Network Layer: The Data Plane: Computer Networking: A Top Down Approach

Chapter 4
Network Layer:
The Data Plane
Computer
Networking: A Top
Down Approach
7th edition
Jim Kurose, Keith Ross
Pearson/Addison Wesley
April 2016
Network Layer: Data Plane 4-1
Chapter 4: outline
4.1 Overview of Network 4.4 Generalized Forward and
layer SDN
• data plane • match
• control plane • action
4.2 What’s inside a router • OpenFlow examples of
4.3 IP: Internet Protocol match-plus-action in
• datagram format action
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6

Chapter 4: network layer
chapter goals:
 understand principles behind network layer services,
focusing on data plane:
• network layer service models
• forwarding versus routing
• how a router works
• generalized forwarding
 instantiation, implementation in the Internet

Network layer
application
 transport segment from transport
network
sending to receiving host data link

physical
network network
 on sending side network

data link
data link
physical
data link
physical
encapsulates segments into physical network

data link
network
data link
datagrams physical physical
 on receiving side, delivers network

data link
network
data link
segments to transport layer physical

network
data link
physical
physical
 network layer protocols in network
application
transport
every host, router network
data link
physical
network
data link
network
data link
 router examines header data link physical physical

physical
fields in all IP datagrams

passing through it

Two key network-layer functions
network-layer functions: analogy: taking a trip

forwarding: move packets  forwarding: process of
from router’s input to getting through single
appropriate router output interchange
routing: determine route
taken by packets from  routing: process of
source to destination planning trip from source
• routing algorithms to destination

Network layer: data plane, control plane
Data plane Control plane

local, per-router function network-wide logic
determines how datagram determines how datagram is
arriving on router input port routed among routers along end-
is forwarded to router output end path from source host to
port destination host
forwarding function two control-plane approaches:
• traditional routing
values in arriving
packet header algorithms: implemented in
routers
1
0111
2
• software-defined networking
3
(SDN): implemented in
(remote) servers
Per-router control plane
Individual routing algorithm components in each and every
router interact in the control plane
Routing
Algorithm
control
plane
data
plane
values in arriving
packet header
0111 1
2
3
Network Layer: Control Plane 5-7

Chapter 4: outline
layer SDN
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6

Router architecture overview
 high-level view of generic router architecture:
routing, management
routing control plane (software)
processor operates in millisecond
time frame
forwarding data plane
(hardware) operttes
in nanosecond
timeframe
high-seed
switching
fabric
router input ports router output ports

Input port functions
lookup,
link forwarding
line layer switch
termination protocol fabric
(receive)
queueing
physical layer:
bit-level reception
data link layer: decentralized switching:
e.g., Ethernet  using header field values, lookup output port
see chapter 5 using forwarding table in input port memory
(“match plus action”)
 goal: complete input port processing at ‘line
speed’
 queuing: if datagrams arrive faster than
forwarding rate into switch fabric
Input port functions
lookup,
link forwarding
line layer switch
termination protocol fabric
(receive)
queueing
physical layer:
bit-level reception
decentralized switching:
data link layer:  using header field values, lookup output port
e.g., Ethernet using forwarding table in input port memory
see chapter 5 (“match plus action”)
 destination-based forwarding: forward based
only on destination IP address (traditional)
 generalized forwarding: forward based on
any set of header field values

Destination-based forwarding
forwarding table
Destination Address Range Link Interface
11001000 00010111 00010000 00000000

through 0
11001000 00010111 00010111 11111111
11001000 00010111 00011000 00000000

through 1
11001000 00010111 00011000 11111111
11001000 00010111 00011001 00000000

through 2
11001000 00010111 00011111 11111111
otherwise 3
Q: but what happens if ranges don’t divide up so nicely?

