Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We’re making these slides freely available to all (faculty, students, readers). They’re in PowerPoint form so you see the animations; and can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: Computer Networking: A Top Down Approach If you use these slides (e.g., in a class) that you mention their source (after all, we’d like people to use our book!) If you post any slides on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material. Thanks and enjoy! JFK/KWR All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved 7th edition Jim Kurose, Keith Ross Pearson/Addison Wesley April 2016 Network Layer: Data Plane

Chapter 4: outline 4.1 Overview of Network layer data plane control plane 4.2 What’s inside a router 4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing IPv4 forwarding IPv6 Network Layer: Data Plane

Chapter 4: network layer chapter goals: understand principles behind network layer services, focusing on data plane: network layer service models forwarding versus routing how a router works generalized forwarding instantiation, implementation in the Internet Network Layer: Data Plane

Network layer transport segment from sending to receiving host application transport network data link physical transport segment from sending to receiving host on sending side encapsulates segments into datagrams on receiving side, delivers segments to transport layer network layer protocols in every host, router router examines header fields in all IP datagrams passing through it network data link physical application transport network data link physical Network Layer: Data Plane

Two key network-layer functions forwarding: move packets from router’s input to appropriate router output forwarding tables routing: determine route taken by packets from source to destination routing algorithms analogy: taking a trip forwarding: process of getting from source to destination – moving forward hop-by-hop routing: process of planning trip from source to destination – laying out the path hop-by-hop Network Layer: Data Plane

Network layer: data plane, control plane local, per-router function determines how datagram arriving on router input port is forwarded to router output port forwarding function Control plane network-wide logic determines how datagram is routed among routers along end-end path from source host to destination host two control-plane approaches: traditional routing algorithms: implemented in routers software-defined networking (SDN): implemented in (remote) servers 1 2 3 0111 values in arriving packet header Network Layer: Data Plane

Per-router control plane Individual routing algorithm components in each and every router interact/exchange information in the control plane Routing Algorithm data plane control values in arriving packet header 0111 1 2 3 Network Layer: Control Plane

Chapter 4: outline 4.1 Overview of Network layer data plane control plane 4.2 What’s inside a router 4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing IPv4 forwarding network address translation IPv6 Network Layer: Data Plane

The Internet network layer IP (Internet Protocol) is a Network Layer Protocol. IP’s current version is Version 4 (IPv4). It is specified in RFC 891.

IP: The waist of the hourglass IP is the waist of the hourglass of the Internet protocol architecture multiple higher-layer protocols multiple lower-layer protocols pnly one protocol at the network layer. Network Layer: Data Plane 4-17

The Internet network layer IP is the highest layer protocol which is implemented at both routers and hosts Network Layer: Data Plane 4-18

IP Service delivery service of IP is minimal IP provide provides an unreliable connectionless best effort service (also called: “datagram service”). unreliable: IP does not make an attempt to recover lost packets connectionless: Each packet (“datagram”) is handled independently. IP is not aware that packets between hosts may be sent in a logical sequence best effort: IP does not make guarantees on the service (no throughput guarantee, no delay guarantee,…) consequences: higher layer protocols have to deal with losses or with duplicate packets packets may be delivered out-of-sequence Network Layer: Data Plane 4-19

IP Functions host, router network layer functions: network layer transport layer: TCP, UDP IP protocol addressing conventions datagram format packet handling conventions routing protocols path selection RIP, OSPF, BGP network layer forwarding table ICMP protocol error reporting router “signaling” link layer physical layer Network Layer: Data Plane

32 bit destination IP address IP datagram format IP protocol version number ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier header checksum time to live 32 bit source IP address head. len type of service flgs fragment offset upper layer 32 bit destination IP address options (if any) total datagram length (bytes) header length (bytes) “type” of data for fragmentation/ reassembly max number remaining hops (decremented at each router) upper layer protocol to deliver payload to, e.g., TCP (6), UDP(17) e.g. timestamp, record route taken, specify list of routers to visit how much overhead? 20 bytes of TCP 20 bytes of IP = 40 bytes + app layer overhead Network Layer: Data Plane

Maximum Transmission Unit (MTU) maximum size of IP datagram is 65535 bytes, but the data link layer protocol generally imposes a limit that is much smaller for example: Ethernet frames have a maximum payload of 1500 bytes IP datagrams encapsulated in Ethernet frame cannot be longer than 1500 bytes the limit on the maximum IP datagram size, imposed by the data link protocol is called maximum transmission unit (MTU) examples of MTU sizes: Ethernet: 1500 FDDI: 4352 802.3: 1492 PPP: 296 Network Layer: Data Plane 4-22

IP fragmentation, reassembly network links have different MTU (frame) sizes - different link types  different MTUs large IP datagram divided (“fragmented”) within net to fit the MTU one datagram becomes several datagrams “reassembled” only at final destination IP header bits used to identify, order related fragments … fragmentation: in: one large datagram out: 3 smaller datagrams reassembly … Network Layer: Data Plane

