CHAPTER 1: NETWORKING CONCEPTS
At its most elementary level, a computer network consists of two computers connected to each other by a cable that allows them to share data. All computer networking, no matter how sophisticated stems from that simple system. While the idea of connecting two computers by a cable may not seem extraordinary, inretrospect it has proven to be a major achievement in communications.
Computer networking arose as an answer to the need to share data in a timely fashion. Personal computers are powerful tools that can process and manipulate large amounts of data quickly, but they do not allow users to share that data efficiently. Before networks, users needed either to print out documents or copy document files to a disk for others to edit or use them. If others made changes tothe document, there was no easy way to merge the changes. This was, and still is, known as "working in a stand-alone environment."
TYPES OF NETWORKS:
Computer networks can be categorized in the following types.
- LOCAL AREA NETWORK (LAN):
- METROPOLITAN AREA NETWORK (MAN):
- WIDE AREA NETWORK (WAN):
A local area network (LAN) supplies networking capability to a group of computers in close proximity to each other such as in an office building, a school, or a home. A LAN is useful for sharing resources like files, printers, games or other applications. A LAN in turn often connects to other LANs, and to the Internet . The most common type of local area network is an Ethernet LAN. The smallest home LAN can have exactly two computers; a large LAN can accommodate many thousands of computers. Many LANs are divided into logical groups called subnets.
MAN stands for metropolitan area network .It is a network of devices within an area of one to ten kilometers or with in a city .It may be a single network such as a cable television network or it may be a means of connecting a number of LANs into a larger network so that resources may be shared LAN to LAN as well as device to device.
A WAN stand for wide area network .It is spread through out the world. A WAN that is wholly owned and used by a single company is often referred to as an enterprise network. It can connect computers and other devices on opposite sides of the world. A WAN is made up of a number of interconnected LANs. Perhaps the ultimate WAN is the Internet.
Anintranetis a privatecomputer networkthat usesInternet Protocoltechnologies to securely share any part of an organization's information or operational systems within that organization. The term is used in contrast tointernet, a network between organizations, and instead refers to a network within an organization. Sometimes the term refers only to the organization's internalwebsite, but may be a more extensive part of the organization's information technology infrastructure. It may host multiple private websites and constitute an important component and focal point of internal communication and collaboration.
Anextranetis a private network that usesInternet protocols,networkconnectivity. An extranet can be viewed as part of a company'sintranetthat is extended to users outside the company, usually via theInternet. It has also been described as a "state of mind" in which the Internet is perceived as a way to do business with a selected set of other companies (business-to-business, B2B), in isolation from all other Internet users. In contrast,business-to-consumer(B2C) models involve known servers of one or more companies, communicating with previously unknown consumer users.
An Internetwork is a collection of two or more LANs connected by WANs. Internworks are referred to interchangeably as data networks or simply networks. The most popular internetwork is the Internet which is open to public.
COMPONENTS OF NETWORK:
A data communication system has two main components:-
- HARDWARE COMPONENTS:
- END USER DEVICES:
- INTERMEDIARY DEVICES:
- NETWORK MEDIA:
- SOFTWARE COMPONENTS:
Devices and media are the physical elements or hardware of the network Hradware is often the visible components of the network platform such as a laptop, a PC or swtich etc used to connect the devices. Ocassionally some components might not be so visible.
Devices of the network can be of two types that are the end devices and the intermediary devices, we explain both the types:-
An end use device refers to a piece of equipment that is either the ousce or the destination of a message on a network. Network users usaully only see or touch an end device, which is most often a computer. Another can generic term for an end device that sends or receives messages is a host. E.g host and end devices are Printers, Computers, Scanners, Webcams etc.
Intermediary devices connect the indivisual hosts to the network or can connect multiple networks to form an internetwork. Intermediary devices are not all the same. Some work inside the LAN to perfom switching functions and others help route messages between networks. Example of intermediary devices are Switches, Hubs and Routers etc.
Communication across a network is carried on a medium. The medium provides the channel over which the message travels from source to destination. The three main types of media in use in a network are:
A twisted pair cable usually used as a medium inside a LAN environment.
Made up of glass or plastic fibers in a vinyl coating usually used for long runs in a LAN and as a trunk.
It connects local users through air using electromagnetic waves.
Software components can be divided in to two parts, services and processes.
A network service provide information in responce to a request. Services include many of the common netowrk applications people use every day, like e-mail hosting services and web hosting services. For an instance we can take example of YAHOO enterprise, they provide mail services as well as web services, there are a number of companies offering these kind of services.
Processes provide the funtionality that directs and moves the messages through the network. Processes are less obvious to us ut are critical to the opeation of networks. For example viewing a webpage invokes one network process, clicking on a hyperlink causes a web browser to communicate with a web server, in the same way many network processes can take place at the same time.
Topology of a network is the geometrical representation of the relationship of all the links and linking devices to one another.
There are four basic physical topologies possible mesh, star, bus, and ring.
- MESH TOPOLOGY:
- STAR TOPOLOGY:
- BUS TOPOLOGY:
- RING TOPOLOGY:
In a mesh topology every device has a dedicated point to point connection to every other device .A fully connected mesh network therefore has n(n-1)/2 physical channels to link n devices .
In star topology each device has a dedicated point to point connection only to a central controller usually called a hub . The devices are not directly connected to each other .Unlike a mesh topology ,a star topology does not allow direct traffic between devices the controller acts as an exchange : if one device wants to send data to another it sends the data to the controller which then relays the data to the other connected device.
A bus topology on the other hand is multi point one long cable acts as a back bone to link all the devices in a network nodes are connected to the bus cable by drop lines and taps a drop line is a connection running between the devices and the main cable a tap is a connector that either splices into the main cable or punctures the sheathing of a cable to create a contact with the metallic core.
In a ring topology each device has a dedicated point to point connection only with the two devices on either side of it . A signal is passed along the ring in one direction from device to device until it reaches to its destination protocols.
The Logical topology defines how the systems communicate across the physical topologies. There are two main types of logical topologies:
SHARED MEDIA TOPOLOGY:
In a shared media topology, all the systems have the ability to access the physical layout whenever they need it. The main advantage in a shared media topology is that the systems have unrestricted access to the physical media. Of course, the main disadvantage to this topology is collisions. If two systems send information out on the wire at the same time, the packets collide and kill both packets. Ethernet is an example of a shared media topology.
TOKEN BASED TOPOLOGY:
The token-based topology works by using a token to provide access to the physical media. In a token-based network, there is a token that travels around the network. When a system needs to send out packets, it grabs the token off of the wire, attaches it to the packets that are sent, and sends it back out on the wire. As the token travels around the network, each system examines the token. When the packets arrive at the destination systems, those systems copy the information off of the wire and the token continues its journey until it gets back to the sender. When the sender receives the token back, it pulls the token off of the wire and sends out a new empty token to be used by the next machine.
In information technology, a protocol (from the Greek protocollon, which was a leaf of paper glued to a manuscript volume, describing its contents) is the special set of rules that end points in a telecommunication connection use when they communicate. Protocols exist at several levels in a telecommunication connection. For example, there are protocols for the data interchange at the hardware device level and protocols for data interchange at the application program level. In the standard model known as Open Systems Interconnection (OSI), there are one or more protocols at each layer in the telecommunication exchange that both ends of the exchange must recognize and observe. Protocols are often described in an industry or international standard.
For devices to communicate over the network, they must follow different protocols that perform the many tasks to be completed. The protocols define the following:
- The format of the message
- The way intermediary dvices share information about the path to the destination
- The method to handle update messages between intermediary devices
- The process to initiate and terminate communications between hosts
INTERACTION OF PROTOCOLS:
Interaction between protocols can be clearly understood by a simple example, the way that a web server and a web client interacts. HTTP defines the formatting and content of the requests and responses exchanged between the client and server. Both the client and server implements HTTP as part of the application. The HTTP protocol relies on other protocols to govern how the message are transported between the client and server. TCP is the transport protocol that divides the HTTP messages in to smaller pieces to be sent to the destination client, it is also responsible for controlling the size and rate at which messages are exchanged between the client and the server. Another protocol called IP is responsible for taking the formatted segments from TCP, encapsulating them into packets, assigning the appropriate addresses and selecting the best path to the destination host.
TECHNOLOGY INDEPENDENT PROTOCOLS:
Protocols that guide the network data are not dependent on any specific technology to carry out the task. Protocols describe what must be done to communicate, not how the task is to be completed.This is the reason that enables different kind of devices such as telephones and computers to use the same network infrasturcture to communicate.
PROTOCOLS AND REFRENCE MODELS:
Networking professionals use two networking models to comminicate within the industry, they are protocol models and reference models. Both were created in the 1970's.
