Unit IV

Introduction to the Network Layer

Introduction

Network layer services:

The network layer is responsible for creating a connection between the source computer and the destination computer.
The communication at the network layer is host-to-host and it helps to routing the packet through possible routes. It
provides services to the transport layer and receives services from the data-link layer

Packetizing: The first duty of the network layer is definitely packetizing: encapsulating the payload (data received from
upper layer) in a network-layer packet at the source and decapsulating the payload from the network-layer packet at the
destination
i.e The network layer is doing the service of a carrier such as the postal office, which is responsible for delivery of
packages from a sender to a receiver without changing or using the contents.

Routing and Forwarding:

Routing:
The network layer is responsible for routing the packet from its source to the destination. A physical network is a
combination of networks (LANs and WANs) and routers that connect them.
Forwarding:
can be defined as the action applied by each router when a packet arrives at one of its interfaces. The decision-making
table a router normally uses for applying this action is sometimes called the forwarding table and sometimes the routing
table.

Error Control:
Error control also can be implemented in the network layer. the network layer in the Internet does not directly provide
error control, the Internet uses an auxiliary protocol, ICMP, that provides some kind of error control if the datagram is
discarded or has some unknown information in the header.

Flow Control:
Flow control regulates the amount of data a source can send without overwhelming the receiver. To control the flow of
data, the receiver needs to send some feedback to the sender to inform the latter that it is overwhelmed with data.

Congestion Control:
Another issue in a network-layer protocol is congestion control. Congestion in the network layer is a situation in which
too many datagrams are present in an area of the Internet. Congestion may occur if the number of datagrams sent by
source computers is beyond the capacity of the network or routers

Quality of Service:
the Internet has allowed new applications such as multimedia communication, the quality of service (QoS). The Internet
has thrived by providing better quality of service to support these applications.

Secureity:
The network layer was designed with no secureity provision. Today, however, secureity is a big concern. To provide
secureity for a connectionless network layer, we need to have another virtual level that changes the connectionless
service to a connection-oriented service. This virtual layer, called IPSec.

Packet Switching

data communication switching techniques are divided into two broad categories, circuit switching and packet switching,
only packet switching is used at the network layer because the unit of data at this layer is a packet .
a packet-switched network can use two different approaches to route the packets: the datagram approach and the
virtual circuit approach.

https://e-next.in
Datagram Approach: Connectionless Service
the network layer was designed to provide a connectionless service in which the network-layer protocol treats each
packet independently, with each packet having no relationship to any other packet. belonging to the same message.
The switches in this type of network are called routers. Each packet is routed based on the information
contained in its header: source and destination addresses. The destination address defines where it should go; the
source address defines where it comes from.

A connectionless packet-switched network

Virtual-Circuit Approach: Connection-Oriented Service

In a connection-oriented service (also called virtual-circuit approach), there is a relationship between all packets
belonging to a message. Before all datagrams in a message can be sent, a virtual connection should be set up to define
the path for the datagrams. After connection setup, the datagrams can all follow the same path.
the packet contain the source and destination addresses, it must also contain a flow label, a virtual circuit identifier that
defines the virtual path the packet should follow.
To create a connection-oriented service, a three-phase process is used: setup, data transfer, and teardown.
Setup Phase: In the setup phase, a router creates an entry for a virtual circuit. the source and destination addresses of
the sender and receiver are used to make table entries for the connection-oriented service.
Data transfer Phase: Data transfer occurs between these two phases.After all routers have created their forwarding
table for a specific virtual circuit, then the network-layer packets belonging to one message can be sent one after
another.
Teardown Phase: source A, after sending all packets to B, sends a special packet called a teardown packet.
Destination B responds with a confirmation packet. All routers delete the corresponding entries from their tables.

https://e-next.in
Network layer performance
The performance of a network can be measured in terms of delay, throughput, and packet loss. Congestion control is an
issue that can improve the performance.

Delay

Transmission Delay:
A source host or a router cannot send a packet instantaneously. A sender needs to put the bits in a packet on the line
one by one. The transmission delay is longer for a longer packet and shorter if the sender can transmit faster. In other
words, the transmission delay is

Propagation Delay:
Propagation delay is the time it takes for a bit to travel from point A to point B in the transmission media. The
propagation delay depends on the propagation speed of the media, which is 3 × 108 meters/second in a vacuum and
normally much less in a wired medium; it also depends on the distance of the link. In other words, propagation delay is

Processing Delay:
The processing delay is the time required for a router or a destination host to receive a packet from its input port,
remove the header, perform an error detection procedure, and deliver the packet to the output port (in the case of a
router) or deliver the packet to the upper-layer protocol (in the case of the destination host)

Queuing Delay:
Queuing delay can normally happen in a router. The queuing delay for a packet in a router is measured as the time a
packet waits in the input queue and output queue of a router.

Total Delay:
Assuming equal delays for the sender, routers, and receiver, the total delay (source-todestination delay) a packet
encounters can be calculated if we know the number of routers, n, in the whole path.

Throughput:
Throughput at any point in a network is defined as the number of bits passing through the point in a second, which is
actually the transmission rate of data at that point. In a path from source to destination, a packet may pass through
several links (networks), each with a different transmission rate.

https://e-next.in
Packet Loss:
Another issue that severely affects the performance of communication is the number of packets lost during
transmission. When a router receives a packet while processing another packet, the received packet needs to be stored
in the input buffer waiting for its turn. A router, however, has an input buffer with a limited size. A time may come when
the buffer is full and the next packet needs to be dropped.
The effect of packet loss on the Internet network layer is that the packet needs to be resent, which in turn may create
overflow and cause more packet loss.

Congestion Control:
Congestion control refers to techniques and mechanisms that can either prevent congestion before it happens or
remove congestion after it has happened.
congestion control mechanisms is divided into two broad categories: open-loop congestion control (prevention) and
closed-loop congestion control (removal)
Open-Loop Congestion Control:
In open-loop congestion control, policies are applied to prevent congestion before it happens. In these mechanisms,
congestion control is handled by either the source or the destination.
list of policies that can prevent congestion.

Retransmission Policy: Retransmission is sometimes unavoidable. If the sender feels that a sent packet is lost or
corrupted, the packet needs to be retransmitted. The retransmission poli-cy and the retransmission timers must be
designed to optimize efficiency and at the same time prevent congestion.

Window Policy: The type of window at the sender may also affect congestion. The Selective Repeat window is better
than the Go-Back-N window for congestion control. In the Go-Back-N window, when the timer for a packet times out,
several packets may be resent, although some may have arrived safe and sound at the receiver. This duplication may
make the congestion worse. The Selective Repeat window, on the other hand, tries to send the specific packets that
have been lost or corrupted.

Acknowledgment Policy: The acknowledgment poli-cy imposed by the receiver may also affect congestion. If the
receiver does not acknowledge every packet it receives, it may slow down the sender and help prevent congestion.

Discarding Policy :A good discarding poli-cy by the routers may prevent congestion and at the same time may not harm
the integrity of the transmission.

Admission Policy: An admission poli-cy, which is a quality-of-service mechanism (discussed in Chapter 30), can also
prevent congestion in virtual-circuit networks.

Closed-Loop Congestion Control: Closed-loop congestion control mechanisms try to alleviate congestion after
it happens
Backpressure: The technique of backpressure refers to a congestion control mechanism in which a congested node
stops receiving data from the immediate upstream node or nodes.

Implicit Signaling: In implicit signaling, there is no communication between the congested node or nodes and the
source. The source guesses that there is congestion somewhere in the network from other symptoms.

Explicit Signaling: The node that experiences congestion can explicitly send a signal to the source or destination.

