T Network Application Frameworks and XML Routing and mobility Sasu Tarkoma Based on slides by Pekka Nikander

Contents n Background n IP routing and scalability n Mobility n Multi-layer mobility

Background n What is network architecture? n Layered architecture n The original requirements for IP n Later requirements for IP

Network architecture n A set of principles and basic mechanisms that guide network engineering u Physical links u Communication protocols F Format of messages F The way in messages are exchanged F Protocol stack n Where is the state?

Protocol Stack n Layers are part of a network architecture u Provide services for layers above u Hiding the complexity of the current layer n Multiple layers are needed in order to reduce complexity u Separation of network functions u distribution of complexity u OSI, TCP/IP n Protocols are building blocks of a network design u Can exist independently of layering

Naming, Addressing, and Routing NAMING ADDRESSINGROUTING How to identify and name a node? Even if its address changes. Where is the node located? How to route information to the node’s address? unicast: to a specific node broadcast: to all nodes multicast: to a subset of nodes anycast: to any one in some subset (IPv6)

TCP/IP Network Stack Networking Layer (IP) Transport Layer (TCP/UDP) Application Layer Underlying network (link layer, physical)

TCP/IP Network Stack Networking Layer (IP) Transport Layer (TCP/UDP) Application Layer Underlying network (link layer) host-to-host transport reliability, congestion control, flow control host-to-host connectivity routing, addressing Link layer: local data transfer, encoding, framing, error correction Physical: transmission of signals All applications (FTP, Telnet, HTTP, Overlays) HOST-TO-HOST

Protocol Layering Networking Layer (IP) Transport Layer (TCP/UDP) Application Layer Underlying network Networking Layer (IP) Transport Layer (TCP/UDP) Application Layer Underlying network SenderReceiver MSG HTHT HTHT HTHT HNHN HTHT HNHN

Virtual Circuits n Alternative to datagram routing n Carries bit streams n Resources reserved for each session (buffers, bandwidth) n Guaranteed QoS n State is stored by intermediate elements (ATM,..) u Timing and reliability requirements

Packet Switching n No connection setup at network layer n No state about end-to-end connections at routers n Packets forwarded using destination host address u Different paths may exist to a destination u Store and forward n Routing protocol goal u Find the best route through the network u Link cost: delay, monetary cost, congestion level

Original requirements for IP n Goal: universal end-to-end connectivity n Multiplexing u Packet switching n Survivability (robustness) u Dynamic adaptation to outages n Service generality u Support widest possible set of applications n Runs over diverse networking technologies u Heterogeneity is unavoidable

Later requirements for IP n Scalability u Exponential growth of # nodes was unplanned u Recurrent growth crises u Mainly a backbone issue (core routers) n Distributed management n Security n Mobility n Capacity allocation u fairness vs. unfairness

What has changed? n Permanent IP address u Time-varying: DHCP, NAT, mobility n End-to-end communication u Middleboxes, proxies, NATs,.. n Globally and uniquely routable u NAT, firewalls n Trusted end hosts u Hackers, spammers, … n Four layers u Layer splits, cross-layer interactions

Problems with four layers n Layer violations u Middleboxes, NATs n Relation to OSI 7 layers u What about presentation layer for Internet? F XML u What about session layer? F Separate session management from data delivery F For example: SIP

Source: Geoff Huston. Anatomy: A Look Inside Network Address Translators. The Internet Protocol Journal - Volume 7, Number 3.

Networks: Basics Public Switched Data Network Router R R RR R Backbone LAN Router MAN Router Bridge End systems (hosts) Applications Models: Client-server Peer-to-peer BGP For example: OSPF

Networks: Wireless R Public Switched Data Network Router R RR R Backbone LAN Router MAN NAT AP GPRS/UMTS Access network NAT BS MH Ad hoc MH

What is routing? n Selecting the right path towards an address n Addresses, names of locations or locators n Routing table used for path selection n Path selection algorithm n How to represent topology information? u In address vs.in the routing table

IP routing and scalability n What is routing? u Addresses, routing tables, path selection,.. n Different types of routing F Source routing vs. hop-by-hop routing F Source routing used by traceroute F Strict source routing is never used F Loose source routing used for diagnostics / performance n Evolution of IP routing u Class-based systems to classless routing n Difficult issues u State, directories, security, QoS

IP addresses n Topological structure is reflected by splitting IP addresses into a host and network part n Benefits of hierarchical addressing u reduced number of routing table entries and efficient allocation of addresses. n Subnetting u A subnet takes responsibility for delivering datagrams to a certain range of IP addresses. u The network part is now extended to include some bits from the host part.

Subnetting n A subnet mask is a 32-bit value that identifies which bits in an address represent network bits and which represent host bits. n Note: Subnet-masks affect only internal structure and behaviour of a network!

