INR

InterNetworking and Routing

This page houses all the information on the INR subject.

Use the following links to navigate though the logbook: week1week2week 2bweek 3week 4

, week 5, week 6

Documents and files

  1. Presentation: End to end principle

OSPF, Friday, March 18, 2005

In this practise we configured a network which will be used with the OSPF (Open Shortest Path First). First i’ve created the multiple router configuration for this assignment.

To set the routers area’s and modes the following configurations are used:

# 1
router ospf
ospf router-id 10.0.0.1
network 10.0.0.0/8 area 0
 
# 2
router ospf
ospf router-id 10.0.0.5
network 10.0.0.0/8 area 0
network 192.168.0.0/8 area 1
 
# 3
router ospf
ospf router-id 10.0.0.3
network 10.0.0.0/8 area 0
network 192.168.1.0/8 area 2

To start the ospf daemon i used the following command:

  • zebra -d to start the virtual router
  • ospfd -d -f -configfile- to start the OSPF daemon
  • Analyze the hello packets, database description packets and link state requests, updates and acknowledgements which occur when you start the OSPF processes.
  • Below you can find a snapshot from the logfile which comes from TCPDump. It is clearly to see that first the routers send each other HELLO packets using the multicast address 224.0.0.5 to see who their neighbours are. After the HELLO packets a database description takes place. The Database description packet describes the contents of the topological database and is exchanged when adjacency is being initialized.
12:54:05.850203 IP (tos 0xc0, ttl   1, id 29198, offset 0, flags [none], length: 68) 10.0.0.2 &gt; <strong>224.0.0.5</strong>:
OSPFv2, <strong>Hello (1)</strong>, length: 48
	Router-ID: 10.0.0.2, Backbone Area, Authentication Type: none (0)
	Options: [External]
	  Hello Timer: 10s, Dead Timer 40s, Mask: 255.0.0.0, Priority: 1
	  Neighbor List:
	    10.0.0.1
12:54:13.850136 IP (tos 0xc0, ttl   1, id 48594, offset 0, flags [none], length: 68) 10.0.0.1 &gt; 224.0.0.5: OSPFv2, Hello (1), length: 48
	Router-ID: 10.0.0.1, Backbone Area, Authentication Type: none (0)
	Options: [External]
	  Hello Timer: 10s, Dead Timer 40s, Mask: 255.0.0.0, Priority: 1
	  Neighbor List:
	    10.0.0.2
12:54:14.870360 IP (tos 0xc0, ttl   1, id 29199, offset 0, flags [none], length: 68) 10.0.0.2 &gt; 224.0.0.5: OSPFv2, Hello (1), length: 48
	Router-ID: 10.0.0.2, Backbone Area, Authentication Type: none (0)
	Options: [External]
	  Hello Timer: 10s, Dead Timer 40s, Mask: 255.0.0.0, Priority: 1
	  Neighbor List:
	    10.0.0.1
12:54:24.111230 arp who-has 10.0.0.2 tell 10.0.0.1
12:54:24.111043 arp reply 10.0.0.2 is-at fe:fd:0a:00:00:02
12:54:24.111667 IP (tos 0xc0, ttl   1, id 60398, offset 0, flags [none], length: 52) 10.0.0.1 &gt; 10.0.0.2: OSPFv2, <strong>Database Description</strong> (2),
length: 32
	Router-ID: 10.0.0.1, Backbone Area, Authentication Type: none (0)
	Options: [External], DD Flags: [Init, More, Master]
  • Below you see a fragment of the logfile which shows a change of state in the network by removing a connection between two routers. What happens is that the routers exchange LS-Update packets for regular dispersal of link state acknowledgements. The LS-Ack packets must be explicity acknowledged to ensure that linkstate flooding throughout an area is a reliable process. There are also Link state request packets which requests pieces of neighbours topological database. Requests are exchanged after a router has discovered that parts of its topological database are out of date.
