1 the network layer chapter 5. 2 network layer design issues store-and-forward packet switching...
Post on 20-Jan-2016
218 views
TRANSCRIPT
1
The Network Layer
Chapter 5
2
Network Layer Design Issues
• Store-and-Forward Packet Switching
• Services Provided to the Transport Layer
• Implementation of Connectionless Service
• Implementation of Connection-Oriented Service
• Comparison of Virtual-Circuit and Datagram Subnets
3
Network Layer Design Issues
• Network layer provides point-to-point connectivity between any two hosts.
• The network layer services have the following goals:– The services should be independent of the router technology.– The transport layer should be shielded from the number,
type, and topology of the routers present.– The network addresses made available to the transport layer
should use a uniform numbering plan, even across LANS and WANS.
• The network layer defines the service provided by the subnet. A subnet (short for "subnetwork") is an identifiably separate part of an organization's network.
4
Store-and-Forward Packet Switching
The environment of the network layer protocols.
fig 5-1
5
Functions of Network Layer
• Routing – find a path from one host to another host.• Congestion control – mechanisms to prevent hosts
from flooding the network.• Quality of Service (QoS) - transmission rates, error
rates, and other characteristics can be measured, improved, and, to some extent, guaranteed in advance.
• Internetworking provides translation between subnet using different protocols.
6
Services Provided to Transport Layer• The freedom in writing detailed specifications of the
services to be offered to the transport layer cause battles between connection-oriented and connectionless services.
• Internet community - connectionless– With 30 year experience with the Internet, the subnet is
inherently unreliable.– The host should accept this fact and do error control and
flow control themselves.
• Telephone companies – connection-oriented– With more than 100 years’ experience, QoS is important.
• QoS is important and the Internet is starting to associate with connection-oriented service.
7
Implementation of Services • Connectionless service
– No advance setup is needed.– The packets are frequently called datagrams.– The subnet is called a datagram subnet.– The routing algorithm is the algorithm that manages the
tables and makes the routing decision.
• Connection-oriented service– A path from the source router to the destination router must
be established before any data packets can be sent.– The connection is called a VC (virtual circuit).– The subnet is called a virtual-circuit subnet.– To distinguish packets from different hosts, replacing
connection identifiers in outgoing packets is called label switching.
8
Implementation of Connectionless Service
Routing within a diagram subnet.
9
Implementation of Connection-Oriented Service
Routing within a virtual-circuit subnet.
10
Comparison of Virtual-Circuit and Datagram Subnets
5-4
11
Routing Algorithms
• The Optimality Principle• Shortest Path Routing• Flooding• Distance Vector Routing• Link State Routing• Hierarchical Routing• Broadcast Routing• Multicast Routing• Routing for Mobile Hosts• Routing in Ad Hoc Networks
12
Routing Algorithms
Conflict between fairness and optimality.
• The routing algorithm is a part of network layer software to decide which output line an incoming packet should be transmitted on.
• Session routing is a route remains in force for an entire user session.
• Routing algorithms should be correctness, simplicity, robustness, stability, fairness, and optimality.
13
Routing Algorithms
• Non-adaptive algorithms
– They do not base their routing decisions on measurements or estimates of the current traffic and topology.
– This procedure is sometimes called static routing.
• Adaptive algorithms– They change their routing decisions to reflect
changes in the topology.– This procedure is sometimes called dynamic
routing.
14
Shortest Path Routing
• If the router J is on the optimal path from the router I to the router K, then the optimal path from J to K also falls along the same route.– Proof: If there is a better router from J to K, the route from I
to K can be improved.
• Construct a sink tree with the destination to be root. – The goal of all routing algorithms is to discover and use the
sink tree for all routers.
– Since it is a tree, there is no loops.
– A real network is complex. Routers and links may be down at any time.
15
The Optimality Principle
(a) A subnet. (b) A sink tree for router B.
16
Shortest Path Routing
• Shortest Path Routing is a static routing algorithm that just finds the shortest path.
• A graph is used to represent the network.– Each node of the graph represents a router.– Each arc of the graph represents a communication link.– To choose the route between a given pair of routers, the
algorithm just finds the shortest path between them on the graph.
• Metric used in the shortest path. – Number of hops– Geographic distance in miles/kilometers– Transmission delay fastest path
17
Shortest Path Routing
• Dijkstra Algorithm– Each arc (link) is labeled with a weight (link distance).
– Each node is labeled with the distance from the source node along the best known path and the source node.
– Initially, no paths are known, all nodes except the source are labeled as (∞, -).
– All labels may be either tentative or permanent. Initially, the labels are tentative. When it is discovered to be shortest possible path, the label is made permanent and never changed thereafter..
18
Shortest Path Routing
• An example: find the shortest path from A to D– We start out by making node A permanent indicated
by a filled-in circle.– Then we examine each node adjacent to A,
relabeling each one.– Scan all the tentatively labeled nodes in the whole
graph and make the one with the smallest distance to A permanent.
– This node becomes the new working node. Repeat the steps till the destination becomes permanent.
19
Shortest Path Routing
The first 5 steps used in computing the shortest path from A to D. The arrows indicate the working node.
20
Flooding• Flooding is a static routing algorithm.• Every incoming packet is sent out on every outgoing
line except the one it arrived on.• Flooding generates a large number of duplicated
packets. To reduce overhead,– Use a hop counter (TTL, Time To Live), which is
decremented at each hop. The packet is discarded with the counter reaches zero.
– Keep track of the packets and avoid to send them out the second time in case there is a loop.
– Selective flooding in which the routers send the incoming packet to only those outgoing lines in the right direction.
• Flooding has tremendous reliability and always choose the shortest delay used in applications such as military, distributed database, wireless network, and a metric compared to other routing algorithm.
21
Flooding
Dijkstra's algorithm to compute the shortest path through a graph.
5-8 top
22
Flooding
Dijkstra's algorithm to compute the shortest path through a graph.
5-8 bottom
23
Distance Vector Routing• Dijkstra algorithm can find the shortest path from the
source to the destination. In a real network, how the topology is obtained.
• Distance Vector Routing algorithm – Dynamic routing– Each router maintains a table (vector), giving the best known
distance to each destination and the outgoing line to get there.
– These tables are updated by exchanging information with the neighbors.
– The metric used might be the number of hops, the time delay, or the number of queued packets.
– The router is assumed to know the “distance” to each of its neighbors.
