Chapter 4: Network Layer

r 4. 1 Introduction r 4.5 Routing algorithms

r 4.2 Virtual circuit and m Link state

datagram networks m Distance Vector

m Hierarchical routing
r 4.3 What’s inside a
router r 4.6 Routing in the
r 4.4 IP: Internet
Internet
RIP
Protocol m
m OSPF
m Datagram format
m BGP
m IPv4 addressing
m ICMP r 4.7 Broadcast and
m IPv6 multicast routing
 Hierarchical OSPF
Perhaps some routers don’t need to know about every link.

r two-level hierarchy: local area,

E backbone.
m Link-state advertisements
C only within the area
H m each nodes has detailed
G knowledge of its area
topology
A r area border routers:
“summarize” distances to nets in
own area, advertise to other
Area Border routers.
r backbone routers: run OSPF
routing limited to backbone.
r boundary routers: connect to
other AS’s.

•ABR C announces link C<->A to Area 1

•ABR C announces link C<->E to Backbone
•ABR C announces a summary of Area 1 to the Backbone
•ABR C announces a summary of the Backbone and other areas to Area 1
•C learns about other areas from the other ABR
•……
Area Border Router Summaries
Should the summaries include reachbility information or path metrics?

•Routers in area 1 do not need to

C know about the paths used to
H reach destinations in other areas
G •They only need to know that
they can be reached.
•In this case, reachbility
information is sufficient to
compute optimal routes
•i.e., the ABR only announces
which destinations it can reach.
•However, no one would make a
topology as shown in the figure
•Why?
•If a single key links break or
router crashes, the network
would be partitioned (and the
network designer would be fired)
Area Border Router Summaries
e.g., if summaries only include reachbility information

area border router

E
F
C
G
A

B
D

•ABR C announces to Area 1 that it can reach Area 2 in 1 hops (and

includes a list of destinations in Area 2)
•ABR F announces to Area 1 that it can reach Area 2 in 0 hops
•Router A determines the path to D as follows
•The path to Area 2 via F is 2 hops (2 to reach F and then 0
more to Area 2)
•The path to Area 2 via C is 2 hops (1 to C and then 1 more to
Area 2)
•Either path is good to reach D
•However, the path via F is better. A does not have sufficient
information to determine this.
Area Border Router Summaries
•In this case, reachability
area border router information is not enough to
E compute optimal routes.
F
•Therefore, ABRs provide
C distance vector type information,
G i.e., which destinations can be
reached and the cost to reach
A them

B
•Notice the C does not announce the
D link CG to Area 1.
•Notice that C gets a summary from G,
which is distances to destinations, like
distance vector.
•ABR G tells all routers in the Backbone that it can reach D in 2 hop. •C uses the distances from G to
•ABR F tells all routers in the Backbone that it can reach D in 1 hops
•ABR C tells all routers in Area 1 that it can reach D in 3 hops
determine its distances.
•ABR F tells all routers in Area 1 that it can reach D in 1 hop •C announces these distances to Area 1
•A decides B is the best next hop toward D •This is like a one hop distance vector
protocol
Area Border Router Summaries
The backbone is completely connected
because each router essentially sends
area border router
distance vector updates directly to its
E neighbor
F F
A in 1 hop A in 4 hop
C B in 2 hops
…
2 1 B in 5 hops
…
… 3 …
G
C 2
A 1 G
A in 2 hop
B in 3 hops
… Area 3
…
B Area 1
Area 2
D

•This is like a one hop distance

vector protocol
•Convergence time: 1
•Loops are not possible
Chapter 4: Network Layer
r 4. 1 Introduction r 4.5 Routing algorithms
r 4.2 Virtual circuit and m Link state

datagram networks m Distance Vector

m Hierarchical routing
r 4.3 What’s inside a
router r 4.6 Routing in the
r 4.4 IP: Internet
Internet
RIP
Protocol m
m OSPF
m Datagram format
m BGP
m IPv4 addressing
m ICMP r 4.7 Broadcast and
m IPv6 multicast routing
Recall: Subnets 223.1.1.2

