As technologies go, routing is ancient. The need for routing goes back to the dawn of internetworking.
Many of a router's component technologies date back more than 20 years! During this time, many
substantial innovations and advances have been made in networking, computing, and even transmission
technologies. It doesn't take much of an imagination to see that some of these innovations, including IP
switches and software-based routing engines, appear to be designed to eliminate the need for a
hardware-based router in a LAN. In fact, during the emergence of LAN switching several years ago,
some of the proponents of this technology even proclaimed routing to be dead while drumming up
support for their new technology.
A fair question to ask is, "Does routing have a future, or are its days numbered?" This chapter answers
that question by examining some of the key trends and technological developments that have affected
routing.
The key technological advances that directly affect routing include
Development of routing software that can run on low-end computers
Computer-Based Routers.
Traditional, standalone routers are hardware specific: You purchase a specialized physical platform,
including a chassis, sheet metal, power supply, CPU, memory, I/O ports, and a motherboard together
with the routing engine. These components are described in "Routers and WANs."
In a standalone router, the routing engine is an integral part of the unit. It is not separable, nor portable,
from the standalone router. In a computer-based router, the routing engine is executable software
designed to run on a general-purpose computer rather than a highly specialized device. In fairness, this
isn't a new trend. In fact, the earliest routers were really UNIX-based computers that calculated routes
using one of the myriad primitive RIP-like protocols described in "Routing Information Protocol." This
early form of software-based routing was, subsequently, almost completely supplanted by the various
generations of hardware-based routers that emerged.
The appearance of the specialized standalone routers brought some substantial benefits relative to
computer-based routing:
A processing platform dedicated to route calculation and packet forwarding
Placement of the routing function at the boundary between the LAN and WAN rather than at the
LAN's periphery
Support for more advanced routing protocols
Potential for sharing a WAN access facility across a greater base of users
A more reliable platform that had fewer moving parts than an end system
These benefits resulted in the dominance of the standalone router. Over time, routers became
increasingly more powerful and feature rich. These developments enabled standalone routers to expand
their presence in internetworks. Specifically, they began to be used in nontraditional ways, such as to
construct LAN backbones.
Today's Products
Today, the amount of computational power available at the desktop is greater than that of mainframes 20
years ago. Also, more sophisticated routing protocols than RIP are available in executable software.
Therefore, it seems logical that today's powerful computers should be used to provide sophisticated route
calculation at the network's periphery.
On the surface, this would appear to be a direct threat to the traditional standalone router. In theory, you
wouldn't need a stand- alone router anymore. After all, its real value lies in its routing engine rather than
its physical components. All you would need is a peripheral computer with a routing engine, an
appropriate network interface card, and transmission facilities. Beyond the surface, it is easy to see that
this is not the case. Instead, the re-emergence of computer-based routing is complementary to, rather than
competitive with, standalone routers.
The New Uses of Computer-Based Routing:
The computer-based router's flexible platform and multitasking capabilities enable it to perform many
more different functions than a standalone router. The key to benefiting from a computer- based router is
to take advantage of these features, which cannot be duplicated on a standalone router.
A computer-based router can be used to authenticate dial-in users, for example, before granting them
access to an internal, and secured, internetwork.
Computer-based router is not a replacement for traditional standalone routers. Similarly, a general- purpose computer running Windows NT Server can interconnect two
different LANs and provide a routed interface between them. Obviously, that NT device needs to have
two network interface cards (NICs), but is another example of the flexibility of computer- based routing.
All such devices must be considered a complementary service that enhances the usefulness of routing
technologies in a network. The specific benefits of the configuration illustrated in include the
following:
The ability to use a general-purpose computer rather than a specialized, and possibly more
expensive, standalone router.
Support for dial-on-demand transmission technologies (POTS, Switched 56, ISDN)
VPN tunnel construction
Management of router via client/server administrative infrastructure rather than through a fully
separate network management infrastructure.
