4.

7 Interconnection of LANs - Bridges

There are several ways of interconnecting networks. When two or more networks interconnected at the physical layer, the type of device is called a repeater. When two or more networks are interconnected at the MAC or data link layer, the device is called a bridge. When two or more networks are interconnected at the network layer, the device is called a router. Interconnection at higher layers is done less frequently. The device that interconnects networks at higher level is usually called a gateway. Gateways usually perform some protocol conversion and security functions. In this section we will focus on bridges as they are used to interconnect LANs at MAC layer.

Bridges
When range extension is the only problem, repeaters may solve the problem as long as the maximum distance between two stations is not exceeded. Local area networks (LANs) that involve sharing of media, such as Ethernet and Token ring, can only handle up to some maximum level of traffic. As the number of stations in the LAN increases, or as the traffic generated per station increases, amount of activity in the LAN medium increases until it reaches a saturation point. A typical approach is to segment the user group into two or, more LANs and to use bridges to interconnect the LANs to form a bridged LAN or an extended LAN. At times it becomes essential to have multiple LANs. There are several reasons for the use of multiple LANs interconnected: Geography. Clearly, two separate LANs are needed to support devices clustered in two geographically distant locations. Even in the case of two buildings separated by a highway, it may be far easier to use a microwave bridge link than to attempt to string coaxial cable between the two buildings. Performance. When range extension is the only problem, repeaters may solve the problem as long as the maximum distance between two stations is not exceeded. Local area networks (LANs) that involve sharing of media, such as Ethernet and Token ring, can only handle up to some maximum level of traffic. As the number of stations in the LAN increases, or as the traffic generated per station increases, amount of activity in the LAN medium increases until it reaches a saturation point. In general, performance on a LAN or MAN declines with an increase in the

number of devices or with the length of the medium. A typical approach is to segment the user group into two or, more LANs and to use bridges to interconnect the LANs. LANs will often give improved performance if devices can be clustered so that intra-network traffic significantly exceeds inter-network traffic. Reliability. The danger in connecting all data processing devices in an organization to one network is that a fault on the network or even a fault in a single device may disable communication for all devices in the network. The network may be required to be partitioned into self-contained units. Security. LANs originally assume an element of trust between the users in the LAN. As LAN grows, this assumption breaks down, and security concerns become prominent. The fact that most LANs are broadcast in nature implies that eavesdropping can be done easily. This behavior opens the door for the various security threats. Also it is desirable to keep different types of traffic (e.g., accounting, personnel, strategic planning) that have different security needs on physically separate media. At the same time, the different types of users with different levels of security need to communicate through controlled and monitored mechanisms. The establishment of multiple LANs and the filtering mechanism at the bridges will improve security of communications.

Figure 4.16 Bridge interconnecting two LANs

Functions of a Bridge
Figure 4.16 illustrates the operation of a bridge between two LANs, A and B. The bridge performs the following functions: Reads all frames transmitted on A, and accepts those addressed to stations on B. Using the medium access control protocol for B, retransmits the frames onto B. Does the same for B-to-A traffic.

Several design aspects of a bridge are worth highlighting: 1. The bridge makes no modification to the content of the frames it receives. 2. The bridge should contain enough buffer space to meet peak demands. Over a short period of time, frames may arrive faster than they can be retransmitted. 3. The bridge must contain addressing and routing intelligence. At a minimum, the bridge must know which addresses are on each network in order to know which frames to pass. Further, there may be more than two LANs interconnected by a number of bridges. In that case, a frame may have to be routed through several bridges in its journey from source to destination. 4. A bridge may connect more than two LANs. The bridge provides an extension to the LAN that requires no modification to the communications software in the stations attached to the LANs. It appears to all stations on the two (or more) LANs that there is a single LAN on which each station has a unique address. The station uses that unique address and need not explicitly discriminate between stations on the same LAN and stations on other LANs; the bridge takes care of that. The description above has applied to the simplest sort of bridge. More sophisticated bridges can be used in more complex collections of LANs. These constructions would include additional functions, such as, Each bridge can maintain status information on other bridges, together with the cost and number of bridge-to-bridge hops required to reach each network. This information may be updated by periodic exchanges of information among bridges; this allows the bridges to perform a dynamic routing function.

