Computer Networks Lecture 4.3 PDF

Summary

This document is a lecture on Computer Networks, specifically focusing on the Network Layer: Control Plane. It covers topics such as routing algorithms, intra-AS routing (OSPF), routing among ISPs (BGP), and SDN control plane. The document likely serves as teaching material for a computer science course in the network layer of computer networks.

Full Transcript

Computer Networks

The Network Layer: Control Plane
Prof. Dr. Sahar M. Ghanem
Associate Professor
Computer and Systems Engineering Department
Faculty of Engineering, Alexandria University
Outline
Introduction
Routing Algorithms
Intra-AS Routing in the Internet: OSPF
Routing Among the ISPs: BGP
The SDN Control Plane
ICMP: The Internet Control Message Protocol
Network Management and SNMP, NETCONF/YANG

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 2
Routing Among the ISPs: BGP

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 3
The Role of BGP (1/2)
To route a packet across multiple ASs, we need an inter-AS routing
protocol.
All ASs run the same inter-AS routing protocol, called the Border Gateway
Protocol (BGP).
BGP is a decentralized and asynchronous protocol in the vein of distance-
vector routing.
In BGP, packets are not routed to a specific destination address, but instead
to CIDRized prefixes, with each prefix representing a subnet or a collection
of subnets.
A router’s forwarding table will have entries of the form (𝑥, 𝐼), where 𝑥 is a
prefix (such as 138.16.68/22) and 𝐼 is an interface number for one of the
router’s interfaces.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 4
The Role of BGP (2/2)
BGP provides each router a means to:
Obtain prefix reachability information from neighboring ASs: each
subnet advertises its existence to the rest of the Internet.
Determine the “best” routes to the prefixes: the router will locally
run a BGP route-selection procedure. The best route will be
determined based on policy as well as the reachability information.
BGP routing tables often contain over half a million routes.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 5
Advertising BGP Route Information (1/4)
For each AS, each router is either a gateway router or an internal
router.
A gateway router is a router on the edge of an AS that directly
connects to one or more routers in other ASs.
An internal router connects only to hosts and routers within its own
AS.
Let’s consider the following example.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 6
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 7
Advertising BGP Route Information (2/4)
AS3 includes a subnet with prefix 𝒙
AS3 sends a BGP message to AS2, saying that 𝒙 exists and is in AS3
(“AS3 𝒙”)
Then AS2 sends a BGP message to AS1, saying that 𝒙 exists and that
you can get to it by first passing through AS2 and then to AS3 (“AS2
AS3 𝒙”)
Each AS will not only learn about the existence of 𝒙, but also learn
about a path of ASs that leads to 𝒙.
ASs do not actually send messages to each other, but instead
routers do.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 8
Advertising BGP Route Information (3/4)
Pairs of routers exchange routing information over semi-permanent
TCP connections using port 179 (BGP connection).
A BGP connection that spans two ASs is called an external BGP
(eBGP) connection, and a BGP session between routers in the same
AS is called an internal BGP (iBGP) connection.
There is typically one eBGP connection for each link that directly
connects gateway routers in different Ass.
There are also iBGP connections between routers within each of the
ASs that do not always correspond to physical links.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 9
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 10
Advertising BGP Route Information (4/4)
In order to propagate the reachability information, both iBGP and
eBGP sessions are used.
Gateway router 3a first sends an eBGP message “AS3 x” to gateway
router 2c.
Gateway router 2c then sends the iBGP message “AS3 x” to all of the
other routers in AS2, including to gateway router 2a.
Gateway router 2a then sends the eBGP message “AS2 AS3 x” to
gateway router 1c.
Finally, gateway router 1c uses iBGP to send the message “AS2 AS3 x”
to all the routers in AS1.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 11
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 12
Determining the Best Routes (1/3)
In previous slide, there are two paths from AS1 to x: the path “AS2
AS3 x” via router 1c; and the new path “AS3 x” via the router 1d.
In the Internet, routers often receive reachability information about
dozens of different possible paths.
How does a router choose among these paths (and then configure its
forwarding table accordingly)?
A router advertises a prefix (i.e. route) across a BGP connection and
includes several BGP attributes.
Two of the more important attributes are AS-PATH and NEXT-HOP.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 13
Determining the Best Routes (2/3)
To generate the AS-PATH value, when a prefix is passed to an AS, the
AS adds its ASN to the existing list in the AS-PATH.
If a router sees that its own AS is contained in the path list, it will
reject the advertisement to prevent looping.
the NEXT-HOP attribute is an IP address of a router that does not
belong to the AS; however, the subnet that contains this IP address
directly attaches to the AS.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 14
Determining the Best Routes (3/3)
The NEXT-HOP attribute for the route “AS2 AS3 x” from AS1 to x that
passes through AS2 is the IP address of the left interface on router
2a.
The NEXT-HOP attribute for the route “AS3 x” from AS1 to x that
bypasses AS2 is the IP address of the leftmost interface of router 3d.
Each router in AS1 becomes aware of two BGP routes to prefix x:
IP address of leftmost interface for router 2a; AS2 AS3; x
IP address of leftmost interface of router 3d; AS3; x