Routing Tables n There are four basic items of information u A destination IP address. u A gateway IP address. This will be the same as the destination IP address for directly connected destinations. u Various flags F Usually displayed as U, G, H and sometimes D and M. U means the route is up. G means the route is via a gateway. H means the destination address is a host address as distinct from a network address. u The physical interface identification. u Additional info F Metrics, protocols

Example Table Source: Microsoft Technet, Understanding the IP routing table. b1d2563b7e mspx

Host vs. router n Host u First look for the destination address as a host address in the routing table u If it is not found then look for the destination net address in the routing table u If that is not found then use one of the default addresses (there may be several). n Router u Very large routing table F Especially in the backbone u Routing protocols F Interior Gateway Protocols (OSPF) F Exterior Gateway Protocols (BGP)...

Different types of routing n Source routing u Path selection by sender u Path encoded in the packet u High cost for the sender node u Strict source routing vs. loose source routing n Hop-by-hop routing u Router selects the next hop u High cost for the backbone routers n Per-host or per-network routes n (mobility?..)

Evolution of IP routing n Class-based routing u A,B and C classes u Routing tables carried entries for all nets u No topological aggregation (only network address boundaries) n Classless routing u Using the variable length subnet mask to aggregate addresses u Routers forward mask (longest prefix) n Too many small networks requiring multiple class C - addresses u C class has max 254 hosts u Huge routing tables

CIDR n CIDR (Classless Interdomain Routing) u Routing prefixes carry topology information u Contiguous blocks of C-class addresses u Smaller routing tables u How to handle multi-homing (and mobility?) n Solves two problems u Exhaustion of IP address space u Size and growth rate of routing tables n Address format

CIDR and Route Summarization n The difference between CIDR and route summarization u Route summarization is generally done within a classful boundary u CIDR combines several classful networks n Examples of classless routing protocols u RIP version 2 (RIPv2), OSPF, Intermediate System-to-Intermediate System (IS-IS), and Enhanced Interior Gateway Routing Protocol (EIGRP)

CIDR and IPv6 n CIDR present in IPv6 (fully classless) n 128bit IPv6 address has two parts: network and host u includes the prefix-length u a decimal value indicating the number of higher-order bits in the address that belong to the network part n ISP aggregates all its customers' prefixes into a single prefix and announces that single prefix to the IPv6 Internet

BGP n BGP first became an Internet standard in n BGP-4 supports Classless Inter Domain Routing (CIDR) and is the routing protocol that is used today to route between autonomous systems. n BGP uses TCP to establish a reliable connection between two BGP speakers on port 179. n A path vector protocol, because it stores routing information as a combination of a destination and attributes of the path to that destination. n The protocol uses a deterministic route selection process to select the best route from multiple feasible routes n Characteristics such as delay, link utilization or router hops are not considered in this process. n BGP runs in two modes: EBGP and IBGP. EBGP (Exterior BGP) is run between different autonomous systems, and IBGP (Interior BGP) is run between BGP routers in the same autonomous system n BGP only recalculates routing information relative to these updates, there is no regular process that must update all of its routing information like the SPF calculations in OSPF or IS-IS

BGP cont. n When the BGP router receives its neighbors' full BGP routing table (100k routes), u Requires approx. 70 MB. u With the AS_PATH filters applied to inbound updates F 32k routes in 28 MB. 60% decrease from optimal routing. n Problems u multihomed customers forget to stop reannouncing routes from upstream A to upstream B u peer networks leak full tables to their peers u A misconfigured router leaks out all internal more specific routes (/48, /64, /128 prefixes)

BGP Problems n Convergence time n Limited policies n Security problems

BGP IPv4 Table Growth Source:

BGP IPv6 Table Growth Source:

MANET n Mobile Ad Hoc Networks u Routing for dynamic environments u Proactive protocols (table-driven) F continuously evaluate routes F no latency in discovery F possibly a lot of entries not used F large capacity to keep current info u Reactive protocols (on demand) F route discovery using global search F high latency F possibly not suited for real-time

MANET cont. n IETF MANET Working Group u The Dynamic Source Routing Protocol for Mobile Ad Hoc Networks (DSR) F Source driven (route discovery & maintenance) F Route cache Only communicating nodes cache a route u Ad Hoc On Demand Distance Vector (AODV) Routing (RFC 3561) F Route table Also intermediary nodes keep a distance vector F Multicast n Other protocols u Hierarchical, geographical, multicast, power-aware n What is the expected size of the network? n Feasibility of wireless multi-hop? u Capacity showed to be low.

