Illustrate with a neat sketch, the IPV 4 datagram format.

Compare the fields in the main headers of IPV 4 and IPV 6.

Data transmitted over an internet using IP is carried in messages called IP datagrams. Like all network protocol messages, IP uses a specific format for its datagrams. The IPv4 datagram is conceptually divided into two pieces: the header and the payload. The header contains addressing and control fields, while the payload carries the actual data to be sent over the internetwork. Unlike some message formats, IP datagrams do not have a footer following the payload. Even though IP is a relatively simple, connectionless, unreliable protocol, the IPv4 header carries a fair bit of information, which makes it rather large. At a minimum, it is 20 bytes long, and with options can be significantly longer.

Internet Protocol Version 4 IPv4 Datagram format is as follows :

Version: Identifies the version of IP used to generate the datagram. For IPv4, this is of course the number 4. The purpose of this field is to ensure compatibility between devices that may be running different versions of IP. In general, a device running an older version of IP will reject datagrams created by newer implementations, under the assumption that the older version may not be able to interpret the newer datagram correctly. Internet Header Length (IHL): Specifies the length of the IP header, in 32-bit words. This includes the length of any options fields and padding. The normal value of this field when no options are used is 5 (5 32-bit words = 5*4 = 20 bytes). Contrast to the longer Total Length field below. Type Of Service (TOS): A field designed to carry information to provide quality of service features, such as prioritized delivery, for IP datagrams. It was never widely used as originally defined, and its meaning has been subsequently redefined for use by a technique called Differentiated Services (DS). See below for more information. Total Length (TL): Specifies the total length of the IP datagram, in bytes. Since this field is 16 bits wide, the maximum length of an IP datagram is 65,535 bytes, though most are much smaller. Identification: This field contains a 16-bit value that is common to each of the fragments belonging to a particular message; for datagrams originally sent unfragmented it is still filled in, so it can be used if the datagram must be fragmented by a router during delivery. This field is used by the recipient to reassemble messages without accidentally mixing fragments from different messages. This is needed because fragments may arrive from multiple messages mixed together, since IP datagrams can be received out of order from any device.
Fragment Offset: When fragmentation of a message occurs, this field specifies the offset, or position, in the overall message where the data in this fragment goes. It is specified in units of 8 bytes (64 bits). The first fragment has an offset of 0. Again, for a description of how the field is used.

Time To Live (TTL): Short version: Specifies how long the datagram is allowed to live on the network, in terms of router hops. Each router decrements the value of the TTL field (reduces it by one) prior to transmitting it. If the TTL field drops to zero, the datagram is assumed to have taken too long a route and is discarded.

Explain in detail about Internet Control Message Protocol.

Internet Control Message Protocol (ICMP) RFC 792 Used to communicate IP status and error messages between host and routers Used to communicate IP status and error messages between hosts and routers Uses IP to route its messages between hosts Must be implemented with IP remember, IP is just a packet delivery system transmits and routes datagrams from sources to destinations through a series of interconnected networks it has a checksum in the IP header to detect lost bits no error detection on the datagram payload though

but has no native mechanism for source host notification

This is where ICMP comes in its used to report IP errors to the source host

ICMP data is carried as the payload of an IP datagram specifies additional message formats within this area

Headers are 32 bits in length; all contain same three fields type - 8 bit message type code thirteen message type are defined

code - 8 bit; indicating why message is being sent checksum - standard internet checksum 16 bit 1s complement sum of the payload and header

ICMP messages can be classified into two types 1. Error Reporting

2. Query

ICMP Message types 0 - Echo Reply 3 - Destination Unreachable 4 - Source Quench 5 - Redirect 8 - Echo 11 - Time Exceeded 12 - Parameter Problem 13 - Timestamp 14 - Timestamp Reply 15 - Information Request 16 - Information Reply 17 - Address Mask Request 18 - Address Mask Reply

The Message Format

The two tools used for ICMP debugging are

1. Ping : ping command is used to check the connectivity between computers in a

network, it works with the help of ICMP- (internet control messaging protocol) and it is echo oriented protocol. if we want to block the systems not to ping then block the ICMP in firewall.
2. Traceroute : We use the traceroute program to find the route from the computer

voyager.deanza.edu to the server fhda.edu.

Flooding.
No network info required Packet sent by node to every neighbor Incoming packets retransmitted on every link except incoming link Eventually a number of copies will arrive at destination Each packet is uniquely numbered so duplicates can be discarded Nodes can remember packets already forwarded to keep network load in bounds Can include a hop count in packets Properties of Flooding are : - All possible routes are tried - Very robust - At least one packet will have taken minimum hop count route - Can be used to set up virtual circuit

- All nodes are visited - Useful to distribute information (e.g. routing)

Distance vector routing.

