Computer Networks

Network Layer
What is Network Layer ?
• The Network Layer is the third layer of the OSI model.
• It handles the service requests from the transport layer and further
forwards the service request to the data link layer.
• The network layer translates the logical addresses into physical
addresses
• It determines the route from the source to the destination and also
manages the traffic problems such as switching, routing and controls
the congestion of data packets.
• The main role of the network layer is to move the packets from
sending host to the receiving host.
• The main functions performed by the network layer are:
• Routing: When a packet reaches the router's input link, the router will move the packets to the
router's output link. For example, a packet from S1 to R1 must be forwarded to the next router on
the path to S2.
• Logical Addressing: The data link layer implements the physical addressing and network layer
implements the logical addressing. Logical addressing is also used to distinguish between source
and destination system. The network layer adds a header to the packet which includes the logical
addresses of both the sender and the receiver.
• Internetworking: This is the main role of the network layer that it provides the logical connection
between different types of networks.
• Fragmentation: The fragmentation is a process of breaking the packets into the smallest
individual data units that travel through different networks.
Forwarding & Routing
• In Network layer, a router is used to forward the packets.
Every router has a forwarding table. A router forwards a
packet by examining a packet's header field and then using the
header field value to index into the forwarding table. The
value stored in the forwarding table corresponding to the
header field value indicates the router's outgoing interface link
to which the packet is to be forwarded.
• For example, the router with a header field value of 0111
arrives at a router, and then router indexes this header value
into the forwarding table that determines the output link
interface is 2. The router forwards the packet to the interface
2. The routing algorithm determines the values that are
inserted in the forwarding table. The routing algorithm can be
centralized or decentralized.
Services Provided by the Network Layer
• Guaranteed delivery: This layer provides the service which guarantees that the packet will arrive
at its destination.
• Guaranteed delivery with bounded delay: This service guarantees that the packet will be
delivered within a specified host-to-host delay bound.
• In-Order packets: This service ensures that the packet arrives at the destination in the order in
which they are sent.
• Guaranteed max jitter: This service ensures that the amount of time taken between two
successive transmissions at the sender is equal to the time between their receipt at the destination.
• Security services: The network layer provides security by using a session key between the source
and destination host. The network layer in the source host encrypts the payloads of datagrams
being sent to the destination host. The network layer in the destination host would then decrypt the
payload. In such a way, the network layer maintains the data integrity and source authentication
services.
Functions of the network layer
• The primary function of the network layer is to enable different
networks to be interconnected. It does this by forwarding packets to
network routers, which rely on algorithms to determine the best paths
for the data to travel. These paths are known as "virtual circuits." The
network layer relies on the Internet Control Message Protocol (ICMP)
for error control handling and diagnostics to ensure packets are sent
correctly. Quality of Service (QoS) is also available to permit certain
traffic to be prioritized over other traffic. The network layer can
support either connection-oriented or connectionless networks, but
such a network data transmission can only be of one type and not both.
Protocols at the network layer
• While IP is the most popular and widely used protocol at the network layer today,
there are plenty of other protocol examples to note. Network protocols at Layer 3
include those used for dynamic routing of networks, secure communications,
network translations and network redundancy. Here are a few examples:
• Open Shortest Path First (OSPF) is a dynamic routing protocol.
• Routing Information Protocol (RIP) is a dynamic routing protocol.
• Network Address Translation (NAT) translates and manages one IP address
into another.
• Internet Protocol Security (IPsec) is a secure network protocol suite that uses
authentication and data encryption.
• Hot Standby Router Protocol (HSRP) is a network path redundancy protocol.
• Virtual Router Redundancy Protocol (VRRP) is a network path redundancy
protocol.
Design Issues with Network Layer
• A key design issue is determining how packets are routed from source to destination. Routes
can be based on static tables that are wired into the network and rarely changed. They can also be
highly dynamic, being determined anew for each packet, to reflect the current network load.
• If too many packets are present in the subnet at the same time, they will get into one another's
way, forming bottlenecks. The control of such congestion also belongs to the network layer.
• Moreover, the quality of service provided(delay, transmit time, jitter, etc) is also a network layer
issue.
• When a packet has to travel from one network to another to get to its destination, many
problems can arise such as:
• The addressing used by the second network may be different from the first one.
• The second one may not accept the packet at all because it is too large.
• The protocols may differ, and so on.
• It is up to the network layer to overcome all these problems to allow heterogeneous networks to be
interconnected.
• Network
What is a Network
• Communication at the network layer is host-to-host (computer-to-
computer); a computer somewhere in the world needs to communicate
with another computer somewhere else in the world. Usually,
computers communicate through the Internet. The packet transmitted
by the sending computer may pass through several LANs or WANs
before reaching the destination computer.
• We know that in Network communication all devices communicate or
understand to each other with their IP. They don’t know to each other
with their names. If you know the IP address than you communicate in
network.
