Introduction to Computer Networks

Routing and addressing Rui Valadas Computer networks and its physical elements

R1 E1 link R2

server

Ethernet H2 switch R4 desktop

H3 IP tablet router H4 R3 portable ©Rui Valadas, version 2.0, 28/9/2017 2 Routing

• Routing – network function that selects one or more routes (paths) between hosts, to be followed by data packets

• Routes are usually computed through distributed algorithms called routing protocols, running on switching equipment and cooperating through the exchange of routing messages

R1 R4 H1 H2 R3

©Rui Valadas, version 2.0, 28/9/2017 3 Forwarding tables

• Indicate at each host or router the path to each destination, actually the next network element (the next-hop) • Built and maintained by routing protocols

dest. next dest. next H2 R3 H2 R1 dest. next ...... dest. next ...... H2 R2 H2 H2 ...... R2

R1 R4 H1 H2 R3 dest. next H2 R4 ......

Can forwarding tables list all host addresses?

©Rui Valadas, version 2.0, 28/9/2017 4 Structure of Internet routing

• At a global (worldwide) level, the Internet can be viewed as a network of routing domains, called Autonomous Systems (ASes) • The ASes are connected through Autonomous Systems Border Routers (ASBRs) • Two types of routing protocols: • Inter-domain: between ASes Inter-domain • BGP routing protocol • Intra-domain: inside ASes ASBR • RIP, OSPF ASBR Autonomous ASBR System

Intra-domain ASBR routing protocol

internal node ©Rui Valadas, version 2.0, 28/9/2017 5 Addressing

• Network elements are identified through addresses

• Several types of addresses: e.g. MAC and IP

• Two types of IP addresses: IPv4 and IPv6

• IP addresses are used for host-to-host communications (end-to- end)

• IP addresses are interface identifiers • Is this good or bad? • Multi-homed hosts have one IP address per active interface

©Rui Valadas, version 2.0, 28/9/2017 6 IPv4 addresses

• 32 bits • Represented in dotted-decimal notation

10000000 00001010 00000010 00011110

128 . 10 . 2 . 30

©Rui Valadas, version 2.0, 28/9/2017 7 IPv6 addresses

• 128 bits • Represented in hexadecimal notation, with 16-bit blocks (hextets) separated by a colon

0010 ... 0000 1101 1011 1000 ... 1010 0000 ... 0000 0011

2001 : 0db8 : 000d : 000a : 0000 : 0000 : 0000 : 0003

©Rui Valadas, version 2.0, 28/9/2017 8 IPv6 addresses

• Rules for reducing the size of the representation

• Example: fedc:0000:0000:0000:0243:0000:0000:abcd

• Rule 1 – Leading 0s in any hextet can be omitted • fedc:0:0:0:243:0:0:abcd

• Rule 2 – A double colon (::) can represent any single, contiguous string of one or more hextets consisting of all 0s. • fedc::0243:0000:0000:abcd or fedc:0000:0000:0000:0243::abcd

• Combining rule 1 and rule 2 • fedc::243:0:0:abcd or fedc:0:0:0:243::abcd • :: is the all-zeros address

©Rui Valadas, version 2.0, 28/9/2017 9 Representing address blocks

• A block of contiguous addresses that share the same prefix is usually defined by lowest address and prefix length – slash notation • Prefix – higher-order bits of an address • In IPv4, prefix length can be represented by subnet mask • 32-bit word that for prefix with n bits has the n higher-order bits equal 1, and the remaining ones equal 0 • /24 = 255.255.255.0; /21 = 255.255.248.0 • Trailing zeros can be omitted • 11.0.0.0/24 can be represented as 11/24

123.4.8.0/21

Highest 123 . 4 . 00001 111 . 11111111 = 123.4.15.255

Lowest 123 . 4 . 00001 000 . 00000000 = 123.4.8.0

PREFIX SUFFIX ©Rui Valadas, version 2.0, 28/9/2017 10 Multicast and broadcast addresses

• It is convenient to have addresses that target more than one destination • … for group communications (e.g. videoconferencing)

• Unicast addresses – identify one interface • Multicast addresses – identify a group of interfaces • Broadcast addresses – identify all interfaces

• Multicast addresses • IPv4 – 224/4 • IPv6 – ff00::/8

• Broadcast addresses • IPv4 –addresses with “all ones” suffix, must be constrained in scope • IPv6 – no broadcast addresses

©Rui Valadas, version 2.0, 28/9/2017 11 Public and private addresses

• Public addresses – for worldwide communications, must be globally unique • IP addresses are assigned by IANA

• Private addresses – for communications inside specific domains, need only be unique inside these domains

• Conversion between private and public addresses is done through NAT boxes

• Private address blocks • IPv4 – 10/8, 172.16/12, 192.168/16, 169.254/16 • IPv6 – fc00::/7

©Rui Valadas, version 2.0, 28/9/2017 12 Subnets

• Forwarding tables cannot list individual IP addresses - does not scale - IP addresses must be aggregated somehow • Subnet • Logical entity corresponding to an IP address block (IP addresses that share common prefix) • Subnets are delimited by routers (the same subnet cannot span different router interfaces) • Often represented by clouds • To support the organization in subnets IP addresses are structured hierarchically in two levels: • netid – prefix, that identifies subnet • hostid – suffix, that identifies interface within subnet

©Rui Valadas, version 2.0, 28/9/2017 13 R1 E1 link R2

destination what next? 9.0.0.0/8 next is R4 H1 125.6.0.0/16 directly connected server 192.168.0.0/30 directly connected

