Lecture 5: Fast Ethernet

1. When the 802.3 Ethernet was developed it became very popular. But the need for it to
be faster was increasing very fast. The IEEE reconvened the 802.3 committee in 1992
with instructions to come up with a faster LAN. One proposal was to keep 802.3 exactly
as it was, but make it go faster. Another proposal was to redo it totally and give it lost of
new features, such as real-time traffic and digitized voice, but keep the old name. They
went with the first idea, which flopped miserably. The 802.3u also known as fast
Ethernet is not a new standard, but an addendum to the existing 802.3 standard. Both
are used for backbone networks. And the idea was to keep it simple. 802.3 committee
decides to keep the protocol and just make it faster. This is where the 802.3u aka fast
Ethernet was developed. The idea was to keep the backward compatibility. A new
protocol may have unforeseen problems. It was faster compared to technology change.
Two different groups propose 2 new optical ring LANs:
- FDDI (Fiber Distributed Data Interface)
- Fiber Channel
The old frame format, interfaces and rules are kept. The bit time is reduced from
100nsec to 10nsec. All fast Ethernet systems use hubs and switches. The supported
cabling was:
- Category 3 twisted pair which cant transmit 200 megabaud signals (100 Mbps
with Manchester) on 100m.
- Category 5 twisted pair
- Fiber optics
- All three alternatives are allowed.

The Category 3 UTP scheme, called 100Base-T4, used a signaling speed of 25 MHz, only 25% faster than
standard Ethernets 20 MHz. (Remember that Manchester encoding, discussed in Sec. 2.5, requires two
clock periods for each of the 10 million bits sent each second.) However, to achieve the necessary bit
rate, 100Base-T4 requires four twisted pairs. Of the four pairs, one is always to the hub, one is always
from the hub, and the other two are switchable to the current transmission direction. To get 100 Mbps
out of the three twisted pairs in the transmission direction, a fairly involved scheme is used on each
twisted pair. It involves sending ternary digits with three different voltage levels. This scheme is not
likely to win any prizes for elegance, and we will skip the details. However, since standard telephone
1

wiring for decades has had four twisted pairs per cable, most offices are able to use the existing wiring
plant. Of course, it means giving up your office telephone, but that is surely a small price to pay for
faster email. 100Base-T4 fell by the wayside as many office buildings were rewired with Category 5 UTP
for 100Base-TX Ethernet, which came to dominate the market. This design is simpler because the wires
can handle clock rates of 125 MHz. Only two twisted pairs per station are used, one to the hub and one
from it. Neither straight binary coding (i.e., NRZ) nor Manchester coding is used. Instead, the 4B/5B
encoding we described in Sec 2.5 is used. 4 data bits are encoded as 5 signal bits and sent at 125 MHz to
provide 100 Mbps. This scheme is simple but has sufficient transitions for synchronization and uses the
bandwidth of the wire relatively well. The 100Base-TX system is full duplex; stations can transmit at 100
Mbps on one twisted pair and receive at 100 Mbps on another twisted pair at the same time. The last
option, 100Base-FX, uses two strands of multimode fiber, one for each direction, so it, too, can run full
duplex with 100 Mbps in each direction. In this setup, the distance between a station and the switch can
be up to 2 km. Fast Ethernet allows interconnection by either hubs or switches. To ensure that the
CSMA/CD algorithm continues to work, the relationship between the minimum frame size and
maximum cable length must be maintained as the network speed goes up from 10 Mbps to 100 Mbps.
So, either the minimum frame size of 64 bytes must go up or the maximum cable length of 2500 m must
come down, proportionally. The easy choice was for the maximum distance between any two stations to
come down by a factor of 10, since a hub with 100-m cables falls within this new maximum already.
However, 2-km 100Base-FX cables are SEC. 4.3 ETHERNET 293 too long to permit a 100-Mbps hub with
the normal Ethernet collision algorithm. These cables must instead be connected to a switch and
operate in a full-duplex mode so that there are no collisions. Users quickly started to deploy fast
Ethernet, but they were not about to throw away 10-Mbps Ethernet cards on older computers. As a
consequence, virtually all fast Ethernet switches can handle a mix of 10-Mbps and 100-Mbps stations. To
make upgrading easy, the standard itself provides a mechanism called auto negotiation that lets two
stations automatically negotiate the optimum speed (10 or 100 Mbps) and duplexity (half or full). It
works well most of the time but is known to lead to duplex mismatch problems when one end of the link
auto negotiates but the other end does not and is set to full-duplex mode (Shalunov and Carlson, 2005).
Most Ethernet products use this feature to configure themselves.

