network layer ip netw etwor ork k layer er
play

Network layer (IP) Netw etwor ork k layer er Send datagram from - PowerPoint PPT Presentation

Network layer (IP) Netw etwor ork k layer er Send datagram from one host to another Network layer protocols in every host, router Portland State University CS 430P/530 Internet, Web & Cloud Systems Netw etwor ork k layer er


  1. Network layer (IP)

  2. Netw etwor ork k layer er  Send datagram from one host to another  Network layer protocols in every host, router Portland State University CS 430P/530 Internet, Web & Cloud Systems

  3. Netw etwor ork k layer er func unctio tions ns  Connection support  Delivery semantics  Security  Demux to upper layer  Routing  Addressing  Many historical examples, but only one really matters… Portland State University CS 430P/530 Internet, Web & Cloud Systems

  4. The e Intern ernet t Netw etwor ork k layer er Host, router network layer functions: Transport layer: TCP, UDP IP protocol Routing protocols • addressing conventions • path selection • datagram format • RIP, OSPF, BGP Network • packet handling conventions layer forwarding ICMP protocol table • error reporting •router “signaling” Link layer physical layer Portland State University CS 430P/530 Internet, Web & Cloud Systems

  5. IP data atagram gram forma rmat IP protocol version 32 bits number type of head. ver length service len fragment 16-bit identifier flgs offset remaining hops upper time to Internet (decremented at layer live checksum each router) 32 bit source IP address 32 bit destination IP address upper layer protocol to deliver payload to Options (if any) data (variable length, typically a TCP or UDP segment) Portland State University CS 430P/530 Internet, Web & Cloud Systems

  6. IP connection nnection set setup up  Hourglass design  No support for network layer connections  Datagram service  Connection semantics only at higher layer  Compare to phone network… Portland State University CS 430P/530 Internet, Web & Cloud Systems

  7. IP deli eliver ery y se sema mant ntics ics  No reliability guarantees  No ordering guarantees  No broadcast (255.255.255.255) not forwarded  No multicast (supported in address space, but no longer used)  224.0.0.0 to 239.255.255.255  Mostly unicast  Recently, anycast  IP address that has many machines associated with it  "Reach any one of them"  Done with some routing protocol hacks.... Portland State University CS 430P/530 Internet, Web & Cloud Systems

  8. Ex Example: ple: Cloudf udflare lare's 's 1. 1.1. 1.1.1 Portland State University CS 430P/530 Internet, Web & Cloud Systems

  9. IP se security urity  Weak support for integrity  IP header checksum  Leaves data integrity to TCP/UDP  No support for secrecy  No support for authenticity  Even source IP address can be faked!  Hosts trusted to provide legitimate address in packets (Leads to IP spoofing attacks)  IPsec  Retrofit IP network layer with encryption and authentication  Similar issues as with WPA  On other side of IPSec, payload decrypted Portland State University CS 430P/530 Internet, Web & Cloud Systems

  10. IP dem emux ux to up uppe per layer er  Protocol type field (e.g. next innermost doll)  Control messaging  1 = ICMP  Transport layers  6 = TCP  17 = UDP  Tunneling (often used to create virtual networks on cloud platforms)  41 = IPv6 encapsulation within IPv4  47 = GRE (Generic Routing Encapsulation)  Routing  88 = EIGRP  89 = OSPF https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers Portland State University CS 430P/530 Internet, Web & Cloud Systems

  11. IP routing uting  Internet routing done via hop-by-hop forwarding based on destination IP address  Each router builds forwarding table of..  Destination IP => Next-Hop IP address  Each router runs a routing protocol and algorithm to create forwarding table Portland State University CS 430P/530 Internet, Web & Cloud Systems

  12. Rout uting ing pr protocols ocols and nd algori gorithm thms Goal: determine “good” path (sequence of routers) thru network from source to dest.  Graph abstraction for routing algorithms:  Routing algorithms find minimum cost paths through graph 5 3 B C 5 2 A 2 F 1 3 1 2 D E 1 Portland State University CS 430P/530 Internet, Web & Cloud Systems

  13. Two ma main n ki kinds nds of routing uting algori gorithm thms Link-state algorithms  e.g. Dikjstra's shortest-path algorithm  Global information  Broadcast link cost information to all routers in network  Have each router calculate shortest path to destinations  Typically done on smaller, edge networks Distance-vector algorithms  e.g. Bellman-Ford algorithm  Decentralized information  Router knows physically-connected neighbors, link costs to neighbors  Iteratively exchange information with neighbors and recompute routes  Done within and between large, backbone networks Details in CS 494/594 Portland State University CS 430P/530 Internet, Web & Cloud Systems

