routers and routing - skolan för datavetenskap och ... · cisco 12816 port density examples ......
TRANSCRIPT
Connecting devicesConnecting
devices
Networkingdevices
Internetworkingdevices
Applicationgateway
RouterBridge/Switch
Hub/Repeater
L1 L2 L3 L4-L7
IEEE 802 vs IPv4 addresses
1011110110111101
Group/Individual bit
Global/Localbit
1011110101110101 1011110110111101 1011110101110101 1011110110111101 1011110101110101
vendor code vendor assigned
IEEE802
IPv4 addr1011110111000000 1011110100100100 1011110101111101 1011110100010010
netid hostid
192.36.125.18
00:0E:35:64:E9:E7
Routing vs bridging● Bridging - forwarding on layer 2
– A MAC address/ID has a flat structure● many nodes -> large forwarding tables● broadcast reaches all nodes
– Simple to configure and manage, cheaper– Loops detected by spanning tree protocol
● Routing – forwarding on layer 3– The netid of the IP addresses can be aggregated
● many nodes -> smaller forwarding tables than bridging● routers partition broadcast domains
– Routing is more difficult to configure– Loops detected by routing protocols and TTL decrementation
Router ComponentsCPU
RoutingTable
Memory
Line cards
External links
CPU module”Control Processor””Routing Engine”
MAC
Memory
PacketProcessing
MAC
Memory
PacketProcessing
Interconnect
MAC
Memory
PacketProcessing
Examine headers, routing decision...
Input buffering,waiting for access to
output port...
Output buffering, waiting for
transmission...
QoS scheduling...
Execute routing protocols,compute routing table,configure line cards...
Inside a router, 1st Generation
● Late 80s, early 90s● Every packet goes twice over the shared bus● Capacity < 0.5 Gb/s
LineCard
LineCard
LineCard
BufferMemory
CPU RIB
Shared bus backplane
Line Card
BufferMemory
forwarder
Line Card
BufferMemory
forwarder
Line Card
BufferMemory
forwarder
Line Card
BufferMemory
forwarder
Inside a router, 3rd Generation
● Late 90s● Multiple simultaneous transfers over the backplane● Specialized hardware: ASICs (Application Specific IC)● Capacity 100 Gb/s
CPU
RIB
CPU Card
Switched backplane
Crossbar Architecture● Space division approach● Switched interconnection
between input and output● Centralized controller
– coordinates input-output ports
– activates paths between ports
● Multiple transfers can proceed simultaneously
● Crossbar is non-blocking
switching fabricinput ports
output ports
1
2
N
.
.
.
1 2 M
controller
. . .
interface logic
Xelerator X10 Architecture
SPI4
SPI4
SPI4
SPI4
Interconnect
TCAM SRAM SRAM Co-processor
HashEngine
MeterEngine
CounterEngine
TCAMEngine
ExternalEngine 0
ExternalEngine 1
ExternalEngine 2
ExternalEngine 3
TX
TX
TX
TX
RX
RX
RX
RX
SPI4
SPI4
SPI4
SPI4
PP PP PP PP PP PP
Routing Table Lookup ● Longest prefix first● Divide table in 32 ”buckets” - one for each netmask length● Match destination with longest prefixes first● SW algorithms: tree, binary trees, tries (different data structures)● HW support: TCAMs – Content Addressable Memory
Netid
Netid...
0
1
32
31
Masklen
destination IP address
Linear Search on Length Using a Trie
● Binary tree– Nodes are prefixes– Left branch represents ´0´in the string– Right branch represents ´1´
e
011*
f g
c01*
0*
a*
10*
110* d
b
1*
0010 0110 0111
a *b 10*c 01*d 110*e 0010f 0110g 0111
00*
000*
11*
TCAM
Linear Search on Values—TCAM
● Ternary Content-Addressable Memory– Fully associative memory
● Three values for each bit—’0’, ’1’, and ’x’ (don’t care)
● Compare input with all words in parallel– First match gives the result
● Up to 100 million searches per second
a *b 10*c 01*d 110*e 0010f 0110g 0111
0010 gfedcba
01100111110x01xx10xxxxxx
input
=
=
=====
Classification● Map a packet to a class● Class defined by filters, usually a 5-tuple:
– <source IP, destination IP, source port, destination port, protocol>● For example, all packets:
– From subnet N– To TCP port 80 on web-server S– From subnet N to port 666 on subnet M
● Applications:– Firewall & NAT– Blocking– Accounting– Policy routing– QoS—metering, policing, DiffServ marking, ...
