Transcript Session_13 - Lyle School of Engineering

Internetworking Protocols and Programming
CSE 5348 / 7348
Instructor: Anil Gurijala
Session 13
(Ch. 30, RFCs 2702 & 3031)
Topics
• Internet Management
– ISO
Management Model
– TCP/IP Network Management
– SNMP
– MIB
– SMI
– ASN
• IP Tools
ISO Network Management Model
• Fault
• Configuration
• Accounting
• Performance
• Security
Typical Management Architecture
Managing
Entity
Network Management Protocol
Agent
Agent
Agent
Mgmt. Database
Mgmt. Database
Mgmt. Database
TCP/IP Network Mgmt
• Framework is divided into two parts
regarding standardization.
– Communication of information.
SNMP
– Management of data.
MIB
Simple Network Mgmt. Protocol
• Part of TCP/IP protocol suite.
• Runs at application level.
• Current version is 3, i.e. SNMPv3.
• Defines Message format and transport
protocols.
• Defines Set of operations and their
meaning.
Management Information Base
• Specifies the data items that a managed
item must keep, the operations allowed
on it and the meanings.
– MIB for IP specifies that software
must keep a count of all octets that
arrive over each network interface
and that network management
software can only read the count.
Examples of MIB Categories
MIB Category
System
Interfaces
At
Ip
Tcp
UDP
Ospf
Bgp
Rmon
Information about
The host or Router OS
Individual Network interfaces
Address Translation
Internet Protocol software
Transmission Control Protocol
User Datagram Protocol
Open Shortest Path First S/W
Border Gateway protocol S/W
Remote Network Monitoring
Examples of MIB Variables
MIB Variable Category
sysUpTime System
ifNumber
Interaces
ifMTU
interfaces
ipDefaultTTL ip
field
ipInReceives ip
ipOutNoRoutes
ip
tcpRtoMin
tcp
TCP allows
tcpMaxConn tcp
allowed
tcpInSegs
tcp
received
Meaning
Time since last reboot
Number of network interfaces
MTU for a particular interface
Value IP uses in time-to-live
Number of datagrams received
Number of routing failures
Minimum retransmission time
Maximum TCP connections
Number of segments TCP has
MIB Variables
• Not only numeric, but more complex
such as whole Routing Tables.
• Only Logical definition, actual
implementation may vary for different
nodes.
The Structure of Management Information
• SMI specifies a set of rules used to
define and identify MIB variables.
• SMI places restrictions on the types of
variables allowed in the MIB, specifies
the rules for naming those variables,
and creates rules for defining variable
types.
– IpAddress – 4 octet string
– Coutner – integer 0 to 232 – 1.
Formal Definitions Using ASN.1
• SMI specifies that all MIB variables must
be defined and referenced using ISO’s
Abstract Syntax Notation 1 (ASN.1)
• ASN.1 is a formal language that has two
main features:
– a notation used in documents that humans
read
– A compact encoded representation of the
same information used in communication
protocols.
Example of ASN.1 Notation
ipAddrTable ::= SEQUENCE OF
IpAddrEntry
IpAddrEntry ::= SEQUENCE {
ipAdEntAddr
IpAddress,
ipAdEntIfIndex
INTEGER,
ipAdEntNetMask
IpAddress,
ipAdEntBcastAddr
IpAddress,
ipAdEntReasmMaxSize INTEGER
(0..65535)
}
•
•
•
•
•
Object Identifier Namespace
Names used for MIB variables are
taken from the object identifier
Namespace.
The namespace is not limited to
network mgmt. e.g. each IP standard
document has a name.
The namespace is absolute and global.
Hierarchical
Authority is subdivided at each level.
Hierarchical Object Identifier Namespace
unnamed
Iso
1
Itu
2
Joint
Iso-itu
3
Org
3
Dod
6
Internet
1
Directory
1
Mgmt
2
Experimental
3
Private
4
Object Id. Namespace for MIB
Label from the root to this point is 1.3.6
Internet
1
Directory
1
Mgmt
2
Experimental
3
Private
4
Mib
1
System
1
Interfaces
2
Addr.
Trans.
3
ip
icmp
tcp
Example
• ipInReceives has been assigned
number identifies 3 under the ip node
in the name space.
– Name:
iso.org.dod.internet.mgmt.mib.ip.ipI
nReceives
– Numeric representation
1.3.6.1.2.1.4.3
Referencing Table Entries
• ASN.1 does not use integer indices.