Multilayer Switches:
Another interesting development that potentially affects routing is the multilayer switch. Multilayer
switches operate much like LAN switches (such as Ethernet switches), except that they are designed to
forward datagrams based on their IP addresses rather than MAC addresses. This capability, at least
superficially, appears to position a multilayer switch as a potential replacement for stand- alone routers in
a LAN. Closer examination, however, reveals that this technology cannot completely supplant traditional
standalone routing in a LAN because there are several fundamental limitations of multilayer switching.
The best way to understand these limitations is to examine how a multilayer switch operates and its uses.
A multilayer switch operates in much the same way that a bridge or LAN switch operates, even though
its functionality more closely approximates a router's capabilities. This type of switch builds tables that
correlate I/O port with known addresses. Framed data is received through any of the switch's I/O ports
and buffered just long enough to identify the destination IP address of the datagram embedded within the
frame. The switch compares this address with its routing table to determine where to forward that
datagram. Layer 3 switches use routing protocols, such as OSPF or RIP, to calculate routes and build
routing tables.
Although this process may appear identical to how a standalone router forwards datagrams, there are
physical differences between multilayer switches and standalone routers that dictate different uses.
Multilayer switches are designed for intrapremises communications only, for example. This is evident in
the types of I/O ports that they can be configured with. The vast majority of today's multilayer switches
only support LAN architectures, usually just Ethernet interfaces (10 and 100 Mbps versions).
This effectively limits the use of multilayer switches to just an intrapremises communications role. In
other words, it can only be used for LAN-to-LAN communications. "Routers and LANs," examines some
of the ways traditional standalone routers could be used to improve the efficiency of LANs. One
particular method is described as the collapsed backbone. In a collapsed backbone LAN, a router is used
to segment LANs to improve the performance of each, while simultaneously providing WAN access (if
needed). The multilayer switch has some interesting attributes that can be used to further improve
LAN-to-LAN communications, by using it to construct a modified form of the collapsed backbone LAN
topology. This is explained further in the next section.
Benefits and Uses of Multilayer Switches:
The multilayer switch is both faster and less expensive than a standalone router. These attributes make
multilayer switches an attractive way to supplement a premise-edge router. Its best use is as a front end
to an interior gateway router in a modified form of collapsed backbone LAN. illustrates this.
A multilayer switch reduces the workload of the interior gateway router.
This arrangement features the following division of responsibilities:
The hardware-based router is used as a gateway between the LAN and the internetwork beyond.
The less-expensive IP switch helps reduce the workload of that interior gateway router by
functioning as a collapsed backbone switch.
In this arrangement, the only datagrams that would be passed from the IP switch to the router would be
those addressed to destinations that lie beyond the local LAN. All communications between clients and
servers (which reside on separate LAN segments) would be spared the hop through the standalone router.
There are three main benefits to using this configuration:
The efficiency of the standalone router is greatly increased because its workload is limited to just
WAN access functions.
The cost per-port of LAN switches tends to be substantially less than the cost of a comparable
router port. Reducing the router's workload may also enable the use of a smaller, less-expensive
router.
The efficiency of LAN-to-LAN communication is also increased, because the multilayer switch
operates much faster than a traditional router in a collapsed backbone LAN.
After examining the benefits and limitations of multilayer switches, there can only be one conclusion:
They are a wonderful complement to a standalone router in very large LAN environments.
Next-Generation Routing
Communications protocols are always evolving; there seems to be no end to the variety of features and
functions that can be developed. Many of the most significant emerging communications protocols are
related to the IETF's "IP: The Next Generation" (IPng) project. IP Version 6 (IPv6) is designed to be a
simple, forward-compatible upgrade to the existing version of IP. This upgrade is also intended to
resolve all the weaknesses that IP Version 4 (IPv4) is currently manifesting. From the perspective of an
end user, these weaknesses include the following:
The inability to accommodate time-sensitive traffic (known as isochronous services)
The lack of network layer security, including both authentication and encryption services
IPv4 also suffers from other limitations that users might not appreciate. These include
The shortage of available IPv4 addresses
The limitations that its two-level address imposes on the global scalability of the Internet and other
large IP networks
For all of these reasons, the IETF launched a working group to develop the next generation IP: IPv6.