24
Distance Vector Routing
(a) A subnet. (b) Input from A, I, H, K, and the new routing table for J.
25
Distance Vector Routing
• Distance vector works in theory but has a serious drawback in practice.– React rapidly to good news when a router comes up.
– Though it finally converge to correct result, it takes long time when where is a bad news.
– There are several attempts to solve the problem, but none is perfect.
• Distance vector routing was used in ARPANET until 1979 when it is replaced by link state routing.
• Two problems of distance vector routing:– It does not take line bandwidth into account.
– It took too long to converge.
26
Distance Vector Routing
The count-to-infinity problem.
27
Link State Routing
• Link State Routing is a dynamic routing.
• Each router must do the following:1. Discover its neighbors, learn their network
address.
2. Measure the delay or cost to each of its neighbors.
3. Construct a packet telling all it has just learned.
4. Send this packet to all other routers.
5. Compute the shortest path to every other router.
28
Learning about the Neighbors
• Learning about the neighbors: When a router is booted, it first learns its immediate neighbors.– Send a HELLO packet on each point-to-point line.
The router on the other end will send a reply telling who it is.
– Each router has a global unique name.– If two or more routers are connected by a LAN, we
can model the LAN as a node.
29
Learning about the Neighbors
(a) Nine routers and a LAN. (b) A graph model of (a).
30
Measuring Line Cost
• Measuring Line Cost– Send an ECHO packet, measure the round trip
delay, and divide it by two. • Repeat it several items to have a better
estimation.– Whether to take the load into the account?
• Consider the load: start measuring delay when ECHO is queued. Choosing unloaded line results in better performance. But the load might oscillate.
• Ignore the load: start measuring delay when the ECHO packet reaches the front of the queue.
31
Measuring Line Cost
A subnet in which the East and West parts are connected by two lines.
32
Building Link State Packets
(a) A subnet. (b) The link state packets for this subnet.
• Build the link state packet containing: node ID, sequence number, age, a list of neighbors and the delay to the neighbor.
• Building the state packet is easy. The hard part is to determine when to build them.– Periodically or event-driven
33
Distributing the Link State Packets
• The trickiest part is to distribute link state packet.
• Basic idea:– Use flooding to distribute the link state packets.– To keep the flood in check, each packet contains a
sequence number that is increased by one for each new packet.
– When the link state packet arrives, the router check if it is new.
• Yes forward it to all outgoing lines except the one it arrived.
• No (duplicated or with low sequence number) discard it.
34
Distributing the Link State Packets
• Potential problems: – The sequence number wrap around use the 32-bit
sequence number. It takes 137 years to wrap around.– The router crashes. Its sequence number starts again
from 0, it is rejected.– The sequence number is corrupt (e.g., 65540 is
received instead of 4, then packets from 5 to 65540 will be rejected.)
• Use “age” to solve the problems:– The age decreases by one per second. The packet is
discarded when age = 0.– Problem packets won’t last for a long time.
35
Distributing the Link State Packets
The packet buffer for router B in the previous slide (Fig. 5-13).
• Each router uses a table to maintain the link state packets.• Each row is a recently received but not processed packet.• Each entry includes the source address, sequence number, age,
and send/ACK flags.
36
Computing Routes• Once a router has accumulated a full set of link state
packets, it knows all nodes and links, thus can construct the subnet graph.
• Run Dijkstra algorithm to find the shortest paths from the source to all other nodes.
• For a network with n routers, each with k neighbors, the memory required in nk.– Memory and computational time may be a problem for large
subnets.– But it works fine for many practical situations.
• The OSPF (Open Shortest Path First) protocol is used in the Internet.
• IS-IS (Intermediate System-Intermediate System) is used in some the Internet backbone (NSFNET).
37
Hierarchical Routing
• With the increase of network/routers, it is infeasible to have an entry for each router. The hierarchical routing is required.– Divide the routers into regions.
– The router only knows details to route packets to the destination within the same region.
– But may not be optimal (e.g., The best route from 1A to 5C is via region 2, but since the route via region 3 is better for most nodes in region 5.
38
Hierarchical Routing
Hierarchical routing.
39
Broadcast Routing
• Broadcasting: send a packet to all destinations.– Distributing weather reports, stock, radio programs, etc.
• Broadcast routing algorithm– Send a distinct packet to each destination (waste bandwidth)
– Flooding (generate too many packets)
– Multi-destination routing
• The packet includes a list of destinations
• The router sends the packet on an outgoing line if it is the best route for at least one of destinations (according to routing table).
40
Broadcast Routing
• Broadcast routing algorithm– A spanning tree is a subset of the subnet that includes all the
routers but contains no loops.
• Copy an incoming broadcast packet onto all the spanning tree lines except the one it arrived on.
• excellent use of bandwidth
• But each router is required to know some spanning tree.
– Reverse path forwarding: approximate spanning tree
• Router check if the packet arrived on the line normally used for sending packets to the source; if so, the broadcast packet is likely following the best route, the router rebroadcast it; if no, discards it.
41
Broadcast Routing
Reverse path forwarding. (a) A subnet. (b) a Sink tree. (c) The tree built by reverse path forwarding.
42
Multicast Routing
• Sending a packet to a group of nodes (a subset of the nodes in the network) is called multicasting.– Multiple unicast or broadcast are too expensive
– Build spanning tree
– Upon receiving a packet, prune the spanning tree (cut off the routers/lines that do not lead to any member in the group)
– Not scalable
43
Multicast Routing
(a) A network. (b) A spanning tree for the leftmost router. (c) A multicast tree for group 1. (d) A multicast tree for group 2.
44
Routing for Mobile Hosts
• All hosts are assumed to have a permanent home location (home address) that never changes.
• Each area has one or more foreign agents (FA), keeping track of all mobile hosts (MH) visiting the area.
• Each area has a home agent (HA), which keep track of hosts whose home is in the area but are currently visiting another area.
45
Routing for Mobile Hosts
A WAN to which LANs, MANs, and wireless cells are attached.
46
Routing for Mobile Hosts
• When a new host enters an area, it registers with the FA.– Each FA periodically announces its existence and address.
The newly-arrived mobile host (MH) waits for one of these messages. If no message is received, it broadcasts a message and asks for FAs.
– The MH sends its home address, link layer address, and some security info to the FA.
– The FA contracts the HA.
