\section{Background}
+First a look at what Data Link Layer protocols do and where they sit in the network stack, and secondly a look at simulation techniques.
+
\subsection{Protocol Stack}
When implementing a computer network architecture, it is advantageous to separate the different functions into different protocol layers, with each layer providing services the layer above, and requiring services from the layers below. By performing this separation, we can divide up the complexity required to be implemented. This is done by each layer providing an abstraction for the layer above and below. This allows each layer to concentrate on only providing a small amount of functionality. This technique also allows the system to be modular, and allows us to select different protocols to perform different tasks for different applications on different architectures.
The top layer of the protocol stack in the Internet Protocol Suite model and the top three layers in the OSI Reference Model, Application, Presentation and Session, can be considered as a singular discrete layer, the application layer. These provide user level services situated on end hosts. Examples include HTTP \cite{rfc2616} and DNS \cite{rfc1035}. These provide for the transmission of material in the form of hypertext documents and other media and a distributed directory of names and addresses.
-\subsection{Ethernet}
-
-% TODO: queueing needs mentioning
-
-Ethernet is the most widely deployed and used Local Area Networking - LAN - technology currently in the market. While the physical layer of the standard has undergone a number of iterations, the data link layer protocol has remained largely stagnant due to the lack of motivation and a desire for interoperability with current equipment.
-
-Ethernet was first described in a memo on May 22, 1973 at Xerox PARC by Bob Metcalfe \cite{ethernet} who designed it to interconnect workstations and printers in a modern computer network \cite[p.~125]{spurgeon}. It was to be a shared medium network based on the previous work by the University of Hawaii in the late 1960's with the Aloha protocol \cite{abramson}. Ethernet used the CSMA - Carrier Sense Multiple Access - designed for ALOHA for and added Collision Detection, to create a cable connected shared medium network. This allowed the original Ethernet networks to be a single shared medium network where all the computers were connected together using a series of cables. Every computer on the network would receive all the packets and, based on the header, the Ethernet interface would inform the system when a packet arrived which was for the host in question.
-
-This relied on each computer having a unique address to which it could be sent packets, which the controller would listen out for. This was also the only required property - the address did not need to be transferable, it did not need to describe any information about the owner and it did not need to contain routing information. In order to provide this guarantee, Ethernet controllers were allocated a 48 bit long address. The first three bytes, 24 bits, consist of one bit which determines whether the packet is multicast / broadcast or unicast, one bit which determines whether the address is locally administered or universally administered, and then the remaining 22 bits, which in the case of unicast, universally administered addresses, are used to designate a manufacturer, and are assigned by the IEEE.The last three bytes are assigned by the manufacturer, with the manufacturer guaranteeing that the address is unique, with additional block of of addresses allocated when a manufacturer had run out. Each manufactuer gives each interface a unique address by incrementally assigning the addresses within each block.
-
-As network traffic increased, and more computers were added to local area networks, the reality of all computers sharing a single shared media with which any packet would collide with other traffic became impractical. This was exacerbated by computers being located far away from each other, descreasing the utility of Carrier Sense, increasing the likelihood of collision, which is followed by a process where each host backed off before trying again, thus decreasing utilisation of the network.
-
-The solution to this was to split the single collision domain into a set of different domains which would be joined together using network bridges to form a single broadcast domain \cite{ieee802-1d}. The bridge, or switch as it is also known due to the manner in which it operates, filters traffic between the different collision domains, only sending traffic where it is required. As the number of hosts on the network, and the speed of network traffic increased, more and more collision domains were created. Modern Ethernet networks are entirely switched networks with each host having a full duplex point to point link to the local switch, and each switch being connected directly to other switches, to form a network topology.
-
-The next problem was that as networks became more vital to the operation of a business, it became desirable to have redundant links, so that when a link failed, traffic could be diverted. In order to allow this the switches were often arranged in a way that formed topological loops. However, the Ethernet protocol relies on traffic being sent to a tree, and not a graph with cycles in it, in order to prevent broadcast traffic from cycling the network endlessly using up all the available bandwidth. In order to solve this Ethernet uses a spanning tree protocol in order to convert the graph of switches into a tree. This tree is not guaranteed to be a minimum spanning tree, instead it is guaranteed that all switches have the shortest possible path to a root bridge, which may be specified by the network administrator.s. The current iteration of this protocol is the Rapid Spanning Tree Protocol, RSTP, which changes the state of links until that condition is met. In practical terms this means that redundant links which could be used to increase the available network bandwidth are instead disabled. Should the state of the network change, they will be re-enabled to allow the network to continue to operate.
