COMPUTER NETWORKING (CS09 603)

MODULE III
COMPUTER SCIENCE AND ENGINEERING
MEA ENGINEERING COLLEGE
1.
2.
3.
4.
5.
6.

Internetworking IP V4 and V6
Multicast Addresses and Multicast Routing
DVMRP, PIM, MSDP, MPLS
Destination based forwarding
Explicit Routing
VPN and Tunnels

1. INTERNETWORKING:
IPV6
The network layer that is present in use in commonly referred to as IPv4. Although IPv4
is well designed and has helped the internet to grow rapidly, it has some deficiencies (Shortage in
Address Space), these deficiencies has made it unsuitable for the fast growing internet. To
overcome these deficiencies, Internet Protocol, Version 6 protocol has been proposed and it has
evolved into a standard. Important features of IPv6 are highlighted below:

IPv6 uses 128-bit address instead of 32-bit address to provide larger address space
Uses more flexible header format, which simplifies and speeds up the routing process
Basic header followed by extended header
Resource Allocation options, which was not present in IPv4
Provision of new/future protocol options
Support for security with the help of encryption and authentication
Support for fragmentation at source

Colon Hexadecimal Notation

To make addresses more readable, IPv6 specifies colon hexadecimal notation (or colon
hex for short). In this notation, 128 bits are divided into eight sections, each 2 bytes in length.
Two bytes in hexadecimal notation require four hexadecimal digits. Therefore, the address
consists of 32 hexadecimal digits, with every four digits separated by a colon.
E.g.: FDEC: BA98: 7654 :3210 :ADBF: BBFF :2922 :FFFF
IPV6 ADDRESSES:
An IPv6 address consists of 16 bytes. To make the address more readable, IPv6 specifies
hexadecimal colon notation the use of which can be explained with the help of figure below :

Abbreviation:
Although the IP address even in hexadecimal format is very long, many of the digits are
zeros, hence we can abbreviate the address by omitting only the leading zeros of a section (four
digits between two colons) as shown in the diagram. Further abbreviation is possible if there are
consecutive sections consisting of zeros only. They can be removed altogether and replaced with
a double semicolon.

Categories of Addresses:
Unicastdefines a single computer

Anycastdefines a group of computer with addresses that have the same prefix

Multicastdefines a group of computers that may or may not share the same prefix
and may or may not be connected to the same physical network.

IPV6 PACKET FORMAT

Each packet consists of a packet header followed by the payload. The payload has two
parts: optional extension header and data from upper layer. The base header is of 40 bytes and
the payload may be up to 65536 bytes.

Base Header:
Version (4 bits) It indicates the IP version number.

Priority (4 bits) It specifies the priority of the packet with respect to traffic congestion.

Flow label (24 bits)

o It is designed to provide special handling for a particular flow of data.

Payload length (16 bits)

o It specifies total length of IP datagram excluding base header.

Next header (8 bits)

o It specifies the header that follows the base header. It may be one of the optional
extension headers or an upper layer protocol header.

Hop limit (8 bits)

o Similar to the TTL field in the IPv4

Source address (128 bits)

Destination address (128 bits)

o It generally specifies the final destination of datagram. However if source routing
is used, this field contains the address of the next router

Extension Headers:
Extension headers are supplied to provide extra information, but encoded in an efficient
way. Six kinds of extension headers are defined at present. Each one is optional. But in case of
more than one header is present, they must appear directly after the fixed base header, and
preferably in the order listed.

The hop-by-hop header is used to send information that all routers along the path must
examine. Datagrams using this header are called Jumbograms.

The routing header enlists one or more routers that have to be visited on the way to the
destination. Both strict routing (full path specified) and loose routing (selected routers are
supplied) are available.

The fragment header deals with fragmentation in a way similar to IPv4. it holds the
datagram identifier, fragment number, and a bit telling whether more fragments are
coming. Unlike IPv4, only source host, and not the routers along the way, can fragment a
packet. If an intermediate router receives a packet that is too long, it simply discards it
and sends an ICMP message back.

Authentication header provides a mechanism to the receiver of a packet to be sure of the

sender. The encrypted security payload makes it possible to encrypt the contents of a
packet so that only the intended recipient can read it.

