81/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Finishing the configuration:phyhost# exit

phyhost:~/uml# umount image

To update the system or install a package XXX use the

following commands:phyhost# mount -o loop debian7.fs image/

phyhost# cp /etc/resolv.conf image/etc/resolv.conf

phyhost# mount -t proc none image/proc

phyhost# chroot image

phyhost# apt-get update

phyhost# apt-get install XXX #install package

phyhost# exit

phyhost# umount image/procphyhost# fuser -k image

phyhost# umount image

81/111



Starting an UML Machine


82/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Let us assume that you have compiled the Linux UML Kernel(uml-linux) and that you have created a filesystem(debian7.fs).

You can start the UML machine executing the followingcommand:

phyhost:~/uml$ ./uml-linux ubda=debian7.fs mem=128M

The previous command executes the UML kernel in the userspace of the phyhost using the filesystem debian7.fs.

Notice that we have also specified the size of RAM memory

that is going to be used (128 Megabytes).

82/111



Copy on Write Filesystems


83/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

What happens if we want to boot two virtual guests?

Need different filesystems.

A better solution is to use the UML technology called COW(Copy-On-Write).

COW allows changes to a filesystem to be stored in a file in

the phyhost separate from the filesystem itself.phyhost:~uml$ ./uml-linux ubda=cowfile1,debian7.fs mem=128M

phyhost:~uml$ ./uml-linux ubda=cowfile2,debian7.fs mem=128M

After the first time you can simpy type:

phyhost:~uml$ ./uml-linux ubda=cowfile1 mem=128M

phyhost:~uml$ ./uml-linux ubda=cowfile2 mem=128M

83/111




Hub


84/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Bridge

Switch2 Routers

Motivation

Internet

Addresses



3 Servers

4 Unix Boxes

Intro

Rings

System Calls

Network API




H b

Connecting UML Guests

You can build a virtual TCP/IP network with UML guests andthe l it h application (which is in the uml utilites


85/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

theuml_switchapplication (which is in the uml-utilitespackage).

Command lines:

t1-phyhost$ uml_switch

uml_switch attached to unix socket /tmp/uml.ctl

t2-phyhost:~uml$ linux-uml ubda=cowfile1 mem=128M eth0=daemon

t3-phyhost:~uml$ linux-uml ubda=cowfile2 mem=128M eth0=daemon

85/111



Hub

Connecting Host with Guests/tmp/uml.ctl


86/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

uml_switch

eth0 eth0UML1Guest

UML2Guest

host

OS

tap0

The host is connected to the uml_switchwith a virtualEthernet interface. To create it:

host# tunctl -u user1 -t tap0

Connect the uml_switch with the Hosts virtual interface:

$ uml_switch -tap tap0

86/111



Hub

Multiple Switches


87/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

If you want multiple switches on the host, then the UNIXdomain sockets have to be different for each switch.

A different socket can be specified with:

phyhost$ uml_switch -unix /tmp/uml2.ctl

In order to attach to this switch, the same socket must

be provided to the UML network driver:

phyhost:~uml$ ./linux-uml ubda=cowfile2 mem=128M

eth0=daemon,,unix,/tmp/uml2.ctl

87/111



Hub

TUN/TAP Interfaces I

Tun/tap interfaces are software only interfaces


88/111

Hub

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Tun/tap interfaces are software-only interfaces.

They exist only in the kernel. Unlike regular network interfaces, they have no physical

hardware component (and so theres no physical wire

connected to them).

It is like a regular network interface that, when thekernel decides that the moment has come to send data

on the wire, instead sends data to an userspace

program that is attached to the interface.

In our case, this program will be a software switch.

When the soft switch generates data, to the kernel, it

would look like the tun/tap interface is receiving data

from the wire.

88/111



Hub

TUN/TAP Interfaces II


89/111

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

The difference between a tap interface and a tun

interface is that: A tap interface outputs and must be given full ethernet

frames. A tun interface outputs and must be given raw IP

packets.

Once a tun/tap interface is in place, it can be used just

like any other interface.

IP addresses can be assigned, its traffic can be

analyzed, firewall rules can be created, routes pointing

to it can be established, etc.

89/111



Hub

More Networking with Guests I


90/111

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Bridged Guests.

Guests can send frames outside the virtual network. A tap interface must be used.

The tap interface is bridged in the hypervisor with aphysical interface.

Frames generated by a guest can reach physicalswitches and hosts.

Bridged guests allow all the protocols over Ethernet.

90/111



Hub

More Networking with Guests II

Routing for Guests.

I thi fi ti t t i t f


91/111

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

In this configuration we can use tun or tap interfaces.

The phyhost acts as router (reencapsulates the IPpacket in the output interface).

We can add NAT to allow a guest to access the publicnetwork (Internet).

91/111



Hub

Motivation of VNUML


92/111

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Defining large topologies is hard and prone to errors.

Helpful to have some systematic way of defining these

topologies.

VNUML (Virtual Network User Mode Linux) is a project

of the UPM (Universidad Politecnica de Madrid) for this

purpose.

VNUML allows to easily define and run simulations

involving virtual networks using UML.

92/111



Hub


Hub

Bridge


93/111

Bridge

Switch

Routers

Motivation

Internet

Addresses

Sending Packets:

Routing Basics

Receiving Packets

More About

Addresses

Servers

Unix BoxesIntro

Rings

System Calls

Network API

Virtualization

Introduction

User Mode Linux

UML Networks

Simtools

Bridge

Switch2 Routers

Motivation

Internet

Addresses



3 Servers

4 Unix Boxes

Intro

Rings

System Calls

Network API

5 Virtualization 93/111 Networks &

Virtualization


Hub

Why Virtual Networks? I

If t t


94/111

Bridge

Switch

Routers

virtualizacion red

Documents