Chapter 4

Network Layer: The Data

Plane
CS118, Spring 2021

4-1
Chapter 4: network layer
chapter goals:
 understand principles behind network
layer services, focusing on data plane:
• network layer service models
• forwarding versus routing
• how a router works
• generalized forwarding
 instantiation, implementation in the
Internet

Network Layer: Data 4-2

Plane
 Layering in Internet protocol
stack
Applications
… built on ...
Application
Reliable (or unreliable) transport
Transport
… built on ...
Network
Best-effort global packet delivery
… built on ... Link

Best-effort local packet delivery Physical

… built on ...
Physical transfer of bits

Source: Scott Shenker (UC Berkeley): slide 7 at The Future of Networking, and the
Past of Protocols
https://www.youtube.com/watch?v=YHeyuD89n1Y&t=111s
Chapter 4: Network Layer:
Data Plane
4.1 Overview of 4.4 Generalized
Network layer Forward and SDN
• data plane • match
• control plane • action
4.2 What’s inside a • OpenFlow
router examples of
4.3 IP: Internet Protocol match-plus-action
• datagram format in action
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6
Network Layer: Data 4-4
Plane
Network layer
 transport segment
application
transport
network

from sending to data link

physical
network
receiving host
network
data link data link
network physical
physical

 on sending side
data link
physical network network
data link data link

encapsulates physical physical

segments into network

data link
network
data link
datagrams physical
network
data link
physical

 on receiving side, physical

application

delivers segments to network

data link
physical
network
transport
network

transport layer
network data link data link
data link physical physical
physical

 network layer
protocols in every
host, router
 router examines Network Layer: Data 4-5
Plane
Two key network-layer
functions
network-layer analogy: taking a trip
functions:  forwarding: process
forwarding: move of getting through
packets from router’s single interchange
input to appropriate
router output  routing: process of
routing: determine planning trip from
route taken by source to
packets from source destination
to destination
• routing algorithms

Network Layer: Data 4-6

Plane
 Network layer: data plane, control
plane
Data plane Control plane
 local, per-router  network-wide logic
function  determines how datagram
 determines how is routed among routers
datagram arriving on along end-end path from
router input port is source host to destination
forwarded to router host
output port  two control-plane
 values
forwarding
in arriving function approaches:
packet header
• traditional routing
0111 1 algorithms:
3
2 implemented in routers
• software-defined
networking (SDN):
implemented in Layer: Data 4-7
Network
Plane
Per-router control plane
Individual routing algorithm components in each and every
router interact in the control plane

Routing
Algorithm
control
plane

data
plane

values in arriving
packet header
0111 1
2
3

Network Layer: Control 5-8

Plane
Network-wide logically centralized control logi
From network-wide perspective, it works as if a distinct
(remote) controller would interact with local router control
agents (CAs)
Remote Controller

control
plane

data
plane

CA
CA CA CA CA
values in arriving
packet header

0111 1
2
3

Network Layer: Control 5-9

Plane
Network service model
Q: What service model for “channel”
transporting datagrams from sender to
receiver?
example services example services
for individual for a flow of
datagrams: datagrams:
 guaranteed delivery  in-order datagram
 guaranteed delivery delivery
with less than 40  guaranteed
msec delay minimum bandwidth
to flow
 restrictions on
changes in inter-
packet spacing
Network Layer: Data 4-
Plane 10
 Network layer service
models:
Guarantees ?
Network Service Congestion
Architecture Model Bandwidth Loss Order Timing feedback

Internet best effort none no no no no (inferred

via loss)
ATM CBR constant yes yes yes no
rate congestion
ATM VBR guaranteed yes yes yes no
rate congestion
ATM ABR guaranteed no yes no yes
minimum
ATM UBR none no yes no no

