Network Layer 3 (routing algorithm, ARP)

Network Layer learning 3 (ARP) I. RIP on the Internet. AS is the two Routing protocols used inside the self-made system are RIP (Routing information Protocol, Routing information Protocol) and OSPF (Open Shortcut Path First ). RIP is a distance vector protocol that runs in a similar way as the idealized DV algorithm. In RIP, the DV algorithm uses the number of hops, that is, the number of routers in the shortest path from the source router to the destination router. The maximum number of hops in a path in RIP is limited to 15. Therefore, RIP is restricted to be used in a self-made system with a network diameter of no more than 15. The DV algorithm needs to send the Distance Vector information of each vro between routers. RIP uses the RIP notification (also known as the RIP response packet) to complete this function. The RIP notification is exchanged once every 30 seconds. The RIP announcement contains information about the path to update. Each vro maintains a routing table that contains the distance vector of the vro and the forwarding table of the vro. A router running the RIP Protocol sends a RIP Notification every 30 seconds. If a router has not received the RIP notification from its neighbor for more than 180 seconds, it considers that the neighbor is no longer reachable. In this case, it updates its own distance vector and notifies the adjacent router of this information. RIP also allows the router to send a request message to request a neighbor to update its route information. This is achieved by sending the RIP request message. The RIP protocol uses the DUP protocol and port 520. 2. OSPFOSPF is also used inside the self-made system, but it is usually used in the upper-layer ISP, and RIP is generally used in the lower-layer ISP and enterprise network. The core of OSPF is the link status protocol that uses flood link status information and a Dijkstra lowest cost path algorithm. When OSPF is used, Each router has a complete topology of the link status of the entire homemade system. Each vro runs the Dijkstra algorithm locally to determine the shortest path from its own root node to all subnets. In OSPF, the cost of each link is set by the Administrator, so that the administrator can influence the selection of the shortest path, for example, the administrator can set the link weight value in an inverse proportion to the link capacity. In this way, the high-bandwidth link is selected when selecting a route. OSPF does not have a mandatory LINk wEight setting policy. It only provides a mechanism to determine the lowest cost path for a given link weight. In OSPF, the router broadcasts routing information to all other routers in the autonomous system. When the status of a link changes, the router broadcasts the link status information. Even if the link status does not change, OSPF periodically broadcasts the link status (at least every 30 minutes ). The OSPF announcement is included in the OSPF Packet. The OSPF Packet runs directly on the IP address and its Protocol Number is 89. Advantages of OSPF: Security: OSPF protects OSPF packets between routers. Multi-path: OSPF allows multiple paths with the same cost to reach a destination. (This can be achieved by creating different routes for different IP service types .) Support unicast and Multicast: MOSPF is an extension of OSPF and provides multicast routing. Supports hierarchical structures in a single routing domain: OSPF is capable of constructing a self-made system based on a hierarchical structure. An OSPF self-made system can be configured in multiple regions. Each region runs its own OSPF algorithm. Each vro in a region broadcasts its link status to all other vrouters in the region. In a region, one or more regional border routers are responsible for routing the routes sent to groups outside the region. In the OSPF hierarchy, a region is configured AS the main region, which includes the regional border routers in all regions of the AS and some routers not in any other regions, the purpose of this region is to select traffic between other regions in. 3. BGPBGP is a routing protocol between self-made systems used in the Internet. It is extremely complicated. 4. Broadcast and Multicast Route Selection refers to the packet routing service provided by the network layer from one source node to all other nodes in the network. Multicast Routing refers to the packet routing service provided by the network layer from a source node to a group of nodes in the network. 1. broadcast routing the most direct way to achieve broadcast routing is to send a copy of the Group to all destinations by the sending node. This method looks simple, but it has some disadvantages that make it practical: low efficiency, A group becomes N groups, which greatly wastes bandwidth and cannot know the addresses of all potential destinations. Unless a new protocol is designed for this purpose, however, this undoubtedly makes it more difficult. The link status protocol uses broadcast to update the link status information. In this case, the purpose of broadcast is to generate and update unicast routes, therefore, it would be unwise to use unicast to implement broadcast. Therefore, it is necessary to use other methods to achieve broadcast routing. 