The destination option header is intended for fields that need only be interpreted at the
destination host.

Address Space Allocation

1.1 TRANSITION FROM IPV4 TO IPV6

Because of the huge number of systems on the Internet, the transition from IPv4 to IPv6
cannot happen suddenly. It will take a considerable amount of time before every system in the
Internet can move from IPv4 to IPv6. The transition must be smooth to prevent any problems
between IPv4 and IPv6 systems. Three strategies have been devised by the IETF to help the
transition see Figure 27.16).

Dual Stack
It is recommended that all hosts, before migrating completely to version 6, have a dual
stack of protocols. In other words, a station must run IPv4 and IPv6 simultaneously until all the
Internet uses IPv6
Tunneling
Tunneling is a strategy used when two computers using IPv6 want to communicate with
each ther and the packet must pass through a region that uses IPv4. To pass through this region,
the packet must have an IPv4 address. So the IPv6 packet is encapsulated in an IPv4 packet when
it enters the region, and it leaves its capsule when it exits the region. It seems as if the IPv6
packet goes through a tunnel at one end and emerges at the other end. To make it clear that the
IPv4 packet is carrying an IPv6 packet as data, the protocol value is set to 41.
Header Translation
Header translation is necessary when the majority of the Internet has moved to IPv6 but
some systems still use IPv4. The sender wants to use IPv6, but the receiver does not understand
IPv6. Tunneling does not work in this situation because the packet must be in the IPv4 format to
be understood by the receiver. In this case, the header format must be totally changed through
header translation. The header of the IPv6 packet is converted to an IPv4 header

2. MULTICASTING

In unicasting there is a single sender (source) and a single receiver (destination)

In unicast routing, the router forwards the received packet through only one of its
interfaces.
Multicast: one source to many destinations
Main goal: efficient data distribution
Avoid data duplication within network

Applications:
Broadcast audio/video
Push-based systems (e.g., BGP updates)
Software distribution
Web-cache updates
Teleconferencing (audio, video, shared whiteboard, text editor)
Multi-player games and Other distributed applications
IP Multicast Architecture:

Multicasting:

2.2 MULTICAST ROUTING

In multicast routing, the router may forward the received packet through several of its interfaces.

Every member receives EXACTLY ONE copy of the packet

Non-members receive nothing
No loops in route
Optimal path from source to each destination.

Terminology

Spanning Tree: Source is the root, group members are the leaves.
Shortest Path Spanning Tree: Each path from root to a leaf is the shortest according
to some metric.
Multicast tree:
Source-Based Tree:
o For each combination of (source , group), there is a shortest path spanning tree.
o Approach 1: DVMRP; an extension of unicast distance vector routing (e.g. RIP)
o Approach 2: MOSPF; an extension of unicast link state routing (e.g. OSPF)
Group-Share Tree
o One tree for the entire group
o Rendezvous-Point Tree: one router is the center of the group and therefore the
root of the tree.
CBT and PIM-SP protocols

3. Distance Vector Multicast Routing Protocol DVMRP:

No pre-defined route from source to destination. Tree is gradually created by

successive routers along the path.
Uses shortest path (fewest hops)
Prevent loops: apply Reverse Path Forwarding (RFP)
Prevent Duplication: apply Reverse Path Broadcasting (RPB)
Multicast with dynamic membership: apply Reverse Path Multicasting (RPM)
with pruning, grafting, and lifetime.

RPF (Reverse Path Forwarding):

In reverse path forwarding (RPF), the router forwards only the packets that have traveled
the shortest path from the source to the router; all other copies are discarded. No Loops.

