The Bits Must Flow: (Net)Working through the abstractions

A presentation at Cloud-Native Rejekts NA 2022 in October 2022 in Detroit, MI, USA by Fen Aldrich

Slide 1

Slide 1

The Bits Must Flow (net)Working through the abstractions 1 — @CrayZeigh

Slide 2

Slide 2

What happens when you visit a website? 2 — @CrayZeigh Start with a classic Audience Participation

Slide 3

Slide 3

Why DNS? 3 — @CrayZeigh

Slide 4

Slide 4

167,069GB Internet Traffic Per Second 1 https://interenetlivestats.com/one-second/#traffic-band 4 — @CrayZeigh 1

Slide 5

Slide 5

1,336,544,000,000,000 bits per second 5 — @CrayZeigh

Slide 6

Slide 6

6 — @CrayZeigh

Slide 7

Slide 7

OSI 7-Layer model Application Presentation Session Transport Network Data Link Physical 7 — @CrayZeigh

Slide 8

Slide 8

OSI TCP/IP Application Application Presentation Session Transport Transport Network Internet Data Link Network Access Physical 8 — @CrayZeigh

Slide 9

Slide 9

Why all these layers anyway? 9 — @CrayZeigh

Slide 10

Slide 10

Network Access: Data Frames help translate digital to physical 10 — @CrayZeigh

Slide 11

Slide 11

MAC Addresses 01:23:45:67:89:ab 11 — @CrayZeigh but how do you figure out what your destination MAC address is?

Slide 12

Slide 12

MAC Addresses 01:23:45:67:89:ab → Identifies the (network) device 11 — @CrayZeigh but how do you figure out what your destination MAC address is?

Slide 13

Slide 13

MAC Addresses 01:23:45:67:89:ab → Identifies the (network) device → For same-network devices 11 — @CrayZeigh but how do you figure out what your destination MAC address is?

Slide 14

Slide 14

ARP 2 2 Address Resolution Protocol 12 — @CrayZeigh arp -a need a way to separate traffic

Slide 15

Slide 15

ARP 2 → Mapping IPs and MAC addresses 2 Address Resolution Protocol 12 — @CrayZeigh arp -a need a way to separate traffic

Slide 16

Slide 16

ARP 2 → Mapping IPs and MAC addresses → Broadcasts to find neighbors 2 Address Resolution Protocol 12 — @CrayZeigh arp -a need a way to separate traffic

Slide 17

Slide 17

VLANs 13 — @CrayZeigh Broadcast & Switchs v Hubs

Slide 18

Slide 18

VLANs → Limiting Broadcast Domains 13 — @CrayZeigh Broadcast & Switchs v Hubs

Slide 19

Slide 19

VLANs → Limiting Broadcast Domains → IEEE 802.1q 13 — @CrayZeigh Broadcast & Switchs v Hubs

Slide 20

Slide 20

VLANs → Limiting Broadcast Domains → IEEE 802.1q → up to 4096 VLANs 3 3 VXLAN addresses this but that’s A Whole Other Thing 13 — @CrayZeigh Broadcast & Switchs v Hubs

Slide 21

Slide 21

VLANs → Limiting Broadcast Domains → IEEE 802.1q → up to 4096 VLANs 3 → Native or Tagged 3 VXLAN addresses this but that’s A Whole Other Thing 13 — @CrayZeigh Broadcast & Switchs v Hubs

Slide 22

Slide 22

14 — @CrayZeigh AWS Connections as Layer 2 Segregating networks building mulitple kinds of VM traffic

Slide 23

Slide 23

IP Packets wrap your digital data and know where to send it 15 — @CrayZeigh

Slide 24

Slide 24

Classes & CIDR 16 — @CrayZeigh Probably never really dealt with Classed IP addresses though there is some holdover in the reserved private IP space, 10.x, 172.16.x - 172.31.x, 192.168.x ^ Previously given classed space you could have C (256), next up B (65k) and A (16.8m)

Slide 25

Slide 25

Classes & CIDR → Classess Inter Domain Routing 16 — @CrayZeigh Probably never really dealt with Classed IP addresses though there is some holdover in the reserved private IP space, 10.x, 172.16.x - 172.31.x, 192.168.x ^ Previously given classed space you could have C (256), next up B (65k) and A (16.8m)

Slide 26

Slide 26

Classes & CIDR → Classess Inter Domain Routing → Replaced previous “class a/b/c” IP addressing to help address IP address availability 16 — @CrayZeigh Probably never really dealt with Classed IP addresses though there is some holdover in the reserved private IP space, 10.x, 172.16.x - 172.31.x, 192.168.x ^ Previously given classed space you could have C (256), next up B (65k) and A (16.8m)

Slide 27

Slide 27

Classes & CIDR → Classess Inter Domain Routing → Replaced previous “class a/b/c” IP addressing to help address IP address availability → Helps determine destination locality i.e. routing 16 — @CrayZeigh Probably never really dealt with Classed IP addresses though there is some holdover in the reserved private IP space, 10.x, 172.16.x - 172.31.x, 192.168.x ^ Previously given classed space you could have C (256), next up B (65k) and A (16.8m)

