Вы находитесь на странице: 1из 443

Alcatel-Lucent Scalable IP Networks

Module 0 Introduction to Scalable IP Networks


The Alcatel-Lucent Service Routing Certification Program Four Certifications

ALCATEL-LUCENT ALCATEL-LUCENT
NETWORK ROUTING SPECIALIST I NETWORK ROUTING SPECIALIST II
4 DAYS / 1 COURSE / 1 WRITTEN EXAM 17 DAYS / 4 COURSES / 4 WRITTEN EXAMS /
1 PRACTICAL LAB EXAM

ALCATEL-LUCENT
TRIPLE PLAY ROUTING PROFESSIONAL
34 DAYS / 8 COURSES / 8 WRITTEN EXAMS / 1 PRACTICAL LAB EXAM

ALCATEL-LUCENT
SERVICE ROUTING ARCHITECT
47 DAYS / 11 COURSES / 11 WRITTEN EXAMS / 2 PRACTICAL LAB EXAMS

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 2 All rights reserved 2008 Alcatel-Lucent

The Alcatel-Lucent Service Routing Certification (SRC) program gives you the training required to design,
operate and troubleshoot todays IP/MPLS based multi-service networks, allowing your corporation to get the
most from its investment in IP service routing.
The Alcatel-Lucent SRC program is specifically designed to arm network engineers, as well as operations and
strategic planning staff, with the skills necessary to meet new operational challenges and to align network
changes with their companies business goals. Adding video to the service mix creates an entirely new set of
networking architectural challenges. Our program is unique in its ability to prepare you to address these
challenges, both now and in the future.
The NRSI is our introductory certification and the SRA is our highest level certification. As you move from
the introductory certification to the SRA you will gain more knowledge associated with the ALU approach to
Services such as VPLS,VPRNS, and solutions such as Triple Play.

Scalable IP Networks v2.01 Module 0 - 2


SRC Program - Courses and Exams
Common Courses and Exams SRA Specific Lab Exam
Across Certification Tracks Course and Exam

Recommended Courses
1 Alcatel-Lucent Scalable IP Networks
2 Alcatel-Lucent Interior Routing Protocols and High Availability
3 Alcatel-Lucent Border Gateway Protocol
4 Alcatel-Lucent Multiprotocol Label Switching
5 Alcatel-Lucent Services Architecture
6 Alcatel-Lucent Virtual Private LAN Services
7 Alcatel-Lucent Virtual Private Routed Networks

8 Alcatel-Lucent Quality of Service


9 Alcatel-Lucent Multicast Protocols
10 Alcatel-Lucent Triple Play Services
11 Alcatel-Lucent Advanced Troubleshooting

Practical Lab Exams


Alcatel-Lucent Network Routing Specialist II Lab Exam
Alcatel-Lucent Service Routing Architect Lab Exam

RECERTIFICATION Certification is valid for three years. You must complete additional exams to keep your certification active.

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 3 All rights reserved 2008 Alcatel-Lucent

The break out of the components for each Alcatel-Lucent SRC Certification is outlined above.
Based on their experience and expertise, students may choose which courses to follow. Courses have
suggested prerequisites. However, a certification can be awarded only to those who pass the written and lab
exams required for their chosen certification. All exams identified per certification are mandatory. For more
information, please see the course outlines and exam overviews at www.alcatel-lucent.com/src
SRC courses range from 3 to 5 days in length. Each course offers extensive lab activities which range from 30
to 80% of the course time.

Scalable IP Networks v2.01 Module 0 - 3


SRC Program Exam Profile

Exam Pre- Written Exams


Exam Name Exam requisites
Number
(4A0-XXX) Delivered by Prometric
Alcatel-Lucent Scalable IP Networks 4A0-100 NA Global provider of testing services
Alcatel-Lucent Interior Routing 5000+ test sites worldwide
4A0-101 NA
Protocols and High Availability
Alcatel-Lucent Border Gateway Protocol 4A0-102 NA
Register at:
Alcatel-Lucent Multiprotocol Label
www.prometric.com/alcatel-lucent
4A0-103 NA
Switching
Alcatel-Lucent Services Architecture 4A0-104 NA
Alcatel-Lucent Virtual Private LAN
4A0-105 NA
Services
Alcatel-Lucent Virtual Private Routed
4A0-106 NA
Networks
Alcatel-Lucent Quality of Service 4A0-107 NA

Alcatel-Lucent Multicast Protocols 4A0-108 NA Lab Exams


Alcatel-Lucent Triple Play Services 4A0-109 NA Written at Alcatel-Lucent sites
Alcatel-Lucent Advanced
4A0-110 NA
NRS II Certification
Troubleshooting
Alcatel-Lucent Network Routing
Half-day lab exam
NRSII4A0 100, 101, 103, 104
Specialist II Lab Exam SRA Certification
100, 101, 102, 103, Full-day lab exam
Alcatel-Lucent Service Routing 104, 105, 106, 107,
ASRA4A0
Architect Lab Exam 108, 109, 110,
NRSII4A0

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 4 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 4


Credit for Other IP Certifications

Cisco or Juniper certified? Cisco Certifications SRC Exam Exemption

You can receive exemptions from Cisco Certified Internetwork


4A0-100
Professional (CCIP)
some of the SRC exams if you hold
Cisco Certified Internetwork
any one of the Cisco or Juniper Expert (CCIE) Routing and
4A0-100/4A0-101/4A0-102
certifications identified Switching and Service
Provider

Certifications must be valid to Juniper Certifications


SRC Exam Exemption
M- Series
receive exemptions Juniper Networks Certified
Internet Professional 4A0-100
Submit your request for (JNCIP-M)

exemptions at: Juniper Networks Certified


4A0-100/4A0-101/4A0-102
Internet Expert (JNCIE-M)
http://www.alcatel-lucent.com/srcexemptions
Juniper Certifications SRC Exam Exemption
E- Series
Juniper Networks Certified
Internet Professional 4A0-100
(JNCIP-E)

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 5 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 5


Alcatel-Lucent SRC Program Global Reach

Delivered from nine Alcatel-Lucent locations


globally:
APAC
y Shanghai, China
y Sydney, Australia
y Melbourne, Australia
Europe
y Antwerp, Belgium
y Newport, UK
y Paris, France
North America
y Plano, USA
y Ottawa, Canada
y Mexico City, Mexico

Class schedules posted @ www.alcatel-lucent.com/src

Registration online @ www.alcatel-lucent.com/srcreg

Customer on-site classes also available

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 6 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 6


Module Overview

Course timeline
Course objectives
Course prerequisites
Course introduction

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 7 All rights reserved 2008 Alcatel-Lucent

Alcatel-Lucent Scalable IP Networks


This course is part of the Alcatel-Lucent Service Routing Certification (SRC) Program. For more information
on the SRC program, see www.alcatel-lucent.com/src
To locate additional information relating to the topics presented in this manual, refer to the following:
Technical Practices for the specific product
Internet Standards documentation such as protocol standards bodies, RFCs, and IETF drafts
Technical support pages of the Alcatel website located at: http://www.alcatel-lucent.com/support

Scalable IP Networks v2.01 Module 0 - 7


Alcatel-Lucent Scalable IP Networks Timeline

Day 1
Module 0 Introduction
Module 1 The Evolution of the Internet
Module 2 Alcatel-Lucent 7750 SR Platforms

Day 2
Module 3 Introduction to Layer 2

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 8 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 8


Alcatel-Lucent Scalable IP Networks Timeline

Day 3
Module 4 Layer 3 and IP Services
Module 5 IP Routing Protocol Basics

Day 4
Module 6 Transport Layer Protocols
Module 7 Tunneling and Services

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 9 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 9


Alcatel-Lucent Scalable IP Networks Objectives

After the successful completion of this course, you should be


familiar with:
OSI protocol suite
Key functions of the Ethernet protocol
Key functions of an IP network
IP address classes, IP subnet masking, and IP supernetting
Configuration of IP addresses and subnet masks on router
interfaces
Static and dynamic routing
IGP and EGP and the differences between the routing
protocols

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 10 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 10


Alcatel-Lucent Scalable IP Networks Objectives (continued)

After the successful completion of this course, you should


understand:
The basic operation and configuration of OSPF
The basic operation of BGPv4
TCP and UDP as transport protocols
The purpose and benefits of MPLS
How MPLS tunnels are used to support VPN services
The various services offered on the 7750 SR including VPWS,
VPLS, and VPRN services

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 11 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 11


Alcatel-Lucent Scalable IP Networks Goal

Provide the participants with the basic knowledge of IP


networking, its application, and its implementation in an Alcatel-
Lucent environment.

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 12 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 12


Prerequisites and Follow-On Courses

Suggested prerequisites
There is no prerequisite for this course, however, familiarity with
binary arithmetic is an asset
Suggested follow-on courses
Based on the material covered in this course, it is recommended
that, after the successful completion of this course that you enrol
in the Alcatel-Lucent Interior Routing Protocols & High Availability
course
Certification exam
To ensure full comprehension of the material covered in this
course, it is recommended that the student register for and take
the Alcatel-Lucent Scalable IP Networks exam following completion
of this course

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 13 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 13


Alcatel-Lucent Scalable IP Networks Overview

IP technology has experienced phenomenal growth over


the last decade. This technology has become a part of every
facet of our lives. This 4-day course introduces the Layer 2 and
Layer 3 technologies that are used in the networking world.

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 14 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 14


Graphical Symbols and Icons

Generic router Provider Edge User Flow or lookup Physical link


(solid black)

Table Switch Control plane


(dashed red)
Packet (showing detail)
10.1.1.1

Workstation Customer site 1 DA


SA Type IP Data Data plane
(dotted blue)
1 Network Cloud

Server Customer site 2 System or loopback


Interface

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 15 All rights reserved 2008 Alcatel-Lucent

These typical graphical symbols and icons are used throughout this course.

Scalable IP Networks v2.01 Module 0 - 15


Administration

Registration
Facility information
Restrooms
Communications
(Set cell phones and pagers to silent mode.)
Materials
Schedule
Introductions
y Name and company
y Experience
y Expectations
Questions

Alcatel-Lucent Scalable IP Networks v2.01 Module 0 | 16 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 0 - 16


www.alcatel-lucent.com

3HE-02767-AAAA-WBZZA Edition 02
Alcatel-Lucent Scalable IP Networks

Module 1 The Evolution of the Internet

Scalable IP Networks v2.01 Module 1 - 1


Module Overview

How the Internet Began


Components of the Internet
How the Internet Works TCP/IP Layering

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 2 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 2


The Evolution of the Internet

Section 1 How the Internet Began

Scalable IP Networks v2.01 Module 1 - 3


How the Internet Began

The Development of the Internet

ARPANET

TCP/IP

Traffic on the Internet today

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 4 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 4


The Development of the Internet

Before the Internet


Early computing devices consisted of large systems for data
processing
Proprietary networking architectures and protocols were used
Network infrastructure was extended with similar components
General interest in cross-platform connectivity was non-existent
Interworking between research organizations
Driven by Advanced Research Projects Agency (ARPA) Department
of Defense (DoD)
Need of users in different organizations to share information
Reliability required for typical network component failure
Advanced Research Projects Agency Network (ARPANET)

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 5 All rights reserved 2008 Alcatel-Lucent

Before the Internet


In the early days of commercial computing, the late 1960s, most companies purchased one large
computer system for all of their data processing needs. These systems used proprietary networking
architectures and protocols, consisting primarily of plugging dumb terminals or line printers into an
intelligent communications controller. Each of these devices used proprietary networking protocols to
communicate with the central host.
These computer systems used proprietary design, products, protocols, and services to interconnect.
Companies expanded their existing networks by purchasing more of the same type of equipment.
Cross-platform connectivity did not exist and was not expected.
Interworking between organizations
Interworking between vendors first occurred when the US Military realized that different sites around
the country could not connect with each other because they all ran proprietary systems and protocols.
Without cross-platform support, effective communication or resource sharing between sites was not
possible. This could become critical in the event of a national disaster, or more commonly, equipment
failure where the inability to transfer resources or to backup information could leave that information
unprotected.

Scalable IP Networks v2.01 Module 1 - 5


Significance of ARPANET

Initial ARPANET consisted of:


y Interface message processors
(IMP)
y Host computers connected to
IMP via serial line
y Host-to-host protocol called
Network Control Protocol (NCP)
Another network called
ALOHANET funded by ARPA
Other packet switched
networks developed in Europe
In 1972, INWG decided to
connect all of these networks

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 6 All rights reserved 2008 Alcatel-Lucent

Cross-organizational communications
The project to enable cross-organizational communications was initiated by ARPA of the DoD. The
priority for this project was vendor-independent networking. As a result, the worlds first packet
switched network, ARPANET, was conceived.
ARPANET was initially deployed between four sites (Stanford University, University of California at
Santa Barbara, University of California at Los Angeles, and University of Utah). It was designed with
reliability in mind and consisted of redundant packet switches, links, and a dynamic routing protocol.
In 1969, ARPA funded an experimental packet radio network at the University of Hawaii. This network,
ALOHANET was directed by Professor Norman Abramson, and connected sites that were spread
throughout the Hawaiian islands to a central time-sharing computer on the University of Hawaii campus.
ALOHANET users could connect to the ARPANET. However, this access through the terminal interface
processor (TIP) meant that, from the ARPANET perspective, ALOHANET was just a terminal connection.
Dr. Robert Kahn, one of the BBN IMP researchers who was instrumental in developing the IMP-to-host
protocol, architecting the ARPANET, and improving its reliability, organized an event to demonstrate
ARPANET. During this event, a new working group called the International Network Working Group
(INWG), was organized. One of the tasks that INWG undertook was to connect ARPANET and ALOHANET
to some of the new packet switching European networks to create a Giant Global network. Kahn began
a lengthy series of discussions with Vint Cerf, the INWG chairman, to find a solution.
Their model was an internetworking of the ARPANET with a packet radio network and a satellite
network (SATNET)each of which used different protocols and different interfaces, and were optimized
for each particular network's needs.

Scalable IP Networks v2.01 Module 1 - 6


The Challenge of ARPANET

Challenges
ARPANET was designed for a very high degree of reliability,
and NCP depended upon this level of reliability
Addressing
Each network had its own maximum packet sizes

Solution
Kahn developed a new host-to-host protocol with global
addressing
In 1973, TCP was developed as a protocol to connect these
networks

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 7 All rights reserved 2008 Alcatel-Lucent

Challenges
Packet radio and satellite links could not guarantee the same kind of reliability that was designed into
ARPANET.
NCP only supported local addressing to the next hop node. It did not provide the addressing plan that
was required for a global network such as the Internet.
Each network supported its own maximum packet size. When a packet traveled from one network to
the next it may have needed to be broken into a number of smaller packets to traverse the next
network.
Solution
The development of a new host-to-host protocol that supported global addressing, the ability to recover
lost packets, perform fragmentation and reassembly, calculate end-to-end checksums, and provide
host-to-host flow control.
The first version of this new protocol was presented by Kahn and Cerf at a meeting of the INWG at
Sussex University in the United Kingdom in September 1973. It was called the Transmission Control
Protocol (TCP).
In 1978, TCP evolved to become TCP/IP.
TCP/IP
The introduction and wide-scale deployment of TCP/IP represented a major shift in computer networking.
Prior to TCP/IP, most network topologies required hardware-based network nodes to send traffic to a central
host for processing with the central host delivering the data to the destination node on behalf of the sender.
With the introduction of TCP/IP, each network device was treated as a fully functional, self-aware network
endpoint, capable of communicating with any other device directly without using a central host.

Scalable IP Networks v2.01 Module 1 - 7


The Birth of the Internet

From military to research-based network


y TCP/IP grew in popularity after it was offered with the UNIX OS
y ARPANET was replaced by NSFNET
In 1990, commercial agencies and other general purpose
companies required networking, giving rise to Internet
service providers (ISPs)
From research to commercial-based network
y NFSNET was replaced by commercial ISPs in the mid-1990s
y Protocols associated with the Internet and TCP/IP were
developed through the RFC process
y INWG evolved into IETF as the standards organization for
Internet-related protocols

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 8 All rights reserved 2008 Alcatel-Lucent

In 1980, the U.S. military adopted TCP/IP as a networking standard. A "flag day" transition from NCP to
TCP/IP that took place on January 1, 1983, marks the beginning of the Internet and the beginning of
the end for the ARPANET.
By 1985, the ARPANET was heavily utilized and burdened with congestion. In response, the National
Science Foundation initiated phase 1 for the development of the National Science Foundation network
(NSFNET).
The NSFNET used a hierarchical network architecture from its inception in 1986 and was more
distributed than the ARPANET. The bottom tier consisted of University campuses and research
institutions. These were connected to the middle tier (the regional networks). The regional networks
were then connected into the main backbone network (the highest tier), consisting of links between six
nationally funded supercomputers.
As late as the early 1990s, the NSFNET was still reserved for research and education applications, and
government agency backbones were reserved for mission-oriented purposes. These networks and other
emerging networks were feeling new pressures as different agencies needed to interconnect with one
another.
There was increasing commercial and general interest in obtaining network access and interconnectivity
which gave rise to an entire industry of network service providers, also known as internet service
providers. Networks outside the U.S. developed with international connections between them. As the
various new and existing entities pursued their goals, the complexity of connections and infrastructure
grew.

(.continued on slide 9)

Scalable IP Networks v2.01 Module 1 - 8


The Birth of the Internet

From military to research-based network


y TCP/IP grew in popularity after it was offered with the UNIX OS
y ARPANET was replaced by NSFNET
In 1990, commercial agencies and other general purpose
companies required networking, giving rise to Internet
service providers (ISPs)
From research to commercial-based network
y NFSNET was replaced by commercial ISPs in the mid-1990s
y Protocols associated with the Internet and TCP/IP were
developed through the RFC process
y INWG evolved into IETF as the standards organization for
Internet-related protocols

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 9 All rights reserved 2008 Alcatel-Lucent

(.continued from slide 8)


The INWG managed the development of Internet and TCP/IP related protocols. From its very beginning,
anyone was allowed to participate in the process merely by generating ideas for protocols to use on
these emerging networks. These original documents were known then, as they are today, as Requests
For Comments (RFCs). While today's RFCs are more formal and build on a rich and storied tradition of
previous RFCs, they are still the major driving force for innovation of new protocols and features.
The INWG evolved over the years into the IETF which is now the standards body for IP and related
protocols. The IETF does not and has never had an official charter. It still operates as an open
organization where anyone representing research or commercial interests can contribute and improve
the existing internet protocols. IETF working groups enable individual contributors to meet, present,
and review their work with every one else through the RFC process.

Scalable IP Networks v2.01 Module 1 - 9


Traffic on the Internet Today

NSFNET traffic in the


early 90s

Credit: Donna Cox and Robert Patterson, courtesy of the National Center for Supercomputing
Applications (NCSA) and the Board of Trustees of the University of Illinois

The modern Internet today

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 10 All rights reserved 2008 Alcatel-Lucent

The modern Internet evolved from the NSF-based Internet where, instead of research and government
institutions providing a common backbone, any commercial enterprise or industry participates in generating or
propagating traffic that is generated by other enterprises. The common goal is to provide access to the
Internet hosts, and provide an abundance of information housed by various organizations.

Scalable IP Networks v2.01 Module 1 - 10


The Evolution of the Internet

Section 2 - Components of the Internet

Scalable IP Networks v2.01 Module 1 - 11


Components of the Internet

The Internet Defined


Roles and Functions
Service Provider Tiers
Connections
Modern ISP Services
ISP with POPs
IP Addressing
TCP/IP

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 12 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 12


The Internet Defined

Simple Definition
The Internet is built with computers that are connected by wires. Each
wire serves as a way to exchange information between the two
computers that are connected.

Practical Definition
The Internet consists of many distributed network architectures that
are operated by many commercial organizations (ISPs) connected via
major network exchange points as well as direct network
interconnections [Internet Routing Architectures, 2nd Edition, Sam
Halibi], all using the IP.

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 13 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 13


Roles and Functions

Content Provider
An organization or individual that creates information, that
is, educational or entertainment content for the Internet
Service Provider
An organization that provides Internet service and access to
various content providers
Peering
Peering is the arrangement of traffic exchange between ISPs

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 14 All rights reserved 2008 Alcatel-Lucent

The terms content provider and service provider can be applied to a broader scope than the Internet.
However, in this course, content provider and service provider are referred to in the context of the Internet.
Service Provider vs Content Provider
Anyone that offers Internet connectivity can claim to be an Internet provider or service provider. The
term service provider covers everything from a provider with a multimillion-dollar backbone and
infrastructure to a provider with one router and an access server in their garage.
A content provider provides only the information that is requested by the home user or small
corporation. This information typically resides on data servers. Access to these data servers occurs by
using application protocols, a concept which will be discussed later.
The most common example of an application protocol that is used to access information is Hypertext
transfer protocol (HTTP), which is the fundamental protocol of the world wide web (WWW).
By using HTTP, users can access information from the server that contains the particular information
(the website) sought by the user.
For example, when the user types www.google.com on their web browser, the browser uses HTTP to
obtain information from the website or the data server that hosts www.google.com.
It is quite typical for an Internet user to obtain content from servers outside of their vicinity. The
Internet gives any user access to content on servers located anywhere in the world. For example, the
user is in Ottawa, Canada obtaining services from a local ISP (ISP A) and the data server hosting Google
is in Palo Alto, USA connected to its content provider. ISP A and the content provider must either be
able to connect directly to each other or must be able to use the service of another ISP that provides
transit services to both ISP A and the content provider. Only then will the local user send and receive
traffic from the Google server. This type of arrangement between the ISPs and the content provider is
referred to as a peer arrangement or peering.
Peering is a mutual agreement between two or more ISPs to enable the exchange of information
between each others customers by direct or indirect interconnections. The indirect interconnection is
through an Internet Exchange Point (IXP). Apart from web access, ISPs can also provide e-mail access
with multiple e-mail accounts, data storage, and very recently broadcast television services.

Scalable IP Networks v2.01 Module 1 - 14


Service Provider Tiers

Tier 1 service providers serve primarily as transit providers


y For example AT &T, Global Crossing, Level 3
Tier 2 service providers provide transit for some networks
and receive transit service from Tier 1 service providers to
connect to other parts of the Internet
y For example - Bell Canada, Sprint
Tier 3 service providers can provide reselling services for
various Tier 2 services to their customers
IXPs enable Tier 1, 2, and 3 service providers to exchange
Internet data

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 15 All rights reserved 2008 Alcatel-Lucent

Tier 1 Service Providers

In this context of Tier 1, service provider and network are interchangeable.


By definition, a Tier 1 network does not purchase information transit from any other network to reach
any other portion of the Internet.
Therefore, in order to be a Tier 1 network, a network must peer with every other Tier 1 network.
A new network cannot become a Tier 1 network without the explicit approval of every other Tier 1
network, because any network's refusal to peer with it prevents the new network from being considered
a Tier 1 network.
Tier 2 Service Providers

Tier 2 service providers purchase transit services from one or more Tier 1 service providers.
Tier 3 Service Providers
Tier 3 service providers are smaller than Tier 2 services providers and require a Tier 2 or Tier 1 service
provider for transiting to parts of the Internet.
Internet Exchange Points
IXPs enable information exchange at local points, which avoids needing to traverse or backhaul traffic
through major points in order to reach the Internet.

Scalable IP Networks v2.01 Module 1 - 15


Home to Local ISP Connections

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 16 All rights reserved 2008 Alcatel-Lucent

The slide shows a typical scenario where small home users are connected to the Internet. The home user
connects to the local service provider, which can be a Tier 2 or Tier 3 service provider depending on the size
of their local ISP. The Tier 2 service provider houses local content that is immediately delivered to the home
user and also peers with another Tier 1 or Tier 2 service provider for home-to-home connectivity. This is the
case where two homes are connected to two independent ISPs and are using a network application such as
Microsoft Messenger or other Internet chat services.
The Tier 1 ISP may also peer directly with a content provider or through a Tier 2 ISP.

Scalable IP Networks v2.01 Module 1 - 16


Enterprise-to-enterprise Connections

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 17 All rights reserved 2008 Alcatel-Lucent

Enterprises can connect between their regional offices through the Tier 2 and Tier 1 ISPs. For example, an
enterprise in one region can connect to a local Tier 2 ISP, or one office can connect to a Tier 2 ISP in another
region.
Using the same Internet backbone as shown in the previous slide, enterprise companies in two different
locations that are connected to two different local ISPs can communicate with each other. Enterprise services
can include, for example, video conferencing, electronic whiteboard presentations.
Often, ISP A is connected to both residential (home) subscribers and enterprise organizations.
One major difference between enterprise and residential subcribers is their resource requirements. The needs
of an enterprise are typically more resource intensive than those of a residential home subscriber. Therefore,
local ISPs typically reserve more bandwidth for their enterprise customers depending upon their service level
agreements.
Another major difference between the enterprises and residential subscribers is the addressing plan.
Enterprises can have their own publically allocated addressing space whereas residential subscribers typically
borrow addressing from their local ISP.

Scalable IP Networks v2.01 Module 1 - 17


Modern ISP Services

ISP Services
Residential and enterprise

Service Level Agreements


Contractual obligation to ensure traffic guarantees

Demarcation Points
Provides a clear separation between the customer network
and the service provider network
Separation of the service provider and customer
responsibilities

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 18 All rights reserved 2008 Alcatel-Lucent

ISP Services
Traditionally ISPs provided dial-up Internet access using phone lines (28.8 to 56 kb/s). This was
upgraded to high-speed Internet access which provided 2 to 3 or 5 to 7 Mb/s. Along with Internet
access, modern ISPs can also be content providers or can peer with several content providers to provide
their users with a variety of services, mainly voice, video, and data applications. To compete with the
traditional cable and satellite providers and Telecom providers, modern ISPs bundle the major services
(voice, data, and video) into what is referred to as a triple play package. In contrast, some of the cable
providers and satellite providers now offer Internet services to compete with the Telecom providers
and other ISPs.
Cost reduction is one major motivation for bundling services that were traditionally offered as
individual services. Another motivation is to offer customized services with varying price points. For
example, an ISP may offer end users three packages - a basic service, a premium service, and an elite
service. The package with higher service utilization costs more than the package that offers a basic
service. The basic package may offer a 10 Mb/s combined voice, Internet, and basic video services; the
premium package may offer 20 Mb/s voice service and Internet and basic video services; and the elite
package may offer 40 Mb/s voice, very high speed Internet, and high definition video services.
(continued on slide 19)

Scalable IP Networks v2.01 Module 1 - 18


Modern ISP Services

ISP Services
Residential and enterprise

Service Level Agreements


Contractual obligation to ensure traffic guarantees

Demarcation Points
Clear separation between the customer network and service
provider network
Separation of the service provider and customer
responsibilities

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 19 All rights reserved 2008 Alcatel-Lucent

(continued from slide 18)


Service Level Agreements
A service level agreement is a contractual agreement between an ISP and its customers that defines
traffic flow guarantees and may include penalties when traffic is not delivered in compliance with the
service level agreement.
In addition to residential customer traffic needs, ISPs typically provide the business traffic needs for
enterprises. A medium to large enterprise that requires the ISPs geographical presence to connect to
its offices or to other enterprise organizations will have traffic requirements for bandwidth and timely
delivery that are well beyond that of the home user. The enterprise may require additional services
from an ISP such as web hosting, and services for intersite connectivity. Typically, the traffic that
travels through the ISPs network is critical to the daily operations of the enterprise. The delivery of
this type of traffic is usually guaranteed by the ISP with a service level agreement.
Demarcation Points
Demarcation points provide separation between the service provider and the customer. The
demarcation point is the point where the service provider's responsibility ends and the customer's
responsibility begins.

Scalable IP Networks v2.01 Module 1 - 19


ISP with POPs in Different Cities

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 20 All rights reserved 2008 Alcatel-Lucent

Todays Internet backbone is quite complex. The backbone is a collection of service providers with connection
points over multiple regions. These connection points are called points of presence (POPs). The collection of
POPs and the interconnections between them form the provider networks. Customers who purchase Internet
service from these service providers are connected through access or hosting facilities located in the service
providers POP. The service providers may have direct or indirect access to the content providers. The
customers are the end hosts that receive Internet service from their service provider.
In this slide, the ISP B in Montreal is not connected directly to the content provider. Instead ISP B must send its
traffic to Toronto which is connected. Similarly, the ISP A POP in Ottawa must send its traffic through Toronto
or Montreal to reach the content provider.
Service providers with POPs throughout the country are commonly referred to as national providers. Service
providers that cover specific regions are referred to as regional providers. To enable customers of one provider
to reach customers connected to another provider, traffic is exchanged at public IXPs or through direct
interconnections. The term ISP is commonly used to refer to any entity that provides Internet connectivity
service directly to the end user or to other service providers.

Scalable IP Networks v2.01 Module 1 - 20


ISP with POPs and IXPs

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 21 All rights reserved 2008 Alcatel-Lucent

With an IXP at the city level, traffic between various ISPs and content providers can be handled within the
same city. For example, in the slide, ISP A POP and ISP B POP in Ottawa can communicate with each other
locally through Ottawas IXP.
If a content provider is connected to the IXP in a local city, the traffic between the ISP POPs and the content
provider is localized. Without the local IXP, the traffic between ISPs may need to be carried to another city
with an IXP before the traffic arrives at the destination ISP in the original city. For example, if there is no
local IXP in Ottawa, traffic from ISP A in Ottawa may travel to Toronto before returning to communicate with
ISP B in Ottawa.

Scalable IP Networks v2.01 Module 1 - 21


IP Addressing

RIPE
ARIN NCC
96/8 to 99/8, 77/8 to 95/8
Some of the IP 204/8 to 209/8

address allocations
managed by RIR AfriNIC
(Regional Internet 41/8,
196/8
Registry) LACNIC
186/8, 187/8, APNIC
189/8, 190/8 114/8
to 126/8

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 22 All rights reserved 2008 Alcatel-Lucent

For the Internet to operate, the components need a common method of communication and common
addressing of all of the physical components. Internet protocol (IP) provides this common method of
communication and common addressing.
Every device that connects to the Internet, or that communicates with another computer on the Internet has a
unique IP address.
An example of an IP address is 138.120.105.45. These addresses are distributed and controlled by the Internet
Assigned Numbers Authority (IANA).

Scalable IP Networks v2.01 Module 1 - 22


TCP/IP

A network protocol is a standardized method of


communicating between computers; for example: TCP
TCP is a layered protocol with distinct functions
A layer in a protocol stack receives services from the lower
layers and provides services to the upper layers
The advantages of standard layering are:
Simplifies complex procedures into a structure that is easier
to understand
Modularizes protocol functionality and hides changes in the
lower layers from the upper layers

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 23 All rights reserved 2008 Alcatel-Lucent

Layering of information can be compared with the regular postal service where there are several distinct
functions:
Creating the letter
Placing the letter in an envelope, and writing the senders and recipients address
Choosing the type of delivery for the letter (same day service, same week and so on)
Placing the appropriate stamp on the letter to pay for the service
Physically sending the letter via carriers; for example, by truck or airplane
After the sender writes the letter, all of the functions listed above are relevant to transporting the letter to
the appropriate destination. At the destination, the letter is received by the recipient, and depending upon
the transport service, an acknowledgement may be sent to the sender confirming the receipt of the letter.
The letter can then be removed from the envelope and its contents read.
The layering of information on the Internet occurs in a similar fashion. The objective of this data transfer is to
inter-network with different computer systems. The applications need to send data to and receive data from
other applications on different hosts/systems. In doing so, the application composes the data and requests a
layering stack to transport the information.
Each layer of the protocol stack adds the pertinent information for that layer to the existing data.
As the data is sent from the sender to the receiver, the data passes through several other systems. These
systems only check the information that is relevant to the layers in which they have an interest. The systems
use this information to assist in transmitting the data to the appropriate destination.

Scalable IP Networks v2.01 Module 1 - 23


The Evolution of the Internet

Section 3 - How the Internet Works TCP/IP Layering

Scalable IP Networks v2.01 Module 1 - 24


How the Internet Works - TCP/IP Layering

TCP/IP Layers - Overview


TCP/IP Layers - Characteristics
Encapsulation
End-to-end Frame transfer
OSI Model

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 25 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 25


TCP/IP Layers - Overview

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 26 All rights reserved 2008 Alcatel-Lucent

The network protocol suite defines the protocols and technologies that support the interconnection of a
diverse array of hardware and systems to support the operation of a wide range of applications over the
network. Anyone who has used an Internet application, such as a web browser or e-mail can appreciate the
complexity of the systems that are required to support these applications.
The layering of protocols simplifies this complex problem by dividing the protocol into a number of simpler
functions. Each layer performs a specific function that contributes to the overall functioning of the network.
The TCP/IP suite, also known as the Internet protocol suite, contains four layers of technology.
The application services layer provides all of the services that are available to users of the Internet.
The two intermediate layers (transport and Internet protocol) provide a common set of services that
are available to all of the Internet applications and operate on the Internet hardware infrastructure.
The network interfaces layer includes all of the hardware that comprises the physical infrastructure of
the Internet.

Scalable IP Networks v2.01 Module 1 - 26


TCP/IP Layers - Characteristics

User interface to the network


User applications
E-mail, Telnet, FTP, WWW

Application interface to IP Layer


Reliable/unreliable transfers

Unique network addressing scheme to


identify hosts
Routing protocols for path determination
End-to-end forwarding of datagrams

Physical transfer of data


ATM, Ethernet, frame relay

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 27 All rights reserved 2008 Alcatel-Lucent

The application services layer is where the user interfaces with the network. This layer applies only to
network applications, such as e-mail, Telnet, FTP, and WWW. Without network connectivity, these
applications would be useless. Applications such as word processors and database programs are not considered
network applications because they do not require network connectivity.
The transport layer is the applications interface to the network. The transport protocol provides a
mechanism for an application to communicate with another application that resides on another device in the
network. In the TCP/IP suite, there are two transport protocols: TCP and user datagram protocol (UDP). TCP is
a connection-oriented protocol that provides an ordered and reliable transfer of data over the network. UDP is
a connectionless protocol that supports the transfer of a single datagram across the network with no delivery
guarantee. UDP is simpler than TCP and operates with less overhead than TCP. Most Internet applications, such
as HTTP (web-browsing), e-mail, Telnet, and file transfer protocol (FTP), use TCP for data transfer because it
provides a reliable transfer service. Some applications, such as domain name system (DNS) and simple network
management protocol (SNMP), use UDP because they only require a simple datagram transfer. Other
applications, such as reliable transfer protocol (RTP), use UDP to avoid the overhead of TCP and because there
is no benefit in the retransmission of lost packets for the applications that use RTP.
The Internet protocol layer provides a common addressing plan for all of the hosts on the Internet as well as a
simple, unreliable datagram transfer service between these hosts. IP is the common glue that defines the
Internet. IP also defines the way a datagram (or packet) is routed to its final destination. In an IP network,
packet forwarding across the network is handled by routers. IP routers examine the destination address of a
datagram and determine which router is the next hop that will provide the best route to the destination
(known as hop-by-hop routing). Routers communicate with each other using dynamic routing protocols to
exchange information about the networks to which they are connected. The protocols allow routers to make
forwarding decisions for the datagrams that they receive.
The network interface layer comprises the hardware that supports the physical interconnection of all of the
network devices. The technologies of the network interface layer are often defined as multiple layers. The
common trait of all technologies of this layer is that they can forward IP datagrams. There are many different
technologies that operate at this layer, some of which are very complex. Some of the protocols commonly used
at this layer include ATM, frame relay, point-to-point protocol (PPP), and Ethernet. However, many other
protocols are used; some of the protocols are open standards and some are proprietary. The diversity of the
network interfaces layer demonstrates one of the benefits of protocol layering. As new transmission
technologies are developed, it is not necessary to change the upper layers in order to incorporate these
technologies in the network. The only requirement is that the new technology be able to support the
forwarding of IP datagrams.

Scalable IP Networks v2.01 Module 1 - 27


Encapsulation

Encapsulation is the inclusion of one data format in another


data format in order to hide the former data format
In the context of TCP/IP, encapsulation is the mechanism by
which the TCP/IP stack adds layered information to the
application-generated data
TCP/IP includes four types of encapsulation
y Application encapsulation
y Transport encapsulation
y IP encapsulation
y Data link encapsulation

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 28 All rights reserved 2008 Alcatel-Lucent

The application generates the data, which is handed to the transport layer. The transport layer (TCP or UDP
layer) adds its overhead to the data, thereby hiding the original data. The data now is part of the transport
layer and identified by the transport header. Similarly, once the transport data is received by the lower IP
layer, the IP layer adds its overhead. At this point, the packet is referred to as an IP packet, thereby hiding
the transport layer overhead and the application data. Finally, the IP layer needs the data link layer to
perform the physical transmission of the IP packet. The data link layer adds its own overhead to the IP packet
and then transmits the data to the next hop in the network.

Scalable IP Networks v2.01 Module 1 - 28


Application Encapsulation

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 29 All rights reserved 2008 Alcatel-Lucent

When a network application needs to communicate with another application across the network, the
application must first prepare its data in the specific format defined by the protocol to be used by the
receiving application. A specific protocol is used so that the receiving application will know how to interpret
the received data.
For an e-mail message, there are two parts: the message header and the body. The message header contains
the senders and receivers addresses, as well as other information such as the urgency of the message and the
nature of the message body. The format of the header and the nature of the addresses is defined by the
application protocol. An e-mail message protocol is Simple Message Transfer Protocol (SMTP).
In addition to defining the format of the message, the protocol also specifies how the applications are
expected to interact with each other, including the exchange of commands and the expected responses.
The application uses the services of the transport layer to transfer the applications data.

Scalable IP Networks v2.01 Module 1 - 29


Transport Encapsulation

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 30 All rights reserved 2008 Alcatel-Lucent

The transport layer provides a service to transfer data between applications across a network. Two transport
protocols are used on the Internet: TCP and UDP. To exchange e-mail across the Internet, an e-mail
application uses SMTP. SMTP uses TCP to accomplish the transfer. TCP provides a reliable transfer service to
ensure that all of the data is properly transferred. UDP provides a simple, unreliable datagram delivery
service, which is similar to IP.
TCP treats all application data as a simple byte stream, including both the message header and the message
body. TCP accepts the applications data and breaks the data into segments for transmission across the
network as required. To accomplish this reliable transfer, TCP packages the application data with a TCP
header. On the receiving end of the connection, TCP removes the TCP header and reconstructs the application
data stream exactly as the data was received from the application on the senders side of the network.
The TCP and UDP headers carry source and destination addresses that identify the sending and recipient
applications because a single host system may support multiple applications. These addresses are known as
port numbers. The TCP units of data are known as segments; UDP data is called a datagram.
To transmit its segments of data across the network, TCP uses the services of the IP layer.

Scalable IP Networks v2.01 Module 1 - 30


IP Encapsulation

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 31 All rights reserved 2008 Alcatel-Lucent

The IP layer provides a common addressing scheme across the network as well as a simple, unreliable
datagram forwarding service between nodes in the network.
Data from the transport layer is packaged in IP datagrams for transfer over the network. Each datagram travels
independently across the network. The intermediate routers forward the datagram on a hop-by-hop basis
based on the destination address.
Each datagram contains source and destination addresses that identify the end nodes in the network. Every
node in an IP network is expected to have a unique IP address.
IP uses the services of the underlying network interfaces to perform the physical transfer of data.

Scalable IP Networks v2.01 Module 1 - 31


Data Link Encapsulation

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 32 All rights reserved 2008 Alcatel-Lucent

The data link layer is the term for the network interfaces that are used by IP to physically transmit the data
across the network. The units of data transmitted at the data link layer are usually known as frames. IP
datagrams must always be encapsulated in some type of data link frame for transmission.
A typical data link frame contains a header, usually with an address. The frame may also contain a trailer with
a checksum to verify the integrity of the transmitted data. There are many types of technologies used as
network interfaces by IP. Each type of technology has its own specific format and rules of operation. The
common characteristic is that all of these technologies can carry IP datagrams.
Most protocols at this layer also use some form of addressing. The address is specific to the data link protocol
and identifies the endpoints of the data exchange. For example, the slide shows the address of an Ethernet
frame. Some point-to-point protocols such as PPP may not use addresses when there is only one possible
destination for the data.

Scalable IP Networks v2.01 Module 1 - 32


End-to-end Frame Transfer

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 33 All rights reserved 2008 Alcatel-Lucent

This slide shows how data is transferred from a source PC to a destination server across the Internet.
An application running on the source PC generates the data to be transmitted to the server. The application
does not need to be concerned with the details of the transmission and only passes the data to the TCP layer
of the TCP/IP protocol stack included in the PC operating system.
The TCP layer encapsulates the application data within a TCP header and passes the data to the IP layer. TCP
is also not concerned about the details of the transmission and relies on the IP layer to handle the end-to-end
routing of the data across the network. However, TCP does make sure that the data is transmitted reliably
across the network.
The IP layer encapsulates the data within an IP header and makes a decision about where the data should be
transmitted to reach the destination server. Since IP uses hop-by-hop routing, it is only concerned with finding
the next hop towards the destination. In an IP network, the hops are between IP routers and from the source
PC, the next hop is usually the default gateway. The source PC transmits the data to the default gateway
which then decides which router is the next hop towards the destination and then transmits the data to that
router. The IP datagram travels from router to router across the Internet, until it reaches the destination
server.
However, the IP layer does not physically handle the transmission of the data. The transmission of data
between routers is performed by the network interface or by the data link layer. IP passes its data (including
the IP header) to the data link layer, which then encapsulates it in a data link frame for transmission to the
next router. The data link from the source PC may be an Ethernet network; therefore, the IP datagram travels
to the next router in an Ethernet frame. The physical connection between that router and the next router may
be an ATM network; therefore, the IP datagram will travel in an ATM frame to the next IP router. If the next
hop is a different data link technology from the technology of the previous hop, the IP datagram will travel in
the appropriate frame used by that technology. This continues hop by hop until the IP packet reaches the
destination server.
Because IP provides end-to-end forwarding across the network, the IP datagram is created at the source PC,
including the IP header, the TCP header, and the application header. The IP datagram then travels intact
across the IP network, although it is encapsulated in a different data link frame at each hop (each IP router).
When the IP datagram reaches the destination system, the data is extracted by the TCP/IP protocol stack on
that system and the data is provided to the application.

Scalable IP Networks v2.01 Module 1 - 33


OSI Model Overview

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 34 All rights reserved 2008 Alcatel-Lucent

The open systems interconnection (OSI) reference model represents an alternative method to TCP/IP for
organizing how networks communicate with each other so that all hardware and software vendors have an
agreed-upon framework to develop networking technologies. With this model, the International Organization
for Standardization (ISO) intended to:
Simplify complex procedures by separating them into simpler, discrete layers
Allow network equipment from different vendors to interoperate
Support a modular plug-and-play functionality
Provide an alternative method to TCP/IP to organize
The OSI model is represented by the seven layers, as shown in the slide. These layers may be grouped into two
main areas: upper and lower layers.

Scalable IP Networks v2.01 Module 1 - 34


Development of the OSI Model

Early 1970s Canepa and Bachman at Honeywell Information


Systems worked to develop a mechanism to distribute databases
March 1978 7-layer model created by Bachman and Canepa was
the only model submitted to the ISO
Late 1970s Specific standards developed by ISO and CCITT
1983 The ISO and CCITT documents merged into the Basic
Reference Model for Open Systems Interconnection
1984 The merged document was published by both ISO and
CCITT, with CCITT being renamed ITU-T (ISO 7498 and ITU-T X.200)
Early 1990s - Some OSI protocols (for example, X.500 and CLNS)
competed with TCP/IP, but growth of the Internet caused IP to be
adopted.

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 35 All rights reserved 2008 Alcatel-Lucent

The OSI reference model was developed at the end of the 1970s, but the development of actual protocols to
support the reference model was slow. By the early 1990s, a number of OSI protocols (for example, TP0-4,
CLNS, CONS, X.400, and X.500) had been specified and commercial implementations were attempted.
However, the success of TCP/IP and the weaknesses of the OSI led to the adoption of TCP/IP for
internetworking.
The OSI was designed as an open standard to replace the strictly proprietary networking technologies that
were in use in the 1970s (IBMs SNA was dominant, but many others were also in use). However, TCP/IP
applications and implementations grew much more rapidly than the OSI, and by 2000, OSI was essentially
replaced by TCP/IP.
The OSI reference model is widely used to describe the layering of network protocols, and much networking
terminology derives from the OSI protocol suite. A few remnants of OSI are still in use; for example, LDAP,
which is a derivation and simplification of X.500, and IS-IS, which was designed as an OSI routing protocol and
was adapted to TCP/IP networks.

Scalable IP Networks v2.01 Module 1 - 35


OSI vs TCP/IP Suite

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 36 All rights reserved 2008 Alcatel-Lucent

The TCP/IP suite differs from the OSI model in that the TCP/IP suite uses four protocol layers and the OSI
model uses seven layers. The slide shows the protocol layer relationship between the two models.
Network interfaces This layer defines the actual interface between network nodes and contains the
functionality of both the physical and data link layers of the OSI model. Protocols such as Ethernet describe
both the framing of data (Layer 2) and the physical transmission of the frame over the media (Layer 1). This
layer is often referred to as Layer 2 because it provides OSI Layer 2-type services to the IP layer.
Internet protocol The IP layer provides a universal and consistent forwarding service across a TCP/IP
network. IP provides services that are comparable to the OSI network layer and is sometimes referred to as a
Layer 3 (also known as L3) protocol. The OSI network protocol, CLNP corresponds most closely to IP.
Transport The transport layer comprises two main protocols: TCP and UDP. These transport protocols
provide services that are similar to the OSI transport protocols. TCP is very similar to the OSI transport
protocol, TP4. TCP and UDP may be referred to as Layer 4 protocols.
Application services The application services provide end-user access to the Internet. Any of the services of
the upper three OSI protocols that are required are incorporated into the application protocols. There are a
number of Internet protocols that provide services similar to these OSI layers, although they do not follow the
layering or service definitions of the OSI. For example, TLS provides session-like services to Internet
applications and MIME provides presentation-like services to SMTP and HTTP. Application layer protocols are
sometimes referred to as Layer 7 protocols.