Types of Network
• A computer network is a group of
computers linked to each other that
enables the computer to
communicate with another
computer and share their
resources, data, and applications.
• A computer network can be
categorized by their size.
A computer network is mainly
of four types:
• LAN(Local Area Network)
• PAN(Personal Area Network)
• MAN(Metropolitan Area Network)
• WAN(Wide Area Network)
LAN(Local Area Network)
• Local Area Network is a group of computers
connected to each other in a small area such as
building, office.
• LAN is used for connecting two or more personal
computers through a communication medium such
as twisted pair, coaxial cable, etc.
• It is less costly as it is built with inexpensive
hardware such as hubs, network adapters, and
ethernet cables.
• The data is transferred at an extremely faster rate in
Local Area Network.
• Local Area Network provides higher security.
PAN(Personal Area Network)
• Personal Area Network is a network arranged
within an individual person, typically within a
range of 10 meters.
• Personal Area Network is used for connecting
the computer devices of personal use is known
as Personal Area Network.
• Thomas Zimmerman was the first research
scientist to bring the idea of the Personal Area
Network.
• Personal Area Network covers an area of 30
feet.
• Personal computer devices that are used to
develop the personal area network are the
laptop, mobile phones, media player and play
stations.
• There are two types of Personal Area
Network:
• Wired Personal Area Network
• Wireless Personal Area Network
• Wireless Personal Area Network: Wireless
Personal Area Network is developed by
simply using wireless technologies such as
WiFi, Bluetooth. It is a low range network.
• Wired Personal Area Network: Wired
Personal Area Network is created by using the
USB.
MAN(Metropolitan Area Network)
• A metropolitan area network is a network that covers a larger
geographic area by interconnecting a different LAN to form a larger
network.
• Government agencies use MAN to connect to the citizens and private
industries.
• In MAN, various LANs are connected to each other through a
telephone exchange line.
• The most widely used protocols in MAN are RS-232, Frame Relay,
ATM, ISDN, OC-3, ADSL, etc.
• It has a higher range than Local Area Network(LAN).
• ----------------------------------------------------------
• Uses Of Metropolitan Area Network:
• MAN is used in communication between the banks in a city.
• It can be used in an Airline Reservation.
• It can be used in a college within a city.
• It can also be used for communication in the military.
WAN(Wide Area Network)
• A Wide Area Network is a network that
extends over a large geographical area
such as states or countries.
• A Wide Area Network is quite bigger
network than the LAN.
• A Wide Area Network is not limited to a
single location, but it spans over a large
geographical area through a telephone
line, fibre optic cable or satellite links.
• The internet is one of the biggest WAN in
the world.
• A Wide Area Network is widely used in
the field of Business, government, and
education.
• Examples Of Wide Area Network:
• Mobile Broadband: A 4G network is widely used across a region or
country.
• Last mile: A telecom company is used to provide the internet services
to the customers in hundreds of cities by connecting their home with
fiber.
• Private network: A bank provides a private network that connects the
44 offices. This network is made by using the telephone leased line
provided by the telecom company.
• IP Addressing
IP Address Definition
• A unique string of characters that identifies each computer using the
Internet Protocol to communicate over a network.
What is an IP?
• An IP address is a string of numbers separated by periods. IP
addresses are expressed as a set of four numbers.
• An example address might be 192.158.1.38. Each number in the set
can range from 0 to 255. So, the full IP addressing range goes from
0.0.0.0 to 255.255.255.255.
How do IP addresses work
• Internet Protocol works the same way as any other language,
by communicating using set guidelines to pass information. All
devices find, send, and exchange information with other
connected devices using this protocol. By speaking the same
language, any computer in any location can talk to one another.
• The use of IP addresses typically happens behind the scenes. The process
works like this:
• Your device indirectly connects to the internet by connecting at first to a network
connected to the internet, which then grants your device access to the internet.
• When you are at home, that network will probably be your Internet Service
Provider (ISP). At work, it will be your company network.
• Your IP address is assigned to your device by your ISP.
• Your internet activity goes through the ISP, and they route it back to you, using
your IP address. Since they are giving you access to the internet, it is their role to
assign an IP address to your device.
• However, your IP address can change. For example, turning your modem or
router on or off can change it. Or you can contact your ISP, and they can change
it for you.
• When you are out and about – for example, traveling – and you take your device
with you, your home IP address does not come with you. This is because you will
be using another network (Wi-Fi at a hotel, airport, or coffee shop, etc.) to access
the internet and will be using a different (and temporary) IP address, assigned to
you by the ISP of the hotel, airport or coffee shop.
Types of IP addresses
• There are different categories of IP addresses, and within each
category, different types.
• Consumer IP Address.
• Private IP Address.
• Public IP Address.
• Public IP address further divided into two forms.
• Dynamic IP Address.
• Static IP Address.
Consumer IP addresses
• Every individual or business with an internet service plan will have
two types of IP addresses: their private IP addresses and their public
IP address. The terms public and private relate to the network location
— that is, a private IP address is used inside a network, while a public
one is used outside a network.