Instead, appends a suffix onto the name
to select a specific element in the table.
1
2
3
4
5
X
Y
Z
A
B
Simple Network Management Protocol
• Specifies the communication between
network management client program a
manager invokes and a network
management server program excuting on a
host or router.
• Defines
– the form and meaning of messages
exchanged
– The representation of names and values
in those messages
– Administrative relationships among
routers being managed.
SNMP
• All operations in a fetch-store
paradigm.
• Conceptually, only two commands
– Fetch a value from a data item
– Store a value into a data item.
– (all other operations are side-effects
of the above).
• Offers stability, simplicity and
flexibility.
SNMP Commands
Command
Get-request
variable
Get-next-request
exact name
Get-bulk-request
Response
requests
Set-request
variable
Inform-request
Snpv2-trap
Report
Meaning
Fetch a value from a specifi
Fetch a vlaue without knowing its
Fetch a large volume of data
A response to any of the above
Store a value in a specific
Reference to third-party data
Reply triggered by an event
Undefined.
SNMP
• SNMP operations must be atomic,
meaning that if a single SNMP
message specifies operations on
multiple variables, the server either
performs all operations or none of
them.
Searching Tables Using Names
IP Addresses
128.194.76.95
128.186.174.89
128.192.165.98
Network Mask
255.255.0.0
255.255.255.0
255.255.255.0
Name:
Iso.org.dod.internet.mgmt.mib.ip.ipAddrTable.ipAddrTable.ipAddrEntry.ipAdE
ntNetMask
Number:
1.3.6.1.2.1.3.20.1.3
MPLS
Traffic Engineering: MPLS
• MPLS (Multi Protocol Label
Bursty Traffic
Connection Admission Control
Traffic Engineering
Switching)
– IP addresses are mapped to simple
fixed-length labels used by different
packet forwarding/switching
technologies.
– All the packets that are mapped to
the same label traverse through the
same path.
Ref: http://www.iec.org/online/tutorials/acrobat/mpls.pdf
MPLS: IP FORWARDING USED
BY HOP-BY-HOP CONTROL
Dest
47.1
47.2
47.3
Dest
47.1
47.2
47.3
Out
1
2
3
1 47.1
1
Dest
47.1
47.2
47.3
Out
1
2
3
IP 47.1.1.1
2
IP 47.1.1.1
3
Out
1
2
3
2
IP 47.1.1.1
1
47.2
47.3 3
2
IP 47.1.1.1
Ref: http://www.nanog.org/mtg-9905/ppt/mpls.ppt
MPLS Label Distribution
Intf Label Dest Intf Label
In In
Out Out
3
0.50 47.1 1
0.40
Intf
In
3
Label Dest Intf
In
Out
0.40 47.1 1
1
Request: 47.1
3
Intf Dest Intf Label
In
Out Out
3
47.1 1
0.50
3
2
1
1
47.3 3
47.1
Mapping: 0.40
2
47.2
2
MPLS: Label Switched Path (LSP)
Intf Label Dest Intf Label
In In
Out Out
3
0.50 47.1 1
0.40
Intf Dest Intf Label
In
Out Out
3
47.1 1
0.50
2
2
47.2
2
IP 47.1.1.1
3
1
47.3 3
Label Dest Intf
In
Out
0.40 47.1 1
IP 47.1.1.1
1 47.1
3
1
Intf
In
3
Advantages
• MPLS forwarding can be done by
Layer-2 switches.
• Additional information than that
available in the header can be used in
assigning to a FEC.
• Traffic engineering can be done easily.
• Supports Class of Service.
MPLS Basics: Labels
• A label is a short, fixed length, locally significant
identifier which is used to identify a FEC. The
label which is put on a particular packet represents
the Forwarding Equivalence Class to which that
packet is assigned.
• Forwarding Equivalence Class (FEC) is a group of
IP packets which are forwarded in the same
manner (e.g., over the same path, with the same
forwarding treatment)
• Label Switching Router (LSR) is an MPLS node
which is capable of forwarding native L3 packets.
Basics
L3-L7
Ru
L=3 L2
Rd
Label L=3 is for the traffic FEC F from Ru to Rd only.
Ru is upstream Router for F and Rd Downstream Router for F.
Rd decides the mapping of F to L and sends to Ru.
Label Distribution Protocol
• A label distribution protocol is a set of
procedures by which one LSR informs
another of the label/FEC bindings it has
made.