Longest prefix matching
longest prefix matching
when looking for forwarding table entry for given
destination address, use longest address prefix that
matches destination address.
Destination Address Range Link interface

11001000 00010111 00010*** ********* 0
11001000 00010111 00011000 ********* 1
11001000 00010111 00011*** ********* 2
otherwise 3
examples:
DA: 11001000 00010111 00010110 10100001 which interface?
DA: 11001000 00010111 00011000 10101010 which interface?
Longest prefix matching
 we’ll see why longest prefix matching is used
shortly, when we study addressing
 longest prefix matching: often performed using
ternary content addressable memories (TCAMs)
• content addressable: present address to TCAM: retrieve
address in one clock cycle, regardless of table size
• Cisco Catalyst: can up ~1M routing table entries in
TCAM

Chapter 4: outline
layer SDN
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6

The Internet network layer
host, router network layer functions:
transport layer: TCP, UDP
routing protocols IP protocol

• path selection • addressing conventions
• RIP, OSPF, BGP • datagram format
network • packet handling conventions
layer forwarding
table
ICMP protocol
• error reporting
• router “signaling”
link layer
physical layer

IP datagram format
IP protocol version 32 bits
number total datagram
header length length (bytes)
ver head. type of length
(bytes) len service for
“type” of data fragment fragmentation/
16-bit identifier flgs
offset reassembly
max number time to upper header
remaining hops live layer checksum
(decremented at
32 bit source IP address
each router)
32 bit destination IP address
upper layer protocol
to deliver payload to options (if any) e.g. timestamp,
record route
how much overhead? data taken, specify
 20 bytes of TCP
(variable length, list of routers
 20 bytes of IP
typically a TCP to visit.
 = 40 bytes + app
or UDP segment)
layer overhead

IP fragmentation, reassembly
 network links have MTU
(max.transfer size) -
largest possible link-level fragmentation:
frame
…
in: one large datagram
• different link types, out: 3 smaller datagrams
different MTUs
 large IP datagram divided
(“ fragmented” ) within net reassembly
• one datagram becomes
several datagrams
• “ reassembled” only at …
final destination
• IP header bits used to
identify, order related
fragments
IP fragmentation, reassembly
length ID fragflag offset
example: =4000 =x =0 =0
 4000 byte datagram
one large datagram becomes
 MTU = 1500 bytes several smaller datagrams
1480 bytes in length ID fragflag offset

data field =1500 =x =1 =0
offset = length ID fragflag offset

1480/8 =1500 =x =1 =185
length ID fragflag offset

=1040 =x =0 =370

Chapter 4: outline
layer SDN
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6

IP addressing: introduction
223.1.1.1
 IP address: 32-bit
223.1.2.1
identifier for host, router
interface 223.1.1.2
223.1.1.4 223.1.2.9
 interface: connection
between host/router and 223.1.3.27
physical link 223.1.1.3
223.1.2.2
• router’s typically have
multiple interfaces
• host typically has one or
223.1.3.2
two interfaces (e.g., wired 223.1.3.1
Ethernet, wireless 802.11)

 IP addresses associated
with each interface 223.1.1.1 = 11011111 00000001 00000001 00000001
223 1 1 1

IP addressing: introduction
223.1.1.1
Q: how are interfaces 223.1.2.1
actually connected?
A: we’ll learn about 223.1.1.2
223.1.1.4 223.1.2.9
that in chapter 5, 6.
223.1.3.27
223.1.1.3
223.1.2.2
A: wired Ethernet interfaces

connected by Ethernet switches
223.1.3.1 223.1.3.2
For now: don’t need to worry

about how one interface is
connected to another (with no
A: wireless WiFi interfaces
intervening router)
connected by WiFi base station
Subnets
 IP address: 223.1.1.1
• subnet part - high order
bits 223.1.1.2 223.1.2.1
223.1.1.4 223.1.2.9
• host part - low order
bits 223.1.2.2
223.1.3.27
 what’s a subnet ? 223.1.1.3
• device interfaces with subnet

same subnet part of IP
223.1.3.2
address 223.1.3.1
• can physically reach
each other without
intervening router network consisting of 3 subnets

Subnets
223.1.1.0/24
223.1.2.0/24
recipe 223.1.1.1
 to determine the 223.1.1.2 223.1.2.1

subnets, detach each 223.1.1.4 223.1.2.9
interface from its host 223.1.2.2

or router, creating 223.1.1.3 223.1.3.27
islands of isolated subnet

networks
223.1.3.2
 each isolated network 223.1.3.1
is called a subnet
223.1.3.0/24
subnet mask: /24