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 15
Hot Potato Routing (1/2)
The route chosen is that route with the least cost to the NEXT-HOP
router beginning that route.
e.g. router 1b is to find the least-cost intra-AS path to NEXT-HOP
router 2a and to NEXT-HOP router 3d.
Suppose that cost is defined as the number of links traversed, then 2a
will be selected (costs are: from 1b to 2a is 2 and from 1b to 2d is 3)
1b would consult its forwarding table and find the interface I that is
on the least-cost path to router 2a and adds (x, I).

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 16
Hot Potato Routing (2/2)
When adding an outside-AS prefix into a forwarding table, both the
inter-AS routing protocol (BGP) and the intra-AS routing protocol
(e.g., OSPF) are used.
The idea behind hot-potato routing is for a router to get packets out
of its AS as quickly as possible without worrying about the cost of the
remaining portions of the path outside of its AS to the destination
(selfish algorithm).
Two routers in the same AS may choose two different AS paths to the
same prefix (e.g. 1d would choose 3d to reach x).

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 17
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 18
Route-Selection Algorithm (1/2)
If there is only one such route, then BGP selects that route.
If there are two or more routes to the same prefix, then:
1. A route is assigned a local preference value that is a policy decision. The
routes with the highest local preference values are selected.
2. From the routes all with the same highest local preference value, the
route with the shortest AS-PATH is selected (DV algorithm where the
distance metric uses the number of AS hops).
3. From the remaining routes, hot potato routing is used, that is closest
NEXT-HOP router is selected.
4. If more than one route still remains, the router uses BGP identifiers to
select the route.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 19
Route-Selection Algorithm (2/2)
With the above route selection algorithm, BGP is no longer a selfish
algorithm—it first looks for routes with short AS paths.
see http://www.routeviews.org for a BGP routing tables extracted
from routers in tier-1 ISPs.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 20
IP-Anycast (1/2)
A CDN (Content Distribution Network) may replicate videos and other
objects on servers in different countries.
The DNS (Domain Name Service) system can replicate DNS records on DNS
servers throughout the world.
When a user wants to access this replicated content, it is desirable to point
the user to the “nearest” server with the replicated content.
BGP’s route-selection algorithm provides an easy mechanism for doing so.
When a BGP router receives multiple route advertisements for the same IP
address, it treats these advertisements as providing different paths to the
same physical location (when, in fact, are for different physical locations).

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 21
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 22
IP-Anycast (2/2)
CDNs generally choose not to use IP-anycast because BGP routing
changes can result in different packets of the same TCP connection
arriving at different instances of the Web server.
IP-anycast is extensively used by the DNS system to direct DNS
queries to the closest root DNS server.
When a DNS query is sent to one of these 13 IP addresses, IP anycast
is used to route the query to the nearest of the DNS root servers
(over 100 DNS root servers scattered over all corners of the world).

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 23
Routing Policy
Routes are first selected according to the local-preference attribute,
whose value is fixed by the policy of the local AS.
The following example shows six interconnected ASs (not routers): A,
B, C, W, X, and Y. W, X, and Y are access ISPs and A, B, and C are
backbone provider networks.
A, B, and C, directly send traffic to each other, and provide full BGP
information to their customer networks
W and Y are access ISPs, while X is a multi-homed access ISP (two
different providers).