    01:08:10.161083 IP (tos 0xc0, ttl   1, id 29232, offset 0, flags [none], length: 84) 10.0.0.2 &gt; 224.0.0.5: OSPFv2, <strong>LS-Update (4)</strong>, length: 64
    	Router-ID: 10.0.0.2, Backbone Area, Authentication Type: none (0), 1 LSA
    	  LSA #1
    	  Advertising Router: 10.0.0.2, seq 0x80000004, age 1s, length: 16
    	    Router LSA (1), LSA-ID: 10.0.0.2
    	    Options: [External]
    	    Router LSA Options: [none] [|ospf]
    01:08:10.162928 IP (tos 0xc0, ttl   1, id 37013, offset 0, flags [none], length: 80) 10.0.0.3 &gt; 224.0.0.5: OSPFv2, LS-Update (4), length: 60
    	Router-ID: 10.0.0.3, Backbone Area, Authentication Type: none (0), 1 LSA
    	  LSA #1
    	  Advertising Router: 10.0.0.3, seq 0x80000003, age 1s, length: 12
    	    Network LSA (2), LSA-ID: 10.0.0.3
    	    Options: [External]
    	    Mask 255.0.0.0
    	    Connected Routers:
    	      10.0.0.2
    	      10.0.0.3
    	    0x0000: ff00 0000 0a00 0002 0a00 0003
    01:08:10.162954 IP (tos 0xc0, ttl   1, id 37014, offset 0, flags [none], length: 84) 10.0.0.3 &gt; 224.0.0.5: OSPFv2, LS-Update (4), length: 64
    	Router-ID: 10.0.0.3, Backbone Area, Authentication Type: none (0), 1 LSA
    	  LSA #1
    	  Advertising Router: 10.0.0.3, seq 0x80000005, age 1s, length: 16
    	    Router LSA (1), LSA-ID: 10.0.0.3
    	    Options: [External]
    	    Router LSA Options: [ABR] [|ospf]
    01:08:10.260543 IP (tos 0xc0, ttl   1, id 37015, offset 0, flags [none], length: 64) 10.0.0.3 &gt; 224.0.0.5: OSPFv2, <strong>LS-Ack (5)</strong>, length: 44
    	Router-ID: 10.0.0.3, Backbone Area, Authentication Type: none (0)
    	  Advertising Router: 10.0.0.2, seq 0x80000004, age 1s, length: 16
    	    Router LSA (1), LSA-ID: 10.0.0.2
    	    Options: [External]
    01:08:10.620187 IP (tos 0xc0, ttl   1, id 29233, offset 0, flags [none], length: 84) 10.0.0.2 &gt; 224.0.0.5: OSPFv2, LS-Ack (5), length: 64
    	Router-ID: 10.0.0.2, Backbone Area, Authentication Type: none (0)
    	  Advertising Router: 10.0.0.3, seq 0x80000003, age 1s, length: 12
    	    Network LSA (2), LSA-ID: 10.0.0.3
    	    Options: [External]
    • How does the election process for a (backup) designated router work?
      • The election process starts with all routes in the down state. After the router has checked the state of it’s interfaces it starts using the OSPF Hello protocol to discover it’s neighbours. Now, the adjecencies database is created in a two-way state. The router with the highest priority wins the election. The default priority is 1, though the administrator is able to enforce the election by altering the priority of a router manually. When two routers have the same priority, the one with the highest ID wins.The router ID is a 32 bit number which is used to identify a router, it typically is the highest IP-address configured on the router’s physical interfaces.

    Spanning Tree Protocol, Friday, March 4, 2005

    In this assignment we had a look at the Spanning tree protocol. First i searched for a way to permanently store the TCPDump data. I used my homedirectory for that using the following command:

    • mount none /home -t hostfs -o /home/wborremans

    Details on using mount like this can be found here.

    To start the practise, we had to use a triangled and a parallel configuration.