Gigabit Ethernet
1. After the fast Ethernet, the 802 committee began working on a yet faster Ethernet aka
gigabit Ethernet. The goals were to: increase performance tenfold while maintaining
compatibility with all existing Ethernet standards. Gigabit Ethernet had to offer
unacknowledged datagram service with both unicast and broadcast, use the same 48-bit
addressing scheme already in use, and maintain the same frame format, including the
minimum and maximum frame sizes. The final standard met all these goals. Like the fast
Ethernet, the gigabit Ethernet used point-to-point links. It supports full duplex and half
duplex mode. The normal mode is full duplex. There are always 2 pairs of wires in the
UDP cable used to connect the station to a switch or hub. Ethernet is characterized with
CSMA/CD MAC protocol when it works in half duplex. For full duplex CSMA/CD is not
used, especially in gigabit Ethernet since it mostly works in this mode.
Min frame size
- Smaller network?
o 512bits @ 1Gb/s =512ns
o 512ns*1.8*10^8 = 92meters => too little!!
- Larger min frame size!
o Gigabit Ethernet uses collision extension for small frames and
compatibility issues
Max frame
- 1500 bytes do not encompass the network
- jumbo frames (9000 bytes) are defined for higher efficiency
2. Frame size A carrier extension was added in which the normal frame is padded up to
512B and 9% efficiency (46B are sent as 512). And frame bursting which includes
concatenating frames. The cabling that is used is:

Lecture 6: Bridge
Bridges are used for interactions between different networks and for interconnection of
geographically distributed LANs. Like multiple buildings each with its own LAN. Bridges operate
in the Data link layer, so they examine the data link layer addresses to forward frames. Routers
examine the addresses in packets and route based on them, so they work only with protocols
that they were designed to handle.
1. 802.x <->802.y Bridge
The bridge that connects k different LANs will have k different MAC sublayers
and k different physical layers, one per each type.
The problem occurs when having to convert from different formats, from 802.3
to 802.11 to 802.16 and vice versa.

The connected LANs work with different data rates

There are different max frame sizes.
Security encryption Ethernet has none, 802.11 and 802.16 have different
standards.
Quality of service (QoS) offered in different ways.

Spanning tree protocol

1. To increase the reliability, redundant links are used between bridges to ensure if one of
them doesnt work, there will be no problem. One of the main goals when designing
LANs is providing high ability between any two points. However, this creates loops in
the topology which is a problem. Loops occur whenever there is a redundant path in the
network. The loops will cause: Broadcast storm, Multiple copies of the Ethernet frame,
Instability in the MAC source table in the switches. The spanning tree protocol goal is to
avoid and eliminate loops by discerning loop-free paths via the root bridge. STP locates
the loops and blocks the redundant links. STP makes sure that there will be only one
path between any pair of devices. The algorithm involves choosing the root bridge, and
then finding the best path to the root bridge.
i. Choose one Root bridge
ii. Mark Root ports
iii. Mark Designated ports
The switches choose one Root bridge among themselves. The switch with the lowest MAC
address wins. Upon choosing the root, the switches mark the Root ports. Root port of a bridge
is the port closest to the Root. Prices are used to determine the distance. Each non-Root bridge
will mark one Root port. Bridges also propagate the Root Path Cost cumulative price of the
path to the Root. After that is done, after marking the designated ports the STP loop protection
is enabled. Designated port is the one port that allowed to send and receive traffic to-from the
network segment and the Root. Each network segment has one Designated port, chosen based
on the cumulative Root Path Cost to the Root bridge.
2. Unknown unicast
Moe learns Kahns MAC. Destination
MAC is unknown -> Moe floods all ports.
Larry writes the MAC address twice; the
second record remains. Larry floods all
ports with the unknown unicast. Moe
receives the frame, changes the MAC
source table using the new information
and floods the unknown unicast. And so it
goes! Khan sends an ARP req., layer2
broadcast. Moe floods the frame. Larry
floods the frame. The duplicate flooding
continues. The switches are constantly
changing their MAC source table.
5

