Lesson 5 - Naming, Addressing, Forwarding

Question 1

Nuts and bolts that make routing possible

Answer 1

Naming, addressing, forwarding

Question 2

IP stands for

Answer 2

Internet Protocol

Question 3

Which version of IP is widely deployed on the internet today?

Answer 3

Version 4 (IPv4)

Question 4

How many bits in an IPv4 address?

Answer 4

32

Question 5

How is an IP address formatted?

Answer 5

Dotted notation

• Breaking it up with dots is just a convenient way of writing an 32-bit number. It’s made up of 4 8-bit numbers.
• It allows for 4^32 addresses (or about 4 billion)

Question 6

Problems with pure IPv4

Answer 6

• We’re running out of addresses
• 4 billion is a lot to deal with. Can’t just have it in one table. Lookups would be slow. Need a way to group. Was much more inefficient pre-1994.

Question 7

Classful addressing

Answer 7

-Addresses were divided into a network ID portion and a host ID portion

Question 8

Class A address

Answer 8

• Starting with a 0 as the first bit is a class A address
• This picks half of all IP addresses
• Next 7 bits (combined with the first) represent the network ID for the network that owns this portion of address space
• Remaining portion (24 bits) is dedicated for hosts ON THAT NETWORK. This means that a class A address can support 2^24 IP addresses.

Question 9

Class B address

Answer 9

• Starts with a 10
• First 16 bits signify network ID, remaining 16 bits signify host ID
• Each class B address SPACE represents about 1/65,000th of all internet address space
• Discounting the first 2 bits which indicate it’s a class B network we have about 2^14th class B’s
• Each of the class B networks can have 2^16 (65,000) hosts on each network

Question 10

Class C address

Answer 10

• Use the first 24 bits for the NET ID and the remaining 8 for the host ID
• Each class C network essentially can only have 255 hosts on it

Question 11

BGP routing table from ’89-’94

Answer 11

• Grew slowly. By 1994, had around 1500 IP addresses.
• Growth rates were exceeding hw/sw capabilities, and in particular we began to run out of the class C address allocation, because only a certain range of the IP address space could be used for class C addresses
• Began to accelerate around 1994
• There began to be a need for more flexible allocation. The solution to this problem was something called Classless Interdomain Routing or “CIDR” (pronounced like cider)

Question 12

IANA

Answer 12

“eye-ana”

• The top of the hierarchy, allocates IP address space to ISP’s
• has authority to allocate address space to what are called regional routing registries

Question 13

IANA regional routing registries

Answer 13

• AfriNIC (Africa)
• APNIC (Asia and Australia)
• ARIN (North America)
• LACNIC (Latin America)
• RIPE (Europe)
• A regional routing registry, ARIN for example, allocates address space to individual networks like GaTech
• Address space across regions is far from even

Question 14

/8 address space means

Answer 14

IPv4 address

Question 15

What does it mean to say we’re running out of IPv4 addresses?

Answer 15

It doesn’t mean you can’t get a new device on the internet. There are various ways of coping with it. It just means that IANA no longer has anymore /8 blocks to give to these regional registries

Question 16

whois

Answer 16

• Querying an IP address using whois and a routing registry such as ra.net will tell you the owner of that particular prefix
• Also gives the autonomous system number
• Routing registry entry also gives us more information such as who to contact if we need to contact the owner of this address space.

Question 17

CIDR

Answer 17

• Classless Interdomain Routing
• Instead of having fixed network ID and host ID portions of the 32 bits, we’d simply have an IP address, plus what’s known as a mask, which is variable length and indicates the length of the network ID.
• For example, suppose we have an IP address like 64.14.248.0/22. The “/22” indicates the mask length, which says that the first 22 bits should represent the network ID.
• The key is that the mask length is variable, and no longer depends on the range of IP addresses that are being used.
• This allows those allocating IP address ranges to both allocate a range that’s more fitting to the size of the network, and also not have to be constrained about how big the network ID should be depending on where in the IP address space the prefix is being allocated from.

Question 18

Complications of CIDR

Answer 18

• it’s possible to have overlapping address prefixes.
• For example: 64.14.248.0/24 is a subset of 64.14.248.0/22
• What do you do when they both show up in a routing table?

Question 19

Longest prefix match

Answer 19

• Suppose overlapping address prefixes show up in a routing table
• The solution is to forward on what’s called the “longest prefix match”. Meaning that if a routing table has 2 overlapping entries, it should forward according to the entry that has the longest prefix or the longest mask length.
• Intuitively that makes sense because the prefix with the longer mask length is more specific than the prefix with the shorter mask (aka the larger prefix).

