When deep-diving into the complicated terminology of switching, routing, and bridging, I discussed you would carry out packet forwarding at totally different layers of a networking stack. On this weblog publish, we’ll discover what occurs after we mix packet forwarding on a number of layers inside a single community, leading to multi-layer switching, the place edge units carry out Layer n forwarding (normally Layer 3), and core units carry out Layer n-1 forwarding (sometimes Layer 2).
Every layer can use any forwarding paradigm you select. Nonetheless, since we usually use IP at Layer 3, edge units sometimes carry out hop-by-hop destination-based forwarding, whereas core units can use different strategies.
For instance, you are able to do IP forwarding over bridged Ethernet. In that setup, the ingress router, the egress router, and all units in between kind a single Ethernet community—say, a service Ethernet service. Gadgets within the community core ahead packets primarily based on vacation spot MAC addresses. The ingress router should thus know the way to attain the egress router’s MAC tackle (or a number of addresses, for redundancy or load balancing).
Prior to now, when WAN companies used digital circuits, somebody needed to set up a digital circuit from the ingress to the egress router (a number of circuits can be utilized for load balancing). The ingress router maintained a mapping desk, like “egress router reachable over digital circuit 1” or “the identical router can also be reachable over digital circuit 2.”
After organising the mapping desk, the ingress and egress routers would run a routing protocol over these circuits to trade details about endpoints like X and Y. That means, they might ahead packets throughout the community.
We’re nonetheless utilizing the same paradigm right this moment after we mix IP forwarding with MPLS or MPLS-TE (typically operating BGP between ingress and egress routers). In these instances, the routers successfully create digital circuits, both with LDP in MPLS or through traffic-engineered tunnels in MPLS-TE. The ingress router in some way requests a circuit to the egress router (or builds one primarily based on already-available data), and one will get arrange. The ingress router then makes use of these circuits to ship site visitors to the egress router.
You too can obtain related outcomes with phase routing, which is simply supply routing in disguise. Within the Section Routing mannequin, the ingress router should know the trail to the egress router, comparable to through nodes A, B, and C (or an alternate path through A, D, and E). The ingress router then prepends the specified path throughout the community to the packet it needs to ahead, and the intermediate routers observe the directions to ship the packet throughout the community.
The ingress router can study the trail to the egress router by taking part in a routing protocol (commonplace routing protocols have been prolonged to hold phase routing data) or through a centralized controller, generally known as an SDN controller by vendor advertising departments. The SDN controller tells edge routers what labels (segments) to make use of to succeed in particular locations.
Tunneling
To date, we mentioned a situation wherein core units carried out forwarding on a networking layer beneath the one utilized by the sting units, however what occurs if the sting units carry out Layer n forwarding, and core units carry out Layer n and even higher-layer forwarding? Welcome to the complicated world of tunneling, typically used to do Layer 2 (Ethernet) forwarding throughout Layer 3 (IP) networks.
In such instances, edge units should encapsulate the unique packet. Within the case of Ethernet-over-IP forwarding, the envelope features a vacation spot IP tackle, an inside MAC header, and an outer MAC header, as a result of the routers nonetheless want MAC addresses on Ethernet hyperlinks. Finally, you find yourself with a Layer 2 header buried inside one other Layer 2 header—therefore, tunneling (instance).
Examples embrace:
- GRE, which might carry something over IP.
- IPsec tunnel mode, which wraps an IP packet inside an IPsec packet, then provides one other IP header on prime.
- Supplier Spine Bridging (PBB), which wraps one MAC header inside one other.
- TRILL, which has similarities however makes use of a barely totally different header.
- Ethernet over MPLS, the place a MAC body is encapsulated with MPLS labels after which an outer MAC body.
- VXLAN or Geneve, the place an Ethernet body is wrapped with a VXLAN/Geneve header, then a UDP header (to keep away from complicated middleboxes), then one other IP header and MAC header.
All of that is finished simply to make it seem as if a single Ethernet cable connects X and Y. I do know it sounds bizarre, however networking distributors like to promote costly complicated options.