Where is fragmentation done? fragmentation can be done at the sender or at intermediate routers the same datagram can be fragmented several times. reassembly of original datagram is only done at destination host. Network Layer: Data Plane 4-24

What’s involved in fragmentation? the following fields in the IP header are affected: Identification when a datagram is fragmented, the identification is the same in all fragments Flags DF bit is set: “=1” datagram cannot be fragmented and must be discarded if MTU is too small MF bit set: “more” bit - this datagram is part of a fragment and an additional fragment follows this one Fragment offset 13 bits - offset of the payload of the current fragment in the original datagram/8. why? Total length total length of the fragment Network Layer: Data Plane 4-25

IP fragmentation example: 4000 byte datagram MTU = 1500 bytes data = 1500-20 (IP header) = 1480bytes ID =x offset =0 fragflag length =4000 ID =x offset =0 fragflag =1 length =1500 =185 =370 =1040 one large datagram becomes several smaller datagrams 1480 bytes in data field offset = 1480/8 Network Layer: Data Plane

Example of fragmentation A datagram with size 2400 bytes must be fragmented to fit in an MTU of size 1000 bytes (IP header is 20bytes) First Fragment: MTU = 1000 Datagram = 2400 = 20 header + 2380 payload MTU can carry 1000 – 20 (Header) = 980 data bytes Fragments have to be multiple of 8 in size (213). So 980/8=122R4 Therefore carried payload will be 980-4=976 bytes The first fragment will be 20 (Header) + 976 data = 996 in length. Fragment offset will be 0 bytes. Data remaining to be transmitted = 2380 – 976. Offset of next datagram will be 976/8 = 122 Second Fragment: Data remaining to be carried: 2380 – 976 = 1404 > 980 --> 976 The second fragment will be 20 (Header) + 976 data = 996 in length. Fragment offset will be 122 bytes (size of 1st fragment payload). Offset of next datagram will be 122 + 976/8 = 244 Third Fragment: Data remaining to be transmitted = 2380 – 976 – 976 = 428 The 3rd fragment will be 20 (Header) + 428 data = 448 in length. Fragment offset will be 244 bytes (size of 1st + 2nd fragment payloads). Network Layer: Data Plane 4-27

Chapter 4: outline 4.1 Overview of Network layer data plane control plane 4.2 What’s inside a router 4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing and Subnets IPv4 forwarding ICMP Network Layer: Data Plane

Devices on same network IP address: network part - high order bits host part - low order bits what comprises a network ? device interfaces with same network part of IP address (network prefix) what does it mean? devices on same network can physically reach each other without help of a router (they can ARP each other) a router is needed to go from one network to another Net 223.1.1 Net 223.2.1 223.1.1.1 Router 223.1.1.2 223.1.2.1 223.1.1.4 223.1.2.9 223.1.2.2 223.1.1.3 223.1.3.27 Net 223.1.3 223.1.3.2 223.1.3.1 3 interconnected networks Network Layer: Data Plane

How many distinct networks? 223.1.1.1 223.1.1.3 223.1.1.4 223.1.2.2 223.1.2.1 223.1.2.6 223.1.3.2 223.1.3.1 223.1.3.27 223.1.1.2 223.1.7.0 223.1.7.1 223.1.8.0 223.1.8.1 223.1.9.1 223.1.9.2 Network Layer: Data Plane

Addressing in a large organization Campus Network 128.143.0.0 organizations have multiple departments departments want to manage their own networks allocate a network prefix/ID for each network? but organization has one network prefix solution: introduce a hierarchy to the IP addressing structure only visible within the organization Engineering School Medical School Library Subnetting

Basic Idea of Subnetting cannot touch the network prefix – assigned globally host number assigned locally split the host number portion of an IP address into a subnet number and a (smaller) host number result is a 3-layer hierarchy network prefix host number network prefix subnet number host number extended network prefix subnets can be freely assigned within the organization internally, subnets are treated as separate networks subnet structure is not visible outside the organization

Subnetting Example (or subnet prefix) = 24

Subnetting & extended mask/prefix subnetting is done by allocating some of the leading bits of the host number to indicate a subnet number With subnetting, the network prefix and the subnet number make up an extended network prefix The extended prefix can be expressed in terms of a subnetmask or, by adding the length of the extended netmask after the IP address in the illustrated example, the first byte of the host number (the third byte of the IP address) is used to denote the subnet number. 128.143.0.0/16 is the network address (network prefix /16), 128.143.137.0/24 is the subnet prefix of the subnet, 128.143.137.144/32 is the IP address of the host, and 255.255.255.0 is the subnetmask of the subnet  subnet prefix = 16+8 = 24  /24  24 1’s.