Network Layer: Data 4-11

Plane
Chapter 4: outline
4.1 Overview of 4.4 Generalized
Network layer Forward and SDN
• data plane • match
• control plane • action
4.2 What’s inside a • OpenFlow
router examples of
4.3 IP: Internet Protocol match-plus-action
• datagram format in action
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6
Network Layer: Data 4-12
Plane
Router architecture overview
 high-level view of generic router
architecture:
routing, management
routing control plane (software)
processor operates in millisecond
time frame
forwarding data plane
(hardware) operttes
in nanosecond
timeframe
high-seed
switching
fabric

router input ports router output ports

Network Layer: Data 4-13

Plane
 Input port functions
lookup,
link forwarding
line layer switch
termination protocol fabric
(receive)
queueing

physical layer:
bit-level reception
data link layer: decentralized switching:
e.g., Ethernet  using header field values, lookup
see chapter 6 output port using forwarding table
in input port memory (“match plus
action”)
 goal: complete input port
processing at ‘line speed’
 queuing: if datagrams arrive faster
than forwarding rate into switch
Network Layer: Data 4-14
Plane
 Input port functions
lookup,
link forwarding
line layer switch
termination protocol fabric
(receive)
queueing

physical layer:
bit-level reception
decentralized switching:
data link layer:  using header field values, lookup
e.g., Ethernet output port using forwarding table
see chapter 5 in input port memory (“match plus
action”)
 destination-based forwarding:
forward based only on destination
IP address (traditional)
 generalized forwarding: forward
based on any set of header field
Network Layer: Data 4-15
Plane
 Destination-based
forwarding
forwarding table
Destination Address Range Link Interface

11001000 00010111 00010000 00000000

through 0
11001000 00010111 00010111 11111111

11001000 00010111 00011000 00000000

through 1
11001000 00010111 00011000 11111111

11001000 00010111 00011001 00000000

through 2
11001000 00010111 00011111 11111111

otherwise 3

: but what happens if ranges don’t divide up so nicely?

Network Layer: Data 4-16
Plane
 Longest prefix matching
longest prefix matching
when looking for forwarding table entry
for given destination address, use longest
address prefix that matches destination
address.
Destination Address Range Link interface
11001000 00010111 00010*** ********* 0
11001000 00010111 00011000 ********* 1
11001000 00010111 00011*** ********* 2
otherwise 3

examples:
DA: 11001000 00010111 00010110 10100001 which interface? 0
DA: 11001000 00010111 00011000 10101010 which interface? 1
rather than 2
Network Layer: Data 4-17
Plane
Longest prefix matching
 we’ll see why longest prefix matching is
used shortly, when we study addressing
 longest prefix matching: often
performed using ternary content
addressable memories (TCAMs)
• content addressable: present address to
TCAM: retrieve address in one clock cycle,
regardless of table size
• Cisco Catalyst: can up ~1M routing table
entries in TCAM

Network Layer: Data 4-18

Plane
Switching fabrics
 transfer packet from input buffer to
appropriate output buffer
 switching rate: rate at which packets
can be transfer from inputs to outputs
• often measured as multiple of input/output line rate
• N inputs: switching rate N times line rate desirable
 three types of switching fabrics

memory

memory bus crossbar

Network Layer: Data 4-19

Plane
Switching via memory
first generation routers:
 traditional computers with switching under
direct control of CPU
 packet copied to system’s memory
 speed limited by memory bandwidth (2 bus
crossings per datagram)

input output
port memory port
(e.g., (e.g.,
Ethernet) Ethernet)

system bus

Network Layer: Data 4-20

Plane
Switching via a bus
 datagram from input port
memory
to output port memory via
a shared bus
 bus contention: switching
speed limited by bus
bus
bandwidth
 32 Gbps bus, Cisco 5600:
sufficient speed for access
and enterprise routers

Network Layer: Data 4-21

Plane
Switching via interconnection
network
 overcome bus bandwidth
limitations
 banyan networks, crossbar,
other interconnection nets
initially developed to connect
processors in multiprocessor
 advanced design:
crossbar
fragmenting datagram into
fixed length cells, switch cells
through the fabric.
 Cisco 12000: switches 60
Gbps through the
interconnection network
Network Layer: Data 4-22
Plane
Output ports

datagram
switch buffer link
fabric layer line
protocol termination
queueing (send)

 buffering required when (packets)