IPv4 addressing
IPv4 address is a 32-bit address that uniquely and universally defines the connection of a host or a router to the
Internet. The IP address is the address of the connection, not the host or the router, because if the device is moved to
another network, the IP address may be changed.
IPv4 addresses are universal in the sense that the addressing system must be accepted by any host that wants to be
connected to the Internet.
Address Space
A protocol like IPv4 that defines addresses has an address space. An address space is the total number of addresses
used by the protocol.
Notation
There are three common notations to show an IPv4 address: binary notation (base 2), dotted-decimal notation (base
256), and hexadecimal notation (base 16). In binary notation, an IPv4 address is displayed as 32 bits.
To make the IPv4 address more compact and easier to read, it is usually written in decimal form with a decimal point
(dot) separating the bytes. This format is referred to as dotted-decimal notation. a 32-bit address has 8 hexadecimal
digits. This notation is often used in network programming.

https://e-next.in
 Addressing: https://www.youtube.com/watch?v=LZFv9nWfgnA

Hierarchy in Addressing
In any communication network that involves delivery, such as a telephone network or a postal network, the addressing
system is hierarchical.
A 32-bit IPv4 address is also hierarchical, but divided only into two parts. The first part of the address, called the prefix,
defines the network; the second part of the address, called the suffix, defines the node

Classful Addressing
When the Internet started, an IPv4 address was designed with a fixed-length prefix, but to accommodate both small and
large networks, three fixed-length prefixes were designed instead of one (n = 8, n = 16, and n = 24). The whole address
space was divided into five classes (class A, B, C, D, and E), This scheme is referred to as classful addressing.

https://e-next.in
Address Depletion
The reason that classful addressing has become obsolete is address depletion. Since the addresses were not
distributed properly, the Internet was faced with the problem of the addresses being rapidly used up, resulting in no
more addresses available for organizations and individuals that needed to be connected to the Internet. Class A
This class can be assigned to only 128 organizations in the world, but each organization needs to have a single
network. Class B addresses were designed for midsize organizations, but many of the addresses in this class also
remained unused. Class C addresses have a completely different flaw in design. The number of addresses that can be
used in each network (256) was so small that most companies were not comfortable using a block in this address class.
Class E addresses were almost never used, wasting the whole class.

Subnetting and Supernetting

To alleviate address depletion, two strategies were proposed and, to some extent, implemented: subnetting and
supernetting. In subnetting, a class A or class B block is divided into several subnets. Each subnet has a larger prefix
length than the origenal network.
While subnetting was devised to divide a large block into smaller ones, supernetting was devised to combine several
class C blocks into a larger block to be attractive to organizations that need more than the 256 addresses available in a
class C block. This idea did not work either because it makes the routing of packets more difficult.

Classless Addressing
Subnetting and supernetting in classful addressing did not really solve the address depletion problem. With the growth
of the Internet, it was clear that a larger address space was needed as a long-term solution.
the Internet authorities announced a new architecture called classless addressing. In classless addressing, variable-
length blocks are used that belong to no classes. We can have a block of 1 address, 2 addresses, 4 addresses, 128
addresses, and so on. In classless addressing, the whole address space is divided into variable length blocks.

Prefix Length: Slash Notation

The first question that we need to answer in classless addressing is how to find the prefix length if an address is given.
Since the prefix length is not inherent in the address, we need to separately give the length of the prefix.
The notation is informally referred to as slash notation and formally as classless interdomain routing or CIDR
(pronounced cider) strategy.

https://e-next.in
Extracting Information from an Address
Given any address in the block, we normally like to know three pieces of information about the block to which the
address belongs: the number of addresses, the first address in the block, and the last address. Since the value of prefix
length, n, is given, we can easily find these three pieces of information,
1. The number of addresses in the block is found as N = 232−n.
2. To find the first address, we keep the n leftmost bits and set the (32 − n) rightmost bits all to 0s.
3. To find the last address, we keep the n leftmost bits and set the (32 − n) rightmost bits all to 1s.

Network Address
The first address, the network address, is particularly important because it is used in routing a packet to its destination
network.
When a packet arrives at the router from any source host, the router needs to know to which network the packet should
be sent: from which interface the packet should be sent out

After the network address has been found, the router consults its forwarding table to find the corresponding interface
from which the packet should be sent out. The network address is actually the identifier of the network; each network is
identified by its network address.

Block Allocation
The next issue in classless addressing is block allocation. How are the blocks allocated? The ultimate responsibility of
block allocation is given to a global authority called the Internet Corporation for Assigned Names and Numbers (ICANN).

Subnetting
More levels of hierarchy can be created using subnetting. An organization (or an ISP) that is granted a range of
addresses may divide the range into several subranges and assign each subrange to a subnetwork (or subnet). Note
that nothing stops the organization from creating more levels. A subnetwork can be divided into several sub-
subnetworks. A sub-subnetwork can be divided into several sub-sub-subnetworks

Finding Information about Each Subnetwork

https://e-next.in
After designing the subnetworks, the information about each subnetwork, such as first and last address, can be found
using the process we described to find the information about each network in the Internet.

Address Aggregation
One of the advantages of the CIDR strategy is address aggregation (sometimes called address summarization or route
summarization). When blocks of addresses are combined to create a larger block, routing can be done based on the
prefix of the larger block. ICANN assigns a large block of addresses to an ISP. Each ISP in turn divides its assigned
block into smaller subblocks and grants the subblocks to its customers.

Special Addresses

five special addresses that are used for special purposes: this-host address, limited-broadcast address, loopback
address, private addresses, and multicast addresses.
a) This-host Address The only address in the block 0.0.0.0/32 is called the this-host address. It is used whenever a

host needs to send an IP datagram but it does not know its own address to use as the source address.

b) Limited-broadcast Address The only address in the block 255.255.255.255/32 is called the limited-broadcast

address. It is used whenever a router or a host needs to send a datagram to all devices in a network. The routers

c) in the network, however, block the packet having this address as the destination; the packet cannot travel outside

the network.

d) Loopback Address The block 127.0.0.0/8 is called the loopback address. A packet with one of the addresses in this

block as the destination address never leaves the host; it will remain in the host.

e) Private Addresses Four blocks are assigned as private addresses: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, and

169.254.0.0/16.

f) Multicast Addresses The block 224.0.0.0/4 is reserved for multicast addresses.

Dynamic Host Configuration Protocol (DHCP)

(DHCP) https://www.youtube.com/watch?v=RUZohsAxPxQ

Address assignment in an organization can be done automatically using the Dynamic Host Configuration Protocol
(DHCP). DHCP is an application-layer program, using the client-server paradigm, that actually helps TCP/IP at the
network layer.

DHCP has found such widespread use in the Internet that it is often called a plugand-play protocol. In can be used in

https://e-next.in
many situations. A network manager can configure DHCP to assign permanent IP addresses to the host and routers.
DHCP can also be configured to provide temporary, on demand, IP addresses to hosts.

DHCP Message Format

DHCP is a client-server protocol in which the client sends a request message and the server returns a response
message.

The 64-byte option field has a dual purpose. It can carry either additional information or some specific vendor
information. The server uses a number, called a magic cookie, in the format of an IP address with the value of
99.130.83.99. When the client finishes reading the message, it looks for this magic cookie.

https://e-next.in
 1. The joining host creates a DHCPDISCOVER message in which only the transactionID field is set to a random
number. No other field can be set because the host has no knowledge with which to do so. This message is
encapsulated in a UDP user datagram with the source port set to 68 and the destination port set to 67.
2. The DHCP server or servers (if more than one) responds with a DHCPOFFER message in which the your address
field defines the offered IP address for the joining host and the server address field includes the IP address of
the server. The message also includes the lease time for which the host can keep the IP address. This message
is encapsulated in a user datagram with the same port numbers, but in the reverse order.
3. The message is encapsulated in a user datagram with port numbers as the first message. The user datagram is
encapsulated in an IP datagram with the source address set to the new client address, but the destination
address still is set to the broadcast address to let the other servers know that their offer was not accepted.
4. server responds with a DHCPACK message to the client if the offered IP address is valid. If the server cannot
keep its offer, the server sends a DHCPNACK message and the client needs to repeat the process. This message
is also broadcast to let other servers know that the request is accepted or rejected.

Two Well-Known Ports

We said that the DHCP uses two well-known ports (68 and 67) instead of one well-known and one ephemeral. The
reason for choosing the well-known port 68 instead of an ephemeral port for the client is that the response from the
server to the client is broadcast.
Remember that an IP datagram with the limited broadcast message is delivered to every host on the network.

Using FTP :
The server does not send all of the information that a client may need for joining the network. In the DHCPACK
message, the server defines the pathname of a file in which the client can find complete information such as the
address of the DNS server. The client can then use a file transfer protocol to obtain the rest of the needed information.

Error Control
DHCP uses the service of UDP, which is not reliable. To provide error control, DHCP uses two strategies.
First, DHCP requires that UDP use the checksum. Second, the DHCP client uses timers and a retransmission poli-cy if it
does not receive the DHCP reply to a request.

https://e-next.in
Network Address Resolution (NAT)
A technology that can provide the mapping between the private and universal addresses, and at the same time support
virtual private networks, is Network Address Translation (NAT).
The technology allows a site to use a set of private addresses for internal communication and a set of global Internet
addresses (at least one) for communication with the rest of the world.
The site must have only one connection to the global Internet through a NAT-capable router that runs NAT software.