Slide 28

Slide 28

CIDR Notation 17 — @CrayZeigh

Slide 29

Slide 29

10.10.10.10/24 18 — @CrayZeigh

Slide 30

Slide 30

IP Address/Network Bits 19 — @CrayZeigh

Slide 31

Slide 31

IP: 10.10.10.10 SM: 255.255.255.0 20 — @CrayZeigh

Slide 32

Slide 32

Converts to Binary: IP: 00001010.00001010.00001010.00001010 SM: 11111111.11111111.11111111.00000000 in Subnet Mask: 1s = Network Space 0s = Host Space 21 — @CrayZeigh

Slide 33

Slide 33

Special IPs 22 — @CrayZeigh Not aobut private, multicast or research IPs that’s a different thing Think of “network” as “any for routing purposes this cannot be used in any other way

Slide 34

Slide 34

Special IPs → Broadcast (10.10.10.255) 22 — @CrayZeigh Not aobut private, multicast or research IPs that’s a different thing Think of “network” as “any for routing purposes this cannot be used in any other way

Slide 35

Slide 35

Special IPs → Broadcast (10.10.10.255) → Host bits all 1 22 — @CrayZeigh Not aobut private, multicast or research IPs that’s a different thing Think of “network” as “any for routing purposes this cannot be used in any other way

Slide 36

Slide 36

Special IPs → Broadcast (10.10.10.255) → Host bits all 1 → Network (10.10.10.0) 22 — @CrayZeigh Not aobut private, multicast or research IPs that’s a different thing Think of “network” as “any for routing purposes this cannot be used in any other way

Slide 37

Slide 37

Special IPs → Broadcast (10.10.10.255) → Host bits all 1 → Network (10.10.10.0) → Host bits all 0 22 — @CrayZeigh Not aobut private, multicast or research IPs that’s a different thing Think of “network” as “any for routing purposes this cannot be used in any other way

Slide 38

Slide 38

All together CIDR Notated IP Address of a 10.10.10.10/24 Host Network 10.10.10.0/24 Broadcast IP 10.10.10.255 Available Host IPs 10.10.10.1 - 254 23 — @CrayZeigh

Slide 39

Slide 39

Bigger Networks CIDR 192.168.1.100/22 Network 192.168.0.0/22 Broadcast 192.168.3.255 Available Hosts 192.168.0.1 - 3.254 24 — @CrayZeigh

Slide 40

Slide 40

More Weird Ones 25 — @CrayZeigh

Slide 41

Slide 41

Weird Ones Explained 26 — @CrayZeigh

Slide 42

Slide 42

Weird Ones Explained → /30 26 — @CrayZeigh

Slide 43

Slide 43

Weird Ones Explained → /30 → Costs 4 IPs, but only grants 2 hosts 26 — @CrayZeigh

Slide 44

Slide 44

Weird Ones Explained → /30 → Costs 4 IPs, but only grants 2 hosts → Broadcast & Network still apply 26 — @CrayZeigh

Slide 45

Slide 45

Weird Ones Explained → /30 → Costs 4 IPs, but only grants 2 hosts → Broadcast & Network still apply → Might use today for compatibility reason or because you like IP addresses 26 — @CrayZeigh

Slide 46

Slide 46

Weird Ones Explained 27 — @CrayZeigh

Slide 47

Slide 47

Weird Ones Explained → /31 27 — @CrayZeigh

Slide 48

Slide 48

Weird Ones Explained → /31 → Creates 2 adjacet IPs, only “costs” 2 IPs 27 — @CrayZeigh

Slide 49

Slide 49

Weird Ones Explained → /31 → Creates 2 adjacet IPs, only “costs” 2 IPs → Proposed in RFC3021 in 2000(!) to combat dwindline IP availability 27 — @CrayZeigh

Slide 50

Slide 50

Weird Ones Explained 28 — @CrayZeigh Anycast App Idea

Slide 51

Slide 51

Weird Ones Explained → /32 28 — @CrayZeigh Anycast App Idea

Slide 52

Slide 52

Weird Ones Explained → /32 → Single IP address 28 — @CrayZeigh Anycast App Idea

Slide 53

Slide 53

Weird Ones Explained → /32 → Single IP address → still very useful mainly for additional or public IPs 28 — @CrayZeigh Anycast App Idea

Slide 54

Slide 54

Routing Source: 10.10.10.10/24 Destination: 10.10.10.100 29 — @CrayZeigh

Slide 55

Slide 55

Routing Source: 10.10.10.10/24 Destination: 10.10.10.100 1. Checks network space to see address is local 29 — @CrayZeigh

Slide 56

Slide 56

Routing Source: 10.10.10.10/24 Destination: 10.10.10.100 1. Checks network space to see address is local 2. Sends local ARP broadcast to find MAC of destination 29 — @CrayZeigh

Slide 57

Slide 57

Routing Source: 10.10.10.10/24 Destination: 10.10.10.100 1. Checks network space to see address is local 2. Sends local ARP broadcast to find MAC of destination 3. wraps packet in frame with newly discovered MAC 29 — @CrayZeigh

