Building an Internet Router 2018/6/10
Overview Introduction Requirements Implementing Details Coding Tips Reference
Introduction Implement a fully functional internet router. Route real packets. Virtual Network System (VNS) VNS server runs at Stanford VNS client connects to the server Each of you will be assigned a topology http://vns-1.stanford.edu. Login with username and password e-mailed to you Browse to the “Your Profile” page and click on the “Topologies” link. Click on README, then on routing table
How it really works … VR Client Socket 2. Virtual router “server” forwards packet to students “vr” client 3. Student’s client tells the server, which interface to route packet to Instructional machines PC Linux 1. Packet arrives destined for web server ‘C’. Firewall Campus Network “Virtual Router Server” Web/ftp servers
Requirement (1) Example : “ping” IP addresses of your router. The router is configured with 3 Ethernet interfaces, which are assigned different IP addresses. Example : eth0 171.67.71.25 eth1 171.67.71.26 eth2 171.67.71.28 $ ping 171.67.71.25 Functionality: The router responds correctly to ARP requests packet. The router responds correctly to ICMP echo requests packet.
Requirement (2) Example The router can successfully route packets to and from your application servers. Two application servers IP address of application server 1: IP address of eth1 + 1. IP address of application server 2: IP address of eth2 + 1. Example $ ping 171.67.71.27 http://171.67.71.27
Requirement (2) Functionality The router correctly sends ARP requests. The router correctly handles ARP replies. The router correctly forward packets to and from the application servers. The router maintains an ARP cache. Timeout; queue packet; ICMP host unreachable message for 5 ARP requests
Step 1: The stub code for the client is available in your project repository. It is also available at “http://yuba.stanford.edu/vns/assignments/simple-router/” The stub code handles all the required work for connecting and communicating with the VNS server. Compile the code using the Makefile. To execute the program: ./sr -s vns-1.stanford.edu -t 6854 -r rtable -v vrhost –l LOGFILE –u username –a authfilename “–t <topo-id>” is used to specify the topology id. “-s vns-1.stanford.edu ” or “-s vns-2.standford.edu” specifies the VNS server “-l <logfile>” is used for log packets. “-u <username>” is used to specify your username. “-a <authfilename>” is used to specify the path to the authentication key. “-r <rtable>” is used to specify the path to the routing table. DO NOT change the “DEFAULT_PORT” in “sr_main.c”, and compile code via make.
Step 1: (contd.) The routing table is stored in the file “rtable”. You can copy it from your Topology page. The routing table format: ip gateway mask interface Example: 171.67.241.139 171.67.241.139 255.255.255.255 eth1 171.67.241.141 171.67.241.141 255.255.255.255 eth2 0.0.0.0 171.24.74.17 0.0.0.0 eth0 To test if the stub code is actually receiving packets, try “ping <eth0>”. The sr should print out that it receives a packet.
Step 2 – Get a feel for how your router ought to behave. The router's interface addresses in topology 56: eth0 171.67.241.137 eth1 171.67.241.138 eth2 171.67.241.140 Two application servers with the following addresses: application server 1 171.67.241.139 application server 2 171.67.241.141 Try: Ping router’s addresses Traceroute router’s addresses Ping application servers Traceroute application servers Connect to application servers via Internet browser.
Step 3: requirement 1- Ping Ping program sends an ICMP echo request destined to your virtual router (R). It will be routed to a host or router (H) that is locally connected to your router (R). Host (H) must convert the 32-bit IP address of router (R) into a 48-bit Ethernet address. If host (H) can not find it in ARP cache, it will broadcast an ARP request to every host on the network. ARP request contains the IP address of your router (R) and request “who has this IP address, tell H”. Upon receiving this ARP request, your router (R) will reply with an ARP reply. This reply contains its IP address and the corresponding hardware address. When the host (H) receives the ARP reply, H will forward ICMP echo request to your router (R). Your router (R) responds with an ICMP echo reply to the host that is running ping program.