 A control mechanism can manage frame buffers in each bridge to overcome congestion. Under saturation conditions, the bridge can give precedence to en route packets over new packets just entering the internet from an attached LAN, thus preserving the investment in line bandwidth and processing time already made in the en route frame.

Bridge Protocol Architecture

The IEEE 802.1D specification defines the protocol architecture for MAC bridges. In addition, the standard suggests formats for a globally administered set of MAC station addresses across multiple homogeneous LANs. In this subsection, we examine the protocol architecture of these bridges. Within the 802 architecture, the endpoint or station address is designated at the MAC level. Thus, it is at the MAC level that a bridge can function. Figure 4.17 shows the simplest case, which consists of two LANs connected by a single bridge.

Figure 4.17 Operation of a LAN Bridge from 802.3 to 802.4

The LANs employ the same MAC and LLC protocols. The bridge operates as previously described. A MAC frame whose destination is not on the immediate LAN is captured by the bridge, buffered briefly, and then transmitted on the other LAN. As far as the LLC layer is concerned, there is a dialogue between peer LLC entities in the two endpoint stations. The bridge need not contain an LLC layer, as it is merely serving to relay the MAC frames.

2.8 Circuit Switching

A network is frequently represented as a cloud that connects multiple users as shown in Figure 2.28a. A circuit-switched network is a generalization of a physical cable in the sense that it provides connectivity that allows information to flow between inputs and outputs to the network. Unlike a cable, however, a network is geographically distributed and consists of a graph of transmission lines (that is, links) interconnected by switches (nodes).

Figure 2.28 Network consists of links and switches As shown in Figure 2.28b, the function of a circuit switch is to transfer the signal that arrives at a given input to an appropriate output. The interconnection of a sequence of transmission links and circuit switches enables the flow of information between inputs and outputs in the network.

2.8.1 Space-Division Switches

Space-division switches provide a separate physical connection between inputs and outputs so the different signals are separated in space. Figure 2.29 shows the crossbar switch, which is an

example of this type of switch. The crossbar switch consists of an N x N array of crosspoints that can connect any input to any available output. When a request comes in from an incoming line for an outgoing line, the corresponding crosspoint is closed to enable information to flow from the input to the output. The crossbar switch is said to be nonblocking; in other words, connection requests are never denied because of lack of connectivity resources, that is, crosspoints. Connection requests are denied only when the requested outgoing line is already engaged in another connection.

Figure 2.29 Crossbar Switch

The complexity of the crossbar switch as measured by the number of cross-points is N2. This number grows quickly with the number of input and output ports. Thus a 1000-input-by-1000output switch requires 106crosspoints, and a 100,000 by 100,000 switch requires 1010crosspoints. In the next section we show how the number of crosspoints can be reduced by using multistage switches.

Multistage Switches
Figure 2.30 shows a multistage switch that consists of three stages of smaller space-division switches. The N inputs are grouped into N/n groups of n input lines. Each group of n input lines enters a small switch in the first stage that consists of an n x n array of crosspoints. Each input switch has one line connecting it to each of k intermediate stage N/n x N/n switches. Each intermediate switch in turn has one line connecting it to each of the N/n switches in the third stage. The latter switches are k x n. In effect each set of n input lines shares k possible paths

to any one of the switches at the last stage, that is, the first path goes through the first intermediate switch, the second path goes through the second intermediate switch, and so on. The resulting multistage switch is not necessarily nonblocking. For example, if k < n, then as soon as a switch in the first stage has k connections, all other connections will be blocked.

Figure 2.30 Multistage switch

The number of crosspoints required in a three-stage switch is the sum of the following components: N/n input switches x nk crosspoints/input switch. k intermediate switches x (N/n)2 crosspoints/intermediate switch. N/n output switches x nk crosspoints/output switch. 2Nk + k(N/n)2. The number of crosspoints required to make the switch nonblocking is 2N(2n 1) + (2n-1)(N/n)2 The number of crosspoints can be minimized through the choice of group size n. By differentiating the above expression with respect to n, we find that the number of crosspoints is minimized if n ~ = (N/2) 1/2. The minimum number of crosspoints is then 4N((2N)1/2 - 1). We then see that the minimum number of crosspoints grows at a rate proportional to N1.5 which is less than the N 2 growth rate of a crossbar switch.