Prevent Duplication in RPF:

RPF versus RPB:

The router with the shortest path to the source becomes the designated parent of a
network
A Router forwards packets only to its designated child networks

RPB creates a shortest path broadcast tree from the source to each destination.
It guarantees that each destination receives one and only one copy of the packet.
To convert broadcasting to multicasting, the protocol uses two procedures, pruning and grafting.
DVMRP: distance vector multicast routing protocol, RFC1075 flood and prune:
Reverse path forwarding, source-based tree RPF tree based on DVMRPs own routing tables
constructed by communicating DVMRP routers no assumptions about underlying unicast initial
datagram to mcast group flooded everywhere via RPF routers
*Not wanting group: send upstream prune msgs
Reverse Path Forwarding: example

Multicast OSPF (MOSPF): Add-on to OSPF

Recall: flood routing announcements, each node gets entire topology
Now each router also keeps track of multicast group members
Routers mark link-state advertisement with groups that it has members for
Source-based trees
Shortest paths to a node form a spanning tree
Routing algorithm augmented to compute shortest-path distribution tree from a
source to any set of destinations
Packets from each source are forwarded on this tree

Core-Based Tree (CBT):

In CBT, the source sends the multicast packet (encapsulated in a unicast packet) to the
core router. The core router decapsulates the packet and forwards it to all interested hosts.

3.2 PIM (Protocol Independent Multicast):

Not dependent on any specific underlying unicast routing algorithm (works with all) two
different multicast distribution scenarios:
Dense:

Sparse:

Group members densely packed, in close proximity.

Bandwidth more plentiful
Group membership by routers assumed until routers explicitly prune
Data-driven construction on M-cast tree (e.g., RPF)
Bandwidth and non-group-router processing profligate
Networks with group members small interconnected networks
Group members widely dispersed
Bandwidth not plentiful
No membership until routers explicitly join
Receiver- driven construction of M-cast tree (e.g., center-based)
Bandwidth and non-group-router processing conservative

PIM- Dense Mode: Flood-and-prune RPF, similar to DVMRP but

Underlying unicast protocol provides RPF info for incoming datagram
Less complicated (less efficient) downstream flood than DVMRP reduces reliance on
underlying routing algorithm

 Has protocol mechanism for router to detect it is a leaf-node router

PIM - Sparse Mode:
Center-based approach
Router sends join msg to Rendezvous Point (rp)
Intermediate routers update state and forward join
After joining via RP, router can switch to source-specific tree
Increased performance: less concentration, shorter paths
Sender (s):
Unicast data to RP, which distributes down RP-rooted tree
RP can extend M-cast tree upstream to source
RP can send stop msg if no attached receivers

3.3 Interdomain Multicast (MSDP):

PIM-SM has some significant shortcomings when it comes to interdomain multicast. In
particular, the existence of a single RP for a group goes against the principle that domains are
autonomous.
For a given multicast group, all the participating domains would be dependent on the
domain where the RP is located. Furthermore, if there is a particular multicast group for which a
sender and some receivers shared a single domain, the multicast traffic would still have to be

routed initially from the sender to those receivers via whatever domain has the RP for that
multicast group.
Consequently, the PIM-SM protocol is typically not used across domains, only within a
domain. To extend multicast across domains using PIM-SM, Multicast Source Discovery
Protocol (MSDP) was devised. MSDP is used to connect different domainseach running
PIM-SM internally, with its own RPsby connecting the RPs of the different domains.
Each RP has one or more MSDP peer RPs in other domains. Each pair of MSDP peers is
connected by a TCP connection over which the MSDP protocol runs.
Together, all the MSDP peers for a given multicast group form a loose mesh that is used
as a broadcast network. MSDP messages are broadcast through the mesh of peer RPs using the
Reverse Path Broadcast Algorithm.

3.4 Multiprotocol Label Switching (MPLS)

Multi Protocol supports protocols even other than IP

Supports IPv4, IPv6, IPX, AppleTalk at the network layer
Supports Ethernet, Token Ring, FDDI, ATM, Frame Relay, PPP at the link layer
Label short fixed length identifier to determine a route
Labels are added to the top of the IP packet
Labels are assigned when the packet enters the MPLS domain

Switching forwarding a packet

Packets are forwarded based on the label value
NOT on the basis of IP header information

MPLS is
A forwarding scheme designed to speed up IP packet forwarding (RFC 3031)
Idea: use a fixed length label in the packet header to decide packet forwarding
Label carried in an MPLS header between the link layer header and network layer
header
Support any network layer protocol and link layer protocol
MPLS Header Format:
Label: 20-bit label value
Exp: experimental use
Can indicate class of service
S: bottom of stack indicator
1 for the bottom label, 0 otherwise
TTL: time to live