Step 4: requirement 2 – Routing When your router intercepts a packet that is destined to an application server. If TTL field = 0 or 1 – Discards it and send back an ICMP time exceed. If not, decrements the TTL field in the IP header and recalculate the checksum. Consults routing table and identifies the next hop. Looks up ARP cache for the hardware address belonging to the next hop. If can not find, broadcast ARP request, queue packet. Your application server responds with an ARP reply. Receiving the ARP reply – forward the queue packet, and cache the hardware address. No ARP reply for 5 ARP requests – send ICMP host unreachable to source.
Trouble compiling the code on Ubuntu: If you get the error: h_addr not a member of struct hostent In the file /usr/include/netdb.h: struct hostent { char *h_name; /* Official name of host. */ char **h_aliases; /* Alias list. */ int h_addrtype; /* Host address type. */ int h_length; /* Length of address. */ char **h_addr_list; /* List of addresses from name server. */ #if defined __USE_MISC || defined __USE_GNU #define h_addr h_addr_list[0] /* Address, for backward compatibility.*/ #endif }; Comment out the #if defined and #endif statements (highlighted in green) and re-compile the code. ( You may have to use "sudo" to edit the file.)
Some Coding Tips PLEASE START EARLY!!!! The usage of htons, ntohs, htonl, ntohl Log packets and viewing the logfile in tcpdump. For logging packets, when script invokes “sr” it uses the “-l” flag to create a file “LOGFILE” ./sr –t 56 -s vns-2.stanford.edu –l LOGFILE To view the logfile using tcpdump command, execute: prompt % sudo tcpdump –e –vvv –x –r LOGFILE You can also use Wireshark to monitor the incoming and outgoing packets
Coding Tips- checksum calculation IP checksum -- cover IP header ICMP checksum – (header and data) Compute the checksum Set checksum field to 0 --- 0100 F203 F4F5 F6F7 0000 Compute 16-bit one’s complement sum. 0100+F203+F4F5+F6F7+0000 = 0002 DEEF DEEF +0002 = DEF1 Store 16-bit one’s complement sum to check sum field. ~DEF1 = 210E 0100 F203 F4F5 F6F7 210E Verify the checksum. Compute the sum (including the checksum). 0100 F203 F4F5 F6F7 210E = 0002 FFFD 0002+FFFD = FFFF If the result is not all one bits, checksum error. discard packet.
Coding Tips For the stub code, sr_router.c/h - data structures and utility functions about the router. sr_if.c/h - data structures of the interfaces and utility functions for handling the interface list. sr_rt.c/h - data structures of the routing table and utility functions for handling the routing table. You might need to modify other files for bugfixes or generate your own files and update Makefile to support them.
Coding Tips Receiving a packet void sr_handlepacket(struct sr_instance *sr, uint8_t *packet, unsigned int len, char *interface) “packet” points to the packet with Ethernet header. Sending a packet to the network. int sr_send_packet(struct sr_instance *sr, uint8_t *buf, const char *iface)
Ethernet review
ARP review Hard type: 1 for Ethernet Protocol type: 0x0800 for IP Hard size: 6 Protocol size: 4 Op: 1 --- arp request 2 --- arp reply
IP header review
IP datagram review
ICMP message review Type Code Description Echo reply 8 Echo request 3 Echo reply 8 Echo request 3 1 Host unreachable Port unreachable 11 Time exceeded
Some References http://yuba.stanford.edu/vns/ It is highly recommended that you read the Frequently Asked Question in that web site. http://yuba.stanford.edu/vns/router_faq.html RFC 826 (ARP) http://www.faqs.org/rfcs/rfc826.html RFC 791 (IP) http://www.faqs.org/rfcs/rfc791.html RFC 792 (ICMP) http://www.faqs.org/rfcs/rfc792.html /usr/include/netinet/ip.h /usr/include/netinet/icmp.h /usr/include/netinet/arp.h /usr/include/netinet/udp.h http://www.netfor2.com/checksum.html for checksum calculation