Subnets one large network: each isolated network is called a subnet 223.1.0.0 223.1.1.0/24 223.1.2.0/24 223.1.3.0/24 223.1.1.1 223.1.1.3 223.1.1.4 223.1.2.9 223.1.3.2 223.1.3.1 subnet 223.1.1.2 223.1.3.27 223.1.2.2 223.1.2.1 one large network: 223.1.0.0/16 comprised of 3 subnets interconnected via a router each isolated network is called a subnet 223.1.1.0/24 223.1.2.0/24 223.1.3.0/24 subnet mask: /24 Network Layer: Data Plane

Advantages of Subnetting with subnetting, IP addresses use a 3-layer hierarchy: network subnet host improves efficiency of IP addresses by not consuming an entire address space for each physical network reduces router complexity. Since external routers do not know about subnetting, the complexity of routing tables at external routers is reduced note: length of the subnet mask need not be identical for all subnetworks within a campus network

An example of subnetting given a campus network prefix of 125.36.0.0/16 create subnets that can accommodate maximum of 250 hosts each network prefix 125.36  cannot be touched - assigned 0.0  (subnet + host bits) –> 8 + 8 = 16 bits 250 hosts require “x” bits for host addressing 2x > 250, what is x? 27 = 128, 28 = 256  x=8 right most bits of IP address, that are not part of prefix, are host bits subnet address space = prefix – allocated host bits = 16 – x x = 8 here, therefore no. of bits available for subnets = 16 – 8 = 8 8 bits left for subnetting, e.g. --> 28=256 subnets subnet address: {0,1, 2, 3, 4….255}

An example of subnetting given a campus network prefix of 125.36.0.0/16 create 5 subnets that can accommodate a minimum of 250 hosts each 125.36  cannot be touched - assigned 0.0  (subnet + host bits) –> 8 + 8 = 16 bits 250 hosts require “x” bits for host addressing 2x > 250, what is x? 27 = 128, 28 = 256  x=8 right most bits in IP address are host bits subnet address space = 16 – x x = 8, the minimum no. of bits we need for host addressing therefore no. of bits available for subnets = 16 – 8 = 8 need 5 subnets  23 = 8  3 bits, leaves 8-3 = 5bits subnet addresses: {0,1, 2, 3, 4, 5, 6, 7}, and host address space = x+5=13bits

Resulting Subnet Numbers 5 bits --> 23=8 subnets subnet address: {0,1, 2, 3, 4,….7} 125.36.0.0 campus network 5 subnets  1, 2, 3, 4, 5 xxxxxxxx.xxxxxxxx  xxx – {1,2,...5} subnet prefixes: 125.36.00100000.00000000  125.36.32.0/19 125.36.01000000.00000000  125.36.64.0/19 125.36.01100000.00000000  125.36.96.0/19 125.36.10000000.00000000  125.36.128.0/19 125.36.10100000.00000000  125.36.160.0/19

Another example given a campus network prefix of 125.36.0.0/16 create 10 subnets that can accommodate at least 1200 hosts each? 125.36  cannot be touched - assigned 0.0  (subnet + host bits) –> 8 + 8 = 16 bits 1200 hosts require “x” bits for host addressing 2x > 1200, what is x? 210 = 1024, 211 = 2048  x=11 right most bits in IP address are host bits subnet address space = 16 – x x = 11, the minimum no. of bits we need for host addressing therefore no. of bits available for subnets = 16 – 11 = 5 need 10 subnets  24 = 16  4 bits, leaves 5-4 = 1bits subnet addresses: {0,1, 2, ……, 15}, and host address space = x+1=12bits

Resulting Subnet Numbers 4 bits --> 24=16 subnets subnet address: {0,1, 2,….., 15} 125.36.0.0 campus network 10 subnets  0, 1, 2, 3, 4, 5……,9 xxxxxxxx.xxxxxxxx  xxxx – {0,1,2,3,...9} subnet prefixes: 125.36.00000000.00000000  125.36.0.0/20 125.36.00010000.00000000  125.36.16.0/20 125.36.00100000.00000000  125.36.32.0/20 125.36.00110000.00000000  125.36.48.0/20 125.36.10010000.00000000  125.36.144.0/20

Another example in previous example, 2 subnets are subnetted further into 3 subnets, each to accommodate max. 510 hosts each. show the resulting network subnet numbers subnet nos {0,1,…9}  {0000, 0001, 0010,…. 1001} lets use subnets 2 = 0000 and 1 = 0001 510 hosts --> 29 = 512 we need to allocate 9 bits for host addresses, we have 4+8 = 12bits, so we have 3 extra bits 9 = x.xxxxxxxx, 12 = xxxx.xxxxxxxx Subnets 125.36.0000xxxx.xxxxxxxx, 125.36.0001xxxx.xxxxxxxx 3 subnets  22 = 4, xx  00, 01, 10, 11  4 subnets, we only need 3 01, 10, 11 subnet numbers now are: 0000xx, 0001xx 000001, 000010, 000011  4, 8, 12 000101, 000110, 000111  20, 24, 28