8
Need for MPLS:
Rapid growth of Internet
New latency dependent applications
Quality of Service (QoS)
Less time at the routers
Traffic Engineering
Flexibility in routing packets
Connection-oriented forwarding techniques with connectionless IP
Utilizes the IP header information to maintain interoperability with IP based
networks
Decides on the path of a packet before sending it
Integration of layer 2 and layer 3
Simplified connection-oriented forwarding of layer 2
Flexibility and scalability of layer 3 routing
MPLS does not replace IP; it supplements IP
Traffic can be marked, classified and explicitly routed
QoS can be achieved through MPLS
MPLS Architecture:

Internet

LER LER IP
LSR
LSR
MPLS
LSR
IP
LSR
LER

LSR = Label Switched Router

LER = Label Edge Router
Comparing MPLS with existing IP core and IP/ATM technologies, MPLS has many
advantages and benefits:
The performance characteristics of layer 2 networks
The connectivity and network services of layer 3 networks
Improves the price/performance of network layer routing
Improved scalability
Improves the possibilities for traffic engineering
Supports the delivery of services with QoS guarantees
Avoids need for coordination of IP and ATM address allocation and routing
information
Forwarding Equivalence Class (FEC):
A group of packets that require the same forwarding treatment across the same path
Packets are grouped based on any of the following
Address prefix
Host address
Quality of Service (QoS)
FEC is encoded as the label
FEC Example:
Assume packets have the destination address as
124.48.45.20
143.67.25.77
143.67.84.22
124.48.66.90
FEC 1 (label x)

143.67.25.77
143.67.84.22

FEC 2 (label y)

124.48.45.20
124.48.66.90

LER (Label Edge Router):

Can be an ATM switch or a router
Ingress LER performs the following:
Receives the packet
Adds label
Forwards the packet into the MPLS domain
Egress LER removes the label and delivers the packet
LSR (Label Switch Router):
A router/switch that supports MPLS
Can be a router
Can be an ATM switch + label switch controller
Label swapping
Each LSR examines the label on top of the stack
Uses the Label Information Base (LIB) to decide the outgoing path and the
outgoing label
Removes the old label and attaches the new label
Forwards the packet on the predetermined path

4. Destination-Based Forwarding:
Consider the network in Figure 4.42. Each of the two routers on the far right (R3 and R4)
has one connected network, with prefixes 18.1.1/24 and 18.3.3/24. The remaining routers (R1
and R2) have routing tables that indicate which outgoing interface each router would use when
forwarding packets to one of those two networks.
When MPLS is enabled on a router, the router allocates a label for each prefix in its
routing table, and advertises both the label and the prefix that it represents to its neighboring
routers. This advertisement is carried in the (LDP) Label Distribution Protocol. This is
illustrated in Figure 4.43.
Router R2 has allocated the label value 15 for the prefix 18.1.1 and the label value 16 for
the prefix 18.3.3. These labels can be chosen at the convenience of the allocating router, and can
be thought of as indices into the routing table. After allocating the labels, R2 advertises the label
bindings to its neighbors; in this case, we see R2 advertising a binding between the label 15 and
the prefix 18.1.1 to R1. The meaning of such an advertisement is that R2 has said, in effect,
please attach the label 15 to all packets sent to me that are destined to prefix 18.1.1. R1 stores
the label in a table alongside the prefix that it represents as the remote or outgoing label for
any packets that it sends to that prefix.

In Figure 4.43(c), we see another label advertisement from router R3 to R2 for the prefix
18.1.1, and R2 places the remote label that it learned from R3 in the appropriate place in its
table. At this point, we can look at what happens when a packet is forwarded in this network.
Suppose a packet destined to the IP address 18.1.1.5 arrives from the left to router R1. R1 in this
case is referred to as a label edge router (LER); an LER performs a complete IP lookup on
arriving IP packets, and then applies labels to them as a result of the lookup. In this case, R1
would see that 18.1.1.5 matches the prefix 18.1.1 in its forwarding table, and that this entry
contains both an outgoing interface and a remote label value. R1 therefore attaches the remote
label 15 to the packet before sending it. When the packet arrives at R2, R2 looks only at the label
in the packet, not the IP address. The forwarding table at R2 indicates that packets arriving with a
label value of 15 should be sent out interface 1, and that it should carry the label value 24, as
advertised by router R3. R2 therefore rewrites, or swaps, the label, and forwards it on to R3.

