Transcription
Chapter 4Network Layer:The Data PlaneA note on the use of these Powerpoint slides:We’re making these slides freely available to all (faculty, students, readers).They’re in PowerPoint form so you see the animations; and can add, modify,and delete slides (including this one) and slide content to suit your needs.They obviously represent a lot of work on our part. In return for use, we onlyask the following: If you use these slides (e.g., in a class) that you mention their source(after all, we’d like people to use our book!) If you post any slides on a www site, that you note that they are adaptedfrom (or perhaps identical to) our slides, and note our copyright of thismaterial.Thanks and enjoy! JFK/KWRAll material copyright 1996-2016J.F Kurose and K.W. Ross, All Rights ReservedComputerNetworking: A TopDown Approach7th editionJim Kurose, Keith RossPearson/Addison WesleyApril 2016Network Layer: Data Plane 4-1
Chapter 4: outline4.1 Overview of Networklayer data plane control plane4.2 What’s inside a router4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing network addresstranslation IPv64.4 Generalized Forwardand SDN match action OpenFlow examplesof match-plus-actionin actionNetwork Layer: Data Plane 4-2
Chapter 4: network layerchapter goals: understand principles behind network layerservices, focusing on data plane: network layer service modelsforwarding versus routinghow a router worksgeneralized forwarding instantiation, implementation in the InternetNetwork Layer: Data Plane 4-3
Network layer transport segment fromsending to receivinghost on sending sideencapsulates segmentsinto datagrams on receiving side,delivers segments totransport layer network layer protocolsin every host, router router examines headerfields in all IPdatagrams passingthrough itapplicationtransportnetworkdata linkphysicalnetworkdata linkphysicalnetworkdata linkphysicalnetworkdata linkphysicalnetworkdata linkphysicalnetworkdata linkphysicalnetworknetworkdata linkdata linkphysicalphysicalnetworkdata linkphysicalnetworkdata linkphysicalnetworkdata linkphysicalnetworkdata linkphysicalapplicationtransportnetworkdata linkphysicalNetwork Layer: Data Plane 4-4
Two key network-layerfunctionsnetwork-layer functions: analogy: taking a trip forwarding: process of forwarding: movegetting through singlepackets from router’sinterchangeinput to appropriaterouter output routing: determine route routing: process oftaken by packets fromplanning trip fromsource to destinationsource to destination routing algorithmsNetwork Layer: Data Plane 4-5
Network layer: data plane, controlplaneData planeControl plane local, per-router function determines howdatagram arriving onrouter input port isforwarded to routeroutput port forwarding function network-wide logic determines how datagram isrouted among routers alongend-end path from sourcehost to destination host two control-planeapproaches: traditional routingalgorithms: implementedin routers software-definednetworking (SDN):implemented in (remote)serversNetwork Layer: Data Plane 4-6values in arrivingpacket header1011132
Per-router control planeIndividual routing algorithm components in each and everyrouter interact in the control planeRoutingAlgorithmcontrolplanedataplanevalues in arrivingpacket header1011132Network Layer: Control Plane 5-7
Logically centralized control planeA distinct (typically remote) controller interacts with localcontrol agents (CAs)Remote ControllercontrolplanedataplaneCACAvalues in arrivingpacket headerCACACA1011132Network Layer: Control Plane 5-8
Network service modelQ: What service model for “channel”transporting datagrams from sender toreceiver?example services for aexample services forflow of datagrams:individualdatagrams: in-order datagram guaranteed delivery guaranteed deliverywith less than 40 msecdelaydelivery guaranteed minimumbandwidth to flow restrictions on changesin inter-packet spacingNetwork Layer: Data Plane 4-9
Network layer service antees ?CongestionBandwidth Loss Order Timing feedbackbest effort oyesnono (inferredvia loss)nocongestionnocongestionyesnoyesnonoNetwork Layer: Data Plane 4-10
