79routing tutorial nov2010

7/27/2019 79routing Tutorial Nov2010

1/122

1

Tutorial on Network Layers 2 and 3

Radia PerlmanIntel Labs

([email protected])


2/122

2

Why?

Demystify this portion of networking, sopeople dont drown in the alphabet soup

Think about these things criticallyN-party protocols are the most interesting Lots of issues are common to other layersYou cant design layer n withoutunderstanding layers n-1 and n+1


3/122

3

What can we do in 1 hours?

Understand the concepts Understand various approaches, and

tradeoffs, and where to go to learn more A little of the history: without this, its hard

to really grok why things are the way they

are


4/122

4

Outline

layer 2 issues: addresses, multiplexing,bridges, spanning tree algorithm

layer 3: addresses, neighbor discovery,connectionless vs connection-orientedRouting protocols

Distance vector Link state Path vector


5/122

5

Why this whole layer 2/3 thing?

Myth: bridges/switches simpler devices,designed before routers

OSI Layers1: physical


6/122

6



OSI Layers1: physical2: data link (nbr-nbr, e.g., Ethernet)


7/122

7



OSI Layers1: physical2: data link (nbr-nbr, e.g., Ethernet)3: network (create entire path, e.g., IP)


8/122

8



OSI Layers1: physical2: data link (nbr-nbr, e.g., Ethernet)3: network (create entire path, e.g., IP)4 end-to-end (e.g., TCP, UDP)


9/122

9



OSI Layers1: physical2: data link (nbr-nbr, e.g., Ethernet)3: network (create entire path, e.g., IP)4 end-to-end (e.g., TCP, UDP)5 and above: boring


10/122

10

Definitions

Repeater: layer 1 relay


11/122

11

Definitions

Repeater: layer 1 relay Bridge: layer 2 relay


12/122

12

Definitions

Repeater: layer 1 relay Bridge: layer 2 relay Router: layer 3 relay


13/122

13

Definitions

Repeater: layer 1 relay Bridge: layer 2 relay Router: layer 3 relay OK: What is layer 2 vs layer 3?


14/122

14

Definitions

Repeater: layer 1 relay Bridge: layer 2 relay Router: layer 3 relay OK: What is layer 2 vs layer 3?

The right definition: layer 2 is neighbor-neighbor. Relays should only be in layer 3!


15/122

15

Definitions

Repeater: layer 1 relay Bridge: layer 2 relay Router: layer 3 relay OK: What is layer 2 vs layer 3? True definition of a layer n protocol:

Anything designed by a committee whosecharter is to design a layer n protocol


16/122

16

Layer 3 (e.g., IPv4, IPv6, DECnet,

Appletalk, IPX, etc.) Put source, destination, hop count on packet Then along came the EtherNET

rethink routing algorithm a bit, but its a link not aNET!

The world got confused. Built on layer 2 I tried to argue: But you might want to talk from

one Ethernet to another! Which will win? Ethernet or DECnet?


17/122

17

Layer 3 packet

data

Layer 3 header

source dest hops


18/122

18

Ethernet packet

data

Ethernet header

source dest


19/122

19

Ethernet (802) addresses

Assigned in blocks of 224Given 23-bit constant (OUI) plus g/i bit

all 1s intended to mean broadcast

OUI

global/local admingroup/individual


20/122

20

Its easy to confuse Ethernet with

network Both are multiaccess clouds But Ethernet does not scale. It cant replace IP as

the Internet Protocol

Flat addressesNo hop count Missing additional protocols (such as neighbor

discovery)

Perhaps missing features (such as fragmentation, errormessages, congestion feedback)


21/122

21

So where did bridges come from?


22/122

22

Problem Statement

Need something that will sit between two Ethernets, and

let a station on one Ethernet talk to another

A C


23/122

23

Basic idea

Listen promiscuously Learn location of source address based on

source address in packet and port fromwhich packet received

Forward based on learned location ofdestination


24/122

24

Whats different between this and

a repeater? no collisions with learning, can use more aggregate

bandwidth than on any one link no artifacts of LAN technology (# of

stations in ring, distance of CSMA/CD)


25/122

25

But loops are a disaster

No hop count Exponential proliferation

B1 B2 B3

S


26/122

26



B1 B2 B3

S


27/122

27



B1 B2 B3

S


28/122

28



B1 B2 B3

S


29/122

29



B1 B2 B3

S


30/122

30

What to do about loops?

