Free Network Security Tutorial – Network Security – Implement L3 Routing Table & ACL in C/C++

***  22 Sept 2022 – This Course is under Development  ***

This Course aims at Explaining and Implementing the Data Structures Required to Implement IPV4 Routing Table and Access Control Lists. Both these features are ubiquitously used in Networking/Embedded/Distributed System/Cloud Computing etc, and hence we decided to throw a course on explaining the internal design and implementation.

We shall be going to build a Library called mtrie library, which will form the foundation for implementing IPV4 Routing Table and Access Control List framework.  Trie is a popular standard data structure and its variant is used to solve different types of industry problems.

We shall be building Cisco like Access Control List which is used for Security, Controlling the traffic flow Or restricting the access & permissions to the user to certain resources over the network. Below is Cisco Example. We shall be going to re-invent the wheel.

access-list allow_traffic permit UDP 122.1.1.1 255.255.255.255 40.1.1.1 255.255.255.255

access-list allow_traffic permit UDP 122.1.1.0 255.255.255.0 40.1.1.0 255.255.255.0

access-list allow_traffic permit UDP 122.1.0.0 255.255.0.0 40.0.0.0 255.255.0.0

access-list allow_traffic deny any 0.0.0.0 0.0.0.0

This Course is Data Structure and Algorithmic Intensive, and We shall be showing all demonstrations in C/C++. However, you are free to implement the explained concepts in the language of your choice.

Pre-requisite :

It’s desirable you understand how Subnet Masks work, and a very basic Networking background is required. This Course is exclusively designed for Intermediate to advanced developers only. If you are still struggling with programming basics, pls excuse this course.  The complexity level of this course is intermediate, and not for beginners. You will need to do a lot of Bit-Level Programming in this course.

End Product :

The end product of this course is that you will have fully working Routing Table and Access Control List Libraries which you can further integrate into your other projects readily or decorate your resume with these milestones.

Table of Contents

1. What is Access Control List and how does it work?

2. What is the Longest prefix Match?

3. Trie Data Structure

4. Optimizing Trie to construct Routing Table Data Structure ( called mtrie )

• Route Insertion Algorithm

• Route Deletion Algorithm

• Route Search Algorithm

• Longest Prefix Match Algorithm

5. Building Routing Table CRUD APIs over Mtrie Data Structure   

6. Implementing Access Control List Over Mtrie Data Structure

• Compiling ACL Rule into TCAM entry format

• Installing ACL Rule

• Uninstalling ACL Rule

• ACL lookup based on Longest Prefix Match

7. Testing our Codes and Libraries

Who this course is for:

• Students, Professional Software Developers
• Network Development Engineers, Cloud Or Distributed Systems
• Any enthusiast who want to learn Deep Concepts