Computer Networks

1
Computer Networks

• Lecture 5 IP Addressing-route lookup
• Younghee Lee

2
The Internet Protocol

• Identifier A sequence number to identify a
  datagram uniquely.
• Flag More bit(indicates the last fragment in
  original datagram), Dont Fragment bit(can be
  discarded at some subnet-source routing
  advisable)
• Fragment offset indicate where in the original
  datagram this fragment belongs
• Time to live somewhat similar to a hop count
• Protocol the next higher-level protocol

3
Type of Service

• TOS subfield guidance to the IP entity
  indicating the type or quality of service
• The way in which a router learns which routes
  support which TOS
• Domain administrator preconfigure the TOS
  associated with the routes
• A routing protocol monitor the TOS along the
  routes monitoring delays, throughputs, and
  dropped datagrams.(ex OSPF)
• Typically ignored now
• Replaced by DiffServ

4
IPv4 Options

• Security
• Security label to be attached to a datagram
• Source routing
• A sequenced list of router addresses that
  specifies the routes to be followed. May be
  strict or loose
• Route recording
• allocated to record the sequence of routers
  visited by the datagram
• Timestamping
• The source IP entity and some intermediate
  routers add a time stamp (precision to
  milliseconds)

5
Naming and Addressing

• Naming versus addressing
• naming is typically a high-level description
• addresses refer to specific physical resources
• distinction hard to define but often clear
• icu.ac.kr
• 128.9.23.93
• D74A049C2384
• Naming/addressing formats
• structure flat versus partitioned (hierarchical)
• duration dynamic versus static
• scope local versus global
• Domain Name System (DNS) names are names of hosts
• DNS binds host names to interfaces
• Routing binds interface names to paths

6
Name/Address Structure

• Hierarchical address space
• address space has structure sequence of fields
• fields identify autonomous organizations,
  geographical location, ..
• hierarchical can simplifies routing
• easily supports distributed assignment of
  addresses
• can result in inefficient use of the address
  space
• example IP addresses, postal address, telephone
  numbers, ..
• Flat address space
• address has no structure single field
• easier to use full address space
• lacks support for routing
• example IEEE addresses (48 bits)

7
IP Addressing introduction
223.1.1.1

• IP address 32-bit identifier for host, router
  interface
• interface connection between host, router and
  physical link
• routers typically have multiple interfaces
• host may have multiple interfaces
• IP addresses associated with interface, not host,
  router

223.1.2.9
223.1.1.4
223.1.1.3
223.1.1.1 11011111 00000001 00000001 00000001
223
1
1
1
8
IP addresses how to get one?

• Hosts (host portion)
• hard-coded by system admin in a file
• DHCP Dynamic Host Configuration Protocol
  dynamically get address plug-and-play
• host broadcasts DHCP discover msg
• DHCP server responds with DHCP offer msg
• host requests IP address DHCP request msg
• DHCP server sends address DHCP ack msg
• Auto-configuration
• IPv6 stateless autoconfiguration
• MANET AUTOCONF
• Standalone
• With gateway can be relatively simple but how to
  select gateway?
• Stand-alone for most of the time but temporarily
  connected to the infrastructured network
• e.g. car network connected while parked and
  disconnected otherwise
• Strong DAD, Prophet, AROD

9
Hierarchical addressing route aggregation
Hierarchical addressing allows efficient
advertisement of routing information
Organization 0
Organization 1
Send me anything with addresses beginning
200.23.16.0/20
Organization 2
Fly-By-Night-ISP
Internet
Organization 7
Send me anything with addresses beginning
199.31.0.0/16
ISPs-R-Us
10
IP addressing the last word...