3. STP disables the creation of loops STPs goals is to avoid and eliminate loops by
discerning loop-free paths via the root bridge. STP locates the loop and blocks the
redundant links. STP makes sure that there will be only one path between any pair of
devices. STP executes the Spanning Tree Algorithm: STA chooses a referent point
known as a root bridge and determines the paths to it. If multiple paths exist STA
chooses the best one and blocks the rest. STA uses 3 simple steps in order to converge
into a tree topology:
STP convergence
Step 1 Choose one Root bridge
The switches choose one root bridge among themselves. The switch with the lowest MAC
address wins.
Step 2 Mark ports
Upon choosing the root, the switches mark the Root ports. Root port of a bridge is the port
closest to the Root. Prices are used to determine the distance. Each non-Root bridge will mark
one Root port. Bridges propagate the Root Path Cost cumulative price of the path to the Root.
Step 3 Mark Designated ports
In this step, after marking the designated ports, the STP loop protection is enabled. Designated
port is one port that is allowed to send and receive traffic to-from the network segment and
the Root. Each network segment has one Designated port, chosen based on the cumulative Root
Path Cost to the Root bridge.

Lecture 7: Switching
1. Circuit switching
The telecommunication networks in the beginning were designed for voice
transmission. The network resources were dedicated to one call in one moment of time.
When we use this kind switching for data transmission, the link will be unused most of
the time. The link provides constant data rate. The stations must have equal data rate.
2. Packet switching
Data is sent in small packets, mostly 1000 octets. Long messages are divided in a
sequence of packets. Each packet holds user data + control information. The control
information is needed to route the packet in the network. In each node of the network,
the packet is received, stored and processed, then forwarded towards the next node.
The pros of this kind of switching is that the line usage is better. One node-node link can
be shared for transferring multiple packets with different sources and destination pairs.
The packets wait in queues and are transmitted as fast as possible. Data rate
conversion. Two stations with different data rates can exchange packets while each
connects to its node with its own data rate. Two nodes store the packets if data rate
equalization is needed. Packets are accepted even in loaded networks. The delivery
time rises and priorities can be used.
3. Transmission techniques
The sender divides the message into multiple packets. One packet per time unit is sent.
Packets are managed in two ways:
Datagram
Each packet is treated independently from the rest that have been sent before.
All packets that have the same destination can travel via different routes.
Packets can be received out of order. Some packets may be lost. The receiver is
tasked to reorder the packets and handle the lost packets.
Virtual circuit
Before packets are sent, a circuit to the destination is established. Control
packets are used for the circuit establishment. Each packet has its own identifier
(circuit number) instead of destination address. No need for routing decisions.
The clear request control packet is used to drop the virtual circuit. The route is
not dedicated.
In the virtual circuit: There is ordered delivery and error control. Fast packet forwarding, no
routing decisions in the nodes. It is less reliable; node failure will cause all virtual circuits that
pass through that node to drop.
In the datagram: No circuit establishment phase, better for smaller number of packets. More
flexible, using routing the congested part of the network can be avoided. Dividing the frames

into packets is ok, but you have to know how many packets to divided it to for it to be efficient.
Because over dividing is not an efficient solution.
4. Circuit switching vs. packet switching
Performances: Propagation delay, Transmission time, Node latency.

4. External and internal operations

Datagram or virtual circuit
Station network node interface
o Connection oriented
Virtual circuit is established
All packets are identified by the circuit number and sequence
number
Packets are delivered in order
o Connectionless
All packets are independent

5. Implementation of Connectionless Service

Suppose that the process P1
has a long msg for P2. It hands
the msg to the transport layer
with instructions to deliver it
to process P2 on host H2. The
transport layer on H1 prepends
a transport header to the front
of the msg and hands the
result to the network layer.The
msg has to break into 4
packets. At this point ISP takes
over.
The algorithm that manages
the tables and makes the
routing decisions is called the
routing algorithm.

