1 / 39

# Chapter 5: Network Layer - PowerPoint PPT Presentation

Chapter 5: Network Layer. CS455/555: Spring 2007. Network Layer: Design Issues. Services provided to the Transport Layer: Connection-oriented vs Connectionless service Underlying network: Internet (connectionless) and ATM ( Connection-oriented) Virtual circuits vs. datagrams.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

## PowerPoint Slideshow about ' Chapter 5: Network Layer' - tricia

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

### Chapter 5: Network Layer

CS455/555: Spring 2007

• Services provided to the Transport Layer: Connection-oriented vs Connectionless service

• Underlying network: Internet (connectionless) and ATM ( Connection-oriented)

• Virtual circuits vs. datagrams

• Objective: Route packets from source to destination.

• At a given node, it decides which output line an incoming packet should be sent.

• Desirable properties: Correctness, simplicity, robustness, stability, fairness, and optimality.

• Goals: Maximize network throughput and minimize mean packet delay

• Optimality principle

• Shortest path routing

• Graph: Routers and nodes and links connecting the routers are the edges.

• Edges of the graph may represent a hop, the mean delay, the distance, cost, traffic flow, etc.

• Dijkstra’s shortest path algorithm: To find the shortest path and distance from a source node to all other nodes in a graph. Initially, only the source node has a permanent label. In each iteration, one other node is assigned a permanent label.

• Flooding: Every incoming packet is sent out on every outgoing link.

• Of course, don’t send a packet to a node from which it is received.

• Keep a count in the packet to limit the number of nodes it may visit during its life time to avoid infinite looping.

• Uses: (i) When highly reliable communication is needed (ii) As a baseline for other algorithms to compare with in terms of shortest delay.

• Assuming that the capacity (Cij) and flow (Fij) along all the links in a network are known, path with a shortest delay can be determined.

• T = 1/(mC-L) where C is capacity in bps, L is arrival of packets/sec, 1/m is the average number of bits per packet.

• By trying out different possible paths, minimal routing can be determined

• Distance vector routing: Each router maintains a vector giving the best known distance to each destination and which outgoing link to use next.

• The vectors are periodically exchanged among the neighbors.

• The local vector is modified after receiving information from neighboring routers.

• Count-to-infinity problem: Reacts rapidly to good news but leisurely to bad news.

• Link State Routing: Replaced distance vector routing.

• Steps: Each router must

(1) Discover its neighbors and learn their network addresses.

(2) Measure the delay or cost to each of its neighbors.

(3) Construct a packet telling all it has learned.

(4) Send this packet to all other routers.

(5) Compare the shortest path to every other router.

• Hierarchical routing: When network size os large, the routing tables also are large. One way to solve the problem is by dividing the network into regions.

• Routers within a region would know only about nodes in their region. There will be one or more nodes that are connected to other regions. Thus a node also has hierarchical table indicating which internal node it has to route a message for a given destination region.

• Multicast routing

• When too many packets are present in a subnet or a part of it, performance degrades. This is called congestion.

• Causes of congestion:

(1) When a stream of input packets arrive to go on the same outgoing link, packets may be lost due to insufficient buffer size on that queue. But “Nagle discovered that infinite amount of memory at routers may lead to worsening of congestion.”

(2) Slow processors (Mismatch is always a problem)

(3) “Congestion tends to feed upon itself and become worse.”

• Flow control vs. Congestion control: Flow control deals with point-to-point traffic---fast sender and slow receiver.This usually achieved by a feedback from receiver to sender (e.g., ACKs in sliding window protocols). Congestion control is more global and is concerned about the ability of the subnet to carry out its tasks.

• General principles of congestion control: Approaches (1) Open-loop (2) Closed-loop

• Open loop solutions rely on good designs to make sure that congestion does not occur in the first place.

• Closed-loop solutions rely on feedback control---(1) Monitor subnet for any congestion. (2) Pass the congestion information to places where action can be taken. (3) Adjust the system operation to correct the problem.

• What to monitor? % of all packets discarded for lack of buffers, average queue lengths, the # of packets that timeout and are retransmitted, the average packet delay, and the standard deviation of packet delay.

• Who to inform? (1) Sources can be informed via control messages---this further increases network load; (2) A router puts a flag in all its outgoing packets of the impending congestion (3) Host or routers send explicit control packets to know about congestion

• Explicit feedback vs implicit feedback

• Congestion prevention policies: Open-loop systems:

(I) Data link layer: retransmission policy, out-of-order caching policy, ACK policy, flow control policy

(ii) Network layer: VC vs. datagrams inside the subnet, packet queueing and service policy, packet discard policy, routing algorithms, packet lifetime management

(iii) Transport layer: retransmission policy, out-of-order caching policy, ACK policy, flow control policy, timeout determination

• Traffic shaping: Open loop method: To force packets to be sent at more predictable rate and reducing the effect of bursty traffic.

