Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
[Approaching NE(8)] A Pac...

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o Highlighted

Latest reply: Dec 30, 2020 15:53:58 5471 6 1 0 0
View the author 1#

In addition to packet receiving, sending, parsing, forwarding, exchanging, and encapsulation, as well as QoS processing, the forwarding plane of a router implements fragmentation, reassembly, multicast and broadcast replication, network address translation (NAT), packet filtering, and redirection.

Fragmentation and Reassembly

Huawei high-end routers have multiple SFUs for M+N backup. To implement load balancing, SFUs use a switching technology that is based on cells of fixed length. Before an LPU sends packets to an SFU, the fabric interface controller (FIC) of the LPU fragments them into cells of fixed length, which is similar to ATM cells. Upon receipt of the cells, the SFU switches them. Finally, the FIC of a downlink LPU reassembles the cells.

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-1

 NOTE:

According to the type of data sent to an SFU, the SFU performs cell-based or packet-based switching. Packet-based switching does not require fragmentation or reassembly. However, load imbalance may occur among SFUs because data packets vary in length.

Huawei high-end routers perform switching that is based on cells of fixed length, preventing such load imbalance.

Multicast and Broadcast Replication

First, let's review the unicast, multicast, and broadcast communication modes.

Unicast: Point-to-point (P2P) communication. Data packets are forwarded, without being copied.

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-2

Multicast: Point-to-multipoint (P2MP) communication. Data packets are copied and sent only to requesters. The hosts that request the packets need to join in the same group (multicast group) so that they can receive all data sent to this group.

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-3

Broadcast: One-to-all communication. Data packets are copied and forwarded unconditionally, and all hosts on the network can receive them, regardless of whether the hosts need them. Broadcast traffic is restricted within LANs, preventing broadcast data from affecting a large number of hosts.

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-4

Multicast or broadcast packets may be sent by multiple outbound interfaces on different LPUs. To forward these packets, the traffic management (TM) chip on the uplink LPU copies the packets to different downlink LPUs, and the TM chips on the downlink LPUs copy the packets to different interfaces on the same board.

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-5

This chapter describes only broadcast and multicast replication on hardware components. For details about broadcast and multicast forwarding processes, see the chapters IP Multicast Forwarding.

NAT

NAT Basic Principles

NAT converts IP addresses in IP datagram headers between private and public networks. Hosts in a LAN can use private addresses for internal communication. If they need to access the public network, their source addresses (private IP addresses) are translated into public IP addresses). For the return traffic to reach the hosts, the public IP addresses are translated back to the private IP addresses. In this way, all hosts in the LAN can use limited public IP addresses (even one) to access the Internet.

NAT has multiple implementation modes, among which Huawei high-end routers implement network address port translation (NAPT). In NAPT mode, a NAT device translates different source IP addresses carried in received packets into the same public IP address, and port numbers into different port numbers. This mode allows a large number of hosts to access the public network using only one public IP address.

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-6

In the preceding figure, packets 1 and 2 carry the same source private IP address but different port numbers. Packets 1 and 3 carry different source private IP addresses but the same port number. The NAT device translates the source IP addresses in packets 1, 2, and 3 into the same public IP address, and port numbers into different port numbers. Packets 1, 2, and 3 can be identified by their new port numbers. After receiving the return traffic from the public network, the NAT device identifies the destination hosts based on the destination IP address and port numbers.

NAPT is based on a NAT address pool which contains multiple public IP addresses. When a user needs to access the public network, the user's packets are sent to the NAT device. The NAT device selects one public IP address from the NAT address pool, maps it to the source IP address, and performs NAT accordingly. If the NAT device fails to receive any packets from the user within a period, it reclaims the public IP address previously used by the user.

NAT Address Pool Route Advertisement

After users on a private network access the Internet, the return traffic from the Internet carry the public IP addresses of the NAT address pool as destination IP addresses, and devices on the Internet need to search their routing tables for routes to the public IP addresses to forward the traffic. To ensure the forwarding, the NAT device needs to advertise NAT address pool routes to the Internet. However, these public IP addresses in the address pool are dynamically allocated by the NAT device. How can the routes to these public IP addresses be advertised?

In fact, after a NAT public address pool is created on a Huawei high-end router, NAT public address pool user network routes (UNRs) are generated. For example, if the network segment of a NAT public address pool is 10.0.0.0/22, the following UNR is generated:

Destination/Mask    Proto   Pre  Cost      Flags NextHop      Interface

     100.0.0.0/22   Unr     64   65535       D   127.0.0.1    InLoopBack0

If you want routes in the NAT address pool to be advertised to the public network, import the UNR to a dynamic routing protocol using the import-route unr command.

