TTM4150
[TOC]
Intro
These are my notes for TTM4150 . These are my own understandings of the subject and it may not be completely correct or accurate. It is also written in slightly below average Norwegian English.
Why do I post them here?
There is a couple of reasons. The first is for convenience. I like to write Markdown as it is very easy to structure text easily and it does not take any focus away from the text, it also has great readability both uncompiled and compiled. It is also very practical to have this available on the web as i like to read my notes on my iPad, and it is faster to access here. The last reason is that someone may find them useful.
Advanced Internet Protocols, Service and Applications
Chapter 1 TCP/IP
Chapter 2 Transport-layer protocols
Chapter 3 Internet Architecture
Chapter 4 IP routing protocols
Chapter 5 Multiprotocol Label Switching
Chapter 6 IP Quality of Service
Chapter 7 Multicast and Anycast
Chapter 8 Layer-2 Transport over Packet
Chapter 11 IP Version 6
Software Defined Network, A Comprehensive Approach
Chapter 1 Introduction
Chapter 2 Why SDN?
Chapter 3 The Genesis of SDN
Chapter 4 How SDN works
Chapter 5 The OpenFlow Specifications
Chapter 7 SDN in the Data Center
Chapter 8 SDN in other environments
Chapter 13 SDN Futures
Technologies and Terms
Software Defined Networking
Adoption problem
- Too expensive; Update incrementally
- Too risky; Old technology is expensive to maintain
- Too revolutionary; Computing is revolutionary, we need revolutionary solutions
- Single point of failure; redundant controllers
Datacenter problems
- Too many MAC addresses
-
Too many VLANs
TCP
Algotithms
Compound TCP
Microsofts TCP algorithm for adjusting the congestion window, optimizing the connections for large bandwidth.
TCP fusion
Sun Microsystem's TCP implementation for Solaris 10
Cubic TCP
Implementation of TCP with an optimized congestion control algorithm for high bandwidth networks with high latency. Was default in Linux from 2.6.19 to 3.1.
TCP proportional rate reduction
PRR is an algorithm design to improve the accuracy of data sent during recovery. Windows size after recovery is as close as possbile to slow-start threshold. It is the default algorithm for Linux since 3.2.
IPv4
CAP
CIDR
Classless inter-domain routing - Supernetting. Basically going away from the old A, B, C networks.
Routing/forwarding is done on the longest match.
CIDR representation/format:
10.0.0.0/8
VLSM
NAT
Network address translation. Companies and users may use private ip addresses internally.
Network | Addresses |
---|---|
10.0.0.0/8 | 16 777 216 |
172.16.0.0/12 | 1 048 576 |
192.168.0.0/16 | 65 536 |
Full cone NAT
Restricted and Port Restricted cone NAT
Firewalls usually run Port restricted cone NAT.
Symmetric NAT
NAT444
Carrier grade NAT, the ISP uses NAT within its network and the enduser uses NAT again for their own network.
Address space: 100.64.0.0/10
IPv4 address states
- Assigned and advertised in BGP
- Assigned to an end user, but not advertised
- Part of the unassigned pool held by an RIR (regional internet reg)
- IANA unallocated address
- Reserved for special use
IPv6
IPv6 is assigned on an interface basis, not on device basis.
Types
Typical: unicast, multicast, anycast. The type of the address determines if the packets are destined for one or for many machines.
Unicast
Address that uniquely idenftifies an interface of an IPv6 node. Packages are sent directly to the given interface.
Relation type: One to One
Multicast
Multicast address identifies a group of IPv6 interfaces. A packet sent to a multicast address is processed by all members of the multicast group.
Relation type: One to Many
Anycast
Anycast address is assigned to multiple interfaces, usually on multiple nodes. A packet sent to a anycast address is delivered to only one of these, usually the nearest.
Relation type: Many to One? First in the group?
Scope
Typical: link, global, etc. The scope of the address determines which context the address makes sense in.
Link-local scope
Identifies all hosts within a single layer 2 domain.
Unique-local scope
Identifies all devices reachable within an administrative site or domain.