192.168.0.4/30 next is R2 Ethernet 222.0.0.0/24 directly connected H2 switch R4 desktop

H3 R1 R2 IP tablet 192.168.0.0/30 router H4 R3 portable

222.0.0.1 192.168.0.4/30

222.0.0.2 125.6.0.0/16 Subnets H2 222.0.0.0/24 R4

222.0.0.3 9.0.0.254

222.0.0.4 9.0.0.2 9.0.0.1 9.0.0.0/8

H3 H4 ©Rui Valadas, version 2.0, 28/9/2017 14 Subnets

Host Host

subnet 128.10.0.0/16

128.10.156.8/16 128.10.2.26/16 Ethernet

128.10.2.3/16 128.10.238.111

netid hostid

multi-homed Host subnet 192.168.56.0/24 192.168.56.1/24 128.10.238.111/16 Router Token-ring 192.168.56.205/24 192.168.56.38/24 Router 10.0.0.37/8

192.168.56.101/24 Private network

Host subnet 10.0.0.0/8 ©Rui Valadas, version 2.0, 28/9/2017 15 Subnets

• More than one subnet can be assigned to a link

15.0.0.0/8

128.10.0.0/16 222.222.10.0/24 128.15.0.0/16 192.168.60.0/24 222.222.20/24 Router Router

©Rui Valadas, version 2.0, 28/9/2017 16 The TCP/IP layered architecture

• The operation of computer networks • TCP/IP layers involves many protocols, e.g. for routing, 1. physical layer error control, security, mobility, congestion 2. link layer control…. 3. network layer 4. transport layer 5. application layer • Protocols are organized in a layered architecture

source host message A packet transmitted over the Internet application message APP is processed by protocols of all five transport message APP TP layers, at the source and destination hosts network message APP TP NET

link message APP TP NET LK physical message APP TP NET LK PHY network packet header

17 ©Rui Valadas, version 2.0, 28/9/2017 TCP/IP architecture and routing

• Physical, link and network layers - communication among hosts; transport and application layers - communication between application processes running on hosts

• The link and network layers provide a two-level routing hierarchy for the end-to-end communication between hosts • To accommodate the heterogeneity of Internet communication technologies • Two types of networks and addresses (layer-3 and layer-2) and switching equipment (routers and switches)

Switch

Router Router Router

3G/4G satellite link fiber optical Router submarine cable Wi-Fi (quite complex)

©Rui Valadas, version 2.0, 28/9/2017 switched Ethernet 18 Link layer technologies

• Layer-2 links provide the basic packet-level connectivity between layer-3 devices (hosts or routers) • Can be classified in: • Point-to-point links - connect two, and only two, layer-3 devices; e.g. E1 or V.35 links • Shared links - abstract layer-2 networks and can potentially connect many layer-3 devices; e.g. Ethernet (switched and non-switched), Token Ring, Wi- Fi, X.25, Frame Relay and ATM • Communications inside layer-2 networks require layer-2 addresses

Switch

©Rui Valadas, version 2.0, 28/9/2017 19 IEEE addresses • 48 bit addresses, assigned by IEEE, aka MAC addresses • Expressed in hexadecimal notation • e.g. 88-53-2e-28-8b-dc, or 88:53:2e:28:8b:dc, node or 8853.2e28.8bdc 1a-23-f9-cd-06-9b

• Flat (no structure) for routing purposes 88-b2-2f-54-1a-0f • Three types of addresses • Unicast – identifies only one interface node LAN node • Multicast – identifies a group of interfaces • Broadcast – identifies all interfaces 5c-66-ab-90-75-b1 49-bd-d2-c7-56-2a

node Organizationally Unique Identifier (OUI)

1st byte 2nd byte 3rd byte 4th byte 5th byte 6th byte 11011101 01110101 11001111 01011111 01000101 01111010

0 - unicast 1 - multicast 0 - globally unique 1 - locally administered

©Rui Valadas, version 2.0, 28/9/2017 20 TCP/IP architecture and routing

application application transport transport network network network network link link link link link physical physical physical physical physical

Router Switch Router Host Host layer-2 layer-2 layer-2 addresses addresses addresses

layer-3 (IP) addresses

©Rui Valadas, version 2.0, 28/9/2017 21 Layer-3 and layer-2 forwarding tables

• Forwarding tables are built and maintained by routing protocols to indicate at each switching equipment the path to be followed towards each destination • Layer-3 forwarding tables indicate the outgoing interface and the next-hop router that leads to each destination subnet • Layer-2 forwarding tables indicate only the outgoing interface

layer-3 forwarding table layer-2 forwarding table destination next hop int destination int 9.0.0.0/8 125.6.2.2 i2 48:dd:a9:56:b3:47 i1 125.6.0.0/16 dc i2 10:d3:51:23:d5:38 i2 223.2.3.0/24 dc i1

©Rui Valadas, version 2.0, 28/9/2017 22 End-to-end routing

• 1st step – from source host to first-hop router • Requires selection of default gateway at host, when more than one first- hop router available – address configured manually or obtained from DHCP (IPv4) • 2nd step – from first-hop to last-hop router • Handled through the routing protocol • 3rd step – from last-hop router to destination host • An address resolution protocol, to map IP addresses into layer-2 addresses, may be needed

