Protocols – 4th Year

Computer Eng. Dept.

Lecture No. 12
Network layer protocols
PATH VECTOR ROUTING
Distance vector and link state routing are both interior
routing protocols.
They can be used inside an autonomous system as intra-
domain or intra-AS (as sometimes are called), but not
between autonomous systems.
Both of these routing protocols become intractable‫ص!!عبا!!لمع!ا!!لجة‬
when the domain of operation becomes large.
Distance vector routing is subject to instability if there is
more than a few hops in the domain of operation.
Link state routing needs a huge amount of resources to
calculate routing tables. It also creates heavy traffic because
of flooding.
There is a need for a third routing protocol which we call
path vector routing. 2
Path vector routing is exterior routing protocol proved to
be useful for inter-domain or inter-AS routing as it is
sometimes called.
In distance vector routing, a router has a list of networks
that can be reached in the same AS with the corresponding
cost (number of hops).
In path vector routing, a router has a list of networks that
can be reached with the path (list of ASs to pass) to reach
each one.
In other words, the domain of operation of the distance
vector routing is a single AS; the domain of operation of the
path vector routing is the whole Internet.
The distance vector routing tells us the distance to each
network; the path vector routing tells us the path.
3
Example
The difference between the distance vector routing and
path vector routing can be compared to the difference
between a national map and an international map.
A national map can tell us the road to each city and the
distance to be travelled if we choose a particular route; an
international map can tell us which cities exist in each
country and which countries should be passed before
reaching that city.

Reachability
To be able to provide information to other ASs, each AS
must have at least one path vector routing that collects
reachability information about each network in that AS.
4
The information collected in this case only means which
network, identified by its network address (CIDR prefix),
exists (can be reached in this AS).
In other words, the AS needs to have a list of existing
networks in its territory. Figure below shows three ASs.
Each distance vector (exterior router) has created a list which
shows which network is reachable in that AS.

Note:
Classless inter-domain routing (CIDR) is a set of Internet protocol (IP)
standards that is used to create unique identifiers for networks and
individual devices. The IP addresses allow particular information
packets to be sent to specific computers. Shortly after the introduction
of CIDR, technicians found it difficult to track and label IP addresses,
so a notation system was developed to make the process more efficient
and standardized. That system is known as CIDR notation. 5
6
Routing Tables
In Figure above, router R1 in AS1 can send its reachability
list to router R2.
Router R2, after combining its reachability list, can send the
result to both R1 and R3.
Router R3 can send its reachability list to R2, which in turn
improves its routing table, and so on.
Figure below shows the routing table for each router after all
three routers have updated their routing table.
Router R1 knows that if a packet arrives for the network
201.2.2.0/24, this network is in AS1 (at home), but if a packet
arrives for the network 130.14.0.0/16, the packet should
travel from AS1 to AS2 to reach its destination network.

7
On the other hand, if router R2 receives a packet destined for
the network 22.0.0.0.8, the router knows that it should travel
from AS2 to AS3 to reach its destination.
We can compare these routing tables with the distance vector
routing table to see the differences. 8
Loop Prevention
The instability of distance vector routing and the creation
of loops can be avoided in path vector routing.
When a router receives a reachability information, it checks
to see if its autonomous system is in the path list to any
destination.
If it is, looping is involved and that network-path pair is
discarded.

Aggregation
The path vector routing protocols normally support CIDR
notation and the aggregation of addresses (if possible).
This helps to make the path vector routing table simpler
and exchange between routers faster.
9
For example, the path vector routing table of Figure above
can be aggregated to create shorter routing tables (Figure
below).

Note that a range may also include a block that may not be in
the corresponding AS.
For example, the range 201.2.0.0/22 also includes the range
201.2.0.3/24, which is not the network address of any network
in AS1.
However, if this network exists in some other ASs, it eventually
becomes part of the routing table. 10
Note:
The number following the slash is the prefix length, the number of
shared initial bits, counting from the most-significant bit of the
address. When emphasizing only the size of a network, the
address portion of the notation is usually omitted. Thus, a /20
block is a CIDR block with an unspecified 20-bit prefix.