Network without subnets 128.143.0.0/16

Same network with subnets

Same network with more subnetmasks 128.143.137.0/24 Subnet

Example of a subnetting plan Internet Subnet 2 128.49.2.0/24 Subnet 2 0=00000000 Subnet 4 128.49.1.0/25 Subnet 4 Router R Subnet 5 128.49.1.128/25 Subnet 5 128=10000000 Subnet 1: 128.49.1.0/24 Subnet 3 Subnet 3 128.49.3.0/24 2 bytes available for subnetting IP Network: 128.49.0.0/16

Final subnetting example an organization with 4 departments has the following IP address space: 10.2.22.0/23. As the systems manager, you are required to create subnets to accommodate the IT needs of 4 departments. The subnets have to support upto 200, 61, 55, and 41 hosts respectively. What are the 4 subnet network numbers? solution: 10.2.22.0/24 (256 addresses > 200) 10.2.23.0/26 (64 addresses >61) 10.2.23.64/26 (64 addresses > 55) 10.2.23.128/26 (64 addresses > 41)

CIDR - Classless InterDomain Routing builds on the flexible netmask concept restructure IP address assignments to increase efficiency hierarchical routing aggregation to minimize route table entries Key Concept: the length of the network id (prefix) in IP addresses is arbitrary/flexible and is defined by the network hierarchy. consequence: routers use the IP address and the length of the prefix for forwarding. all advertised IP addresses must include a prefix

IP addressing and CIDR subnet portion of address is of arbitrary length address format used: a.b.c.d/x, where x is # bits in subnet portion of address subnet part host part 11001000 00010111 00010000 00000000 200.23.16.0/23 Network Layer: Data Plane

CIDR Example assume that a site requires an IP network domain that can support 1000 IP host addresses with CIDR, the network is assigned a continuous block of: 1024 = 210 (>1000) addresses with a 32-10 = 22-bit long prefix

CIDR: prefix value vs. host space CIDR Block Prefix # of Host Addresses /27 32 hosts /26 64 hosts /25 128 hosts /24 256 hosts /23 512 hosts /22 1,024 hosts /21 2,048 hosts /20 4,096 hosts /19 8,192 hosts /18 16,384 hosts /17 32,768 hosts /16 65,536 hosts /15 131,072 hosts /14 262,144 hosts /13 524,288 hosts

IP Device/Host address: how to get one? Q: How does a router get IP address? hard coded by system admin every interface/port is assigned a unique IP address reflecting network assignment Q: How does a host get IP address? hard-coded by system admin in a file Windows: control-panel->network->configuration->tcp/ip->properties UNIX: /etc/rc.config DHCP: Dynamic Host Configuration Protocol: dynamically get address from as server “plug-and-play” 223.1.1.4 223.1.2.9 223.1.3.2 223.1.1.0 223.1.2.0 223.1.3.0 Network Layer: Data Plane

IP Network address: how to get one? Q: how does an organization get an IP network address space, i.e., a portion of an IP network space  subnet part of an IP network address A: gets allocated a portion of its provider ISP’s address space: e.g., 3 bits allocated to subnet, leaving 9bits for host addressing ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20 Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23 Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23 Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23 ... ….. …. …. Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23 Network Layer: Data Plane

CIDR and IP Network addresses Backbone ISPs obtain large blocks of IP address space and then reallocate portions of their address blocks to their customers. example: assume that an ISP owns the address block 206.0.64.0/18, which represents 16,384 (232-18=214) IP host addresses suppose a client requires 800 host addresses 512=29<800<1024=210 -> 32-10 = 22, Assigning a /22 block, i.e., 206.0.68.0/22 -> gives a block of 1,024 (210) IP addresses to client.

IP addressing: the last word... Q: how does an ISP get a block of addresses? A: ICANN: Internet Corporation for Assigned Names and Numbers http://www.icann.org/ allocates addresses manages DNS assigns domain names, resolves disputes Network Layer: Data Plane

Chapter 4: outline 4.1 Overview of Network layer data plane control plane 4.2 What’s inside a router 4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing IPv4 forwarding Internet Control Messaging Protocol (ICMP) Network Layer: Data Plane

IP Forwarding in a network: process of getting from source to destination – moving forward hop-by-hop in a router: move packets from router’s input to appropriate router output Network Layer

Hop-by-Hop Delivery of a datagram view at the IP layer: an IP network is a logical entity with a network (subnet) number we represent an IP network as a “cloud” IP delivery service is hop-by-hop across clouds of networks/subnets IP

Under the Hood view at the data link layer layer: IP the clouds consist of collection of LANs, switched LANs, point-to-point links, that are connected by routers IP

Input Port to Output Port lookup, forwarding queueing line termination link layer protocol (receive) switch fabric physical layer: bit-level reception decentralized switching: using header field values, lookup output port using forwarding table in input port memory (“match plus action”) destination-based forwarding: forward based only on destination IP address (traditional) data link layer: e.g., Ethernet Network Layer: Data Plane

Tenets of end-to-end delivery of datagrams The following conditions must hold so that an IP datagram can be successfully delivered The network prefix of an IP destination address must correspond to a unique network interface – i.e., a data link layer network (LAN or point-to-point link or switched network). Routers and hosts that have a common network prefix must be able to exchange IP datagrams using a data link protocol (e.g., Ethernet, PPP). An IP network is formed when a data link layer network is connected to at least one other data link layer network via a router. Each router interface is an IP network.

