TTM4150

Modified:
Created:

[TOC]

Intro

These are my notes for TTM4150 . These are my own understandings of the subject and it may not be completely correct or accurate. It is also written in slightly below average Norwegian English.

Why do I post them here?

There is a couple of reasons. The first is for convenience. I like to write Markdown as it is very easy to structure text easily and it does not take any focus away from the text, it also has great readability both uncompiled and compiled. It is also very practical to have this available on the web as i like to read my notes on my iPad, and it is faster to access here. The last reason is that someone may find them useful.

Advanced Internet Protocols, Service and Applications

Chapter 1 TCP/IP

Chapter 2 Transport-layer protocols

Chapter 3 Internet Architecture

Chapter 4 IP routing protocols

Chapter 5 Multiprotocol Label Switching

Chapter 6 IP Quality of Service

Chapter 7 Multicast and Anycast

Chapter 8 Layer-2 Transport over Packet

Chapter 11 IP Version 6

Software Defined Network, A Comprehensive Approach

Chapter 1 Introduction

Chapter 2 Why SDN?

Chapter 3 The Genesis of SDN

Chapter 4 How SDN works

Chapter 5 The OpenFlow Specifications

Chapter 7 SDN in the Data Center

Chapter 8 SDN in other environments

Chapter 13 SDN Futures

Technologies and Terms

Software Defined Networking

Adoption problem

  • Too expensive; Update incrementally
  • Too risky; Old technology is expensive to maintain
  • Too revolutionary; Computing is revolutionary, we need revolutionary solutions
  • Single point of failure; redundant controllers

Datacenter problems

  • Too many MAC addresses
  • Too many VLANs

TCP

Algotithms

Compound TCP

Microsofts TCP algorithm for adjusting the congestion window, optimizing the connections for large bandwidth.

TCP fusion

Sun Microsystem's TCP implementation for Solaris 10

Cubic TCP

Implementation of TCP with an optimized congestion control algorithm for high bandwidth networks with high latency. Was default in Linux from 2.6.19 to 3.1.

TCP proportional rate reduction

PRR is an algorithm design to improve the accuracy of data sent during recovery. Windows size after recovery is as close as possbile to slow-start threshold. It is the default algorithm for Linux since 3.2.

IPv4

CAP

CIDR

Classless inter-domain routing - Supernetting. Basically going away from the old A, B, C networks.

Routing/forwarding is done on the longest match.

CIDR representation/format:

10.0.0.0/8

VLSM

NAT

Network address translation. Companies and users may use private ip addresses internally.

Network Addresses
10.0.0.0/8 16 777 216
172.16.0.0/12 1 048 576
192.168.0.0/16 65 536

Full cone NAT

Restricted and Port Restricted cone NAT

Firewalls usually run Port restricted cone NAT.

Symmetric NAT

NAT444

Carrier grade NAT, the ISP uses NAT within its network and the enduser uses NAT again for their own network.

Address space: 100.64.0.0/10

IPv4 address states

  1. Assigned and advertised in BGP
  2. Assigned to an end user, but not advertised
  3. Part of the unassigned pool held by an RIR (regional internet reg)
  4. IANA unallocated address
  5. Reserved for special use

IPv6

IPv6 is assigned on an interface basis, not on device basis.

Types

Typical: unicast, multicast, anycast. The type of the address determines if the packets are destined for one or for many machines.

Unicast

Address that uniquely idenftifies an interface of an IPv6 node. Packages are sent directly to the given interface.

Relation type: One to One

Multicast

Multicast address identifies a group of IPv6 interfaces. A packet sent to a multicast address is processed by all members of the multicast group.

Relation type: One to Many

Anycast

Anycast address is assigned to multiple interfaces, usually on multiple nodes. A packet sent to a anycast address is delivered to only one of these, usually the nearest.

Relation type: Many to One? First in the group?

Scope

Typical: link, global, etc. The scope of the address determines which context the address makes sense in.

Link-local scope

Identifies all hosts within a single layer 2 domain.

Unique-local scope

Identifies all devices reachable within an administrative site or domain.

Global scope

Identifies all devices reachable across the Internet.