Cisco 12816Port density examples● 30xOC-192 (10 Gb/s) ports● 120xOC-48 (2.5 Gb/s) ports● 15x10 Gigabit Ethernet ports● 60x1 Gigabit Ethernet ports
6ft
19”
2ft
Capacity: 1.28 Tb/sPower: 4.7 kW
Cisco CRS-1CISCO's current flagship:
Carrier- Routing System
3-stage multi-stage switching plane>50% of cost
Trie prefix lookup7.5kWEach slot has 40Gbps32Tbps raw bandwidthDistributed RPSeveral Logical RoutersOptical_Electric transitions:
O-E-O-E-O-E-O
Juniper Routers● M-series
– Shipping started 1998– M5, M10, M20, M40e, M160,
M320– 8xOC-192 or 32xOC-48
ports in a M160
● T-series– Shipping started 2002– T320, T640– 32xOC-192 or 128xOC-48
ports in a T640
Juniper M160
3ft
2.5ft
19”
Capacity: 80Gb/sPower: 2.6kW
Juniper J-series● J-series
– Software- PC-based– Emulates M/T series– Full software– Not full performance– Ideal for research and education
Autonomous systems - RFC1930
An Autonomous system is generally administered by a single entity.Operators, ISPs (Internet Service Providers)An AS contains an arbitrary complex sub-structure.
Each autonomous system selects the routing protocol to be used within the AS.Policies or updates within an AS are not propagated to other AS:s.An AS-number is (currently) a 16-bit unique identifierInterconnection between AS:s
– Service Level Agreements (SLA:s)– Internet Exchange Points (IX:s)/ Network Access Points (NAPs)– Direct connections
Internet structure● Ideally, there is a well-defined hierarchy in the Internet – a tree.
1 A few large “Tier 1” backbone providers – the core of the Internet (Sprint, Level3, Telstra, ...)● Provides transit for everyone else
2 Tier 2 regional ISPs, or NSPs (Network Service Providers)
3 Smaller ISPs
4 Customers● A well-defined hierarchy is nice for address aggregation –>
smaller IP tables● However, the hierarchy has broken down due to market forces:
– Peering at IXs, direct connections.● The Internet structure is now more in the form of a graph -->
larger routing tables
Static vs dynamic routing
● Static routing– Manually configure routing table– Typically for small networks– Single-homed, default route– Hosts are (almost) always statically routing
● Dynamic routing– As soon as the network is non-trivial, it is too difficult to manually
configure a network (see lab1)– Need dynamic routing protocol– Only routers participate in dynamic routing
The routing table● Currently, backbone IP tables are around 200000 entries.
– The RIB may be much larger● Virtual private networks (many customer routing tables) the
tables are even larger● Also, a “routing table” is actually many data-structures:
– Many different protocols– Forwarding information base (FIBs)– Routing information base (RIBs)
Load balancing● The routing protocol gives several routes to a network● Either select the best● Or load-balance between several links
– Unequal-cost multi-path– Equal-cost multi-path
● The forwarding decides how to balance actual traffic:– random (but this break TCP flows)– load balance per flow– load balance per address pairs
Example: load-balancing
● IS-IS/OSPF load balancing with two 3ms paths, one slow 20 ms path.
● Hosts from the same LAN (or different flows from same host) may take different routes.
3 ms
3 ms
20 ms
Asymmetric Routing
● A rule rather than an exception:– To- traffic and from- traffic take different paths
● Hot-potato routing– Send traffic out of your AS as soon as possible
● Cold-potato– Try to keep your traffic as long as possible.
Aggregation● Also called summarization● The netid part of IPv4 addresses can be aggregated (summarized) into
shorter prefixes.● Summarization is often done manually● Leads to smaller routing tables (fewer prefixes)● Threats: multi-homing and load-balancing
199.1.2.0/24199.1.1.0/24
199.1.0.0/24 199.1.3.0/24199.1.4.0/24
Metrics
● A fundamental functionality in a dynamic routing protocol:– Find the ”best path” to a destination
● But what is best path?– Interior routing: typically number of hops, or bandwidth– Exterior routing: business relations – peering
● Metrics– Number of “hops” (most common)– Bandwidth, Delay, Cost, Load, ”Policies”
Routing algorithms
● How does a router find a best path?● Most solutions based on SPF (Shortest Path First) algorithms that
are well known in graph theory.– Bellman-Ford– Dijkstra
● Apart from that, there are also other algorithms in– Multicast routing– Ad-hoc routing
● Sensor networks– Delay-tolerant networks
Routing protocol classes
● Almost all unicast routing protocols can be classified into one of two groups:– Link-State protocols (OSPF, IS-IS)– Distance-Vector protocols (RIP, IGRP, BGP)
● They are also classified into – Exterior (Inter-domain) routing protocols
● Between autonomous systems– Interior (Intra-domain) routing protocols
● Within an autonomous system
Popular Unicast Routing Protocols
Routing Protocols
Interior Exterior
BGPRIP OSPF IS-ISIGRP(cisco)
EGP
Routes may come from many “protocols”
● Direct– Networks on directly connected interfaces
● Local– example: 127.0.0.1
● Static– Configured static routes
● Aggregate– Manually aggregated routes
● RIP, OSPF, ISIS, BGP, RSVP,...