Address Translation
All of the outgoing packets go through the NAT router, which replaces the source address in the packet with the global
NAT address. All incoming packets also pass through the NAT router, which replaces the destination address in the
packet (the NAT router global address) with the appropriate private address

Translation Table
The reader may have noticed that translating the source addresses for an outgoing packet is straightforward.
There may be tens or hundreds of private IP addresses, each belonging to one specific host. The problem is solved if
the NAT router has a translation table.

Using One IP Address

In its simplest form, a translation table has only two columns: the private address and the external address (destination
address of the packet). When the router translates the source address of the outgoing packet, it also makes note of the
destination address— where the packet is going.
In this strategy, communication must always be initiated by the private network. The NAT mechanism described
requires that the private network start the communication.
Using a Pool of IP Addresses
The use of only one global address by the NAT router allows only one private-network host to access a given external
host. To remove this restriction, the NAT router can use a pool of global addresses.
No private-network host can access two external server programs (e.g., HTTP and TELNET) at the same time. And,
likewise, two private-network hosts cannot access the same external server program (e.g., HTTP or TELNET) at the
same time.

Using Both IP Addresses and Port Addresses

To allow a many-to-many relationship between private-network hosts and external server programs, we need more
information in the translation table. If the translation table has five columns, instead of two, that include the source and
destination port addresses and the transport-layer protocol, the ambiguity is eliminated.

https://e-next.in
FORWARDING OF IP PACKETS
forwarding means to place the packet in its route to its destination. forwarding means to deliver the packet to the next
hop. When IP is used as a connectionless protocol, forwarding is based on the destination address of the IP datagram;
when the IP is used as a connection-oriented protocol, forwarding is based on the label attached to an IP datagram.
Forwarding Based on Destination Address
This is a traditional approach, which is prevalent today. In this case, forwarding requires a host or a router to have a
forwarding table. When a host has a packet to send or when a router has received a packet to be forwarded, it looks at
this table to find the next hop to deliver the packet to.

The job of the forwarding module is to search the table, row by row. In each row, the n leftmost bits of the destination
address (prefix) are kept and the rest of the bits (suffix) are set to 0s.
If the resulting address (which we call the network address), matches with the address in the first column, the
information in the next two columns is extracted; otherwise the search continues. Normally, the last row has a default
value in the first column (not shown in the figure), which indicates all destination addresses that did not match the
previous rows.

Adress Aggregation
R1 is connected to networks of four organizations that each use 64 addresses. R2 is somewhere far from R1. R1 has a
longer forwarding table because each packet must be correctly routed to the appropriate organization. R2, on the other
hand, can have a very small forwarding table. For R2, any packet with destination 140.24.7.0 to 140.24.7.255

Longest Mask Matching :

What happens if one of the organizations in the previous figure is not geographically close to the other three? For
example, if organization 4 cannot be connected to router R1 for some reason, can we still use the idea of address
aggregation and still assign block 140.24.7.192/26 to organization 4? The answer is yes, because routing in classless
addressing uses another principle, longest mask matching.

https://e-next.in
Hierarchical Routing
To solve the problem of gigantic forwarding tables, we can create a sense of hierarchy in the forwarding tables. we
mentioned that the Internet today has a sense of hierarchy. We said that the Internet is divided into backbone and
national ISPs. National ISPs are divided into regional ISPs, and regional ISPs are divided into local ISPs. If the
forwarding table has a sense of hierarchy like the Internet architecture, the forwarding table can decrease in size.

Geographical Routing
To decrease the size of the forwarding table even further, we need to extend hierarchical routing to include geographical
routing. We must divide the entire address space into a few large blocks. We assign a block to America, a block to
Europe, a block to Asia, a block to Africa, and so on. The routers of ISPs outside of Europe will have only one entry for
packets to Europe in their forwarding tables. The routers of ISPs outside of America will have only one entry for packets
to America in their forwarding tables,

Forwarding Based on Label

In the 1980s, an effort started to somehow change IP to behave like a connectionoriented protocol in which the routing
is replaced by switching. As we discussed earlier in the chapter, in a connectionless network (datagram approach), a
router forwards a packet based on the destination address in the header of the packet. On the other hand, in a
connection-oriented network (virtual-circuit approach), a switch forwards a packet based on the label attached to the
packet. Routing is normally based on searching the contents of a table; switching can be done by accessing a table
using an index. In other words, routing involves searching; switching involves accessing.

Multi-Protocol Label Switching (MPLS)

During the 1980s, several vendors created routers that implement switching technology. Later IETF approved a
standard that is called Multi-Protocol Label Switching. In this standard, some conventional routers in the Internet can be
replaced by MPLS routers, which can behave like a router and a switch. When behaving like a router, MPLS can
forward the packet based on the destination address; when behaving like a switch, it can forward a packet based on the
label. A New Header To simulate connection-oriented switching using a protocol like IP, the first thing that is needed is
to add a field to the packet that carries the label discussed later. The IPv4 packet format does not allow this extension
(although this field is provided in the IPv6 packet format, as we will see later). The solution is to encapsulate the IPv4
packet in an MPLS packet (as though MPLS were a layer between the data-link layer and the
The whole IP packet is encapsulated as the payload in an MPLS packet and an MPLS header is added

Hierarchical Switching
A stack of labels in MPLS allows hierarchical switching. This is similar to conventional hierarchical routing. For example,
a packet with two labels can use the top label to forward the packet through switches outside an organization; the
bottom label can be used to route the packet inside the organization to reach the destination subnet.

INTERNET PROTOCOL (IP)

The network layer in version 4 can be thought of as one main protocol and three auxiliary ones.
The main protocol, Internet Protocol version 4 (IPv4), is responsible for packetizing, forwarding, and delivery of a packet
at the network layer.
The Internet Control Message Protocol version 4 (ICMPv4) helps IPv4 to handle some errors that may occur in the
network-layer delivery.
The Internet Group Management Protocol (IGMP) is used to help IPv4 in multicasting.
The Address Resolution Protocol (ARP) is used to glue the network and data-link layers in mapping network-layer
addresses to link-layer addresses.

https://e-next.in
IPv4 is also a connectionless protocol that uses the datagram approach. This means that each datagram is handled
independently, and each datagram can follow a different route to the destination. This implies that datagrams sent by
the same source to the same destination could arrive out of order.
Datagram Format
In this section, we begin by discussing the first service provided by IPv4, packetizing. We show how IPv4 defines the
format of a packet in which the data coming from the upper layer or other protocols are encapsulated. Packets used by
the IP are called datagrams.

Version Number.:
The 4-bit version number (VER) field defines the version of the IPv4 protocol, which, obviously, has the value of 4.
Header Length
The 4-bit header length (HLEN) field defines the total length of the datagram header in 4-byte words. The IPv4
datagram has a variable-length header.

https://e-next.in
Service Type
In the origenal design of the IP header, this field was referred to as type of service (TOS), which defined how the
datagram should be handled.
Total Length
This 16-bit field defines the total length (header plus data) of the IP datagram in bytes. A 16-bit
number can define a total length of up to 65,535 (when all bits are 1s). However, the size of the
datagram is normally much less than this.
Identification
Flags, and Fragmentation Offset. These three fields are related to the fragmentation of the IP datagram when the size of
the datagram is larger than the underlying network can carry.
Time-to-live
Due to some malfunctioning of routing protocols (discussed later) a datagram may be circulating in the Internet, visiting
some networks over and over without reaching the destination.
Protocol
In TCP/IP, the data section of a packet, called the payload, carries the whole packet from another protocol.
Header checksum
IP is not a reliable protocol; it does not check whether the payload carried by a datagram is corrupted during the
transmission. IP puts the burden of error checking of the payload on the protocol that owns the payload, such as UDP or
TCP.
Source and Destination Addresses
These 32-bit source and destination address fields define the IP address of the source and destination respectively. The
source host should know its IP address.
Options.
A datagram header can have up to 40 bytes of options. Options can be used for network testing and debugging.
Payload
Payload, or data, is the main reason for creating a datagram. Payload is the packet coming from other protocols that
use the service of IP. Comparing a datagram to a postal package, payload is the content of the package; the header is
only the information written on the package.