Policy Routing
Policy routing can be easily implemented through path
vector routing.
When a router receives a message, it can check the path.
If one of the autonomous systems listed in the path is against
its policy, it can ignore that path and that destination.
It does not update its routing table with this path, and it does
not send this message to its neighbors. 11
BGP
Border Gateway Protocol (BGP) is an inter-domain routing
protocol using path vector routing.
It first appeared in 1989 and has gone through four versions.
Types of Autonomous Systems
As we said before, the Internet is divided into hierarchical
domains called autonomous systems (ASs).
For example, a large corporation that manages its own
network and has full control over it is an autonomous system.
A local ISP that provides services to local customers is an
autonomous system.
Note that a single organization may choose to have
multiple ASs because of geographical spread, different
providers (ISPs), or even some local obstacles. 12
We can divide autonomous systems into three categories:
stub, multi-homed, and transit.

Stub AS
A stub AS has only one connection to another AS.
The inter-domain data traffic in a stub AS can be either
created or terminated in the AS.
The hosts in the AS can send data traffic to other ASs.
The hosts in the AS can receive data coming from hosts in
other ASs.
Data traffic, however, cannot pass through a stub AS.
A stub AS is either a source or a sink.
A good example of a stub AS is a small corporation or a
small local ISP.
13
Multi-homed AS
A multi-homed AS has more than one connection to other
ASs, but it is still only a source or sink for data traffic.
It can receive data traffic from more than one AS.
It can send data traffic to more than one AS, but there is no
transient traffic.
It does not allow data coming from one AS and going to
another AS to pass through.
A good example of a multi-homed AS is a large corporation
that is connected to more than one regional or national AS
that does not allow transient traffic.
Transit AS
A transit AS is a multi-homed AS that also allows transient
traffic. Good examples of transit ASs are national and
international ISPs (Internet backbones). 14
CIDR
BGP uses classless inter-domain routing addresses. In other
words, BGP uses a prefix, to define a destination address.
The address and the number of bits (prefix length) are used
in updating messages.

Path Attributes
The path was presented as a list of autonomous systems, but
is, in fact, a list of attributes.
Each attribute gives some information about the path.
The list of attributes helps the receiving router make a better
decision when applying its policy.
Attributes are divided into two broad categories: well-known
and optional.
15
A wellknown attribute is one that every BGP router must
recognize.
An optional attribute is one that needs not be recognized by
every router.
Well-known attributes are themselves divided into two
categories: mandatory and discretionary.
Well-known mandatory: Attributes of this type must be
understood by all BGP implementations and must EXIST in
the BGP update messages.
Well-known discretionary: Attributes of this type must be
understood by all BGP implementations but they don’t have
to exist in all BGP updates to all neighbors. One well-known
mandatory attribute is ORIGIN. This defines the source of
the routing information (RIP, OSPF, and so on).
Another well-known mandatory attribute is AS_PATH. 16
This defines the list of autonomous systems through which
the destination can be reached.
Still another well-known mandatory attribute is NEXT-HOP,
which defines the next router to which the data packet should
be sent.
The optional attributes can also be subdivided into two
categories:
transitive and non-transitive.
An optional transitive attribute is one that must be passed to
the next router by the router that has not implemented this
attribute.
An optional non-transitive attribute is one that must be
discarded if the receiving router has not implemented it.
Table below shows some BGP attributes:
17
BGP Attributes cheat list

18
BGP Sessions
The exchange of routing information between two routers
using BGP takes place in a session.
A session is a connection that is established between two
BGP routers only for the sake of exchanging routing
information. To create a reliable environment, BGP uses the
services of TCP.
In other words, a session at the BGP level, as an application
program, is a connection at the TCP level.
However, there is a subtle difference between a connection
in TCP made for BGP and other application programs.
When a TCP connection is created for BGP, it can last for a
long time‫فترة طويلة‬66‫ستمر ل‬66‫ني‬6‫مكنأ‬66‫ي‬, until something unusual happens.
For this reason, BGP sessions are sometimes referred to as
semi-permanent connections. 19
External and Internal BGP
If we want to be precise, BGP can have two types of
sessions: external BGP (E-BGP) and internal BGP (I-BGP)
sessions.
The E-BGP session is used to exchange information between
two speaker nodes belonging to two different autonomous
systems.
The I-BGP session, on the other hand, is used to exchange
routing information between two routers inside an
autonomous system.
Figure below shows the idea.
The session established between AS1 and AS2 is an E-BGP
session.
The two speaker routers exchange information they know
about networks in the Internet. 20
However, these two routers need to collect information from
other routers in the autonomous systems. This is done using
I-BGP sessions.