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 24
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 25
Access ISP Policy
All traffic entering an ISP access network must be destined for that
network, and all traffic leaving an ISP access network must have
originated in that network.
How will X be prevented from forwarding traffic between B and C?
Selective route advertisement policy can be used to implement
customer/provider routing relationships.
X will function as an access ISP network if it advertises (to its
neighbors B and C) that it has no paths to any other destinations
except itself.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 26
Backbone/Provider ISP Policy (1/2)
Suppose that B has learned (from A) that A has a path AW to W.
B can thus install the route AW into its routing information base.
B also wants to advertise the path BAW to its customer, X, so that X
knows that it can route to W via B.
But should B advertise the path BAW to C?
If it does so, then C could route traffic to W via BAW.
B might rightly feel that it should not have to shoulder the burden
(and cost!) of carrying transit traffic between A and C.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 27
Backbone/Provider ISP Policy (2/2)
There are currently no official standards that govern how backbone
ISPs route among themselves.
A rule of thumb followed by commercial ISPs is that any traffic flowing
across an ISP’s backbone network must have either a source or a
destination (or both) in a network that is a customer of that ISP;
otherwise the traffic would be getting a free ride on the ISP’s
network.
Individual peering agreements are typically negotiated between pairs
of ISPs and are often confidential.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 28
Why are different inter-AS and intra-AS routing protocols used?

Policy: Among ASs, policy issues dominate. Within an AS , policy
issues play a much less important role in choosing routes.
Scale: The ability of a routing algorithm and its data structures to
scale to handle routing to/among large numbers of networks is a
critical issue in inter-AS routing. OSPF allows a hierarchy to be built by
splitting an AS into areas.
Performance: Because inter-AS routing is so policy oriented, the
quality of the routes used is often of secondary concern. Within a
single AS, routing focuses more on the level of performance realized
on a route.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 29
Obtaining Internet Presence (1/2)
Obtaining Internet connectivity is done by contracting with, and
connecting to, a local ISP.
The local ISP will also provide an IP address range.
You will assign one of the IP addresses to the Web server, one to the
mail server, one to the DNS server, one to the gateway router, and
other IP addresses to other servers.
Contract with an Internet registrar to obtain a domain name.
You will need to provide your registrar with the IP address of your
DNS server and the registrar will then put an entry for the provided
DNS server

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 30
Obtaining Internet Presence (2/2)
The routers needs to know about the existence of your company’s /24
prefix!
The local ISP will use BGP to advertise your prefix to the ISPs to which
it connects. Those ISPs will then, in turn, use BGP to propagate the
advertisement.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 31
The SDN Control Plane

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 32
Characteristics of an SDN architecture
Flow-based forwarding: OpenFlow1.0 abstraction allows forwarding based
on eleven different header field values (in the transport-layer, network-
layer, or link-layer header).
Separation of data plane and control plane: network’s switches execute
the “match plus action”.
Network control functions is external to data-plane switches: the control
plane consists of two components—an SDN controller and a set of
network-control applications to monitor, program, and control the
underlying network devices.
A programmable network: The network is programmable through the
network control applications running in the control plane (e.g. routing,
firewall, or load balancing).
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 33
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 34
Unbundling
SDN represents a significant “unbundling” of network functionality:
data plane switches (hardware), SDN controllers (software), and
network-control applications (applications) are separate entities.
This contrasts with the pre-SDN model in which a switch/router
together with its embedded control plane software and protocol
implementations, was monolithic, vertically integrated, and sold by a
single vendor.
How and where are the flow tables actually computed?
How are these tables updated (e.g., when a link going up/down)?
How are the flow table entries at multiple switches coordinated?

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 35
SDN Controller (1/2)
A controller’s functionality can be broadly organized into three layers.
A communication layer: communicating between the SDN controller and
controlled network devices that cross what has come to be known as the
controller’s “southbound” interface. OpenFlow is a specific protocol that
provides this communication functionality.
A network-wide state-management layer. the controller have up-to-date
information about state of the networks’ hosts, links, switches, and other
SDN-controlled devices.
The interface to the network-control application layer through its
“northbound” interface. An API that allows applications to read/write
network state and flow tables and can register to be notified when state-
change events occur.
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 36
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 37
SDN Controller (2/2)
Modern controllers such as OpenDaylight and ONOS have placed
considerable emphasis on architecting a logically centralized but
physically distributed controller platform that provides scalable
services and high availability to the controlled devices and network-
control applications alike.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 38
OpenFlow Protocol
The OpenFlow protocol operates between an SDN controller and an
SDN-controlled switch or other device implementing the OpenFlow
API.
The OpenFlow protocol operates over TCP, with a default port
number of 6653.
Important messages flowing from the controller to the switch are :
Configuration; Modify-State; Read-State; Send-Packet
Important messages flowing from switch to the controller: Flow-
Removed; Port-status; Packet-in

