Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
[Approaching NE(10)] A Pa...

[Approaching NE(10)] A Packet‘s Adventures on Huawei Routers - IP Unicast Forwar Highlighted

Latest reply: Sep 16, 2021 16:47:10 4686 15 6 0 0
View the author 1#

The previous chapters describe how a packet is processed on the forwarding plane. In performing this action, the forwarding process is the most important process and varies with the service. The forwarding processes of different services will be detailed in the following chapters. This chapter describes IPv4 and IPv6 unicast forwarding processes.

IPv4 Unicast Forwarding

Getting Started with IPv4 Unicast Forwarding

Firstly, let's review the IP unicast forwarding process using Ethernet frames as an example.

The following figure shows a simple IP forwarding scenario. PC-A in LAN 1 sends an IP packet to PC-B in LAN 2 through a router. This router is the gateway of PC-A.

[Approaching NE(10)] A Packet‘s Adventures on Huawei Routers - IP Unicast Forwar-1234929-1

The destination IP address of the packet is the IP address of PC-B, the source IP address is the IP address of PC-A, the destination MAC address is the MAC address of port 1 on the router, and the source MAC address is the MAC address of PC-A.

[Approaching NE(10)] A Packet‘s Adventures on Huawei Routers - IP Unicast Forwar-1234929-2

Forwarding process on the router:

  1. Upon receipt of the packet, the router parses it because the destination MAC address is the MAC address of Port 1. If the destination MAC is not a local MAC address, the router directly performs Layer 2 forwarding without parsing the packet.
  2. Finding that the protocol carried in the packet is IPv4 (the value of eth_type being 0x800), the router performs IPv4 forwarding accordingly.
  3. The router searches the IP forwarding table (FIB). Knowing that the packet is not destined for itself and that the outbound interface is Port 2, the router does not parse the rest content in the IP header.
  4. The router changes the destination MAC address to the MAC address of PC-B, and the source MAC address to the MAC address of Port 2, and forwards the packet through Port 2.

IPv4 Forwarding Process on the Router

The following figure shows the complete IPv4 forwarding process. In the process, we should pay attention to FIB-based forwarding and encapsulation info obtaining.

[Approaching NE(10)] A Packet‘s Adventures on Huawei Routers - IP Unicast Forwar-1234929-3

FIB-based forwarding:

[Approaching NE(10)] A Packet‘s Adventures on Huawei Routers - IP Unicast Forwar-1234929-4

  1. Checks whether the destination MAC address is a local MAC address. If not, the router performs L2 forwarding. If so, the router proceeds to the next step.

  2. Checks whether the protocol type of the packet is IPv4.

    For example, in the case of an Ethernet frame, the router checks whether the value of eth_type is 0x800. If not, the router performs the corresponding forwarding process. If so, the router proceeds to the next step.

  3. Checks whether the packet length, IP address, and checksum are correct. If not, the router discards the packet. If so, the router proceeds to the next step.
  4. Checks whether the destination IP address is a unicast IP address. If not, the router performs the corresponding forwarding process. If so, the router proceeds to the next step.

  5. Searches the FIB for the next-hop IP address and outbound interface corresponding to the destination IP address. In the case of a public packet, the router searches the public FIB. In the case of a VPN packet, the router searches the FIB of the corresponding VPN.

    FIB:

    Destination/Mask  Nexthop    Flag  TimeStamp  Interface            TunnelID
10.2.5.0/24       10.2.5.5    U     t[5847]   GigabitEthernet1/0/0     0x0
10.2.5.5/32       127.0.0.1   HU    t[5847]   InLoop0                  0x0

    • If equal-cost routes are available for load balancing, they are all displayed in the FIB. The router uses the load balancing hash algorithm to select one from them. For details about load balancing, see Special Topic - Load Balancing.

    • If fast reroute (FRR) is enabled, the router selects the primary or backup route based on the status of the outbound interface. If the interface is Up, it selects the primary route. Otherwise, it selects the backup route.
    • If the outbound interface is a trunk interface, the router uses the trunk load balancing hash algorithm to select one trunk member interface as the outbound interface.