Private IP addresses
• Every device that connects to your internet network has a private IP
address. This includes computers, smartphones, and tablets but also
any Bluetooth-enabled devices like speakers, printers, or smart TVs.
With the growing internet of things, the number of private IP
addresses you have at home is probably growing. Your router needs a
way to identify these items separately, and many items need a way to
recognize each other. Therefore, your router generates private IP
addresses that are unique identifiers for each device that differentiate
them on the network.
Public IP addresses
• A public IP address is the primary address associated with your whole
network. While each connected device has its own IP address, they are
also included within the main IP address for your network. As
described above, your public IP address is provided to your router by
your ISP. Typically, ISPs have a large pool of IP addresses that they
distribute to their customers. Your public IP address is the address that
all the devices outside your internet network will use to recognize your
network.
Dynamic IP addresses
• Dynamic IP addresses change automatically and regularly. ISPs buy a
large pool of IP addresses and assign them automatically to their
customers. Periodically, they re-assign them and put the older IP
addresses back into the pool to be used for other customers. The
rationale for this approach is to generate cost savings for the ISP.
Automating the regular movement of IP addresses means they don’t
have to carry out specific actions to re-establish a customer's IP
address if they move home, for example. There are security benefits,
too, because a changing IP address makes it harder for criminals to
hack into your network interface.
Static IP addresses
• In contrast to dynamic IP addresses, static addresses remain consistent.
Once the network assigns an IP address, it remains the same. Most
individuals and businesses do not need a static IP address, but for
businesses that plan to host their own server, it is crucial to have one.
This is because a static IP address ensures that websites and email
addresses tied to it will have a consistent IP address.
IPV-4 Address
• An IPv4 address is a 32-bit address that uniquely and universally
defines the connection of a device (for example, a computer or a
router) to the Internet.
• IPv4 addresses are unique. They are unique in the sense that each
address defines one, and only one, connection to the Internet. Two
devices on the Internet can never have the same address at the same
time.
Address Space
• An address space is the total number of addresses used by the
protocol. If a protocol uses N bits to define an address, the address
space is 2N because each bit can have two different values (0 or 1) and
N bits can have 2N values.
• IPv4 uses 32-bit addresses, which means that the address space is 232
or 4,294,967,296 (more than 4 billion). This means that, theoretically,
if there were no restrictions, more than 4 billion devices could be
connected to the Internet. We will see shortly that the actual number is
much less because of the restrictions imposed on the addresses.
Notations
• There are two prevalent notations to show an IPv4 address:
• Binary notation
• Dotted-decimal notation.
Binary Notation
• In binary notation, the IPv4
address is displayed as 32 bits.
Each octet is often referred to as
a byte. So it is common to hear
an IPv4 address referred to as a
32-bit address or a 4-byte
address. The following is an
example of an IPv4 address in
binary notation.
Dotted-Decimal Notation
• To make the IPv4 address more
compact and easier to read,
Internet addresses are usually
written in decimal form with a
decimal point (dot) separating
the bytes. The following is the
dotted-decimal notation of the
above address:
Dotted-Decimal Notation
• Picture shows an IPv4 address in
both binary and dotted-decimal
notation. Note that because each
byte (octet) is 8 bits, each
number in dotted-decimal
notation is a value ranging from
0 to 255.
Example
• Change the following IPv4 addresses from binary notation to dotted-
decimal notation.
• a. 10000001 00001011 00001011 11101111
• b. 11000001 10000011 00011011 11111111
• Solution:
• We replace each group of 8 bits with its equivalent decimal number
and add dots for separation.
• a. 129.11.11.239
• b. 193.131.27.255
Example
• Change the following IPv4 addresses from dotted-decimal notation to
binary notation.
• a. 111.56.45.78
• b. 221.34.7.82
• Solution
• We replace each decimal number with its binary equivalent.
• A. 01101111 00111000 00101101 01001110
• B. 11011101 00100010 00000111 01010010
Example
• Find the error, if any, in the following IPv4 addresses.
• a. 111.56.045.78
• b. 221.34.7.8.20
• c. 75.45.301.14
• d. 11100010.23.14.67
Solution
• a. There must be no leading zero (045).
• b. There can be no more than four numbers in an IPv4 address.
• c. Each number needs to be less than or equal to 255 (301 is outside
this range).
• d. A mixture of binary notation and dotted-decimal notation is not
allowed.
• Addressing
• Network Addresses
• A very important concept in IP addressing is the network
address. When an organization is given a block of addresses,
the organization is free to allocate the addresses to the devices
that need to be connected to the Internet. The first address in
the class, however, is normally (not always) treated as a special
address. The first address is called the network address and
defines the organization network. It defines the organization
itself to the rest of the world.
• The organization network is connected to the Internet via a
router. The router has two addresses. One belongs to the
granted block; the other belongs to the network that is at the
other side of the router.
