Network Protocols Routing TDC375 Autumn 2010 11 John Kristoff DePaul University 1 One of two critical systems BGP and DNS are by far the two most fundamentally critical components of the Internet infrastructure TDC375 Autumn 2010 11 John Kristoff DePaul University 2 Do all IP hosts route Yes Most hosts make one of three routing decisions 1 send packet to another via a relay 2 send packet to itself 3 send packet to a directly attached neighbor TDC375 Autumn 2010 11 John Kristoff DePaul University 3 Simplified routing decision tree TDC375 Autumn 2010 11 John Kristoff DePaul University 4 Your end host router Need to know your address network and gateway not so much a routing system process this is your host s bootstrap challenge We don t tend to think of end hosts as routers How do they differ then network interface attachments distributed routing algorithms forwarding packets on another s behalf TDC375 Autumn 2010 11 John Kristoff DePaul University 5 Real routers work more like this TDC375 Autumn 2010 11 John Kristoff DePaul University 6 Best match forwarding Forward packet via the most specific route Most specific to least specific IPv4 example host 32 route 31 30 29 default 0 If no route drop and return ICMP error to source TDC375 Autumn 2010 11 John Kristoff DePaul University 7 Routers as signposts TDC375 Autumn 2010 11 John Kristoff DePaul University 8 How do routers build a signpost Maybe manually configured but that doesn t scale Routers gossip amongst themselves Well defined gossip protocols are used e g RIP EIGRP OSPF IS IS BGP a bootstrap configuration is generally required Reachability information associated with all routes e g distance cost preference policy TDC375 Autumn 2010 11 John Kristoff DePaul University 9 Key IPv4 field for routing TTL More apt name today would be hop count in fact that is just what it is called in IPv6 now This field prevents packets looping forever Other uses are secondary to this traceroute source OS fingerprint and distance detection BGP peering hack aka GTSM RFC 3682 TDC375 Autumn 2010 11 John Kristoff DePaul University 10 Key IP field for routing Destination Address Consists of both a host interface identifier usually unique and a network identifier also usually unique Combined the daddr helps hosts and routers get the packet to the correct network and to the specific host on the correct network TDC375 Autumn 2010 11 John Kristoff DePaul University 11 BGP Overview The routing protocol for connecting domains Besides the network prefix the path is the key component of a BGP route Autonomous system numbers ASNs define path generally an ASN domain NOTE this is not a reference to DNS Even if you don t use it for actual Internet routing it might be handy for other things e g Team Cymru bogon route server IP addr to ASN mapping TDC375 Autumn 2010 11 John Kristoff DePaul University 12 IS IS OSPF Overview Widely used intradomain routing protocols Link state database of entire routed network built by all routers Each router can make an optimal forwarding decision because it has a complete view of all the routers and their attached networks Relatively simple idea but is a bit more complex to implement i e database synchronization issues TDC375 Autumn 2010 11 John Kristoff DePaul University 13 A real Internet BGP route entry route views oregon ix net sh ip bgp 68 22 187 0 24 BGP routing table entry for 68 22 187 0 24 version 543323 Paths 34 available best 7 table Default IP Routing Table Not advertised to any peer 8075 2828 23028 207 46 32 34 from 207 46 32 34 207 46 32 34 Origin IGP localpref 100 valid external 3333 3356 2828 23028 193 0 0 56 from 193 0 0 56 193 0 0 56 Origin IGP localpref 100 valid external 4513 13789 3561 23028 23028 23028 23028 209 10 12 125 from 209 10 12 125 209 10 12 125 Origin IGP metric 4103 localpref 100 valid external TDC375 Autumn 2010 11 John Kristoff DePaul University 14 An example routing table route views oregon ix net show ip route Codes C connected S static R RIP M mobile B BGP D EIGRP EX EIGRP external O OSPF IA OSPF inter area N1 OSPF NSSA external type 1 N2 OSPF NSSA external type 2 E1 OSPF external type 1 E2 OSPF external type 2 E EGP i IS IS su IS IS summary L1 IS IS level 1 L2 IS IS level 2 ia IS IS inter area candidate default U per user static route o ODR P periodic downloaded static route Gateway of last resort is 128 223 51 1 to network 0 0 0 0 B B B B B B B B 216 221 5 0 24 20 489 via 208 51 134 254 18 06 49 210 51 225 0 24 20 0 via 12 0 1 63 18 07 52 210 17 195 0 24 20 0 via 216 218 252 164 18 08 11 209 136 89 0 24 20 0 via 216 218 252 164 18 08 21 209 34 243 0 24 20 0 via 157 130 10 233 17 59 49 205 204 1 0 24 20 0 via 157 130 10 233 18 00 57 204 255 51 0 24 20 0 via 157 130 10 233 17 59 44 204 238 34 0 24 20 0 via 157 130 10 233 18 00 28 TDC375 Autumn 2010 11 John Kristoff DePaul University 15 Want router access Telnet to route views routeviews org Browse to http routerproxy grnoc iu edu Go easy don t ruin it for the rest of us please notwithstanding potential bugs or attacks by default access it intended to be limited sorry no enable but they can still be very helpful for remote analysis and troubleshooting TDC375 Autumn 2010 11 John Kristoff DePaul University 16 You do have enable kind of On Unix Linux Mac OS X netstat arn On Microsoft Windows route print TDC375 Autumn 2010 11 John Kristoff DePaul University 17 There is router security and there is route security Few serious network engineers use HTTP Many Cisco networks still use Telnet this is where you security people go WTF Many networks have SNMPv1 write enabled That s probably a good thing you say then you go OMFG Almost nobody watches out for more specifics Specifics smurifics whoop dee TDC375 Autumn 2010 11 John Kristoff DePaul University 18 Au contraire Router security authentication filtering crypto DONE uhm no Route security this is the old my security depends on your ability to do security problem say you have and announce a 16 someone announces 24 s in that 16 uh oh TDC375 Autumn 2010 11 John Kristoff DePaul University 19 Examine your own router Microsoft Windows ipconfig all route print UNIX varies depending on flavor ifconfig netstat arn or route n cat etc dhcp dhclient conf or something like it cat etc resolv conf Mac OS X like UNIX but also check Sys prefs Network TDC375 Autumn 2010 11 John Kristoff DePaul University 20 Determine your IPv4 IPv6 address es More …