• Two LSRs which use a label distribution
protocol to exchange label/FEC binding
information are known as "label distribution
peers" with respect to the binding
information they exchange.
• The architecture does not assume that there
is only a single label distribution protocol.
Unsolicited Downstream vs. Downstream-onDemand
• Downstream-on-demand: an LSR explicitly
requests, from its next hop for a particular FEC, a
label binding for that FEC.
• Unsolicited downstream: an LSR to distribute
bindings to LSRs that have not explicitly
requested them.
• Both of these label distribution techniques may be
used in the same network at the same time.
• On any given label distribution adjacency, the
upstream LSR and the downstream LSR must
agree on which technique is to be used.
Label Retention Modes
• An LSR Ru may receive (or have received) a label
binding for a particular FEC from an LSR Rd,
even though Rd is not Ru's next hop (or is no
longer Ru's next hop) for that FEC.
• Liberal Label Retention Mode: maintains the
bindings between a label and a FEC which are
received from LSRs which are not its next hop for
that FEC.
• Conservative Label Retention Mode: discards
such bindings.
– Liberal label retention mode allows for quicker
adaptation to routing changes
– Conservative label retention mode though
requires an LSR to maintain many fewer labels.
Label Stack
• A labeled packet carries a number of labels,
organized as a last-in, first-out stack.
• If a packet's label stack is of depth m, we
refer to the label at the bottom of the stack
as the level 1 label, to the label above it (if
such exists) as the level 2 label, and to the
label at the top of the stack as the level m
label.
L1 L2 L3 Lm
The Next Hop Label Forwarding Entry
(NHLFE)
• NHLFE contains
– the packet's next hop
– One of the following operations to
perform on the packet's label stack
replace the label at the top of the label
stack with a specified new label
pop the label stack
replace the label at the top of the label
stack with a specified new label, and
then push one or more specified new
labels onto the label stack.
NHLFE
• NHLFE may also contain
– the
data link encapsulation to use
when transmitting the packet
– the way to encode the label stack
when transmitting the packet
– any other information needed in
order to properly dispose of the
packet
Incoming Label Map
• The "Incoming Label Map" (ILM) maps
each incoming label to a set of NHLFEs.
• It is used when forwarding packets that
arrive as labeled packets.
• If the ILM maps a particular label to a set of
NHLFEs that contains more than one
element, exactly one element of the set must
be chosen before the packet is forwarded.
– Having the ILM map a label to a set
containing more than one NHLFE may be
useful if, e.g., it is desired to do load
balancing over multiple equal-cost paths.
FEC-to-NHLFE Map (FTN)
• Maps each FEC to a set of NHLFEs.
• It is used when forwarding packets that
arrive unlabeled, but which are to be labeled
before being forwarded.
• If the FTN maps a particular label to a set of
NHLFEs that contains more than one
element, exactly one element of the set must
be chosen before the packet is forwarded.
– Having the FTN map a label to a set
containing more than one NHLFE may be
useful if, e.g., it is desired to do load
balancing over multiple equal-cost paths.
Label Swapping
• Forwarding a labeled packet
–
a LSR examines the label at the top of the
label stack.
– It uses the ILM to map this label to an
NHLFE.
– Using the information in the NHLFE, it
determines where to forward the packet,
and performs an operation on the packet's
label stack. It then encodes the new label
stack into the packet, and forwards the
result.
Label Swapping
• Forwarding an unlabeled packet
–
a LSR analyzes the network layer header,
to determine the packet's FEC.
– It then uses the FTN to map this to an
NHLFE.
– Using the information in the NHLFE, it
determines where to forward the packet,
and performs an operation on the packet's
label stack.
– It then encodes the new label stack into
the packet, and forwards the result
Label Switched Path
• A "Label Switched Path (LSP) of level m" for a
particular packet P is a sequence of routers, <R1,
..., Rn> with the following properties:
– which begins with an LSR (an "LSP Ingress")
that pushes on a level m label,
– all of whose intermediate LSRs make their
forwarding decision by label Switching on a
level m label,
– which ends (at an "LSP Egress") when a
forwarding decision is made by label Switching
on a level m-k label, where k>0, or when a
forwarding decision is made by "ordinary",
non-MPLS forwarding procedures.
Invalid Incoming Labels
• What should an LSR do if it receives a
labeled packet with a particular incoming
label, but has no binding for that label?
