1. Network Layer7-1 2010 session 1 TELE3118: Network Technologies Week 7: Network Layer Routing Protocols Some slides have been taken from: r Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross. Addison-Wesley, July 2004. All material copyright 1997-2004. J.F Kurose and K.W. Ross, All Rights Reserved.

2. Network Layer7-2 IP routing 0.0.0.00192.168.1.1 10.0.0.08172.20.4.1 200.23.16.020199.31.18.4 200.23.18.023172.20.4.1 10.20.0.024199.31.18.4 192.168.1.024L192.168.1.18 172.20.4.024L172.20.4.253 199.31.18.024L199.31.18.52 destination mask local next-hop LAN interfaces 172.20.4.253/24 192.168.1.18/24 199.31.18.52/24 How is the routing table constructed? r Static (manual) r Dynamic (routing protocol)

3. Network Layer7-3 The Internet Network layer Note on terminology: r “routing” vs. “forwarding” r “routing table” vs. “forwarding table” forwarding table Routing protocols path selection RIP, OSPF, BGP IP protocol addressing conventions datagram format packet handling conventions ICMP protocol error reporting router “signaling” Transport layer: TCP, UDP Link layer physical layer Network layer

4. Network Layer7-4 1 2 3 0111 value in arriving packet’s header routing algorithm local forwarding table header value output link 0100 0101 0111 1001 32213221 “routing” and “forwarding” tables

5. Network Layer7-5 Routing: abstract model Graph abstraction for routing algorithms: r graph nodes are routers r graph edges are physical links m link cost: delay, $ cost, or congestion level Goal: determine “good” path (sequence of routers) thru network from source to dest. Routing protocol A E D CB F 2 2 1 3 1 1 2 5 3 5 r “good” path: m typically means minimum cost path m other def’s possible

6. Network Layer7-6 Routing algorithm classification Distance-vector algorithm r Local information: m router knows physically- connected neighbors, link costs to neighbors r 2 components: m Neighbor routing-table exchange m Bellman-Ford (also called Ford-Fulkerson) computation r E.g.: RIP Link-state algorithm r Global information: m router knows complete topology and link cost info of entire network r 2 components: m Reliable flooding m Dijkstra shortest-path tree (SPT) computation r E.g.: OSPF, IS-IS

7. Network Layer7-7 Distance vector - RIP r Each node maintains a table of triples. DestinationCostNext-hop A1A C1C D2C E2A F2A G3A table at B:

8. Network Layer7-8 RIP: overview  Iterative, asynchronous, distributed r Directly connected neighbors exchange updates m periodically (on the order of several seconds) m whenever table changes (called triggered update) r Each update is a vector of distances: m ( Destination, Cost) r Update local table if receive a “better” route m smaller cost m came from next-hop r Refresh existing routes; delete if they time out

9. Network Layer7-9 RIP: example DestinationCostNext-hop B1B C1C D∞- E1E F1F G∞- DestinationCostNext-hop B1B C1C D2C E1E F1F G∞- DestinationCostNext-hop B1B C1C D2C E1E F1F G2F Initial table at A: After receiving update from C: After receiving update from F:

10. Network Layer7-10 RIP: recovering from link failure DestCostNh A1A B2A C2A D∞- E2A G∞- DestCostNh B1B C1C D2C E1E F1F G∞- DestCostNh B1B C1C D2C E1E F1F G3C At F: At A: A receives update from C: DestCostNh A1A B2A C2A D3A E2A G4A F receives update from A:

11. Network Layer7-11 RIP: link cost decreases X Z 1 4 12 Y 1 X4X Z1Z X5Y Y1Y X1X Z1Z X5Y Y1Y X1X Z1Z X2Y Y1Y At Y: At Z: r Good news travels fast

12. Network Layer7-12 RIP: link cost increases X Z 1 4 12 Y 14 X4X Z1Z X5Y Y1Y X6Z Z1Z X5Y Y1Y X6Z Z1Z X7Y Y1Y At Y: At Z: X8Z Z1Z X7Y Y1Y and so on r Bad news travels slow r “count to infinity” problem  loops!