Chapter 4: outline4.1 Overview of Networklayer data plane control plane4.2 What’s inside a router4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing network addresstranslation IPv64.4 Generalized Forwardand SDN match action OpenFlow examplesof match-plus-actionin actionNetwork Layer: Data Plane 4-11
Router architecture overview high-level view of generic router architecture:routingprocessorrouting, managementcontrol plane (software)operates in millisecondtime frameforwarding data plane(hardware) operttes r input portsrouter output portsNetwork Layer: Data Plane 4-12
Input port lookup,forwardingswitchfabricqueueingphysical layer:bit-level receptiondata link layer:e.g., Ethernetsee chapter 5decentralized switching: using header field values, lookup outputport using forwarding table in input portmemory (“match plus action”) goal: complete input port processing at‘line speed’ queuing: if datagrams arrive faster thanforwarding rate into switch fabricNetwork Layer: Data Plane 4-13
Input port functionslineterminationphysical layer:bit-level receptiondata link layer:e.g., Ethernetsee chapter fabricqueueingdecentralized switching: using header field values, lookup outputport using forwarding table in input portmemory (“match plus action”) destination-based forwarding: forwardbased only on destination IP address(traditional) generalized forwarding: forward basedon any set of header field valuesNetwork Layer: Data Plane 4-14
Destination-basedforwardingforwarding tableDestination Address RangeLink Interface11001000 00010111 00010000 00000000through11001000 00010111 00010111 11111111011001000 00010111 00011000 00000000through11001000 00010111 00011000 11111111111001000 00010111 00011001 00000000through11001000 00010111 00011111 111111112otherwise3Q: but what happens if ranges don’t divide up so nicely?Network Layer: Data Plane 4-15
Longest prefix matchinglongest prefix matchingwhen looking for forwarding table entry for givendestination address, use longest address prefixthat matches destination address.Destination Address RangeLink interface11001000 00010111 00010*** *********011001000 00010111 00011000 *********111001000 00010111 00011*** *********2otherwise3examples:DA: 11001000 00010111 00010110 10100001DA: 11001000 00010111 00011000 10101010which interface?which interface?Network Layer: Data Plane 4-16
Longest prefix matching we’ll see why longest prefix matching is usedshortly, when we study addressing longest prefix matching: often performedusing ternary content addressable memories(TCAMs) content addressable: present address to TCAM:retrieve address in one clock cycle, regardless oftable size Cisco Catalyst: can up 1M routing table entries inTCAMNetwork Layer: Data Plane 4-17
Switching fabrics transfer packet from input buffer toappropriate output buffer switching rate: rate at which packets can betransfer from inputs to outputs often measured as multiple of input/output line rate N inputs: switching rate N times line rate desirable three types of switching fabricsmemorymemorybuscrossbarNetwork Layer: Data Plane 4-18
Switching via memoryfirst generation routers: traditional computers with switching under directcontrol of CPU packet copied to system’s memory speed limited by memory bandwidth (2 bus crossingsper e.g.,Ethernet)system busNetwork Layer: Data Plane 4-19
Switching via a bus datagram from input portmemoryto output port memory via ashared bus bus contention: switchingspeed limited by bus bandwidth 32 Gbps bus, Cisco 5600:sufficient speed for access andenterprise routersbusNetwork Layer: Data Plane 4-20
Switching via interconnectionnetwork overcome bus bandwidthlimitations banyan networks, crossbar, otherinterconnection nets initiallydeveloped to connect processorsin multiprocessor advanced design: fragmentingdatagram into fixed length cells,switch cells through the fabric. Cisco 12000: switches 60 Gbpsthrough the interconnectionnetworkcrossbarNetwork Layer: Data Plane 4-21