Datagram datagramscan be
arrive from fabriclost faster than thelack of
due to congestion,
transmission rate buffers
 schedulingPriority
discipline chooses
scheduling – who gets best
among queued datagrams
performance, networkfor
neutrality
transmission Network Layer: Data 4-24
Plane
Output port queueing

switch
switch
fabric
fabric

at t, packets more one packet time later

from input to output

 buffering when arrival rate via switch

exceeds output line speed
 queueing (delay) and loss due to output
port buffer overflow!
Network Layer: Data 4-25
Plane
How much buffering?
 RFC 3439 rule of thumb: average
buffering equal to “typical” RTT (say
250 msec) times link capacity C
• e.g., C = 10 Gpbs link: 2.5 Gbit buffer
 recent recommendation: with N flows,
buffering equal to
RTT . C
N

Network Layer: Data 4-26

Plane
Scheduling mechanisms
 scheduling: choose next packet to send on
link
 FIFO (first in first out) scheduling: send in
order of arrival to queue
• real-world example?
• discard policy: if packet arrives to full queue:
who to discard?
• tail drop: drop arriving packet
• priority: drop/remove on priority basis
• random: drop/remove randomly

packet packet
arrivals queue link departures
(waiting area) (server)

Network Layer: Data 4-27

Plane
Chapter 4: outline
4.1 Overview of 4.4 Generalized
Network layer Forward and SDN
• data plane • match
• control plane • action
4.2 What’s inside a • OpenFlow
router examples of
4.3 IP: Internet Protocol match-plus-action
• datagram format in action
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6
Network Layer: Data 4-30
Plane
The Internet network layer
host, router network layer functions:

transport layer: TCP, UDP

routing protocols IP protocol

• path selection • addressing conventions
• RIP, OSPF, BGP • datagram format
network • packet handling conventions
layer forwarding
table
ICMP
protocol
• error reporting
• router
link layer “signaling”

physical layer

Network Layer: Data 4-31

Plane
 IP datagram format
IP protocol version 32 bits
number total datagram
header length type of length (bytes)
ver head. length
(bytes) len service for
“type” of data fragment fragmentation/
16-bit identifier flgs
offset reassembly
max number time to upper header
remaining hops live layer checksum
(decremented at
32 bit source IP address
each router)
32 bit destination IP address
upper layer protocol
to deliver payload to options (if any) e.g. timestamp,
record route
how much overhead? data taken, specify
 20 bytes of TCP (variable length, list of routers
 20 bytes of IP typically a TCP to visit.
 = 40 bytes + app or UDP segment)
layer overhead

Network Layer: Data 4-32

Plane
 IP fragmentation,
reassembly
 network links have
MTU (max.transfer
size) - largest fragmentation:

…
possible link-level in: one large datagram
frame out: 3 smaller datagrams
• different link
types, different
MTUs reassembly
 large IP datagram
divided
(“fragmented”) …
within net
• one datagram
becomes several
datagrams
• “reassembled” Network Layer: Data 4-33
Plane
 IP fragmentation,
reassembly
length ID fragflag offset
example: =4000 =x =0 =0
 4000 byte
datagram one large datagram becomes
several smaller datagrams
 MTU = 1500
bytes
1480 bytes in length ID fragflag offset
data field =1500 =x =1 =0

offset = length ID fragflag offset

1480/8 =1500 =x =1 =185

length ID fragflag offset

=1040 =x =0 =370

Network Layer: Data 4-34

Plane
Chapter 4: outline
4.1 Overview of 4.4 Generalized
Network layer Forward and SDN
• data plane • match
• control plane • action
4.2 What’s inside a • OpenFlow
router examples of
4.3 IP: Internet Protocol match-plus-action
• datagram format in action
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6
Network Layer: Data 4-35
Plane
IP addressing: introduction
223.1.1.1
 IP address: 32-bit
223.1.2.1
identifier for host,
router interface 223.1.1.2
223.1.1.4 223.1.2.9
 interface:
connection between 223.1.3.27
host/router and 223.1.1.3
223.1.2.2
physical link
• router’s typically
have multiple
interfaces 223.1.3.1 223.1.3.2

