Data Plane & Control Plane
Network layer only provide best-effort service: it will put as much effort as possible to carry out the transportation of packages (whatever that means).
Network layer can be subdivided into two different planes that perform different tasks:
- Data plane: performs the forwarding of the packets,
- Control plane: performs the routing of the packets.
Before discussing the duties of those planes, let’s deepen some network-related topics.
Forwarding & Routing
Network layer’s main tasks are forwarding and routing.
When a packet is traveling from a sender host H1 to a receiver host H2, it will pass through many intermediate routers (R1, R2, …, Rn). It is said that a packet is forwarded to the subsequent router when it moves from router Ri to router Ri+1. Forwarding is performed by data plane.
Network layer has to determinate the best path that packets need to follow through the network of routers. This task is performed by the control plane using different routing algorithms.
Forwarding is the local action of with which the router moves packets from an input interface to an output interface. It is usually hardware-implemented since it occurs in a very short time period (nanoseconds). Routing is the global action that defines the packages route from source host to destination host. It is usually software-implemented since it occurs in longer time period (seconds).
In order to forward a packet, the router extracts one or more fields from the packet’s header. It puts those values inside the so called forwarding table. This table will tell the router the right output interface to which forward the packet. Which values to insert into the forwarding tables are determinate by the previously mentioned routing algorithms.
Control Plane Approaches
Routers have to integrate both the planes of Network layer. As mentioned before, data plane is usually hardware-implemented. On the other hand, control plane has experienced an “evolution” from hardware to software.
In the traditional approach, the control plane is hardware-implemented and the routing algorithm is implemented in all every router of the network. The routing functions communicate to each other to choose the values to insert within the forwarding tables.
Unlike the traditional approach, in the SDN approach (Software-Defined Network) the control plane is software-implemented. It makes use of a network entity called remote controller, which is physically distinct from the router. The controller evaluates and distributes the forwarding tables to all the routers. The network is “software defined” since the controller is software-implemented. Those implementations are very often open source!
The Router
Let’s analyze the above image. Note that the term port is referred to the physical input or output router interfaces. Input ports (on the right) act as input connections to the router. They also perform Data-Link layer functions (the inner blue squares). The switching fabric physically connects input ports to output ports according to router processor’s instructions. In case of bidirectional connections, the output port is coupled with the related input port on the same line card. The output ports can perform Data-Link and Physical layers functions (the inner red squares). The routing process, as you would imagine, performs control plane functions. Those software functions are performed on a specialized hardware since they need to execute in very short time.
Switching Fabric
Memory Commutation
Input and output ports work as standard I/O devices. When a packet gets on the router, the input port trigger an interrupt to notify the processor. The input port copies the packet within the processor memory. Two or packets cannot be forwarded at the same time.
Bus Commutation
When a packet gets inside the router, is marked with an internal commutation tag (added to the header). The packet is received by all the output ports but only one corresponds to the tag. Once forwarded, the tag is deleted from the packet’s header.
Interconnection Commutation
The crossbar switch overcomes the bandwidth limitations of the single shared bus above. The switch below is a commutation matrix made by bus that connects input ports to output ports. It can forward more packets in parallel. If two different packets must get to the same output port, one of them will have to wait.
Internet Protocol
IP has two different versions: IPv4 (RFC 791) and IPv6 (RFC 2460, RFC 4291). IPv6 has been developed to solve some design errors of IPv4, and mainly to deal with the increasing number of devices that connect to the Internet nowadays.
IPv4 Datagram Format
The IPv4 datagram has the following fields.