Scalable IP Networks v2.01 Module 1 - 36


The Evolution of the Internet

Section 4 - Module Summary and Learning Assessment

Scalable IP Networks v2.01 Module 1 - 37


Module Summary

After the successful completion of this module, you should be


able to:
Describe the evolution of the Internet
Describe the components of the Internet
Describe how the Internet works

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 38 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 38


Learning Assessment The Evolution of the Internet

Outline the events that led to the development of the


Internet
Describe the significance of ARPANET
List the problems with having different protocols
Describe the solution to the problem of different protocols
Describe how the Internet evolved from a military-based
network to a research-based network
Describe how the Internet evolved from a research-based
network to a commercial-based network
Describe the importance of the IETF

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 39 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 39


Learning Assessment - The Components of the Internet

Provide a practical definition of the Internet


Describe the differences between an Internet service
provider and a content provider
Describe the differences between older and modern ISP
services
Identify the basic components required for the Internet to
work
List the advantages of protocol layering

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 40 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 40


Learning Assessment - How the Internet Works

List and describe the characteristics of the TCP/IP layers


Describe how the TCP/IP layers work together
Describe the OSI Model
Discuss the development of the OSI Model
Discuss the similarities between the TCI/IP and OSI models of
protocol

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 41 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 1 - 41


www.alcatel-lucent.com

Alcatel-Lucent Scalable IP Networks v2.00 Module 1 | 42 All rights reserved 2008 Alcatel-Lucent

3HE-02767-AAAA-WBZZA Edition 02
Alcatel-Lucent Scalable IP Networks

Module 2 7750 SR and 7450 ESS Components and CLI


Module Overview

7750 SR and 7450 ESS Products


7750 SR Components
Boot Process
CLI Commands
Basic Router Configuration

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 2 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 2


7750 SR and 7450 ESS Components and CLI

Section 1 7750 SR and 7450 ESS Products


7750 SR and 7450 ESS Products Overview

7750 SR Family
7750 SR Features
7450 ESS Family
7450 ESS Features
Comparison Between 7450 ESS and 7750 SR
7450 ESS and 7750 SR Control Plane vs Data Plane

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 4 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 4


7750 SR Family

SR-12 Slot 1 2 3 4 5 A B 6 7 8 9 10 SR-7 MDA


1 2

Slot 1
2
3
1
4
5
MDA
A
B
2

Three chassis options 1, 7, and 12 slots


Carrier-class reliability combined with high
density in a small footprint
System capacities scalable from 20 Gb/s to
SR-1 1 MDA 2 200 Gb/s
Modular design for the SR-7 and
SR-12 removable IOM, SF/CPM, and MDAs
A
1 Common operating system

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 5 All rights reserved 2008 Alcatel-Lucent

The 7750 SR-12 is the largest 7750 SR and has 12 front-access card slots. Two card slots are dedicated for
redundant common equipment. Each slot holds one Switch Fabric/Control Processor Module (SF/CPM). Only
one SF/CPM is required for operation. A second SF/CPM provides complete redundancy of the fabric and the
control processors. There are two switch fabric options: 200 Gb/s and 400 Gb/s full-duplex throughput.
When two 7750 SR SF/CPMs are installed, the traffic load is shared across the switch fabrics.
Two 200 Gb/s/400 Gb/s fabrics provide 400 Gb/s/800Gb/s of non-redundant full-duplex throughout or
200 Gb/s/400 Gb/s of fully redundant, full-duplex throughput. The remaining 10 slots are used for
Input/Output Module (IOM) base boards. The backplane supports 40 Gb/s full-duplex throughput to each
IOM slot.
The 7750 SR-7 chassis is a fully redundant system and has seven front-access slots. Two card slots are
dedicated for redundant common equipment, each of which holds one SF/CPM. The remaining five slots are
used for IOM base boards.
The 7750 SR-1 has the management, switch fabric and one IOM base board integrated into the chassis. The
7750 SR-1 has an integrated switching system with 20 Gb/s full-duplex throughput and can accommodate
two Media Dependent Adapters (MDAs) for physical interfaces. The 7750 SR-1 is a small form factor switch
for installations that need the many 7750 SR service capabilities but with less interface and protocol scaling
requirements.

Scalable IP Networks v2.01 Module 2 - 5


7750 SR Features

Supports all industry-standard routing protocols


y OSPF, IS-IS, BGP, RIP, VPRN, Multicast
OSPF v2 and v3 with multiple instances are supported in Release 5.0 or later
y BGP support with address families (IPv4, IPv6, VPN-IPv4, Multicast)
y IPv6
Supports MPLS and LDP with services capability
y VLL
y VPLS
y VPRN
Supports high availability
y NSF, NSR
y GR Helper Mode

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 6 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 6


7450 ESS Family

ESS-1 ESS-7 1
MDA
2

1
Slot
2
3

4
5

A
B

Integrated switch fabric/control, IOM, and 7 slots (5 IOM, 2 SF/CPM)


power 100 Gb/s full-duplex system capacity
20 Gb/s full-duplex 200 Gb/s switch fabric/control
system capacity Fabric/control redundancy
Two 10 Gb/s MDAs Five 20 Gb/s IOMs
Ten 10 Gb/s MDAs
Over-subscription of some MDAs available
Over-subscription of some MDAs available
Power redundancy
Power redundancy

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 7 All rights reserved 2008 Alcatel-Lucent

The 7450 ESS-1 has the management, switch fabric and one IOM base board integrated into the chassis. The
7450 ESS-1 has an integrated switching system with 20 Gb/s full-duplex throughput and can accommodate
two MDAs for physical interfaces.
The 7450 ESS-7 chassis is a fully redundant system and has seven front-access slots. Two card slots are
dedicated for redundant common equipment, each of which holds one SF/CPM. The remaining five slots are
used for IOM base boards. The total switching capacity for the 7450 ESS-7 of 100 Gb/s is limited by the IOM
capacity despite the switching fabric supporting up to 200 Gb/s.

Scalable IP Networks v2.01 Module 2 - 7


7450 ESS Family (continued)

ESS-6 ESS-12

6 slots (4 IOM, 2 SF/CPM) 12 slots (10 IOM, 2 SF/CPM)


80 Gb/s full-duplex system capacity 400 Gb/s full-duplex system capacity
80 Gb/s switch fabric/control 400 Gb/s switch fabric/control
Fabric/control redundancy Fabric/control redundancy
Four 10 or 20 Gb/s IOMs Ten 20 or 40 Gb/s IOMs
Over-subscription of some MDAs available Over-subscription of some MDAs available
Power redundancy Power redundancy

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 8 All rights reserved 2008 Alcatel-Lucent

The 7450 ESS-6 is a fully redundant system with a lower switching capacity than the 7450 ESS-7 making it
available at a lower cost. Functionally it supports all of the features of the 7450 ESS-7.
The 7450 ESS-12 is the largest 7450 ESS and has 12 front-access card slots. Two card slots are dedicated for
redundant common equipment. Each slot holds one SF/CPM. Only one SF/CPM is required for operation. A
second SF/CPM provides complete redundancy of the fabric and the control processors. There are two
switch fabric options: 200 Gb/s and 400 Gb/s full-duplex throughput.
When two 7450 ESS SF/CPMs are installed, the traffic load is shared across the switch fabrics. Two
200 Gb/s/400 Gb/s fabrics provide 400 Gb/s/800 Gb/s of non-redundant full-duplex throughput or
200 Gb/s/400 Gb/s of fully redundant, full-duplex throughput. The remaining 10 slots are used for IOM base
boards. The backplane supports 40 Gb/s full-duplex throughput to each IOM slot.

Scalable IP Networks v2.01 Module 2 - 8


7450 ESS Features

Supports industry-standard routing protocols


y OSPF, IS-IS, RIP
y IPV6
Supports MPLS and LDP with service capabilities
y VLL
y VPLS
Carrier grade with high availability
y NSR, NSF, GR Helper
Designed for Ethernet aggregation in metro

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 9 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 9


Comparison Between 7450 ESS and 7750 SR

Type 7450 ESS 7750 SR

Primarily designed to support Supports Ethernet, ATM, frame


Purpose
Ethernet aggregation services relay, and VPRN services

Platforms ESS-1, ESS-6, ESS-7, and ESS-12 SR-1, SR-7, and SR-12

Redundancy
ESS-6, ESS-7, and ESS-12 SR-7 and SR-12
Pwr/Control

Ethernet, ATM, POS, and


MDA Ethernet and POS
DS3/OC3 are channelized

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 10 All rights reserved 2008 Alcatel-Lucent

The 7750 SR and 7450 ESS share the same robust service management, troubleshooting, and billing
features.
The 7450 ESS is based on the same technology foundation as the 7750 SR, but there are some key
differences between the two products, as summarized in the slide.
The MDAs, IOMs, and fabric modules are not interchangeable between the two products. They have
different chassis, modules, MDAs, part numbers and list prices; and distinct roadmaps.
The 7450 ESS has a separate software load from the 7750 SR. The 7450 ESS capabilities are focused on
enabling the delivery of metro Ethernet services only. The 7450 ESS does not support Layer 3 services such
as MPLS/BGP VPNs. The 7450 ESS does not contain key functionality and scalability attributes that are
required in an edge router, for example BGP-4.
The 7450 ESS does not have an upgrade path to the 7750 SR or to a PE router.

Scalable IP Networks v2.01 Module 2 - 10


7450 ESS and 7750 SR Control Plane vs Data Plane

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 11 All rights reserved 2008 Alcatel-Lucent

Data plane operation


The data plane operation occurs after the control plane has built the forwarding information and stored the
data in the IOM.
1. Data from the remote network/customer site ingresses through the MDAs, where the data is
formatted (internal format).
2. The data is then processed in the I/O module where the decision to switch occurs (Layer 2/Layer 3
forwarding information lookup)
3. The data packets are sent to the switch fabric.
4. The switch fabric then forwards the data to the appropriate IOM.
5. The IOM sends the data to the appropriate MDA.

Control plane operation


Control messages ingress the 7750 SR and 7450 ESS in a way that is similar to the data packets, except that
the control messages are processed further by the control plane.

Scalable IP Networks v2.01 Module 2 - 11


7750 SR and 7450 ESS Components and CLI

Section 2 7750 SR Components


7750 SR Components

7750 SR SF/CPM Cards


7750 SR IOMs, MDAs, and SFPs
Ingressing the Router
Egressing the Router
Compact Flash

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 13 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 13


7750 SR SF/CPM Cards

Redundant SF/CPMs
supported on
SR-7 and SR-12

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 14 All rights reserved 2008 Alcatel-Lucent

The SF/CPM module is an integrated module that functions as a switching fabric and as a system controller.
Like the IOMs, the SF/CPM is built using common functionality blocks. The switching planes contain
switching elements that are composed of fast ASICs, and the system controller contains two flexible fast-
path complexes. The ASICs are responsible for the systems control plane processing and for running the
various routing and signaling protocols. The system controller also manages the shared input/output
resources, which includes management Ethernet ports, serial ports, status LEDs, compact flash sockets
capable of accepting compact flash or disk modules, system clocks, temperature monitors, fan controls,
and so on.

Scalable IP Networks v2.01 Module 2 - 14


7750 SR IOMs, MDAs, and SFPs

10 IOMs per SR-12


5 IOMs per SR-7

SFP optics

2 MDAs per IOM IOMs and MDAs are


hot-swappable

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 15 All rights reserved 2008 Alcatel-Lucent

IOMs
IOMs are hot-swappable modules that connect to standard physical interfaces. IOMs contain two 10 Gb/s
traffic-processing programmable fast path complexes. Each complex supports a pluggable MDA that allows a
common programmable fast path to support all of the possible interface types. Each IOM also contains a
CPU section to manage the forwarding hardware in each flexible fast path.
The term hot-swappable refers to the ability to remove and replace an IOM from a live system without the
need to shut down.

MDAs
MDAs provide one or more physical interfaces, such as Ethernet, ATM, or SONET/SDH. MDAs pass incoming
frames to the IOM for processing, and transmit outgoing frames to the appropriate physical interface in the
correct format.

SFP interfaces
SFPs transceivers are small optical modules that are available in a variety of formats.

Scalable IP Networks v2.01 Module 2 - 15


Ingressing the Router

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 16 All rights reserved 2008 Alcatel-Lucent

Data that enters the router (ingressing) goes through the MDA. The MDA converts the received physical
format of the data into an internal format and provides minimal buffering.
The data is then sent to the flexible fast path complex (one for each MDA) where the following occurs:
Quality of service is applied to classify and treat packets differently including buffering.
Access control lists are applied in real time to discard packets that are not needed.
Forwarding destination is determined, (that is, the destination IOM/MDA/port).
If the data received is a user data packet, the data is forwarded to the switch fabric.
If the data received is a protocol control data, the control data is forwarded to the control plane.

Scalable IP Networks v2.01 Module 2 - 16


Egressing the Router

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 17 All rights reserved 2008 Alcatel-Lucent

Data is sent to the IOM from the switch fabric (for a user data packet), or to the control card (for a control-
generated packet). The packet is sent to the flexible fast path complex responsible for the respective
egress MDA.
Similar to the ingress, the IOM will:
Provide QoS classification and buffer management for egressing data
Apply access control lists in real time to discard packets that are not needed
The data is then reframed in the MDA and sent through the appropriate port.

Scalable IP Networks v2.01 Module 2 - 17


Compact Flash

Each control/switch processor on a 7750 SR or 7450 ESS can


have 3 compact flashes, CF1:, CF2:, CF3:
Flash size can be 256 Mb, 512 Mb, 1 Gb and 2 Gb
By default, the system startup checks for the boot.ldr file in
CF3
CF3 can store the runtime image, that is, the running
configuration
Requires a shutdown of the compact flash before you remove
the compact flash
Compact flash 1 and 2 can be used to store debug and
accounting logs

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 18 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 18


7x50 SR/ESS Components and CLI

Section 3 Boot Process


Boot Process Overview

Basic Boot Components


Software Release Media
System Initialization
Boot Options File

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 20 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 20


Basic Boot Components

Uses a BOF to configure the system


BOF is stored in the compact flash CF3
Other components required for startup
y Boot loader
y BOF configuration file
y TiMOS-m.n.Y.Z software image file
y Default config file

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 21 All rights reserved 2008 Alcatel-Lucent

Basic operating system


The 7750 SR and 7450 ESS use a Boot Option File (BOF) to configure the system. Each new system is shipped
with a Compact Flash (CF) card that contains the files required to start the system. The system files that
are required to initialize the system are stored on CF3.
The CF3 card contains the following directories and files located from the root directory:
boot.ldr - This file contains the system bootstrap image.
bof.cfg - This file is user configurable and contains information such as:
Management port IP address
Location of the image files (that is, primary, secondary, and tertiary)
Location of the configuration files (that is, primary, secondary, and tertiary)
TiMOS-m.n.Y.Z - This directory is named according to the major and minor software release, type of
release and version. For example, if the software release is Version 1.2 of a released software version, the
directory name would be: TiMOS 1.2.R.0.
On a 7750 SR-7 or SR-12, this directory contains two files, cpm.tim and iom.tim, for the SF/CPM and IOM
cards respectively. Because the SR-1 has an integrated fabric/control and I/O, there is only one file,
both.tim.
config.cfg - This default configuration file is very basic and provides just enough information to make the
system operational. You can create other configuration files and point the system to them using the bof.cfg
file.

Scalable IP Networks v2.01 Module 2 - 21


Software Release Media

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 22 All rights reserved 2008 Alcatel-Lucent

The image file is the software that is used to run on the 7750 SR and the 7450 ESS. This software is
developed by the development team and is tagged with a release number. The software contains all of the
features that are required to configure and run protocols on the 7750 SR and the 7450 ESS.

Scalable IP Networks v2.01 Module 2 - 22


System Initialization

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 23 All rights reserved 2008 Alcatel-Lucent

The configuration file includes the chassis, IOM, MDA, port, system, routing, and service configurations.
Persistence
You can configure the BOF to turn persistence On or Off (default is Off). Persistence is required when the
either the 7750 SR or the 7450 ESS is managed by the 5620 SAM. When persistence is on, the 7750 SR or the
7450 ESS creates an index file with the same file prefix name as the current configuration file. The index
file contains variable index information (that is, interface indexes, LSP IDs, path IDs, and so on). The index
file is built dynamically by the 7750 SR or the 7450 ESS operating system and does not contain the
configuration information that is entered by the users. The index file is saved whenever the system
configuration file is saved.
The index file ensures that the 5620 SAM has the same index data as the 7750 SR or the 7450 ESS node after
a system reboot. If a 7750 SR or the 7450 ESS reboots and the indexes stored on the 5620 SAM do not match
the node indexes, a complete resynchronization between the node and the 5620 SAM occurs automatically.
This can be a very time consuming and processor-intensive operation.
If a node reboots with persistence turned on, it must locate the persistence index file and successfully
process it before processing the system configuration file.
If the index file cannot be processed, the system performs an SNMP shutdown (Get and Set functionality is
disabled), however, traps continue to be generated. The system generates traps, log messages, and console
messages to advise the user about the problem. The system does not require a shutdown of the SNMP to
reactivate full SNMP functionality.

Scalable IP Networks v2.01 Module 2 - 23


Boot Options File

For the 7750 SR and the 7450 ESS


Stores parameters that specify the location of the image
filename that the router will try to boot from and the
configuration file that the router uses to configure the
applications and interfaces
The most basic BOF configuration should contain the
following:
y Primary address
y Primary image location
y Primary configuration location

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 24 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 24


Show BOF

A:sr1a#
A:sr1a# show
show bof
bof
==========================================================================
==========================================================================
BOF
BOF (Memory)
(Memory)
==========================================================================
==========================================================================
primary-image
primary-image cf3:\4.0.R9
cf3:\4.0.R9
primary-config
primary-config cf3:\test\test_sr1a.cfg
cf3:\test\test_sr1a.cfg
address
address 138.120.199.60/24
138.120.199.60/24 active
active
autonegotiate
autonegotiate
duplex
duplex full
full
speed
speed 100
100
wait
wait 33
persist
persist on
on
console-speed
console-speed 115200
115200
==========================================================================
==========================================================================

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 25 All rights reserved 2008 Alcatel-Lucent

The slide shows the information that is contained in the boot options file. The primary image location is
one of the most important items in the BOF. If the router cannot find an image, router will remain in the
boot cycle indefinitely.
In this slide, the primary configuration is located in CF3. Therefore, when the router reboots, the router
goes to CF3, gets the configuration that is specified in the BOF, and loads the configuration on the router.
In addition, after the primary configuration location has been defined, when the operator enters the admin
save command, the current configuration is saved to the primary configuration file.
The address in the slide is the address of the management port on the CPM. The console speed is the
default speed of the RS-232 port on the CPM. This speed can be changed in the BOF.

Scalable IP Networks v2.01 Module 2 - 25


7750 SR and 7450 ESS Components and CLI

Section 4 CLI Commands


CLI Commands Overview

CLI Overview
CLI File System
CLI Prompts
Command Completion
CLI Context
CLI Tree Structure
CLI Navigation
CLI Commands
Finding Help

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 27 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 27


CLI Overview

The 7750 SR Command Line Interface (CLI) is a command-driven


interface that is accessible through the console, Telnet, and SSH
The CLI is used to configure and manage 7750 SR
The CLI command structure is a hierarchical inverted tree
The highest level is root
Navigation down the hierarchy tree is performed by typing the
names of submenus
Global commands can be used anywhere in the hierarchy

See the 7750 SR OS System Guide for detailed


information about the CLI commands and navigation.

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 28 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 28


CLI File System

DOS-based Root
Used to store software images, file
configuration files, and event attrib
logs cd
copy
File commands can be used to
create, copy, move, delete delete
files and directories dir
md
move
rd
scp
type
version

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 29 All rights reserved 2008 Alcatel-Lucent

NOTE: All of the commands are case-sensitive.

delete Deletes the specified file. The optional wildcard (*) can be used to delete multiple files that
share a common partial prefix and/or partial suffix.
move Moves a local file, system file, or a directory. If the target exists, the command fails and an
error message displays.
scp Copies a file from the local files system to a remote host on the network. The command uses
SSH for the data transfer, and uses the same authentication and provides the same security as
SSH.
type Displays the contents of a text file
version Displays the version of a 7750 SR OS cpm.tim or iom.tim file

Scalable IP Networks v2.01 Module 2 - 29


CLI Prompt Examples

To configure OSPF
SR1>config>router>ospf#

Host name SR1 Context separator

To create a router interface


SR1>config# router interface Toronto
SR1>config>router>if$ address 131.131.131.1/30

At the end of the prompt, there is either a pound symbol (#) or a dollar symbol ($).
A # symbol indicates that the context is an existing context.
A $ symbol indicates that the context is newly created.

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 30 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 30


Command Completion

Command completion can be performed by one of the following:


Abbreviation, if the keystrokes entered are unique
SR1>config>router>os [ENTER]
SR1>config>router>ospf#
Tab key or space key to automatically complete the command
SR1>config>router>os [TAB]
SR1>config>router>ospf
SR1>config>router>os [SPACEBAR]
SR1>config>router>ospf

If a match is not unique, the CLI displays possible matches


SR1>config# ro [TAB]
router router-ipv6
SR1>config# router

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 31 All rights reserved 2008 Alcatel-Lucent

The system maintains a history of previously entered commands. The history command displays the last 30
commands that were entered.

Scalable IP Networks v2.01 Module 2 - 31


CLI Context

Sometimes the context can be specified in a specific context with a single


keyword, such as:
SR>config# router
SR>config>router#

Sometimes a keyword and a user-supplied identifier are required:


SR>config>router# interface system
SR>config>router>if#

Use the info or info detail commands to display information about the current
context level.
info Displays non-default information
info detail Displays all of the configuration information, including defaults

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 32 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 32


CLI Tree Structure

tree Displays available commands from context:


SR1>config>router>ospf# tree
ospf
|
+---area
| |
| +---area-range
| |
| +---blackhole-aggregate
| |
| +---interface
| | |
| | +---advertise-subnet
| | |

Use the tree or tree detail commands to display the hierarchical CLI
command structure below your current position

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 33 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 33


CLI Navigation

When you enter a CLI command, you move from one command level to
another command level
When you start a CLI session, you start in the root context
Navigate to another level by entering the name of successively lower
contexts. For example, enter the configure or show commands at the root
level to navigate to the config or show context, respectively
Other navigation methods include:
Move down the hierarchy by entering the level;
for example, config
Move up one level in the hierarchy by entering back at the command
prompt
Move several levels down in the hierarchy by entering multiple contexts
separated by spaces; for example: #config router ospf

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 34 All rights reserved 2008 Alcatel-Lucent

To move up in the hierarchy, enter the command node name; sometimes a parameter must be provided.

Scalable IP Networks v2.01 Module 2 - 34


Console Control Commands

<Ctrl-c> Terminates the pending command


<Ctrl-z> Terminates the pending command line and returns to the root context. This is a special
keyboard sequence that is the same as pressing the Enter key and entering exit all to
return the user to the root context
back Navigates the user to the parent context
echo Echoes the text that is typed; primarily to display messages within an exec file
exec Executes the contents of a text file as if they were CLI commands entered at the
console
exit Returns the user to the previous higher context
exit all Moves the user to the root context
help Displays a brief description of the help system
? Lists all commands in the current context
history Displays a list of the most recently entered commands, which is similar to history in
UNIX shell environments
info Displays the running configuration for a configuration context

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 35 All rights reserved 2008 Alcatel-Lucent

Console control commands are used to navigate in a CLI session and to display information about a console
session. Many of these commands, such as back, exit, info, and tree, are global commands which means
that the commands can be executed at any level of the CLI hierarchy.

Scalable IP Networks v2.01 Module 2 - 35


CLI Configuration Maintenance Commands

The shutdown command can be used to disable protocols


and interfaces
The no form of any command may have one of the following
results:
y The removal of the object from the configuration (that is, no
ospf)
y Reset to default settings (that is, config>ospf>area>interface>no
hello-interval)

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 36 All rights reserved 2008 Alcatel-Lucent

The shutdown command does not change, reset, or remove any configuration settings or statistics.
Many objects must be shut down before they can be deleted. A shutdown is saved in the
configuration file. All ports are shut down, by default, when the system is first powered on.
To restore the settings after a no command, you must reconfigure the router and reboot from a
configuration file that has the correct configuration, or perform an exec command on a
configuration file that contains the correct settings. You can use an exec command to process a
configuration file and restore the configuration that is stored in the file.

Scalable IP Networks v2.01 Module 2 - 36


CLI Global Commands

info Displays information about on the configuration


logout Terminates the CLI session
oam Displays information about the OAM test suite (see service OAM in the 7750 SR OS
Services Guide)
password Changes the user CLI login password
NOTE: This is not a global command. The password must be entered at the root level
ping Verifies the reachability of a remote host
pwc Displays the present or previous working context of the CLI session
sleep Pauses the console session operation for 1 second or for the specified number of
seconds; the primary use is to introduce a pause during the execution of an exec file
ssh Opens a secure shell connection on a host
telnet Telnet to a host
traceroute Determines the route to a destination address
tree Displays a list of all commands at the current level and all sublevels
write Sends a console message to a specific user or to all users with active console sessions

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 37 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 37


CLI Environment Commands

alias Allows the substitution of a command line by an alias


create Allows the create parameter check
more Configures whether CLI output should be displayed one
screen at a time, waiting for user input to continue
reduced-prompt Configures the number of higher-level CLI context levels
to display in the CLI prompt
terminal Configures the number of lines to display for the current
CLI session. The default is 24 lines
time-display Specifies whether time should be displayed in local or
UTC format

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 38 All rights reserved 2008 Alcatel-Lucent

CLI environment commands are used to customize session preferences for a CLI session.

Scalable IP Networks v2.01 Module 2 - 38


Finding Help

Help Displays a brief description of the help system

? Lists all commands in the current context

string ? Lists all commands available in the current context that start with string

command ? Displays the commands syntax and associated keywords

command keyword ? Lists the associated arguments for keyword in command

string <Tab>
string <Space> Completes a partial command name (auto-completion) or lists available
commands that match string

Help Edit Displays help about editing (editing keystrokes)


Lists the available editing keystrokes

Help Globals Displays help about global commands


Lists the available global commands

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 39 All rights reserved 2008 Alcatel-Lucent

The tree and tree detail system commands are help commands that are useful when you search for a
command in a lower-level context.

Scalable IP Networks v2.01 Module 2 - 39


7750 SR and 7450 ESS Components and CLI

Section 5 Basic Router Configuration


Basic Router Configuration Overview

Physical Access
Provisioning Cards, MDAs, and Ports
Initial System Setup
Basic System Management Configuration
BOF Parameters
Show Card
Show MDA
Logs
Configuring Logs
Displaying Configuration Information

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 41 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 41


Physical Access

SF/CPM (Switch Fabric/Control Processor Module) card common to the 7750 SR-7 and SR-12

OOB-CPM Management
Ethernet Port
CPM Console Port
In-band customer-facing
access ports and network
ports are located in MDAs

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 42 All rights reserved 2008 Alcatel-Lucent

The 7750 SR can be accessed in three ways:


In-band ports Access ports and network ports on MDAs
Console port A DB-9 serial port, which is enabled by default. The default settings are:
Baud Rate: 115 200
Data Bits: 8
Parity: None
Stop Bits: 1
Flow Control: None
CPM Ethernet port A 10/100 Ethernet management port

Scalable IP Networks v2.01 Module 2 - 42


Provisioning Cards, MDAs, and Ports

7750 SR-7 MDA


1 2

Slot 1
2
3
7750 SR-12 Slot 1 2 3 4 5 A B 6 7 8 9 10
4
5
A
B

MDA

7750 SR-1 1 MDA 2


2

A
1

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 43 All rights reserved 2008 Alcatel-Lucent

The 7750 SR allows you to provision slots, IOMs, MDAs, and ports before or after they are physically
installed.
You can also optionally specify the line cards that can be installed in a slot and the MDAs that can be
installed in an IOM. A line card or MDA will not initialize unless the installed type matches the allowed
type.
Provision the 7750 SR hardware in the following sequence:
1. Choose a chassis slot and provision the IOM type for the slot.
2. Choose an MDA slot and specify the MDA type for the slot.
3. Choose a port and configure the port.
IOMs, MDAs, and ports must be enabled with a no shutdown command.

Scalable IP Networks v2.01 Module 2 - 43


Initial System Setup

The following steps are typically used to configure a system from


startup:
Log in to the 7750 SR or 7450 ESS using console input
Configure the system name and change the admin user password
Configure the CPM Ethernet management IP address
Configure additional BOF parameters
Configure IOM cards
Configure MDA cards
View alarms
Configure the system address
Configure logs if required
View the entire running configuration

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 44 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 44


Basic System Management Configuration

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 45 All rights reserved 2008 Alcatel-Lucent

Some basic configuration on the 7750 SR is usually required before you place the router in service:
System name
Admin password
CPM Ethernet management port IP address
IOMs, MDAs, and ports
System Name - Any ASCII printable string up to 32 characters. The system name is configured in the config
CLI context. If the name contains spaces, the name must be enclosed in quotation marks to delimit the
start and end of the name. The system name becomes part of the CLI prompt.
Passwords - The default login and password is admin. This password should be changed before your router
is placed in service.
The system automatically creates at least one admin user (the default) and must retain at least one admin
user unless you are using an external protocol, such as RADIUS or TACACS+, to provide authentication.
You can configure the following password parameters:
Aging The maximum number of days (1 to 500) that a password remains valid before the user must
change the password. The default is no aging enforced.
Attempts The number of unsuccessful login attempts that are allowed in a specified time period. If the
configured threshold is exceeded, the user is locked out for a specified time. In the following example, a
user is locked out for 10 minutes if 4 unsuccessful login attempts occur in a 10-minute period.
Count: 4
Time (minutes): 10
Lockout (minutes): 10
Authentication Order You can configure the sequence in which password authentication is attempted for
the RADIUS, TACACS +, and local methods.
Complexity You can specify whether passwords must contain uppercase and lowercase characters,
special characters, and numerical values.
Minimum Length You can specify the minimum number of characters (1 to 8) required for a password.

Scalable IP Networks v2.01 Module 2 - 45


BOF Parameters

Boot
Boot 7750 SR uses the BOF to perform the following tasks:
Option
Option 1) Set up the CPM Ethernet port (speed, duplex, auto)
File
File 2) Create an IP address for the CPM Ethernet port
3) Create a static route for the CPM Ethernet port
4) Configure the console port speed
5) Configure the DNS domain name
6) Configure the primary, secondary, tertiary configuration
source
7) Configure the primary, secondary, tertiary image source
8) Configure the persistence requirements

Always be sure to save


the BOF!

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 46 All rights reserved 2008 Alcatel-Lucent

The slide contains the parameters that you can configure in the BOF. The configuration of the BOF is
performed in the BOF CLI context.

Sample BOF commands are:


SR-1# bof z Change or create a BOF
SR-1>bof# address 10.10.10.2/24 primary z Change or create a CPM port IP address from the
console)
SR-1>bof# speed 100 z Configure the CPM Ethernet port speed to 100 Mb/s
SR-1>bof# primary-image cf3:/TIMOS.1.0.R0 z Configure the primary image directory
SR-1>bof# primary-config cf3:/test.cfg z Configure the primary configuration file to test.cfg
SR-1>bof# save z Save the BOF

Show commands
SR-1>show bof z Display the in-memory BOF that was last used

NOTE: Changes made to the bof.cfg file are not kept unless they are explicitly saved using the "bof save"
command.

Scalable IP Networks v2.01 Module 2 - 46


Show Card

A:sr1a#
A:sr1a# show
show card
card 11

==========================================================================
==========================================================================
Card
Card 11
==========================================================================
==========================================================================
Slot
Slot Provisioned
Provisioned Equipped
Equipped Admin
Admin Operational
Operational
Card-type
Card-type Card-type
Card-type State
State State
State
--------------------------------------------------------------------------
--------------------------------------------------------------------------
11 iom-20g-b
iom-20g-b iom-20g-b
iom-20g-b up
up up
up
==========================================================================
==========================================================================

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 47 All rights reserved 2008 Alcatel-Lucent

This slide shows the output of a show card command. The output indicates that the card slot is configured
to support all IOMs. The columns list the card that the slot is configured to accept and the card that is
installed in the slot. The two entries must match. Also, the administrative and operational states should
both be up.

IOM configuration example:


SR1# configure card 1
SR1>config>card# card-type iom-20g
SR1>config>card# no shutdown

Scalable IP Networks v2.01 Module 2 - 47


Show MDA

A:sr1a#
A:sr1a# show
show mda
mda

==========================================================================
==========================================================================
MDA
MDA Summary
Summary
==========================================================================
==========================================================================
Slot
Slot Mda
Mda Provisioned
Provisioned Equipped
Equipped Admin
Admin
Operational
Operational
Mda-type
Mda-type Mda-type
Mda-type State
State State
State
--------------------------------------------------------------------------
--------------------------------------------------------------------------
11 11 m5-1gb-sfp-b
m5-1gb-sfp-b m5-1gb-sfp-b
m5-1gb-sfp-b up
up up
up
22 m16-oc3-sfp
m16-oc3-sfp m16-oc3-sfp
m16-oc3-sfp up
up up
up
==========================================================================
==========================================================================

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 48 All rights reserved 2008 Alcatel-Lucent

This slide shows the output of a show mda command. The output lists the card slot that is referenced, in
this case card 1, and the MDAs that are supported by the IOM in card slot 1. In this case, all MDAs are
supported.
The next column lists the IOM slot that is configured to accept the MDA, the MDA that is installed in the IOM
MDA slot, and the status of the MDA.

MDA configuration example:


SR1>config>card# mda 1
SR1>config>card>mda# mda-type m60-10/100eth-tx
SR1>config>card>mda# no shutdown

Port configuration example:


SR1# configure port 1/1/1
SR1>config>port# no shutdown

Note The port default is shutdown

Scalable IP Networks v2.01 Module 2 - 48


Logs

Record events, alarms, and faults that result from actions performed on
the 7750 SR and the 7450 ESS
Can be used to record debug messages for troubleshooting
Log sources
y Main - most normal logs not specifically directed to any other event stream
y Security - any attempt to breach system security such as failed login attempts
y Debug - events generated when debug tracing is on
y Change - any events that change the configuration or operation of the node
Log destinations
y Console, session
y Memory, file
y SYSLOG server
y SNMP trap group

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 49 All rights reserved 2008 Alcatel-Lucent

Logs
The 7450 ESS and 7750 SR keep very extensive logs of events, alarms, traps, and debug/trace messages. The
logs are used to monitor events and troubleshoot faults in the 7450 ESS or the 7750 SR. You can configure
the type of logging information that is captured and where to send the captured logging information.
Log sources
Applications and processes in the 7450 ESS or the 7750 SR generate event logs. The logs are divided into
four streams main, security, debug trace, and change. Forwarded events are placed into an event log.
Each event log has a log identification (log-id) number and can contain events from more than one event
stream.
Log destinations
You can configure the destination for the contents of a log-id. A log-id can be directed to one of the
following destinations:
Console the physical 9-pin console port of the 7450 ESS or the 7750 SR
Session a console or Telnet session. Sessions are temporary log destinations that are valid only for
the duration of the session.
Memory a circular buffer where the oldest entry is overwritten when the buffer is full
File event logs and accounting policy information can be directed to a file
Syslog event log information can be sent to a syslog server
SNMP trap group event log information can be sent to an SNMP trap group. All events and traps are
time-stamped and numbered per destination. Traps are numbered sequentially per destination and
stored in memory. If the network management system (NMS) is offline, the system may not receive
some trap notifications. When the NMS is back online, the system will automatically recognize
whether some trap notifications were missed because the last sequence number will not match the
sequence number in the 7450 ESS or the 7750 SR. The NMS will then update its records with the
missing traps. If the in-memory notification log is full and some records are overwritten, the NMS
will resynchronize with the 7450 ESS or the 7750 SR.

Scalable IP Networks v2.01 Module 2 - 49


Configuring Logs

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 50 All rights reserved 2008 Alcatel-Lucent

This slide shows the capture of events and the subsequent logging of the events.

Scalable IP Networks v2.01 Module 2 - 50


CLI for Configuring Logs

A:PE1>config# log filter


A:PE1>config# log filter
- filter <filter-id>
- filter <filter-id>
- no filter <filter-id>
- no filter <filter-id>

<filter-id> : [1..1001]
<filter-id> : [1..1001]

[no] default-action - Specify the default action for the event filter
[no] default-action - Specify the default action for the event filter
[no] description - Description string for the event filter
[no] description - Description string for the event filter
[no] entry + Configure an event filter entry
[no] entry + Configure an event filter entry

A:PE1>config# log filter 14


A:PE1>config# log filter 14

A:PE1>config>log>filter$ description critical filter"


A:PE1>config>log>filter$ description critical filter"
A:PE1>config>log>filter$ default-action forward
A:PE1>config>log>filter$ default-action forward
A:PE1>config>log>filter$ entry 1
A:PE1>config>log>filter$ entry 1
A:PE1>config>log>filter>entry$ action forward
A:PE1>config>log>filter>entry$ action forward
A:PE1>config>log>filter>entry# match severity eq critical
A:PE1>config>log>filter>entry# match severity eq critical
A:PE1>config>log>filter>entry# exit all
A:PE1>config>log>filter>entry# exit all

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 51 All rights reserved 2008 Alcatel-Lucent

Steps to configure a log


1. Configure a log ID with a number from 1 to 98.
2. Identify the source.
3. Specify an optional filter to filter events if required.
4. Identify the destination.
5. Examine the logs to view the events.

Scalable IP Networks v2.01 Module 2 - 51


CLI for Configuring Logs (continued)

A:PE1>config>log#
A:PE1>config>log# log-id
log-id 14
14
A:PE1>config>log>log-id#
A:PE1>config>log>log-id# from
from main
main
A:PE1>config>log>log-id#
A:PE1>config>log>log-id# to
to session
session
A:PE1>config>log>log-id#
A:PE1>config>log>log-id# filter 14
filter 14

A:PE1>config>log>log-id#
A:PE1>config>log>log-id# info
info detail
detail
----------------------------------------------
----------------------------------------------
no
no description
description
filter
filter 14
14
time-format
time-format utc
utc
from
from main
main
to
to session
session
no
no shutdown
shutdown
----------------------------------------------
----------------------------------------------
A:PE1>config>log>log-id#
A:PE1>config>log>log-id#

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 52 All rights reserved 2008 Alcatel-Lucent

General log commands:


show log applications
show log event-control
show log file-id
show log filter-id
show log log-collector
show log log-id
show log snmp-trap-group
show log syslog

Scalable IP Networks v2.01 Module 2 - 52


Default Alarm Logs

There are two default and one special use log.


Log 99 All severity levels of alarms
Log 100 Only critical errors
Log 98 (special use) Created by SAM managed nodes
To view the logs, use the following commands:
show log log-id 99
show log log-id 100
More granular information in the two log files can be displayed by
using:
show log log-id 99 subject 1/1/1 port specific
show log log-id 99 application chassis chassis-related alarms
Additional commands exist for displaying alarm information
Only store about 500 of the latest entries. If more entries are required,
specific alarm logs need to be created

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 53 All rights reserved 2008 Alcatel-Lucent

Showing Layer 1 and Layer 2 alarms


The 7750 SR and the 7450 ESS have two default memory logs (log-id 99 and log-id 100) that contain all of
the events from the main application. All severity levels of alarms are recorded in log-id 99; log-id 100 only
contains serious errors.
There are several ways to view the alarms of a specific subject, such as alarms related to a particular port.
One method is to create a log that only monitors the specific subject.

Although Log 98 is not reserved or in use by default, it should be noted that the 5620 SAM network
management software will try to use this log-id by default. Generally it is recommended not to use log-id
98.

Scalable IP Networks v2.01 Module 2 - 53


Default Logs Alarm Monitoring Example

The show log command


A:PE1>config>log>log-id#
A:PE1>config>log>log-id# show
show log
log log-id
log-id 99
99
===================================================================
===================================================================
Event
Event Log
Log 99
99
===================================================================
===================================================================
Description
Description :: Default
Default System
System Log
Log
Memory
Memory Log
Log contents
contents [size=500
[size=500 nextnext event=25
event=25 (not
(not wrapped)]
wrapped)]

24
24 2006/08/17
2006/08/17 15:30:55.29
15:30:55.29 UTC
UTC WARNING:
WARNING: SYSTEM
SYSTEM #2006
#2006 -- CHASSIS
CHASSIS
"tmnxMDATable: Slot 1, MDA 2 configuration modified"
"tmnxMDATable: Slot 1, MDA 2 configuration modified"

23
23 2006/08/17
2006/08/17 15:30:55.29
15:30:55.29 UTC
UTC WARNING:
WARNING: SYSTEM
SYSTEM #2007
#2007 -- PORT
PORT
"Pool
"Pool on
on Port
Port 1/2/b.net-sap
1/2/b.net-sap Modified
Modified managed
managed object
object created
created
.
.
55 2006/08/17
2006/08/17 15:30:55.29
15:30:55.29 UTC
UTC MINOR:
MINOR: CHASSIS
CHASSIS #2004
#2004 -- Mda
Mda 1/2
1/2
"Class
"Class MDA
MDA Module
Module :: wrong
wrong type
type inserted"
inserted"

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 54 All rights reserved 2008 Alcatel-Lucent

The show log log-id 99 application chassis command displays all alarms that are logged in the router. In the
slide, the detailed information only displays minor alarms from the individual modules that are inserted in
the chassis. From the time that appears in the slide, it appears that these entries are from when the
router first booted.

Scalable IP Networks v2.01 Module 2 - 54


Displaying Configuration Information

The info command provides an informational display


during configuration without the need to use the show
config command
A:Training1>config>router# interface Toronto
A:Training1>config>router>if# info

----------------------------------------------

address 131.131.131.1/30
port 1/1/1

----------------------------------------------

You can view more details by using the detailed version


of the info command: info detail

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 55 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 55


Admin display-config

A:acie_sr1a#
A:acie_sr1a# admin
admin display-config
display-config
## TiMOS-B-4.0.R9
TiMOS-B-4.0.R9 both/hops
both/hops ALCATEL
ALCATEL SR
SR 7750
7750 Copyright
Copyright (c)
(c) 2000-2007
2000-2007 Alcatel-Lucent.
Alcatel-Lucent.
## All
All rights reserved. All
rights reserved. All use
use subject
subject to
to applicable
applicable license
license agreements.
agreements.
## Built on Tue Dec 19 15:56:05 PST 2006 by builder in /rel4.0/b1/R9/panos/main
Built on Tue Dec 19 15:56:05 PST 2006 by builder in /rel4.0/b1/R9/panos/main

## Generated
Generated FRI
FRI DEC
DEC 22
22 16:00:41
16:00:41 2006
2006 UTC
UTC

exit
exit all
all
configure
configure
#--------------------------------------------------
#--------------------------------------------------
echo
echo "System
"System Configuration"
Configuration"
#--------------------------------------------------
#--------------------------------------------------
system
system
name
name "acie_sr1a"
"acie_sr1a"
snmp
snmp
shutdown
shutdown
exit
exit
login-control
login-control
Press
Press any
any key
key to
to continue
continue (Q
(Q oo quit)
quit)

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 56 All rights reserved 2008 Alcatel-Lucent

This slide shows a partial output of the admin display-config command. The first portion of the output
displays the current version of the operating system that is running on the router. The router then outputs
the entire configuration of the router, down to the port level. This command can display a large number of
pages on a fully configured router.

Scalable IP Networks v2.01 Module 2 - 56


7750 SR and 7450 ESS Components and CLI

Section 6 Module Summary and Learning Assessment

Scalable IP Networks v2.01 Module 2 - 57


Module Summary

After successful completion of this module, you should be able


to:
Describe the 7750 SR and 7450 ESS
Describe the 7750 SR Components
Understand the boot process
Use the CLI commands
Configure a basic router using the CLI
Configure alarm logs

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 58 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 58


Learning Assessment

What information does the BOF contain?


What steps are typically performed to configure a system
from startup?
List the steps required to configure the BOF.
What is the CLI context in which interfaces are configured?
What command can be used to view the status of the MDAs?
List the possible log sources.
How many default logs are there, and what information do
they provide?

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 59 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 59


Lab 1 Exercise Hardware Configuration

Lab 1.1 System Identification


Lab 1.2 System Configuration
Lab 1.3 Hardware
Lab 1.4 - Logs

Alcatel-Lucent Scalable IP Networks v2.01 Module 2 | 60 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 2 - 60


www.alcatel-lucent.com

3HE-02767-AAAA-WBZZA Edition 02
Alcatel-Lucent Scalable IP Networks

Module 3 Data Link Overview

Scalable IP Networks v2.01 Module 3 - 1


Module Overview

Layer 2 OSI and Ethernet Defined


Ethernet
Ethernet Addressing and Operation
Ethernet Physical Cabling
Ethernet Devices and Switching
Ethernet Redundancy
Virtual LAN
SONET/SDH and Packet over SONET/SDH

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 2 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 2


Data Link Overview

Section 1 Layer 2 OSI and Ethernet Defined

Scalable IP Networks v2.01 Module 3 - 3


Layer 2 OSI and Ethernet Overview

Layer 2 Overview
Scope of Data Link Layer
Point-to-Point Data Links
Point-to-Point Protocol
Circuit-Switched Data Links
ATM Protocol
Time Division Multiplexing
Data Link Types Broadcast/Shared Access
Sonet and SDH and framing types

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 4 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 4


Layer 2 Overview

Why do we need Layer 2?


Required for higher-layer data transfer between directly/indirectly
connected components of a network based on the characteristics of the
physical medium
Characteristics of Layer 2
Scope of Data Link layer is the local network
Data Link headers are stripped and added as frames move from one
network to another point-to-point, circuit-based, or shared network
Addressing/Identification
MTU
Error Checking
Examples of Layer 2 Protocols
Ethernet, ATM, Frame Relay, X.25, TDM

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 5 All rights reserved 2008 Alcatel-Lucent

The application packages the data into a Transport Layer segment that is to be transmitted to the remote
station. The Network Layer (OSI) or Internet Protocol Layer constructs a packet with an IP address that
uniquely identifies the source and destination network device in the internetwork. The packet may then have
to be transmitted over several different networks (same/different physical media) before it reaches its
destination. In any one particular network, the Data Link Layer is responsible for encapsulating the packet
into a frame for Layer 2 forwarding. The frame is stamped with a Data Link header, which contains Data Link
source and destination addresses. When Ethernet is used, these Data Link addresses are called media access
control (MAC) addresses.
After adding the Data Link addresses to the frame, the Data Link Layer passes the frame to the physical layer
for transmission over the physical medium. The receiving network device must be able to recognize that the
frame is destined for itself and verify that the packet is intact. Because the entire packet is transmitted over
the physical medium, noise and other signal disturbances could corrupt or change the packet, rendering it
meaningless to the higher-layer application.
Layer 2/Data Link networks can be classified broadly into point-to-point networks, circuit-based networks, and
shared networks. Point-to-point network protocols do not usually require a source and destination addresses
since they are established between two networking devices only.
The Layer 2 framing usually consists of:

a circuit identifier in the case of circuit-based networks


an address that directs the packet to the required destination, usually on shared media
a fixed-length maximum size, maximum transmission unit (MTU) established between the source and
receiving component; data from higher-layers is broken into fixed-length frames (covered later)
an error check that is inserted by the source component and verified by the receiving component to
maintain data integrity

Scalable IP Networks v2.01 Module 3 - 5


Scope of Data Link Layer

L2 frames are transmitted only to devices and hosts within the same
network
L2 protocols are dependent on physical medium connecting the network
components
L2 networks are separated by routers
Within a network, L2 frames are switched; the data link headers are not
modified unless a network is crossed via a router or the frame reaches its
destination

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 6 All rights reserved 2008 Alcatel-Lucent

The scope of a Data Link frame is the local network. For example, in a typical scenario of IP/Ethernet, each IP
subnet is considered to be one network. The Data Link frame remains intact while it traverses the Layer 2
devices in a particular IP subnet. If the IP packet needs to be routed to another subnet via an IP router, the
original Data Link frame is stripped after it ingresses the IP router.
When forwarding the IP packet out from the appropriate port, the IP router constructs a new Data Link frame
with correct headers and Data Link addresses. This new Data Link header is used as the frame traverses to the
next subnet. This process continues until the destination host is reached.
The application data sent between two host stations can traverse several physically different networks. Each
network has a different Data Link header and may even use different Data Link protocols that depend upon the
physical wire; for example Ethernet, point-to-point protocol (PPP), ATM, Frame Relay.
In this slide, the end hosts on the Layer 2 network communicate with each other, or by way of Layer 2 devices,
using the specific Layer 2 protocol. The PCs on the left side of the Ethernet network do not require anything
other than Ethernet L2 framing to communicate with each other. The PCs on the right side of the network
similarly require only ATM L2 framing to communicate with each other. The L2 networks are separated by
routers, which are Layer 3 OSI devices. The PCs on the Ethernet network can only communicate with the PCs
on the ATM network using Layer 3 addresses.