• Q How does an ISP get block of addresses?
• A ICANN Internet Corporation for Assigned
• Names and Numbers
• allocates addresses
• manages DNS
• assigns domain names, resolves disputes

11
Addressing in IP v4

• Addresses are hierarchical.
• address contains hint about location
• Original design 4 classes of subnets. classful
• Total IP address size 4 billion
• Class A 128 networks, 16M hosts
• Class B 16K networks, 64K hosts
• Class C 2M networks, 256 hosts
• Class D for multicast
• Class E 1111, for experiment
• 127.0.0.1 local host (a.k.a. the loopback
  address)
• Host bits all set to 0 network address
• Host bits all set to 1 broadcast address

type
network
host
A 0 7 24 B 10 14 16 C
110 21 8 D 1110 28
12
Subnetting

• Hierarchy can be extended to more than two
  layers.
• Makes it possible to break up a network in
  multiple subnets.
• provides flexibility to manage networks
• packet forwarding between subnets is also done
  using routers, I.e. same as in Internet
• Provides autonomy.
• subnets inside network are not visible outside
  the network

Network
Host
1
0
Network
Host
Sub Net
Subnet 1
Subnet 3
Subnet 2
13
IP Addressing Issues

• Running out of IP address space short term
  solutions.
• Classless inter-domain routing
• Dynamic address assignment
• Network address translation
• Longer term solution for IP address shortage
  IPv6.
• Move to longer addresses IPv6

14
IP Address Utilization (98)
http//www.caida.org/outreach/resources/learn/ipv4
space/
15
Problems with Simple Address Structure

• Address space is not used very efficiently.
• Address spaces for networks can only be 28,
  216, 224 in size
• Sizes differ by two orders of magnitude
• Organizations that do not fit in smaller network
  (e.g. 257 hosts) need to use a size that is
  significantly larger
• Running out of addresses.
• Especially true for mid-sized networks
• Class B greatest problem
• Sparsely populated but people refuse to give it
  back
• Class C too small for most domains
• Very few class A IANA (Internet Assigned
  Numbers Authority) very careful about giving
• Routing tables are becoming too big.
• 100 of thousands of entries

16
Ideas Behind Classless Inter-Domain Routing

• Use address space more efficiently by relaxing
  the strict address structure.
• length of network address is variable
• generalization of subnetting idea
• makes network use more efficient
• Have Internet service providers hand out blocks
  of addresses to their customers.
• customers of ISPs appear like subnets of the ISP
  to other ISPs
• reduces size of the routing tables

17
CIDR Addressing

• Length of network address is variable and
  specified using a netmask.
• Can make the address space just large enough
• Can merge a group of adjacent class C addresses
  to form a larger network address.

Network
Hosts
0
Network
Hosts
1
1
0
Network
Hosts
1
0
18
CIDR Address Allocation Example
ISP 128.5.X.X
Customer 1 128.5.010xxxxx.X Customer 2
128.5.110xxxxx.X Customer 3 128.5.011xxxxx.X
19
Route Lookup with CIDR

• Need to store a netmask with each entry to
  indicate the size of the network identifier.
• can no longer rely on type field
• Problem with CIDR there can be multiple matches
  when looking up an address.
• Can for example happen when a customer switches
  ISPs but keeps addresses
• Solution lookup is based on longest prefix
  match.
• when there are multiple matches, the match with
  the most bits (longest netmask) wins
• Complicates route lookup!

10110110
Ex-ISP
- ISP 1
My Entry
10110110 010
- ISP 2
10110110 010 0100011
20
Shortcomings of CIDR

• CIDR does not help with the large number of
  addresses that were already assigned before CIDR
  was introduced.
• Many exceptions to CIDR addresses.
• Customer receives a block of addresses and then
  moves to a different ISP
• Typically keeps the same addresses
• Many customers subscribe with several ISPs for
  redundancy
• Example 45 Mbs with a primary ISP, and 5 Mbs
  with two backup ISPs
• Can only have one set of addresses

21
NATs

• NAT maps (private source IP, source port) onto
  (public source IP, unique source port)
• reverse mapping on the way back
• destination host does not know that is process is
  happening
• Very simple working solution.
• NAT functionality fits well with firewalls

Priv A IP
B IP
A
B IP
Priv A IP
A Port
B Port
B Port
A Port
B IP
Publ A IP
B IP
Publ A IP
B
A Port
B Port
B Port
A Port
22
NAT Considerations

• NAT has to be consistent during a session.
• Set up mapping at the beginning of a session and
  maintain it during the session
• Recycle the mapping that the end of the session
• May be hard to detect
• NAT only work for certain applications.
• Some applications (e.g. ftp) pass IP information
  in payload
• Need application level gateways to do a matching
  translation
• NAT has to be consistent with other protocols.
• ICMP, routing,
• Many flavors of NAT exist.
• Basic, network address port translation (NAPT),
  bi-directional,..

