About networks: a little bit of everything
Recently we had small training courses to increase our competence in the network part of our infrastructure. The main idea of these courses, covering OSPF / BGP / MPLS, I will not repeat here because:
So here I will describe interesting near-network points that were affected in the learning process. Some of this may seem trivial to you, but I will try to compensate for the boredom when you read it with an abundance of references to additional materials.
Links to wikis are often more remarkable in the “External links” and “References” sections than in the content itself.
')
Ethernet frame is actually not such a simple thing. Everyone knows about DMAC,
SMAC and VLAN Tag. However, about Preamble, Start of frame and Interframe gap are usually
forget. I'm not talking about the FCS about which to forget is very bad. Field
Size / Type is generally worth refreshing from time to time.
There are several modes of switching. Here are the most popular ones:
There is a special RFC on the use of the mask 255.255.255.254 - RFC 3021 .
In short - by making point-to-point links, you can save the space of IP addresses using 31 masks.
While talking about TCP in general and TCP congestion avoidance in particular,
started talking about the definition of drops. Normal ACK (also called
cumulative acknowledgment) allows you to identify only one lost packet per
one RTT, and given the current network speeds and window sizes (about the Window
I also recommend reading Scaling . For those who are lazy: WND must be greater than BDP ) there is a big chance of multiple drops in one window. In case of one
drop in TCP is stored in Fast recovery . However, several packages are lost at once.
and the link’s RTT is large, then TCP performance drops dramatically.
By the way, ECN protects against drops, if you have not heard, you can read about it, too.
In fact, the MAC address structure is not entirely random. Most admins
know that MAC is divided into two parts: OUI (which uniquely indicates
manufacturer) and NIC Specific (unique network number).
But there are two more special bits in MAC: 7th and 8th bits of the first octet. If 8th
the bit is set to 1, then the multicast address, otherwise unicast. If the 7th bit is
one, the address is so-called. locally administered by address, i.e. address
assigned to the network card manually (well, or it is used by hardware / software, which IEEE
did not allocate OUI).
For example, the Virtual Box interface on my machine has a MAC
0a: 00: 27: 00: 00: 00 - notice that he is unicast and is locally administered
for 0x0a = 0b00001010.
And the STP protocol multicast MAC 01: 80: C2: 00: 00: 00 - the eighth bit of the first octet
set to one.
If anyone suddenly had a question, why did they choose such strange bits, 7 and 8,
then the answer is pretty darn simple: when transferring bytes over the network, each byte is transmitted
backwards, as detailed in RFC 2469 .
There was quite a lot of new things for me.
And in general, about 802.11, I know very, very little, I am glad that I am not the only one =)
The letters above are the mnemonic record of the process of choosing the best BGP route.
N valid next-hop, W weights, L - local preferency, L - locally originated, A -
as path, O - origin, M - med, N - High type, I - IGP metric.
Taken from the CCIE Routing and Switching Exam Certification Guide (3rd Edition) .
This must be realized. AS is not only a 32-bit number. It is also recommended to
RFC 1930 reading
More information about their differences can be read in ripe-127
While discussing every legacy type RIP and its holddown timer'y remembered
the beautiful thing is Bidirectional Forwarding Detection , which allows two
directly connected glands to determine the vigor of Forwarding Engine
Sub-second Link Side and Integrity: RFC 5880 . There is also
option to check ipv4 / ipv6 connectivity between, again, directly connected
Hosts: RFC 5881 .
As an alternative to BFD, you can unscrew the timers from IGP, but this method has
its disadvantages, which writes itself Cisco: Bidirectional Forwarding Detection
for OSPF
The 3-tier architecture was developed and proposed by Cisco as a standard. Meaning
is to divide the network into parts: Core, Distribution and Access. Our
The lecturer highly recommended to use L3 switches at each level in order to
terminate L2 as far as possible from the kernel. However, for mere mortals come down and
scheme from L2 to Access.
On the subject is written the car and a small truck (in the form of QoS), so that it does not repeat
I will, and I will only make a reference to Enterprise Campus 3.0 Architecture: Overview
and Framework .
