Upload
others
View
17
Download
1
Embed Size (px)
Citation preview
Chair for Network Architectures and Services – Prof. Carle Department for Computer ScienceTU München
Master Course Computer Networks
IN2097
Prof. Dr.-Ing. Georg CarleChristian Grothoff, Ph.D.
Chair for Network Architectures and ServicesInstitut für Informatik
Technische Universität Münchenhttp://www.net.in.tum.de
Network Security, WS 2008/09, Chapter 9 32IN2097 - Master Course Computer Networks, WS 2009/2010 32
Chapter 4: Network Layer
Part 1IntroductionIP: Internet Protocol
Datagram formatIPv4 addressingICMP
Part 2IPv6Virtual circuit and datagram networksWhat’s inside a routerNAT
Part 3Routing algorithms
Link stateDistance VectorHierarchical routing
Routing in the InternetRIPOSPFBGP
Broadcast and multicast routing
Network Security, WS 2008/09, Chapter 9 33IN2097 - Master Course Computer Networks, WS 2009/2010 33
IPv6
Initial motivation: 32-bit address space soon to be completely allocated. Additional motivation:
header format helps speed processing/forwardingheader changes to facilitate QoS
IPv6 datagram format:fixed-length 40 byte headerno fragmentation allowed
Network Security, WS 2008/09, Chapter 9 34IN2097 - Master Course Computer Networks, WS 2009/2010 34
IPv6 Header (Cont)
Priority: identify priority among datagrams in flowFlow Label: identify datagrams in same “flow.”
(concept of“flow” not well defined).Next header: identify upper layer protocol for data
Network Security, WS 2008/09, Chapter 9 35IN2097 - Master Course Computer Networks, WS 2009/2010 35
Other Changes from IPv4
Checksum: removed entirely to reduce processing time at each hopOptions: allowed, but outside of header, indicated by “Next Header” fieldICMPv6: new version of ICMP
additional message types, e.g. “Packet Too Big”multicast group management functions
Network Security, WS 2008/09, Chapter 9 36IN2097 - Master Course Computer Networks, WS 2009/2010 36
Transition From IPv4 To IPv6
Not all routers can be upgraded simultaneousno “flag days”How will the network operate with mixed IPv4 and IPv6 routers?
Tunneling: IPv6 carried as payload in IPv4 datagram among IPv4 routers
Network Security, WS 2008/09, Chapter 9 37IN2097 - Master Course Computer Networks, WS 2009/2010 37
Tunneling
A B E F
IPv6 IPv6 IPv6 IPv6
tunnelLogical view:
Physical view:A B E F
IPv6 IPv6 IPv6 IPv6IPv4 IPv4
Network Security, WS 2008/09, Chapter 9 38IN2097 - Master Course Computer Networks, WS 2009/2010 38
Tunneling
A B E F
IPv6 IPv6 IPv6 IPv6
tunnelLogical view:
Physical view:A B E F
IPv6 IPv6 IPv6 IPv6
C D
IPv4 IPv4
Flow: XSrc: ADest: F
data
Flow: XSrc: ADest: F
data
Flow: XSrc: ADest: F
data
Src:BDest: E
Flow: XSrc: ADest: F
data
Src:BDest: E
A-to-B:IPv6
E-to-F:IPv6B-to-C:
IPv6 insideIPv4
B-to-C:IPv6 inside
IPv4
Network Security, WS 2008/09, Chapter 9 39IN2097 - Master Course Computer Networks, WS 2009/2010 39
Chapter 4: Network Layer
Part 1IntroductionIP: Internet Protocol
Datagram formatIPv4 addressingICMP
Part 2IPv6Virtual circuit and datagram networksWhat’s inside a routerNAT
Part 3Routing algorithms
Link stateDistance VectorHierarchical routing
Routing in the InternetRIPOSPFBGP
Broadcast and multicast routing
Network Security, WS 2008/09, Chapter 9 40IN2097 - Master Course Computer Networks, WS 2009/2010 40
Connection setup
In addition to routing and forwarding, 3rd important function insome network architectures:
ATM, frame relay, X.25before datagrams flow, two end hosts and intervening switches/routers establish virtual connection
switches/routers get involvednetwork vs transport layer connection service:
network: between two hosts (may also involve intervening switches/routers in case of VCs)transport: between two processes
Network Security, WS 2008/09, Chapter 9 41IN2097 - Master Course Computer Networks, WS 2009/2010 41
Network service model
Q: What service model for “channel” transporting datagrams from sender to receiver?