– when a labeled packet is received with an
invalid incoming label, it MUST be
discarded, UNLESS it is determined by
some means (not within the scope of the
current document) that forwarding it
unlabeled cannot cause any harm.
Route Selection
• Method used for selecting the LSP for a
particular FEC.
– hop by hop routing
allows each node to independently
choose the next hop for each FEC.
– explicit routing
a single LSR, generally the LSP
ingress or the LSP egress, specifies
several (or all) of the LSRs in the LSP.
Time-to-Live (TTL)
• When a packet travels along an LSP, it
SHOULD emerge with the same TTL
value that it would have had if it had
traversed the same sequence of routers
without having been label switched.
– MPLS-specific "shim" header
– MPLS labels are carried in an L2
header like ATM
MPLS Label Header
• Called MPL SHIM Header
• 32 Bits Length
8
1
3
TTL
S
Exp
20
Label
Tunnels
Ru
R1
R2
• Hop-by-Hop Routed Tunnel
• Explicitly Routed Tunnel
LSP can be used for tunneling.
Rd
Label Distribution Protocol
• A label distribution protocol as a set of
procedures by which one Label
Switched Router (LSR) informs
another of the meaning of labels used
to forward traffic between and through
them.
• A number of different label distribution
protocols are being standardized.
List of Label Distribution Protocols
Protocol Name
LDP
BGP
IS-IS
CR-LDP
RSVP-TE
OSPF-TE
Traffic Engineering
No
No
No
Yes
Yes
Yes
LDP Message Exchange
• Discovery messages
– used to announce and maintain the
presence of an LSR in a network.
– provide a mechanism whereby LSRs
indicate their presence in a network
by sending a Hello message
periodically.
– This is transmitted as a UDP packet
to the LDP port at the `all routers on
this subnet' group multicast address.
LDP Message Exchange
• Session messages
– used
to establish, maintain, and
terminate sessions between LDP
peers.
– When an LSR chooses to establish a
session with another LSR learned via
the Hello message, it uses the LDP
initialization procedure over TCP
transport.
LDP Message Exchange
• Advertisement messages
–
used to create, change, and delete label
mappings for FECs.
– Upon successful completion of the initialization
procedure, the two LSRs are LDP peers, and
may exchange advertisement messages.
– Uses TCP Transport.
• Notification messages
– used to provide advisory information and to
signal error information.
– Uses TCP Transport.
Requirements for Traffic Engineering
over MPLS (RFC 2702)
Introduction
• Traffic Engineering (TE) is concerned with
performance optimization of operational
networks.
• It compasses the application of technology
and scientific principles to the
measurement, modeling, characterization,
and control of Internet traffic and the
application of such knowledge and
techniques to achieve specific performance
objectives.
TE performance objectives
• Traffic Oriented
–
Aspects that enhance the QoS of traffic.
E.g. minimization of packet loss,
minimization of delay, maximization of
throughput, etc.
• Resource Oriented
– Aspects pertaining to the optimization of
resource utilization. E.g. efficient
bandwidth management.
• Congestion applies to both of the above.
Congestion Causes
• Insufficient network resources to
accommodate offered traffic.
• Inefficient traffic mapping to available
resources, causing subsets of network
resource to become over-utilized while
others are under utilized.
Second type of congestion is addressed
through TE.
Limitations of current IGPs
• IGPs based on SPF algorithms optimize
based on a simple additive metric.
• Congestion occurs
– The shortest paths of multiple traffic
streams converge on specific linsk or
router interfaces, or
– A given traffic stream is routed through a
link or router interface which does not
have enough bandwidth to accommodate
it.
Traffic Trunk
• A traffic trunk is an aggregation of
traffic flows of the same class which
are placed inside a Label Switched
Path.
• A traffic trunk is an abstract
representation of traffic to which
specific characteristics can be
associated.
MPLS and TE
•
•
•
•
•
•
•
•
Explicit label switched paths which are not constrained by the
destination based forwarding paradigm can be easily created through
manual administrative action or through automated action by the
underlying protocols.
LSPs can potentially be efficiently maintained,
Traffic trunks can be instantiated and mapped onto LSPs,
A set of attributes can be associated with traffic trunks which modulate
their behavioral characteristics
A set of attributes can be associated with resources which constrain the
placement of LSPs and traffic trunks across them,
MPLS allows for both traffic aggregation and dis-aggregation, whereas
classical destination only based on IP forwarding permits only
aggregation.
