460 likes | 700 Views
Classless and Subnet Address Extensions (CIDR). Chapter 9. Chapter 4 Discussed original Internet addressing scheme This chapter See 4 extensions to conserve network prefixes REVIEW 32-bit addresses are carefully assigned All hosts on given physical network share a common prefix
E N D
Chapter 4 • Discussed original Internet addressing scheme • This chapter • See 4 extensions to conserve network prefixes REVIEW • 32-bit addresses are carefully assigned • All hosts on given physical network share a common prefix • Remainder of the address is the host portion • Chief advantage: keeps routing tables small • Router keeps one entry per network
Original scheme divided by network size • Class A: 8-bit network, 24-bit host • Class B: 16-bit network, 16-bit host • Class C: 24-bit network, 8-bit host • Need to understand: • Individual sites may modify addresses & routes • Modifications must be invisible to the outside • Hosts & routers at the site agree on addressing • Other sites can treat addresses as a normal netid and hostid combination
Minimizing Network Numbers • Weakness in original scheme: growth • Internet size doubling every 9-15 months • Large admin overhead to manage addresses • Large routing tables • High load on Internet to exchange router information • Eventual exhaustion of the address space • Particularly Class B
How to minimize within the scheme? • Look at three ways • Unnumbered point-to-point • Proxy ARP • Subnet addressing • Extend subnet ideas to network prefixes • Classless addressing Footnote: was predicted that IPv4 space would be exhausted by 2000; now appears that with careful allocation and this chapter’s techniques, it will last until around 2019
Proxy ARP (1) • Technique has various names • Proxy ARP; promiscuous ARP; the ARP hack • Used to map a single IP network prefix into two physical addresses • Only applies to networks that use ARP to bind IP addresses to physical addresses
Main Network Router running proxy ARP H1 H2 H3 • R knows which hosts are on which network • Uses ARP to maintain illusion that only one network exists • Intercepts ARP requests from one network to the other • Gives its own physical address • Gets datagram • Uses special routing table to route the datagram R H4 H5 Hidden Network
Routers running proxy ARP lie • Take advantage of trust in ARP protocol • Mappings are usually installed: • Without checking their validity • Without maintaining consistency • So, ARP table can map several IP addresses to the same physical address • Some ARP implementations tell • Complain about possible security violations • Spoofing: one machine claims to be another • Cannot use on networks with proxy ARP routers
Advantage of proxy ARP: • Can be added to a single router without disturbing the other routing tables on the net • Disadvantages: • Only works on networks that use ARP address resolution • Does not generalize to more complex networks • Does not support reasonable form of routing • Managers must maintain tables of machines and addresses manually
Subnet Addressing (2) • Most common of the 3 address extension techniques • Is a required part of IP addressing • General idea: • Site has single IP network address • Actually has two or more physical networks • Only local routers know this • To other routers: single physical network
Network 128.10.1.0 128.10.1.1 128.10.1.2 H1 H2 • Example of Class B network using subnetting • Third octet distinguishes between the two networks • Fourth octet distinguishes between hosts Rest of the Internet R Network 128.10.2.0 all traffic to 128.10.0.0 128.10.2.1 128.10.2.2 H3 H4
IP address now divided into: • Network portion • Remains the same as for networks not subnetting • Local portion • Interpretation left up to the site • Identifies the physical network and host at the site
Result is hierarchical addressing • Top routing hierarchy uses first two octets • Next level (local) uses an additional octet • Lowest level uses the whole address • Advantage of hierarchical addressing: • Accommodates large growth • Disadvantage: • Choosing hierarchical structure is difficult • Hierarchy hard to change once established
Flexibility in subnet addressing • TCP/IP standard allows flexibility • Don’t have to divide local portion into two even parts for physical net and host • Can partition in any desired fashion • Defines number of subnets • Defines hosts per subnet
Possible fixed-length subnets for Class B * Avoids all 0s and all 1s subnet and host addresses