In this case the total number of crosspoints is

2.8.2 Time-Division Switches In the previous section, we explained how Time Division Multiplexing (TDM) could replace multiple physical lines by a single high-speed line. In TDM a slot within a frame corresponds to a single connection. The time-division switch uses time-slot interchange (TSI) technique to do the switching operation. It basically switches the time slots of the input frame in the output frame.

Figure 2.31 Time slot interchange TSI technique in Time division switch

Consider users A & B who wishes to talk to each other. Suppose User A is assigned slot 3 and user B is assigned slot 5 then the time division switch will take the data information in the slot 3 in the input frame and puts it into the slot 5 in the output frame. In effect information bits in the slot 3 which came from user A is going into the slot allocated to the user B in the output frame. This results in the one way connection from A to B. Similarly the time division switch put the information in the slot 5 in the input frame to the slot 3 in the output frame resulting in connection from B to A. The development of the TSI technique was crucial in completing the digitization of the telephone network. Starting in 1961 digital transmission techniques were introduced in the trunks that interconnected telephone central offices. Initially, at each office the digital streams would be converted back to analog form and switched by using space switches of the type discussed above. The introduction of TSI in digital time-division switches led to significant reductions in cost and to improvements in performance by obviating the need to convert back to analog form. Most modern telephone backbone networks are now entirely digital in terms of transmission and switching.

Circuit Switching
In a circuit-switched network, a dedicated communication path is established between two stations through the nodes of the network. That path is a connected sequence of physical links between nodes. On each link, a logical channel is dedicated to the connection. Data generated by the source station are transmitted along the dedicated path as rapidly as possible. At each node, incoming data are routed or switched to the appropriate outgoing channel without delay. The most common example of circuit switching is the telephone network.

Packet Switching
A quite different approach is used in a packet-switched network. In this case, it is not necessary to dedicate transmission capacity along a path through the network. Rather, data are sent out in a sequence of small chunks, called packets. Each packet is passed through the network from node to node along some path leading from source to destination. At each node, the entire packet is received, stored briefly, and then transmitted to the next node. Packet-switched networks are commonly used for terminal-to-computer and computer-to-computer communications.

Domain Name Servers

Internet works on the numbering system. These numbers are called IP. When we connect to the net we have seen a set of 4 numbers being dialed i.e. for each address on the Internet there is a unique set of these 32 bit numbers. Domain Name Servers are the servers, which maintain a distributed list of all domains against Internet Protocol address.

Earlier to Domain Name Servers there was a system of having a host table maintained by SRI-NIC. It was updated twice a week to include new sites. System would download the copy of this table through FTP. There are two types of servers as below: 1. Resolver 2. DNS

There are a number of servers, which maintain the addresses of sites. When browser needs the address of any site, resolver queries the nearest name server, replies immediately if it knows the answer or it asks another server. Thus every server has two roles to play: 1. As a server for name server. 2. Super server to extend functionality.

All web sites are arranged in 7 branches namely arpa, com, edu, net, gov, mil, org. Following this are 236 country name abbreviations like .in for India. This helps to locate the site easily. The IP addresses of name servers at each of the domain name tags are maintained by 10 root servers.

When a DNS fields a query that it cannot answer 1. It sends a query to root server 2. Root server says it does not know but a machine at say 195.95.251.10 might know 3. DNS sends a query to the above machine 4. Server at 195.95.251.10 knows the answer 5. DNS returns answer to your PC.

Special features of DNS

Cache: Name server caches all IP address for domain names that were requested
recently. So that if requested again it responds immediately.

Load Balancing: Large sites like www.msn.com can have multiple addresses for same
domain name. Name servers currently return all IP addresses leaving PC to choose at random. But some name servers will now evaluate all addresses to find out he one with least load.