Scalable IP Networks v2.01 Module 3 - 6


Point-to-Point Data Links

Point-to-point data link

Dedicated physical connection between two devices


Leased Lines between CPE equipments (local and remote)
Layer 2 protocol that can provide authentication and error checking
For example: SLIP, PPP

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 7 All rights reserved 2008 Alcatel-Lucent

In earlier times of the Internet, point-to-point data links allowed hosts to communicate with each other
through the telephone network. Older protocols such as SLIP (serial line IP) provided a simple mechanism for
framing higher-layer applications for transmission along serial lines. SLIP, in accordance with RFC 1055, sent
the datagram across the serial line as a series of bytes, and it used special characters to mark when a series of
bytes should be grouped together as a datagram. SLIP was simple enough but could not control the
characteristics of the connection.
Today, the protocol of choice is PPP, which provides advantages such as link control to negotiate the link
characteristics, network control to transfer multiple Layer 3 protocols, and provides authentication used by
remote computers to dial into their Internet service.

Scalable IP Networks v2.01 Module 3 - 7


Point-to-Point Protocol Frame

Flag Address Control Protocol


0x7E 0xFF 0x03 First byte
Protocol
Second byte

Data

Padding

Flag
Packing Frame Check Sequence
0x7E

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 8 All rights reserved 2008 Alcatel-Lucent

PPP is a point-to-point data link layer protocol that was initially designed to transport IP packets.
Flag: The first flag field indicates the start of a PPP frame. It always has the value 01111110 binary (0x7E hexadecimal,
or 126 decimal). The last flag field indicates the end of a PPP frame. It always has the value 01111110 binary (0x7E
hexadecimal, or 126 decimal).
Address: In HDLC, the address of the destination of the frame. However, in PPP we have a direct link between two
devices, so this field has no meaning. Therefore, it is always set to 11111111 (0xFF hexadecimal, or 255 decimal), which
is equivalent to a broadcast (it means all stations).
Control: This field is used in HDLC for various control purposes, but in PPP it is set to 00000011 (0003 hexadecimal, or 3
decimal).
Data: Zero or more bytes of payload that contains either data or control information, depending on the frame type. For
regular PPP data frames, the network-layer datagram is encapsulated here. For control frames, the control information
fields are placed here instead.
Padding: In some cases, additional dummy bytes may be added to pad out the size of the PPP frame. (for example, FCS2 or
FCS4)
Frame Check Sequence (FCS): A checksum computed over the frame to provide basic protection against errors in
transmission. This checksum is a CRC code similar to the one used for other layer two protocol error protection schemes,
such as the one used in Ethernet. FCS can be either 16 bits or 32 bits (default is 16 bits). The FCS is calculated over the
Address, Control, Protocol, Data, and Padding fields.
Protocol: Identifies the protocol of the datagram encapsulated in the Data field of the frame. See below for more
information about the Protocol field.
Value (in hex) Protocol Name Reference
0001 Padding Protocol
0003 ROHC small-CID [RFC3095]
0005 ROHC large-CID [RFC3095]
0007 to 001f reserved (transparency inefficient)
0021 Internet Protocol version 4
0023 OSI Network Layer
0025 Xerox NS IDP
0027 DECnet Phase IV
0029 Appletalk
002b Novell IPX

Scalable IP Networks v2.01 Module 3 - 8


Point-to-Point Protocol Operation

Physical Can operate across any physical media


Link Control Protocol (LCP) to build data link connections
Network Control Protocol (NCP) - to allow multiple network
protocols to be used over point-to-point links
Supports authentication, compression, error detection,
multi-link as part of the LCP protocol

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 9 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 9


Circuit-Switched Data Links

Many logical connections transferred over one physical connection


Virtual circuits based
For example: ATM, Frame Relay

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 10 All rights reserved 2008 Alcatel-Lucent

Circuit-switched protocols allow the transfer of user information as a unique set of packets identified by
virtual circuits.
In the slide, the switch on the left accepts traffic from each host PC into a virtual circuit and switches to
another virtual circuit when going to the router. The virtual circuit number is the same between the host PC
and the switch, and between the switch and the router. Traffic from each PC is uniquely identified by a virtual
circuit at every hop.

Scalable IP Networks v2.01 Module 3 - 10


Asynchronous Transfer Mode Protocol

0 Bits 7

GFC VPI

VPI VCI

VCI

VCI PT CLP

HEC

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 11 All rights reserved 2008 Alcatel-Lucent

Application packets are broken into 53-byte fixed-sized cells including a 5-byte header also referred to
as an ATM packet
ATM circuit is identified by a VPI/VCI value
Enhanced QoS support with 5 service classes
Ideal for multiple services on the same line
The ATM header consists of the following fields:
GFC4 bits of generic flow control that are used to provide local functions, such as identifying multiple
stations that share one ATM interface. The GFC field is typically not used and is set to a default value.
VPI8 bits of virtual path identifier that is used, in conjunction with the VCI, to identify the next
destination of a cell as it passes through a series of switch routers on its way to its final destination.
VCI16 bits of virtual channel identifier that is used, in conjunction with the VPI, to identify the next
destination of a cell as it passes through a series of switch routers on its way to its final destination.
PT3 bits of payload type. The first bit indicates whether the cell contains user data or control data. If
the cell contains user data, the second bit indicates congestion, and the third bit indicates whether the
cell is the last in a series of cells that represent one AAL5 frame.
CLP1 bit of cell loss priority that indicates whether the cell should be preferentially discarded if it
encounters congestion as it moves through the network
HEC8 bits of header error control that are a checksum calculated only on the header.

Scalable IP Networks v2.01 Module 3 - 11


ATM Adaptation Layer 5 Data Links

Generally used to transport non-real time connectionless data


Encapsulation used for transporting IP packets and inter-working
with Frame Relay or Ethernet packets
AAL5 is the simple and efficient AAL which is the one used most for
data traffic; it has no per-cell length nor per-cell CRC fields

Variable length 0-47 1 1 2 4 Bytes

PDU payload PAD UU CPI LI CRC-32

PDU - Variable length user information field (broken into 48-byte segments)
PAD - Padding used to cell-align the trailer between 0 and 47 bytes long.
UU - CPCS user-to-user indication to transfer one byte of user information
CPI - Common part indication
LI - Length indicator

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 12 All rights reserved 2008 Alcatel-Lucent

ATM packets are further encapsulated by ATM adaptation layers (AAL), which are responsible for the
segmentation and reassembly (SAR) of ATM cells of higher-layer data received at the other end. The purpose of
this is to adapt the class of service from higher-layers onto connectionless ATM cells. The AAL classification is
related to the service and application required for transport. Usually the following adaptation layers are
mapped to the following classes of service:
AAL1 Constant Bit rate service
AAL2 Variable Bit rate service
AAL3/4 Connection-oriented data usually
AAL5 Connectionless data service usually (for example, IP)
Constant Bit Rate (CBR) service: AAL1 encapsulation supports a connection-oriented service where minimal
data loss is required. Examples of this service include 64 kb/s voice, fixed-rate uncompressed video, and
leased lines for private data networks.
Variable Bit Rate (VBR) service: AAL2 encapsulation supports a connection-oriented service in which the bit
rate is variable but requires a bounded delay for delivery. Examples of this service include compressed
packetized voice or video. The requirement on bounded delay for delivery is necessary for the receiver to
reconstruct the original uncompressed voice or video.
Connection-oriented data service: For connection-oriented file transfer and data network applications where
a connection is set up before data is transferred, this type of service has variable bit rate and does not require
bounded delay for delivery. Two AAL protocols were defined to support this service class and have been
merged into one type called AAL3/4.
Connectionless data service: Examples of this service include datagram traffic and data network applications
where no connection is set up before data is transferred. Connectionless data service is used to transport
IP/Ethernet/Frame Relay applications.
Higher-level Service Delivery Units (SDUs) may be several bytes in length. However, as the ATM payload is only
48 bytes, the SDU must be segmented into multiple cells as it enters the ATM network, then reassembled when
it exits the ATM network. This function of the ATM adaptation layer is known as SAR. The adaptation layer
comprises two sublayers, one of which is the SAR sublayer, the other being the convergence sublayer (CS),
which performs service-dependent functions.

Scalable IP Networks v2.01 Module 3 - 12


Time Division Multiplexing

Synchronous channel based


Each station gets a fixed-length slot
Unused slots are idle transmitted without data
For example: T1, SONET

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 13 All rights reserved 2008 Alcatel-Lucent

Each host PC sends information to the switch. The switch then transmits a frame to the router at a constant
data rate (for example, 1.5 Mb/s). This frame now divided into many fixed time slots (24), each slot contains
64 kbits. Each host can occupy one or more time slots per frame.
Each host PC is assigned a fixed data rate. If the host uses one time slot, then its transmission is 64 kbits in
that slot. Because the pipe rate is 1.5 Mb/s, the host will have to supply their next 64 kbits in the next frame.
In this slide, each host PC transmits its characteristic frame (grey, yellow, purple). The frames that are
transmitted from the switch contain several timeslots. Within each of these frames three of the timeslots are
used by the respective host PCs.

Scalable IP Networks v2.01 Module 3 - 13


Time Division Multiplexing

DS1/T1
1.544 Mb/s Framing Rate
24 subchannels (DS0) each 8 bits sampled at 8000 + framing bit

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 14 All rights reserved 2008 Alcatel-Lucent

Time Division Multiplexing (TDM) is a digital technology where individual signals are interleaved into a
composite multiplexed signal. Recurring fixed-length time slots are created such that each individual signal is
represented by one channel or by multiple channels. The total transmission bandwidth is split among the time
slots. The total composite signal includes the payload bits for the composing channels and overhead bits.
The frame structures of the DS1 [ANSI95b] and the European E1 [ITU-T98a] signals are shown above. The DS1
signal consists of 24 payload channels plus overhead. The basic frame of each of these signals repeats every
125 s, that is, 8000 times per second. With 8 bits carried in each channel, this gives rise to a basic data rate
of 64 kb/s for each channel. The requirement for this data rate stems from the need to sample the analog
telephony signal 8000 times per second and encoding each sample in 8 bits. A DS-1 frame contains 24 channels,
each consisting of 8 bits, plus 1 framing/overhead bit, leading to a total of 193 bits. Because the frame
repeats every 125 s (or 8000 times a second), the total bit rate of the DS1 signal is 1.544 Mb/s. Similarly, the
total bit rate of the E1 signal is 2.048 Mb/s (32 channels of 8 bits, repeating every 125 s).

Widely used signaling examples:


DS1/T1, E1, DS3, E3, OC3/STM-1, OC12/STM-4
Other signaling examples:
DS3 that uses 28 DS1 or 7 DS2 or 1 DS3 = 45 M
OC3 that uses 3 DS3

Scalable IP Networks v2.01 Module 3 - 14


Time Division Multiplexing

E1
2.048 Mb/s Framing Rate
32 subchannels (DS0) each 8 bits sampled at 8000

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 15 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 15


SONET/SDH Overview

SONET/SDH is was a layer-1 technology but uses layer-2 framing


such as PPP, ATM or frame-relay for carrying data between routers
SONET and SDH are TDM technologies designed for voice traffic
SONET is used in North America, SDH in the rest of the world
SONET aggregates older synchronous carriers such as DS1 and DS3
SDH aggregates European carriers such as E1 and E3
Basic SDH frame is the STM-1, which operates at 155.52 Mb/s and is
equivalent to the SONET STS-3
Basic SONET frame is the STS-1, which operates at 51.84 Mb/s and
is designed to carry a DS1 (T1) frame. STS-1 is exactly one third of
an STM-1 frame
SONET/SDH is the underlying technology for ATM transmission

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 16 All rights reserved 2008 Alcatel-Lucent

Synchronous optical network/Synchronous Digital Hierarchy (SONET/SDH) is a high-bandwidth WAN transport


technology developed by Bell Communications Research and later standardized by ANSI and ITU. SONET/SDH is
synchronous in nature and specifies framing and multiplexing at the physical layer of the OSI model.
SONET/SDH was originally designed to transport voice but has been adapted to transport data by using Layer 2
framing technologies such as PPP/HDLC and ATM.
SONET/SDH technology is typically not implemented by small or medium-sized businesses, because of its high
cost. It is more commonly used by large global companies, long-distance companies linking metropolitan areas
and countries, or ISPs that need to guarantee fast, reliable access to the Internet. SONET/SDH is particularly
suited to audio, video, and imaging data transmission. As you can imagine, because of its reliance on fiber-
optic cable and its redundancy requirements, SONET/SDH technology is expensive to implement.

Scalable IP Networks v2.01 Module 3 - 16


SONET/SDH Overview (continued)

Basic SONET frame is known as STS-1 at 51.84 Mb/s


Each STS-1 can carry one DS3 frame
STM-1 frame is the equivalent of the STS-3 frame and designed for
European carriers
Higher levels achieved by combining exact multiples of STS-1 and
STM-1
Bit rate SONET SDH
(Mb/s) frame DS3s DS1s DS0s frame E3s E1s E0s

OC-1 51.84 STS-1 1 28 672 STM-0 1 16 512


OC-3 155.52 STS-3 3 84 2016 STM-1 4 64 2048
OC-12 622 STS-12 12 336 8064 STM-4 16 256 8192
OC-48 2488 STS-48 48 1344 32 256 STM-16 64 1024 32768
OC-192 9953 STS-192 192 5376 129 024 STM-64 256 4096 131072

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 17 All rights reserved 2008 Alcatel-Lucent

The basic SONET signal is known as synchronous transport signal (STS-1) and has a bit rate of 51.84 Mb/s. This
includes a payload of 50.112 Mb/s and an overhead of 1.728 Mb/s. The STS-1 frame is 810 bytes and is
transmitted in 125 ms, hence the bit rate of 51.84 Mb/s.
Each STS-1 can carry one DS3 or 28 DS1 frames. For higher data rates, STS-1 signal is incremented at fixed
levels to STS-3, STS-48, and STS-192. Multiplexing can occur in one or multiple stages. For example, an STS-12
can be formed by 4 STS-3s, or 12 STS-1s, or 3 STS-3s and 3 STS-1s. Each STS-1 payload in a SONET frame is
assigned a fixed position and can be extracted without having to fully demultiplex the entire frame. This is a
very big advantage of SONET compared to DS3.
The STM frames (STM-1, and so on) used by SDH are effectively a multiple of STS-3 frames. The overhead is
identical, although the terminology and overhead usage varies somewhat between the standards. STM-1 is
designed to carry an E3 frame. A number of different standards have been defined for the multiplexing of
lower data rates within STS-1 or STM-1 frames.

Scalable IP Networks v2.01 Module 3 - 17


SONET/SDH Deployment

Most commonly deployed on


rings with ADM

Other layouts are mesh, point-


to-point

Many sites connect to the ADM


using various signalling formats

Support automatic protection


switching on bidirectional rings
under 50 ms

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 18 All rights reserved 2008 Alcatel-Lucent

The ring topology is, by far, the most common in current service provider networks. It is common because it is
the most resilient. Rings are based on two or four fibers.
Transmission is in one direction on one half of the fibers and in the opposite direction on the other half. Half
the bandwidth can be reserved for protection. Quick recovery from a fiber cut anywhere on the ring can be
accomplished by switching to the signal being transmitted in the opposite direction. Ring topologies have been
so successful at providing reliable transport that even long-haul carriers often use multiple, very large
circumference rings in their nationwide networks.
Add/drop multiplexers (ADM) are used at nodes on the ring for traffic origination or termination. It is not
unusual for rings to be connected to other ringsin that case, cross-connects provide the interconnection
function.

Scalable IP Networks v2.01 Module 3 - 18


Packet over SONET/SDH (POS)

IP Datagram

PPP frame Protocol encapsulation and error control

SONET/SDH frame Byte delineation

Packet over SONET/SDH uses PPP encapsulated data to provide


framing for application packets
Specified in RFC 2615
IP traffic is usually carried via POS
Supports SONET/SDH level alarm processing, performance
monitoring, synchronization, and protection switching

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 19 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 19


Data Link Types Broadcast/Shared Access

Physical media is shared between many devices


Each device can transmit independently
Each station has a unique address
For example: Wire and Wireless Ethernet

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 20 All rights reserved 2008 Alcatel-Lucent

Broadcast networks typically use shared media to communicate to all the devices that are attached to that
shared media. For data to be reliably delivered from the source to the destination, each of the devices on the
shared media is identified by a particular address. The frame that is sourced from the sending device is sent to
all the devices sharing the media (broadcasting). All devices will receive the frame but only the device whose
address appears in the frame as the destination address will interpret the data. The rest of the devices will
ignore the data.
To transmit data reliably, the sending device on the shared media must compose the frame, obtain control of
the media, and transmit the information. Because the media is shared, it is possible for multiple stations to
transmit their information simultaneously, resulting in a collision. This collision causes data corruption.
Depending on the protocol used, an algorithm needs to be followed to ensure a minimum number of collisions
and also to ensure proper recovery from collisions. An example of a shared media protocol that is very
commonly used today is Ethernet.

Scalable IP Networks v2.01 Module 3 - 20


Data Link Overview

Section 2 Ethernet

Scalable IP Networks v2.01 Module 3 - 21


Ethernet Overview

Ethernet
Ethernet History
Ethernet Frame Types
General Ethernet Frame Format
Ethernet II Frame Capture
Ethernet and the OSI Model

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 22 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 22


Ethernet

Broadcast technology using shared media


A passive, wait-and-listen network architecture
Interfaces on the common network media are identified by
L2 addresses called MAC addresses
Encapsulates higher-layer traffic in a frame with source and
destination interface addresses to identify the devices on the
media
Can send a data frame to all devices (broadcasting) attached
to the media
Devices connected to each other using shared media are
commonly referred to as a Local Area Network (LAN)

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 23 All rights reserved 2008 Alcatel-Lucent

Computers must contend for transmission time on the network media. In fact, Ethernet is commonly described
as a contention-based architecture.

Scalable IP Networks v2.01 Module 3 - 23


Ethernet History

Ethernet is a LAN architecture developed by the Xerox


Corporation in cooperation with DEC and Intel in 1976
Ethernet supports data transfer rates of 10 Mb/s
Ethernet specification served as the basis for the IEEE 802.3
standard, which specifies the physical and lower software
layers
Ethernet started using the CSMA/CD access method (half-
duplex) to handle simultaneous demands
Ethernet is one of the most widely implemented LAN
standards

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 24 All rights reserved 2008 Alcatel-Lucent

Ethernet was originally designed by the Xerox Corporation, but the company was unsuccessful at launching the
technology commercially. Later Xerox joined with Digital Equipment Corporation to commercially standardize
a suite of network products that would use the Ethernet technology. Intel Corporation later joined the group,
known as DEC-Intel-Xerox (DIX). DIX developed and published the standard that was used for the 10 Mb/s
version of Ethernet. Originally, the only medium capable of handling these speeds was a multidrop thick
coaxial cable.
Carrier Sense, Multiple Access, Collision Detection (CSMA/CD) is used to arbitrate the access devices using the
shared media. This is covered in detail later.
The IEEE had started project 802, which was to provide the industry with a framework for standardizing of LAN
technology. Because the technology was so diverse, the IEEE formed working groups in support of the different
LAN technologies. The 802.3 working group was tasked with standardizing LANs based on the Ethernet
technology.

Scalable IP Networks v2.01 Module 3 - 24


Ethernet Frame Types

Ethernet II
Length replaced by type to identify upper layer protocols
Used for IP transport - most commonly used frame today

Preamble SFD DA SA Type P a y l o a d (46 to 1500 bytes) FCS

802.3
IEEE format defined for Ethernet
Intended to be used with IEEE 802.2

Preamble SFD DA SA Length LLC header and P a y l o a d (46 to 1500 bytes) FCS

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 25 All rights reserved 2008 Alcatel-Lucent

Ethernet supports two frame types, but they have been standardized so that all types can be transmitted on a
common Ethernet network. The 16-bit field that follows the source address (SA) indicates whether the frame is
Ethernet II or 802.3. If the value is 1536 or less, the frame is treated as 802.3. If the value is greater than
1536, the frame is treated as Ethernet II.
Ethernet II was originally developed by Digital, Intel, and Xerox in 1980 and is commonly known as the DIX
standard. It was adopted by the IEEE and went through formal standardization to form the 802.3/802.2 frame
types. The Ethernet II frame is usually used for transmission of IP datagrams.
Ethernet 802.3 was developed by the IEEE from the original Ethernet standard in 1983. IEEE Ethernet defines
two layers; the lower MAC layer in 802.3 and an upper LLC (logical link control) layer in 802.2. These are
sublayers of the OSI data link layer (Layer 2). The two layers were defined separately to provide additional link
control features and so that common LLC frames could be used for different media types, such as Ethernet,
Token Ring and FDDI. This allows bridging at Layer 2 between the different media types.
There are three different 802.3 formats that were used for older protocols such as Novel Netwares IPX and
Apple Computers Appletalk protocols and OSI protocols. Today, these formats are rarely used. The Alcatel-
Lucent 7750 SR uses the 802.3 for the transmission of IS-IS routing updates; however, it uses Ethernet II for
other traffic such as IP and MPLS.

Scalable IP Networks v2.01 Module 3 - 25


General Ethernet Frame Format

Length/
Preamble SFD DA SA P a y l o a d (46 to 1500 bytes) FCS
type

Frame check sequence


(4 bytes)

Payload: Internet layer

Frame length or type information (2 bytes)

Source MAC address (6 bytes)

Destination MAC address (6 bytes)

Fixed sequence to alert the receiver (8 bytes)


(0x55555555555555D5), start frame delimiter

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 26 All rights reserved 2008 Alcatel-Lucent

The frame consists of a set of bits organized into several fields. These fields include address fields, a variable-
size data field that carries from 46 to 1500 bytes of data, and an error checking field that checks the integrity
of the bits in the frame to make sure that the frame has arrived intact. The original Ethernet standards
defined the minimum frame size as 64 bytes and the maximum as 1518 bytes. These numbers include all bytes
from the destination MAC address field to the frame check sequence field. The preamble and the start frame
delimiter fields are not included when quoting the size of a frame. The IEEE 802.3ac standard released in 1998
extended the maximum allowable frame size to 1522 bytes to allow for a VLAN tag to be inserted into the
Ethernet frame format. Gigabit Ethernet and 10 gigabit Ethernet ports may support jumbo frames, which can
be 9000 bytes.
Preamble: A stream of bits that allows the transmitter and receiver to synchronize their communication. The
preamble is a 56-bit long pattern of alternating ones and zeroes. The preamble is immediately followed by the
Start Frame Delimiter.

Start Frame Delimiter (SFD): Always 10101011 and is used to indicate the beginning of the frame information.
Destination MAC (DA): The MAC address of the machine receiving data.
Source MAC (SA): The MAC address of the machine transmitting data.
Length/Type: The payload length or type field, (also known as Ethertype). If the Ethernet frame is in the
802.3 format, this field is interpreted as length. If the Ethernet frame is in the Ethernet II or original DIX
format, the field is interpreted as type, or Ethertype. The numeric value in this field determines whether the
frame is an 802.3 frame or Ethernet II frame. If the value is less than 1536, it is an 802.3 frame. If the value is
1536 or greater it is an Ethernet II frame.

(. . . continued on slide 22)

Scalable IP Networks v2.01 Module 3 - 26


General Ethernet Frame Format

Length/
Preamble SFD DA SA P a y l o a d (46 to 1500 bytes) FCS
type

Frame check sequence


(4 bytes)

Payload: Internet layer

Frame length or type information (2 bytes)

Source MAC address (6 bytes)

Destination MAC address (6 bytes)

Fixed sequence to alert the receiver (8 bytes)


(0x55555555555555D5), start frame delimiter

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 27 All rights reserved 2008 Alcatel-Lucent

(. . . continued from slide 21)

Data/Padding (also known as Payload): Where the IP header and data are placed if you are running IP over
Ethernet. This field contains IPX information if you are running IPX/SPX (Novell). Contained within the payload
section of an IEEE 802.2 frame are four specific fields:
DSAP - Destination Service Access Point
SSAP - Source Service Access Point
CTRL - Control bits for Ethernet communication
NLI - Network Layer Interface
An Ethernet frame must be a minimum of 64 bytes long. Therefore, if the data field is less than 46 bytes in
length, padding is included to bring the frame length to 64 bytes.
Frame Check Sequence (FCS): A part of the frame that verifies that the information each frame contains is
not damaged during transmission. If a frame is damaged during transmission, the FCS on the frame will not
match with the recipient's calculated FCS. The FCS is calculated by the sender based on the entire contents of
the frame. The recipient calculates an expected FCS value on the frame that it receives. Any frames that do
not match the calculated FCS are discarded.

Scalable IP Networks v2.01 Module 3 - 27


Ethernet II Frame Capture

Destination address Source address Ether type L3/IP information TCP information

0000 00 11 43 45 61 23 00 e0 52 d4 a5 00 08 00 45 00 ..CEa#..R.....E.
0010 01 21 0e ab 00 00 40 06 ea a8 8a 78 35 fe 8a 78 .!....@....x5..x
0020 35 95 00 17 09 55 98 09 6c 96 8e 7b 67 a7 50 18 5....U..l..{g.P.
0030 40 00 bc 0e 00 00 ff fb 03 0d 0a 64 65 76 69 63 @..........devic
0040 65 3a 20 20 73 54 57 33 32 66 62 69 38 32 0d 0a e: sTW32fbi82..
0050 0d 0a 41 6c 63 61 74 65 6c 20 4e 65 74 77 6f 72 ..Alcatel Networ
0060 6b 73 20 43 61 6e 61 64 61 2c 20 36 30 30 20 4d ks Canada, 600 M
0070 61 72 63 68 20 52 6f 61 64 2c 20 4b 61 6e 61 74 arch Road, Kanat
0080 61 2c 20 4f 6e 74 61 72 69 6f 0d 0a 55 6e 61 75 a, Ontario..Unau
0090 74 68 6f 72 69 7a 65 64 20 61 63 63 65 73 73 20 thorized access
00a0 70 72 6f 68 69 62 69 74 65 64 2e 20 20 41 63 63 prohibited. Acc
00b0 65 73 73 20 74 6f 20 74 68 69 73 20 64 65 76 69 ess to this dev

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 28 All rights reserved 2008 Alcatel-Lucent

This slide shows an actual sniffer trace of an Ethernet packet. Details of this trace are as follows:

Frame 234 (303 bytes on wire, 303 bytes captured)


Ethernet II, Src: FoundryN_d4:a5:00 (00:e0:52:d4:a5:00), Dst: Dell_45:61:23 (00:11:43:45:61:23)
Destination: Dell_45:61:23 (00:11:43:45:61:23)
Source: FoundryN_d4:a5:00 (00:e0:52:d4:a5:00)
Type: IP (0x0800)
Internet Protocol, Src: 138.120.53.254 (138.120.53.254), Dst: 138.120.53.149 (138.120.53.149)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 289
Identification: 0x0eab (3755)
Flags: 0x00
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0xeaa8 [correct]
Source: 138.120.53.254 (138.120.53.254)
Destination: 138.120.53.149 (138.120.53.149)
Transmission Control Protocol, Src Port: 23 (23), Dst Port: 2389 (2389), Seq: 4, Ack: 1, Len: 249
Source port: 23 (23)
Destination port: 2389 (2389)
Sequence number: 4 (relative sequence number)
Next sequence number: 253 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 16384
Checksum: 0xbc0e [correct]
Telnet

Scalable IP Networks v2.01 Module 3 - 28


Ethernet and the OSI Model

LLC Interface to the L3


protocol
MAC L2 addressing, data
transfer, sync, error control,
and data flow

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 29 All rights reserved 2008 Alcatel-Lucent

Ethernet resides at the Data Link layer. This layer can be subdivided further into two sublayers:

LLC logical link control 802.2


MAC media access control
The LLC interfaces between the network interface layer and the higher L3 protocol and may provide additional
functions such as flow control. LLC is only used with 802.3 Ethernet. It is not used with Ethernet II.
The MAC layer is responsible for determining the physical source and destination addresses for a particular
frame and for the reliable transfer of data, synchronization of data transmission, error control, and flow of
data.
At the physical layer, to observe the physical link condition, Ethernet uses the link integrity test, in which
Ethernet transceivers continually monitor the data path for activity. The physical layer standards also define
the format of the electrical or optical signaling that is used to represent the binary ones and zeroes on the
transmission media.

Scalable IP Networks v2.01 Module 3 - 29


Data Link Overview

Section 3 Ethernet Addressing and Operation

Scalable IP Networks v2.01 Module 3 - 30


Ethernet Addressing and Operation Overview

MAC Address Format


Unicast Addressing
Broadcast Addressing
Multicast Addressing
Ethernet Transmission
Half-Duplex Operation (CSMA/CD)
Full-duplex Operation
Auto-negotiation

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 31 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 31


MAC Address Format

OUI is the number assigned by the IEEE to vendors such as Alcatel-


Lucent
OUI examples: Alcatel-Lucent Canada 00-80-21 and 00-D0-F6,
Alcatel-Lucent USA 00-17-CC, Alcatel-Lucent Italia 00-20-60
OUI engine: http://standards.ieee.org/regauth/oui/index.shtml

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 32 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 32


Unicast Addressing

00:e0:b1:88:0d:c0 00:14:22:c5:79:87

Ethernet II, Src: 138.120.100.2 (00:e0:b1:88:0d:c0), Dst: Dell_c5:79:87


(00:14:22:c5:79:87)
Type: IP (0x0800)
Output Trailer: 000000000000
Internet Protocol, Src: 138.120.252.84 (138.120.252.84), Dst: 138.120.132.135
(138.120.132.135)
Transmission Control Protocol, Src Port: 8080 (8080), Dst Port: 2730 (2730), Seq: 0,
Ack: 3811441139, Len: 0

Unique source and destination MAC addresses


Frame is meant for one particular destination or host

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 33 All rights reserved 2008 Alcatel-Lucent

In this slide, an Ethernet frame is composed by the source with the following source and destination addresses:

Src : 00:e0:b1:88:0d:c0
Dest : Dell_c5:79:87 (00:14:22:c5:79:87)
The frame is sent to a hub that connects all devices on a 4-node LAN. The hub being a simple replicator, sends
the frame out on all its ports except the port where the frame was received (the port attached to the source).
Although all devices receive the frame, only the device whose MAC address matches the destination device
accepts the frame.
The output sample shows the use of an Ethernet frame destined for a unicast address.

Scalable IP Networks v2.01 Module 3 - 33


Broadcast Addressing

00:13:ce:2b:6b:28

Frame 1 (42 bytes on wire, 42 bytes captured)


Ethernet II, Src: 192.168.0.101 (00:13:ce:2b:6b:28), Dst: Broadcast
(ff:ff:ff:ff:ff:ff)

Output Destination: Broadcast (ff:ff:ff:ff:ff:ff)


Source: 192.168.0.101 (00:13:ce:2b:6b:28)
Type: ARP (0x0806)
Address Resolution Protocol (request)

Unique source MAC address only, destination address is broadcast


(ff-ff-ff-ff-ff-ff)
Frame is meant for all devices on the LAN in a broadcast domain

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 34 All rights reserved 2008 Alcatel-Lucent

In this slide, an Ethernet frame is composed by the source with the following source and destination addresses:

Src : 00:13:ce:2b:6b:28
Dest : ff:ff:ff:ff:ff:ff
The frame is sent to a hub that connects all devices on a 4-node LAN. The hub being a simple replicator, sends
the frame out on all its ports except the port where the frame was received (the port attached to the source).
All devices recognize that the destination address (ff-ff-ff-ff-ff-ff) is a special address and process the frame.
The output sample shows the use of an Ethernet frame destined for a broadcast address.

Scalable IP Networks v2.01 Module 3 - 34


Multicast Addressing

00:13:ce:2b:6b:28 01:00:5e:01:01:01 01:00:5e:01:01:01

Ethernet II, Src: 192.168.0.101 (00:13:ce:2b:6b:28), Dst: 01:00:5e:01:01:01 (01:00:5e:01:01:01)


Destination: 01:00:5e:01:01:01 (01:00:5e:01:01:01)

Output Source: 192.168.0.101 (00:13:ce:2b:6b:28)


Type: IP (0x0800)
Internet Protocol, Src: 192.168.0.101 (192.168.0.101), Dst: 239.1.1.1 (239.1.1.1)
Internet Control Message Protocol

Unique source MAC address only, destination address is multicast group


(01-00-5e-01-01-01)
Frame is meant for only devices who are members of that group

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 35 All rights reserved 2008 Alcatel-Lucent

In this slide, an Ethernet frame is composed by the source with the following source and destination addresses:

Src : 00:13:ce:2b:6b:28
Dest : 01-00-5e-01-01-01
The frame is sent to a hub that connects all devices on a 4-node LAN. The hub being a simple replicator, sends
the frame out on all its ports except the port where the frame was received (the port attached to the source).
All devices that are members of the particular group (239.1.1.1) process that message.
The output sample shows the use of an Ethernet frame destined for a multicast address.

Scalable IP Networks v2.01 Module 3 - 35


Ethernet Transmission

Half-duplex transmission
Data sent in one direction at a time
Results in collisions
Uses CSMA/CD to resolve collisions
Hubs are the most common half-
duplex devices
Full-duplex transmission
Data sent in both directions at the
same time
Requires point-to-point connections
No collisions
An approach to higher network
efficiency
Switches are the most common full-
duplex devices

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 36 All rights reserved 2008 Alcatel-Lucent

Half-duplex transmission is the traditional means of transporting Ethernet frames. Because data is
transmitted in one direction at a time over a shared medium, such as a hub, collisions are possible. The
CSMA/CD algorithm is used to handle collisions. A hub uses shared media and supports half-duplex only.
10Base-T, which works on half-duplex, is efficient 30 to 40% of the time because of collisions, and as such the
effective throughput is only 3 to 4 Mb/s.
Full-duplex transmission has data forwarding in both directions simultaneously. Full-duplex implementations
require a point-to-point connection between the sender and the receiver port. Therefore, a switch with 8
ports would have each of the 8 ports connected to the rest of the ports through a dedicated set of wires. This
ensures that there is no shared medium and collision is not possible. Because data can be transmitted bi-
directionally, the effective rate of a 10-Mb/s full-duplex transmission is 20 Mb/s (that is, 10 Mb/s each way).
Therefore, full-duplex transmissions are more efficient than half-duplex. Switches and routers usually support
full-duplex transmissions.
When devices such as switches and hubs are interconnected, care must be taken to ensure that the proper
transmission parameters are set on the ports. For switch-to-hub connections, the switch port must be set to
half-duplex because the hub only supports half-duplex. For switch-to-switch, switch-to-host, or switch-to-
router connections, full-duplex can be used.

Scalable IP Networks v2.01 Module 3 - 36


Half-Duplex Operation (CSMA/CD)

Hub

Host A Host B Host C Host D

All hosts constantly listen to the line


Host A transmits
Hosts B, C, and D listen to Host A and do not transmit
All hosts receive Host As message

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 37 All rights reserved 2008 Alcatel-Lucent

The CSMA/CD access rules are summarized by the protocol acronym.


Carrier sense (CS) Each Ethernet LAN-attached host continuously listens for traffic on the medium to
determine when gaps between frame transmissions occur.
Multiple access (MA) LAN-attached hosts can begin transmitting any time that they detect that the network
is quiet, meaning that no traffic is travelling across the wire.
Collision detect (CD) If two or more LAN-attached hosts in the same CSMA/CD network or collision domain
begin transmitting at approximately the same time, the bit streams from the transmitting hosts will interfere
(collide) with each other, and both transmissions will be unreadable. If that happens, each transmitting host
must be capable of detecting that a collision has occurred before it has finished sending its respective frame.
Each host must stop transmitting as soon as it has detected the collision and must wait a random length of
time as determined by a back-off algorithm before attempting to retransmit the frame. In this event, each
transmitting host transmits a 32-bit jam signal alerting all LAN-attached hosts of a collision before running the
back-off algorithm.
The CSMA/CD reduces the chance of collisions but does not prevent them. Both hosts A and B could decide to
transmit at once because no other hosts are transmitting a message on the line (idle line).

Scalable IP Networks v2.01 Module 3 - 37


Half-Duplex Operation (CSMA/CD) (continued)

Hub

Host A Host B Host C Host D

All hosts constantly listen to the line


Host A and Host B transmit simultaneously
Messages collide
Both hosts back off for a random time interval

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 38 All rights reserved 2008 Alcatel-Lucent

When host A and host B transmit frames at the same time, they both detect collisions and corruption of the
data.
Both host A and host B generate a jam signal, which is received by other hosts so that they discard the data
that was just corrupted by the collision.
A random back-off timer is then started on the transmitting hosts. Depending on whose timer expires first,
either host A or host B transmits if they detect no other transmission on the line.

Scalable IP Networks v2.01 Module 3 - 38


Full-duplex Operation

Point-to-point only
Attached to a dedicated switched port
Requires full-duplex support on both ends
Collision-free

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 39 All rights reserved 2008 Alcatel-Lucent

Full-duplex operation is an optional MAC layer capability that allows simultaneous two-way transmission over
point-to-point links.
Full-duplex transmission involves no media contention, no collisions, and no need to schedule retransmissions.
There are exactly two hosts connected on a full-duplex point-to-point link.
The link bandwidth is effectively doubled because each link can now support full-rate, simultaneous, two-way
transmission.

Scalable IP Networks v2.01 Module 3 - 39


Auto-negotiation

Ethernet auto-negotiable operation


Speed
y 10 Mb/s
y 100 Mb/s
y 1000 Mb/s
y 10000 Mb/s
Operation mode
y Half-duplex (CSMA/CD)
y Full-duplex
If auto-negotiation is enabled, directly-connected Ethernet
nodes negotiate their speed and their duplex mode prior to
establishing a link

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 40 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 40


Data Link Overview

Section 4 Ethernet Physical Cabling

Scalable IP Networks v2.01 Module 3 - 41


Ethernet Standards

Four data rates are currently defined for operation over optical
fiber and twisted-pair cables:
10 Mb/s 10Base-T Ethernet: twisted pair only
100 Mb/s 100Base-T or Fast Ethernet
1000 Mb/s 1000Base-T or Gigabit Ethernet
10 000 Mb/s 10 Gigabit Ethernet

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 42 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 42


10Base-T Ethernet

Originally IEEE 802.3i


Current standard is 802.3x
Transmission rate with 802.3i is 10 Mb/s half-duplex; with
802.3x is 10 Mb/s full-duplex
Frame format was based on Ethernet II, also called DIX
Most networks currently use the 802.3x frame format

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 43 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 43


100Base-T Ethernet

IEEE standard is 802.3u


Full-/half-duplex modes, 100 Mb/s data rate
Cabling options
y 100Base-TX 2 pairs of twisted-pair cable
y 100Base-T4 4 pairs of twisted-pair cable
y 100Base-FX Optical cable

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 44 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 44


1000Base-T Ethernet

Also known as gigabit Ethernet or GigE


IEEE standard is 802.3ab
Full-duplex mode only, 1000 Mb/s data rate
802.3ab specifies distances of 100 m using 4 pairs of Cat 5e
cabling

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 45 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 45


10 Gigabit Ethernet

IEEE standard is 802.3ae


Full-duplex only, with 10 Gb/s data rate
Minimizes the user's learning curve by maintaining the same
management tools and architecture
Physical media used is optical only

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 46 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 46


Ethernet Physical Cable Types

Ethernet Designation Type Wavelength Distance Fiber Type


10/100Base TX Copper 100 m
FX Optical SFP 1310 nm 2 km Multimode
100Base
FX-SM Optical SFP 1310 nm 25 km Single-mode
TX Copper 100 m
SX Optical SFP 850 nm 550 m Multimode
Gigabit LX Optical SFP 1310 nm 10 km Single-mode
Ethernet
ZX Optical SFP 1550 nm 70 km Single-mode
1470 nm to
CWDM Optical SFP 70 km Single-mode
1610 nm
LW/LR Optical SFP 1310 nm 10 km Single-mode
EW/ER Optical SFP 1550 nm 40 km Single-mode
10 gigabit
SR Optical SFP 850 nm 300 m Multimode
Ethernet
LR Optical SFP 850 nm 10 km Single-mode
ZR Optical SFP 1550 nm 80 km Single-mode
T Copper - 30-100m -
CX4 15m

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 47 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 47


Data Link Overview

Section 5 Ethernet Devices and Switching

Scalable IP Networks v2.01 Module 3 - 48


Ethernet Devices and Switching Overview

Ethernet Devices
Switching
Building up the MAC FDB
MAC Address Exercise
Broadcast/Multicast Across Switches
Ethernet Network Domains
Collision Domains

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 49 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 49


Ethernet Devices

Hubs/Repeaters Switches
Signal amplification and
replication
Layer 2 devices that inspect
Ethernet frame headers
Layer 1 devices that receive
Ethernet frames and replicate Switches receive Ethernet
across all other ports including the frames based on destination
receiving port MAC address
Do not inspect Layer 2 frame
headers
Full-duplex operation

Half-duplex operation

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 50 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 50


Switching

Switch Forwarding Table


Node MAC Address Interface
00 00 A2 00 00 01 1
00 00 A2 00 00 02 2

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 51 All rights reserved 2008 Alcatel-Lucent

Ethernet switches use the source MAC address to dynamically learn which MAC addresses are associated with
an interface. The switch records this address information into a forwarding table known as the MAC
forwarding database (FDB).
When the switch receives an Ethernet frame, it records the source MAC address and the interface on which it
arrived. It looks at the destination MAC address of the frame, compares it to the entries in its MAC FDB, and
transmits the frame out of the interface for that MAC address.
If no entry is found in the MAC FDB for the destination, the switch floods the frame out of all its interfaces
except the interface on which the frame arrived.

Scalable IP Networks v2.01 Module 3 - 51


Building up the MAC FDB

MAC FDB

Step 2 1/1/1 0000.8c01.000A


Step 4 1/1/2 0000.8c01.000B
Step 6 1/1/3 0000.8c01.000C

1/1/4 0000.8c01.000D

Step 1: Host A sends a frame to Host B


Step 2: The switch receives the frame on 1/1/1 and places the source in MAC FDB
Step 3: The destination is not in the MAC FDB so the switch floods the frame to all ports except the source
Step 4: Host B responds to Host A. The switch adds the source address of Host B to the MAC FDB
Step 5: The switch can now forward frames between Host A and Host B directly, that is, without flooding
Step 6 : Host C and Host D also send frames and are added to the FDB

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 52 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 52


MAC Address Exercise

What are the MAC FDBs for Switches A and C after every PC has
communicated with each other?

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 53 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 53


Broadcast/Multicast Across Switches

Broadcast and Multicast frames are treated similarly


The switch examines the destination MAC address; if it is broadcast
or multicast, the switch floods the frame out of all the remaining
ports
Advanced switches can build a special multicast table based on the
destination group address and therefore only flood multicast
frames to the required destinations

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 54 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 54


Ethernet Network Domains

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 55 All rights reserved 2008 Alcatel-Lucent

A collision domain is a group of Ethernet or Fast Ethernet devices in a CSMA/CD LAN that are connected by
repeaters and that compete for access in the network. Only one device in the collision domain may transmit at
any one time, and the other devices in the domain listen to the network to avoid data collisions. A collision
domain is sometimes referred to as an Ethernet segment.
A broadcast domain is a restricted area in which information can be transmitted to all devices in the domain.
More specifically, Ethernet LANs are broadcast domains. Any device attached to the LAN can transmit frames
to any other device because the medium is a shared transmission system. Frames are normally addressed to a
specific destination device in the network. While all devices detect the frame transmission in the network,
only the device to which the frame is addressed actually accepts it. A special broadcast address consisting of
all 1s is used to send frames to all devices in the network.
In an IP network, broadcast domains are separated by an IP router. Two devices on separate broadcast
domains cannot send Ethernet frames directly to each other. Instead they must send the frame to the router
which then forwards the IP datagram to the destination in a new Ethernet frame on the appropriate broadcast
domain.

Scalable IP Networks v2.01 Module 3 - 55


Collision Domains

Collision Collision Collision


domain domain domain

Broadcast Broadcast Collision


domain domain domain
Collision Collision
domain Broadcast domain
domain

Collision Collision
domain domain

In this slide, there are 8 collision domains and 3 broadcast domains.

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 56 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 56


Data Link Overview

Section 6 Ethernet Redundancy

Scalable IP Networks v2.01 Module 3 - 57


Ethernet Redundancy Overview

Ethernet Redundancy
LAG
Redundant Topology
Broadcast Storms
Database Instability
STP
Bridge Protocol Data Units
RSTP Port States and Roles
Port Role Assignment

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 58 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 58


Ethernet Redundancy

Two types of redundancy


Link redundancy on full-duplex connections
y Using multiple links between two devices via LAG
y Logical bundling to provide failover for one or more links
Redundant topology
y Multiple paths to reach the same destination
y Provides protection for path failures where ports/devices fail

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 59 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 59


Link Redundancy - LAG

Based on IEEE 802.3ad standard


Benefits
y increased performance by providing incremental bandwidth
between two devices . Support for up to 200 LAGs (R5.0) with 8
links per LAG, 64 LAGs on SR-1 )
y increased resiliency by providing automatic, point-to-point
redundancy between two devices if one or more links in the LAG
should fail
Statically configured or formed dynamically with LACP
Failover time less than one second
Alcatel-Lucent enhanced features
y Dynamic cost
y LAG port threshold

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 60 All rights reserved 2008 Alcatel-Lucent

A Link Aggregation Group (LAG) increases the bandwidth available between two nodes by grouping up to eight
ports into one logical link. The aggregation of multiple physical links allows for load sharing and offers
seamless redundancy. If one of the links fails, traffic is redistributed over the remaining links. Up to eight links
can be supported in one LAG, and up to 64 LAGs can be configured on a 7x50 SR/ESS.
Link Aggregation Control Protocol (LACP) is defined in IEEE802.3ad (Aggregation of Multiple Link Segments).
LACP provides a standardized method for implementing link aggregation between different manufacturers.

Scalable IP Networks v2.01 Module 3 - 60


LAG Configuration

LAG configurations should include at least two ports


A maximum of eight ports can be included in a LAG
All ports in the LAG must share the same characteristics (speed, duplex,
hold-timer, and so on)
Port characteristics are inherited from the primary port
Auto-negotiation must not be configured for 10/100 ports that are part of
a LAG. Ports in a LAG must be configured as full-duplex. Configure ports as
no autonegotiate (For 10GE ports, the xgig setting must be set to the
same value)
config>
config> lag
lag 11
config>lag#
config>lag# description LAG from
description LAG from PE1
PE1 to
to PE2
PE2
Example config>lag#
config>lag# port
port 2/1/1
2/1/1 2/2/1
2/2/1 3/1/1
3/1/1 4/1/1
4/1/1
configuration config>lag# port-threshold 22 action
config>lag# port-threshold action down
down
config>lag#
config>lag# dynamic-cost
dynamic-cost
config>lag# no shutdown
config>lag# no shutdown

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 61 All rights reserved 2008 Alcatel-Lucent

LAG Port Threshold Parameter


This parameter determines the behaviour of a LAG when the number of available links falls below the
configured threshold value. Two actions can be specified:
Option 1:
configure lag <lag-id> port-threshold <threshold value> action down
If the number of available links is less than or equal to the threshold value, the LAG is declared
operationally down until the number of available links is greater than the threshold value.
Option 2:
configure lag <lag-id> port-threshold <threshold value> action dynamic-cost
If the number of available links is less than or equal to the threshold value, dynamic costing is used to
determine the advertised LAG cost.
Note: The costing of a LAG only affects the IGP costing (OSPF only)

Dynamic Cost Parameter


Dynamic cost can be enabled with the general command config>lag <lag-id> dynamic-cost.