A protocol model is a model that closely matches the structure of a particular protocol suite. The hierarhical set of related protocols in a suite typically represents all the functionality required to interface the human network with the data network. The TCP/IP model is a protocol model because it describes the functions that occur at each layer of protocols with in the protocol suite.
A refrence model provides a common referecen for maintaining the consistency within alkl types ofn etwork protocols and services. The primary function of a refercen model is to aid in clearer understanding of the functions and process involved. The OPEN SYSTEMS INERCONNECTION (OSI) the most well known reference model.
In 1978, the International Organization for Standardization (ISO) released a set of specifications that described network architecture for connecting dissimilar devices. The original document applied to systems that were open to each other because they could all use the same protocols and standards to exchange information.
- APPLICATION LAYER:
- PRESENTATION LAYER:
- SESSION LAYER:
- TRANSPORT LAYER:
- NETWORK LAYER:
- DATA LINK LAYER:
- PHYSICAL LAYER:
The topmost layer of the OSI reference model, is the application layer. This layer relates to the services that directly support user applications, such as software for file transfers, database access, and e-mail. In other words, it serves as a window through which application processes can access network services. A message to be sent across the network enters the OSI reference model at this point and exits the OSI reference model's application layer on the receiving computer.
The presentation layer, defines the format used to exchange data among networked computers. Think of it as the network's translator. When computers from dissimilar systems need to communicate, a certain amount of translation and byte reordering must be done. Within the sending computer, the presentation layer translates data from the format sent down from the application layer into a commonly recognized, intermediary format. At the receiving computer, this layer translates the intermediary format into a format that can be useful to that computer's application layer. The presentation layer is responsible for converting protocols, translating the data, encrypting the data, changing or converting the character set, and expanding graphics commands. The presentation layer also manages data compression to reduce the number of bits that need to be transmitted.
The session layer, allows two applications on different computers to open, use, and close a connection called a session. (A session is a highly structured dialog between two workstations.) The session layer is responsible for managing this dialog. It performs name-recognition and other functions, such as security, that are needed to allow two applications to communicate over the network.
The transport layer, provides an additional connection level beneath the session layer. The transport layer ensures that packets are delivered error free, in sequence, and without losses or duplications. At the sending computer, this layer repackages messages, dividing long messages into several packets and collecting small packets together in one package. This process ensures that packets are transmitted efficiently over the network. At the receiving computer, the transport layer opens the packets, reassembles the original messages, and, typically, sends an acknowledgment that the message was received. If a duplicate packet arrives, this layer will recognize the duplicate and discard it.
The network layer, is responsible for addressing messages and translating logical addresses and names into physical addresses. This layer also determines the route from the source to the destination computer. It determines which path the data should take based on network conditions, priority of service, and other factors. It also manages traffic problems on the network, such as switching and routing of packets and controlling the congestion of data.
The data-link layer, sends data frames from the network layer to the physical layer. It controls the electrical impulses that enter and leave the network cable. On the receiving end, the data-link layer packages raw bits from the physical layer into data frames. The electrical representation of the data is known to this layer only.
The bottom layer of the OSI reference model, is the physical layer. This layer transmits the unstructured, raw bit stream over a physical medium (such as the network cable). The physical layer is totally hardware-oriented and deals with all aspects of establishing and maintaining a physical link between communicating computers. The physical layer also carries the signals that transmit data generated by each of the higher layers.
The TCP/IP protocol does not exactly match the OSI reference model. Instead of seven layers, it uses only four. Commonly referred to as the Internet Protocol Suite, TCP/IP is broken into the following four layers:
- NETWORK ACCESS:
Network access layer communicates directly with the network. It provides the interface between the network architecture (such as token ring, Ethernet) and the Internet layer.
The Internet layer, corresponding to the network layer of the OSI reference model, uses several protocols for routing and delivering packets. Router are protocol dependent, they function at this layer of the model and are used to forward packets from one network or segment to another. Several protocols work within the Internet layer.
The transport layer, corresponding to the transport layer of the OSI reference model, is responsible for establishing and maintaining end-to-end communication between two hosts. The transport layer provides acknowledgment of receipt, flow control, and sequencing of packets. It also handles retransmissions of packets. The transport layer can use either TCP or User Datagram Protocol (UDP) protocols depending on the requirements of the transmission.
Corresponding to the session, presentation, and application layers of the OSI reference model, the application layer connects applications to the network. It contains all the higher-level protocols.
COMPARISON BETWEEN OSI MODEL AND TCP/IP MODEL:
The OSI and TCP/IP reference models have much in common. Both are based on the concept of a stack of independent protocols. Also, the functionality of the layers is roughly similar. For example, in both models the layers up through and including the transport layer are there to provide an end-to-end, network-independent transport service to processes wishing to communicate. These layers form the transport provider. Again in both models, the layers above transport are application-oriented users of the transport service.
The differece between OSI and TCP/IP model is that the Application layer of TCP/IP model operates at the upper three layers of OSI model, they are application layer, presentation layer and session layer, also the Network layer of TCP/IP model works at the lower two layers of OSI model that are, data link layer and physical layer.
The TCP/IP suite of protocols is the set of protocols used to communicate across the internet. It is also widely used on many organizational networks due to its flexibility and wide array of functionality provided. Microsoft who had originally developed their own set of protocols now is more widely using TCP/IP, at first for transport and now to support other services.
SOME IMPORTANT TCP/IP PROTOCOLS:
- INTERNET PROTOCOLv4 (IP):
Internet Protocol (IP) is a packet-switched protocol that performs addressing and route selection. As a packet is transmitted, this protocol appends a header to the packet so that it can be routed through the network using dynamic routing tables. IP is a connectionless protocol and sends packets without expecting the receiving host to acknowledge receipt. In addition, IP is responsible for packet assembly and disassembly as required by the physical and data-link layers of the OSI reference model. Each IP packet is made up of a source and a destination address, protocol identifier, checksum (a calculated value), and a TTL (which stands for "time to live"). The TTL tells each router on the network between the source and the destination how long the packet has to remain on the network. It works like a countdown counter or clock. As the packet passes through the router, the router deducts the larger of one unit (one second) or the time that the packet was queued for delivery. For example, if a packet has a TTL of 128, it can stay on the network for 128 seconds or 128 hops (each stop, or router, along the way), or any combination of the two. The purpose of the TTL is to prevent lost or damaged data packets (such as missing e-mail messages) from endlessly wandering the network. When the TTL counts down to zero, the packet is eliminated from the network.
The key fields of the ipv4 are as follows:-
- SOURCE ADDRESS: Sender's ip address
- DESTINATION ADDRESS : Receiver's ip address
- TIME TO LIVE (TTL): Numeber of hops a packet must traverse before getting discarded.
- TYPE OF SERVICE (TOS): It is for a sending host to specify a preference for how the datagram would be handled as it makes its way through an internet.
- PROTOCOL: This field defines the protocol used in the data portion of the IP datagram.
- FLAG AND FRAGMENT: A three-bit field follows and is used to control or identify fragments
- VERSION: Protocol version.
- INTERNET HEADER LENGTH: The second field (4 bits) is the Internet Header Length (IHL) telling the number of 32-bitwordsin the header.
- PACKET LENGTH: This 16-bit field defines the entire datagram size, including header and data, in bytes.
Before an IP packet can be forwarded to another host, the hardware address of the receiving machine must be known. The ARP determines hardware addresses (MAC addresses) that correspond to an IP address. If ARP does not contain the address in its own cache, it broadcasts a request for the address. All hosts on the network process the request and, if they contain a map to that address, pass the address back to the requestor. The packet is then sent on its way, and the new information address is stored in the router's cache.
Some important fields of ARP's header are as follows:-
- HARDWARE TYPE: This field specifies the Link Layer protocol type
- PROTOCOL TYPE: This field specifies the upper layer protocol for which the ARP request is intended
- HARDWARE LENGTH: Length of a hardware address
- PROTOCOL LENGTH: Length (in octets) of alogical addressof the specified protocol
- OPERATION: Specifies the operation that the sender is performing
- SENDER HARDWARE ADDRESS: Hardware (MAC) address of the sender.
- SENDER PROTOCOL ADDRESS: Upper layer protocol address of the sender.
- TARGET PROTOCOL ADDRESS: Hardware address of the intended receiver.
- TARGET HARDWARE ADDRESS: Upper layer protocol address of the intended receiver.
The TCP is responsible for the reliable transmission of data from one node to another. It is a connection-based protocol and establishes a connection (also known as a session, virtual circuit, or link), between two machines before any data is transferred. To establish a reliable connection, TCP uses what is known as a "three-way handshake." This establishes the port number and beginning sequence numbers from both sides of the transmission.