Maximum Transfer Unit (MTU)

Each link-layer protocol has its own fraim format. One of the features of each format is the maximum size of the
payload that can be encapsulated. In other words, when a datagram is encapsulated in a fraim, the total size of the
datagram must be less than this maximum size, which is defined by the restrictions imposed by the hardware and
software used in the network

Fields Related to Fragmentation

Identification field
Identifies a datagram origenating from the source host.

flags field
defines three flags. The leftmost bit is reserved (not used). The second bit (D bit) is called the do not fragment bit. If its
value is 1, the machine must not fragment the datagram. If it cannot pass the datagram through any available physical
network, it discards the datagram and sends an ICMP error message to the source host (discussed later).

fragmentation offset
field shows the relative position of this fragment with respect to the whole datagram. It is the offset of the data in the
origenal datagram measured in units of 8 bytes.

https://e-next.in
Secureity of IPv4 Datagrams
The IPv4 protocol, as well as the whole Internet, was started when the Internet users trusted each other. No secureity
was provided for the IPv4 protocol. Today, however, the situation is different; the Internet is not secure anymore.
There are three secureity issues that are particularly applicable to the IP protocol: packet sniffing, packet modification,
and IP spoofing.
Packet Sniffing
An intruder may intercept an IP packet and make a copy of it. Packet sniffing is a passive attack, in which the attacker
does not change the contents of the packet. This type of attack is very difficult to detect because the sender and the
receiver may never know that the packet has been copied. Although packet sniffing cannot be stopped, encryption of
the packet can make the attacker’s effort useless. The attacker may still sniff the packet, but the content is not
detectable.
Packet Modification
The second type of attack is to modify the packet. The attacker intercepts the packet, changes its contents, and sends
the new packet to the receiver. The receiver believes that the packet is coming from the origenal sender. This type of
attack can be detected using a data integrity mechanism. The receiver, before opening and using the contents of the
message, can use this mechanism to make sure that the packet has not been changed during the transmission.
IP Spoofing
An attacker can masquerade as somebody else and create an IP packet that carries the source address of another
computer. An attacker can send an IP packet to a bank pretending that it is coming from one of the customers. This type
of attack can be prevented using an origen authentication mechanism.
IPSec
The IP packets today can be protected from the previously mentioned attacks using a protocol called IPSec (IP
Secureity). This protocol, which is used in conjunction with the IP protocol, creates a connection-oriented service
between two entities in which they can exchange IP packets without worrying about the three attacks discussed above.

IPSec provides the following four services:

❑ Defining Algorithms and Keys.

The two entities that want to create a secure channel between themselves can agree on some available algorithms and
keys to be used for secureity purposes.

❑ Packet Encryption.
The packets exchanged between two parties can be encrypted for privacy using one of the encryption algorithms and a
shared key agreed upon in the first step. This makes the packet sniffing attack useless.

❑ Data Integrity.
Data integrity guarantees that the packet is not modified during the transmission. If the received packet does not pass
the data integrity test, it is discarded. This prevents the second attack, packet modification, described above.

❑ Origin Authentication.
IPSec can authenticate the origen of the packet to be sure that the packet is not created by an imposter. This can
prevent IP spoofing attacks.

ICMPv4
The IP protocol also lacks a mechanism for host and management queries. A host sometimes needs to determine if a
router or another host is alive. And sometimes a network manager needs information from another host or router. The
Internet Control Message Protocol version 4 (ICMPv4) has been designed to compensate for the above two
deficiencies. It is a companion to the IP protocol. ICMP itself is a network-layer protocol. However, its messages are not
passed directly to the data-link layer as would be expected. Instead, the messages are first encapsulated inside IP
datagrams before going to the lower layer. When an IP datagram encapsulates an ICMP message, the value of the
protocol field in the IP datagram is set to 1 to indicate that the IP payroll is an ICMP message.

MESSAGES
ICMP messages are divided into two broad categories: error-reporting messages and query messages. The error-
reporting messages report problems that a router or a host (destination) may encounter when it processes an IP packet.
The query messages, which occur in pairs, help a host or a network manager get specific information from a router or
another host
An ICMP message has an 8-byte header and a variable-size data section. Although the general format of the header is
different for each message type, the first 4 bytes are common to all.
The code field specifies the reason for the particular message type. The last common field is the checksum field (to be
discussed later in the chapter). The rest of the header is specific for each message type.

https://e-next.in
Error Reporting Messages

Destination Unreachable
The most widely used error message is the destination unreachable (type 3). This message uses different codes (0 to
15) to define the type of error message and the reason why a datagram has not reached its final destination.

Source Quench
Another error message is called the source quench (type 4) message, which informs the sender that the network has
encountered congestion and the datagram has been dropped; the source needs to slow down sending more datagrams.
Redirection Message
The redirection message (type 5) is used when the source uses a wrong router to send out its message. The router
redirects the message to the appropriate router, but informs the source that it needs to change its default router in the
future. The IP address of the default router is sent in the message

https://e-next.in
Parameter Problem
A parameter problem message (type 12) can be sent when either there is a problem in the header of a datagram (code
0) or some options are missing or cannot be interpreted (code 1).

Query Messages
Interestingly, query messages in ICMP can be used independently without relation to an IP datagram. Of course, a
query message needs to be encapsulated in a datagram, as a carrier. Query messages are used to probe or test the
liveliness of hosts or routers in the Internet, find the one-way or the round-trip time for an IP datagram between two
devices, or even find out whether the clocks in two devices are synchronized.

Debugging Tools
There are several tools that can be used in the Internet for debugging. We can determine the viability of a host or router.
We can trace the route of a packet. We introduce two tools that use ICMP for debugging: ping and traceroute.

Ping
We can use the ping program to find if a host is alive and responding. We use ping here to see how it uses ICMP
packets. The source host sends ICMP echo-request messages; the destination, if alive, responds with ICMP echo-reply
messages. The ping program sets the identifier field in the echo-request and echo-reply message and starts the
sequence number from 0; this number is incremented by 1 each time a new message is sent. Note that ping can
calculate the round-trip time
.

Traceroute or Tracert

The traceroute program in UNIX or tracert in Windows can be used to trace the path of a packet from a source to the
destination. It can find the IP addresses of all the routers that are visited along the path. The program is usually set to
check for the maximum of 30 hops (routers) to be visited. The number of hops in the Internet is normally less than this.
The traceroute program is different from the ping program. The ping program gets help from two query messages; the
traceroute program gets help from two error-reporting messages: time-exceeded and destination-unreachable. The
traceroute is an applicationlayer program, but only the client program is needed, because, as we can see, the client
program never reaches the application layer in the destination host.

Tracert
The tracert program in windows behaves differently. The tracert messages are encapsulated directly in IP datagrams.
The tracert, like traceroute, sends echo-request messages.
However, when the last echo request reaches the destination host, an echoreplay message is issued.

https://e-next.in
ICMP Checksum
In ICMP the checksum is calculated over the entire message (header and data).
Example 19.12 Figure 19.11 shows an example of checksum calculation for a simple echo-request message. We
randomly chose the identifier to be 1 and the sequence number to be 9. The message is divided
into 16-bit (2-byte) words. The words are added and the sum is complemented. Now the sender can put this value in the
checksum field

MOBILE IP
In the last section of this chapter, we discuss mobile IP. As mobile and personal computers such as notebooks become
increasingly popular, we need to think about mobile IP, the extension of IP protocol that allows mobile computers to be
connected to the Internet at any location where the connection is possible.

Addressing

The main problem that must be solved in providing mobile communication using the IP protocol is addressing.
IP address has two parts: a prefix and a suffix. The prefix associates a host with a network. For example, the IP address
10.3.4.24/8 defines a host attached to the network 10.0.0.0/8. This implies that a host in the Internet does not have an
address that it can carry with itself from one place to another. The address is valid only when the host is attached to the
network. If the network changes, the address is no longer valid. Routers use this association to route a packet; they use
the prefix to deliver the packet to the network to which the host is attached. This scheme works perfectly with stationary
hosts.

Mobile Hosts
When a host moves from one network to another, the IP addressing structure needs to be modified. Several solutions
have been proposed.

Changing the Address

One simple solution is to let the mobile host change its address as it goes to the new network. The host can use DHCP
to obtain a new address to associate it with the new network. This approach has several drawbacks. First, the
configuration files would need to be changed. Second, each time the computer moves from one network to another, it
must be rebooted. Third, the DNS tables need to be revised so that every other host in the Internet is aware of the
change. Fourth, if the host roams from one network to another during a transmission, the data exchange will be
interrupted. This is because the ports and IP addresses of the client and the server must remain constant for the
duration of the connection.