• Network Addressing is one of the major responsibilities of the network layer.
• Network addresses are always logical, i.e., software-based addresses.
• A host is also known as end system that has one link to the network. The boundary
between the host and link is known as an interface. Therefore, the host can have only one
interface.
• A router is different from the host in that it has two or more links that connect to it. When a
router forwards the datagram, then it forwards the packet to one of the links. The
boundary between the router and link is known as an interface, and the router can have
multiple interfaces, one for each of its links. Each interface is capable of sending and
receiving the IP packets, so IP requires each interface to have an address.
• Each IP address is 32 bits long, and they are represented in the form of "dot-decimal
notation" where each byte is written in the decimal form, and they are separated by the
period. An IP address would look like 193.32.216.9 where 193 represents the decimal
notation of first 8 bits of an address, 32 represents the decimal notation of second 8 bits
of an address.
• In the picture, a router has three
interfaces labeled as 1, 2 & 3 and each
router interface contains its own IP
address.
• Each host contains its own interface and
IP address.
• All the interfaces attached to the LAN 1 is
having an IP address in the form of
223.1.1.xxx, and the interfaces attached
to the LAN 2 and LAN 3 have an IP
address in the form of 223.1.2.xxx and
223.1.3.xxx respectively.
• Each IP address consists of two parts.
The first part (first three bytes in IP
address) specifies the network and
second part (last byte of an IP address)
specifies the host in the network.
IP Addressing
• There are two types of IP address.
• IPv4 & IPv6
• IPv4 addressing, used the concept of classes. This architecture is
called class-full addressing.
• In class-full addressing, the address space is divided into five classes:
A, B, C, D, and E. Each class occupies some part of the address space.
Class-full Addressing
• We can find the class of an
address when given the address
in binary notation or dotted-
decimal notation. If the address
is given in binary notation, the
first few bits can immediately
tell us the class of the address. If
the address is given in decimal-
dotted notation, the first byte
defines the class.
Example
• Find the class of each address.
• a. 00000001 00001011 00001011 11101111
• b. 11000001 10000011 00011011 11111111
• c. 14.23.120.8
• d. 252.5.15.111
• Solution
• a. The first bit is 0. This is a class A address.
• b. The first 2 bits are 1; the third bit is 0. This is a class C address.
• c. The first byte is 14 (between 0 and 127); the class is A.
• d. The first byte is 252 (between 240 and 255); the class is E.
• The classfull addressing concepts
divide the address space into a
fixed number of blocks and each
block has a fixed number of
hosts. In IPv4 addresses of class
A, B & C the first part of the
address is considered as net-id
(Network id) and the second part
of the address is called host-id.
The size of these parts varies
with the classes.
• Net-id: The net-id denotes the address of the network.
Host-id: The hoist-id denotes the address of the host attached to the
corresponding network.
• In Class A, the net-id is defined by the first byte of the address. And
the rest 3 bytes defines the host-id.
In Class B, the first two bytes of the address defines the network
address and the rest two bytes defines the host-id.
In Class C the first three bytes defines the network address and
the last byte defines the host-id.
Class A
• In a class A address, the first bit of
the first octet is always ‘0’. Thus,
class A addresses range from
0.0.0.0 to 127.255.255.255(as
01111111 in binary converts to 127
in decimal). The first 8 bits or the
first octet denote the network
portion and the rest 24 bits or the 3
octets belong to the host portion.
• Therefore, the actual range of class
A addresses is: 1.0.0.0 to
126.255.255.255
Class B
• In a class B address, the first
octet would always start with
’10’. Thus, class B addresses
range from 128.0.0.0 to
191.255.255.255. The first 16
bits or the first two octets denote
the network portion and the
remaining 16 bits or two octets
belong to the host portion.
Class C
• In a class C address, the first
octet would always start with
‘110’. Thus, class C addresses
range from 192.0.0.0 to
223.255.255.255. The first 24
bits or the first three octets
denote the network portion and
the rest 8 bits or the remaining
one octet belong to the host
portion.
Class D
• Class D is used for multicast
addressing and in a class D
address the first octet would
always start with ‘1110’. Thus,
class D addresses range from
224.0.0.0 to 239.255.255.255.

• Class D addresses are used

by routing protocols like
OSPF, RIP, etc.
Class E
• Class E addresses are reserved for research purposes and future use.
The first octet in a class E address starts with ‘1111’. Thus, class E
addresses range from 240.0.0.0 to 255.255.255.255.
Rules for assigning Network ID
• If the hosts are located within the
same local network, then they are
assigned with the same network
ID. The following are the rules for
assigning Network ID:
• The network ID cannot start with
127 as 127 is used by Class A.
• The Network ID in which all the bits
are set to 0 cannot be assigned as
it is used to specify a particular
host on the local network.
• The Network ID in which all the bits
are set to 1 cannot be assigned as
it is reserved for the multicast
address.
