Chapter 5 - Computer Networking a top-down Approach 7th

Computer
Networking: A Top
Down Approach
A note on the use of these Powerpoint slides:
We’re making these slides freely available to all (faculty, students, readers).
They’re in PowerPoint form so you see the animations; and can add, modify,
and delete slides (including this one) and slide content to suit your needs.
They obviously represent a lot of work on our part. In return for use, we only
ask the following:
 If you use these slides (e.g., in a class) that you mention their source
(after all, we’d like people to use our book!)
 If you post any slides on a www site, that you note that they are adapted
from (or perhaps identical to) our slides, and note our copyright of this
material.
Thanks and enjoy! JFK/KWR
All material copyright 1996-2016
J.F Kurose and K.W. Ross, All Rights Reserved
7th edition
Jim Kurose, Keith Ross
Pearson/Addison Wesley
April 2016
Chapter 5
Network Layer:
The Control
Plane
5-1Network Layer: Control Plane

Chapter 5: network layer control
plane
chapter goals: understand principles behind
network control plane
 traditional routing algorithms
 SDN controlllers
 Internet Control Message Protocol
 network management
and their instantiation, implementation in the
Internet:
 OSPF, BGP, OpenFlow, ODL and ONOS
controllers, ICMP, SNMP

5.1 introduction
5.2 routing protocols
 link state
 distance vector
5.3 intra-AS routing in the
Internet: OSPF
5.4 routing among the
ISPs: BGP
5.5 The SDN control plane
5.6 ICMP: The Internet
Control Message
Protocol
5.7 Network management
and SNMP
Chapter 5: outline

Network-layer functions
 forwarding: move packets
from router’s input to
appropriate router output
data plane
control plane
Two approaches to structuring network control plane:
 per-router control (traditional)
 logically centralized control (software defined networking)
Recall: two network-layer
functions:
 routing: determine route
taken by packets from
source to destination

Per-router control plane
Routing
Algorithm
Individual routing algorithm components in each and every
router interact with each other in control plane to compute
forwarding tables
data
plane
control
plane

data
plane
control
plane
Logically centralized control plane
A distinct (typically remote) controller interacts with local
control agents (CAs) in routers to compute forwarding tables
Remote Controller
CA
CA CA CA CA

5.1 introduction
 link state
 distance vector
Internet: OSPF
ISPs: BGP
Control Message
Protocol
and SNMP
Chapter 5: outline

Routing protocols
Routing protocol goal: determine “good”
paths (equivalently, routes), from sending
hosts to receiving host, through network of
routers
 path: sequence of routers packets will
traverse in going from given initial source
host to given final destination host
 “good”: least “cost”, “fastest”, “least
congested”
 routing: a “top-10” networking challenge!

u
yx
wv
z
2
2
1
3
1
1
2
5
3
5
graph: G = (N,E)
N = set of routers = { u, v, w, x, y, z }
E = set of links ={ (u,v), (u,x), (v,x), (v,w), (x,w), (x,y), (w,y), (w,z), (y,z) }
Graph abstraction of the network
aside: graph abstraction is useful in other network contexts, e.g.,
P2P, where N is set of peers and E is set of TCP connections

Graph abstraction: costs
u
yx
wv
z
2
2
1
3
1
1
2
5
3
5
c(x,x’) = cost of link (x,x’)
e.g., c(w,z) = 5
cost could always be 1, or
inversely related to bandwidth,
or inversely related to
congestion
cost of path (x1, x2, x3,…, xp) = c(x1,x2) + c(x2,x3) + … + c(xp-1,xp)
key question: what is the least-cost path between u and z ?
routing algorithm: algorithm that finds that least cost path

Routing algorithm classification
Q: global or decentralized
information?
global:
 all routers have complete
topology, link cost info
 “link state” algorithms
decentralized:
 router knows physically-
connected neighbors, link
costs to neighbors
 iterative process of
computation, exchange of
info with neighbors
 “distance vector”
algorithms
Q: static or dynamic?
static:
 routes change slowly
over time
dynamic:
 routes change more
quickly
• periodic update
• in response to link
cost changes

5.1 introduction
 link state
 distance vector
Internet: OSPF
ISPs: BGP
Control Message
Protocol
and SNMP
Chapter 5: outline