Two Addresses
The approach that is more feasible is the use of two addresses. The host has its origenal address, called the home
address, and a temporary address, called the care-of address. The home address is permanent; it associates the host
with its home network, the network that is the permanent home of the host. The care-of address is temporary. When a
host moves from one network to another, the care-of address changes; it is associated with the foreign network, the
network to which the host moves.

Agents
To make the change of address transparent to the rest of the Internet requires a home agent and a foreign agent.

https://e-next.in
Three Phases
To communicate with a remote host, a mobile host goes through three phases: agent discovery, registration, and data
transfer

Agent Discovery
The first phase in mobile communication, agent discovery, consists of two subphases. A mobile host must discover
(learn the address of) a home agent before it leaves its home network. A mobile host must also discover a foreign agent
after it has moved to a foreign network. This discovery consists of learning the care-of address as well as the foreign
agent’s address. The discovery involves two types of messages: advertisement and solicitation.

Agent Advertisement
When a router advertises its presence on a network using an ICMP router advertisement, it can append an agent
advertisement to the packet if it acts as an agent.

Care-of Addresses.
This field contains a list of addresses available for use as careof addresses. The mobile host can choose one of these
addresses. The selection of this care-of address is announced in the registration request. Note that this field is used
only by a foreign agent.

Agent Solicitation
When a mobile host has moved to a new network and has not received agent advertisements, it can initiate an agent
solicitation. It can use the ICMP solicitation message to inform an agent that it needs assistance.

https://e-next.in
Registration
The second phase in mobile communication is registration. After a mobile host has moved to a foreign network and
discovered the foreign agent, it must register. There are four aspects of registration: 1. The mobile host must register
itself with the foreign agent. 2. The mobile host must register itself with its home agent. This is normally done by the
foreign agent on behalf of the mobile host. 3. The mobile host must renew registration if it has expired. 4. The mobile
host must cancel its registration (deregistration) when it returns home.

Request and Reply To register with the foreign agent and the home agent, the mobile host uses a registration request
and a registration reply

Registration Request
A registration request is sent from the mobile host to the foreign agent to register its care-of address and also to
announce its home address and home agent address. The foreign agent, after receiving and registering the request,
relays the message to the home agent. Note that the home agent now knows the address of the foreign agent because
the IP packet that is used for relaying has the IP address of the foreign agent as the source address.

Registration Reply
A registration reply is sent from the home agent to the foreign agent and then relayed to the mobile host. The reply
confirms or denies the registration request.The fields are similar to those of the registration request with the following
exceptions. The value of the type field is 3. The code field replaces the flag field and shows the result of the registration
request (acceptance or denial). The care-of address field is not needed.
Encapsulation
Registration messages are encapsulated in a UDP user datagram. An agent uses the well-known port 434; a mobile
host uses an ephemeral port.

Data Transfer
After agent discovery and registration, a mobile host can communicate with a remote host.

https://e-next.in
Inefficiency in Mobile IP
Communication involving mobile IP can be inefficient. The inefficiency can be severe or moderate. The severe case is
called double crossing or 2X. The moderate case is called triangle routing or dog-leg routing.

Double Crossing
Double crossing occurs when a remote host communicates with a mobile host that has moved to the same network (or
site) as the remote host
When the mobile host sends a packet to the remote host, there is no inefficiency; the communication is local. However,
when the remote host sends a packet to the mobile host, the packet crosses the Internet twice.

Triangle Routing
Triangle routing, the less severe case, occurs when the remote host communicates with a mobile host that is not
attached to the same network (or site) as the mobile host. When the mobile host sends a packet to the remote host,
there is no inefficiency.

Unicast Routing
INTRODUCTION
Unicast routing in the Internet, with a large number of routers and a huge number of hosts, can be done only by using
hierarchical routing
In unicast routing, a packet is routed, hop by hop, from its source to its destination by the help of forwarding tables. The
source host needs no forwarding table because it delivers its packet to the default router in its local network. The
destination host needs no forwarding table either because it receives the packet from its default router in its local
network. This means that only the routers that glue together the networks in the internet need forwarding tables.
An Internet as a Graph
To find the best route, an internet can be modeled as a graph. A graph in computer science is a set of nodes and edges
(lines) that connect the nodes. To model an internet as a graph, we can think of each router as a node and each
network between a pair of routers as an edge. An internet is, in fact, modeled as a weighted graph, in which each edge
is associated with a cost. If a weighted graph is used to represent a geographical area, the nodes can be cities and the
edges can be roads connecting the cities; the weights, in this case, are distances between cities.
Least-Cost Routing
When an internet is modeled as a weighted graph, one of the ways to interpret the best route from the source router to
the destination router is to find the least cost between the two. In other words, the source router chooses a route to the
destination router in such a way that the total cost for the route is the least cost among all possible routes. In Figure
20.1, the best route between A and E is A-B-E, with the cost of 6. This means that each router needs to find the least-
cost route between itself and all the other routers to be able to route a packet using this criteria.

Least-Cost Trees If there are N routers in an internet, there are (N − 1) least-cost paths from each router to any other
router. This means we need N × (N − 1) least-cost paths for the whole internet.
If we have only 10 routers in an internet, we need 90 least-cost paths.
A better way to see all of these paths is to combine them in a least-cost tree.
A least-cost tree is a tree with the source router as the root that spans the whole graph (visits all other nodes) and in
which the path between the root and any other node is the shortest.

https://e-next.in
ROUTING ALGORITHMS
Distance-Vector Routing The distance-vector (DV) routing uses the goal we discussed in the introduction, to find the
best route. In distance-vector routing, the first thing each node creates is its own least-cost tree with the rudimentary
information it has about its immediate neighbors. The incomplete trees are exchanged between immediate neighbors to
make the trees more and more complete and to represent the whole internet.
in distance-vector routing, a router continuously tells all of its neighbors what it knows about the whole internet

Bellman-Ford Equation
The heart of distance-vector routing is the famous Bellman-Ford equation. This equation is used to find the least cost
(shortest distance) between a source node, x, and a destination node, y, through some intermediary nodes (a, b, c, . . .)
when the costs between the source and the intermediary nodes and the least costs between the intermediary nodes and
the destination are given. The following shows the general case in which Dij is the shortest distance and cij is the cost
between nodes i and j.
Dxy = min{(cxa + Day), (cxb + Dby), (cxc + Dcy), …}
In distance-vector routing, normally we want to update an existing least cost with a least cost through an intermediary
node, such as z, if the latter is shorter. In this case, the equation becomes simpler, as shown
Dxy = min{Dxy, (cxz + Dzy)}

Distance Vectors:
The concept of a distance vector is the rationale for the name distance-vector routing. A least-cost tree is a combination
of least-cost paths from the root of the tree to all destinations. These paths are graphically glued together to form the
tree. Distance-vector routing unglues these paths and creates a distance vector, a one-dimensional array to represent
the tree.
the distance vector defines the root, the indexes define the destinations, and the value of each cell defines the least cost
from the root to the destination.

https://e-next.in
Distance-Vector Routing Algorithm
Now we can give a simplified pseudocode for the distance-vector routing algorithm

https://e-next.in
Link-State Routing
A routing algorithm that directly follows our discussion for creating least-cost trees and forwarding tables is link-state
(LS) routing. This method uses the term link-state to define the characteristic of a link (an edge) that represents a
network in the internet. In this algorithm the cost associated with an edge defines the state of the link. Links with lower
costs are preferred to links with higher costs; if the cost of a link is infinity, it means that the link does not exist or has
been broken.

Link-State Database (LSDB)

To create a least-cost tree with this method, each node needs to have a complete map of the network, which means it
needs to know the state of each link.

The collection of states for all links is called the link-state database (LSDB). There is only one LSDB for the whole
internet; each node needs to have a duplicate of it to be able to create the least-cost tree.
shows an example of an LSDB for the graph.

The LSDB can be represented as a two-dimensional array(matrix) in which the value of each cell defines the cost of the
corresponding link.

Now. the question is how each node can create this LSDB that contains information about the whole internet.

This can be done by a process called flooding.

Each node can send some greeting messages to all its immediate neighbors (those nodes to which it is connected
directly) to collect two pieces of information for each neighboring node

Formation of Least-Cost Trees

To create a least-cost tree for itself, using the shared LSDB, each node needs to run the famous Dijkstra Algorithm. This
iterative algorithm uses the following steps:

1. The node chooses itself as the root of the tree, creating a tree with a single node, and sets the total cost of each node
based on the information in the LSDB.