What has been accomplished by all this application and swapping of labels? Observe that
when R2 forwarded the packet in this example, it never actually needed to examine the IP
address. Instead, R2 looked only at the incoming label. Thus, we have replaced the normal IP
destination address lookup with a label lookup.
To understand why this is significant, it helps to recall that although IP addresses are
always the same length, IP prefixes are of variable length, and the IP destination address lookup
algorithm needs to find the longest match; the longest prefix that matches the high-order bits in
the IP address of the packet being forwarded. By contrast, the label forwarding mechanism just
described is an exact match algorithm. It is possible to implement a very simple exact match
algorithm, for example, by using the label as an index into an array, where each element in the
array is one line in the forwarding table.

MPLS Applications:

Traffic Engineering

Virtual Private Network

Quality of Service (QoS)

5. EXPLICIT ROUTING:

Two options for route selection:

1. Hop by hop routing
2. Explicit routing
Explicit Routing (Source Routing) is a very powerful technique
With pure datagram routing, overhead of carrying complete explicit route is
prohibitive
MPLS allows explicit route to be carried only at the time the LSP is setup, and not
with each packet
MPLS makes explicit routing practical
Routing protocols used in conjunction with MPLS are based on distributed computation
which may contain loops
Loops handling - 3 categories
1. Loop Mitigation/Survival
2. Loop Detection
3. Loop Prevention

MPLS (Helps to Implement Explicit Routing In IP Networks)

IP has a source routing option, but it is not widely used for several reasons, including
the fact that only a limited number of hops can be specified and because it is usually processed
outside the fast path on most routers. MPLS provides a convenient way to add capabilities
similar to source routing to IP networks, although the capability is more often called explicit
routing rather than source routing.
One reason for the distinction is that it usually isnt the real source of the packet that
picks the route. More often it is one of the routers inside a service providers network. Figure
4.46 shows an example of how the explicit routing capability of MPLS might be applied. This
sort of network is often called a fish network because of its shape (the routers R1 and R2 form
the tail; R7 is at the head).
R2-to-R7 traffic constitutes a second FEC (Forwarding Equivalence Class).
Forwarding traffic in these two classes along different paths is difficult with normal IP routing,
because R3 doesnt normally look at where traffic came from in making its forwarding
decisions. Because MPLS uses label swapping to forward packets, it is easy enough to achieve
the desired routing if the routers are MPLS-enabled.

If R1 and R2 attach distinct labels to packets before sending them to R3thus

identifying them as being in different FECs then R3 can forward packets from R1 and R2
along different paths.
The question that then arises is, how do all the routers in the network agree on what
labels to use and how to forward packets with particular labels? Clearly, we cant use the same
procedures as described in the preceding section to distribute labels, because those procedures
establish labels that cause packets to follow the normal paths picked by IP routing, which is
exactly what we are trying to avoid.
Instead, a new mechanism is needed. It turns out that the protocol used for this task is the
Resource Reservation Protocol (RSVP) well talk more about this protocol, but for now it
suffices to say that it is possible to send an RSVP message along an explicitly specified path
(e.g., R1-R3-R6-R7) and use it to set up label forwarding table entries all along that path. This
is very similar to the process of establishing a virtual circuit.
Suppose that the operator of the network in Figure 4.46 has determined that any traffic
flowing from R1 to R7 should follow the path R1-R3-R6-R7, and that any traffic going from R2
to R7 should follow the path R2-R3-R4-R7. One reason for such a choice would be to make
good use of the capacity available along the two distinct paths from R3 to R7.
We can think of the R1-to-R7 traffic as constituting one forwarding equivalence class,
and the R2-to-R7 traffic constitutes a second FEC. Forwarding traffic in these two classes along
different paths is difficult with normal IP routing, because R3 doesnt normally look at where
traffic came from in making its forwarding decisions. Because MPLS uses label swapping to
forward packets, it is easy enough to achieve the desired routing if the routers are MPLSenabled.
If R1 and R2 attach distinct labels to packets before sending them to R3thus
identifying them as being in different FECsthen R3 can forward packets from R1 and R2 along
different paths.

