Network Layer 4-1

Chapter 4
Network Layer
A note on the use of these ppt slides:
Were making these slides freely available to all (faculty, students, readers).
Theyre in PowerPoint form so you can add, modify, and delete slides
(including this one) and slide content to suit your needs. They obviously
represent a lot of work on our part. In return for use, we only ask the
following:
! If you use these slides (e.g., in a class) in substantially unaltered form, that
you mention their source (after all, wed like people to use our book!)
! If you post any slides in substantially unaltered form on a www site, that
you note that they are adapted from (or perhaps identical to) our slides, and
note our copyright of this material.
Thanks and enjoy! JFK/KWR

All material copyright 1996-2010
J.F Kurose and K.W. Ross, All Rights Reserved
Computer Networking:
A Top Down Approach
5
th
edition.
Jim Kurose, Keith Ross
Addison-Wesley, April
2009.

Network Layer 4-2
Chapter 4: Network Layer
4. 1 Introduction
4.2 Virtual circuit and
datagram networks
4.3 Whats inside a
router
4.4 IP: Internet Protocol
" Datagram format
" IPv4 addressing
" ICMP
" IPv6
4.5 Routing algorithms
" Link state
" Distance Vector
" Hierarchical routing
4.6 Routing in the
Internet
" RIP
" OSPF
" BGP
4.7 Broadcast and
multicast routing
Network Layer 4-3
Recap of inter-domain routing
! First, reachability information between ASs
! Second, choose paths and advertise internally
" AS1 learns from inter-AS protocol that subnet x is
reachable from AS3 and from AS2.
" to configure forwarding table, router 1d must determine
which gateway it should forward packets towards for dest
x
" this is also the job of inter-AS routing protocol!
AS3
AS2
3b
3c
3a
AS1
1c
1a
1d
1b
2a
2c
2b
other
networks
other
networks
x