This parameter enables or disables the dynamic IGP costing of a LAG when the number of active links is
greater than the port-threshold value. When dynamic cost is enabled with this command and the number of
active links is greater than the port-threshold value (0-7), the path cost is dynamically calculated whenever
there is change in the number of active links regardless of the specified port-threshold action. Note that if the
port-threshold action is to declare the LAG down, then if the number of active links falls below the port-
threshold value the LAG is declared down, even if dynamic cost is enabled. Conversely, if the port-threshold
is met and the action is set to dynamic cost, then the link cost is dynamically recalculated even if the general
dynamic cost parameter is not configured.

Scalable IP Networks v2.01 Module 3 - 61


LAG Architecture Dynamic Cost

If each link in LAG 1 and LAG 2 has a


cost of 100, then the cost of logical
link LAG 1 is 100/4 = 25 and LAG 2 is
100/3 = 33

config> lag 1
config> lag 1
config>lag# dynamic-cost
config>lag# dynamic-cost
config>lag# port 2/1/1 2/2/1 3/1/1 3/2/1
config>lag# port 2/1/1 2/2/1 3/1/1 3/2/1
config>lag# port-threshold 2 action down
config>lag# port-threshold 2 action down
config> lag 2
config> lag 2
config>lag# port 4/1/1 4/2/1 5/1/1
config>lag# port 4/1/1 4/2/1 5/1/1
config>lag# port-threshold 2 action dynamic-cost
config>lag# port-threshold 2 action dynamic-cost

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 62 All rights reserved 2008 Alcatel-Lucent

In this slide, each physical link is configured with a cost of 100. Thus the cost of the logical link LAG 1 is
100/4 = 25 and LAG 2 is 100/3 = 33.
The LAG groups LAG 1 and LAG 2 are configured as follows:
LAG 1does not have the dynamic-cost parameter configured. If one link in LAG 1 fails, there are three
active links and the port threshold is two so the port-threshold action is not executed. However,
because the dynamic-cost parameter is not enabled on the LAG, the cost of LAG 1 remains the same
(100/4=25). If another link in LAG 1 fails, the number of active links matches the port threshold and
the port-threshold action is executed, therefore LAG 1 is declared operationally down.
LAG 2 does have the dynamic-cost parameter configured. If one link in LAG 2 fails, there are two active
links and the port threshold is two, so the port-threshold action is executed. Because the dynamic-
cost parameter is enabled on the LAG, the cost of LAG 2 changes to 100/2 = 50.

Scalable IP Networks v2.01 Module 3 - 62


Redundant Topology

Redundancy
Advantages
y Protection when an entire switch fails, rather than just link
protection
y Load balancing across switches rather than just across links of
the same switch
Disadvantages
y May cause broadcast storms if not designed correctly
y May cause FDB table instability
Frame looping problems
Layer 2 has no mechanism to stop looping as Layer 3 has with
TTL

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 63 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 63


Broadcast Storms

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 64 All rights reserved 2008 Alcatel-Lucent

Networks that are designed with redundancy and no Spanning Tree Protocol (STP) are vulnerable to broadcast
storms because as the switch receives multiple copies of a frame, it further replicates each frame and
transmits them out one or more ports on the switch.
Because of the Layer 2 loop, the transmitted frames are received back and replicated again. This results in an
exponential increase in Layer 2 traffic in the looped network.
Because there is no time to live (TTL) in Layer 2, this frame is copied and transmitted repeatedly until the
switch gets overwhelmed with activity and possibly resets or locks up.
Consider the case where no traffic has been transmitted on the above network. Therefore, both Switch 1 and
Switch 2 have an empty MAC FDB:
Host A sends a frame with destination MAC address of Host B. One copy of the frame is received by
Host B and processed.
The original frame is also received by Switch 1. Switch 1 records the source MAC of Host A to be on
Segment 1. Because Switch 1 does not know where Host B is, it replicates the frame and sends it out
the port connected to Segment 2.
The original frame is also received by Switch 2. Switch 2 records the source MAC of Host A to be on
Segment 1. Because Switch 2 does not know where Host B is, it replicates the frame and sends it out
the port connected to Segment 2.
Switch 2 receives the replicated frame from Switch 1 via Segment 2. Switch 2 removes the existing
entry for Host A in the MAC FDB and records that Host A belongs to the port attached to Segment 2.
Switch 2 then replicates the frame and transmits it out the port attached to Segment 1.
The process is continues indefinitely causing a broadcast storm and MAC FDB instability.

Scalable IP Networks v2.01 Module 3 - 64


Database Instability

MAC Address FDB MAC Address FDB


Host A Port 0 Host A Port 0
Host A Port 1

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 65 All rights reserved 2008 Alcatel-Lucent

Redundant networks without STP can also cause database instability.


In this slide, Switch 1 and Switch 2 will map the MAC address of Host A to Port 0. Later, when the copy of the
frame arrives at Port 1 of Switch 2, Switch 2 must remove its original entry for Host A and replace it with the
new entry for Host A, mapping it to Port 1. This activity causes an unstable database as Switch 2 tries to keep
up with the perceived location of Host A.

Scalable IP Networks v2.01 Module 3 - 65


STP

Standardized by IEEE in 1990 as 802.1d, for Ethernet link


management
y RSTP introduced as 802.1w in 1998 to speed convergence
y RSTP incorporated in latest STP in IEEE 802.1d-2004
Designed to prevent loops and therefore allow path
redundancy to be designed into Ethernet bridge/switch-
based networks
STP uses a root/branch/leaf model, which determines one
path to each leaf spanning the entire L2 network
STP will selectively block ports to remove L2 loops
End hosts (for example, PCs) are oblivious to STP and instead
see one LAN segment

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 66 All rights reserved 2008 Alcatel-Lucent

Spanning Tree Protocol (STP) was invented in 1985 by Radia Perlman and was first published as a standard by
IEEE as 802.1d. Revisions to STP were published in 1998 and 2004. Rapid Spanning Tree Protocol (RSTP) was
introduced in 1998 as IEEE 802.1w. In 2004, the IEEE incorporated RSTP in the Spanning Tree Protocol and
made the previous version obsolete. This version was published as IEEE 802.1d-2004.
STP is intended to prevent loops in an Ethernet network. It does this by selectively blocking ports to achieve a
loop-free topology. The first version of STP was slow at converging. Enhancements were introduced with RSTP
to speed convergence and convergence time was improved again with IEEE 802.1d-2004.

Scalable IP Networks v2.01 Module 3 - 66


STP Topology

Main purpose of the STP is building loop-free active topologies


Our ring topology will be converted into a spanning tree active
topology with the root on top

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 67 All rights reserved 2008 Alcatel-Lucent

Spanning Tree topology can be thought of as a tree that includes the following components :

a root (a root bridge/switch)


branches (LANS and designated bridges/switches)
leaves (end nodes)
There are no disconnected parts that are considered part of the tree. That is, the tree encompasses all of its
leaves. There are no loops in the tree. If you trace a path from one leaf to any other leaf, there is only one
possible path. STP organizes and connects switches into a loop-free topology while leaving no segments
isolated.

Scalable IP Networks v2.01 Module 3 - 67


Data Link Overview

Section 7 Virtual LAN

Scalable IP Networks v2.01 Module 3 - 68


Virtual LAN Overview

The Development of VLANs


Switches and VLANs
How do VLANs Work?
VLANs Over Multiple Switches
VLAN Trunking
VLAN Tagging
VLAN Stacking
VLAN Tags and VLAN Stacking

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 69 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 69


The Development of VLANs

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 70 All rights reserved 2008 Alcatel-Lucent

There are two main reasons for the development of VLANs:

the amount of broadcast traffic


increased security
Broadcast traffic increases in direct proportion to the number of stations in the LAN. The goal of the virtual
LAN (VLAN) is the isolation of groups of users so that one group is not interrupted by the broadcast traffic of
another.
VLANs also have the benefit of added security by separating the network into distinct logical networks. Traffic
in one VLAN is separated from another VLAN as if they were physically separate networks. If traffic is to pass
from one VLAN to another, it must be routed.

Scalable IP Networks v2.01 Module 3 - 70


Switches and VLANs

A VLAN permits a group of ports to share a common


broadcast domain regardless of physical location
A VLAN can reside on one switch or on many switches
Each VLAN is identified by a VLAN ID
Devices in different VLANs can only communicate with each
other if the frame is first sent to a Layer 3 device such as a
router

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 71 All rights reserved 2008 Alcatel-Lucent

On the 7750 SR and 7450 ESS there is no default VLAN for all ports to join. Other types of switches may have a
default VLAN for ports that are not assigned to a particular VLAN.

Scalable IP Networks v2.01 Module 3 - 71


How do VLANs Work?

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 72 All rights reserved 2008 Alcatel-Lucent

In this slide, VLANs subdivide the Ethernet switch into multiple switches. Note that there are no logical
interconnections between these internal switches. Therefore, the broadcast traffic that is generated by a host
in a VLAN stays within that VLAN, making the VLAN its own broadcast domain. Because broadcast traffic for a
particular VLAN remains within that VLANs borders, inter-VLAN or broadcast domain communication must
occur through a Layer 3 device such as a router.
Usually, hosts are not VLAN-aware, and therefore no 802.1q configuration is required on the hosts. The VLAN
configuration is done when the switch and ports are assigned on a VLAN-by-VLAN basis.

Scalable IP Networks v2.01 Module 3 - 72


VLAN Exercise

Broa
dcas
t

Host 1 sends out a broadcast. Which hosts will receive the broadcast?

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 73 All rights reserved 2008 Alcatel-Lucent

In this slide, Host 1 sends out a broadcast. Because Host 4 is the only other member of the VLAN, it is the only
host to receive the broadcast.
The FDB entries behave much the same way in the VLAN model as they do in the switch model. They are
updated based on the source address. In this slide, the source address of the broadcast frame is only learned
by VLAN 101. VLAN 102 will not know the source address of Host 1 after Host 1 transmits its broadcast packet.
Therefore, in a VLAN environment, a separate FDB is kept for each VLAN. In this case, this means that VLAN
101 will never learn about Host 3 or Host 2 unless it is manually configured or interconnected at Layer 3.

Scalable IP Networks v2.01 Module 3 - 73


VLANs Over Multiple Switches

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 74 All rights reserved 2008 Alcatel-Lucent

The sharing of VLANs between switches is achieved by the insertion of a header with a 12-bit VID, which allows
for 4094 possible VLAN destinations for each Ethernet frame.
A VID must be assigned for each VLAN. Assigning the same VID to VLANs on different connected switches can
extend the VLAN (broadcast domain) across a network.
The 802.1q standard works by inserting a 32-bit VLAN header into the Ethernet frame of all network traffic of
the VLAN. The VID uses 12 bits of the 32-bit VLAN header. The switch then uses the VID to determine which
FDB it will use to find the destination. After a frame reaches the destination switch port, the VLAN header is
removed.
This slide indicates which ports belong to which VLAN. The traffic ingressing a port in one VLAN will only be
allowed to egress a port on the same switch belonging to the same VLAN.

Scalable IP Networks v2.01 Module 3 - 74


VLAN Trunking

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 75 All rights reserved 2008 Alcatel-Lucent

VLAN trunking provides efficient interswitch forwarding of VLAN frames. In the previous slide, each VLAN
required a separate interswitch connection to forward frames from one switch to another.
VLAN trunking allows one Ethernet port to carry frames from multiple VLANs. This allows the use of one high-
bandwidth port, such as a gigabit Ethernet port, to carry the VLAN traffic between switches instead of
multiple fast Ethernet ports.
VLANs are separated within the trunk based on their VLAN IDs (Q tags). The FDB at the destination switch
designates the destination VLAN for the traffic on the VLAN trunk.

Scalable IP Networks v2.01 Module 3 - 75


VLAN Tagging

802.1q Ethernet Frame

Ether VLAN Ether


Preamble SFD DA SA P a y l o a d (46 to 1500 bytes) FCS
Type tag Type

Payload Ether-type

2 bytes 2 bytes
Range = 0x600-0xffff, default = 0x8100
Tag control information
For multi-vendor interoperability

3 bits 1 bit 12 bits

User_priority CFI VID


(Canonical format: bit
ordering can be different)

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 76 All rights reserved 2008 Alcatel-Lucent

The VLAN header can be broken down into two parts the VLAN tag type and the tag control information.
The VLAN tag type is a fixed value that is an indicator of a VLAN tag. The VLAN tag is a fix length of 2 bytes,
which is followed by the original EtherType describing the payload.

The tag control information has three parts:


Priority value (User priority) A 3-bit value that specifies a frames priority.
CFI One bit. A setting of 0 means that the MAC address information is in its simplest form. Currently
no other value is supported.
VID A 12-bit value that identifies the VLAN that the frame belongs to. If the VID is 0, the tag header
contains only priority information.

Scalable IP Networks v2.01 Module 3 - 76


VLAN Stacking

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 77 All rights reserved 2008 Alcatel-Lucent

A restriction of Ethernet VLANs is the limited number of VIDs. With 12 bits used to define the VID, there are
only 4096 possibilities. Because VLAN 0 and 4095 are reserved, the PE is really only capable of supporting 4094
VLANs not a significant number if it is compared with the expanding rates of networks.
One of the solutions to this restriction is VLAN stacking, also known as Q-in-Q. VLAN stacking allows the service
provider to use Layer 2 protocols to connect customer sites.
In this slide, three customers are connected through a common switch using VLAN stacking.
At the PE, the administrator has assigned a VLAN to represent the customer on that port. When the customer
traffic arrives at the PE device, the PE switch inserts another VLAN tag in the frame. It is this second or
stacked VLAN tag that takes the customer traffic through the provider network. At the egress port of the PE
equipment, the second or stack VLAN tag is removed and the traffic forwarded out the port.
This allows Customers 1, 2, and 3 to use the same VLAN tags in their network. In theory, the service provider
can support 4094 customers, with each customer supporting 4094 VLANs within their network.

Scalable IP Networks v2.01 Module 3 - 77


VLAN Tags and VLAN Stacking

Customer VLAN Tag 100

Ether VLAN Ether


DA SA P a y l o a d (46 to 1500 bytes) FCS
Type tag Type

Providers VLAN Tag 20

Customer VLAN Tag 100

Ether VLAN Ether VLAN Ether


DA SA P a y l o a d (46 to 1500 bytes) FCS
Type tag Type tag Type

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 78 All rights reserved 2008 Alcatel-Lucent

In the example on the previous slide, Customer 1 sent a frame to the PE switch with a VLAN tag of 100. The PE
switch inserts a second VLAN tag of 20. This tag number represents Customer 1 traffic. The second tag keeps
Customer 1 traffic separate from Customer 2 and 3 traffic and gives Customer 1 the ability to add 4095 more
associated VLANs.
The VLAN tag that is inserted by the provider is the VLAN tag that is used in the provider network. When the
frame has reached the appropriate egress port, the providers VLAN tag is removed and the frame with the
customers VLAN tag is forwarded out the egress port.

Scalable IP Networks v2.01 Module 3 - 78


Data Link Overview

Section 8 Module Summary

Scalable IP Networks v2.01 Module 3 - 79


Module Summary

After the successful completion of this module, you should


understand the following concepts:
Layer 2 OSI and Ethernet Defined
Ethernet
Ethernet Addressing and Operation
Ethernet Physical Cabling
Ethernet Devices and Switching
Ethernet Redundancy
Virtual LAN
SONET/SDH and Packet over SONET/SDH

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 80 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 80


Learning Assessments

List the necessities of having Layer 2


Define and differentiate between the various Layer 2
protocols
Describe Ethernet
Distinguish between the Ethernet Frame types
List the types of addressing formats supported by Ethernet
Describe Half Duplex operation and CSMA/CD
Identify the common Ethernet Standards
Describe the operation of an Ethernet Switch and how it
differs from a Hub
Describe the building of the forwarding MAC database on an
Ethernet Switch

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 81 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 81


Learning Assessments

Differentiate between a collision domain and a broadcast


domain
Describe the operation of LAGS
List the problems encountered in an Ethernet Loop Topology
Describe the operation of STP and RSTP
List the advantages of using VLANS in an Ethernet network
Describe VLAN Tags and the types of Tags supported
Describe the operation of SONET/SDH
List the bit rates supported by the common SONET frames
Describe the POS (Packet over SONET) mechanism

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 82 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 3 - 82


www.alcatel-lucent.com

Alcatel-Lucent Scalable IP Networks v2.01 Module 3 | 83 All rights reserved 2008 Alcatel-Lucent

3HE-02767-AAAA-WBZZA Edition 02
Alcatel-Lucent Scalable IP Networks

Module 4 Layer 3 and IP Services


Module Overview

Layer 3 and IP Services Overview


IP Addressing
IP Subnet Basics
IP Subnet Applications
Route Aggregation
IPv4 Forwarding Process
IP in Home and Small Businesses
Other Protocols that Support IP Operation
IP Filters

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 2 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 2


Layer 3 and IP Services

Section 1 - Layer 3 and IP Services Overview


Network Layer/Layer 3 OSI

Why do we need Layer 3?


Provides unique addressing for many devices to intercommunicate
Finds a path for the end-to-end delivery of application data
Characteristics
Logical addressing
Quality of service options for different application packets
Routing protocols
Devices
Routers
Layer 3 protocols
IP, IPX, CLNS, AppleTalk

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 4 All rights reserved 2008 Alcatel-Lucent

The network layer, or Layer 3, is considered to be the lowest layer in the TCP and OSI protocol stacks
that handles the end-to-end delivery of application data. The main function of the network layer is to
move data from the source to its destination or set of destinations regardless of where the destination
exists. The network layer performs this function by using a unique address and a standard set of
protocols to help forward the data. Although a number of Layer 3 protocols are still in use, Internet
Protocol (IP) is used almost exclusively today.
From the source, the data must pass through various physical mediums across several Layer 2 domains
over routers before the data reaches its destination or destinations. The routers inspect the IP header
before forwarding data to the appropriate interfaces.
The IP address is a logical address that differs from a Layer 2 address, such as a MAC address, that is
permanently programmed into the firmware. The IP address uniquely identifies the device on the
Internet. Address distribution is controlled by the IANA, a global authority. The IANA ensures that every
Internet address is unique. To ensure that the data is sent from a source to its correct destination,
every device on the Internet must have a unique IP address.
Routing protocols are required to forward the data. Routers use the routing protocols to build
forwarding tables. When an IP packet is received, the router checks the forwarding table to identify the
physical interface destination for the data. Typically, several routers are involved in an end-to-end data
transfer.
The most widely used L3 protocol is IP, which provides services that are roughly equivalent to the OSI
network layer. IP provides a datagram (connectionless) transport service across the network. This
service is referred to as unreliable, because the network does not guarantee delivery or notify the end
host system about packets that are lost because of errors or network congestion. IP datagrams may be
up to 65 535 bytes (octets) in length.
IP does not provide a mechanism for flow control. This is handled by the transport layer.

Scalable IP Networks v2.01 Module 4 - 4


Layer 3 Connects Multiple Layer 2 Networks

Packet over SONET


Point-to-Point
Layer 3 IP Routed Network

Higher layer required to connect many Layer 2 networks


Every device connected to the Internet requires a unique Layer 3
address

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 5 All rights reserved 2008 Alcatel-Lucent

In this slide, IP is required because the physical networks that are connected to the user PCs are
different in each location. The IP layer is required to direct the data from the source PC to the
destination PC. The routers (as will be seen later) are responsible for directing the data based on
information in the IP header. The TDM, ATM, POS, and Ethernet-based switches transmit the IP
datagrams between the routers. The routers inspect the IP header and transmit the IP datagram to the
next-hop router.
IP provides a consistent service interface for the higher layer protocol to communicate across the
different physical networks. The data from every Internet application is transmitted across the network
in an IP datagram regardless of the type of data or the nature of the application. The IP network
provides a universal addressing plan and simple forwarding service for every application using the
network.

Scalable IP Networks v2.01 Module 4 - 5


Layer 3 Routing in the Network

Packet over SONET


Point-to-Point
Layer 3 IP Routed Network

Which path will data take from the source to the destination?

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 6 All rights reserved 2008 Alcatel-Lucent

In this slide, the IP address of the source data is 138.120.54.98/24 and the IP address of the destination
is 160.16.20.1/24. Because the destination is not on the same Layer 2 network as the source, the data
will travel to the router that is attached directly to the Layer 2 switch using Layer 2 forwarding. The
router (R1) must then decide which router, R2 or R3, is the best next hop to reach the destination. R1
then transmits the data to the next router using the Layer 2 technology that connects them (POS in this
example).
For R1 to decide which direction is the best path to the destination, the router must have the
appropriate information about the network. This information is exchanged using routing protocols that
run on all the routers involved. In this slide, routers R1 to R4 use the same routing protocol.
Every router on the network builds a routing table using the routing protocols and the information that
they receive from the other routers. When data arrives at the router, it uses the routing table to
determine the next hop to the destination. The routing table contains a list of network destinations
with the next-hop address to be used to reach them.

Scalable IP Networks v2.01 Module 4 - 6


Layer 3 and IP Services

Section 2 IP Addressing
IP Addressing Overview

Internet Protocol Overview


IPv4 Packet Header
IPv4 Address
IP Address Classes
Unique IP Addressing
IP Global Address Assignments
IPv4 Addressing Types

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 8 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 8


Internet Protocol Overview

Most commonly used Layer 3 protocol


Connectionless protocol
Provides support for framing and packet prioritization
Maximum packet length is 65 535 bytes
Version 4 is current version

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 9 All rights reserved 2008 Alcatel-Lucent

The Internet Protocol (RFC 791) provides services that are roughly equivalent to the OSI network layer.
IP provides a datagram (connectionless) transport service across the network. This service is sometimes
referred to as unreliable because the network does not guarantee delivery or notify the end host system
about packets lost due to errors or network congestion.
IP datagrams contain a message or one fragment of a message, which may be up to 65 535 bytes
(octets).
IP does not provide a mechanism for flow control. This is handled by the transport layer.

Scalable IP Networks v2.01 Module 4 - 9


IPv4 Packet Header

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 10 All rights reserved 2008 Alcatel-Lucent

Version IP version is currently 4


IHL IP header length. The number of 32-bit words that form the header. The value is usually five.
TOS Type of Service is also known as the Differentiated Services Code Point (DSCP). The TOS byte can
be used to specify Quality of Service parameters for the packet, but this is often not respected by the
network.
Total Length The combined length of the header and the data, in bytes
Identification Together with the source address, this 16-bit number uniquely identifies the packet.
The number is used during the reassembly of fragmented datagrams.
Flags Three bits used for the fragmentation of packets. The first bit is unused. The second indicates
DF, or don't fragment, meaning that the packet must be discarded instead of fragmented. The third
indicates MF, or more fragments, indicating that this is not the last fragment
Fragment Offset A value that indicates which fragment of the original packet this corresponds to.
This is used during the reassembly of fragmented datagrams.
Time To Live Number of hops or links that the packet may be routed over, decremented by each
router (used to prevent accidental routing loops)
Protocol Identifier that indicates the type of transport packet being carried (for example, 1 = ICMP,
2= IGMP, 6 = TCP, 17 = UDP)
Header Checksum 1s complement checksum that is inserted by the sender and updated whenever the
packet header is modified by a router. Used to detect errors introduced into the IP header. Packets with
an invalid header checksum are discarded by all nodes in an IP network.
Source IP Address IP address of the original sender of the packet
Destination IP Address IP address of the final destination of the packet
Options Not often used. However when the options are used, the IP header length is greater than five
32-bit words to indicate the size of the options field.

Scalable IP Networks v2.01 Module 4 - 10


IPv4 Address

IP address example: 192.168.2.100

Binary equivalent: 11000000101010000000001001100100

The unique L3 identifier of computers, routers, and other devices


in an IP network
The 32-bit address is expressed in dotted-decimal format, with
each octet separated by a period

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 11 All rights reserved 2008 Alcatel-Lucent

Dotted-decimal notation divides the 32-bit IP address into four octets of 8 bits each. These octets
specify the value of each field as a decimal number. The range of each octet is from 0 to 255.
As stated earlier, the L3 address is unique to the device and, as such, is used to recognize the device on
the Internet. This is analogous to the postal service. For you to receive mail that is meant for you and
your family, you need a unique address. In Canada, the address is a combination of a postal code for a
region, a street name, and a house number. For example, 123 Walden Drive, K2K 2S6 is a unique address
in Canada. Similarly, every device that needs access to the Internet needs a unique L3 address.

Scalable IP Networks v2.01 Module 4 - 11


IP Address Components

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 12 All rights reserved 2008 Alcatel-Lucent

The first part of an IP address, which is known as the network number or network prefix, identifies the
network that a host resides in.
The second part of an IP address, which is known as the host number, identifies a host in the network.
This creates a two-level hierarchy, as shown in this slide above.
All hosts in a network share the same network number or prefix. However, the host numbers must be
unique to each host. Conversely, hosts with different network prefixes may share the same host
number.
The size of the network/host portions vary, as described in the following slides.

Scalable IP Networks v2.01 Module 4 - 12


IP Address Classes

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 13 All rights reserved 2008 Alcatel-Lucent

To provide some form of flexibility to support the implementation of various network sizes, the IP
address space was originally divided into classes: Class A, Class B, and Class C. When the IP address was
developed, the concept of classes could not have envisioned the enormous growth of the Internet.
Therefore, many of the addressing problems can be traced back to this early classification of the IP
address space.
This division of addresses is referred to as classful addressing because the address space is split into
predefined sizes. As shown in this slide, each class defines the boundary between the network and host
at a different octet within the 32-bit address.
Class A (1 to 126) A Class A network has an 8-bit network prefix and the highest-order bit is
always set to 0. This allows up to 126 networks to be defined because, 2 of the networks are
reserved. The 0.0.0.0 network is reserved for default routes. The 127.0.0.0 network is reserved
for loopback functions.
Class B (128 to 191) A Class B network has a 16-bit network prefix and the two highest-order
bits are always set to binary 10. Up to 16 384 networks can be defined.
Class C (192 to 223) A Class C network has a 24-bit network prefix and the three highest-order
bits are always set to binary 110. Up to 2 097 152 networks can be defined.
Class D (224 to 239) Class D is used for multicast addresses in applications such as OSPF.
Class E (240 to 255) Class E is reserved.

Scalable IP Networks v2.01 Module 4 - 13


Unique IP Addressing

Each node that uses the TCP/IP suite has a unique 32-bit logical IP
address

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 14 All rights reserved 2008 Alcatel-Lucent

A routers function is to join different IP networks. In this slide, each router is connected to two or
three networks through two or three interfaces. Each interface is identified by a unique IP address. The
interfaces in the same network belong to the same network prefix or network class.
There are five networks in this slide:
Class C networks - 192.168.0.0 and 192.10.0.0
Class B networks - 172.5.0.0 and 172.16.0.0
Class A network - 10.0.0.0

Scalable IP Networks v2.01 Module 4 - 14


IP Global Address Assignments

Global addressing is provided by the IANA


Major organizations of the world have specific address
assignments
Address assignments are available in RFC 1466 at:
http://www.iana.org/assignments/ipv4-address-space
One of the Alcatel-Lucent IP address assignments is
138.120.0.0
The addresses assigned by the IANA are also referred to as
public addresses
In addition, the IANA reserves some addresses (referred to as
private addresses) to be used in private networks

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 15 All rights reserved 2008 Alcatel-Lucent

Under the current IP addressing scheme (known as IPv4 and eventually to be replaced by IPv6), the
address space is divided into two types: public address space and private address space. Understanding
the difference is important and useful for a network administrator, especially if your organization is
connected to the Internet. All of the IP addresses (public address space) that are routable by using the
Internet are managed by one of three RIRs. Each RIR is responsible for a geographic region.
Note: This should not be confused with the InterNIC (http://www.internic.net) and its designated
registrars, such as Network Solutions, Inc. These organizations handle domain name registration, not
address registration.
The IANA distributes IP addresses to the RIRs.
Address space must be requested from IANA, which grants or denies. Alternatively, you can request the
address space from your ISP. The ISP then allocates the space from its allotted address space or makes
the request on your behalf.
This system of requests manages address space and provides a central authority to prevent address-
space collisions. When you use a public address, you can send to and receive from all non-broken parts
of the Internet. This means that all routers on the Internet can route your IP address to you. Therefore,
not all address space is portable.
If you own your address space, you can authorize an ISP to route the address space for you. However,
there is a chance that when you change providers or locations, it will no longer be possible to route your
IP address to the new location. It is important, therefore, to check before you travel and need to use
your address space.
The IANA has reserved the following three blocks of the IP address space for private Internets (local
networks):
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
IP addresses from 169.254.0.0 to 169.254.255.255 are reserved for automatic private IP
addressing. These IP addresses should not be used on the Internet.

Scalable IP Networks v2.01 Module 4 - 15


IP Address Hierarchy

Early IP address allocation gave no consideration to hierarchy


Routing tables started growing exponentially as Internet
usage increased
Hierarchical allocation introduced in the early 1990s, by
region and by service provider
BGPv4 supports address summarization
IPv6 addressing provides vastly improved addressing
hierarchy
y Important for network and routing scalability

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 16 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 16


IP Global Address Assignments

Address allocation is delegated by IANA to Regional Internet


Registries (RIRs)
y ARIN for North America
96.0.0.0/6
204.0.0.0/6, 208.0.0.0/7
y RIPE NCC for Europe and Middle East
77.0.0.0/8 through 95.0.0.0/8
y APNIC for Asia and Pacific region
114.0.0.0/8 through 126.0.0.0/8
RIRs allocate address space to service providers
Every attempt possible is made to maintain hierarchy in
address allocation

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 17 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 17


Private IP Address Space

Private IP address space allocated in RFC 1918 in 1996


Identifies blocks of addresses not to be routed on public
Internet
Networks using private addressing perform Network Address
Translation (NAT) to support connectivity to public Internet
Specific address ranges identified by RFC1918
y 10.0.0.0/8
y 172.16.0.0/12 (172.16.0.0 through 172.31.255.255)
y 192.168.0.0/16
Supports more efficient use of public IP address space
Provides additional security to hosts on private network

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 18 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 18


IPv4 Addressing Types - Unicast Address

A unicast address identifies a single specific device on an IP


network
y Example: 139.120.200.25

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 19 All rights reserved 2008 Alcatel-Lucent

Unicast addresses are the addresses that are used for most data exchanges on the Internet.

Scalable IP Networks v2.01 Module 4 - 19


IPv4 Addressing Types - Broadcast Address

Refers to all IP devices in the broadcast domain


A packet sent to all hosts in a broadcast domain (such as Ethernet)
is referred to as a broadcast packet. A broadcast IP address
contains the network number and all 1s for the host address
y Example: A packet sent to the IP broadcast address 138.120.255.255 is
delivered to all hosts in the 138.120.0.0 network

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 20 All rights reserved 2008 Alcatel-Lucent

A broadcast address is an address that is used to send traffic to all of the hosts in a specific broadcast
domain. Routers with interfaces in the broadcast domain receive the broadcast but do not propagate it.

Scalable IP Networks v2.01 Module 4 - 20


IPv4 Addressing Types Multicast Address

Used to address a group of


hosts
Reserved addresses are used
for multicast applications
(224.0.0.0 to
239.255.255.255)

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 21 All rights reserved 2008 Alcatel-Lucent

Multicast addresses are reserved for group membership applications. Multicast technology is an efficient
way to deliver data to a group of destinations that need to receive the same data. The group of
destinations is characterized by an IP address in the multicast range of 239.0.0.0 to 239.255.255.255
that defines membership in the specific group. An example is a broadcast TV service. When a host wants
to receive a specific channel, the host joins the multicast group for the channel, which is identified by a
multicast address; for example, 239.1.1.1. Multicast routing protocols route the data from the source to
the various hosts that have joined the multicast group.

Scalable IP Networks v2.01 Module 4 - 21


IPv4 Addressing Types Anycast Address

A unicast address that does not uniquely identify a host


Updates are sent to the nearest host or service
No specific address ranges for anycast addresses

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 22 All rights reserved 2008 Alcatel-Lucent

An anycast address is created by assigning the same unicast address to two or more hosts. In theory, the
hosts are functionally equivalent, and you want to route packets to the nearest host. This works well in
applications such as distributed Web sites. With the aid of dynamic routing protocols, the packets can
find the nearest host and, if the host is not available, traffic is routed to the next nearest host.

Scalable IP Networks v2.01 Module 4 - 22


Layer 3 and IP Services

Section 3 - IP Subnet Basics


IP Subnet Basics Overview

Subnetting
Subnet Masking
Calculating Host Addresses
Extended Network Prefix
Subnet Address Plan
Subnetworks and Routers
Configuring Routers

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 24 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 24


Subnetting

Introduces an additional level of hierarchy in addressing


Without subnetting, there are only the network and host portions
With subnetting, there are the network, subnetwork, and host
portions
Host space is now more efficiently used. For example, with one
network address, 6 or more subnetworks can be created

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 25 All rights reserved 2008 Alcatel-Lucent

There are three main problems with classful addressing.


Lack of Internal Address Flexibility Big organizations are assigned large, monolithic blocks of
addresses that do not match the structure of their underlying internal networks.
Inefficient Use of Address Space The existence of only three block sizes (Classes A, B, and C)
leads to waste of limited IP address space.
Proliferation of Router Table Entries As the Internet grows, more and more entries are
required for routers to handle the routing of IP datagrams, which causes performance problems
for routers. Attempting to reduce inefficient address space allocation leads to even more router
table entries.
Subnetting resolves the problems associated with classful addressing by adding a layer of hierarchy to
the addressing structure. Instead of being a simple two-level hierarchy that defines the network prefix
and host number, the subnet introduces a third level that defines a subnet number.
The third level provides network administrators with the flexibility to manage their current network
address in a way that best suits their needs by assigning a distinct subnet number for each of their
internal networks.

Scalable IP Networks v2.01 Module 4 - 25


Subnet Mask Defined

Q. How do you identify the subnet portion of a network?


A. Use a subnet mask

A subnet mask is a 32-bit number that accompanies an IP address


The mask indicates the network and the subnet
Boolean logic is performed to differentiate the subnet host
In a subnet, the first and last IP addresses are reserved
y The first address identifies the subnetwork
y The last address is reserved as a broadcast address for the subnetwork

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 26 All rights reserved 2008 Alcatel-Lucent

The subnet mask was created so that it has a one (1) bit for each corresponding bit of the IP address
that is part of its network ID or subnet ID, and a zero (0) bit for each bit of the IP address that
corresponds to the host ID. Therefore, the mask informs TCP/IP devices as to which bits in the IP
address belong to the network ID and subnet ID, and which bits in the IP address are part of the host ID.

Scalable IP Networks v2.01 Module 4 - 26


Subnet Mask and IP Address

IP Address Example: 192.168.2.132 (Class C or /24 )


What is the network and what is the subnet?
Assuming a subnet mask of 255.255.255.128 (32-bit value). What is
the subnet for this address?
Rewrite the IP address and subnet mask as binary, and apply
Boolean logic:
IP address 11000000.10101000.00000010.10000100
LOGICAL AND
Subnet mask 11111111.11111111.11111111.10000000
equals
Subnetwork 11000000.10101000.00000010.10000000
192.168.2.128
Network Class C 192.168.2.0
Subnetwork 192.168.2.128
Host range 192.168.2.129 to 192.168.2.254

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 27 All rights reserved 2008 Alcatel-Lucent

The subnet mask of 255.255.255.128 has been chosen and is applied to the IP address of 192.168.2.132,
which is a Class C address. This subnet mask splits the Class C network of 192.168.2.0 into two
subnetworks. Each subnetwork has 126 hosts.

Scalable IP Networks v2.01 Module 4 - 27


Subnet Mask and IP Address (continued)

IP Address Example: 192.168.2.132 with mask 255.255.255.128 applied


What are the network and host ranges?

192.168.2.132 255.255.255.128

11000000.10101000.00000010.10000100 & 11111111.11111111.11111111.10000000

192.168.2.128 (Network)
192.168.2.128 192.168.2.129 (1st Host)
192.168.2.130 (2nd Host)
11000000.10101000.00000010.1 0000000 .
192.168.2.254 (Last Host)
25 bits Host bits 192.168.2.255 (Broadcast)

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 28 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 28


Subnet Masks

An IP address is always associated with a subnet mask, for


example:
IP address 192.168.2.132 with a subnet mask of
255.255.255.128
IP address 192.168.2.132 with a subnet mask of
255.255.255.0
Another denotation for subnet masking uses /x, where x
represents the number of 1s in the subnet mask, for example:
255.255.255.0 can be referred to as /24, as in 24 1s
255.255.255.128 can be referred to as /25, as in 25 1s
IP address 192.168.2.132/24 implies a subnet mask of
255.255.255.0

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 29 All rights reserved 2008 Alcatel-Lucent

All possible subnet masks are as follows:


128.0.0.0 /1 255.255.128.0 /17
192.0.0.0 /2 255.255.192.0 /18
224.0.0.0 /3 255.255.224.0 /19
240.0.0.0 /4 255.255.240.0 /20
248.0.0.0 /5 255.255.248.0 /21
252.0.0.0 /6 255.255.252.0 /22
254.0.0.0 /7 255.255.254.0 /23
255.0.0.0 /8 255.255.255.0 /24
255.128.0.0 /9 255.255.255.128 /25
255.192.0.0 /10 255.255.255.192 /26
255.224.0.0 /11 255.255.255.224 /27
255.240.0.0 /12 255.255.255.240 /28
255.248.0.0 /13 255.255.255.248 /29
255.252.0.0 /14 255.255.255.252 /30
255.254.0.0 /15 255.255.255.254 /31
255.255.0.0 /16

Scalable IP Networks v2.01 Module 4 - 29


Subnet Example

For a network 192.168.1.0 and subnet mask /27, what are the possible
subnets and hosts?

Subnet 0 192.168.1.0/27 11000000.10101000.00000001.00000000


Subnet 1 192.168.1.32/27 11000000.10101000.00000001.00100000
Subnet 2 192.168.1.64/27 11000000.10101000.00000001.01000000
Subnet 3 192.168.1.96/27 11000000.10101000.00000001.01100000
Subnet 4 192.168.1.128/27 11000000.10101000.00000001.10000000
Subnet 5 192.168.1.160/27 11000000.10101000.00000001.10100000
Subnet 6 192.168.1.192/27 11000000.10101000.00000001.11000000
Subnet 7 192.168.1.224/27 11000000.10101000.00000001.11100000

27 bits

What is the difference between 192.168.1.0/24 and 192.168.1.0/27?

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 30 All rights reserved 2008 Alcatel-Lucent

The subnet address 192.168.1.0/27 defines the subnet where all the addresses start with the same 27
bits. This means that there are 5 bits remaining to define the host addresses for the subnet. These 5 bits
can range from 00000 to 11111 or from 0 to 31. Therefore, the subnet address 192.168.1.0/27 defines
the range of addresses from 192.168.1.0 to 192.168.1.31. The address with all 0s in the host portion is
the subnet address (192.168.1.0). The address with all 1s in the host portion is the broadcast address for
the subnet (192.168.1.31).
The subnet address 192.168.1.0/24 defines the subnet where all the addresses start with the same 24
bits. This means that there are 8 bits remaining to define the host addresses for the subnet. These 8 bits
can range from 00000000 to 11111111 or from 0 to 255. Therefore the subnet address 192.168.1.0/24
defines the range of addresses from 192.168.1.0 to 192.168.1.255. The address with all 0s in the host
portion is the subnet address (192.168.1.0). The address with all 1s in the host portion is the broadcast
address for the subnet (192.168.1.255).

Scalable IP Networks v2.01 Module 4 - 30


Calculating Host Addresses

Host address 0 192.168.1.0/27 11000000.10101000.00000001.00000000 All 0 host


Host address 1 192.168.1.1/27 11000000.10101000.00000001.00000001
Host address 2 192.168.1.2/27 11000000.10101000.00000001.00000010
.
Host address 29 192.168.1.29/27 11000000.10101000.00000001.00011101
Host address 30 192.168.1.30/27 11000000.10101000.00000001.00011110
Host address 31 192.168.1.31/27 11000000.10101000.00000001.00011111 All 1 host

Example:
Find all hosts in subnet address 192.168.1.96/27
Total number of hosts 30
First host 192.168.1.96+1/27 192.168.1.97/27
Tenth host 192.168.1.96+10/27 192.168.1.106/27
Last host 192.168.1.96+30/27 192.168.1.126/27
Broadcast address 192.168.1.96+31/27 192.168.1.127/27

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 31 All rights reserved 2008 Alcatel-Lucent

The assigned host address field of a subnet cannot contain all 0s or all 1s. The host number of all 0s is
reserved for the network address; the host number of all 1s is reserved for the broadcast address for the
network or subnet.
In this slide,
Five bits are used for the host address field.
Using the formula of 2^5 -2 = 32 -2 = 30, there are 30 assignable host addresses in this subnet.
This means that each of the subnets that were created can support up to 30 hosts.
To define the host address for the tenth host in the subnet, you arrange the host bits in the bit
pattern that represents 10 or 01010. This results in a host address of 192.168.1.10/27.
If one of the other subnets is used, (for example, 192.168.1.96/27), defining the host address is a
little more difficult. However, the concept is the same.
For a subnet address of 192.168.1.96/27 to define the tenth host address, you arrange the host
bits in the bit pattern that represents 10 or 01010. This value is then added to the network
address of 192.168.1.96/27 to give the host address of 192.168.1.106/27.
To define the broadcast address for this network, the host bits should be all set to 1 or 11111.
This is the binary representation of 31, so 31 is added to the network address of 192.168.1.96,
which gives a broadcast address of 192.168.1.127/27 for the subnet.

Scalable IP Networks v2.01 Module 4 - 31


Subnet Address Plan

1. How many subnets are


required now?
2. How many subnets will
be required in the
future?
3. How many hosts are in
the largest subnet?
4. How many hosts will be
in the subnet in the
future?

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 32 All rights reserved 2008 Alcatel-Lucent

An addressing plan requires careful planning and consideration for future requirements. The network
administrator cannot just look at the existing infrastructure in the assignment of addresses but must
take into account the future growth of hosts of all the subnets, and the future growth in the number of
subnets that will be required.
To create a subnet address plan, the administrator must perform the following steps:
1. Define the number of subnets that are required.
In this slide, there is a requirement for nine subnets; 8 or 2^3 subnets would not meet the
requirement.
2. To meet the requirement for nine subnets, plan for 16 or 2^4 subnets. This now leaves room for
future expansion.
3. Ensure that there is enough host space available to meet the requirements of the largest subnet.
If the largest subnet requires 35 hosts, a 2^6- or 64-host space must be used. This size also leaves
room for expansion.
4. After the design is completed, ensure that the organizations allocated IP address space is
sufficient to meet current and future needs.

Scalable IP Networks v2.01 Module 4 - 32


Subnet Address Plan - Example

1. Subnet 2, the largest subnet,


requires 20 host addresses
2. Network IP address is
192.168.1.0/24

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 33 All rights reserved 2008 Alcatel-Lucent

The administrator must identify the bits required to provide the six required subnets. Because the
address is a binary address, the boundaries for the subnets are based on the power of 2.
In this slide, the administrator requires 3 bits of the existing host address to provide the necessary
subnets: 2^3 = 8 available subnets. This gives the subnets an extended prefix of 27 bits. The 4-octet
subnet mask appears as 255.255.255.224. This leaves 5 bits of the last octet for host addresses.
The calculation for usable or assignable host addresses is 2^n 2, or in this case 2^5 2.
Two host addresses must be subtracted from the total because the host address 00000 (all 0s) is
reserved for the network address and the host address of 11111 (all 1s) is reserved for the broadcast
address of the subnet.
The base address is 192.168.1.0/24. With the subnet extended prefix defined, the administrator has the
following subnets, with each subnet supporting 30 hosts:
192.168.1.0/27
192.168.1.32/27
192.168.1.64/27
192.168.1.96/27
192.168.1.128/27
192.168.1.160/27
192.168.1.192/27
192.168.1.224/27

Scalable IP Networks v2.01 Module 4 - 33


Subnetworks and Routers

Loopback
192.168.10.1 172.16.32.1

(192.168.10.0/30) (172.16.32.0/20)

(1/1/1) (1/2/1)

(1.1.1.1/32)
1.1.1.1

How are IP networks associated with routers ?


Routers separate broadcast domains
Every physical and logical interface on the router can belong to a
network
An IP address in the broadcast domain is assigned to an interface
y One interface per sub-network only

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 34 All rights reserved 2008 Alcatel-Lucent

A router interface is a logical entity that is created in order to assign local networks in the router. The
router interface is commonly referred to as a Layer 3 interface or L3 interface. The interface is always
assigned an IP address. The IP address is applied along with the subnet mask.
Although the interface is a logical entity, the interface can be associated with a physical port. This is
typically done to physically connect the router to another router, switch, hub, or host. The other device
that is attached to the router must also be configured with an IP address in the same network as the IP
address that is assigned to the router interface.
An interface that is not associated with a physical port can be associated with a loopback interface and
is logical. The physical and loopback interfaces are considered internal to the router and represent
networks within the router.

Scalable IP Networks v2.01 Module 4 - 34


General Router Interface Configuration

To configure a network interface, use the following command


Address must be a host address on the subnet
Context:
Context:config>router
config>router

Syntax:
Syntax: interface
interface ip-int-name
ip-int-name
address
address ip-addr{/mask-length
ip-addr{/mask-length || mask}
mask} [broadcast
[broadcast {allones
{allones || host-ones}]
host-ones}]
port
port [port-id || ccag-group]
[port-id ccag-group]

Example:
Example:config>router>
config>router> interface
interface to-ALA-2
to-ALA-2
config>router>if#
config>router>if# address
address 10.10.24.4/24
10.10.24.4/24
config>router>if#
config>router>if# port
port 8/1/1
8/1/1
config>router>if#
config>router>if# description
description to
to port
port 6/1/1
6/1/1 on
on ALA-2
ALA-2

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 35 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 35


Adding Interfaces to Routers

172.17.10.1/24

A:ASIN#
A:ASIN# configure
configure router
router interface
interface system
system
A:ASIN>config>router>if#
A:ASIN>config>router>if# address
address 10.10.10.10/32
10.10.10.10/32
A:ASIN>config>router>if# back
A:ASIN>config>router>if# back
A:ASIN>config>router#
A:ASIN>config>router# interface
interface toRouterB
toRouterB
A:ASIN>config>router>if$
A:ASIN>config>router>if$ address
address 192.168.10.18/31
192.168.10.18/31
A:ASIN>config>router>if$
A:ASIN>config>router>if$ port
port 1/1/1
1/1/1
A:ASIN>config>router>if$
A:ASIN>config>router>if$ back
back
A:ASIN>config>router#
A:ASIN>config>router# interface
interface toLAN
toLAN
A:ASIN>config>router>if$
A:ASIN>config>router>if$ address
address 172.17.10.1/24
172.17.10.1/24
A:ASIN>config>router>if$
A:ASIN>config>router>if$ port
port 1/1/2
1/1/2
A:ASIN>config>router>if$
A:ASIN>config>router>if$ back
back
A:ASIN>config>router#
A:ASIN>config>router# interface
interface loopback1
loopback1
A:ASIN>config>router>if#
A:ASIN>config>router>if# address
address 172.25.0.1/24
172.25.0.1/24
A:ASIN>config>router>if#
A:ASIN>config>router>if# loopback
loopback
A:ASIN>config>router>if# exit
A:ASIN>config>router>if# exit

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 36 All rights reserved 2008 Alcatel-Lucent

Router A has two physical interfaces: one is connected to the LAN and one is connected to router B.
Router A also has two logical interfaces the system address and the loopback address, both of which are
internal to Router A.

