Classless and Subnet Extensions CIDR

1
Classless and Subnet Extensions (CIDR)

• Chapter 9

2
Review

• Chapter 4 describes the original address scheme
  in IPv4
• Each physical network is assigned a unique
  network address
• Each host has the network address as a prefix
• Classful addressing

3
Minimizing Network Numbers

• The growth of the internet was unanticipated
• We are running out of IP addresses
• Especially class B addresses
• China!
• Three solutions

4
First Solution Proxy ARP

• Also called promiscuous ARP and the ARP hack
• Two networks share a single IP address
• The router knows which hosts are on which
  physical network http//www.calvin.edu/lave/figur
  e-9.1.pdf
• Takes advantage of an important feature of the
  ARP protocol, trust

5
Proxy ARP (continued)

• Some implementations of ARP
• Alert managers to possible security violations if
  two IP addresses map to the same MAC address
• Prevents spoofing
• This only works without proxy ARP routers
• Otherwise too many warnings are generated
• Proxy ARP does not scale beyond two networks

6
Solution 2 Subnet Addressing

• Also called subnet forwarding or subnetting
• Individual sites have the freedom to modify
  addresses and routers as long as the
  modifications remain invisible to other sites
• All hosts and routers honor the addressing scheme
• Other sites on the internet can treat addresses
  as a network prefix and a host suffix

7
Subnet Addressing (continued)

• Use an addressing hierarchy within your network
  http//www.calvin.edu/lave/figure-9.2.pdf
• Use part of your host id portion to specify a
  subnet
• Example, divide 128.10 into 128.10.1 and 128.10.2
• To the outside world 128.10.2.20 is part of the
  128.10 space, but routers within 128.10 must
  choose 128.10.2 as the network destination

8
Variable-Length Subnets

• Select a subnet portion and require that all
  hosts on that subnet honor it
• Two notations
• 153.106.128.3 netmask 255.255.255.192
• 153.106.128.3/26 (CIDR notation)
• They both mean that the high order 26 bits are
  the network id and the low order 6 bits are the
  host id

9
Forwarding in the Presence of Subnets

• Page 137 of the text shows an illegal topology
  http//www.calvin.edu/lave/figure-9.6.pdf
• The problem is that H does not know where to send
  a datagram for a host on Net 3
• All subnets of a given IP address must be
  contiguous, the subnet masks must be uniform, and
  all machines should participate in subnet
  forwarding

10
A Unified Forwarding Algorithm

• Covers the standard IP forwarding and subnet
  forwarding
• http//www.calvin.edu/lave/figure-9.7.pdf

11
Maintenance of Subnet Masks

• How are they assigned?
• By a network administrator
• Eg, 153.106.128 is assigned to emulab.calvin.edu
• No easy rules
• Contiguity is obviously desirable
• How are subnet masks propagated?
• Later

12
Broadcasting to Subnets

• How do you broadcast to a network that is
  subnetted?
• All routers must agree to forward to all subnets
• Forwarding loops are possible
• RPF (reverse path forwarding)
• A router receives a broadcast
• Consults its routing table
• Discards unless it arrived on the interface used
  to forward to the source (ie, unless it arrived
  from the shortest path)

13
Third Solution Anonymous Point-to-Point Networks

• IP views a point-to-point connection between a
  pair of machines as a network, the connection was
  assigned a network prefix and each computer a
  host suffix. This seems absurd in light of the
  shortage of IP addresses.
• Anonymous networking.
• Pair of routers connected by a leased circuit.

14
Point-to-Point (continued)

• Avoid numbering the leased line and do not assign
  a host address to the routers at each end. The
  interface software is configured to ignore the
  next-hop address.
• Possible because there is only one possible
  destination.

15
Classless Addressing and Supernetting

• New Addressing Model
• Accompanying forwarding and route propagation
  techniques
• The entire technology is know as Classless
  Inter-Domain Routing, CIDR

16
CIDR (continued)

• The classful scheme did not divide network
  addresses into equal size classes
• Fewer than 17,000 class B addresses
• More than 2 million class C addresses
• Demand for class C was less than for class B
• Class C networks are small and are not amenable
  to subnetting
• Class B prefixes became near exhaustion

17
Supernetting

• Supernet several class C addresses into one
  network
• Estimate the number of networks needed, say 200
• Receive a block of 256 contiguous class C numbers

18
CIDR Example

• 128.211.168.0/21
• The high 21 bits represent the network
• The low order 11 bits represent the host
• The netmask consists of 21 1s and 11 0s, ie,
  255.255.248.0

19
Data Structures and Algorithms for Classless
Lookup

• Addresses are no longer self-identifying
• Hashing no longer works so well
• Searching by mask length
• LPM, longest prefix match. Given a destination
  address, D, find the entry in the routing table
  that has the longest prefix of bits of D.
• A subscriber always has a longer address mask
  than the ISP.

20
Classless Lookup (continued)

• Iterate over all possible divisions between
  prefix and suffix
• Slow!
• Binary Trie Structures.
• Remove redundant suffixes (remaining prefix
  identifies the network)

21
Binary Trie Structures

• http//www.calvin.edu/lave/figure-9.12.pdf
• http//www.calvin.edu/lave/figure-9.13.pdf

22
Longest-Match and Mixtures of Route Types

• A trie only needs to store a unique prefix for
  each route in the table, but the prefix must
  cover the entire network portion of the route
• To guarantee that a router does not forward
  datagrams unless the entire network prefix
  matches, each exterior node in the trie must
  contain a 32-bit address, A, and a 32-bit mask,
  M, that covers the entire network portion of A.

23
Longest-Match (continued)

• The algorithm computes the logical and of M with
  the destination address and compares with A
• A trie is a mechanism that quickly identifies
  potential candidates, not a mechanism that finds
  an exact match

24
Longest-Match (continued)

• Assumption each entry in a routing table has a
  unique binary prefix. In practice routing tables
  contain a mixture of general and specific routes
  for the same destination
• A different route for a particular subnet
• A special route for one host
• http//www.calvin.edu/lave/figure-9.14.pdf

25
Longest-Match (continued)

• The trie data structure must follow the
  longest-match paradigm when selecting a route
• One possible implementation allows each interior
  node to contain an address/mask pair, and
  modifies the search algorithm to check for a
  match at each node. A match that occurs later in
  the search overrides an earlier match.

26
PATRICIA and Level Compressed Tries

• One optimization involves skipping levels in
  the trie that do not distinguish among routes.
• In the previous example, each route begins with
  the same sixteen bits. A binary trie will have
  only one node at each of the first sixteen levels
  below the root.

27
Two Modified Versions of Tries

• A PATRICIA trie allows each node to specify a
  value to test along with a number of bits to
  skip.
• A level compressed trie provides additional
  optimization by eliminating one or more levels in
  the trie that can be skipped along any path.

28
CIDR Blocks Reserved For Private Networks

• Private or nonroutable addresses
• The set of IPv4 prefixes contains a CIDR block
  that spans multiple classes.
• http//www.calvin.edu/lave/figure-9.15.pdf
• The last address block listed, 169.254.0.0/16, is
  unusual because it is used by systems that
  autoconfigure IP addresses.