Variable-length subnets • Choosing a partition chooses a subnet scheme • Most sites use fixed-length • But, some sites need more internal flexibility • May select a subnet partition on a per-network basis • Partitions donot vary over time; only between networks • All hosts and routers attached must honor the scheme • Too many disadvantages; we will not consider
Implementing subnets with masks • 32-bit mask is used to specify the division of the IP address • Mask bit set: treat as part of subnet prefix • Mask bit 0: treat as part of host id • Example: 11111111 11111111 11111111 00000000 • First three octets identify the network • Fourth octet identifies a host on the network • Don’t have to use contiguous bits in the mask • Makes understanding routing tricky
Subnet mask representation • Specifying masks in binary is difficult • Awkward • Error prone • Most IP sw uses dotted decimal representation • Works best when subnetting is aligned on octets • Class B: 3rd octet for physical net; 4th for host • Notation: 255.255.255.0 • Another way is a 3-tuple representation • {<network number>, <subnet mask>, <host number>} • Value –1 means “all ones” • Above example: {-1, -1, 0}
Forwarding with subnets • Must modify our standard routing algorithm • All hosts and routers attached to a network using subnet addressing must use subnet forwarding • Not so obvious: • Other hosts & routers at the site may have to as well • Unless restrictions on using subnetting are followed
Net 1 (not a subnet address) R1 H R2 • Illegal topology • H would have to use subnet routing even though Net 1 does not have a subnet address • Theoretically simple subnet rule • For optimal forwarding • Machine M must use subnet forwarding for an IP network address N • Unless there is a single path P such that P is a shortest path between M and every physical network that is a subset of N Net 2 (subnet of address N) Net 3 (subnet of address N)
Still, hard to assign subnets • Shortest path can change (HW fail; re-routing) • Rule does not consider site boundaries • Subnetting should be kept as simple as possible • All subnets of a given network IP address should be contiguous • The masks should be uniform across all networks • All machines should participate in subnet routing
Subnet forwarding algorithm • Algorithm searches a table of routes like before • Normal entries for standard algorithm: (network address, next hop address) • Per-host and default routes are special cases • Must be checked explicitly • Algorithm compares network portion of destination to the network address field • Knows how address is partitioned • With subnets, not possible to know the partitioning from the address alone
Modified algorithm needs additional information • Must have the subnet mask • Table entries are of the form: (address mask, network address, next hop address) • Address mask used in routing • Extracts right bits for comparison with network address entry • Performs bit-wise Boolean and • 32-bit destination IP address • Subnet mask field • Checks to see if result matches entry’s network address field • If so, next hop address is used to route the datagram
By using arbitrary masks, will not need the special case checking of the standard algorithm • Example: route to single host • Mask of all 1’s • Network address equal to host’s IP address • Example: default route • Mask of all 0’s • Network address of all 0’s • Example: route to non-subnetted Class B • Mask of two octets of 1’s and two octets of 0’s • Thus, the “unified” routing algorithm will contain fewer special cases
Algorithm: Forward_IP_Datagram (datagram, routing_table) Extract destination IP address, ID, from datagram; If prefix of ID matches address of any directly connected network send datagram to destination over that network (This involves resolving ID to a physical address, encapsulating the datagram, and sending the frame.) else for each entry in routing table do Let N be the bitwise-and of ID and the subnet mask If N equals the network address field of the entry then forward the datagram to the specified next hop address endforloop If no matches were found, declare a routing error
Maintenance of subnet masks • How do subnet masks get propagated? • Answer that question later • How do subnet masks get assigned? • Harder question • Each site free to choose masks for own networks • Nonuniform masks give more flexibility, but may cause ambiguity • Valid assignments may become invalid as hosts are added • Usually: • Select contiguous bits from the local portion to ID a network • Use the same partition for all local physical networks on site