Topology in address vs. routing table Reactive AD HOC (MANET) routing Pure source routing (minimal state in intermediate nodes) ATM PNNI CIDR Original IP routing Proactive ad hoc (MANET) routing Host-based hop-by-hop (more state in intermediate nodes)

Difficult Issues n Convergence time of routing information n State in the network u Per-connection state is bad? (e.g. NAT) n Independence of directories n Security of routing information u Whom to trust? How to represent authorization? n QoS routing

Mobility

n Routing from the mobility perspective n Mobility on various layers u Mobile IP approach u Transport and application - level mobility n Separating identifiers and locators n Mobility management and rendezvous n Security issues n Lessons to learn

Routing vs. mobility n Topology data aggregation is necessary u Cannot track all hosts in the world u IP addresses determined by topology F Network gives the routing prefix n Mobile hosts must change their IP addresses u Causes sockets / connections to break n How to communicate address changes? n Goal of a mobility protocol u Transport and applications do not see address changes u Mobility transparency

Networks: Mobility R Public Switched Data Network Router R RR R Backbone LAN Router MAN NAT AP GPRS/UMTS Access network NAT BS MH Ad hoc MH

Rendezvous n How to find the moving end-point? u Tackling double jump F What if both hosts move at the same time? F Requires a rendezvous point n Mobility management is needed! u Initial rendezvous u Can be based on directories u Requires fast updates to directories F Does not work well for DNS

Security issues n Address stealing u Alice and Bob communicate u Mallory tells Alice F Bob is now at C n Address flooding u Mallory downloads from Alice, Bob, etc. u Mallory tells everybody F I have moved to C

Mobile IP n Two versions u IPv4 (optional) u integrated into IPv6 (with IPSec security) n Home Agent (HA) u Home address u Initial reachability u Triangular routing / reverse tunneling n Route optimization u Tunnels to bypass HA u HA as a rendezvous point

Mobility Example:Mobile IP Triangular Routing Home agent Correspondent host Foreign agent Mobile host Home linkForeign link Ingress filtering (home address as source) all packets through HA (reverse tunnelling) or route optimization Foreign agent left out of MIPv6. No special support needed with IPv6 autoconfiguration DELAY! Care-of-Address (CoA)

Mobility Example:Mobile IPv6 Route Optimization Home agent Correspondent host Router Mobile host Home linkForeign link MH sends a binding update to CH when it receives a tunnelled packet. CH sends packets using routing header First, a Return Routability test to CH. CH sends home test and CoA test packets. When MH receives both, It sends the BU with the Kbm key. Secure tunnel (ESP)

Source: Microsoft, Understanding Mobile IPv6

Security in Mobile IP n MIPv6 RFC 3775/3776 u Protection of Binding Updates HA, CNs u IPsec extension headers or the binding authorization data option u Binding management key, Kbm, which is established through return routability procedure u Protection of mobile prefix discovery u Protection of the mechanisms that MIPv6 uses for transporting data n Protecting binding updates u Must be secured through IPsec u ESP is used for updates and acks n Shoulds: init messages, prefix discovery

Multi-layer Operation n Mobility and multi-homing can be realized on different layers u Network F Mobile IP u Between network and transport F Host Identity Protocol (HIP) u Transport (SCTP) F SCTP, DCCP F TCP extensions u Application F SIP, Wireless CORBA, overlays F Re-establish TCP-sessions after movement

Separating Identifiers and Locators n New name space for IDs u Maybe based on DNS u Maybe a separate namespace u Maybe IP addresses are used for location n Communication end-points (sockets) bound to identifiers

Host Identity Protocol n New cryptographic namespace n Connection endpoints mapped to 128 bit host identity tags (hashes of public keys) n Mapping at HIP layer n 4-phase Base Exchange with cryptographic puzzle for DoS prevention n IPSec for network-level security

Identity/Locator split Process Transport ID Layer IP Layer Link Layer identifier locator

Application-layer mobility n Many application-layer protocols are, in principle, similar to Mobile IP n Moving entity may differ u Instead of host we have object, session, entity, or interests n For example: u Object mobility F Wireless CORBA u Session mobility F SIP u Interest mobility F Content-based routing u Generic mobility F i3 overlay, service composition

Indirection Points n Mobility may be characterized by indirection points u Mobile IP F Single fixed indirection point u Location / Identity split F Single indirection point u Content-based routing F Many indirection points

Lessons to learn n Hierarchical routing likely to stay u Addresses carry topological information u Efficient and well established n Applications face changing connectivity u QoS varies u periods of non-connectivity n Identifiers and locators likely to split n Mobility management is needed n Probably changes in directory services u Overlays have been proposed

Summary n Topology based routing is necessary n Mobility causes address changes n Address changes must be signalled end- to-end u Alternative: use triangular routing as in Mobile IP n Mobility management needed u Initial rendezvous: maybe a directory service u Double jump problem: rendezvous needed n Many engineering trade-offs