• Subnetting
• The goal of subnetting is to create a fast, efficient, and resilient
computer network. As networks become larger and more complex, the
traffic traveling through them needs more efficient routes. If all
network traffic was traveling across the system at the same time using
the same route.
• Creating a subnet allows you to limit the number of routers that
network traffic has to pass through. An engineer will effectively create
smaller mini-routes within a larger network to allow traffic to travel
the shortest distance possible.
• As class blocks of A & B are too large for any organization. So, they
can divide their large network in the smaller
subnetwork and share them with other organizations. This whole
concept is subnetting.
• Computer networks also follow the same concept. In computer
networking, Subnetting is used to divide a large IP network in smaller
IP networks known as subnets.
• A default class A, B and C network provides 16777214, 65534, 254
hosts respectively. Having so many hosts in a single network always
creates several issues such as broadcast, collision, congestion, etc.
• Let’s take a simple example.
In a company there are four
departments; sales,
production, development and
management. In each
department there are 50
users. Company used a
private class C IP network.
Without any Subnetting, all
computers will work in a
single large network.
• Since company has four
departments, it can divide its
network in four subnets.
Following figure shows same
network after Subnetting.
•
What is Supernetting?
• Supernetting is the process of
summarizing a bunch of
contiguous Subnetted
networks back in a single
large network. Supernetting is
also known as route
summarization and route
aggregation.
• TCP/IP Overview
• TCP/IP, in full Transmission Control Protocol/Internet
Protocol, standard Internet communications protocols that
allow digital computers to communicate over long distances.
The Internet is a packet-switched network, in which information
is broken down into small packets, sent individually over many
different routes at the same time, and then reassembled at the
receiving end. TCP is the component that collects and
reassembles the packets of data, while IP is responsible for
making sure the packets are sent to the right destination.
TCP/IP was developed in the 1970s and adopted as
the protocol standard for ARPANET (the predecessor to the
Internet) in 1983.
• NAT
• Network Address Translation (NAT) is a method of mapping
the private IP address of a private network to the public IP address of
the global network and vice versa. With this method, the local host in
a private network can access the internet. NAT is used at the routers as
they help the router to identify that to which localhost the message is
to be forwarded.
NAT Definition
• Network Address Translation is the address translation technique
which translates the internal private IP address to external public
IP address and vice versa. So, the computers with private IP address
inside a private network can communicate with the devices with the
public IP address.
How Does NAT Work?
• Consider a small private
network of a home having
four devices i.e. 1 laptop, 1
desktop, 1 tablet and one
Smartphone, in its network.
As all these devices are the
local host they are provided
private IP addresses and all
these devices are connected
to a NAT router with a public
IP address.
• Now suppose, if the tablet user at home network
wants the information regarding today’s news. As
you can see in the image below, it would send this
request to the server in the outside world with a
public IP address, which would have this
information. The server would create a reply packet
with the information of today’s new. The reply
packet will have source as server IP address
and destination as tablets private IP address and
as we know the private IP address is not routable.
The Tablet would never receive the reply as no
router will forward this packet to the table.
Solution
• NAT router analyzes the request
packet sent from a tablet which has
tablets private IP address in its
source field and servers public IP
address in destination fields. NAT
router put the source private IP
address in private IP address
column of translation table
the destination (server)
address in public IP address
column. NAT router replaces the
source private address with
the NAT public IP address as you
can see in the image.
• The destination server receives the request packet now, with the NAT
routers public IP address as the source address. So, when
the server prepares the reply it puts the NAT routers public IP address in
the destination address field and its own global IP address in
the source address field of the reply packet.
• Now, as the reply packet has the public IP address in its destination address
field so, it would route the packet to the destination NAT router. The NAT
router analyzes the reply packet which has source address as server’s
address. The NAT router then remaps the servers public IP address to
the tablet’s private IP address with the help of translation table using
the source address field of the received packet and send the reply packet to
the corresponding private IP address.
• This is how a local host in the private network, communicates with the
devices with global addresses.
Types of NAT
• Static NAT (using one Universal Address).
• Dynamic NAT (Using pool of IP Address).
• Port NAT (Using both IP Address and Port Number).
Static NAT
• In this case, the ISP assigns one universal or public address to one of
the members of the private network. When a member from the private
network wants to access the global network it has to be mapped with
the same public IP address. At a time only one private host is able to
access the same external host. Hence it is called static NAT.
• Its drawback is that only one private network host can communicate
with the same external host as there are no other public addresses to
pair with.
Dynamic NAT
• Dynamic NAT overcomes the problem of static NAT where only one private host can
communicate with the same global host at a time. The solution is to have more public IP addresses
from the pool of global addresses.
• Like, you can have four or five global addresses from the pool and now four or five private hosts
can communicate with the same external host at the same time. This is because there will be four or
five pairs of addresses each of which defines a different connection.
• Dynamic NAT also has drawbacks:
• Still, there is a limit, on the number of connections that can be made to the same external host.