6. VPN (Virtual Private Network) and Tunnel:

Virtual Private Network is a type of private network that uses public telecommunication,
such as the Internet, instead of leased lines to communicate.
Became popular as more employees worked in remote locations.
Terminologies to understand how VPNs work.
Employees can access the network (Intranet) from remote locations.
Secured networks.
The Internet is used as the backbone for VPNs
Saves cost tremendously from reduction of equipment and maintenance costs.
Scalability
Types of VPN:
Server based
Firewall based
Router based (including VPN appliances

Advantages:
Greater scalability
Easy to add/remove users
Reduced long-distance telecommunications costs
Mobility
Security
Disadvantages
Lack of standards
Understanding of security issues
Unpredictable Internet traffic
Difficult to accommodate products from different vendors
Remote access VPN:

Working:
Two connections one is made to the Internet and the second is made to the VPN.
Datagrams contains data, destination and source information.
Firewalls VPNs allow authorized users to pass through the firewalls.
Protocols protocols create the VPN tunnels.

Encryption:
Encryption -- is a method of scrambling data before transmitting it onto the Internet.
Public Key Encryption Technique
Digital signature for authentication

Tunneling:
A virtual point-to-point connection made through a public network. It transports
encapsulated datagrams.
The portion of the network where the data is encapsulated

Two types of end points:

Remote Access
Site-to-Site
Site to Site:

Remote access VPN:

Four Protocols used in VPN:

PPTP
:Point-to-Point Tunneling Protocol
L2TP
:Layer 2 Tunneling Protocol
IPsec
:Internet Protocol Security
SOCKS
:is not used as much as the ones above
PPTP:

Encapsulate and encrypt the data to be sent over a corporate or public IP

network

Encrypted and encapsulated to be sent over a communication links that

support user datagram mode of transmission
Examples of links include X.25, Frame Relay and ATM

Encapsulate and encrypt in an IP header for transmission over an IP network

L2TP:

IPSEC:

ATM circuit is emulated in Tunnel:

The simplest form of MPLS VPN to understand is a layer 2 VPN. In this type of VPN,
MPLS is used to tunnel layer 2 data (such as Ethernet frames or ATM cells) across a network of
MPLS-enabled routers. one reason for tunnels is to provide some sort of network service (such as
multicast) that is not supported by some routers in the network. The same logic applies here: IP
routers are not ATM switches, so you cannot provide an ATM virtual circuit service across a
network of conventional routers. However, if you had a pair of routers interconnected by a
tunnel, they could send ATM cells across the tunnel and emulate an ATM circuit.
The term for this technique within the IETF is pseudowire emulation. We have already
seen how IP tunnels are built: The router at the entrance of the tunnel wraps the data to be
tunneled in an IP header (the tunnel header), which represents the address of the router at the far
end of the tunnel, and sends the data like any other IP packet. The receiving router receives the

packet with its own address in the header, strips the tunnel header, and finds the data that was
tunneled, which it then processes. Exactly what it does with that data depends on what it is.
For example, if it were another IP packet, it would then be forwarded on like a normal IP
packet. However, it need not be an IP packet, as long as the receiving router knows what to do
with non-IP packets. Well return to the issue of how to handle non-IP data in a moment.

Forwarding ATM cells along Tunnel:

1. An ATM cell arrives on the designated input port with the appropriate VCI value (101 in
this example).
2. The head router attaches the demultiplexing label that identifies the emulated circuit.
3. The head router then attaches a second label, which is the tunnel label that will get the
packet to the tail router. This label is learned by mechanisms .
4. Routers between the head and tail forward the packet using only the tunnel label.
5. The tail router removes the tunnel label, finds the demultiplexing label, and recognizes
the emulated circuit.
6. The tail router modifies the ATM VCI to the correct value (202 in this case) and sends it
out the correct port.