Processing of an IP datagram in IP processing of IP datagrams is very similar on an IP router and a host main difference: “IP forwarding” is enabled on router and disabled on host IP forwarding enabled  if a datagram is received, but it is not for the local system, the datagram will be sent to a different system IP forwarding disabled  if a datagram is received, but it is not for the local system, the datagram will be discarded

Processing of IP datagram at a router Receive an IP datagram IP header validation Process options in IP header Parsing the destination IP address Routing table lookup Decrement TTL Perform fragmentation (if necessary) Calculate checksum Transmit to next hop Send ICMP packet (if necessary)

Forwarding tables Each router and each host keeps a routing table which tells the router how to process an outgoing packet Main columns: Destination address: where is the IP datagram going to? Next hop or interface: how to send the IP datagram? Routing tables are setup so that a datagram gets closer to its destination with every hop Routing table of a host or router IP datagrams can be directly delivered (“direct”) or are sent to a next hop router (“R4”). Entry in table will give IP address of the router’s interface over a network that you both have in common Destination Next Hop 20.2.1.0/28 10.1.0.0/24 10.1.2.0/24 10.2.1.0/24 10.3.1.0/24 20.1.0.0/16 direct R2 R4 direct direct R1

Types of forwarding table entries Network route (prefix 1-31) Destination addresses is a network address (e.g., 10.0.2.0/24) Most entries are network routes Host route (prefix 32) Destination address is an interface address (e.g., 10.0.1.2/32) Used to specify a separate route for certain hosts Default route (prefix 0) Used when no network or host route matches The router that is listed as the next hop of the default route is the default gateway (for Cisco: “gateway of last resort) Loopback address (prefix 8) Routing table for the loopback address (127.0.0.1) The next hop lists the loopback (lo0) interface as outgoing interface

Forwarding table lookup Destination address Next hop network prefix (/1-31) or host IP address (/32) loopback address (/8) default route (/0) IP address of next hop router* Name of a network interface When a router or host needs to transmit an IP datagram, it performs a routing table lookup Routing table lookup: Use the IP destination address as a key to search the routing table. Result of the lookup is the IP address of a next hop router, or the name of a network interface * Note: A router has many IP addresses. The IP address in the routing table refers to the address of the network interface of next hop router on the same directly connected network.

Typical Forwarding Table at: Host Destination Gateway Genmask Flags Iface 10.0.96.100 10.0.160.1 255.255.255.255 UGH eth0 10.0.32.0 10.0.192.2 255.255.224.0 UG eth1 10.0.96.0 10.0.160.1 255.255.224.0 UG eth0 10.0.64.0 10.0.192.1 255.255.224.0 UG eth1 10.0.160.0 *(direct) 255.255.224.0 U eth0 10.0.192.0 *(direct) 255.255.224.0 U eth1 127.0.0.1 * 255.0.0.0 U lo 0.0.0.0(default) 10.0.160.2 0.0.0.0 UG eth0 Router Prefix /32 /19 /8 /0

Longest Prefix Match 128.143.71.21 Longest Prefix Match: Search for the routing table entry that has the longest prefix match with the destination IP address. WHY? The longer the prefix the closer you are to destination…. Search for a match on all 32 bits Search for a match for 31 bits ….. 32. Search for a match on 0 bits Host route  32-bit prefix match Default route is represented as 0.0.0.0/0  0-bit prefix match The longest prefix match for 128.143.71.21 is for 20 bits with entry 128.143.64.0/20 Datagram will be sent to R4 Matches but prefix 16 < 20

Forwarding to a an interface 20.2.1.0 R4 128.5.2.1 10.4.2.0 IP Dest: 10.2.1.55 ? ? 10.4.2.2 136.4.33.2 eth0 Datagram ser0 10.3.1.0 eth2 ? eth1 ? 10.2.1.0 Destination Next Hop 20.2.1.0/28 10.4.2.0/24 10.1.2.0/24 10.2.1.0/24 10.3.1.0/24 20.1.0.0/16 eth0 ser0 R4 eth1 eth2 R4 10.2.1.55/28 = 20.2.1.0 10.2.1.55/24 = 10.4.2.0 10.2.1.55/24 = 10.1.2.0 10.2.1.55/24=10.2.1.0

Forwarding to a Router as next hop 10.1.2.0 20.2.1.0 10.1.2.1 R4 128.5.2.1 10.4.2.0 IP Dest: 10.1.2.65 ? ? 10.4.2.2 136.4.33.2 eth0 Datagram ser0 10.3.1.0 ? eth2 eth1 ? 10.2.1.0 Destination Next Hop 20.2.1.0/28 10.4.2.0/24 10.1.2.0/24 10.2.1.0/24 10.3.1.0/24 20.1.0.0/16 eth0 ser0 R4(10.4.2.2) eth1 eth2 R4 10.1.2.65/28 = 20.2.1.0 10.1.2.65/24 = 10.4.2.0 10.1.2.65/24 = 10.1.2.0 Route to R4 – IP address 10.4.2.2 10.4.2.2/28 = 20.2.1.0 10.4.2.2/24 = 10.4.2.0 74