• A host in a private network cannot connect to the two external server programs at a time.
• Two hosts in a private network cannot connect to the same external server program at the same
time.
• This problem is solved with Port NAT.
Port NAT
• Knowing the IP address is not enough as when request packet arrives
at the server it only can identify to which computer the reply packet is
to be sent. But, it doesn’t know to which specific process in the
computer the reply packet will be sent. For this, port address must
also be attached to the IP address to identify that for which specific
process in a computer the packet is for.
Using port address along with the IP address allow a private network
host to access two global server programs at the same time and it
even allows two private network hosts to access same global server
program at the same time.
Address Translation
• All the outgoing packets go
through the NAT router, which
replaces the source address in the
packet with the global NAT
address. All incoming packets
also pass through the NAT
router, which replaces the
destination address in the packet
(the NAT router global address)
with the appropriate private
address. Figure 19.11 shows an
example of address translation
IPv6 ADDRESSES
• An IPv6 address consists of 16 bytes (octets); it is 128 bits long.
• IPv6 addresses are assigned to interfaces, rather than to nodes, in
recognition that a node can have more than one interface. Moreover,
you can assign more than one IPv6 address to an interface.
• IPv6 defines three address types:
• Unicast Identifies an interface of an individual node.
• Multicast Identifies a group of interfaces, usually on different nodes.
Packets that are sent to the multicast address go to all members of
the multicast group.
• Anycast Identifies a group of interfaces, usually on different nodes.
Packets that are sent to the any cast address go to the anycast
group member node that is physically closest to the sender.
Parts of the IPv6 Address
• An IPv6 address is 128 bits in
length and consists of eight, 16-
bit fields, with each field
bounded by a colon. Each field
must contain a hexadecimal
number, in contrast to the dotted-
decimal notation of IPv4
addresses. In the next figure, the
x's represent hexadecimal
numbers.
• The leftmost three fields (48 bits) contain the site prefix. The prefix describes the public
topology that is usually allocated to your site by an ISP or Regional Internet Registry
(RIR).
• The next field is the 16-bit subnet ID, which you (or another administrator) allocate for
your site. The subnet ID describes the private topology, also known as the site topology,
because it is internal to your site.
• The rightmost four fields (64 bits) contain the interface ID, also referred to as
a token. The interface ID is either automatically configured from the interface's MAC
address or manually configured in EUI-64 format.
• 2001:0db8:3c4d:0015:0000:0000:1a2f:1a2b
• This example shows all 128 bits of an IPv6 address. The first 48 bits, 2001:0db8:3c4d,
contain the site prefix, representing the public topology. The next 16 bits, 0015, contain
the subnet ID, representing the private topology for the site. The lower order, rightmost
64 bits, 0000:0000:1a2f:1a2b, contain the interface ID.
• Network Layer Protocol
• A protocol is an agreed-upon way of formatting data so that two or
more devices are able to communicate with and understand each other.
A number of different protocols make connections, testing, routing,
and encryption possible at the network layer, including:
• IP
• IPsec
• ICMP
• IGMP
• GRE
IP
• The IP (Internet Protocol) is a protocol that uses datagrams to
communicate over a packet-switched network. The IP protocol
operates at the network layer protocol of the OSI reference model and
is a part of a suite of protocols known as TCP/IP. Today, with over 1.5
billion users worldwide, the current Internet is a great success in terms
of connecting people and communities.
IPsec
• IPsec (Internet Protocol Security) is a suite of protocols and
algorithms for securing data transmitted over the internet or any public
network. The Internet Engineering Task Force, or IETF, developed the
IPsec protocols in the mid-1990s to provide security at the IP layer
through authentication and encryption of IP network packets.
• The IPsec suite also includes Internet Key Exchange (IKE), which is
used to generate shared security keys to establish a security association
(SA). SAs are needed for the encryption and decryption processes to
negotiate a security level between two entities. A special router or
firewall that sits between two networks usually handles the SA
negotiation process.
IPsec protocols
• IPsec authenticates and
encrypts data packets sent over
both IPv4- and IPv6-based
networks. IPsec protocol
headers are found in the IP
header of a packet and define
how the data in a packet is
handled, including its routing
and delivery across a network.
IPsec adds several components
to the IP header, including
security information and one or
more cryptographic algorithms.
• The following are key IPsec protocols.
• IP AH. AH is specified in RFC 4302. It provides data integrity and transport protection services. AH was designed to be inserted
into an IP packet to add authentication data and protect the contents from modification.
• IP ESP. Specified in RFC 4303, ESP provides authentication, integrity and confidentiality through encryption of IP packets.
• IKE. Defined in RFC 7296, IKE is a protocol that enables two systems or devices to establish a secure communication channel over
an untrusted network. The protocol uses a series of key exchanges to create a secure tunnel between a client and a server through
which they can send encrypted traffic. The security of the tunnel is based on the Diffie-Hellman key exchange.