23
NAT/firewall traversal of VoIP

• Types of NAT functionality.
• Full Cone If a host behind a NAT sends a packet
  from addressport AB, the NAT process
  translates the addressport AB to XY and
  causes a binding of AB to XY. Any incoming
  packets (from any address) destined for XY are
  translated to AB.
• Partial/Restricted Cone full cone, However,
  once that first packet comes inward, the bindings
  are turned into complete four-component bindings.
  This enforces only packets from that source to be
  accepted and NATed from now onward.
• Symmetric Cone If a host behind a NAT sends a
  packet from addressport AB to CD, the NAT
  process translates the source addressport AB
  to XY and causes a binding of AB to CD
  to XY. Only packets from CD to XY are
  accepted in the reverse direction and these are
  NATed to AB.

24
NAT/firewall traversal of VoIP
25
NAT/firewall traversal of VoIP

• NAT problem
• Bindings can only be initiated by outgoing
  traffic.
• Unsolicited incoming calls cannot be supported.
• Like incoming call of PABX cant be translated
  without attendant.

26
NAT/firewall traversal of VoIP

• Solutions to NAT problem
• Universal Plug and Play (UPnP)
• limited to small installations.
• Simple Traversal of UDP Through Network Address
  Translation devices (STUN)
• STUN does not work with the type most commonly
  found in corporate networks - the symmetric NAT.
• TURN
• ICE
• Application Layer Gateway
• Manual Configuration
• Tunnel Techniques

27
NAT/firewall traversal of VoIP

• STUN
• The STUN protocol enables a SIP client to
  discover whether it is behind a NAT, and to
  determine the type of NAT.
• STUN server This is what I see as the source
  address and port
• TURN
• Server that is inserted in the media and
  signalling path. This TURN server is located
  either in the customers DMZ or in the Service
  Provider network.
• Increase latency and packet loss

28
Skype From the KaZaA community

• A peer-to-peer VoIP client developed by KaZaa in
  2003 P2P SIP
• It has better voice quality than the MSN and
  Yahoo IM applications
• It encrypts calls end-to-end, and stores user
  information in a decentralized fashion
• Auto-detect NAT/firewall settings
• STUN and TURN
• Allows searching a user (e.g., kun)
• Promote to super node
• Based on availability, capacity
• Conferencing

29
Kazaa

• FastTrack (aka Kazaa)
• Modifies the Gnutella protocol into two-level
  hierarchy
• Hybrid of Gnutella and Napster
• Group leader
• Nodes that have better connection to Internet
• Act as temporary directory servers for other
  nodes in group
• Maintains database, mapping names of content to
• IP address of its group member
• Not a dedicated server an ordinary server
• Bootstrapping node
• A peer wants to join the network contacts this
  node.
• This node can designate this peer as new
  bootstrapping node.
• Standard nodes
• Connect to super nodes and report list of files
• Allows slower nodes to participate
• Broadcast (Gnutella-style) search across Group
  leader peer Query flooding
• Drawbacks
• Fairly complex protocol to construct and maintain
  the overlay network
• Group leader have more responsibility. Not truly
  decentralized

30
IPv6

• Initial motivation 32-bit address space
  completely allocated by 2008.
• 128 bit address
• Additional motivation
• header format helps speed processing/forwarding
• header changes to facilitate QoS
• new anycast address route to best of several
  replicated servers
• IPv6 datagram format
• fixed-length 40 byte header
• no fragmentation allowed

31
IPv6 Header (Cont)
Priority identify priority among datagrams in
flow Flow Label identify datagrams in same
flow. (concept offlow
not well defined). Next header identify upper
layer protocol for data
32
IPv6 Header Flow Label

• A flow
• A sequence of packets sent from a particular
  source to a particular (unicast or multicast)
  destination for which the source desires special
  handling by the intervening routers.
• A flow may comprise multiple TCP connections
  file transfer application
• A single application may generate multiple flow
  multimedia conferencing
• one flow for audio, one for graphic window, ..
  With different requirements
• Rules applied to the flow label
• The source assigns a flow label to a flow. Chosen
  randomly in range 1 to 224-1.
• a table with 224 (16 million) entries memory
  burden.
• on entry in the table per active flow search
  the entire table
• hash table approach, CAM?