• host typically has one

or two interfaces
(e.g., wired Ethernet,
223.1.1.1 = 11011111 00000001 00000001 00000001
wireless 802.11)
 IP addresses 223 1 1 1
associated with
each interface Network Layer: Data 4-36
Plane
 IP addressing: introduction
223.1.1.1
Q: how are 223.1.2.1
interfaces actually
connected? 223.1.1.2
223.1.1.4 223.1.2.9

A: we’ll learn about

that in chapter 5, 223.1.1.3
223.1.3.27

6. 223.1.2.2

A: wired Ethernet interfaces

connected by Ethernet switches
223.1.3.1 223.1.3.2

For now: don’t need to worry

about how one interface is
connected to another (with no
A: wireless WiFi interfaces
intervening router)
connected by WiFi base station

Network Layer: Data 4-37

Plane
Subnets
 IP address: 223.1.1.1
• subnet part - high
order bits 223.1.1.2 223.1.2.1
223.1.1.4 223.1.2.9
• host part - low
order bits 223.1.2.2
 what’s a subnet ? 223.1.1.3 223.1.3.27

• device interfaces subnet

with same subnet
part of IP address 223.1.3.1 223.1.3.2

• can physically
reach each other
without intervening network consisting of 3 subnets
router

Network Layer: Data 4-38

Plane
Subnets
223.1.1.0/24
223.1.2.0/24
recipe 223.1.1.1

 to determine the 223.1.1.2 223.1.2.1

subnets, detach 223.1.1.4 223.1.2.9

each interface 223.1.2.2

from its host or 223.1.1.3 223.1.3.27

router, creating subnet

islands of isolated
networks 223.1.3.1 223.1.3.2

 each isolated
network is called
223.1.3.0/24
a subnet
subnet mask: /24
Network Layer: Data 4-39
Plane
In-class question 223.1.1.2

223.1.1.1 223.1.1.4
Q: how many
subnets ? 223.1.1.3

223.1.9.2 223.1.7.0

223.1.9.1 223.1.7.1
223.1.8.1 223.1.8.0

223.1.2.6 223.1.3.27

223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2

4-40
Subnets 223.1.1.2

how many? 223.1.1.1 223.1.1.4

223.1.1.3

223.1.9.2 223.1.7.0

223.1.9.1 223.1.7.1
223.1.8.1 223.1.8.0

223.1.2.6 223.1.3.27

223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2

Network Layer: Data 4-41

Plane
IP addressing: CIDR
CIDR: Classless InterDomain Routing
• subnet portion of address of arbitrary
length
• address format: a.b.c.d/x, where x is #
bits in subnet portion of address
subnet host
part part
11001000 00010111 00010000 00000000
200.23.16.0/23

Network Layer: Data 4-42

Plane
IP addresses: how to get
one?
Q: How does a host get IP address?

 hard-coded by system admin in a file

• Windows: control-panel->network-
>configuration->tcp/ip->properties
• UNIX: /etc/rc.config
 DHCP: Dynamic Host Configuration
Protocol: dynamically get address from as
server
• “plug-and-play”

Network Layer: Data 4-43

Plane
DHCP: Dynamic Host Configuration
Protocol
goal: allow host to dynamically obtain its IP address
from network server when it joins network
• can renew its lease on address in use
• allows reuse of addresses (only hold address while
connected/“on”)
• support for mobile users who want to join network
(more shortly)
DHCP overview:
• host broadcasts “DHCP discover” msg [optional]
• DHCP server responds with “DHCP offer” msg
[optional]
• host requests IP address: “DHCP request” msg
• DHCP server sends address: “DHCP ack” msg
Network Layer: Data 4-44
Plane
DHCP client-server
scenario
DHCP
223.1.1.0/24
server
223.1.1.1 223.1.2.1

223.1.1.2 arriving DHCP

223.1.1.4 223.1.2.9
client needs
address in this
223.1.3.27
223.1.2.2 network
223.1.1.3

223.1.2.0/24

223.1.3.1 223.1.3.2

223.1.3.0/24

Network Layer: Data 4-45

Plane
DHCP client-server
scenario
DHCP server: 223.1.2.5 DHCP discover arriving
client
src : 0.0.0.0, 68
Broadcast: is there a
dest.: 255.255.255.255,67
DHCP server
yiaddr: 0.0.0.0out
transaction
there?ID: 654