• Traffic shaping vs. sliding window protocol

• Agreement between traffic carrier and user

• Traffic policing

• Leaky bucket and token bucket algorithms

• Leaky bucket: (1) A fixed capacity bucket (2) The output from the bucket is at a constant rate (3) When bucket overflows, information is lost.

• It can be thought of a single server queue with finite buffer and constant service time.

• Assuming constant packet (or cell sizes as in in ATM), it can be implemented as finite queue of buffers with one packet being serviced at each tick and put on the network.

• Example of Leaky bucket algorithm: A source generates data in terms of bursts: 3 MB bursts lasting 2 msec once every 100 msec. The network offers a bandwidth of 60 MB/sec. Thus the leaky bucket can have an output rate of 60 MB/sec. The leaky bucket has a capacity of 4 MB. How does the output look like?

• Input:0-2 msec: 1500 MB/sec; 100-102 msec: 1500 MB/sec; 200-202 msec: 1500 MB/sec; …

• Output: 0-50 msec: 60 M/sec; 100-150 msec: 60 MB/sec; ….

• What should be the capacity of the leaky bucket to avoid loss? The burst cannot be held and hence there will be an overflow. How much is lost? During the burst, data inflow is at the rate of 1.5 MB/msec and the outflow is at the rate of 0.6 MB/msec. So accumulation is at the rate of 0.9 MB/msec. So at the end of 2 msec, there will be an accumulation of 1.8 MB. This is the minimum leaky bucket capacity to avoid buffer overflow and hence data loss.

• Token bucket algorithm:Leaky bucket has a stringent outflow rate. A more flexible approach is the token bucket algorithm.Here, the overall rate is controlled rather than a fixed outflow rate all the time.

• Token bucket has a capacity indicating the maximum unused token that may be outstanding at any given instant.

• Tokens arrive into the bucket at a constant rate.

• Data can flow out of the bucket at a maximum rate limited by the network bandwidth as long as the bucket is not empty.

• Token bucket example:

Bucket capacity = 1 Mbytes

Token arrival rate = 2 Mbytes/sec

Network capacity: 10 Mbytes/sec

Application produces 0.5 Mbyte burst every 250 msec. For 3 seconds

• Initially, output can be at the rate of 10 Mbytes/sec. But how long does this prevail? X seconds

1 + 2X = 10X; 8X = 1; X = 1/8 sec =125 milliseconds. During this time, it can transmit 1.25 Mbytes. But the burst size is not that much.

So this will continue until the 0.5 Mbytes is sent. This takes 0.05 seconds or 50 milliseconds

Output: 0-50 msec: 10 Mbytes/sec

50-250 msec: None

By the time the next burst arrives, how many tokens will be accumulated? 2*200/1000 = 0.4 Mbytes of tokens

How long with the next burst last? 0.4 + 2X = 10 X; X = 0.4/8= 50 msec.

Output: 250-300msec: 10 Mbytes/sec

This will continue for 3 seconds.

• Flow Specifications

• Congestion control in virtual circuit subnets---admission control

• Choke packets---VC and datagrams; when the utilization of an output line exceeds a threshold, a router sends a choke packet to the source host---reduce exponentially and increase in small increments

• Weighted Fair Queueing: A queue is maintained for each source host at an output queue; packets are selected in a round-robin fashion; different weights for different sources

• Hop-by-hop Choke Packets---quick relief

• Load shedding: Wine (old packet is worth more) and milk (new packet is worth more); Low priority and high priority specified by the host

• Jitter control

• RSVP—Resource Reservation protocol for multicast routing

• Deals with connecting subnets of different type

• Networks may differ in : service offered, protoocls, addressing, multicasting, packet size, QoS, error handling, flow control, congestion control, security, parameters (e.g., timeouts), accounting

• Concatenated virtual circuits: Several VCs are set up and connected

• Connectionless internetworking

• Tunneling (Multiprotocol router)

• Internetwork routing---interior gateway protocol and exterior gateway protocol

• Fragmentation---transparent, nontransparent

• Firewalls: Two routers + application gateway(s)

• High-speed backbones, regional networks, local LANs

• IP or Internet protocol at the network layer

• Typically, when a message is fragmented along the way, the network layer at the host reassembles them.

• IP Protocol: See Fig. 5-45 for IP header format: Minimum 5 words (32-bit) maximum 15 words

• Fields in the IP Header:

• Version, lheader length, type of service (T/D/R), Total length, Identification (unique for each datagram), DF, MF, fragment offset, time to live, Protocol (transport level), header checksum, source address, destination address, options

• IP Addresses: Every host and router on the Internet has an IP address: network number + host number

• Class A, B, and C: Depending on the environment: Few networks/many hosts, medium Nw/medium hosts, many networks/few hosts

• Each byte is separated from the other by a DOT (.).