-
-\subsubsection{Limitations}
-
-% TODO: Additional limitations
-
-As Ethernet addresses contain no routing information, unlike IP addresses in which parts of the network space are delegated to segments of the network, it is impossible in a practical scenario to perform any form of address aggregation. This means in order for network switches to switch traffic between different network segments it has to contain a lookup between each address and the port to send the data. Due to the high speed at which modern network links operate, this has to be done quickly. Depending on the switch, this might be done using Content Addressable Memory, CAM, \cite{cam} which provides $O(1)$ lookup time for unsorted data, however is very expensive in large blocks and consumes considerable amounts of power. Alternatively it can be done using a lookup table, which while cheaper, provides worse performance as the number of entries grows. Since the time spent processing a frame is critical, this limits the feasible size of the state table. This means that modern Ethernet switches have a practical state table size maximum of between 8000 and 32000 hosts \cite{switchds}.
-
-Current trends in data centres, with large numbers of machines in a dense configuration \cite{facebook}, with each machine able to contain multiple hosts via virtualisation software such as Xen \cite{xen}, giving each host a virtual Ethernet controller causes this limit to be exceeded \cite{moose1}. As such, the number of hosts on the network will exceed the size of state table. This will cause any host's whose state can not be stored in the switch to have their frames entering the switch being flooding the frame on every port. As such the overall traffic on the network will increase, decreasing the utilisation and increasing the delay per packet.
-
-Another limitation is that when the spanning tree protocol converts the network to a tree from the inital graph topology, it disables the number of available links. By doing this, it reduces the available network bandwidth. With a better routing protocol, these links could be put to use to decrease the shortest path between two hosts, as well as being used for multipath routing.
-
-\subsection{MOOSE}
-
-% TODO: Make this section clearer. Add graphic
-
-MOOSE - Multi-level Origin-Organised Scalable Ethernet - is a proposed improvement on the Ethernet protocol design to be backwards compatible with the large number of ethernet controllers currently in the market place. MOOSE requires only the replacement of switches in the target network, or in some cases simply installing the MOOSE code on the existing switches.
-
-MOOSE performs in place rewriting of Ethernet datagrams on the switch in order to provide the aggregation of addresses on a per switch basis. By providing for routing information within the address, the MOOSE switch allows for traffic to be routed between MOOSE switches, allowing for better utilisation of network links.
-
-This alleviates the problems associated with the deployment of RSTP, and also allows smaller state tables as each switch only needs to know about the hosts directly attached to it and the other switches, resulting in a significantly lower size of state table.
-
-MOOSE addresses are assigned by using the locally administered portion of the Ethernet address space. By using this section of the address space, none of the addresses will conflict with any manufactured assigned addresses, which are set as universly administered. Each address is also marked as a unicast address.
-
-The MOOSE address is then constructed in two separate parts. The first is the switch identifier, which is the switch to which the host is directly attached. The second part is the host identifier. This gives MOOSE addresses a hierarchical nature, allowing routing based on the identifier, as well as allowing aggregation of host addresses under one switch.
-
-Each host is assigned a single host identifier, and when the switch recieves traffic from the host, it rewrites the source address to contain the MOOSE address of the host. For example, when a host is attached to a switch with a MOOSE address of 02:00:01:00:00:00, it will be assigned a MOOSE address sch as 02:00:01:00:00:01 and any traffic it sends will be rewritten to this address. When traffic is recieved by the switch at this address, it will be rewritten back to the hosts' MAC address and sent to the host. If another host is attached, it will be assigned 02:00:01:00:00:02 and so forth. A host attached to a different switch on the same subnet, might be assigned to 02:00:02:00:00:00.
-
-In the state table, a MOOSE switch contains a mapping between host identifiers and MAC addresses and ports, and a separate state table mapping between switch identifiers and ports. By aggregating all of a switch's hosts under a single entry in the state table, a vast reduction in size is achieved.