Route preference / Administrative distance
● Several protocols may include the same prefix. How do you decide which route to install in your routing table?
● Default preference (on Juniper) is:– Direct > Local > Static > OSPF > ISIS > RIP > Aggregate >
BGP● Can be changed or overridden with policies
The routing process
FIB
Routing Information Base
Forwarding Information Base
RoutingProcess
RIB RIB RIB
Routing protocol 1 Routing protocol 2
Linecards
CPU
Routing protocol 3
FIB FIB
Redistribution of routing information
● If several protocols are running on the same router– E.g., an OSPF as interior and BGP as exterior– E.g. static routes into dynamic routing protocol
● The router can distribute routes from one protocol to another– Interior routes need to be advertized to the Internet
● Typically these routes are aggregated– Exterior routes may need to be injected into the interior network
● But only a subset – the backbone tables are very large● Necessary for domain carrying transit traffic● Not necessary for a domain using only a default route
● Typically, redistributed routes are filtered in different ways due to routing policies
Redistribution using a policy
● In JunOS, policies are made up match/action pairs– Example, announce an aggregated prefix routes in BGP– Note: First declare policy, then export
policy-statement MYNETWORK { term 1 { from { # match protocol aggregate; route-filter 192.168.2.0/24 exact; } then accept; #action } }
protocols bgp { export MYNETWORK; # Apply policy }
Routing instances and tables
inet.0
RIB
Routing Instance: main RIBs
Routing protocol 3
Routing Instance: other RIBs
inet6.0
inet.1
inet.2
inet.3
mpls.0
IPv4 unicast routes
IPv6 unicast routes
IPv4 multicast forwarding cache
IPv4 multicast RPF table
IPv4 routes learnt from MPLS-TE path exploration
MPLS label-switch table
inet.0
Example: main.inet.0 __juniper_private1__.inet.0
Logical routers, VPNs, virtual routers, etc, use routing instances.
inet.4 MSDP routes
Routing policiesNeighbours
Protocols
Neighbours
Protocols
RIB
FIB
ExportImport
Note: Export policies may be applied only to active routes!
Protocol Default import action Default export action
direct and static accept all N/A
RIP accept all RIP routes reject all
BGP accept all BGP routes export all active BGP routes
IS-IS accept all IS-IS routes reject all (IS-IS uses LSAs)
OSPF accept all OSPF routes reject all (OSPF uses LSAs)
MPLS accept all MPLS routes export all active MPLS routes
Routing policy: syntax and flow
● Changing the default routing policy● Syntax: policy-options {
policy-statement name { term term-name { from { match; } then { action; } } }}
term1 term2
defaultpolicy
term3
term1 term2 term3
Policy 1
Policy 2
term
accept
reject
nextroute
More route-filters
● Route-filter match types– route-filter 192.168.0.0/16 exact;
– route-filter 192.168.0.0/16 orlonger;
– route-filter 192.168.0.0/16 longer;
– route-filter 192.168.0.0/16 upto /24;
– route-filter 192.168.0.0/16 through 192.168.16.0/20;
– route-filter 192.168.0.0/16 prefix-length-range /20-/24;
More actions
● accept● reject● next policy● next term● trace
Combined with accept:● as-path-expand● as-path-prepend● community● color● external● load-balance per-packet● local-preference● metric● next-hop● origin● preference
Applying policies● Apply them to protocols export or import rules● But policies appear in many places in JunOS, eg load-
balancing.● Syntax, BGP example. Export and import rules for all peers,
group peers and specific neighbor: protocols bgp {
export policy; import policy; group external { export policy;
import policy; neighbor 192.168.200.1{ export policy; import policy;
} }}