Following are some important fields of TCP header:
- SOURCE PORT: Identifies the sending port.
- DESTINATION PORT: Identifies the receiving port.
- SEQUENCE NUMBER: This is the initial sequence number.
- ACKNOWLEDGEMENT NUMBER: A 32 bit acknowledgement number.
- DATA OFFSET: Specifies the size of the TCP header in 32-bit words.
A connectionless protocol, the UDP, is responsible for end-to-end transmission of data. Unlike TCP, however, UDP does not establish a connection. It attempts to send the data and to verify that the destination host actually receives the data. UDP is best used to send small amounts of data for which guaranteed delivery is not required. While UDP uses ports, they are different from TCP ports; therefore, they can use the same numbers without interference.
Some key headers of UDP are as follows:
- SOURCE PORT: This field identifies the sending port.
- DESITNATION PORT: This field indentifies the receiving port
- LENGTH: A 16-bit field that specifies the length in bytes of the entire datagram
- CHECKSUM: The 16-bitchecksumfield is used for error-checking of the headeranddata.
There are millions of computers in use on the web and billions of messages traversing networks at any given time, so prper addresing is essential to make sure that the sent messages arrives intact at the proper destination. Addressing of data happens in three different layers of the OSI model. The PDU at each layer adds address information for use by the peer layer at the destination.
CHAPTER 2: ROUTING Fundamentals
Routing is the process of selecting paths in a network along which to send network traffic. Routing is performed for many kinds of networks, including the telephone network, electronic data networks such as the Internet, and transportation networks. Our main concern will be routing in packet switched networks. In packet switching networks, routing directs packet forwarding, the transit of logically addressed packets from their source toward their ultimate destination through intermediate nodes; typically hardware devices called routers, bridges, gateways, firewalls, or switches. General-purpose computers with multiple network cards can also forward packets and perform routing, though they are not specialized hardware and may suffer from limited performance. The routing process usually directs forwarding on the basis of routing tables which maintain a record of the routes to various network destinations. Thus, constructing routing tables, which are held in the routers' memory, is very important for efficient routing. Most routing algorithms use only one network path at a time, but multipath routing techniques enable the use of multiple alternative paths.
TYPES OF ROUTING:
- STATIC ROUTING:
- DYNAMIC ROUTING:
Static routing is manually adding routes to the routing table, routes through a data network are described by fixed paths (statically). These routes are usually entered into the router by the system administrator. An entire network can be configured using static routes, but this type of configuration is not fault tolerant. When there is a change in the network or a failure occurs between two statically defined nodes, traffic will not be rerouted. This means that anything that wishes to take an affected path will either have to wait for the failure to be repaired or the static route to be updated by the administrator before restarting its journey. Most requests will time out (ultimately failing) before these repairs can be made. There are, however, times when static routes make sense and can even improve the performance of a network. Some of these include stub networks and default routes.
Dynamic routing performs the same function as static routing except it is more robust. Static routing allows routing tables in specific routers to be set up in a static manner so network routes for packets are set. If a router on the route goes down the destination may become unreachable. Dynamic routing allows routing tables in routers to change as the possible routes change. Dynamic routing uses routing protocols for routing information automatically over the internertwork.
STATIC VS DYNAMIC ROUTING:
Before going further we need to examine the difference between static and dynamic routing.
Before going in to the details of dynamic routing we must understand what are routing protocols. Routing protocols implement algorithms that tell routers the best paths through internetworks. Routing protocols provide the layer 3 network state update. In short, routing protocols route datagrams through a network. Routing is a layer 3 function, thus, routing and routed protocols are network-layer entities. Routing tables on the layer 3 router are populated by information from routing protocols. A routed protocol will enter an interface on a router, be placed in a memory buffer, then it will be forwarded out to an interface based on information in the routing table
TYPES OF DYNAMIC ROUTING PROTOCOLS:
Dynamic routing protocols can be divided in to the following broad catagories.
CLASSFUL AND CLASSLESS ROUTING PROTOCOLS:
- CLASSFUL ROUTING PROTOCOLS:
- CLASSLESS ROUTING PROTOCOLS:
Classful routing protocols do not send subnet mask information in routing updates. This was at the time when network address were allocated on the basis of classes i.e A, B or C. These routing prtocols did not include subnet mask in routing update because the the network mask was determined by first octet of the network address.
Classfull routing protocols can still be used in today's networks but they cannot be used in all situations because they do not include the subnet mask. Classfull routing protocols cannot be used where the network is subnetted using more then one subnet mask, in other words we can say that classfull routing protocols do not support variable-lenght subnet mask (VLSM). In the following figure the classfull version of the network support similar subnet masks i.e all /24.
Classless routing protocols send the subnet mask in the routing update. Today's networks are no longer allocated on the bases of classes, and the subnet mask cannot be determined by the value of the first octet. Classless routing protocols are required in most netorks today because of their support for VLSM. The following figures shows that in classless version of the network supports both /30 and /27 subnet masks in the same topology.
IGP AND EGP:
Discussion on IGP and EGP cannot be done untill we understand the concept of AS i.e autonomous system. An autonomous system is simply a routing domain or a collection of routers under a common administration. Typical example can be an ISP's network like CYBER NET or BRAIN NET. The whole internet system is based on AS concept so there two types of routing protocols are required, interior and exterior routing protocols.
- INTERIOR GATEWAY PROTOCOL:
- EXTERIOR GATEWAY PROTOCOLS:
IGPs are used for intra-AS routing that is routing inside an autonomous system, they perform routing within the routing domain i.e those networks under the control of single organization. IGPs are used to route within the autonomous system and also used to route within the indivisual networks themselves. RIP RIPv2 IGRP etc are some common IGPs
EGPs are used for inter-AS routing that is routing between autonomous systems, these autonomous system are under control of different administrations. BGP is the only EGP currently used for routing by the internet.
DISTANCE VECTOR AND LINK STATE ROUTING PROTOCOLS:
Dynamic routing can be further catagorized in two broad aspects, link state and distance vector. We have already read about the mechansim of link state and distance vector routing protocols in previous chapter, here are some few important distance vector and link state routing protocols.
- DISTANCE VECTOR ROUTING PROTOCOLS:
Distance vector means that routes are advertised as vectors of distance and direction. Distance is defined in terms of a metric such as hop count, and direction is simply the next hop router or exit interface. Distance vector protocols typically use the Bellman-Ford algorithm for the best path route determination.
Some distance vector protocols periodically send complete routing tables to all connected neighbors. In large networks, these routing updates can become enormous, causing significant traffic on the links. The Bellmen-Ford algorithm does not allow the router to know about the exact topology of the internetwork. The router only knows the routing information received from its neighbor. Following are some important distance vector protocols:-
- Routing Information Protocol ( RIP ): TheRouting Information Protocol(RIP) is a dynamicrouting protocolused in local and wide area networks. As such it is classified as aninterior gateway protocol(IGP). It uses thedistance-vector routing algorithm
- Routing Information Protocol version 2 ( RIP V2 ): Due to the deficiencies of the original RIP specification, RIP version 2 (RIPv2) was developed in 1993 and last standardized in 1998. It included the ability to carry subnet information, thus supportingClassless Inter-Domain Routing (CIDR).
- Interior Gateway Routing Protocol ( IGRP ): Interior Gateway Routing Protocol(IGRP) is adistance vectorinterior routing protocol (IGP) invented byCisco. It is used byroutersto exchangeroutingdata within anautonomous system.
- EIGRP: EIGRP is an advanceddistance-vector routing protocol, with optimizations to minimize both therouting instability incurred after topology changes, as well as the use of bandwidth and processing power in the router.
- Border Gateway Protocol(BGP): TheBorder Gateway Protocol(BGP) is the corerouting protocolof theInternet. It maintains a table of IP networks or 'prefixes' which designate network reachability amongautonomous systems(AS). It is described as apath vector protocol.
A Link state routing protocol creates the entire view of the network by gathering information from all the other routers, it has got the complete map of the network topology. A link state router uses the link state information to create a topology map and to select the best path to all destination networks in the topology.
With some distance vector routing protocols. Router send periodic updates of their routing information to their neighbors. Link state routing protocols do not use periodic updates. After the network has converged, a link state update is only sent when there is a change in the topology. Some important link state routing protocols are:-
- Open Shortest Path First ( OSPF ): Open Shortest Path First(OSPF) is adynamic routing protocol for use inInternet Protocol(IP) networks. Specifically, it is alink-state routing protocoland falls into the group ofinterior gateway protocols, operating within a singleautonomous system(AS)
- Intermediate System to Intermediate System ( IS-IS ): Intermediate system to intermediate system(IS-IS), is a protocol used by network devices to determine the best way to forward datagrams through a packet-switched network.