2.7 IPv6
Due to recent concerns over the impending depletion of the current pool of Internet addresses and the desire to provide additional functionality for modern devices, an upgrade of the current version of the Internet Protocol (IP), called IPv4, is in the process of standardization. This new version called IP Version 6 (IPv6), resolves unanticipated IPv4 design issues and is poised to take the Internet into the 21st Century. The current version of IP version 4 - is 20 years old. IPv4 has shown remarkable ability to move to new technologies. But the ever-growing demand for IP addresses has made IETF to propose a entirely new version to address some specific problems.

2.7.1 Success of IP and Motivation

The current version of IP has been extremely successful. IP has made it possible for the Internet to handle heterogeneous networks, dramatic changes in hardware technology, and extreme increases in scale. The demonstration of scalability is evident because the current Internet includes millions of users around the world. The current version of IP has also accommodated changes in hardware technology. Although the protocol was defined before local area network technologies became popular, the original design has continued to work well through several generations of hardware technologies. IP is now used over networks that operate several orders of magnitude faster than the networks that were in use when IP was designed. Furthermore, some modern networks offer frame sizes that are much larger than the frame sizes available when IP was defined. More important, IP works efficiently over such networks because it can take advantage of the increased frame size.

Motivation for change

The primary motivation for change arises from the limited address space. When IP was defined, only a few networks existed. The designers decided to use 32 bits for an IP address because doing so allowed the Internet to include over a million networks. However, the global Internet is growing exponentially, with the size doubling in less than a year. At the current growth rate, each of the possible network prefixes will soon be assigned, and no further growth will be possible. Thus, the primary motivation for defining a new version of IP arose form the address space limitation - larger addresses are necessary to accommodate continued growth of the Internet. Secondary motivations for changes in IP have arisen from new Internet applications. For example, applications that deliver audio and video need to deliver data at regular intervals. To keep such information flowing through the internet without disruption, IP must avoid changing routes frequently. Although the current IP datagram header includes a field that can be used to request a type of service, the protocol did not define a type of service that can be used for real time delivery of audio and video.

New applications are being developed that require more complex addressing and routing capabilities. For example, internet has increased in collaboration technologies that provide communication among a group of colleagues analogous to a telephone conference call. To make collaboration effective, an internet needs a mechanism that allows groups to be created or changed, and provides a way to send a copy of a packet to each participant in a given group. Thus, a new version of IP needs to include mechanisms that make such addressing and routing possible.

2.7.2 Name and versions number

When researchers began working on a new version of IP, they needed a temporary name of the work. Borrowing from a popular television show, they said they were working on IP - The Next Generation, and many early reports referred to IP ng. Unfortunately, many competing proposals were made for IP ng, and name became ambiguous. When a specific protocol was defined, the group doing the work needed to distinguish the protocol from all other proposals. They decided to use an official version number in the header of the final standardized protocol. In fact, the version number was a surprise. Because the current IP version number is 4, most researchers expected the next official version of IP to be 5. However, version number 5 had been assigned to an experimental protocol known as ST. Consequently, the new version of IP received 6 as its official version number, and the protocol became known as IPv6.

2.7.3 New features

IPv6 retains many of the design features that have made IPv4 successful. Like IPv4, IPv6 is connectionless - each datagram contains a destination address, and each datagram is routed independently. Like IPv4, the header in a datagram contains a maximum number of hops the datagram can take before being discarded. More important, IPv6 retains most of the general facilities provided by the IPv4 options. Despite retaining the basic concepts from the current version, IPv6 changes all the details. For example, IPv6 uses larger addresses and an entirely new datagram header format. Finally, IPv6 uses a series of fixed-length headers to handle optional information instead of a single header with a variable-length options field. The new features in IPv6 can be grouped into five main categories as mentioned below:

Address size - IPv6 addresses are 128bits Header format - entirely different Extension headers - Additional information stored in optional extension headers, followed by data

Support for audio and video - flow labels and quality of service allow audio and video applications to establish appropriate connections Extensible - new features can be added more easily

2.7.4 IPv6 datagram format

Figure 2.27: IPv6 datagram format As shown in the figure 2.27 above, an IPv6 datagram begins with a base header, which is followed be zero or more extension headers, followed by data. Although it illustrates the general datagram structure, fields in the figure are not drawn to scale. In particular, some extension headers are larger than the base header, while others can be smaller. Furthermore, in many datagrams, the size of the data area is much larger than the size of the headers.