It is relatively easy to integrate a constraint-based routing framework
with MPLS
A good implementation of MPLS can offer significantly lower
overhead than competing alternatives for Traffic Engineering.
The Fundamental Problem of Traffic
Engineering Over MPLS
• how to map packets onto forwarding
equivalence classes.
• how to map forwarding equivalence
classes onto traffic trunks.
• how to map traffic trunks onto the
physical network topology through
label switched paths.
capabilities required to support TE
• A set of attributes associated with traffic trunks
which collectively specify their behavioral
characteristics.
• A set of attributes associated with resources which
constrain the placement of traffic trunks through
them. These can also be viewed as topology
attribute constraints.
• A "constraint-based routing" framework which is
used to select paths for traffic trunks subject to
constraints imposed by items 1) and 2) above. The
constraint-based routing framework does not have
to be part of MPLS. However, the two need to be
tightly integrated together.
Traffic Trunk Attributes and Characteristics
• Basic Properties
–
–
–
–
–
A traffic trunk is an *aggregate* of traffic flows
belonging to the same class. In some contexts, it may
be desirable to relax this definition and allow traffic
trunks to include multi-class traffic aggregates.
In a single class service model, such as the current
Internet, a traffic trunk could encapsulate all of the
traffic between an ingress LSR and an egress LSR, or
subsets thereof.
Traffic trunks are routable objects (similar to ATM
VCs).
A traffic trunk is distinct from the LSP through which it
traverses. In operational contexts, a traffic trunk can be
moved from one path onto another.
A traffic trunk is unidirectional.
Basic Operations of TT
• Establish: To create an instance of a traffic trunk.
• Activate: To cause a traffic trunk to start passing traffic.
•
•
•
•
The establishment and activation of a traffic trunk are
logically separate events. They may, however, be
implemented or invoked as one atomic action.
Deactivate: To cause a traffic trunk to stop passing traffic.
Modify Attributes: To cause the attributes of a traffic trunk
to be modified.
Reroute: To cause a traffic trunk to change its route. This
can be done through administrative action or automatically
by the underlying protocols.
Destroy: To remove an instance of a traffic trunk from the
network and reclaim all resources allocated to it. Such
resources include label space and possibly available
bandwidth
Basic TT Attributes
• Traffic parameter attributes
–
Peak, Average, Burst Size, etc.
• Generic Path selection and maintenance attributes
– define the rules for selecting the route taken by a traffic
trunk as well as the rules for maintenance of paths that
are already established.
– If there are no resource requirements or restrictions
associated with a traffic trunk, then a topology driven
protocol can be used to select its path. However, if
resource requirements or policy restrictions exist, then a
constraint-based routing scheme should be used for
path selection.
– Administratively Specified Explicit Paths
– Hierarchy of Preference Rules For Multi-Paths
– Resource Class Affinity Attributes
– Adaptivity Attribute
– Load Distribution Across Parallel Traffic Trunks
TT Attributes
• Priority attribute
–
The priority attribute defines the relative importance of
traffic trunks.
• Preemption attribute
– The preemption attribute determines whether a traffic
trunk can preempt another traffic trunk from a given
path, and whether another traffic trunk can preempt a
specific traffic trunk.
• Resilience attribute
– The resilience attribute determines the behavior of a
traffic trunk under fault conditions.
• Policing attribute
– The policing attribute determines the actions that
should be taken by the underlying protocols when a
traffic trunk becomes non-compliant.
Resource Attributes
• Maximum Allocation Multiplier
–
The maximum allocation multiplier
(MAM) of a resource is an
administratively configurable attribute
which determines the proportion of the
resource that is available for allocation to
traffic trunks. E.g. Bandwidth
• Resource Class Attribute
– The key resources of interest here are
links. When applied to links, the resource
class attribute effectively becomes an
aspect of the "link state" parameters.
Constraint-Based Routing
• Constraint-based routing enables a demand
driven, resource reservation aware, routing
paradigm to co-exist with current topology
driven hop by hop Internet interior gateway
protocols.
• A constraint-based routing framework uses
the following as input
– The attributes associated with traffic
trunks.
– The attributes associated with resources.
– Other topology state information.
Basic Features of Constraint-Based Routing
• Should at least have the capability to
automatically obtain a basic feasible
solution to the traffic trunk path
placement problem.
Thank You