METRICS AND ITS PURPOSE:
Metrics are a way to compare. Routing protocols use metrics to determine which route is the best path. There are cases when a routing protocol learns from of more than one route to the same destination. To select the best path. The routing protocol must be able to evaluate and differentiate among the available paths. For this purpose, a metric is use. A metric is value used by routing protocols to assign cost to reach remote networks. It chooses optimal paths among multiple paths.
METRICS AND ROUTING PROTOCOLS:
Two different routing protocols may use different metrics for choosing the best path. For an instance RIP would use the least number of hops that is the least number of routers for choosing an optimal path and on the other hand a router configured with OSPF would choose the path with maximum bandwidth.
Load balancing is used where there are multilpe paths to the destination and every path has same metric values, in that case the packets will be balanced between the paths and will be sent over all paths having same metric value.
ADMINISTRATIVE DISTANCE AND ITS PURPOSE:
Administrative distanceis the measure used bycisco IOSto select the best path when there are two or more different routes to the same destination from two different routing protocols. Administrative distance defines the reliability of a routing protocol. Each routing protocol is prioritized in order of most to least reliable using an administrative distance value. A lower numerical value is preferred, e.g. an OSPF route with an administrative distance of 110 will be chosen over a RIP route with an administrative distance of 120.
CHAPTER 3: INTRODUCTION TO IPV6
WHY IPV6 IS NEEDED:
IPv6 is needed because the Internet isrunning out of IPv4 addresses. IPv4 uses 32-bit addresses and can support approximately 4.3 billion individually addressed devices on the Internet. IPv6, on the other hand, uses 128-bit addresses and can support so many devices that only a mathematical expression 2 to the 128th power can quantify its size. Experts predict IPv4 addresses will be gone by 2012. At that point, all ISPs, government agencies and corporations will need to support IPv6 on their backbone networks. Today, only a handful of organizations have deployed IPv6 across their networks.
IPV4 AND ITS LIMITATIONS:
The Internet Protocol (IP) is the heart of the Internet. Networks running different protocols are connected together to form the global network because of the IP, currently we using the IP version 4 addresing schemes and routing protocols. IPV4 is identified by a 32-bit address. The address consists of the network ID and the host ID. IP address can be of five formats:-
- CLASS A: Class A addressing is used when a site contains a small number of networks, and each network has many nodes (more than 65,536). Seven bits are used for network ID and 24 bits for host ID. A class A address has 0 in the first bit. The maximum number of class A networks can be 126.
- CLASS B: Class B addressing is used when a site has a medium number of networks and each network has more than 256 but less than 65,536 hosts. Fourteen bits are allocated for network ID and 16 bits for the host ID. A class B address has 10 for the first two bits.
- CLASS C: Class C addressing is used when a site has a large number of networks with each network having fewer than 256 hosts. Twenty-one bits are allocated to network ID and 8 bits to host ID. A class C address has 110 for the first three bits.
- CLASS D: These addresses are used when multicasting is required, such as when a datagram has to be sent to multiple hosts simultaneously.
- CLASS E: These addresses are reserved for future use.
LIMITATIONS OF IPV4:
With the advent of PCs, there has been a tremendous growth in the use of computers and the need to network them, and above all to be on the Internet to access worldwide resources. In the 1990s, the need was felt to revise the IP protocol to deal with the exponential growth of the Internet, to provide new services that require better security, and to provide real-time services for audio and video conferencing. IP Version 4 has the following limitations:
The main drawback of IP Version 4 is its limited address space due to the address length of 32 bits. Nearly 4 billion addresses are possible with this address length, which appears very high (with a population of 6 billion and a large percentage of the population in the developing world never having seen a computer). But now we want every TV to be connected to the Internet and we want Internet-enabled appliances such as refrigerators, cameras, and so on. This makes the present address length of 32 bits insufficient, and it needs to be expanded.
The present IP format does not provide the necessary mechanisms to transmit audio and video packets that require priority processing at the routers so that they can be received at the destination with constant delay, not variable delay. The Internet is being used extensively for voice and video communications, and the need for change in the format of the IP datagram is urgent.
Applications such as e-commerce require high security—both in terms of maintaining secrecy while transmitting and authentication of the sender. IP Version 4 has very limited security features.
The IP datagram has a fixed header with variable options, because of which each router has to do lots of processing, which calls for high processing power of the routers and also lots of delay in processing.
IPV6 AN INTRODUCTION:
IPv6 is the second network layer standard protocol that follows IPv4 for computer communications across the Internet and other computer networks. IPv6 offers several compelling functions and is really the next step in the evolution of the Internet Protocol. These improvements came in the form of increased address size, a streamlined header format, extensible headers, and the ability to preserve the confidentiality and integrity of communications. The IPv6 protocol was then fully standardized at the end of 1998 , which defines the header structure. IPv6 is now ready to overcome many of the deficiencies in the current IPv4 protocol and to create new ways of communicating that IPv4 cannot support.
CHARACTERISTICS OF IPV6:
Following are a few characteristics of the IPV6, which makes it better then the previous version IPV4:
- LARGER ADDRESS SPACE:
- STREAMEDLINE PROTOCOL HEADER:
- STATELESS AUTOCONFIGURATION:
- NETWORK LAYER SECURITY:
- QUALITY OF SERVICE (QOS):
Increased address size from 32 bits to 128 bits.
Improves packet-forwarding efficiency.
The ability for nodes to determine their own address.
Increased use of efficient one-to-many communications.
The ability to have very large packet payloads for greater efficiency.
Encryption and authentication of communications.
QoS markings of packets and flow labels that help identify priority traffic.
Redundant services using nonunique addresses.
Simpler handling of mobile or roaming nodes.
IPV6 ADDRESSING SCHEME:
IPv4 addresses are represented in dotted-decimal format. E.g. 10.0.0.1 These 32-bit addresses are divided along 8-bit boundaries 00000000.00000000.00000000.00000000. For IPv6, the 128-bit address is divided along 16-bit boundaries. Each 16-bit is converted to a 4-digit hexadecimal number and separated by colons. The resulting representation is known as colon-hexadecimal block. For an instance lets consider the following example:-
The 128-bit address is divided along 16-bit boundaries:
0010000111011010 0000000011010011 0000000000000000 0010111100111011 0000001010101010 0000000011111111 1111111000101000 1001110001011010
Each 16-bit block is converted to hexadecimal and delimited with colons. The result is 21DA:00D3:0000:2F3B:02AA:00FF:FE28:9C5A
TYPES OF IPV6 ADDRESSES:
A unicast address identifies a single interface within the scope of the type of unicast address. With the appropriate unicast routing topology, packets addressed to a unicast address are delivered to a single interface. To accommodate load-balancing systems, RFC 3513 allows multiple interfaces to use the same address as long as they appear as a single interface to the IPv6 implementation on the host.
A multicast address identifies multiple interfaces. With the appropriate multicast routing topology, packets addressed to a multicast address are delivered to all interfaces that are identified by the address. A multicast address is used for one-to-many communication, with delivery to multiple interfaces.
An anycast address identifies multiple interfaces. With the appropriate routing topology, packets addressed to an anycast address are delivered to a single interface, the nearest interface that is identified by the address. The nearest interface is defined as being closest in terms of routing distance. An anycast address is used for one-to-one-of-many communication, with delivery to a single interface.
THE IPV6 HEADER:
The ipv6 header consists of the following fields:
- VERSION: Indicates the protocol version, and will thus contain the number 6.
- DS BYTE: This field is used by the source and routers to identify the packets belonging to the same traffic class and thus distinguish between packets with different priorities. Its 8 bits long.
- FLOW LABEL: Label for a data flow, its 20 bits long.
- PAY LOAD LENGHT: Indicates the length of the packet data field. Its 16 bits long.
- NEXT HEADER: Identifies the type of header immediately following the IPv6 header. Its 8 biys long.
- HOP LIMIT: Decremented by one by each node that forwards the packet. When the hop limit field reaches zero, the packet is discarded. Its 8 bits long.
- SOURCE ADDRESS: The address of the originator of the packet. Its 128 bits long.
- DESTINATION ADDRESS : The address of the intended recipient of the packet. Its 128 bits long.
DIFFERENCES BETWEEN IPV4 AND IPV6:
The checksum field is removed from the ipv6 header because it is already computed at layer 2, which is sufficient in view of the error rate of current networks. Better performance is thus achieved, as the routers no longer need to re-compute thechecksumfor each packet. On the debit side, eliminating thechecksummeans that there is no protection against the errors routers can make in processing packets. However, these errors are not dangerous for the network, as they cause only the packet itself to be lost if there are fields with invalid values .Thehop limitfield indicates the maximum number of nodes (hops) that a packet can cross before reaching destination. In IPv4, this field is expressed in seconds (TTL:Time To Live), even though it has the same function. The change was made for two reasons. First, for the sake of simplicity: even in IPv4, in fact, the routers translate seconds into number of hops, which are then translated back into seconds. Second, the change ensures freedom from physical network characteristics such as bandwidth. As thehop limitfield consists of 8 bits, the maximum number of nodes that a packet can cross is 255.