Question 20

Benefits of CIDR and Longest prefix match

Answer 20

• Efficiency: prefix blocks can be allocated on a much finer granularity than with classful interdomain routing
• Hierarchy/organization: opportunity for aggregation if 2 downstream networks with more specific/longer prefixes should be treated in the same way by an upstream network, who might simply aggregate 2 contiguous shorter prefixes into 1 forwarding table entry with a shorter prefix
• If the rest of the internet only reached A and B via C, then the rest of the internet need only know about C’s address space which might be 12/8. This would allow the upstream network to simply aggregate or not announce these more specific prefixes since they’re already covered by the less specific upstream prefix

Question 21

CIDR’s effect on growth of internet routing table

Answer 21

• Significant slowing from 1994 to 1998
• We see roughly linear growth during that time
• Fast growth resumed around 2000 because of multihoming, which can make it difficult for upstream providers to aggregate IP prefixes together, often requiring an upstream provider to store multiple IP prefixes for a single autonomous system. Sometimes those IP prefixes are contiguous and sometimes they aren’t.

Question 22

Multihoming

Answer 22

• AS (30308 for example) wants to be reachable via 2 upstream internet service providers
• To do so, it needs to advertise its prefix which it received from AT&T via both AT&T and Verizon.
• The problem occurs when AT&T and Verizon want to advertise that prefix to the rest of the internet.
• AT&T would like to aggregate this prefix, but it can’t. If it did, Verizon would still be advertising the longer /24 via its upstream link, and because of longest prefix match, all of the traffic would then arrive via the Verizon link, regardless of what AS 30308 wanted to have happen to that incoming traffic.
• As a result, both AT&T and Verizon must advertise the same /24 to the rest of the internet. This results in an explosion of /24’s in the global internet routing table.
• If a lot of “Stub” AS’s wanted to be multihomed, then suddenly we’ve got a lot more /24’s in the global routing table than might not otherwise exist without multihoming

Question 23

AS path pre-pending

Answer 23

• Can be used to control inbound traffic

- Longest prefix match can too! Re-watch video on this.

Question 24

CIDR Report

Answer 24

• Released weekly
• Shows AS’s who are advertising IP prefixes that, at least according to observation, are contiguous and could be aggregated
• Top offender for the week shown below was advertising more than 3,000 unique IP prefixes. The CIDER Report’s analysis suggests that with appropriate aggregation, this AS could instead advertise only 56 unique IP prefixes.
• This might be overly optimistic (sometimes deaggregating necessary), but altogether the CIDR Report shows that there are a lot more IP prefixes in the global internet routing table than there could be if AS’s took full advantage of aggregation.

Question 25

How many IP addresses in a /22 prefix?

Answer 25

2^10

Question 26

LPM can be implemented in different ways

Answer 26

• Radix trie
• Compressed trie
• Binary search on prefix intervals

Question 27

What lookup algorithm does a router use

Answer 27

Depends on the protocol that it’s using to forward packets

Question 28

IPv4 and IPv6 use which protocol to forward packets?

Answer 28

Longest prefix match

-Some protocols use exact match

Question 29

Ethernet-based forwarding is based on…

Answer 29

An exact match of a layer 2 address

• Usually 48 bits long
• It’s global (not just local to the link) and the range or size of the address is not negotiable
• 2^48 is MUCH bigger than 2^12. Therefore, not possible to hold all the addresses in the table and use direct lookup

Question 30

Advantages of exact matches in ethernet switches

Answer 30

• Exact match is simple

- Expected lookup time is small , or O(1)

Question 31

Disadvantages of exact match in ethernet switches

Answer 31

• Inefficient use of memory

- Potentially resulting in non-deterministic lookup time if a lookup might require multiple memory accesses

Question 32

LPM is _____ to perform than exact match

Answer 32

Harder.
-Destination IP address does not indicate the length of the longest matching prefix, so some algorithm needs to determine the length of the longest matching prefix
-We somehow need a way to search the space of all prefix lengths, as well as prefixes of a given length
-

Question 33

LPM in IPv4 using exact match

Answer 33

• Horribly inefficient
• We’d have to have tables for each of these lengths, and every time a packet arrived we’d have to send it to each of these 32 tables. This is extremely wasteful memory

Question 34

A trie is a type of _____

Answer 34

Data structure

-Rewatch these lectures

Question 35

Single bit trie

Answer 35

Go right or left for each bit

• Very efficient, very efficient use of memory
• Updates very simple
• Main problem is # of memory accesses required to perform a lookup
• For a 32-bit address, a lookup in a single-bit trie might require 32 lookups in the worst case (one for each bit). Each bit in the address requires one traversal in the trie, aka one memory lookup.
• For perspective, an OC48 requires at most 4 accesses. 32 accesses is far too many, especially for high-speed links.