Scalable IP Networks v2.01 Module 4 - 36


Verifying Added Interfaces

A:ASIN#
A:ASIN# show
show router
router interface
interface
===============================================================================
===============================================================================
Interface
Interface Table
Table (Router:
(Router: Base)
Base)
===============================================================================
===============================================================================
Interface-Name
Interface-Name Adm
Adm Opr(v4/v6)
Opr(v4/v6) Mode
Mode Port/SapId
Port/SapId
IP-Address
IP-Address PfxState
PfxState
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
loopback1
loopback1 Up
Up Up/--
Up/-- Network
Network loopback
loopback
172.25.0.1/24
172.25.0.1/24 n/a
n/a
system
system Up
Up Up/--
Up/-- Network system
Network system
10.10.10.10/32
10.10.10.10/32 n/a
n/a
toLAN
toLAN Up
Up Up/--
Up/-- Network
Network 1/1/2
1/1/2
172.17.10.1/24
172.17.10.1/24 n/a
n/a
toRouterB
toRouterB Up
Up Up/--
Up/-- Network
Network 1/1/1
1/1/1
192.168.10.18/31
192.168.10.18/31 n/a
n/a
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Interfaces
Interfaces :: 44
===============================================================================
===============================================================================

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 37 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 37


Special Subnet Masks

/31 subnet mask (RFC 3021)


y No broadcast or network address; only two host addresses
y Ideal for point-to-point links
y For example: 192.168.10.18/31, 192.168.10.19/31
/32 subnet mask
y No broadcast or network address; only one host address that
represents the network
y Loopback addresses and system address
y For example: 192.168.10.20/32

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 38 All rights reserved 2008 Alcatel-Lucent

/31 subnet mask


Using the example of 192.168.10.18/31 in the classical sense decodes to a subnet mask of
255.255.255.254 with a network address of 192.168.10.18 and a broadcast address of
192.168.10.19.
Because no addresses are reserved for host spaces, the devices need to be able to handle the
addresses as two host addresses.

/32 subnet mask


There is only one address which is reserved for loopback addresses and the system address.
The system address is a special loopback address that serves as a router ID for routing protocols
such as OSPF and BGP.
Loopback addresses are internal logical addresses that are not associated with physical
interfaces.

Scalable IP Networks v2.01 Module 4 - 38


Loopback and System Address

Loopback address
virtual address on the router does not correspond to any
specific interface
May have any prefix value (/32, /24, /18, etc.)
System address
Special loopback address on the Alcatel-Lucent 7750 SR
Used as an address to the reach the router itself
As a loopback address, system address is not associated with
any specific interface
system interface is defined by default, but does not have
an address assigned to it
Always has a /32 prefix value

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 39 All rights reserved 2008 Alcatel-Lucent

The system address is a special loopback address that serves as a router ID for routing protocols such as
OSPF and BGP. It is also acts as an address for the router itself. The system address can be reached
through any active interface on the router.
Loopback addresses are internal logical addresses that are not associated with physical interfaces. Note
that only the system address is a /32 address and that the loopback addresses can be associated with
any subnet mask range.

Scalable IP Networks v2.01 Module 4 - 39


Layer 3 and IP Services

Section 4 IP Subnet Applications


IP Subnet Applications Overview

Application of IP Subnets
Limited number of hosts

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 41 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 41


Application of IP Subnets

For a network of 192.168.10.0/24, generate subnetworks to address each


network

In this scenario, there are five 192.168.10.0/27 192.168.10.128/27


networks (3 broadcast networks and 2 192.168.10.32/27 192.168.10.160/27
point-to-point link networks).
192.168.10.64/27 192.168.10.192/27
Therefore, subnets can be generated
192.168.10.96/27 192.168.10.224/27
with a /27 mask as listed in the table

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 42 All rights reserved 2008 Alcatel-Lucent

In this slide, all of the networks have a /27 network mask. This means there are 30 hosts and 2
addresses reserved for the network and broadcast networks. Five of these networks can be assigned to
each of the router interfaces. However, the connection between the routers and the connection
between the router and the Internet only require two host addresses for their respective interfaces.

Scalable IP Networks v2.01 Module 4 - 42


Limited Number of Hosts

The following subnetworks have been assigned randomly:


192.168.10.0/27 192.168.10.96/27

192.168.10.32/27 192.168.10.64/27
192.168.10.128/27

Each subnet supports 30 hosts


The point-to-point link between the routers requires only two host
addresses
The broadcast networks attached to the switch may require 60 hosts each
but are limited to 30 hosts
How is the problem of limited hosts resolved?

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 43 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 43


VLSM

VLSM resolves the problem of limited hosts


Assign different subnet masks to the network (for example, use /26 for
192.168.10.0/24). The following subnets are generated:
y 192.168.10.0/26
y 192.168.10.64/26
y 192.168.10.128/26
y 192.168.10.192/26 (each subnet has 62 hosts)
The number of hosts is not enough to represent five networks, but apply
/30 to the subnet 192.168.10.192/26
y 192.168.10.192/26 can then be divided into:
192.168.10.192/30,192.168.10.196/30. 192.168.10.252/30
192.168.252/30 can 192.168.10.252/31, 192.168.10.253/31, 192.168.10.253/31,
192.168.254/31
Any one of the above addresses (/31) can be used to represent point-to-
point links between the routers

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 44 All rights reserved 2008 Alcatel-Lucent

When you develop a subnet design, the network administrator must consider the same issues as the
traditional subnet design. At each level, the administrator must ensure that there are enough bits
available for expansion.
If the networks are spread over a number of different sites, the administrator must ensure that enough
bits are used to support the sites and any future sites that may be deployed. In addition, the
administrator must envision how each site may further subdivide the network to support the
subnetworks in each site.
Development of this hierarchical addressing scheme requires careful consideration and planning. The
network must recursively work its way down so that each level has enough space in the host address to
support each requirement. This hierarchical addressing scheme is sometimes referred to as variable
length subnet masking (VLSM).
If this hierarchical scheme is planned correctly before deployment, the multiple networks can then be
aggregated into a single address that will help to reduce the number of routing entries in the backbone
routers.

Scalable IP Networks v2.01 Module 4 - 44


Supporting VLSM

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 45 All rights reserved 2008 Alcatel-Lucent

Using subnet masks of different lengths introduces a new set of challenges.


For example, how do the different subnets and their various extended prefixes get advertised
throughout the network?
This requires the use of more modern routing protocols. The routing protocol used must be able to:
Carry the extended prefixes with each subnet advertised
Make forwarding decisions based on the longest match
Perform summarization to support route aggregation
Modern routing protocols such as OSPF, IS-IS, and RIPv2 carry the subnet mask in the routing update and
therefore, support VLSM.

Scalable IP Networks v2.01 Module 4 - 45


VLSM - Example 1

In this example, the service


provider is allocated an IP
address of 172.16.0.0/16
The organization requires five
subnets; each subnet needs at
least 2000 hosts

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 46 All rights reserved 2008 Alcatel-Lucent

In a typical Class B network, there is only one network with 65 534 hosts. This network is represented by
the last 16 bits. We need five networks. To obtain the required networks, we can use some of the
default Class B host bits. Three options are available:
Option 1: Use 2 bits out of 16 for 2^2 = 4 networks and 2^14 = 16 384 hosts.
Option 2: Use 3 bits out of 16 for 2^3 = 8 networks and 2^13 = 8192 hosts.
Option 3: Use 4 bits out of 16 for 2^4 = 16 networks and 2^12 = 4096 hosts.
Option 2 or 3 can be used but, because only five networks are required, option 2 is the best choice.
However, if the network is expected to grow with no more than 4000 hosts in any subnet, option 3 may
be a better option because the network has been designed for 16 subnets.

Scalable IP Networks v2.01 Module 4 - 46


VLSM - Example 2

The service provider has the IP address 172.16.0.0/16 and a subnet


172.16.64.0/19, which must be further subnetted into 6 subnets that
support different numbers of hosts

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 47 All rights reserved 2008 Alcatel-Lucent

In this slide, subnet 172.16.64.0/19 has been isolated and will be further subdivided to support the six
subnets that are located in the local campus. The total number of hosts that are supported in the /19
network is 8190. This can be further subdivided into more subnetworks, each with a smaller number of
hosts.
If the requirement is to have six unequal subnets, one option is as follows:
172.16.64.0/20 2^12 2 = 4094
172.16.80.0/21 2^11 2 = 2046
172.16.88.0/22 2^10 2 = 1022
172.16.92.0/23 2^9 2 = 510
172.16.94.0/24 2^8 2 = 254
172.16.95.0/24 2^8 2 = 254
Note that the sum of all valid hosts is 8180. This is because by dividing further, two addresses are
reserved for the subnetwork number and broadcast number. The use of VLSM allows flexibility in the
design of networks. Not all subnetworks or networks require the same number of hosts.

Scalable IP Networks v2.01 Module 4 - 47


IP Subnets using VLSM - Exercise 1

The base network address is 138.120.0.0/16


Divide the address space into the subnets as shown in the figure

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 48 All rights reserved 2008 Alcatel-Lucent

In this slide, the administrator is tasked with taking the base network address and subnetting it to
support three subnets: Subnet 1, Subnet 2, Subnet 3.
Then, the subnet 2 address must be further subdivided to support four subnets: Subnet 2a, Subnet 2b,
Subnet 2c, Subnet 2d. The administrator must then define the first, last, and broadcast addresses for
the second sub-subnet.
Subnet 1 network address ______________________
Subnet 2 network address ______________________
Subnet 3 network address ______________________
Subnet 2a network address ______________________
Subnet 2b network address ______________________
Subnet 2c network address ______________________
Subnet 2d network address ______________________

Subnet 2b
First host address ___________________
Last host address ___________________
Broadcast address __________________

Scalable IP Networks v2.01 Module 4 - 48


IP Subnets using VLSM - Exercise 2

Using 10.10.10.0/24 as the


base address, provide the
IP subnet addresses

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 49 All rights reserved 2008 Alcatel-Lucent

In this slide, the administrator is tasked with taking the base network address and subnetting it to
support six subnets, ensuring that each subnet will support its host requirements.
The next task for the administrator is to take one of the subnets and further subdivide it to support the
point-to-point links that join the subnet routers to the main router.
Given the IP address, use VLSMs to extend the use of the address. Provide a possible address for each of
the following:
HQ A ________________________
HQ B ________________________
HQ C ________________________
HQ D ________________________
HQ E ________________________
HQ F ________________________
Router A LAN ________________________
Router B LAN ________________________
Router C LAN ________________________
Router D LAN ________________________
Router E LAN ________________________
Router F LAN ________________________

Scalable IP Networks v2.01 Module 4 - 49


Layer 3 and IP Services

Section 5 Route Aggregation


Route Aggregation Overview

Classless interdomain routing


Route aggregation
Use cases

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 51 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 51


Classless Interdomain Routing

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 52 All rights reserved 2008 Alcatel-Lucent

With the rapid expansion of the Internet, IPv4 addresses were quickly becoming depleted and the sizes
of routing tables were expanding exponentially. The response to these problems was the development
and adaptation of Classless Interdomain Routing (CIDR).
CIDR eliminated the concept of address classes and replaced it with the concept of network prefixes.
Rather than the first 3 bits defining the network mask, the network prefix now defines the network
mask. This prefix mask is a method of defining the leftmost contiguous bits in the network portion of
the routing table entry.
By eliminating the concept of address classes, CIDR provided a more efficient allocation of the IP
address space. In addition, CIDR supports the concept of route aggregation, which allows a single route
entry to represent multiple networks.

Scalable IP Networks v2.01 Module 4 - 52


Route Aggregation

Routing Table Routing Table


10.15.24.0/24 10.15.24.0/21
10.15.25.0/24
10.15.26.0/24
10.15.27.0/24
10.15.28.0/24
10.15.29.0/24
10.15.30.0/24
10.15.31.0/24
Common Network
Line (/21) Line (/24)
Common bit pattern All possible combinations
are contained within the
10.15.24.0/24 00001010 . 00001111 . 00011 000 . 00000000 network line and the
common line
10.15.25.0/24 00001010 . 00001111 . 00011 001 . 00000000
10.15.26.0/24 00001010 . 00001111 . 00011 010 . 00000000
10.15.27.0/24 00001010 . 00001111 . 00011 011 . 00000000
10.15.28.0/24 00001010 . 00001111 . 00011 100 . 00000000
10.15.29.0/24 00001010 . 00001111 . 00011 101 . 00000000
10.15.30.0/24 00001010 . 00001111 . 00011 110 . 00000000
10.15.31.0/24 00001010 . 00001111 . 00011 111 . 00000000

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 53 All rights reserved 2008 Alcatel-Lucent

As was discussed with VLSM in section 4 of this module, address planning is extremely important when
subnets are first deployed. The subnets should be deployed so that they support the concept of
summarization and so that, when summarization is applied, all subnets can be represented by as few
entries as possible in the routing table.
In this slide, Router A supports eight subnets with a /24 prefix. Rather than advertising all eight
subnets, the administrator decided to implement route summarization. To see what network address or
addresses will be advertised from Router A to Router B, the administrator decided to calculate what the
new network prefix or prefixes should be.
To implement route summarization:
Define the octet that will be manipulated by the summarization. In this case, it is the third
octet.
Identify the original network prefix (/24).
Look to the left of the prefix line and identify the area where all of the addresses have the same
bit pattern. Draw a line down that portion.
Look between these two lines and ensure that all possible bit patterns are contained between
the two lines. If this is the case, you can then summarize those bit patterns into (in this slide) a
/21 mask.

Scalable IP Networks v2.01 Module 4 - 53


Route Aggregation - Exercise

For the information on this


slide, what summarized
route or routes will be
advertised to Router 2 from
Router 1?

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 54 All rights reserved 2008 Alcatel-Lucent

In this slide, the administrator is going to be using route summarization on Router 1.


What route or routes will be advertised to Router 2?

Scalable IP Networks v2.01 Module 4 - 54


CIDR and VLSM

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 55 All rights reserved 2008 Alcatel-Lucent

When you first look at CIDR and VLSM, they seem to both provide the same function and they are very
similar. The difference between the two is how they appear to the Internet.
For both CIDR and VLSM:
The routing protocol must carry network-prefix information with each advertised route.
All routers must support the longest-match forwarding algorithm.
Addresses must be allocated to support route aggregation.
The difference is how the manipulation of the address space appears to the Internet.
VLSM address manipulation is performed on the address that is assigned to an organization and is
invisible to the Internet.
CIDR manipulates addresses, and these manipulations are advertised to the Internet.

Scalable IP Networks v2.01 Module 4 - 55


Use Case 1 - An Enterprise Leases Addressing from ISP

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 56 All rights reserved 2008 Alcatel-Lucent

In this slide, an Enterprise in its main location leases its IP addressing from an ISP.
The ISP grants the enterprise ownership to its 100.1.1.0/23 block of addresses and the Enterprise
divides its address block into many /27 subnetwork blocks.

Scalable IP Networks v2.01 Module 4 - 56


LAB 2.1-2.2 IP Addressing

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 57 All rights reserved 2008 Alcatel-Lucent

See the Alcatel-Lucent IP Scalable Networks Lab Guide

Scalable IP Networks v2.01 Module 4 - 57


Layer 3 and IP Services

Section 6 - IPv4 Forwarding Process


IPv4 Forwarding Process

Involves moving IP packets from one interface to another


interface
Requires a forwarding table

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 59 All rights reserved 2008 Alcatel-Lucent

Forwarding and routing are often used interchangeably, however, there are differences between the
two terms.
Forwarding refers to the process of moving transit packets from one interface to another interface. The
forwarding process includes accessing the forwarding table, making the forwarding decision, and
sending the packet out of an interface.
For a typical router to forward packet, the router must be able to build routing tables by using routing
protocols. The 7750 SR creates a routing table in the CPM card and then loads the routing table into a
forwarding table on each IOM card.

Scalable IP Networks v2.01 Module 4 - 59


IP Forwarding Table

A:P1# show router fib 1


A:P1# show router fib 1
===============================================================================
===============================================================================
FIB Display
FIB Display
===============================================================================
===============================================================================
Prefix Protocol
Prefix Protocol
NextHop
NextHop
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
10.10.10.1/32 LOCAL
10.10.10.1/32 LOCAL
10.10.10.1 (system)
10.10.10.1 (system)
10.10.10.2/32 OSPF
10.10.10.2/32 OSPF
10.12.0.2 (toP2)
10.12.0.2 (toP2)
10.10.10.3/32 OSPF
10.10.10.3/32 OSPF
10.13.0.2 (toP3)
10.13.0.2 (toP3)
10.12.0.0/24 LOCAL
10.12.0.0/24 LOCAL
10.12.0.0 (toP2)
10.12.0.0 (toP2)
10.13.0.0/24 LOCAL
10.13.0.0/24 LOCAL
10.13.0.0 (toP3)
10.13.0.0 (toP3)
10.23.0.0/24 OSPF
10.23.0.0/24 OSPF
10.13.0.2 (toP3)
10.13.0.2 (toP3)
10.34.0.0/24 OSPF
10.34.0.0/24 OSPF
10.13.0.2 (toP3)
10.13.0.2 (toP3)
192.168.1.0/24 LOCAL
192.168.1.0/24 LOCAL
192.168.1.0 (toPE1)
192.168.1.0 (toPE1)
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Total Entries : 8
Total Entries : 8
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 60 All rights reserved 2008 Alcatel-Lucent

This slide shows the output of the forwarding table on line card 1 of the 7750 SR-7. When a packet
enters the router by way of the line card, the packet destination IP address is compared with the
contents in the forwarding table. If there is a match (longest match) with a prefix in the forwarding
table, the packet is switched to the interface shown above as the next hop.
For example, if the incoming packet has a destination IP address of 10.12.0.12, the destination IP
address matches the prefix 10.12.0.0/24 because 24 bits are compared. The packet will be switched to
the toP2 interface and sent out from the toP2 interface.

Scalable IP Networks v2.01 Module 4 - 60


Packet Forwarding in Detail

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 61 All rights reserved 2008 Alcatel-Lucent

Packet forwarding includes the following key actions:


1. Data link layer frame validation: basic frame length and FCS verification, as well as the frame
sanity checks
When a router receives a frame from a LAN, the first step is to read the destination MAC address to
ensure that the router is the intended recipient of the frame. The next step, assuming that the
router is the intended recipient of the frame, is to check the FCS to see whether there are any
errors related to the frame. If there are errors, the router discards the frame at this point.
2. Network-layer protocol demultiplexing: determination of the upper protocol that needs to receive
encapsulated data
This step is performed after the L2 information is removed so that the payload, is handed to the
correct upper layer.
3. IP packet validation: basic IP header verification
A check is performed to determine whether this is an IP packet. The version and ToS fields are
examined and removed. The TTL field should be greater than 1; if the TTL = 1, the packet is
discarded because this packets TTL is finished.
4. Forwarding decision: forwarding table lookup
Check the forwarding table. If there is a match between the destination IP address in the packet and
one of the prefixes (every entry is checked), the egress interface is chosen.
5. Data link frame construction: packet encapsulation
The IP packet is now encapsulated in the L2 frame that corresponds to the egress interface. If the
interface is Ethernet, new source and destination MAC addresses are added including the type field,
and a new FCS is generated. The packet is sent to the physical layer for transport.

Scalable IP Networks v2.01 Module 4 - 61


Layer 3 and IP Services

Section 7 - IP in Home and Small Businesses


IP in Home and Small Business - Overview

Use of IP in Home and Small Businesses


Default Gateway
Home Network Evolution
Address Translation
Address Assignment
DHCP

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 63 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 63


Use of IP for Home and Business

Protocol of choice for routing over the Internet


Used extensively in service provider and carrier core
networks
Commonly used in the enterprise space
Gaining popularity in the home network
Has evolved from only Internet access to providing various
services to the home and business/enterprise
Used to deliver phone, television, and other multimedia
services

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 64 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 64


Default Gateway

Access to the Internet or any general network router

H:\>ipconfig
H:\>ipconfig

Windows IP Configuration
Windows IP Configuration
Ethernet adapter Local Area Connection:
Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : bell.ca


Connection-specific DNS Suffix . : bell.ca
IP Address. . . . . . . . . . . . : 70.120.132.235
IP Address. . . . . . . . . . . . : 70.120.132.235
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Default Gateway . . . . . . . . . : 70.120.128.1
Default Gateway . . . . . . . . . : 70.120.128.1

H:\>ipconfig
H:\>ipconfig

Windows IP Configuration
Windows IP Configuration
Ethernet adapter Local Area Connection:
Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : bell.ca


Connection-specific DNS Suffix . : bell.ca
IP Address. . . . . . . . . . . . : 70.120.132.236
IP Address. . . . . . . . . . . . : 70.120.132.236
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Default Gateway . . . . . . . . . : 70.120.128.1
Default Gateway . . . . . . . . . : 70.120.128.1

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 65 All rights reserved 2008 Alcatel-Lucent

This slide shows a very simple home network.


There are two home PCs that are connected to an L2 switch. The switch is then connected to a router,
which is located in the service provider boundary. The demarcation point is the router interface
towards the L2 hub. The L2 hub is owned by the home user.
In order to communicate to the Internet, each of the PCs need a unique routable IP address. For traffic
from the PCs to the general Internet, a designated router address is provided, which is the default
gateway. The IP address is the address of the interface on the ISP router that faces the home network.
Since the home PCs are on the same network, they can communicate with each other without accessing
the Internet.
For the home PC to access the eBay site, the IP packet composed will contain the source address of the
PC, and the destination address of eBay (76.67.217.148). The PC does not know where the server for
eBay exists and the packet is directed to the default gateway, which knows where to forward the
packet.

Scalable IP Networks v2.01 Module 4 - 65


Home Network Evolution

Home networks today use IP


routing in the home environment
Require a home-based router
and Address Translation

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 66 All rights reserved 2008 Alcatel-Lucent

Modern home networks, such as the one shown in this slide, support multiple services. These services
can be delivered on a one technology by a one provider or by multiple service providers. Home networks
have evolved from a PC that is connected to a modem or a switch to multiple PCs, home televisions,
digital phones all connected via one L2 technology to a home router that is managed at the home and
not the service provider. The router on one side connects to the home network and on the other side
connects to the service provider access devices. In this case, the demarcation point is the modem.
All the services (in this single provider multiple services scenario) are sent to the modem via DSL or
cable.
Every device in the home in the scenario requires an IP address in order to connect to the Internet.
There are several disadvantages:
It is not financially viable to have a unique public IP routed address. Also, this is not scalable.
For the traffic to be received by each device, the ISP needs to monitor every home device for a
single access point. The ISP is typically not interested in maintaining multiple IP addresses for
the average home user.
The best scalable solution for now is a home-managed router, which assigns private IP addresses to each
of the home devices and has a public IP address that represents the home to the ISP. This is possible by
using Network Address Translation or Port Address Translation.

Scalable IP Networks v2.01 Module 4 - 66


Network Address Translation

NAT
NATTable
Table
Public
Public pool: 192.1.1.1192.1.1.254
pool: 192.1.1.1 192.1.1.254/24
/24
One-to-one address Internal <> External
Internal <> External
translation 10.1.1.1
10.1.1.1<><>192.1.1.2
192.1.1.2
Does not monitor 10.1.1.2
transport layer port 10.1.1.2 <>192.1.1.3
<> 192.1.1.3
10.1.1.3
10.1.1.3<><>192.1.1.4
192.1.1.4
numbers

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 67 All rights reserved 2008 Alcatel-Lucent

NAT is defined in RFCs 2663 and 3022.

It is important to note that the 7750 SR does not currently support Network address translation (NAT) or
Port address translation (PAT). This feature is generally found in enterprise routers, and the 7750 SR is
not an enterprise router. The 7750 SR is not generally placed at that level of a network. There are
currently no plans for the 7750 SR to support NAT or PAT.
However, NAT and PAT generally appear in the network infrastructure, and, therefore, network experts
should have a generic understanding of their purpose.
NAT and PAT were created to alleviate the stresses of IP address allocation. Working closely with the
private IP address ranges, NAT and PAT allow for private IP addresses to be translated into public IP
addresses. This translation can be in one of two forms.
The first form of translation is one-to-one translation, also known as NAT. One private IP address is
translated to one public IP address. In this form, the transport-layer port numbers are not monitored or
modified. This allows all applications to function normally without any change to the upper layers. The
disadvantage of this form of translation is that there must be a pool of available IP addresses to support
all the private IP-addressed clients. If all of the IP addresses in the pool are in use and there is a new
NAT requirement, it will fail because there is no available IP address in the pool of public IP addresses.
In this example of NAT, the range of public IP addresses is from 192.1.1.2 to 192.1.1.254. Each client
that sends traffic through the router is mapped to one IP address in the pool. If 253 clients are actively
sending traffic through the router and if the 254th client tries to send traffic out the router, the request
will time out because there are no available public IP addresses to use for NAT. Although this limits the
number of clients that can simultaneously use this NAT router, it does not limit the types of
applications that each client can use.

Scalable IP Networks v2.01 Module 4 - 67


Port Address Translation

PAT
PATTable
Table
Public
Public pool: 192.1.1.5/32(Int.
pool: 192.1.1.5/32 (Int.1/1/1)
Many-to-one address 1/1/1)
Internal <> External
translation Internal <> External
10.1.1.1:1101
10.1.1.1:1101<><>192.1.1.5:2203
192.1.1.5:2203
Monitors transport layer 10.1.1.2:1212
10.1.1.2:1212 <>192.1.1.5:2204
<> 192.1.1.5:2204
port numbers 10.1.1.3:1212
10.1.1.3:1212<><>192.1.1.5:2205
192.1.1.5:2205

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 68 All rights reserved 2008 Alcatel-Lucent

The second form of translation is many-to-one, also known as Port address translation (PAT). One
public IP address supports multiple private IP addresses simultaneously. To accomplish this, the router
must not only map the IP address of the client device, but the router must also map the port number in
use by the client. As translation occurs, the IP address is changed to one public IP address. To keep
track of the multiple streams of traffic from client devices, the port numbers are mapped to unique
port numbers in the database. This port change is transparent to the client. Most modern applications
do not have a problem with the change of port. However, some applications (mostly legacy applications)
require specific source and destination port numbers. If the router modifies the source port to a port
that differs from the port that the application expects or requires, the application may not function
correctly.

Scalable IP Networks v2.01 Module 4 - 68


Addressing in a Routed Home Network

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 69 All rights reserved 2008 Alcatel-Lucent

The router interface that faces the ISP, which is sometimes referred to as the WAN side, has a public IP
address of 70.120.122.11/24.
The router interfaces that face the home network are based on the 192.168.10.0/24 subnet and each
device, including the router interface, has an IP address from the 192.168.10.0/24 subnet.
The default gateway that is programmed into every IP device for Internet access is the router interface
address that faces the home network, which, in this case, is 192.168.10.254/24.
When any device attempts a TCP/UDP connection to the Internet, the home router handles the address
translation by using a port address translation table.

Scalable IP Networks v2.01 Module 4 - 69


Accessing the Internet

How does the home router/gateway/PC receive a public routed IP


address from the Service Provider ?

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 70 All rights reserved 2008 Alcatel-Lucent

Every home router and PC that needs to connect to the Internet requires a public IP address. These IP
addresses must be requested from the IANA and its regional subsidiaries.
A home user does not request an IP address from the IANA, instead the user requests an IP address from
a service provider. The service provider is assigned IP address blocks depending on their size and
business requirements. A home address is assigned one IP address or multiple IP addresses depending on
their service plan.
The home router can also have a static IP address assigned by the service provider.
However in most cases the IP addresses are distributed via a Dynamic means. In the former case the IP
address is reserved for the particular home and programmed by the home user. In the latter case a
protocol is used by the home router and an IP address is assigned by the service provider depending on
the protocol parameters. The protocol is known as Dynamic Host control Protocol (DHCP).

Scalable IP Networks v2.01 Module 4 - 70


DHCP

MAC address of home


DISCOVER router
IP address offered by
OFFER ISP
Formal IP address
REQUEST request
Final confirmation of IP
ACK address

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 71 All rights reserved 2008 Alcatel-Lucent

DHCPDISCOVER The DHCP client initiates the process by broadcasting a datagram that is destined for
UDP port 68 (used by BOOTP and DHCP servers). This first datagram is known as a DHCP discover
message, which is a request to any DHCP server that receives the datagram for configuration
information. The DHCP discover datagram contains many fields, but the most field important contains
the MAC address of the DHCP client.
DHCPOFFER A DHCP server, which is configured to lease addresses for the network that the client
computer resides on, constructs a response datagram known as a DHCP offer and sends the datagram via
broadcast to the computer that sent the DHCP discover. This broadcast is sent to UDP port 67 and
contains the MAC address of the DHCP client. The DHCP offer also contains the MAC and IP addresses of
the DHCP server, and the values for the IP address and subnet mask that are offered to the DHCP client.
At this point, the DHCP client can receive several DHCP offers, assuming there are multiple DHCP
servers with the capability to offer the DHCP client an IP address. In most cases, the DHCP client
accepts the first DHCP offer that arrives.
DHCPREQUEST The client selects an offer, and constructs and broadcasts a DHCP request datagram.
The DHCP request datagram contains the IP address of the server that sent the offer and the physical
address of the DHCP client. The DHCP request performs two basic tasks. First of all, the request informs
the selected DHCP server that the client requests the server to assign an IP address (and other
configuration settings) to the DHCP client. Secondly, the request notifies the other DHCP servers with
outstanding offers that their offers were not accepted.
DHCPACK When the DHCP server, from which the offer was selected, receives the DHCP request
datagram, the server constructs the final datagram of the lease process. This datagram is known as a
DHCP ACK (short for acknowledgement). The DHCP ACK includes an IP address and subnet mask for the
DHCP client. Optionally, the DHCP client is often also configured with IP addresses for the default
gateway, several DNSs, and possibly one or two WINS. In addition to IP addresses, the DHCP client can
receive other configuration information such as a NetBIOS node type, which can change the order of
NetBIOS name resolution.
(continued on slide 74)

Scalable IP Networks v2.01 Module 4 - 71


DHCP

MAC address of home


DISCOVER router
IP address offered by
OFFER ISP
Formal IP address
REQUEST request
Final confirmation of IP
ACK address

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 72 All rights reserved 2008 Alcatel-Lucent

(.continued from slide 73)

The DHCP servers maintain a list of assigned IP addresses and the term of each lease. Before the lease
expiration, the client that requested an IP address via DHCP requests an IP address again. The server
can choose to assign a different IP address or the IP address that was previously assigned.
For a home gateway router that does address translation, the home router performs the role of a client
to the service provider. The home router also performs the role of a DHCP server to the home devices.
IP-enabled devices at home request IP addresses from the home router, which assigns IP addresses in
the private range.

Scalable IP Networks v2.01 Module 4 - 72


Layer 3 and IP Services

Section 8 - Other Protocols that Support IP Operation


Other Protocols

ICMP
ARP

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 74 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 74


ICMP Overview

Defined in RFC 792


Core IP application protocol used mainly to report errors in
delivering IP datagrams (RFC 1122)
Also used for diagnostic or routing purposes
Required to send error control messages to routers and hosts
Encapsulated in the IP packet and routed similar to a data
packet
The version of ICMP for IPv4 is also known as ICMPv4 because
it is part of IPv4. IPv6 has an equivalent protocol, ICMPv6

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 75 All rights reserved 2008 Alcatel-Lucent

Internet Control Message Protocol (ICMP) messages are constructed at the IP layer, usually from a
normal IP datagram that generated an ICMP response. IP encapsulates the appropriate ICMP message
with a new IP header (to send the ICMP message to the original sending host) and transmits the resulting
datagram in the usual manner.
For example, each device (such as an intermediate router) that forwards an IP datagram must
decrement the TTL field of the IP header by one. If the TTL reaches 0, an ICMP time to live exceeded
in transit message is sent to the source of the datagram.
Each ICMP message is encapsulated directly in one IP datagram, and therefore, as with UDP, ICMP does
not guarantee delivery.
Although ICMP messages are contained in standard IP datagrams, ICMP messages are usually processed as
a special case, differentiated from normal IP processing, rather than processed as a normal subprotocol
of IP. In many cases, it is necessary to inspect the contents of the ICMP message and deliver the
appropriate error message to the application that generated the original IP packet (that is the
application that prompted the sending of the ICMP message).

Scalable IP Networks v2.01 Module 4 - 75


ICMP Message Type 8 and Type 0 (Echo Request and Reply)

Host device sends an echo request to the destination device


Destination device sends an echo reply

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 76 All rights reserved 2008 Alcatel-Lucent

Echo request and echo reply messages are very frequently used. A host or router sends an ICMP echo
request message to a specified destination. Any device that receives an echo request generates an echo
reply and returns the reply to the original sender. The request contains an optional data area, and the
reply contains a copy of the data sent in the request. The echo request and reply can, therefore, be
used to test whether a destination is reachable. The echo request and reply are sent via IP datagrams.
Assumptions:
The IP software on the source computer must route the datagram.
The intermediate routers between the source and destination must be operating and must route
the datagram correctly.
The destination device must be running, and both the ICMP and IP software must be working.
All routers along the path must have the correct routes.
Ping is the most common way to send an ICMP echo request. The command usually sends a series of
echo request messages and captures the corresponding echo replies. Ping then calculates the data loss
statistics.

Scalable IP Networks v2.01 Module 4 - 76


ICMP Message Type 3 (Destination Unreachable)

Normal IP packet flow from Host A to Host B


Destination link is broken
ICMP destination unreachable message is sent to source
Destination link is repaired

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 77 All rights reserved 2008 Alcatel-Lucent

The destination unreachable message is used to inform the sending host that the destination address
cannot be reached. For example, if the destination device connects to an Ethernet network, the
network hardware does not provide ACKs. Therefore, a router can continue to send packets to a
destination even after the destination is powered down without receiving an indication that the
destination is down.
The destination unreachable message contains a code field that provides additional information as to
why the packet was not delivered. For example:
If a router does not have a route to the destination network, the router will return destination
unreachable, code 0 (network unreachable).
If the router connected to the destination network does not receive a reply to its ARP request for
the destination address, the router will send a destination unreachable code 1 (host
unreachable).
If the packet must transit a network where the MTU is less than the IP datagram size and the DF
flag (Dont Fragment) is set in the IP header, the router drops the packet and returns a
destination unreachable code 4 (fragmentation required and DF flag set).

Scalable IP Networks v2.01 Module 4 - 77


ARP Overview

Resolves a host/gateway MAC address for a given IP address


Required in a broadcast Ethernet LAN
See RFC 826 and RFC 1122

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 78 All rights reserved 2008 Alcatel-Lucent

The Address Resolution Protocol (ARP) is defined in RFC 826. However, RFC 826 contained some
ambiguities which were clarified in RFC 1122 (Host Network Requirements). Therefore, ARP
implementations need to incorporate both RFC 826 and RFC 1122 in order to work reliably and
consistently with other implementations.
RFC 826 introduced the concept of an ARP as a useful way for devices to locate the Ethernet hardware
address of another IP host on the same LAN. All LAN media and many WAN media now use ARP to locate
the hardware addresses of other IP devices on the LAN.
When a device needs to send an IP packet to another device on the LAN, the IP stack software first
checks whether it knows the hardware address that is associated with the destination IP address. If so,
the sender transmits the data to the destination system, using the protocols and addressing appropriate
for the network medium used by the two devices. However, if the destination system's hardware address
is not known, the IP stack software must locate the address before any data can be sent. At this point,
IP uses ARP to locate the hardware address of the destination system.

Scalable IP Networks v2.01 Module 4 - 78


Using ARP

Host 1 needs to ping Host 2?

Which host has 192.168.10.4?

192.168.10.4 is 00:00:11:22:33:AB

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 79 All rights reserved 2008 Alcatel-Lucent

ARP performs this task by sending a broadcast to the network, requesting (ARP request) the system that
is using the specified IP address to respond with its hardware address. If the destination system is
powered up and on the network, the system will detect this broadcast (as will all of the other devices
on the LAN), and will return an ARP response to the original system. Note that the response is not
broadcast over the network, but is sent directly to the requesting system.
All of the local IP devices must monitor the network for ARP broadcasts and, if THEY detect a request
for themselves (as indicated in the destination IP address field of the ARP request), the devices must
generate a response packet and send the packet to the requesting system. The response packet consists
of the local device's IP and hardware addresses. The response is also marked as such, with the message-
type field indicating that the current packet is an ARP response. The new ARP packet is then unicast
directly to the original requester, where the packet is received and processed.
In this slide, Host 1 tries to ping Host 2. Host 1 checks its cache of MAC addresses for the destination
MAC address of Host 2. If the MAC address is not in the cache, Host 1 sends an ARP request message. The
ARP request is a broadcast message that is sent to all hosts in the broadcast domain. Each host opens
the frame and checks the destination IP address. If the address is not the host's address, the host
ignores the packet. However, when Host 2 receives the request with its own IP address, it sends an ARP
reply. This ARP reply is carried in a frame that has for its destination the MAC address of Host 1, and the
source is the MAC address of Host 2. When the reply is received, Host 1 learns the MAC address of Host 2
and can now transmit the ICMP message in a frame with the MAC address to Host 2.

Scalable IP Networks v2.01 Module 4 - 79


ARP Cache

Host 1 ARP cache

192.168.10.4 00:00:11:22:33:AB

192.168.10.3 00:00:11:22:33:CC

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 80 All rights reserved 2008 Alcatel-Lucent

When the requesting system receives an ARP response, the system stores the hardware and IP address
pair of the requested device in a local cache. The next time that the system needs to send data, the
system will check the local cache and, if an entry is found, the system will use the entry, which
eliminates the need to broadcast another request.
Similarly, the system that responded to the ARP broadcast will store the hardware and IP addresses of
the system that sent the original broadcast.
However, IP addresses that are assigned to a host may not be static and may move from host to host. If
the ARP cache is not timed out, the source may be unable to send its traffic to the correct destination
host. Several strategies exist that can alleviate the situation but they are outside the scope of this
course.
Host 1 maintains an ARP cache that has the MAC addresses for hosts 4 and 2. Therefore, Host 1 does not
need to send an ARP request for these hosts. However, if Host 1 needs to send traffic to Host 3, Host 1
will use ARP to get Host 3s hardware/MAC address and then insert the addresses in its ARP cache.

Scalable IP Networks v2.01 Module 4 - 80


Using ARP with a Router

Host 1 needs to ping Host 7 in a remote network?

4 1 6 9

5
2
8
9

192.168.10.99 00:00:11:22:33:99 172.16.20.99 00:00:66:77:88:99


3 192.168.10.1 00:00:00:00:00:01 172.16.20.2 00:00:00:00:00:02 7

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 81 All rights reserved 2008 Alcatel-Lucent

In the previous slide, we discussed the use of the ARP in the same subnet. What happens if the distant
host is not in the same subnet, as shown in this slide?
Host 1 needs to send traffic to Host 7, which is in a remote broadcast domain. Host 1 needs to know
whether Host 7 can be reached. Host 1 tries to ping Host 7. However, in the absence of an ARP entry for
172.16.20.2, Host 1 needs to send an ARP request. Because 172.16.20.2 is not in the local broadcast
domain, Host 1 sends an ARP request (1) for its default gateway which is the router interface, as
shown in this slide.
Host 1 and Host 3 are programmed with a default gateway address in case they need to connect to hosts
that are outside their local domain. Note that for a local host to contact a remote host, the local host
sends an ARP request to the default gateway.
The router receives the broadcast on its interface in the 192.168.10.0 domain and sends an ARP
response (2) with its MAC address. Host 1 can now form the IP packet to send to Host 7.
The router uses its forwarding table and forwards the packet out of the second interface. However, the
router does not have an ARP entry for the host 172.16.20.2. Therefore, the router uses its L3 interface
and MAC address to send the ARP request (5) in this broadcast domain. When Host 7 receives the
broadcast, it responds with a unicast ARP response (6) to the router.
The ARP only works within the scope of a broadcast domain. Therefore, the response is not forwarded
by a router. The router, similar to the hosts, maintains an ARP cache listing (3, 7) all of the entries in
its broadcast domain.
Host 1 can now send an IP packet (Echo Request) (4) and obtain an Echo Response (9) from Host 7.

Scalable IP Networks v2.01 Module 4 - 81


ARP Request Packet

Frame
Frame 31
31 (60
(60 bytes
bytes on
on wire,
wire, 60
60 bytes
bytes captured)
captured)
Ethernet
Ethernet II, Src: 00:04:80:9f:78:00, Dst:
II, Src: 00:04:80:9f:78:00, Dst: ff:ff:ff:ff:ff:ff
ff:ff:ff:ff:ff:ff
Destination:
Destination: ff:ff:ff:ff:ff:ff
ff:ff:ff:ff:ff:ff
Source:
Source: 00:04:80:9f:78:00
00:04:80:9f:78:00
Type:
Type: ARP
ARP (0x0806)
(0x0806)
Trailer:
Trailer: 000000000000000000000000000000000000
000000000000000000000000000000000000
Address
Address Resolution
Resolution Protocol
Protocol (request)
(request)
Hardware
Hardware type: Ethernet (0x0001)
type: Ethernet (0x0001)
Protocol
Protocol type:
type: IP
IP (0x0800)
(0x0800)
Hardware
Hardware size:
size: 66
Protocol
Protocol size: 44
size:
Opcode:
Opcode: request
request (0x0001)
(0x0001)
Sender
Sender MAC
MAC address:
address: 00:04:80:9f:78:00
00:04:80:9f:78:00
Sender
Sender IPIP address:
address: 138.120.53.253
138.120.53.253
Target
Target MAC
MAC address:
address: 00:00:00_00:00:00
00:00:00_00:00:00
Target
Target IPIP address:
address: 138.120.53.149
138.120.53.149

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 82 All rights reserved 2008 Alcatel-Lucent

In this slide, a host with IP address 138.120.53.253 is attempting to resolve the MAC address for a host
with IP address 138.120.53.149. The destination MAC address of the Ethernet II frame is sent to the
broadcast address ff:ff:ff:ff:ff:ff. All devices in the same broadcast domain will receive this frame.
Only the host with IP address 138.120.53.149 will reply. The Type for ARP is 0x0806 and indicates which
protocol is transported in the Ethernet II frame.

ARP Packet
Hardware type - Each L2 protocol is assigned a number that is used in this field; for example,
Ethernet is 1.
Protocol type - Each protocol is assigned a number that is used in this field; for example, IP is
0x0800.
Hardware size Size, in bytes, for hardware addressing. Ethernet addresses are 6 bytes.
Protocol size Size, in bytes, for logical addressing. IPv4 addresses are 4 bytes.
Opcode - Operation that the sender is performing. A value of 1 is for an ARP request and a value
of 2 is for an ARP reply.
Sender MAC address - MAC address of the sender
Sender IP address The protocol address of sender
Target MAC address - Hardware MAC address of the intended receiver. The MAC address will be
all 0s for a request.
Target IP address - Protocol address of the intended receiver

Scalable IP Networks v2.01 Module 4 - 82


ARP Reply Packet

Frame
Frame 32
32 (42
(42 bytes
bytes on
on wire,
wire, 42
42 bytes
bytes captured)
captured)
Ethernet
Ethernet II, Src: 00:11:43:45:61:23, Dst:
II, Src: 00:11:43:45:61:23, Dst: 00:04:80:9f:78:00
00:04:80:9f:78:00
Destination:
Destination: 00:04:80:9f:78:00
00:04:80:9f:78:00
Source:
Source: 00:11:43:45:61:23
00:11:43:45:61:23
Type:
Type: ARP
ARP (0x0806)
(0x0806)
Address
Address Resolution
Resolution Protocol
Protocol (reply)
(reply)
Hardware
Hardware type: Ethernet (0x0001)
type: Ethernet (0x0001)
Protocol
Protocol type:
type: IP
IP (0x0800)
(0x0800)
Hardware
Hardware size:
size: 66
Protocol
Protocol size: 44
size:
Opcode:
Opcode: reply
reply (0x0002)
(0x0002)
Sender
Sender MAC
MAC address:
address: 00:11:43:45:61:23
00:11:43:45:61:23
Sender
Sender IPIP address:
address: 138.120.53.149
138.120.53.149
Target
Target MAC
MAC address:
address: 00:04:80:9f:78:00
00:04:80:9f:78:00
Target
Target IP
IP address:
address: 138.120.53.253
138.120.53.253

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 83 All rights reserved 2008 Alcatel-Lucent

In this slide, the packet is the ARP reply in response to the ARP request on the previous slide. The
Ethernet frame is a unicast frame and is sent only to the MAC address of the ARP request sender. All of
the fields in the ARP reply packet have the same meaning as the fields in the ARP request packet. The
main differences in the APR reply packet are: the Opcode (2 is for a request) and the pack contains MAC
addresses for the sender and the target. Note that the sender and target addresses have been
swapped.

Scalable IP Networks v2.01 Module 4 - 83


Layer 3 and IP Services

Section 9 - IP Filters
IP Filters Overview

IP Filters
Filter Operation
IP Filter Configuration
Components
Configuring an IP Filter
Applying an Filter on an Interface
Show Filter IP Command

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 85 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 85


IP Filters

Filter policies (also known as ACLs) are implemented on the


7750 SR
Applied to interfaces
Can be applied on inbound traffic, outbound traffic, or both
Default is that a filter is not applied to interfaces
Same filter can be used on multiple interfaces

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 86 All rights reserved 2008 Alcatel-Lucent

Filters, also known as access control lists (ACL), are templates that are applied to services or network
ports to control network traffic into (ingress) or out of (egress) a SAP or network port based on IP and
MAC match criteria. Filters are applied to examine packets that are entering or leaving a SAP or network
interface. Filters can be used on several interfaces. The same filter can be applied to ingress traffic,
egress traffic, or both. Ingress filters affect only inbound traffic that is sent to the routing complex, and
egress filters affect only outbound traffic that is sent from the routing complex.
Configuring a service or network port with a filter is optional. If a service or network port is not
configured with filter policies, all traffic is allowed on the ingress and egress interfaces. By default, no
filters are associated with services or interfaces; the filters must be explicitly created and associated
with the service or interface. When you create a filter, default values are provided although you must
specify a unique filter ID for each new filter policy, each new filter entry, and the associated actions.
The filter entries specify the filter match criteria. Only one ingress filter policy and one egress filter
policy can be applied to a SAP or network interface. You can modify filter policies and entries.
Network filter policies control the forwarding and dropping of packets based on IP match criteria. The
IP match criteria are not applied to non-IP packets. Therefore, the default action in the filter policy
applies to the non-IP packets.

Scalable IP Networks v2.01 Module 4 - 86


Filter Operation

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 87 All rights reserved 2008 Alcatel-Lucent

A filter policy compares the match criteria specified in a filter entry to the packets that are entering
the system, in the order that the entries are numbered in the policy. When a packet matches all of the
parameters in the entry, the system performs the specified action to drop or forward the packet. If a
packet does not match the entry parameters, the packet continues through the filter process. If the
packet does not match any of the entries, the system performs the specified default action. Each filter
policy is assigned a unique filter ID.
Each filter policy is defined with:
Scope
Default action
Description
At least one filter entry
Each filter entry contains:
Match criteria
An action
Filter-entry match criteria can be as general or specific as required, but all of the conditions in the
entry must be met for the packet to be a match and the specified entry action performed. The process
stops when the first complete match is found. Then the action defined in the entry is performed, that
is, the packets that match the criteria are dropped or forwarded.
Up to 65 535 IP and 65 535 MAC filter IDs (unique filter policies) can be defined. Each filter ID can
contain up to 65 535 filter entries. As few or as many match parameters can be specified as required,
but all of the conditions must be met for the packet to be a match and the specified action performed.
The process stops when the first complete match is found and the action that is defined in the entry is
performed. IP filter policies match criteria that associate traffic with an ingress or egress SAP.