In IPv4, the length of the header is variable, so that it is necessary to specify both the IPv4header length, and thetotal lengthof the packet In IPv6, on the other hand, the header has a fixed length of 40 byte, so that it is sufficient to indicate the length of the data field. As thepayload lengthfield is 16 bits long, the packet cannot exceed 64 kb. Though this size also guarantees good performance for the routers (limited queuing time, 0.06% overhead), this limit is too restrictive for supercomputer communication. As supercomputers have enormous memories and are generally connected to each other directly, it would be convenient to have packets much larger than 64 kb. The jumbogram option was thus introduced to meet the needs of supercomputers. In this option, thepayload lengthfield is set to zero and the packet can exceed the specified limits.
CHAPTER 4: IPV6 ROUTING PROTOCOLS
ROUTING WITH IPV6:
With ipv6 routing can be performed in two ways like its performed with ipv4 that is either choosing static routing or dynamic routing.
- STATIC ROUTING:
- DYNAMIC ROUTING:
Networking devices forward packets using route information that is either manually configured or dynamically learned using a routing protocol. Static routes are manually configured and define an explicit path between two networking devices. Unlike a dynamic routing protocol, static routes are not automatically updated and must be manually reconfigured if the network topology changes. The benefits of using static routes include security and resource efficiency. Static routes use less bandwidth than dynamic routing protocols and no CPU cycles are used to calculate and communicate routes. The main disadvantage to using static routes is the lack of automatic reconfiguration if the network topology changes.
Dynamic routing performs the same function as static routing except it is more robust. Static routing allows routing tables in specific routers to be set up in a static manner so network routes for packets are set. If a router on the route goes down the destination may become unreachable. Dynamic routing allows routing tables in routers to change as the possible routes change.
IPV6 ROUTING PROTOCOLS:
There are quite a few well known routing protocols that support IPV6 addressing and routing we will discuss briefly a few of them that support IPV6.
RIPng is a routing protocol based on the distance vector (D-V) algorithm. RIPng uses UDP packets to exchange routing information through port 521. RIPng uses a hop count to measure the distance to a destination. The hop count is referred to as metric or cost. The hop count from a router to a directly connected network is 0. The hop count between two directly connected routers is 1. When the hop count is greater than or equal to 16, the destination network or host is unreachable. By default, the routing update is sent every 30 seconds. If the router receives no routing updates from a neighbor after 180 seconds, the routes learned from the neighbor are considered as unreachable. After another 240 seconds, if no routing update is received, the router will remove these routes from the routing table.
RIPng supports Split Horizon and Poison Reverse to prevent routing loops, and route redistribution. Each RIPng router maintains a routing database, including route entries of all reachable destinations. A route entry contains the following information:
- Destination address: IPv6 address of a host or a network.
- Next hop address: IPv6 address of a neighbor along the path to the destination.
- Egress interface: Outbound interface that forwards IPv6 packets.
- Metric: Cost from the local router to the destination.
- Route time: Time that elapsed since a route entry is last changed. Each time a route entry is modified, the routing time is set to 0.
- Route tag: Identifies the route, used in routing policy to control routing information.
OSPF V 3:
The OSPF (Open Shortest Path First) protocol is one of a family of IP Routing protocols, and is an Interior Gateway Protocol (IGP) for the Internet, used to distribute IP routing information throughout a single Autonomous System (AS) in an IP network.
The OSPF protocol is a link-state routing protocol, which means that the routers exchange topology information with their nearest neighbors. The topology information is flooded throughout the AS, so that every router within the AS has a complete picture of the topology of the AS. This picture is then used to calculate end-to-end paths through the AS, normally using a variant of the Dijkstra algorithm. Therefore, in a link-state routing protocol, the next hop address to which data is forwarded is determined by choosing the best end-to-end path to the eventual destination.
The main advantage of a link state routing protocol like OSPF is that the complete knowledge of topology allows routers to calculate routes that satisfy particular criteria. This can be useful for traffic engineering purposes, where routes can be constrained to meet particular quality of service requirements. The main disadvantage of a link state routing protocol is that it does not scale well as more routers are added to the routing domain. Increasing the number of routers increases the size and frequency of the topology updates, and also the length of time it takes to calculate end-to-end routes. This lack of scalability means that a link state routing protocol is unsuitable for routing across the Internet at large, which is the reason why IGPs only route traffic within a single AS.
Each OSPF router distributes information about its local state (usable interfaces and reachable neighbors, and the cost of using each interface) to other routers using a Link State Advertisement (LSA) message. Each router uses the received messages to build up an identical database that describes the topology of the AS.
From this database, each router calculates its own routing table using a Shortest Path First (SPF) or Dijkstra algorithm. This routing table contains all the destinations the routing protocol knows about, associated with a next hop IP address and outgoing interface.
The protocol recalculates routes when network topology changes, using the Dijkstra algorithm, and minimises the routing protocol traffic that it generates.
It provides support for multiple paths of equal cost.
It provides a multi-level hierarchy (two-level for OSPF) called "area routing," so that information about the topology within a defined area of the AS is hidden from routers outside this area. This enables an additional level of routing protection and a reduction in routing protocol traffic.All protocol exchanges can be authenticated so that only trusted routers can join in the routing exchanges for the AS.
The OSPF for IPV6 is called OSPF v3 and it has slightly few modifications that differs it from the OSPF or OSPF v2. The fundamental mechanisms of OSPF flooding, Designated Router (DR) election, area support,(Shortest Path First) SPF calculations, etc remain unchanged.However, some changes have been necessary, either due to changes inprotocol semantics between IPv4 and IPv6, or simply to handle theincreased address size of IPv6. These modifications will necessitate incrementing the protocol version from version 2 to version 3.
The Border Gateway Protocol (BGP) is the routing protocol used to exchange routing information across the Internet. It makes it possible for ISPs to connect to each other and for end-users to connect to more than one ISP. BGP is the only protocol that is designed to deal with a network of the Internet's size, and the only protocol that can deal well with having multiple connections to unrelated routing domains. BGP has proven to be scalable, stable and provides the mechanisms needed to support complex routing policies. The primary function of a BGP speaking system is to exchange network reachability information with other BGP systems. This network reachability information includes information on the list of Autonomous Systems (ASs) that reachability information traverses. This information is sufficient to construct a graph of AS connectivity from which routing loops may be pruned and some policy decisions at the AS level may be enforced.
BGP4 provides a set of mechanisms for supporting Classless Inter-Domain Routing (CIDR). These mechanisms include support for advertising a set of destinations as an IP prefix and eliminating the concept of network "class" within BGP. BGPversion4 also introduces mechanisms which allow aggregation of routes, including aggregation of AS paths.
Routing information exchanged via BGP supports only the destination-based forwarding paradigm, which assumes that a router forwards a packet based solely on the destination address carried in the IP header of the packet. This, in turn, reflects the set of policy decisions that can (and can not) be enforced using BGP. BGP can support only the policies conforming to the destination-based forwarding paradigm.
A unique AS number (ASN) is allocated to each AS for use in BGP routing. The numbers are assigned by IANA and the Regional Internet Registries (RIR), the same authorities that allocate IP addresses. There are public numbers, which may be used on the Internet and range from 1 to 64511, and private numbers from 64512 to 65535, which can be used within an organization.
Intermediate System-to-Intermediate System (IS-IS) is a routing protocol developed by the ISO. It is a link-state protocol where IS (routers) exchange routing information based on a single metric to determine network topology. It behaves similar to Open Shortest Path First (OSPF) in the TCP/IP network.
In an IS-IS network, there are End Systems, Intermediate Systems, Areas and Domains. End systems are user devices. Intermediate systems are routers. Routers are organized into local groups called 'areas', and several areas are grouped together into a 'domain'. IS-IS is designed primarily providing intra-domain routing or routing within an area. IS-IS, working in conjunction with CLNP , ES-IS , and IDRP , provides complete routing over the entire network.
IS-IS routing makes use of two-level hierarchical routing. Level 1 routers know the topology in their area, including all routers and hosts, but they do not know the identity of routers or destinations outside of their area. Level 1 routers forward all traffic for destinations outside of their area to a level 2 router within their area which knows the level 2 topology. Level 2 routers do not need to know the topology within any level 1 area, except to the extent that a level 2 router may also be a level 1 router within a single area.
