MULTICASTING Network Security Introduction Unicasting One source & one destination Multicasting One source & group of destinations Multiple Unicasting One source send several packets each with different unicast destination address Broadcasting One source send packets to all the members of a network Network Security Applications of Multicasting Access to distributed database Information dissemination Dissemination of news Teleconferencing Distance Learning Network Security Multicast Addresses It is a destination address for a group of hosts that have joined a multicast group A packet sent to a multicast address must be delivered to each member of the group Addresses in class D of IPv4 are used for multicast communication Addresses in classes A, B, or C are mostly used for unicast communication Block assigned for multicasting is 224.0.0.0/4 i.e. total 232-4 = 228 host addresses Range is from 224.0.0.0 to 239.255.255.255 Network Security Physical Multicast Support Ethernet supports physical multicast addressing An Ethernet physical address (MAC address) is six octets (48 bits) long If the first 25 bits in an Ethernet address are 00000001 00000000 01011110 0, it is physical multicast address Remaining 23 bits can be used to define a group Network Security Conversion: IP multicast address to Ethernet address Extract the least significant 23 bits of a class D IP address and insert them into a multicast Ethernet physical address Ethernet multicast physical address ranges from 01:00:5E:00:00:00 to 01:00:5E:7F:FF:FF (01:00:5E:0 = 0000 0001 0000 0000 Network Security 0101 1110 0) Examples Change the multicast IP address 230.43.14.7 to an Ethernet multicast physical address. We write the LSB (rightmost) 23 bits of the IP address in hexadecimal: Change the rightmost 3 bytes to hexadecimal b) subtracting 8 from the leftmost digit if it is greater than or equal to 8 a) The result will be 2B:OE:07 Since leftmost digit i.e. 2 is not >= 8, so we skip the (b) part and add the result to the starting Ethernet multicast address, which is 01:00:5E:00:00:00 Answer is: 01:00:5E:2B:0E:07 Network Security More examples Change the multicast IP address 238.212.24.9 to an Ethernet multicast physical address. The LSB (rightmost) 3 bytes in hexadecimal is D4:18:09 We need to subtract 8 from the leftmost digit, resulting in 54:18:09 (D i.e. 13 > 8) We add the result to the Ethernet multicast starting address Answer is: 01:00:5E:54:18:09 Network Security Unicast Routing Protocols A routing table can be either static or dynamic A static table is one with manual entries A dynamic table is one that is updated automatically when there is a change somewhere in the internet A routing protocol is a combination of rules and procedures that lets routers in the internet inform each other of changes It allows routers to share whatever they know about the internet or their neighborhood Network Security Distance Vector Routing Each node maintains a vector (table) of minimum distances to every node the least-cost route between any two nodes is the route with minimum distance Routing Information Protocol (RIP) is based on distance vector routing Network Security Link State Routing each node in the domain has the entire topology of the domain i.e. list of nodes and links, how they are connected including type, cost (metric), and condition of links (up or down) the node use Dijkstra's algorithm to build a routing table each node has the routing table showing least-cost node to every other node Creation of the states of the links by each node (LSP) Dissemination of LSPs to every other router (flooding) Formation of a shortest path tree for each node Calculation of a routing table based on the shortest path tree OSPF protocol is based on link state routing Network Security Path vector routing similar to that of distance vector routing there is one node that acts on behalf of the entire system (speaker node) creates a routing table and advertises it to speaker nodes in the neighboring systems only speaker nodes in each system can communicate with each other Border Gateway Protocol (BGP) is based on path vector routing Network Security Multicast Routing Optimal Routing To define a shortest path tree to possible destinations The root of the tree is source, and leaves are the potential destinations Path from the root to each destination is the shortest path Unicast Routing Each router has its own shortest path tree (SPT) Each line of the routing table is a shortest path Network Security Multicast Routing contd… Multicast Routing A multicast packet may have destinations in more than one network If we have n groups, we may need n shortest path trees Each involved router needs to construct a shortest path tree for each group Two approaches: Source-based trees (SBT) and Group-shared trees (GST) Network Security Source-based tree approach Each router needs to have one shortest path tree for each group The shortest path tree for a group