Exam of Advanced Networking Technologies

# Exam of Advanced Networking Technologies [toc] --- ## Basic fundamentals of Ethernet local network technology :::info **CSMA/CD algorithm** - A device listens to the network to determine if it is idle or busy - If the network is idle, the device can start transmitting its data. However, it continues to listen while transmitting - During transmission, the device detects that the signal it is sending collides with another device's signal (collision), it stops transmitting immediately - After a collision is detected, the devices enter random backoff mechanism **Ethernet frames structure and meaning of the data frame fields** - Preamble (7 bytes): Synchronization and alerting receivers about the incoming frame. - Start of Frame Delimiter (SFD) (1 byte): Marks the end of the preamble and the start of the frame. - Destination MAC Address (6 bytes): Identifies the intended recipient's MAC address. - Source MAC Address (6 bytes): Identifies the sender's MAC address. - Ethertype/Length (2 bytes): Indicates either the type of payload (Ethertype) or the length of the payload. - Payload (46-1500 bytes): Carries the actual data being transmitted. - Frame Check Sequence (FCS) (4 bytes): Provides error-checking for the frame. (checksum or CRC) - Inter-Frame Gap (IFG) (12 bytes): Provides a gap between frames for proper signal separation. - for VLAN, there is additional field called "Tag", details are as follows: - Type: tag protocol ID - User Priority: level of service - Canonical Format Identifier: if enabling Token Ring frames to be carried across Ethernet links - VLAN ID: VLAN identification number **MAC address** - is a unique identifier assigned to a network interface card (NIC) or network adapter in a computing device in data link layer - the first half represents the manufacturer, and the second half uniquely identifies the device **Different PHY layers of Ethernet (10BASE2, 10BASE-T, 100BASE-T, etc.), what media are used for different PHY layer** - 10BASE2: Data Rate: 10 Mbps Media: Thin coaxial cable (also known as thinnet or RG-58) Topology: Bus topology - 10BASE-T: Data Rate: 10 Mbps Media: Twisted pair cables (Category 3 or better) Topology: Star topology (using hubs or switches) - 100BASE-T: Data Rate: 100 Mbps Media: Twisted pair cables (Category 5 or better) Topology: Star topology (using hubs or switches) ::: --- ## Extending coverage of Ethernet data network :::info **The algorithm for self-learning of MAC addresses** - Switch is powered on and initialized, its MAC address table is empty - As frames enter the switch from connected devices, the switch examines the source MAC address of each frame - If MAC address table already contains an entry for the source MAC address, the switch updates the time stamp - If MAC address table doesn't have an entry, the switch creates a new entry - The switch forwards the frame to the destination MAC address in the frame header - Switch performs aging process by checking timestamp - Entries that have not been recently updated or used are removed from the table to keep it up-to-date **The structure of MAC table** | MAC Address | Switch Port | VLAN | Timestamp | |---------------------|-------------|------|------------------| | 00:1A:2B:3C:4D:5E | Port 1 | 1 | 2024-01-07 14:30 | | 08:76:54:32:10:AB | Port 3 | 2 | 2024-01-07 15:45 | | 23:45:67:89\:AB:CD | Port 2 | 1 | 2024-01-07 14:55 | **Process of deleting and inserting the records in MAC address table of bridge/switch** - Inserting records - If MAC address table already contains an entry for the source MAC address, the switch updates the time stamp - If MAC address table doesn't have an entry, the switch creates a new entry - Deleting records - aging process because devices are powered off, disconnected, or moved to different ports - or explicit removal (newtork operator manually removes entries from MAC address table) **How the switch and bridge differs from each other** - Both switches and bridges operate by using MAC addresses to forward and filter frames within a network, basically the same - bridge has smaller number of ports compared to switch - bridge has slower pace than switch in terms of processing and forwarding by using less efficient method - bridge is typically used in simpler topologies with fewer devices - bridge is more cost-effective for smaller networks **Explain three methods of data frame switching (Cut-through, Store-and-forward and Fragment-free)** - Store-and-forward method: makes a forwarding decision on a frame after it has received the entire frame and checked the frame for errors using cyclic redundancy check (CRC) - do error checking, drop it if it is not correct - while mismatch in speeds between the ingress and egress ports, the switch stores the entire frame in a buffer - Cut-through method: begins the forwarding process after the destination MAC address of an incoming frame and the egress port has been determined - enable rapid frame forwarding - no error checking - Fragment-Free method (Modified Cut-Through): - read first 64 bytes (collisions usually occur in first 64 bytes) - lower latency and provide limited form of error checking ::: --- ## Ethernet network resiliency :::info **Why in the classical Ethernet network the formation of physical loop must be avoided?