– The HA examines the security info and records the temporary location of the MH.
– The FA gets ACK from HA, and informs MH that it has been registered.
47
Routing for Mobile Hosts
Packet routing for mobile users.
48
Routing in Ad Hoc Networks
Possibilities when the routers are mobile:
1. Military vehicles on battlefield.– No infrastructure.
2. A fleet of ships at sea.– All moving all the time
3. Emergency works at earthquake .– The infrastructure destroyed.
4. A gathering of people with notebook computers.– In an area lacking 802.11.
49
Routing in Ad Hoc Networks• A MANET (Mobile Ad Hoc Networks) is a network
forming by an autonomous collection of mobile devices.• The Ad hoc On Demand Distance Vector (AODV)
routing algorithm is a routing protocol designed for ad hoc mobile networks. – AODV is capable of both unicast and multicast routing. – It is an on demand algorithm, meaning that it builds routes
between nodes only as desired by source nodes. – It maintains these routes as long as they are needed by the
sources. – AODV forms trees which connect multicast group members.
The trees are composed of the group members and the nodes needed to connect the members.
– AODV uses sequence numbers to ensure the freshness of routes.
50
Route Discovery
(a) Range of A's broadcast.
(b) After B and D have received A's broadcast.
(c) After C, F, and G have received A's broadcast.
(d) After E, H, and I have received A's broadcast.
Shaded nodes are new recipients. Arrows show possible reverse routes.
51
Route Discovery
Format of a ROUTE REQUEST packet.
• Source/destination address: IP address• Request ID: local counter maintained by each node and
incremented each time a ROUTE REQUEST is broadcast.• Source/destination sequence: source/destination sequence counter• Hop count: keep track of how many hops the packet has made.
Format of a ROUTE REPLY packet.
52
Route Discovery• When a route request arrives a node
– Check (source, request ID) if it is duplicated; yes discards; no record it
– Look up the destination in its route table. If a fresh route is known, send a Route Reply packet to the source. Fresh means the sequence # of the route is greater than or equal to the # in the Route Request
– If the node does not know the destination, it increments the “hop count” and rebroadcast the Route Request and also make a new entry in its reverse routing table (record how to reach the last hop)
– All node that receives the Route Reply learn the route to the destination
53
Route Maintenance• For each destination, the node keeps track of its
neighbors that have fed it a packet to that destination during last T seconds. These neighbors are called the active neighbors for that destination
• When any neighbors become unreachable, the node check which destinations have routes using the now-gone neighbors. For each destination, the active neighbors are informed that their route via that neighbor is now invalid and must be purged.
54
Route Maintenance
(a) D's routing table before G goes down.(b) The graph after G has gone down.
55
Node Lookup in Peer-to-Peer Networks• A peer-to-peer network is a network in which a lot of
people are sharing resources. Example: Napster• A peer-to-peer network system is totally distributed.• Chord algorithm for peer-to-peer networks.
– Use the hash function to convert any IP address to a 160-bit number called the node identifier.
– Use the hash function to convert the records in any IP address to a 160-bit number called the key.
– The function successor (k) is defined as the node identifier of the node following k around the circle clockwise.
– The IP addresses with the same key will be stored in the same node in an order determined by successor (key).
– When the name is looked up, it is hashed to get key and then use successor (key) to find the IP addresses.
56
Node Lookup in Peer-to-Peer Networks
(a) A set of 32 node identifiers arranged in a circle. The shaded ones correspond to actual machines. The arcs show the fingers from nodes 1, 4, and 12. The labels on the arcs are the table indices.
(b) Examples of the finger tables.
57
Congestion Control Algorithms
• General Principles of Congestion Control
• Congestion Prevention Policies
• Congestion Control in Virtual-Circuit Subnets
• Congestion Control in Datagram Subnets
• Load Shedding
• Jitter Control
58
Congestion Control Algorithms
• Congestion is a problem when too many packets are present in the subnet, performance degrades
• Congestions can be brought on by several factors:– All of a sudden, streams of packets arrive on multiple input
lines and all of them need the same output line, a queue is built up. Allocating more memory may help to a point but with infinite memory, congestion gets worse because packets are timed out.
– Slow processors make queue to be built up even though there are enough bandwidth.
– Low-bandwidth also causes congestion.
59
Congestion
When too much traffic is offered, congestion sets in and performance degrades sharply.
60
Congestion Control vs. Flow Control
• They are highly related to each other. The difference is subtle.
• Congestions control is a global issue, involving all hosts, routers, and other factors
• Flow control relates to the point-to-point traffic between a given sender and a given receiver, making sure a faster sender won’t swamp a slow receiver.
61
Congestion Control vs. Flow Control
• Open loop – solve the problem by essentially good design.– deciding when to accept new traffic, when to discard
packets, etc., without regard to the current state of the network
• Close loop – solve the problem based on the feedback.– Monitor the system to detect when and where
congestion occurs.– Pass information to where action can be taken.
– Adjust system operation to correct the problem.
62
General Principles of Congestion Control
• The presence of congestion means that the load is greater than the resources can handle
• Two solutions– Increase the resource: increase the bandwidth, Split the
traffic over multiple routes, Put spare routers on-line
– Decrease the traffic: deny service to new users (hire-freezing), degrade service to some/all users (reduce salary), drop some users (lay off)
63
Congestion Prevention Policies
Policies that affect congestion.
5-26
64
Congestion Control in Virtual-Circuit Subnets
(a) A congested subnet. (b) A redrawn subnet, eliminates congestion and a virtual circuit from A to B.
65
Hop-by-Hop Choke Packets
(a) A choke packet that affects only the source.
(b) A choke packet that affects each hop it passes through.
66
Jitter Control
(a) High jitter. (b) Low jitter.
67
Quality of Service
• Requirements
• Techniques for Achieving Good Quality of Service
• Integrated Services
• Differentiated Services
• Label Switching and MPLS
68
Quality of Service
• A stream of packets from a source to a destination is called a flow.
• QoS (Quality of Server) is characterized by four primary parameters: reliability, delay, jitter, and bandwidth.
• To achieve high reliability:– The checksum is used to verify the packet at the destination.
– If a packet is damaged in transit, it is not acknowledge and will be retransmitted eventually.
69
Requirements
How stringent the quality-of-service requirements are.
