Networking talk/Notes

From Whitespace (Hackerspace Gent)
< Networking talk
Revision as of 23:30, 3 October 2010 by 2001:6f8:147f:42:88c1:76ff:fe44:6cce (Talk)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

These are the notes for the networking talk.

The 7-layer burrito[edit]

so in today's networks you'll see an ethernet-frame in there vlan-tag in the payload can be another vlan tag payload can be ip-packet with in there another ip-packet (like a tunnel) -- how to fit that into:

7 layers of crap[edit]

  • 80's: OSI : idea of defining 7 layers with the idea that each use/protocol fits in exactly one of those layers
  • more like a thought experiment
  • today: things don't fit in these layers,really:

the only thing that fits the 7-layer model is the burrito: the tasty mexican snack,

Why classful addressing will get you fired[edit]

What's an ip address?: you're all wrong[edit]

1.2.3.4 / mask

  • it describes a host? nope: it describes an interface on a host
  • the mask describes the size of the network it is directly connected to

if you want to make host listen to some ip-address, no routing over this ip then bind interfaces to a _host, not to specific interface

so alias interfaces are plain wrong for this eg. don't do eth:1 but do use lo:1 use your loopback interface to do this: packets coming in on any interface will be processed by kernel -- mask doesn't matter as we're not routing over these /32 is common

Class-C, and you're fired[edit]

Darpa developed it, ip protocol, IANA chopped it to several classes: assignment on class of organisation. Everyone wanted their own class c, ip's were filling up. Solution: http://en.wikipedia.org/wiki/Subnetwork

CIDR notation (_classless_ interdomain routing) 1.2.3.4/23

  • what you'll find on the network-engineers' cheatsheet

bit mask nr of hosts /23 255.255.254.0 512

first address in subnet always refers to subnet last is broadcast address

  • /30 4 addresses : 2 hosts + network + broadcast : link between two hosts
  • /31 networks in theory it's useless, but cisco used it in specific case : network with two hosts, no broadcast/network


CIDR is put in RFC1519 (1993 - 17 years ago) B. kicks everybody in the n*ts if they talk about

routing

  • rauting: US
  • roeting: EU (mainly french influence)

use whatever pronunciation


Routing is not forwarding[edit]

Forwarding[edit]

machine with different interfaces: takes input from one, decides where it should go (table lookup or something), forwards it to other interface.

forwarding table

  • FIB (forwarding information base)
  • switching fabric (in a switch)w

on a linux box

  • 'cpu only forwarding' (packet comes in, stored in queue, wakes cpu, cpu puts it to queue of other interface) : slow, doesn't scale (lot's of memtransfer etc) - one packet-one interrupt
  • NAPI: new-api: kernel switches of interrupt while processing queue
  • juniper IP2: separate eth+ip header (first64byte eth header is 16 bytes ip is 20 bytes, other stuff might add to that, but it all fits easily in 64 bytes) from the payload - it contains all info needed for forwarding - the payload is mapped in memory(so not transferred, copied over in
  • switching fabric
  • matrix - bunch of interconnects

simpsons and computers http://www.snpp.com/guides/computers.file.html

but how do you know where to forward yr packet to ?

  • switch looks at destination MAC (eth header contains src & dst mac)
  • router looks at IP-header : destination IP
    • destination based forwarding (aka forwarding)
    • lookup type in ETH-header : check if it's IP, check DST IP

lookups in patricia-tree (aka radix-tree) http://en.wikipedia.org/wiki/Radix_tree

    • if you have to do this for _every packet, you're in quite a lookup-pain

solution: MPLS http://en.wikipedia.org/wiki/Multiprotocol_Label_Switching tagging packets, so MPLS enabled routing infrastructure can forward the packet without repeated IP routing lookup

    • the path this packet is following is called LSP: label switched path ==> unidirectional

there are quite some applications built upon bare MPLS (eg vpn setup on top of it )

how to configure your MPLS network? LDP (label distribution protocol)- setup tunnels RSVP (resource reservation protocol)

basic priority queue-ing -- traffic-class / forwarding classes BE - best effort (aka the internet) AF - assured forwarding EF - expedited forwarding - blast it all out An mpls tag contains what priority class should be used (probably, not entirely sure)

    • you can map these to vlan-priority-tags

VRF - used for VPN (only), on start & end forwarding node (having multiple independent routing tables on system - priority routing )


Dynamic routing is not scary[edit]

forwarding: taking ip prefixes and deciding which interface to push them out to routing: influences the forwarding routing is not forwarding

how big is the network behind yr interface: the netmask

ip-addr :

  • makes your computer listen to request for that address
  • makes an entry in routing table

0.0.0.0/0 : yr good ol' trusty default route - real men got numpads

Static routing[edit]

  • multiple routes to one host: router will probably roundrobin over both routes/ so when one goes down you get 50% (if you have two routes) packetloss... (and yr voip etc goes down)
  • provide a lot of control, but when shit hits fan and routes go down, y're in trouble

Dynamic routing[edit]

  • routing protocols: rip, ospf, isis, etc
  • routers publish subnets connected to their interfaces
  • routers exchange neighbour information
  • split horizon: avoid anouncing stuff back to the originating link (http://en.wikipedia.org/wiki/Split_horizon [citation needed])
  • when routes go down: 2 different ways:
    • router senses connection dropped and announces this to his neighbours
    • every router will periodically test all known routes
  • 2 types ways of keeping & communicating routing data: http://en.wikipedia.org/wiki/Interior_gateway_protocol#Types_of_Interior_gateway_protocols
    • link state: has info about all network topology -- so every node in the network knows _the full_ network topology.
> Huge amounts of info for large networks. OSPF areas are useful to split this info.
    • path vector: contains info ONLY about direct link reachability. (RIP, EIGRP)

BAS: Broad Band Access. Other end of ppoe/a connection used by your DSL line. IGP: internal gateway protocol: the routing protocol in use on the core network EGP: external gateway protocol (BGP)

the next hop fib (ex: MPLS LDP) needs an IGP to determine path cost information.

What makes the internet tick[edit]

troubleshooting[edit]

tips'n tricks

  • never ever use fw-rules on yr routers
  • you can't ping ${some_node}
    • lookup yr next hop in yr routing table and try to ping this
    • check the return path! (it's always the fucking return path!)
      • check the return path by looking hop-for-hop, to the next hop.
      • routes from and to might be not the same due to bad config

BGP[edit]

  • ibgp : internal bgp: what we're talking bout here
  • ebgp : external bgp : the global routing table


all routers connected via bgp sessions, permanently alive (keepconnections to their neighbours open, constant updates) convergence time: time you need to get an update to _all nodes in yr network (so basically depends on longest path in network) -- should be a couple of seconds max on good network


iBGP allows for filtering:

  • able to define which routes get announced and which not - not possible in OSPF
  • why should we never filter in OSPF: every node has the topology, when you filter, parts of the topology will be missing -> will create route-loops etc...
    • IBGP does not deal with next-hops so route-loops will not be created there

usually you'll run iBGP together with OSPF (OSPF as IGP to resolve next-hop problem)

IS-IS[edit]

http://en.wikipedia.org/wiki/IS-IS

Alternative for OSPF-IGP in this context: IS-IS (more upcoming, better than OSPF). Embarrasingly comming forth out of the OSI 7-layer construct.

ISIS to resolve next hops IBGP for everything else

Testing it all out[edit]

  • There is a possibility to use http://www.gns3.net/ to make virtual router network configurations.
  • We are probably going to set up a gettogether to play with GNS3