** - risks if loop happens - Broadcast Storms: in a physical loop, a broadcast frame can circulate endlessly through the loop, greatly increase network traffic (and it will get bigger and bigger) - Frame Forwarding Loops: continuous loop of frame forwarding, consuming network bandwidth - MAC Address Table Instability: Frames may continuously traverse the loop, causing MAC address tables to become unstable and leading to incorrect forwarding decisions (same frames enter switch in different ports) - Collision Domains: in a looped network, collisions may occur in multiple places simultaneously, making collision detection less effective - Duplicate packet to destination - defensive mechanism - Spanning Tree Protocol (STP) is designed to detect and block redundant paths and ensure there is only one active path between two network devices - Modern Ethernet networks often use full-duplex switched configurations, where the risk of loops is minimized ::: ### Spanning Tree Protocol (STP) - basically block the specific port to avoid duplicate path - [reference video](https://youtu.be/japdEY1UKe4?si=iVSxceUW8BWa9cp2) :::success **Principle of forming logical spanning trees in looped physical network** ![image](https://hackmd.io/_uploads/SyPEIcuua.png) 1. Elect a root bridge. 2. Each switch in the network calculates its root path cost to the root bridge based on factors such as link speed (outing direction). 3. Each switch selects a root port, which is the port providing the shortest path to the root bridge. Additionally, each network segment (LAN or link between two switches) designates one of its ports as the designated port, responsible for forwarding traffic toward the root bridge. 4. Redundant paths that could potentially create loops are identified, and some ports are placed in a Blocking state. Blocking ports do not forward data frames but listen to BPDUs (Bridge Protocol Data Units) to get info. about the network 5. STP defines various port states, including Disabled, Listening, Blocking, Learning and Forwarding 6. BPDUs are exchanged between switches to convey information about the network topology, including the identity of the root bridge, the root path cost, and the state of each switch port 7. If topology changes, STP recalculates the spanning tree to adapt to the new topology and maintain a loop-free structure **Role of the Root bridge and its dynamic selection, Bridge Identification (BID), how admin can select its own root bridge?** - Role of the Root Bridge - reference point: is the starting point for calculating the shortest path to reach any switch or network segment in the network - root path cost: represents the cumulative cost of the path from that switch to the Root Bridge. The goal is to find the path with the lowest cost - Dynamic Selection of the Root Bridge - Each switch in the network is identified by a unique Bridge ID (BID), which includes a priority value(can be manually configured by network administrator) and the switch's MAC address - Switches exchange Bridge Protocol Data Units (BPDUs) including BID - Switches compare the received BIDs, and the switch with the lowest BID becomes the Root Bridge. If multiple switches have the same priority, the one with the lowest MAC address is chosen as the Root Bridge. **Port role in SPT (root port, designated port, blocked port) and how the role is selected** - Roles - Root ports: the best port to reach the root bridge - Designated ports: port with the best route to the root bridge on a link - Non-designated ports: all other ports that are in a blocking state **Finite State Machine of SPT protocol (states: Disabled, Listening, Blocking, Learning and Forwarding)** - States ![image](https://hackmd.io/_uploads/BkNYfiOdp.png) - Disabled: port that is shutdown ![image](https://hackmd.io/_uploads/SJb3xid_a.png) - Blocking: port that is blocking traffic ![image](https://hackmd.io/_uploads/rkLAMj__a.png) - Listening: not forwarding traffic and not learning MAC addresses ![image](https://hackmd.io/_uploads/S14Txouda.png) - Learning: not forwarding traffic and but learning MAC addresses ![image](https://hackmd.io/_uploads/By6ZWjd_T.png) - Forwarding: sending and receiving traffic like normal ![image](https://hackmd.io/_uploads/ByL2zidda.png) - FSM of SPT protocol ![image](https://hackmd.io/_uploads/SkjwXjuOa.png) **Information contained in BPDU and how SPT exchange this data units between neighbor bridges/switches in the network** - Information Contained in BPDUs - Bridge ID - Root Bridge ID - Root Path Cost - Sender's Bridge ID: Identifies the switch that generated the BPDU. This information is used by receiving switches to update their topology information. - Sender's Port ID: Identifies the port on the sender switch through which the BPDU is transmitted. - Message Age: Represents the time since the original BPDU was generated by the Root Bridge. It helps switches determine the freshness of received BPDUs. - Max Age - Hello Time: Specifies the time interval at which BPDUs are sent. It helps switches detect link failures quickly. - Forward Delay: Represents the time a switch spends in the Listening and Learning states before moving to the Forwarding state. It ensures a smooth transition to a new Root Bridge if topology changes occur. - Exchange of BPDUs - Initially, all switches believe themselves to be the Root Bridge and start sending BPDUs with their own Bridge ID - Each switch sends BPDUs periodically to its neighboring switches **The role of the path cost in SPT** key metric for determining the best paths and optimizing the overall network topology **Basic configuration of STP on Cisco switches** ```bash= # Enable STP Switch(config)# spanning-tree mode {pvst | rapid-pvst} # Set the Bridge Priority Switch(config)# spanning-tree vlan <vlan-id> priority <priority> # Configure BPDU Guard Switch(config)# interface range <interface-range> Switch(config-if-range)# spanning-tree bpduguard enable # Configure Root Guard Switch(config)# interface range <interface-range> Switch(config-if-range)# spanning-tree guard root # Verify STP Config. Switch# show spanning-tree Switch# show spanning-tree vlan <vlan-id> ``` ::: --- ## Fundamentals of IP routing ### IPv4 addressing :::info **Class-based addressing (IP classes A, B, C, D, E)** - class A: large organizations and networks ![image](https://hackmd.io/_uploads/H1fsMVtOa.png) - class B: medium-sized organizations ![image](https://hackmd.io/_uploads/ByehGNtO6.png) - class C: small networks ![image](https://hackmd.io/_uploads/S1MTGVKOp.png) - class D: used for multicasting, allowing multiple hosts to receive the same data simultaneously ![image](https://hackmd.io/_uploads/ByZCGNFuT.png) - class E: reserved for experimental purposes and are not commonly used in regular networks ![image](https://hackmd.io/_uploads/BJWyQVKda.png) **Implicit and Explicit network mask & Notation of IPv4 address and mask (in case of mask two forms)** - implicit mask: the network mask was implied by the IP address class, and users didn't necessarily need to explicitly specify the subnet mask -> dotted-decimal notation ![image](https://hackmd.io/_uploads/SJVoQNYOp.png) - explicit mask: with Classless Inter-Domain Routing (CIDR), this allows for more precise subnetting -> CIDR notation ![image](https://hackmd.io/_uploads/rkV7V4tuT.png) **Using VLSM and CIDR address assignment principle, the reasons for this address assignment in late 90** > Variable Length Subnet Mask (VLSM) - Class-based IP addressing system results in many wasted addresses - Class-based routing required routers to maintain information about specific address classes, and CIDR can reduce the size of routing tables, it can aggregate multiple contiguous address blocks into a single route entry -> reduce the size of routing table - Flexibility in Subnetting ::: ### IPv4 routing basics :::success **How does the routing work (alternative paths and their selection)** - Routers may have multiple paths to reach a particular destination. These alternative paths could be due to redundant links, load balancing, or dynamic changes in the network topology. - And it selects the best path based on the criterias - Lowest Metric: Select the path with the lowest metric value. - Shortest Path: Choose the path with the fewest hops or the lowest cumulative cost. - Load Balancing: Distribute traffic across multiple paths to optimize network utilization. - Administrative Distance: In case of multiple routing protocols provide paths to the same destination, select the path which has lower administrative distance **Routing metrics** - hop count ![image](https://hackmd.io/_uploads/S1lOvStu6.png) - bandwidth ![image](https://hackmd.io/_uploads/HkCdPHKua.png) - delay ![image](https://hackmd.io/_uploads/S1w5DrY_T.png) - load ![image](https://hackmd.io/_uploads/SJKjDrYda.png) - reliability ![image](https://hackmd.io/_uploads/ByohDSt_6.png) - cost ![image](https://hackmd.io/_uploads/BkvkOSYOp.png) - administrative distance ![image](https://hackmd.io/_uploads/r1QWurYd6.png) - cost in BGP (border gateway protocol): BGP uses a combination of policies, AS-path length, and other attributes to select routes between Autonomous Systems (ASes) **What information is kept in routing table and how it is organized there** - These tables are built based on the information received from neighboring routers - The routing table is typically organized based on the longest prefix match principle - entries are sorted by prefix length in descending order - Information in routing table - destination network - next hop or next hop recursive lookup - interface - metric or cost - route type and protocol - administrative distance - subnet mask or prefix length - flags > direct route, static route, or dynamically learned route - status > up or down - timestamp or aging information ::: ### IPv4 routing protocols :::warning **Types of routing protocols (Interior and Exterior)** - difference of IGP(Interior Gateway Protocol) and EGP(Exterior Gateway Protocol) - IGP: operates within a single autonomous system, focuses on routing within the boundaries of an organization, e.g. RIP, OSPF, EIGRP - EGP: operates between different autonomous systems, Primarily used for routing between organizations or service providers, e.g. BGP **How does RIP protocol work and its basic configuration on Cisco routers** - It is a distance-vector routing protocol, using the Bellman-Ford algorithm based on hop count - It will do regular periodic updates - basic config. ```bash= Router(config)# router rip Router(config-router)# version 2 # Use RIP version 2 (recommended for support of CIDR and VLSM) Router(config-router)# network <network-address> # Specify the network(s) to participate in RIP Router(config-router)# no auto-summary # Disable automatic summarization Router(config-router)# exit ``` - verification commands ```bash= Router# show ip protocols # Displays information about the RIP configuration. Router# show ip route rip # Shows the RIP routing table. Router# show ip rip database # Displays the RIP routing database. Router# debug ip rip # Enables RIP debugging information. ``` **How does OSPF protocol work and its basic configuration on Cisco routers** - routers exchange Link-State Advertisements (LSAs) to describe their local routing information. LSAs are used to build a complete Link-State Database (LSDB) on each router - OSPF routers use Dijkstra's SPF (Shortest Path First) algorithm to calculate the shortest path tree, determining the best path to each destination - calculation of cost is based on cumulative bandwidth from source to destination - basic config. for OSPF ```bash= Router(config)# router ospf <process-id> Router(config-router)# network <network-address> <wildcard-mask> area <area-id> # Specifies the networks to participate in OSPF and their associated areas ``` - verification commands ```bash= Router# show ip ospf neighbor # Displays OSPF neighbor information. Router# show ip ospf interface # Shows OSPF interface information. Router# show ip ospf database # Displays the OSPF LSDB. Router# show ip route ospf # Shows the OSPF routing table. Router# debug ip ospf events # Enables OSPF event debugging. ``` ::: ### BGP as Exterior routing protocol :::danger **Different types of Internet Service Provider (ISP) networks (Tier 1, 2 and 3)** - Tier 1: top-level ISPs in the internet hierarchy ![image](https://hackmd.io/_uploads/BJRokuY_6.png) - Tier 2: regional or national ISPs ![image](https://hackmd.io/_uploads/Sko2yOYd6.png) - Tier 3: typically local ISPs that provide internet services within a specific community or city ![image](https://hackmd.io/_uploads/SkLCyOK_a.png) **What is default-free zone and where it is implemented** - it has explicit routes for each destination - maintain full routing tables to efficiently route traffic across diverse paths and optimize connectivity - it is typically implemented in the core of the internet, where Tier 1 and some Tier 2 Internet Service Providers (ISPs) operate - Tier 1 ISPs: major global internet backbone providers - Internet Exchange Points (IXPs): physical locations where multiple ISPs and networks connect to exchange traffic directly - Global Content Delivery Networks (CDNs): Global CDNs that host and distribute content across the internet may operate routers within the Default-Free Zone **AS number and its uniqueness across the Internet** Autonomous System (AS) number is a unique identifier assigned to an Autonomous System on the internet, crucial for the operation of the Border Gateway Protocol (BGP) **BGPv4 protocol** - BGP Finite State Machine - Idle state - The initial state of a BGP speaker - The BGP speaker can transition to the Connect state when it becomes a BGP peer - Connect state - Attempting to establish a TCP connection with its peer - Upon successful TCP connection establishment, the BGP speaker transitions to the OpenSent state. - If the connection fails, it goes back to the Idle state - OpenSent state - BGP speaker has initiated a TCP connection and sent a BGP OPEN message to its peer - If the BGP OPEN message is accepted, the BGP speaker transitions to the OpenConfirm state - If the peer sends a NOTIFICATION message or if the Hold Timer expires, the speaker goes back to the Idle state - OpenConfirm state - BGP speaker has received an OPEN message from its peer and has sent a KEEPALIVE message - If the BGP speaker receives a KEEPALIVE message from the peer, it transitions to the Established state - If the BGP speaker receives a NOTIFICATION message or if the Hold Timer expires, it goes back to the Idle state - Established state - The BGP session is established, and the speakers exchange BGP UPDATE messages to exchange routing information - The BGP speaker can transition to other states based on various events. If the session is terminated (by either side), it goes back to the Idle state - iBGP and eBGP sessions and their differences - iBGP sessions are established between BGP routers within the same Autonomous System (AS), with fully mesh of iBGP peers - eBGP sessions are established between BGP routers in different Autonomous Systems (AS), with just partial mesh of eBGP peers - loop prevention in iBGP sessions – BGP route reflector usage - to solve - potential loops - iBGP full mesh has scalability challenges as the number of routers increases - Route Reflector(RR): when a router in the iBGP network sends a route update to the Route Reflector, the Route Reflector reflects that route to reflective clients - Each reflected route will be assigned router ID to let them not propagate the route further to avoid the creation of a loop - BGP synchronization in case the ISP network is a transit type one - exchange of routing information between Autonomous Systems (ASes) - BGP routers should not advertise a route to an external destination learned via iBGP (internal BGP) unless that route is also present in the Interior Gateway Protocol (IGP) routing table - BGP decision making algorithm & BGP attributes - BGP best path selection criteria ![image](https://hackmd.io/_uploads/ry1wSoKdT.png) - algorithm ![image](https://hackmd.io/_uploads/H1_ArjKua.png) - Principles of influencing inbound and outbound IP traffic flow using BGP attributes (AS_path prepending, etc.) - influencing inbound traffic - AS Path Prepending: to make certain path less attractive to inbound traffic by additional AS numbers to the AS path of outbound advertisements - Local Preference: set a higher Local Preference for the preferred route - MED: set a lower MED for the preferred exit point - Community Attribute: tag routes with a specific community tag value and apply policies based on community values - influencing outbound traffic - AS Path Prepending: to make certain path less attractive to inbound traffic by additional AS numbers to the AS path of outbound advertisements - Local Preference: set a higher Local Preference