(continued on slide 90)

Scalable IP Networks v2.01 Module 4 - 87


Filter Operation

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 88 All rights reserved 2008 Alcatel-Lucent

(continued from slide 89)


Match criteria to drop or forward IP traffic include:
Source IP address and mask The values can be entered as search criteria. Address ranges are
configured by specifying network prefix values. The prefix mask length is expressed as an integer
(range 0 to 32).
Destination IP address and mask The values can be entered as search criteria. Address ranges
are configured by specifying network prefix values. The prefix length is expressed as an integer
(range 0 to 32).
Protocol The protocol (for example, TCP, UDP) allows the filter to search for the specified
protocol.
Source port/range The source port number or range allows the filter to search for the
matching TCP or UDP port and range values.
Destination port/range The destination port number or range allows the filter to search for the
matching TCP or UDP values.
DSCP marking A DSCP marking allows the filter to search for the specified DSCP.
ICMP code An ICMP code allows the filter to search for the matching ICMP code in the ICMP
header.
ICMP type An ICMP type allows the filter to search for the matching ICMP type in the ICMP
header.
Fragmentation When fragmentation matching is enabled, a match occurs when packets are set
to the more fragment bit set or the fragment offset field of the IP header is set to a non-zero
value.

Scalable IP Networks v2.01 Module 4 - 88


IP Filter Configuration

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 89 All rights reserved 2008 Alcatel-Lucent

Filter implementation considerations:


Creating a filter policy is optional.
A filter must be explicitly associated with a service for the packets to be matched.
Each filter policy must consist of at least one filter entry. Each entry represents a collection of
filter match criteria. When packets enter the ingress or egress ports, packets are compared to
the criteria that are specified in the entry or entries.
When you configure a large (complex) filter, it may take a few seconds to load the filter policy
configuration and for configuration to be implemented.
The action keyword must be entered for the entry to be active. A filter entry without the action
keyword is considered incomplete and is inactive.

Scalable IP Networks v2.01 Module 4 - 89


Components

Major components of a filter policy


Filter ID
y Description
y Entry
y Scope
y Default action
Entry ID
y Description
y Action
y Packet-matching criteria

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 90 All rights reserved 2008 Alcatel-Lucent

Filter ID
Filter ID (mandatory) The value that identifies the filter
Description (optional) A brief overview of the filter features
Scope (mandatory) A filter policy must be defined with an exclusive scope for one-time use, or
a template scope, which enables the policy to use with multiple SAPs and interfaces.
Default action (mandatory) The action to be applied to packets when no action is specified in
the IP or MAC filter entries, or when the packets do not match the specified criteria
Entry ID (one or more) represents a collection of filter match criteria. Packet matching starts the
comparison process with the criteria specified in the lowest entry ID. Entries identify attributes that
define matching conditions and actions. All of the criteria in the entry must match the specified action
to be performed. Each entry consists of the following components:
Entry ID (mandatory) The value determines the order of the entry IDs in a specific filter ID, in
which the matching criteria specified in the collection are compared. Packets are compared to
entry IDs in ascending order.
Description (optional) A brief overview of the entry ID criteria.
Action (mandatory) An action parameter must be specified for the entry to be active. A
filter entry without a specified action parameter is inactive.
Packet-matching criteria You can enter and choose criteria to create a specific template
through which packets are compared, and forwarded or dropped, depending on the
specified action.

Scalable IP Networks v2.01 Module 4 - 90


Configuring a Descriptor for an IP Filter

To create a context for an IP filter policy, use the following


command

Context:
Context:config>filter
config>filter

Syntax:
Syntax: [no]
[no] ip-filter
ip-filter filter-id
filter-id [create]
[create]

Example:
Example:config>filter#
config>filter# ip-filter
ip-filter 12
12 create
create

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 91 All rights reserved 2008 Alcatel-Lucent

ip-filter
Syntax [no] ip-filter filter-id [create]
Context config>filter
Description
This command creates a configuration context for an IP filter policy. An IP filter policy specifies a
forward or drop action for packets, based on the specified match criteria. An IP filter policy (also called
an ACL), is a template that can be applied to multiple services or multiple network ports when the
scope of the policy is template. Changes to the existing policy, using the subcommands, are applied
immediately to all services to which this policy applies. Therefore, when many changes to an IP filter
policy are required, we recommend that you copy the policy to a work area. You can modify the work-
in-progress policy and then replace the original filter policy with the revised policy. Use the config filter
copy command to maintain policies.
The no form of the command is used to delete the IP filter policy. A filter policy cannot be deleted until
the policy is removed from all SAPs or network ports to which the policy is applied.
Parameters
filter-id IP filter policy ID number
Values 1 to 65 535
create
The create keyword is required when the configuration context is first created. After the context is
created, you can navigate to the context without using the create keyword.

Scalable IP Networks v2.01 Module 4 - 91


Creating a Description for an IP Filter

To name an IP filter, use the following command

Context:
Context:config>filter>ip-filter
config>filter>ip-filter

Syntax:
Syntax: description
description string
string

Example:
Example:config>filter>ip-filter#
config>filter>ip-filter# description
description test-filter-list
test-filter-list

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 92 All rights reserved 2008 Alcatel-Lucent

description
Syntax [no] description string
Context
config>filter>ip-filter ip-filter-id
config>filter>ip-filter ip-filter-id>entry entry-id
config>filter>log log-id
config>filter>mac-filter mac-filter-id
config>filter>mac-filter mac-filter-id>entry entry-id
config>filter>redirect-policy
config>filter>redirect-policy>destination
Description
This command creates a text description that is stored in the configuration file for a configuration
context. The description command associates a text string with a configuration context to identify the
context in the configuration file. The no form of the command removes the description string from the
context.
Default No description is associated with the configuration context.
Parameters
string The description character string is up to 80 printable, 7-bit ASCII characters and
excluding double quotation marks. If the string contains spaces, use double quotation marks to
delimit the start and end of the string.

Scalable IP Networks v2.01 Module 4 - 92


Configuring the Default Action

To define the default action when none of the entries


matches, use the following command

Context:
Context:config>filter>ip-filter
config>filter>ip-filter

Syntax:
Syntax: default-action
default-action {drop
{drop || forward}
forward}

Example:
Example:config>filter>ip-filter#
config>filter>ip-filter# default-action
default-action drop
drop

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 93 All rights reserved 2008 Alcatel-Lucent

default-action
Syntax default-action {drop | forward}
Context
config>filter>ip-filter ip-filter-id
config>filter>mac-filter mac-filter-id
Description
This command specifies the action to be performed when the packets do not match the specified
criteria in all of the entries of the IP filter. When multiple default-action commands are entered, the
last command overwrites the previous command.
Default drop
Parameters
drop All packets will be dropped unless there is a specific filter entry that causes the packet
to be forwarded.
forward All packets will be forwarded unless there is a specific filter entry that causes the
packet to be dropped.

Scalable IP Networks v2.01 Module 4 - 93


Defining an Entry in an IP Filter

To create an entry ID, use the following command

Context:
Context:config>filter>ip-filter
config>filter>ip-filter

Syntax:
Syntax: [no]
[no] entry
entry entry-id
entry-id [create]
[create]

Example:
Example:config>filter>ip-filter#
config>filter>ip-filter# entry
entry 12
12 create
create

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 94 All rights reserved 2008 Alcatel-Lucent

entry
Syntax [no] entry entry-id [create]
Context
config>filter>ip-filter ip-filter-id
config>filter>mac-filter mac-filter-id
Description
This command allows you to create or modify an IP or MAC filter entry. Multiple entries can be created
using unique entry ID numbers in the filter. The Alcatel-Lucent 7750 SR implementation exits the filter
at the first match and perofrms the action according to the accompanying action command. For this
reason, entries must be sequenced correctly from most explicit to least explicit. An entry may not have
any match criteria (in which case, everything matches) but must have at least the action keyword for
the entry to be considered complete. Entries without the action keyword are rendered inactive. The no
form of the command removes the specified entry from the IP or MAC filter.
Default None
Parameters
entry-id A unique identifier for the match criterion and the corresponding action. We
recommend that you specify multiple entries for entry IDs in staggered increments. This allows
users to add an entry to a policy without renumbering existing entries.
Values 1 to 65 535
create This keyword is required when the configuration context is first created. After the context is
created, you can navigate to the context without using the create keyword.

Scalable IP Networks v2.01 Module 4 - 94


Configuring Match Criteria

To define a matching criterion, use the following command

Context:
Context:config>filter>ip-filter>entry
config>filter>ip-filter>entry

Syntax:
Syntax: [no]
[no] match
match [protocol
[protocol protocol-id]
protocol-id]

Example:
Example:config>filter>ip-filter>entry#
config>filter>ip-filter>entry# match
match src-ip
src-ip 10.1.1.1/32
10.1.1.1/32
config>filter>ip-filter>entry#
config>filter>ip-filter>entry# match protocol tcp
match protocol tcp
config>filter>ip-filter>entry#
config>filter>ip-filter>entry# match
match src-port
src-port gt
gt 1023
1023

When multiple criteria are specified in an entry, all


must be met (AND condition)

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 95 All rights reserved 2008 Alcatel-Lucent

match
Syntax [no] match [protocol protocol-id]
Context config>filter>ip-filter ip-filter-id>entry entry-id
Description
This command provides the context to enter match criteria for the filter entry. When the match criteria
are met, the action associated with the match criteria is performed. If more than one match criterion in
a match statement is configured using the AND function, all criteria must be met before the action that
is associated with the match is performed. A match context may consist of multiple match criteria, but
multiple match statements cannot be entered for an entry. The no form of the command removes the
match criteria for the entry ID.
Parameters
protocol The protocol keyword configures an IP to be used as an IP filter match criterion. The
protocol type, such as TCP or UDP, is identified by its protocol number.
protocol-id The decimal value that represents the IP to be used as an IP filter match criterion.
Protocol numbers include ICMP (1), TCP (6), and UDP (17). The no form of the command removes
the protocol from the match criterion.
Values 1 to 255 (expressed in decimal, hexadecimal, or binary notation). Keywords are: none, crtp,
crudp, egp, eigrp, encap, ether-ip, gre, icmp, idrp, igmp, igp, ip, ipv6, ipv6-frag, ipv6-icmp, ipv6-no-
nxt, ipv6-opts, ipv6-route, isis, iso-ip, l2tp, ospf-igp, pnni, ptp, rdp, rsvp, stp, tcp, udp, and vrrp.

Scalable IP Networks v2.01 Module 4 - 95


Configuring the Action to be Performed

To define the action to be performed, use the following


command

Context:
Context:config>filter>ip-filter>entry
config>filter>ip-filter>entry

Syntax:
Syntax: [no]
[no] action
action [drop
[drop || {forward
{forward [next-hop
[next-hop
{ip-address
{ip-address | indirect ip-address
| indirect ip-address || interface
interface ip-int-name
ip-int-name ||
redirect-policy
redirect-policy policy-name}]}]
policy-name}]}]

Example:
Example:config>filter>ip-filter>entry#
config>filter>ip-filter>entry# action
action drop
drop

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 96 All rights reserved 2008 Alcatel-Lucent

action
Syntax [no] action [drop | {forward [next-hop {ip-address | indirect ip-address | interface ip-int-name |
redirect-policy policy-name}]}]
Context config>filter>ip-filter ip-filter-id>entry entry-id
Description
This command allows you to create or modify the drop or forward action that is associated with the
match criteria. The action keyword must be entered for the entry to be active.
Default No action is specified, therefore, the entry is inactive.
Parameters
[drop | forward] If neither drop nor forward is specified, the filter action is No-Op, and the
filter entry is inactive.
drop Packets that match the entry criteria will be dropped
forward Packets that match the entry criteria will be forwarded
Default No-Op Filter entry is inactive.
Values
next-hop ip-addr IP address of the direct next hop to which to forward matching packets, in
dotted-decimal notation
interface ip-int-name Name of the egress IP interface from which matching packets will be
forwarded. This parameter is only valid for unnumbered point-to-point interfaces.
redirect policy-name Redirect policy configured in the config>filter>redirect-policy context
indirect ip-addr IP address of the indirect next hop to which to forward matching packets, in
dotted-decimal notation. The direct next-hop IP address and egress IP interface are determined
by a routing table lookup.

Scalable IP Networks v2.01 Module 4 - 96


Applying a Filter on an Interface

To apply a filter on the egress or ingress of an interface, use


the following command

Context:
Context:config>router>if>ingress
config>router>if>ingress
config>router>if>egress
config>router>if>egress

Syntax:
Syntax: [no]
[no] filter
filter ip
ip ip-filter-name
ip-filter-name

Example
Example 1:
1: config>router>if>ingress>
config>router>if>ingress> filter
filter ip
ip 11
Example
Example 2:
2: config>router>if>egress>
config>router>if>egress> filter
filter ip
ip 22

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 97 All rights reserved 2008 Alcatel-Lucent

egress | ingress
Context config>router>interface ip-int-name [egress | ingress]
filter
Syntax [no] filter ip ip-filter-name
Context
config>router>interface ip-int-name>ingress
config>router>interface ip-int-name>egress
Description
This command allows access to the context to configure egress and ingress network filter policies for
the IP interface. If an egress or ingress filter is not defined, filtering is not performed in the
corresponding direction on the interface.
This command also associates an IP filter policy with an IP interface. Filter policies control packet
forwarding and dropping based on IP match criteria. The ip-filter-name must be configured before the
filter command is performed. If the filter ID does not exist, an error is generated. Only one filter ID can
be specified. The no form of the command removes the filter policy association with the IP interface.
Default No filter is specified.
Parameters
ip-filter-name The filter name acts as the ID of the IP filter policy, expressed as a decimal
integer. The allowed value is an integer, from 1 to 65 535, that corresponds to a previously
created IP filter policy. The filter policy must already exist in the created IP filters.
Values 1 to 65 535

Scalable IP Networks v2.01 Module 4 - 97


IP Filter Configuration Example

ALC-A#
ALC-A# configure
configure filter
filter
ALC-A>config>filter#
ALC-A>config>filter# ip-filter
ip-filter 11 create
create
ALC-A>config>filter>ip-filter$
ALC-A>config>filter>ip-filter$ description
description new-filter
new-filter
ALC-A>config>filter>ip-filter$
ALC-A>config>filter>ip-filter$ default-action drop
default-action drop
ALC-A>config>filter>ip-filter$
ALC-A>config>filter>ip-filter$ entry
entry 11 create
create
ALC-A>config>filter>ip-filter>entry$
ALC-A>config>filter>ip-filter>entry$ match
match src-ip
src-ip 1.2.3.0/24
1.2.3.0/24
ALC-A>config>filter>ip-filter>entry$
ALC-A>config>filter>ip-filter>entry$ match
match protocol
protocol tcp
tcp
ALC-A>config>filter>ip-filter>entry>match$
ALC-A>config>filter>ip-filter>entry>match$ src-port range
src-port range 666
666 999
999
ALC-A>config>filter>ip-filter>entry>match$
ALC-A>config>filter>ip-filter>entry>match$ exit
exit
ALC-A>config>filter>ip-filter>entry#
ALC-A>config>filter>ip-filter>entry# action
action forward
forward
ALC-A>config>filter>ip-filter>entry#
ALC-A>config>filter>ip-filter>entry# ^z ^z
ALC-A#
ALC-A# configure
configure router
router interface
interface to-ALC-B
to-ALC-B
ALC-A>config>router>if#
ALC-A>config>router>if# ingress
ingress
ALC-A>config>router>if>ingress#
ALC-A>config>router>if>ingress# filter
filter ip
ip 11
ALC-A>config>router>if>ingress#
ALC-A>config>router>if>ingress#

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 98 All rights reserved 2008 Alcatel-Lucent

In this slide, IP filter 1 was created. In the filter, the default action is to drop IP packets that do not
meet the explicit match settings.
In the match settings, the filter checks for all traffic sourced from IP subnet 1.2.3.0 that uses TCP at
the transport layer and uses application ports 666 to 999. If these criteria are met, the packet is
forwarded.
After the filter is created, the filter must be associated with the ingress or egress of an interface. In this
slide, the filter is applied to the ingress.

Scalable IP Networks v2.01 Module 4 - 98


IP Filter Configuration Example - Denying a Subnet

RTR-B# configure filter


RTR-B# configure filter
RTR-B>config>filter# ip-filter 1 create
RTR-B>config>filter# ip-filter 1 create
RTR-B>config>filter>ip-filter$ default-action forward
RTR-B>config>filter>ip-filter$ default-action forward
RTR-B>config>filter>ip-filter$ entry 1 create
RTR-B>config>filter>ip-filter$ entry 1 create
RTR-B>config>filter>ip-filter>entry$ match src-ip 1.2.3.0/24
RTR-B>config>filter>ip-filter>entry$ match src-ip 1.2.3.0/24
RTR-B>config>filter>ip-filter>entry# action drop
RTR-B>config>filter>ip-filter>entry# action drop
RTR-B#
RTR-B# configure
configure router
router interface
interface toRTR-C
toRTR-C
RTR-B>config>router>if# ingress
RTR-B>config>router>if# ingress
RTR-B>config>router>if>ingress# filter ip 1
RTR-B>config>router>if>ingress# filter ip 1

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 99 All rights reserved 2008 Alcatel-Lucent

In this slide, RTR-B is configured to stop traffic from network 1.2.3.0/24 from entering the router on
interface toRTR-C. This filter blocks all traffic received from that network from passing through to any
other network in the topology.
All other traffic received on the toRTR-C interface is allowed to enter, which is the default action.

Scalable IP Networks v2.01 Module 4 - 99


IP Filter Configuration Example - Allowing a Client

RTR-B# configure filter


RTR-B# configure filter
RTR-B>config>filter# ip-filter 1 create
RTR-B>config>filter# ip-filter 1 create
RTR-B>config>filter>ip-filter$ default-action drop
RTR-B>config>filter>ip-filter$ default-action drop
RTR-B>config>filter>ip-filter$ entry 1 create
RTR-B>config>filter>ip-filter$ entry 1 create
RTR-B>config>filter>ip-filter>entry$ match src-ip 1.2.3.4/32
RTR-B>config>filter>ip-filter>entry$ match src-ip 1.2.3.4/32
RTR-B>config>filter>ip-filter>entry# action forward
RTR-B>config>filter>ip-filter>entry# action forward
RTR-B# configure router interface toRTR-A
RTR-B# configure router interface toRTR-A
RTR-B>config>router>if# egress
RTR-B>config>router>if# egress
RTR-B>config>router>if>egress# filter ip 1
RTR-B>config>router>if>egress# filter ip 1

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 100 All rights reserved 2008 Alcatel-Lucent

In this slide, the filter has been modified to allow only traffic from host 1.2.3.4 to reach RTR-A, by
applying the filter on the egress direction of RTR-Bs interface toRTR-A. All other traffic received from
RTR-C will be dropped if the traffic trying to access RTR-A. However, traffic from RTR-C to Other
Networks will be accepted.

Scalable IP Networks v2.01 Module 4 - 100


IP Configuration Example - Allowing Access to a Server

RTR-B# configure filter


RTR-B# configure filter
RTR-B>config>filter# ip-filter 1 create
RTR-B>config>filter# ip-filter 1 create
RTR-B>config>filter>ip-filter$ default-action drop
RTR-B>config>filter>ip-filter$ default-action drop
RTR-B>config>filter>ip-filter$ entry 1 create
RTR-B>config>filter>ip-filter$ entry 1 create
RTR-B>config>filter>ip-filter>entry$ match dst-ip 172.2.3.4/32
RTR-B>config>filter>ip-filter>entry$ match dst-ip 172.2.3.4/32
RTR-B>config>filter>ip-filter>entry# action forward
RTR-B>config>filter>ip-filter>entry# action forward
RTR-B#
RTR-B# configure
configure router
router interface
interface to-Other-Networks
to-Other-Networks
RTR-B>config>router>if# ingress
RTR-B>config>router>if# ingress
RTR-B>config>router>if>ingress# filter ip 1
RTR-B>config>router>if>ingress# filter ip 1

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 101 All rights reserved 2008 Alcatel-Lucent

In this slide, traffic from Other Networks can only be sent to server 172.2.3.4. Traffic from Other
Networks to any other address is dropped.
However, traffic from subnet 172.2.5.0/24 behind RTR-A can reach any client/server on subnet
172.2.3.0/24 behind RTR-C.

Scalable IP Networks v2.01 Module 4 - 101


Show Filter IP Command

To examine an IP filter, use the following command

Context:
Context:show>filter
show>filter

Syntax:
Syntax: ip
ip {ip-filter-id
{ip-filter-id [entry
[entry entry-id]
entry-id] [association
[association || counters]}
counters]}

Example:
Example:show
show filter
filter ip
ip 11

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 102 All rights reserved 2008 Alcatel-Lucent

ip
Syntax ip {mac-filter-id [entry entry-id] [association | counters]}
Context show>filter
Description
This command displays IP filter information.
Parameters
ip-filter-id Detailed information about the specified filter ID and its filter entries
Values 1 to 65 535
entry entry-id Information about the specified filter entry ID of the specified filter ID only
Values 1 to 9999
association Appends information about where the filter policy ID is applied to the detailed
filter policy ID output
counters Counter information for the specified filter ID
Output No Parameters Specified When no parameters are specified, a brief list of IP filters is
produced. The following slide provides an example and describes the output for the command.

Scalable IP Networks v2.01 Module 4 - 102


Show Filter IP Example

ALA-1# show filter ip 1


ALA-1# show filter ip 1
===============================================================================
===============================================================================
IP Filter
IP Filter
===============================================================================
===============================================================================
Filter Id : 1 Applied : Yes
Filter Id : 1 Applied : Yes
Scope : Template Def. Action : Drop
Scope : Template Def. Action : Drop
Entries : 1
Entries : 1
Description : new-filter
Description : new-filter
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Filter Match Criteria : IP
Filter Match Criteria : IP
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Entry : 1
Entry : 1
Log Id : n/a
Log Id : n/a
Src. IP : 1.2.3.0/24 Src. Port : 666..999
Src. IP : 1.2.3.0/24 Src. Port : 666..999
Dest. IP : 0.0.0.0/0 Dest. Port : None
Dest. IP : 0.0.0.0/0 Dest. Port : None
Protocol : 6 Dscp : Undefined
Protocol : 6 Dscp : Undefined
ICMP Type : Undefined ICMP Code : Undefined
ICMP Type : Undefined ICMP Code : Undefined
Fragment : Off Option-present : Off
Fragment : Off Option-present : Off
Sampling : Off Int. Sampling : On
Sampling : Off Int. Sampling : On
IP-Option : 0/0 Multiple Option : Off
IP-Option : 0/0 Multiple Option : Off
TCP-syn : Off TCP-ack : Off
TCP-syn : Off TCP-ack : Off
Match action : Forwarded
Match action : Forwarded
Ing. Matches : 0 Egr. Matches : 0
Ing. Matches : 0 Egr. Matches : 0
===============================================================================
===============================================================================

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 103 All rights reserved 2008 Alcatel-Lucent

In this slide, IP filter 1 was created. In the filter, the default action is to drop IP packets that do not
meet the explicit match settings.
In the match settings, the filter checks all traffic sourced from IP subnet 1.2.3.0 that uses TCP at the
transport layer and uses application ports 666 to 999. If these criteria are met, the packet is forwarded.

Scalable IP Networks v2.01 Module 4 - 103


Layer 3 and IP Services

Section 10 - Module Summary


Module Summary

After successful completion of this module, you should be able to:


Describe Layer 3 and IP services
Describe the basics of IP addressing including its components,
classes, how they are managed and allocated, and the purpose and
types of addresses
State the purpose, components, and operation of the IP subnet
address
Develop an IP address plan using IP subnetting and addressing
summarization
Recognize and define the fields in the IP header
Describe other protocols that support IP operation
Describe the IP address forwarding process
Describe the 7750 SR IP filter operation, components,
configuration, and application

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 105 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 105


Learning Assessment

Describe Layer 3 and IP services


Describe the basics of IP addressing including its components,
classes, how they are managed and allocated, and the purpose and
types of addresses
State the purpose, components, and operation of the IP subnet
address
Develop an IP address plan using IP subnetting and addressing
summarization
Recognize and define the fields in the IP header
Describe other protocols that support IP operation
Describe the IP address forwarding process
Describe the 7750 SR IP filter operation, components,
configuration, and application

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 106 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 4 - 106


LAB 2.3-2.4 Layer 3 Interfaces and ICMP/ARP

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 107 All rights reserved 2008 Alcatel-Lucent

See the Alcatel-Lucent IP Scalable Networks Lab Guide

Scalable IP Networks v2.01 Module 4 - 107


www.alcatel-lucent.com

Alcatel-Lucent Scalable IP Networks v2.01 Module 4 | 108 All rights reserved 2008 Alcatel-Lucent

3HE-02767-AAAA-WBZZA Edition 02
Alcatel-Lucent Scalable IP Networks

Module 5 IP Routing Protocol Basics


Module Overview

Concepts and Purpose of IP Routing


Static Routes
Dynamic Routing Protocol Concepts
OSPF Routing Protocol
Introduction to Border Gateway Protocol

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 2 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 2


IP Routing Protocol Basics

Section 1 Concepts and Purpose of IP Routing


Concepts and Purpose of IP Routing Overview

IP Routing Concepts
Routing Protocols
The Routing Table
Building the Routing Table and its Components

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 4 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 4


IP Routing Concepts

What is IP routing?
Determines a path to send packets from a source to a
destination along a set of routers
Each router forwards the packet from one interface to
another interface
What is a routing protocol?

Provides the mechanism to maintain routing tables for


routers
Allows routers to share route information used to build and
maintain routing tables

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 5 All rights reserved 2008 Alcatel-Lucent

IP routing
IP routing is the set of tasks involved in sending a packet from the source to the destination across an
IP network. The packet enters the IP network via a router and is sent to another router in the
network and so on until the packet reaches the destination. The routers in the network use their
routing tables to determine how to forward the packet.

Routing tables
The routing tables are built manually by the network administrator or by protocols that run on every
router.
The routing table maintains a list of IP networks and the physical interfaces on the router to reach
these networks. Using the routing table, an IP packet is routed to its destination.

Scalable IP Networks v2.01 Module 5 - 5


Routing Protocols

IP routing populates the routing table with routes

Static Dynamic

Explicitly define next IGP EGP


hop on every router/
Define default route
Distance Vector Link State Path Vector

RIPv1 and RIPv2 OSPF BGP


IS-IS

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 6 All rights reserved 2008 Alcatel-Lucent

IP routing can be divided into two main categories - static and dynamic. Dynamic routing protocols
can be further divided into two main categories - Interior Gateway Protocols (IGP) and Exterior
Gateway Protocols (EGP).
IGPs such as RIP and OSPF are used for routing within an autonomous system. An autonomous system
is defined as the networks and routers that are under the control of one entity or administrative
authority. The goal of an IGP is to find the lowest cost route to every destination in the network.
IGPs can be further divided into distance vector and link state protocols.
Distance vector routing protocols use a hop-count metric to determine the best route to a
destination regardless of the bandwidth capability of the network links along the path. RIP is a
distance vector protocol. Each router that participates in a distance vector routing protocol does not
have a complete topological view of the network; the router only knows the best next hop to the
destination. This is covered in further detail later in this module.
Link state routing protocols use a cost metric that is a representation of the link status and the
physical bandwidth of the router interfaces along the path. Therefore, the link state protocols select
a path based on the route that has the least cost, which is representative of the path that has the
most physical bandwidth. Common LS protocols are OSPF and IS-IS. Each router that participates in a
link state routing protocol has a complete topological view of the network. This is covered in further
detail later in this module.
The goal of an EGP is to provide routes between autonomous systems. However the EGP must also
consider policy enforcement that may exist between the autonomous systems. Because an EGP
works within policy constraints, the protocol will not necessarily choose the lowest cost route.
BGPv4 is the current EGP used in the Internet. BGP is a path vector protocol that chooses the path
based on the number of autonomous systems that must be traversed rather than on the number of
routers that the path must traverse. BGP performs policy-based routing because policies can be used
in many different ways to influence the ways a preferred route is chosen.

Scalable IP Networks v2.01 Module 5 - 6


IP Routing Example

Network Type NH Hops Network Type NH Hops


1.1.1.0/24 Direct - 0 2.2.2.0/24 Direct - 0
3.3.3.0/24 Direct - 0 3.3.3.0/24 Direct - 0
2.2.2.0/24 Remote IP-C 2 1.1.1.0/24 Remote IP-B 2

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 7 All rights reserved 2008 Alcatel-Lucent

Assuming that the routing tables exist on the routers in this slide, the basic flow of a packet of data
through a network can be described as follows:
Device A (1.1.1.2) needs to send data to server D (2.2.2.2). Because device A is not located on
the same segment as device D, device A must use the default gateway (1.1.1.1) for the
segment. Device A uses ARP for the 1.1.1.1 address to learn the MAC address of the gateway.
The router responds with the MAC B address. Device A can now encapsulate the data, as
shown in the top block diagram of this slide. Note that the source and destination IP addresses
identify the overall source and destination devices; the frame source and destination
addresses identify the path across one Ethernet segment.
When the frame arrives at router B, the router removes the L2 header and trailer, examines
the IP header, checks the routing table for an entry that matches the destination IP address in
the IP packet, and determines that the data needs to be sent to router C. To send the data,
router B encapsulates the data in a POS/PPP frame and forwards the data.
Router C removes the IP datagram from the PPP frame and checks its routing table. Because
the destination IP network is directly connected to its Ethernet port, router C checks its ARP
cache to find the destination MAC address. When the destination L2 MAC address is
determined, router C creates the frame of data and forwards the data to server D.
Note that the IP addressing did not change throughout the movement of the data. However, the L2
framing changed over each segment that the packet traversed. The IP address identifies a device
within the entire network topology; the L2 address identifies a device on that segment only.

Scalable IP Networks v2.01 Module 5 - 7


7750 SR Sample Routing Table

A:PE1# show router route-table


A:PE1# show router route-table
===============================================================================
===============================================================================
Route Table (Router: Base)
Route Table (Router: Base)
===============================================================================
===============================================================================
Dest Prefix Type Proto Age Pref
Dest Prefix Type Proto Age Pref
Next Hop[Interface Name] Metric
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
10.1.2.0/24 Local Local 03d23h08m 0
10.1.2.0/24 Local Local 03d23h08m 0
to-p2r1 0
to-p2r1 0
10.1.3.0/24 Local Local 03d23h08m 0
10.1.3.0/24 Local Local 03d23h08m 0
to-p3r1 0
to-p3r1 0
10.1.4.0/24
10.1.4.0/24 Local
Local Local
Local 04d00h34m
04d00h34m 00
to-p4r1 0
to-p4r1 0
10.2.3.0/24 Remote OSPF 00h41m00s 10
10.2.3.0/24 Remote OSPF 00h41m00s 10
10.1.2.21 2000
10.1.2.21 2000
10.2.4.0/24 Remote OSPF 00h41m00s 10
10.2.4.0/24 Remote OSPF 00h41m00s 10
10.1.2.21 2000
10.1.2.21 2000
10.3.4.0/24 Remote OSPF 04d00h16m 10
10.3.4.0/24 Remote OSPF 04d00h16m 10
10.1.3.31 2000
10.1.3.31 2000
10.10.10.11/32 Local Local 06d18h33m 0
10.10.10.11/32 Local Local 06d18h33m 0
system 0
system 0
10.10.10.21/32 Remote OSPF 00h41m04s 10
10.10.10.21/32 Remote OSPF 00h41m04s 10
10.1.2.21 1000
10.1.2.21 1000
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No.
No. of
of Routes:
Routes: 88
===============================================================================
===============================================================================

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 8 All rights reserved 2008 Alcatel-Lucent

This slide displays the output from a 7750 SR routing table.


Major components of the routing table
Dest Prefix - The network that has been advertised to this router. The terms prefix and network are
used interchangeably.
Type The type of interface. Indicates whether the destination prefix belongs to a locally attached
network or to a remote network.
Protocol - If the destination network is not directly attached to the router, the routing protocol that
was used to advertise the destination prefix to this router is displayed. The protocols can be, for
example, RIP, OSPF, BGP, and static.
Age - How long this entry has been in the routing table.
Preference - A unit of measurement that indicates the preference of one routing protocol over
another routing protocol.
Next Hop - The IP address of the neighbor that advertised the destination prefix to the router.
Metric - The numerical value used by a routing protocol to calculate the best route to a destination.
Depending on the routing protocol, the metric is usually a hop count or a cost that is assigned to a
network link.

Scalable IP Networks v2.01 Module 5 - 8


Building the Routing Table and its Components

How many networks is router 1 connected to?

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 9 All rights reserved 2008 Alcatel-Lucent

All routing protocols serve the same purpose: to find paths through a network and store the paths in
a routing table. The paths are also called routes, or more specifically, IP routes. The routes are
advertised to neighbors.
Each router in a network needs to populate its routing table so that it can forward IP data packets.

Scalable IP Networks v2.01 Module 5 - 9


Routing Protocol Basics Building the RIB on R1

1. R1 records all of the directly connected networks including its


system address, which is an internal loopback address
2. R2 advertises its direct networks to R1
3. R3 advertises its direct networks to R1

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 10 All rights reserved 2008 Alcatel-Lucent

This slide describes a routing protocol operation that is based on a distance vector protocol. Distance
vector protocols will be discussed in detail later.
When routers 2 and 3 are turned up, they both send information about their local networks to their
neighbors. In this case, R1 receives routing updates from both R2 and R3 about their directly
connected networks.
A routing update is a type of network advertisement made by one router to another router. This is
part of the routing protocol that runs between the routers in order to exchange the updates. A
typical routing update consists of the following components:
a network address with a network mask (also known together as a network prefix)
a metric associated with the prefix
the IP address of the next hop to reach this network prefix
R1 uses this information, including its locally discovered networks, and builds a routing information
base (RIB). The RIB is protocol dependent.

Scalable IP Networks v2.01 Module 5 - 10


Routing Protocol Basics Continuing to Build the RIB

Information sent from R2 to R1


Dest. Prefix Next-Hop Metric

10.10.2.0/30 10.10.1.2 0
192.168.20.30/32 10.10.1.2 0

Existing RIB on R1
Dest. Prefix Next Hop Metric Information sent from R3 to R1
172.16.1.0/24 to Net A 0 Dest. Prefix Next-Hop Metric
192.168.10.10/32 system 0 172.16.2.0 10.10.3.2 0
10.10.1.0/30 toR2 0 10.10.2.0/30 10.10.3.2 0
10.10.3.0/30 toR3 0 192.168.30.30/32 10.10.3.2 0

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 11 All rights reserved 2008 Alcatel-Lucent

Each routing update typically consists of a network, an associated mask, a metric, and the next hop
to reach the destination.
In this slide, router 1 builds a RIB, which collects and maintains all of the information from its
neighbors. If routers 2 and 3 advertise new network information, the routers send an advertisement
to router 1. Router 1 then updates the information in the RIB if necessary.

Scalable IP Networks v2.01 Module 5 - 11


Routing Protocol Basics Routing Metrics

Continuing to build the router information base on R1


4. R2 sends its learned information to R1
5. R3 sends its learned information to R1
6. R1 recalculates all of the learned information to build the final routing
table that will be used for IP forwarding

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 12 All rights reserved 2008 Alcatel-Lucent

When updates are received from their directly attached neighbors, routers 2 and 3 build their
respective RIBs and then propagate the information to other neighbors.
The updates include the learned destination prefix, the network mask, the metric, and the next-hop
IP address or interface.

Scalable IP Networks v2.01 Module 5 - 12


Routing Protocol Basics Continuing to Build the RIB

Information sent from R2 to R1


Dest. Prefix Next-Hop Metric

172.16.1.0/24 10.10.1.2 2
192.168.10.10/32 10.10.1.2 2

Existing RIB on R1 10.10.3.0/30 10.10.1.2 2

Dest. Prefix Next-Hop Metric 172.16.2.0/24 10.10.1.2 2


192.168.30.30/32 10.10.1.2 2
172.16.1.0/24 to Net A 0
192.168.10.10/32 system 0
10.10.1.0/30 toR2 0 Information sent from R3 to R1
10.10.3.0/30 toR3 0 Dest. Prefix Next-Hop Metric
10.10.2.0/30 10.10.1.2 1 172.16.1.0/24 10.10.3.2 2
10.10.2.0/30 10.10.3.2 1 192.168.10.10/32 10.10.3.2 2
172.16.2.0/24 10.10.3.2 1 10.10.1.0/30 10.10.3.2 2
192.168.20.20/32 10.10.1.2 1 192.168.20.20/32 10.10.3.2 2
192.168.30.30/32 10.10.3.2 1

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 13 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 13


Routing Protocol Basics Generating the Routing Table

Existing RIB on R1
Dest. Prefix Next-Hop Metric
172.16.1.0/24 to Net A 0
192.168.10.10/32 system 0
10.10.1.0/30 10.10.1.2 0
10.10.3.0/30 10.10.3.2 0
10.10.2.0/30 10.10.1.2 1
10.10.2.0/30 10.10.3.2 1
172.16.2.0/24 10.10.3.2 1
Routing table on R1 (Best routes) 192.168.20.20/32 10.10.1.2 1
192.168.30.30/32 10.10.3.2 1
Dest. Prefix Next-Hop Metric
172.16.1.0/24 10.10.1.2 3
172.16.1.0/24 to Net A 0
192.168.10.10/32 10.10.1.2 3
192.168.10.10/32 system 0
10.10.3.0/30 10.10.1.2 3
10.10.1.0/30 toR2 0 172.16.2.0/24 10.10.1.2 3
10.10.3.0/30 toR3 0 192.168.30.30/32 10.10.1.2 3
10.10.2.0/30 10.10.1.2 2 172.16.1.0/24 10.10.3.2 3
172.16.2.0/24 10.10.3.2 2 192.168.10.10/32 10.10.3.2 3
192.168.20.20/32 10.10.1.2 2 10.10.1.0/30 10.10.3.2 3
192.168.30.30/32 10.10.3.2 2 192.168.20.20/32 10.10.3.2 3

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 14 All rights reserved 2008 Alcatel-Lucent

In this slide, router 1 takes the information from the RIB and generates a routing table.
Using an algorithm, router 1 will calculate the best path to a particular network. The parameter that
is used in the algorithm to differentiate between two advertisements about the same network from
two different neighbors is referred to as the metric or cost. In this example, the metric is the hop
count or the number of hops that the destination network is from the source R1.
For example, routers 2 and 3 advertise the destination network 172.16.2.0/24 to router 1. R2
advertises 172.16.2.0/24 with a metric of 2. R3 previously advertised 172.16.2.0/24 with a metric of
0 because this network was directly attached to R3. Any local networks on a particular router are
considered to be the lowest metric or 0. When R1 receives the update from R2 and R3, R1 installs
both the updates in its RIB and adds the value 1 to the metric advertised by both R2 and R3. In this
case, the 172.16.2.0/24 update from R2 will be installed in the R1 RIB with a metric of 3 (2 + 1); the
update from R3 will be installed with a metric of 1 ( 0 +1). Because R1 receives the update about
172.16.2.0/24 from R2 and R3, a metric of 1 will be added to their individual advertised metrics.
The routing table on R1 is built from the existing RIB on R1. The best routes, depending on the
algorithm used, are sent to the routing table and this will be used to forward the IP packets. The
best routes in our example are the routes with the least cost or hop count to the particular
destination.
Note also for advertisements about a prefix that contains equal metrics, the route selection
algorithm must use a differentiator to install one route in the routing table. In this slide, network
10.10.2.0/30 is the network that is directly attached to routers 2 and 3. Therefore, when it is
advertised to R1 from R2 and R3, the advertisement contains the same metric. R1 updates its RIB
with both the updates. However, R1 chooses to install only the update from R2. This is dependent
entirely on the routing protocol who can use different criteria to install the update.

Scalable IP Networks v2.01 Module 5 - 14


Routing Protocol Basics IP Routing

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 15 All rights reserved 2008 Alcatel-Lucent

When an IP packet enters router R1, the IP packets destination address is compared to the entries in
the R1 forwarding table. If an entry matching the destination is found, the next hop IP address is
examined. The local interface corresponding to the next hop IP address is then determined by re-
examining the R1 forwarding table. The IP packet is then forwarded to the corresponding local
interface and out of the router R1.

Scalable IP Networks v2.01 Module 5 - 15


Routing Protocol Basics Control Plane vs Data Plane

Routing updates sent as part of the routing protocol operation


comprise the control plane
Data that is forwarded using the routing table comprises the data
plane

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 16 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 16


Routing Protocol Basics Next Hop Interface

The neighbor interface may not always be a point-to point interface,


as shown in the following example

Dest. Prefix Next-hop Metric


172.16.1.0/24 To Network A 0
192.168.10.10/32 system 0
10.10.10.0/29 To Network 2 2
172.16.2.0/24 ??? 2

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 17 All rights reserved 2008 Alcatel-Lucent

In this slide R1, R2, and R3 are connected in a common broadcast domain.
R1 has one interface that is configured towards the broadcast domain.
When R3 and R2 send updates about their local networks to R1, they include the IP address of
their interface on the broadcast domain.
R1 installs network 172.16.9.0/24 with a next-hop of 10.10.10.3 and network 172.16.2.0/24
with a next-hop of 10.10.10.2.

Scalable IP Networks v2.01 Module 5 - 17


Routing Protocol Basics - Preference

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 18 All rights reserved 2008 Alcatel-Lucent

A router may run more than one routing protocol.


In this slide, the R1-R2 and R2-R3 interfaces are running OSPF, and the R1-R5 and R5-R3 interfaces
are running RIP.
Network B can be advertised on both the interfaces of R3, each running a different protocol.
Therefore, this network is advertised to R1 by both RIP and OSPF. R1 has to decide which entry to
install in its routing table. In order to choose between the two updates, R1 uses an additional
parameter known as preference. The preference parameter indicates the routers preference of one
protocol over another protocol. By default, on the 7750 SR, routes learned from OSPF are preferred
over routes learned from RIP. Therefore, the route learned from OSPF is installed in the routing table
on R1.
Note that protocol with a lower preference value is preferred.

Scalable IP Networks v2.01 Module 5 - 18


Routing Protocol Basics - Routing Table Management

Each routing protocol populates its routes in its RIB


Each protocol independently chooses the best routes based on the
lowest metric
The best routes from each protocol are sent to the RTM process

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 19 All rights reserved 2008 Alcatel-Lucent

When a routing protocol learns routes from its neighbors, the protocol populates its RIBs with the
routes. Each protocol stores the routes it has learned from its neighbors in its RIB.
For each destination in the RIB, the routing protocol chooses the best route based on the lowest
metric. The best routes are sent to the routing table manager (RTM).

Scalable IP Networks v2.01 Module 5 - 19


Routing Protocol Basics Route Selection Using Preference

The RTM may receive a best route from multiple protocols


Selection is based on lowest preference value
The RTM sends its best route to the FIB
This route is the active route and is used for forwarding

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 20 All rights reserved 2008 Alcatel-Lucent

Because metrics from different protocols are not comparable, the RTM uses the preference to choose
from all of the best routes that it receives. The lower the protocols preference, the more likely that
the best or active route will be selected from that protocol.
Different protocols should not be configured with the same preference.
The best routes from the RTM are placed in the forwarding information base (FIB), also commonly
referred to as the routing table.
The FIB is distributed to the various line cards on the 7750 SR and is used to forward incoming IP
packets.

Scalable IP Networks v2.01 Module 5 - 20


Routing Protocol Basics - Default Preference Table

Route type Preference Configurable


Direct attached 0 No
Static 5 Yes
OSPF internal 10 Yes
IS-IS Level 1 internal 15 Yes
IS-IS Level 2 internal 18 Yes
RIP 100 Yes
OSPF external 150 Yes
IS-IS Level 1 external 160 Yes
IS-IS Level 2 external 165 Yes
BGP 170 Yes

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 21 All rights reserved 2008 Alcatel-Lucent

This slide lists the default preference values that are assigned to each routing protocol on the 7750
SR.
All of the preference values, with the exception of the preference for directly attached networks,
are configurable.

Scalable IP Networks v2.01 Module 5 - 21


IP Routing Protocol Basics

Section 2 Static Routes


Static Routes

Configured by an administrator and not dynamically learned


using routing protocols
Entries do not change dynamically if the topology changes
Preferred over any other dynamic protocol

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 23 All rights reserved 2008 Alcatel-Lucent

Static routes are manually configured. They describe the remote destination network and the next-
hop that a packet must be forwarded to in order to reach the destination. The destination can be
one network or a range of networks.
Note that for two routers to forward data to each other bidirectionally, a static route needs to be
configured on both routers. For example, in this slide, there would be a static route on router 1
(10.10.1.2) to forward packet data. There would also need to be a static route configured on router
2 so that it knows how to packet forward data to router 1.
By default, a static route is created with a preference of 5 and a metric of 1. However, these
parameters can be changed to accommodate a different configuration. If the preference and metric
parameters are left at the default values, a static route is always preferred over a route learned
from a dynamic routing protocol. By adjusting the preference value, the user can define a secondary
route that will be used if the dynamic protocol fails to provide a route. Or, a second static route can
be configured as a backup to the primary static route by assigning a higher metric to the secondary
route.
Static routing saves bandwidth and processing because there are no advertisements or updates.
However, any changes to the routes must be made manually, so there is no real-time response if a
destination becomes unreachable. Static routing also allows you to override any decision by a routing
protocol.

Scalable IP Networks v2.01 Module 5 - 23


Static Route - Example

Static Route Config on R1


config router static-route
192.168.1.0/24 next-hop 10.10.1.2
Static Route Config on R5
config router static-route
172.16.0.0/24 next-hop 20.10.1.2

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 24 All rights reserved 2008 Alcatel-Lucent

In this example, the corporate headquarters network is connected to two remote sites. The
corporate site provides the remote sites with resources and Internet access. Because the corporate
network is connected through one link to each of the sites, the corporate site will only send traffic
on this link to each of its remote sites. A remote network like this, with only one connection to the
backbone network, is often referred to as a stub network.
By configuring a static route on R1, traffic destined for network 192.168.1.0/24 will exit out of the
interface on R1 to CR1. A static route configured on R5 will send traffic to CR2. If R2 wants to reach
either remote site, it must also be configured with a static route in the correct direction. In order
for traffic to flow in both directions, the remote networks must also be configured with static routes
to reach the corporate network.

Scalable IP Networks v2.01 Module 5 - 24


Default Routes

Static Default Route in CR1


config router static-route 0.0.0.0/0 next-hop 10.10.1.1

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 25 All rights reserved 2008 Alcatel-Lucent

A static default route in the routing table is a wildcard entry that fits any destination. The route is
used when the destination address of a packet does not match any other entry in the routing table. A
default route is often used on a stub network when there is only one path to reach the other remote
networks. The default route is a static route with a network address and mask of 0.0.0.0.
In this slide, for the Remote site 1 to access the resources of the corporate headquarters network, it
does not need to list every entry in its routing table for every resource that it needs to send traffic
to. Therefore it uses the default route to match any possible route. The default route is the longest
match in the routing table when nothing else matches.

