Networking talk/Notes
These are the notes for the networking talk.
Contents |
[edit] The 7-layer burrito
layers
let's say you get ethernet-frame in there vlan-tag in the payload can be another vlan tag payload can be ip-packet with in there another ip-packet (like a tunnel)
[edit] 7 layers of crap
- 80's: OSI : idea of defining 7 layers with the idea that each use/protocol fits in exactly one of those layers
- more like a thought experiment
- today: things don't fit in these layers,really:
the only thing that fits the 7-layer model is the burrito: the tasty mexican snack,
- 7 layer burrito: http://pablotron.org/files/7_layer_burrito.html
[edit] Why classful addressing will get you fired
[edit] What's an ip address?: you're all wrong
1.2.3.4 / mask
- it describes a host? nope: it describes an interface on a host
- the mask describes the size of the network it is directly connected to
if you want to make host listen to some ip-address, no routing over this ip then bind interfaces to a _host, not to specific interface
so alias interfaces are plain wrong for this eg. don't do eth:1 but do use lo:1 use your loopback interface to do this: packets coming in on any interface will be processed by kernel -- mask doesn't matter as we're not routing over these /32 is common
[edit] Class-C, and you're fired
Darpa developed it, ip protocol, IANA chopped it to several classes: assignment on class of organisation. Everyone wanted their own class c, ip's were filling up. Solution: http://en.wikipedia.org/wiki/Subnetwork
CIDR notation (_classless_ interdomain routing) 1.2.3.4/23
- what you'll find on the network-engineers' cheatsheet
bit mask nr of hosts /23 255.255.254.0 512
first address in subnet always refers to subnet last is broadcast address
- /30 4 addresses : 2 hosts + network + broadcast : link between two hosts
- /31 networks in theory it's useless, but cisco used it in specific case : network with two hosts, no broadcast/network
CIDR is put in RFC1519 (1993 - 17 years ago) B. kicks everybody in the n*ts if they talk about
routing
- rauting: US
- roeting: EU (mainly french influence)
use whatever pronunciation
[edit] Routing is not forwarding
[edit] Forwarding
machine with different interfaces: takes input from one, decides where it should go (table lookup or something), forwards it to other interface.
forwarding table
- FIB (forwarding information base)
- switching fabric (in a switch)w
on a linux box
- 'cpu only forwarding' (packet comes in, stored in queue, wakes cpu, cpu puts it to queue of other interface) : slow, doesn't scale (lot's of memtransfer etc) - one packet-one interrupt
- NAPI: new-api: kernel switches of interrupt while processing queue
- juniper IP2: separate eth+ip header (first64byte eth header is 16 bytes ip is 20 bytes, other stuff might add to that, but it all fits easily in 64 bytes) from the payload - it contains all info needed for forwarding - the payload is mapped in memory(so not transferred, copied over in
- switching fabric
- matrix - bunch of interconnects
simpsons and computers http://www.snpp.com/guides/computers.file.html
but how do you know where to forward yr packet to ?
- switch looks at destination MAC (eth header contains src & dst mac)
- router looks at IP-header : destination IP
- destination based forwarding (aka forwarding)
- lookup type in ETH-header : check if it's IP, check DST IP
lookups in patricia-tree (aka radix-tree) http://en.wikipedia.org/wiki/Radix_tree
- if you have to do this for _every packet, you're in quite a lookup-pain
solution: MPLS http://en.wikipedia.org/wiki/Multiprotocol_Label_Switching tagging packets, so MPLS enabled routing infrastructure can forward the packet without repeated IP routing lookup
- the path this packet is following is called LSP: label switched path ==> unidirectional
there are quite some applications built upon bare MPLS (eg vpn setup on top of it )
how to configure your MPLS network? LDP (label distribution protocol)- setup tunnels RSVP (resource reservation protocol)
basic priority queue-ing -- traffic-class / forwarding classes BE - best effort (aka the internet) AF - assured forwarding EF - expedited forwarding - blast it all out An mpls tag contains what priority class should be used (probably, not entirely sure)
- you can map these to vlan-priority-tags
VRF - used for VPN (only), on start & end forwarding node (having multiple independent routing tables on system - priority routing )
[edit] Dynamic routing is not scary
forwarding: taking ip prefixes and deciding which interface to push them out to routing: influences the forwarding routing is not forwarding
how big is the network behind yr interface: the netmask
ip-addr :
- makes your computer listen to request for that address
- makes an entry in routing table
0.0.0.0/0 : yr good ol' trusty default route - real men got numpads
[edit] Static routing
- multiple routes to one host: router will probably roundrobin over both routes/ so when one goes down you get 50% (if you have two routes) packetloss... (and yr voip etc goes down)
- provide a lot of control, but when shit hits fan and routes go down, y're in trouble
[edit] Dynamic routing
- routing protocols: rip, ospf, isis, etc
- routers publish subnets connected to their interfaces
- routers exchange neighbour information
- split horizon: avoid anouncing stuff back to the originating link (http://en.wikipedia.org/wiki/Split_horizon [citation needed])
- when routes go down: 2 different ways:
- router senses connection dropped and announces this to his neighbours
- every router will periodically test all known routes
- 2 types ways of keeping & communicating routing data: http://en.wikipedia.org/wiki/Interior_gateway_protocol#Types_of_Interior_gateway_protocols
- link state: has info about all network topology -- so every node in the network knows _the full_ network topology.
- > Huge amounts of info for large networks. OSPF areas are useful to split this info.
- path vector: contains info ONLY about direct link reachability. (RIP, EIGRP)
BAS: Broad Band Access. Other end of ppoe/a connection used by your DSL line. IGP: internal gateway protocol: the routing protocol in use on the core network EGP: external gateway protocol (BGP)
the next hop fib (ex: MPLS LDP) needs an IGP to determine path cost information.
[edit] What makes the internet tick
[edit] troubleshooting
tips'n tricks
- never ever use fw-rules on yr routers
- you can't ping ${some_node}
- lookup yr next hop in yr routing table and try to ping this
- check the return path! (it's always the fucking return path!)
- check the return path by looking hop-for-hop, to the next hop.
- routes from and to might be not the same due to bad config
[edit] BGP
ibgp : internal bgp: what we're talking bout here ebgp : external bgp : the global routing table
all routers connected via bgp sessions, permanently alive (keepconnections to their neighbours open, constant updates)
convergence time: time you need to get an update to _all nodes in yr network (so basically depends on longest path in network) -- should be a couple of seconds max on good network
iBGP allows for filtering:
- able to define which routes get announced and which not - not possible in OSPF
- why should we never filter in OSPF: every node has the topology, when you filter, parts of the topology will be missing -> will create route-loops etc...
- IBGP does not deal with next-hops so route-loops will not be created there
usually you'll run iBGP together with OSPF (OSPF as IGP to resolve next-hop problem)
[edit] IS-IS
http://en.wikipedia.org/wiki/IS-IS
Alternative for OSPF-IGP in this context: IS-IS (more upcoming, better than OSPF). Embarrasingly comming forth out of the OSI 7-layer construct.
ISIS to resolve next hops IBGP for everything else
[edit] Testing it all out
- There is a possibility to use http://www.gns3.net/ to make virtual router network configurations.
- We are probably going to set up a gettogether to play with GNS3