  6. If unicast reverse path forwarding (URPF) check is enabled, the router searches the FIB based on the source IP address. In the case of loose URPF check, a packet passes the check as long as the outbound interface is a physical interface. Specifically, the outbound interface cannot be the CPU or a Null, TE, or IPv4 tunnel interface. In the case of strict URPF check, the router searches the FIB based on the inbound interface and source IP address of each packet. If a corresponding route exists in the FIB and the inbound interface of the packet is the outbound interface of the route, the packet passes the check; otherwise, the router discards the packet. If the inbound interface is a VLAN sub-interface, the outbound interface must be the inbound interface, and the two interfaces must have the same VLAN ID.

     NOTE:

    In most cases, after a router receives a packet, it searches for a route based on the destination IP address of the packet. If a route is available, the router forwards the packet accordingly. If no route is available, the router discards the packet.

    If URPF check is enabled, the router obtains the source address and inbound interface of the packet, searches the FIB for a route destined for the source IP address, and checks whether the outbound interface of the route is the inbound interface of the packet. URPF check prevents attacks that use spoofed source IP addresses.

    However, multiple routes to the same destination IP address may exist in the FIB in some scenarios, such as in a load balancing scenario. The outbound interfaces of the routes are different. If URPF is configured in this case, packet loss will occur. To prevent this problem, use loose URPF check. In loose URPF mode, a packet can pass the URPF check as long as there is a route destined for the source IP address of the packet, regardless of whether the outbound interface of the route matches the inbound interface of the packet.

  7. If the destination IP address is not a local IP address, the router decreases the TTL in the packet header by 1, recalculates and modifies the checksum value, and performs subsequent operations, such as CAR. If the destination IP address is a local IP address (the next-hop IP address being 127.0.0.1), the router sends the packet to the upstream TM component.

Finally, the SFU sends the packet to the downlink LPU based on the outbound interface information (including the destination LPU and outbound interface).

Encapsulation info obtaining

On the downlink LPU, the PFE searches for an ARP entry based on the next-hop or destination IP address and the VLAN ID to obtain the destination MAC address, and searches for the MAC address of the outbound interface. Then, the PFE replaces the destination MAC address with the MAC address of the next hop, and replaces the source MAC address with the MAC address of the local outbound interface.

ARP table:

IP ADDRESS      MAC ADDRESS     EXPIRE(M) TYPE   INTERFACE  VPN-INSTANCE
------------------------------------------------------------------------100.2.150.51    0018-8201-4daa            I -    GE0/0/0
100.2.200.7     0013-d326-a32f  1         D-0    GE0/0/0
192.1.23.1      00e0-fcd5-c877            I -    GE1/0/2
37.1.3.1        00e0-fcd5-c863            I -    GE1/0/3

If no corresponding ARP entry exists, the ARP learning function is triggered, with the steps detailed as follows:

  1. The router sends an ARP request packet. The destination MAC address of the packet is a broadcast address, the destination IP address is the IP address of the next hop, and the source IP address is a local IP address.
  2. Because the destination MAC address of the packet is a broadcast address, all devices or hosts (including the next-hop device) in the LAN can receive the packet. Upon receipt of the packet, the next-hop device parses it and finds that the destination IP address is its own IP address, it replies with an ARP response packet carrying its own MAC address.
  3. After the router receives the response packet, it obtains and adds the next-hop MAC address to the ARP entry table.

Outbound Check and Encapsulation

If the destination IP address of the packet is a local IP address, the outbound interface processing module sends the packet to the CPU of the LPU. Finally, the packet is sent to the CPU of the MPU. 

If the destination IP address of the packet is not a local IP address, the outbound interface processing module checks whether the packet length is greater than the MTU. If the packet length is less than the MTU, the module sends the packet the PIC. The PIC calculates the frame check sequence (FCS) based on the content of the data frame to be sent, and encapsulates the interframe space, preamble, start-of-frame delimiter (SFD), and FCS to the frame. Then, the PIC converts the data frame to optical or electrical signals, and sends the signals to the outbound interface.