Input port queuing fabric slower than input ports combined - queueingmay occur at input queues queueing delay and loss due to input buffer overflow! Head-of-the-Line (HOL) blocking: queued datagram atfront of queue prevents others in queue from movingforwardswitchfabricoutput port contention:only one red datagram can betransferred.lower red packet is blockedswitchfabricone packet timelater: green packetexperiences HOLblockingNetwork Layer: Data Plane 4-22
Output portsswitchfabricdatagrambufferqueueingThis slide in HUGELY important!linklayerprotocol(send)linetermination buffering required Datagramwhen datagrams(packets) can be lostarrive from fabric duefasterthan thelack of buffersto congestion,transmission rate scheduling disciplinechoosesamongPriority scheduling– whogets bestperformance,network neutralityqueued datagramsfor transmissionNetwork Layer: Data Plane 4-23
Output port queueingswitchfabricat t, packets morefrom input to outputswitchfabricone packet time later buffering when arrival rate via switch exceedsoutput line speed queueing (delay) and loss due to output portbuffer overflow!Network Layer: Data Plane 4-24
How much buffering? RFC 3439 rule of thumb: average bufferingequal to “typical” RTT (say 250 msec) timeslink capacity C e.g., C 10 Gpbs link: 2.5 Gbit buffer recent recommendation: with N flows,buffering equal toRTT . CNNetwork Layer: Data Plane 4-25
Scheduling mechanisms scheduling: choose next packet to send on link FIFO (first in first out) scheduling: send in orderof arrival to queue real-world example? discard policy: if packet arrives to full queue: who todiscard? tail drop: drop arriving packet priority: drop/remove on priority basis random: drop/remove randomlypacketarrivalsqueuelink(waiting area) (server)packetdeparturesNetwork Layer: Data Plane 4-26
Scheduling policies: prioritypriority scheduling:send highestpriority queuedpacket multiple classes,with differentpriorities class may dependon marking or otherheader info, e.g. IPsource/dest, portnumbers, etc. real world example?high priority queue(waiting area)arrivalsdeparturesclassifylow priority queue(waiting area)link(server)2541 k Layer: Data Plane 4-27
Scheduling policies: still moreRound Robin (RR) scheduling: multiple classes cyclically scan class queues, sending onecomplete packet from each class (if available) real world example?2541 k Layer: Data Plane 4-28
Scheduling policies: still moreWeighted Fair Queuing (WFQ): generalized Round Robin each class gets weighted amount of servicein each cycle real-world example?Network Layer: Data Plane 4-29
Chapter 4: outline4.1 Overview of Networklayer data plane control plane4.2 What’s inside a router4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing network addresstranslation IPv64.4 Generalized Forwardand SDN match action OpenFlow examplesof match-plus-actionin actionNetwork Layer: Data Plane 4-30
The Internet network layerhost, router network layer functions:transport layer: TCP, UDPIP protocolrouting protocolsnetworklayer addressing conventions datagram format packet handling conventions path selection RIP, OSPF, BGPforwardingtableICMP protocol error reporting router“signaling”link layerphysical layerNetwork Layer: Data Plane 4-31
IP datagram formatIP protocol versionnumberheader length(bytes)“type” of datamax numberremaining hops(decremented ateach router)upper layer protocolto deliver payload tohow much overhead? 20 bytes of TCP 20 bytes of IP 40 bytes applayer overhead32 bitsver head. type oflen service16-bit identifieruppertime tolayerlivetotal datagramlength agmentation/reassembly32 bit source IP address32 bit destination IP addressoptions (if any)data(variable length,typically a TCPor UDP segment)e.g. timestamp,record routetaken, specifylist of routersto visit.Network Layer: Data Plane 4-32
IP fragmentation, reassemblyfragmentation:in: one large datagramout: 3 smaller datagrams reassembly network links have MTU(max.transfer size) largest possible linklevel frame different link types,different MTUs large IP datagramdivided (“fragmented”)within net one datagrambecomes severaldatagrams “reassembled” onlyat final destination IP header bits usedto identify, orderl t dftNetwork Layer: Data Plane 4-33