1. The most obvious way to achieve broadcast with uncontrolled flood is to use flood, that is, all nodes will forward the Group to all the neighbors except the neighbor of the receiving group. As long as the network is connected, the group can reach all nodes, but according to the simplest graph theory knowledge, the group will be replicated throughout the network without restrictions, until they expire. This will create a broadcast storm, making the network unavailable. 2. The key to preventing broadcast storms through controlled flooding is that each node can select the timing of flood groups. There are two solutions to solve the problem of broadcast storm: serial number control flooding: the source node puts its address and broadcast serial number into the broadcast group, and then to the Network Flooding group. Each node maintains the serial number list of each broadcast group it receives, copies, and forwards. Each time it receives a broadcast group, it checks the table. If it already exists, it does not flood, otherwise, a flood occurs and new information is updated to the table. Reverse route forwarding (RPF): When a router receives a broadcast group with a given source address, only when the link to the group is located on the shortest unicast path from the group to its source, the group is flooded. Otherwise, it discards the group. 3. Controlled flooding of Spanning Tree broadcast solves the problem of broadcast storms, but redundant broadcast groups still exist in the network. The Spanning Tree solution can solve this problem. Spanning Tree: a graph that contains all nodes in the network and connects them using links in the network. Minimum Spanning Tree: The sum of the costs of each link is the smallest Spanning Tree in all spanning trees. A Spanning Tree broadcast refers to a first generation tree for a network node paparazzi. When a node sends a broadcast group, it sends the Group to all specific links that belong to the Spanning Tree. The complexity of this solution lies in the generation and maintenance of the Spanning Tree. In reality, OSPF uses the serial number control method. 2. multicast routing multicast is used to deliver packets to a subset of network nodes. There are two problems in multicast communication: one is how to identify the receiver of multicast groups and how to address the receiver of multicast groups. The solution is to use the brief address addressing, that is, to identify a group of receivers with a single identifier. The groups addressing this group are delivered to multicast receivers related to this group. IPv4 uses Class D addresses for this purpose, and IPv6 also has its own multicast address format. The receiver group associated with a multicast address is a multicast group. 1. after an IGMP has a multicast address, if a host wants to receive multicast groups, it must establish an association between the multicast address and itself. This is achieved through the IGMP protocol, the host uses this Protocol to notify the host's default router "I want to join or quit a multicast group ", based on this information, the vro determines whether to forward multicast groups to the host. 2. The purpose of multicast routing is to find a link tree that connects all the routers connected to the multicast group's hosts. Then the multicast group can route the route from the sender to all hosts belonging to the multicast group along the tree. There are two ways to build a routing tree: Use a group of shared trees for multicasting: This method is based on a constructed tree, the tree includes all routers with the multicast group connected hosts. The Multicast Group is based on the source tree. The source tree is used for multicast routing. In this method, a multicast route is created for each source in the multicast group. In practice, the RPF algorithm is used to construct the tree, and the pruning algorithm is used to correct the tree. The pruning algorithm is used to send a pruning packet to the upstream of a router that receives a multicast group and does not add it to the host of the group, the router that receives the pruning packet will not forward the multicast group to the vro. If each downstream router of a vro sends a pruning packet to the vro, it sends a pruning packet to its upstream. The Multicast Routing algorithms used in the Internet include DVMRP (Distance Vector Multicast Routing Protocol) and PIM (Protocol-Independent Multicast ). 5. The ing network layer between MAC addresses and IP addresses is used to identify hosts on the Internet and provide the routing and forwarding functions between hosts, however, whether a physical interface can receive packets depends on its link layer address (without considering the hybrid mode, the interface NIC will receive all packets in the hybrid mode ). For broadcast and multicast, there is a fixed algorithm for the relationship between the IP address and the link layer address, so it is easy to obtain the link layer address from the IP address, but for unicast, there must be a way to associate the IP address with the link layer address. In IPv4, this is achieved through the Address Resolution Protocol ARP. ARP provides a dynamic ing between the IP address and the corresponding hardware address. 