The Effects of IPv6:
When finally completed and supported in commercial products, IPv6 will have a profound effect on
internetworking. It will affect routers in four distinct ways:
Individual routing table entries will increase in size.
The overall size of routing tables will decrease due to the way routes are aggregated.
Next-generation routing protocols will emerge that can work with the new address architectures.
Routers will have to support many services that are not currently available at the network layer.
Many of these changes are either self-explanatory or have been adequately examined in the context of
their address architectures. The one exception is the myriad network-layer services that routers will soon
be supporting. These services fall predominantly into one of two categories: security or isochronous
services. The security protocols are embedded in a new suite of protocols known as IP Security (IPSec).
Isochronous protocols are a bit less well organized, and do not enjoy the architectural context of a
protocol suite such as IPSec. Nevertheless, the various emerging Voice over IP (VoIP) technologies will
benefit tremendously from IPv6's isochronous capabilities, including its capability to deliver a specific
quality of service (QoS).
IPSec:
The IETF has developed the IPSec architectural framework for securing transmissions over an IP
network. IPSec features network layer support for authentication of the originator, encryption of
transmitted data, and even protection of the header information of transmitted packets through a process
known as encapsulation. These services enable end-to-end security of data through an IP network.
Although this may not seem significant, remember that IP was designed to provide best-effort delivery of
data through a routed and connectionless network environment. Connectionless means that virtually
every packet could take a different route through the network. Therefore, the challenge was to develop a
series of mechanisms that would allow each router in an internetwork to support the end-to-end security
of the data in transit.
The solution developed by the IETF is known as a security association (SA). An SA is a logical, simplex
"path" between a source and a destination machine. This path is considered logical rather than physical
because it remains possible for each transmitted packet to take a different route through the network. The
SA itself is a relatively simple construct. It consists of a security parameter index (SPI), the security
protocol being used, and the destination IP address. This construct can be supported in both IPv4 and
IPv6. Its fields are added to the datagram after the IP header, but before the TCP or UDP header.
Placing these fields at the beginning of the IP datagram's payload is a relatively easy way of enabling
end-to-end protection of the IP data, despite its passage through an otherwise unsecured network. Equally
as important, this technique does not encumber the routers in the network. They can forward
IPSec-compliant datagrams just as they would any other IP datagram. Thus, they can contribute to the
end-to-end security of an IPSec-compliant session without having to do anything but forward datagrams!
This preserves their previous level of operational efficiency, while adding substantial network layer
security.
SAs can be used to support two IPSec security protocols: Authentication Header (AH) and Encapsulating
Security Payload (ESP). It is important to note that IPSec only permits one SA per service! Therefore, if
you want to perform both encapsulation and authentication, you would need two SAs. SAs, however, are
simplex in nature. That is, they only work in one direction. To illustrate this point, consider
illustrates a simplex authentication SA. The source machine is authenticated to the
destination machine, but any datagrams generated in response are not similarly authenticated. In other
words, the destination machine is assumed to be legitimate and no authentication is performed.
Assuming that the destination machine is legitimate can be a dangerous assumption. Providing
bidirectional authentication is just a matter of using two unidirectional authentication SAs:
One authenticates the source machine to the destination machine.
The other authenticates the destination machine to the source machine.
depicts this bidirectional authentication.
ESP headers work the same way. They are simplex, but can be paired to provide bidirectional
encapsulation. The important thing to remember is that multiple SAs are permitted, per connection.
Providing bidirectional authentication and bidirectional encapsulation on a connection would require the
definition of four SAs. This flexibility enables a network administrator to customize the degree of
security according to the users' needs.
Packet Tagging:
The second approach to recognizing the very different performance requirements of isochronous
applications is packet tagging. This approach is much simpler and inherently more efficient. Datagrams
created by isochronous applications are identified through new header fields made possible by extending
basic packet header formats. Routers in an internetwork recognize the significance of the field and treat
the datagrams accordingly.