13. Network Layer7-13 Breaking the loop … X Z 1 4 12 Y 14 X4X Z1Z X5Y Y1Y X X Z1Z X5Y Y1Y X X Z1Z X12X Y1Y At Y: At Z: X13Z Z1Z X12X Y1Y r Does this solve the “count to infinity” problem? r If next-hop to D is R: m Split Horizon: do not include D in update to R m Split Horizon with Poison Reverse: include D, but with metric = ∞

14. Network Layer7-14 … is not always easy DestCostNh B1B C1C D2C E∞- F1F G2F DestCostNh A1A C1C D2C E3C F2A G3A DestCostNh B1B C1C D2C E4B F1F G2F At A: B receives update from C: A receives update from B: DestCostNh A1A B1C D1D E5A F2A G2D C receives update from A:

15. Network Layer7-15 RIPv2 (RFC 2453) details r Included in BSD-UNIX Distribution in 1982 r Distance metric: # of hops (∞ = 16): why? r Distance vectors only exchanged among neighbors r Up to 25 destinations per RIP update message r Update-interval is 30 sec: m If too large, convergence is slow m If too small, too much traffic r Triggered update whenever change in routing table r Split horizon mandatory, poison reverse optional

16. Network Layer7-16 RIPv2 details (contd.) r Updates sent every 30 (+/- 5) seconds r Route not refreshed for 180 sec is timed-out m Still included in update messages r Timed-out route is deleted (garbage-collected) after 120 sec r Triggered update timer set for 1-5 sec m Includes only changed routes m Suppressed if regular update due Address of net 2 Distance to net 2 CommandMust be zero Family of net 2Must be zero Family of net 1 Must be zero Address of net 1 Distance to net 1 Version 081631 subnet mask of net 1 subnet mask of net 2 next hop of net 1 next hop of net 2

17. Network Layer7-17 RIP: where does it run? r RIP runs as application-level process (route-d) r Updates sent as UDP message (port 520) r Multicast IP address 224.0.0.9 (with TTL=1) physical link network forwarding (IP) table Transprt (UDP) routed physical link network (IP) Transprt (UDP) routed forwarding table

18. Network Layer7-18 Link State - OSPF r Strategy: each node learns complete topology m send information about directly connected links (not entire routing table) to entire network (not just neighbors) r Link State Advertisement (LSA) include m Nodes (routers) and links (networks) m Sequence number and age r Reliable flooding m Store most recent LSA for each node m Send LSA to all nodes except one that sent it m Generate LSA periodically (with higher sequence number) m Age out each stored LSA

19. Network Layer7-19 A Link-State Routing Algorithm Notation:  c(x,y): link cost from node x to y; = ∞ if not direct neighbors  D(v): current value of cost of path from source to dest. v  p(v): predecessor node along path from source to v  N': set of nodes whose least cost path definitively known Dijkstra’s algorithm r Given: all nodes know full topology and link costs r Objective: compute least cost paths from self to all other nodes  routing table r iterative: after k iterations, know least cost path to k destinations r distributed: each node computes shortest-path tree from itself

20. Network Layer7-20 Dijsktra’s Algorithm 1 Initialization: 2 N' = {u} 3 for all nodes v 4 if v adjacent to u 5 then D(v) = c(u,v) 6 else D(v) = ∞ 7 8 Loop 9 find w not in N' such that D(w) is a minimum 10 add w to N' 11 update D(v) for all v adjacent to w and not in N' : 12 D(v) = min( D(v), D(w) + c(w,v) ) 13 /* new cost to v is either old cost to v or known 14 shortest path cost to w plus cost from w to v */ 15 until all nodes in N'

21. Network Layer7-21 Dijkstra’s algorithm: example Step 0 1 2 3 4 5 N' u ux uxy uxyv uxyvw uxyvwz D(v),p(v) 2,u D(w),p(w) 5,u 4,x 3,y D(x),p(x) 1,u D(y),p(y) ∞ 2,x D(z),p(z) ∞ 4,y u y x wv z 2 2 1 3 1 1 2 5 3 5

22. Network Layer7-22 Dijkstra’s algorithm, discussion Algorithm complexity: n nodes r each iteration: need to check all nodes, w, not in N r n(n+1)/2 comparisons: O(n 2 ) r more efficient implementations possible: O(nlogn) Link Metric r Static: link latency, link capacity, … r Dynamic: based on load? m e.g.: link cost = amount of carried traffic  oscillations! A D C B 1 1+e e 0 e 1 1 0 0 A D C B 2+e 0 0 0 1+e 1 A D C B 0 2+e 1+e 1 0 0 A D C B 2+e 0 e 0 1+e 1 initially … recompute routing … recompute