1 2 3

first-hop last-hop source router router destination

©Rui Valadas, version 2.0, 28/9/2017 host host 23 End-to-end routing

• Default gateway – first-hop router used to dispatch traffic first-hop • Required on shared link router interfaces, not needed on i1 point-to-point link interfaces i2 first-hop • Multi-homed hosts may have router more than one source host

default gateway first-hop router

24 ©Rui Valadas, version 2.0, 28/9/2017 End-to-end routing

layer-3 forwarding table layer-3 forwarding table destination next hop int layer-2 forwarding table destination next hop int 9.0.0.0/8 dc i2 9.0.0.0/8 125.6.2.2 i2 destination int 125.6.0.0/16 dc i1 125.6.0.0/16 dc i2 48:dd:a9:56:b3:47 i1 223.2.3.0/24 125.6.1.1 i1 223.2.3.0/24 dc i1 10:d3:51:23:d5:38 i2

R1 Sw R2 9.0.0.1/8 d0:15:a7:5b:11:20 i1 i2 i1 i2 i1

i2 223.2.3.254/24 125.6.1.1/16 125.6.2.2/16 00:1d:70:d7:c4:c1 48:dd:a9:56:b3:47 10:d3:51:23:d5:38 d0:15:a7:5b:11:20 223.2.3.18/24 9.0.0.1 DG=223.2.3.254 other fields 10:d3:51:23:d5:38 IEEE 802.11 9.0.0.1 00:1d:70:d7:c4:c1 destination MAC address packet other fields 9.0.0.1 destination IP address other fields Ethernet packet Ethernet packet

Destination IP address doesn’t change from source to destination; Destination MAC address changes at every router

©Rui Valadas, version 2.0, 28/9/2017 25 122.225.88.161/27 122.225.88.183/27 28:3e:ab:6f:7d:12 d0:15:a7:5b:11:20 DG=122.225.88.190 DG=122.225.88.190 C End-to-end routing 122.225.88.160/27

Default Gateway 122.225.88.190/27 10:d3:51:2b:c7:55 i3 R3 Subnet Next hop Int 12.0.0.0/8 dc i2 12.1.1.20/8 10:d3:51:23:d5:38 122.225.88.160/27 dc i3 i1 i2 128.10.0.0/16 12.1.1.15 i2 208.1.8.6/30 195.203.18.0/24 208.1.8.5 i1 12.1.1.1/8 Routing table 208.1.8.0/30 12.1.1.15 i2 78:10:a2:5c:ff:b3 DG=12.1.1.20 208.1.8.4/30 dc i1

12.0.0.0/8 Subnet Next hop Int 208.1.8.4/30 12.1.1.3/8 12.0.0.0/8 dc i3 44:28:ca:78:99:17 DG=12.1.1.15 122.225.88.160/27 12.1.1.20 i3 Subnet Next hop Int 128.10.0.0/16 dc i1 12.0.0.0/8 208.1.8.2 i2 195.203.18.0/24 208.1.8.1 i2 122.225.88.160/27 208.1.8.2 i2 208.1.8.0/30 dc i2 128.10.0.0/16 208.1.8.2 i2 12.1.1.15/8 208.1.8.4/30 208.1.8.1 i2 195.203.18.0/24 dc i1 R1 i3 208.1.8.5/30 48:dd:a9:56:b3:47 i3 208.1.8.0/30 dc i2 208.1.8.0/30 208.1.8.4/30 dc i3 i2 208.1.8.1/30 208.1.8.2/30 i2 R2 shared 195.203.18.254/24 i1 128.10.33.253/16 i1 48:dd:a9:11:b5:23 link 00:1d:70:d7:c4:c1 point-to-point link 195.203.18.0/24 128.10.0.0/16 A B

195.203.18.1/24 195.203.18.101/24 128.10.27.181/16 128.10.1.1/16 54:42:49:97:74:03 e0:cb:4e:a5:4f:95 08:3d:5f:00:aa:28 a0:37:91:22:b5:f4 ©Rui Valadas, version 2.0, 28/9/2017 26 DG=195.203.18.254 DG=195.203.18.254 DG=128.10.33.253 DG=128.10.33.253 End-to-end routing

other IP fields other IP fields other IP fields other IP fields 195.203.18.1 195.203.18.1 195.203.18.1 122.225.88.183 195.203.18.1 122.225.88.183 122.225.88.183 other MAC fields 122.225.88.183 other MAC fields other MAC fields 54:42:49:97:74:03 48:dd:a9:56:b3:47 10:d3:51:2b:c7:55 PPP header 00:1d:70:d7:c4:c1 R1 R2 10:d3:51:23:d5:38 R3 d0:15:a7:5b:11:20 A C

195.203.18.254/24 208.1.8.1/30 208.1.8.2/30 12.1.1.15/8 12.1.1.20/8 122.225.88.190/27 00:1d:70:d7:c4:c1 48:dd:a9:56:b3:47 10:d3:51:23:d5:38 10:d3:51:2b:c7:55

195.203.18.1/24 122.225.88.183/27 54:42:49:97:74:03 d0:15:a7:5b:11:20 DG=195.203.18.254 DG=122.225.88.190

Datagram encapsulation in each link, during end-to-end routing

©Rui Valadas, version 2.0, 28/9/2017 27 IPv4 datagram format and encapsulation

• Encapsulated in data link frame (Ethernet = protocol type 0x0800)

0 8 16 24 32

Header Version Type of service Total length length s F F Identifier e Fragment offset D M R

Time-to-live Upper-layer protocol Header checksum

Source Address

Destination Address

Options (if any)