6. Implementation of Connection Oriented Service

The idea behind
virtual circuits is to
avoid having to
choose a new route
for every packet sent.
H1 establishes a
connection with H2.
When H3 wants to
establish a
connection it detects
that one line is busy
so it uses the other
line to establish a
connection. This
process is called label
switching.

10

Lecture 8: Network layer L3

The network layer is concerned with getting packets from the source all the way to the
destination. Getting to the destination may require making many hops at intermediate routers
along the way. The network layer is the lowest layer that deals with end-to-end transmission to
exchange data over a network. The network layer has 4 basic tasks:

I.

II.

Addressing
Encapsulation
Routing
Decapsulation

Addressing
a. IP Destination Address 32-bit binary value that represents the packet
destination Network layer host address.
b. IP Source Address 32-bit binary value that represents the packet source
Network layer host address.
Routing the router checks the destination addresses on Layer 3 in order to decide on
forwarding the packets. It performs look up in his routing table. It forwards the packet
to the next hop (router) or destination host in case when LAN network is directly
attached to the router.
The Internet Protocol (IPv4 & IPv6) is the most widely used Layer 3 protocol.
Layer 3 (IP) speed vs reliability. It is unreliable because it has no ability to dead with or
recover from lost or damaged packets. That is the job of the TCP at the end users.
Responsibility of the OSI Data Link layer to take an IP packet and prepare it for
transmission over the communications medium. Transport of IP packets is not limited to
any particular medium. In some cases, a router will need to split up a packet when
forwarding it from one media to a media with a smaller MTU. Framing the packet or
fragmentation.

Time to live field

11

When a packet is first generated, the value is entered into the TTL field. TTL is set to a specific
value which is then decremented by each router (UNIX:255, LINUX:64 or 255, MICROSOFT
WINDOWS 95: 32, MICROSOFT VISTA: 128). If the router decrements the TTL field to 0, it drops
the packet. In this way the IP packet cant travel endlessly from router to router.

Protocol Type field enables the Network layer to pass the data to the
appropriate upper-layer protocol 01 ICMP, 06 TCP, 17 UDP.
ToS Type of Service field is used to determine the priority of each
packet. Enables Quality-of-Service (QoS) mechanism for high priority
traffic such as: VoIP (Voice over Internet Protocol) and Streaming video.
For ToS to me used hosts set ToS field (can be intermediary device such
as a switch). Routers must be configured to examine ToS.
Version Contains the IP version number (4)
Header Length (IHL) Specifies the size of the packet header.
Packet Length This field gives the entire packet size including header
and data, in bytes.
Identification This field is primarily used for uniquely identifying
fragments of an original IP packet.
Header Checksum The checksum field is used for error checking the
packet header.
Options for additional fields in the IPv4 header in order to provide
other services but these are rarely used.

IPV4 ADDRESSING

IPV4 addresses are 32 bits. Dot notation (or dot-decimal notation) is used in order to
represent the values of each IP address byte into the decimal numbering system. The IP
address has two parts:
1. Network part
2. Host part

Classful IP addressing: The value of the first octets (bytes) determines the network part. Used
with the classful routing protocols like RIPv1. The IP routing tables are still structured according
to the classful routing in order to gain speed while processing.

Subnet mask used to determine the Network part and Host part. 32 bits. Continuous
string of 1s after a continuous string of 0s follows. Network part=1, Host part=0. Is
expressed using a decimal dot and slash notation (prefix length)
Address types: Network Address, Broadcast Address, Host Address
Network address part of the address used by the router for path determination.
12

CIDR Classless Inter-Domain Routing

CIDR was introduced as a result to: No available class B networks from the IP address
space. The routing tables in the routers have grown so much big that the hardware,
software and human resources could not deal with them, A shortage of free IP
addresses. CIDR is a methodology that defines a new way of assigning IP addresses and
forwarding IP packets.
CIDR helps reduce the routing tables usng route summarization (aggregation). It enables
abandoning the limits of the classful division.
VLSM = Variable Length Subnet Mask Enables flexible definition of the network size.
The routing protocol now has info about the subnet mask length, which can be variable
and is defined according to needs.