IP fragmentation, reassemblyexample: 4000 byte datagramMTU 1500 bytes1480 bytes indata fieldoffset 1480/8length ID fragflag 4000 x 0offset 0one large datagram becomesseveral smaller datagramslength ID fragflag 1500 x 1offset 0length ID fragflag 1500 x 1offset 185length ID fragflag 1040 x 0offset 370Network Layer: Data Plane 4-34
Chapter 4: outline4.1 Overview of Networklayer data plane control plane4.2 What’s inside a router4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing network addresstranslation IPv64.4 Generalized Forwardand SDN match action OpenFlow examplesof match-plus-actionin actionNetwork Layer: Data Plane 4-35
IP addressing: introduction IP address: 32-bit223.1.1.1identifier for host,router interface223.1.1.2 interface: connectionbetween host/routerand physical link223.1.2.1223.1.1.4223.1.3.27223.1.1.3223.1.2.2 router’s typically havemultiple interfaces host typically has one ortwo interfaces (e.g.,wired Ethernet, wireless802.11) IP addressesassociated with eachinterface223.1.2.9223.1.3.1223.1.3.2223.1.1.1 11011111 00000001 00000001 00000001223111Network Layer: Data Plane 4-36
IP addressing: introductionQ: how are interfacesactually connected?A: we’ll learn about 223.1.1.2that in chapter 5, .1.3.27223.1.2.2A: wired Ethernet interfacesconnected by Ethernet switches223.1.3.1For now: don’t need to worryabout how one interface isconnected to another (with nointervening router)223.1.3.2A: wireless WiFi interfacesconnected by WiFi base stationNetwork Layer: Data Plane 4-37
Subnets IP address: subnet part - highorder bits host part - low orderbits what’s a subnet ? device interfaces withsame subnet part ofIP address can physically reacheach other withoutintervening 3.2network consisting of 3 subnetsNetwork Layer: Data Plane 4-38
Subnets223.1.1.0/24recipe to determine thesubnets, detacheach interface fromits host or router,creating islands ofisolated networks each isolatednetwork is called 3.1.3.1223.1.3.2223.1.3.0/24subnet mask: /24Network Layer: Data Plane 4-39
Subnets223.1.1.2how .2.1223.1.3.27223.1.2.2223.1.3.1223.1.3.2Network Layer: Data Plane 4-40
IP addressing: CIDRCIDR: Classless InterDomain Routing subnet portion of address of arbitrary length address format: a.b.c.d/x, where x is # bits insubnet portion of addresssubnetparthostpart11001000 00010111 00010000 00000000200.23.16.0/23Network Layer: Data Plane 4-41
IP addresses: how to get one?Q: How does a host get IP address? hard-coded by system admin in a file Windows: control-panel- network- configuration tcp/ip- properties UNIX: /etc/rc.config DHCP: Dynamic Host Configuration Protocol:dynamically get address from as server “plug-and-play”Network Layer: Data Plane 4-42
DHCP: Dynamic Host Configuration Protocolgoal: allow host to dynamically obtain its IP address fromnetwork server when it joins network can renew its lease on address in use allows reuse of addresses (only hold address whileconnected/“on”) support for mobile users who want to join network (moreshortly)DHCP overview: host broadcasts “DHCP discover” msg [optional]DHCP server responds with “DHCP offer” msg [optional]host requests IP address: “DHCP request” msgDHCP server sends address: “DHCP ack” msgNetwork Layer: Data Plane 4-43
DHCP client-server 2.2arriving DHCPclient needsaddress in /24Network Layer: Data Plane 4-44
DHCP client-serverscenarioDHCP server: 223.1.2.5DHCP discoversrc : 0.0.0.0, 68arrivingclientBroadcast:is there adest.: 255.255.255.255,67DHCPyiaddr:server 0.0.0.0out there?transaction ID: 654DHCP offersrc: 223.1.2.5, 67Broadcast:I’m a DHCPdest: 255.255.255.255,68yiaddrr:223.1.2.4server! Here’s an IPtransaction654 useaddressyouID:canlifetime: 3600 secsDHCP requestsrc: 0.0.0.0, 68dest:: 255.255.255.255, 67Broadcast:OK. I’ll takeyiaddrr: 223.1.2.4thatIP address!transactionID: 655lifetime: 3600 secsDHCP ACKsrc: 223.1.2.5, 67dest: 255.255.255.255,68Broadcast:OK. You’veyiaddrr: 223.1.2.4gotthat IPID:address!transaction655lifetime: 3600 secsNetwork Layer: Data Plane 4-45