?
Network Layer 4-4
Internet inter-AS routing: BGP
! BGP (Border Gateway Protocol): the de facto
inter-domain routing protocol
" glue that holds the Internet together
! BGP provides each AS a means to:
" eBGP: obtain subnet reachability information from
neighboring ASs.
" iBGP: propagate reachability information to all AS-
internal routers.
" determine good routes to other networks based on
reachability information and policy.
! allows subnet to advertise its existence to rest of
Internet: I am here
What you need to grasp BGP?
1. To know what type of relationships exist
between Ases
Commercial relationship!
2. To understand a path vector protocol
3. To use elaborate maths to understand its
correctness / convergence
Here, we will look at points 1 and 2, and
briefly overview point 3
Many thanks to Renata Teixeira for her help!
Network Layer 4-5
6
What type of ASes exist?
FT
BT
DT
! Large, tier-1 provider with a nationwide backbone
" At the core of the Internet, dont have providers
! Medium-sized regional provider with smaller backbone
! Small network run by a single company or university
UPMC
Wanadoo
7
Connections Between Networks
BT
FT
DT
Wanadoo
commercial
customer
dial-in access
IXP
access router
gateway router
IXP
Internet exchange point
private
peering
8
Single-Homed Customers
! UPMC has only one connection to the
Internet
UPMC
BT
FT
DT
Wanadoo
9
Multi-Homed Customers
! Same provider: e.g., Wanadoo to FT
! Different providers: e.g., Wanadoo to FT and BT
UPMC
BT
FT
DT
Wanadoo
10
Customer-provider relationship
! Customer needs to be reachable from everyone
! Customer does not want to provide transit service
UPMC
BT
FT
DT
Wanadoo
UPMC is customer of DT
Wanadoo is a customer of FT and BT traffic to/from
UPMC
transit traffic is
not allowed
11
Peer-peer relationship
! Peers exchange traffic between customers
UPMC
BT
FT
DT
Wanadoo
FT and BT are peers
FT and DT are peers
customers
exchange traffic
FT doesnt provide
transit for its peers
12
Peering also allows connectivity between
the customers of Tier 1 providers
peer peer
customer provider
Peering Provides Shortcuts
13
How peering decisions are made?
! Reduces upstream
transit costs
! Can increase end-to-
end performance
! May be the only way
to connect your
customers to some
part of the Internet
(Tier 1)
! You would rather have
customers
! Peers are usually your
competition
! Peering relationships
may require periodic
renegotiation
Peer Dont Peer
What you need to grasp BGP?
1. To know what type of relationships exist
between Ases
Customer Provider or Peering!
2. To understand a path vector protocol
3. To use elaborate maths to understand its
correctness / convergence
Here, we will look at points 1 and 2, and
briefly overview point 3
Many thanks to Renata Teixeira for her help!
Network Layer 4-14
Which inter-routing protocol?
! Scale, Privacy
" Link state pbmatic: flood information, costly
" Distance vector: ok
! Policy:
" Distance vector insufficient: single cost
Network Layer 4-15
16
Use of shortest-path is restrictive
! All traffic must travel on shortest paths
! All nodes need common notion of link costs
! Incompatible with commercial relationships
" Cust of 1 and 3 should not communicate on two
peering links 1-2 and 2-3!
Regional
ISP1
Regional
ISP2
Regional
ISP3
Cust1
Cust3
Cust2
National
ISP1
National
ISP2
YES
NO
Which inter-routing protocol?
! Scale, Privacy
" Link state pbmatic: flood information, costly
" Distance vector: ok
! Policy:
" Distance vector insufficient: single cost
! Path vector
Extends distance vector by advertising not the
cost but the entire path used
" Avoids loop and count to infinity problem
" Allows to have flexible import/export policy
Network Layer 4-17
18
BGP route
! Destination prefix (e.g,. 128.112.0.0/16)
! Route attributes, including
" AS path (e.g., 2 1)
" Next-hop IP address (e.g., 12.127.0.121)
AS 1
128.112.0.0/16
AS path = 1
Next Hop = 192.0.2.1
AS 2
AS 3
192.0.2.1
128.112.0.0/16
AS path = 2 1
Next Hop = 12.127.0.121
12.127.0.121
19
BGP path selection
! Simplest case
" Shortest AS path
" Arbitrary tie break
! Example
" Three-hop AS path preferred over a four-hop
AS path
" AS 7 prefers path through AS 6
! But, BGP not only shortest-path routing
" Policy-based routing
128.112.0.0/16
AS Path = 6 2 1
AS 5
128.112.0.0/16
AS Path = 5 4 3 2 1
AS 7
AS 6
20
Establish session on
TCP port 179
Exchange all
active routes
Exchange incremental
updates
AS1
AS2
While connection
is ALIVE exchange
route UPDATE messages
BGP session
BGP Session Operation
21
2 types of BGP connections
! External BGP (eBGP)
" Session between routers in different ASes
! Internal BGP (iBGP)
" Need to distribute BGP information within the AS
" iBGP sessions are routed using IGP
AS1
AS2
eBGP
iBGP
22
iBGP mesh doesnt scale
! Configuration overhead
" N border routers means
N(N-1)/2 sessions
" One new router requires
configuring all the
others
! Routing overhead
" Each router has to
listen to updates from
all neighbors
" Larger routing tables,
because of alternate
routes
eBGP
update
iBGP
updates
23
Route reflectors
! Acts like a route
server
" Routes from clients,
distribute to other
RRs
" Routes from other
RRs, distribute to
clients
! Only sends best
route
eBGP
update
iBGP
updates
RR
RR
RR
24
Incremental protocol
! A node learns multiple paths to destination
" Stores all of the routes in a routing table
" Applies policy to select a single active route
" May advertise the route to its neighbors
! Incremental updates
" Announcement:
Upon selecting a new active route, add node id to path
" Withdrawal
If the active route is no longer available
25
Best Route
Selection
Apply Import
Policies
Best Route
Table
Apply Export
Policies
Install forwarding
Entries for best
Routes.
Receive
BGP
Updates
Best
Routes
Transmit
BGP
Updates
Apply Policy =
filter routes &
tweak
attributes
Based on
Attribute
Values
IP Forwarding Table
Apply Policy =
filter routes &
tweak
attributes
BGP route processing
26
Import policy: Filtering
! Discard some route announcements
" Detect configuration mistakes and attacks
! Examples on session to a customer
" Discard route if prefix not owned by the
customer
" Discard route that contains other large ISP in
AS path
Big
Univ
Tier-3
128.112.0.0/16
27
Export policy: Filtering
! Discard some route announcements
" Limit propagation of routing information
! Examples
" Dont announce routes from one peer to another
" Dont announce routes for network-management
hosts
Big
Univ
Large
Huge
network
operator
28
BGP Policy Configuration
! Routing policy languages are vendor-specific
" Not part of the BGP protocol specification
" Different languages for Cisco, Juniper, etc.
! Still, all languages have some key features
" Policy as a list of clauses
" Each clause matches on route attributes
" and either discards or modifies the matching routes
! Configuration done by human operators
" Implementing the policies of their AS
" Business relationships, traffic engineering, security,
29
Best route selection:
Simplified BGP decision process
! Ignore if next hop unreachable
! Highest local preference
! Lowest AS path length
! Lowest MED (with same next hop AS)
! Prefer eBGP over iBGP
! Lowest IGP cost to egress router
! Lowest router ID of egress router
What you need to grasp BGP?
1. To know what type of relationships exist
between Ases
Customer Provider or Peering!
2. To understand a path vector protocol
Path exchange, import/export policy
3. To use elaborate maths to understand its
correctness / convergence