Just say dont do that Or, spanning tree algorithm

Bridges gossip amongst themselvesCompute loop-free subsetForward data on the spanning treeOther links are backups


31/122

31

Algorhyme

I think that I shall never seeA graph more lovely than a tree.

A tree whose crucial property

Is loop-free connectivity.

A tree which must be sure to spanSo packets can reach every LAN.

First the Root must be selectedBy ID it is elected.

Least cost paths from Root are tracedIn the tree these paths are placed.

A mesh is made by folks like me.Then bridges find a spanning tree.

Radia Perlman


32/122

32

93

4

11

7

10

14

2

5

6

A

X


33/122

33

93

4

11

7

10

14

2

5

6

A

X


34/122

34

93

4

11

7

10

14

2

5

6

A

X


35/122

35

Bother with spanning tree?

Maybe just tell customers dont do loops First bridge sold...


36/122

36

First Bridge Sold

A C


37/122

37

So Bridges were a kludge,

digging out of a bad decision Why are they so popular?

plug and play

simplicity

high performance Will they go away?

because of idiosyncracy of IP, need it for lowerlayer.


38/122

38

Note some things about bridges

Certainly dont get optimal source/destination paths

Temporary loops are a disasterNo hop countExponential proliferation

But they are wonderfully plug-and-play


39/122

39

So what is Ethernet?

CSMA/CD, right? Not any more, really... source, destination (and no hop count) limited distance, scalability (not any more,

really)


40/122

40

Switches

Ethernet used to be bus Easier to wire, more robust if star (one huge

multiport repeater with pt-to-pt links If store and forward rather than repeater,

and with learning, more aggregate

bandwidth

Can cascade devicesdo spanning tree Were reinvented the bridge!


41/122

41

Basic idea of a packet

Destination address

Source address

data


42/122

42

When I started

Layer 3 had source, destination addresses Layer 2 was just point-to-point links

(mostly) If layer 2 is multiaccess, then need two

headers:

Layer 3 has ultimate source, destinationLayer 2 has next hop source, destination


43/122

43

Hdrs inside hdrs

R1

R2 R3

S D

As transmitted by S? (L2 hdr, L3 hdr)

As transmitted by R1?

As received by D?


44/122

44

Hdrs inside hdrs

R1

R2 R3

S D

S:

Layer 2 hdr Layer 3 hdr

Dest=

Source=

Dest=D

Source=S


45/122

45

Hdrs inside hdrs

R1

R2 R3

S D

R1:


Dest=

Source=

Dest=D

Source=S


46/122

46

Hdrs inside hdrs

R1

R2 R3

S D

R2:


Dest=D

Source=S


47/122

47

Hdrs inside hdrs

R1

R2 R3

S D

R3:


Dest=

Source=

Dest=D

Source=S


48/122

48

What designing layer 3 meant

Layer 3 addresses Layer 3 packet format (IP, DECnet)

Source, destination, hop count, A routing algorithm

Exchange information with your neighborsCollectively compute routes with all rtrsCompute a forwarding table


49/122

49

Network Layer

connectionless fans designed IPv4, IPv6,CLNP, IPX, AppleTalk, DECnet

Connection-oriented reliable fans designedX.25

Connection-oriented datagram fansdesigned ATM, MPLS


50/122

50

Pieces of network layer

interface to network: addressing, packetformats, fragmentation and reassembly,

error reports

routing protocols autoconfiguring addresses/nbr discovery/

finding routers


51/122

51

Connection-oriented Nets

S

A

R1

R2

R3

R4

R5

D

3

4

7

2

4

3

1

2

3

(3,51)=(7,21)(4,8)=(7,92)

(4,17)=(7,12)

(2,12)=(3,15)

(2,92)=(4,8)

(1,8)=(3,6)(2,15)=(1,7)VC=8, 92, 8, 6

8

92

8

6


52/122

52

Lots of connection-oriented

networks X.25: also have sequence number and ack

number in packets (like TCP), and layer 3

guarantees delivery

ATM: datagram, but fixed size packets (48bytes data, 5 bytes header)


53/122

53

MPLS (multiprotocol label

switching) Connectionless, like MPLS, but arbitrary

sized packets

Add 32-bit hdr on top of IP pkt20 bit labelHop count (hooray!)