IPv6 base header format

Although it is twice large as an IPv4 header, the IPv6 base header contains less information. As the figure in the next page shows, most of the space in the header is devoted to two fields that identify the sender and the recipient. Each address occupies 16 octets, four times more than an IPv4 address. There are 6 other fields in the base header. The VERS field identifies the protocol as version 6. The PRIORITY field specifies the routing priority class. The PAYLOAD LENGTH field specifies only the size of data being carried; the size of the header is excluded. The HOP LIMIT corresponds to the IPv4 TTL field. IPv6 interprets the HOP LIMIT strictly - the datagram is discarded if the HOP LIMIT counts down t zero before the datagram arrives at its destination.

Figure 2.28: IPv6 base header

Field FLOW LABEL is intended for use with new applications that require performance guarantees. The label can be used to associate a datagram with a particular underlying network path. The label is divided into 2 parts - one used to specify a traffic class, and the other used to define a specific path. The traffic class specifies general characteristics that the datagram needs. For example, to send interactive traffic one might specify a general traffic class for low delay. To send real-time audio across an internet, however, a sender might request the underlying network hardware to establish a path that has delay less than 100 ms. When the path is established, the network system returns an identifier that the sender places in each datagram to be sent along the path. Routers use the FLOW LABEL field to route the datagram along the prearranged path. The NEXT HEADER field is used to specify the type of information that follows the current header. For example, if the datagram includes an extension header, the NEXT HEADER field specifies the type of the extension header. If no extension header exists, the NEXT HEADER field specifies the type of data being carried in the datagram. The figure 2.29 shows this.

Figure 2.29: Use of NEXT header to specify type of information

Parsing IPv6 headers
If the value of the NEXT HEADER field corresponds to another header, IP software parses the header and interprets its contents. Once it finishes with the header, IP uses the NEXT HEADER field to determine whether data or another header follows. Some header types have a fixed size. For example, a base header has fixed size of exactly forty octets. To move to the item following a base header, IPv6 s/w simply adds 40 to the address of the base header.

Figure 2.30: The general form of an IPv6 options header Some extension headers do not have a fixed size. In such cases, the header must contain sufficient information to allow IPv6 to determine where the header ends. For example, figure above illustrates the general form of an IPv6 options header that carries information similar to the options in an IPv4 datagram.

The options extension header illustrates one way IPv6 handles headers that do not have a fixed size. When composing a datagram, the sender stores the length of the options header in field HEADER LEN. When the receiver encounters an options extension header, it uses this field to determine the location of the next item, and the NEXT HEADER field to determine the type.

2.7.5 Fragmentation and Path MTU

Although IPv6 fragmentation resembles IPv4 fragmentation, the details differ. Like IPv4, a prefix of the original datagram is copied into each fragment, and the payload length is modified to be the length of the fragment. Unlike IPv4, however IPv6 does not include fields for fragmentation information in the base header. Instead, IPv6 places them in a separate fragment extension header; the presence of the header identifies the datagram as a fragment.

Figure 2.31: Fragmentation in IPv6 As the figure above illustrates, each fragment is smaller than the original datagram. As with IPv4, the fragment size is chosen to be the MTU of the underlying network over which the fragments must be sent. Thus, the final fragment may be smaller than the others because it represents the amount remaining after MTU-size pieces have been extracted from the original datagram.

Unlike IPv4, in IPv6 a sending host is responsible for fragmentation. That is, hosts are expected to choose a datagram size that will not require fragmentation; routers along the path that receive a large datagram will not fragment the datagram. The host must learn the MTU of each network along the path to the destination, and must choose a datagram size to fit the smallest. The minimum MTU along a path from a source to a destination is known as path MTU, and the process of learning the path MTU is known as path MTU discovery. Path MTU discovery is an iterative procedure. A host sends a sequence of various size datagrams to the destination to see if they arrive without error. Once a datagram is small enough to pass through without fragmentation, the host chooses a datagram size equal to the path MTU.