Example services for individual datagrams:guaranteed deliveryguaranteed delivery with less than 40 msec delay
Example services for a flow of datagrams:in-order datagram deliveryguaranteed minimum bandwidth to flowrestrictions on changes in inter-packet spacing
Network Security, WS 2008/09, Chapter 9 42IN2097 - Master Course Computer Networks, WS 2009/2010 42
Network layer service models
NetworkArchitecture
Internet
ATM
ATM
ATM
ATM
ServiceModel
best effort
CBR
VBR
ABR
UBR
Bandwidth
none
constantrateguaranteedrateguaranteed minimumnone
Loss
no
yes
yes
no
no
Order
no
yes
yes
yes
yes
Timing
no
yes
yes
no
no
Congestionfeedback
no (inferredvia loss)nocongestionnocongestionyes
no
Guarantees ?
Network Security, WS 2008/09, Chapter 9 43IN2097 - Master Course Computer Networks, WS 2009/2010 43
Network layer connection and connection-less service
datagram network provides network-layer connectionless serviceVC network provides network-layer connection serviceanalogous to the transport-layer services, but:
service: host-to-hostno choice: network provides one or the otherimplementation: in network core
Network Security, WS 2008/09, Chapter 9 44IN2097 - Master Course Computer Networks, WS 2009/2010 44
Virtual circuits
call setup, teardown for each call before data can floweach packet carries VC identifier (not destination host address)every router on source-dest path maintains “state” for each passing connectionlink, router resources (bandwidth, buffers) may be allocated to VC (dedicated resources = predictable service)
“source-to-dest path behaves much like telephone circuit”performance-wisenetwork actions along source-to-dest path
Network Security, WS 2008/09, Chapter 9 45IN2097 - Master Course Computer Networks, WS 2009/2010 45
VC implementation
a VC consists of:1. path from source to destination2. VC numbers, one number for each link along path3. entries in forwarding tables in routers along pathpacket belonging to VC carries VC number (rather than destaddress)VC number can be changed on each link.
New VC number comes from forwarding table
Network Security, WS 2008/09, Chapter 9 46IN2097 - Master Course Computer Networks, WS 2009/2010 46
Forwarding table
12 22 32
1 23
VC number
interfacenumber
Incoming interface Incoming VC # Outgoing interface Outgoing VC #
1 12 3 222 63 1 18 3 7 2 171 97 3 87… … … …
Forwarding table innorthwest router:
Routers maintain connection state information!
Network Security, WS 2008/09, Chapter 9 47IN2097 - Master Course Computer Networks, WS 2009/2010 47
Virtual circuits: signaling protocols
used to setup, maintain teardown VCused in ATM, frame-relay, X.25not used in today’s Internet
applicationtransportnetworkdata linkphysical
applicationtransportnetworkdata linkphysical
1. Initiate call 2. incoming call3. Accept call4. Call connected
5. Data flow begins 6. Receive data
Network Security, WS 2008/09, Chapter 9 48IN2097 - Master Course Computer Networks, WS 2009/2010 48
Datagram networks
no call setup at network layerrouters: no state about end-to-end connections
no network-level concept of “connection”packets forwarded using destination host address
packets between same source-dest pair may take different paths
applicationtransportnetworkdata linkphysical
applicationtransportnetworkdata linkphysical
1. Send data 2. Receive data
Network Security, WS 2008/09, Chapter 9 49IN2097 - Master Course Computer Networks, WS 2009/2010 49
Datagram or VC network: why?
Internet (datagram)data exchange among computers
“elastic” service, no strict timing req.