A link-state routing algorithm
Dijkstra’s algorithm
 net topology, link costs
known to all nodes
• accomplished via “link
state broadcast”
• all nodes have same info
 computes least cost
paths from one node
(‘source”) to all other
nodes
• gives forwarding table for
that node
 iterative: after k
iterations, know least
cost path to k dest.’s
notation:
 c(x,y): link cost from
node x to y; = ∞ if not
direct neighbors
 D(v): current value of
cost of path from source
to dest. v
 p(v): predecessor node
along path from source
to v
 N': set of nodes whose
least cost path
definitively known

Dijsktra’s algorithm
1 Initialization:
2 N' = {u}
3 for all nodes v
4 if v adjacent to u
5 then D(v) = c(u,v)
6 else D(v) = ∞
7
8 Loop
9 find w not in N' such that D(w) is a minimum
10 add w to N'
11 update D(v) for all v adjacent to w and not in N' :
12 D(v) = min( D(v), D(w) + c(w,v) )
13 /* new cost to v is either old cost to v or known
14 shortest path cost to w plus cost from w to v */
15 until all nodes in N'

w3
4
v
x
u
5
3
7 4
y
8
z
2
7
9
Dijkstra’s algorithm: example
Step N'
D(v)
p(v)
0
1
2
3
4
5
D(w)
p(w)
D(x)
p(x)
D(y)
p(y)
D(z)
p(z)
u ∞∞7,u 3,u 5,u
uw ∞11,w6,w 5,u
14,x11,w6,wuwx
uwxv 14,x10,v
uwxvy 12,y
notes:
 construct shortest path tree
by tracing predecessor
nodes
 ties can exist (can be broken
arbitrarily)
uwxvyz

Dijkstra’s algorithm: another
example
Step
0
1
2
3
4
5
N'
u
ux
uxy
uxyv
uxyvw
uxyvwz
D(v),p(v)
2,u
2,u
2,u
D(w),p(w)
5,u
4,x
3,y
3,y
D(x),p(x)
1,u
D(y),p(y)
∞
2,x
D(z),p(z)
∞
∞
4,y
4,y
4,y
u
yx
wv
z
2
2
1
3
1
1
2
5
3
5
* Check out the online interactive exercises for more
examples: http://gaia.cs.umass.edu/kurose_ross/interactive/

Dijkstra’s algorithm: example (2)
u
yx
wv
z
resulting shortest-path tree from u:
v
x
y
w
z
(u,v)
(u,x)
(u,x)
(u,x)
(u,x)
destination link
resulting forwarding table in u:

Dijkstra’s algorithm, discussion
algorithm complexity: n nodes
 each iteration: need to check all nodes, w, not in N
 n(n+1)/2 comparisons: O(n2)
 more efficient implementations possible: O(nlogn)
oscillations possible:
 e.g., support link cost equals amount of carried
traffic:
A
D
C
B
1 1+e
e0
e
1 1
0 0
initially
A
D
C
B
given these costs,
find new routing….
resulting in new costs
2+e 0
00
1+e 1
A
D
C
B
given these costs,
0 2+e
1+e1
0 0
A
D
C
B
given these costs,
2+e 0
00
1+e 1

5.1 introduction
 link state
 distance vector
Internet: OSPF
ISPs: BGP
Control Message
Protocol
and SNMP
Chapter 5: outline

Distance vector algorithm
Bellman-Ford equation (dynamic programming)
let
dx(y) := cost of least-cost path from x to y
then
dx(y) = min {c(x,v) + dv(y) }v
cost to neighbor v
min taken over all neighbors v of x
cost from neighbor v to destination y

Bellman-Ford example
u
yx
wv
z
2
2
1
3
1
1
2
5
3
5
clearly, dv(z) = 5, dx(z) = 3, dw(z) = 3
du(z) = min { c(u,v) + dv(z),
c(u,x) + dx(z),
c(u,w) + dw(z) }
= min {2 + 5,
1 + 3,
5 + 3} = 4
node achieving minimum is next
hop in shortest path, used in forwarding table
B-F equation says:

 Dx(y) = estimate of least cost from x to y
• x maintains distance vector Dx = [Dx(y): y є N ]
 node x:
• knows cost to each neighbor v: c(x,v)
• maintains its neighbors’ distance vectors.
For each neighbor v, x maintains
Dv = [Dv(y): y є N ]

key idea:
 from time-to-time, each node sends its own
distance vector estimate to neighbors
 when x receives new DV estimate from
neighbor, it updates its own DV using B-F
equation:
Dx(y) ← minv{c(x,v) + Dv(y)} for each node y ∊ N
 under minor, natural conditions, the estimate
Dx(y) converge to the actual least cost dx(y)

iterative,
asynchronous: each
local iteration caused
by:
 local link cost change
 DV update message
from neighbor
distributed:
 each node notifies
neighbors only when its
DV changes
• neighbors then notify
their neighbors if
necessary
wait for (change in local link
cost or msg from neighbor)
recompute estimates
if DV to any dest has
changed, notify neighbors
each node:

x y z
x
y
z
0 2 7
∞ ∞ ∞
∞ ∞ ∞
from
cost to
fromfrom
x y z
x
y
z
0
x y z
x
y
z
∞ ∞
∞ ∞ ∞
cost to
x y z
x
y
z
∞ ∞ ∞
7 1 0
cost to
∞
2 0 1
∞ ∞ ∞
2 0 1
7 1 0
time
x z
12
7
y
node x
table
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)}
= min{2+0 , 7+1} = 2
Dx(z) = min{c(x,y) +
Dy(z), c(x,z) + Dz(z)}
= min{2+1 , 7+0} = 3
32
node y
table
node z
table
cost to
from

x y z
x
y
z
0 2 3
from
cost to
x y z
x
y
z
0 2 7
from
cost to
x y z
x
y
z
0 2 3
from
cost to
x y z
x
y
z
0 2 3
from
cost to
x y z
x
y
z
0 2 7
from
cost to
2 0 1
7 1 0
2 0 1
3 1 0
2 0 1
3 1 0
2 0 1
3 1 0
2 0 1
3 1 0
time
x y z
x
y
z
0 2 7
∞ ∞ ∞
∞ ∞ ∞
from
cost to
fromfrom
x y z
x
y
z
0
x y z
x
y
z
∞ ∞
∞ ∞ ∞
cost to
x y z
x
y
z
∞ ∞ ∞
7 1 0
cost to
∞
2 0 1
∞ ∞ ∞
2 0 1
7 1 0
time
x z
12
7
y
node x
table
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)}
= min{2+0 , 7+1} = 2
Dx(z) = min{c(x,y) +
Dy(z), c(x,z) + Dz(z)}
= min{2+1 , 7+0} = 3
32
node y
table
node z
table
cost to
from

Distance vector: link cost changes
link cost changes:
 node detects local link cost
change
 updates routing info,
recalculates
distance vector
 if DV changes, notify neighbors“good
news
travels
fast”
x z
14
50
y
1
t0 : y detects link-cost change, updates its DV, informs its
neighbors.
t1 : z receives update from y, updates its table, computes new
least cost to x , sends its neighbors its DV.
t2 : y receives z’s update, updates its distance table. y’s least costs
do not change, so y does not send a message to z.
* Check out the online interactive exercises for more
examples: http://gaia.cs.umass.edu/kurose_ross/interactive/

Distance vector: link cost changes
link cost changes:
 node detects local link cost
change
 bad news travels slow - “count
to infinity” problem!
 44 iterations before algorithm
stabilizes: see text
x z
14
50
y
60
poisoned reverse:
 If Z routes through Y to get to X :
 Z tells Y its (Z’s) distance to X is infinite (so Y won’t
route to X via Z)
 will this completely solve count to infinity
problem?

Comparison of LS and DV algorithms
message complexity
 LS: with n nodes, E links,
O(nE) msgs sent
 DV: exchange between
neighbors only
• convergence time varies
speed of convergence
 LS: O(n2) algorithm requires
O(nE) msgs
• may have oscillations
 DV: convergence time varies
• may be routing loops
• count-to-infinity problem
robustness: what happens if
router malfunctions?
LS:
• node can advertise
incorrect link cost
• each node computes only
its own table
DV:
• DV node can advertise
incorrect path cost
• each node’s table used by
others
• error propagate thru
network

5.1 introduction
 link state
 distance vector
Internet: OSPF
ISPs: BGP
Control Message
Protocol
and SNMP
Chapter 5: outline