54/122

54

Hierarchical connections (stacks of

MPLS labels)

R1

R2

S1

S8

S6

S9

S5

S2

S4

S3

D2

D1

D8

D2 D9

D3

D5D4

Routers in backbone only need to know about

one flow: R1-R2


55/122

55

MPLS

Originally for faster forwarding thanparsing IP header

later traffic engineering

classify pkts based on more than destinationaddress


56/122

56

Connectionless Network Layers

Destination, source, hop count Maybe other stuff

fragmentation

options (e.g., source routing) error reports special service requests (priority, custom routes) congestion indication

Real diff: size of addresses


57/122

57

Addresses

802 address flat, though assigned withOUI/rest. No topological significance

layer 3 addresses: locator/node :topologically hierarchical address

interesting difference: IPv4, IPv6, IPX, AppleTalk: locator specific to

a linkCLNP, DECnet: locator area, whole campus


58/122

58

Hierarchy within Locator

Assume addresses assigned so that within a circleeverything shares a prefix

Can summarize lots of circles with a shorter prefix

27*23*

2428*

2*

279* 272*


59/122

59

New topic: Routing Algorithms


60/122

60

Distributed Routing Protocols

Rtrs exchange control info Use it to calculate forwarding table Two basic types

distance vector link state


61/122

61

Distance Vector

Knowyour own ID

how many cables hanging off your box

cost, for each cable, of getting to nbrj

k

m

n

cost 3

cost 2

cost 2

cost 7I am 4


62/122

62

j

k

m

n

cost 3

cost 2

cost 2

cost 7I am 4

distance vector rcvd from cable j

distance vector rcvd from cable k

distance vector rcvd from cable m

distance vector rcvd from cable n

your own calculated distance vector

your own calculated forwarding table

12 3 15 3 12 5 3 18 0 7 15

5 8 3 2 10 7 4 20 5 0 15

0 5 3 2 19 9 5 22 2 4 7

6 2 0 7 8 5 118 12 3 2

2

m

6

j

5

m

0

0

12

k

8

j

6

k/j

cost 3

cost 2

cost 2

cost 7

19

n

3 ?

j ?

?

?


63/122

63

j

k

m

n

cost 3

cost 2

cost 2

cost 7I am 4







12 3 15 3 12 5 3 18 0 7 15

5 8 3 2 10 7 4 20 5 0 15

0 5 3 2 19 9 5 22 2 4 7

6 2 0 7 8 5 118 12 3 2

2

m

6

j

5

m

0

0

12

k

8

j

6

k/j

cost 3

cost 2

cost 2

cost 7

19

n

3 ?

j ?

?

?


64/122

64

j

k

m

n

cost 3

cost 2

cost 2

cost 7I am 4







12 3 15 3 12 5 3 18 0 7 15

5 8 3 2 10 7 4 20 5 0 15

0 5 3 2 19 9 5 22 2 4 7

6 2 0 7 8 5 118 12 3 2

2

m

6

j

5

m

0

0

12

k

8

j

6

k/j

cost 3

cost 2

cost 2

cost 7

19

n

3 ?

j ?

?

?


65/122

65

j

k

m

n

cost 3

cost 2

cost 2

cost 7I am 4







12 3 15 3 12 5 3 18 0 7 15

5 8 3 2 10 7 4 20 5 0 15

0 5 3 2 19 9 5 22 2 4 7

6 2 0 7 8 5 118 12 3 2

2

m

6

j

5

m

0

0

12

k

8

j

6

k/j

cost 3

cost 2

cost 2

cost 7

19

n

3 ?

j ?

?

?


66/122

66

j

k

m

n

cost 3

cost 2

cost 2

cost 7I am 4







12 3 15 3 12 5 3 18 0 7 15

5 8 3 2 10 7 4 20 5 0 15

0 5 3 2 19 9 5 22 2 4 7

6 2 0 7 8 5 118 12 3 2

2

m

6

j

5

m

0

0

12

k

8

j

6

k/j

cost 3

cost 2

cost 2

cost 7

19

n

3 ?

j ?

?

?


67/122

67

j

k

m

n

cost 3

cost 2

cost 2

cost 7I am 4







12 3 15 3 12 5 3 18 0 7 15

5 8 3 2 10 7 4 20 5 0 15

0 5 3 2 19 9 5 22 2 4 7

6 2 0 7 8 5 118 12 3 2

2

m

6

j

5

m

0

0

12

k

8

j

6

k/j

cost 3

cost 2

cost 2

cost 7

19

n

3 ?

j ?

?

?


68/122

68

Looping Problem

A B C


69/122

69

Looping Problem

A B C

012

Cost to C


70/122

70

Looping Problem

A B C

012

Cost to C

direction

towards Cdirection

towards C


71/122

71

Looping Problem

A B C

012

Cost to C

What is Bs cost to C now?