223.1.1.1 223.1.1.4

223.1.1.3

223.1.9.2 223.1.7.0

223.1.9.1 223.1.7.1
223.1.8.1 223.1.8.0

223.1.2.6 223.1.3.27

223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2

IP addressing: CIDR
CIDR: Classless InterDomain Routing
m subnet portion of address of arbitrary length
m address format: a.b.c.d/x, where x is # bits in
subnet portion of address

Subnet part or host

CIDR-block part
11001000 00010111 00010000 00000000
200.23.16.0/23
IP addresses: how to get one?
Q: How does network get subnet part of IP
addr?
A: gets allocated portion of its provider ISP’s
address space
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23

Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23
Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23
... ….. …. ….
Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23
Hierarchical addressing: route aggregation
Hierarchical addressing allows efficient advertisement of routing
information:

Organization 0
200.23.16.0/23
Organization 1
“Send me anything
200.23.18.0/23 with addresses
Organization 2 beginning
200.23.20.0/23 . ISP1 200.23.16.0/20”
.
. .
. Internet
Organization 7 . Border Router
200.23.30.0/23
“Send me anything
ISP2
with addresses
beginning
199.31.0.0/16”

This way, the whole 32 bit address does not need to be examined
Hierarchical addressing: more specific
routes
ISP2 has a more specific route to Organization 1
Organization 0
200.23.16.0/23

“Send me anything
with addresses
Organization 2 beginning
200.23.20.0/23 . ISP1 200.23.16.0/20”
.
. .
. Internet
Organization 7 . Border Router
200.23.30.0/23
“Send me anything
ISP2 with addresses
Organization 1 beginning 199.31.0.0/16
or 200.23.18.0/23”
200.23.18.0/23
Longest prefix matching
Border Router Forwarding Table

Prefix Match Link Interface

200.23.16.0/20 0
200.23.18.0/23 1
199.31.0.0/16 1
otherwise 2

If a packet with destination address 200.23.18.12 arrives at the boarder

router, then is it forwarding to interface 0 or 1?
Since interface 1 has a longer match, it goes to interface 1
A Problem with Longest Match and subnetting
In order to improve reliability, organization 7 has a backup link with ISP1.
This way, if ISP1 has problems or ISP1’s provider has problems, then
organization 7 is still reachable.
Will this work?

Organization 0
200.23.16.0/23
Organization 1
“Send me anything
200.23.18.0/23 with addresses
Organization 2 beginning
200.23.20.0/23 . ISP1 ……”
.
. .
. Internet
Organization 7 . Border Router
200.23.30.0/23
“Send me anything
ISP2
with addresses
beginning
…..
Hierarchical Routing
Our routing study thus far has been an idealization
r all routers identical
r network “flat”
… not true in practice

scale: with 200 million destinations: administrative autonomy

r can’t store all dest’s in routing tables!
m Memory for address table must be very fast
• How fast? How long can an address lookup
take on a 10GBit interface?
• E.g., 64B/1010=50nsec
r routing table exchange would swamp links!
m There are ~ 1 million links
m If link state was flooded every 30
minutes seconds and each link state is
20B, then each router receives and
processes 100kbps in link
announcements
m But, perhaps, only changes in link state
could be distributed.
r internet = network of networks
r each network admin wants to control
routing in its own network
m ATT does not want Sprint to know what
their topology is
• Trade secret
• Improves security
m ATT wants to select a routing protocol and
parameters without getting Sprint’s
permission
Hierarchical Routing
r aggregate routers into regions,
“autonomous systems” (AS) Gateway router
r Single administrative domain r Direct link to router in another
AS
r Routers in the same AS run same
routing protocol r Gateway routers run a common
inter-networking routing protocol
m “intra-AS” routing protocol
m routers in different AS can run
different intra-AS routing
protocol
r An ISP may be made of 1 or more
ASs
m ATT-USA = 1 AS and ATT-Europe
is another
m Some stub networks are an AS
• UD is an AS
• Some companies have routers but
are not ASs
r ASs have their own number,
assigned by ICANN
r There are ~50K ASs
Simple example
Connections to other ASs and the rest of the Internet

AS2
Service provider of AS1 (e.g., AS1=UD and AS2=cogent)
E
(Recall that ASs (ISPs) sometimes
meet at NAPs. E.g., google: MAE-East)
An AS could also meet its provider at
The rest of the internet a POP.

