19 Mart 2011 Cumartesi günü Çankaya Üniversitesinde Mühendislik Fakültesi öğrencilerine verdiğimiz eğitim sunumu. İnternet tarihçesi, İnternet nasıl çalışır, IP adresleme, IGP, MPLS gibi konuları içeriyor.
8. Bi varmış, bi yokmuş.... 2 storage cabinets with each 128 kB capacity ***************************************************************************************************** Smartphone 16GB or 32GB flash drive
45. OSPF — Protocol Overview Classless routing protocol Subnet mask sent in update manual route summarization Support for authentication Maintenance of multiple databases Multicast addressing – 224.0.0.5 and 224.0.0.6 Link state-driven updates, periodic hellos
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56. OSPF — Hello Packet Format Checksum Router ID Area ID AuType Version# 1 Packet length Authentication Authentication Network mask Hello interval Options Rtr Pri Router dead interval Designated router Backup designated router Neighbor 0 31
57.
58. rtr1 OSPF Interface A:rtr1# show router ospf interface =============================================================================== OSPF Interfaces =============================================================================== If Name Area Id Designated Rtr Bkup Desig Rtr Adm Oper ------------------------------------------------------------------------------- system 0.0.0.0 1.1.1.1 0.0.0.0 Up DR to-rtr2 0.0.0.0 10.10.2.2 10.10.2.1 Up DR to-rtr3 0.0.0.0 10.10.3.2 10.10.3.1 Up BDR ------------------------------------------------------------------------------- No. of OSPF Interfaces: 3 =============================================================================== rtr1 rtr3 10.10.2.0/30 10.10.3.0/30 10.10.5.0/30 rtr2 1.1.1.1 3.3.3.3 .1 .1 .1 .2 .2 .2 2.2.2.2
69. MPLS Multi Protocol Label Switching IGP PATH MPLS PATH Congestion Bu linki kullanmaz CSPF kullanarak düşük Bandwithleri hesaplar IGP kullanarak yeni bir yol keşifeder Fast Reroute yolları bulunur
70.
71. MPLS Multi Protocol Label Switching Multi Protocol Label Switching Basic operation : LABEL SWITCHING data LER LER LSR LSR IP Forwarding IP Forwarding data Pop Push Swap Swap Label Switched Path data label data label data label
Agenda Pages This page allows for the listing of the sections within a presentation.
Divider Section Break Pages Title block set 28/32pt Trebuchet white, flush left with text box positioned at, Horizontal 1.87” and Vertical 2.87” This slide is to be used to create Section Divider slides Please copy, paste and modify this slide to reflect your specific needs. It is not generated from a Master slide template
Divider Section Break Pages Title block set 28/32pt Trebuchet white, flush left with text box positioned at, Horizontal 1.87” and Vertical 2.87” This slide is to be used to create Section Divider slides Please copy, paste and modify this slide to reflect your specific needs. It is not generated from a Master slide template
Divider Section Break Pages Title block set 28/32pt Trebuchet white, flush left with text box positioned at, Horizontal 1.87” and Vertical 2.87” This slide is to be used to create Section Divider slides Please copy, paste and modify this slide to reflect your specific needs. It is not generated from a Master slide template
ISO has created a template of network functions to describe the complexities of networking and to have a basis by which to compare different networks. This template is called the OSI model. The OSI model defines seven different layers. Each layer provides services to the layer above it and in turn requests services from the layer below it. The benefits of using the OSI model are numerous, including: The complexity of network design is eased by breaking each operation down into specific functions. Design engineers can focus on specific functions and layers rather than the overall movement of data. Because each layer performs a specific function, different vendors can create different layer devices and applications that will coexist. The Networked OSI Model Each layer of the OSI model is designed to communicate with its peer layer. Each layer requests services from the layer below it and honors requests from the layer above. No layer can bypass another layer. For example, the session layer cannot go directly to the network layer, bypassing the transport layer. Instead, the session layer must go through the transport layer to get to the network layer.
Application, Presentation and Session Layers These layers are generally not a concern to network engineers because they usually reside on the end devices and not in the network equipment that moves the data. The application layer provides an interface for the networked application to access lower-layer communication services. There must be a unique interface for each end-user application (e.g., database, transaction processing, and file transfer). The presentation layer is responsible for converting application data into a common format for transmission and reversing the conversion for received data. It is here that code conversion, data compression, and encryption are performed for an application. Presentation defines syntax and context. The session layer is responsible for establishing and terminating data streams between end systems. It is responsible for coordinating connections between network applications. The control of the direction of data flow is also handled at this layer (one-way, two-way simultaneous, or two-way, one way at a time). Transport Layer The transport layer is responsible for establishing and maintaining end-to-end connections between applications across the network. It insures that data is transferred correctly over the Internet and it provides reliable transfer with acknowledgments. The verification of the number of data packets sent and received is a function of this layer. Therefore, this layer may optionally provide error recovery for lost or mismatched data. The format of data at this layer and above is called a segment. This function is performed primarily in end systems (hosts). There is also a communication option at this layer that provides no reliability. There is no common network equipment used at this layer. However, routers have the capability to filter based on transport layer headers and the port numbers that are used in those headers.