    The tcpdump file of the parallel configuration can be found here. To be able to let SPT run on the created network I used the following command:

    • brctl stp brX on for each brigde

    Practise questions:

    • What happens if the topology changes? Look at what happens if you shut down the root bridge?
      • When the topology on a SPT enabled network changes, the convergence process starts which takes about 50 seconds based on the default SPT timers (sending TOP_CHANGE packets). A new topology (loop free) will be created. When the root bridge is shut down, a new root brigde will be elected. The bridge with the highest priority will become the root. The priority value is an non negative integer within a specific boundary. The lower the value, the higher the priority. The default priority on all devices is is part of the bridge ID. The bridge ID is eight bytes long and contains a two byte priority. If two switches/bridges have same priority value, then MAC address is used as an extra value.See the folowing part of the TCPDump logfile where you can clearly see the TOP_CHANGE packets:
        	15:23:04.069693 802.1d config TOP_CHANGE 8000.fe:fd:0a:00:01:02.8001 root 8000.fe:fd:0a:00:01:02 pathcost 0 age 0 max 20 hello 2 fdelay 15
        	15:23:04.069926 802.1d config TOP_CHANGE 8000.fe:fd:0a:00:01:02.8001 root 8000.fe:fd:0a:00:01:02 pathcost 0 age 0 max 20 hello 2 fdelay 15
        	15:23:04.070031 802.1d config TOP_CHANGE 8000.fe:fd:0a:00:01:02.8001 root 8000.fe:fd:0a:00:01:02 pathcost 0 age 0 max 20 hello 2 fdelay 15
        	15:23:05.069702 802.1d config TOP_CHANGE 8000.fe:fd:0a:00:01:02.8001 root 8000.fe:fd:0a:00:01:02 pathcost 0 age 0 max 20 hello 2 fdelay 15

        After a while some topology acknowledge packets come by:

        	15:23:15.059239 802.1d config TOP_CHANGE TOP_CHANGE_ACK 8000.fe:fd:0a:00:01:02.8002 root 8000.fe:fd:0a:00:01:02 pathcost 0 age 0 max 20 hello
        2 fdelay 15

        When the topology becomes stable, the pedioric hello packets are sent again:

        	15:23:39.070004 802.1d config TOP_CHANGE 8000.fe:fd:0a:00:01:03.8002 root 8000.fe:fd:0a:00:01:02 pathcost 100 age 0 max 20 hello 2 fdelay 15
        	15:23:41.069898 802.1d config 8000.fe:fd:0a:00:01:02.8001 root 8000.fe:fd:0a:00:01:02 pathcost 0 age 0 max 20 hello 2 fdelay 15
        	15:23:41.069951 802.1d config 8000.fe:fd:0a:00:01:02.8002 root 8000.fe:fd:0a:00:01:02 pathcost 0 age 0 max 20 hello 2 fdelay 15
        	15:23:41.069985 802.1d config 8000.fe:fd:0a:00:01:03.8002 root 8000.fe:fd:0a:00:01:02 pathcost 100 age 0 max 20 hello 2 fdelay 15
        	15:23:43.069830 802.1d config 8000.fe:fd:0a:00:01:02.8001 root 8000.fe:fd:0a:00:01:02 pathcost 0 age 0 max 20 hello 2 fdelay 15
    • Check the format of the BPDU packets. What timing parameters are used?
      # Delay timer which is set to 15 seconds
      # Max age timer which is set to 20 seconds
      # Hello time which is set to 2 second

    IPv4 and IPv6 configurations, Friday, February 25, 2005

    In this practise we had to build several network toplogies using VNE. I created several XML configuration files which consisted of the network devices and links. I tested them using VNE at Pisa.

    I created an personal configuration consiting of a few switches and routers together with Remco Hobo during the practise. You can find it here.