Scalable IP Networks v2.01 Module 5 - 25


Static Route Configuration

To configure static routes in the routing table, use the


following command

Context: config>router>
Context: config>router>
Syntax: [no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference]
Syntax: [no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference]
[metric metric] [tag tag] [enable | disable] [next-hop ip-address | ip-int-
[metric metric] [tag tag] [enable | disable] [next-hop ip-address | ip-int-
name]
name]
[no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference]
[no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference]
[metric metric] [tag tag] [enable | disable] indirect ip-address
[metric metric] [tag tag] [enable | disable] indirect ip-address
[no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference]
[no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference]
[metric metric] [tag tag] [enable | disable] black-hole
[metric metric] [tag tag] [enable | disable] black-hole
Example: config>router> static-route 10.1.1.0/24 next-hop 10.2.2.2
Example: config>router> static-route 10.1.1.0/24 next-hop 10.2.2.2
Example: config>router> static-route 0.0.0.0/0 next-hop 10.3.3.3
Example: config>router> static-route 0.0.0.0/0 next-hop 10.3.3.3
Example config>router> static-route 10.1.1.0/24 next-hop 10.2.1.2 preference 10
Example config>router> static-route 10.1.1.0/24 next-hop 10.2.1.2 preference 10
Example config>router> static-route 10.1.1.0/24 next-hop 10.2.1.2 preference 10 metric
Example config>router> static-route 10.1.1.0/24 next-hop 10.2.1.2 preference 10 metric
100
100

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 26 All rights reserved 2008 Alcatel-Lucent

Syntax

[no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference] [metric


metric] [tag tag] [enable | disable] [next-hop ip-address | ip-int-name]
[no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference] [metric
metric] [tag tag] [enable | disable] indirect ip-address
[no] static-route {ip-prefix/mask | ip-prefix netmask} [preference preference] [metric
metric] [tag tag] [enable | disable] black-hole

Context config>router
Description
This command creates static route entries for both the network and access routes. When a static
route is configured, one of the parameters must be configured: next-hop, indirect, or black-hole.
Parameters
ip-prefix The destination address of the static route, in dotted-decimal notation
mask The mask associated with the network address
preference preference The preference of this static route compared to other routes
metric metric The cost metric for the static route, expressed as a decimal integer
next-hop [ip-addr | ip-int-name] Specifies the directly connected next-hop IP address
black-hole Specifies that the route is a black-hole route

Scalable IP Networks v2.01 Module 5 - 26


LAB 3 Static Routing, Default Routes and IP Filters

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 27 All rights reserved 2008 Alcatel-Lucent

See the Alcatel-Lucent IP Scalable Networks Lab Guide

Scalable IP Networks v2.01 Module 5 - 27


IP Routing Protocol Basics

Section 3 Dynamic Routing Protocol Concepts


Dynamic Routing Protocol Concepts Overview

Distance Vector Overview


Topology Change
Link State Overview
Exchange of Link State Information
Link State Protocol
Distance Vector vs Link State

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 29 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 29


Distance Vector Overview

Routers send periodic updates to physically adjacent neighbors


Updates contain distance (how far) and vectors (direction) for networks
Routers do not have a view of the entire network topology; routers only
have a view of a distance and a vector
Examples: RIPv1 and RIPv2

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 30 All rights reserved 2008 Alcatel-Lucent

If using a distance vector routing algorithm (Bellman-Ford) a router passes a copy of its routing table
periodically to all its neighbors. These regular updates between routers communicate topology
changes.
Each router receives a routing table from its direct neighbor.
In this slide, RTR-B receives a routing update from RTR-A.
RTR-B uses the information received from RTR-A to recalculate its routing table.
RTR-B then sends its routing table to RTR-D.
This same step-by-step process occurs in all directions between direct-neighbor routers.
IMPORTANT With distance vector, a routing table is not transmitted beyond the immediate
neighbor. For example, RTR-D does not receive a routing update directly from RTR-A.
The distance vector algorithm allows network metrics to accumulate. Each router maintains a routing
table with the next hop for all of the listed destinations.

Scalable IP Networks v2.01 Module 5 - 30


Distance Vector Overview Topology Change

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 31 All rights reserved 2008 Alcatel-Lucent

This slide shows the distance vector step-by-step process for updating all routers in a network when
a topology change occurs.
Each router sends its entire routing table to each of its adjacent neighbors. This table
includes reachable addresses, a value that represents the distance metric, and the IP address
of the first router on the path to each network that the router knows about.
As each router receives an update from its neighbor, the router calculates a new routing table
and transmits the table to each of its neighbors at the next timed interval.
In a very large network with many routers, it can take a long time for all the routers in the
network to know about a topology change. Therefore, distance vector protocols have a high
convergence time which is very undesirable.

Scalable IP Networks v2.01 Module 5 - 31


Link State Overview

Routers send triggered updates to physically adjacent neighbors


Updates/LSP contain router names and link cost metrics
Each router has a view of the entire topology
Examples: OSPF, IS-IS

Link State Database


RTR-A to RTR-C, cost=1000
Adjacency Database RTR-A to RTR-B, cost=1000
RTR-B on 1/1/2 RTR-C to RTR-B, cost=1000 Routing Table
RTR-C on 1/1/1 RTR-B to 2.2.2.0/24, cost=1000 2.2.2.0/24 via 1/1/2

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 32 All rights reserved 2008 Alcatel-Lucent

Link state routing protocols maintain a complete database of topology information. While distance
vector protocols have nonspecific information about distant networks, link state routing protocols
maintain full knowledge of distant routers and how they interconnect, that is, the latter have a view
of the entire internetwork topology. OSPF and IS-IS are examples of link state routing protocols.
Link State Packets (LSPs) are used to transmit the information that is required to build the
topological database, which is used by the Shortest Path First (SPF) algorithm to build an SPF tree,
and finally, a routing table of paths to each network destination. When a link-state topology
changes, all of the routers must become aware of the change so they can update their routing table
accordingly. This involves the propagation of common routing information to all routers in the
network. To achieve information convergence, each router performs the following:
Keeps track of it neighbors
Builds an LSP that lists neighbor router names and link metrics (cost). This includes new
neighbors, changed metrics, and links to neighbors that are down.
Sends out the LSP so that all routers receive the LSP
Upon receiving an LSP, records the LSP in its database so that it has the most up-to-date
topology information
Using accumulated LSP data, builds a complete network topology, and independently
executes the SPF algorithm to calculate routes to every network
Each time there is a change to the link-state database, the router recalculates the best paths
and updates the routing table
Link state protocols keep three databases in the router:
The adjacency database, sometimes called the neighbor database, keeps track of all of the
other routers that are directly attached. The adjacency database is maintained with periodic
hello messages.
The link state database (LSDB) stores the most recent LSPs sent by all the routers in the
network. The database is used to create the SPF tree that ultimately creates the routing
table.
The routing table, sometimes called the forwarding database, is used by the router to
optimally forward IP packets to the destination network.

Scalable IP Networks v2.01 Module 5 - 32


Exchange of Link State Information

Link-state routers use the following process to discover the network


topology:
Each router creates an LSP with link-state information about all its
directly connected networks
Routers exchange LSPs with their directly connected neighbors
The link-state information is flooded to all routers in the network

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 33 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 33


Link State Protocol - Topological Database

Each router builds a topological database that consists of all the LSPs
from the other routers in the network

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 34 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 34


Link State Protocol - Topology Changes

Link-state updates are driven by topology changes

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 35 All rights reserved 2008 Alcatel-Lucent

When a router recognizes a topology change (that is, link down, neighbor down, new link, or new
neighbor), the router must notify its neighbors. To do this, each link-state router performs the
following:

The router that recognizes the change sends new link-state information about the change.
When a router receives new link-state information, the router must populate the information
in its topological database and send the information to its neighbors.
The SPF algorithm must be run against the new topological database to update the routing
table with the new information.

Each time that there is a topology change that causes an update to the topological database, the SPF
algorithm must be run.

Scalable IP Networks v2.01 Module 5 - 35


Distance Vector vs Link State

Distance vector Link state


Views the network topology from Gets a common view of the entire
the neighbors perspective network topology
Adds distance vectors from router Calculates the shortest path to
to router other routers
Frequent, periodic updates: Event-triggered updates:
slow convergence faster convergence
Passes copies of the routing table Passes link-state routing updates
to neighbor routers to other routers

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 36 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 36


IP Routing Protocol Basics

Section 4 OSPF Routing Protocol


OSPF Routing Protocol Overview

OSPF
OSPF Router ID
OSPF Point-to-Point Neighbor Adjacency
OSPF Link State Flooding
Sequence Numbers
OSPF Single Area Point-to-Point Configuration

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 38 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 38


OSPF

Link-state protocol with fast convergence and inherent loop


prevention mechanisms
Scalable
Hierarchical using areas
Uses the Shortest Path First (SPF) algorithm for routing decisions
Default cost metric takes into account the physical bandwidth of
the port or can be set manually
Classless protocol
Authentication support
Support for VLSM and address aggregation
OSPF Version 2 is a widely deployed, well known protocol for IPv4,
OSPF Version 3 is standardized and supports IPv6

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 39 All rights reserved 2008 Alcatel-Lucent

OSPF is a link-state routing protocol. As such, it uses the SPF algorithm to find the shortest path to
every destination in the network. Link-state routing protocols are inherently loop free and have a
fast convergence time. Link-state routing protocols have limited scalability, so OSPF supports
hierarchy with the concept of areas. This greatly increases the scalability of OSPF.
The subnet mask is carried in OSPF link-state updates, so variable length and noncontiguous subnets
are supported. Route aggregation is also supported to enable more efficient address management.
OSPF supports authentication for security.
The OSPF cost metric is based on the physical bandwidth of the port. This allows OSPF to make its
path decisions based on the path that has the most bandwidth rather than the least number of hops.
The traffic engineering extensions to OSPF allow the protocol to track and advertise the available
bandwidth, administration groups, maximum number of hops, and so on. This feature is used by MPLS
to create traffic tunnels and is covered in the Alcatel-Lucent MPLS course.

Scalable IP Networks v2.01 Module 5 - 39


OSPF Router ID

OSPF requires a unique method of identifying each router in the


network
OSPF must be able to associate router interfaces with a specific
router, just as a person may say R1 has two links, one link is in the
10.10.2.0 network and the other link is in the 10.10.1.0 network

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 40 All rights reserved 2008 Alcatel-Lucent

The router ID that is used for OSPF can be configured explicitly using the following command:
configure router router-id <ip-address>. This router ID is also used for other routing
protocols such as BGP.
To use a separate router ID for different protocols, you can override this high-level router ID with an
OSPF-specific router ID using the following command: configure router ospf router-id
<ip-address>.
If a router ID is not configured but a system interface is configured with an IP address, the system IP
address is used as the OSPF router ID. To configure a system interface, use the following command:
configure router interface system address <ip-address>/32.
If neither a router ID nor a system interface address is configured, the last four octets of the chassis
MAC address are used as the OSPF router ID. The chassis MAC address can be viewed using the
following command: show chassis.
The OSPF router ID selection is not pre-emptive. If the OSPF router ID is reconfigured, the change
will not take effect until the OSPF routing process is restarted.

Scalable IP Networks v2.01 Module 5 - 40


Configuring an OSPF Point-to-Point Neighbor Adjacency

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 41 All rights reserved 2008 Alcatel-Lucent

OSPF is a dynamic routing protocol that is based on routers exchanging link-state information with
each other.
Two OSPF routers must create an OSPF neighbor adjacency before they can exchange routing
information.
On point-to-point OSPF networks, neighboring routers become fully adjacent with each other. For
example, in this slide, R1 becomes fully adjacent with both R1 and R3.
In this slide, all neighbor adjacencies in the point-to-point network are indicated with the arrows.
Routers can be connected on a shared broadcast segment, such as Ethernet, rather then a point-to-
point segment. On a broadcast segment, additional steps are performed to reduce the amount of
OSPF control traffic that flows between routers on the segment. This involves electing designated
routers (DRs) and backup designated routers (BDRs). However, these concepts are beyond the scope
of this course and are covered in the Alcatel-Lucent Interior Routing Protocols course. This course
discusses only the point-to-point scenario.
Note that the default OSPF interface type is broadcast for Ethernet interfaces and must be explicitly
configured as point-to-point. The configuration will be presented later in this section.

Scalable IP Networks v2.01 Module 5 - 41


OSPF Neighbor Adjacency Hello Packet

The main components of the OSPF Hello Packet are shown below

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 42 All rights reserved 2008 Alcatel-Lucent

Parameters that are denoted with an asterisk must be set the same on both routers to form an
adjacency or to keep an adjacency alive.
Hello packets are sent between routers to form an adjacency and to proceed to 2-way state. Hello
packets are also used as a keep-alive when the adjacency is formed.
On point-to-point links, OSPF traffic is always sent to reserved multicast address 224.0.0.5.

Scalable IP Networks v2.01 Module 5 - 42


OSPF Neighbor Adjacency - Discovery

Consider the case where R1 and R2 are rebooted,


they need to re-create their adjacency

OSPF State = DOWN


Hello (RID = 1.1.1.1 Neighbors = 0) OSPF State = DOWN

OSPF State = INIT


Hello (RID = 2.2.2.2 Neighbors = 1.1.1.1) OSPF State = INIT

OSPF State = 2-Way Hello (RID = 1.1.1.1 Neighbors = 2.2.2.2) OSPF State = 2-Way

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 43 All rights reserved 2008 Alcatel-Lucent

When both routers are first powered up, they are in the OSPF down state.
Both OSPF routers send OSPF hello packets to discover each other.
When the discovery process is complete, the routers are in a 2-way state and are ready to
exchange routing information.

Scalable IP Networks v2.01 Module 5 - 43


OSPF Neighbor Adjacency Exchanging Routing Information

After the routers discover each other, they are ready to start exchanging routing information

DBD - RID 1.1.1.1


OSPF State = Exchange start
DBD RID = 2.2.2.2

Higher Router Id is decided as the Master MTU Check is performed

OSPF State = Exchange DBD RID 1.1.1.1 summary of networks

DBD RID 1.1.1.1 summary of networks

At this point, each router has a summary of the routing information of their neighboring router. The
routers are now ready to request specific routing information from their neighbor

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 44 All rights reserved 2008 Alcatel-Lucent

In the exchange start state, both routers send database description (DBD) packets to establish a
master-slave relationship. The highest router ID becomes the master.
MTU checking is also performed in the exchange start state. The OSPF MTU from both neighbors
must match to proceed beyond the exchange start state. The OSPF MTU can be configured explicitly
on the OSPF interface. If the MTU is not configured, the physical port MTU becomes the OSPF MTU.
Therefore, if an OSPF MTU is not configured, the physical port MTUs must match to create an
adjacency. The OSPF MTU determines the maximum size of the OSPF CTL packets, which is typically
the size of the link state update and link state request packets.
In the exchange state, the database description is first sent by the slave router to the master router
to provide a summary of the networks that the slave router knows about. The master router then
sends the slave router a summary of the networks that the master router knows about.

Scalable IP Networks v2.01 Module 5 - 44


OSPF Neighbor Adjacency Requesting Specific Routing Information

After the routers have a summary of their neighbors link state


database, they can request specific information as needed

LSREQ Send specific information on these networks


OSPF State = Loading
LSUPDATE Receipt of the information as you requested

LSREQ Send specific information on these networks

LSUPDATE Receipt of the information you requested

LSACK Acknowledge
OSPF State = Full at this point, both routers have identical routing information

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 45 All rights reserved 2008 Alcatel-Lucent

In loading state, routers use a specific OSPF packet type, called a link state advertisement (LSA), to
describe their routing information.
In loading state, both routers go through a Request, Reply, Acknowledge sequence until each router
has a full view of their neighbors routing information. At this point, both routers have an identical
link state database and are considered fully adjacent. Once the link state database is fully up to
date, the routers run the SPF algorithm to calculate the best path to each destination in the network
and use this information to build their routing table.
In a single area point-to-point network, only the router LSAs (Type 1 LSAs) will be used. In more
complex topologies, there are other types of LSAs exchanged.

Scalable IP Networks v2.01 Module 5 - 45


OSPF Link State Flooding - Keeping Routing Information Up to Date

R2 Floods its Router


LSA every 30 min

R8 LSDB R2 LSDB
R2 Router LSA R2 Router LSA
Adv router = 2.2.2.2 Adv router = 2.2.2.2
Networks: Networks:
10.10.2.0/30 10.10.2.0/30
10.10.3.0/30 10.10.3.0/30
2.2.2.2/32 2.2.2.2/32

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 46 All rights reserved 2008 Alcatel-Lucent

A router LSA is flooded to all routers in the OSPF every time there is a topology change on one of the
directly connected links of the router. If there are no topology changes, the router will still flood
the router LSA every 30 minutes. Every LSA has a maximum age of 60 minutes. An OSPF router will
age all LSAs in its link state database and will purge any LSAs for which it has not received a refresh
in the last 60 minutes.
Router LSAs on point-to-point networks are always flooded to multicast IP address 224.0.0.5. This is
the same multicast address that is used for OSPF hello packets while creating and maintaining an
OSPF neighbor adjacency.

Scalable IP Networks v2.01 Module 5 - 46


Sequence Numbers

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 47 All rights reserved 2008 Alcatel-Lucent

OSPF uses a sequence number to ensure that LSAs are not transmitted around the OSPF area
indefinitely. The acknowledgement of LSAs is used to guarantee the reliability of LSA transmission to
neighboring routers.
The following rules are applied by the OSPF router to process the LSAs that are received from its
neighbors.
If the sequence number is lower than the sequence number in the link state database, the
incoming link-state information is considered to be out of date and is discarded. The receiving
router will update the sending router with an up to date LSA from its own database.
If the sequence number is the same as the number in the database, an acknowledgement is
sent. The incoming link-state information is then discarded.
If the sequence number is higher than the number in the database, the new link-state
information is added to the link state database, an acknowledgement is sent and the link-
state information is forwarded to its neighbors.
All OSPF control packets use IP protocol discriminator 89. OSPF does not use TCP or UDP as a
transport layer. Instead IP uses the protocol ID 89 to extract all OSPF packets for the OSPF process
on the router.

Scalable IP Networks v2.01 Module 5 - 47


OSPF Single Area Point-to-Point Configuration

R1 OSPF Configuration Step 2 Add the Router Interfaces to OSPF as type


Step 1 Create the Router Interfaces Point-to-Point
R1>config>router# info R1>config>router>ospf# info
interface "system area 0.0.0.0
address 1.1.1.1/32 interface "system
exit interface-type point-to-point
interface "toR2 exit
address 10.10.2.1/30 interface "toR2"
port 1/1/2
interface-type point-to-point
exit
exit
interface "toR3
address 10.10.1.1/30 interface "toR3"
port 1/1/3 interface-type point-to-point
exit exit

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 48 All rights reserved 2008 Alcatel-Lucent

The steps for OSPF configuration for R2 and the other routers in the network follow the R1
configuration. The only difference is that you need to verify that the IP addresses and port numbers
on the interfaces are accurate. It is also good practice to verify that the interface names have the
correct descriptions.

Scalable IP Networks v2.01 Module 5 - 48


Show OSPF Neighbors

R1#
R1# show
show router
router ospf
ospf neighbor
neighbor

===============================================================================
===============================================================================
OSPF
OSPF Neighbors
Neighbors
===============================================================================
===============================================================================
Interface-Name
Interface-Name Rtr
Rtr Id
Id State
State Pri
Pri RetxQ
RetxQ TTL
TTL
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
toR3
toR3 3.3.3.3
3.3.3.3 Full
Full 11 00 35
35
toR2
toR2 2.2.2.2
2.2.2.2 Full
Full 11 00 31
31
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No.
No. of
of Neighbors:
Neighbors: 22
===============================================================================
===============================================================================
R1#
R1#

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 49 All rights reserved 2008 Alcatel-Lucent

This slide shows the OSPF adjacencies created by R1 with its directly-connected neighbors. The
output includes the logical router interface that the adjacency was created on and the router ID of
the neighbors.
The neighbor state is Full when the routers have synchronized their databases and have fully created
their adjacency. Other states that may be displayed are: Init, 2Way, Exstart, and Exchange, which
are usually only briefly displayed.

Scalable IP Networks v2.01 Module 5 - 49


OSPF Metric Calculation

Default Metric
OSPF Reference Bandwidth/Actual Bandwidth of Physical Port
Configured Metric
R1>config>router>ospf# area 0 interface toR1
R1>config>router>ospf>area>if# info
interface-type point-to-point
metric 674

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 50 All rights reserved 2008 Alcatel-Lucent

The OSPF metric that is advertised in the R1 LSA for an interface is automatically calculated based
on the OSPF reference bandwidth which, by default, is 100 Gb/s. The metric is calculated by dividing
the reference bandwidth by the actual bandwidth of the link. For example, the metric of a 1 Gb link
is 100 Gb/s / 1 Gb/s = 100. The metric of a 100 Mb link is 100 Gb/s / 100 Mb/s = 1000. Lower
bandwidth links have a higher metric (cost) and are thus less preferred.
Alternatively, the OSPF metric of an interface can be configured in the OSPF interface context.
The default metric of system and loopback interfaces on a router is zero.

Scalable IP Networks v2.01 Module 5 - 50


Show OSPF Interfaces

R1#
R1# show
show router
router ospf
ospf interface
interface

==========================================================================
==========================================================================
OSPF
OSPF Interfaces
Interfaces
==========================================================================
==========================================================================
If
If Name
Name Area
Area Id
Id Designated
Designated Rtr
Rtr Bkup
Bkup Desig
Desig Rtr
Rtr Adm
Adm
Oper
Oper
--------------------------------------------------------------------------
--------------------------------------------------------------------------
system
system 0.0.0.0
0.0.0.0 0.0.0.0
0.0.0.0 0.0.0.0
0.0.0.0 Up
Up
PToP
PToP
toR3
toR3 0.0.0.0
0.0.0.0 0.0.0.0
0.0.0.0 0.0.0.0
0.0.0.0 Up
Up
PToP
PToP
toR2
toR2 0.0.0.0
0.0.0.0 0.0.0.0
0.0.0.0 0.0.0.0
0.0.0.0 Up
Up
PToP
PToP
--------------------------------------------------------------------------
--------------------------------------------------------------------------
No.
No. of
of OSPF
OSPF Interfaces:
Interfaces: 33
==========================================================================
==========================================================================
R1#
R1#

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 51 All rights reserved 2008 Alcatel-Lucent

This slide shows the interfaces that are running OSPF, including their names and the areas that they
belong to.
Note that the operating status for the interfaces to R2 and R3 is PToP because the routers have
been defined as point-to-point interfaces in the OSPF configuration.
The Designated Rtr and Bkup Desig Rtr fields are only applicable to OSPF broadcast interfaces,
which are not covered in this course. For OSPF point-to-point Interfaces, the Designated Rtr and
Bkup Desig Rtr values are always 0.0.0.0.

Scalable IP Networks v2.01 Module 5 - 51


Show Route Table

R1# show router route-table


R1# show router route-table
Route Table (Router: Base)
Route Table (Router: Base)
===============================================================================
===============================================================================
Dest Prefix Type Proto Age Pref
Dest Prefix Type Proto Age Pref
Next Hop[Interface Name] Metric
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
1.1.1.1/32 Local Local 23d04h39m 0
1.1.1.1/32 Local Local 23d04h39m 0
system 0
system 0
2.2.2.2/32 Remote OSPF 01h35m59s 10
2.2.2.2/32 Remote OSPF 01h35m59s 10
10.10.2.2 674
10.10.2.2 674
3.3.3.3/32 Remote OSPF 01h15m54s 10
3.3.3.3/32 Remote OSPF 01h15m54s 10
10.10.1.2 1000
10.10.1.2 1000
4.4.4.4/32 Remote OSPF 00h05m49s 10
4.4.4.4/32 Remote OSPF 00h05m49s 10
10.10.2.2 1674
10.10.2.2 1674
10.10.1.0/30 Local Local 01h44m29s 0
10.10.1.0/30 Local Local 01h44m29s 0
toR3 0
toR3 0
10.10.2.0/30 Local Local 01h46m07s 0
10.10.2.0/30 Local Local 01h46m07s 0
toR2 0
toR2 0
10.10.3.0/30 Remote OSPF 00h05m49s 10
10.10.3.0/30 Remote OSPF 00h05m49s 10
10.10.2.2 1674
10.10.2.2 1674
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No. of Routes: 7
No. of Routes: 7

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 52 All rights reserved 2008 Alcatel-Lucent

This slide shows the forwarding information that is used by the router to forward traffic to its
destination. Note that local routes always have a metric of 0 and a preference of 0. Therefore, even
if OSPF had learned of paths to these destinations, the paths would not be entered in the forwarding
table because the OSPF preference value is 10.
The information also includes the address or name of the next-hop interface. For a local route, the
name of the interface is displayed (for example, toR3 or toR2).
For a remotely learned route, the address of the next hop is displayed (for example, 10.10.2.2). A
data packet whose destination address matches this entry in the route table will be forwarded to the
next hop address.

Scalable IP Networks v2.01 Module 5 - 52


LAB 4 OSPF

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 53 All rights reserved 2008 Alcatel-Lucent

See the Alcatel-Lucent IP Scalable Networks Lab Guide

Scalable IP Networks v2.01 Module 5 - 53


IP Routing Protocol Basics

Section 5 Introduction to Border Gateway Protocol


Introduction to Border Gateway Protocol Overview

Interior and Exterior Gateway Protocols


Routing End-to-end from Enterprise to Content Provider
BGP
When to Use BGP
Use Cases
Protocol Summary

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 55 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 55


Interior and Exterior Gateway Protocols

Interior Gateway Protocols


y Run within an organization
y Purpose is to provide routing to internal networks

Exterior Gateway Protocols


y Run between organizations
y Purpose is to provide routing to the Internet
y Example: BGP
y Based on Distance Vector

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 56 All rights reserved 2008 Alcatel-Lucent

The IGP is designed to route between networks within an organization. The networks within an
organization are private or public addresses that are typically not advertised to other organizations.
Routing information must also be exchanged between organizations. These routes are public IP
addresses because they are exchanged on the Internet. More control is required over the way that
traffic flows between organizations - it is not always the shortest path that is preferred. BGPv4
provides many features to control traffic flows between organizations and is the EGP used on the
Internet. BGPv4 is also able to scale to very large networks, which is an important requirement in
order to manage the 200,000+ routes of the Internet.

Scalable IP Networks v2.01 Module 5 - 56


Routing End-to-end from Enterprise to Content Provider

Information from the content provider must reach the enterprise


router for data transfer
However, every ISP, including the content provider, runs its choice
of IGP
A common protocol is required for end-to-end routing

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 57 All rights reserved 2008 Alcatel-Lucent

In this slide, the enterprise offices need the address information of the content providers. However,
the information from the content provider must traverse many ISPs, and each ISP runs their own
choice of IGP. When the origin of the prefix is the content provider that runs OSPF as their IGP and
the Tier 2 ISP runs IS-IS, the prefix must be relearned in the Tier 2 ISP as an IS-IS prefix and,
therefore, the prefix could lose its original attributes. Every other ISP in the path of the prefix
towards the enterprise will need to relearn the prefix in the protocol of its choice.
In this slide, although end-to-end routing can be achieved by the process of redistribution, there are
several disadvantages, such as the following:
Router redistribution removes the metrics of the original protocol and uses the metrics of the
newer protocol. This could have a negative effect.
Router redistribution needs to be managed carefully with extensive policies.
Distributing the Internet addresses into an IGP is not a scaleable design and most routers are
not designed to handle the large number of Internet prefixes.
Router distribution requires a common protocol to run between all of the routers that are
involved in the transfer of network prefixes.

Scalable IP Networks v2.01 Module 5 - 57


BGP Overview

IGPs run within an autonomous


system
EGPs run between autonomous
systems

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 58 All rights reserved 2008 Alcatel-Lucent

From earlier modules of this course, we know that an autonomous system (AS) is a group of networks
and networking equipment under a common administration. An IGP (such as OSPF) is used to
exchange routing information within the AS and an EGP (such as BGP) is used to exchange routing
information between ASs.
BGP is not a discovery protocol and BGP routers are not always directly connected. BGP routers are
manually configured to connect to other BPG routers using TCP/IP. They become BGP peers.
An IGP is required within the AS to route traffic in the AS, including traffic between BGP peers. BGP
sessions between routers in different ASs are known as external BGP sessions (EBGP), while sessions
between routers in the same AS are internal BGP sessions (IBGP).
BGP is administratively much more complex than an IGP. BGP updates include path information that
is used for routing policy enforcement and loop detection between ASs.
Adding to the complexity of BGP is the fact that topology and routing table sizes become much larger
than in an IGP environment. The increased size of the tables means that factors such as CPU loading,
memory utilization, update generation, and route processing have greater implications in BGP.
These items, and others, affect convergence. Convergence may be viewed in two ways. Local
convergence is the time for a router to receive and process all outstanding messages, and achieve a
stable topology. Network convergence is the time for all routers in the system to achieve a stable
topology. In IGP terms, the system is usually the local AS. In BGP terms, the system is the Internet.
Because the entire Internet is the scope of BGP, the administration is more complex than the
administration of one AS.

Scalable IP Networks v2.01 Module 5 - 58


BGP Scope

Enables the exchange of routing information between autonomous


systems
An Autonomous System is a set of routers under a single technical
administration, using an interior gateway protocol and common metrics to
route packets within the AS, and using an exterior gateway protocol to route
packets to other Autonomous systems. RFC 1930

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 59 All rights reserved 2008 Alcatel-Lucent

Note: As of March, 2008, the routing table for the Internet backbone consists of approximately
245 000 routes.

A key strength of BGP is that it enables the implementation of administrative policies to manage
traffic flow between autonomous systems based on virtually any policy.
BGP is scalable to the following characteristics:
Large number of autonomous systems
Large number of neighbors
Large volume of table entries
High rate of change
BGP has proven scalability. BPG is the protocol of choice for service providers and runs on their
Internet routers. The protocol is the fundamental building block of the Internet and is used by every
service provider in the world for service-provider interoperability. BGP is the most feature-rich and
scalable routing protocol in use today. It supports the current requirements of the Internet and, with
extended capabilities such as multiple protocol families and extended AS numbers, is well-positioned
for the future.

Scalable IP Networks v2.01 Module 5 - 59


BGP Autonomous Systems

Types of autonomous systems


Public
y Range is 0 to 64511
y Assigned by ARIN or another regional authority
Private
y Range is 64512 to 65535

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 60 All rights reserved 2008 Alcatel-Lucent

Public autonomous systems


Are assigned by the IANA or a regional authority
Must be used to connect to other autonomous systems in the Internet
Range is 0 to 64511
Private autonomous systems
Are assigned by ISPs (for some clients), local administrators, and so on
Are not allowed to be advertised to other ISPs or on the Internet
Range is 64512 to 65535

Regional Internet Registries


The IANA is the umbrella organization. Regional Internet Registries (RIRs) are nonprofit corporations
established for the purpose of administration and registration of IP address space and Autonomous
System (AS) numbers. There are five RIRs.

Registry Geographic Region


AfriNIC Africa, portions of the Indian Ocean
APNIC Portions of Asia, portions of Oceania
ARIN Canada, the United States, and many Caribbean and North Atlantic islands
LACNIC Latin America, portions of the Caribbean
RIPE NCC Europe, the Middle East, Central Asia

Scalable IP Networks v2.01 Module 5 - 60


BGP Establishment

Initiate TCP connection


TCP Phase
Initiate TCP connection

OPEN BGP Session (AS Num)

BGP Phase OPEN BGP Session (AS Num)

Remove Redundant TCP connection

Keep Alive
Session Maintenance
Keep Alive

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 61 All rights reserved 2008 Alcatel-Lucent

Although BGP behavior is similar to other TCP/IP applications, BGP is an enhanced distance vector
protocol, also called a path vector protocol.
The characteristics of BGP are:
Neighbors can be any reachable devices, not just directly connected devices
Unicast exchange of information
Reliability via TCP
Uses well known TCP port 179
Periodic keepalive for session management
Event-driven
Robust metrics
Neighbor relationships in BGP are somewhat different from what is normal in the IGP world.
Traditionally, neighbors are always directly connected routers. With BGP, this is not the case.
Neighbors may be directly connected, but it is not required because BGP uses unicast TCP/IP for
neighbor establishment. Neighbor relationships can be established with any IP-reachable device.
At the application layer, BGP functions similarly to other TCP/IP applications, such as Telnet, FTP,
and HTTP. BGP may be viewed as an application because it uses registered port number 179 in the
TCP/IP model.

Scalable IP Networks v2.01 Module 5 - 61


BGP Sessions

IBGP neighbors are peers


in the same autonomous
system
By default, they do not
need to be directly
connected

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 62 All rights reserved 2008 Alcatel-Lucent

There are two types of BGP neighbor relationships: EBGP and IBGP. Regardless of the type, a BGP
session between two devices is referred to as a neighbor or peer session. A BGP router is also
referred to as a BGP speaker.
A session between two devices in different autonomous systems is referred to as an external BGP or
EBGP session. Typically devices with an EBGP session are directly connected, and share a common
data link, but it is not mandatory. Because the devices are in different autonomous systems, the
administration of each device is usually handled separately. Therefore, you should ensure that the
configuration parameters match so that peering will succeed.
A session between two devices in the same autonomous system is referred to as an internal BGP or
IBGP session. Typically devices with an IBGP session are not directly connected, because they may be
across the country or the world. Because the devices are in the same autonomous system, the
administration of each device is usually handled by the same organization. You need to ensure that
the configuration parameters match so that peering will succeed.

Scalable IP Networks v2.01 Module 5 - 62


BGP Routing

BGP uses multiple metrics to choose the best routes


Requirements are different from IGP
For example, AS 65250 will only use the link between Router A to C
to send all traffic into AS 65250

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 63 All rights reserved 2008 Alcatel-Lucent

The criteria that BGP uses for route selection are very different from an IGP. In an IGP environment,
the routes are selected based on one metric such as cost, or hop count. However, when you use BGP
to route traffic between organizations, the choice may not be solely made based on the shortest
path, but rather financial, security, and geographical reasons.
In this slide, AS 65250 has the following agreement with AS65200: any prefixes that are sent from
AS 65250 will be installed such that the return traffic from AS 65200 will only exit from router A.
Under the same agreement, AS65200 requires traffic from AS 65250 only enter the AS via router B.

Scalable IP Networks v2.01 Module 5 - 63


When to Use BGP

Use BGP in the following environments


You are an ISP and need to pass client traffic from one AS to
another AS
You need to multi-home to several ISPs because of company
requirements
Traffic flow from or to your company must be managed and
controlled
Do not use BGP in the following environments
You do not need to have more than one connection to the Internet
The company engineers do not understand how BGP works
The hardware and physical links to the ISP cannot handle the load
of BGP traffic

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 64 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 64


Use Case 1 Which Customer Should Run BGP?

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 65 All rights reserved 2008 Alcatel-Lucent

ISP-1 and ISP-2 will be running BGP since they are acting as transit providers for their customers to
the Internet. The Internet is made up of hundreds or thousands of routers and AS numbers. Some of
the larger Internet providers are shown in the Internet cloud and they interconnect and share routes
between each other using eBGP. There are two enterprise customers shown in the diagram.

Customer 1 has a single connection to ISP-1 and is borrowing address space from that provider
(subnet 209.217.64.64/28). This customer will use a default-route to ISP-1. ISP-1 will have a route
back to their customers subnet using either static-routes or a dynamic routing protocol. ISP-1, using
BGP, will advertise their supernet of 209.217.64.0/18 to their upstream providers in the Internet
cloud using eBGP. From the Internet it will appear as though 209.217.64.64/28 is not being
advertised and only the supernet will be seen (209.217.64.0/18) coming from AS 7788 which belongs
to ISP-1 (best practice is to summarize and not leak specific subnets in most cases).

Customer 2 has a two connections for redundancy to ISP-1 and ISP-2. Customer 2 has their own IP
address block which they received from ARIN. In the previous slide it was mentioned that, in most
cases, there is no need to run a complex routing-protocol like BGP unless you have multiple
connections to the Internet like Customer 2. Customer 2 requires redundant connectivity to the
Internet because either they needed the extra bandwidth or simply cannot afford to be offline from
the Internet if a link fails. The server in the Customer 2 cloud could be offering important files and
must be online 24/7/365. From the Internet it will appears as though 200.46.198.0/24 is coming
from AS 31000 which was assigned to Customer 2 from ARIN. In fact the Internet, using BGP, will see
200.46.198.0/24 with two paths. One path will be 200.46.198.0/24 from AS 31000, 26230 (ISP-2)
and another path for this same address space coming from AS 31000, 7788 (ISP-1).

Since BGP is a path-vector protocol, in most cases, the route selection used by the Internet (from
AT&T as an example) will make its route selection to reach Customer 2 based on the shortest
amount of AS-PATHs (ASNs). There are several route-metrics used in BGP for route selection and
they are covered in detail in Alcatel-Lucents BGP course.
Scalable IP Networks v2.01 Module 5 - 65
Use Case 2 - Enterprise to ISP Connection (BGP)

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 66 All rights reserved 2008 Alcatel-Lucent

In this slide, the enterprise has a large OSPF network with multiple LAN segments. The enterprise
also has multiple connections to two ISPs (AS 47 and AS 395). In this configuration, the enterprise will
often run BGP to manage the connections with their ISPs. BGP policies are used to determine the
path that is used for traffic to leave the enterprise. One ISP may be preferred for some routes, or
one ISP may be used as a primary connection to the Internet with the other ISP used as a backup.
Within the enterprise network, internal routing information is exchanged with OSPF. The enterprise
networks are summarized as 100.200.0.0/20, and advertised to the ISPs and onwards to the Internet
with BGP. In this scenario, the enterprise uses a private AS number and its routes are advertised by
the ISPs using their AS numbers.
The full set of Internet routes is not exported into OSPF. Instead, a default route is advertised by the
Internet-connected routers. Some subsection of the BGP routes that are received may be advertised
into the enterprise in order to influence the route for that traffic egresses the enterprise network.

Scalable IP Networks v2.01 Module 5 - 66


Use Case 3 - ISP Interconnections (Transit Traffic)

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 67 All rights reserved 2008 Alcatel-Lucent

In this slide, an enterprise is connected to its two ISPs (AS 47 and AS 395). Routing information is
exchanged between the enterprise and the two ISPs using BGP. Both ISPs are Tier 2 ISPs which
means that they purchase transit capacity from one or more Tier 1 ISPs. Similar to the enterprise,
the Tier 2 ISPs pay the Tier 1 providers to carry their traffic.

The Tier 1 providers carry transit traffic. This is traffic that originated outside of their network and
has a destination outside of their network. A Tier 2 ISP may be connected to more than one Tier 1
ISP, or may have transit arrangements with other Tier 2 ISPs. Multiple connections are often used to
provide the ISP with a redundant path to all Internet destinations.

An ISP with multiple connections to the Internet usually needs to control the path used for its traffic.
The reason may be to ensure the shortest path, but often is related to cost or other considerations.

Scalable IP Networks v2.01 Module 5 - 67


Protocol Summary

Feature RIPv2 BGP OSPF

Updates Periodic Incremental Incremental

Update type Broadcast/Multicast Unicast Multicast

Authentication Simple & MD5 MD5 Simple & MD5

Metric Hops Multiple Cost

Metric type Distance vector Adv. DV Link-state

VLSM/CIDR support Yes Yes Yes

Topology size Small Very large Large

Transport protocol UDP TCP

Application port # 520 179

IP # 17 (UDP) 6 (TCP) 89

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 68 All rights reserved 2008 Alcatel-Lucent

This slide shows the differences and similarities of the routing protocols that are supported on the
7750 SR platforms. RIP, OSPF, and IS-IS are the IGPs; BGP is the EGP.

Scalable IP Networks v2.01 Module 5 - 68


LAB 5 BGP

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 69 All rights reserved 2008 Alcatel-Lucent

See the Alcatel-Lucent IP Scalable Networks Lab Guide

Scalable IP Networks v2.01 Module 5 - 69


IP Routing Protocol Basics

Section 6 Module Summary

Scalable IP Networks v2.01 Module 5 - 70


Module Summary

After successful completion of this module, you should


understand:
The concepts and purpose of IP routing
The purpose and configuration of static routes
The basic concepts of a dynamic routing protocol
The purpose and basic operation of OSPF
The purpose and basic operation of BGP

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 71 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 71


Learning Assessment

Describe IP routing and the need for a routing protocol


Differentiate between the static and dynamic routing
protocols
List and discuss the basic elements of a routing table
Distinguish between the control plane and data plane
Describe and differentiate between the Distance Vector and
Link state methodologies
Describe the OSPF adjacency establishment process
Describe the usage of sequence numbers in OSPF
Differentiate between an IGP and a EGP
Describe the scope and operation of BGP

Alcatel-Lucent Scalable IP Networks v2.01 Module 5 | 72 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 5 - 72


www.alcatel-lucent.com

3HE-02767-AAAA-WBZZA Edition 02
Alcatel-Lucent Scalable IP Networks

Module 6 Overview of Transport Protocols


Module Overview

Transport Layer Protocols


TCP
UDP
Port Numbers and Sockets

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 2 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 6 - 2


Overview of Transport Protocols

Section 1 - Transport Layer Protocols


Transport Layer Layer 4

Layer 4 of the OSI model


Provides a data transport service to higher protocol layers
Internet applications use a transport layer (TCP or UDP)
TCP and UDP are transport protocols for the TCP/IP stack
TCP provides a high level of service to upper protocols
y Reliable data transfer and packet reordering
y End-to-end error checking and flow control
UDP provides simple datagram delivery service
y Unreliable service, but less overhead
OSI transport layers are TP0, TP1, TP2, TP3, and TP4
TP4 and TCP are functionally similar
TP0 and UDP are functionally similar

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 4 All rights reserved 2008 Alcatel-Lucent

In the TCP/IP stack Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) provide services
similar to the OSI transport protocols. Therefore, TCP and UDP are often referred to as transport or Layer 4
protocols.
Internet applications such as web browsing and e-mail transfer use the services of the transport protocols.
If the application needs a high level of service, such as reliable data transfer and flow control, the
application typically uses TCP for data transfer.
If an application needs a simpler service with less overhead, the application may use the UDP.
There are very few higher level protocols that do not use TCP or UDP. OSPF uses IP datagrams directly. OSPF
does not use a transport protocol.
The transport layers that are defined in the OSI provide a wide range of services. TP0 provides the lowest level
of service and TP4 provides the highest level of service.
Both TP4 and TCP are built to provide a reliable, connection-oriented, end-to-end transport service on top of
an unreliable network service. The network service may lose packets, store packets, deliver packets in the
wrong order, or even duplicate packets. Both protocols must be able to deal with the most severe problems
(for example, a subnetwork stores valid packets and sends them at a later date). TP4 and TCP both have
connect, transfer, and disconnect phases; their principles of operation during these phases are also quite
similar.
In an OSI network the session layer uses the OSI transport layer.

Scalable IP Networks v2.01 Module 6 - 4


Encapsulation of Application Data by TCP

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 5 All rights reserved 2008 Alcatel-Lucent

An Internet application such as e-mail, that needs to transfer data across the Internet will use the services of
an Internet transport protocol. E-mail uses TCP, because e-mail needs a reliable data transfer service.
The application data is passed to the TCP services layer. The TCP layer divides the application data into
segments, if necessary. Each TCP segment contains a TCP header. The size of the segments is based on the
MTU size of the Layer 2 networks that are expected to be used for the transfer.
The TCP segments are passed to the IP services layer. The IP services layer is responsible for the delivery of IP
datagrams across the network. Each IP datagram contains an IP header and is routed across the network.
Because IP is an unreliable service, if TCP determines that some of the IP datagrams were not received, TCP
requests retransmission of the missing TCP segments, which provides a reliable transfer service.
After the TCP segments are received by the receiving system, the TCP services layer supplies the application
data to the receiving application exactly as the data was sent by the transmitting application.
On a computer that is connected to the Internet, the TCP and IP services are usually provided as part of the
operating system services.

Scalable IP Networks v2.01 Module 6 - 5


Overview of Transport Protocols

Section 2 Transmission Control Protocol


TCP Overview

TCP Concepts
TCP Header
TCP Connection Management
Establishing a TCP Connection the Three-way Handshake
TCP Reliable Data Transfer
TCP Flow Control
TCP Operation
Congestion Control in TCP

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 7 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 6 - 7


TCP Concepts

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 8 All rights reserved 2008 Alcatel-Lucent

The primary purpose of TCP is to provide reliable communications between application services. Because the
lower levels are unreliable, TCP must guarantee the delivery of the data.
Functionality provided by TCP
Data transfer From the application-services viewpoint, TCP provides a contiguous stream of data through
the network. TCP groups the bytes into segments, and passes the segments to the Internet layer for
transmission to the destination.
Reliability TCP uses sequence numbers, which count each byte transmitted, and TCP waits for an
acknowledgment from the far end. If the acknowledgment is not received within a specific interval, the data
is retransmitted.
Flow control Flow control refers to the capability of the receiver to control the rate at which data is sent
by the sender. The receiver specifies the "window size" parameter which indicates how many bytes it is
capable of buffering. The sender is not permitted to send more than the amount specified by the window size
until it receives an acknowledgement. If the window size is 0, the sender is not permitted to transmit any data
until the window size is changed.

Multiplexing Port numbers are used for multiplexing and demultiplexing.


Logical connections To support reliability and flow control, TCP must initialize and maintain status
information for each connection. The status information contains sockets numbers, sequence numbers, and
window size. These components combine to form a logical connection.
Full-duplex A TCP connection is full duplex - either end may transmit data at any time.
----
REFERENCE: RFC 793 defines details of TCP.

Scalable IP Networks v2.01 Module 6 - 8


TCP Header

The TCP header is used for all TCP segments including session
establishment, session destruction, and during basic data transfer

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 9 All rights reserved 2008 Alcatel-Lucent

Source and Destination ports Port addresses identify the upper-layer applications that use the connection.
Sequence Number Each byte of data is assigned a sequence number. This 32-bit number ensures that data is
correctly sequenced. The first byte of data that is sent by a station in a TCP header has its sequence number
in this field (for example, 58000). If this segment contains 700 bytes of data, the next segment sent by this
station will have sequence number of 58700 (that is, 58000 + 700).
Acknowledgment Number This 32-bit number indicates the next sequence number that the sending device
expects from the other station.
HLEN The header length provides the number of 32-bit words in the header. Sometimes called the Data
Offset field.
Reserved The value is always set to 0.
Code bits The following flags indicate the type of header:
URG Urgent pointer
ACK Acknowledgment
PSH Push function. This function causes the TCP sender to push all unsent data to the receiver rather
than send segments when the sender sends the data (for example, when the buffer is full)
RST Reset the connection
SYN Synchronize sequence numbers
FIN End of data
Window The window indicates the range of acceptable sequence numbers after the last segment that was
successfully received. The range of numbers is the allowed number of octets that the sender of the ACK is
willing to accept before an acknowledgment.
Checksum Checksum is used to verify integrity of the TCP segment. Checksum calculation is performed on
the TCP pseudo-header and data. This is the IP source and destination addresses, TCP header and the TCP
data.
Urgent pointer The urgent pointer indicates the end of the urgent data so that interrupted data streams can
continue. When the URG bit is set, the data is given priority over other data streams.
Option Several options are defined for TCP. The most common is the TCP MSS, which is sometimes called
the Maximum Window Size or SMSS.

Scalable IP Networks v2.01 Module 6 - 9


TCP Connection Management

Before data is transmitted, connection must be established


using three-way handshake
MSS and other parameters may be negotiated at session
establishment
After session is established, data can be transmitted in both
directions (full duplex)
All of the data that is sent by the near end and the far end is
acknowledged by the receiving end
The connection is closed by each side when they are finished
transmitting data

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 10 All rights reserved 2008 Alcatel-Lucent

Maximum Segment Size (MSS) defines the largest segment that will be sent on the connection. The value is an
estimate by the TCP of the size of datagrams that can be accommodated on the connection without
fragmentation. Usually each side sends the MTU value of their Layer 2 connection in the MSS field. The lower
of the two values is then used by both sides as the MSS.
The problem with determining the MSS from the two endpoints is that there may be a link in the middle of the
connection that has a smaller MTU than either end. In this case, all full size packets will have to be
fragmented to transverse this link. Fragmentation is an inefficient operation, and should be avoided if
possible.
TCP may also perform Path MTU Discovery in which TCP attempts to find the MTU that is supported across the
connection and use this MTU as the MSS. However Path MTU Discovery is not always supported.