DHCP offer
src: 223.1.2.5, 67
Broadcast: I’m a DHCP
dest: 255.255.255.255, 68
server! Here’s an IP
yiaddrr: 223.1.2.4
transaction
address youID:can
654 use
lifetime: 3600 secs
DHCP request
src: 0.0.0.0, 68
dest:: 255.255.255.255, 67
Broadcast: OK. I’ll
yiaddrr: 223.1.2.4
take that IPID:address!
transaction 655
lifetime: 3600 secs

DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255,
Broadcast: 68
OK. You’ve
yiaddrr: 223.1.2.4
gottransaction
that IPID:address!
655
lifetime: 3600 secs

Network Layer: Data 4-46

Plane
DHCP: more than IP
addresses
DHCP can return more than just allocated
IP address on subnet:
• address of first-hop router for client
• name and IP address of DNS sever
• network mask (indicating network versus
host portion of address)

Network Layer: Data 4-47

Plane
DHCP: example
DHCP DHCP  connecting laptop
DHCP UDP needs its IP address,
DHCP IP
DHCP Eth
addr of first-hop
Phy router, addr of DNS
server: use DHCP
 DHCP request
DHCP

encapsulated in UDP,
DHCP DHCP 168.1.1.1 encapsulated in IP,
DHCP UDP encapsulated in 802.1
DHCP IP  Ethernet frame
DHCP Eth router with DHCP
Phy server built into broadcast (dest:
router FFFFFFFFFFFF) on LAN,
received at router
running DHCP
 Ethernet server
demuxed to IP
demuxed, UDP
demuxed to DHCP

Network Layer: Data 4-48

Plane
DHCP: example
DHCP DHCP
 DCP server
DHCP UDP formulates DHCP
DHCP IP ACK containing
DHCP Eth client’s IP address, IP
Phy
address of first-hop
router for client,
name & IP address
 encapsulation of of
DHCP DHCP DNS server
DHCP server, frame
DHCP UDP forwarded to client,
DHCP IP demuxing up to
Eth router with DHCP
DHCP
DHCP at client
 client
DHCP
Phy server built into now knows its
router IP address, name
and IP address of
DSN server, IP
address of its first-
hop router

Network Layer: Data 4-49

Plane
IP addresses: how to get
one?
Q: how does network get subnet part of IP
addr?
A: gets allocated portion of its provider
ISP’s address space

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23

Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23
Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23
... ….. …. ….
Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

Network Layer: Data 4-51

Plane
Example: UCLA IP Address
Blocks
 128.97.0.0/16
 131.179.0.0/16
 149.142.0.0/16
 164.67.0.0/16
 169.232.0.0/16
 172.16.0.0/12
 192.35.210.0/24
 192.35.225.0/24
 192.154.2.0/24
 2607:F010::/32
(Source: kb.ucla.edu/articles/list-of-uc-related-ip-
addresses)
Network Layer: Data 4-52
Plane
 Hierarchical addressing: route
aggregation
erarchical addressing allows efficient advertisement of routin
formation:

Organization 0
200.23.16.0/23
Organization 1
“Send me anything
200.23.18.0/23 with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
beginning
199.31.0.0/16”

Network Layer: Data 4-53

Plane
 Hierarchical addressing: more specific
routes
ISPs-R-Us has a more specific route to Organization 1

Organization 0
200.23.16.0/23

“Send me anything
with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
Organization 1 beginning 199.31.0.0/16
or 200.23.18.0/23”
200.23.18.0/23

Network Layer: Data 4-54

Plane
IP addressing: the last word...