IP header IP body

Data link Data link Data header trailer

©Rui Valadas, version 2.0, 28/9/2017 28 IPv6 datagram format and encapsulation

• Encapsulated in data link frame (Ethernet = protocol type 0x86dd)

optional

Extension Extension Base Header ... Data ... Header 1 Header n

Extension headers: • Hop-by-Hop Options header • Routing header • Fragment header • Destination Options header • Authentication header • Encrypted Security Payload header

©Rui Valadas, version 2.0, 28/9/2017 29 IPv6 base header format

0 4 12 16 24 31

VERS TRAFFIC CLASS FLOW LABEL

PAYLOAD LENGTH NEXT HEADER HOP LIMIT

SOURCE IP ADDRESS

DESTINATION IP ADDRESS

 Next header points to another IPv6 header (e.g. Fragment header = 44) or upper- layer header (e.g. ICMPv6 = 58, TCP = 6)  Base header length is 40 bytes

©Rui Valadas, version 2.0, 28/9/2017 30 IPv6 encapsulation

©Rui Valadas, version 2.0, 28/9/2017 31 Global versus link-local addresses

• IPv6 introduced link-local addresses, for communication inside a layer-2 link • Have prefix fe80::/10 • Interfaces can create link-local addresses completely on their own, and use them to communicate on a link, without any previous configuration

• Global addresses are for Internet-wide communications • Such as public IPv4 addresses • Have prefix 2000::/3

©Rui Valadas, version 2.0, 28/9/2017 32 Unicast link-local addresses

• Have prefix fe80::/10 • Used to communicate inside the link • Must be unique inside the link • Not routable • An interface can create a link-local address completely on its own • 54-bit section can be of any value, but is typically “all zeros”

10 bits 54 bits 64 bits

1111 1110 10 Interface ID fe80::/10

©Rui Valadas, version 2.0, 28/9/2017 33 Communication using link- local addresses

PC1#ping fe80::c003:26ff:fe30:0 Output Interface: FastEthernet0/0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FE80::C003:26FF:FE30:0, timeout is 2 seconds: Packet sent with a source address of FE80::C002:1CFF:FEC8:0 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 0/18/52 ms

PCs can communicate without any configured address, using the link-local addresses

©Rui Valadas, version 2.0, 28/9/2017 34 Global unicast address

• Have prefix 2000::/3 • Also known as aggregatable global unicast addresses • 48-bit global routing prefix + 16-bit subnet ID + 64-bit interface ID • Subnet ID is used for subnetting

Provider Site Host

3 bits 45 bits 16 bits 64 bits

001 Global Routing Prefix Subnet ID Interface ID

©Rui Valadas, version 2.0, 28/9/2017 35 Communicating using both addresses

PC#ping 2001:db8:cafe:1::1

Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2001:DB8:CAFE:1::1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/28/60 ms Ping can use both link-local and PC#ping fe80::c000:18ff:fe28:0 global unicast addresses Output Interface: FastEthernet0/0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to FE80::C000:18FF:FE28:0, timeout is 2 seconds: Packet sent with a source address of FE80::C002:10FF:FEA4:0 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/36 ms

©Rui Valadas, version 2.0, 28/9/2017 36 Address configuration

• In IPv4 addresses can be configured • Manually • Through DHCP

• In IPv6 addresses configuration methods • Completely manual • Partially manual (Interface ID created automatically, through EUI-64 process or randomly) • Stateless Address Autoconfiguration (SLAAC) • Through DHCPv6

©Rui Valadas, version 2.0, 28/9/2017 37 Configuration of unicast link-local addresses

• Manual • Interface ID created using the EUI-64 process • Interface ID created randomly

fe80::/10 Sufix

Random EUI-64 (64 bits)

Manual

©Rui Valadas, version 2.0, 28/9/2017 38 EUI-64 process

• Generates Interface ID (64 bits) based on MAC address (48 bits) • EUI-64 format is the concatenation of: • 24 high-order bits of MAC address (with the 7th bit of the 1st byte flipped) • 16-bit value of fffe • 24 low-order bits of MAC address

00 50 3e 12 34 56 MAC address

00000000 50 3e ff fe 12 34 56

00000010 50 3e ff fe 12 34 56

02 50 3e ff fe 12 34 56 IPv6 Interface ID

©Rui Valadas, version 2.0, 28/9/2017 39 Configuration of unicast link-local addresses

The Interface ID was created using EUI-64 or randomly?

©Rui Valadas, version 2.0, 28/9/2017 40 Configuration of unicast link-local addresses

The Interface ID was created using EUI-64 or randomly?

©Rui Valadas, version 2.0, 28/9/2017 41 Configuration of global unicast addresses

• Both IPv6 address and prefix length configured manually • Prefix and prefix length configured manually; Interface ID obtained through EUI-64 process or randomly • Prefix and prefix length obtained from ICMPv6 Router Advertisement messages; Interface ID obtained through EUI-64 process or randomly – Stateless Address Autoconfiguration (SLAAC) • DHCPv6 Prefix bits) Sufix

DHCPv6 Random

Manual DHCPv6 Manual

Router Advertisement EUI-64 (64 bits) message (SLAAC)

©Rui Valadas, version 2.0, 28/9/2017 42 IPv6 multicast addresses

• Address space of multicast addresses: ff00::/8 • Special multicast addresses (link-local scope): • ff02::1 – all nodes • ff02::2 – all routers • ff02::5 – OSPF routers • ff02::6 – OSPF designated routers • ff09::5 – RIP routers • FF02::16 – all MLDv2-capable routers