A scheme that recognizes the existence of different AS within our architecture.
For the first time along with CDA, I saw it in the book Junos High Availability: Best
Practices for High Network Uptime , I recommend you read it (p.
339).
Everyone is used to the fact that a subnet mask can be expressed by a prefix, that is, to have
consecutive set of units on the left (or their complete absence) However masks
may be torn, so for example, a mask of the form:
can be quite valid and will match every second host / 24
subnet. Of course, not all equipment supports torn masks.
The use of torn masks outside the test environment is extremely contraindicated. You've
been warned.
Extremely often, anycast is mentioned in the IPv6 context only. Of course, back in the distant
RFC1886, already three times obsolete, was called such a type of address as Anycast.
However, this is not the first RFC describing them (one of the first mentions of Anycast, I
found in RFC1546: Host Anycasting Service ) and it has been used for a long time already in
IPv4 is often bundled with BGP / IGP. So for example the DNS part of the root servers is
Anycast addresses.
According to GOST ^ W RFC anycast is:
Note: not a protocol, not a standard, but simply a methodology (or how is it still fashionable?
call Best Practice) to create a failover, decentralized
service.
of Anycast Services
The above-described RFC 4291 hints at us to distinguish anycast.
the address from unicast "by eye" is generally not realistic.
PS Of course, you should pay tribute to IPv6 in which the concept of Anycast is still more
less formalized, for example, the first and the last 128 hosts of the subnet
are by definition anycast addresses. You can read more in Reserved
IPv6 Subnet Anycast Addresses
In the IPv4 world, everything was very simple: there was
the advent of IPv6, everything has become much more interesting: now there is getaddrinfo (3) in
where the
Selection for Internet Protocol version 6 (IPv6) . Here is a list of BSD's
This actually means that DNS round-robin is not quite honest now.
Looking for additional information and default values you can look at:
Linux:
FreeBSD:
Just an interesting article for self-development: Special Use IPv4 Addresses . If a
remove all the banal (private addresses and multicast) and not really
interesting (test networks), then there is a stash (in the form of
We also spent a lot of time discussing IPv6 and dual-stack. I already wrote about this, so I will not repeat it, but just leave a link to the Basics of IPv6
Here are such notes in the margins. If you find any inaccuracies - say - discuss, correct
- Not yet competent enough.
- There are many more objective resources about these topics.
So here I will describe interesting near-network points that were affected in the learning process. Some of this may seem trivial to you, but I will try to compensate for the boredom when you read it with an abundance of references to additional materials.
Links to wikis are often more remarkable in the “External links” and “References” sections than in the content itself.
')
Ethernet Frame Format
Ethernet frame is actually not such a simple thing. Everyone knows about DMAC,
SMAC and VLAN Tag. However, about Preamble, Start of frame and Interframe gap are usually
forget. I'm not talking about the FCS about which to forget is very bad. Field
Size / Type is generally worth refreshing from time to time.
Switch Modes
There are several modes of switching. Here are the most popular ones:
- Store and forward - Handles the entire package. Checks FCS. Teaches SMAC.
More reliably, because it defines broken frames. - Cut-through - Looks only at DMAC. Moden in Infiniband and the rest HPC
for reduces delays. Requires manual filling of the switching table. there is
its subspecies: Fragment-free, however, is used only in domains where possible
collisions.
Mask / 31
There is a special RFC on the use of the mask 255.255.255.254 - RFC 3021 .
In short - by making point-to-point links, you can save the space of IP addresses using 31 masks.
Selective ACK
While talking about TCP in general and TCP congestion avoidance in particular,
started talking about the definition of drops. Normal ACK (also called
cumulative acknowledgment) allows you to identify only one lost packet per
one RTT, and given the current network speeds and window sizes (about the Window
I also recommend reading Scaling . For those who are lazy: WND must be greater than BDP ) there is a big chance of multiple drops in one window. In case of one
drop in TCP is stored in Fast recovery . However, several packages are lost at once.
and the link’s RTT is large, then TCP performance drops dramatically.