for the preferred route - Weight: set a higher Weight for the preferred route - Community Attribute: tag routes with a specific community tag value and apply policies based on community values - Loop prevention in Internet exterior routing using BGP attribute of AS path - Use AS Path prepending to make the AS Path longer for certain routes to discourage inbound traffic from taking a specific path ::: --- ## IP Multicast routing :::info **Why IP multicast may make difference** - enhanced efficiency: reduces network traffic, server and CPU loads - optimized performance: eliminates traffic redundancy - distributed apllication: execute multipoint application - but it is UDP based **How does it work** Routers use multicast routing protocols like PIM to efficiently forward data to only those networks interested in the group. **IP multicast routing table records, meaning of (S,G) and (\*,G) records** - multicast routing table maintains entries for multicast groups and sources. Two common types of entries are (S,G) and (\*,G) - (S,G) Entry: (192.168.1.1, 239.1.1.1) indicates traffic from source IP 192.168.1.1 to multicast group 239.1.1.1 - (\*,G) Entry: (\*, 239.1.1.1) indicates traffic from any source to multicast group 239.1.1.1 **Four basic components of IP multicast** - IP multicast addressing - multicast addresses are in the range of 224.0.0.0 to 239.255.255.255 - Reserved Addresses: - 224.0.0.0 to 224.0.0.255: Reserved for local network control purposes, such as routing protocols (e.g., OSPF, RIP). - 224.0.1.0 to 224.0.1.255: Reserved for network management protocols. - Permanent Multicast Groups: - 224.0.0.1: All systems on the same network segment. - 224.0.0.2: All routers on the same network segment. - 224.0.0.5: OSPF routers. - 224.0.0.6: OSPF designated routers. - Administratively Scoped Addresses: - 239.0.0.0 to 239.255.255.255: Reserved for administratively scoped addresses, limited to a specific domain or organization. - Internet Group Management Protocol (IGMP) - version ![image](https://hackmd.io/_uploads/HyIDghKuT.png) - how does it work ![image](https://hackmd.io/_uploads/H1ste3KOa.png) - IP multicast interior routing protocols - Protocol Independent Multicast (PIM) - Distance Vector Multicast Routing Protocol (DVMRP) - Multicast Open Shortest Path First (MOSPF) - IP multicast exterior routing protocols - Border Gateway Protocol (BGP) **Shared and Shortest IP multicast distribution trees (differences, advantages and disadvantages)** - Shared IP Multicast Distribution Trees ![image](https://hackmd.io/_uploads/HJjfL2tOa.png) - Shortest IP Multicast Distribution Trees ![image](https://hackmd.io/_uploads/H1z4I3tO6.png) - Difference ![image](https://hackmd.io/_uploads/Bk9dI3Fda.png) ::: - **Protocol Independent Multicast – PIM** :::success **PIM Dense mode (DM) operational principles** - Reverse-Path Forwarding (RPF) Rule - PIM-DM uses a Reverse-Path Forwarding (RPF) rule to build its multicast distribution tree - RPF check ensures that incoming multi-cast packets arrive on the interface from the direction of the source, preventing loops - Fundamental meaning of PIM-DM protocol - Prune: Indicates a lack of interest in receiving traffic for a specific multicast group - Join: Requests inclusion in the multicast distribution tree to receive traffic for a specific group - Graft: Reconnects pruned branches to the multicast tree - GraftAck: Acknowledges successful grafting - Assert: Resolves conflicts when multiple routers claim to be the forwarder for the same group, used in case of conflicting sources - Why PIM-DM is not effective for the Internet - PIM-DM floods multicast traffic throughout the network, making it inefficient for large-scale networks like the Internet - PIM-DM is not optimized for sparse multicast groups **PIM Sparse mode (SM)** - Basic principle of the protocol, function of Randezvous Point (RP) - It uses shared trees and shortest-path trees to optimize multicast traffic - Rendezvous Point (RP) acts as a meeting point for sources and receivers, facilitating the establishment of shared trees and enabling efficient distribution of multicast traffic ![image](https://hackmd.io/_uploads/rJr4Ug5_6.png) - Which paths are shared in PIM-SM multicast distribution tree - PIM-SM uses a shared tree from the source to the RP, creating a common path for all sources to reach the RP. From the RP, shortest-path trees are established to individual receivers, optimizing traffic delivery. - How does protocol work - Multicast Source to RP Router - Source's router registers with the RP using "Register" messages, conveying its intent to send multicast traffic - "Register-stop" messages are sent to signal the end of registration - Shortest-path trees are established between the closest-to-source router and the RP router for each (S,G) entry - Multicast Receiver to RP Router - Setting shared tree from RP to receiver: receivers signal their interest in a multicast group, and a shared tree is established from the RP to the closest-to-receiver router - Optional Setting of Shortest Path between Receiver and Source - Receivers can optionally set up shortest-path trees directly to the multicast source for specific (S,G) entries, bypassing the shared tree and optimizing the path **Basic configuration of PIM-DM and PIM-SM on Cisco routers** - enable multicast routing ```bash= Router(config)# ip multicast-routing ``` - enable PIM-DM on an interface (only for PIM-DM) ```bash= Router(config-if)# interface <interface_type> <interface_number> Router(config-if)# ip pim dense-mode ``` - define Rendezvous Point (only for PIM-SM) ```bash= Router(config)# ip pim rp-address <RP_IP_Address> ``` - enable PIM-SM on an interface (only for PIM-SM) ```bash= Router(config-if)# interface <interface_type> <interface_number> Router(config-if)# ip pim sparse-mode ``` - verify multicast routing config. ```bash= Router# show ip mroute ``` ::: --- ## TCP protocol :::info **Socket based TCP communication** - What is TCP/UDP socket? - TCP: Transmission Control Protocol, transport layer protocols that use sockets to establish communication, ensure data integrity and order of delivery - UDP: User Datagram Protocol, provides a connectionless communication channel. It is simpler and faster than TCP but does not guarantee reliability or order of delivery - Required sequence of socket based procedure call to implement TCP client socket and TCP server socket - server socket - create a socket - bind socket to address and port - listen for incoming connections - accept connection from client - receive data from client - send data to client - close client connection - close server socket - client socket - create a socket - establish connection to server - send data to server - receive data from server - close socket **TCP flow control mechanism – process of setting TCP window to regulate flow bandwidth between TCP sender and TCP receiver** - it regulates the amount of unacknowledged data that can be in transit between the TCP sender and receiver - Negotiation of Initial Window Size: during three-way handshake, sender and receiver negotiate initial window size which is the maximum amount of data that the sender can transmit without receiving an acknowledgment from the receiver - Sending Data: each TCP segment has a sequence number, and the receiver acknowledges received data by sending back an acknowledgment (ACK) with the next expected sequence number - Acknowledgment and Window Update: as the receiver successfully receives and processes data, it sends back ACKs to the sender. The ACK may also include information about the receiver's available buffer space - Dynamic Window Adjustment: - If acknowledgments are received promptly, the sender may increase the window size to improve throughput - If the network or receiver is congested, the sender may decrease the window size - Congestion Avoidance: If the sender detects congestion in the network (through packet loss or other indicators), it will reduce the window size to alleviate congestion - Retransmission Timeout: If the sender doesn't receive an acknowledgment within a certain time, it will retransmit the unacknowledged data **Simple formula to make first estimate on a maximal TCP throughput if the values of round trip time (RTT) and widows size (W) are known** - formula ![image](https://hackmd.io/_uploads/H15zxI9_T.png) - if converting into "Kbps", we can use the following conversion ![image](https://hackmd.io/_uploads/By4Ll89_a.png) **Finite state machine of TCP connection establishment (handshake using SYN, SYN_ACK, ACK sequence)** - states ![image](https://hackmd.io/_uploads/HkzzXLc_a.png) - transitions - Client initiates connection by sending a SYN packet - Server receives the SYN, allocates resources, and sends a SYN_ACK back to client - Client receives SYN_ACK, sends an ACK, and establishes the connection - Server receives the ACK, and the connection is established **Finite state machine of TCP connection tier-down (FIN, ACK)** - TCP connection teardown involves a four-way handshake to gracefully close the connection - states ![image](https://hackmd.io/_uploads/r1t1BU5d6.png) - transitions ![image](https://hackmd.io/_uploads/SkYxtI9_a.png) - Application at one end initiates Connection Termination by sending a FIN - Receiving side acknowledges the FIN and enters CLOSE_WAIT - The application at the receiving side closes, and the side sends a FIN - Sending side acknowledges the FIN - Initiating side acknowledges the FIN_ACK - After a period of TIME_WAIT, the connection teardown is complete **how TCP assigns sequence number to individual TCP segments** - the selection of an Initial Sequence Number (ISN, random number chosen by the sender) during the connection establishment - for each subsequent segment, the sender increments the sequence number by the number of octets (bytes) in the segment's payload - the receiver acknowledges received segments by sending back an acknowledgment (ACK) with an acknowledgment number equal to the next expected sequence number - when the sequence number exceeds 2^32 - 1, and the count starts from zero again. - if the sender receives duplicate acknowledgments for a particular sequence number, it assumes that a segment is lost and retransmits it **how TCP manages data segment loss during transmission** If the sender doesn't receive an acknowledgment within a certain time, it will retransmit the unacknowledged data based on the sequence number **how TCP estimates value of retransmission timer (RTO) and how its size is continually refreshed** - TCP estimates the value of the Retransmission Timeout (RTO) dynamically to adapt to varying network conditions - TCP initializes the RTO with an initial value, typically conservative to avoid premature retransmissions. The initial value is often set based on the Round-Trip Time(RTT) estimation - the formula of round-trip time ![image](https://hackmd.io/_uploads/S1uPVP5u6.png) - if a segment is retransmitted, TCP typically employs an exponential backoff mechanism -> doubling the RTO with each retransmission attempt based on minimum and maximum