• Mapping from IPv6 multicast addresses to Ethernet multicast addresses • First two octets of Ethernet multicast address have value 3333 (hex) • Last four octets equal last four octets of IPv6 multicast address

• ff02::1  3333.0000.0001 • ff02::1:ff66:6800  3333.ff66:6800

©Rui Valadas, version 2.0, 28/9/2017 43 Stateless Address Autoconfiguration (SLAAC)

• Allows host generating unicast addresses using combination of • Locally available information • Information advertised by routers

• Includes Duplicate Address Detection (DAD) procedure to verify uniqueness of addresses at link

• Four steps at host: 1. Creation of link-local address 2. DAD for link-local address 3. Configuration of global address (and other addressing information) based on ICMPv6 Router Advertisement message received from router 4. DAD for global address

©Rui Valadas, version 2.0, 28/9/2017 44 Stateless Address Autoconfiguration (SLAAC)

• Routers send periodically R1 R2 ICMPv6 Router Advertisement messages with the subnet prefix • to the all-nodes multicast address, ff02::1 • Hosts can request subnet Router Advertisement prefix through ICMPv6 Router Solicitation messages • to the all-routers multicast address, ff02::2 • in this case, routers reply immediately with ICMPv6 Router Advertisement message

©Rui Valadas, version 2.0, 28/9/2017 45 ICMPv6

• Similar to ICMP (for IPv4) but with additional functions • Main messages: • Packet Too Big – fragmentation • Echo Request, Echo Reply – ping • Multicast Listener Query, Multicast Listener Report, Multicast Listener Done – Multicast Listener Discovery (similar to IGMP) • Router Solicitation, Router Advertisement, Neighbor Solicitation, Neighbor Advertisement – Neighbor Discovery

©Rui Valadas, version 2.0, 28/9/2017 46 ICMPv6

Base header and ICMPv6 message

©Rui Valadas, version 2.0, 28/9/2017 47 Solicited-node multicast address

• All interfaces have it • An efficient replacement of the broadcast address • Only the intended interface (or a small subset of interfaces) reads the message • Used in Address Resolution and DAD processes • Formed by concatenating • multicast prefix (FF02:0:0:0:0:1:FF00::/104) with • last 24 bits of IPv6 address • NOTE: Several unicast addresses can map to a single solicited-node multicast address

fe80::202:B3FF:FE1E:8329

fe80 :: 0202 b3ff fe1e 8329 link-local unicast

ff02 :: 0000 0001 ff1e 8329 solicited-node multicast

©Rui Valadas, version 2.0, 28/9/2017 FF02::1:FF1E:8329 48 Duplicate Address Detection (DAD)

• Since nodes can choose random addresses - a mechanism is needed to detect duplicates • Node sends ICMPv6 Neighbor Solicitation message • IP source = all-zeros address • IP destination = solicited-node multicast address of sending node • If no reply, its Ok to use the address • If other node has same address, replies with Neighbor Advertisement message • autoconfiguration stops

Neighbour Solicitation

Neighbour Advertisement

©Rui Valadas, version 2.0, 28/9/2017 49 ARP (Address Resolution Protocol) • Discovers MAC address corresponding to given IPv4 address • Stores discovered MAC – IPv4 pairs in ARP cache • Dynamic ARP cache entries have lifetime • several minutes • User may insert static entries in ARP cache • ARP messages encapsulated in Ethernet II packets with protocol type 0x0806

ARP message

Destination Source Protocol type Data FCS address address = 0x0806

©Rui Valadas, version 2.0, 28/9/2017 50 ARP encapsulation and message format

Hardware type (2 octets)

Protocol type (2 octets)

Hardware address length (1 octet)

Protocol address length (1 octet)

Operation code (2 octets)

Sender hardware address (6 octets)

Sender protocol address (4 octets)

Target hardware address (6 octets) ARP message

Target protocol address (4 octets)

Destination Source Protocol type Data FCS address address = 0x0806

©Rui Valadas, version 2.0, 28/9/2017 51 ARP (Address Resolution Protocol)

Destination MAC address = ff:ff:ff:ff:ff:ff Source MAC address = ARP Request (to broadcast address) 38:60:77:0e:60:88 What is the MAC address of 192.168.56.1? Operation code = 1 (Request)

192.168.56.254 Sender MAC address = 38:60:77:0e:60:88 00:1d:70:d7:c4:c1 Sender IP address = 192.168.56.38

192.168.56.1 192.168.56.101 192.168.56.38 Target MAC address = Router 00:00:00:00:00:00 54:42:49:97:74:03 e0:cb:4e:a5:4f:95 38:60:77:0e:60:88 Target IP address = 192.168.56.1

Destination MAC address 38:60:77:0e:60:88 Source MAC address = ARP Reply (to requester s address) 54:42:49:97:74:03 MAC address is 54:42:49:97:74:03

Operation code = 2 (Reply)

192.168.56.254 Sender MAC address = 54:42:49:97:74:03 00:1d:70:d7:c4:c1 Sender IP address = 192.168.56.1

192.168.56.1 192.168.56.101 192.168.56.38 Target MAC address = Router 38:60:77:0e:60:88 54:42:49:97:74:03 e0:cb:4e:a5:4f:95 38:60:77:0e:60:88 Target IP address = 192.168.56.38 ©Rui Valadas, version 2.0, 28/9/2017 52 Link-layer address resolution in IPv6

