How to Begin Implement Network Segmentation in NS3

To implement the network segmentation using NS3 which requires splitting a network into numerous smaller sub-networks (subnets), each subnets with their individual collection of addresses and perhaps unique routing rules. Network segmentation improves the performance, security, and manageability.

Below is a step-by-step instruction to get started with implementing network segmentation in ns3:

Steps to Begin Implement Network Segmentation in NS3

1. Understand Network Segmentation

• Purpose:
  • Performance: Minimize congestion by separating traffic into segments.
  • Security: Limit interaction among the segments for applying security rules.
  • Management: Make simpler troubleshooting and network monitoring.
• Key Concepts:
  • Subnets including inimitable IP address ranges.
  • Routers or gateways for handling the traffic among subnets.

2. Set Up ns3 Environment

• Make sure that we have installed ns3 on the system:

git clone https://gitlab.com/nsnam/ns-3-dev.git

cd ns-3-dev

./ns3 configure –enable-examples –enable-tests

./ns3 build

• Confirm the installation with:

./ns3 run hello-simulator

3. Design Network Topology

• Describe the segments including diverse subnets that are associated through routers or gateways.
• Example topology:
  • Segment 1: Nodes 1 and 2 within subnet 10.1.1.0/24.
  • Segment 2: Nodes 3 and 4 in subnet 10.1.2.0/24.
  • Router to link both segments.

4. Steps to Implement Network Segmentation

(a) Create Nodes

• Make nodes for every segment and a router to associate them:

NodeContainer segment1, segment2, router;

segment1.Create(2); // Nodes in Segment 1

segment2.Create(2); // Nodes in Segment 2

router.Create(1);   // Router node

(b) Install Network Devices

• Associate segments to the router with the help of PointToPointHelper to install network devices:

PointToPointHelper p2p;

p2p.SetDeviceAttribute(“DataRate”, StringValue(“10Mbps”));

p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));

NetDeviceContainer devices1 = p2p.Install(NodeContainer(segment1.Get(0), router.Get(0)));

NetDeviceContainer devices2 = p2p.Install(NodeContainer(segment2.Get(0), router.Get(0)));

(c) Install Internet Stack

• We can install the InternetStackHelper at all nodes:

InternetStackHelper stack;

stack.Install(segment1);

stack.Install(segment2);

stack.Install(router);

(d) Assign IP Addresses

• Allocate an IP addresses to every single network segment:

Ipv4AddressHelper address1, address2;

address1.SetBase(“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer interfaces1 = address1.Assign(devices1);

address2.SetBase(“10.1.2.0”, “255.255.255.0”);

Ipv4InterfaceContainer interfaces2 = address2.Assign(devices2);

(e) Set Up Routing

• Allow route transmitting at the router:

Ptr<Ipv4> ipv4Router = router.Get(0)->GetObject<Ipv4>();

ipv4Router->SetAttribute(“IpForward”, BooleanValue(true));

• Set up static or dynamic routes:
  • Static Routing:

Ipv4StaticRoutingHelper staticRouting;

Ptr<Ipv4StaticRouting> routingSegment1 = staticRouting.GetStaticRouting(segment1.Get(0)->GetObject<Ipv4>());

routingSegment1->AddNetworkRouteTo(Ipv4Address(“10.1.2.0”), Ipv4Mask(“255.255.255.0”), Ipv4Address(“10.1.1.1”), 1);

Ptr<Ipv4StaticRouting> routingSegment2 = staticRouting.GetStaticRouting(segment2.Get(0)->GetObject<Ipv4>());

routingSegment2->AddNetworkRouteTo(Ipv4Address(“10.1.1.0”), Ipv4Mask(“255.255.255.0”), Ipv4Address(“10.1.2.1”), 1);

5. Install Applications

• Replicate the traffic in and among the segments:
  • UDP Echo Server at one segment:

UdpEchoServerHelper echoServer(9);

ApplicationContainer serverApp = echoServer.Install(segment2.Get(1));

serverApp.Start(Seconds(1.0));

serverApp.Stop(Seconds(10.0));

• • UDP Echo Client functions at alternative segment:

UdpEchoClientHelper echoClient(Ipv4Address(“10.1.2.2”), 9);

echoClient.SetAttribute(“MaxPackets”, UintegerValue(10));

echoClient.SetAttribute(“Interval”, TimeValue(Seconds(1.0)));

echoClient.SetAttribute(“PacketSize”, UintegerValue(1024));

ApplicationContainer clientApp = echoClient.Install(segment1.Get(0));

clientApp.Start(Seconds(2.0));

clientApp.Stop(Seconds(10.0));

6. Complete Example Code

Here’s a comprehensive sample outline of network segmentation:

#include “ns3/core-module.h”

#include “ns3/network-module.h”

#include “ns3/internet-module.h”

#include “ns3/point-to-point-module.h”

#include “ns3/applications-module.h”

using namespace ns3;

int main(int argc, char *argv[]) {

CommandLine cmd;

cmd.Parse(argc, argv);

// Create nodes

NodeContainer segment1, segment2, router;

segment1.Create(2); // Segment 1 nodes

segment2.Create(2); // Segment 2 nodes

router.Create(1);   // Router node

// Create links

PointToPointHelper p2p;

p2p.SetDeviceAttribute(“DataRate”, StringValue(“10Mbps”));

p2p.SetChannelAttribute(“Delay”, StringValue(“2ms”));

NetDeviceContainer devices1 = p2p.Install(NodeContainer(segment1.Get(0), router.Get(0)));

NetDeviceContainer devices2 = p2p.Install(NodeContainer(segment2.Get(0), router.Get(0)));

// Install Internet stack

InternetStackHelper stack;

stack.Install(segment1);

stack.Install(segment2);

stack.Install(router);

// Assign IP addresses

Ipv4AddressHelper address1, address2;

address1.SetBase(“10.1.1.0”, “255.255.255.0”);

Ipv4InterfaceContainer interfaces1 = address1.Assign(devices1);

address2.SetBase(“10.1.2.0”, “255.255.255.0”);

Ipv4InterfaceContainer interfaces2 = address2.Assign(devices2);

// Enable IP forwarding on the router

Ptr<Ipv4> ipv4Router = router.Get(0)->GetObject<Ipv4>();

ipv4Router->SetAttribute(“IpForward”, BooleanValue(true));

// Set up static routing

Ipv4StaticRoutingHelper staticRouting;

Ptr<Ipv4StaticRouting> routingSegment1 = staticRouting.GetStaticRouting(segment1.Get(0)->GetObject<Ipv4>());

routingSegment1->AddNetworkRouteTo(Ipv4Address(“10.1.2.0”), Ipv4Mask(“255.255.255.0”), Ipv4Address(“10.1.1.1”), 1);

Ptr<Ipv4StaticRouting> routingSegment2 = staticRouting.GetStaticRouting(segment2.Get(0)->GetObject<Ipv4>());

routingSegment2->AddNetworkRouteTo(Ipv4Address(“10.1.1.0”), Ipv4Mask(“255.255.255.0”), Ipv4Address(“10.1.2.1”), 1);

// Install applications

UdpEchoServerHelper echoServer(9);

ApplicationContainer serverApp = echoServer.Install(segment2.Get(1));

serverApp.Start(Seconds(1.0));

serverApp.Stop(Seconds(10.0));

UdpEchoClientHelper echoClient(Ipv4Address(“10.1.2.2”), 9);

echoClient.SetAttribute(“MaxPackets”, UintegerValue(10));

echoClient.SetAttribute(“Interval”, TimeValue(Seconds(1.0)));

echoClient.SetAttribute(“PacketSize”, UintegerValue(1024));

ApplicationContainer clientApp = echoClient.Install(segment1.Get(0));

clientApp.Start(Seconds(2.0));

clientApp.Stop(Seconds(10.0));

// Run simulation

Simulator::Run();

Simulator::Destroy();

return 0;

}

7. Validate the Segmentation

• Make sure that traffic is separated among the subnets using FlowMonitor or packet traces if not transmitted via the router.
• Confirm the segmentation efficiency within dividing broadcast traffic.

We have organized the step by step implementation approach for Network Segmentation which were effectively executed and authenticated the segmentation using NS3 environment and can delve into further detail upon request.