Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Router Plugins system architecture

Published byYanti Santoso Modified over 5 years ago

Similar presentations

Presentation on theme: "The Router Plugins system architecture"— Presentation transcript:

1 The Router Plugins system architecture

2 Router Plugins Vocabulary
6-tuple: src_addr, dest_addr, protocol, interface, src_port, dst_port flow: IP packet stream that is identified by a specific 6-tuple flow table: cache of existing flow information loadable kernel module: executable code which can be dynamically loaded into the NetBSD kernel and subsequently executed. gate: spot in the NetBSD IP processing code where Router Plugin modules can be executed.

3 Router Plugins Vocabulary (continued)
plugin: A loadable kernel module (lkm) that can be associated with a Router Plugin gate. instance: An instantiation of a plugin. filter: A 6-tuple, possibly containing wildcards. filter table: For each gate, there may be a number of filters. The collection of these filters is a filter table. dag: Filter tables are implemented as a directed acyclic graph (dag).

4 Router Plugins Control Path
RSVP/Route Daemons Plugin Manager User Space Kernel set filters send messages to plugins Plugin Control Unit (PCU) Firewall IP Sec Packet Scheduling Association Identification Unit (AIU) (flow and filter tables) register with a filter

5 lookup filter settings for plugin type “Firewall”
Data Path Plugin Control Unit Association Identification Unit (AIU) Firewall IP Sec Packet Scheduling find plugin call plugin Which Plugin? return plugin to gate classify packet lookup filter settings for plugin type “Firewall” U Firewall IP Sec Packet Scheduling IP IP

6 U U U Data Path Plugin Control Unit Association Identification Unit
(AIU) Firewall IP Sec Packet Scheduling call plugin return plugin to gate which plugin? U U U IP IP Packet Scheduling Firewall IP Sec

7 U Data Path Plugin Control Unit Association Identification Unit (AIU)
Firewall IP Sec Packet Scheduling call plugin which plugin? return plugin to gate U Firewall IP Sec Packet Scheduling IP IP

8 AIU Implementation: DAG
Source Destination Protocol 1: 129.* TCP 2: UDP 3: TCP 4: * * UDP Source Address b e 1 a 129.* TCP d g 4 * UDP * c f 2 UDP Destination Address Protocol 3 TCP

9 AIU Implementation: Flow Table
Plugin Control Unit Filter Table b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * Firewall IP Sec Packet Scheduling Flow Table <,,,,,,> Classify U U U Packet Scheduling IP IP FTE Firewall IP Sec

10 AIU Implementation: Flow Table
Plugin Control Unit Filter Table b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * IP FTE b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * IP FTE IP FTE Firewall IP Sec Packet Scheduling Flow Table <,,,,,,> FW2 IPS3 PS1 U U U IP FTE IP FTE IP FTE Packet Scheduling IP FTE IP FTE Firewall IP Sec

11 AIU Implementation: Flow Table
Plugin Control Unit Filter Table b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * Firewall IP Sec Packet Scheduling Flow Table <,,,,,,> FW2 IPS3 PS1 Classify U U U Packet Scheduling IP IP FTE Firewall IP Sec

12 AIU Implementation: Flow Table
Plugin Control Unit Filter Table b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * IP FTE b e 1 a 129.* TCP c f 2 UDP 3 d g 4 * * IP FTE IP FTE Firewall IP Sec Packet Scheduling Flow Table <,,,,,,> FW2 IPS3 PS1 U U U IP FTE IP FTE IP FTE Packet Scheduling IP FTE IP FTE Firewall IP Sec

13 Router Plugins - The Control Path

14 Router Plugins - The Data Path

15 Crossbow library Plugin RSVP/SSP/Route daemons Manager Association
Identification Unit (AIU) RSVP/SSP/Route daemons Plugin Manager Plugin Control Unit (PCU) registers callback fct forwards messages instance sets filters message to plugins User Kernel IPv4/IPv6-core BMP1 BMP2 BMP3 BMP SEC1 SEC2 SEC3 IPSEC PS1 PS2 PS3 PS FW1 FW2 FW3 FW Crossbow Library Crossbow Socket

16 Review: Router Plugins Vocabulary
6-tuple: src_addr, dest_addr, protocol, interface, src_port, dst_port flow: IP packet stream that is identified by a specific 6-tuple flow table: cache of existing flow information loadable kernel module: executable code which can be dynamically loaded into the NetBSD kernel and subsequently executed. gate: spot in the NetBSD IP processing code where Router Plugin modules can be executed. dynamic gate: bind plugin instances to a filters (hence, different flows MAY cause execution of different instances or plugins?) static gate: bind plugin instances to gate (all flows execute same inst.) plugin: A loadable kernel module (lkm) that can be associated with a Router Plugin gate. instance: An instantiation of a plugin. filter: A 6-tuple, possibly containing wildcards. filter table: For each dynamic gate, there may be a number of filters. The collection of these filters is referred to as a filter table. dag: Filter tables are implemented as a directed acyclic graph (dag).