    During the practise I used the follwing command:

    • sysctl -w net.ipv4.ip_forward=1 to configure the routers

    Adding a default gateway for a host can be done using the route command as follows:

    • route add default gw -gateway_ip_address-

    User Mode Linux, Friday, February 18, 2005

    • How does UML work?UML is an instance of the Linux-kernel, running as a user process provinding an virtual environment which gives the user root rights. The operating system kernel communicates with the system’s hardware. The UML kernel is working on top of the system kernel. When the UML kernel crashes, the operating system kernel will (theoretically) continue working.
    • Where can you find more UML documentation?The main site of UML is located at Sourceforge.net. All the project material can be found there.
    • What tools are available inside the UML system?This depends which tools the system administrator has given you. You can find tools such as:
      1. tcpdump
      2. zebra
      3. jailtest
      4. uml_watchdog
      5. uml_switch
      6. uml_moo
      7. uml_mconsole
      8. tunctl
      9. port-helper
      10. uml_net
      11. uml_mkcow
    • What kind of network interfaces are available?# ethertap – if you want access to the host networking and it is running 2.2
      # TUN/TAP – if you want access to the host networking and it is running 2.4. Also, the TUN/TAP transport is able to use a preconfigured device, allowing it to avoid using the setuid uml_net helper, which is a security advantage.
      # Multicast – if you want a purely virtual network and you don’t want to set up anything but the UML
      # a switch daemon – if you want a purely virtual network and you don’t mind running the daemon in order to get somewhat better performance
      # slip – there is no particular reason to run the slip backend unless ethertap and TUN/TAP are just not available for some reason
      # slirp – if you don’t have root access on the host to setup networking, or if you don’t want to allocate an IP to your UML
      # pcap – not much use for actual network connectivity, but great for monitoring traffic on the host
    • How are the network interfaces configured?The interfaces are configured using the regular ifconfig tool or commandline interpreted commands together with a few parameters like for example:
      • # linux eth0=daemon,fe:fd:0:0:0:1,unix, /path/to/socket en eth0=daemon,fe:fd:0:0:0:2,unix, /path/to/socket

      See the structure of the UML network here. There is a very handy tool available of Kyrre Begnum and John Sechrest which makes it very easy to configure your network under UML.

    • How do UML switches work?Switches enable UML to communicate with other viritual hosts in a network using the ‘uml_switch’ socket. An uml_switch is a daemon which provides a mechanism for creating a totally virtual network. A socket is a way to communicate with other programs or processes using standarized Unix file descriptions. The UML switch uses the regular unix socket to initiate communication between for example two virtual hosts.
    • How can I one set up a UML network easily?You can setup an virtual network easly using uml_switch. As mentioned earlier, tools are available to make it more easy. The UML network can also be pre-configured even if UML is not running. When it starts it will read the specific network parameters. You can see an example below under ‘The two hosts can be started using the following command’.
      • A network interface can be started with the following command:
        • # linux eth0=daemon,00:0a:95:de:d0:38,192.168.0.10,unix,~/umlswitch.socket
    • To start a network using a host, you can use the uml_switch:
      • # uml_switch -unix /path/to/socket/ /dev/null
      • The two hosts can be started using the following command:

      • # linux eth0=daemon,fe:fd:0:0:0:1,unix, /path/to/socket en eth0=daemon,fe:fd:0:0:0:2,unix, /path/to/socket

    Practise February 15th, 2005 [Theoretical Study (part II)]