• Internet Security Association and Key Management Protocol (ISAKMP). ISAKMP is specified as part of the IKE protocol and
RFC 7296. It is a framework for key establishment, authentication and negotiation of an SA for a secure exchange of packets at the
IP layer. In other words, ISAKMP defines the security parameters for how two systems, or hosts, communicate with each other.
Each SA defines a connection in one direction, from one host to another. The SA includes all attributes of the connection, including
the cryptographic algorithm, the IPsec mode, the encryption key and any other parameters related to data transmission over the
connection.
ICMP
• The Internet Control Message Protocol (ICMP) is a network
layer protocol used by network devices to diagnose network
communication issues. ICMP is mainly used to determine
whether or not data is reaching its intended destination in a
timely manner. Commonly, the ICMP protocol is used on
network devices, such as routers. ICMP is crucial for error
reporting and testing, but it can also be used in distributed
denial-of-service (DDoS) attacks.
• The ICMP stands for Internet Control Message Protocol. It is a network layer
protocol. It is used for error handling in the network layer, and it is primarily used
on network devices such as routers. As different types of errors can exist in the
network layer, so ICMP can be used to report these errors and to debug those
errors.
• For example, some sender wants to send the message to some destination, but
the router couldn't send the message to the destination. In this case, the router
sends the message to the sender that I could not send the message to that
destination.
• The IP protocol does not have any error-reporting or error-correcting mechanism,
so it uses a message to convey the information. For example, if someone sends
the message to the destination, the message is somehow stolen between the
sender and the destination. If no one reports the error, then the sender might
think that the message has reached the destination. If someone in-between
reports the error, then the sender will resend the message very quickly.
• The ICMP resides in the IP layer,
as shown in the below diagram.
Messages
• The ICMP messages are usually
divided into two categories:
• Error-reporting messages
• The error-reporting message means that the router encounters a
problem when it processes an IP packet then it reports a message.
• Query messages
• The query messages are those messages that help the host to get the
specific information of another host. For example, suppose there are a
client and a server, and the client wants to know whether the server is
live or not, then it sends the ICMP message to the server.
ICMP Message Format
• The message format has two
things; one is a category that tells
us which type of message it is. If
the message is of error type, the
error message contains the type
and the code. The type defines
the type of message while the
code defines the subtype of the
message.
• Type: It is an 8-bit field. It defines
the ICMP message type. The values
range from 0 to 127 are defined for
ICMPv6, and the values from 128
to 255 are the informational
messages.
• Code: It is an 8-bit field that
defines the subtype of the ICMP
message
• Checksum: It is a 16-bit field to
detect whether the error exists in
the message or not.
Types of Error Reporting messages
• The error reporting messages are
broadly classified into the
following categories:
Destination unreachable
• The destination unreachable error occurs when the
packet does not reach the destination. Suppose the
sender sends the message, but the message does not
reach the destination, then the intermediate router
reports to the sender that the destination is
unreachable.
• The above diagram shows the message format of
the destination unreachable message. In the
message format:
• Type: It defines the type of message. The number 3
specifies that the destination is unreachable.
• Code (0 to 15): It is a 4-bit number which
identifies whether the message comes from some
intermediate router or the destination itself.
• ometimes the destination does not want to process
the request, so it sends the destination unreachable
message to the source. A router does not detect all
the problems that prevent the delivery of a packet.
IGMP
• The Internet Group Management Protocol (IGMP) is a protocol that
allows several devices to share one IP address so they can all receive
the same data. IGMP is a network layer protocol used to set up
multicasting on networks that use the Interne Protocol version 4
(IPv4). Specifically, IGMP allows devices to join a multicasting
group.
What is multicasting?
• Multicasting is when a group of devices all receive the same messages
or packets. Multicasting works by sharing an IP address between
multiple devices. Any network traffic directed at that IP address will
reach all devices that share the IP address, instead of just one device.
This is much like when a group of employees all receive company
emails directed at a certain email alias.
How IGMP works ?
• Computers and other devices connected to a network use IGMP when they want to
join a multicast group. A router that supports IGMP listens to IGMP transmissions
from devices in order to figure out which devices belong to which multicast
groups.
• IGMP uses IP addresses that are set aside for multicasting. Multicast IP addresses
are in the range between 224.0.0.0 and 239.255.255.255. (In contrast, anycast
networks can use any regular IP address.) Each multicast group shares one of
these IP addresses. When a router receives a series of packets directed at the
shared IP address, it will duplicate those packets, sending copies to all members of
the multicast group.
• IGMP multicast groups can change at any time. A device can send an IGMP "join
group" or "leave group" message at any point.
• IGMP works directly on top of the Internet Protocol (IP). Each IGMP packet has
both an IGMP header and an IP header. Just like ICMP, IGMP does not use a
transport layer protocol such as TCP or UDP.
What types of IGMP messages are there?