IS-IS has been adapted to carry IP network information, which is called Integrated IS-IS. Integrated IS-IS has the most important characteristic necessary in a modern routing protocol.
CHAPTER 5: RIPNG IN COMPARISON WITH RIP AND RIPV2:
RIPng (RIP next generation) is an information routing protocol for the IPv6. RIPng for IPv6 is based on protocols and algorithms used extensively in the IPv4 Internet such as RIP and RIP2. In an very large network, such as the Internet, there are many routing protocols used for the entire network. The network will be organized as a collection of Autonomous Systems (AS). Each AS will have its own routing technology, which may differ among AS's. The routing protocol used within an AS is referred to as an Interior Gateway Protocol (IGP). A separate protocol, called an Exterior Gateway Protocol (EGP), is used to transfer routing information among the AS's. RIPng was designed to work as an IGP in moderate-size AS's. It is not intended for use in more complex environments.
CHARACTERISTICS OF RIPNG:
RIPng maintains most of the enhancements introduced in RIP-2 some are implemented as they were in RIP-2, while others appear in a modified form. Following are a few characteristics that have appeared in RIPng:
- CLASSLESS ADDRESSING SUPPORT: In IPv6 all addresses are classless, and specified using an address and a prefix length, instead of a subnet mask. Thus, a field for the prefix length is provided for each entry instead of a subnet mask field.
- NEXT HOP SPECIFICATION: This feature is maintained in RIPng, but implemented differently. Due to the large size of IPv6 addresses, including a Next Hop field in the format of RIPng RTEs would almost double the size of every entry. Since Next Hop is an optional feature, this would be wasteful. Instead, when a Next Hop is needed, it is specified in a separate routing entry.
- AUTHENTICATION: RIPng does not include its own authentication mechanism. It is assumed that if authentication or encryption are needed, they will be provided using the standard IPSec features defined for IPv6 at the IP layer. This is more efficient than having individual protocols like RIPng perform authentication.
- ROUTE TAG: This field is implemented the same way as it is in RIP-2.
- USE OF MULTICASTING: RIPng uses multicasts for transmissions, using reserved IPv6 multicast address FF02::9.
RIPng MESSAGE FORMAT:
Following are the important fields of the RIPng message format:
- COMMAND: A value of 1 specifies a request message asking the responding system to send all or part of its routing table. A value of 2 sends an update message containing all or part of the sender's routing table. It may be sent as a response to a previous request or as an unsolicited update used in periodic or triggered routing updates.
- VERSION: Version of RIPng.
- RTE(ROUTE TABLE ENTRY): There are two types of RTE in RIPng.
- NEXT HOPE RTE: Defines the IPV6 address of a next hop.
- IPV6 PREFIX RTE: Describes the destination IPv6 address, route tag, prefix length and metric in the RIPng routing table.
- OPERATION OF RIPng: Let's have a look at how the router processes incoming and outgoing RIPng messages.
A request message asks a router to respond with all or part of its routing table by specifying the requested RTE.The incoming request is processed as follows.
If there is exactly one RTE with a prefix of zero, a prefix length of zero, and a metric of 16, the request is for the entire routing table, and the router responds by sending the entire routing table. Otherwise, the request message is processed one RTE at a time. If the RTE's coresponding prefix is found in the routing table, the RTE's metric is placed into the metric field of the RTE; otherwise, a metric of 16 is placed into the metric field, indicating that the route is unknown. Once all RTEs have been processed, the command field in the RIPng header is changed to response and the newly formed response message is sent back to the requestor. There are two types of request messages, General and Specific, which are handled differently by the receiving router.
- GENERAL REQUEST: A General Request is sent by a router that has just come up and wants to fill its routing table quickly. The router sends out a General Request message, asking all directly connected neighbors to send their entire routing table. The neighbors each reply with a response message containing the entire routing table, using the split horizon rule.
- SPECIFIC REQUEST: A Specific Request message is sent by a monitoring station asking for all or part of the routing table. The queried router replies to the requestor by sending the requested information from its routing table. Split horizon is not used because it is assumed that the requestor is using the requested information for diagnostic purposes only.
A response message carries routing information to be processed by the receiving router by using the Bellman-Ford Algorithm (see the earlier section Section 8.1.1). A response message is accepted by a router only if the IPv6 source address is a link-local address of a directly connected neighbor and the UDP source and destination ports are set to the RIPng port. In addition, the hop count must be set to 255 to guarantee that the response has not traveled over any intermediate node.
Once the response message is accepted, each RTE must be checked for its validity. The test includes the prefix itself (not a multicast or link-local address), the prefix length (between 0 and 128), and the metric (between 1 and 16). If the RTE is accepted, the metric of the incoming interface is added to the metric of the RTE. The RTE is now passed to the Bellman-Ford process. The rules for receiving and validating a response message do not apply for a response to a specific query. The hop count may be less than 255, and the source IPv6 address is not a link-local address. The diagnostic station uses the received RTE not for routing, but to provide input into its diagnostic software. It is entirely up to the implementer of such software to determine the validity of a response message.
CONTROL FUNCTIONS AND SECURITY:
RIPng does not provide specifications for administrative control. However, experience with existing RIP implementations suggests that such controls may be important. Administrative controls are filters, which allow or disallow certain routes to be advertised or received. In addition, a list of valid neighbors could be specified, and a router would accept or announce routes only to neighbors on this list. These filters can be used to change the update behavior to comply with routing policies set within an autonomous system. Again, RIPng does not need such controls to function, but it is strongly recommended that the implementer provide such controls. Cisco Systems, for example, implements RIPng distribution lists, and Nortel implements RIPng Announce and Accept Policies. Because RIPng runs over IPv6, it relies on the IP Authentication Header and the IP Encapsulating Security Payload to insure integrity and authentication of routing exchanges.
COMPARISON WITH RIP AND RIPV2:
The major differences between RIPng with RIP and RIPv2 are the following:
- DIFFERENT IP ADDRESS LENGTHS:
- DIFFERENT PACKETS LENGTHS:
- DIFFERENT PACKET FORMAT:
RIPng uses 128 bit ip address while on the other RIP and RIPv2 use a 32 bit ip address.
A RIPv2 message carries up to 25 route entries, while the maximum number of RTEs in a RIPng packet depends on the IPv6 MTU of the sending interface.
Like a RIPv2 packet, a RIPng packet consists of a header and multiple RTEs, but the difference lies in the RTE types a RIPng packet has two types of RTEs that are THE NEXT HOP RTE and IP PREFIX RTE.
AUTHENTICATION AND COMPATIBLITY:In RIPng, the authentication RTEs have been removed. RIPng relies on the authentication mechanism of IPv6 to ensure integrity and validity. RIP and RIPV2 can run in IP networks as well as IPX networks while the RIPng can only run in IP networks.
LIMITATIONS OF RIPng:
- The longest network path cannot exceed 15 hops.
- RIPng is prone to routing loops when the routing tables are reconstructed. Especially when RIPng is implemented in large networks that consist of several hundred routers, RIPng might take extremely long time to resolve routing loops.
- RIPng uses only a fixed metric to select a route. Other IGPs use additional parameters, such as measured delay, reliability, and load.
CHAPTER 6: OSPFV3 IN COMPARISON WITH OSPF
OSPF for IPv6 modifies the existing OSPF for IPv4 to support IPv6. The fundamentals of OSPF for IPv4 remain unchanged. Some changes have been necessary to accommodate the increased address size of IPv6 and the changes in protocol semantics between IPv4 and IPv6. OSPF is classified as an IGP, which are used within autonomous systems. It was designed to overcome some of the limitations introduced by RIP, such as the small diameter, long convergence time, and a metric that does not reflect the characteristics of the network. In addition, OSPF handles a much larger routing table to accommodate large number of routes. OSPF for IPV6 has a new version number 3.
CHARACTERISTICS OF OSFPV3:
LINK BASED PROTOCOL:
OSPFV3 is a link state routing protocol. Each router maintains a database describing the link states within the autonomous system. This database is being built by exchanging Link State Advertisements (LSAs) between neighboring routers. Depending on its contents, an LSA is flooded to all routers in the autonomous system, all routers within the same area, or simply to its neighbors. The flooding always occurs along a path of neighboring routers, so a stable neighbor relationship is extremely important for OSPF to work properly. The neighbor relationship is called adjacency. Each router originates router LSAs advertising the local state of its interfaces to all routers within the same area. Additional LSAs are originated to identify links with multiple routers, IPv6 routes from other areas, or IPv6 routes external to the OSPF autonomous system.