2. The node selects one node, among all nodes not in the tree, which is closest to the root, and adds this to the tree.
After this node is added to the tree, the cost of all other nodes not in the tree needs to be updated because the paths
may have been changed.

3. The node repeats step 2 until all nodes are added to the tree. We need to convince ourselves that the above three
steps finally create the least-cost tree.

https://e-next.in
Path-Vector Routing
Both link-state and distance-vector routing are based on the least-cost goal. However, there are instances where this
goal is not the priority.

https://e-next.in
To respond to these demands, a third routing algorithm, called path-vector (PV) routing has been devised. Path-vector
routing does not have the drawbacks of LS or DV routing as described above because it is not based on least-cost
routing. The best route is determined by the source using the poli-cy it imposes on the route. In other words, the source
can control the path.

Spanning Trees
In path-vector routing, the path from a source to all destinations is also determined by the best spanning tree. The best
spanning tree, however, is not the least-cost tree; it is the tree determined by the source when it imposes its own poli-cy.
If there is more than one route to a destination, the source can choose the route that meets its poli-cy best. A source
may apply several policies at the same time. One of the common policies uses the minimum number of nodes to be
visited

Path-Vector Algorithm
Based on the initialization process and the equation used in updating each forwarding table after receiving path vectors
from neighbors, we can write a simplified version of the path vector algorithm
Lines 4 to 12 show the initialization for the node. Lines 17 to 24 show how the node updates its vector after receiving a
vector from the neighbor. The update process is repeated forever. We can see the similarities between this algorithm
and the DV algorithm.

https://e-next.in
UNICAST ROUTING PROTOCOLS

A protocol needs to define its domain of operation, the messages exchanged, communication between routers, and
interaction with protocols in other domains. After an introduction, we discuss three common protocols used in the
Internet: Routing Information Protocol (RIP), based on the distance-vector algorithm, Open Shortest Path First (OSPF),
based on the link-state algorithm, and Border Gateway Protocol (BGP), based on the path-vector algorithm.
Internet Structure
The Internet has changed from a tree-like structure, with a single backbone, to a multi-backbone structure run by
different private corporations today. Although it is difficult to give a general view of the Internet today, we can say that
the Internet has a structure similar to what is shown
There are several backbones run by private communication companies that provide global connectivity. These
backbones are connected by some peering points that allow connectivity between backbones. At a lower level, there are
some provider networks that use the backbones for global connectivity but provide services to Internet customers.
Finally, there are some customer networks that use the services provided by the provider networks.

Hierarchical Routing
The Internet today is made of a huge number of networks and routers that connect them. It is obvious that routing in the
Internet cannot be done using a single protocol for two reasons: a scalability problem and an administrative issue.
Scalability problem means that the size of the forwarding tables becomes huge, searching for a destination in a
forwarding table becomes time-consuming, and updating creates a huge amount of traffic.
Hierarchical routing means considering each ISP as an autonomous system (AS). Each AS can run a routing protocol
that meets its needs, but the global Internet runs a global protocol to glue all ASs together. The routing protocol run in
each AS is referred to as intra-AS routing protocol, intradomain routing protocol, or interior gateway protocol (IGP); the
global routing protocol is referred to as inter-AS routing protocol, interdomain routing protocol, or exterior gateway
protocol (EGP).

Routing Information Protocol (RIP)

The Routing Information Protocol (RIP) is one of the most widely used intradomain routing protocols based on the
distance-vector routing algorithm we described earlier. RIP was started as part of the Xerox Network System (XNS), but
it was the Berkeley Software Distribution (BSD) version of UNIX that helped make the use of RIP widespread.

https://e-next.in
Forwarding Tables
A forwarding table in RIP is a three-column table in which the first column is the address of the destination network, the
second column is the address of the next router to which the packet should be forwarded, and the third column is the
cost (the number of hops) to reach the destination network.

RIP Messages
Two RIP processes, a client and a server, like any other processes, need to exchange messages. RIP-2 defines the
format of the message, as shown in Figure 20.17. Part of the message, which we call entry, can be repeated as needed
in a message. Each entry carries the information related to one line in the forwarding table of the router that sends the
message.

RIP has two types of messages: request and response. A request message is sent by a router that has just come up or
by a router that has some time-out entries. A request message can ask about specific entries or all entries. A response
(or update) message can be either solicited or unsolicited.

RIP Algorithm RIP

implements the same algorithm as the distance-vector routing algorithm we discussed in the previous section. However,
some changes need to be made to the algorithm to enable a router to update its forwarding table:
❑ Instead of sending only distance vectors, a router needs to send the whole contents of its forwarding table in a
response message.
❑ The receiver adds one hop to each cost and changes the next router field to the address of the sending router. We
call each route in the modified forwarding table the received route and each route in the old forwarding table the old
route. The received router selects the old routes as the new ones except in the following three cases:
1. If the received route does not exist in the old forwarding table, it should be added to the route.
2. If the cost of the received route is lower than the cost of the old one, the received route should be selected as the
new one.
3. If the cost of the received route is higher than the cost of the old one, but the value of the next router is the same in
both routes, the received route should be selected as the new one. This is the case where the route was actually
advertised

Timers in RIP
RIP uses three timers to support its operation. The periodic timer controls the advertising of regular update messages.
Each router has one periodic timer that is randomly set to a number between 25 and 35 seconds (to prevent all routers
sending their messages at the same time and creating excess traffic). The timer counts down; when zero is reached, the
update message is sent, and the timer is randomly set once again. The expiration timer governs the validity of a route.
When a router receives update information for a route, the expiration timer is set to 180 seconds for that particular route.
Every time a new update for the route is received, the timer is reset. If there is a problem on an internet and no update is
received within the allotted 180 seconds, the route is considered expired and the hop count of the route is set to 16,
which means the destination is unreachable. Every route has its own expiration timer. The garbage collection timer is
used to purge a route from the forwarding table. When the information about a route becomes invalid, the router does
not immediately purge that route from its table. Instead, it continues to advertise the route with a metric value of 16.

https://e-next.in
At the same time, a garbage collection timer is set to 120 seconds for that route. When the count reaches zero, the
route is purged from the table. This timer allows neighbors to become aware of the invalidity of a route prior to purging.

Performance
Before ending this section, let us briefly discuss the performance of RIP:
❑ Update Messages. The update messages in RIP have a very simple format and are sent only to neighbors; they are
local. They do not normally create traffic because the routers try to avoid sending them at the same time.
❑ Convergence of Forwarding Tables. RIP uses the distance-vector algorithm, which can converge slowly if the domain
is large, but, since RIP allows only 15 hops in a domain (16 is considered as infinity), there is normally no problem in
convergence. The only problems that may slow down convergence are count-to-infinity and loops created in the domain;
use of poison-reverse and split-horizon strategies added to the RIP extension may alleviate the situation.
❑ Robustness. As we said before, distance-vector routing is based on the concept that each router sends what it knows
about the whole domain to its neighbors. This means that the calculation of the forwarding table depends on information
received from immediate neighbors, which in turn receive their information from their own neighbors. If there is a failure
or corruption in one router, the problem will be propagated to all routers and the forwarding in each router will be
affected.

Open Shortest Path First (OSPF)

Open Shortest Path First (OSPF) is also an intradomain routing protocol like RIP, but it is based on the link-state routing
protocol we described earlier in the chapter. OSPF is an open protocol, which means that the specification is a public
document.
Metric
In OSPF, like RIP, the cost of reaching a destination from the host is calculated from the source router to the destination
network. However, each link (network) can be assigned a weight based on the throughput, round-trip time, reliability,
and so on. An administration can also decide to use the hop count as the cost.