By the way, ECN protects against drops, if you have not heard, you can read about it, too.
MAC address
In fact, the MAC address structure is not entirely random. Most admins
know that MAC is divided into two parts: OUI (which uniquely indicates
manufacturer) and NIC Specific (unique network number).
But there are two more special bits in MAC: 7th and 8th bits of the first octet. If 8th
the bit is set to 1, then the multicast address, otherwise unicast. If the 7th bit is
one, the address is so-called. locally administered by address, i.e. address
assigned to the network card manually (well, or it is used by hardware / software, which IEEE
did not allocate OUI).
For example, the Virtual Box interface on my machine has a MAC
0a: 00: 27: 00: 00: 00 - notice that he is unicast and is locally administered
for 0x0a = 0b00001010.
And the STP protocol multicast MAC 01: 80: C2: 00: 00: 00 - the eighth bit of the first octet
set to one.
If anyone suddenly had a question, why did they choose such strange bits, 7 and 8,
then the answer is pretty darn simple: when transferring bytes over the network, each byte is transmitted
backwards, as detailed in RFC 2469 .
Wi-Fi
There was quite a lot of new things for me.
- 802.11n can use RTS / CTS ! Etozh straight RS-232 some =). By the way
RTS / CTS is a implementation of Carrier
avoidance (CSMA / CA) and Carrier is used in Ethernet segments with hubs
sense multiple access with collision detection (CSMA / CD). - 802.11s - mesh networking - peer-to-peer for Wi-Fi. I read a lot of commits
in FreeBSD on this topic, but never touched. - Access Point Management and Provisioning Protocols: Lightweight Access Point
Protocol and Control And Provisioning of Wireless Access Points
And in general, about 802.11, I know very, very little, I am glad that I am not the only one =)
Bgp
N WLLA OMNI
The letters above are the mnemonic record of the process of choosing the best BGP route.
N valid next-hop, W weights, L - local preferency, L - locally originated, A -
as path, O - origin, M - med, N - High type, I - IGP metric.
Taken from the CCIE Routing and Switching Exam Certification Guide (3rd Edition) .
Autonomous system
An IP is a prefixes run by one IP group. or more network operators who have a SINGLE and CLEARLY DEFINED routing policy.
This must be realized. AS is not only a 32-bit number. It is also recommended to
RFC 1930 reading
Internet voice dial
Organization
- ICANN is the governing organization for IANA.
- IANA - Organization managing distribution of IP'shnikov. They also hold
root-dns server. By the way, she has a great page with numbers on the site,
Direct read not reread: Protocol Registries - RIR - Regional Recorders. Do all the black work for IANA. On
currently there are 5 of them. Back in 2002 there were only 3. So you see, Antarctica has its own
will appear. - NIR - National Recorders. There are only some countries (for example, Japan, China, Korea, etc.)
- LIR - Any large provider with a large block can become one.
IP'shnikov.
Address types
- PI - Provider Independent Addresses - drag yourself wherever you want.
- PA - Addresses attached to the higher provider - if it leaves you - remain without them.
More information about their differences can be read in ripe-127
Bfd
While discussing every legacy type RIP and its holddown timer'y remembered
the beautiful thing is Bidirectional Forwarding Detection , which allows two
directly connected glands to determine the vigor of Forwarding Engine
Sub-second Link Side and Integrity: RFC 5880 . There is also
option to check ipv4 / ipv6 connectivity between, again, directly connected
Hosts: RFC 5881 .
As an alternative to BFD, you can unscrew the timers from IGP, but this method has
its disadvantages, which writes itself Cisco: Bidirectional Forwarding Detection
for OSPF
Network Architecture
CDA
The 3-tier architecture was developed and proposed by Cisco as a standard. Meaning
is to divide the network into parts: Core, Distribution and Access. Our
The lecturer highly recommended to use L3 switches at each level in order to
terminate L2 as far as possible from the kernel. However, for mere mortals come down and
scheme from L2 to Access.