Link-state protocols have the following common attributes: Link-state protocols trigger an update when a link (interface) changes state. The router connected to the link initiates a triggered update to its neighbors, notifying them of the change in the topology. If the network is stable and no changes in links are detected, the routers send periodic hello messages to maintain connectivity without consuming excessive bandwidth. A common attribute shared by link-state protocols is that they are classless and support all the common attributes of a classless routing protocol. Because link-state protocols are classless, updates contain the subnet mask of each network being advertised. This allows for more optimal network design and accurate path selection. VLSM and CIDR are supported in all link-state protocols. Due to the classless aspects of link-state protocols, manual summarization is actively supported. This allows network administrators to have much more control of where and how the summarization takes place. All modern link-state protocols support authentication of the updates that are sent between routers. This ensures that accurate network topologies are created without false information or errors and protects the network against DoS attacks. Link-state protocols maintain three common databases: topology (link-state DB), neighbor (adjacency DB), and routing table (forwarding DB). Modern link-state protocols use a multicast address to convey updates and hellos to their neighbor link-state routing peers. This reduces processing on devices in the network that are not running the link-state protocol.
Metrics In OSPF, all interfaces have a cost value or routing metric used in the OSPF link-state calculation. A metric value is configured based on bandwidth to compare different paths through an AS. OSPF uses cost values to determine the best path to a particular destination: the lower the cost value, the more likely the interface will be used to forward data traffic. To calculate the cost of a link a reference bandwidth is set. The reference bandwidth is referenced in kilobits per second and provides a reference for the default costing of interfaces based on their underlying link speed. The default interface cost is calculated as follows: The default reference-bandwidth is 100 000 000 kb/s or 100 Gb/s, so the default auto-cost metrics for various link speeds are as as follows: 10-Mb/s link default cost of 10 000 100-Mb/s link default cost of 1000 1-Gb/s link default cost of 100 10-Gb/s link default cost of 10 The reference-bandwidth command assigns a default cost to the interface based on the interface speed. To override this default cost on a particular interface, use the metric metric command in the config>router>ospf>area>interface ip-int-name context.
OSPF uses IP multicast addressing to communicate with routing peers. This reduces the overhead of other devices on the same segment that are not running OSPF. OSPF has two reserved multicast IP addresses. The first is 224.0.0.5 and is used to communicate with all OSPF speakers. The second is 224.0.0.6 and is used in multi-access broadcast topologies in which a DR/BDR is required for proper OSPF operations. When an OSPF update is sent on an Ethernet topology, the destination MAC address is modified to use the reserved multicast range. The range has the first 24 bits of the MAC address, normally reserved for the manufacturer code, set to 01-00-5E. The remaining 24 bits of the MAC address are the lower 24 bits of the IP multicast address. With OSPF, the relationship between the IP multicast address and the MAC address is as follows: 224.0.0.5 and 01-00-5E-00-00-05: Any OSPF speaker 224.0.0.6 and 01-00-5E-00-00-06: Any DR/BDR
OSPF updates are sent using the IP header at the network layer. However, unlike RIP, OSPF does not use a transport-layer protocol. Instead, all OSPF updates are sent directly from the IP layer to the OSPF process. To accomplish this, reserved protocol number 89 in the IP header is allocated to identify OSPF traffic.
The OSPF header breaks down into the following fields: Version number — Identifies the version of OSPF that this packet pertains to. Type — The type of packet that is being received. There are five different types of packet, described on the next page. Packet length — The overall size of the packet. This does not include the IP header but does include all bytes in the OSPF update. Router ID — The Router ID of the sending router. Area ID — The area the router is sending the packet. All routers connected to a network must agree on which area the network resides in. Checksum — The CRC (similar to FCS) for the OSPF header. Authentication type — All OSPF protocol exchanges can be authenticated. This means that only trusted routers can participate in autonomous system routing. Alcatel’s implementation of OSPF supports simple password (plain-text) and MD5 authentication). Authentication — When packets are sent with authentication invoked, this field is used to convey the authentication information. MD5 allows one authentication key to be configured per network. Routers in the same routing domain must be configured with the same key. When the MD5 hashing algorithm is used for authentication, MD5 is used to verify data integrity by creating a 128-bit message digest from the data input. The message digest is unique to that data. Alcatel’s implementation of MD5 allows the migration of an MD5 key by using a key ID for each unique key. Data — This field varies depending on the type of OSPF packet being sent.