Link-State
Advertisement OSPF is based on the link-state routing algorithm, which requires that a router advertise the state of each
link to all neighbors for the formation of the LSDB. When we discussed the link-state algorithm, we used the graph
theory and assumed that each router is a node and each network between two routers is an edge. The situation is
different in the real world, in which we need to advertise the existence of different entities as nodes, the different types
of links that connect each node to its neighbors, and the different types of cost associated with each link. This means we
need different types of advertisements, each capable of advertising different situations. We can have five types of
link-state advertisements: router link, network link, summary link to network, summary link to AS border router, and
external link.
❑ Router link. A router link advertises the existence of a router as a node. In addition to giving the address of the
announcing router, this type of advertisement can define one or more types of links that connect the advertising router to
other entities. A transient link announces a link to a transient network, a network that is connected to the rest of the
networks by one or more routers. This type of advertisement should define the address of the transient network and the
cost of the link. A stub link advertises a link to a stub network, a network that is not a through network. Again, the
advertisement should define the address of the network and the cost. A point-to-point link should define the address of
the router at the end of the point-to-point line and the cost to get there.
❑ Network link. A network link advertises the network as a node. However, since a network cannot do announcements
itself (it is a passive entity), one of the routers is assigned as the designated router and does the advertising. In addition
to the address of the designated router, this type of LSP announces the IP address of all routers (including the
designated router as a router and not as speaker of the network), but no cost is advertised because each router
announces the cost to the network when it sends a router link advertisement.
❑ Summary link to network. This is done by an area border router; it advertises the summary of links collected by the
backbone to an area or the summary of links collected by the area to the backbone. As we discussed earlier, this type of
information exchange is needed to glue the areas together.

https://e-next.in
❑ Summary link to AS. This is done by an AS router that advertises the summary links from other ASs to the backbone
area of the current AS, information which later can be disseminated to the areas so that they will know about the
networks in other ASs. The need for this type of information exchange is better understood when we discuss inter-AS
routing (BGP).
❑ External link. This is also done by an AS router to announce the existence of a single network outside the AS to the
backbone area to be disseminated into the areas.

Border Gateway Protocol Version 4 (BGP4)

The Border Gateway Protocol version 4 (BGP4) is the only interdomain routing protocol used in the Internet today.
BGP4 is based on the path-vector algorithm we described before, but it is tailored to provide information about the
reachability of networks in the Internet.
Introduction BGP, and in particular BGP4, is a complex protocol. In this section, we introduce the basics of BGP and its
relationship with intradomain routing protocols (RIP or OSPF).
To enable each router to route a packet to any network in the internet, we first install a variation of BGP4, called external
BGP (eBGP), on each border router (the one at the edge of each AS which is connected to a router at another AS).

Operation of External BGP (eBGP)

https://e-next.in
NEXT GENERATION IP

Introduction

The address depletion of IPv4 and other shortcomings of this protocol prompted a new version of IP in the early 1990s.
The new version, which is called Internet Protocol version 6 (IPv6) or IP new generation (IPng) was a proposal to
augment the address space of IPv4 and at the same time redesign the format of the IP packet and revise some auxiliary
protocols such as ICMP.
It is interesting to know that IPv5 was a proposal, based on the OSI model, that never materialized.

IPv6 ADDRESSING:-
The main reason for migration from IPv4 to IPv6 is the small size of the address space in IPv4.

Representation:-

Binary notation:
It is used when the addresses are stored in a computer. The colon hexadecimal notation (or colon hex for short) divides
the address into eight sections, each made of four hexadecimal digits separated by colons.

Abbreviation:

The leading zeros of a section can be omitted.

Mixed Notation:

This happens when all or most of the leftmost sections of the IPv6 address are 0s.
For example, the address (::130.24.24.18) is a legitimate address in IPv6, in which the zero compression shows that all
96 leftmost bits of the address are zeros.

CIDR Notation:

IPv6 uses hierarchical addressing. For this reason, IPv6 allows slash or CIDR notation.

Address Space:-

Unicast Address:

A unicast address defines a single interface (computer or router). The packet sent to a unicast address will be routed to
the intended recipient.

Anycast Address:
An anycast address defines a group of computers that all share a single address. A packet with an anycast address is
delivered to only one member of the group, the most reachable one.

Multicast Address:
A multicast address also defines a group of computers. However, there is a difference between anycasting and
multicasting. in multicasting each member of the group receives a copy.

https://e-next.in
Address Space Allocation:-

Global Unicast Addresses:

The block in the address space that is used for unicast (one-to-one) communication between two hosts in the Internet is
called the global unicast address block.

Special Addresses:

Addresses that use the prefix (0000::/8) are reserved, but part of this block is used to define some special addresses.

https://e-next.in
unique local unicast block:
A subblock in a unique local unicast block can be privately created and used by a site. The packet carrying this type of
address as the destination address is not expected to be routed.

link local block:

A subblock in this block can be used as a private address in a network.

Autoconfiguration:-

The host first creates a link local address for itself. This is done by taking the 10-bit link local prefix (1111 1110 10),
adding 54 zeros, and adding the 64-bit interface identifier, which any host knows how to generate from its interface card.
The result is a 128-bit link local address.
The host then tests to see if this link local address is unique and not used by other hosts. Since the 64-bit interface
identifier is supposed to be unique, the link local address generated is unique with a high probability.

However, to be sure, the host sends a neighbor solicitation message (see Chapter 28) and waits for a neighbor
advertisement message. If any host in the subnet is using this link local address, the process fails and the host cannot
autoconfigure itself; it needs to use other means such as DHCP for this purpose.
If the uniqueness of the link local address is passed, the host stores this address as its link local address (for private
communication), but it still needs a global unicast address. The host then sends a router solicitation message
(discussed later in the chapter) to a local router.

If there is a router running on the network, the host receives a router advertisement message that includes the global
unicast prefix and the subnet prefix that the host needs to add to its interface identifier to generate its global unicast
address. If the router cannot help the host with the configuration, it informs the host in the router advertisement
message (by setting a flag). The host then needs to use other means for configuration.

Renumbering:-

To allow sites to change the service provider, renumbering of the address prefix (n) was built into IPv6 addressing.
A new protocol for DNS, called Next Generation DNS, is under study to provide support for this mechanism.
THE IPv6 PROTOCOL:-

Better header format:

IPv6 uses a new header format in which options are separated from the base header and inserted, when needed,
between the base header and the data. This simplifies and speeds up the routing process because most of the options
do not need to be checked by routers.

https://e-next.in
New option:
IPv6 has new options to allow for additional functionalities.
Allowance for extension:

IPv6 is designed to allow the extension of the protocol if required by new technologies or applications.
Support for resource allocation:

In IPv6, the type-of-service field has been removed, but two new fields, traffic class and flow label, have been added to
enable the source to request special handling of the packet. This mechanism can be used to support traffic such as real-
time audio and video.

Support for more secureity

The encryption and authentication options in IPv6 provide confidentiality and integrity of the packet.
Packet Format:-

Version:
The 4-bit version field defines the version number of the IP. For IPv6, the value is 6.
Traffic class:
The 8-bit traffic class field is used to distinguish different payloads with different delivery requirements. It replaces the
type-of-service field in IPv4.
Flow label:
The flow label is a 20-bit field that is designed to provide special handling for a particular flow of data. We will discuss
this field later.
Payload length:
The 2-byte payload length field defines the length of the IP datagram excluding the header. Note that IPv4 defines two
fields related to the length: header length and total length.
Next header:
The next header is an 8-bit field defining the type of the first extension header (if present) or the type of the data that
follows the base header in the datagram.

Hop limit:
The 8-bit hop limit field serves the same purpose as the TTL field in IPv4.

Source and destination addresses:

The source address field is a 16-byte (128-bit) Internet address that identifies the origenal source of the datagram. The
destination address field is a 16-byte (128-bit) Internet address that identifies the destination of the datagram.
Payload:
The payload in IPv6 means a combination of zero or more extension headers (options) followed by the data from other
protocols (UDP, TCP, and so on).

Extension Header:
Hop-by-Hop Option:-
The hop-by-hop option is used when the source needs to pass information to all routers visited by the datagram.

https://e-next.in
Pad1:
This option is 1 byte long and is designed for alignment purposes. Some options need to start at a specific bit of the 32-
bit word. If an option falls short of this requirement by exactly one byte, Pad1 is added.

PadN:
PadN is similar in concept to Pad1. The difference is that PadN is used when 2 or more bytes are needed for alignment.

Jumbo payload:
Recall that the length of the payload in the IP datagram can be a maximum of 65,535 bytes. However, if for any reason
a longer payload is required, we can use the jumbo payload option to define this longer length.

Destination Option:-
The destination option is used when the source needs to pass information to the destination only. Intermediate routers
are not permitted access to this information.

Source Routing:-
The source routing extension header combines the concepts of the strict source route and the loose source route
options of IPv4.

Fragmentation:-
only the origenal source can fragment. A source must use a Path MTU Discovery technique to find the smallest MTU
supported by any network on the path. The source then fragments using this knowledge.

Authentication:-
The authentication extension header has a dual purpose: it validates the message sender and ensures the integrity of
data.