Question 36

Direct trie

Answer 36

• Other extreme from single bit
• Instead of 1 bit per lookup, we might have 1 memory access responsible for looking up a much larger number of bits.
• For example, a 2-level trie: first memory access is dictated by the first 24 bits of the address, and the second memory access is dictated by the last 8 bits of the address. In the second access, we can look up an entry in the forwarding table with just 2 memory accesses. The problem is that this whole structure results in a very inefficient use of memory, unlike the single-bit try.
• Suppose that we want to represent a /16 prefix. Unfortunately we have no way of encoding a lookup that’s just 16 bits. We have to, rather, encode 2^8 identical entries corresponding to the 2^8 /24 prefixes that are contained in that /16, so this is an extremely inefficient use of memory.
• REWATCH VIDEOS

Question 37

Suppose we have a direct trie where the first level is 16 bits, the next level is 8 bits, and the 3rd level is the final 8 bits. In the worst case, how many memory accesses would be required per lookup?

Answer 37

3

-Because the trie has a depth of 3, in the worst case, a lookup might require 3 memory accesses

Question 38

Suppose we have a direct trie where the first level is 16 bits, the next level is 8 bits, and the 3rd level is the final 8 bits. How many entries would I need to represent a /20 prefix?

Answer 38

16.
-A /20 prefix is 2^4 or 16 /24’s. I need to basically represent 16 entries at the 24-bit level of the trie or the second level, and therefore I’d need 16 entries to represent a /24 prefix.

Question 39

How do we achieve the memory efficiency of a single-bit try with the fast-lookup properties of a direct trie?

Answer 39

• Double check if this question is even correct

- Use a Multi-bit Trie (AKA “Multi-Ary” Trie). It has multiple (k) bits per level

Question 40

What is the simplest case of the multi-ary trie?

Answer 40

Binary trie (k = 1)

Question 41

What is k in a 4-ary trie?

Answer 41

2

Question 42

Leaf-pushed trie

Answer 42

Helps save space further (beyond using a k-ary trie

-Instead of having pointers we can push entries into the left and right side of the node

Question 43

Lulea

Answer 43

Optimization algorithm, uses a 3-level trie, often a bitmap to compress out repeated entries

Question 44

PATRICIA

Answer 44

Optimization algorithm

Question 45

Alternatives to LPM with Tries

Answer 45

• Content-addressable memory (CAM)

- Ternary CAM

Question 46

CAM

Answer 46

• Only supports exact match
• Content-addressable memory
• HW-based route lookup where the input is a tag and the output is a value (example: address and output port)
• Really only supports exact match but is an O(1) lookup

Question 47

Ternary CAM

Answer 47

• Instead of exact matching in the tag, you can have 0, 1, or don’t care (*)
• Ternary CAM’s support for wildcard permits implementation of LPM
• One can thus have multiple matching entries but then prioritize the match to the longest prefixing the ternary CAM

Question 48

2 solutions to IPv4 internet routing table growth/running out of address space

Answer 48

• Network Address Translation (NAT)
• IPv6 (whose main feature is 128-bit addresses). Basically, add more bits!

-Note about running out: In addition to being limited to 2^32 total unique addresses, IPv4 addresses are typically allocated in blocks. That fragmentation can mean that IPv4 addresses can be quickly exhausted. The last /8 has already been given out to a registry, so in some sense you can say we’ve already run out.

Question 49

NAT

Answer 49

• Network Address Translation
• Allows multiple networks to use the same private IP address space
• Takes private IP address spaces that are behind the NAT and translates them to a single globally visible IP address
• Now, to the rest of the internet, network 1 appears to be reachable by a single IP address, and network 2 by a different single distinct IP address

Question 50

Where NAT is needed

Answer 50

-Suppose se have 2 networks. They might be homes, or larger networks in regions of the internet where IPv4 address space is scarce (e.g. in developing regions)

Question 51

The key behind NAT

Answer 51

• The the packet has a source port, and the NAT is going to take that source IP address and port, and translate it into a publicly reachable source IP address and port. The destination remains the same.
• Now when a packet comes back from the global internet destination, the NAT has a table that knows the mapping between the public IP address/port and the private IP address/port. It can rewrite the destination IP address of the packet to the corresponding private address.