Constructing a Network Topology from a Host’s Forwading Table Destination Router/ Interface 10.0.96.100/32 10.0.160.1 (R1) 10.0.32.0/19 10.0.192.2 (R2) 10.0.96.0/19 10.0.64.0/19 10.0.192.1 (R3) 10.0.160.0/19 eth0 10.0.192.0/19 eth1 127.0.0.0/8 lo 0.0.0.0 10.0.160.2 (R4) 10.32.0.0/19 R3 10.0.64.0/24 R2 10.0.192.0/19 All other destinations eth1 R4 eth0 10.0.160.0/19 10.0.96.100/24 R1 10.0.96.0/24

GNS3 Example

Forwarding Table and Routing Cache every router has a routing table from routing table a forwarding table is created once a destination has been looked up in the forwarding table, it is placed in a route Network Layer

Forwarding Table & Cache on R1

Path Aggregation Longest prefix match algorithm permits the aggregation of prefixes with identical next hop address to a single entry This contributes significantly to reducing the size of routing tables of Internet routers 20.2.0.0/16 -> 20.00000010.0.0 20.1.1.0/28 -> 20.0000000100000001.00000000 8+6=14 Destination Next Hop 10.1.0.0/24 10.1.2.0/24 10.2.1.0/24 10.3.1.0/24 20.2.0.0/16 20.1.1.0/28 R3 direct direct R3 R2 R2 Destination Next Hop 10.1.0.0/24 10.1.2.0/24 10.2.1.0/24 10.3.1.0/24 20.0.0.0/14 R3 direct direct R3 R2

Addressing: routing to another LAN walkthrough: send datagram from A to B via R focus on addressing – at IP (datagram) and MAC layer (frame) assume A knows B’s IP address assume A knows IP address of first hop router, R (routing table) assume A knows R’s MAC address (ARP) R 1A-23-F9-CD-06-9B 222.222.222.220 111.111.111.110 E6-E9-00-17-BB-4B CC-49-DE-D0-AB-7D 111.111.111.112 111.111.111.111 74-29-9C-E8-FF-55 A 222.222.222.222 49-BD-D2-C7-56-2A 222.222.222.221 88-B2-2F-54-1A-0F B

Addressing: routing to another LAN A creates IP datagram with IP source A, destination B A creates link-layer frame with R's MAC address as dest, frame contains A-to-B IP datagram MAC src: 74-29-9C-E8-FF-55 MAC dest: E6-E9-00-17-BB-4B IP Eth Phy IP src: 111.111.111.111 IP dest: 222.222.222.222 R 1A-23-F9-CD-06-9B 222.222.222.220 111.111.111.110 E6-E9-00-17-BB-4B CC-49-DE-D0-AB-7D 111.111.111.112 111.111.111.111 74-29-9C-E8-FF-55 A 222.222.222.222 49-BD-D2-C7-56-2A 222.222.222.221 88-B2-2F-54-1A-0F B

Addressing: routing to another LAN frame sent from A to R frame received at R, datagram extracted, passed up to IP MAC src: 74-29-9C-E8-FF-55 MAC dest: E6-E9-00-17-BB-4B IP src: 111.111.111.111 IP dest: 222.222.222.222 IP src: 111.111.111.111 IP dest: 222.222.222.222 IP Eth Phy IP Eth Phy R 1A-23-F9-CD-06-9B 222.222.222.220 111.111.111.110 E6-E9-00-17-BB-4B CC-49-DE-D0-AB-7D 111.111.111.112 111.111.111.111 74-29-9C-E8-FF-55 A 222.222.222.222 49-BD-D2-C7-56-2A 222.222.222.221 88-B2-2F-54-1A-0F B

Addressing: routing to another LAN R forwards datagram with IP source A, destination B R creates link-layer frame with B's MAC address as dest, frame contains A-to-B IP datagram MAC src: 1A-23-F9-CD-06-9B MAC dest: 49-BD-D2-C7-56-2A IP Eth Phy IP src: 111.111.111.111 IP dest: 222.222.222.222 IP Eth Phy R 1A-23-F9-CD-06-9B 222.222.222.220 111.111.111.110 E6-E9-00-17-BB-4B CC-49-DE-D0-AB-7D 111.111.111.112 111.111.111.111 74-29-9C-E8-FF-55 A 222.222.222.222 49-BD-D2-C7-56-2A 222.222.222.221 88-B2-2F-54-1A-0F B