OSFP AREAS AND EXTERNAL ROUTES:
Within an autonomous system, routers can be grouped together to form areas. Each area is assigned a unique Area ID, a 32-bit integer typically noted as a dotted decimal number. It has no addressing significance other than uniquely identifying the area. An LSA with area flooding scope will never be flooded outside the area. Together, they form the area data structure, also known as the area LSDB. The Router-LSA and Network-LSA belong to this category. Routers and networks from one area are hidden in other areas. It is like splitting the map of the network into multiple maps, each of which represents the topology of one area. Each router within one area calculates the SPF tree to all routes within the same area. These routes are called intra-area routes. Routers with all interfaces belonging to a single area are called internal routers. To find paths to routes outside the area, "exit points" are provided in the form of area border routers (ABR). Each area must always be attached to a single common area called backbone area. This is achieved by the ABR having at least one interface in the backbone area and one interface in the local area. The ABR advertises all routes of the local area to the backbone area. In return, it advertises all the routes of the backbone area to the local area. This ensures that all routes are distributed within the AS.
A router can learn about IPv6 routes from different sources, such as RIP, static entries, BGP, IS-IS, etc. Every route from a non-OSPF source is considered to be an OSPF external route and can be imported into OSPF. To import external routes into OSPF, a router must have at least one interface configured with OSPF and know about at least one non-OSPF network. This router is called an autonomous system border router (ASBR).
OSPFV3 MESSAGE FORMAT:
The OSPFv3 message format consists of the following fields:
- VERSION: The OSPF for ipv6 uses version number 3.
- TYPE: This field reprsents the type of OSPF messsages like HELLO, DATABASE DESCRIPTION, LINK STATE REQUEST, LINK STATE UPDATE and LINK STATE ACKNOWLEDGEMENT
- PACKET LENGHT: This is the length of the OSPF protocol packet in bytes, including the OSPF header.
- ROUTER ID: This is the Router ID of the router originating this packet. Each router must have a unique Router ID, a 32-bit number normally represented in dotted decimal notation. The Router ID must be unique within the entire AS.
- AREA ID: This is the Area ID of the interface where this OSPF packet originated. This identifies the area this packet belongs to. All OSPF packets are associated with a single area. The Area ID is a 32-bit integer, normally represented in dotted decimal notation. Area 0 represents the backbone area.
- CHECKSUM: OSPF uses the standard checksum calculation for IPv6 applications: the 16-bit one's complement of the one's complement sum of the entire contents of the packet, starting with the OSPF packet header and prepending a "pseudoheader" of IPv6 header fields .The Upper-Layer Packet Length in the pseudoheader is set to the value of the OSPF packet header's length field. The Next Header value used in the pseudoheader is 89. If the packet's length is not an integral number of 16-bit words, the packet is padded with a byte of zero before checksumming. Before computing the checksum, the checksum field in the OSPF packet header is set to 0.
- INSTANCE ID: This identifies the OSPF instance to which this packet belongs. The Instance ID is an 8-bit number assigned to each interface of the router. The default value is 0. The Instance ID enables multiple OSPF protocol instances to run on a single link.
OPERATION OF OSPFV3:
When a router sends an OSPF protocol packet, it fills in the header fields as described above. The Area ID and Instance ID are taken from the outgoing interface data structure. If authentication is required, it is the responsibility of IPv6 to add the necessary headers. When a router receives an OSPF protocol packet, IPv6 validates it first by checking the IPv6 headers (IPv6 addresses, protocol field, and authentication). The packet is then given to the OSPF process. OSPF checks the version number (which must be 3), the checksum, the Area ID, and the Instance ID. The Area ID must match the Area ID configured on the incoming interface. If there is no match, but the Area ID is 0, the incoming interface must be the endpoint of a virtual link. The Instance ID must match the interface's Instance ID. If the packet's destination IPv6 address is the AllDRouters multicast address, the router must be either a DR or a BDR on this link. (DR and BDR will be explained in the next section.) If the packet passes all the above tests, it is passed to the appropriate OSPF process for further processing. Otherwise it must be dropped.
In order to exchange LSAs, the routers must create reliable channels, called adjacencies, to its neighbors. These channels allow the routers to synchronize the LSDB upon initialization and to flood the LSA in case of a change. The neighbors need to be discovered first. This is done using the Hello protocol. Each interface on an OSPF router is assigned one of four link types: point to-point, transit, stub, or virtual. On point-to-point or virtual links, only one neighbor can be discovered. On multiaccess networks, multiple neighbors can be discovered. OSPF calls these networks transit links. Forming adjacencies with all routers on transit links is not necessary. Each transit link elects a DR to form adjacencies with all routers on the transit link. This guarantees that all routers on this link have a synchronized LSDB. To ensure uninterrupted operation, a BDR is elected as well; it forms adjacencies with all routers on the transit link too.
THE HELLO PACKETS:
The Hello Protocol is responsible for initializing and maintaining adjacencies, as well as electing a DR/BDR. It ensures that communication between two routers is bidirectional. Hello packets are sent out through each interface at regular intervals. On point-to-point or broadcast-capable transit networks.
ELECTION OF BR AND BDR:
As soon as the IPv6 on an OSPF interface is operational, the link is up, and the processing of Hello packets begin. A point-to-point link changes its state to point-to-point. A transit link enters the waiting state to discover the DR/BDR. Each transit link needs a DR and a BDR, which form adjacencies with all routers on that particular transit link. During the waiting period, the router listens to Hello packets to determine if a DR/BDR already exits. It also sends Hello packets with the DR/BDR field set to zero to indicate that it is in discovery mode. If a router already claims to be the DR, no election of a DR takes place. If no router declares itself as the DR (all Hello packets contain zero in their DR field), the router with the highest router priority declares itself the DR. If the priorities are equal, the router with the highest Router ID wins the election. The BDR is elected in exactly the same way. Routers that were not elected as DR/BDR are called DR-Other. Routers with a priority of zero never become DR/BDR. Their interfaces change immediately to DR-Other without entering the waiting state.
If the DR goes silent (not sending Hellos for Router Dead Interval), the BDR becomes the DR and a new BDR is elected. Because the BDR has already formed all adjacencies, there is no disruption of the synchronized LSDB on that transit link. If the original DR comes back online, it recognizes that there is already a DR and a BDR and it enters the DR-Other state. If the BDR goes silent, a new BDR is elected. The OSPF interface is now up and in the state of point-to-point, DR, BDR, or DR-Other.
DIFFERENCE WITH OSPF FOR IPV4:
Following are the major differences between OSPFv3 with OSFP for ipv4:
- PROTOCOL PROCESSING PER LINK:
- EXPLICIT SUPPORT FOR MULTIPLE INSTANCES PER LINK:
- USE OF LINK LOCAL ADDRESSES:
IPv6 uses the term "link" to indicate "a communication facility or medium over which nodes can communicate at the link layer" "Interfaces" connect to links. Multiple IP subnets can be assigned to a single link, and two nodes can talk directly over a single link,even if they do not share a common IP subnet (IPv6 prefix).
For this reason, OSPF for IPv6 runs per-link instead of the IPv4 behavior of per-IP-subnet.Likewise, an OSPF interface now connects to a link instead of an IP subnet, etc. This change affects the receiving of OSPF protocol packets, and the contents of Hello Packets and Network-LSAs.
OSPF now supports the ability to run multiple OSPF protocol instanceson a single link. Support for multiple protocol instances on a link is accomplished via an "Instance ID" contained in the OSPF packet header and OSPF interface structures. Instance ID solely affects the reception of OSPF packets.
IPv6 link-local addresses are for use on a single link, for purposes of neighbor discovery, auto-configuration, etc. IPv6 routers do not forward IPv6 datagrams having link-local source addresses [Ref15].Link-local unicast addresses are assigned from the IPv6 address range FF80/10.
THE HELLO PACKETS:
IPv6 changes the way OSPF Hello packets are sent, Before the Hello Packet is sent out an interface, the interface's Interface ID must be copied into the Hello Packet. The choice of Designated Router and Backup Designated Router are now indicated within Hellos by their Router IDs, instead of by their IP interface addresses.
REMOVAL OF ADDRESSING SEMANTICS:
IPv6 addresses are no longer present in OSPF packet headers. They are only allowed as payload information. Router-LSA and Network-LSA do not contain IPv6 addresses.OSPF Router ID, Area ID, and Link State ID remain at 32 bits, so they can no longer take the value of an IPv6 address. Designated Routers (DRs) and Backup Designated Routers (BDRs) are now always identified by their Router ID and no longer by their IP address.
STUB AREA SUPPORT:
The concept of stub areas has been retained in OSPF for IPv6. An additional rule specifies the flooding of unknown LSAs within the stub area.
CHAPTER 7: A QUICK LOOK AT BGP FOR IPV6
Each AS runs its interior routing protocol (RIPng, OSPFv3, etc.) to distribute all routing information within the AS. The BGP is an exterior routing protocol whose primary function is to exchange information about the reachability of networks between ASes. Each AS receives a unique AS number assigned by the numbering authority.
