[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GGF-NMWG: "Hop" definition?

To: nm-wg@gridforum.org
Subject: Re: GGF-NMWG: "Hop" definition?
From: Martin Stoufer <mcstoufer@lbl.gov>
Date: Thu, 29 May 2003 08:47:48 -0700
In-reply-to: <3ED624B7.6070501@lbl.gov>
Organization: Lawrence Berkeley National Lab
References: <E8FD6691049F5A4795B0A45AFC1A18091B70F9@phys-m1.physics.lsa.umich.edu> <3ED624B7.6070501@lbl.gov>
Sender: owner-nm-wg@gridforum.org
User-agent: Opera7.11/Linux M2 build 406

I'm assuming the last path1 should be path3.

This tree is makes perfect sense. However, we have made the assumption here that we have prior knowledge of the complete topology. I do not think this assumption applies to the general case.

I confered with our VPN guru this morning and he reaffirmed my hunch that any VPN hardware and intermediate devices along the 'top' path will be completely opaque to layer 3 tools. Furthermore, if they are correctly configured (for security reasons) they will also mask off their internal interfaces (the ports going toward the center of the path) and cause the interim devices to become opaque to layer 2 tools as well.

<borderline off topic>
I doubt any SA our network engineer would willingly give up info of the VPNs they have in place. Again, for security reasons.
</>

We could beat this horse ad naseum, so I will stop here and work at the implementation Dan has proposed.

-Martin

On Thu, 29 May 2003 08:18:15 -0700, Dan Gunter <dkgunter@lbl.gov> wrote:

Hi,

I would like to add to the "path" definition that a path may contain 1 or more hops (new part:) or paths. This allows the model to express hierarchy, e.g. to show that a layer N path is divided into some layer N- 1 paths, each of which is divided into layer N-2 hops.

This doesn't change the definition of "hop" at all.

For your hypothetical path:

<HOST>----<SWITCH>----<VPN>-----<ROUTER>-----<ROUTER>----<VNP>--- <SWITCH>----<HOST>

If you look at just layer 2 or layer 3, the representation stays the same. If you want to look at both layers together, you just do this:

path0 = ( path1=Host->Router, path2=Router->Router, path3=Router->Host )
path1 = ( hop1=Host->Switch, hop2=Switch->VPN, hop3=VPN->Router )
path2 = ( hop1=Router->Router )
path1 = ( hop1=Router->VPN, hop2=VPN->Switch, hop3=Switch->Host )

Simply put, this forms a tree where internal nodes are "paths" and leaves are "hops".

- Dan

p.s. an implementation might avoid this distinction entirely and just store (src,dst,subpath-list) tuples.

McKee, Shawn wrote:

Hi Everyone,

I was requested to try to write-up a broadly applicable definition of
"hop", differentiating it from "path" and "link".

"path:" A ordered set of 1 or more "hops" in a given measurement
context.  For example, the ordered list of IP addresses from traceroute
between two IP end nodes defines a path in a layer-3 context.   Note it
is possible to have the "path" = "hop" if the two IP end nodes are
directly connected routers.

"link:" A direct layer-2 connection between layer-2 devices.  As an
example, the ports and cable connecting two switches, A and B,
represents a "link".  Note that a "link" could be subdivided further at
layer-1 via repeaters or media converters (100Base-FX to 100Base-TX)

"hop:" The indivisible component which makes up a "path" in a given
measurement context.  For eaxmple, a layer-3 measurement (traceroute) of
the path between two nodes is a set of layer-3 "hops".  Note that this
doesn't preclude a layer-3 "hop" from being further subdivided IN A
DIFFERENT CONTEXT.  A trivial example is the new set of "hops" ("link"s
in this case) which may exist at layer-2 for a SINGLE layer-3 "hop".  A
tricker example is a tool which is sensitive to non-router "layer-3"
devices (NAT, VPN, etc.), as shown below.

It would be useful to discuss how this definition of "hop" would work in
the VPN case (or NAT, etc.)

This represents the physical "path" between two hosts:
<HOST>----<SWITCH>----<VPN>-----<ROUTER>-----<ROUTER>----<VNP>---<SWITCH

----<HOST>


What are the "hops"?  This is, of course, context dependent:

At layer 2 we have 7 hops:
--------------------------------"path1"---------------------------------
--
<HOST>----<SWITCH>----<VPN>-----<ROUTER>-----<ROUTER>----<VNP>---<SWITCH

----<HOST>

"hop1"     "hop2"    "hop3"       "hop4"       "hop5"  "hop6"
"hop7"


At layer 3 we have 3 hops:
--------------------------------"path2"---------------------------------
--
<HOST>----<SWITCH>----<VPN>-----<ROUTER>-----<ROUTER>----<VNP>---<SWITCH

----<HOST>

------------"hop1"------------  ---"hop2"----
-----------"hop3"----------

If we have some layer 3 application, senstive to the VPN devices we have
5 hops:
--------------------------------"path3"---------------------------------
--
<HOST>----<SWITCH>----<VPN>-----<ROUTER>-----<ROUTER>----<VNP>---<SWITCH

----<HOST>

-------"hop1"------ --"hop2"--  ---"hop3"--- --"hop4"--
-------"hop5"------

Thus, "hop", and therefore "path", is well defined ONLY for a given
context.  We have avoided the layer-1 possibilities for "hops", like
repeaters and media converters, but those could utilize the same
definition.

Please comment!

Shawn



--
* Martin C. Stoufer              *
* DIDC/DSD/ITG                   *
* Lawrence Berkeley National Lab *
* MS 50B-2215 510-486-8662       *

References:
- GGF-NMWG: "Hop" definition?
  - From: "McKee, Shawn" <smckee@umich.edu>
- Re: GGF-NMWG: "Hop" definition?
  - From: Dan Gunter <dkgunter@lbl.gov>

Prev by Date: Re: GGF-NMWG: "Hop" definition?
Next by Date: RE: GGF-NMWG: "Hop" definition?
Previous by thread: Re: GGF-NMWG: "Hop" definition?
Next by thread: RE: GGF-NMWG: "Hop" definition?
Index(es):
- Date
- Thread