“smart” end systems (computers)can adapt, perform control, error recoverysimple inside network, complexity at “edge”
many link types different characteristicsuniform service difficult
ATM (VC)evolved from telephonyhuman conversation:
strict timing, reliability requirementsneed for guaranteed service
“dumb” end systemstelephonescomplexity inside network
Network Security, WS 2008/09, Chapter 9 50IN2097 - Master Course Computer Networks, WS 2009/2010 50
Chapter 4: Network Layer
Part 1IntroductionIP: Internet Protocol
Datagram formatIPv4 addressingICMP
Part 2IPv6Virtual circuit and datagram networksWhat’s inside a router
Part 3Routing algorithms
Link stateDistance VectorHierarchical routing
Routing in the InternetRIPOSPFBGP
Broadcast and multicast routing
Network Security, WS 2008/09, Chapter 9 51IN2097 - Master Course Computer Networks, WS 2009/2010 51
Shared Backplane
Line Interface
CPU
Memory
CPU BufferMemory
LineInterface
DMA
MAC
LineInterface
DMA
MAC
LineInterface
DMA
MAC
First-Generation IP Routers
Network Security, WS 2008/09, Chapter 9 52IN2097 - Master Course Computer Networks, WS 2009/2010 52
CPU BufferMemory
LineCard
DMA
MAC
LocalBuffer
Memory
LineCard
DMA
MAC
LocalBuffer
Memory
LineCard
DMA
MAC
LocalBuffer
Memory
Second-Generation IP Routers
Network Security, WS 2008/09, Chapter 9 53IN2097 - Master Course Computer Networks, WS 2009/2010 53
LineCard
MAC
LocalBuffer
Memory
CPUCard
LineCard
MAC
LocalBuffer
Memory
Switched Backplane
Line Interface
Line Interface
Line Interface
Line Interface
Line Interface
Line Interface
Line Interface
Line Interface
CPUMemory
Third-Generation Switches/Routers
Network Security, WS 2008/09, Chapter 9 54IN2097 - Master Course Computer Networks, WS 2009/2010 54
1 2 3 4 5 6 7 8 9 10 111213 1415 16
17 1819 20 21 22 23 2425 26 2728 29 30 31 32
13 14 15 16 17 18
19 20 21 22 23 24
25 26 27 28 29 30
31 32 21
1 2 3 4 5 6
7 8 9 10 11 12
Fourth-Generation Switches/RoutersClustering and Multistage
Network Security, WS 2008/09, Chapter 9 55IN2097 - Master Course Computer Networks, WS 2009/2010 55
Router Architecture Overview
Two key router functions:run routing algorithms/protocol (RIP, OSPF, BGP)forwarding datagrams from incoming to outgoing link
Network Security, WS 2008/09, Chapter 9 56IN2097 - Master Course Computer Networks, WS 2009/2010 56
Input Port Functions
Decentralized switching:given datagram dest., lookup output port using forwarding table in input port memorygoal: complete input port processing at ‘line speed’queuing: if datagrams arrive faster than forwarding rate into switch fabric
Physical layer:bit-level reception
Data link layer:e.g., Ethernetsee chapter 5
Network Security, WS 2008/09, Chapter 9 57IN2097 - Master Course Computer Networks, WS 2009/2010 57
Three types of switching fabrics
Network Security, WS 2008/09, Chapter 9 58IN2097 - Master Course Computer Networks, WS 2009/2010 58
Switching Via Memory
First generation routers:traditional computers with switching under direct control of CPUpacket copied to system’s memoryspeed limited by memory bandwidth (2 bus crossings per datagram)
InputPort
OutputPort
Memory
System Bus
Network Security, WS 2008/09, Chapter 9 59IN2097 - Master Course Computer Networks, WS 2009/2010 59
Switching Via a Bus
datagram from input port memoryto output port memory via a shared busbus contention: switching speed limited by bus bandwidth32 Gbps bus, Cisco 5600: sufficient speed for access and enterprise routers
Network Security, WS 2008/09, Chapter 9 60IN2097 - Master Course Computer Networks, WS 2009/2010 60
Switching Via An Interconnection Network
overcome bus bandwidth limitationsBanyan networks, other interconnection nets initially developed to connect processors in multiprocessoradvanced design: fragmenting datagram into fixed length cells, switch cells through the fabric. Cisco 12000: switches 60 Gbps through the interconnection network
Banyan network:
Network Security, WS 2008/09, Chapter 9 61IN2097 - Master Course Computer Networks, WS 2009/2010 61
Output Ports
Buffering required when datagrams arrive from fabric faster than the transmission rateScheduling discipline chooses among queued datagrams for transmission
Network Security, WS 2008/09, Chapter 9 62IN2097 - Master Course Computer Networks, WS 2009/2010 62
Output port queueing
buffering when arrival rate via switch exceeds output line speedqueueing (delay) and loss due to output port buffer overflow!
Network Security, WS 2008/09, Chapter 9 63IN2097 - Master Course Computer Networks, WS 2009/2010 63
Input Port Queuing
Fabric slower than input ports combined -> queueing may occur at input queues Head-of-the-Line (HOL) blocking: queued datagram at front of queue prevents others in queue from moving forwardqueueing delay and loss due to input buffer overflow!