• Hexadecimal address  DOT notation (take two characters at a time and convert to a decimal number (0-255).

• Dividing host address into <subnet, host> pair; what the NIC gives is the network address.

• Each router has a table listing some with (network,0) entries and some with (this-network, host) IP addresses.

• With subnets, entries are (this-network, subnet,0) and (this-network, this-subnet, host), and (network,0)

• 32-bit masks are used to simplify routing tables

• What does 122.56.78.9/22 mean? It means use a mask with 22 1’s followed by 32-22 or 10 0’s. Then AND the mask with the IP address to get 122.56.76.0. This is the entry to be found in the routing table. The remaining 10 bits indicate the host address (0-1023).

• See example in page 443 (Fig. 5-59)

http://www.vicomsoft.com/knowledge/reference/nat.html

http://www.howstuffworks.com/nat.htm

• Short for Network Address Translation, an Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. A NAT box located where the LAN meets the Internet makes all necessary IP address translations. NAT serves three main purposes:

• Provides a type of firewall by hiding internal IP addresses

• Enables a company to use more internal IP addresses. Since they're used internally only, there's no possibility of conflict with IP addresses used by other companies and organizations.

• Allows a company to combine multiple ISDN connections into a single Internet connection.

Static NAT: A type of NAT in which a private IP address is mapped to a public IP address, where the public address is always the same IP address (i.e., it has a static address). This allows an internal host, such as a Web server, to have an unregistered (private) IP address and still be reachable over the Internet.

Dynamic NAT: A type of NAT in which a private IP address is mapped to a public IP address drawing from a pool of registered (public) IP addresses.

Typically, the NAT router in a network will keep a table of registered IP addresses, and when a private IP address requests access to the Internet, the router chooses an IP address from the table that is not at the time being used by another private IP address.

Dynamic NAT helps to secure a network as it masks the internal configuration of a private network and makes it difficult for someone outside the network to monitor individual usage patterns.

Another advantage of dynamic NAT is that it allows a private network to use private IP addresses that are invalid on the Internet but useful as internal addresses.

• Reason: IP Addresses are scarce

• ISP provider with a 16-bit maks has a maximum of 64K IP addresses but thousands of customers

• A company itself may have several computers for which it needs to allocate IP addresses---but it may have been allocated a few.

• Our CS labs and wireless networks use NATs.

• How does it work? Reserved IP address range for private use (not on Internet):

10.0.0.0 to 10.255.255.255.255/8

172.16.0.0 – 172.31.255.255/12

192.168.0.0-192.168.255.255/16

NAT box translates the public addresses into private addresses and vice versa

Use of UDP/TCP source port address (Page 446, fig. 5-60)

Objections to NAT: (not on Internet):

• Violates IP’s architectural model---IP address does not uniquely identify a host

• Changes internet from connectionless to connection-oriented

• Violates protocol layering principle---changes TCP/UDP’s headers

• What if applications do not use TCp or UDP?

• What if IP addresses are inserted inside an application? They won’t work.

• Since TCP port is 16-bits, at most 64K mapping is possible.

The Network Layer in the Internet (Cont.) (not on Internet):

• IP addresses cannot be used at the MAC layer

• See Figure 5-62 (Page 451)

• Ethernet boards (data link layer) have a 48-bit Ethernet address; different from 32-bit IP addresses; solution: ARP

• ARP: Address Resolution protocol (RFC 826): A source host broadcasts a message with IP address on its LAN. The receiving host responds back by broadcasting its Ethernet address.

The Network Layer in the Internet (Cont.) (not on Internet):

• IPv4 (current standard): IP is running out of addresses.

• IPv6: (1) Extend the address space to billions of hosts (2) Security (3) Reduce routing table sizes (4) QoS (5) Coexistence of old and new protocols (see page 437 for a complete list)

The Network Layer in the Internet (Cont.) (not on Internet):

• Improvements due to IPv6 (over IPv4):

• Address is 16 bytes rather than 4 bytes

• Better specification of options

• Security: Authentication and privacy

• Flow label for QoS is much larger than 2 bytes in IPv4

• Different prefixes for an IPv6 address meant different things (page 441)

IPv4 vs. IPv6 (not on Internet):

• No checksum: For better performance. Assumes that other layers will have their own.

• No fragmentation field: The fragmentation responsibility is with the host and not with a router

• No IHL field: Fixed length headers

• Extension headers (next header field): See pages 443-446 for more details