17 RP - additional facts Plugins create instances
Instances are addressable run-time configurations of plugins Every instance has a handle (16 bit number) System interfaces mainly with instances Plugins are addressable using 32 bit identifier (plugin code) Filters, Gates, and Instances are addressable using handles (16 or 32 bit numbers) Hybrid implementation of IPv4/v6 Crossbow <=> Router Plugins

Download ppt "The Router Plugins system architecture"

Similar presentations

Florida State UniversityCOP5570 - Advanced Unix Programming Raw Sockets Datalink Access Chapters 25, 26.

Florida State UniversityCOP Advanced Unix Programming Raw Sockets Datalink Access Chapters 25, 26.
1 Ports and IPv6. 2 Ports Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP), used for communication Generally speaking, a computer.

1 Ports and IPv6. 2 Ports Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP), used for communication Generally speaking, a computer.
OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.

OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.
Remote Procedure Call sockets TCP, UDP Internet Protocol (IP) Remote Procedure Call: hides communication details behind a procedure call and helps bridge.

Remote Procedure Call sockets TCP, UDP Internet Protocol (IP) Remote Procedure Call: hides communication details behind a procedure call and helps bridge.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Introduction to Networking. 2 Layered Architecture Web, e-mail, file transfer,... Reliable/ordered transmission, QOS, security, compression,... End-to-end.

Introduction to Networking. 2 Layered Architecture Web, , file transfer,... Reliable/ordered transmission, QOS, security, compression,... End-to-end.
A Comparative Study of Extensible Routers Yitzchak Gottlieb.

A Comparative Study of Extensible Routers Yitzchak Gottlieb.
The routing table Each node in the network has one or more interfaces with associated costs. The routing table tells IP packets which interface to use,

The routing table Each node in the network has one or more interfaces with associated costs. The routing table tells IP packets which interface to use,
Chapter 9 Classification And Forwarding. Outline.

Chapter 9 Classification And Forwarding. Outline.
© J. Liebeherr, All rights reserved 1 IP Multicasting.

© J. Liebeherr, All rights reserved 1 IP Multicasting.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
Implementation of Flow Management in MIPv6 Environment draft-soliman-monami6-flow-binding-03.txt Umar Toseef University of Bremen.

Implementation of Flow Management in MIPv6 Environment draft-soliman-monami6-flow-binding-03.txt Umar Toseef University of Bremen.
Small Form Computing A bump in the wire. The questions ● What can we do with an inexpensive small computer? ● Can we make it a part of a seamless wireless.

Small Form Computing A bump in the wire. The questions ● What can we do with an inexpensive small computer? ● Can we make it a part of a seamless wireless.
CCNA – Cisco Certified Network Associates Routing and Static Routes By Roshan Chaudhary Lecturer Islington College.

CCNA – Cisco Certified Network Associates Routing and Static Routes By Roshan Chaudhary Lecturer Islington College.
1 ELEN602 Lecture 2 Review of Last Lecture Layering.

1 ELEN602 Lecture 2 Review of Last Lecture Layering.
January 9, 2001 Router Plugins (Crossbow) 1 Washington WASHINGTON UNIVERSITY IN ST LOUIS NetBSD Kernel Topics: IP Processing mbuf structure Loadable Kernel.

January 9, 2001 Router Plugins (Crossbow) 1 Washington WASHINGTON UNIVERSITY IN ST LOUIS NetBSD Kernel Topics: IP Processing mbuf structure Loadable Kernel.
Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.

Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.
1 Chapter 1 OSI Architecture The OSI 7-layer Model OSI – Open Systems Interconnection.

1 Chapter 1 OSI Architecture The OSI 7-layer Model OSI – Open Systems Interconnection.
Module 12: Routing Fundamentals. Routing Overview Configuring Routing and Remote Access as a Router Quality of Service.

Module 12: Routing Fundamentals. Routing Overview Configuring Routing and Remote Access as a Router Quality of Service.

Similar presentations

Ads by Google