Distance vector protocols use a distance calculation plus an outgoing network interface (a vector) to choose the best path to a destination network. The network protocol (IPX, SPX, IP, Appletalk, DECnet etc.) will forward data using the best paths selected. Common distance vector routing protocols include: Appletalk RTMP, IPX RIP, IP RIP, IGRP

Describe any one routing algorithm.

Least Cost Algorithms (Dijkstras Algorithm) Find shortest paths from given source node to all other nodes, by developing paths in order of increasing path length N = set of nodes in the network s = source node T= set of nodes so far incorporated by the algorithm

w(i, j) = link cost from node i to node j w(i, i) = 0 w(i, j) = if the two nodes are not directly connected w(i, j) 0 if the two nodes are directly connected

L(n) = cost of least-cost path from node s to node n currently known At termination, L(n) is cost of least-cost path from s to n

Method is as follows : Step 1 [Initialization] T = {s} Set of nodes so far incorporated consists of only source node L(n) = w(s, n) for n s Initial path costs to neighboring nodes are simply link costs Step 2 [Get Next Node] Find neighboring node not in T with least-cost path from s Incorporate node into T Also incorporate the edge that is incident on that node and a node in T that contributes to the path Step 3 [Update Least-Cost Paths] L(n) = min[L(n), L(x) + w(x, n)] for all n T If latter term is minimum, path from s to n is path from s to x concatenated with edge from x to n Algorithm terminates when all nodes have been added to T

Write a note on addressing.

Target user specified by: User identification - Usually host, port (Called a socket in TCP) ,Port represents a particular transport service (TS) user Transport entity identification - Generally only one per host, If more than one, then usually one of each type(TCP, UDP) Host address - An attached network device, In an internet, a global internet address Network number Finding Addresses - Four methods - Know address ahead of time - e.g. collection of network device stats - Well known addresses - Name server - Sending process request to well known address

Discuss various categories of congestion control.

Congestion Control Congestion occurs when the number of packets being transmitted through the network approaches the packet handling capacity of the network Congestion control aims to keep number of packets below level at which performance falls off dramatically Data network is a network of queues Generally 80% utilization is critical Finite queues mean data may be lost The process is as follows : - Packets arriving are stored at input buffers - Routing decision made - Packet moves to output buffer

- Packets queued for output transmitted as fast as possible - If packets arrive to fast to be routed, or to be output, buffers will fill - Can discard packets - Can use flow control - Can propagate congestion through network The mechanism for congestion control is

(i) Backpressure : If node becomes congested it can slow down or halt flow of packets from other nodes May mean that other nodes have to apply control on incoming packet rates Propagates back to source Can restrict to logical connections generating most traffic Used in connection oriented that allow hop by hop congestion control (e.g. X.25) Not used in ATM nor frame relay Only recently developed for IP

(ii) Choke packet : Control packet Generated at congested node Sent to source node e.g. ICMP source quench - From router or destination

- Source cuts back until no more source quench message - Sent for every discarded packet, or anticipated

(iii)

Implicit Congestion Signaling : Transmission delay may increase with congestion Packet may be discarded Source can detect these as implicit indications of congestion Useful on connectionless (datagram) networks - e.g. IP based

(iv) Explicit Congestion Signaling : Network alerts end systems of increasing congestion End systems take steps to reduce offered load Backwards - Congestion avoidance in opposite direction to packet required Forwards - Congestion avoidance in same direction as packet required

The following TCP congestion control algorithms are used to control congestion. 1. Additive Increase / Multiplicative Decrease 2. Slow Start 3. Congestion Avoidance 4. Fast Retransmit 5. Fast Recovery The following TCP congestion control algorithms are used to detect congestion. 1. Timeout 2. Duplicate acknowledgement

Explain the User Datagram protocol in detail.

UDP is a connectionless transport protocolextends IPs host-to-host delivery service into a process-to-process communication service

 can have multiple application processes on a single host, each with their own port number. A process is uniquely addressed by a < port, host > pair Common services are available at well-known (and reserved) ports on each host; user applications must choose their ports from the set of non-reserved ports. UDP doesnt support flow control or reliable/in-order delivery, but it does support error detection by computing an optional checksum over the UDP header, UDP data, and IP pseudo header(includes source and destination address fields from the IP header) New: Reliable UDP provides reliable in-order delivery (up to a maximum number of retransmissions), with simple window flow control, for virtual connections. Addressing An address at the transport layer is typically a tuple (Station, Port) where Station is the network address of the host, and Port identifies the application UDP Data Packet

The source port, much like the source port in TCP, identifies the process on the originating system. TCP ports and UDP ports are not the same. There is no relationship between the two.

The destination port identifies the receiving process on the receiving machine. Whereas the IP address identifies which machine should get the packet, the port identifies which machine should get the data.

The length field contains the length of the UDP datagram. This includes the length of the UDP header and UDP data. It does not include anything added to the packet in-transit by other protocols -- but these are stripped away before UDP sees the datagram at the other side.