72/122

72

Looping Problem

A B C

012

Cost to C

3


73/122

73

Looping Problem

A B C

012

Cost to C

3

direction

towards Cdirection

towards C


74/122

74

Looping Problem

A B C

012

Cost to C

34

direction

towards Cdirection

towards C


75/122

75

Looping Problem

A B C

012

Cost to C

34

5

direction

towards Cdirection

towards C


76/122

76

Looping Problem

worse with high connectivity

Q Z B A C N M VH


77/122

77

Split Horizon: one of several

optimizationsDont tell neighbor N you can reach D if youd forward to D through N

A B C

A B

C

D


78/122

78

Link State Routing

meet nbrs Construct Link State Packet (LSP)

who you are list of (nbr, cost) pairs

Broadcast LSPs to all rtrs (a miracle occurs) Store latest LSP from each rtr Compute Routes (breadth first, i.e., shortest path

firstwell known and efficient algorithm)


79/122

79

A B C

D E F

G

6 25

1

2122 4

A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1


80/122

80

Computing Routes

Edsgar Dijkstras algorithm: calculate tree of shortest paths from self to each also calculate cost from self to each Algorithm:

step 0: put (SELF, 0) on tree step 1: look at LSP of node (N,c) just put on tree. If

for any nbr K, this is best path so far to K, put (K, c

+dist(N,K)) on tree, child of N, with dotted line

step 2: make dotted line with smallest cost solid, goto step 1


81/122

81

Look at LSP of new tree node

A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

G(5)


82/122

82

Make shortest TENT solid

A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

G(5)


83/122

83

Look at LSP of newest tree node

A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

G(5)

E(4) G(3)


84/122

84


A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(4) G(3)


85/122

85


A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)A(8)


86/122

86


A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)A(8)


87/122

87


A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)

A(8)

D(5)


88/122

88


A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)

A(8)

D(5)


89/122

89

Look at newest tree nodes LSP

A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)

A(8)

D(5)


90/122

90


A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)

A(8)

D(5)


91/122

91

Look at newest nodes LSP

A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)A(8)

D(5)

A(7)


92/122

92


A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)

D(5)

A(7)


93/122

93

Were done!

A

B/6

D/2

B

A/6

C/2

E/1

C

B/2

F/2

G/5

D

A/2

E/2

E

B/1

D/2

F/4

F

C/2

E/4

G/1

G

C/5

F/1

C(0)

B(2)F(2)

E(3) G(3)

D(5)

A(7)


94/122

94

A miracle occurs

First link state protocol: ARPANET I wanted to do something similar for

DECnet

My manager said Only if you can proveits stable

Given a choice between a proof and acounterexample


95/122

95

Routing Robustness

This failure mode actually occurred in theARPANET

I designed self-stabilizing link state protocolbut only after sick/evil node gone

IS-IS and OSPF do it self-stabilizing My thesis: robust even if some of the routers are

evil. More than securing the routingprotocol: it

deals with packet delivery


96/122

96

Distance vector vs link state

Memory: distance vector wins (but memory ischeap)

Computation: debatable Simplicity of coding: simple distance vector wins.

Complex new-fangled distance vector, no

Convergence speed: link state Functionality: link state; custom routes, mapping

the net, troubleshooting, sabotage-proof routing


97/122

97

Specific Routing Protocols

Interdomain vs Intradomain Intradomain:

link state (OSPF, IS-IS)distance vector (RIP)

InterdomainBGP


98/122

98

BGP (Border Gateway Protocol)

Policies, not just minimize path Path vector: given reported paths to D

from each nbr, and configured preferences,

choose your path to D

dont ever route through domain X, or not to D,or only as last resort

Other policies: dont tell nbr about D, or lieto nbr about D making path look worse


99/122

99

Path vector/Distance vector

Distance vectorEach router reports to its neighbors {(D,cost)}Each router chooses best path based on min

(reported cost to D+link cost to nbr)

Path vectorEach rtr R reports {(D,list of ASs in Rs chosen

path to D)}

Each rtr chooses best path based on configuredpolicies


100/122

100

BGP Configuration

path preference rules which nbr to tell about which destinationshow to edit the path when telling nbr Nabout prefix P (add fake hops to discourage

N from using you to get to P)


101/122

101

TRILL working group in IETF

TRILL= TRansparent Interconnection ofLots of Links

Use layer 3 routing, and encapsulate witha civilized header But still look like a bridge from the

outside


102/122


103/122

103

Run link state protocol

So all the RBridges know how to reach allthe other RBridges

But dont know anything about endnodes


104/122

104

Why link state?