-
-When a packet enters the switch, if it contains a normal Ethernet address, it is rewritten to a MOOSE address and this mapping is stored in the table. It is then directed using the host identifier for local traffic, that is hosts directly attached to the switch, and the switch identifier for remote traffic, i.e. traffic where the host is attached to a different MOOSE switch.
-
-\subsection{Simulation}
-
-Network simulation is a evolving area of research, with many different simulators and simulation techniques being used. It is rapidly becoming the most popular way of performing large scale network research for both local area networks, and the wider internet due to the low cost and speed of iteration of different tests that it allows. When testing networks of significant scale, the approach commonly taken is to verify it works on a small testbed, before scaling up under simulatuion.
-
-There are a number of different approaches to simulating a computer network architecture. The first is discrete event simulation. Here a simulator is primed with a topology and a number of event sources. These event sources fire events, which are executed in turn, which may then fire other events. The events are stored in a priority queue. Each event is executed according to it's time, with a global variable containing the current time of the simulation being advanced upon the executing of each event. This is continued until either there are no more events left in the queue, or some predefined time has passed. This simulation technique has the advantage that areas in which nothing of interest are passed over quickly, while events which are notable are where the majority of the computation is spent.
-
-Other types of network simulation include markov chain simulations which are useful for modelling queueing systems. These depend on systems with little state that can be modelled by a stochastic process. This isn't the case for packet simulation, where there is a large amount of state and no overall defined equation across the entire simulation.
-
-A further type of simulation is continuous simulation where the timestep is incremented, and events ocurring between the two states are modelled. This works well for physical phonomena, such as radio waves or propogation of signals in wires where the situation is continually evolving. However, they spend the same processing power on all periods of time during the simulation, whether the period is one of high activity or low activity. Also, in order to get a good representation of the underlying phonemena, you have to use very small time increments which gives a high simulation cost.
-
\section{Context}
The most important work in this area is set out by Scott et al \cite{moose1} which sets out the ideas behind MOOSE which this paper aims to test under simulation. A prototype NetFPGA implementation also exists by Wagner-Hall et al \cite{moose2} which outlines a practical implementation of MOOSE is described.
\section{Learning}
-%\subsection{Data Link Layer}
+\subsection{Data Link Layer}
+
+The first part of the background material is to look at the two different Data Link Layer protocols under evaluation, Ethernet and MOOSE.
+
+\subsection{Ethernet}
+
+Ethernet is the most widely deployed and used Local Area Networking - LAN - technology currently in the market. While the physical layer of the standard has undergone a number of iterations, the data link layer protocol has remained largely stagnant due to the lack of motivation and a desire for interoperability with current equipment.
+
+Ethernet was first described in a memo on May 22, 1973 at Xerox PARC by Bob Metcalfe \cite{ethernet} who designed it to interconnect workstations and printers in a modern computer network \cite[p.~125]{spurgeon}. It was to be a shared medium network based on the previous work by the University of Hawaii in the late 1960's with the Aloha protocol \cite{abramson}. Ethernet used the CSMA - Carrier Sense Multiple Access - designed for ALOHA for and added Collision Detection, to create a cable connected shared medium network. This allowed the original Ethernet networks to be a single shared medium network where all the computers were connected together using a series of cables. Every computer on the network would receive all the packets and, based on the header, the Ethernet interface would inform the system when a packet arrived which was for the host in question.
+
+This relied on each computer having a unique address to which it could be sent packets, which the controller would listen out for. This was also the only required property - the address did not need to be transferable, it did not need to describe any information about the owner and it did not need to contain routing information. In order to provide this guarantee, Ethernet controllers were allocated a 48 bit long address. The first three bytes, 24 bits, consist of one bit which determines whether the packet is multicast / broadcast or unicast, one bit which determines whether the address is locally administered or universally administered, and then the remaining 22 bits, which in the case of unicast, universally administered addresses, are used to designate a manufacturer, and are assigned by the IEEE.The last three bytes are assigned by the manufacturer, with the manufacturer guaranteeing that the address is unique, with additional block of of addresses allocated when a manufacturer had run out. Each manufactuer gives each interface a unique address by incrementally assigning the addresses within each block.