IPv6 addresses for a Host

A host have usually a lot of IPv6 addresses, it may even have multiple towards the global network.

  • A link-local address for local link traffic
  • Site-local and/or global unicast addresses
  • Loopback ::1
  • Interface-local scope all-nodes multicast address (FF01::1)
  • The solicited-node address for each unicast address
  • A multicast address for the joined groups on each interface

IPv6 addresses for a Router

  • A link-local address for each interface
  • Unicast addresses for each interface
  • A subnet-router anycast address
  • Additional anycast addresses
  • Loopback addresses (::1)

Header

| Version | Traffic class | Flow Label| | Payload Length | Next Header | Hop limit | | Source Address | | Destination Address |

6in4

Configured tunnel

6over4

Requires multicast

6to4

Automatic tunnel, uses the public IPv4 of a NATed network to get a particular prefix for the network.

6rd

IPv6 Rapid Deployment.

Automatically creates a tunnel using 6to4 from the endusers router to the ISPs 6rd border router. From the ISPs perspective this looks like a Dual stack network with both IPv4 and IPv6.

Dual stack lite

IPv4 over IPv6 using tunnelling and NAT444.

Private IPv4 <--> Private IPv4-in-IPv6 <--> Public IPv4

NAT64

IPv6 Internal network translated to IPv4 public network.

Needs DNS64 for DNS translations.

Routing

  • Building and maintainting the routing table.
  • Connectionless services per packet

Forwarding

Pushing the actual packets out on the physical line.

Autonomous system (AS):

A domain (collection of IP networks and routers) under the control of one or more entity that presents a common routing policy to the Internet.

AS Types

Stub AS

An AS with only one connection to another AS, such an AS allows only local traffic.

Multi-homed AS

An AS with connection to more than one AS and which does not allow transit traffic.

Multi-homing provides increased reliability.

Transit AS

An AS with connection to more than one AS, and which allows both local and transit traffic.

Intra-domain (interior) routing

Routing within an Autonomous system using Interior Gateway Protocol

Inter-domain (exterior) routing

Routing between Autonomous systems using Exterior Gateway Protocol

  • Reduces the routing information needed to be kept within the AS
  • Uses default routes towards the internet ( other AS's )
  • Simple for all to know the external routes

Routing algorithms

Build the routing tables and maintains the routes and paths within the network topology. Shortest path is found by looking at:

  • Path length / Number of hops
  • Bandwidth
  • Reliability
  • Line cost
  • Delay
  • Load (CPU, Queue, PPS)

Distance Vector Algorithm

A iterative, asynchronous and distributed routing algorithms.

Example: RIPv2

Steps:

  1. Wait for change in local link cost or message from neighbor
  2. Recompute estimated costs
  3. If change, notify neighbors
  4. Start over

Link state algorithm

Each node has a complete map of the topology. Each nodes advertises the state of directly connected links to all nodes.

Uses Dijkstras to find the shortest path.

Example: OSPF

OSPF

Based on the Link-state algortihm. Uses Areas to segment? the network into smaller pieces. Instantaneous propagation of topology changes.

An area is a set of routers configured to echange routing information. This reduces the database and CPU processing. To make this works, OSPF needs inter area router between to areas.

ISIS

Path vector protocol

BGP

Peering is interconnection of administratively separate network with the purpose of exchanging traffic.

Peering requires physical connection between the network.

The two network exchange routing inforamtion through the BGP routing protocol.

A Autonomous system is identified by a unique AS number.

BGP-speaker: Announces the local networks, other reachable networks (if transitAS) and other route information.

BGP neighbors: A pair of BGP-speakers exchanging routing information.

BGP-session: - TCP session between two BGP neighbors. - Keepalive monitors the state of the session - Only incremental updates of the routing table - Conserve bandwidth and processing power

Attributes

ORIGIN: Indicates the origin of the path information (IGP, EGP or incomplete)

AS_PATH: Describes the AS path vector associated with the prefix/destination

NEXT_HOP: IP address of border router to be used as next hop ro reach the destination

LOCAL_PREF: Used to inform other BGP routers in the local AS of the originating BGP session's degree of preference for an advertised route.