2.7.6 Use of multiple headers

There are 2 reasons for going for multiple headers: economy and extensibility. Partitioning the datagram functionality into separate headers is economical because it saves space. Although IPv6 protocol includes many facilities, designers expect a datagram to use only a small subset. Because most datagrams only need a few headers, avoiding unnecessary header fields can save considerable space. Smaller datagrams also take less time to transmit. Consider adding a new feature to a protocol. A protocol like IPv4 that used fixed header format requires a complete change - the header must be redesigned to accommodate fields needed to support the new feature. In IPv6, however, existing headers can remain unchanged. A new NEXT HEADER type is defined as well as a new header format. The chief advantage of placing a new functionality in a new header lies in the ability to experiment with a new feature before changing all computers in the Internet. For example: suppose the owners of two computers wish to test new datagram encryption technique. The two must agree on the details of an experimental encryption header. The sender adds the new header to a datagram, and the receiver interprets the header in incoming datagrams. As long as the new header appears after the headers used for routing, routers in the internet between the sender and receiver can pass the datagram without understanding the experimental header. Once a experimental feature proves useful, it can be incorporated in the standard.

2.7.7 IPv6 addressing and address notation

IPv6 assigns a unique address for each connection between a computer and a physical network. Also like IPv4, IPv6 separates each such address into a prefix that identifies the network and a suffix that identifies a particular computer on the network.

Addresses do not have defined classes. Instead, the boundary between the prefix and suffix can fall anywhere within the address and cannot be determined from the address alone. Thus a prefix length must be associated with each address to enable s/w to know where the prefix ends. IPv6 defines a set of special addresses that differ dramatically from IPv4 special addresses. IPv6 address is one of the three types: Unicast: The address corresponds to a single computer. A datagram sent to the address is routed along a shortest path to the computer. Multicast: The address corresponds to a set of computers, possibly at many locations; membership in the set can change at any time. When a datagram is sent to the address, IPv6 delivers one copy of the datagram to each member of the set. Anycast: The address corresponds to a set of computers that share a common address prefix. A datagram sent to the address is routed along a shortest path and then delivered to exactly one of the computers. Anycast addressing was originally known as cluster addressing. The motivation for such addressing arises from a desire to allow replication of services. For example, a corporation that offers a service over the network assigns an anycast address to several computers that all provide the service. When a user sends a datagram to the anycast address, IPv6 routes the datagram to one of the computers in the set. If a user from another location sends a datagram to the anycast address, IPv6 can choose to route the datagram to a different member of the set, allowing both computers to process requests at the same time.

IPv6 address notation

128-bit addresses unwieldy in dotted decimal; requires 16 numbers 105.220.136.100.255.255.255.255.0.0.18.128.140.10.255.255 Groups of 16-bit numbers in hex separated by colons -colon hexadecimal (or colon hex) Although an address that occupies 128 bits can accommodate Internet growth, writing such numbers can be unwieldy. For example consider a 128 bit number written in dotted decimal notation shown above. To help reduce the number of characters used to write a address the designers of IPv6 propose using a more compact syntactic from known as colon hexadecimal notation in which each group of 16 bits is written in hexadecimal with a colon separating groups. When the earlier example is written in colon hex, it becomes what is shown in the second bullet.

Zero-compression - series of zeroes indicated by two colons

FF0C:0:0:0:0:0:0:B1 FF0C::B1

IPv6 address with 96 leading zeros is interpreted to hold As the above example illustrates, colon hex notation requires fewer characters to express an address. An additional optimization known as zero compression further reduces the size. Zero compression replaces sequences of zeroes with two colons. For example consider the figure above. The large IPv6 address space and the proposed address allocation scheme make zero compression especially important because the designers expect many IPv6 addresses to contain strings of zeroes. In particular, to help ease of transition to the new protocol, the designers mapped existing IPv4 addresses into the IPv6 address space. Any IPv6 address that begins with 96 zero bits contains an IPv4 address in the low order 32 bits.

2.7.8 Differences between IPv4 and IPv6