  14. Rout uting ing iss ssue ue #1: Scale ale  Flat routing doesn't scale  200 million+ destinations  Storage  Can’t store all dest’s in routing tables  Computation  Algorithms perform poorly at that scale  Bandwidth  Link and routing table exchanges would swamp links! Portland State University CS 430P/530 Internet, Web & Cloud Systems

  15. Rout uting ing iss ssue ue #2: Aut utonom nomy  Network admins need to control routing in their own networks they manage  Require administrative autonomy  Require isolation of networks from each other  Route changes within PSU should be hidden to anyone outside of PSU  Motivates… Portland State University CS 430P/530 Internet, Web & Cloud Systems

  16. Interne ernet t Rout uting ng Hierar erarch chy  Key observation  Need less information with increasing distance to destination  Saves table size and reduces update traffic  Implemented via “autonomous systems” (AS)  Network divided into regions with administrative autonomy  Within AS  Routers run same routing protocol  “Intra - AS” or Interior Gateway routing protocol (IGP)  Each node has routes to every other node in area  Each node has routes to get to any nodes outside of area  Done via a "border router"  Packets destined outside of area routed to nearest appropriate border router  Between ASes  Border routers run "Inter-AS" or Border Gateway routing protocol (BGP) with border routers in other AS’s Portland State University CS 430P/530 Internet, Web & Cloud Systems

  17. Interne ernet t Rout uting ng Hierar erarch chy y exa xample ple  Addresses in B combined into single route entry pointing to B.a  Addresses in C combined into single route entry pointing to C.b  Addresses in A combined into two route entries pointing to A.a and A.c  Nodes in A, B, and C have no information about individual nodes in other ASes C (only an aggregate route to them)  Routing done between aggregates C.b B.a A.a b c A.c a a C b a B d c b A Portland State University CS 430P/530 Internet, Web & Cloud Systems

  18. Interne ernet t rout uting ing hiera erach chy  At top of hierarchy: “tier - 1” ISPs  Verizon, Sprint, CenturyLink, AT&T, Cable and Wireless, Google  National/international coverage  Peer with each other in multiple geographic locations in major cities  ISPs at any tier with a well-known, unique "AS number"  AS numbers, the IP addresses they "own", and their location/country well-known  Important for attribution of attacks and mistakes Portland State University CS 430P/530 Internet, Web & Cloud Systems

  19. Ex Example ple Tier er-1 1 ISP: : Level el 3 / / Cen entur turyLin yLink  We made the list!  Cocktail party question  Which building do most of Portland's packets go through? Portland State University CS 430P/530 Internet, Web & Cloud Systems

  20. Portland State University CS 430P/530 Internet, Web & Cloud Systems

  21.  Named after the same Pittock with the mansion  Wanted former home to host something cool in the early 1900s  Turned into an electrical substation that was housed in enormous (and infamous), sub-basement  https://cabel.com/2012/12/19/the-basement/  http://www.oregonlive.com/silicon- forest/index.ssf/2012/12/the_basement_subterranean_visi.html  http://www.oregonlive.com/portland/index.ssf/2001/05/historic_pittock_buil ding_hous.html  Hosts the NW Access Exchange (where PSU peers with Google)  https://www.nwax.net/Members Portland State University CS 430P/530 Internet, Web & Cloud Systems

  22. Portland State University CS 430P/530 Internet, Web & Cloud Systems

  23. Interne ernet t routin ting g hierar rarch chy  “Tier - 2” ISPs: smaller (often regional) ISPs  “Tier - 3” ISPs and local ISPs local local Tier 3 ISP local local ISP ISP ISP ISP Tier-2 ISP Tier-2 ISP Tier 1 ISP Tier 1 ISP Tier 1 ISP Tier-2 ISP local Tier-2 ISP Tier-2 ISP ISP local local local ISP ISP ISP Portland State University CS 430P/530 Internet, Web & Cloud Systems

  24. Interne ernet t str tructure: cture: netw etwork k of netw etworks ks  a packet passes through many networks! local local Tier 3 ISP local local ISP ISP ISP ISP Tier-2 ISP Tier-2 ISP Tier 1 ISP Tier 1 ISP Tier 1 ISP Tier-2 ISP local Tier-2 ISP Tier-2 ISP ISP local local local ISP ISP ISP Portland State University CS 430P/530 Internet, Web & Cloud Systems

Recommend


More recommend