RTO ::: :::success **TCP congestion avoidance mechanisms** - slow start phase: sender begins by sending a small number of segments, gradually increasing the number of segments transmitted in each round-trip time - congestion avoidance phase: In Congestion Avoidance, the CWND increases linearly instead of exponentially. The sender adds one segment to the CWND for each round trip, slowing down the rate of increase - fast retransmit: If the sender receives three duplicate acknowledgments for the same sequence number (indicating potential packet loss), it assumes that a segment is lost, instead of waiting for the RTO ::: --- ## MPLS networks :::info **Advantages of using MPLS paradigm in data networks & Identify all services MPLS offers to network operators** - path control and QoS support - MPLS reduces the size of core routing tables by using labels to represent routes, especially in large and complex networks - MPLS enables the creation of Virtual Private Networks (VPNs) by segmenting traffic into different MPLS domains, it provides secure and isolated communication - label switch allows faster forwarding of packets based on pre-assigned labels - support for various protocols, is not limited to IP traffic - MPLS facilitates load balancing by distributing traffic across multiple paths - fault tolerance and fast rerouting, automatic rerouting in case of failures - the use of labels simplifies network management, as routers only need to make decisions based on labels rather than examining complex routing tables **Which RM_OSI layer MPLS belongs to** primarily operates at Layer 2.5 of the OSI model, positioned between Layer 2 (Data Link Layer) and Layer 3 (Network Layer), MPLS uses labels rather than traditional IP routing, it enhances forwarding efficiency **Principle of data frame labeling in MPLS networks** - Why IP packet labeling was historically seen as an attractive feature, is it still seen for the same reason attractive today? - historically, MPLS was attractive because - efficiency: reduce the need for complex IP header lookups - traffic engineering: allow network operators to control and optimize the paths - scalability: more scalable and reduce the size of routing tables - currently, continues to be attractive for similar reasons - efficient forwarding - service differentiation based QoS requirement - optimization of network path - Format of MPLS label, how the MPLS label is inserted between L2 and L3 headers for different L2 technologies (mainly for PPP and Ethernet)? - format of MPLS label: MPLS label is a 20-bit field in the MPLS header, and it is used to identify a Forwarding Equivalence Class(FEC), is inserted between layer 2 and layer 3 - for PPP: MPLS label is inserted after the PPP header and before the Layer 3 IP header > The format is: PPP Header | MPLS Header | IP Header | Payload - for Ethernet: the MPLS label is inserted after the Ethernet header and before the Layer 3 IP header > The format is: Ethernet Header | MPLS Header | IP Header | Payload ::: - **How MPLS label distribution operates between MPLS routers** :::success **label distribution modes** - Downstream-on-demand (DoD): a downstream router requests an MPLS label from its upstream neighbor only when it needs to forward a particular packet, this mode is more dynamic and minimizes unnecessary label distribution - Unsolicited downstream (UD): downstream routers proactively and unsolicitedly notify their upstream neighbors about the labels they can use for forwarding, it allows for quicker establishment of label-switched paths **label retention modes** - Liberal label retention (LLR): a router retains all received labels, even if it may not have an immediate use for them, ensures flexibility in case the router needs to switch paths in the future - Conservative label retention (CLR): retains only the labels that it needs for its current forwarding state, unused or unnecessary labels are not retained, more conservative in terms of label retention **label switch path control modes** - Independent LSP control mode: each LSP (label-switched path) is controlled independently of others, changes or adjustments to one LSP do not affect others, provides more granular control over individual paths - Ordered LSP control mode: the establishment, modification, or teardown of LSPs follows a specific order, changes to one LSP may affect others in a predetermined sequence, provides a more coordinated approach to LSP management **basics of LDP operation and Cisco router configuration** - Enable MPLS Globally ```bash= Router(config)# mpls ip ``` - Enter interface configuration mode for each interface where LDP will be enabled ```bash= Router(config)# interface <interface_type> <interface_number> Router(config-if)# mpls ip ``` - Verify LDP Configuration ```bash= Router# show mpls ldp neighbor Router# show mpls ldp bindings ``` - Configure LDP Parameters(Optional) ```bash= Router(config)# mpls label range <min_label> <max_label> ``` - Verify the MPLS and LDP configurations ```bash= Router# show mpls interfaces Router# show mpls ldp neighbor Router# show mpls ldp bindings ``` **label operations (Push, Pop, Swap, Aggregate, etc.)