Broadcasting to subnets • More difficult • Router cannot just send broadcast packet to all interfaces that share the subnet prefix • Will cause a routing loop • Use reverse path forwarding to prevent loops • Router extracts source of broadcast datagram • Looks up source in routing table • Discards datagram unless it arrived on the interface used to route to the source (the shortest path) • Is possible to broadcast to a specific subnet • Consistent subnets masks are critical
Anonymous Point-to-Point (3) • Original IP scheme • Each network was assigned a unique prefix • Point-to-point connections viewed as networks • Different view as addresses became scarce • Anonymous networking • Invented to avoid assigning such prefixes • Does not number leased lines • Does not assign host address to routers at each end • No HW address needed; next hop address ignored
Figure 9.8 • Called unnumbered or anonymous network • Possible since only one destination
Classless Addressing (4)(Supernetting) • Subnetting invented in early 1980s • By 1993, saw address space still in trouble • New IP version in works with bigger addresses • Needed something until new version standardized • Temporary solution was classless addressing • Permits a network prefix to be of arbitrary length • Also invented forwarding & route propagation techniques • Entire technology: Classless Inter-Domain Routing
Was adopted because: • Different number of networks in each class • Class C number were being requested slowly • Class B numbers were running out quickly • Early use of classless: supernetting • Organization wants Class B address • Instead, give block of Class C addresses • Suppose organization wanted 200 networks • With Class B, want to subnet with 3rd octet • Assign 256 contiguous Class C numbers instead
CIDR address blocks and bit masks • Intended use beyond single organization • For hierarchical Internet • ISPs get large part of the address space • They, in turn, allocate to their subscribers • Uses a bit mask to identify the size of the block • For 2048 addresses starting at 128.211.168.0 lowest: 128.211.168.0 100000001101001110101000 00000000 highest: 128.211.175.255 100000001101001110101111 11111111 Mask: 11111111 11111111 11111000 00000000 • To specify the block of addresses, CIDR needs • 32-bit value of lowest address • 32-bit mask • Mask delineates the end of the prefix • Above, need 21 bits set in the mask
CIDR notation • Also called slash notation • Used to specify the address and mask • For the previous example: • 128.211.168.0/21 • /21 denotes 21 bits in a mask
Classless addressing provides complete flexibility in allocating various size blocks • ISP can choose to assign each customer a block of appropriate size • If it owns a block of N bits, can assign a customer any piece of more than N bits • Example: ISP has 128.211.0.0/16 • Can give a customer the 2048 addresses in the /21 range • Or, small customer with 2 computers, use 128.211.176.212/30 Lowest: 128.211.176.212 10000000 11010011 10110000 11010100 Highest: 128.211.176.215 10000000 11010011 10110000 11010111
Recap: • Classless addressing is used by ISPs • Treats IP addresses as arbitrary integers • Allows network admin to assign addresses in contiguous blocks • Number of addresses in each block is a power of two
Data structures and algorithms • Want speed • Primary: speed for finding next hop • Secondary: speed of making changes in table • CIDR address in not self-identifying • Router cannot determine division between prefix and suffix by just looking at the address • For classful addressing, only needed hashing • Router extracts network portion, N, and uses as hash key • Computes hash function h(N) • Result is index • Router cannot find hash key for arbitrary address
Alternatives: • Search by mask length • Iterates over all possible divisions between prefix/suffix • Disadvantage: iteration is slow • Better alternative: binary trie structure • Hierarchical data structure • Successive address bits determine a path from the root down • PATRICIA and level compressed tries • Are optimized to allow skipping of levels that do not distinguish between routes
Interior node Exterior node
Summary • Four techniques to conserve IP addresses • Proxy ARP • Router impersonates computer on another physical net • Subnet addressing • TCP/IP standard • Sites can share a single IP network address among multiple physical networks • Unnumbered point-to-point • Point-to-point links have no prefix
CIDR • Major shift in IP technology • Classless addressing with arbitrary prefix and suffix boundaries • Not self-identifying like classful addresses • Significant changes to algorithms and data structures