• The equivalent to IPv4 ARP • Node sends ICMPv6 Neighbor Solicitation message • IP destination = solicited-node multicast address of neighbor • Maps into layer-2 multicast address, and not into broadcast address as in IPv4! • Destination replies with ICMPv6 Neighbor Advertisement message containing its link layer address

Neighbour Solicitation

Neighbour Advertisement

©Rui Valadas, version 2.0, 28/9/2017 53 IPv6 address resolution

Address resolution before ping from PC1 to R1 (Neighbor Solicitation / Neighbor Advertisement exchange)

©Rui Valadas, version 2.0, 28/9/2017 54 IPv6 address resolution

©Rui Valadas, version 2.0, 28/9/2017 55 R1#sh ipv6 int f0/0 FastEthernet0/0 is up, line protocol is up IPv6 IPv6 is enabled, link-local address is FE80::C002:11FF:FE5C:0 Global unicast address(es): 2001:DB8:CAFE:1::1, subnet is 2001:DB8:CAFE:1::/64 autoconfiguration Joined group address(es): FF02::1 FF02::2 FF02::1:FF00:1 FF02::1:FF5C:0 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds ND advertised reachable time is 0 milliseconds ND advertised retransmit interval is 0 milliseconds ND router advertisements are sent every 200 seconds ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. R1(config)#ipv6 unicast-routing R1(config)#int f0/0 PC1-ios#sh ipv6 int f0/0 R1(config-if)#ipv6 add 2001:db8:cafe:1::1/64 FastEthernet0/0 is up, line protocol is up R1(config-if)#no shutdown IPv6 is enabled, link-local address is FE80::C001:30FF:FE48:0 Global unicast address(es): PC1-ios(config)#int f0/0 2001:DB8:CAFE:1:C001:30FF:FE48:0, subnet is 2001:DB8:CAFE:1::/64 [PRE] PC1-ios(config-if)#ipv6 address autoconfig valid lifetime 2591895 preferred lifetime 604695 PC1-ios(config-if)#no shutdown Joined group address(es): FF02::1 FF02::2 • ff02::1 – all nodes address FF02::1:FF48:0 • ff02::2 – all routers address MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds • ff02::1:FF00:1 – solicited-node multicast ICMP redirects are enabled address for global address ND DAD is enabled, number of DAD attempts: 1 • ff02::1:ff5c:0 - solicited-node multicast ND reachable time is 30000 milliseconds address for link-local address Default router is FE80::C002:11FF:FE5C:0 on FastEthernet0/0

©Rui Valadas, version 2.0, 28/9/2017 56 IPv6 autoconfiguration

DAD for link-local address of PC1 DAD for link-local address of R1 DAD for global address of R1 DAD for global address of PC1

©Rui Valadas, version 2.0, 28/9/2017 57 IPv6 autoconfiguration

MAC announce of PC1 link-local MAC announce of R1 link-local MAC announce of R1 global MAC announce of PC1 global

©Rui Valadas, version 2.0, 28/9/2017 58 IPv6 autoconfiguration

Advertisements by R1

©Rui Valadas, version 2.0, 28/9/2017 59 IPv6 autoconfiguration

DAD for link-local address of PC1

DAD for global address of R1 ©Rui Valadas, version 2.0, 28/9/2017 60 IPv6 autoconfiguration

DAD for link-local address of PC1

Announcing MAC address associated with link-local address of PC1

©Rui Valadas, version 2.0, 28/9/2017 61 IPv6 autoconfiguration

©Rui Valadas, version 2.0, 28/9/2017 Router Advertisement messages sent by R1 62 Multicast Listener Discovery (MLD)

• In IPv6 multicast is an integral part of the protocol; available on all IPv6 nodes

• IPv6 multicast addresses start with FF prefix and have scope • FF02 – Link-local scope • FF0E – Global scope

• IPv6 uses ICMPv6 for group management (IPv4 uses IGMP); the protocol is called Multicast Listener Discovery (MLD); MLDv2 is based on IGMPv3 (supports Source Specific Multicast)

©Rui Valadas, version 2.0, 28/9/2017 63 Multicast Listener Discovery (MLD)

• MLDv2 has two messages: • Multicast Listener Query • Version 2 Multicast Listener Report – uses FF02::2 as destination address

• MLD is an asymmetric protocol • Routers send Query messages to discover which multicast addresses have listeners on each of their links; they do not track the number of listeners • Listeners send Report messages for their multicast addresses, to register with routers available on the link

©Rui Valadas, version 2.0, 28/9/2017 64 layer-2 MTU Fragmentation header

• Different links may have different specifications regarding the maximum packet size • Maximum packet size = MTU (Maximum Transfer Unit) • What fits in the body of a layer-2 frame • When a packet arrives at a router, it may be too big for the next link • Fragmentation is needed! • Alternatives: • Fragmentation at the source host or at the first router where the packet doesn’t fit? • Reassembly at the next router or at the destination host? • Information needed for reassembly: • An identifier of the (parent) packet • A sequence number for each (child) fragment • Identification of last fragment

©Rui Valadas, version 2.0, 28/9/2017 65 Fragmentation

MTU – maximum packet size of IP packets, including IP header and body

16 Mbit/sec Token Ring 17914 bytes 4 Mbits/sec Token Ring 4464 bytes FDDI 4352 bytes Ethernet 1500 bytes IEEE 802.3/802.2 1492 bytes X.25 576 bytes

©Rui Valadas, version 2.0, 28/9/2017 66 Fragmentation

sequence number more fragments? packet identifier

data 0 3 8 4 d destination address ata 1 2 8 4 da ta 1 1 8 4 R2 4 R5 8 MTU = y (y