70
Quality of Service
• ATM networks classify flows in four broad categories:1. Constant bit rate (e.g., telephony)
2. Real-time variable bit rate (e.g., compressed videoconferencing).
3. Non-real-time variable bit rate (e.g. watching a move over the Internet).
4. Available bit rate (e.g., file transfer)
71
Buffering
Smoothing the output stream by buffering packets.
72
The Leaky Bucket Algorithm
(a) A leaky bucket with water. (b) a leaky bucket with packets.
73
The Leaky Bucket
Algorithm
(a) Input to a leaky bucket. (b) Output from a leaky bucket. Output from a token bucket with capacities of (c) 250 KB, (d) 500 KB, (e) 750 KB, (f) Output from a 500KB token bucket feeding a 10-MB/sec leaky bucket.
74
The Token Bucket Algorithm
(a) Before. (b) After.
5-34
75
Admission Control
An example of flow specification.
5-34
76
Packet Scheduling
(a) A router with five packets queued for line O.(b) Finishing times for the five packets.
77
RSVP-The ReSerVation Protocol
(a) A network, (b) The multicast spanning tree for host 1. (c) The multicast spanning tree for host 2.
78
RSVP-The ReSerVation Protocol
(a) Host 3 requests a channel to host 1. (b) Host 3 then requests a second channel, to host 2. (c) Host 5 requests a channel to host 1.
79
Expedited Forwarding
Expedited packets experience a traffic-free network.
80
Assured Forwarding
A possible implementation of the data flow for assured forwarding.
81
Label Switching and MPLS
Transmitting a TCP segment using IP, MPLS, and PPP.
82
Internetworking
• How Networks Differ
• How Networks Can Be Connected
• Concatenated Virtual Circuits
• Connectionless Internetworking
• Tunneling
• Internetwork Routing
• Fragmentation
83
How Networks Differ
• Two or more networks are connected to form an internet.
• The reasons why different networks will always be around:– The installed base of different networks is large.– As computers and networks get cheaper, the place
where (purchasing) decisions get made moved downward in organization.
– Different networks have radically different technology.
84
Connecting Networks
A collection of interconnected networks.
85
How Networks Differ
Some of the many ways networks can differ.
5-43
86
How Networks Can Be Connected
(a) Two Ethernets connected by a switch.
• A router that can handle multiple protocols is called a multiprotocol router.
• With a switch (or bridge), the entire frame is transported on the basis of its MAC address.
• With a router, the packet is extracted from the frame and the address in the packet is used to decide where to send it.
(b) Two Ethernets connected by routers.
87
Two types of internetworking• Concatenated Virtual Circuits:
– A connection to a remote host is set up by concatenating virtual circuits in all networks it passes by.
– Gateways response for converting packet format and maintaining VC.
– Work best when all network have the same properties.
• all reliable or all unreliable.
– Can also be done on transport layer.
• Connectionless internetworking:– inject datagrams into subnets and hope for the best
– packets may not follow the same route
– also works on VC subnet.
88
Concatenated Virtual Circuits
Internetworking using concatenated virtual circuits.
89
Connectionless Internetworking
A connectionless internet.
90
Concatenated Virtual Circuits• Advantages:
– Buffers can be reserved.
– Sequencing can be guaranteed.
– Shorter headers can be used.
– Troubles caused by delayed duplicate packets can be avoid.
• Disadvantages:– Table space required in the router for each open connection.
– No alternate routing to avoid congested areas.
– Vulnerability to router failure along the path.
– Difficult to implement if one of the networks is an unreliable datagram network.
91
Connectionless internetworking
• Advantages:– More potential for adapting to congestion
– Robustness in the face of router failures
– Various adaptive routing algorithms are possible.
– It can be used over subnets that do not use virtual circuits inside.
• Disadvantages:– More potential for congestion
– Longer header needed
92
Tunneling• Internetworking for the general case is extremely
difficult. – Common case: The source and destination are on the same
type of network but different networks are in between.
– Tunneling is the transmission of data in such a way that the routing nodes in the network are unaware that the transmission is from a different network.
– How it works?
• Source sends packets to an intermediate gateway
• Intermediate gateways put the whole packet into the payload field (don't interpret it).
• The destination will understand the packet
93
Tunneling
Tunneling a packet from Paris to London.
94
Tunneling
Tunneling a car from France to England.
95
Internetwork Routing
• Two-level routing algorithms can be built up:– Within each network an interior gateway protocol
is used.
– Between the networks, an exterior gateway protocol is used.
• Each network in an internetwork is independent of all the others. It is often referred to as an Autonomous System (AS).
96
Internetwork Routing
(a) An internetwork. (b) A graph of the internetwork.
97
Fragmentation
• Each network imposes maximum size on its packets. These limits have various causes:– Hardware (e.g., the size of an Ethernet frame).
– Operating system (e.g., all buffers are 512 bytes).
– Protocols (e.g., the number of bits I nthe packet length field).
– Compliance with some (inter)national standard.
– Desire to reduce error-induced retransmissions to some level.
– Desire to prevent one packet from occupying the channel too long.
98
Fragmentation• Maximum packet size is different in different networks
• Fragmentation deals with the cases when large packet sends to the network whose maximum packet size is small.
• Solutions:
– Use a routing algorithm that avoids to sending packets through networks that cannot handle it. Infeasible if the destination can handle large packets.
– Chop the large packet into small fragments and send fragments as individual internet packets.
99
Fragmentation• Reassemble at gateways:
– transparent to other networks
– high overhead - all packet must pass through the same exit gateway
– ATM
• Reassemble at the destination: – every fragment is treated as an internet packet
– smart end hosts (may not always be true)
– fragments must be numbered
– retransmission overhead (can be complicated).
– IP
100
Fragmentation
(a) Transparent fragmentation. (b) Nontransparent fragmentation.
101
Fragmentation
Fragmentation when the elementary data size is 1 byte.(a) Original packet, containing 10 data bytes.(b) Fragments after passing through a network with maximum
packet size of 8 payload bytes plus header.(c) Fragments after passing through a size 5 gateway.