Making routing
scalable
scale: with billions of
destinations:
 can’t store all
destinations in routing
tables!
 routing table exchange
would swamp links!
administrative
autonomy
 internet = network of
networks
 each network admin may
want to control routing in
its own network
our routing study thus far - idealized
 all routers identical
 network “flat”
… not true in practice

aggregate routers into regions known as
“autonomous systems” (AS) (a.k.a. “domains”)
inter-AS routing
 routing among AS’es
 gateways perform inter-
domain routing (as well
as intra-domain
routing)
Internet approach to scalable
routing
intra-AS routing
 routing among hosts,
routers in same AS
(“network”)
 all routers in AS must run
same intra-domain protocol
 routers in different AS can
run different intra-domain
routing protocol
 gateway router: at “edge”
of its own AS, has link(s) to
router(s) in other AS’es 5-32Network Layer: Control Plane

3b
1d
3a
1c
2a
AS3
AS1
AS2
1a
2c
2b
1b
Intra-AS
Routing
algorithm
Inter-AS
Routing
algorithm
Forwarding
table
3c
Interconnected ASes
 forwarding table
configured by both
intra- and inter-AS
routing algorithm
• intra-AS routing
determine entries for
destinations within
AS
• inter-AS & intra-AS
determine entries for
external destinations5-33Network Layer: Control Plane

Inter-AS tasks
 suppose router in AS1
receives datagram
destined outside of
AS1:
• router should forward
packet to gateway
router, but which
one?
AS1 must:
1. learn which dests are
reachable through
AS2, which through
AS3
2. propagate this
reachability info to all
routers in AS1
job of inter-AS routing!
AS3
AS2
3b
3c
3a
AS1
1c
1a
1d
1b
2a
2c
2b
other
networks
other
networks

Intra-AS Routing
 also known as interior gateway protocols
(IGP)
 most common intra-AS routing protocols:
• RIP: Routing Information Protocol
• OSPF: Open Shortest Path First (IS-IS
protocol essentially same as OSPF)
• IGRP: Interior Gateway Routing Protocol
(Cisco proprietary for decades, until 2016)

OSPF (Open Shortest Path First)
 “open”: publicly available
 uses link-state algorithm
• link state packet dissemination
• topology map at each node
• route computation using Dijkstra’s algorithm
 router floods OSPF link-state advertisements to
all other routers in entire AS
• carried in OSPF messages directly over IP (rather
than TCP or UDP
• link state: for each attached link
 IS-IS routing protocol: nearly identical to OSPF

OSPF “advanced” features
 security: all OSPF messages authenticated (to
prevent malicious intrusion)
 multiple same-cost paths allowed (only one path
in RIP)
 for each link, multiple cost metrics for different
TOS (e.g., satellite link cost set low for best
effort ToS; high for real-time ToS)
 integrated uni- and multi-cast support:
• Multicast OSPF (MOSPF) uses same
topology data base as OSPF
 hierarchical OSPF in large domains.

Hierarchical OSPF
boundary router
backbone router
area 1
area 2
area 3
backbone
area
border
routers
internal
routers

 two-level hierarchy: local area, backbone.
• link-state advertisements only in area
• each nodes has detailed area topology; only
know direction (shortest path) to nets in other
areas.
 area border routers: “summarize” distances to
nets in own area, advertise to other Area Border
routers.
 backbone routers: run OSPF routing limited to
backbone.
 boundary routers: connect to other AS’es.
Hierarchical
OSPF

5.1 introduction
 link state
 distance vector
Internet: OSPF
ISPs: BGP
Control Message
Protocol
and SNMP
Chapter 5: outline

Internet inter-AS routing: BGP
 BGP (Border Gateway Protocol): the de facto
inter-domain routing protocol
• “glue that holds the Internet together”
 BGP provides each AS a means to:
• eBGP: obtain subnet reachability information
from neighboring ASes
• iBGP: propagate reachability information to all
AS-internal routers.
• determine “good” routes to other networks based
on reachability information and policy
 allows subnet to advertise its existence to
rest of Internet: “I am here”

eBGP, iBGP connections
eBGP connectivity
iBGP connectivity
1b
1d
1c1a
2b
2d
2c2a
3b
3d
3c3a
AS 2
AS 3AS 1
1c
∂
∂
gateway routers run both eBGP and iBGP protools