ATOMIC_AGGREGATE: Used by BGP speakers to inform other BGP routers that the local system selected a less specific route without selecting a more specific route which is included in it.

MULTI_EXIT_DISC: Discriminate among multiple exit points to a neighboring AS.

AGGREGATOR: Indicates the last AS number that formed the aggregated route and the IP address of that router.

Route reflector

iBGP routes will not be announced multiple hops as iBGP thinks that every node has already learned it. If there is a node that is only connected to a single second hop iBGP, we can use a route reflector to make the neighbour send the routes.

Interior BGP

Between BGP nodes (anywhere) in the AS

  • All routes cannot be injected into intra-domain protocol
  • IBGP for effective redistribution of BGP information
  • Which AS "border" router reaches specific address

Scalable routing design principles

Build hierarchy

  • Avoid full mesh
  • Core (transit) + region (access)
  • One vs seperate routing domains
Compartmentalization

For problem and failure localization

Making proper trade-off
  • Redundancy vs scalability
  • Convergence vs stability
Reducing route processing
  • Routing intelligence placement at edges
  • Reduce routes and routing information: CIDR default routing
  • Static route at edges

Software Defined Networking

MPLS

MP = Multi protocol

  • Multi-protocol both above and below
  • Forwarding independent of network layer
  • Operating over virtually any link layer protocol

LS = Label switching

  • Forwarding: label swapping
  • Control: IP routing protocols (IGP & EGP)

Label Switched Router

An LSR is any router that switches MPLS

Ingress LSR inserts a label on the packet and forwards it to the network (PUSH)

Intermediate LSR receives labelled packets, swaps the label and forwards it. (SWAP)

Egress LSR receives MPLS labeled packets, removes the label before forwarding it. (POP)

Label Switched Path

A LSP is a MPLS switching path through network.

A LSP starts at a Ingress LSR, traverses the Intermediate LSRs and ends at the Egress LSR/

Can be engineered to follow a specific path.

Multicast

IGMP

Shared tree vs SST

Source specific trees

One distribution tree per source

  • Low delay
  • Higher cost
  • Better load distribution
  • More state in the network

Shared trees

Packets from all sender in a session are distributed along the same tree.

  • Lowest cost
  • Higher delay
  • Less state
  • Load on fewer router and links

Sparse mode

Traffic is only sent to nodes that explicit join the session

Explicit join leav signaling:

  • PIM-SM
  • SSM
  • CBT

Dense mode

Push mode, traffic flooded to all

Assumes that most nodes will be member of a session.

All traffic will periodically be flooded to all.

Nodes wishing not to be part of a session sends leave:

- DVMRPv2
- PIM-DM
- MOSPF

Missing functionality

Security:

  • Authentication
  • Authorization
  • Encryption
  • Data integrity

Group managment:

Address allocation:

Network management:

Quality of Service

RSVP

Resource Reservation Protocol is a Transport layer protocol designed to reserver resources across a network of integrated services.

Receiver oriented, the receiver of the flow maintains the resource reservation for that flow.

Traffic Engineering extension

Addon to RSVP. Applications on IP end systems can use RSVP to indicate to other nodes the nature of the packet streams they want to receive.

IntServ vs. DiffServ

IntServ

Architecture that specifies the elements to guarantee quality of service on networks. IntServ can for example be used to allow video and sound to reach the receiver without interruption.

IntServ specifies a fine-grained QoS system.

  • Signaling mechanism
  • Traffic handling per flow
  • State information in network nodes
  • Limited Scalability in core due to amount of state information
  • Better end-to-end guarantees as resources are reserved end to end per flow

DiffServ

Architecture that specifies a simple, scalable and coarse-grained mechanism for classifying and managing network traffic and providing QoS.

DiffServ can br used to provide low-latency to critical network traffic, while providing best effort service to non-critical traffic.

coarse-grained == fewer larger descrete components

  • Priority mechanism
  • Traffic handling of aggregated flows
  • No state information
  • Scalable - aggregated flows
  • End-to-End guarantees requires admission control and adequate dimensioning
  • Static SLAs give limited flexibility