Chapter 4 - Network Layer / Data Plane

Question 1

Let’s review some of the terminology used in this textbook. Recall that the name of a transport-layer packet is segment and that the name of a link-layer packet is frame. What is the name of a network-layer packet? Recall that both routers and link-layer switches are called packet switches. What is the fundamental difference between a router and link-layer switch?

Answer 1

A network-layer packet is a datagram. A router forwards a packet based on the packet’s IP (layer 3) address. A link-layer switch forwards a packet based on the packet’s MAC (layer 2) address.

Question 2

We noted that network layer functionality can be broadly divided into data plane functionality and control plane functionality. What are the main functions of the data plane? Of the control plane?

Answer 2

The main function of the data plane is packet forwarding, which is to forward datagrams from their input links to their output links. For example, the data plane’s input ports perform physical layer function of terminating an incoming physical link at a router, perform link-layer function to interoperate with the link layer at the other side of the incoming link, and perform lookup function at the input ports.

The main function of the control plane is routing, which is to determine the paths a packet takes from its source to its destination. A control plane is responsible for executing routing protocols, responding to attached links that go up or down, communicating with remote controllers, and performing management functions.

Question 3

We made a distinction between the forwarding function and the routing function performed in the network layer. What are the key differences between routing and forwarding?

Answer 3

The key differences between routing and forwarding is that forwarding is a router’s local action of transferring packets from its input interfaces to its output interfaces, and forwarding takes place at very short timescales (typically a few nanoseconds), and thus is typically implemented in hardware. Routing refers to the network-wide process that determines the end-to-end paths that packets take from sources to destinations. Routing takes place on much longer timescales (typically seconds), and is often implemented in software

Question 4

What is the role of the forwarding table within a router?

Answer 4

The role of the forwarding table within a router is to hold entries to determine the outgoing link interface to which an arriving packet will be forwarded via switching fabric.

Question 5

We said that a network layer’s service model “defines the characteristics of end-to-end transport of packets between sending and receiving hosts.” What is the service model of the Internet’s network layer? What guarantees are made by the Internet’s service model regarding the host-to-host delivery of datagrams?

Answer 5

The service model of the Internet’s network layer is best-effort service. With this service model, there is no guarantee that packets will be received in the order in which they were sent, no guarantee of their eventual delivery, no guarantee on the end-to-end delay, and no minimal bandwidth guarantee

Question 6

In Section 4.2, we saw that a router typically consists of input ports, output ports, a switching fabric and a routing processor. Which of these are implemented in hardware and which are implemented in software? Why? Returning to the notion of the network layer’s data plane and control plane, which are implemented in hardware and which are implemented in software? Why?

Answer 6

Input port, switching fabric, and output ports are implemented in hardware, because their datagram-processing functionality is far too fast for software implementation. A routing processor inside a traditional router uses software for executing routing protocols, maintaining routing tables and attached link state information, and computing the forwarding table of a router. In addition, a routing processor in a SDN router also relies on software for communication with a remote controller in order to receive forwarding table entries and install them in the router’s input ports.

Data plane is usually implemented in hardware due to the requirement of fast processing, e.g., at nanosecond time scale. Control plane is usually implemented in software and operates at the millisecond or second timescale, for example, for

Question 7

What does each input port of a high speed router store to facilitate fast forwarding decisions?

Answer 7

With the shadow copy, the forwarding lookup is made locally, at each input port, without invoking the centralized routing processor. Such a decentralized approach avoids creating a lookup processing bottleneck at a single point within the router

Question 8

What is meant by destination-based forwarding? How does this differ from generalized forwarding (assuming you’ve read Section 4.4, which of the two approaches are adopted by Software-Defined Networking)?

Answer 8

Destination-based forwarding means that a datagram arriving at a router will be forwarded to an output interface based on only the final destination of the datagram. Generalized-forwarding means that besides its final destination, other factors associated with a datagram is also considered when a router determines the output interface for the datagram. Software defined networking adopts generalized forwarding, for example, forwarding decision can be based on a datagram’s TCP/UDP source or destination port numbers, besides its destination IP address.

Question 9

Suppose that an arriving packet matches two or more entries in a router’s forwarding table. With traditional destination-based forwarding, what rule does a router apply to determine which of these rules should be applied to determine the output port to which the arriving packet should be switched?

Answer 9

A router uses longest prefix matching to determine which link interface a packet will be forwarded to if the packet’s destination address matches two or more entries in the forwarding table. That is, the packet will be forwarded to the link interface that has the longest prefix match with the packet’s destination.

Question 10

Switching in a router forwards data from an input port to an output port. What is the advantage of switching via an interconnection network over switching via memory and switching via bus?

Answer 10

Switching via memory; switching via a bus; switching via an interconnection network. An interconnection network can forward packets in parallel as long as all the packets are being forwarded to different output ports.

Question 11

What is the role of a packet scheduler at the output port of a router?

Answer 11

If the rate at which packets arrive to the fabric exceeds switching fabric rate, then packets will need to queue at the input ports. If this rate mismatch persists, the queues will get larger and larger and eventually overflow the input port buffers, causing packet loss. Packet loss can be eliminated if the switching fabric speed is at least n times as fast as the input line speed, where n is the number of input ports.

