Lecture 14 IP Wrap up Dejian Ye Software School Fudan University
1 Lecture 14 IP Wrap up Dejian Ye Software School Fudan University
Outline The recurring IP address space problem IPv6 NAT Tunneling /Overlays Network Management 》 Autoconfiguration ))SNMP(notes only 2
2 Outline The recurring IP address space problem IPv6. NAT. Tunneling / Overlays Network Management »Autoconfiguration »SNMP (notes only)
IP Address space Address space crunch 1: Classful routing 》128“ class a” blocks of2^24 addresses( too big) >)16k"class B"blocks of 216 addresses(still too big) 》2M“ class c” blocks( often too smal) >)Result: Exceptionally wasteful allocation MIT still has 180.0.08 -- 16M addresses for 30k people >) Solution CIDR(cider" ). Classful Inter-Domain Routing Removed classness Now can route on arbitrary power of two boundary “ slash” notation:/8=255.0.0.0,/16=255255.0.0, etc 3
3 IP Address space Address space crunch 1: Classful routing » 128 “class A” blocks of 2^24 addresses (too big) » 16k “class B” blocks of 2^16 addresses (still too big) » 2M “class C” blocks (often too small) » Result: Exceptionally wasteful allocation – MIT still has 18.0.0.0/8 -- 16M addresses for 30k people » Solution: CIDR (“cider”). Classful Inter-Domain Routing. – Removed classness. – Now can route on arbitrary power of two boundary – “slash” notation: /8 = 255.0.0.0, /16 = 255.255.0.0, etc
IP address space 2 How many IP addresses? 4B How many 》 People?6.5B Cell phones? 2.2B(roughly) > Embedded computers?(???, but huge) What happens if you network all of the devices in your house? > Big reality in 2005: We' re about 50% used CIDR Tighter allocation policies; voluntary IP reclamation NAT (talk about soon) Will it happen? Maybe, maybe not. ButI wouldn't bet against it But even if not, put on architecture hat and think about the problems 4
4 IP address space 2 How many IP addresses? 4B How many… » People? 6.5B » Cell phones? 2.2B (roughly) » Embedded computers? (???, but huge) » What happens if you network all of the devices in your house? » Big reality in 2005: We’re about 50% used. – CIDR – Tighter allocation policies; voluntary IP reclamation – NAT (talk about soon) Will it happen? Maybe, maybe not. But I wouldn’t bet against it. But even if not, put on architecture hat and think about the problems…
Efficiency vs Convenience Exact allocation vs Routing Table size >)If I have 20 computers, how do you alloc? 127=32 30 usable): Waste 12 /28=16(14)+/29(8,6 usable): Waste4 Can't get any better. Weve traded a bit of address efficiency for two BGP routing table entries Exact allocation ys, Future Growth > Suppose you buy more computers Could add a new netblock(more table entries) Could move to a bigger one(re-addressing) Update computers Update routers Update DNS Update address allocation registries Maybe have to fix some hard-coded addresses, if you were bad > Partial solution: DHCP (we'll talk about later today) 5
5 Efficiency vs. Convenience Exact allocation vs. Routing Table Size » If I have 20 computers, how do you alloc? – /27 = 32 (30 usable): Waste 12 – /28 = 16 (14) + /29 (8, 6 usable): Waste 4 – Can’t get any better… – We’ve traded a bit of address efficiency for two BGP routing table entries. Exact allocation vs. Future Growth » Suppose you buy more computers – Could add a new netblock (more table entries) – Could move to a bigger one (re-addressing) Update computers Update routers Update DNS Update address allocation registries Maybe have to fix some hard-coded addresses, if you were bad » Partial solution: DHCP (we’ll talk about later today)
IPⅴ6 “ Next generation”P. Most urgent issue: increasing address space VIPr Flow label )128 bit addresses Length Next Hop L Sim plified header for faster processing. >No checksum why not?) Source IP address 》 No fragmentation(?) Support for guaranteed services: priority and flow id Options handled as" next header Destination IP address ) reduces overhead of handling options 6
6 IP v6 “Next generation” IP. Most urgent issue: increasing address space. » 128 bit addresses Simplified header for faster processing: » No checksum (why not?) » No fragmentation (?) Support for guaranteed services: priority and flow id Options handled as “next header” » reduces overhead of handling options V/Pr Flow label Length Next Hop L Source IP address Destination IP address
IPv6 Addressing Do we need more addresses? Probably, long term Big panic in 90s: "Were running out of addresses )Big worry: Devices. Small devices. Cell phones, toasters, everything. 128 bit addresses provide space for structure(good > Hierarchical addressing is much easier Assign an entire 48-bit sized chunk per LAN-use Ethernet addresses > Different chunks for geographical addressing the IPv4 address space, >) Perhaps help clean up the routing tables-just use one huge chunk per sP and one huge chunk per customer. 010 Registry Provider Subscriber Sub Host Net 7