33
Other Changes from IPv4

• Checksum removed entirely to reduce processing
  time at each hop
• Options allowed, but outside of header,
  indicated by Next Header field
• ICMPv6 new version of ICMP
• additional message types, e.g. Packet Too Big
• multicast group management functions
• IPv6 eliminates fragmentation
• Easy configuration
• Provides stateless auto-configuration using
  hardware MAC address to provide unique base
• Additional requirements
• Support for security
• Support for mobility

34
Migration from IPv4 to IPv6

• Interoperability with IPv4 is necessary for
  gradual deployment.
• Two mechanisms
• dual stack operation IPv6 nodes support both
  address types
• tunneling tunnel IPv6 packets through IPv4
  clouds
• Unfortunately there is little motivation for any
  one organization to move to IPv6.
• the challenge is the existing hosts (using IPv4
  addresses)
• little benefit unless one can consistently use
  IPv6
• can no longer talk to IPv4 nodes
• stretching address space through address
  translation seems to work reasonably well

35
Dual Stack Approach
36
Tunneling
IPv6 inside IPv4 where needed
37
IPv6 Addresses

• A interface may have multiple unicast addresses.
• Allow subscriber that uses multiple access
  providers across the same interface to have
  separate addresses aggregated under each
  providers address space
• Longer Internet addresses allow for aggregating
  addresses by hierarchies of network, access
  provider, geography, corporation
• smaller routing tables, faster table lookups
• Address types
• Unicast an identifier for a single interface
• Anycast an identifier for a set of interface.
  Delivered to one of the interface(the nearest
  one for example)
• Multicast an identifier for a set of interfaces.
  Delivered to all interface.

38
IPv6 Stateless Autoconfiguration

• Local communication with no intervention
• Generate link-local address
• corresponds to installed Ethernet network
  adapters. The last 64 bits of the IPv6 address is
  known as the interface identifier. It is derived
  from the 48-bit MAC address of the network
  adapter.
• Perform Duplicate Address Detection
• This looks like this
• FE80000XXXXXXXXXXXXXXXX prefix of
  FE80/64
• The Xs are the EUI-64 address.(extended unique
  identifier 24 for company id)
• They could be a random 64 bit address also.
• The only requirement is that the address be
  unique.
• Start sending data
• Global communication with no stateful server
• Adds devices with no user configuration
• Stateful configuration DHCP

39
Routing source routing

• Source routing
• List entire path in packet
• Router processing
• Examine first step in directions
• Strip first step from packet
• Forward to step just stripped off
• Advantages
• Switches can be very simple and fast
• Disadvantages
• Variable (unbounded) header size
• Sources must know or discover topology (e.g.,
  failures)
• Typical use
• Ad-hoc networks (DSR)
• Machine room networks (Myrinet)

40
Routing Virtual Circuits/Tag Switching

• Connection setup phase
• Each router allocates flow ID on local link
• VC connection id
• Each packet carries connection ID
• Router processing
• Lookup flow ID simple table lookup
• Replace flow ID with outgoing flow ID
• Forward to output port
• Advantages
• More efficient lookup (simple table lookup)
• More flexible (different path for each flow)
• QoS reserve bandwidth at connection setup
• Easier for hardware implementations
• Disadvantages
• Complex signalling to route connection setup
  request stateful
• More complex failure recovery must recreate
  connection state
• Typical uses
• ATM combined with fix sized cells
• MPLS tag switching for IP networks