BGP basics
 when AS3 gateway router 3a advertises path AS3,X to AS2
gateway router 2c:
• AS3 promises to AS2 it will forward datagrams towards
X
 BGP session: two BGP routers (“peers”) exchange BGP
messages over semi-permanent TCP connection:
• advertising paths to different destination network
prefixes (BGP is a “path vector” protocol)
1b
1d
1c1a
2b
2d
2c2a
3b
3d
3c3a
AS 2
AS 3
AS 1
X
BGP advertisement:
AS3, X

Path attributes and BGP
routes
 advertised prefix includes BGP attributes
• prefix + attributes = “route”
 two important attributes:
• AS-PATH: list of ASes through which prefix
advertisement has passed
• NEXT-HOP: indicates specific internal-AS router to
next-hop AS
 Policy-based routing:
• gateway receiving route advertisement uses import
policy to accept/decline path (e.g., never route
through AS Y).
• AS policy also determines whether to advertise path
to other other neighboring ASes

BGP path advertisement
 Based on AS2 policy, AS2 router 2c accepts path AS3,X,
propagates (via iBGP) to all AS2 routers
1b
1d
1c1a
2b
2d
2c2a
3b
3d
3c3a
AS2
AS3
AS1
X
AS3,X
AS2,AS3,X
 AS2 router 2c receives path advertisement AS3,X (via eBGP)
from AS3 router 3a
 Based on AS2 policy, AS2 router 2a advertises (via eBGP) path
AS2, AS3, X to AS1 router 1c

BGP path advertisement
 AS1 gateway router 1c learns path AS2,AS3,X from 2a
1b
1d
1c1a
2b
2d
2c2a
3b
3d
3c3a
AS2
AS3
AS1
X
AS3,X
AS2,AS3,X
gateway router may learn about multiple paths to destination:
 AS1 gateway router 1c learns path AS3,X from 3a
 Based on policy, AS1 gateway router 1c chooses path AS3,X,
and advertises path within AS1 via iBGP

BGP messages
 BGP messages exchanged between peers over TCP
connection
 BGP messages:
• OPEN: opens TCP connection to remote BGP peer
and authenticates sending BGP peer
• UPDATE: advertises new path (or withdraws old)
• KEEPALIVE: keeps connection alive in absence of
UPDATES; also ACKs OPEN request
• NOTIFICATION: reports errors in previous msg; also
used to close connection

BGP, OSPF, forwarding table
entries
 recall: 1a, 1b, 1c learn about dest X via
iBGP from 1c: “path to X goes through
1c”
1b
1d
1c1a
2b
2d
2c2a
3b
3d
3c3a
AS2
AS3
AS1
X
AS3,X
AS2,AS3,X
 1d: OSPF intra-domain routing: to get to 1c,
forward over outgoing local interface 1
Q: how does router set forwarding table entry to distant prefix?
12
1
2
dest interface
…
…
X
…
…
1
physical link
local link
interfaces
at 1a, 1d

BGP, OSPF, forwarding table
entries
 recall: 1a, 1b, 1c learn about dest X via
iBGP from 1c: “path to X goes through
1c”
1b
1d
1c1a
2b
2d
2c2a
3b
3d
3c3a
AS2
AS3
AS1
X
 1d: OSPF intra-domain routing: to get to 1c,
forward over outgoing local interface 1
Q: how does router set forwarding table entry to distant prefix?
dest interface
…
…
X
…
…
2
 1a: OSPF intra-domain routing: to get to
1c, forward over outgoing local interface
2
1
2

BGP route selection
 router may learn about more than one route
to destination AS, selects route based on:
1. local preference value attribute: policy decision
2. shortest AS-PATH
3. closest NEXT-HOP router: hot potato routing
4. additional criteria

Hot Potato Routing
 2d learns (via iBGP) it can route to X via 2a or 2c
 hot potato routing: choose local gateway that has least
intra-domain cost (e.g., 2d chooses 2a, even though
more AS hops to X): don’t worry about inter-domain cost!
1b
1d
1c1a
2b
2d
2c2a
3b
3d
3c3a
AS2
AS3
AS1
X
AS3,X
AS1,AS3,X
OSPF link weights
201
152
112
263

 A advertises path Aw to B and to C
 B chooses not to advertise BAw to C:
 B gets no “revenue” for routing CBAw, since none of C, A, w
are B’s customers
 C does not learn about CBAw path
 C will route CAw (not using B) to get to w
A
B
C
W
X
Y
legend:
customer
network:
provider
network
Suppose an ISP only wants to route traffic to/from its customer
networks (does not want to carry transit traffic between other ISPs)
BGP: achieving policy via
advertisements

