b g b g b g
play

B G B G B G order ateway M M M P P ulticast P - PowerPoint PPT Presentation

B G B G B G order ateway M M M P P ulticast P rotocol 1 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004 Abstract 1. Introduction 1. Introduction 2. Tasks and Rules of


  1. B G B G B G order ateway M M M P P ulticast P rotocol 1 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  2. Abstract 1. Introduction 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations 4. Bidirectional Trees 4.1 Third Party Dependency 4.2 Method of choosing the root 4.3 Establishing the bidirectional shared tree 4.4 Data from external Domains 5. Source Specific Branches/Trees 5.1. Establishing Source Specific Branches/Trees 6. Security 2 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  3. 1. Introduction 2. Tasks and Rules of Border Routers ???? ???? ???? 3 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  4. 1. Introduction 2. Tasks and Rules of Border Routers • protocol for inter-domain multicast routing • run by the border routers of a domain • constructs inter-domain bidirectional shared trees • allows any existing multicast routing protocol to be used within individual domains Domain Domain Domain Domain Domain Domain A A A B B B TCP:264 4 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  5. 1. Introduction 2. Tasks and Rules of Border Routers BGMP uses TCP : � no need for implementation of: • message fragmentation • retransmission • acknowledgement • sequencing 5 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  6. 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations • border routers build: • group specific bidirectional branches • and source specific unidirectional branches where needed Domain Domain Domain Domain Domain Domain B B B A A A Domain Domain Domain C C C 6 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  7. 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations � inter BGMP � inter- -domain connections domain connections BGMP border router border router � intra MIGP � intra- -domain connections domain connections MIGP Domain Domain Domain Domain Domain Domain A A B A B B BMGP BMGP MI GP MI GP 7 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  8. 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations Multicast Interior Gateway Protocol (MIGP): Multicast Interior Gateway Protocol (MIGP): A generic term for any multicast routing protocol used for tree construction within a domain. Typical examples are: PIM-SM, PIM-DM, DVMRP, MOSPF and CBT Domain Domain Domain Host Host Host MI GP 8 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  9. 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations messages used by border routers: open keep alive • open open � first message sent by each side update • keep alive keep alive notification � (periodically) to ensure the liveliness of the connection and to confirm “open” • update • update � update if group memberships change (via join/prune/source or group messages) • notification notification � response to errors or special conditions 9 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  10. 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations messages used by border routers: • processed only after entirely received • maximum size: 4096 octets • all implementations are required to support this maximum message size 10 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  11. 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations forwarding-rules used by border routers: if arrives on an MIGP interface � accepted and forwarded according to MIGP rules Domain Domain Domain MI GP 11 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  12. 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations forwarding-rules used by border routers: if arrives over a point-to-point BGMP interface (and the packet got accepted) 1. targets listed in (S,G) entry (source specific) 2. targets listed in (*,G) entry (bidirectional) 3. next hop towards the group Domain Domain Domain Domain Domain Domain A B A B A B 12 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  13. 1. Introduction 2. Tasks and Rules of Border Routers 3. Implementations forwarding-rules used by border routers: a packet will be dropped if: • it was not received by the next hop target towards the group or the source after dropping the packet no further actions are taken. 13 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  14. 2. Tasks and Rules of Border Routers 3. Implementations 4. Bidirectional Trees What is this good for?? What is this good for?? IP Multicast •Multimedia teleconferencing •Distance learning •Data replication •Network games 14 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  15. 3. Implementations 4. Bidirectional Trees 4.1 Method of choosing the root Domain Domain Domain A A A Domain Domain Domain Domain Domain Domain B C B C B C Bidirectional Tree Bidirectional Tree 15 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  16. 3. Implementations 4. Bidirectional Trees 4.1 Third Party Dependency Bidirectional Trees: Bidirectional Trees: • minimize third party dependencies • improve performance • more efficient 16 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  17. 4.1 Method of choosing the root 4.1. Third Party Dependency 4.2 Method of choosing the root (Root) (Root) (Root) Domain Domain Domain A A A Domain Domain Domain Domain Domain Domain B B B B B B Domain Domain Domain Domain Domain Domain Domain Domain Domain Domain Domain Domain C C C C D D C C D D D D 17 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  18. 4.1 Third Party Dependency 4.2. Method of choosing the root 4.3. Establishing the bidirectional shared tree Method of choosing the root for the shared tree: Intra-domain shared tree protocols: • all routers are treated as equivalent candidates • it is a more or less random choice (depending on load sharing and stability) 18 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  19. 4.1 Third Party Dependency 4.2. Method of choosing the root 4.3. Establishing the bidirectional shared tree Method of choosing the root for the shared tree: In BGMP: • the choice of a group's root is subject to administrative control (depending e.g. on poor locality) • usually rooted at the domain of the initiator of the group 19 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  20. 4.2 Third Party Dependency 4.3. Establishing the bidirectional shared tree 4.4 Data from external domains C1: 224.0.128.1 ? Domain Domain Domain parent target child target A A A A2 MIGP A2 A3 join C1 B1 Root Domain MIGP for 224.0.128.1 Domain Domain Domain Domain Domain Domain C C Host C B B B join 20 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  21. 4.2 Third Party Dependency 4.3. Establishing the bidirectional shared tree 4.4 Data from external domains BGMP peer, that is the next BGMP peer or MIGP component, hop towards the from which a join request group’s root domain was received parent target child target A2 MIGP = target list / multicast-group forwarding entry 21 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  22. 4.2 Third Party Dependency 4.3. Establishing the bidirectional shared tree 4.4 Data from external domains parent target child target C1 A2 MIGP (*,G) entry Packets from any ( * ) source send to the G roup received by the border router are to be forwarded to all the targets in the list except to the sender itself. 22 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

  23. 4.2 Third Party Dependency 4.3. Establishing the bidirectional shared tree 4.4 Data from external domains B1: A3: C1: A2: 224.0.128.1 ? 224.0.128.1 ? 224.0.128.1 ? 224.0.128.1 ? join Domain Domain Domain parent target child target parent target child target parent target child target parent target child target MIGP A A A MIGP A3 A2 MIGP B1 MIGP A3 C1 A2 A3 join join C1 join join B1 Root Domain MIGP for 224.0.128.1 MIGP Domain Domain Domain Domain Domain Domain C C Host C B B B 23 Sicherheit im Internet, Patrick Lederer Sicherheit im Internet, Patrick Lederer, 18.05.2004 , 18.05.2004

Recommend


More recommend