Many thanks to Renata Teixeira for her help!
Network Layer 4-30
31
Import policy: Local preference
! Favor one path over another
" Override the influence of AS path length
" Apply local policies to prefer a path
! Example: prefer customer over peer
Big
Large
Univ
Tier-2
Tier-3
Local-pref = 100
Local-pref = 90
32
Example:
Customer to provider
Univ
Large
Big
Medium1
Medium2
132.239.17.0/24
import policies route selection export policies
local pref = 100 select Univ route
A
send to other
iBGP neighbors
B
A
router
select As route send to other
eBGP neighbors
B
33
Example: Peers
Univ
Large
Big
Medium1
Medium2
import policies route selection export policies
A
B
local pref = 90 select M1 route send to other
iBGP routers
A
router
select As route dont send
B
C
132.239.0.0/16
select As route send to customers
C
Suppose Medium1,
Big, and Large are peers
34
Example:
Customers vs. peers
Univ
Large
Big
Medium1
Medium2
import policies route selection export policies
A
select M1 route send to other
iBGP and eBGP
neighbors
A
router
B
Suppose:
M1 is a customer
of Big and Large
Big and Large are peers
132.239.0.0/16
local pref (M1)= 100
local pref (L)= 80
35
Asymmetric routing
Large
Big
London
Paris
B
A
2
100
5
150
A to B
B to A
hot potato routing
36
BGP converges slowly, if at all
! Path vector avoids count-to-infinity
" But, ASes still must explore many alternate paths
" to find the highest-ranked path that is still available
! Policies need to be validated
" Condition to avoid loop, condition to obtain convergence
" Based on algebraic properties of paths attributes
! Fortunately, in practice
" Most popular destinations have very stable BGP routes
" And most instability lies in a few unpopular destinations
! Still, lower BGP convergence delay is a goal
" Can be tens of seconds to tens of minutes
" High for important interactive applications
" or even conventional application, like Web browsing
bgp involves accountability b/c you can trace back origin of a bad route && people will retaliate
37
Conclusions
! BGP is solving a hard problem
" Routing protocol operating at a global scale
" With tens of thousands of independent networks
" That each have their own policy goals
" And all want fast convergence
! Key features of BGP
" Prefix-based path-vector protocol
" Incremental updates (announcements and withdrawals)
" Policies applied at import and export of routes
" Internal BGP to distribute information within an AS
" Interaction with the IGP to compute forwarding tables
38
Recommended readings
! Tim Griffins inter-domain routing page:
" http://www.cl.cam.ac.uk/~tgg22/interdomain/
! Non-convergence of BGP: policy conflicts
" T. G. Griffin, F. B. Shepherd, and G. Wilfong, The Stable Paths Problem
and Interdomain Routing, IEEE/ACM Trans. Netw., 10(2):232-243,
April 2002.
" L. Gao and J. Rexford, "Stable Internet routing without global
coordination," IEEE/ACM Trans. Netw., December 2001, pp. 681-692.
! Delayed convergence
" C. Labovitz, A. Ahuja, A. Bose, F. Jahanian, Delayed Internet routing
convergence, IEEE/ACM Trans. Netw, 9(3): 293-306 (2001)
! Food for thought
" N. Feamster, H. Balakrishnan, and J. Rexford, "Some foundational
problems in interdomain routing," Proc. ACM SIGCOMM HotNets
Workshop, Nov. 2004.
Network Layer 4-39
BGP basics
! when AS3 advertises a prefix to AS1:
" AS3 promises it will forward datagrams towards that prefix
" AS3 can aggregate prefixes in its advertisement
AS3
AS2
3b
3c
3a
AS1
1c
1a
1d
1b
2a
2c
2b
other
networks
other
networks
! BGP session: two BGP routers (peers) exchange BGP
messages:
" advertising paths to different destination network prefixes
(path vector protocol)
" exchanged over semi-permanent TCP connections
BGP
message
Network Layer 4-40
BGP basics: distributing path information
AS3
AS2
3b
3a
AS1
1c
1a
1d
1b
2a
2c
2b
other
networks
other
networks
! using eBGP session between 3a and 1c, AS3 sends
prefix reachability info to AS1.
" 1c can then use iBGP do distribute new prefix info to all
routers in AS1
" 1b can then re-advertise new reachability info to AS2
over 1b-to-2a eBGP session
! when router learns of new prefix, it creates entry
for prefix in its forwarding table.
eBGP session
iBGP session
Network Layer 4-41
Path attributes & BGP routes
! advertised prefix includes BGP attributes
" prefix + attributes = route
! two important attributes:
" AS-PATH: contains ASs through which prefix advertisement
has passed: e.g., AS 67, AS 17
" NEXT-HOP: indicates specific internal-AS router to next-
hop AS. (may be multiple links from current AS to next-hop-
AS)
! gateway router receiving route advertisement uses
import policy to accept/decline
" e.g., never route through AS x
" policy-based routing
Network Layer 4-42
BGP route selection
! router may learn about more than 1 route
to destination AS, selects route based on:
1. local preference value attribute: policy
decision
2. shortest AS-PATH
3. closest NEXT-HOP router: hot potato routing
4. additional criteria
Network Layer 4-43
BGP messages
! BGP messages exchanged between peers over TCP
connection
! BGP messages:
" OPEN: opens TCP connection to peer and
authenticates sender
" UPDATE: advertises new path (or withdraws old)
" KEEPALIVE: keeps connection alive in absence of
UPDATES; also ACKs OPEN request
" NOTIFICATION: reports errors in previous msg;
also used to close connection
Network Layer 4-44
BGP routing policy
! A,B,C are provider networks
! X,W,Y are customer (of provider networks)
! X is dual-homed: attached to two networks
" X does not want to route from B via X to C
" .. so X will not advertise to B a route to C
A
B
C