Stub network (at the edge of the network)

These tables are made with
RIP, OSPF, ISIS, etc
1
Forwarding table
B Prefix
Forwarding table 3 10.1.1.0/24 3
Prefix
10.1.1.0/24
Interface
4
2 10.1.2.0/24 3
10.1.4.0/22 2
10.1.2.0/24 3
2
AS1
10.1.4.0/22
1
4 C
2
10.1.1.0/24 3 1 Forwarding table
Prefix Interface
3 10.1.1.0/24 3
A 10.1.2.0/24 3
10.1.2.0/24 2 10.1.4.0/22 2
10.1.4.0/22
 Q: How can routers in AS1 know
where to send pkts with
destination not in AS1?
A: Easy, if a pkt is for an “unknown”
address, then send it to B.
Specifically, B advertises a link
to prefix 0.0.0.0/0
AS2 This is called a default route,
Service provider of AS1 (e.g., AS1=UD and AS2=cogent)
E and it can be statically set (no
need for any routing protocol
beside OSPF)
The rest of the internet

Stub network (at the edge of the network)

These tables are made with
RIP, OSPF, ISIS, etc
1
Forwarding table
B Prefix
Forwarding table
Prefix Interface
3 10.1.1.0/24 3
10.1.1.0/24 4 2 10.1.2.0/24 3
3 10.1.4.0/22 2
10.1.2.0/24
2 0.0.0.0/0 1
10.1.4.0/22
0.0.0.0/0 1
1 AS1
4 C
2
10.1.1.0/24 3 1 Forwarding table
Prefix Interface
3 10.1.1.0/24 3
A 10.1.2.0/24 3
10.1.2.0/24 2 10.1.4.0/22 2
0.0.0.0/0 1
10.1.4.0/22
We need to put prefixes 1.1.0.0/16, 1.2.0.0/16, 2.2.0.0/16 in the forwarding tables

How to get there?

1. B must learn from E that 1.1.0.0/16 and 1.2.0.0/16 are reachable through E
2. A must learn that 2.2.0.0/16 is reachable through D
3. B and A must distribute this information throughout AS1
Steps 1 and 2 need a exterior inter-networking routing protocol
Step 3 needs an interior inter-networking routing protocol
EBGP and IBGP – border gateway routing protocol can accomplish this

to the rest of
the Internet
1.2.0.0/16

1.1.0.0/16 AS2 E

These tables are made with RIP, OSPF, ISIS, etc

1
B Forwarding table
Prefix
Forwarding table
3 2 10.1.1.0/24 3
Prefix Interface 10.1.2.0/24 3
10.1.1.0/24 4 2
10.1.4.0/22
10.1.2.0/24 3
10.1.4.0/22 2
AS1
4 C 1
2
10.1.1.0/24 3
1 Forwarding table
3 Prefix Interface

10.1.1.1/24
A 10.1.1.0/24 3
3
10.1.2.0/24
2 4 10.1.4.0/22 2
10.1.4.0/22

D
AS3 2.2.0.0/16
Interconnected ASes

3c
3a 2c
3b 2a
AS3 2b
1c AS2
1a 1b
1d AS1
r forwarding table
configured by both
intra- and inter-AS
Intra-AS
Routing
Inter-AS
Routing routing algorithm
intra-AS sets entries
algorithm algorithm
m
Forwarding for internal dests
inter-AS & intra-As
table
m
sets entries for
external dests
 Example: Setting forwarding table in router 1d

r suppose AS1 learns (via inter-AS protocol) that subnet x is reachable via AS3
(gateway 1c) but not via AS2.
r inter-AS protocol propagates reachability info to all internal routers.
r router 1d determines from intra-AS routing info that its interface I is on the least
cost path to 1c.
m installs forwarding table entry (x,I)
r Alternatively, 1d has two table entries
m One entry says x is reachable via 1c (determined by IBGP)
m A second entry says which is the next hop to reach 1c (determined by intra-routing protocol)

x
3c
3a 2c
3b 2a
AS3 2b
1c AS2
1a 1b AS1
1d
Example: Choosing among multiple ASes
r now suppose AS1 learns from inter-AS protocol that subnet x
is reachable from AS3 and from AS2.
r to configure forwarding table, router 1d must determine
towards which gateway it should forward packets for dest x.
m this is also job of inter-AS routing protocol!
m If both gateways are equivalent, then the intra-AS routing
protocol will route packets to the best gateway
• This is called hot potato routing: send packet towards closest of two
routers.