BGP: achieving policy via
advertisements
 A,B,C are provider networks
 X,W,Y are customer (of provider networks)
 X is dual-homed: attached to two networks
 policy to enforce: X does not want to route from B to C via
X
 .. so X will not advertise to B a route to C
A
B
C
W
X
Y
legend:
customer
network:
provider
network
Suppose an ISP only wants to route traffic to/from its customer
networks (does not want to carry transit traffic between other ISPs)

Why different Intra-, Inter-AS routing
?
policy:
 inter-AS: admin wants control over how its traffic
routed, who routes through its net.
 intra-AS: single admin, so no policy decisions
needed
scale:
 hierarchical routing saves table size, reduced
update traffic
performance:
 intra-AS: can focus on performance
 inter-AS: policy may dominate over performance

5.1 introduction
 link state
 distance vector
Internet: OSPF
ISPs: BGP
Control Message
Protocol
and SNMP
Chapter 5: outline

Software defined networking (SDN)
 Internet network layer: historically has been
implemented via distributed, per-router
approach
• monolithic router contains switching hardware,
runs proprietary implementation of Internet
standard protocols (IP, RIP, IS-IS, OSPF, BGP) in
proprietary router OS (e.g., Cisco IOS)
• different “middleboxes” for different network layer
functions: firewalls, load balancers, NAT boxes, ..
 ~2005: renewed interest in rethinking network
control plane

Recall: per-router control plane
Routing
Algorithm
Individual routing algorithm components in each and every
router interact with each other in control plane to compute
forwarding tables
data
plane
control
plane

data
plane
control
plane
Recall: logically centralized control plane
A distinct (typically remote) controller interacts with local
control agents (CAs) in routers to compute forwarding tables
Remote Controller
CA
CA CA CA CA

Why a logically centralized control plane?
 easier network management: avoid router
misconfigurations, greater flexibility of traffic
flows
 table-based forwarding (recall OpenFlow API)
allows “programming” routers
• centralized “programming” easier: compute tables
centrally and distribute
• distributed “programming: more difficult: compute
tables as result of distributed algorithm (protocol)
implemented in each and every router
 open (non-proprietary) implementation of
control plane

Vertically integrated
Closed, proprietary
Slow innovation
Small industry
Specialized
Operating
System
Specialized
Hardware
Ap
p
Ap
p
Ap
p
Ap
p
Ap
p
Ap
p
Ap
p
Ap
p
Ap
p
Ap
p
App
Specialized
Applications
Horizontal
Open interfaces
Rapid innovation
Huge industry
Microprocessor
Open Interface
Linux
Mac
OS
Windows
(OS)
or or
Open Interface
Analogy: mainframe to PC evolution*
* Slide courtesy: N. McKeown 5-60Network Layer: Control Plane

Traffic engineering: difficult traditional
routing
Q: what if network operator wants u-to-z traffic to flow along
uvwz, x-to-z traffic to flow xwyz?
A: need to define link weights so traffic routing algorithm
computes routes accordingly (or need a new routing algorithm)!
Link weights are only control “knobs”: wrong!
2
2
1
3
1
1
2
5
3
5
v w
u z
yx

Traffic engineering: difficult
Q: what if network operator wants to split u-to-z
traffic along uvwz and uxyz (load balancing)?
A: can’t do it (or need a new routing algorithm)
2
2
1
3
1
1
2
5
3
5
v w
u z
yx

yx
wv
z
2
2
1
3
1
1
2
5
3
5
Traffic engineering: difficult
u
v
x
w
y
z
Q: what if w wants to route blue and red traffic
differently?
A: can’t do it (with destination based forwarding, and LS,
DV routing)
Networking 401

data
plane
control
plane
Remote Controller
CA
CA CA CA CA
1: generalized“ flow-
based” forwarding
(e.g., OpenFlow)
2. control,
data plane
separation
3. control plane
functions
external to data-
plane switches
…
4. programmable
control
applications
routing
access
control
load
balance

SDN perspective: data plane switches
Data plane switches
 fast, simple, commodity
switches implementing
generalized data-plane
forwarding (Section 4.4) in
hardware
 switch flow table computed,
installed by controller
 API for table-based switch
control (e.g., OpenFlow)
• defines what is controllable and
what is not
 protocol for communicating
with controller (e.g.,
OpenFlow)
data
plane
control
plane
SDN Controller
(network operating system)
…routing
access
control
load
balance
southbound API
northbound API
SDN-controlled switches
network-control applications