** - label push: when a labeled packet enters an MPLS domain, the ingress router adds an MPLS label to the packet's header - label pop: when a labeled packet reaches the egress router, the MPLS label is removed (popped) from the packet's header - label swap: intermediate routers along the label-switched path may perform label swapping. They replace the incoming label with a new label before forwarding the packet (dynamically change the label for efficient packet forwarding) - label stack: multiple MPLS labels can be stacked in the label stack of a packet's header. Each label in the stack represents a different segment of the label-switched path for complex paths - label merge(aggregate): multiple labeled paths may converge to a common segment. The labels of these paths can be merged into a single label - penultimate hop popping(PHP): in PHP, the egress router of an MPLS domain pops the label of incoming packets just before forwarding them to the ultimate destination, to reduce the processing load on the ultimate egress router by shifting the label pop operation to the penultimate hop - label implicit NULL: some routers use an implicit NULL label (value of 0) to signal label pop at the egress router, to reduce the size of labeled packets in the MPLS network ::: :::warning **how MPLS fits into standard router model (RIB, FIB, LIB and LFIB)** - MPLS with standard router model - Routing Information Base (RIB) ![image](https://hackmd.io/_uploads/r1-oMTqu6.png) - Forwarding Information Base (FIB) ![image](https://hackmd.io/_uploads/S1hEm69up.png) - Label Information Base (LIB) ![image](https://hackmd.io/_uploads/r1TMEaq_T.png) - Label Forwarding Information Base (LFIB) ![image](https://hackmd.io/_uploads/r1GVNp5uT.png) - integration steps in MPLS ![image](https://hackmd.io/_uploads/HkONSp9da.png) ::: - **L3 MPLS based VPNs** :::danger **L3 MPLS network architecture and different roles of routers (P, PE, CE)** - Provider Edge (PE) Router ![image](https://hackmd.io/_uploads/Sylwha9dT.png) - label distribution - label switching - VPN connectivity - Provider (P) Router ![image](https://hackmd.io/_uploads/BybHnpcOT.png) - label switching - traffic engineering - Customer Edge (CE) Router ![image](https://hackmd.io/_uploads/BJbInpqO6.png) - label reception - IP routing **Routing exchange between CE and PE routers** - MPLS-based Virtual Private Networks (VPNs) involves using protocols like BGP - BGP carries VPN-IPv4 prefixes, which include customer IPv4 addresses along with a VPN-specific identifier **VRF instances on PE routes and their role, assigning interfaces to VRF instances, what and where can be assigned** - Role of VRF Instances: Isolation, VRF instances on PE routers provide isolation between different VPNs. Each VRF represents a separate routing table, allowing multiple VPNs to coexist on the same PE router without interfering with each other. - Assigning Interfaces to VRF Instances: a single physical interface on a PE router can be associated with multiple VRF instances, allowing the router to participate in multiple VPNs simultaneously - routes learned from CE routers within a specific VRF are stored in the corresponding VRF routing table. Routing protocols (e.g., BGP, OSPF) within the VRF handle the exchange of routes among CE routers **The role of MBGP in MPLS L3 VPN architecture** - BGP (Border Gateway Protocol) is used as the primary routing protocol for MPLS Layer 3 VPNs. It carries routing information between Provider Edge (PE) routers, exchanging VPN-IPv4 prefixes - MP-BGP (Multiprotocol BGP) extends traditional BGP to support multiple address families. It enables BGP to carry routing information for various protocols, including VPN-IPv4 prefixes used in MPLS Layer 3 VPNs - support both unicast and multicast **The role of router distinguisher (RD) and route target extended attribute (RT)** - Router Distinguisher (RD) - is a unique identifier attached to VPN-IPv4 prefixes within a specific VPN. It makes the combination of IPv4 addresses and RDs unique across the entire MPLS network. - ensures that routes from different VPNs can be distinguished, even if they have overlapping IPv4 address spaces. - Route Target (RT) - RTs help in ensuring that VPN routes are "appropriately" isolated - PE routers use RT information to determine which routes should be included or excluded from the VPN **How VPN L3 packets are transmitted along a path from CE, PE, P, PE, CE – particularly where, how many labels are pushed/popped along the path in intermediate routers** - procedure 1. CE to PE (Ingress) -> push 2. PE to P (Transit) -> swap based on LFIB 3. P to PE (Transit) -> swap based on LFIB -> original VPN label is restored 4. PE to CE (Egress) -> pop - example: CE1 sends a packet to CE2. At Ingress PE1, a VPN label is pushed. The packet traverses P1, P2, P3 with label swaps at each P router. At Egress PE2, the VPN label is popped, and the original packet is delivered to CE2 **Basic configuration of MPLS L3 VPN on Cisco router** - Enable MPLS Globally ```bash= Router(config)# mpls ip ``` - Configure VRF on PE Routers ```bash= Router(config)# ip vrf <vrf_name> Router(config-vrf)# rd <rd_value>:<vpn_id> Router(config-vrf)# route-target both <rt_value>:<vpn_id> ``` - Configure Interfaces on PE Routers ```bash= Router(config)# interface <interface_type> <interface_number> Router(config-if)# ip vrf forwarding <vrf_name> Router(config-if)# mpls ip ``` - Configure BGP for VPNv4 Address Family ```bash= Router(config)# router bgp <as_number> Router(config-router)# address-family vpnv4 Router(config-router-af)# neighbor <neighbor_ip> activate Router(config-router-af)# neighbor <neighbor_ip> send-community both ``` - Configure CE-PE Routing: Use a routing protocol like OSPF or EIGRP between CE and PE routers within the VRF - Verify MPLS and BGP Configuration ```bash= Router# show mpls interfaces Router# show ip vrf Router# show bgp vpnv4 unicast all ``` :::