OSPF uses 5 different types of packets to establish and maintain router connectivity and network convergence. Hello packet — This packet is used to establish adjacencies with other routers that speak OSPF. It is also used to maintain neighbor connectivity by being propagated periodically, typically every 10 seconds. However, this value can be modified from 0 to 65 535 seconds. Database description — This packet conveys a summary of all networks in the router’s database. Typically this is the classless network, the router’s cost to access, and the sequence number associated with the network entry. Link-state request — When a neighbor router receives a database description packet, it compares the entry in its current link-state database with the information received. If a received network is not in the database or if the sequence number for a network is higher, the router generates a link-state request for more information about the network. Link-state update — When it receives a link-state request, the router responds with the complete link-state database entry. To accomplish this, the router generates a type 4 (link-state update) packet and forwards it back to the requesting router. Link-state ACK — Each newly received LSA must be acknowledged. This is usually done by sending link-state ACK packets. Many ACKs may be grouped together in a single link-state ACK packet.
The RID uniquely identifies the router in the routing domain. Unless defined otherwise, it is set to the system-interface address. A RID can be derived by: Defining the value in the config>router router-id context Defining the system interface in the config>router>interface ip-int-name context (used if the router ID is not specified in the config>router router-id context) Inheriting the last four bytes of the MAC address When a new RID is configured, protocols are not automatically restarted with the new RID. The next time a protocol is initialized or reinitialized, the new RID is used. A delay can occur when different protocols use different RIDs. To force the new RID, issue the shutdown and no shutdown commands for each protocol that uses the RID, or restart the entire router. By default, the system uses the system-interface address, which is also the loopback address. If a system-interface address is not configured, the last 32 bits of the chassis MAC address are used.
A router uses the OSPF hello protocol to discover neighbors. A neighbor is a router that is configured with an interface to a common network. The router sends hello packets to a multicast address and receives hello packets in return. In broadcast networks, a DR and a BDR are elected. The DR is responsible for sending LSAs that describe the network, which reduces the amount of network traffic. The routers attempt to form adjacencies. An adjacency is a relationship formed between a router and the DR or BDR. For point-to-point networks, no DR or BDR is elected. An adjacency must be formed with the neighbor. To significantly improve adjacency formation and network convergence, a network should be configured as point-to-point if only two routers are connected, even if the network is a broadcast media such as Ethernet. When the link-state databases of two neighbors are synchronized, the routers are considered to be fully adjacent. When adjacencies are established, pairs of adjacent routers synchronize their topological databases. Not every neighboring router forms an adjacency. Routing-protocol updates are only sent to and received from adjacencies. Routers that do not become fully adjacent remain in the 2-way neighbor state.
The hello packet consists of the following fields: Header — The standard OSPF header is identical for all five types of packets. The only modification is that the type field has the value of “1” to signify that this is a hello packet. Network mask — The network mask field contains the network mask for the interface that the packet is being sent on. Hello interval — The hello interval must match for all neighbors on the segment. By default, Alcatel uses a 10-second hello interval. This can be modified to a value between 0 and 65 535. Options — The options field is usually left blank. RTR Pri — The router priority field denotes the priority value seeded on the router for use in electing a DR and BDR. The default for Alcatel routers is a priority of 1. A priority of 0 means that the router can never be a DR or BDR in the network connected to this interface. Router dead interval — The default value is 40 seconds, or four times the update interval. If a neighbor does not send a hello packet within this interval, the router assumes that the neighbor is not active and purges all information that the neighbor has conveyed. Designated router — This field denotes the elected DR. Backup designated router — This field denotes the elected BDR. Neighbor — This field varies depending on the number of neighbors the router has learned of on the interface. The neighbor’s RID is conveyed in this field. Routers on this interface look for their RID, to ensure that the router that is sending the hello sees them.
In the figure above, the two routers have not formed an adjacency. The following steps describe how the adjacency is created and the actions that are required. Both routers are in a down state: neither router has sent any OSPF-related packets. The router on the left sends a hello packet with the standard header. In the hello information, the router inserts its RID and leaves the neighbor field blank because it does not know of any other router on the Ethernet segment. The right-side router responds with its own hello. However, this router’s hello contains not only its RID, but also the RID of the left router. When each router sees that the other router acknowledges its existence, the state changes from down to 2-way.
There are 6 routers in Area 0. The database contains a type 1 (router) LSA for each router in the areas that it belongs to. The interface type between the routers is broadcast. The database contains a type 2 (network) LSA for each network.