Alternatives: ▪ Fragmentation at source? ▪ Reassembly at destination? ©Rui Valadas, version 2.0, 28/9/2017 67 IPv4 fragmentation

• Fragmentation at the first router where the packet doesn’t fit & Reassembly at destination host • Sequencing of fragments is carried out by numbering bytes – fragment offset • DF – Don’t Fragment; MF – More Fragments

©Rui Valadas, version 2.0, 28/9/2017 68 IPv4 fragmentation 20 bytes 1180 bytes other IP ID = FO = MF = 0...1179 fields 5245 0 0

fragmentation at Router 1

20 bytes 776 bytes 20 bytes 404 bytes other IP ID = FO = MF = other IP ID = FO = MF = 0...775 776...1179 fields 5245 0 1 fields 5245 97 0

fragmentation at Router 2

20 bytes 576 bytes 20 bytes 200 bytes other IP ID = FO = MF = other IP ID = FO = MF = 0...575 576...775 fields 5245 0 1 fields 5245 72 1

MTU = 1500 MTU = 800 MTU = 600 Host A Router 1 Router 2 Host B

NOTE: Fragmentation Offset (FO) counts in multiples of 8 bytes ©Rui Valadas, version 2.0, 28/9/2017 69 IPv6 fragmentation

• Fragmentation at the source host & reassembly at the destination host

• Path MTU – smallest link MTU of all links from source to destination

• Path MTU discovery: • Host assumes initially that Path MTU = MTU of first hop link (the link host is attached to) • If packet too big for some router along the path, router sends back to source ICMPv6 Packet Too Big message with MTU of its next hop link where the packet could not fit • Sender uses this MTU to send further packets to same destination • NOTE: Fragmentation Offset counts in multiples of 8 bytes

• IPv6 has minimum MTU size 1280 bytes

IPv6 MTU = 1400 IPv6 MTU = 1300

Sending ping from PC1 to PC2 with size = 1500 bytes

PC1#sh ipv6 mtu MTU Since Source Address Destination Address 1300 00:01:14 2001:DB8:CAFE:1:C005:2CFF:FEEC:0 2001:DB8:BECA:1:C002:23FF:FE48:0

IPv6 MTU = 1400 IPv6 MTU = 1300

1st Echo Request by PC1 2nd Echo Request by PC1 3rd Echo Request by PC1

Packet Too Big Packet Too Big from R2 from R1

Fragmentation math: • Wants to send ICMP with 1460 bytes including header • Path MTU = 1300, only allows 1300 - 40 (IPv6 base header) - 8 (Fragmentation header) = 1252 bytes • 1252 is not a multiple of 8 bytes; closest one is 1248 (156x8) IPv6 • 1st fragment carries 1248 bytes (including ICMP header = 8 bytes); Offset = 0; More Fragment = 1 fragmentation • 2nd fragment carries 212 bytes; Offset = 156; More Fragment = 0

E1 link

Ethernet hub Server

Ethernet switch/bridge PC

IP Router PDA Portable

If the goal is to study layer-3 (IP) routing, layer-2 links can be abstracted

E1 link point-to-point link

lk1 n1 i3 n2 i2 Ethernet i1 hub Server lk2 lk3 lk4

Ethernet switch i1 i2 PC n3 shared link n4 (pseudonode)

IP Router PDA node lk5 Portable

To study layer-3 routing:  Nodes represent routers  Pseudonodes represent fully-meshed shared links

 Directed arcs©Ruirepresent Valadas, version 2.0, connections 28/9/2017 between nodes 75 Representing networks through graphs

n1 n2 n1 pseudonode n2

n3 n4 n3 node n4

Connectivity provided by a shared link can be represented through a node, here called pseudonode

• Relies on attributes of nodes and links, which express the cost of transmitting information through these elements

• Node attributes are usually ignored; link attributes are many times just static costs configured at outgoing interfaces of switching equipment

• Route selection is based on the path cost of candidate paths, which are a function of node and link attributes

• Internet routing uses shortest path routing • Path cost = sum of costs of outgoing interfaces that are part of the path • Path with least cost (shortest path) is selected for routing

©Rui Valadas, version 2.0, 28/9/2017 77 The route selection process point-to-point link destination next hop interface cost lk1 10 lk2 n1 i3 15 n1 i3 n2 40 i2 lk3 dc i2 - i1 5 30 20 lk5 n4 i1 30 lk2 0 lk3 0 lk4 Forwarding table of node n2 0 0 0 destination next hop interface cost 5 25 15 5 i1 lk2 dc i1 - i2 n3 shared link n4 lk3 dc i2 - (pseudonode) lk5 n4 i2 25 10 lk5 0 node Forwarding table of node n3

Candidate paths from n3 to lk5: n3  lk3  n4  lk5, cost = 25 shortest path n3  lk3  n2  lk4  n4  lk5, cost = 45 n3  lk2  n1  lk1  n2  lk4  n4  lk5, cost = 95 n3  lk2  n1  lk1  n2  lk3  n4  lk5, cost = 105

Interface cost

10 10 15 10 sn1 i1 i2 i1 i2 R1 i3 R2 20

10 10 20 10 sn2 sn3 sn4 i1 i2 i1 i2 R3 R4

Cost of path = 40 Cost of path = 20

10 10 15 10 sn1 i1 i2 i1 i2 R1 i3 R2 20

Cost of path = 30

10 10 20 10 sn2 sn3 sn4 i1 i2 i1 i2 R3 R4

Cost of path = 30

Cost of path from router to subnet: sum of costs of interfaces that transmit packets towards subnet Shortest path from R1 to sn4: R1→sn1→R2→sn4, cost=20