defines the next hop for each network that has loyal member(s) for that group If the number of groups is m, each router needs to have m shortest path trees, one for each group Network Security Group-shared tree approach There is only one designated router, called the center core, or rendezvous router The core has m shortest path trees in its routing table. The rest of the routers in the domain have none. Network Security Multicast Routing Protocols Network Security Multicast Link State Routing It uses the source-based tree approach A direct extension of unicast routing Each router creates a shortest path tree by using Dijkstra's algorithm A node advertises every group which has any loyal member on the link. It needs to revise the interpretation of state (i.e. what groups are active on the link) The information about the group comes from IGMP running on each router When a router receives all the LSPs (Link State Packets), it creates n topologies from which n shortest path trees are made by using Dijkstra's algorithm The only problem with this protocol is the time and space needed to create and save the many shortest path trees :- The solution is to create the trees only when needed. Network Security Multicast Open Shortest path First: MOSPF An extension of the OSPF protocol that uses multicast link state routing to create source-based trees Network Security Multicast Distance Vector Routing (MDVR) Multicast routing does not allow a router to send its routing table 1. to its neighbors Tables are created from scratch by using the information from the unicast distance vector tables MDVR uses source-based trees, but the router never actually makes a routing table It uses a process based on four decision-making strategies Flooding: A router receives a packet and, without even looking at the destination group address, sends it out from every interlace except the one from which it was received Every network with active members receives the packet This is a broadcast, not a multicast Also it creates loops; The next strategy, reverse path forwarding, corrects this defect Network Security MDVR contd… 2. Reverse Path Forwarding (RPF): To prevent loops, only one copy is forwarded; the other copies are dropped. A router forwards only the copy that has traveled the shortest path from the source to the router To find this copy, RPF uses unicast routing table This strategy prevents loops because there is always one shortest path from the source to the router Network Security MDVR contd… RPF does not guarantee that each network receives only one copy as it is not based on the destination address (a group address); forwarding is based on the source address To eliminate duplication, we must define only one designated parent router for each network. Reverse Path Broadcasting (RPB): It guarantees that the packet reaches every network and that every network receives only one copy Network Security MDVR contd… RPB does not multicast the packet, it broadcasts it. That’s not efficient. The multicast packet must reach only those networks that have active members for that particular group. This is RPM. 4. Reverse Path Multicasting (RPM): To convert broadcasting to multicasting, the protocol uses two procedures, pruning and grafting. Network Security Distance Vector Multicast Routing Protocol: DVMRP It is an implementation of multicast distance vector routing. It is a source-based routing protocol, based on RIP. Network Security Core-Based Tree (CBT) A group-shared protocol The autonomous system is divided into regions, and a core (center router or rendezvous router) is chosen for each region. Formation of the Tree: After the rendezvous point is selected, every router is informed of the unicast address of the selected router. Each router then sends a unicast join message After receiving all join messages from every member of the group, a tree is formed Network Security CBT contd… Sending Multicast Packets: After formation of the tree, any source can send a multicast packet to all members of the group It simply sends the packet to the rendezvous router Network Security Protocol Independent Multicast (PIM) Two independent multicast routing protocols: Protocol Independent Multicast, Dense Mode (PIM-DM) and Protocol Independent Multicast, Sparse Mode (PIM-SM) Both protocols are unicast protocol- dependent PIM-DM is used when there is a possibility that each router is involved in multicasting (dense mode such as a LAN) A source-based tree routing protocol that uses RPF and pruning and grafting strategies for multicasting It assumes that the autonomous system is using a unicast protocol (RIP or OSPF) and each router has a table PIM-SM is used when there is a slight possibility that each router is involved in multicasting (sparse mode - WAN) A group-shared tree routing protocol It can switch from a GST strategy to a SBT strategy when necessary Network Security Things to do RIP, OSPF, BGP IGMP MBONE MSDP Network Security