SDN perspective: SDN controller
SDN controller (network
OS):
 maintain network state
information
 interacts with network
control applications “above”
via northbound API
 interacts with network
switches “below” via
southbound API
 implemented as distributed
system for performance,
scalability, fault-tolerance,
robustness
data
plane
control
plane
SDN Controller
…routing
access
control
load
balance
southbound API
northbound API

SDN perspective: control applications
network-control apps:
 “brains” of control:
implement control functions
using lower-level services,
API provided by SND
controller
 unbundled: can be provided
by 3rd party: distinct from
routing vendor, or SDN
controller
data
plane
control
plane
SDN Controller
…routing
access
control
load
balance
southbound API
northbound API

Network-wide distributed, robust state management
Communication to/from controlled devices
Link-state info switch infohost info
statistics flow tables…
…
OpenFlow SNMP…
network
graph intent
RESTful
API
…
Interface, abstractions for network control apps
SDN
controller
routing access
control
load
balance
Components of SDN controller
communication
layer:
communicate
between SDN
controller and
controlled
switches
Network-wide state
management
layer: state of
networks links,
switches, services:
a distributed
database
Interface layer to
network control
apps: abstractions
API

OpenFlow protocol
 operates between
controller, switch
 TCP used to
exchange messages
• optional encryption
 three classes of
OpenFlow
messages:
• controller-to-switch
• asynchronous
(switch to controller)
• symmetric (misc)
OpenFlow Controller

OpenFlow: controller-to-switch
messages
Key controller-to-switch
messages
 features: controller queries
switch features, switch
replies
 configure: controller
queries/sets switch
configuration parameters
 modify-state: add, delete,
modify flow entries in the
OpenFlow tables
 packet-out: controller can
send this packet out of
OpenFlow Controller

OpenFlow: switch-to-controller
messages
Key switch-to-controller messages
 packet-in: transfer packet (and
its control) to controller. See
packet-out message from
controller
 flow-removed: flow table entry
deleted at switch
 port status: inform controller of a
change on a port.
Fortunately, network operators don’t “program” switches
by creating/sending OpenFlow messages directly.
Instead use higher-level abstraction at controller
OpenFlow Controller

statistics flow tables
…
…
OpenFlow SNMP
…
network
graph intent
RESTful
API
…
1
2
3
4 5
Dijkstra’s link-state
Routing
s1
s2
s3
s4
SDN: control/data plane interaction
example
S1, experiencing link failure
using OpenFlow port status
message to notify controller
1
SDN controller receives
OpenFlow message,
updates link status info
2
Dijkstra’s routing algorithm
application has previously
registered to be called when
ever link status changes. It
is called.
3
Dijkstra’s routing algorithm
access network graph info,
link state info in controller,
computes new routes
4

statistics flow tables
…
…
OpenFlow SNMP
…
network
graph intent
RESTful
API
…
1
2
3
4 5
Dijkstra’s link-state
Routing
s1
s2
s3
s4
SDN: control/data plane interaction
example
link state routing app
interacts with flow-table-
computation component in
SDN controller, which
computes new flow tables
needed
5
Controller uses OpenFlow
to install new tables in
switches that need updating
6

topology
manager
Basic Network Service Functions
REST
API
OpenFlow 1.0
… SNMP OVSDB
forwarding
manager
switch
manager
host
manager
stats
manager
Network
service apps
Service Abstraction Layer (SAL)
Access
Control
Traffic
Engineering
…
OpenDaylight (ODL) controller
 ODL Lithium
controller
 network apps may
be contained
within, or be
external to SDN
controller
 Service
Abstraction Layer:
interconnects
internal, external
applications and
services

Network
control apps
…
REST API
ONOS
distributed
core
southbound
abstractions,
protocolsOpenFlow Netconf OVSDB
device link host flow packet
northbound
abstractions,
protocols
Intent
statisticsdevices
hosts
links
paths flow rules topology
ONOS controller
 control apps
separate from
controller
 intent framework:
high-level
specification of
service: what
rather than how
 considerable
emphasis on
distributed core:
service reliability,
replication
performance
scaling