102
IP Internet • Concatenation of Networks
• Protocol Stack
R2
R1
H4
H5
H3H2H1
Network 2 (Ethernet)
Network 1 (Ethernet)
H6
Network 3 (FDDI)
Network 4(point-to-point)
H7 R3 H8
R1
ETH FDDI
IPIP
ETH
TCP R2
FDDI PPP
IP
R3
PPP ETH
IP
H1
IP
ETH
TCP
H8
103
Example
H1 R1 R2 R3 H8
ETH IP (1400) FDDI IP (1400) PPP IP (512)
PPP IP (376)
PPP IP (512)
ETH IP (512)
ETH IP (376)
ETH IP (512)
Ident = x Offset = 0
Start of header
0
Rest of header
1400 data bytes
Ident = x Offset = 0
Start of header
1
Rest of header
512 data bytes
Ident = x Offset = 512
Start of header
1
Rest of header
512 data bytes
Ident = x Offset = 1024
Start of header
0
Rest of header
376 data bytes
• The router R2 has an MTU (Maximum Transfer Unit) of 532 bytes excluding the PPP header, which leaves 512 bytes for data after the 20-byte IP header.
104
The Network Layer in the Internet
• The IP Protocol
• IP Addresses
• Internet Control Protocols
• OSPF – The Interior Gateway Routing Protocol
• BGP – The Exterior Gateway Routing Protocol
• Internet Multicasting
• Mobile IP
• IPv6
105
Design Principles for Internet
1. Make sure it works.
2. Keep it simple.
3. Make clear choices.
4. Exploit modularity.
5. Expect heterogeneity.
6. Avoid static options and parameters.
7. Look for a good design; it need not be perfect.
8. Be strict when sending and tolerant when receiving.
9. Think about scalability.
10. Consider performance and cost.
106
The Network Layer in the Internet
• The Internet can be viewed as a collection of subnetworks or Autonomous Systems (AS).
• IP (Internet Protocol) hosts the whole Internet together.• Communication in the Internet works as follows:
– The transport layer takes data streams and breaks them up into datagrams. In theory, datagrams can be up to 64 Kbytes each, but in practice they are usually not more than 1500 bytes so they fit in one Ethernet frame.
– Each datagram is transmitted through the Internet.
– When all the pieces finally get to the destination machine, they are reassembled by the network layer, which inserts it into the receiving process’ input stream.
107
Collection of Subnetworks
The Internet is an interconnected collection of many networks.
108
The IP Protocol• Philosophy
– minimum functionality in the IP, smartness at the end system.
• What does IP do?
– Addressing and fragmentation (Internetworking).
– Routing provided by other protocols
• What does IP not do?
– congestion control
– error control
– resource management
109
IPv4 Header Format• Version – The IP version number, 4.
• Header length – The length of the datagram header in 32-bit words.
• Type of service – Contains five subfields that specify the precedence, delay, throughput, reliability, and cost desired for a packet. (The Internet does not guarantee this request.) This field is not widely used on the Internet.
• Total length – The length of the datagram in bytes including the header, options, and the appended transport protocol segment or packet. The maximum length is 65535 bytes.
• Identification – An integer that identifies the datagram.
• DF – Don’t fragment
110
IPv4 header format• MF – More Fragments. All fragments except the last one have
this bit set.
• Fragment offset – The relative position of this fragment measured from the beginning of the original datagram in units of 8 bytes.
• Time to live – How many routers a datagram can pass through. Each router decrements this value by 1 until it reaches 0 when the datagram is discarded. This keeps misrouted datagrams from remaining on the Internet forever.
• Protocol – The high-level protocol type.
111
IPv4 header format• Header checksum – A number that is computed to ensure the
integrity of the header values.
• Source address – The 32-bit IPv4 address of the sending host.
• Destination address – The 32-bit IPv4 address of the receiving host.
• Options – A list of optional specifications for security restrictions, route recording, and source routing. Not every datagram specifies an options field.
• Padding – Null bytes which are added to make the header length an integral multiple of 32 bytes as required by the header length field.
112
The IP Protocol
The IPv4 (Internet Protocol) header.
113
The IP Protocol
Some of the IP options.
5-54
• http://www.iana.org/assignments/ip-parameters
114
IP Addresses• An IP address really refers to a network interface, so if a hosts
are on two network, it must have two IP addresses.
• Traditionally, IP addresses were divided into the five categories: A, B, C, D, E.
• Network numbers are managed by a nonprofit corporation called ICANN (Internet Corporation for Assigned Names and Numbers) to avoid conflicts.
• Network address, which are 32-bit numbers, are usually written in dotted decimal notation. In this format, each of the 4 bytes is written in decimal, from 0 to 255, usually beginning with the network address and ending in the host address.
– For example, the 32-bit hexadecimal address C0290614 is written as 192.41.6.20.
115
IP Addresses
IP address formats.
116
IP Addresses
• The value 0 means this network or this host. The value of -1 (all 1s) is used as a broadcast address to mean all hosts on the indicated network.
• 0.0.0.0 is used by hosts when booted. • IP addresses with 0 as network number refer to the
current network. 156.26.10.0.
• 255.255.255.255 broadcast on local network
• The addresses with a network number and all 1s in the host field allow machines to broadcast to remote LANs.
• 127.0.0.1, loopback
117
IP Addresses
Special IP addresses.
118
IP Addresses• dig - DNS lookup utility
cs742@kirk:~$ dig www
; <<>> DiG 9.2.1 <<>> www;; global options: printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28011;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:;www. IN A
;; AUTHORITY SECTION:. 10800 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-
GRS.COM. 2003110201 1800 900 604800 86400
;; Query time: 139 msec;; SERVER: 156.26.10.130#53(156.26.10.130);; WHEN: Sun Nov 2 21:32:40 2003;; MSG SIZE rcvd: 96
119
IP Addresses• nslookup – query Internet name servers interactivelycs742@kirk:~$ nslookup www.wichita.edu
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 156.26.10.130
Address: 156.26.10.130#53
www.wichita.edu canonical name = BLANCA.wichita.edu.
Name: BLANCA.wichita.edu
Address: 156.26.1.160
• Find out the address in Windows: ipconfig/all
120
Subnets• Problem: When a company grows, it may need to
change network class.– solution: subnets
– The main router needs a subnet mask that indicates the split between network + subnet number and host.
– Using the bitwise AND operation on the IP address and the subnet mask produces the subnet number.
• e.g.: machine 156.26.10.239 (kirk) subnet mask: 255.255.255.128 subnet number: 156.26.10.128.
– All hosts on the same subnet share the same subnet mask
– Effectively created a three layers structure.
– Example: WSU 156.26.xxx.yyy, subnet mask 255.255.255.0, WSU CS 156.26.10.xxx.