Question 12

What is a drop-tail policy? What are AQM algorithms? Which is the most widely studied and implemented AQM algorithm? How does it work?

Answer 12

When there is not enough memory to buffer an incoming packet, a decision must be made to either drop the arriving packet (a policy known as drop-tail) or remove one or more already-queued packets to make room for the newly arrived packet.

active queue management (AQM)
Random Early Detection (RED): pre-emptively dropping packets before the buffer becomes completely full. It uses predictive models to decide which packets to drop

Assuming input and output line speeds are the same, packet loss can still occur if the rate at which packets arrive to a single output port exceeds the line speed. If this rate mismatch persists, the queues will get larger and larger and eventually overflow the output port buffers, causing packet loss. Note that increasing switch fabric speed cannot prevent this problem from occurring

Question 13

What is HOL blocking? Does it occur in input ports or output ports?

Answer 13

HOL blocking: Sometimes a packet that is first in line at an input port queue must wait because there is no available buffer space at the output port to which it wants to be forwarded. When this occurs, all the packets behind the first packet are blocked, even if their output queues have room to accommodate them. HOL blocking occurs at the input port.

Question 14

In Section 4.2, we studied FIFO, Priority, Round Robin (RR), and Weighted Fair Queueing (WFQ) packet scheduling disciplines. Which of these queueing disciplines ensure that all packets depart in the order in which they arrived?

Answer 14

Only FIFO can ensure that all packets depart in the order in which they arrived.

Question 15

Give an example showing why a network operator might want one class of packets to be given priority over another class of packets.

Answer 15

real-time applications such as voice or video calls may get a higher priority than for example an ftp application.

For example, a packet carrying network management information should receive priority over regular user traffic. Another example, a real-time voice-over-IP packet might need to receive priority over non-real-time traffic such as e-email.

Question 16

What is an essential difference between RR and WFQ packet scheduling? Is there a case (Hint: Consider the WFQ weights) where RR and WFQ will behave exactly the same?

Answer 16

With RR, all service classes are treated equally, i.e., no service class has priority over any other service class. With WFQ, service classes are treated differently, i.e., each class may receive a differential amount of service in any interval of time. When a WFQ’s all classes have the same amount of service weight, the WFQ is identical to RR.

Question 17

Suppose Host A sends Host B a TCP segment encapsulated in an IP datagram. When Host B receives the datagram, how does the network layer in Host B know it should pass the segment (that is, the payload of the datagram) to TCP rather than to UDP or to some other upper-layer protocol?

Answer 17

the IP datagram header contains an “Upper Layer Protocol” field that determines the transport layer protocol

The 8-bit protocol field in the IP datagram contains information about which transport layer protocol the destination host should pass the segment to.

Question 18

What field in the IP header can be used to ensure that a packet is forwarded through no more than N routers?

Answer 18

TTL: time to live

Question 19

Recall that we saw the Internet checksum being used in both transport-layer segment (in UDP and TCP headers, Figures 3.7 and 3.29 respectively) and in network-layer datagrams (IP header, Figure 4.16). Now consider a transport layer segment encapsulated in an IP datagram. Are the checksums in the segment header and datagram header computed over any common bytes in the IP datagram? Explain your answer.

Answer 19

datagram checksum is calculated over the datagram header.

No. IP header checksum only computes the checksum of an IP packet’s IP header fields, which share no common bytes with the IP datagram’s transport-layer segment part

Question 20

When a large datagram is fragmented into multiple smaller datagrams, where are these smaller datagrams reassembled into a single larger datagram?

Answer 20

The reassembly of the fragments of an IP datagram is done in the datagram’s destination host.

Question 21

A router has eight interfaces. How many IP addresses will it have?

Answer 21

A router will have an IP address for each connected interface

Question 22

What is the 32-bit binary equivalent of the IP address 202.3.14.25?

Answer 22

11001010 . 11 . 1110 . 11001

Question 23

Suppose there are four routers between a source host and a destination host. Ignoring fragmentation, an IP datagram sent from the source host to the destination host will travel over how many interfaces? How many forwarding tables will be indexed to move the datagram from the source to the destination?

Answer 23

1 iface at each host
2 ifaces at each router
1 index at each router

Question 24

Suppose an application generates chunks of 40 bytes of data every 20 msec, and each chunk gets encapsulated in a TCP segment and then an IP datagram. What percentage of each datagram will be overhead, and what percentage will be application data?

Answer 24

total: 20B (datagram header) + 20B (TCP transport header) + 40B (data)

overhead: (20B (datagram header) + 20B (TCP transport header)) * 100 / total
data: (40B (data)) * 100 / total

Question 25

Suppose you purchase a wireless router and connect it to your cable modem. Also suppose that your ISP dynamically assigns your connected device (that is, your wireless router) one IP address. Also suppose that you have five PCs at home that use 802.11 to wirelessly connect to your wireless router. How are IP addresses assigned to the five PCs? Does the wireless router use NAT? Why or why not?