7 IPv6 Addressing Do we need more addresses? Probably, long term » Big panic in 90s: “We’re running out of addresses!” » Big worry: Devices. Small devices. Cell phones, toasters, everything. 128 bit addresses provide space for structure (good!) » Hierarchical addressing is much easier » Assign an entire 48-bit sized chunk per LAN -- use Ethernet addresses » Different chunks for geographical addressing, the IPv4 address space, » Perhaps help clean up the routing tables - just use one huge chunk per ISP and one huge chunk per customer. 010 Registry Provider Host Sub Net Subscriber
IPv6 Cleanup- Router-friendly a bit about router architecture: Common case: Switched in silicon(“ fast path”) 》 Weird cases: Handed to CPu(“ slow path”,or“ process switched") 》 Typical division: Fast path: Almost everything Slow path Fragmentation TTL expiration(traceroute IP option handling > Slow path is evil in today s environment Christmas Tree"attack sets weird IP options, bits, and overloads router Developers can't(really use things on the slow path for data flow If it became popular, theyd be in the soup! >Other speed issue: Touching data is expensive. Designers would like to minimize accesses to packet during forwarding 8
8 IPv6 Cleanup - Router-friendly A bit about router architecture: » Common case: Switched in silicon (“fast path”) » Weird cases: Handed to CPU (“slow path”, or “process switched”) » Typical division: – Fast path: Almost everything – Slow path: Fragmentation TTL expiration (traceroute) IP option handling » Slow path is evil in today’s environment – “Christmas Tree” attack sets weird IP options, bits, and overloads router. – Developers can’t (really) use things on the slow path for data flow. If it became popular, they’d be in the soup! » Other speed issue: Touching data is expensive. Designers would like to minimize accesses to packet during forwarding
IPv6 Header Cleanup No checksum >) Why checksum just the IP header? Efficiency: If packet corrupted at hop 1, don't waste b/w transmitting on hops 2. N Useful when corruption frequent, b/w expensive Today: Corruption rare, b/w cheap Different options handling >)IPv4 options: Variable length header field. 32 different options ly used No development/ many hosts/routers do not support Worse than useless: Packets wloptions often even get dropped Pr sedin“ slow path options:"Next header pointer Combines“ protocol"and“ options" handling Next header:“TcP","“UDP”,etc. Extensions header: Chained together Makes it easy to implement host-based options One value"hop-by-hop"examined by intermediate routers Things like"source route"implemented only at intermediate hops 9
9 IPv6 Header Cleanup No checksum » Why checksum just the IP header? – Efficiency: If packet corrupted at hop 1, don’t waste b/w transmitting on hops 2..N. – Useful when corruption frequent, b/w expensive – Today: Corruption rare, b/w cheap Different options handling » IPv4 options: Variable length header field. 32 different options. – Rarely used – No development / many hosts/routers do not support Worse than useless: Packets w/options often even get dropped! – Processed in “slow path”. » IPv6 options: “Next header” pointer – Combines “protocol” and “options” handling Next header: “TCP”, “UDP”, etc. – Extensions header: Chained together – Makes it easy to implement host-based options – One value “hop-by-hop” examined by intermediate routers Things like “source route” implemented only at intermediate hops
IPv6 Fragmentation Cleanup arge Small IPv4. MTU MTU Router must fragment iPv6 >Discard packets, send ICMP"Packet Too Big Similar to IPv4"Don' t Fragment! bit handling >) Sender mustsupport Path MTUdiscovery Receive"Packet too Big "messages and send smaller packets >)Increased minimum packet size Link must support 1280 bytes; 1500 bytes if link supports variable sizes Reduced packet processing and network complexity Increased MTUa boon to application writers Hosts can still fragment-using fragmentation header. Routers don'tdeal with it any more 10
10 IPv6 Fragmentation Cleanup IPv4: IPv6: » Discard packets, send ICMP “Packet Too Big” – Similar to IPv4 “Don’t Fragment” bit handling » Sender must support Path MTU discovery – Receive “Packet too Big” messages and send smaller packets » Increased minimum packet size – Link must support 1280 bytes; – 1500 bytes if link supports variable sizes Reduced packet processing and network complexity. Increased MTU a boon to application writers Hosts can still fragment - using fragmentation header. Routers don’t deal with it any more. Large MTU Small MTU Router must fragment