121
Subnets
A campus network consisting of LANs for various departments.
122
Subnets
A class B network subnetted into 64 subnets.
• Instead of having a single class B address (14 bits for the network number and 16 bits for the host number), some bits are take way from the host number to crate a subnet number.
• For example, use a 6-bit subnet number and a 10-bit host number. The subnet mask is 255.255.252.0 or /22.
• Subnet addresses: 156.26.4.1, 156.26.8.1, 156.26.12.1, etc.
123
CIDR – Classless InterDomain Routing
• Running out of IP addresses• class C is too small; class B is too large (more than half
of the class B networks have fewer than 50 hosts) • CIDR (Classless InterDomain Routing) allows to
allocate IP address with a variable-sized block (contiguous network numbers to nearby networks), with no regard to the classes.
• The routing becomes more complicated.
124
Supernetting (CIDR)
• Represent blocks with a single pair:– Restrict block sizes to powers of 2
– Use a bit mask (CIDR mask) to identify block size– <base address, count> <192.15.32.0, 1024>– base address/mask 192.15.32.0/255.255.252.0
– base address/bits of network part 192.15.32.0/22
– All routers must understand CIDR addressing
125
CDR – Classless InterDomain Routing
A set of IP address assignments.
5-59
126
Packet Forwarding
$ netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
156.26.10.128 0.0.0.0 255.255.255.128 U 40 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1
0.0.0.0 156.26.10.129 0.0.0.0 UG 40 0 0 eth0
$ ping kirk
PING kirk.cs.twsu.edu (156.26.10.239): 56 data bytes
127
Subnet Example
Forwarding table at router R1Subnet Number Subnet Mask Next Hop
156.26.10.0 255.255.255.192 interface 0
156.26.10.128 255.255.255.128 interface 1
156.26.0.0 255.255.0.0 R2
Subnet mask: 255.255.255.192Subnet number: 156.26.10.0
156.26.10.41 (bugs) 156.26.10.1
H1R1
156.26.10.129Subnet mask: 255.255.255.128Subnet number: 156.26.10.128
156.26.10.130156.26.10.239 (kirk)
R2H2
156.26.1.10156.26.1.160
Subnet mask: 255.255.0.0Subnet number: 156.26.0.0
H3
128
Packet Forwarding • Strategy
– every datagram contains destination’s address– if directly connected to destination network, then forward to
host– if not directly connected to destination network, then forward
to some router– forwarding table maps network number into next hop– each host has a default router– each router maintains a forwarding table
• Example Network Number Next Hop 1 R3 2 R1 3 interface 1 4 interface 0
129
NAT – Network Address Translation
• An ISP usually has a class B address (65534 addresses). • When the number of customers is more than that
– Dynamically allocate the IP address to active users, and take it back after the session is terminated
– But business costumers (connected to LAN) and home users (via DSL or cable modem) want to stay on line continuously.
• Long term solution IPv6: it will take years to finish the transition from v4 to v6.
130
NAT – Network Address Translation
• Quick fix NAT (Network Address Translation)– The basic idea is to assign an IP address to each company
– Within the company, every computer has a unique IP address, used to route the internal traffic. Some IP addresses are reserved. The companies can use them freely, as long as they don’t appear on the Internet.
• 10.0.0.0 –10. 255.255.255/8 (16,777,216 hosts)
• 172.16.0.0 – 172.31.255.255/12 (1,048,576 hosts)
• 192.168.0.0 – 192.168.255.255/16 (65,536 hosts)
– When packet exit the company, address translation takes place
131
NAT – Network Address Translation
• The objections:– NAT violates the architectural model of IP, which states that
every IP address uniquely identifies a single machine worldwide.
– NAT changes the Internet from a connectionless network to a kind of connection-oriented network.
– NAT violates the most fundamental rule of protocol layering.
– Processes on the Internet are not required to use TCP or UDP.
– Some applications insert IP addresses in the body of the text.
– Since the TCP source port field is 16 bits, at most 65,536 machines can be mapped onto an IP address.
132
NAT – Network Address Translation
Placement and operation of a NAT box.
133
Internet Control Message Protocol• The control messages
– destination unreachable – time exceeded: TTL zero, (wandering to too long) – parameter problem: header invalid– source quench, too much packets (choke packet) – fragmentation required: MTU too small.
• for information messages: – echo request/reply– timestamp request/reply
• Two programs that use the ICMP protocol:– ping and traceroute
• IP invokes ICMP to report errors.
134
Internet Control Message Protocol
The principal ICMP message types.
5-61
135
ARP– The Address Resolution Protocol• ARP: Address Resolution Protocol
– find out the Ethernet address for an IP address
– a host broadcast to everyone asking “who owns IP address xxx.xxx.xxx.xxx”
– The host with that IP address response with its Ethernet address.
• RARP: Reverse Address Resolution Protocol– Find out a host’s IP address.
– The host broadcast to everyone asking “My Ethernet address is xx:xx:xx:xx:xx:xx, who knows my IP address?”
– The RARP server looks up the configuration file and reply with its IP address.
136
ARP– The Address Resolution Protocol
Three interconnected /24 networks: two Ethernets and an FDDI ring.
137
ARP– The Address Resolution Protocol• ARP - manipulate the system ARP cachecs742@kirk:~$ /usr/sbin/arp -a
sisko.cs.wichita.edu (156.26.10.231) at 00:90:27:72:4C:ED [ether] on eth0
giskard.cs.wichita.edu (156.26.10.230) at 00:40:63:CA:BD:6C [ether] on eth0
post.cs.wichita.edu (156.26.10.173) at 00:E0:29:06:CB:13 [ether] on eth0
byerly.cs.wichita.edu (156.26.10.235) at 00:C0:F0:17:73:95 [ether] on eth0
seldon.cs.wichita.edu (156.26.10.134) at 00:C0:F0:31:E1:9F [ether] on eth0
baley-pink.cs.wichita.edu (156.26.10.160) at 00:C0:F0:4C:DD:29 [ether] on eth0
bentley.cs.wichita.edu (156.26.10.131) at 00:C0:F0:17:05:A0 [ether] on eth0
data-pink.cs.wichita.edu (156.26.10.130) at 00:50:BA:07:33:35 [ether] on eth0
kira.cs.wichita.edu (156.26.10.236) at 00:C0:F0:30:DC:8F [ether] on eth0
ozpink.cs.wichita.edu (156.26.10.129) at 00:C0:F0:31:E1:B6 [ether] on eth0
spock.cs.wichita.edu (156.26.10.149) at 00:E0:81:20:E6:06 [ether] on eth0
138
Dynamic Host Configuration Protocol• BOOTP (Bootstrap Protocol) is a protocol that lets a
network user be automatically configured (receive an IP address) and have an operating system booted (initiated) without user involvement. – Needs manually configuration (a table to map MAC to IP
address)
• DHCP (Dynamic Host Configuration Protocol) is a communications protocol that lets network administrators manage centrally and automate the assignment of IP addresses in an organization's network. – It is not necessary to have one DHCP server on each network
but a DHCP relay agent is needed on each LAN.