• The IGMP protocol allows for several kinds of IGMP messages:
• Membership reports: Devices send these to a multicast router in order
to become a member of a multicast group.
• "Leave group" messages: These messages go from a device to a router
and allow devices to leave a multicast group.
• General membership queries: A multicast-capable router sends out
these messages to the entire connected network of devices to update
multicast group membership for all groups on the network.
• Group-specific membership queries: Routers send these messages to a
specific multicast group, instead of the entire network.
GRE
• Generic routing encapsulation (GRE) is a virtual point to point link
that encapsulates data traffic in a tunnel . The below topics discusses
the tunneling of GRE, encapsulation and de-capsulation process,
configuring GREs and verifying the working of GREs.
ARP
• Address Resolution Protocol (ARP) is a communication protocol used
to find the MAC (Media Access Control) address of a device from its
IP address. This protocol is used when a device wants to communicate
with another device on a Local Area Network or Ethernet.
How ARP works
• If the host wants to know the
physical address of another host on
its network, then it sends an ARP
query packet that includes the IP
address and broadcast it over the
network. Every host on the network
receives and processes the ARP
packet, but only the intended
recipient recognizes the IP address
and sends back the physical
address. The host holding the
datagram adds the physical address
to the cache memory and to the
datagram header, then sends back
to the sender.
Steps taken by ARP protocol
• If a device wants to
communicate with another
device, the following steps are
taken by the device:
• The device will first look at its
internet list, called the ARP
cache to check whether an IP
address contains a matching
MAC address or not. It will
check the ARP cache in
command prompt by using a
command arp-a.
• If ARP cache is empty, then device broadcast
the message to the entire network asking each
device for a matching MAC address.
• The device that has the matching IP address
will then respond back to the sender with its
MAC address
• Once the MAC address is received by the
device, then the communication can take place
between two devices.
• If the device receives the MAC address, then
the MAC address gets stored in the ARP
cache. We can check the ARP cache in
command prompt by using a command arp -a.
• In the screenshot, we observe the association
of IP address to the MAC address.
Types of ARP
• There are four types of Address
Resolution Protocol, which is
given below:
• Proxy ARP
• Gratuitous ARP
• Reverse ARP (RARP)
• Inverse ARP
Proxy ARP
• Proxy ARP is a method through which a Layer 3 devices may respond to
ARP requests for a target that is in a different network from the sender. The
Proxy ARP configured router responds to the ARP and map the MAC
address of the router with the target IP address and fool the sender that it is
reached at its destination.
• At the backend, the proxy router sends its packets to the appropriate
destination because the packets contain the necessary information.
• Example - If Host A wants to transmit data to Host B, which is on the
different network, then Host A sends an ARP request message to receive a
MAC address for Host B. The router responds to Host A with its own MAC
address pretend itself as a destination. When the data is transmitted to the
destination by Host A, it will send to the gateway so that it sends to Host B.
This is known as proxy ARP.
Gratuitous ARP
• Gratuitous ARP is an ARP request of the host that helps to identify the
duplicate IP address. It is a broadcast request for the IP address of the
router. If an ARP request is sent by a switch or router to get its IP address
and no ARP responses are received, so all other nodes cannot use the IP
address allocated to that switch or router. Yet if a router or switch sends an
ARP request for its IP address and receives an ARP response, another
node uses the IP address allocated to the switch or router.
• There are some primary use cases of gratuitous ARP that are given
below:
• The gratuitous ARP is used to update the ARP table of other devices.
• It also checks whether the host is using the original IP address or a
duplicate one.
Reverse ARP (RARP)
• It is a networking protocol used by the client system in a local area network
(LAN) to request its IPv4 address from the ARP gateway router table. A
table is created by the network administrator in the gateway-router that is
used to find out the MAC address to the corresponding IP address.
• When a new system is set up or any machine that has no memory to store
the IP address, then the user has to find the IP address of the device. The
device sends a RARP broadcast packet, including its own MAC address in
the address field of both the sender and the receiver hardware. A host
installed inside of the local network called the RARP-server is prepared to
respond to such type of broadcast packet. The RARP server is then trying to
locate a mapping table entry in the IP to MAC address. If any entry matches
the item in the table, then the RARP server sends the response packet along
with the IP address to the requesting computer.
Inverse ARP (InARP)
• Inverse ARP is inverse of the ARP, and it is used to find the IP
addresses of the nodes from the data link layer addresses. These are
mainly used for the frame relays, and ATM networks, where Layer 2
virtual circuit addressing are often acquired from Layer 2 signaling.
When using these virtual circuits, the relevant Layer 3 addresses are
available.
Advantages of using ARP
• If you are using ARP, then MAC addresses can easily be known if you
know the IP address of the same system.
• End nodes should not be configured to "know" MAC addresses. It can
be found when needed.
• ARP's goal is to enable each host on a network that allows you to
build up a mapping between IP addresses and physical addresses.
• The set of mappings or table stored in the host is called ARP table or
ARP cache.