Global scope
Identifies all devices reachable across the Internet.
IPv6 addresses for a Host
A host have usually a lot of IPv6 addresses, it may even have multiple towards the global network.
- A link-local address for local link traffic
- Site-local and/or global unicast addresses
- Loopback ::1
- Interface-local scope all-nodes multicast address (FF01::1)
- The solicited-node address for each unicast address
- A multicast address for the joined groups on each interface
IPv6 addresses for a Router
- A link-local address for each interface
- Unicast addresses for each interface
- A subnet-router anycast address
- Additional anycast addresses
- Loopback addresses (::1)
Header
| Version | Traffic class | Flow Label| | Payload Length | Next Header | Hop limit | | Source Address | | Destination Address |
6in4
Configured tunnel
6over4
Requires multicast
6to4
Automatic tunnel, uses the public IPv4 of a NATed network to get a particular prefix for the network.
6rd
IPv6 Rapid Deployment.
Automatically creates a tunnel using 6to4 from the endusers router to the ISPs 6rd border router. From the ISPs perspective this looks like a Dual stack network with both IPv4 and IPv6.
Dual stack lite
IPv4 over IPv6 using tunnelling and NAT444.
Private IPv4 <--> Private IPv4-in-IPv6 <--> Public IPv4
NAT64
IPv6 Internal network translated to IPv4 public network.
Needs DNS64 for DNS translations.
Routing
- Building and maintainting the routing table.
- Connectionless services per packet
Forwarding
Pushing the actual packets out on the physical line.
Autonomous system (AS):
A domain (collection of IP networks and routers) under the control of one or more entity that presents a common routing policy to the Internet.
AS Types
Stub AS
An AS with only one connection to another AS, such an AS allows only local traffic.
Multi-homed AS
An AS with connection to more than one AS and which does not allow transit traffic.
Multi-homing provides increased reliability.
Transit AS
An AS with connection to more than one AS, and which allows both local and transit traffic.
Intra-domain (interior) routing
Routing within an Autonomous system using Interior Gateway Protocol
Inter-domain (exterior) routing
Routing between Autonomous systems using Exterior Gateway Protocol
- Reduces the routing information needed to be kept within the AS
- Uses default routes towards the internet ( other AS's )
- Simple for all to know the external routes
Routing algorithms
Build the routing tables and maintains the routes and paths within the network topology. Shortest path is found by looking at:
- Path length / Number of hops
- Bandwidth
- Reliability
- Line cost
- Delay
- Load (CPU, Queue, PPS)
Distance Vector Algorithm
A iterative, asynchronous and distributed routing algorithms.
Example: RIPv2
Steps:
- Wait for change in local link cost or message from neighbor
- Recompute estimated costs
- If change, notify neighbors
- Start over
Link state algorithm
Each node has a complete map of the topology. Each nodes advertises the state of directly connected links to all nodes.
Uses Dijkstras to find the shortest path.
Example: OSPF
OSPF
Based on the Link-state algortihm. Uses Areas to segment? the network into smaller pieces. Instantaneous propagation of topology changes.
An area is a set of routers configured to echange routing information. This reduces the database and CPU processing. To make this works, OSPF needs inter area router between to areas.
ISIS
Path vector protocol
BGP
Peering is interconnection of administratively separate network with the purpose of exchanging traffic.
Peering requires physical connection between the network.
The two network exchange routing inforamtion through the BGP routing protocol.
A Autonomous system is identified by a unique AS number.
BGP-speaker: Announces the local networks, other reachable networks (if transitAS) and other route information.
BGP neighbors: A pair of BGP-speakers exchanging routing information.
BGP-session: - TCP session between two BGP neighbors. - Keepalive monitors the state of the session - Only incremental updates of the routing table - Conserve bandwidth and processing power
Attributes
ORIGIN: Indicates the origin of the path information (IGP, EGP or incomplete)
AS_PATH: Describes the AS path vector associated with the prefix/destination
NEXT_HOP: IP address of border router to be used as next hop ro reach the destination
LOCAL_PREF: Used to inform other BGP routers in the local AS of the originating BGP session's degree of preference for an advertised route.