23. Network Layer7-23 OSPF details r RFC 2328 (244 pages long!) r Neighbor up/down detected using “hello” packets r LSA reliable flooding over entire AS m LSA includes sequence number and age m LSA integrity using checksum (excludes age) r OSPF messages directly over IP (no UDP or TCP) r Hierarchical OSPF: allow scaling to larger networks r 5 types of LSAs: 1. Router LSA: set of nodes 2. Network LSA: set of links 3. Summary LSA: inter-area networks 4. Summary LSA: area-border-routers 5. External LSA: external to AS

24. Network Layer7-24 Hierarchical OSPF

25. Network Layer7-25 Hierarchical OSPF r Two-level hierarchy: local area, backbone. m Link-state advertisements only in area m each nodes has detailed area topology; only know direction (shortest path) to nets in other areas. r Area border routers: “summarize” distances to nets in own area, advertise to other Area Border routers. r Backbone routers: run OSPF routing limited to backbone. r Boundary routers: connect to other AS’s.

26. Network Layer7-26 OSPF “advanced” features (not in RIP) r Authentication: prevents malicious intrusion r Hierarchy: allows larger domains r Load balancing: equal-cost multi-path (ECMP) r Extensions to support: m Multicast: MOSPF m Traffic-engineering: OSPF-TE

27. Network Layer7-27 Comparison of LS and DV algorithms Messaging r DV: entire routing table, but only exchanged between neighbors r LS: small messages, but flooded in whole network Speed of Convergence r DV: multiple iterations, each requires recompute and transmit m count-to-infinity problem r LS: flood and recalculate, one shot, faster Robustness: both LS and DV can be wrecked by one bad router. r In 1997 a bad router in a small ISP advertised a false cost, became flooded with traffic, disconnecting ISPs from most U.S. backbone providers for ~3 hours Bottom line: r No clear winner in terms of complexity, robustness, etc r LS often favored due to faster convergence

28. Network Layer7-28 Hierarchical Routing scale: with 200 million destinations: r can’t store all dest’s in routing tables! r routing table exchange would swamp links! administrative autonomy r internet = network of networks r each network admin may want to control routing in its own network Our routing study thus far - idealization r all routers identical r network “flat” … not true in practice

29. Network Layer7-29 Hierarchical Routing in the Internet r Internet is organized as Autonomous Systems (AS) m Each AS is an independent administrative domain (e.g. ISP) r Intra-AS routing protocol m All routers in an AS run same intra-AS routing protocol m Routers in different AS can run different intra-AS routing protocol r Inter-AS routing protocol m Between routers in different AS r Gateway routers: m run both intra-AS and inter-AS routing protocols

30. Network Layer7-30 Intra-AS and Inter-AS routing Gateways: perform inter-AS routing amongst themselves perform intra-AS routing with other routers in their AS inter-AS, intra-AS routing in gateway A.c network layer link layer physical layer a b b a a C A B d A.a A.c C.b B.a c b c

31. Network Layer7-31 IGP vs. EGP r Intra-area routing protocol also called Interior Gateway Protocol (IGP) m Administrator can choose any: RIP, OSPF, ISIS, … r Inter-area routing protocol also called Exterior Gateway Protocol (EGP) m Unique: Border Gateway Protocol (BGP)

32. Network Layer7-32 Internet inter-AS routing: BGP r BGP (Border Gateway Protocol): the de facto standard r BGP provides each AS a means to: 1. Obtain subnet reachability information from neighboring ASs. 2. Propagate the reachability information to all routers internal to the AS. 3. Determine “good” routes to subnets based on reachability information and policy. r Allows a subnet to advertise its existence to rest of the Internet: “I am here”

33. Network Layer7-33 BGP basics r Pairs of routers (BGP peers) exchange routing info over semi- permanent TCP conctns: BGP sessions r Note that BGP sessions do not correspond to physical links. r When AS2 advertises a prefix to AS1, AS2 is promising it will forward any datagrams destined to that prefix towards the prefix. m AS2 can aggregate prefixes in its advertisement 3b 1d 3a 1c 2a AS3 AS1 AS2 1a 2c 2b 1b 3c eBGP session iBGP session

34. Network Layer7-34 Path attributes & BGP routes r When advertising a prefix, advert includes BGP attributes. m prefix + attributes = “route” r Path Vector protocol: m similar to Distance Vector protocol m each Border Gateway broadcast to neighbors (peers) entire path (i.e., sequence of AS’s) to destination E.g., Gateway X may send its path to dest. Z: Path (X,Z) = X,Y1,Y2,Y3,…,Z m when gateway router receives route advert, uses import policy to accept/decline.