Cost of path = 25 Cost of path = 40

10 10 15 10 sn1 i1 i2 i1 i2 R1 i3 R2 20

Cost of path = 30

10 10 20 10 sn2 sn3 sn4 i1 i2 i1 i2 R3 R4

Shortest path from R2 to sn2: R2→sn1→R1→sn2, cost=25

0. Initially, set 푆 = 푖 , 퐷푖푗 = 푑푖푗, for all 푗 ∉ 푆. 1. Find the next closest node, i.e., find 푘 ∉ 푆 such that 퐷푖푘 = min 퐷푖푚 푚∉푆 Set 푆 ≔ 푆 ∪ 푘 . If S contains all nodes, stop. 2. Update the labels, i.e., for all 푗 ∉ 푆 set 퐷푖푗 = min 퐷푖푗, 퐷푖푘 + 푑푘푗 Go to step 1.

©Rui Valadas, version 2.0, 28/9/2017 82 0. Initially, set 푆 = 푖 , 퐷푖푗 = 푑푖푗, for all 푗 ∉ 푆. 1. Find the next closest node, i.e., find 푘 ∉ 푆 such that 퐷푖푘 = min 퐷푖푚 Dijkstra’s algorithm 푚∉푆 Set 푆 ≔ 푆 ∪ 푘 . If S contains all nodes, stop. 2. Update the labels, i.e., for all 푗 ∉ 푆 set 퐷푖푗 = min 퐷푖푗, 퐷푖푘 + 푑푘푗 Go to step 1.

D12 = 20 D12 = 20 20 20 1 2 1 2

5 10 5 5 10 5 푆 = 1 20 20 푆 = 1,3

3 4 3 4 5 5

D13 = 5 D14 = 20 D13 = 5 D14 = 10

D12 = 15 D12 = 15 20 20 1 2 1 2

푆 = 1,3,4 5 20 10 5 5 20 10 5 푆 = 1,3,4,2

3 4 3 4 5 5 ©Rui Valadas, version 2.0, 28/9/2017 83 D13 = 5 D14 = 10 D13 = 5 D14 = 10 Directly connected links A exception to shortest paths

direct connection (dc) n2 i2 i1 30 20 dest nh int cost lk3 lk3 dc i2 - ...... 5 Forwarding table of node n2

shortest n4 path

 Directly connected (dc) links take precedence over shortest paths

 Precedence is determined by the administrative distance (0 for dc links)

• IP routing is based on shortest paths • But there are different ways to compute them in a distributed way…

• Distance vector protocols • Use the distributed and asynchronous version of the Bellman-Ford algorithm • Examples: RIP, IGRP, EIGRP

• Link state protocols • Routers broadcast information about their links with neighbors; in this way, they get to know the complete network topology (which is stored in a database) • Each router runs a centralized shortest path algorithm (usually the Dijkstra algorithm) to build the routing table • Examples: OSPF, IS-IS, NLSP

Lisboa 300 Km

A1 Lisboa 80 Km 270 Km

A2 40 Km Aveiro A4 20 Km A3 70 Km Lisboa 150 Km Lisboa 130 Km

The shortest path is through A4!

From Aveiro to Lisboa – A1 80 Km link state routing A2 40 Km Aveiro A5 A4 120 Km 20 Km A3 70 Km

A4 A7 80 Km 50 Km A3 30 Km A5 50 Km

A4 A3 70 Km 100 Km

Lisboa

• Routing information flows 123.0.0.0/8 S1 from destination to source 123.4.0.0/16 the direction opposite to the f • low of ro uting flow of data & a ddr essi ng in form flow atio of n 123.4.5.0/24 data • Advertised address D prefixes can be aggregated in successively larger S2 address spaces - supernetting

I do exist!

88 ©Rui Valadas, version 2.0, 28/9/2017 Correctness and performance of routing protocols • Routing protocols must converge within reasonable time when • Nodes are all switched-on at the same time - cold start • The attributes of nodes or links change • Nodes are added or removed, eventually due to a failure

• Routing protocols must deal appropriately with the possibility of routing message corruption

• Routing protocols must be efficient • The load introduced by control messages should be kept at a minimum

n1 n2 n1 n2 • Most control messages must be transmitted reliably DA DA TA 1 TA 1 1 K 1 t CK Periodic repetition of messages AC u A

• o e

• Used many times m i DA t TA 2

• Automatic Repeat-reQuest K 2 (ARQ) strategy AC DA Simplest ARQ is the Stop-and-Wait TA 1 • DAT protocol A 3 1 CK 3 A ACK

time time (a) (b) Stop-and-Wait

• In case of failure, routing protocols need to find alternatives to damaged routes, as fast as possible

• Two types of failures: router or link failures

• Failures may not be detectable through hardware mechanisms

• Detecting failures requires a keepalive mechanism • Routers announce periodically they are still alive

R1 R2

Sw1 Sw2

R3 R4 Sw3

R3 fails. R1, R2 and R4 do not detect failure through hardware since their links with neighboring switches remain operational.

I’m alive!

Router announces periodically it is alive.

R1 R2

Sw1 Sw2

R3 R4 Sw3

Links between Sw1-Sw3 and Sw1-Sw2 fail. Initial shared link was partitioned. Link is still useful to connect routers R1 and R2, on one side, and routers R3 and R4, on the other.