Types of Packets
BGP uses four different types of messages:
open, update, keepalive, and notification (see Figure
below). 21
Packet Format
All BGP packets share the same common header. Before
studying the different types of packets, let us talk about this
common header (see next Figure). The fields of this
header are as follows:
❑Marker.
The 16-byte marker field is reserved for authentication.
❑Length.
This 2-byte field defines the length of the total message
including the header. 22
❑Type.
This 1-byte field defines the type of the packet. As we said
before, we have four types, and the values 1 to 4 define those
types.

Open Message
To create a neighborhood relationship, a router running BGP
opens a TCP connection with a neighbor and sends an open
message. 23
If the neighbor accepts the neighborhood relationship, it
responds with a keepalive message, which means that a
relationship has been established between the two routers.
See Figure below for a depiction of the open message format.
The fields of the open message are as follows:
❑Version.
This 1-byte field defines the version of BGP. The current
version is 4.

24
❑My autonomous system.
This 2-byte field defines the autonomous system number.
❑Hold time.
This 2-byte field defines the maximum number of seconds
that can elapse until one of the parties receives a
keepalive or update message from the other.
If a router does not receive one of these messages during
the hold time period, it considers the other party dead.
❑ BGP identifier. This 4-byte field defines the router that
sends the open message.
The router usually uses one of its IP addresses (because it is
unique) for this purpose.
❑ Option length. The open message may contain some
option parameters. In this case, this 1-byte field defines the
length of the total option parameters. 25
If there are no option parameters, the value of this field is
zero.
❑ Option parameters. If the value of the option parameter
length is not zero, it means that there are some option
parameters.
Each option parameter itself has two subfields: the length
of the parameter and the parameter value.
The only option parameter defined so far is authentication.

Update Message
The update message is the heart of the BGP protocol.
It is used by a router to
 withdraw destinations that have been advertised
previously,
 announce a route to a new destination, or both. 26
27
The update message fields are listed below:
❑ Unfeasible routes length. This 2-byte field defines the
length of the next field.
❑ Withdrawn routes. This field lists all the routes that
must be deleted from the previously advertised list.
❑ Path attributes length. This 2-byte field defines the
length of the next field.
❑ Path attributes. This field defines the attributes of the
path (route) to the network whose reachability is being
announced in this message.
❑ Network layer reachability information (NLRI). This
field defines the network that is actually advertised by
this message.
It has a length field and an IP address prefix. The length
defines the number of bits in the prefix. 28
The prefix defines the common part of the network address.
For example, if the network is 153.18.7.0/24, the length of
the prefix is 24 and the prefix is 153.18.7. BGP4 supports
classless addressing and CIDR.

Keepalive Message
The routers (called peers in BGP parlance) running the BGP
protocols exchange keepalive messages regularly (before
their hold time expires) to tell each other that they are alive.
The keepalive message consists of only the common
header shown in Figure below.

29
Notification Message
A notification message is sent by a router whenever an error
condition is detected or a router wants to close the
connection.
The format of the message is shown in Figure below.
The fields making up the notification message follow:

30
❑ Error code. This 1-byte field defines the category of the
error. See Table below.
❑ Error subcode. This 1-byte field further defines the type
of error in each category.
❑ Error data. This field can be used to give more
diagnostic information about the error.

31
Encapsulation
BGP messages are encapsulated in TCP segments using
the well-known port 179.
This means that there is no need for error control and flow
control.
When a TCP connection is opened, the exchange of update,
keepalive, and notification messages is continued until a
notification message of type cease is sent.

SUMMARY
❑ A metric is the cost assigned for passage of a packet through a
network.
A router consults its routing table to determine the best path for a
packet.
❑ An autonomous system (AS) is a group of networks and routers
under the authority of a single administration. 32
RIP and OSPF are popular intra-domain or intra-AS routing protocols
(also called interior routing protocols) used to update routing tables in
an AS.
RIP is based on distance vector routing, in which each router shares, at
regular intervals, its knowledge about the entire AS with its neighbors.
OSPF divides an AS into areas, defined as collections of networks,
hosts, and routers.
OSPF is based on link state routing, in which each router sends the
state of its neighborhood to every other router in the area.
❑ BGP is an inter-domain or inter-AS routing protocol (also called
exterior routing protocol) used to update routing tables.
BGP is based on a routing protocol called path vector routing.
In this protocol, the ASs through which a packet must pass are
explicitly listed.
Path vector routing does not have the instability nor looping problems
of distance vector routing.
There are four types of BGP messages: open, update, keepalive, and
notification. 33