    • How to apply for your own IPv4 address space?You need to contact your local internet provider (which is a RIPE NCC (Network Coordination Centre) member) or search for another member.
    • How to apply for your own IPv6 address space?In order to get an address space you need to become a member of the Ripe NCC (Network Coordination Centre). It is also possible to apply for a address space from a second organisation, for example an internet provider.
    • How to apply for your own domain name?In this case you can contact any organisaion which is a member of SDIN (Stichting Internet Domeinregistratie Nederland).
      In the past it was only possible for companies (businesses with a subscription at the chamber of commerce) to apply for a domain name, now induviduals can also apply for one.
    • Is it possible for the SNB education to get their own IPv4 and IPv6 address space? How to proceed?The SNB education can apply for an IPv4 and IPv6 address space by contact it’s internet provider SURFnet. Since SURFnet is a ripe member, the SNB education can get address space from them. SURFnet will contact RIPE to obtain address space. Due to the chaos providing IPv4 address space to the world, RIPE has a few (new) criteria applying for IPv6 address space:
      1. You must be an Local Internet Registry with the RIPE NCC;
      2. You can not be an end site;
      3. You must plan to provide IPv6 connectivity to organisations to which it will assign /48s, by advertising that connectivity through its single aggregated address allocation;
      4. You must show that you plan to make 200 or more /48 assignments to End Users’ sites within 24 months of receiving the allocated IPv6 address space;
      5. You must submit your request using the RIPE document ‘Initial IPv6 Allocation Request Form in the RIPE NCC Service Region.’
    • References:
      RIPE
      IPv6 FAC Ripe NCC

    Practise February 11th, 2005 [Theoretical Study (part I)]

    IANA
    Internet Assigned Numbers Authority

    Responsibilities:
    IANA is responsible for IP-address allocation and providing protocol parameters for Internet standards for current and future correct use of the internet. Think of standarized portnumnbers and charactersets. IANA also keeps track of several authorative records. The data of these records is determined by the engineering field or other considerations.

    ICANN
    The Internet Corporation for Assigned Names and Numbers is an internationally organized, non-profit corporation that has responsibility for Internet Protocol (IP) address space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD) Top-Level Domain name system management, and root server system management functions. These services were originally performed under U.S. Government contract by the Internet Assigned Numbers Authority (IANA) and other entities. ICANN now performs the IANA function.

    Responsibilities:
    ICANN is responsible for coordinating the management of the technical elements of the DNS to ensure universal resolvability so that all users of the Internet can find all valid addresses. It does this by overseeing the distribution of unique technical identifiers used in the Internet’s operations, and delegation of Top-Level Domain names (such as .com, .info, etc.).

    IEEE
    Institute of Electrical and Electronic Engineers

    Responsibilities:
    International organization that sets standards for electrical and computer engineering.

    Well known standaards defined by IEEE are: Ethernet (IEEE 802.3) and WiFi (IEEE 802.11). RIPE
    R.seaux IP Europ.ens

    Responsibilities:
    RIPEis a collaborative forum open to all parties interested in wide area IP networks. The objective of RIPE is to ensure the administrative and technical co-ordination necessary to enable the operation of the Internet within the RIPE region.

    RIPE NCC:
    The RIPE NCC is one of four Regional Internet Registries (RIRs) providing Internet resource allocations, registration services and co-ordination activities that support the operation of the Internet globally.

    SDIN
    Stichting Internet Domeinregistratie Nederland (Dutch)

    Responsibilities:
    Registration and deligation of .nl top level domain names.

    IETF
    Internet Engineering Task Force

    Responsibilities:
    The IETF defines standard Internet operating protocols such as TCP/IP, URIs, etc. The IETF’s main documents are the RFCs.

    IRTF
    Internet Research Task Force

    Responsibilities:
    One of the task forces of the IAB. The group responsible for research and development of the Internet protocol suite.

    ISOC
    The Internet Society The Internet Society

    Responsibilities:
    The ISOC is the international organization for global cooperation and coordination for the Internet and its internetworking technologies and applications. ISOC membership is open to any interested person.

    IETF vs IRTF vs ISOC
    The IETF is a international oragnization which consits of developers, researches and organizations from the business field, the main difference between the IETF and the IRTF is that the IRTF has a long term research goal, and requires research groups to have a long term membership to it’s organization. The ISOC is a controlling (mother) organization, it provides reliable information on the internet and provides forums for the IETF and IRTF.

    Leave a Reply

    Your email address will not be published. Required fields are marked *