Layer 3 device: ROUTER

Routers Networking devices that make best path decisions (on which interface to forward the
IP packet) based on Layer 3 IP Destination Address. Routers connect multiple networks. Each
interface connects to a different network. Each interface has an IP address/mask for that
network.

Directly Connected Networks

Routers interfaces must be members of different networks.

Router interface participate in the network like other hosts on that network.
Ethernet interfaces:
- Have MAC addresses
- ARP Tables
- Participate in the ARP Request and ARP Reply process like other hosts on that
network.
Since the interface where the router connects to a network is considered to be part of
that network. Router interfaces have an IP address and Subnet Mask which makes them
a host on the network they are attached. Router interfaces must belong to separate
networks!

Routers Routing Table

The network layer provides best-effort end-to-end packet delivery across

interconnected networks. Routers examine the Destination IP Address of a packet to
determine where to send the packet next. After the router determines which path to
use, it proceeds with forwarding the packet. It takes the packet that it accepted on one
interface and forwards it to another interface or port that reflects the best path to the
13

packets destination. Using a routing table to make routing decisions is like using a
signpost and deciding which direction to go. If there is no sign for your direction, you
may be LOST! For all other networks there is an interface to take and get more
instructions. If there is no route to the destination the router will DROP the packet!
Directly connected networks are automatically added to the routing table. Static routes
can be added using the route command. Default gateways can be added using the route
command. Dynamic routing services that use routing protocols like RIP and OSPF can
add additional routes to the routing table. Destination shows the networks that a route
exists for. The 0.0.0.0 network is used for the default route. Gateway specifies the nexthop router or uses 0.0.0.0 for local directory-connected interfaces. Genmask is the
mask applied to incoming destination IP addresses to determine if a route exists. These
are stored by longest (best match) to shortest prefix. Note the genmask of 0.0.0.0 is
used for default route. Applying this mask to any address will always result in a match.
Possible flags include: U(route is up), H(target is a host), G(use gateway). Metric the
distance to the target (usually counted in hops). It is not used by recent kernels, but may
be needed by routing daemons. Iface interface to which packets for this route will be
sent.

Path Determination

A router determines the path of a packet from one data link to another, using two basic
functions:
o A path determination function
o A switching function is the internal process used by a router to accept a packet
on one interface and forward it to a second interface on the same router. A key
responsibility of switching function of the router is to encapsulate packets in the
appropriate frame type for the next data link.

14

Packet Forwarding

Host X has a packet to send to host Y. A router generally relays a packet from one data
link to another, using two basic functions:
1. A path determination function ROUTING
2. A switch function PACKET FORWARDING

From Host X to router RTA

Host X begins by encapsulating the IP packet into a data link frame (in this case
Ethernet) with RTAs Ethernet 0 interfaces MAC address as the data link destination
address. Because the IP Source and IP Destinations addresses are on different networks
Host X knows to forward the packet to RTA and not directly to Host Y. By checking the
ARP Table for Default Gateway IP Addresses and associated MAC addresses, host X
knows or gets the RTAs Ethernet address. If there is not an entery in the ARP Table,
host X sends an ARP Request and RTA sends an ARP Reply.

RTA
1. RTA examines Destination MAC address, which matches the E0 MAC address, so it
copies in the frame.
2. RTA sees the Type field is 0x800, IP packet in the data field, a packet which needs to
be routed.
3. RTA strips off the Ethernet frame.
RTA looks up the Destination IP Address in its routing table.

192.168.4.0/24 has next-hop-ip address of 192.168.2.2 and an exit interface e1. Since
the exit interface is on an Ethernet network, RTA must resolve the next-hop-ip address
with a destination MAC address.
4. RTA looks up the next-hop-ip address of 192.168.2.2 in its ARP cache.
If the entry was not in the ARP cache, the RTA would need to send an ARP request out e.
RTB would send back an ARP reply, so RTA can update its ARP cache with an entery for
192.168.2.2
15

5. Packet is encapsulated into a new data link (Ethernet) frame.

RTB
1. RTB examines Destination MAC address, which matches the E0 MAC address, and copies
in the frame.
2. RTB sees Type field, 0x800, IP Packet in the data field, a packet which needs to be
routed.
3. RTB strips off the Ethernet frame.
RTB looks up the Destination IP Address in its routing table.