Question 52

Where are NATs popular?

Answer 52

• On broadband access networks, small or home office (SOHO), and VPN’s
• There’s a clear savings in IPv4 address space since there can be many devices in one of these private networks, and yet all of the devices behind the NAT only use up 1 public IP address

Question 53

Drawbacks of NAT

Answer 53

• End-to-end model is broken
• If the NAT device failed in this instance, for example, the mapping between the private source IP address and port and the public IP address/port would be lost, thereby breaking all active connections for which the NAT is on the path
• It’s also asymmetric. In certain circumstances, it’s difficult for a host on the global internet to reach a host in a private address space because by default those devices do not have public globally reachable IP addresses

Question 54

What 2 things does NAT break?

Answer 54

End-to-end communications AND bidirectional communication (it’s asymmetric!)

Question 55

IPv6 provides

Answer 55

• more addresses
• simpler header
• multihoming supposedly easier
• various aspects of security are built in (IPv6 crypto extensions)

Question 56

IPv6 address format

Answer 56

• Top 48 bits = public routing topology (3 bits for aggregation, 13 “tier-1” for top level provider like an ISP, 8 reserved bits, and 24 additional bits
• Then a 16-bit site identifier
• Then a 64-bit interface ID (48-bit Ethernet + 16 more bits)

Question 57

“Today”, how many IPv4 and IPv6 addresses?

Answer 57

• 500,000 IPv4

- 16,000 IPv6

Question 58

Why is IPv6 hard to deploy incrementally?

Answer 58

• Narrow waist: everything runs on IPv4, which was designed to run over a variety of physical layers.
• This common protocol has allowed tremendous growth, but because everything depends on the narrow waist of IPv4, and because IPv4 is build on top of so many other types of infrastructure, changing it becomes extremely tricky.
• Incremental deployment (part of the internet running IPv4 and other parts upgraded to IPv6) results in significant incompatibility. There are various incremental deployment options for IPv6.

Question 59

Dual stack deployment

Answer 59

• One option for incremental deployment for IPv6
• Communicates with an IPv4 host using IPv4, and with an IPv6 host using IPv6
• This means it has to have an IPv4-compatible address
• Either the host has to have an IPv4 and IPv6 address, thus allowing it to speak to an IPv4 host, OR it must rely on a translator, which knows how to take a v4-compatible IPv6 address and translate it to the IPv4 address.
• It either has both or has an IPv4-compatible IPv6 address

Question 60

One way to ensure IPv4-compatibility of an IPv6 address

Answer 60

Embed the 32 bits of the IPv4 address in the 128 allocated for the IPv6 address

Question 61

Problem that dual stack deployment doesn’t solve

Answer 61

IPv6 deployments might exist as islands

Question 62

IPv6 islands

Answer 62

• What if multiple independent portions of the internet might deploy IPv6, but the middle of the network only speaks and routes IPv4?
• Solution: v6 to v4 tunneling

Question 63

v6 to v4 tunneling

Answer 63

• v6 is encapsulated in a v4 packet
• v4 packet is routed to a particular v4-v6 gateway corresponding to the v6 address that lies behind that gateway
• at this point, outer layer can be stripped, and the v6 packet can be sent to its destination. Requires the gateways at the boundaries between v4 and v6 networks to perform encapsulation of the packet as it enters the v4-only part of the network, and decapsulation as the packet enters the v6 island where the destination host resides

Question 64

stride

Answer 64

how many bits you’re comparing at a time

Question 65

Which forwarding protocols implement exact match?

Answer 65

Ethernet-based, ATM, MPLS

Question 66

What are the techniques for exact match?

Answer 66

Direct lookup, associative lookup, binary tree, hashing

Question 67

What are the techniques for longest prefix match?

Answer 67

Radix, compressed trie, binary search on prefix intervals

Question 68

iBGP vs eBGP

Answer 68

We can think of iBGP as a means to disseminate information about external routes inside the AS.
eBGP is used to disseminate the routes among ASes.

Question 69

How to calculate degree of trie

Answer 69

w^k

Question 70

Stride

Answer 70

k