Classless and Subnet Extensions (CIDR)

Chapter 9

Review
Chapter 4 describes the original address scheme in IPv4 Each physical network is assigned a unique network address Each host has the network address as a prefix Classful addressing

Minimizing Network Numbers

The growth of the internet was unanticipated We are running out of IP addresses
Especially class B addresses China!

Three solutions

First Solution: Proxy ARP

Also called promiscuous ARP and the ARP hack Two networks share a single IP address The router knows which hosts are on which physical network http://www.calvin.edu/~lave/figure-9.1.pdf Takes advantage of an important feature of the ARP protocol, trust

Proxy ARP (continued)

Some implementations of ARP
Alert managers to possible security violations if two IP addresses map to the same MAC address Prevents spoofing This only works without proxy ARP routers
Otherwise too many warnings are generated

Proxy ARP does not scale beyond two networks

Solution 2: Subnet Addressing

Also called subnet forwarding or subnetting Individual sites have the freedom to modify addresses and routers as long as the modifications remain invisible to other sites
All hosts and routers honor the addressing scheme Other sites on the internet can treat addresses as a network prefix and a host suffix

Subnet Addressing (continued)

Use an addressing hierarchy within your network: http://www.calvin.edu/~lave/figure9.2.pdf
Use part of your host id portion to specify a subnet Example, divide 128.10 into 128.10.1 and 128.10.2 To the outside world 128.10.2.20 is part of the 128.10 space, but routers within 128.10 must choose 128.10.2 as the network destination

Variable-Length Subnets
Select a subnet portion and require that all hosts on that subnet honor it Two notations
153.106.128.3 netmask 255.255.255.192 153.106.128.3/26 (CIDR notation)

They both mean that the high order 26 bits are the network id and the low order 6 bits are the host id

Forwarding in the Presence of Subnets

Page 137 of the text shows an illegal topology http://www.calvin.edu/~lave/figure-9.6.pdf The problem is that H does not know where to send a datagram for a host on Net 3 All subnets of a given IP address must be contiguous, the subnet masks must be uniform, and all machines should participate in subnet forwarding

A Unified Forwarding Algorithm

Covers the standard IP forwarding and subnet forwarding http://www.calvin.edu/~lave/figure-9.7.pdf

Maintenance of Subnet Masks

How are they assigned?
By a network administrator Eg, 153.106.128 is assigned to emulab.calvin.edu No easy rules Contiguity is obviously desirable

How are subnet masks propagated?

Later

Broadcasting to Subnets
How do you broadcast to a network that is subnetted?
All routers must agree to forward to all subnets Forwarding loops are possible
RPF (reverse path forwarding)
A router receives a broadcast Consults its routing table Discards unless it arrived on the interface used to forward to the source (ie, unless it arrived from the shortest path)

Third Solution: Anonymous Point-to-Point Networks

IP views a point-to-point connection between a pair of machines as a network, the connection was assigned a network prefix and each computer a host suffix. This seems absurd in light of the shortage of IP addresses. Anonymous networking.
Pair of routers connected by a leased circuit.

Point-to-Point (continued)
Avoid numbering the leased line and do not assign a host address to the routers at each end. The interface software is configured to ignore the next-hop address. Possible because there is only one possible destination.

Classless Addressing and Supernetting

New Addressing Model Accompanying forwarding and route propagation techniques The entire technology is know as Classless Inter-Domain Routing, CIDR

CIDR (continued)
The classful scheme did not divide network addresses into equal size classes
Fewer than 17,000 class B addresses More than 2 million class C addresses

Demand for class C was less than for class B

Class C networks are small and are not amenable to subnetting

Class B prefixes became near exhaustion

Supernetting
Supernet several class C addresses into one network Estimate the number of networks needed, say 200 Receive a block of 256 contiguous class C numbers

CIDR Example
128.211.168.0/21
The high 21 bits represent the network The low order 11 bits represent the host

The netmask consists of 21 1s and 11 0s, ie, 255.255.248.0

Data Structures and Algorithms for Classless Lookup

Addresses are no longer self-identifying
Hashing no longer works so well

Searching by mask length

LPM, longest prefix match. Given a destination address, D, find the entry in the routing table that has the longest prefix of bits of D. A subscriber always has a longer address mask than the ISP.

Classless Lookup (continued)

Iterate over all possible divisions between prefix and suffix Slow! Binary Trie Structures.
Remove redundant suffixes (remaining prefix identifies the network)

Binary Trie Structures

http://www.calvin.edu/~lave/figure-9.12.pdf http://www.calvin.edu/~lave/figure-9.13.pdf

Longest-Match and Mixtures of Route Types

A trie only needs to store a unique prefix for each route in the table, but the prefix must cover the entire network portion of the route To guarantee that a router does not forward datagrams unless the entire network prefix matches, each exterior node in the trie must contain a 32-bit address, A, and a 32-bit mask, M, that covers the entire network portion of A.

Longest-Match (continued)
The algorithm computes the logical and of M with the destination address and compares with A A trie is a mechanism that quickly identifies potential candidates, not a mechanism that finds an exact match

Longest-Match (continued)
Assumption: each entry in a routing table has a unique binary prefix. In practice routing tables contain a mixture of general and specific routes for the same destination
A different route for a particular subnet A special route for one host

http://www.calvin.edu/~lave/figure-9.14.pdf

Longest-Match (continued)
The trie data structure must follow the longestmatch paradigm when selecting a route One possible implementation allows each interior node to contain an address/mask pair, and modifies the search algorithm to check for a match at each node. A match that occurs later in the search overrides an earlier match.

PATRICIA and Level Compressed Tries

One optimization involves skipping levels in the trie that do not distinguish among routes. In the previous example, each route begins with the same sixteen bits. A binary trie will have only one node at each of the first sixteen levels below the root.

Two Modified Versions of Tries

A PATRICIA trie allows each node to specify a value to test along with a number of bits to skip. A level compressed trie provides additional optimization by eliminating one or more levels in the trie that can be skipped along any path.

CIDR Blocks Reserved For Private Networks

Private or nonroutable addresses The set of IPv4 prefixes contains a CIDR block that spans multiple classes. http://www.calvin.edu/~lave/figure-9.15.pdf The last address block listed, 169.254.0.0/16, is unusual because it is used by systems that autoconfigure IP addresses.