192.168.4.0/24 has next-hop-ip address 192.168.3.2 and an exit-interface of Serial0.

Since the exit interface is not an Ethernet network, RTB does not have to resolve the
next-hop-ip address with a destination MAC address. When the interface is a point-topoint serial connection, (like a pipe), RTB encapsulates the IP packet into the proper
data link frame, using the proper serial encapsulation (HDLC, PPP, etc.). The data link
destination address is set to a broadcast (theres only one other end of a pipe).
4. Packet is encapsulated into a new data link (serial, PPP) frame and sent out the link.

16

RTC
1. RTC copies in the datalink (serial, PPP) frame.
2. RTC sees the Type field is 0x800, IP packet in the data field, a packet which needs to be
routed.
3. RTC strips off the data link, serial, frame.
RTC looks up the Destination IP Address in its routing table.

RTC realizes that this Destination IP Address is on the same network as one of its
interfaces and it can send the packet directly to the destination and not another router.
Since the exit interface is on a directly connected Ethernet network, RTC must resolve
the destination ip address with a destination MAC address.
4. RTC looks up the destination ip address of 192.168.4.10 in its ARP cache. If the entery
was not in the ARP cache, the RTC would need to send an ARP request out e0. Host Y
would send back an ARP reply, so RTC can update its ARP cache with an entry for
192.168.4.10.
5. Packet is encapsulated into a new data link (Ethernet) frame and send out the interface.

Host Y
Layer2: Data link Frame
1. Host Y examines Destination MAC address, which matches its Ethernet interface MAC
address, and copies in the frame.
2. Host Y sees the Type field is 0x800, IP packet in the data field, which needs to be sent to
its IP process.
3. Host Y strips off the data link, Ethernet, frame and sends it to its IP process.
17

Layer 3: IP Packet
4. Host Ys IP process examines the Destination IP Address to make sure it matches its own
IP Address If it doesnt, the packet will be dropped.
5. The packets protocol field is examined to see where to send the data portion of this IP
packet: TCP, UDP or other. (which is for Layer 4)

Multiple broadcast domains using VLAN

1. Switch and broadcast domains.
Switches do flooding for: unknown unicasts, Layer 2 broadcasts, Multicast (special layer
2 or 3 addresses that are given to devices that belong to a group)
All Switched Network Two Networks

Two Subnets

Several Collision Domains one per

switch port

One Broadcast Domain

Although there are multiple collision

domains there is only one broadcast
domain and the broadcast messages will
be received by all hosts.

Routed Networks

Two subnets
Several collision domains one per switch port.
Communication between subnets
Two different broadcast domains, since the router doesnt forward L2 broadcasts such
as ARP requests.

By creating VLANs we create segmentation based on broadcast domains. Using VLANs

hardware, resources are saved.
1 VLAN=1 LAN network
18

VLAN Tagging is used when the link needs to carry traffic for more than one VLAN.
Trunk link as the frames from the hosts are coming, a unique VLAN identifier is added
to each header. This information in the header defines the VLAN membership for each
frame. The frames are sent through all trunk lines.
Upon reaching the other Switch, the VLAN ID is removed from the frame and it is
forwarded to the destination device.
There are two methods for frame tagging
o Cisco proprietary Inter-Switch Link (ISL)
o IEEE 802.1Q 802.1Q inserts 4 bytes in the Ethernet frame. The 802.1Q tag is
inserted by the switch before the frame starts to travel via the trunk line. The
switch removes the 802.1Q tag before it is sent via an ordinary link.

19

Lecture 9: Routing protocols

Routed protocol used between routers to direct user traffic. (IP and IPX)
Routing protocol used between routers to maintain tables (RIP, IGRP, OSPF)
1. Routing types
A router must learn about non-directly connected networks either statically or dynamically.
Directly connected networks are networks that the router is connected to, has an IP
address/mask. Non-directly connected networks are remote networks connected to other
routers.
Static uses a programmed route that a network administrator enters into the router.

Static routers are used in conjunction with dynamic routing protocols

It is common to use a static route where using a dynamic routing protocols would have
disadvantages or where its just not needed.
A router must learn about non-directly connected networks. To do this static routers,
the admin configs each router manually.