| Name | Dimension in bit | Description |
|---|---|---|
| Version Number | 4 | Specifies the protocol version. |
| Header Length | 4 | A datagram can have many optional Options within the header. The standard header length is 20 byte. |
| TOS (Type of Service) | 2 | Is useful of a router to distinguish a real time datagram (for VoIP) from other services (like FTP). |
| Datagram Length | 16 | Total length measured in bytes. Usually not over 1500 bytes to avoid to overcome the Ethernet frame’s data field. |
| Identifier Flags Fragmentation Offset | 16 2 14 | They allow fragmentation of huge IP datagrams. IPv6 does not allow fragmentation: so the above layer must act accordingly. |
| TTL (Time To Live) | 8 | Avoids that a datagram does not stick around forever in the network: that could be caused by a cyclic routing. |
| Protocol | 8 | Number that identifies the transport layer protocol. See IANA Protocol Numbers. |
| Header Checksum | 16 | IP performs checksum only on datagram’s header, while TCP and UDP transport protocols perform checksum on the whole packet. |
| Source Address | 32 | IP address of the host that creates the datagram. |
| Destination Address | 32 | IP address of the host to which the datagram is directed. |
| Options | 0 to 40 bytes | Because of Options variable length, the router does not know where exactly the Data field starts. For this reason, Options field was removed from IPv6 header. |
| Data (payload) | Up to 65535 bytes | Usually holds the transport-layer segment to deliver to the destination host. |
I would like to spend two more words about header checksum. Checksum is performed on different protocols of different layers due to the fact that those protocols may not belong to the same stack of protocols. ATM is an alternative to IP, and performs different controls than IP does. On the other hand, IP can deliver datagrams related to transport protocols other than TCP or UDP.
IPv4 routing
Usually an host has only a connection to the network, over which their datagrams (from IP layer) are sent. The edge between host and physical link is called interface.
A router needs at least two different interfaces since it has to forward datagrams from different hosts (both input and output hosts). IP requires all the interfaces to have an own IP address. The IP address is associated with an interface, rather than the router (or host) containing it.
IP addresses length is 32 bits (4 bytes). There are 232 IP addresses in total. They’re written in dotted-decimal notation. Each byte is written in decimal notation. They’re separated by a dot from each other.
A network that connects interfaces from multiple hosts with the interface of a router constitutes a subnetwork (RFC 950). IP adderesses assigned to a subnetwork can be referenced with the subnet mask. For instance, subnet mask /24 indicates that the leftmost 24 bits of the address define the address of the subnet.
The Internet addresses’ assignment strategy is called CIDR: Classless Interdomain Routing (RFC 4632).
Another type of IP address is the so-called broadcast address: 255.255.255.255. When an host emits a datagram to the broadcast, the messages is sent to all the hosts connected to the same subnetwork.
To obtain a block of IP addresses to be used in a subnetwork, the network administrator (also called system admin, usually a person or a team of people that monitor the network) must contact the IPS. There is a global authority that monitors the work of ISPs. ICANN (Internet Corporation for Assigned Names and Numbers) manages the IP address space and allocates address blocks. ICANN also manages root DNS around the globe.
DHCP
The dynamic configuration of host IP addresses is performed using DHCP (Dynamic Host Configuration Protocol). It allows a host to obtain an IP address automatically and get additional information such as subnet mask, default gateway address and local DNS server address. DHCP (RFC 2131) is a client-server protocol. The client is represented by a host that connects to the network and wants to obtain information about the network configuration. DHCP protocol is made up by four steps:
- DHCP discover
- DHCP offer
- DHCP request
- DHCP acknowledgment
DHCP discover
The first duty of a host that connects to a network, is finding the DHCP server in order to ask for an IP address. This operation is performed using a DHCP discover message sent via broadcasting to all nodes in the sub-network.
DHCP offer
A DHCP server receiving an identification message replies to the client with a DHCP offer message, which is sent using broadcasting. Since there could be more than a DHCP server on the same sub-network, the client should receive more than an “offer”.
DHCP request
The client chooses the preferred “offer” from one of the DHCP servers and replies to that server with a DHCP request message, which holds the configuration parameters.
DHCP acknowledgment
The DHCP server replies to the client with a DHCP ACK message that confirms the requested parameters. when the client gets the DHCP ACK message, the interaction is complete and the client can use the IP address provided by DHCP.
NAT
There are thousands of private networks, many of which use an identical IP address space. Private addresses have a meaning only within a given network, so the real question is: how is Internet-related packet routing handled? The main problem is that many different hosts have the same IP address. The solution is provided by NAT (Network Address Translation). NAT-enabled routers handles many hosts from the local network and behaves as a unique host with a unique IP address on the global Internet network. Those routers do not appear as standard routers to the Internet.
A NAT-enabled router:
- gets its IP address from ISP’s DHCP server,
- executes a DHCP server to provide addresses to hosts within the local network addressing space,
- uses a table (NAT translation table) to understand how to properly forward datagrams from the external network.
Let’s give an example by taking the following image as a reference.