+
+As network traffic increased, and more computers were added to local area networks, the reality of all computers sharing a single shared media with which any packet would collide with other traffic became impractical. This was exacerbated by computers being located far away from each other, descreasing the utility of Carrier Sense, increasing the likelihood of collision, which is followed by a process where each host backed off before trying again, thus decreasing utilisation of the network.
+
+The solution to this was to split the single collision domain into a set of different domains which would be joined together using network bridges to form a single broadcast domain \cite{ieee802-1d}. The bridge, or switch as it is also known due to the manner in which it operates, filters traffic between the different collision domains, only sending traffic where it is required. As the number of hosts on the network, and the speed of network traffic increased, more and more collision domains were created. Modern Ethernet networks are entirely switched networks with each host having a full duplex point to point link to the local switch, and each switch being connected directly to other switches, to form a network topology.
+
+The next problem was that as networks became more vital to the operation of a business, it became desirable to have redundant links, so that when a link failed, traffic could be diverted. In order to allow this the switches were often arranged in a way that formed topological loops. However, the Ethernet protocol relies on traffic being sent to a tree, and not a graph with cycles in it, in order to prevent broadcast traffic from cycling the network endlessly using up all the available bandwidth. In order to solve this Ethernet uses a spanning tree protocol in order to convert the graph of switches into a tree. This tree is not guaranteed to be a minimum spanning tree, instead it is guaranteed that all switches have the shortest possible path to a root bridge, which may be specified by the network administrator.s. The current iteration of this protocol is the Rapid Spanning Tree Protocol, RSTP, which changes the state of links until that condition is met. In practical terms this means that redundant links which could be used to increase the available network bandwidth are instead disabled. Should the state of the network change, they will be re-enabled to allow the network to continue to operate.
+
+\subsubsection{Bridge Implementation}
+
+Modern Ethernet bridges work using a filtering technique based on learned data, alongside the Rapid Spanning Tree Protocol implementation. The RSTP implementation disables ports to form a loopless network.
+
+When the bridge receives an Ethernet frame, it looks at the source address and learns the combination of the source and the port in came in on. It then looks up the destination address and if it finds a match, it will send it out on that port. However, if it fails to find a match it will flood the data on all ports, except the one it came in on.
+
+Should the state table become full, it will be forced to drop an entry from the state table in order to store the new one. This will mean that when a new packet comes from that destination, it will be flooded.
+
+In any Ethernet network, all destinations appear in all the state tables. This is because the first copy of a frame to a bridge will be flooded, meaning that all switches will get a copy of the frame.
+
+\subsubsection{Limitations}
+
+% TODO: Additional limitations
+
+As Ethernet addresses contain no routing information, unlike IP addresses in which parts of the network space are delegated to segments of the network, it is impossible in a practical scenario to perform any form of address aggregation. This means in order for network switches to switch traffic between different network segments it has to contain a lookup between each address and the port to send the data. Due to the high speed at which modern network links operate, this has to be done quickly. Depending on the switch, this might be done using Content Addressable Memory, CAM, \cite{cam} which provides $O(1)$ lookup time for unsorted data, however is very expensive in large blocks and consumes considerable amounts of power. Alternatively it can be done using a lookup table, which while cheaper, provides worse performance as the number of entries grows. Since the time spent processing a frame is critical, this limits the feasible size of the state table. This means that modern Ethernet switches have a practical state table size maximum of between 8000 and 32000 hosts \cite{switchds}.
+
+Current trends in data centres, with large numbers of machines in a dense configuration \cite{facebook}, with each machine able to contain multiple hosts via virtualisation software such as Xen \cite{xen}, giving each host a virtual Ethernet controller causes this limit to be exceeded \cite{moose1}. As such, the number of hosts on the network will exceed the size of state table. This will cause any host's whose state can not be stored in the switch to have their frames entering the switch being flooding the frame on every port. As such the overall traffic on the network will increase, decreasing the utilisation and increasing the delay per packet.
+
+Another limitation is that when the spanning tree protocol converts the network to a tree from the inital graph topology, it disables the number of available links. By doing this, it reduces the available network bandwidth. With a better routing protocol, these links could be put to use to decrease the shortest path between two hosts, as well as being used for multipath routing.