ATOMIC_AGGREGATE: Used by BGP speakers to inform other BGP routers that the local system selected a less specific route without selecting a more specific route which is included in it.
MULTI_EXIT_DISC: Discriminate among multiple exit points to a neighboring AS.
AGGREGATOR: Indicates the last AS number that formed the aggregated route and the IP address of that router.
Route reflector
iBGP routes will not be announced multiple hops as iBGP thinks that every node has already learned it. If there is a node that is only connected to a single second hop iBGP, we can use a route reflector to make the neighbour send the routes.
Interior BGP
Between BGP nodes (anywhere) in the AS
- All routes cannot be injected into intra-domain protocol
- IBGP for effective redistribution of BGP information
- Which AS "border" router reaches specific address
Scalable routing design principles
Build hierarchy
- Avoid full mesh
- Core (transit) + region (access)
- One vs seperate routing domains
Compartmentalization
For problem and failure localization
Making proper trade-off
- Redundancy vs scalability
- Convergence vs stability
Reducing route processing
- Routing intelligence placement at edges
- Reduce routes and routing information: CIDR default routing
- Static route at edges
Software Defined Networking
MPLS
MP = Multi protocol
- Multi-protocol both above and below
- Forwarding independent of network layer
- Operating over virtually any link layer protocol
LS = Label switching
- Forwarding: label swapping
- Control: IP routing protocols (IGP & EGP)
Label Switched Router
An LSR is any router that switches MPLS
Ingress LSR inserts a label on the packet and forwards it to the network (PUSH)
Intermediate LSR receives labelled packets, swaps the label and forwards it. (SWAP)
Egress LSR receives MPLS labeled packets, removes the label before forwarding it. (POP)
Label Switched Path
A LSP is a MPLS switching path through network.
A LSP starts at a Ingress LSR, traverses the Intermediate LSRs and ends at the Egress LSR/
Can be engineered to follow a specific path.
Multicast
IGMP
Shared tree vs SST
Source specific trees
One distribution tree per source
- Low delay
- Higher cost
- Better load distribution
- More state in the network
Shared trees
Packets from all sender in a session are distributed along the same tree.
- Lowest cost
- Higher delay
- Less state
- Load on fewer router and links
Sparse mode
Traffic is only sent to nodes that explicit join the session
Explicit join leav signaling:
- PIM-SM
- SSM
- CBT
Dense mode
Push mode, traffic flooded to all
Assumes that most nodes will be member of a session.
All traffic will periodically be flooded to all.
Nodes wishing not to be part of a session sends leave:
- DVMRPv2
- PIM-DM
- MOSPF
Missing functionality
Security:
- Authentication
- Authorization
- Encryption
- Data integrity
Group managment:
Address allocation:
Network management:
Quality of Service
RSVP
Resource Reservation Protocol is a Transport layer protocol designed to reserver resources across a network of integrated services.
Receiver oriented, the receiver of the flow maintains the resource reservation for that flow.
Traffic Engineering extension
Addon to RSVP. Applications on IP end systems can use RSVP to indicate to other nodes the nature of the packet streams they want to receive.
IntServ vs. DiffServ
IntServ
Architecture that specifies the elements to guarantee quality of service on networks. IntServ can for example be used to allow video and sound to reach the receiver without interruption.
IntServ specifies a fine-grained QoS system.
- Signaling mechanism
- Traffic handling per flow
- State information in network nodes
- Limited Scalability in core due to amount of state information
- Better end-to-end guarantees as resources are reserved end to end per flow
DiffServ
Architecture that specifies a simple, scalable and coarse-grained mechanism for classifying and managing network traffic and providing QoS.
DiffServ can br used to provide low-latency to critical network traffic, while providing best effort service to non-critical traffic.
coarse-grained == fewer larger descrete components
- Priority mechanism
- Traffic handling of aggregated flows
- No state information
- Scalable - aggregated flows
- End-to-End guarantees requires admission control and adequate dimensioning
- Static SLAs give limited flexibility