These datagrams are forwarded in much the same way as datagrams from conventional applications, with
one exception. When the time-to-live (TTL) of an isochronous datagram expires, the datagram is just
dropped from the application's stream. Packet tagging improves the efficiency of an internetwork by
enabling routers to determine whether a datagram can be discarded. Demonstrating the potential degree
of the effectiveness of packet tagging requires a quick examination of routing time-sensitive datagrams
without this mechanism.
Without packet tagging, all the routers in an internetwork would be obligated to deliver the datagram to
its intended destination, regardless of how much time this took or how many retransmission attempts
were needed. Datagrams that arrived late, or out of sequence, would just be discarded by the recipient
despite the effort put into delivery by the network's routers. Tagging packets with a high time value
spares the routers this wasteful activity.
The drawback to this simple scheme is that packet tagging stops short of guaranteeing the level of
performance that might be needed by isochronous applications. Therefore, packet tagging must be
viewed as a compromise approach with an inherent bias toward the operational efficiency of an
internetwork, as opposed to being a true enabler of multimedia communications.
For some time now, the broadcast industry has been exploring, and to a certain extent implementing, network technologies. However, in the routing field, where network technologies appear to offer considerable potential, there are still significant ongoing issues surrounding the subject that require explanation and discussion. Traditionally, broadcast and professional media signals have been distributed around a facility by a matrix crosspoint switch. While historically these switches have been the most economic solution to handling demanding television applications, the reduction in cost of network bandwidths means that a network may become a viable alternative.
The crosspoint router
The traditional crosspoint router is a matrix of electronic switches that can connect combinations of inputs to outputs. Typically, an input signal can be switched to multiple outputs making the router distributive. Figure 1 represents a typical cross-point router with four inputs and four outputs; the crosses represent active switches connecting an input to an output. In many television applications, it is important to work with uncompressed video. This means that switching solutions have to handle bandwidths of 270Mb/s (SDI video, SMPTE 259M) for a single video feed. With the introduction of high-definition television, which is gaining ground throughout the world, these rates increase up to 1.5Gb/s (ref SMPTE 292M).
For clean video switches, the devices handling the video have to operate synchronously with the video, switching between sources in a non-visible part of the video signal. This requires switches to be accurately timed to at least 40ms in the case of standard definition.
A network solution A dictionary definition of a network is “a system of interconnected components or circuits” or in computing terms, a system that delivers a means of transferring data between devices. This is in essence what the crosspoint router is doing, so does a network offer us an alternative means of performing this task, and are there any benefits? Almost certainly there are no network topologies that follow the same cost and bandwidth curves shown in Figure 2. Therefore, intuitively there is a potential saving by better use of a system’s available bandwidth. The networks considered in this article all distribute information by switching packets of data over the network, thus avoiding the crosspoint router’s problem. However, the packetization and switching of individual packets requires data processing at the network nodes, which will introduce some form of delay within the network. What these delays might be and how they can be managed are key factors when considering real-time distribution of video. A network solution potentially offers additional benefits in two areas:
- Because a network distributes packets of data, this data can be coded representations of different signal formats allowing our switching infrastructure to support video, audio and other signals. With a crosspoint router, typically the electrical characteristics of different signal types have meant separate routers for each signal type.
- A crosspoint router is a single device, and all signals to be switched have to be wired directly to the router. Because a network is distributed, a network node can be located near a group of signals’ origin or destination, potentially saving large amounts of cabling in a video installation.
Modelling the crosspoint router on a network
The first area to be considered is how the functionality of a crosspoint router can be mapped onto a network. In this section, let’s assume that the network has sufficient bandwidth and insignificant delays. We will consider the network using the IP protocol as this is the dominant network protocol in use today.