Slide 58

Slide 58

Routing Source: 10.10.10.10/24 Destination: 10.10.10.100 1. Checks network space to see address is local 2. Sends local ARP broadcast to find MAC of destination 3. wraps packet in frame with newly discovered MAC 4. sends data frame through switch to destination “directly” 29 — @CrayZeigh

Slide 59

Slide 59

Routing Source: 10.10.10.10/24 Destination: 1.1.1.1 30 — @CrayZeigh

Slide 60

Slide 60

Routing Source: 10.10.10.10/24 Destination: 1.1.1.1 1. Checks network space and see’s address is remote 30 — @CrayZeigh

Slide 61

Slide 61

Routing Source: 10.10.10.10/24 Destination: 1.1.1.1 1. Checks network space and see’s address is remote 2. Forwards packet to the local router (usually default gateway) through switch 30 — @CrayZeigh

Slide 62

Slide 62

Routing Source: 10.10.10.10/24 Destination: 1.1.1.1 1. Checks network space and see’s address is remote 2. Forwards packet to the local router (usually default gateway) through switch 3. Wraps packet in frame with router’s mac address and desired destination’s IP 30 — @CrayZeigh

Slide 63

Slide 63

Routing Source: 10.10.10.10/24 Destination: 1.1.1.1 1. Checks network space and see’s address is remote 2. Forwards packet to the local router (usually default gateway) through switch 3. Wraps packet in frame with router’s mac address and desired destination’s IP 4. Switch forwards frame to the router, router re-wraps the paket with a frame pointing to the next router in line 30 — @CrayZeigh

Slide 64

Slide 64

Routing Source: 10.10.10.10/24 Destination: 1.1.1.1 1. Checks network space and see’s address is remote 2. Forwards packet to the local router (usually default gateway) through switch 3. Wraps packet in frame with router’s mac address and desired destination’s IP 4. Switch forwards frame to the router, router re-wraps the paket with a frame pointing to the next router in line 5. Eventually, router for 1.1.1.1 will recieve the packet, and wrap in a frame with the appropriate destination’s MAC 30 — @CrayZeigh

Slide 65

Slide 65

How does the router know where the next stop is? Routing Tables 31 — @CrayZeigh

Slide 66

Slide 66

How does the router know where the next stop is? Routing Tables → (also used locally on your hosts) 31 — @CrayZeigh

Slide 67

Slide 67

How does the router know where the next stop is? Routing Tables → (also used locally on your hosts) → 3 general types of routes 31 — @CrayZeigh

Slide 68

Slide 68

How does the router know where the next stop is? Routing Tables → (also used locally on your hosts) → 3 general types of routes → Connected (networks assigned to router interfaces) 31 — @CrayZeigh

Slide 69

Slide 69

How does the router know where the next stop is? Routing Tables → (also used locally on your hosts) → 3 general types of routes → Connected (networks assigned to router interfaces) → Static (manually set, default gateway usually) 31 — @CrayZeigh

Slide 70

Slide 70

How does the router know where the next stop is? Routing Tables → (also used locally on your hosts) → 3 general types of routes → Connected (networks assigned to router interfaces) → Static (manually set, default gateway usually) → Learned (Shared with peers, BGP) 31 — @CrayZeigh

Slide 71

Slide 71

BGP Border Gateway Protocol 32 — @CrayZeigh

Slide 72

Slide 72

BGP Border Gateway Protocol → Advertises routes between (TCP) peered Autonomous Systems 32 — @CrayZeigh

Slide 73

Slide 73

BGP Border Gateway Protocol → Advertises routes between (TCP) peered Autonomous Systems → Routes can be aggregate “supernets” to save table space 32 — @CrayZeigh

Slide 74

Slide 74

BGP Border Gateway Protocol → Advertises routes between (TCP) peered Autonomous Systems → Routes can be aggregate “supernets” to save table space → Helps determine “best” route to destination since multiple routes may contain the same prefixes 32 — @CrayZeigh

Slide 75

Slide 75

BGP Border Gateway Protocol → Advertises routes between (TCP) peered Autonomous Systems → Routes can be aggregate “supernets” to save table space → Helps determine “best” route to destination since multiple routes may contain the same prefixes → Leveragable for anycast/edge performance increases 32 — @CrayZeigh

Slide 76

Slide 76

BGP 33 — @CrayZeigh

Slide 77

Slide 77

BGP 34 — @CrayZeigh

Slide 78

Slide 78

BGP 35 — @CrayZeigh

Slide 79

Slide 79

Anycast 36 — @CrayZeigh

Slide 80

Slide 80

Anycast Benefits 37 — @CrayZeigh

Slide 81

Slide 81

What happens when you visit a website? 38 — @CrayZeigh

Slide 82

Slide 82

Hi! ! I’m Aaron dev advocate: organizer: sometimes host: Twitter: @CrayZeigh Slides: speaking.crayzeigh.com 39

Slide 83

Slide 83

40 — @CrayZeigh