35. Network Layer7-35 BGP operation r Point-to-point peering r BGP peers explicitly configured m Lack of trust  no auto-discovery! r BGP session runs over TCP m Reliable m Can detect neighbor/link down r 4 types of messages: m OPEN: opens TCP connection to peer and authenticates sender m UPDATE: advertises new path (or withdraws old) m KEEPALIVE keeps connection alive in absence of UPDATES; also ACKs OPEN request m NOTIFICATION: reports errors in previous msg; also used to close connection

36. Network Layer7-36 BGP operation (contd.) r BGP peers exchange route prefixes m AS-path m Route attributes m No cost included! r Route prefixes received from peer are filtered and selected (based on AS-path and route attributes) for installation in RIB r Route prefixes from RIB are sent to peer after filtering and selection r All the complexity is in the use of policies for filtering and selection

37. Network Layer7-37 BGP attribute: AS-path r Prevents looping! m Prefix 138.39.0.0/16, AS1  AS2: AS-path = AS1 m AS2  AS3: AS-path = AS2-AS1 m AS3  AS1: AS-path = AS3-AS2-AS1 m AS1 detects loop, and can reject the route AS 1 AS 2 AS 3 138.39.0.0/16 (a) AS 2 AS 3 138.39.0.0/16 (b) AS 1 Partition healing: rare case where AS1 may accept “loop” route:

38. Network Layer7-38 BGP attribute: Multi-Exit-Discriminator r Used when two AS connect to each other in more than one place r Used by AS to advertise degree of preference of each link to reach a particular prefix r Example: m AS1 and AS2 have 2 BGP sessions: one on each link m AS2 advertises prefixes of AS3 to AS1 on both links MED advertised on link A better than MED advertised on link B AS 1AS 2 AS 3 AS 4 Link A Link B

39. Network Layer7-39 MED (contd.) r ISP-1 and ISP-2 connect in New York and San Francisco r ISP-1 has customer-1 in San Francisco r ISP-2 has customer-2 in New York r What happens if: m Case A: Both ISPs set and accept MED? m Case B: Both ISP-1 and ISP-2 ignore MED? m Case C: ISP-1 accepts MED but ISP-2 ignores MED? ISP 1 ISP 2 Cust 2 Cust 1 Case A:

40. Network Layer7-40 BGP attribute: Local-Pref r Most commonly used attribute r Determines local (i.e. within AS) preference of use of received route r E.g.: say AS3 provides better service than AS2 to AS4 m AS4 can configure local-pref of routes from AS3 to be higher (better) than those heard from AS2 m AS1 advertises prefix 138.39.0.0.16 to AS2 and AS3 m AS4 receives the prefix from both, but chooses the AS3-AS1 path since it has better local-pref AS 1 AS 2 AS 3 138.39.0.0/16 AS 4

41. Network Layer7-41 BGP policies r Can be complex, yet are key to flexibility and control of inter-AS routing r Examples: m Avoid using competitor’s network avoid routes with AS-n in AS-Path m Avoid transit service, i.e. do not carry any traffic that does not have source or destination within AS Do not advertise any non-local routes to peers m Let another ISP carry most cross-country load Use of MED was shown earlier m More examples in subscriber-ISP connection next

42. Network Layer7-42 Subscriber connection: singly-homed r Easy case! Possible options: m Static configuration: easiest Customer has default route via R2 ISP configures static route to customer’s prefix m Include customer in ISP’s IGP (too risky!) m Run a small IGP (say RIP) on R1-R2 link, leak that into BGP m Run a single BGP session customer will still likely use a default route or a small set of filtered routes and not absorb the entire Internet routing table customer ISP R1R2 AS1 AS2 138.39.2.0/23 BGP session