Dynamic uses a route that a routing protocol adjusts automatically for topology or traffic
changes.

RIP A distance vector interior routing protocol (INTERIOR PROTOCOL)

- Hop count is used as a metric for path selection
- If the hop count is greater than 15, the packet is discarded
- Routing updated are broadcast every 30 seconds by default
IGRP Ciscos distance vector interior routing protocol (INTERIOR PROTOCOL)
- Bandwidth, load, delay and reliability are used to create a composite metric
- Routing updates are broadcast every 90 seconds by default
OSPF A link-state interior routing protocol (INTERIOR PROTOCOL)
- It is a link-state routing protocol
- Open standard routing protocol described in RFC 2328
- Uses the SPF algorithm to calculate the lowest cost to a destination
- Routing updates are flooded as topology changes occur
EIGRP Ciscos advanced distance vector interior routing protocol (INTERIOR
PROTOCOL)
- Its an enhanced distance vector routing protocol
- Uses unequal-cost and equal-cost load balancing
- Uses a combination of distance vector and link-state features
- Uses Diffused Update Algorithm (DUAL) to calculate the shortest path
BGP A distance vector exterior routing protocol (EXTERIOR PROTOCOL)
20

- Used between ISPs or ISPs and clients

- Used to route internet traffic between autonomous systems
IS-IS A link-state interior routing protocol
- IS-IS is an Open System Interconnection (OSI) routing protocol originally specified
by International Organization for Standardization (ISO)
2. IRP vs ERP
Interior routing protocols are designed for use in a network whose parts are
under the control of a single organization. An exterior routing protocol is
designed for use between two different networks that are under the control of
two different organizations.
3. Autonomous systems
An autonomous system (AS) is a collection of networks under a common
administration sharing a common routing strategy. To the outside world, an AS is
viewed as a single entity. The AS may be run by one or more operators while
presenting a consistent view of routing to the external world. The American
Registry of Internet Numbers (ARIN), service provider, or an administrator
assigns an identifying number to each AS.
4. Routing Protocols
The goal of a routing protocol is to build and maintain the routing table. This
table contains the learned networks and associated ports for those networks.
Routers use routing protocols to manage information received from other
routers, information learned from the configuration of its own interfaces, along
with manually configured routers.
Types of routing protocols

Distance Vector: RIP, IGRP, EIGRP

Link state: OSPF, IS-IS
Path vector: BGP
Note: IGRP and EIGRP are Cisco proprietary.

Routing protocol metrics (costs)

RIP Hop count

IGRP and EIGRP Bandwidth, Delay, Reliability, Load
Ciscos OSPF Bandwidth
IS-IS Cost
BGP Number of AS or policy

21

5. Distance Vector Routing Protocols

Router B receives information
from Router A. Router B adds
a distance vector number
(such as a number of hops),
which increases the distance
vector. The Router B passes
this new routing table to its
other neighbor, Router C.
This same step-by-step
process occurs in all
directions between neighbor
routers. Also known as
Routing by rumor. Each
router receives a routing
table from its directly
connected neighbor routers.

Routing table updates occur when the topology changes. As with the network discovery
process, topology change updates proceed step-by-step from router to router. With some
routing protocols routing tables updates happen on a periodic basis. Distance-vector routing
protocols do not allow router to know the topology of the network, as they only know how far
a network is (distance: hops) and which way to forward the packet (vector: exit interface).
(Link-state routing protocols allow routers to see the exact network topology later.)
Distances (hops) are cumulative from one router to the next.
Problem: Routing Loops Distance vector routing protocols are simple in their implementation
and configuration, but this comes at a price. Pure distance vector routing protocols suffer from
possible routing loops. Routing loops can cause major network problems, form packets getting
lost (blackholed) in your network, to bringing down your entire network. Several remedies have
been added to distance-vector algorithms to help prevent routing loops including: split horizon,
hold-down timers and defining a maximum metric.
Problem: Counting to infinity The routing loop creates another problem known as Counting
to Infinity. This condition, loops packet continuously around the network in spite of the
fundamental fact that the destination network, Network 1, is down. While the routers are
counting to infinity, the invalid information allows a routing loop to exist. Without
countermeasures to stop the process, the distance vector (metric) of hop count increments
each time the packet passes through another router. These packets loop through the network
because of wrong information in the routing tables.
22