1. the relationship between the MAC address IPv4 multicast address and the MAC address is that the 25-bit high of the MAC address is fixed to 00000001 00000000 01011110 0, the lower 23 bits are taken from the lower 23 bits of the IP multicast address. In addition to the four bits prefix, five BITs do not enter the MAC address. Therefore, a MAC multicast address corresponds to 32 IP multicast addresses. The correspondence between an IPv6 multicast address and a MAC address is that the high 16-bit MAC address is fixed to 3333, and the low 32-bit is taken from the low 32-bit IP address. 2. The ARP packet format is: the first two fields in the Ethernet header are the source address and destination address of the Ethernet. The special address with the destination address of all 1 is the broadcast address. All Ethernet interfaces on the cable must receive broadcast data frames. Two bytes long Ethernet frame types indicate the type of the subsequent data. For ARP requests or responses, the value of this field is 0x0806. The adjectives hardware and protocol are used to describe each field in the ARP group. For example, an ARP request group queries the hardware address (ethernet address) corresponding to the Protocol address (IP address ). The hardware type field indicates the hardware address type. The value 1 indicates the ethernet address. The protocol type field indicates the Protocol address type to be mapped. Its value is 0x0800, indicating the IP address. The value is the same as the value of the type field in the Ethernet data frame that contains the IP datagram. The following two 1-byte fields indicate the length of the hardware address and the Protocol address respectively, in bytes. For ARP requests or responses from IP addresses over Ethernet, their values are 6 and 4, respectively. The operation field indicates four operation types: ARP request (value: 1), ARP response (value: 2), and RARP request (value: 3) and RARP response (value: 4) (we will discuss RARP in Chapter 5th ). This field is required because the Frame Type Field Values of ARP requests and ARP responses are the same. The following four fields are the sender's hardware address (in this example, the ethernet address), the sender's Protocol address (IP address), the destination's hardware address, and the destination's Protocol address. Note that there is some duplicate information: both the Ethernet data frame header and the ARP request data frame have the sending hardware address. For an ARP request, all fields except the target hardware address have a fill value. After the system receives an ARP request message from the target machine, it fills in the hardware address and replaces the two Sending addresses with the two destination addresses, set the operation field to 2 and send it back. 3. when a host needs to communicate with another host, ARP first searches for the route table to obtain the next hop information. If the next hop information does not contain the MAC address, it needs to parse the MAC address of the next hop, then it sends an ARP request to the next hop, and after the next hop receives the request, an ARP response message is sent to inform the requester of its MAC address. After obtaining the MAC address, the host can continue its communication process. The ARP request packet is a broadcast packet. The destination MAC address is full F, and the source MAC address is its own MAC address. The information in the load includes the sender's IP address and MAC address, as well as the destination IP address. The destination MAC address is all 0. In one example, the ARP response packet is a single broadcast file, it will only be sent to the requester. Example 4. ARP proxy if the ARP request is sent from one network host to another, then the router connecting the two networks can answer the request, this process is called the delegate ARP or ARP proxy (ProxyARP ). In this way, the sender of the ARP request can be spoofed to assume that the vro is the target host. In fact, the target host is on the "other side" of the vro ". The vro function is equivalent to the proxy of the target host, which forwards the group from other hosts. 5. A free ARP feature is called gratuitousARP ). It refers to the host sending ARP to find its own IP address. Generally, it occurs when the interface is configured during system boot. Free ARP can have two functions: one host can use it to determine whether the other host has the same IP address. If the host sending free ARP changes the hardware address (probably because the host is shut down, an interface card is changed, and then restarted ), then, this group will update the old hardware addresses in the cache of other hosts. A well-known ARP fact [Plummer1982] is that if the host receives an ARP request from an IP address and it is already in the recipient's high-speed cache, in this case, the sender's hardware address (such as the ethernet address) in the ARP request must be used to update the corresponding content in the cache. The host must complete this operation when it receives any ARP request (ARP requests are broadcast online, so this is required for all hosts on the network each time an ARP request is sent ). 5. IPv6 address resolution IPv6 does not apply to ARP, but uses the ND (neighbor discover) in ICMPv6 to complete the corresponding resolution process.