On the subject is written the car and a small truck (in the form of QoS), so that it does not repeat
I will, and I will only make a reference to Enterprise Campus 3.0 Architecture: Overview
and Framework .
CE-PE
A scheme that recognizes the existence of different AS within our architecture.
For the first time along with CDA, I saw it in the book Junos High Availability: Best
Practices for High Network Uptime , I recommend you read it (p.
339).
Discontiguous subnet masks aka "ripped" masks
Everyone is used to the fact that a subnet mask can be expressed by a prefix, that is, to have
consecutive set of units on the left (or their complete absence) However masks
may be torn, so for example, a mask of the form:
11111111.11111111.11111111.00000001can be quite valid and will match every second host / 24
subnet. Of course, not all equipment supports torn masks.
The use of torn masks outside the test environment is extremely contraindicated. You've
been warned.
Anycast
Extremely often, anycast is mentioned in the IPv6 context only. Of course, back in the distant
RFC1886, already three times obsolete, was called such a type of address as Anycast.
However, this is not the first RFC describing them (one of the first mentions of Anycast, I
found in RFC1546: Host Anycasting Service ) and it has been used for a long time already in
IPv4 is often bundled with BGP / IGP. So for example the DNS part of the root servers is
Anycast addresses.
According to GOST ^ W RFC anycast is:
Anycast: the practice of making a particular Service Address
available in multiple, discrete, autonomous locations, such that
datagrams sent are routed to one of several available locations.
Note: not a protocol, not a standard, but simply a methodology (or how is it still fashionable?
call Best Practice) to create a failover, decentralized
service.
anycast-best-practices themselves can be read in RFC 4786: Operation of Anycast Services
Anycast addresses are allocated from the unicast address space, using
any of the defined unicast address formats. Thus, anycast addresses
are syntactically indistinguishable from unicast addresses. When a
unicast address is assigned
it is an address
assigned must be explicitly configured
address.
The above-described RFC 4291 hints at us to distinguish anycast.
the address from unicast "by eye" is generally not realistic.
PS Of course, you should pay tribute to IPv6 in which the concept of Anycast is still more
less formalized, for example, the first and the last 128 hosts of the subnet
are by definition anycast addresses. You can read more in Reserved
IPv6 Subnet Anycast Addresses
Address selection in general.
In the IPv4 world, everything was very simple: there was
gethostbyname(3) , which hadh_addr or, as a last resort, own logic around h_addr_list . WITHthe advent of IPv6, everything has become much more interesting: now there is getaddrinfo (3) in
where the
addrinfo list is sorted according to non-trivial rules: Default Address Selection for Internet Protocol version 6 (IPv6) . Here is a list of BSD's
libc :/ * * Rule 1: Avoid unusable destinations. * XXX: we exist. * / / * Rule 2: Prefer matching scope. * / / * Rule 3: Avoid deprecated addresses. * / / * Rule 4: Prefer home addresses. * / / * XXX: not implemented yet * / / * Rule 5: Prefer matching label. * / / * Rule 6: Prefer higher precedence. * / / * Rule 7: Prefer native transport. * / / * XXX: not implemented yet * / / * Rule 8: Prefer smaller scope. * / / * * Rule 9: Use longest matching prefix. * We compare the match length in a AF. * / / * Rule 10: Otherwise, leave the order unchanged. * /
This actually means that DNS round-robin is not quite honest now.
Looking for additional information and default values you can look at:
Linux:
cat /etc/gai.confFreeBSD:
ip6addrctl show"Special" IPv4 addresses
Just an interesting article for self-development: Special Use IPv4 Addresses . If a
remove all the banal (private addresses and multicast) and not really
interesting (test networks), then there is a stash (in the form of
240.0.0.0/4 ) and 6to4 Relay Anycast .IPv6
We also spent a lot of time discussing IPv6 and dual-stack. I already wrote about this, so I will not repeat it, but just leave a link to the Basics of IPv6
Instead of conclusion
Here are such notes in the margins. If you find any inaccuracies - say - discuss, correct
Source: https://habr.com/ru/post/130871/
All Articles