Q: how does an ISP get block of

addresses?
A: ICANN: Internet Corporation for
Assigned
Names and Numbers
http://www.icann.org/
• allocates addresses
• manages DNS
• assigns domain names, resolves
disputes

Network Layer: Data 4-55

Plane
NAT: network address
translation
rest of local network
Internet (e.g., home network)
10.0.0/24 10.0.0.1

10.0.0.4
10.0.0.2
138.76.29.7

10.0.0.3

all datagrams leaving datagrams with source or

local destination in this network
network have same have 10.0.0/24 address for
single source NAT IP source, destination (as usual)
address:
138.76.29.7,different Network Layer: Data 4-56
Plane
NAT: network address
translation
motivation: local network uses just one IP
address as far as outside world is
concerned:
 range of addresses not needed from ISP:
just one IP address for all devices
 can change addresses of devices in local
network without notifying outside world
 can change ISP without changing
addresses of devices in local network
 devices inside local net not explicitly
addressable, visible by outside world (a
security plus)
 Private IP addresses used locally
Network Layer: Data 4-57
Plane
Dedicated Space for
Carrier-Grade NAT
(RFC6598)
 100.64.0.0/10, used for carrier-grade
NAT only
• About 4 million addresses
• Used for internal operations of carrier
networks
• Should NOT be used in private networks or
public Internet

Network Layer 4-58

Private IP Address Spaces
IPv4 (RFC1918):
 24-bit block: 10.0.0.0 ~ 10.255.255.255
(10.0.0.0/8)
• 16,777,216 addresses
 20-bit block:
172.16.0.0~172.31.255.255
(172.16.0.0/12)
• 1,048,576 addresses
 16-bit block:
192.168.0.0~192.168.255.255
(192.168.0.0/16)
• 65,536 addresses

IPv6 (RFC4193): fc00::/7 Network Layer 4-59

NAT: network address
translation
implementation: NAT router must:

 outgoing datagrams: replace (source IP address,

port #) of every outgoing datagram to (NAT IP
address, new port #)
. . . remote clients/servers will respond using
(NAT IP address, new port #) as destination addr
 remember (in NAT translation table) every
(source IP address, port #) to (NAT IP address,
new port #) translation pair
 incoming datagrams: replace (NAT IP address,
new port #) in dest fields of every incoming
datagram with corresponding (source IP address,
port #) stored in NAT table Network Layer: Data 4-60
Plane
 NAT: network address
translation
NAT translation table 1: host 10.0.0.1
2: NAT router WAN side addr LAN side addr
changes datagram sends datagram to
source addr from 138.76.29.7, 5001 10.0.0.1, 3345 128.119.40.186, 80
10.0.0.1, 3345 to …… ……
138.76.29.7, 5001,
updates table S: 10.0.0.1, 3345
D: 128.119.40.186, 80
10.0.0.1
1
S: 138.76.29.7, 5001
2 D: 128.119.40.186, 80 10.0.0.4
10.0.0.2
138.76.29.7 S: 128.119.40.186, 80
D: 10.0.0.1, 3345
4
S: 128.119.40.186, 80
D: 138.76.29.7, 5001 3 10.0.0.3
4: NAT router
3: reply arrives changes datagram
dest. address: dest addr from
138.76.29.7, 5001 138.76.29.7, 5001 to 10.0.0.1, 3345

* Check out the online interactive exercises for more

examples: http://gaia.cs.umass.edu/kurose_ross/interactive/ Network Layer: Data 4-61
Plane
NAT: network address
translation
 16-bit port-number field:
• 60,000 simultaneous connections with
a single LAN-side address!
 NAT is controversial:
• routers should only process up to
layer 3
• address shortage should be solved by
IPv6
• violates end-to-end argument
• NAT possibility must be taken into
account by app designers, e.g., P2P
applications
• NAT traversal: what if client wants
Networkto
Layer: Data 4-62
Plane
NAT traversal problem
 client wants to connect to
server with address 10.0.0.1 10.0.0.1
• server address 10.0.0.1 local to client
LAN (client can’t use it as ?
destination addr) 10.0.0.4
• only one externally visible
NATed address: 138.76.29.7 138.76.29.7 NAT
router
 solution1: statically configure
NAT to forward incoming
connection requests at given
port to server
• e.g., (123.76.29.7, port 2500)
always forwarded to 10.0.0.1
port 25000
4-63
NAT traversal problem
 solution 2: Universal Plug and
Play (UPnP) Internet Gateway 10.0.0.1
Device (IGD) Protocol.
Allows NATed host to: IGD
 learn public IP address
(138.76.29.7)
 add/remove port NAT
router
mappings (with lease
times)

i.e., automate static NAT

port map configuration

4-64
 NAT traversal problem
 solution 3: relaying (used in Skype)
• NATed client establishes connection to relay
• external client connects to relay
• relay bridges packets between to connections