Scalable IP Networks v2.01 Module 6 - 10


Establishing a TCP Connection the Three-way Handshake

1. SYN (seq=A, ack=0)

2. SYN/ACK (seq=B, ack=A+1)

3. ACK (seq=A+1, ack=B+1)

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 11 All rights reserved 2008 Alcatel-Lucent

The slide shows how a three-way handshake is established. In a TCP session, data is not transmitted until the
three-way handshake is successfully completed and the session is considered open.
The opening TCP segments include the sequence numbers from both sides.
After a session is established between the two hosts, data can be transferred until the session is interrupted or
shut down. Data is sent in TCP segments. The TCP segment is a combination of the data and a TCP header.
There are three steps to establish the TCP session, (therefore, the term three-way handshake). These steps
are:
One endpoint (Host A) sends a TCP segment with the SYN bit set in the header. This indicates that the
host needs to establish a TCP connection. TCP also selects a 32-bit sequence number to use for the
session. This number is included in the TCP header and is known as the Initial Send Sequence (ISS). The
acknowledgement field is 0.
The other endpoint (Host B) receives the SYN segment and, if an application is ready to accept the
connection, TCP sends a second segment with the SYN and the ACK bits set in the header. TCP on this
host also selects its sequence number for the session and transmits the number as its ISS. TCP also sends
a value in the acknowledgement field of the TCP header. This number is the value of the ISS that was
received from the original sender plus 1.
After the first endpoint (Host A) receives the SYN/ACK from the second endpoint (Host B), the first
endpoint (Host A) transmits a TCP segment with only the ACK bit set. The sequence number that is sent
is the original ISS plus 1. The acknowledgement number sent is the ISS that was received from the
second endpoint (Host B) plus 1. The original endpoint (Host A) now considers the connection to be
open and can start transmitting data. After the second endpoint (Host B) receives the ACK segment, the
second endpoint (Host B) considers the connection to be open and the second endpoint (Host B) can
start to transmit and receive data.

Scalable IP Networks v2.01 Module 6 - 11


TCP Reliable Data Transfer

TCP provides a full-duplex, reliable data transfer service


TCP maintains the order of application data across the
network
Reliable transfer is accomplished using positive
acknowledgement with retransmission
y Sender specifies sequence number of data sent
y Receiver acknowledges by stating next sequence number
expected
y Sender retransmits if a specific sequence number is not
acknowledged
y Receiver uses sequence numbers to reorder the data stream for
the application

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 12 All rights reserved 2008 Alcatel-Lucent

If an application requires reliable transfer of its data across the network, the applications will use TCP to
obtain that service. TCP is responsible for ensuring that all data is received and sent to the receiving
application in the order in which it was sent.
The technique is known as positive acknowledgement with retransmission. Data is often exchanged in both
directions between the two ends of an application, therefore, TCP provides a full-duplex data exchange. This
means that after the connection is established, each endpoint can transmit data. Only one TCP connection is
required to provide this two-way data exchange.
Each segment that is sent by TCP has an identifying sequence number transmitted in the TCP header. This
sequence number indicates the number of the first byte of data in the overall data stream for this connection.
The receiver acknowledges receipt of this data by transmitting an acknowledgement number that indicates the
next byte of data in the stream that the receiver expects to receive. If some of the data is lost, the receiver
will continue to send the same acknowledgement number that indicates the bytes that were received
successfully. The sender maintains a retransmission timer. If the sender does not receive an acknowledgement
for some bytes of data that were sent, the data will be retransmitted when the retransmission timer expires.
Because the TCP segments are transmitted over an unreliable network service (IP network), the segments may
arrive at the destination in a different order than they were originally sent. The sequence numbers are used by
the receiver to reconstruct the data stream and ensure that the data is provided to the application in the
same order that the data was sent.

Scalable IP Networks v2.01 Module 6 - 12


TCP Reliable Data Transfer Example

Sender Receiver
SEQ number 27000 TCP 500 bytes data

ACK number 27500

SEQ number 27500 TCP 500 bytes data Lost

SEQ number 28000 TCP 500 bytes data

ACK number 27500

SEQ number 28500 TCP 500 bytes data

ACK number 27500

Retransmit SEQ number 27500 TCP 500 bytes data

ACK number 29000

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 13 All rights reserved 2008 Alcatel-Lucent

This slide shows reliable data transfer between two hosts.


1. The sender sends a TCP segment with 500 bytes of data on an established connection. The sequence
number is 27000.
2. The receiver acknowledges the receipt of this data with an acknowledgement number of 27500.
3. The sender sends another segment of 500 bytes with a sequence number of 27500. This segment is lost
by the network (unreliable service).
4. The sender sends another segment of 500 bytes with a sequence number of 28000. This segment is
successfully received by the receiver and is buffered.
5. The receiver sends an acknowledgement number of 27500 because the receiver still has not received
the segment that contains the 500 bytes of data in the overall data stream.
6. The sender sends another segment of 500 bytes with a sequence number of 28500. This segment is
received and buffered. Another acknowledgement of 27500 is sent.
7. The retransmission timer expires for the sender and the missing segment that contains 27500 is
retransmitted.
8. The receiver receives the segment 27500 and now has the data up to byte 29000. The receiver sends an
acknowledgement of 29000.

Scalable IP Networks v2.01 Module 6 - 13


TCP Flow Control

Sending multiple segments without an acknowledgement


results in higher data transfer rates
Receiver must buffer the received data until the application
requests it
Flow control allows receiver to control the transmission rate
Receiver uses the window parameter in TCP header to
indicate how many bytes can be sent
y The window field specifies how many bytes can be sent without
an acknowledgement
y If window value is 0, sender cannot transmit data until the
receiver adjusts window size
y The window size is always controlled by receiver

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 14 All rights reserved 2008 Alcatel-Lucent

If a sender waits to receive acknowledgement for each segment that it sends before sending another segment,
the effective throughput of the connection can be greatly limited over the bandwidth that is supported by the
transmission media. This is not significant on a high-speed LAN because the acknowledgements are received
very quickly. However, if the network round trip time (RTT) is long, the sender may spend a significant amount
of time waiting for acknowledgements.
To increase the overall throughput on TCP connections, TCP allows the sender to send more than one segment
without waiting for an acknowledgement. This provides a higher overall throughput. However there is a danger
of overwhelming the receiver with too much data. To avoid overwhelming the receiver, the amount of data
that can be sent to the receiver must be controlled. To accomplish this, the received data is buffered in a
preset amount of buffer space until it is requested by the application.
The amount of buffer space is specified in the TCP header window parameter. When the receiver sends an
acknowledgement, the receivers TCP header sets the value of the window parameter to specify the amount of
buffer space in bytes that is available. This is the maximum amount of data that the sender can send before it
receives the next acknowledgement.
If the receivers buffer becomes full, the receiver sends a window size of 0 and the sender cannot transmit any
more data. When the receiving application requests the data and buffer space is available, the receiver sends
an updated window size and the sender can start to transmit more data.
The window value is always set by the receiver, which provides a flow control mechanism for the receiver.

Scalable IP Networks v2.01 Module 6 - 14


TCP Flow Control Example

Sender Receiver
ACK number 27000, window = 5000

SEQ number 27000 1000 bytes data

SEQ number 28000 1000 bytes data

SEQ number 29000 1000 bytes data 3000 bytes buffered

ACK number 30000, window = 2000

SEQ number 30000 1000 bytes data

SEQ number 31000 1000 bytes data 5000 bytes buffered

ACK number 32000, window = 0

Application requests all data from TCP (5000 bytes)

ACK number 32000, window = 5000 0 bytes buffered

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 15 All rights reserved 2008 Alcatel-Lucent

This slide shows how flow control works.

1. The sender received an ACK from a previous transmission that indicates a window size of 5000 bytes.
2. The sender has 3000 bytes to send and transmits them in three 1000-byte segments, one after the
other.
3. The receiver buffers the received data and sends an ACK to acknowledge all the received data. The
receiver sets the window size to 2000.
4. The sender has more data to send. Because the last window size was 2000, the sender cannot send
more than 2000 bytes. This data is sent in two 1000-byte segments.
5. The receiver buffers the 2000 bytes as they are received. Because the application has not requested
any data, the initial 3000 bytes received are still being buffered.
6. The receivers buffer is now full and an ACK with a window value of 0 is sent.
7. Even if the sender has more data to send, the sender must not transmit any more data because the
window size is currently 0.
8. The application requests data from TCP and the 5000 bytes are taken from the buffer. The buffer is
now empty and an ACK is transmitted to reset the window size to 5000.
9. When the sender receives the new window size, the sender can now transmit more data.

Scalable IP Networks v2.01 Module 6 - 15


TCP Operation Example

Seq.no. 122
Ack.no. 0 Wnd 8192 LEN = 0B SYN
Seq.no. 286
Initial 3-way Ack.no. 123 Wnd 8760 LEN = 0B SYN+ACK
handshake
Seq.no. 123
Ack.no. 287 Wnd 8192 LEN = 0B ACK

Seq.no. 123
Ack.no. 287 Wnd 8192 LEN = 200B

Data transfer Ack.no. 323 Wnd 8560


Seq.no. 323
Ack.no. 287 Wnd 8192 LEN = 400B

Ack.no. 723 Wnd 8160

Seq.no. 723
Ack.no. 287 Wnd 8192 LEN = 0B FIN
Seq.no. 287
Closing session Ack.no. 724 Wnd 8160 LEN = 0B FIN+ACK
Seq.no. 724
Ack.no. 288 Wnd 8192 LEN = 0B ACK

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 16 All rights reserved 2008 Alcatel-Lucent

Assumptions
Although the data transfer and window parameter negotiation occur as a duplex operation, the slide above
only shows a single-sided transfer.

Initial Three-way handshake


1. The session begins with host 10.10.10.1/24, which initiates a SYN that contains the sequence number
122, which is the ISS. There are only zeros in the acknowledgment number field because this field not
used in the SYN segment. The window size of the sender starts as 8192 octets.
2. The receiving host sends its ISS (286) in the sequence number field and acknowledges the sender's
sequence number by incrementing the number by 1 (123); the receiver expects this value to be the
starting sequence number of the data bytes that the sender will send next. This is called the SYN-ACK
segment. The receiver's window size starts as 8760.
3. When the SYN-ACK is received, the sender issues an ACK that acknowledges the receiver's ISS by
incrementing the ISS by 1 and placing the value in the acknowledgment field (287). The sender also
sends the same sequence number that it sent previously (123). These three segments that are
exchanged to establish the connection never contain any data.
Data transfer
1. From now on, ACKs are used in every segment sent. The sender starts sending data by specifying the
sequence number 123 again because this is the sequence number of the first byte of the data that it is
sending. Again, the acknowledgment number 287 is sent, which is the expected sequence number of
the first byte of data that the receiver will send. In this example, the sender initially sends 200 bytes of
data in one segment.

(Continued on slide 17)

Scalable IP Networks v2.01 Module 6 - 16


TCP Operation Example

Seq.no. 122
Ack.no. 0 Wnd 8192 LEN = 0B SYN
Seq.no. 286
Initial 3-way Ack.no. 123 Wnd 8760 LEN = 0B SYN+ACK
handshake
Seq.no. 123
Ack.no. 287 Wnd 8192 LEN = 0B ACK

Seq.no. 123
Ack.no. 287 Wnd 8192 LEN = 200B

Data transfer Ack.no. 323 Wnd 8560


Seq.no. 323
Ack.no. 287 Wnd 8192 LEN = 400B

Ack.no. 723 Wnd 8160

Seq.no. 723
Ack.no. 287 Wnd 8192 LEN = 0B FIN
Seq.no. 287
Closing session Ack.no. 724 Wnd 8160 LEN = 0B FIN+ACK
Seq.no. 724
Ack.no. 288 Wnd 8192 LEN = 0B ACK

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 17 All rights reserved 2008 Alcatel-Lucent

(Continued from slide 16)


Data transfer (continued)
2. The receiver acknowledges the receipt of the data by sending the number 323 in the acknowledgment
number field, which acknowledges that the next byte of data to be sent will start with sequence
number 323. It is assumed that sequence numbers up to and including 323 have been successfully
received. Note that not every byte needs to be acknowledged. The receiver subtracts 200 bytes from
its previous window size of 8760 and sends 8560 as its new window size.
3. The sender sends 400 bytes of data, starting at sequence number 323.
Closing session
1. The receiver acknowledges receipt of the data with the number 723 (323 + 400). The receiver
subtracts 400 bytes from the previous window size of 8560 and sends the new window size of 8160.
2. The sender transmits the expected sequence number 723 in a FIN because, at this point, the
application needs to close the session. The receiver sends a FIN-ACK that acknowledges the FIN and
increments the acknowledgment sequence number by 1 to 724, which is the number that the receiver
will expect on the final ACK.
3. The sender transmits the final ACK, which confirms the sequence number 724.

Scalable IP Networks v2.01 Module 6 - 17


Congestion Control in TCP

IP does not provide a congestion control mechanism


An IP router that experiences congestion drops packets
TCP includes a congestion control mechanism
y TCP gradually increases transmission rate on a new connection
until there is congestion (slow start)
y When there is congestion, TCP reduces the transmission rate
(congestion avoidance)
y Transmission rate is gradually increased until there is congestion
again
Transmission rate is controlled by the congestion window
which is maintained by the sender
Regardless of the congestion window value, the sender never
sends more data than allowed by the window size

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 18 All rights reserved 2008 Alcatel-Lucent

Congestion control and IP


Although ICMP contains a source quench message type that is intended for congestion control, this message
type is not used for end-to-end congestion control. The normal behavior of an IP router when there is
congestion is to queue packets for a relatively short period. If the queuing space is depleted, additional
packets are discarded.
Congestion control and TCP
TCP implements a congestion control mechanism to help manage congestion on an end-to-end connection. A
variety of different algorithms are used, but TCP congestion control typically has two phases slow start and
congestion avoidance.
After a TCP connection is established, data is not immediately transmitted to the maximum value that is
allowed by the TCP window size. Instead, transmission by the sender is limited by the congestion window. This
value is initially set to one or two segments. Each time a segment is acknowledged, the congestion window is
increased. This is the slow start phase of TCP.
When congestion is detected (either through the receipt of duplicate ACKs or the expiry of a timer that
measures the round trip time), TCP enters congestion avoidance. The congestion window is reduced and then
gradually increased until congestion is encountered again. This process continues through the life of the TCP
connection.
The maximum transmission rate is ultimately controlled by the TCP window size, because this is the receivers
flow control mechanism. If the window size is less than the size allowed by the congestion window, the
transmission rate will never exceed the size specified by the TCP window.

Scalable IP Networks v2.01 Module 6 - 18


TCP Congestion Control Example

Sender Receiver
Slow start ACK number 12000, window = 8000

cnwd = 1 SEQ number 12000 1000 bytes data

cnwd = 2 ACK number 13000, window = 7000

SEQ number 13000 1000 bytes data

SEQ number 14000 1000 bytes data

cnwd = 4 ACK number 15000, window = 6000

SEQ number 15000 1000 bytes data

SEQ number 16000 1000 bytes data

SEQ number 17000 1000 bytes data dropped

SEQ number 18000 1000 bytes data delayed

ACK number 17000, window = 6000

cnwd = 2 Congestion avoidance ACK number 17000, window = 7000

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 19 All rights reserved 2008 Alcatel-Lucent

This slide shows how TCP congestion control works.


1. During the three-way handshake to establish the connection, the receiving side specified a window size
of 8000. An MSS of 1000 bytes has also been established for the connection.
2. Because this is the start of the session, the sender is in the slow start phase and therefore, sets its
congestion window (cnwd) value to 1. Therefore, the sender transmits one segment of 1000 bytes even
though there is more data to send and a window size of 8000 is specified by the receiver.
3. The first segment is acknowledged by the receiver with a window size of 7000 and the segment is
buffered. The sender increases its cnwd value to 2. The sender can now transmit two segments of 1000
bytes each.
4. The receiving application has used the previous segment, but the two new segments are buffered and
are acknowledged with a window size of 6000.
5. Because the sender received an acknowledgement for two more segments, the sender increases the
cnwd value by 2 to 4. The sender then transmits 4 segments of 1000 bytes each.
6. The third segment is dropped due to congestion and the fourth segment is delayed. When the first two
segments are received, an acknowledgement (17000) is sent. Because the previously buffered segments
have been used and the two new segements are buffered, the window size is 6000.
7. After a delay, because of congestion, the fourth segment is received and acknowledged. Because the
third segment is still missing, the acknowledgement number is still 17000. Because the two previous
segments have been used and the new segment is buffered, the window size is 7000.
8. When the sender receives the second acknowledgement, the sender determines that congestion
occurred and enters the congestion avoidance phase. The cnwd value is reduced by half to 2.
Depending on timer values and the implementation, the missing segment may be retransmitted
immediately or later.

Scalable IP Networks v2.01 Module 6 - 19


Overview of Transport Protocols

Section 3 - User Datagram Protocol


UDP - Overview

Capabilities
UDP header
User Datagram Protocol

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 21 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 6 - 21


UDP Capabilities

UDP provides a connectionless, unreliable datagram delivery


service
Used when a reliable mechanism is not required or when the
overhead of TCP is not required, for example
y DNS performs simple query/response and does not require
reliable service
y RPC needs simple transport and manages reliability itself
y UDP is often used for audio and video streams
y Real-time nature of the application means that retransmission is
not practical
y RTP provides sequencing and timing information

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 22 All rights reserved 2008 Alcatel-Lucent

The User Datagram Protocol (UDP) provides a simple, connectionless, unreliable datagram delivery service.
The service is similar to the service that is provided by IP, although UDP has port addresses to support
multiplexing between different applications. UDP is used when an application does not need a reliable transfer
mechanism or if the application needs to avoid the additional overhead of TCP.
Unreliable refers to the fact that UDP does not provide flow control, acknowledgement, or retransmission
capabilities such as those provided by TCP. These capabilities slow down communication. Therefore, UDP may
be used for applications where real-time factor is more critical than packet loss; for example for Voice over IP.
Domain Name System (DNS) resolves domain names (such as www.alcatel-lucent.com) to an IP address. This is
a simple query and response. As a result, the overhead of establishing a connection is not worthwhile. If the
query or response is dropped, the host sends the query again.
Remote Procedure Call (RPC) supports inter-process communication across a network. Many implementations
of RPC manage the reliability and sequencing of data and use UDP as a simple datagram delivery service to
avoid the overhead of TCP.
UDP is also widely used for real-time audio and video streaming. Because these applications often have real-
time constraints, retransmitting lost data is not a viable option and the application uses other methods to
handle missing data. Many of these applications use Real Time Protocol (RTP), which includes a mechanism for
carrying sequence and timing information. Timing information is not provided in TCP and this is important for
many real-time applications. RTP data is carried in UDP datagrams.

Scalable IP Networks v2.01 Module 6 - 22


UDP Header

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 23 All rights reserved 2008 Alcatel-Lucent

UDP provides a simple datagram delivery service. There is no additional connection overhead such as the
overhead in TCP. The application data is transmitted in a UDP datagram.
The UDP header is very simple compared to the TCP header. There are no synchronization, sequence, or
acknowledgment fields. The header only contains the source and destination application port number, a length
field for the length of the data, and a checksum. Therefore, the UDP datagram has very little overhead.
Some protocols that use UDP include: SNMP, DNS, and DHCP.
-----
REFERENCE: Originally defined in RFC768

Scalable IP Networks v2.01 Module 6 - 23


UDP Example

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 24 All rights reserved 2008 Alcatel-Lucent

Unlike TCP, UDP offers no delivery guarantees or congestion avoidance. UDP is considered to be a means of
best-effort transport. UDP provides a transport mechanism for one application to send a datagram to another
application. The responsibility for error recovery or any form of reliability resides with the application itself.
Similar to TCP, UDP uses port numbers to identify the receiving and sending application processes. UDP uses
the port numbers in the multiplexing and demultiplexing operations.
UDP is especially suitable for real-time applications such as VoIP that require low overhead and do not benefit
from retransmission of lost data.
The following are some of the well-known UDP port numbers:

Port 67 Dynamic Host Configuration Protocol (DHCP)


Port 69 Trivial File Transfer Protocol (TFTP)
Port 123 Network Timing Protocol (NTP)
Port 520 Routing Information Protocol (RIP)

Scalable IP Networks v2.01 Module 6 - 24


Overview of Transport Protocols

Section 4 - Port Numbers and Sockets


Ports and Sockets Overview

Ports and Sockets


Ports
Sockets
Telnet

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 26 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 6 - 26


Ports and Sockets

Transport layer (TCP and UDP) port numbers act as transport


addresses
Port numbers allow multiple applications to use a transport
protocol simultaneously (multiplexing)
Port numbers identify the application that receives incoming
data at the receiver
Application access to transport layer services is through a
socket
Server applications usually listen to a well-known port
y 80 is a well-known port for HTTP
y 23 is a well-known port for Telnet
Client application connects to the server on the well-known
port

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 27 All rights reserved 2008 Alcatel-Lucent

Both TCP and UDP contain a source and destination port number in their headers. These port numbers allow
multiple applications to use the transport simultaneously on the same physical connection. This capability is
known as transport-level multiplexing. If several transport sessions are active for a system on the network, the
data is demultiplexed based on the source address and port number when the data arrives. This allows TCP or
UDP to identify the application process that the incoming data is destined to.
Typically, a server application listens to a well-known port. This means that all incoming data destined for the
port is given to the application. The client application will then connect to the well-known port in order to
establish communication. Servers are not required to use the well-known port, but the client application must
know the port to connect to.
For example, the well-known port for HTTP is 80. When the web server is started, the server will typically
listen to port 80. Client requests will be made to port 80 and the requests will be passed to the web server to
respond. In some cases, the web server may be configured to listen to a port other than 80; for example, some
web servers are configured to listen on port 8080. In this case, the client must know to connect to port 8080.
If the request is made to port 80, there will be no response since there is no process listening to port 80.

Scalable IP Networks v2.01 Module 6 - 27


Ports

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 28 All rights reserved 2008 Alcatel-Lucent

Ports identify an application service. This allows the transport layer to differentiate between application
services. Each process that needs to communicate with another process identifies itself to the transport layer
by using one or more port numbers.
A port is a 16-bit number that is used by the host-to-host protocol to identify to which higher-level protocol or
application service the port must deliver incoming messages. There are two types of port numbers:
Well-known ports Well-known port numbers belong to standard servers. The port numbers range from
1 to 1023. These port numbers are assigned by the IANA.
Ephemeral ports Client applications do not require well-known port numbers because they initiate
communications with servers. The host system allocates each client process a port number for as long
as the process needs the port number. The port numbers range from 1024 to 65535 and are not
controlled by the IANA. Because the host dynamically assigns the port number to the client application,
the port number may vary each time that the client application is started.

Scalable IP Networks v2.01 Module 6 - 28


Sockets

Unique application handle into the TCP/IP stack


Used to differentiate application users between network
hosts
Formulated by using a transport protocol, IP address, and
application source and destination port numbers
Created at both ends of the data transfer (that is, the source
and destination)
Example:
y Socket address = Protocol, local IP address, and local port
number (for example, TCP, 138.120.3.1, 15633)
y Conversation = Protocol, local IP address, local port number,
remote IP address, and remote port number (for example, TCP,
138.120.3.1, 15633. 137.10.2.2, 23)

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 29 All rights reserved 2008 Alcatel-Lucent

Sockets are used to identify the network connection between applications. Although applications on different
hosts can be differentiated using IP addresses and destination addresses, it is impossible to differentiate
between two sessions on the same hosts for the same application.
Example: There are two Telnet sessions between Host A and Host B. The IP address and destination port
numbers are not enough for Host B to differentiate between the two Telnet sessions. In this case, the source
port numbers, which are unique for each Host A client session, are required for Host B to differentiate
between the packets of each of the sessions. The next slide contains a detailed example of Telnet.
In this example of a Telnet request, Host A uses a unique source port number and the well-known port number
23 as the destination port for the server application on Host B.

Scalable IP Networks v2.01 Module 6 - 29


Transport Example Telnet

TCP/IP

A1 A2
138.120.191.233
Telnet
2 Telnet 2 Telnet 1 138.120.168.100
client 1 client 2 server

6 4 7 4 5 6

Operating Operating Operating


system system system

1. Enable Telnet server application


2. Enable Telnet client 1 and Telnet client 2 application
3. Create socket address for client 1 of TCP,138.120.168.100,23, 138.120.191.233,15633, and for client 2 of TCP,
138.120.168.100,23, 138.120.191.233,15634
4. Connect client 1 and client 2 to server
5. Listen to client requests, incoming request from client 1 and incoming request from client 2
6. Conversation with client 1: TCP, 138.120.168.100,23,138.120.191.233,15633 and
7. Conversation with client 2: TCP, 138.120.168.100,23,138.120.191.233,15634

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 30 All rights reserved 2008 Alcatel-Lucent

PC A wants to Telnet into a server with two applications, A1 and A2.


The IP address of A is 138.120.191.233 and the server address is 138.120.168.100.

Application A1 opens a client session with a socket handle.


Application: Telnet
Source port number: 15633
Destination port number: 23
Transport layer: TCP
Socket handle: TCP, 138.120.191.233, 15633
Application A2

Application: Telnet
Source port number: 15322
Destination port: 23
Transport layer: TCP, 138,120.191.233, 15634
The server enables the Telnet server and creates a destination socket.
Application: Telnet server
Source port number: 23
Destination port number: 15633, 15634
Socket handle: TCP, 138.120.168.100, 23

Scalable IP Networks v2.01 Module 6 - 30


Overview of Transport Protocols

Section 5 - Module Summary and Learning Assessment

Scalable IP Networks v2.01 Module 6 - 31


Module Summary

After the successful completion of this module, you should


understand the following concepts
TCP uses port numbers for multiplexing between applications
TCP provides connection-oriented services between hosts
TCP provides delivery guarantees for data
UDP uses port numbers for multiplexing between applications
UDP provides a connectionless service
UDP does not provide delivery guarantees for data

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 32 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 6 - 32


Learning Assessment

Describe what a send_SYN is used for


Describe whether the send and receive windows on a local
host must match
Describe the process that works in conjunction with the
congestion-avoidance process in TCP when network
congestion is detected
Describe how UDP establishes a session
Describe how UDP identifies the application services that it is
supporting

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 33 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 6 - 33


www.alcatel-lucent.com

Alcatel-Lucent Scalable IP Networks v2.01 Module 6 | 34 All rights reserved 2008 Alcatel-Lucent

3HE-02767-AAAA-WBZZA Edition 02
Alcatel-Lucent Scalable IP Networks

Module 7 7750 SR and 7450 ESS Services Overview


7750 SR and 7450 ESS Services Overview

Services Building Blocks - Network Components


Provider Edge (PE) Node Components
VPN Service Building Blocks Tunneling Concepts
MPLS Basics
Service Building Blocks MPLS Fundamentals
MPLS
VPN Services
VPWS Ethernet Encapsulation
VPLS
VPRN

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 2 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 7 - 2


Services Building Blocks - Network Components

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 3 All rights reserved 2008 Alcatel-Lucent

Customer edge devices


A customer edge (CE) device resides on the customer premises. The CE device provides access to the
service provider network over a link to one or more provider edge (PE) routers. The end user typically
owns and operates these devices. The CE devices are unaware of tunneling protocols or VPN services
that are provided by the service provider.

Provider edge devices


A provider edge (PE) device has at least one interface that is directly connected to the CE devices. In
addition, a PE device usually has at least one interface that connects to the service provider core
devices, or provider routers. Because the PE device must be able to connect to different CE devices
over different access media, the PE device is usually able to support many different interface types.
The PE device is the customer's gateway to the VPN services offered by the service provider.

Provider router
Provider (P) routers are located in the provider core network. The P router supports the service
providers bandwidth and switching requirements over a geographically dispersed area. The P router
does not connect directly to the customer equipment.

Scalable IP Networks v2.01 Module 7 - 3


Provider Edge (PE) Node Components

Service Access Point (SAP)


y The logical entity that serves as the customer access to the service
Service Distribution Points (SDP)
y The method that a service uses to connect to another routers service
y The transport tunnel encapsulation that this service will be using
MPLS/RSVP-TE, MPLS/LDP, or IP/GRE
y SDPs are locally unique, the same SDP ID can be used on another router
y SDP is not specific to one service, many services can use the same SDP

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 4 All rights reserved 2008 Alcatel-Lucent

The terms customers and subscribers are used synonymously


The customer ID is assigned when the customer account is created
To provision a service, a customer ID must be associated with the service at the time of service
creation

Scalable IP Networks v2.01 Module 7 - 4

4
VPN Service Building Blocks Tunneling Concepts

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 5 All rights reserved 2008 Alcatel-Lucent

In order to be able to provide a virtual private network (VPN) service, the service provider must
encapsulate the customer data to traverse the service provider network. Depending on the nature of
the VPN service, the encapsulation of the Layer 2 and Layer 3 headers may be included. The customer
data must be transported without any changes across the service provider network from one customer
site to another customer site.
In order to accomplish this, an additional header is added to the customer data for transport across
the service provider network. Instead of routing or switching the data across the service providers
network using the customers Layer 2 or Layer 3 headers, the data traverses the network using the
header that is added at the edge of the service provider network. Therefore, the customer data is
effectively tunneled across the service provider network unchanged.

Scalable IP Networks v2.01 Module 7 - 5


MPLS Basics Common Acronyms

MPLS has become the basic building block for the various services
and VPNs offered on the 7750 SR platforms. Below are some of
the more common MPLS acronyms that are used when discussing
services:
LER Label edge router
LSR Label switch router
LSP Label switch path
Push
Swap
Pop
Label Stack
RSVP-TE Resource reservation protocol with traffic engineering
extensions
T-LDP Targeted label distribution protocol

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 6 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 7 - 6


MPLS Basics

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 7 All rights reserved 2008 Alcatel-Lucent

In an MPLS network, routers are categorized as Label Edge Routers (LERs) or Label Switch Routers
(LSRs). The LERs are the endpoints of the MPLS tunnels, known as Label Switched Paths (LSPs), and are
normally at the edge of the network. The LSRs are at the core of the network and provide the
connectivity between the LERs.
The MPLS-enabled routers (LERs and LSRs) use a signaling protocol to distribute labels across the
network. These labels are used to make the forwarding decision for incoming traffic rather than the IP
address. This basically turns the Layer 3, routed network into a switched network.
The method for distributing labels through the network depends on the signaling protocol being used,
either LDP or RSVP. The next few slides discuss LDP at a high level. RSVP and LDP are covered in more
detail in the MPLS course.

Scalable IP Networks v2.01 Module 7 - 7


MPLS Basics (continued)

Network Label Interface

10.1.1.0/24
20 1
10.1.2.0/24

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 8 All rights reserved 2008 Alcatel-Lucent

Before LDP can be enabled on a router, the network must be running a routing protocol. The routing
protocol allows LDP to find the adjacent router and automatically set up a peering session with
adjacent LDP-enabled routers. Once a peering session is established, the routers check their routing
tables and send out a label associated with networks that they see.
In this slide, an LDP session is established between Router 2 and Router 3. Router 3 checks its routing
table for networks that Router 3 sees behind Router 2 and sends a label to Router 2 to represent those
networks. For example, Router 3 sends a label with the value 20 to represent networks 10.1.1.0/24
and 10.1.2.0/24.
Each time Router 2 receives a packet destined for the 10.1.1.0/24 or 10.1.2.0/24 network, the router
pushes the label (20) onto the packet and puts the packet in the LSP that takes the MPLS frame to
Router 3.
Because Router 3 has sent the label (20), the router knows that any MPLS frame coming in with the
label (20) is destined for a network that is terminated from it. Router 3 removes the label (20) from
the frame, does a Layer 3 look up, and routes the packet to its destination.

Scalable IP Networks v2.01 Module 7 - 8


MPLS Basics (continued)

Ingress Network Egress Interface


Label Label
10 10.1.1.0/24 20 1
10.1.2.0/24

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 9 All rights reserved 2008 Alcatel-Lucent

The previous slide described the LDP session between Router 2 and Router 3.
In this slide, LDP is enabled on Router 1. Router 1 now sets up a peering session with Router 2. Router
2 sends a label to Router 1 to represent the networks that Router 2 sees behind Router 1. In this case,
Router 2 sends a label with a value of 10 to Router 1 to represent the 10.1.1.0/24 and 10.1.2.0/24
networks.
Note that the label that is sent to Router 1 is not the same label that Router 2 received from Router 3.
Labels are only locally significant.
When receiving a packet destined for the 10.1.1.0/24 or 10.1.2.0/24 network, Router 1 pushes a label
(10) onto the packet and sends it to Router 2.
At this point Router 2s function has changed. Now, when it receives an MPLS frame with a label (10) it
swaps (switches) out the label (10), replaces it with the label (20), and sends it to Router 3.
Router 3s function remains the same. Router 3 removes the label (20) and routes the packet to its
destination.

Scalable IP Networks v2.01 Module 7 - 9


MPLS Basics (continued)

Network Label Interface Label


10.1.1.0/24
10 1 20 Route
10.1.2.0/24

Ingress Network Egress Interface


Label Label
10 10.1.1.0/24 20 1
10.1.2.0/24

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 10 All rights reserved 2008 Alcatel-Lucent

This slide shows the complete LSP setup from Router 1 to Router 3. Router 1s function is to perform a
Layer 3 lookup, and if the packet is destined for one of the networks supported by Router 3, Router 1
pushes (encapsulates the packet in an MPLS frame) the appropriate label onto the packet. This is the
function of an LER.
When Router 2 receives the MPLS frame, it examines the label, swaps the label for the appropriate
egress label, and sends the frame out the appropriate interface to its destination. Router 2 now
functions as an LSR and is basically a Layer 2 switch function.
When receiving the MPLS frame, Router 3 examines the label and pops (removes the packet from the
MPLS frame) the label, performs a Layer 3 lookup, and routes the packet to the appropriate network.
Note that LSPs are unidirectional. For bidirectional communications, an additional LSP must be set up
in the opposite direction.

Scalable IP Networks v2.01 Module 7 - 10


Service Building Blocks MPLS Fundamentals

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 11 All rights reserved 2008 Alcatel-Lucent

The encapsulation by the MPLS label of the Layer 2 header that is received from the CE device
depends on whether a Layer 2 or Layer 3 VPN service is offered by the carrier. This is discussed later in
this module.
In an MPLS network, the first PE router is called the Ingress Label Edge Router (iLER). The iLER
encapsulates the customer PDU with an MPLS label.
The intermediate routers, which are usually P routers, are called Label Switching Routers (LSRs). LSRs
make switching decisions that are based on the MPLS label. The LSR reads the label in the incoming
MPLS frame, makes a switching decision, swaps the label, and then transmits the MPLS frame out the
appropriate port.
The last PE router on the LSP is the Egress Label Edge Router (eLER). The eLER is the termination point
of the LSP, or the end of the tunnel. The egress LER removes the MPLS label and forwards the
customer PDU to the CE device.

Packet walkthrough
In this slide, CE1 sends a data frame towards CE2. On an Ethernet interface, this is a normal IP
datagram that is encapsulated in Ethernet. CE1 is not aware of the MPLS LSP that originates on PE1.
The packet that is sent from CE1 to PE1 is unlabeled because the packet does not contain an MPLS
label.
When the packet reaches PE1, an MPLS label is applied to the frame. This label corresponds to the LSP
that ends on PE2. The MPLS label encapsulates the unlabeled packet that was received from CE1. The
labeled MPLS packet is then sent along the LSP to P2.
P2 processes the MPLS packet and checks its MPLS table to perform a label swapping operation. It
reads label value 101, performs a table lookup, switches the packet out of the appropriate interface
to P3, and applies the label value of 96.
P3 performs a similar label swap operation and switches the MPLS packet out from its interface to PE2
with the label value 101. Note that, by coincidence, this is the same label value that is used by PE1.
However, this is not a problem because labels are locally significant to the router.
When PE2 receives the labeled packet, PE2 performs a lookup on the received label value of 101.
Because P2 is an edge router that is directly connected to CE2, PE2 strips the MPLS label and then
forwards the unlabeled packet to CE2. As with CE1, CE2 is totally unaware of the LSP through the
provider core. CE2 receives the same PDU as though CE1 and CE2 were directly connected.

Scalable IP Networks v2.01 Module 7 - 11


Services Building Blocks - MPLS Fundamentals (continued)

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 12 All rights reserved 2008 Alcatel-Lucent

Because MPLS tunnels are unidirectional, two LSPs are required for bidirectional communication.
Therefore, traffic that is sent between two customer sites may follow different paths over the
network.
The LSP is defined by the labels that are used to switch along the path. These labels may be
configured statically, but are usually signaled dynamically with an MPLS label signaling protocol.
Because MPLS labels are locally significant to the router, two routers on the LSP can use the same
label for the same or different LSPs.

Scalable IP Networks v2.01 Module 7 - 12


MPLS

An MPLS path is defined by the labels used to switch along


the path
Two protocols are available to dynamically signal labels: LDP
and RSVP
LDP always follows the path chosen by the IGP
y An MPLS node distributes labels to all its neighbors
y The MPLS node selects the next-hop neighbor according to the
IGP and uses the label from that next-hop neighbor
RSVP LSPs may follow IGP or may take other paths
y Path can be explicitly specified
y Path can be chosen using a traffic engineering-enabled routing
protocol
y Additional paths can be created for redundancy

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 13 All rights reserved 2008 Alcatel-Lucent

An MPLS path is defined by the labels that are used to switch along the path. The egress router of the
LSP signals the label that should be used for the LSP to the next upstream router. The upstream router
will transmit data; data flows from upstream to downstream. The two protocols that are available to
dynamically signal labels are: LDP and RSVP.

MPLS and LDP


When LDP is the label signaling protocol, the LSP always follows the path chosen by the Interior
Gateway Protocol (IGP). An LSR that has LSPs passing through or ending on the router distributes a
label for each LSP to all its LDP neighbors. An upstream router may receive labels for a specific LSP
from multiple neighbors and chooses the downstream router to use based on the next hop that is
determined by the IGP. This means that the next-hop LSR for the LSP is the same as the next-hop
router that is chosen by the IGP; the label that is used is the one signaled by that neighbor.

MPLS and RSVP


When RSVP is the label signaling protocol, labels are specifically requested by the ingress router for
the LSP. The request travels along the path to the egress LSR, which generates a label for the LSP.
This path may follow the IGP, in which case the path will be the same as the one used by LDP. A
second option is that the path of the LSP may be explicitly specified, partially or completely. A third
option is that a traffic engineering-enabled routing protocol will be used to choose a path that meets
some specific constraints.
The RSVP also allows additional, redundant paths to be created that can be used for fast failover if the
original LSP fails. The services that are transported over an LSP are then protected so that a failover
to the backup LSP can be performed much more quickly than when only the IGP is relied on.

Scalable IP Networks v2.01 Module 7 - 13


VPN Services

Service routers allow service providers to offer simple, transparent


L2 and L3 VPNs to customers over the service providers existing
IP/MPLS networks
The 7750 SR offers the following L2 and L3 VPN services:
y VPWS
Provides L2 point-to-point service
Emulates a single leased line or circuit between two locations
Supports Ethernet, frame relay, and ATM encapsulation
y VPLS
Provides L2 multipoint service
Emulates a simple L2 LAN switch between two or more locations
y VPRN
Provides L3 service
Emulates a simple IP router between two or more sites

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 14 All rights reserved 2008 Alcatel-Lucent

Service routers use MPLS to provide a variety of VPN services over their core IP/MPLS network. The
service provider can offer simple, transparent Layer 2 and Layer 3 VPN services to multiple customers
over a single network. Three types of services are supported: VPWS, VPLS and VPRN.

Virtual Private Wire Service


Virtual Private Wire Service (VPWS) is a simple Layer 2 service that emulates a single leased line or
circuit between two locations. The customer has no knowledge of the service provider network; the
service acts as a simple point-to-point connection between customer sites. The VPWS can emulate an
Ethernet connection (epipe), a frame relay connection (fpipe), or an ATM connection (apipe). The
Layer 2 frames of customer data are encapsulated in MPLS labels and tunneled across the service
provider network.

Virtual Private LAN Service


Virtual Private LAN Service (VPLS) is a Layer 2 multipoint service that can be used to interconnect
more than two customer locations. From the customers perspective, VPLS looks as though a simple
Layer 2 LAN switch exists between the different customer locations. The Ethernet frames of customer
data are encapsulated in MPLS labels and tunneled across the service provider network.

Virtual Private Routed Network


Virtual Private Routed Network (VPRN) is a Layer 3 service that makes the service provider network
appear as a simple IP router that connects two or more customer locations. The VPRN allows the CE
devices to exchange route information with the VPRN as if it were an IP router. The IP packets
containing customer data are encapsulated in MPLS labels and tunneled across the service provider
network.

Scalable IP Networks v2.01 Module 7 - 14


VPWS Ethernet Encapsulation

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 15 All rights reserved 2008 Alcatel-Lucent

A VPWS is a simple point-to-point service, emulating a simple Layer 2 connection between two
customer locations. The customer frame is not checked and MAC learning is not performed by the
VPWS. The customer Layer 2 frames are encapsulated in MPLS labels and switched across the service
provider network.
Service access points (SAPs) are defined on the PE devices that face the customer device. The SAPs
represent the customer access to the service. Multiple SAPs may be defined on the same physical port
and may be used for different services.
Service distribution points (SDPs) are defined on the service provider network side and define the
connection of the service to an MPLS transport tunnel. Many services can be bound to one SDP.
The concepts of SDP and SAP are further discussed in the Alcatel-Lucent Services course.

Scalable IP Networks v2.01 Module 7 - 15


VPWS Ethernet Encapsulation (continued)

PE2 strips the MPLS label


PE2 then looks at the service label to determine which service the
frame belongs to
PE2 then makes the appropriate forwarding decision for the
destination customer site

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 16 All rights reserved 2008 Alcatel-Lucent

The ingress PE receives customer data on a SAP that is associated with a specific service. The SAP may
be a port, a port with a specific VLAN tag in the case of an Ethernet port, or a port with a specific
circuit ID in the case of ATM or frame relay.
The customer data is encapsulated with a service label by the ingress PE. Because many services may
be configured on the PE, the service label identifies the specific service that the data belongs to. The
service label value is signaled to the ingress PE by the egress PE when the service is initialized.
After the data is encapsulated with the service label, the data must be forwarded over the correct SDP
that is defined by the service. A second, outer label is added to the data. This label identifies the LSP
that will be used to transport the MPLS packet to the far end of the tunnel the egress PE device. The
data is label switched along the LSP using this outer label.
The egress PE removes the MPLS-encapsulated data from the SDP. The inner, service label is used to
identify the service that the data belongs to and, after the labels are removed, the data is transmitted
on the appropriate SAP for the service. In other words, the service label is used to demultiplex the
data from the SDP to the appropriate service.
CE devices are never aware of SDPs and SAPs. The CE devices transmit to the ingress PE device,
possibly using a specific VLAN tag, and then receive an unlabeled packet from the egress PE device.

Scalable IP Networks v2.01 Module 7 - 16


VPLS

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 17 All rights reserved 2008 Alcatel-Lucent

A VPLS is similar to a VPWS, with SAPs to provide customer access and SDPs to provide the transport
connection across the network to the remote PEs of the service. However, a VPLS is a multipoint
service that supports multiple access points (as opposed to a VPLS, which is only point-to-point with
two access points). A VPLS acts as a logical Layer 2 switch that connects all of the CE devices that are
attached to the service.

Scalable IP Networks v2.01 Module 7 - 17


VPLS (continued)

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 18 All rights reserved 2008 Alcatel-Lucent

Because a VPLS emulates a switched Ethernet service, a MAC address forwarding database (FDB) must
be maintained for each VPLS. When a unicast frame with an unknown source address arrives on a SAP
or an SDP, the VPLS learns the address, in the same way that an Ethernet switch learns a MAC address
on its ports. The VPLS FDB associates MAC addresses with SAPs and SDPs, but is otherwise similar to an
Ethernet switch.
When an Ethernet frame arrives on a SAP or an SDP, a lookup is performed in the FDB for the
destination address. If there is an entry for the address, the frame is forwarded to the appropriate SAP
or SDP. If there is no entry for the address, the frame is flooded to all other SAPs and SDPs, which is
similar to the flooding of an unknown frame on an Ethernet switch.

Scalable IP Networks v2.01 Module 7 - 18


VPRN

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 19 All rights reserved 2008 Alcatel-Lucent

A VPRN is a class of VPN that allows the connection of multiple sites in a routed domain over a service
provider IP/MPLS network. VPRN is a Layer 3 service (as opposed to VPWS and VPLS, which are Layer 2
services).
From the customers perspective, all of the sites appear to be connected to a private routed network
that is administered by the service provider for that customer only. Each PE router providing VPRN
services maintains a separate IP forwarding table for each VPRN. Each customer of the service provider
has their own private IP address space and, therefore, may have overlapping IP addresses.
The VPRN service uses VPN Routing and Forwarding Instances (VRFs) within the PE device to maintain
forwarding information on a per-customer basis. A VRF is a logical private forwarding (routing) table
that securely isolates the routing information of one customer from the next customer, and also from
the routes of the provider core network. Each PE maintains multiple separate VRFs that are based on
the number of distinct VPRN services that the PE supports.
Each CE router becomes a routing peer of the provider PE router that it is directly connected to.
Routes are exchanged between the CE and the PE routers. The PE devices in a VPRN service exchange
routes with each other so that the routes can be transmitted to the remote CE devices of the
customer.
The transport of customer data is similar to a VPWS or VPLS, except that the Layer 2 headers are
removed and the IP datagrams are encapsulated with the MPLS headers. Customer data arrives at a
VPRN SAP, is encapsulated with an inner service label and an outer transport label, and is then carried
across the network using MPLS.

Scalable IP Networks v2.01 Module 7 - 19


7750 SR and 7450 ESS Services Overview

Module Summary and Learning Assessment


Module Summary

After the successful completion of this module, you should be


able to:
Describe the different types of routers and their function in a
VPN services-based network
Describe the concept of tunneling and its role in providing
VPN services
Describe how MPLS can be used as a method of tunneling and
label switching
Describe the three major VPN services - VPWS, VPLS, and
VPRN
Describe SAPs, SDPs, and their application to VPN services

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 21 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 7 - 21


Learning Assessment

CE routers reside on customer premises and are unaware of VPN


services provided to the customer by carrier PE routers
P Routers make up the service providers core network and are
concerned with switching labeled packets across the network
Tunneling allows a service provider to transparently transport a
customers traffic though an IP/MPLS network
MPLS employs label switching as a method of tunneling
There are three major VPN services, VPWS, VPLS, and VPRN
VPWS is a layer 2 point to point service that supports Ethernet,
frame relay or ATM connections
VPLS is a layer 2 Ethernet multipoint service that emulates an
Ethernet switch

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 22 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 7 - 22


Learning Assessment (continued)

VPRN is a layer 3 routed VPN service over a service providers


existing IP / MPLS network
MPLS transport tunnel labels are swapped by the service
provider routers along an MPLS path as the customer data
traverses the MPLS nework.
MPLS service labels are inner labels negotiated by the PE
routers of the service and remain constant as the traffic
traverses the MPLS network

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 23 All rights reserved 2008 Alcatel-Lucent

Scalable IP Networks v2.01 Module 7 - 23


LAB 6 - Services

Alcatel-Lucent Scalable IP Networks v2.01 Module 7 | 24 All rights reserved 2008 Alcatel-Lucent

See the Alcatel-Lucent IP Scalable Networks Lab Guide

Scalable IP Networks v2.01 Module 7 - 24


www.alcatel-lucent.com

3HE-02767-AAAA-WBZZA Edition 02