If the packet length exceeds the MTU, the router checks the DF bit in the packet header. If the DF bit is 0, the router fragments the packet and then sends the fragments to the PIC. If the DF bit is 1, the source end of the packet does not allow fragmentation. In this case, the router performs CP-CAR check and sends the packet to the CPU of the LPU, and then to the CPU of the MPU. Finally, the router responds to the source end with an ICMP Too-Big message.

IPv6 Unicast Forwarding

IPv4 and IPv6 forwarding processes are similar, with the following differences:

  • In the IPv4 forwarding process, the router searches the FIBv4 and ARP entries. In the IPv6 forwarding process, the router searches the FIBv6 and neighbor table.
  • In the IPv6 forwarding process, if the length of a packet exceeds the interface IPv6 MTU, the router does not fragment the packet. Instead, it sends it to the CPU and responds to the source end with an ICMP Too-Big message.

IPv6 neighbor table:

[Router] display ipv6 neighbors 
----------------------------------------------------------------
IPv6 Address : 2012::2
Link-layer   : 00e0-fcc2-13b6                             State : STALE
Interface    : GE0/0/0                                    Age   : 0
VLAN         : -                                          CEVLAN: -
VPN name     :                                         Is Router: TRUE
Secure FLAG  : UN-SECURE

IPv6 Address : FE80::2E0:FCFF:FEC2:13B6
Link-layer   : 00e0-fcc2-13b6                             State : STALE
Interface    : GE0/0/0                                    Age   : 0
VLAN         : -                                          CEVLAN: -
VPN name     :                                         Is Router: TRUE
Secure FLAG  : UN-SECURE
----------------------------------------------------------------

The post is synchronized to: [Amazing Microwaves] How to Maximize Bandwidth of A Packet's Adventures on Huawei NE Routers

Like (6) Dislike (0) Favorite(0) Share Report
Previous: Poe Voltage ?
Next: Huawei Telecom Power Provides Reliable Power for Mombasa Nairobi Railway
(0) (0)
2#
user_2790689
Created Mar 31, 2016 03:16:34

Thank you
View more
  • x
  • convention:

Danielarab
Danielarab Created Jan 6, 2021 14:24:37 (0) (0)
 
Assis_bsb
Assis_bsb Created Sep 16, 2021 16:47:20 (0) (0)
 
(0) (0)
3#
Jamalb
Created Nov 23, 2017 08:46:32

Good ...
View more
  • x
  • convention:

Danielarab
Danielarab Created Jan 6, 2021 14:24:32 (0) (0)
 
(0) (0)
4#
faysalji
Author Created Sep 27, 2018 10:36:54

Another good topic in the series
View more
  • x
  • convention:

AliBinHussain
AliBinHussain Created Sep 16, 2021 16:49:04 (0) (0)
 
AliBinHussain
AliBinHussain Created Sep 16, 2021 16:49:10 (0) (0)
 
(0) (0)
5#
Mysterious.color
Created Oct 31, 2018 09:53:05

Thank you .
i will share it with my colleague
View more
  • x
  • convention:
(0) (0)
6#
Swidan
Admin Created May 29, 2019 06:09:25

Thanks
View more
  • x
  • convention:
(0) (0)
7#
VinceD
Created Nov 4, 2020 18:06:11

thanks for sharing this.
View more
  • x
  • convention:
(0) (0)
8#
EL.BODO
Created Nov 5, 2020 17:31:31

great
View more
  • x
  • convention:
(0) (0)
9#
Danielarab
Created Jan 6, 2021 14:24:47

thanks for sharing
View more
  • x
  • convention:
(0) (0)
10#
hemin88
Moderator Author Created Sep 16, 2021 06:55:16

Great topic, and very well explained
View more
  • x
  • convention:
12
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.