W

X
Y
legend:

customer
network:
provider
network
Network Layer 4-45
BGP routing policy (2)
! A advertises path AW to B
! B advertises path BAW to X
! Should B advertise path BAW to C?
" No way! B gets no revenue for routing CBAW since neither
W nor C are Bs customers
" B wants to force C to route to w via A
" B wants to route only to/from its customers!
A
B
C

W

X
Y
legend:

customer
network:
provider
network
Network Layer 4-46
Why different Intra- and Inter-AS routing ?
Policy:
! Inter-AS: admin wants control over how its traffic
routed, who routes through its net.
! Intra-AS: single admin, so no policy decisions needed
Scale:
! hierarchical routing saves table size, reduced update
traffic
Performance:
! Intra-AS: can focus on performance
! Inter-AS: policy may dominate over performance
Network Layer 4-47
Chapter 4: Network Layer
4. 1 Introduction
4.2 Virtual circuit and
datagram networks
4.3 Whats inside a
router
4.4 IP: Internet Protocol
" Datagram format
" IPv4 addressing
" ICMP
" IPv6
4.5 Routing algorithms
" Link state
" Distance Vector
" Hierarchical routing
4.6 Routing in the
Internet
" RIP
" OSPF
" BGP
4.7 Broadcast and
multicast routing
Network Layer 4-48
R1
R2
R3 R4
source
duplication
R1
R2
R3 R4
in-network
duplication
duplicate
creation/transmission
duplicate
duplicate
Broadcast Routing
! deliver packets from source to all other nodes
! source duplication is inefficient!
! source duplication: how does source
determine recipient addresses?
OSPF
Broadcast Algorithms: bcst 1.0
! Whenever you receive a message,
duplicate it and send it again on all
neighboring link
! What is wrong with this approach?
The previous neighbor received it! It never stops!