SDN: selected challenges
 hardening the control plane: dependable,
reliable, performance-scalable, secure
distributed system
• robustness to failures: leverage strong theory of
reliable distributed system for control plane
• dependability, security: “baked in” from day one?
 networks, protocols meeting mission-specific
requirements
• e.g., real-time, ultra-reliable, ultra-secure
 Internet-scaling

5.1 introduction
 link state
 distance vector
Internet: OSPF
ISPs: BGP
Control Message
Protocol
and SNMP
Chapter 5: outline

ICMP: internet control message
protocol
 used by hosts & routers
to communicate
network-level
information
• error reporting:
unreachable host,
network, port, protocol
• echo request/reply (used
by ping)
 network-layer “above”
IP:
• ICMP msgs carried in IP
datagrams
 ICMP message: type,
code plus first 8 bytes
of IP datagram causing
error
Type Code description
0 0 echo reply (ping)
3 0 dest. network unreachable
3 1 dest host unreachable
3 2 dest protocol unreachable
3 3 dest port unreachable
3 6 dest network unknown
3 7 dest host unknown
4 0 source quench (congestion
control - not used)
8 0 echo request (ping)
9 0 route advertisement
10 0 router discovery
11 0 TTL expired
12 0 bad IP header

Traceroute and ICMP
 source sends series of
UDP segments to
destination
• first set has TTL =1
• second set has TTL=2, etc.
• unlikely port number
 when datagram in nth
set arrives to nth router:
• router discards datagram
and sends source ICMP
message (type 11, code 0)
• ICMP message include
name of router & IP address
 when ICMP message
arrives, source records
RTTs
stopping criteria:
 UDP segment
eventually arrives at
destination host
 destination returns
ICMP “port
unreachable” message
(type 3, code 3)
 source stops
3 probes
3 probes
3 probes

5.1 introduction
 link state
 distance vector
Internet: OSPF
ISPs: BGP
Control Message
Protocol
and SNMP
Chapter 5: outline

What is network
management?
 autonomous systems (aka “network”): 1000s of
interacting hardware/software components
 other complex systems requiring monitoring, control:
• jet airplane
• nuclear power plant
• others?
"Network management includes the deployment, integration
and coordination of the hardware, software, and human
elements to monitor, test, poll, configure, analyze, evaluate,
and control the network and element resources to meet the
real-time, operational performance, and Quality of Service
requirements at a reasonable cost."

Infrastructure for network
management
managed device
managed device
managed device
managed device
definitions:
managed devices
contain managed
objects whose data
is gathered into a
Management
Information Base
(MIB)
managing
entity data
managing entity
agent data
agent data
network
management
protocol
managed device
agent data
agent data
agent data

SNMP protocol
Two ways to convey MIB info, commands:
agent data
managed device
managing
entity
agent data
managed device
managing
entity
trap msg
request
request/response mode trap mode
response

SNMP protocol: message
types
GetRequest
GetNextRequest
GetBulkRequest
manager-to-agent: “get me data”
(data instance, next data in list, block of data)
Message type Function
InformRequest manager-to-manager: here’s MIB value
SetRequest manager-to-agent: set MIB value
Response Agent-to-manager: value, response to
Request
Trap Agent-to-manager: inform manager
of exceptional event

SNMP protocol: message
formats
….
PDU
type
(0-3)
Request
ID
Error
Status
(0-5)
Error
Index
Name Value Name Value
….
PDU
type
4
Enterprise Agent
Addr
Trap
Type
(0-7)
Specific
code
Time
stamp
Name Value
Get/set header Variables to get/set
Trap header Trap info
SNMP PDU
More on network management: see earlier editions of text!

Chapter 5: summary
we’ve learned a lot!
 approaches to network control plane
• per-router control (traditional)
• logically centralized control (software defined
networking)
 traditional routing algorithms
• implementation in Internet: OSPF, BGP
 SDN controllers
• implementation in practice: ODL, ONOS
 Internet Control Message Protocol
 network management
next stop: link layer!

Chapter 5 - Computer Networking a top-down Approach 7th

Recommended

More Related Content

What's hot (20)

Similar to Chapter 5 - Computer Networking a top-down Approach 7th (20)

More from Andy Juan Sarango Veliz (20)

Recently uploaded (20)

Chapter 5 - Computer Networking a top-down Approach 7th