Addressing: routing to another LAN R forwards datagram with IP source A, destination B R creates link-layer frame with B's MAC address as dest, frame contains A-to-B IP datagram IP src: 111.111.111.111 IP dest: 222.222.222.222 MAC src: 1A-23-F9-CD-06-9B MAC dest: 49-BD-D2-C7-56-2A IP Eth Phy IP Eth Phy R 1A-23-F9-CD-06-9B 222.222.222.220 111.111.111.110 E6-E9-00-17-BB-4B CC-49-DE-D0-AB-7D 111.111.111.112 111.111.111.111 74-29-9C-E8-FF-55 A 222.222.222.222 49-BD-D2-C7-56-2A 222.222.222.221 88-B2-2F-54-1A-0F B

Addressing: routing to another LAN R forwards datagram with IP source A, destination B R creates link-layer frame with B's MAC address as dest, frame contains A-to-B IP datagram MAC src: 1A-23-F9-CD-06-9B MAC dest: 49-BD-D2-C7-56-2A IP src: 111.111.111.111 IP dest: 222.222.222.222 IP Eth Phy B A R 111.111.111.111 222.222.222.222 49-BD-D2-C7-56-2A 74-29-9C-E8-FF-55 222.222.222.220 1A-23-F9-CD-06-9B 111.111.111.110 E6-E9-00-17-BB-4B 111.111.111.112 222.222.222.221 CC-49-DE-D0-AB-7D 88-B2-2F-54-1A-0F

ARP for a device not in local network Argon want to send data to Neon Argon realizes that it needs to use router to reach Neon as the two hosts are on different local networks. Argon sends an ARP Request to the router for MAC address on the common network. Router137 sends ARP Response to Argon with MAC address of its NIC on the common network. 128.143.137.1/24 128.143.71.21/24 128.143.137.144/24 128.143.137.0/24 128.143.137.1? Router IP Address 128.143.137.1 is Router MAC address

What happens when a host has a larger view of network? 223.1.1.2/24 223.1.1.3/24 223.1.1.4/24 223.1.2.9/24 223.1.2.2/24 223.1.2.1/24 223.1.3.2/24 PC2: 223.1.3.1/24 223.1.3.27/24 223.1.1.0/24 223.1.2.0/24 223.1.3.0/24 Router 223.1.0.0/16 larger means shorter prefix, i.e., does not see the local subnets here, Host thinks that all PCs with 223.1.0.0 prefix are in its local subnet and it will not ask the local (default router) to forward the datagram to any of the PCs Host: 223.1.1.1/16 = PC2: 223.1.3.1/16 = 223.1.0.0 Host thinks PC2 is on same network what will Host do when it wants to reach PC2? Network Layer

Proxy ARP To reach PC2: Host will do a local ARP for PC2 router intervenes - will notice that Host is looking for a remote host PC2 (/24) and it will respond with its own hardware address, then forward packet we call this Proxy ARP, the router masquerades as the remote PC (PC2) for Host only works when the router is directly connected via anyone of its interfaces to both devices - Host and PC2 in this case Network Layer

Example X Host: Datagram for PC2 Host: ARP Request for PC2 223.1.0.0/16 223.1.2.1/24 Router 223.1.1.2/24 223.1.1.4/24 223.1.2.9/24 223.1.2.0/24 223.1.1.0/24 R: ARP Reply to PC1 223.1.1.3/24 Router R 223.1.3.27/24 223.1.2.2/24 R: ARP Request for PC2 R: Datagram from PC1 for PC2 223.1.3.0/24 X 223.1.3.2/24 PC2: 223.1.3.1/24 PC2: ARP Reply to R PC2 PC2 Network Layer

Summary: Proxy Arp allows devices on two different IP subnetworks to share a single IP network prefix Source believes destination is on same IP network must configure router to respond to ARP broadcast requests for destinations on different connected subnet router masquerades as destination for ARP request sent by source on a subnet the two devices are unaware that they are on different subnets, subnet mask indicates that they have the same network prefix. masquerades: router responds to broadcast ARP Request from source host that arrives on one of its connected networks for a destination host that is on one of its other connected networks.

Previous example with Argon /16 network prefix Host Argon believes Neon is on the same IP network because of its ”prefix” /16 Argon sees it is on IP network 128.143.0.0. When applying prefix /16 to Neon’s IP address 128.143.71.21 --> 128.143.0.0, which is the same as its own. so it sends a broadcast ARP request for Neon Router sees the broadcast ARP Request from host Argon that arrives on one of its connected networks for host Neon that is on one of its other connected networks Router responds with its MAC address and then transfers the datagram to the next segment Router will ARP for Neon’s MAC address to forward the datagram 128.143.137.1/24 128.143.71.21/24 128.143.137.0/24 Neon IP Address Router MAC address

ARP Cache in two ARP Examples Non Proxy ARP – Argon /24: Argon’s ARP cache – has IP address of Router (128.143.137.1) at 00:e0:f9:23:a8:20 [ether] on eth0 Proxy ARP – Argon /16: Argon’s ARP cache – has IP address of Neon (128.143.71.21) at 00:e0:f9:23:a8:20 [ether] on eth0