Subnets 223.1.1.2
how many? 223.1.1.1 223.1.1.4
223.1.1.3
223.1.9.2 223.1.7.0
223.1.9.1 223.1.7.1
223.1.8.1 223.1.8.0
223.1.2.6 223.1.3.27
223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2

IP addressing: CIDR
CIDR: Classless InterDomain Routing
• subnet portion of address of arbitrary length
• address format: a.b.c.d/x, where x is # bits in
subnet portion of address
subnet host
part part
11001000 00010111 00010000 00000000
200.23.16.0/23

IP addresses: how to get one?
Q: How does a host get IP address?
 hard-coded by system admin in a file

• Windows: control-panel->network->configuration->tcp/ip-
>properties
• UNIX: /etc/rc.config
 DHCP: Dynamic Host Configuration Protocol:
dynamically get address from as server
• “ plug-and-play”

DHCP: Dynamic Host Configuration Protocol
goal: allow host to dynamically obtain its IP address from network server when
it joins network
• can renew its lease on address in use
• allows reuse of addresses (only hold address while connected/“ on” )
• support for mobile users who want to join network (more shortly)
DHCP overview:
• host broadcasts “ DHCP discover” msg [optional]
• DHCP server responds with “ DHCP offer” msg [optional]
• host requests IP address: “ DHCP request” msg
• DHCP server sends address: “ DHCP ack” msg

DHCP client-server scenario
DHCP
223.1.1.0/24
server
223.1.1.1 223.1.2.1
223.1.1.2 arriving DHCP

223.1.1.4 223.1.2.9
client needs
address in this
223.1.3.27
223.1.2.2 network
223.1.1.3
223.1.2.0/24
223.1.3.1 223.1.3.2
223.1.3.0/24
DHCP client-server scenario
DHCP server: 223.1.2.5 DHCP discover arriving
client
src : 0.0.0.0, 68
Broadcast: is there a
dest.: 255.255.255.255,67
DHCPyiaddr:
server 0.0.0.0
out there?
transaction ID: 654
DHCP offer
src: 223.1.2.5, 67
Broadcast: I’m a DHCP
dest: 255.255.255.255, 68
server!
yiaddrr:Here’s an IP
223.1.2.4
transaction ID: 654
address
lifetime:you
3600can
secs use
DHCP request
src: 0.0.0.0, 68
dest:: 255.255.255.255, 67
Broadcast: OK. I’ll take
yiaddrr: 223.1.2.4
that IP address!
transaction ID: 655
lifetime: 3600 secs
DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255,
Broadcast: 68
OK. You’ve
yiaddrr: 223.1.2.4
got that IPID:
transaction address!
655
lifetime: 3600 secs
DHCP: more than IP addresses
DHCP can return more than just allocated IP address
on subnet:
• address of first-hop router for client
• name and IP address of DNS sever
• network mask (indicating network versus host portion
of address)

DHCP: example
DHCP DHCP  connecting laptop needs
DHCP UDP its IP address, addr of
DHCP IP
DHCP Eth
first-hop router, addr of
Phy DNS server: use DHCP
DHCP
 DHCP request encapsulated in
UDP, encapsulated in IP,
DHCP DHCP 168.1.1.1 encapsulated in 802.1 Ethernet
DHCP UDP
DHCP IP
Eth
 Ethernet frame broadcast (dest:
DHCP router with DHCP
Phy FFFFFFFFFFFF) on LAN,
server built into
router received at router running
DHCP server
 Ethernet demuxed to IP
demuxed, UDP demuxed to
DHCP

DHCP: example
DHCP DHCP
 DCP server formulates DHCP
DHCP UDP ACK containing client’s IP
DHCP IP address, IP address of first-
DHCP Eth hop router for client, name &
Phy IP address of DNS server
 encapsulation of DHCP
DHCP DHCP server, frame forwarded to
DHCP UDP client, demuxing up to
DHCP IP DHCP at client
DHCP Eth router with DHCP
DHCP
Phy server built into  client now knows its IP
router address, name and IP
address of DSN server, IP
address of its first-hop
router