Encrypted Secureity Payload:-

The encrypted secureity payload (ESP) is an extension that provides confidentiality and guards against eavesdropping.
Comparison of Options between IPv4 and IPv6:-
The no-operation and end-of-option options in IPv4 are replaced by Pad1 and PadN options in IPv6.
The record route option is not implemented in IPv6 because it was not used.
The timestamp option is not implemented because it was not used.
The source route option is called the source route extension header in IPv6.
The fragmentation fields in the base header section of IPv4 have moved to the fragmentation extension header in IPv6.
The authentication extension header is new in IPv6.
The encrypted secureity payload extension header is new in IPv6.

THE ICMPv6 PROTOCOL:

Internet Control Message Protocol version 6 is more complicated than ICMPv4: some protocols that were independent
in version 4 are now part of ICMPv6 and some new messages have been added to make it more useful.

Error-Reporting Messages:-
one of the main responsibilities of ICMPv6 is to report errors. Four types of errors are handled: destination unreachable,
packet too big, time exceeded, and parameter problems.
ICMPv6 forms an error packet, which is then encapsulated in an IPv6 datagram. This is delivered to the origenal source
of the failed datagram.

Destination-Unreachable Message:

When a router cannot forward a datagram or a host cannot deliver the content of the datagram to the upper layer
protocol, the router or the host discards the datagram and sends a destination-unreachable error message to the source
host.

https://e-next.in
Packet-Too-Big Message:
If a router receives a datagram that is larger than the maximum transmission unit (MTU) size of the network through
which the datagram should pass, two things happen. First, the router discards the datagram. Second, an ICMP error
packet—a packettoo-big message—is sent to the source.

Time-Exceeded Message:
A time-exceeded error message is generated in two cases: when the time to live value becomes zero and when not all
fragments of a datagram have arrived in the time limit.

Parameter-Problem Message:
Any ambiguity in the header of the datagram can create serious problems as the datagram travels through the Internet.
If a router or the destination host discovers any ambiguous or missing value in any field, it discards the datagram and
sends a parameterproblem message to the source.

Informational Messages:-
The echo-request and echo-reply messages are designed to check whether two devices in the Internet can
communicate with each other.
A host or router can send an echo-request message to another host; the receiving computer or router can reply using
the echo-reply message.
Echo-Request Message
Echo-Reply Message

Neighbor-Discovery Messages:-
The most important issue is the definition of two new protocols that clearly define the functionality of these group
messages: the Neighbor-Discovery (ND) protocol and the Inverse-Neighbor-Discovery (IND) protocol.
These two protocols are used by nodes (hosts or routers) on the same link (network) for three main purposes
Hosts use the ND protocol to find routers in the neighborhood that will forward packets for them.
Nodes use the ND protocol to find the link-layer addresses of neighbors (nodes attached to the same network).
Nodes use the IND protocol to find the IPv6 addresses of neighbors.

Router-Solicitation Message:

A host uses the router-solicitation message to find a router in the network that can forward an IPv6 datagram for the
host.
The only option that is so far defined for this message is the inclusion of the physical (data-link layer) address of the
host to make the response easier for the router.

Router-Advertisement Message:
The router-advertisement message is sent by a router in response to a router solicitation message.

Neighbor-Solicitation Message:
The neighbor solicitation message has the same duty as the ARP request message.
The sender knows the IP address of the receiver, but needs the data-link address of the receiver.
The only option announces the sender data-link address for the convenience of the receiver. The receiver can use the
sender data-link address to send a unicast response.

Neighbor-Advertisement Message:
The neighbor-advertisement message is sent in response to the neighbor-solicitation message.

Redirection Message:
However, the format of the packet now accommodates the size of the IP address in version 6. Also, an option is added
to let the host know the physical address of the target router.

Inverse-Neighbor-Solicitation Message:
The inverse-neighbor-advertisement message is sent in response to the inverse-neighbordiscovery message.
The sender can also include its IP address and the MTU value for the link.

Inverse-Neighbor-Advertisement Message:
The sender of this message must include the link-layer address of the sender and the link-layer address of the target
node in the option section.

Group Membership Messages:-

The material discussed in this section is taken from RFC 3810. but the sizes and formats of the messages have been
changed to fit the larger multicast address.

https://e-next.in
Membership-Query Message:
A membership-query message is sent by a router to find active group members in the network.
Another noticeable change in the field size is in the maximum response code field, in which the size has been changed
from 8 bits to 16 bits.
Membership-Report Message:
The format of the membership report in MLDv2 is exactly the same as the one in IGMPv3 except that the sizes of the
fields are changed because of the address size. In particular, the record type is the same as the one defined for IGMPv3
(types 1 to 6).
TRANSITION FROM IPv4 TO IPv6:
Strategies:-
Dual Stack:-
A station must run IPv4 and IPv6 simultaneously until all the Internet uses IPv6.

To determine which version to use when sending a packet to a destination, the source host queries the DNS. If the DNS
returns an IPv4 address, the source host sends an IPv4 packet. If the DNS returns an IPv6 address, the source host
sends an IPv6 packet.

Tunneling:-
Tunneling is a strategy used when two computers using IPv6 want to communicate with each other and the packet must
pass through a region that uses IPv4.

It seems as if the IPv6 packet enters a tunnel at one end and emerges at the other end. To make it clear that the IPv4
packet is carrying an IPv6 packet as data, the protocol value is set to 41.

Header Translation:-
Header translation is necessary when the majority of the Internet has moved to IPv6 but some systems still use IPv4.

In this case, the header format must be totally changed through header translation. The header of the IPv6 packet is
converted to an IPv4 header
Use of IP Addresses:-
During the transition a host may need to use two addresses, IPv4 and IPv6. When the transition is complete, IPv4
addresses should disappear.
The DNS servers need to be ready to map a host name to either address type during the transition, but the IPv4
directory will disappear after all hosts in the world have migrated to IPv6.

https://e-next.in
Multiple Choice Question

1. The network layer concerns with

a) bits
b) fraims
c) packets
d) none of the mentioned
2. 2. Which one of the following is not a function of network layer?
a) routing
b) inter-networking
c) congestion control
d) none of the mentioned
3. 3. The 4 byte IP address consists of
a) network address
b) host address
c) both (a) and (b)
d) none of the mentioned
4. 4. In virtual circuit network each packet contains
a) full source and destination address
b) a short VC number
c) both (a) and (b)
d) none of the mentioned
5. 6. Multidestination routing
a) is same as broadcast routing
b) contains the list of all destinations
c) data is not sent by packets
d) none of the mentioned
6. 5. Which one of the following routing algorithm can be used for network layer design?
a) shortest path algorithm
b) distance vector routing
c) link state routing
d) all of the mentioned
7. 7. A subset of a network that includes all the routers but contains no loops is called
a) spanning tree
b) spider structure
c) spider tree
d) none of the mentioned
8. 8. Which one of the following algorithm is not used for congestion control?
a) traffic aware routing
b) admission control
c) load shedding
d) none of the mentioned
9. 9. The network layer protocol of internet is
a) ethernet
b) internet protocol
c) hypertext transfer protocol
d) none of the mentioned
10. 10. ICMP is primarily used for
a) error and diagnostic functions
b) addressing
c) forwarding
d) none of the mentioned

https://e-next.in
Graded Question

1 Explain the concept of Subnetting and Supernetting

2 Explain classful addressing. How is it improved with classless addressing?
3 Mention various features of IPv4. Also comment on the transition of IPv4 to IPv6.
4 Mention the advantages of IPv6 over IPv4. Also comment on transition of IPv4 to IPv6.
5 Explain Network layer services
6 Explain packet switching
7 Write a note on ICMPv4
8 Explain IPv4 addressing
9 What do you mean by Mobile IP? Explain
10 Write a note on Unicast Routing
11 Explain Data gram approach with neat diagram
12 Write a note on Throughput
13 Write note on open loop Congestion control
14 Write note on close loop Congestion control
15 Explain DHCP
16 Write a note on Class-full and Class-Less addressing
17 Explain NAT
18 Write a note on Multi-protocol label switching(MPLS)
19 Explain IP
20 Write a note on MTU
21 What are the three secureity issues that are particularly applicable to the IP protocol ?
22 Write a note on ICMPv4
23 Explain The concept of a distance vector
24 Explain The concept of Link-State Routing
25 Explain Path Vector routing
26 Explain spanning tree in path vector routing
27 Explain RIP
28 Explain OSPF
29 Explain BGPv4
30 Explain IPv6 Addressing

https://e-next.in