Chapter 4: outline 4.1 Overview of Network layer data plane control plane 4.2 What’s inside a router 4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing IPv4 forwarding Internet Control Messaging Protocol (ICMP) Network Layer: Data Plane

ICMP: internet control message protocol used by hosts & routers to communicate network-level information error reporting: unreachable host, network, port, protocol – original (errored) datagram discarded after ICMP error message created with error info that is sent back to source queries: echo request/reply (used by ping), timestamps, router advertisements network-layer “above” IP: ICMP msgs carried/transported in IP datagrams Network Layer: Control Plane

ICMP: internet control message protocol Type Code description 0 0 echo reply (ping) 3 0 dest. network unreachable 3 1 dest host unreachable 3 2 dest protocol unreachable 3 3 dest port unreachable . . . 3 6 dest network unknown 3 7 dest host unknown 4 0 source quench (congestion control - not used) 8 0 echo request (ping) 9 0 router advertisement 10 0 router discovery 11 0 TTL expired 12 0 bad IP header ICMP message: type, code, checksum, plus IP header of mgsg causing error and first 8 bytes of the IP datagram. Why? 4 byte header: Type (1 byte): type of ICMP message Code (1 byte): subtype of ICMP message Checksum (2 bytes): similar to IP header checksum. Checksum is calculated over entire ICMP message If there is no additional data, there are 4 bytes set to zero.  each ICMP messages is at least 8 bytes long Network Layer

Ping and ICMP PC% ping IPAddr PC calculates the RTT and displays on screen PC also keeps statistics on number of transmitted requests and received replies ICMP Echo Request ICMP Echo Reply Network Layer

Traceroute and ICMP source sends series of UDP segments (56bytes) to destination first set (3) has TTL =1 second set has TTL=2, etc. … and finally unlikely (nonexistent) port number when datagram in nth set arrives to nth router: router discards datagram and sends to source ICMP message (type 11, code 0) ICMP message includes name of router & IP address (of incoming port) when ICMP message arrives, source records RTTs stopping criteria: UDP segment eventually arrives at destination host destination returns ICMP “port unreachable” message (type 3, code 3) source stops 3 probes Network Layer: Control Plane

Example of Traceroute output traceroute: gaia.cs.umass.edu to www.eurecom.fr 3 delay measurements from gaia.cs.umass.edu to cs-gw.cs.umass.edu 1 cs-gw (128.119.240.254) 1 ms 1 ms 2 ms 2 border1-rt-fa5-1-0.gw.umass.edu (128.119.3.145) 1 ms 1 ms 2 ms 3 cht-vbns.gw.umass.edu (128.119.3.130) 6 ms 5 ms 5 ms 4 jn1-at1-0-0-19.wor.vbns.net (204.147.132.129) 16 ms 11 ms 13 ms 5 jn1-so7-0-0-0.wae.vbns.net (204.147.136.136) 21 ms 18 ms 18 ms 6 abilene-vbns.abilene.ucaid.edu (198.32.11.9) 22 ms 18 ms 22 ms 7 nycm-wash.abilene.ucaid.edu (198.32.8.46) 22 ms 22 ms 22 ms 8 62.40.103.253 (62.40.103.253) 104 ms 109 ms 106 ms 9 de2-1.de1.de.geant.net (62.40.96.129) 109 ms 102 ms 104 ms 10 de.fr1.fr.geant.net (62.40.96.50) 113 ms 121 ms 114 ms 11 renater-gw.fr1.fr.geant.net (62.40.103.54) 112 ms 114 ms 112 ms 12 nio-n2.cssi.renater.fr (193.51.206.13) 111 ms 114 ms 116 ms 13 nice.cssi.renater.fr (195.220.98.102) 123 ms 125 ms 124 ms 14 r3t2-nice.cssi.renater.fr (195.220.98.110) 126 ms 126 ms 124 ms 15 eurecom-valbonne.r3t2.ft.net (193.48.50.54) 135 ms 128 ms 133 ms 16 194.214.211.25 (194.214.211.25) 126 ms 128 ms 126 ms 17 * * * 18 * * * 19 fantasia.eurecom.fr (193.55.113.142) 132 ms 128 ms 136 ms trans-oceanic link The source host will send out another ICMP request with higher TTL, it tries that several times till it gets a response or a destination unreachable error. If TTL exceeds max, it stops and ends the quest. * means no response (probe lost, router not replying) * Do some traceroutes from exotic countries at www.traceroute.org Introduction

Routing table manipulations with ICMP when a router detects that an IP datagram should have gone to a different router, the router (here R2) forwards the IP datagram to the correct router sends an ICMP redirect message to the host host uses ICMP message to update its forwarding cache not its forwarding table!!! R1

ICMP Router Solicitation ICMP Router Advertisement after starting up, a router broadcasts an ICMP router solicitation. in response, routers send an ICMP router advertisement message also, routers periodically broadcast ICMP router advertisement has nothing to do with routing protocols -> this is sometimes called the Router Discovery Protocol