43. Network Layer7-43 Multi-homed subscriber r Multiple customer links to one or more ISPs r Why? m Reliability (redundancy) m Performance (load-sharing) r Challenging m Static routing often doesn’t suffice (why?) m Want to minimize routing prefixes injected into customer network m BGP configuration requires thought and planning, taking into account both traffic directions (to and from the customer) customer ISP-2 ISP-1

44. Network Layer7-44 Multi-homing to a single provider r Example 1: same router in ISP, different routers in customer m ISP to customer traffic: customer sets MED m Customer to ISP traffic: 2 default routes! r Example 2: different routers in ISP, same router in customer m ISP to customer traffic: as before m Customer to ISP traffic: customer may have to get BGP prefixes from ISP 138.39/16 R1 ISP R3 customer R2 204.70/16 138.39/16 R1 ISP R3 customer R2 204.70/16

45. Network Layer7-45 Multi-homing to multiple providers r Options for customer address space: m Exclusively from ISP1 (or from ISP2) E.g.: customer uses 138.39.1/24 and advertises this prefix to ISP2 ISP3 gets prefixes 138.39/16 from ISP1 and 138.39.1.24 from ISP2 ISP3 traffic to customer will go via ISP2 (longest prefix match) Aggregation is pushing traffic away?! m From both ISP1 and ISP2 E.g.: customer uses 138.39.1/24 and 204.70.1/24 Good load-sharing if traffic to these prefixes is about the same m Independently from address registry Can manipulate load-sharing better, but bad for aggregation! r Bottom line: it all depends on the traffic patterns! ISP1 customer ISP3 ISP2 138.39/16 204.70/16

46. Network Layer7-46 Interaction among routing protocols r Every routing protocol is computing its own routes: how does it all fit? m Question: do they interact with each other? Yes! m Question: which route is inserted in the forwarding tables? If conflict, priority mechanism is used r Question: how does IGP fill its routing table? m Direct routes: directly-connected interfaces m Static routes: user configured r Question: How does BGP fill it routing table? m Learns AS local networks from IGP

47. Network Layer7-47 E-BGP vs. I-BGP r Question: How do BGP routes get propagated within AS? m E.g.: how does B.b learn about routes from AS-A and AS-B? m Inject BGP routes into IGP? bad idea – IGPs don’t scale m Preferred way of distributing externally learnt prefixes within an AS: Internal-BGP (I-BGP): full-mesh within AS m Our earlier discussion on BGP peering between different AS Technically correct to call it External-BGP (E-BGP) a b b a a C A B d A.a A.c C.b B.a c b c

48. Network Layer7-48 Configuring routing r In your organization you have to install a new PC in a server- farm. The PC is multi-homed on two LANs. What static routes do you need to configure on the PC for shortest-path routing to all destinations? Assume: m The PC is not routing between LANs m The PC is not running any routing protocols m Pick any IP addresses for the router interfaces consistent with the LAN subnets LAN 193.1.1.32/28 LAN 202.1.1/24 LAN 193.1.1.0/28 LAN 193.1.1.16/28 ISP R1 R2 server farm new PC

49. Network Layer7-49 Configuring routing (contd.) r Now suppose your organization gets a second link to the ISP via a new router R3. Your PC now has 3 LAN interfaces, and your organization has two links to the Internet. Can you suggest ways of load-balancing traffic to/from your organization? LAN 193.1.1.32/28 LAN 202.1.1/24 LAN 202.1.2/24 LAN 193.1.1.0/28 LAN 193.1.1.16/28 ISP R1 R2 R3 server farm new PC

50. Network Layer7-50 Summary Hierarchical routing: intra-AS versus inter-AS r Policy: m Inter-AS: admin wants control over how its traffic routed, who routes through its net. m Intra-AS: single admin, so no policy decisions needed r Scale: m hierarchical routing saves table size, reduced update traffic r Performance: m Intra-AS: can focus on performance m Inter-AS: policy dominates over performance

51. Network Layer7-51 Summary (contd.) r Principles of BGP operation m Path-vector m Configuration driven m Route attributes (AS-Path, MED, Local-Pref, …) m Policies dictate everything! m How does a customer connect to ISP? m Examples of single and multi-homing r Interaction between routing protocols m How does it all fit? r Design examples r Finished with IP routing - whew!