Two routers exchanging routing information with BGP are called BGP Peers or BGP speakers. They establish a TCP session first because TCP guarantees a reliable connection. The peers then open a BGP connection to exchange BGP messages. The most important BGP message is the UPDATE message, which contains the routes to be exchanged. A BGP route is defined as a unit of information consisting of the Network Layer Reachability Information (NLRI) and a set of path attributes. The NLRI is basically an IPv4 prefix and its prefix length. Any concept of IPv4 class information has been eliminated. The NLRI may represent a single network or, more commonly, an aggregate of a range of addresses. Each NLRI is accompanied by a set of path attributes that add additional information to the BGP route, i.e., the next hop address, a sequence of ASes through which the route has passed during its update, or its origin. Routing decisions and traffic management are often based on these path attributes. One attribute must be emphasized here, as it plays a very important role in loop detection:it is called AS_PATH, and it carries a sequence of AS numbers through which the route has passed. If the receiving peer recognizes its own AS number within the AS_PATH, it rejects the corresponding route. BGP routing updates are exchanged between two peers. They are governed by a set of rules called policies. Outbound policies specify which NLRIs are advertised to a particular peer. A router can advertise only the NLRI it uses itself. Inbound policies specify which NLRIs are accepted from a particular peer. Policies may also be used to modify an NLRI and its attributes to change the characteristics of a route.
WORKING MECHANISIM OF BGP:
Now we take a look at the working mechanisim of BGP procotol.
ESTABLISHING A BGP CONNECTION:
In order to exchange routing updates, two peers first have to establish a BGP connection and exchange different messages. If both routers simultaneously try to establish a BGP connection to each other, two parallel connections might well be formed. To avoid this connection collision, one router has to back down. The connection initiated by the router with the higher BGP Identifier prevails. The BGP Identifier is uniquely assigned to each BGP router and is exchanged during the OPEN message. Once the open is confirmed, the routers exchange the entire routing table based on their policies. Only changes in the routing table are exchanged from now on. KEEPALIVE messages prevent the connection from timing out. The TCP session guarantees reliable delivery of each packet.
THE PEER CONNECTIONS:
BGP distinguishes between the following peer connections:
- IBGP CONNECTION:
- EBGP CONNECTION:
The peers are in the same AS and are called internal peers. BGP routes learned from internal peers must not be sent back to other internal peers; they can only be sent to external peers. Each internal peer must have a connection to all other internal peers. Internal peers are fully meshed.
The peers are in different ASes and are called external peers. BGP routes learned from external peers can be updated to all other peers.
BGP MESSAGE HEADER:
BGP messages are carried on top of TCP connections, which can be established either over IPv4 or IPv6. The source and destination IP addresses of the datagram depend on the peer configuration. They are always unicast. BGP connections use the well-known TCP port 179. Only one TCP connection is established between two peering routes.
- MARKER :
- BGP MESSAGE TYPES:
- KEEP ALIVE:
Contains authentication data if authentication was negotiated between the peers. All bits are set to one if no authentication is used or in the OPEN message.
The total length of the BGP message, including headers. The value must be between 19 and 4096. The maximum message size of any BGP message is 4096 bytes.
Indicates the BGP message types.
BGP has the following type of messages:
Initializes BGP connection and negotiates session parameters.
Exchanges feasible and withdrawn BGP routes.
Report errors or terminates BGP connections.
Keeps the BGP connection from expiring.
BGP EXTENSION FOR IPV6:
To make BGP-4 available for other network layer protocol, the multiprotocol NLRI and its next hop information must be added. RFC 2858 extends BGP to support multiple network layer protocols. To accommodate the new requirement for multiprotocol support, BGP-4 adds two new attributes to advertise and withdraw multiprotocol NLRI. The BGP Identifier stays unchanged. BGP-4 routers with IPv6 extensions therefore still need a local IPv4 address. To establish a BGP connection exchanging IPv6 prefixes, the peering routers need to advertise the optional parameter BGP capability to indicate IPv6 support. BGP connections and route selection remain unchanged. Each implementer needs to extend the RIB to accommodate IPv6 routes. Policies need to take IPv6 NLRI and next hop information into consideration for route selection.
CHAPTER 8: SECURITY IN IPV6
Originally designed for sharing information among researchers, the Internet is now being used for a growing number of business-to-business and business-to-consumer interactions. These interactions require a sufficient level of security, ranging from the correct identification of participants to secure, encrypted payment methods and nonrepudiation interactions. The Internet grew out of the academic community, so security mechanisms that applications could build on were not part of the original protocol and service design. Instead, different and incompatible mechanisms were attached to some individual applications ,while other services were not secured at all, or were secured only by limited or proprietary mechanisms.
It is astounding that the Internet has functioned properly for more than 20 years despite these security flaws, which are compounded by security defects in the operating systems, middleware, and application software that is used on systems connected to the Internet. During the discussion on the redesign of the current Internet Protocol Suite, it became clear that a redesign should also incorporate some basic security features that could be used "as is" on every Internet-enabled platform. The intent was for these features to provide some minimum level of security against many Internet-based attacks and form well-known and tested building blocks for applications and middleware using the Internet.
IPV6 SECURITY THREATS:
Denial-of-service attacks are among the most serious Internet threats. Remote computers will take control of many computers on the Internet through viruses or malware and direct all of those computers' resources toward using all the resources of a website or database or an organization's infrastructure. The draw all at once on a system makes it come to a stop.A disruption or denial of service is usually easy to recognize ,but it can be hard to determine and remove the real cause of the problem. In a brute- force attack , significant resources must be spent on repair or replacement of damaged equipment. A subtle variation of service disruption is the degradation of service quality, such as by introducing artificial communication delays, which may disturb the proper execution of a business process but not be perceived as an attack.
The fabrication , modification, or deletion of information is much harder to detect or defend against than service disruption, unless specific protection mechanisms are in place. A broad spectrum of attack possibilities exists, ranging from the modification of individual data elements to the insertion of falsified payment orders through masquerading, the distribution of a virus, or the complete deletion of database or log files.
Electronic eavesdropping , or picking up and evaluating of information, may be carried out in a variety of ways, from classic wiretapping to the usage of Trojan horses on systems under the attacker's control or the gathering of electronic radiation emanating from devices such as screens, printers, telephones, encryption devices, or video cards. Such passive attacks are usually impossible to detect directly. Indirect detection is possible, but it is expensive and inherently dangerous. Besides attacks on the actual data content, indirect information, such as a traffic or addressing analysis ,can also be of interest to an attacker.
IPV6 SECURITY ELEMENTS:
Now we briefly discuss some of the elements of security in IPV6.
Communicating partners need to agree on a common set of information before they can use the security elements of IPv6 a key, the authentication or encryption algorithm to be used, and some additional parameters specific to the algorithms used. This set of agreements constitutes a Security Association (SA) between communication partners. SAs are unidirectional, and one SA is required for each security service; thus, two communication partners wishing to both encrypt and authenticate a two-way connection require a total of four SAs (one for each of the two required security features, in each of two directions)
Two types of SA are differentiated: transport mode and tunnel mode. In transport mode, the SA is defined between two end systems and describes either encryption or authentication for the payload contained in all IP packets related to that particular connection. In tunnel mode, the SA is defined between two security gateways, which surround the IP packet and payload with an outer IP packet "wrapper", thus being able to apply either encryption or authentication to the whole inner packet, including the inner IP header. Based on these two modes of operation, individual SAs may be bundled either through transport adjacency (i.e., the use of both encryption and authentication services in the same IP packet) or iterated tunneling (i.e., nested use of the encryption and/or authentication services within the same IP packet). This allows mapping of more complex security environments into a security policy, as described by the SA.
AUTHENTICATION IN IPV6:
Authentication of individual IP packets would provide sufficient prevention against popular Internet-based attacks, such as IP address spoofing and session hijacking. This is because the associated SA may instruct the IP protocol implementation to drop or reject all IP packets whose cryptographically secure checksum cannot be correctly verified. Authentication Extension header provides integrity and authentication for all end-to-end data transported in an IP packet.
ENCRYPTION IN IPV6:
Whenever protection against modification or even publication of information is required, some sort of encryption is necessary. Typical applications of encryption on the level of individual IP packets may be protection of telnet, FTP, mail transfer, or web sessions. Such sessions could also be protected by encryption on the transport layer or on the application layer. In IPv6, the Encrypted Security Payload Extension header (ESP, Next Header value 50) provides integrity and confidentiality for all end-to-end data transported in an IP packet. In other words, in the sequence of Extension headers, the ESP is located in front of the following transport , network control , or routing protocol header.