41
Routing IP routing

• Each switch has forwarding table of destination ?
  next hop
• Distributed routing algorithm for calculating
  forwarding tables
• Routing table size
• One entry for every host on the Internet
• 100M entries,doubling every year
• One entry for every LAN
• Every host on LAN shares prefix
• Still too many, doubling every year
• One entry for every organization
• Every host in organization shares prefix
• Requires careful address allocation
• Advantages
• Stateless simple error recovery
• Disadvantages
• Every switch knows about every destination
• Potentially large tables
• All packets to destination take same route

42
Longest Prefix Match is Harder than Exact Match

• The destination address of an arriving packet
  does not carry with it the information to
  determine the length of the longest matching
  prefix
• Hence, one needs to search among the space of all
  prefix lengths as well as the space of all
  prefixes of a given length
• Metrics for Lookup Algorithms
• Speed ( number of memory accesses)
• Storage requirements ( amount of memory)
• Low update time (support 5K updates/s)
• Scalability
• With length of prefix IPv4 unicast (32b),
  Ethernet (48b), IPv4 multicast (64b), IPv6
  unicast (128b)
• With size of routing table (sweetspot for
  todays designs 1 million)
• Flexibility in implementation
• Low preprocessing time

43
Longest Prefix Match

• LPM in IPv4Use 32 exact match algorithms for LPM!

Exact match against prefixes of length 1
Exact match against prefixes of length 2
Port
Priority Encode and pick
Exact match against prefixes of length 32
44
Patricia Tries

• Trie Use binary tree paths to encode prefixes
• Advantage simple to implement
• Disadvantage one lookup may take O(m), where m
  is number of bits (32 in the case of IPv4)

1
0
1
0
0
001xx 2 0100x 3 10xxx 1 01100 5
1
0
1
1
2
0
0
3
0
5
45
Skip Count vs. Path Compression
0
(Skip count) Skip 2 or 11 (path compressed)
1
P1
0
1
0
1
P1
P2
0
1
P2
0
0
1
1
P4
P3
P4
P3

• Removing one way branches ensures of trie nodes
  is at most twice of prefixes (case trie
  containing a small number of very long strings)
• Patricia tries
• Using a skip count requires exact match at end
  and backtracking on failure ? path compression
  simpler

46
Fast Longest Prefix Match

• Luleas Routing Lookup Algorithm (Sigcomm97)
• use a three-level data structure
• Multi-bit Tries
• Controlled Prefix Expansion Sri98
• Binary Search on Prefix Intervals Lampson98
• Binary search on prefixes Waldvogel Sigcomm
  97
• Longest prefix matching using bloom filters
• Route caches
• Temporal locality
• Many packets to same destination

47
Fast Longest Prefix Match

• Content addressable memory (CAM)
• Hardware based route lookup
• Input tag, output value associated with tag
• Requires exact match with tag
• Multiple cycles (1 per prefix searched) with
  single CAM
• Multiple CAMs (1 per prefix) searched in parallel
• Ternary CAM
• 0,1,dont care values in tag match
• Priority (I.e. longest prefix) by order of
  entries in CAM

48
Performance Comparison Complexity
49
Performance Comparison
50
Packet classification

• Packet classification
• The process of categorizing packets into flows
  in an Internet router
• All packets belonging to the same flow obey a
  predefined rule and are processed in a similar
  manner by the router
• Flow-aware router keeps track of flows and
  perform similar processing on packets in a flow
• Non best effort services, firewalls, QoS
• Flow-unaware router (packet-by-packet router)
  treats each incoming packet individually

51
Example of Classification Rules

• Access-control in firewalls
• Deny all e-mail traffic from ISP-X to Y
• Policy-based routing
• Route IP telephony traffic from X to Y via ATM
• Differentiate quality of service
• Ensure that no more than 50 Mbps are injected
  from ISP-X
• Committed Access Rate (rate limiting)
• Rate limit WWW traffic from subinterface739 to
  10Mbps

52
Complexity Hard Problem

• N rules and k header fields for k 2
• O(log Nk-1) time and O(N) space
• O(log N) time and O(Nk) space
• How many rules?
• Largest for firewalls similar ? 1700
• Diffserv/QoS ? much larger ? 100k (?)