+
+\subsection{MOOSE}
+
+% TODO: Make this section clearer. Add graphic
+
+MOOSE, Multi-level Origin-Organised Scalable Ethernet, is a proposed improvement on the Ethernet protocol that is designed to be backwards compatible with the large number of ethernet controllers currently in the market place. MOOSE can be implemented in a network by replacing the code operating the bridges. This can either be done by replacing the bridges with a MOOSE bridge, or by installing the MOOSE code on the existing bridges, if they are capable.
+
+MOOSE performs in place rewriting of Ethernet datagrams on the switch in order to provide the aggregation of addresses on a per switch basis. By providing for routing information within the address, the MOOSE switch allows for traffic to be routed between MOOSE switches, allowing for better utilisation of network links.
+
+This alleviates the problems associated with the deployment of RSTP, and also allows smaller state tables as each switch only needs to know about the hosts directly attached to it and the other switches, resulting in a significantly lower size of state table.
+
+MOOSE addresses are assigned by using the locally administered portion of the Ethernet address space. By using this section of the address space, none of the addresses will conflict with any manufactured assigned addresses, which are set as universly administered. Each address is also marked as a unicast address.
+
+The MOOSE address is then constructed in two separate parts. The first is the switch identifier, which is the switch to which the host is directly attached. The second part is the host identifier. This gives MOOSE addresses a hierarchical nature, allowing routing based on the identifier, as well as allowing aggregation of host addresses under one switch.
+
+Each host is assigned a single host identifier, and when the switch recieves traffic from the host, it rewrites the source address to contain the MOOSE address of the host. For example, when a host is attached to a switch with a MOOSE address of 02:00:01:00:00:00, it will be assigned a MOOSE address sch as 02:00:01:00:00:01 and any traffic it sends will be rewritten to this address. When traffic is recieved by the switch at this address, it will be rewritten back to the hosts' MAC address and sent to the host. If another host is attached, it will be assigned 02:00:01:00:00:02 and so forth. A host attached to a different switch on the same subnet, might be assigned to 02:00:02:00:00:00.
+
+In the state table, a MOOSE switch contains a mapping between host identifiers and MAC addresses and ports, and a separate state table mapping between switch identifiers and ports. By aggregating all of a switch's hosts under a single entry in the state table, a vast reduction in size is achieved.
+
+When a packet enters the switch, if it contains a normal Ethernet address, it is rewritten to a MOOSE address and this mapping is stored in the table. It is then directed using the host identifier for local traffic, that is hosts directly attached to the switch, and the switch identifier for remote traffic, i.e. traffic where the host is attached to a different MOOSE switch.
+
+\subsection{Simulation}
+
+Network simulation is a evolving area of research, with many different simulators and simulation techniques being used. It is rapidly becoming the most popular way of performing large scale network research for both local area networks, and the wider internet due to the low cost and speed of iteration of different tests that it allows. When testing networks of significant scale, the approach commonly taken is to verify it works on a small testbed, before scaling up under simulatuion.
+
+There are a number of different approaches to simulating a computer network architecture. The first is discrete event simulation. Here a simulator is primed with a topology and a number of event sources. These event sources fire events, which are executed in turn, which may then fire other events. The events are stored in a priority queue. Each event is executed according to it's time, with a global variable containing the current time of the simulation being advanced upon the executing of each event. This is continued until either there are no more events left in the queue, or some predefined time has passed. This simulation technique has the advantage that areas in which nothing of interest are passed over quickly, while events which are notable are where the majority of the computation is spent.
+
+Other types of network simulation include markov chain simulations which are useful for modelling queueing systems. These depend on systems with little state that can be modelled by a stochastic process. This isn't the case for packet simulation, where there is a large amount of state and no overall defined equation across the entire simulation.
+
+A further type of simulation is continuous simulation where the timestep is incremented, and events ocurring between the two states are modelled. This works well for physical phonomena, such as radio waves or propogation of signals in wires where the situation is continually evolving. However, they spend the same processing power on all periods of time during the simulation, whether the period is one of high activity or low activity. Also, in order to get a good representation of the underlying phonemena, you have to use very small time increments which gives a high simulation cost.
\subsection{Simulation}
projects / ii-diss.git / commitdiff