Network Layer 4-49
Broadcast Algorithms: bcst 1.1
! Whenever you receive a message,
duplicate it and send it again on all
neighboring link, except the one you
received it from
! What is wrong with this approach?
If the graph has any loop, it also never stops!

Network Layer 4-50
0ph
Broadcast Algorithms: bcst 1.2
! Whenever you first receive a message,
duplicate it and send it again on all
neighboring link, except the one you
received it from.
! At least it is correct, called PI (Prop. Info)
! Still not very satisfying?
1. Uses all links in the network (cost ~O(M))
2. Need to remember all messages sent
3. Does not provide feedback (was it received)
Network Layer 4-51
Broadcast Algorithms: bcst 1.3
! Can we modify bcst 1.2 to solve feedback
! First guess: YES, perhaps
" Broadcast an ACK for all nodes? Unicast to src?
" Its costly! (~ as much as source duplication)
" Only works if full set known in advance
! Second guess: Exploit the broadcast phase
" Let p(i) be nodes i received the message first
" When received message or ACK from all links,
this node terminates; it sends an ACK to p(i).
" Node i terminates before p(i), all terminate
Network Layer 4-52
Example
source
Example PIF
1
2
3
6
3
1
1
2
4
0
0
3
3
3
5
5
5
4
4
5 6 6
6
6
8
7
8
11
11
Network Layer 4-53
From flooding to spanning tree
! Key feature: collection of links (p(i),i)
" It is a subgraph of the original graph
" It does not contain cycle
" It contains all nodes
This is called a spanning tree
! Properties of spanning trees
1. They have exactly N-1 edges and N nodes
(This is the minimum number to connect all)
2. Many possible ways to construct one
But also, spanning trees are fragile!
Network Layer 4-54
Network Layer 4-55
A
B
G
D
E
c
F
A
B
G
D
E
c
F
(a) Broadcast initiated at A
(b) Broadcast initiated at D
Spanning Tree
! First construct a spanning tree
! Nodes forward copies only along spanning
tree
Network Layer 4-56
A
B
G
D
E
c
F
1
2
3
4
5
(a) Stepwise construction
of spanning tree
A
B
G
D
E
c
F
(b) Constructed spanning
tree
Center-based tree: bcst 2.0
! center node
! each node sends unicast join message to center
node
" message forwarded until it arrives at a node already
belonging to spanning tree
A general construction
! Given a connected graph
" Start with S={s}, A={}
" While(S does not contain all nodes) {
Pick an edge (i,j) such that i in S, j not in S
do S<-S+{j} ; A<-A+{(i,j)}
}
! Proof
1. There always exists such edge
2. S,A is always a tree
3. After N-1 stepts, all nodes are included
Network Layer 4-57
Optimal Spanning Tree
! Is there a best spanning tree?
" The one whose entire cost is minimum
" Minimum Spanning Tree (MST)
! A greedy algorithm finds MST
" Start with S={s}, A={}
" While(S does not contain all nodes) {
Pick the edge (i,j) such that
i in S, j not in S
and (i,j) has minimum weight
do S<-S+{j} ; A<-A+{(i,j)}
}
Network Layer 4-58
Example
! Original topology
! Algorithm follows the following 6 steps
! Proof: At any time, a link in A belongs to
the spanning tree
Network Layer 4-59
A. Orda, A. Segall, Technion 8
Example MST algorrithms
s s s s s
s
Kruskal Topology
Prim Dijkstra
1
2 3
9
7
2
8
6
5
s
s s s
s s s
A
B
A. Orda, A. Segall, Technion 8
Example MST algorrithms
s s s s s
s
Kruskal Topology
Prim Dijkstra
1
2 3
9
7
2
8
6
5
s
s s s
s s s
A
B
Reverse Path Forward.: bcst3.0
if (mcast datagram received on incoming link
on shortest path back to center)
then flood datagram onto all outgoing links
else ignore datagram
! rely on routers knowledge of unicast
shortest path from it to sender
! each router has simple forwarding behavior:
Network Layer 4-61
Broadcast Algorithms
! flooding: when node receives broadcast packet,
sends copy to all neighbors
" problems: cycles & broadcast storm
! controlled flooding: node only broqdcqsts pkt if it
hasnt broadcasted same packet before
" node keeps track of packet ids already
broadcasted
" or reverse path forwarding (RPF): only forward
packet if it arrived on shortest path between
node and source
! spanning tree
" No redundant packets received by any node