The host with the IP address 192.168.1.64 whats to get a web page from a server with IP address 216.58.204.238 (should be google.com, by the way). HTTP protocol usually runs on port 80. The host assigns the source port number in an arbitrary way (e.g. 1011) and sends the datagram into the local network.
| SOURCE | DESTINATION |
|---|---|
192.168.1.64, 1011 | 216.58.204.238, 80 |
When NAT router gets the datagram, creates a new port number (e.g. 5000) and replaces the host address with its own WAN-side address.
| SOURCE | DESTINATION |
|---|---|
95.48.39.22, 5000 | 216.58.204.238, 80 |
NAT also adds a row on the NAT translation table to match the LAN-side IP address and port number with WAN-side IP address and port number. So, in this example, the number 5000 was chosen because it was still available.
Since the port number is represented by a 16-bit field, the NAT router can ideally handle 60000 simultaneous connections with a single WAN-side address.
The datagram reaches its destination and is returned with the requested information. The destination of the datagram is then the WAN-side address of the NAT and the port number selected by the NAT. The source is obliviously the server (which was the destination of the host).
| SOURCE | DESTINATION |
|---|---|
216.58.204.238, 80 | 95.48.39.22, 5000 |
Finally, the NAT checks the translation table to obtain the correct local IP address and port number of the host that had initiated the request. In this way, the content is delivered to the correct host.
| SOURCE | DESTINATION |
|---|---|
216.58.204.238, 80 | 192.168.1.64, 1011 |
NAT has become very widespread due to the increasing number of devices that need to connect to the network, but many developers disagree with its use. Port numbers are designed to address process within an host, not hosts within a network. NAT can cause many issues to servers executing in a local network, since they wait for incoming requests on predetermined port numbers. Moreover, peers of a P2P communication must accept incoming connection when they act as severs. For those kind of problems, NAT traversal (RFC 5389) has been proposed as a solution.
The most strict developers, state that routers should manipulate packets only up to level 3 of ISO/OSI stack (Network layer). NAT violates the so called end-to-end principle: hosts should communicate to each other without IP address nor port number manipulation.
IPv6 Datagram Format
In the early 1990s, 32 bit IPv4 address space was beginning to run out. Given the need for a larger addressing space, IPv6 was developed. It is IPv4’s successor.
The IPv6 datagram has the following fields.
| Name | Dimension in bit | Description |
|---|---|---|
| Version Number | 4 | Specifies the protocol version. |
| Traffic Class | 8 | Assigns different priorities to given datagrams within a flow (or from specific applications). |
| Flow Label | 20 | Identifies a flow of datagrams. |
| Payload Length | 16 | Indicates the number of bytes of the IPv6 datagram following the fixed-length header. |
| Next Header | 8 | Identifies the transport layer protocol to which the payload will be delivered. |
| Hop Limit | 8 | This field is decremented by one by each router that forwards the datagram. When it’s value reaches the zero, the datagram gets trashed. |
| Source Address | 128 | IP address of the host that creates the datagram. |
| Destination Address | 128 | IP address of the host to which the datagram is directed. |
| Data (payload) | Up to 65515 bytes | Usually holds the transport-layer segment to deliver to the destination host. |
The datagram’s header consists of 40 bytes. The datagram’s payload (data field) holds up to 65535 bytes (like IPv4).
The different formats of IPv6 addresses are described within RFC 4291.
With 128-bit addresses, it is theoretically possible to allocate 3.4 × 1038 hosts, or 3.4e+38 in scientific notation. This large number would lead to a number of addresses per square meter of the whole Earth’s surface area greater than the number of Avogadro.
IPv4 to IPv6 migration
IPv6-enabled devices are backward compatible: they can easily handle IPv4 datagrams. On the other hand, IPv4-only devices are not forward compatible. The most widely-used IPv4 to IPv6 transition approach is called tunneling (RFC 4213).
Take a look at the image below. Nodes A and E are IPv6. They are connected by a set of intermediate routers (a tunnel) that can only use IPv4.
Node A, to the ingoing side of the tunnel, puts the whole IPv6 datagram it wants to transmit into the payload of an IPv4 datagram. Nodes B, C and D (inside the tunnel) route the datagram as a normal IPv4 datagram without knowing that it contains an IPv6 datagram inside it. Node E (IPv6 node), on the outgoing side of the tunnel, reads the protocol header’s field: if this value is equal to 41, it means the payload contains an IPv6 datagram. Node E extracts the IPv6 datagram from the IPv4 datagram’s payload. This is how migration is performed.