139
Dynamic Host Configuration Protocol
Operation of DHCP.
140
The Interior Gateway Routing Protocol
• Two-level routing:– interior gateway protocol – a routing algorithm
within an AS.– exterior gateway protocol – a routing algorithm
between Ases.
• RIP (Route Information Protocol)– distance-vector algorithm– based on hop-count– Slow convergence– Replaced in May 1979 by a link state protocol
141
OSPF – The Interior Gateway Routing Protocol
• Design goals of OSPF (Open Shortest Path First):1. The algorithm should be published in the open literature.
2. It should support a variety of distance metrics.
3. It had to be a dynamic algorithm
4. It had to support routing based on type of service.
5. It had to do load balancing.
6. It supports for hierarchical systems.
7. Some security was required.
8. It is able to deal with routers connected to the Internet via a tunnel.
142
OSPF – The Interior Gateway Routing Protocol
• OSPF supports three kinds of connections and networks:1. Point-to-pint lines between exactly two routers.2. Multiaccess networks with broadcasting (e.g., most
LANs.)3. Multiaccess networks without broadcasting (e.g., most
packet-switched WANs).
• A multiaccess network is one that can have multiple routers on it, each of which can directly communicate with all the others.
• OSPF represents the actual network as a graph like this and then compute the shortest path from every router to every other router.
143
OSPF – The Interior Gateway Routing Protocol
(a) An autonomous system. (b) A graph representation of (a).
144
OSPF – The Interior Gateway Routing Protocol
• OSPF allows ASes to be divided into numbered areas, where an area is a network or a set of contiguous networks.
• Every AS has a backbone area (area 0). All areas are connected to the backbone.
• OSPF distinguishes four classes of routers:– Internal routers are wholly within one area.
– Area border routers connect two or more areas.
– Backbone routers are on the backbone
– AS boundary routers talk to routers in other ASes.
145
OSPF
The relation between ASes, backbones, and areas in OSPF.
146
OSPF
The five types of OSPF messeges.
5-66
147
BGP – The Exterior Gateway Routing Protocol
• BGP (Border Gateway Protocol) is a protocol for exchanging routing information between gateway hosts (each with its own router) in a network of autonomous systems.
• BGP have been designed to allow many kinds of routing policies to be enforced in the interAS traffic.
148
BGP – The Exterior Gateway Routing Protocol
• Exterior gateway protocol routers have to worry about politics (security, billing, etc.)– BGP (Border Gateway Protocol) is essentially a
distance vector protocol.– But keep track of entire path.– Discard the route through itself solve count-to-
infinity.– Select route based on the distance (score). Any route
violating polices has infinite score and is discarded as it pass F.
149
BGP – The Exterior Gateway Routing Protocol
(a) A set of BGP routers. (b) Information sent to F.
150
Internet Multicating
• IP supports multicasting, using class D addresses.• Two kinds of the group addresses are supported:
– Permanent groups: • 224.0.0.1: all system on a LAN• 224.0.0.2: all routers on a LAN• 224.0.0.5: all OSPF routers on a LAN• 224.0.0.6: all designated OSPF routers on a LAN
– Temporary groups must be created before used.• The query and response packets sent and received by
multicast routers are called IGMP (Internet Group Management Protocol). It has two kinds of packets: query and response.
• Multicasting routing is done using spanning tree.
151
Mobile IP
• How to send packets to a machine that is moving?– New IP address? Too much hassle.– Routers use complete IP address for routing:
• Current routing is based on the network address.
• The major goals of Mobile IP:– Each mobile host must be able to use its home IP address
anywhere.– Software changes to the fixed hosts were not permitted.– Changes to the router software and tables were not permitted.– Most packets for mobile hosts should not make detours on
the way.– No overhead should be incurred when a mobile host is at
home.
152
Mobile IP
• Solution:– Home agent, remote agent.– The remote agent tells the home agent the new
location of the mobile station.– Packets go to home agent initially– Home agent tunnels the packets to the remote agent
and informs the sources of the remote agent– the source sends (tunneling) directly to the remote
agent.
153
What is IPv6?
• IPv6 stands for "Internet Protocol Version 6“ and is also referred to as IPng (IP next generation).
• IPv6 is the protocol designed by the IETF (The Internet Engineering Task Force) to replace the current version Internet Protocol, IP Version 4 (IPv4).
• The core set of IPv6 protocols were made an IETF Draft Standard on August 10, 1998.
• For more information about IPv6, refer to http://www.ipv6.org/.
154
Why is IPv6? More Addresses!• IP address allocation history:
1981 ~ IPv4 protocol published1985 ~ 1/16 total space1990 ~ 1/8 total space1995 ~ 1/4 total space2000 ~ 1/2 total space
• More addresses are needed despite increasingly intense conservation efforts– CIDR (classless inter-domain routing)– PPP address sharing– NAT (network address translation)
• Theoretical limit of 32-bit space: ~4 billion devicesPractical limit of 32-bit space: ~250 million devices
155
IPv6• IPv6 major goals were:
– Support billions of hosts, even with inefficient address space allocation.
– Reduce the size of the routing tables.– Simplify the protocol, to allow routers to process packets
faster.– Provide better security (authentication and privacy) than
current IP.– Pay more attention to type of service, particularly for real-time
data. – Aid multicasting by allowing scopes to be specified.– Make it possible for a host to roam without changing its
address.– Allow the protocol to evolve in the future.– Permit the old and new protocols to coexist for years.
156
IPv6
• SIPP (Simple Internet Protocol Plus) was selected and given the designation IPv6.
• The main features of IPv6:– IPv6 has longer addresses than IPv4.