Since all switches know the completetopology, easy to compute lots of trees

deterministically (well get to that later)

Easy to piggyback nickname allocationprotocol (well get to that later)


105/122

105

Routing inside campus

First RB encapsulates to last RBSo header is safe (has hop count) Inner RBridges only need to know how to reach

destination RBridge

Still need tree for unknown/multicastBut dont need spanning tree protocol

compute tree(s) deterministically from the link

state database


106/122

106

Rbridging

R7

R1

R3

R4

R6

R2

R5

a

c


107/122

107

Details

What the encapsulated packet looks like How R1 knows that R2 is the correct last

RBridge


108/122

108

Encapsulated Frame(Ethernet)

outer header TRILL header original frame

dest (nexthop)

srce (Xmitter)Ethertype=TRILL

first RBridge

last RBridgeTTL

TRILL header specifies RBridges with 2-byte nicknames


109/122

109

2-byte Nicknames

Saves hdr room, faster fwding Dynamically acquiredChoose unused #, announce in LSP

If collision, IDs and priorities break tie Loser chooses another nickname Configured nicknames higher priority


110/122

110

How does R1 know that R2 is the

correct last RBridge? If R1 doesnt, R1 sends packet through a

tree

When R2 decapsulates, it remembers(ingress RBridge, source MAC)


111/122

111

Use of first and last RBridge in

TRILL header For Unicast, obvious

Route towards last RBridgeLearn location of source from first RBridge

For Multicast/unknown destinationUse of first

to learn location of source endnode to do RPF check on multicast

Use of last To allow first RB to specify a tree Campus calculates some number of trees


112/122

112

Algorhyme v2

I hope that we shall one day seeA graph more lovely than a tree.

A graph to boost efficiencyWhile still configuration-free.

A network where RBridges can

Route packets to their target LAN.The paths they find, to our elation,

Are least cost paths to destination.

With packet hop counts we now see,The network need not be loop-free.

RBridges work transparently.

Without a common spanning tree.Ray Perlner


113/122

113

Wrap-up

folklore of protocol design things too obvious to say, but everyone gets

them wrong


114/122

114

Forward Compatibility

Reserved fieldsspare bits ignore them on receipt, set them to zero. Can

maybe be used for something in the future

TLV encoding type, length, value so can skip new TLVs maybe have range of Ts to ignore if unknown, others

to drop packet


115/122

115

Forward Compability

Make fields large enough IP address, packet identifier, TCP sequence #

Version numberwhat is new version vs new protocol?

same lower layer multiplex info therefore, must always be in same place!

drop if version # bigger


116/122

116

Fancy version # variants

Might be security threat to trick two Vnnodes into talk V(n-1)

So maybe have highest version I supportin addition to version of this packet

Or just a bit I can support higher (we didthis for IKEv2)

Maybe have minor version #, forcompatible changes. Old node ignores it


117/122

117

Version #

Nobody seems to do this right IP, IKEv1, SSL unspecified what to do if

version # different. Most implementations

ignore it.

SSL v3 moved version field!v2 sets it to 0.2. v3 sets (different field) to 3.0.v2 node will ignore version number field, andhappily parse the rest of the packet


118/122

118

Avoid flag days

Want to be able to migrate a runningnetwork

ARPANET routing: ran both routingalgorithms (but they had to compute the

same forwarding table)

initially forward based on old, compute both

one by one: forward based on new

one-by-one: delete old


119/122

119

Parameters

Minimize these:someone has to document itcustomer has to read documentation and

understand it

How to avoidarchitectural constants if possible

automatically configure if possible


120/122

120

Settable Parameters

Make sure they cant be set incompatiblyacross nodes, across layers, etc. (e.g., hello

time and dead timer)

Make sure they can be set at nodes one at atime and the net can stay running


121/122

121

Parameter tricks

IS-ISpairwise parameters reported in hellosarea-wide parameters reported in LSPs

BridgesUse Roots values, sent in spanning tree msgs


122/122

Summary

If things arent simple, they wont work Good engineering requires understanding

tradeoffs and previous approaches.

Its never a waste of time to answer whyis something that way

Dont believe everything you hear Know the problem youre solving before

t t l it!

79routing tutorial nov2010

Documents