The checksum field is used by UDP to verify the correctness of the UDP header and data. If the checksum indicates an error, the packet is dropped. UDP is unreliable, so it makes no attempt to mitigate the loss.

Application Datagram oriented unreliable, connectionless simple unicast and multicast Useful only for few applications, e.g., multimedia applications Used a lot for services network management(SNMP), routing

(RIP),naming(DNS), etc. Port Numbers UDP (and TCP) use port numbers to identify applications A globally unique address at the transport layer (for both UDP and TCP) is a tuple <IP address, port number> There are 65,535 UDP ports per host.

What is flow control? Explain in detail.

Flow control is needed since the sending entity should not overwhelm the receiving entity Recipient needs some time to process incoming packets If sender sends faster than recipient processes, then buffer overflow occurs 1. flow control prevents buffer overflow

Performance Metrics and Delays:

 2.

Transmission time (delay) - Time taken to emit all bits into medium Propagation time (delay) - Time for a bit to traverse the link Processing time (delay) - time spent at the recipient or intermediate node for processing Queuing time (delay) - waiting time at the queue to be sent out

Stop and Wait flow control: Source transmits frame Destination receives frame and replies with acknowledgement (ACK) Source waits for ACK before sending next frame Destination can stop flow by not sending ACK Works well for large frames Inefficient for smaller frames However, generally large block of data split into small frames 1) Called Fragmentation o Limited buffer size at receiver o Errors detected sooner (when whole frame received) On error, retransmission of smaller frames is needed Prevents one station occupying medium for long periods Channel Utilization is higher when the transmission time is longer than the propagation time frame length is larger than the bit length of the link actually last two expressions mean the same see the derivations on board

Write a note on congestion avoidance mechanisms.

DECbit
The first mechanism was developed for use on the Digital Network Architecture (DNA), a connectionless network with a connection-oriented transport protocol. This mechanism could, therefore, also be applied to TCP and IP

As noted above, the idea here is to more evenly split the responsibility for congestion control between the routers and the end nodes. Each router monitors the load it is experiencing and explicitly notifies the end nodes when congestion is about to occur. This notification is implemented by setting a binary congestion bit in the packets that flow through the router; hence the name DECbit. The destination host then copies this congestion bit into the ACK it sends back to the source. Finally, the source adjusts its sending rate so as to avoid congestion. The following discussion describes the algorithm in more detail, starting with what happens in the router. A single congestion bit is added to the packet header. A router sets this bit in a packet if its average queue length is greater than or equal to 1 at the time the packet arrives. This average queue length is measured over a time interval that spans the last busy + idle cycle, plus the current busy cycle.

Random Early Detection (RED)

A second mechanism, called random early detection (RED), is similar to the DECbit scheme in that each router is programmed to monitor its own queue length, and when it detects that congestion is imminent, to notify the source to adjust its congestion window. RED, invented by Sally Floyd and Van Jacobson in the early 1990s, differs from the DECbit scheme in two major ways. The first is that rather than explicitly sending a congestion notification message to the source, RED is most commonly implemented such that it implicitly notifies the source of congestion by dropping one of its packets. The source is, therefore, effectively notified by the subsequent timeout or duplicate ACK.

The second difference between RED and DECbit is in the details of how RED decides when to drop a packet and what packet it decides to drop. To understand the basic idea, consider a simple FIFO queue. Rather than wait for the queue to become completely full and then be forced to drop each arriving packet

First, RED computes an average queue length using a weighted running average similar to the one used in the original TCP timeout computation. That is, Avg-Len is computed as AvgLen = (1Weight)AvgLen +WeightSampleLen where 0 < Weight < 1 and Sample-Len is the length of the queue when a sample measurement is made. Second, RED has two queue length thresholds that trigger certain activity: MinThreshold and MaxThreshold. When a packet arrives at the gateway, RED compares the current AvgLen with these two thresholds, according to the following rules: if AvgLen MinThreshold queue the packet if MinThreshold < AvgLen < MaxThreshold calculate probability P drop the arriving packet with probability P if MaxThreshold AvgLen drop the arriving packet

Source-Based Congestion Avoidance

What is the purpose of routing? Explain flooding algorithm for routing the packets in detail. Explain in detail the dynamic host configuration protocol. Compare Address Resolution Protocol and RARP. Find the class and CIDR notation of each address - (1) 11000001 10000011 00011011 1111 1111 (2) 14.23.120. 8.

Shortest path routine. Flow based routing. Discuss the notation, representation and address space of IPv6. What is dynamic host configuration protocol? Explain in detail. Explain in detail the transmission control protocol. What is flow control? Explain its methodology and techniques. Explain TCP congestion control technique. Discuss in detail the TCP segment header. Discuss about connection management in TCP. Describe in detail about TCP segment, features and connection management. Briefly explain the techniques to improve QOS.