DHCP: Wireshark Message type: Boot Reply (2)
reply
output (home LAN)
Hardware type: Ethernet
Hardware address length: 6
Hops: 0
Transaction ID: 0x6b3a11b7
Seconds elapsed: 0
Message type: Boot Request (1) Bootp flags: 0x0000 (Unicast)
Hardware type: Ethernet Client IP address: 192.168.1.101 (192.168.1.101)
Hardware address length: 6 Your (client) IP address: 0.0.0.0 (0.0.0.0)
Hops: 0
Transaction ID: 0x6b3a11b7
request Next server IP address: 192.168.1.1 (192.168.1.1)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Seconds elapsed: 0 Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)
Bootp flags: 0x0000 (Unicast) Server host name not given
Client IP address: 0.0.0.0 (0.0.0.0) Boot file name not given
Your (client) IP address: 0.0.0.0 (0.0.0.0) Magic cookie: (OK)
Next server IP address: 0.0.0.0 (0.0.0.0) Option: (t=53,l=1) DHCP Message Type = DHCP ACK
Relay agent IP address: 0.0.0.0 (0.0.0.0) Option: (t=54,l=4) Server Identifier = 192.168.1.1
Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Option: (t=1,l=4) Subnet Mask = 255.255.255.0
Server host name not given Option: (t=3,l=4) Router = 192.168.1.1
Boot file name not given Option: (6) Domain Name Server
Magic cookie: (OK) Length: 12; Value: 445747E2445749F244574092;
Option: (t=53,l=1) DHCP Message Type = DHCP Request IP Address: 68.87.71.226;
Option: (61) Client identifier IP Address: 68.87.73.242;
Length: 7; Value: 010016D323688A; IP Address: 68.87.64.146
Hardware type: Ethernet Option: (t=15,l=20) Domain Name = "hsd1.ma.comcast.net."
Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)
Option: (t=50,l=4) Requested IP Address = 192.168.1.101
Option: (t=12,l=5) Host Name = "nomad"
Option: (55) Parameter Request List
Length: 11; Value: 010F03062C2E2F1F21F92B
1 = Subnet Mask; 15 = Domain Name
3 = Router; 6 = Domain Name Server
44 = NetBIOS over TCP/IP Name Server
……

IP addresses: how to get one?
Q: how does network get subnet part of IP addr?
A: gets allocated portion of its provider ISP’s address
space
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20
Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23

Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23
Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23
... ….. …. ….
Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

Hierarchical addressing: route aggregation
hierarchical addressing allows efficient advertisement of routing
information:
Organization 0
200.23.16.0/23
Organization 1
“Send me anything
200.23.18.0/23 with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
beginning
199.31.0.0/16”

Hierarchical addressing: more specific routes
ISPs-R-Us has a more specific route to Organization 1
Organization 0
200.23.16.0/23
“Send me anything
with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
Organization 1 beginning 199.31.0.0/16
or 200.23.18.0/23”
200.23.18.0/23

IP addressing: the last word...
Q: how does an ISP get block of addresses?

A: ICANN: Internet Corporation for Assigned
Names and Numbers http://www.icann.org/
• allocates addresses
• manages DNS
• assigns domain names, resolves disputes

NAT: network address translation
rest of local network
Internet (e.g., home network)
10.0.0/24 10.0.0.1
10.0.0.4
10.0.0.2
138.76.29.7
10.0.0.3
all datagrams leaving local datagrams with source or

network have same single destination in this network
source NAT IP address: have 10.0.0/24 address for
138.76.29.7,different source source, destination (as usual)
port numbers
motivation: local network uses just one IP address as far
as outside world is concerned:
 range of addresses not needed from ISP: just one IP
address for all devices
 can change addresses of devices in local network
without notifying outside world
 can change ISP without changing addresses of
devices in local network
 devices inside local net not explicitly addressable,
visible by outside world (a security plus)

implementation: NAT router must:
 outgoing datagrams: replace (source IP address, port #) of

every outgoing datagram to (NAT IP address, new port #)
. . . remote clients/servers will respond using (NAT IP
address, new port #) as destination addr
 remember (in NAT translation table) every (source IP address,

port #) to (NAT IP address, new port #) translation pair
 incoming datagrams: replace (NAT IP address, new port #) in

dest fields of every incoming datagram with corresponding
(source IP address, port #) stored in NAT table