DHCP: more than IPaddressesDHCP can return more than just allocated IPaddress on subnet: address of first-hop router for client name and IP address of DNS sever network mask (indicating network versus hostportion of address)Network Layer: Data Plane 4-46
DHCP: DHCPDHCPDHCPUDPIPEthPhy168.1.1.1router with DHCPserver built intorouter connecting laptopneeds its IP address,addr of first-hop router,addr of DNS server: useDHCP DHCP requestencapsulated in UDP,encapsulated in IP,encapsulated in 802.1 Ethernet frame broadcast(dest: FFFFFFFFFFFF) on LAN,received at router runningDHCP server Ethernet demuxed to IPdemuxed, UDP demuxedto DHCPNetwork Layer: Data Plane 4-47
DHCP: DHCPDHCPDHCPUDPIPEthPhyrouter with DHCPserver built intorouter DCP server formulatesDHCP ACK containingclient’s IP address, IPaddress of first-hoprouter for client, name &IP address of DNSserver encapsulationof DHCPserver, frame forwardedto client, demuxing upto DHCP at client client now knows its IPaddress, name and IPaddress of DSN server,IP address of its firsthop routerNetwork Layer: Data Plane 4-48
DHCP:Wireshark output(home LAN)Message type: Boot Request (1)Hardware type: EthernetHardware address length: 6Hops: 0Transaction ID: 0x6b3a11b7Seconds elapsed: 0Bootp flags: 0x0000 (Unicast)Client IP address: 0.0.0.0 (0.0.0.0)Your (client) IP address: 0.0.0.0 (0.0.0.0)Next server IP address: 0.0.0.0 (0.0.0.0)Relay agent IP address: 0.0.0.0 (0.0.0.0)Client MAC address: Wistron 23:68:8a (00:16:d3:23:68:8a)Server host name not givenBoot file name not givenMagic cookie: (OK)Option: (t 53,l 1) DHCP Message Type DHCP RequestOption: (61) Client identifierLength: 7; Value: 010016D323688A;Hardware type: EthernetClient MAC address: Wistron 23:68:8a (00:16:d3:23:68:8a)Option: (t 50,l 4) Requested IP Address 192.168.1.101Option: (t 12,l 5) Host Name "nomad"Option: (55) Parameter Request ListLength: 11; Value: 010F03062C2E2F1F21F92B1 Subnet Mask; 15 Domain Name3 Router; 6 Domain Name Server44 NetBIOS over TCP/IP Name Server requestMessage type: Boot Reply (2)Hardware type: EthernetHardware address length: 6Hops: 0Transaction ID: 0x6b3a11b7Seconds elapsed: 0Bootp flags: 0x0000 (Unicast)Client IP address: 192.168.1.101 (192.168.1.101)Your (client) IP address: 0.0.0.0 (0.0.0.0)Next server IP address: 192.168.1.1 (192.168.1.1)Relay agent IP address: 0.0.0.0 (0.0.0.0)Client MAC address: Wistron 23:68:8a (00:16:d3:23:68:8a)Server host name not givenBoot file name not givenMagic cookie: (OK)Option: (t 53,l 1) DHCP Message Type DHCP ACKOption: (t 54,l 4) Server Identifier 192.168.1.1Option: (t 1,l 4) Subnet Mask 255.255.255.0Option: (t 3,l 4) Router 192.168.1.1Option: (6) Domain Name ServerLength: 12; Value: 445747E2445749F244574092;IP Address: 68.87.71.226;IP Address: 68.87.73.242;IP Address: 68.87.64.146Option: (t 15,l 20) Domain Name "hsd1.ma.comcast.net."replyNetwork Layer: Data Plane 4-49
IP addresses: how to get one?Q: how does network get subnet part of IP addr?A: gets allocated portion of its provider ISP’saddress spaceISP's block11001000 00010111 00010000 00000000200.23.16.0/20Organization 0Organization 1Organization 2.11001000 00010111 00010000 0000000011001000 00010111 00010010 0000000011001000 00010111 00010100 00000000 . .200.23.16.0/23200.23.18.0/23200.23.20.0/23 .Organization 711001000 00010111 00011110 00000000200.23.30.0/23Network Layer: Data Plane 4-50
Hierarchical addressing: routeaggregationhierarchical addressing allows efficient advertisement of routinginformation:Organization 0200.23.16.0/23Organization 1200.23.18.0/23Organization 2200.23.20.0/23Organization 7.Fly-By-Night-ISP“Send me anythingwith 30.0/23ISPs-R-Us“Send me anythingwith addressesbeginning199.31.0.0/16”Network Layer: Data Plane 4-51
Hierarchical addressing: more specificroutesISPs-R-Us has a more specific route to Organization 1Organization 0200.23.16.0/23Organization 2200.23.20.0/23Organization 7.Fly-By-Night-ISP“Send me anythingwith 30.0/23ISPs-R-UsOrganization 1200.23.18.0/23“Send me anythingwith addressesbeginning 199.31.0.0/16or 200.23.18.0/23”Network Layer: Data Plane 4-52