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 39
Data and Control Plane Interaction: Example (1/2)
Dijkstra’s algorithm is executed as a separate application, outside of
the packet switches.
Packet switches send link updates to the SDN controller and not to
each other.
Example: assume that the link between switch s1 and s2 goes down;
that shortest path routing is implemented, and consequently and that
incoming and outgoing flow forwarding rules at s1, s3, and s4 are
affected, but that s2’s operation is unchanged.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 40
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 41
Data and Control Plane Interaction: Example (2/2)
1. Switch s1, notifies the SDN controller using the OpenFlow port-status
message.
2. The SDN controller notifies the link-state manager, which updates a link-
state database.
3. Dijkstra’s link-state routing has previously registered to be notified when
link state changes. That application receives the notification.
4. The link-state routing application computes the new least-cost paths.
5. The link-state routing application with the flow table manager
determine the flow tables to be updated.
6. The flow table manager then uses the OpenFlow protocol to update flow
table entries at affected switches.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 42
SDN: Past and Future
The SDN revolution is leading to the disruptive replacement of
dedicated monolithic switches and routers by simple commodity
switching hardware and a sophisticated software control plane.
A generalization of SDN known as network functions virtualization
(NFV) similarly aims at disruptive replacement of sophisticated
middleboxes with simple commodity servers, switching, and storage.
Extend SDN concepts from the intra-AS setting to the inter-AS setting.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 43
ICMP: The Internet Control Message Protocol

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 44
The Internet Control Message Protocol
The Internet Control Message Protocol (ICMP) is used by hosts and
routers to communicate network-layer information to each other.
The most typical use of ICMP is for error reporting.
ICMP messages are carried inside IP datagrams.
ICMP messages have a type and a code field, and contain the header
and the first 8 bytes of the IP datagram that caused the ICMP
message to be generated.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 45
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 46
ping
The ping program sends an ICMP type 8 code 0 message to the
specified host.
The destination host, seeing the echo request, sends back a type 0
code 0 ICMP echo reply.
Most TCP/IP implementations support the ping server directly in the
operating system; that is, the server is not a process.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 47
source quench
The source quench ICMP message purpose was to allow a congested
router to the message to a host to force that host to reduce its
transmission rate.
It is seldom used in practice

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 48
Traceroute
Traceroute is implemented with ICMP messages.
Traceroute in the source sends a series of IP datagrams to the destination,
each carries a UDP segment with an unlikely UDP port number. The first of
these datagrams has a TTL of 1, the second of 2, the third of 3, and so on.
The source also starts timers for each of the datagrams.
When the nth datagram arrives at the nth router, it observes that the TTL
of the datagram has just expired. The router discards the datagram and
sends an ICMP warning message to the source (type 11 code 0).
The source obtains the round-trip time from the timer and the name and
IP address of the nth router from the ICMP message.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 49
Network Management

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 50
Network Management
Hundreds or thousands of network components are brought together by
an organization to form a network.
Network management includes the deployment, integration, and
coordination of the hardware, software, and human elements to monitor,
test, poll, configure, analyze, evaluate, and control the network and
element resources to meet the real-time, operational performance, and
Quality of Service requirements at a reasonable cost.
There are other administrator’s decision making processes, such as fault
identification, anomaly detection, network design/engineering to meet
contracted Service Level Agreements (SLA’s), and more come into
consideration.
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 51
Components of Network Management
Managing server: running in a centralized network management
station in the network operations center (NOC).
Managed device: a host, router, switch, middlebox, modem,
thermometer, or other network-connected device.
Data: Configuration data; Operational data; Device statistics
Network management agent: a software process running in the
managed device that communicates with the managing server.
Network management protocol: it provides capabilities that network
managers can use to manage (“monitor, test, poll, configure, analyze,
evaluate, and control”) the network.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 52
Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 53
ways to manage the network
Command Line Interface (CLI). Prone to errors, and it is difficult to
automate or efficiently scale for large networks.
SNMP/MIB. the network operator can query/set the data contained
in a device’s Management Information Base (MIB) objects using the
Simple Network Management Protocol (SNMP) (since the late
1980s). It is shortcoming is device configuration and network
management at scale.
NETCONF/YANG. YANG is a data modeling language used to model
configuration and operational data. The NETCONF protocol is used to
communicate YANG-compatible actions and data to/from/among
remote devices.

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 54
Summary
Introduction
Routing Algorithms
Intra-AS Routing in the Internet: OSPF
Routing Among the ISPs: BGP
The SDN Control Plane
ICMP: The Internet Control Message Protocol
Network Management and SNMP, NETCONF/YANG

Computer Networks, 2024 (c) Dr. Sahar M. Ghanem 55