Answer 25

Each host (PC) in the home network will either (a) use DHCP to obtain and configure an IP address, or (b) a member of the household can manually determine and configure an IP address. These IP addresses will all be on the same subnet (assuming no other devices on the network). Since all IP addresses in the home are local only the router will need to use NAT to properly route returning requests.

Typically the wireless router includes a DHCP server. DHCP is used to assign IP addresses to the 5 PCs and to the router interface. Yes, the wireless router also uses NAT as it obtains only one IP address from the ISP.

Question 26

What is meant by the term “route aggregation”? Why is it useful for a router to perform route aggregation?

Answer 26

Route aggregation means that an ISP uses a single prefix to advertise multiple networks. Route aggregation is useful because an ISP can use this technique to advertise to the rest of the Internet a single prefix address for the multiple networks that the ISP has.

Question 27

What is meant by a “plug-and-play” or “zeroconf” protocol?

Answer 27

plug-and-play or zeroconf is a system that allows automatic configuration of some device. DHCP is an example technology that relies or implements plug-and-play

A plug-and-play or zeroconf protocol means that the protocol is able to automatically configure a host’s network-related aspects in order to connect the host into a network.

Question 28

What is a private network address? Should a datagram with a private network address ever be present in the larger public Internet? Explain.

Answer 28

a private network address is an address that is not publically accessible, typically part of a subnet behind a router. a private address in a datagram would be undeliverable, as such it would not. Additionally there is nothing preventing two host on different subnets from having the same private IP address, but each public host needs a unique public IP address.

A private network address of a device in a network refers to a network address that is only meaningful to those devices within that network. A datagram with a private network address should never be present in the larger public Internet, because the private network address is potentially used by many network devices within their own private networks

Question 29

Describe an IPV4 header (VHSDIFOTUC)

Answer 29

Question 30

It has been said that when IPv6 tunnels through IPv4 routers, IPv6 treats the IPv4 tunnels as link-layer protocols. Do you agree with this statement? Why or why not?

Answer 30

yes tunneling effectively wraps an IPv6 datagram in an IPv4 datagram. so to IPv6 the IPv4 tunnel behaves as another layer in the stack.

Question 31

How does generalized forwarding differ from destination-based forwarding?

Answer 31

Forwarding has two main operations: match and action. With destination-based forwarding, the match operation of a router looks up only the destination IP address of the to-be-forwarded datagram, and the action operation of the router involves sending the packet into the switching fabric to a specified output port. With generalized forwarding, the match can be made over multiple header fields associated with different protocols at different layers in the protocol stack, and the action can include forwarding the packet to one or more output ports, load-balancing packets across multiple outgoing interfaces, rewriting header values (as in NAT), purposefully blocking/dropping a packet (as in a firewall), sending a packet to a special server for further processing and action, and more.

Question 32

What is the difference between a forwarding table that we encountered in destination-based forwarding in Section 4.1 and OpenFlow’s flow table that we encountered in Section 4.4?

Answer 32

Each entry in the forwarding table of a destination-based forwarding contains only an IP header field value and the outgoing link interface to which a packet (that matches the IP header field value) is to be forwarded. Each entry of the flow table in OpenFlow includes a set of header field values to which an incoming packet will be matched, a set of counters that are updated as packets are matched to flow table entries, and a set of actions to be taken when a packet matches a flow table entry.

Question 33

What is meant by the “match plus action” operation of a router or switch? In the case of destination-based forwarding packet switch, what is matched and what is the action taken? In the case of an SDN, name three fields that can be matched, and three actions that can be taken.

Answer 33

“Match plus action” means that a router or a switch tries to find a match between some of the header values of a packet with some entry in a flow table, and then based on that match, the router decides to which interface(s) the packet will be forwarded and even some more operations on the packet. In the case of destination-based forwarding packet switch, a router only tries to find a match between a flow table entry with the destination IP address of an arriving packet, and the action is to decide to which interface(s) the packet will be forwarded. In the case of an SDN, there are many fields can be matched, for example, IP source address, TCP source port, and source MAC address; there are also many actions can be taken, for example, forwarding, dropping, and modifying a field value.

Question 34

Describe an IPV6 header (VTFPNH)

Answer 34

IPv6 has a fixed length header, which does not include most of the options an IPv4 header can include. Even though the IPv6 header contains two 128 bit addresses (source and destination IP address) the whole header has a fixed length of 40 bytes only. Several of the fields are similar in spirit. Traffic class, payload length, next header and hop limit in IPv6 are respectively similar to type of service, datagram length, upper-layer protocol and time to live in IPv4.

Question 35

Name three header fields in an IP datagram that can be “matched” in Open- Flow 1.0 generalized forwarding. What are three IP datagram header fields that cannot be “matched” in OpenFlow

Answer 35

Three example header fields in an IP datagram that can be matched in OpenFlow 1.0 generalized forwarding are IP source address, TCP source port, and source MAC address. Three fields that cannot be matched are: TTL field, datagram length field, header checksum (which depends on TTL field).