IP addressing: the last word.Q: how does an ISP get block of addresses?A: ICANN: Internet Corporation for AssignedNames and Numbers http://www.icann.org/ allocates addresses manages DNS assigns domain names, resolves disputesNetwork Layer: Data Plane 4-53
NAT: network addresstranslationrest ofInternetlocal network(e.g., home .710.0.0.3all datagrams leavinglocalnetwork have samesingle source NAT IPaddress:138.76.29.7,differentsource port numbersdatagrams with source ordestination in this networkhave 10.0.0/24 address forsource, destination (as usual)Network Layer: Data Plane 4-54
NAT: network addresstranslationmotivation: local network uses just one IP addressas far as outside world is concerned: range of addresses not needed from ISP: justone IP address for all devices can change addresses of devices in localnetwork without notifying outside world can change ISP without changing addresses ofdevices in local network devices inside local net not explicitlyaddressable, visible by outside world (a securityplus)Network Layer: Data Plane 4-55
NAT: network addresstranslationimplementation: NAT router must: outgoing datagrams: replace (source IP address, port #)of every outgoing datagram to (NAT IP address, newport #). . . remote clients/servers will respond using (NAT IPaddress, new port #) as destination addr remember (in NAT translation table) every (source IPaddress, port #) to (NAT IP address, new port #)translation pair incoming datagrams: replace (NAT IP address, new port#) in dest fields of every incoming datagram withcorresponding (source IP address, port #) stored in NATtableNetwork Layer: Data Plane 4-56
NAT: network addresstranslation2: NAT routerchanges datagramsource addr from10.0.0.1, 3345 to138.76.29.7, 5001,updates tableNAT translation tableWAN side addrLAN side addr1: host 10.0.0.1sends datagram to128.119.40.186, 80138.76.29.7, 5001 10.0.0.1, 3345 S: 10.0.0.1, 3345D: 128.119.40.186, 8012S: 138.76.29.7, 5001D: 128.119.40.186, 80138.76.29.7S: 128.119.40.186, 80D: 138.76.29.7, 500133: reply arrivesdest. address:138.76.29.7, 5001* Check out the online interactive exercises for moreexamples: http://gaia.cs.umass.edu/kurose ross/interactive/10.0.0.4S: 128.119.40.186, 80D: 10.0.0.1, 334510.0.0.110.0.0.2410.0.0.34: NAT routerchanges datagramdest addr from138.76.29.7, 5001 to 10.0.0.1, 3345Network Layer: Data Plane 4-57
NAT: network addresstranslation 16-bit port-number field: 60,000 simultaneous connections with asingle LAN-side address! NAT is controversial: routers should only process up to layer 3 address shortage should be solved by IPv6 violates end-to-end argument NAT possibility must be taken into account byapp designers, e.g., P2P applications NAT traversal: what if client wants toconnect to server behind NAT?Network Layer: Data Plane 4-58
Chapter 4: outline4.1 Overview of Networklayer data plane control plane4.2 What’s inside a router4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing network addresstranslation IPv64.4 Generalized Forwardand SDN match action OpenFlow examplesof match-plus-actionin actionNetwork Layer: Data Plane 4-59
IPv6: motivation initial motivation: 32-bit address space soon tobe completely allocated. additional motivation: header format helps speed processing/forwarding header changes to facilitate QoSIPv6 datagram format: fixed-length 40 byte header no fragmentation allowedNetwork Layer: Data Plane 4-60
IPv6 datagram formatpriority: identify priority among datagrams in flowflow Label: identify datagrams in same “flow.”(concept of“flow” not well defined).next header: identify upper layer protocol for dataverpriflow labelhop limitpayload lennext hdrsource address(128 bits)destination address(128 bits)data32 bitsNetwork Layer: Data Plane 4-61