Basic IP addressing allows us to send a packet of data to a destination defined by a familiar four field address, e.g. 192.168.0.1 defined in the packet header. When we consider the distributive nature of the crosspoint router, this point-to-point mechanism poses a problem. In a large installation, we may need to send the same source to many destinations. A system that transmitted a separate packet for each destination would require sufficient bandwidth and processing capabilities at the network input to cope with sending packets to as many destinations as required. When dealing with video this soon becomes unachievable, or at least very expensive. Input device bandwidth = 270Mb/s x number of outputs requiring video source
The multicast ability of IP offers a solution by allowing a network node to originate packets that can be sent to multiple destinations by the routers in the network. Multicast operates by a network source device originating packets with addresses in a reserved range (224.0.0.0 to 239.255.255.255). Network routers recognize these packets as a multicast and will forward them to all network devices that are members of the multicast. Membership of the multicast is initiated by a network node requesting membership via the Internet Group Management Protocol (IGMP); the network routers also use IGMP to communicate their requirement to receive (or not) multi-cast data.
IP over Ethernet
Ethernet has become the dominant network technology in the IT computing world, and its widespread adoption means that costs are continually falling. With Gigabit Ethernet, it also provides the bandwidth we require for handling video. Ethernet does not define any device-to-device timing or flow control mechanisms. Network devices transmit data packets asynchronously to one another. The delays between network nodes are a function of the network loading and the devices in the network, such as switches and hubs. Where network traffic exceeds the bandwidth of a network device and data is lost, Ethernet does not provide retry mechanisms.
The variable network latency and lack of guaranteed data delivery would seem to suggest that Ethernet cannot deliver the quality of service required for video distribution. However, solutions are provided by protocols higher in the Open Systems Interconnect (OSI) model, Ethernet defining layers one and two.
Examples include:
- The Transmission Control Protocol (TCP) provides acknowledge and retry mechanisms to ensure successful transmission of data.
- The Real-Time Transfer Protocol (RTP), a member of the IP protocol set, provides packet ordering information and timing information relating to the source data being carried in the packet. This can allow a solution to be engineered around the limitations of Ethernet.
ATM
Asynchronous Transfer Mode (ATM) is a network technology based on high-speed packet switching with inherent quality of service features such as bandwidth management. ATM uses a virtual circuit concept where quality of service parameters are negotiated when a connection between two network devices is established. Data is carried in small fixed length packets, or cells. The cell has a 5-byte header, containing the virtual circuit identification, and a 48-byte payload. The quality of service offered by ATM falls into four main categories:
- Constant bit rate (CBR) specifies a fixed bit rate so that data is sent in a steady stream. This is analogous to a leased line.
- Variable bit rate (VBR) provides a specified throughput capacity, but data is not sent evenly. This is a popular choice for voice and videoconferencing data.
- Unspecified bit rate (UBR) does not guarantee any throughput levels. This is used for applications, such as file transfer, that can tolerate delays.
- Available bit rate (ABR) provides a guaranteed minimum capacity but allows data to be bursted at higher capacities when the network is free.
Because ATM can emulate a point-to-point circuit capable of delivering CBRs it has been used extensively for wide area distribution of video as it supports the characteristics required to ensure continuous video transfer.
DTM
Dynamic Synchronous Transfer Mode (DTM) is a reletively recent technology specifically designed around the requirements of media applications. It provides guaranteed quality of service with low network latencies. DTM operates on a time division multiplexing principal where network bandwidth is divided into time slots.
Channels are provisioned between network nodes where a specified number of timeslots are allocated to a channel. By having a predetermined number of timeslots, the channel will be guaranteed a constant bandwidth, and the latency between network nodes will be constant. Another key feature of DTM is that it supports multicast, an additional benefit when looking at the application as covered previously in this article.
Conclusions
Networks are being used for the distribution of video, and there are technologies that can allow us to provide an equivalent solution to the crosspoint router for video with a network. Today, we are still at a point where crosspoint routers are significantly cheaper than a network equivalent, but already applications exist where a hybrid of the two approaches are being used. Typically, the network will provide connectivity over the wide area with crosspoint routers, providing local switching at the network nodes.
0 comments:
Post a Comment