– Improved header processing with better support for options and enhanced routing functionality
– Auto-configuration
– Better security support
– Better support for Quality of Service (QoS)
157
What’s new in IPv6• Bigger Address Space
– 128 bits: solving the address shortage issue: 232 (4.2 billion) to 2128 (340 undecillion or 3.4 x 1038)
– There are enough IPv6 address to assign • 1 million networks per human• A separate IPv6 address on every square inch of every
planet in the solar system• Improved Header Processing and Enhanced routing
functionality– Redefinition of IP options in header (7 versus 13 in IPv4)
• Format is improved for quicker processing• Some fields are classified such that they may be ignored by
intermediate nodes– Inclusion of flow label– Elimination of checksum (let higher layer to compute their
own checksum) – Enhanced routing functionality such as roaming a host
158
What’s new in IPv6
• Auto-configuration– Reduced Administrative Overhead
• Much of the administrative load for IPv4 nodes involves allocating and managing their IPv4 addresses
• IPv6 nodes are able to configure their addresses automatically (Plug and play)
– Support renumbering• Experience has shown that Internet nodes don’t keep the
same IP address for their life time• A network (e.g., an enterprise intranet) will need renumber
based on topology change (wholesale reconnection to another ISP)
• An IPv6 node discovers the need for configuring a new IPv6 address for itself.
159
What’s new in IPv6• Better security support
– Reduced Administrative Overhead• Much of the administrative load for IPv4 nodes involves
allocating and managing their IPv4 addresses• IPv6 nodes are able to configure their addresses
automatically (Plug and play)
• Support renumbering– Experience has shown that Internet nodes don’t keep the same
IP address for their life time– A network (e.g., an enterprise intranet) will need renumber
based on topology change (wholesale reconnection to another ISP)
– An IPv6 node discovers the need for configuring a new IPv6 address for itself.
160
Why isn't IPv6 here now?
• Why isn't IPv6 here now? – The situation of lack of address spaces are different
in different countries.– Some transition solutions such as NAT (Network
Address Translation) are there.– There are still not so many applications available for
IPv6. – But mobile phones have pushed fast deployment of
IPv6.
161
The Main IPv6 Header
The IPv6 fixed header (required).
162
The Main IPv6 Header• Version. 4 bits. - IPv6 version number.• Traffic Class. 8 bits. - Internet traffic priority delivery
value.• Flow Label. 20 bits. - Used for specifying special
router handling from source to destination(s) for a sequence of packets.
• Payload Length. 16 bits, unsigned. - Specifies the length of the data in the packet. When set to zero, the option is a hop-by-hop Jumbo payload.
• Next Header. 8 bits. - Specifies the next encapsulated protocol. The values are compatible with those specified for the IPv4 protocol field.
163
The Main IPv6 Header
• Hop Limit. 8 bits, unsigned. -For each router that forwards the packet, the hop limit is decremented by 1. When the hop limit field reaches zero, the packet is discarded. This replaces the TTL field in the IPv4 header that was originally intended to be used as a time based hop limit.
• Source address. 16 bytes. - The IPv6 address of the sending node.
• Destination address. 16 bytes. -The IPv6 address of the destination node.
164
How Was IPv6 Address Size Chosen?
• Some wanted fixed-length, 64-bit addresses– easily good for 1012 sites, 1015 nodes, at .0001 allocation
efficiency– minimizes growth of per-packet header overhead– efficient for software processing
• Some wanted variable-length, up to 160 bits– compatible with OSI NSAP addressing plans– big enough for auto-configuration using IEEE 802
addresses– could start with addresses shorter than 64 bits & grow later
• Settled on fixed-length, 128-bit addresses(340,282,366,920,938,463,463,374,607,431,768,211,456 in
all!)
165
IPv6 Addresses• Classless addressing/routing (similar to CIDR)• Notation: x:x:x:x:x:x:x:x (x = 16-bit hex number)
– Contiguous 0s are compressed: 47CD::A456:0124 = 47CD:0000:0000:0000:0000:0000:A456:0124
– IPv6 compatible IPv4 address: ::128.42.1.87
• Address assignment– provider-based (can’t change provider easily)
– Geographic
• IPv6 has many different kinds of addresses– unicast, anycast, multicast, loopback, IPv4-embedded, care-of,
manually-assigned, DHCP-assigned, self-assigned, solicited-node, and more.
– One simplification: no broadcast addresses in IPv6! – uses multicast to achieve same effects
166
Prefix0000 00000000 00010000 0010000 0100000 0110000 1000100101001110010111011101111 01111 101111 1101111 1110 01111 1110 101111 1110 111111 1111
UseReservedUnassignedReserved for NSAP AllocationReserved for IPX AllocationUnassignedUnassignedUnassignedUnassignedProvider-Based Unicast Address IPV4-likeUnassignedReserved for Geographic-Based Unicast Addresses UnassignedUnassignedUnassignedUnassignedUnassignedUnassignedUnassignedLink Local Use Addresses no global uniquenessSite Local Use Addresses no global uniquenessMulticast Addresses
167
IPv6 – Multicast and Anycast
• IPv6 describes rules for three types of addressing: unicast (one host to one other host), anycast (one host to at least one of multiple hosts), and multicast (one host to multiple hosts).
• The introduction of an "anycast" address provides the possibility of sending a message to the nearest of several possible gateway hosts with the idea that any one of them can manage the forwarding of the packet to others.
• Anycast messages can be used to update routing tables along the line.
168
IP version 6 – Future Evolution
• The next header field provides for future evolution.• If non-zero, it specifies an extension header type in
the packet.• The extension header types include the services for
router information, route definition, fragment handling, authentication, encryption information, and destination information.
• Each extension header type has a specific size and format and is transmitted after the basic header and before the payload.
169
Extension Headers
IPv6 extension headers.
5-69
170
Extension Headers
The hop-by-hop extension header for large datagrams (jumbograms).
The extension header for routing.
171
IPv6 Security and Evolution
• The advantage of implementing security at the IP level is that it can be applied without the need for security-aware implementations of application programs.
• Security in IPv6 is implemented through the authentication and encrypted security payload extension header types , for ensuring data integrity, and for ensuring privacy.
• Instead, isolated “island” of IPv6 will converted, initially communicating via tunnels. As the IPv6 islands grow, they will merge into bigger islands. Eventually, all the islands will merge, and the Internet will be fully converted.