Unfastened Supply Routing
As all the time, there are hybrid approaches, comparable to unfastened supply routing. In supply routing, the sender (X) specifies the trail to the vacation spot (Y). However what if the community already makes use of hop-by-hop forwarding and is aware of the way to get from X to Y?
Unfastened supply routing permits X to say, “I would like this packet to go to Y, however I would like it to move by D first.” X doesn’t must know the total path—it doesn’t must find out about node C in any respect. Everybody simply forwards the packet to D. When D receives it, it finds one other packet inside—this one destined for Y. D is aware of the way to attain Y (possibly through E) and forwards it accordingly.
That’s how unfastened supply routing works in IPv4 or IPv6. It’s additionally much like how site visitors engineering or service chaining works in phase routing.
In each MPLS and IPv6-based phase routing, every node has world and native labels. Say node D has a worldwide label D, and everybody is aware of what the label D means. X takes an IP packet for Y, provides label D on prime, and sends it. The community delivers it to D, the place the label is stripped, and the remaining IP packet is forwarded—both on to Y or with one other label for E, which forwards it to Y.
Abstract
The Forwarding Packets Throughout a Community weblog publish launched three main forwarding paradigms:
- Supply routing
- Digital circuit-based forwarding
- Hop-by-hop destination-based forwarding
These might be mixed in multi-layer switching or tunneling. You too can create hybrids like unfastened supply routing.
Q&A Part
Query from Dan (concerning multi-layer switching):
Do each ingress and egress routers have the identical digital circuit ID, or is it local-only?
In most implementations, the digital circuit ID is native. There are two features to think about:
- Circuit ID: Is it the identical at each ends?
- Circuit directionality: Are we speaking about one circuit or two?
Usually, the circuit ID is not the identical on each ends. That is partly because of the restricted tackle area for circuit IDs. For instance, Body Relay used 10-bit IDs. MPLS makes use of 20-bit labels, however in apply, platforms can’t deal with the total vary of label values. Conventional MPLS implementations thus preserve label area by utilizing native IDs, comparable to “circuit 1” on one aspect and “circuit 2” on the opposite (SR-MPLS makes use of world labels).
As for the second level: in older WAN applied sciences like Body Relay, ATM, or X.25, circuits had been bidirectional, impressed by voice calls—like when one individual calls one other, each can discuss while not having a second name.
In MPLS, nevertheless, circuits are unidirectional. If an ingress router needs a traffic-engineered tunnel to an egress router, it units up a unidirectional tunnel. For the return site visitors, the egress router should arrange a separate tunnel again to the ingress router. Every tunnel is assigned a special circuit ID.
On Label Swapping in MPLS Networks
Label swapping in MPLS networks resembles MAC tackle swapping in Ethernet/IP networks, however with key variations.
In IP forwarding, a packet arrives with a vacation spot IP and a MAC header. The MAC header is discarded, because it solely facilitates the packet’s supply to the present hop. The router appears up the vacation spot IP, finds the following hop (say, B), determines B’s MAC tackle, builds a brand new MAC header, and sends the packet.
So it looks like MAC addresses are being “swapped,” however really:
- The previous MAC tackle is discarded.
- The routing lookup makes use of the vacation spot IP tackle, not the MAC tackle.
- A brand new MAC header is constructed for the following hop.
In MPLS, X sends a packet to Y with label L1 (assigned by A). Router A has a desk mapping L1 to L2, the label that router B instructed router A to make use of. So A swaps L1 for L2 and forwards the packet.
Key variations:
- Lookup is completed on the label (L1), in contrast to IP forwarding, the place it’s on the IP tackle.
- Solely the prime label is swapped; deeper labels stay.
- The IP header isn’t examined in any respect.
To summarize: in digital circuit-based forwarding, routers swap the circuit ID, whereas in IP routing, they discard Layer 2 headers, do one other network-layer lookup, and create a brand new Layer 2 header.