NAT Implementation

On Huawei high-end routers, the NAT service board is responsible for NAT. The service process is as follows: An uplink LPU distributes traffic to the NAT service board which performs NAT and sends the traffic to a downlink LPU. Finally, the downlink LPU forwards the traffic. The detailed process is as follows:

  • Outgoing traffic forwarding process (from a private network to the public network)

    [Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-7

    The process is similar to that of other service flows except for the following differences:

    1. The packet forwarding engine (PFE) on the uplink LPU uses multi-field (MF) classification for traffic diversion to the NAT service board.
    2. The SFU sends packets to the NAT service board.
    3. The NAT service board first performs NAT. After NAT, the private source IP addresses of the packets are translated into public IP addresses, and port numbers are also translated.
    4. Then, the NAT service board searches the public forwarding table for the destination LPU and outbound interface information. Note that the NAT service board has the same forwarding table as LPUs.
    5. The SFU switches the packets to a downlink LPU. The rest of the process is the same as that of other service flows.

  • Incoming traffic forwarding process (from the public network to a private network)

    [Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-8

    The process is similar to that of other service flows except for the following differences:

    1. When the PFE on the uplink LPU searches the public routing table, it obtains the NAT address pool UNR, with the NAT service board as the destination LPU. In a centralized NAT scenario, the UNR carries destination LPU and interface information. In a distributed NAT scenario, the uplink LPU sends the packets to the CPU for processing to obtain the destination LPU and interface information.
    2. The SFU sends packets to the NAT service board.
    3. The NAT service board translates the public destination IP addresses of the packets into private IP addresses and also translates port numbers.
    4. Then, the NAT service board searches the VPN forwarding table for the destination LPU and outbound interface information.
    5. The SFU switches the packets to a downlink LPU. The rest of the process is the same as that of other service flows.

Packet Filtering

Routers filter packets based on ACLs. Specifically, the routers obtain the packet header information, such as the Ethernet frame header, MPLS header, IP header, and TCP/IP port number, match the information against ACL rules, and forward or discard the packets based on the matching result.

To associate ACL rules with packet processing behavior (forwarding or discarding), MF classification is used.

Packet filtering is implemented on the forwarding plane of the uplink or downlink LPU, as shown in the following figure:

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-9

As described in QoS Basics, traffic policies are configured in profiles. The profiles consist of the following parts:

  • Traffic classifier: sets ACL matching rules that are used in if-match clauses.
  • Traffic behavior: determines whether the traffic meeting the matching rules is forwarded (permit) or discarded (deny).
  • Traffic policy: associates the traffic classifier with the traffic behavior. The traffic policy is applied to the inbound or outbound interface.
 NOTE:

For details about ACL, see Special Topic - ACL.

Policy-based Routing (Redirection)

Policy-based Routing (PBR) is also called route redirection. In most cases, routers search the routing table for routes to forward packets based on the destination IP addresses of the packets. In contrast, PBR selects routes based on a user-defined policy and can be used for security and load balancing purposes. PBR allows routers to select forwarding paths based on more packet attributes, such as the source IP address, destination IP address, and packet length.

PBR is different from routing policies. PBR routes data packets based on a user-defined policy instead of routes in the existing routing table. Routing policies control route generation, advertisement, and selection by following rules and changing route attributes.

PBR supports discard and forward policies. To configure a discard policy, run the redirect command with an outbound interface specified in the traffic behavior view. To configure a forward policy, run the command without specifying any outbound interface.

  • In the case of a discard policy, routers forward packets based on the specified next hop and outbound interface if the outbound interface is Up. If the outbound interface is an Ethernet interface, ARP entries must also be available; otherwise, packets are discarded. If the next hop or outbound interface does not exist, packets are discarded.
  • In the case of a forward policy, routers search the forwarding table for an outbound interface based on a specified IP address. If a corresponding outbound interface or even a default route is available, packets are forwarded; otherwise, packets are forwarded based on the packets' destination IP addresses.

On the forwarding plane, PBR is implemented in the MF classification phase. Forward PBR depends on the forwarding table.

[Approaching NE(8)] A Packet‘s Adventures on Huawei Routers - Other Processing o-1233163-10

The post is synchronized to: [Amazing Microwaves] How to Maximize Bandwidth of A Packet's Adventures on Huawei NE Routers

Like (1) Dislike (0) Favorite(0) Share Report
Previous: eNSP simulator
Next: Super-vlan with ipv6 address
(0) (0)
2#
user_2790689
Created Mar 31, 2016 03:16:14

Thank you
View more
  • x
  • convention:
(0) (0)
3#
milko
Created Nov 9, 2016 16:48:59

:D
View more
  • x
  • convention:
(0) (0)
4#
b84051442
Created Jan 26, 2017 03:56:11

Good info
View more
  • x
  • convention:
(0) (0)
5#
faysalji
Author Created Sep 27, 2018 10:20:52

Thanks for sharing......
View more
  • x
  • convention:
(0) (0)
6#
Mysterious.color
Created Oct 31, 2018 09:51:14

Good article
View more
  • x
  • convention:
(0) (0)
7#
VinceD
Created Dec 30, 2020 15:53:58

thanks for sharing...
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.