Other changes from IPv4 checksum: removed entirely to reduceprocessing time at each hop options: allowed, but outside of header,indicated by “Next Header” field ICMPv6: new version of ICMP additional message types, e.g. “Packet Too Big” multicast group management functionsNetwork Layer: Data Plane 4-62
Transition from IPv4 to IPv6 not all routers can be upgraded simultaneously no “flag days” how will network operate with mixed IPv4 andIPv6 routers? tunneling: IPv6 datagram carried as payload inIPv4 datagram among IPv4 routersIPv4 header fieldsIPv4 source, dest addrIPv6 header fieldsIPv6 source dest addrIPv4 payloadUDP/TCP payloadIPv6 datagramIPv4 datagramNetwork Layer: Data Plane 4-63
TunnelingBIPv6IPv6ABCIPv6IPv6IPv4logical view:physical view:IPv4 tunnelconnecting IPv6 routersAEFIPv6IPv6DEFIPv4IPv6IPv6Network Layer: Data Plane 4-64
TunnelingIPv4 tunnelconnecting IPv6 routersABIPv6IPv6ABCIPv6IPv6IPv4logical view:physical view:flow: Xsrc: Adest: : Esrc:Bdest: EFlow: XSrc: ADest: FFlow: XSrc: ADest: FdatadataB-to-C:IPv6 insideIPv4flow: Xsrc: Adest: FdataE-to-F:B-to-C:IPv6IPv6 insideIPv4 Network Layer: Data Plane4-65
IPv6:adoption Google: 8% of clients access services via IPv6 NIST: 1/3 of all US government domains areIPv6 capable Long (long!) time for deployment, use 20 years and counting! think of application-level changes in last 20 years:WWW, Facebook, streaming media, Skype, Why?Network Layer: Data Plane 4-66
Chapter 4: outline4.1 Overview of Networklayer data plane control plane4.2 What’s inside a router4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing network addresstranslation IPv64.4 Generalized Forwardand SDN match action OpenFlow examplesof match-plus-actionin actionNetwork Layer: Data Plane 4-67
Generalized Forwarding andEach router contains a flow table that is computed andSDNdistributed by a logically centralized routing controllerlogically-centralized routing controllercontrol planedata planelocal flow tableheaders counters actions0100 110113 2values in arrivingpacket’s headerNetwork Layer: Data Plane 4-68
OpenFlow data plane abstraction flow: defined by header fields generalized forwarding: simple packet‐handling rules Pattern: match values in packet header fields Actions: for matched packet: drop, forward, modify, matchedpacket or send matched packet to controller Priority: disambiguate overlapping patterns Counters: #bytes and #packetsFlow table in a router (computed and distributed bycontroller) define router’s match action rulesNetwork Layer: Data Plane 4-69
OpenFlow data plane abstraction flow: defined by header fields generalized forwarding: simple packet‐handling rules Pattern: match values in packet header fields Actions: for matched packet: drop, forward, modify, matchedpacket or send matched packet to controller Priority: disambiguate overlapping patterns Counters: #bytes and #packets* : wildcard1. src 1.2.*.*, dest 3.4.5.* drop2. src *.*.*.*, dest 3.4.*.* forward(2)3. src 10.1.2.3, dest *.*.*.* send to controller
OpenFlow: Flow Table EntriesRuleActionStatsPacket byte counters1.2.3.4.5.Switch VLANPortIDForward packet to port(s)Encapsulate and forward to controllerDrop packetSend to normal processing pipelineModify FieldsMACsrcMACdstLink layerEthtypeIPSrcIPDstIPProtNetwork layerTCPsportTCPdportTransport layer
ExamplesDestination-based forwarding:Switch MACPort src**MAC Ethdsttype**Firewall:Switch MACPort src**MAC Ethdsttype*Switch MACPort src***IPDstIPProtTCPTCPActionsport dport*51.6.0.8**VLAN IPIDSrcIPDstIPProtTCPTCPForwardsport dport****IPDstIPProtTCPTCPForwardsport dport**port6IP datagrams destined to IP address51.6.0.8 should be forwarded to router outputport 6*22dropdo not forward (block) all datagrams destined to TCPport 22MAC Ethdsttype*VLAN IPIDSrc*VLAN IPIDSrc*128.119.1.1drop****do not forward (block)alldatagramssent by host128.119.1.1
ExamplesDestinat
Networking: A Top Down Approach A note on the use of these Powerpoint slides: We're making these slides freely available to all (faculty, students, readers). They're in PowerPoint form so you see the animations; and can add, modify, and delete slides (including this one) and slide content to suit your needs.