2. connection
to 1. connection 10.0.0.1
relay initiated to
by client relay initiated
3. relaying by NATed host
client established
138.76.29.7 NAT
router

4-65
Chapter 4: outline
4.1 Overview of 4.4 Generalized
Network layer Forward and SDN
• data plane • match
• control plane • action
4.2 What’s inside a • OpenFlow
router examples of
4.3 IP: Internet Protocol match-plus-action
• datagram format in action
• fragmentation
• IPv4 addressing
• network address
translation
• IPv6
Network Layer: Data 4-66
Plane
 IPv6: motivation
 initial motivation: 32-bit address space
soon to be completely allocated.
 additional motivation:
• header format helps speed
processing/forwarding
• header changes to facilitate QoS

IPv6 datagram format:

• fixed-length 40 byte header
• no fragmentation allowed

Network Layer: Data 4-67

Plane
 IPv6 datagram format
riority: identify priority among datagrams in flow
ow Label: identify datagrams in same “flow.”
(concept of“flow” not well defined).
ext header: identify upper layer protocol for data
ver pri flow label
payload len next hdr hop limit
source address
(128 bits)
destination address
(128 bits)

data

32 bits
Network Layer: Data 4-68
Plane
Other changes from IPv4
 checksum: removed entirely to reduce
processing time at each hop
 options: allowed, but outside of header,
indicated by “Next Header” field
 ICMPv6: new version of ICMP
• additional message types, e.g. “Packet Too
Big”
• multicast group management functions

Network Layer: Data 4-69

Plane
IPv4 & IPv6 Header
Comparison

4-70
Transition from IPv4 to
IPv6
 not all routers can be upgraded
simultaneously
• no “flag days”
• how will network operate with mixed
IPv4 and IPv6 routers?
 tunneling: IPv6 datagram carried as
payload in IPv4 datagram among IPv4
routers
IPv4 header fields IPv6 header fields
IPv4 payload
IPv4 source, dest addr IPv6 source dest addr
UDP/TCP payload

IPv6 datagram
IPv4 datagram
Network Layer: Data 4-71
Plane
Tunneling
A B IPv4 tunnel E F
connecting IPv6 routers
logical view:
IPv6 IPv6 IPv6 IPv6

A B C D E F
physical view:
IPv6 IPv6 IPv4 IPv4 IPv6 IPv6

Network Layer: Data 4-72

Plane
Tunneling
A B IPv4 tunnel E F
connecting IPv6 routers
logical view:
IPv6 IPv6 IPv6 IPv6

A B C D E F
physical view:
IPv6 IPv6 IPv4 IPv4 IPv6 IPv6

flow: X src:B src:B flow: X

src: A dest: E src: A
dest: F
dest: E
dest: F
Flow: X Flow: X
Src: A Src: A
data Dest: F Dest: F data

data data

A-to-B: E-to-F:
IPv6 B-to-C: B-to-C: IPv6
IPv6 inside IPv6 inside
IPv4 IPv4 Network Layer: Data 4-73
Plane
IPv6:
adoption
 Google: 8% of clients access services via
IPv6
 NIST: 1/3 of all US government domains
are IPv6 capable

 Long (long!) time for deployment, use

•20 years and counting!
•think of application-level changes in last 20
years: WWW, Facebook, streaming media,
Skype, …
•Why?

Network Layer: Data 4-74

Plane
Chapter 4: done!
4.1 Overview of 4.4 Generalized
Network layer: data Forward and SDN
plane and control • match plus action
plane • OpenFlow example
4.2 What’s inside a
router
4.3 IP: Internet Protocol
• datagram format Question: how do
• fragmentation forwarding tables
(destination-based
• IPv4 addressing forwarding) or flow tables
• NAT (generalized forwarding)
• IPv6 computed?
Answer: by the control
plane (next chapter)
Network Layer: Data 4-75
Plane