x
3c
3a 2c
3b 2a
AS3 2b
1c AS2
1a 1b
1d AS1
Hot Potato Routing

128.4.0.0/16
AS1

A B
AS2

Pkt arrives with dest in 124.4.0.0/16

•AS2 could give send the pkt to gateway B – hot potato routing.
•But AS1 would prefer AS2 to carry its own traffic.
•So AS1 might require that AS2 gives higher priority to gateway A.
•But how can AS1 enforce AS2 to do this?
Example: Choosing among multiple ASes
r now suppose AS1 learns from inter-AS protocol that
subnet x is reachable from AS3 and from AS2.
r to configure forwarding table, router 1d must
determine which gateway it should forward packets
for dest x.
m this is also job of inter-AS routing protocol!
r hot potato routing: send packet towards closest of
two routers.

Use routing info Determine from

Learn from inter-AS Hot potato routing: forwarding table the
from intra-AS
protocol that subnet Choose the gateway Interface that leads
protocol to determine
x is reachable via that has the to least-cost gateway.
costs of least-cost
multiple gateways least cost Enter (x,I) in
paths to each
of the gateways forwarding table
Internet inter-AS routing: BGP

r BGP (Border Gateway Protocol): the de

facto standard
r BGP provides each AS a means to:
1. Obtain subnet reachability information from
neighboring ASs.
2. Propagate reachability information to all AS-
internal routers.
3. Determine “good” routes to subnets based on
reachability information and policy.
r allows subnet to advertise its existence to
rest of Internet: “I am here”
BGP basics
r pairs of routers (BGP peers) exchange routing info
over semi-permanent TCP connections: BGP sessions
m BGP sessions need not correspond to physical
links.
r when AS2 advertises a prefix to AS1:
m AS2 promises it will forward datagrams towards
that prefix.
m AS2 can aggregate prefixes in its advertisement
• But this can cause problems when some prefixes have
backup links
eBGP session
3c iBGP session
3a 2c
3b 2a
AS3 2b
1c AS2
1a 1b
AS1 1d
Distributing reachability info
r using eBGP session between 3a and 1c, AS3 sends
prefix reachability info to AS1.
m 1c can then use iBGP do distribute new prefix
info to all routers in AS1
m 1b can then re-advertise new reachability info
to AS2 over 1b-to-2a eBGP session
r when router learns of new prefix, it creates entry
for prefix in its forwarding table.

eBGP session
3c iBGP session
3a 2c
3b 2a
AS3 2b
1c AS2
1a 1b
AS1 1d
Aggregation Problem
1.1.1.0/24

1.1.0.0/22 1.1.0.0/22
1.1.2.0/24
ISP
ISP
1.1.3.0/24 ISP
Y
W

1.1.4.0/24
1.1.4.0/24 1.1.4.0/24

ISP ISP
ISP ISP X

From ISP W, the next hop to 1.1.4.0/24 is X, it should be Y

Path attributes & BGP routes
r advertised prefix includes BGP attributes.
m prefix + attributes = “route”
r two important attributes:
m AS-PATH: contains ASs through which prefix
advertisement has passed: e.g, AS 67, AS 17, …
m NEXT-HOP: indicates specific internal-AS router
to next-hop AS. (there may be multiple routers
with links from current AS to next-hop-AS. Each
router can advertise the path)
r when gateway router receives route
advertisement, uses import policy to
accept/decline.
BGP route selection
r router may learn about more than 1 route
to some prefix. Router must select route.
r elimination rules:
1. local preference value attribute: policy
decision
2. shortest AS-PATH
3. closest NEXT-HOP router: hot potato routing
4. additional criteria
BGP messages
r BGP messages exchanged using TCP.
r BGP messages:
m OPEN: opens TCP connection to peer and
authenticates sender
m UPDATE: advertises new path (or withdraws old)
m KEEPALIVE keeps connection alive in absence of
UPDATES; also ACKs OPEN request
m NOTIFICATION: reports errors in previous msg;
also used to close connection
r TCP reset security risk
 BGP routing policy
legend: provider
B network
X
W A
customer
C network:

r A,B,C are provider networks

r X,W,Y are customer (of provider networks)
r X is dual-homed: attached to two networks
m X does not want to route from B via X to C
m .. so X will not advertise to B a route to C
 BGP routing policy (2)
legend: provider
B network
X
W A
customer
C network:

r A advertises path AW to B
r B advertises path BAW to X
r Should B advertise path BAW to C?
m No way! B gets no “revenue” for routing CBAW
since neither W nor C are B’s customers
m B wants to force C to route to w via A
m B wants to route only to/from its customers!
 BGP route processing

r BGP advertises and withdraws paths with the UPDATE message

r UPDATE has three fields
m Router to withdraw
m Attributes of routes to prefixes in NLRI
m NLRI
r The NLRI is a list of prefixes that the list of attributes applies to. If two prefixes
have different attributes, then these two prefixes need to be announced with
different UPDATE messages.
r In OSPF each path is a list of routes and a total cost (two attributes). In BGP, routes
have many attributes, the cost (in AS hops) is only one of the attributes

configuration configuration

from input routing output

to
peers policy routing table policy
engine decision engine peers
 RIBs
r Routing information base (RIB) – a list of routes (including attributes)
m Adj-RIB-In: RIB learned from neighbor (many of these)
m Adj-RIB-Out: RIB to be sent to neighbor (many of these)
m Loc-RIB: RIB for local use (only one of these)

peer Adj-rib-in Adj-rib-out peer

peer Adj-rib-in Adj-rib-out peer

Input Input
BGP
Policy decision
Loc-RIB Policy
peer Adj-rib-in
engine engine Adj-rib-out peer

Adj-rib-out peer
peer Adj-rib-in
Sample routing environment
•deny 0/0 from AS1
•Give 192.213.1.0/24 from •Do not propagate 0/0
AS3
AS1 AS1 better preference •Do not send 193.214.10.0/24 to AS4
•Accept other routes •Give 192.213.1.0/24 with metric = 10
to AS3
•193.214.10.0/24 path=(AS5, AS2)
•192.213.1.0/24 path=(AS5, AS1)
192.213.1.0/24
metric=10
0/0
input output •172.16.10.0/24 path=(AS5)
decision
policy routes policy
process
engine engine
•172.16.10.0/24 path=(AS5)
•192.213.1.0/24 path=(AS5 AS1)
•Use 0/0 from AS2
192.213.1.0/24 •Use 192.213.1.0/24 from AS1

AS2
193.214.10.0/24
0/0
•Use 193.214.10.0/24 from AS2
•Use 172.16.10.0/24 from AS5 (this
AS4
AS)
Fun with BGP

r Routeviews.org collects and archives BGP

announcements
r One way to use routeviews is with dig
m At the linux prompt
m dig txt 4.128.aspath.routeviews.org
m Outputs various stuff and
• Answer section:
– 4.128.aspath.routeviews.org 600 IN TXT “5056 1238 174 34”
“128.4.0.0” “16”
• Syntax = ASPath “Prefix” “prefix length”
r Now use whois -h whois.arin.net "a ASXX" to learn
about ASs where XX is an AS number. E.g., whois -
h whois.arin.net "a AS34" gives information about
AS34
r Try with some other AS
Check out a collection of path
announcements
r Open bgp030408p39.Partial
m http://www.eecis.udel.edu/~bohacek/Classes/ELEG651Spring2008/bgp030508p39.Partial
m An old (2003) partial list of BGP announcements received by several routers
r Check which ASs peer with UD (ASN 34)
Why different Intra- and Inter-AS routing ?

Policy:
r Inter-AS: admin wants control over how its traffic
routed, who routes through its net.
r Intra-AS: single admin, so no policy decisions needed
Scale:
r hierarchical routing saves table size, reduced update
traffic
Performance:
r Intra-AS: can focus on performance
r Inter-AS: policy may dominate over performance