NAT translation table 1: host 10.0.0.1
2: NAT router WAN side addr LAN side addr
changes datagram sends datagram to
source addr from 138.76.29.7, 5001 10.0.0.1, 3345 128.119.40.186, 80
10.0.0.1, 3345 to …… ……
138.76.29.7, 5001,
updates table S: 10.0.0.1, 3345
D: 128.119.40.186, 80
10.0.0.1
1
S: 138.76.29.7, 5001
2 D: 128.119.40.186, 80 10.0.0.4
10.0.0.2
138.76.29.7 S: 128.119.40.186, 80
D: 10.0.0.1, 3345
4
S: 128.119.40.186, 80
D: 138.76.29.7, 5001 3 10.0.0.3
4: NAT router
3: reply arrives changes datagram
dest. address: dest addr from
138.76.29.7, 5001 138.76.29.7, 5001 to 10.0.0.1, 3345
* Check out the online interactive exercises for more

examples: http://gaia.cs.umass.edu/kurose_ross/interactive/ Network Layer: Data Plane 4-57
 16-bit port-number field:
• 60,000 simultaneous connections with a single
LAN-side address!
 NAT is controversial:
• routers should only process up to layer 3
• address shortage should be solved by IPv6
• violates end-to-end argument
• NAT possibility must be taken into account by app
designers, e.g., P2P applications
• NAT traversal: what if client wants to connect to
server behind NAT?

Network Layer: The Data Plane: Computer Networking: A Top Down Approach

Uploaded by

Copyright:

Available Formats

Network Layer: The Data Plane: Computer Networking: A Top Down Approach

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Network Layer: The Data Plane: Computer Networking: A Top Down Approach

Uploaded by

Copyright:

Available Formats

Chapter 4

Network Layer: Data Plane 4-2

Network Layer: Data Plane 4-3

sending to receiving host data link

 on sending side network

encapsulates segments into physical network

datagrams physical physical

 on receiving side, delivers network

segments to transport layer physical

 router examines header data link physical physical

fields in all IP datagrams

Network Layer: Data Plane 4-4

network-layer functions: analogy: taking a trip

Network Layer: Data Plane 4-5

Data plane Control plane

Network Layer: Control Plane 5-7

Network Layer: Data Plane 4-11

router input ports router output ports

Network Layer: Data Plane 4-12

Network Layer: Data Plane 4-14

11001000 00010111 00010000 00000000

11001000 00010111 00011000 00000000

11001000 00010111 00011001 00000000

Q: but what happens if ranges don’t divide up so nicely?

Destination Address Range Link interface

Network Layer: Data Plane 4-17

Network Layer: Data Plane 4-30

transport layer: TCP, UDP

routing protocols IP protocol

Network Layer: Data Plane 4-31

Network Layer: Data Plane 4-32

1480 bytes in length ID fragflag offset

offset = length ID fragflag offset

length ID fragflag offset

Network Layer: Data Plane 4-34

Network Layer: Data Plane 4-35

Ethernet, wireless 802.11)

Network Layer: Data Plane 4-36

A: wired Ethernet interfaces

For now: don’t need to worry

• device interfaces with subnet

Network Layer: Data Plane 4-38

 to determine the 223.1.1.2 223.1.2.1

interface from its host 223.1.2.2

islands of isolated subnet

subnet mask: /24

how many? 223.1.1.1 223.1.1.4

223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2

Network Layer: Data Plane 4-40

Network Layer: Data Plane 4-41

 hard-coded by system admin in a file

Network Layer: Data Plane 4-42

Network Layer: Data Plane 4-43

223.1.1.2 arriving DHCP

Network Layer: Data Plane 4-46

Network Layer: Data Plane 4-47

Network Layer: Data Plane 4-48

Network Layer: Data Plane 4-49

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20