53
Multi-field Packet Classification
Given a classifier with N rules, find the action
associated with the highest priority rule
matching an incoming packet.
Example packet (5.168.3.32, 152.133.171.71, ,
TCP)
54
Flow-aware Router Basic Architectural Components
Routing, resource reservation, admission control,
SLAs
Control
Datapath per-packet processing
Switching
Special processing
Packet classification
Routing lookup
Scheduling
55
Packet Classification Problem Definition

• Given a classifier C with N rules, Rj, 1 ? j ? N,
  where Rj consists of three entities
• A regular expression Rji, 1 ? i ? d, on each of
  the d header fields,
• A number, pri(Rj), indicating the priority of the
  rule in the classifier, and
• An action, referred to as action(Rj).

For an incoming packet P with the header
considered as a d-tuple of points (P1, P2, ,
Pd), the d-dimensional packet classification
problem is to find the rule Rm with the highest
priority among all the rules Rj matching the
d-tuple i.e., pri(Rm) pri(Rj), ? j ? m, 1 ? j
? N, such that Pi matches Rji, 1 ? i ? d. We
call rule Rm the best matching rule for packet P.
56
Example 4D classifier
57
Example Classification Results
58
Classification is a Generalization of Lookup

• Classifier routing table
• One-dimension (destination address)
• Rule routing table entry
• Regular expression prefix
• Action (next-hop-address, port)
• Priority prefix-length

59
Example

• Two-dimension space, i.e., classification based
  on two fields
• Complexity depends on the layout, i.e., how many
  distinct regions are created

60
Classification algorithm

• Linear search
• The simplest data structure is a linked list of
  rules stored in order of decreasing priority

61
Recursive Flow Classification Gupta99
Observations

• Difficult to achieve both high classification
  rate and reasonable storage in the worst case
• Real classifiers exhibit structure and redundancy
• A practical scheme could exploit this structure
  and redundancy

62
RFC Classifier Dataset

• 793 classifiers from 101 ISP and enterprise
  networks with a total of 41505 rules.
• Classifier (policy database)
• 40 classifiers more than 100 rules. Biggest
  classifier had 1733 rules.
• Maximum of 4 fields per rule source IP address,
  destination IP address, protocol and destination
  port number.

63
RFC

• Problem formulation
• Map S bits (i.e., the bits of all the F fields)
  to T bits (i.e., the class identifier)
• Main idea
• Create a 2S size table with pre-computed values
  each entry contains the class identifier
• Only one memory access needed
• but this is impractical ? require huge memory
• Use recursion trade speed (number of memory
  accesses) for memory footprint

64
The RFC Algorithm

• At each stage the algorithm maps one set of
  values to a smaller set
• A set of memories return a value shorter than the
  index of the memory access
• Split the F fields in chunks
• 1. Use the value of each chunk to index into a
  table
• Indexing is done in parallel
• 2. Combine results from previous phase, and
  repeat
• 3. In the final phase we obtain only one value
  that is action

65
Chunking of a Packet
66
The RFC Algorithm
67
Complete Example
indxc105c11
indxc026c033c05
68
(No Transcript)
69
Choice of Reduction Tree
0
1
2
3
4
5
Number of phases P 3 10 memory accesses
70
RFC Classification Time

• Pipelined hardware 30 Mpps (worst case OC192)
  using two 4Mb SRAMs and two 64Mb SDRAMs at
  125MHz.
• Software (3 phases) 1 Mpps in the worst case and
  1.4-1.7 Mpps in the average case. (average case
  OC48) performance measured using Intel Vtune
  simulator on a windows NT platform

71
RFC Pros and Cons

• Advantages
• Exploits structure of real-life classifiers
• Suitable for multiple fields
• Supports non-contiguous masks
• Fast accesses

• Disadvantages
• Depends on structure of classifiers
• Large pre-processing time
• Incremental updates slow
• Large worst-case storage requirements

72
Summary of classification schemes
73

Summary of classification schemes

• Lookup/Classification Chip Vendors
• Switch-on
• Fastchip
• Agere
• Solidum
• Siliconaccess
• TCAM vendors Netlogic, Lara, Sibercore, Mosaid,
  Klsi etc.
• Packet classification still an area of active
  research