Excerpt from Router Security Strategies: Securing IP Network Traffic Planes.
By Gregg Schudel, David J. Smith Published by Cisco Press ISBN-10: 1-58705-336-5 ISBN-13: 978-1-58705-336-8

More Cisco Press book chapters from new and classic Cisco Press books.

Rate your favorite Cisco Press books.

In this chapter, you will learn about the following:

• IP networking concepts

• IP protocol operation concepts

• IP traffic plane concepts

• Router packet processing and forwarding concepts

• Router architecture concepts

This chapter builds the foundation for the remainder of the book by introducing the concepts and terminology critical to understanding IP traffic plane security. Basic IP network concepts and IP protocol operations are reviewed, including the various packet types found in the network and how these packets apply to different IP traffic planes. Then, packet processing and forwarding mechanisms used by routers are reviewed. Special attention is given to how various packet types within each traffic plane affect forwarding mechanisms. Finally, various router hardware architectures are reviewed, again highlighting how router performance and network security are affected by the IP traffic planes.

IP Network Concepts

Internet Protocol (IP) and IP/Multiprotocol Label Switching (IP/MPLS) packet-based networks capable of supporting converged network services are rapidly replacing purpose-built networks based on time-division multiplexing (TDM), Frame Relay, Asynchronous Transfer Mode (ATM) and other legacy technologies. Service providers worldwide are deploying IP/MPLS core networks to realize the efficiencies and scalability offered by IP networks, and their ability to enable rapid expansion into new service markets. Enterprises are also taking advantage of the end-to-end, any-to-any connectivity model of IP to drive business-changing profit models through infrastructure and operational efficiency improvements, as well as to capture e-commerce opportunities.

Building and operating IP network infrastructures for converged services is a balancing act. Meeting the carrier-class requirements that customers demand, while supporting multiple, diverse services that have distinct bandwidth, jitter, and latency requirements, is a challenging task. Legacy, single-purpose networks were designed and built with specific, tightly controlled operational characteristics to support a single service. Hence, the (typically) single service each network supported usually worked flawlessly. This was relatively easy to achieve because these networks catered to a single application/service that was tightly controlled. Carrying Internet traffic, voice and video traffic, cellular traffic, and private (VPN) business traffic over a common IP backbone has significant implications for both network design and network operations. Disruptions in any one of these traffic services may potentially disrupt any of the other services, or the wider network. Thus, the importance of network security in converged networks is magnified.

---

Note - The traditional focus areas of network security include confidentiality, integrity, and availability (CIA), in varying degrees, depending on network functions. As network convergence has taken hold, the importance of each of these areas changes.

Availability, for example, is no longer simply a binary "up/down" or "on/off" function, but must now consider other issues such as network latency caused by congestion and processing delays. For example, consider the effects of malicious traffic, or even changes in the traffic patterns of one service, say Internet data. This might cause congestion that affects another service such as Voice over IP (VoIP) traffic traversing the same core routers but in a different services plane (as will be defined later in this chapter). Because one of the prime motives for converging disparate services and networks onto a single IP core is to gain capital and operating expenditure (CapEx and OpEx) efficiencies, this perturbation in availability may lead to a disruption in the entire revenue model if high-value services cannot be supported adequately. This is the basis for developing a different way of thinking about IP network security, one modeled around the IP traffic plane concept.

---

The concept of IP network traffic planes is best introduced by first considering the features that distinguish IP networks from other network types:

• IP networks carry all packets in a common pipe. Fundamentally, all networks have essentially two kinds of packets:

• — Data packets that belong to users and carry user or application traffic

  — Control packets that belong to the network and are used to dynamically build and operate the network

  One of the strengths of the IP protocol is that all packets are carried in a common pipe (also referred to as "in-band"). Legacy networks typically relied on separate channels for data and control traffic. IP does not segment traffic into separate channels. As the subject of this book implies, classifying different traffic types is the first step in segmenting and securing an IP network. Each of these tasks—traffic classification, segmentation, and control—is essential for IP network security.

• IP networks provide any-to-any and end-to-end connectivity by nature. In its simplest form, a router provides destination-based forwarding of IP packets. If a router has a destination prefix in its forwarding table, it will forward the packet toward its final destination. Hence, routing (and more specifically, what prefixes are in the forwarding table of the router) is one of the most important, but often overlooked, components of IP network security.

• For example, using a default route often has significant implications for network security. The ubiquitous nature of IP, along with its any-to-any, end-to-end operational characteristics, provides inherent flexibility and scalability at unprecedented levels. This is at the same time both a positive and a negative aspect of IP networking. On the positive side, this provides instant global connectivity, which enables innovation and constant evolution. On the negative side, however, this global connectivity also provides unparalleled opportunities for misuse and abuse through these same networks. (In the physical world, one must be proximate to the scene to carry out a crime. This is not the case in the cyber world. Also, one person can do significant damage in the cyber world—in other words, there is a force-multiplier—which the physical world does not offer.)

• IP networks use open standards defined by the IETF; access to the protocol standards is freely available to everyone. These standards are independent from any specific computer hardware or operating system. This openness encourages and drives innovation of new applications and services that run over IP networks. This leads to several challenges as well, however. It is often difficult for networks to keep pace with rapidly changing demands. Supporting new applications and services may present challenging new flow characteristics. A few examples include:

• — Asymmetric vs. symmetric upstream/downstream bandwidth with peer-to-peer networking

  — Increases in absolute bandwidth utilization and unicast vs. multicast packet types with video services

  — Tolerance to variations in delay and jitter characteristics for voice services

  In addition, networks must be resilient enough to account for abuse, either from misuse, misconfigurations, obfuscation, or outright maliciousness.

These concepts are the driving factors behind this book. In today's IP networks, it is critical to distinguish between the various traffic types, segment them into various IP traffic planes, and incorporate mechanisms to control their influences on the wider network.

Two broad network categories are highlighted in this book to provide a context for demonstrating the concepts of IP network traffic plane separation: the enterprise network and the service provider network. Although there are similarities between them, the significant differences between them are useful for demonstrating IP traffic plane security concepts and techniques covered in detail in later chapters. The following description of these network types is provided as an overview, simply to introduce the concepts of IP traffic planes. This is not intended as a design primer for enterprise or service provider networks.

Whitepapers

• Best Practices for HP Servers and HP Enterprise Virtual Array in a Microsoft Exchange
• Network-Wide Change Management Visibility with Route Analytics
• REMOTE CONTROL: How to Reduce the Cost, Complexity and Risk of Managing Your Distributed IT Infrastructure
• Steal This Script: Hands-On Tips for Service Impact Network Management
• The Case for an Untethered Enterprise
• Best Practices for WAN Optimization with Data Replication

View more LANS & WANS whitepapers

Webcasts

• WAN Optimization Editorial Webcast
• Best Practices for Deploying WAN Optimization for Disaster Recovery
• Tips and Techniques for Remote Data Backup and Delivery
• WAN Optimization Landscape
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage

View more LANS & WANS webcasts

Special Reports

• Network World Executive GUide: The Virtualization Equation
• Get More From Your WAN
• Learn how to Keep your Mobile Workforce Connected
• WAN Optimization: How to rev up sluggish applications
• The Wireless Explosion
• Network World Executive Guide: Perfecting Application Performance Management

View more LANS & WANS special reports