Simple Split Horizon Avoiding Routing Loop Routers RTA and RTB have their initial routing
tables and are ready to exchange routing information via a distance-vector routing protocol like
RIP.
Simple Split Horizon disabled If split horizon were disables the routing updates would
include all of the networks in their routing tables including their directly connected networks
and any networks learned from any interface
Simple Split Horizon Rule The effect of split horizon is that a router will send out different
routing messages on different interfaces. A router never sends out information on an interface
that it learned from that interface.
Simple Split Horizon with Poison Reverse Many vendor implementations of distance vector
routing protocols apply a special kind of split horizon, called split horizon with poison reverse.
Split horizon with poison reverse means that, instead of not advertising routes to the source,
routes are advertised back to the source with a metric of 16, which will make the source router
ignore the route. It is perceived that explicitly telling a router to ignore a route is better than
not telling it about the route in the first place. One drawback is that routing update packet sizes
will be increased when using Poison Reverse, since they now include these routes.
Link-State Theory The network is viewed as a graph, showing the complete topology of the
network. This is how the routers build this topology:

Flooding of link-state information The first thing that happens is that each node, ruter
on the network, announces its own piece of link-state information to all other routers
on the network: who their neighboring routers are and the cost of the link between
them. Each router sends these announcements to all of the routers in the network.
Building a Topological Database Each router collects all of this link-state information
from other routers and puts it into a topical database.
Shortest-Path First (SPF), Dijkstras Algorithm Using this information, the routers can
recreate a topology graph of the network.
Shortest Path First Tree This algorithm creates an SPF tree, with the router making
itself the root of the tree and the other routers and links to those routers, the various
branches.
Routing Table Using this information, the router creates a routing table.

23

Private IP addresses, NAT/PAT, IPv6

1. Private IP addresses The border routers and Internet routers do not route traffic that
originates from a private address towards the internet. The internal company routers route
traffic that originates from private addresses. Workstations most of the time use company
resources and therefore have no need for a public IP address. Thus, a private IP address is
assigned. But, if the workstation wants to connect to the Internet, the border router designates
a public IP address to the IP packets that need to lave the companys network premises. This
process is called NAT (Network Address Translation).

NAT Network Address Translation

NAT turns private IP addresses into public IP addresses. The public-private IP address pairs are
kept in a table. The incoming traffic is directed towards the private IP address that initiated it,
according to the table entries.

PAT (Port Address Translation)

PAT or NAT Overload is very similar to NAT. PAT enables 2 or more computers to share one
public IP address. Ex. Using Pat and one public IP address one can enable Internet access to all
employees in one company, or all ADSL subscribers. PAT assigns the outgoing packets a public
IP address and a unique port number. In the Pat table both values are recorded: public IP
address, port number. The incoming traffic routing is done using the unique port number.

Dynamic PAT NAT Overload Hides the whole set of private IP addresses into one (or
several) public IP addresses.
NAT

PROS: Savings on the legally registered address scheme. Increased flexibility on the links to the
public network. Provides consistency of the internal address scheme. Provides network
security.
CONS: Performance degradation. End-to-end functionality disruption. Tracking end-to-end IP
connections disruption. Setting up TCP connection is more difficult. The existing architectures
need to be adapted to deal with the changes.

24

IPv6 characteristics

Larger address space, NAT elimination, Broadcast addresses elimination, Simpler header for
higher routing efficiency, Mobility and security support, Transmission richness
2. Larger address space
IPv4 32 bits or 4 bytes
IPv6 128 bits or 16 bytes
- Address assignment: using DHCP or Stateless Autoconfiguration.
- Built-in mobility support
- Route aggregation, summarization: easier Internet address blocks summarization
=> more efficient routing
- No need for NAT/PAT: NAT creates problems on the application layer. By
removing NAT/PAT more efficient routing can be achieved.
- No broadcast: IPV6 doesnt use broadcast addresses on later 3, uses multicast
instead.
- Transition mechanisms: a large number of mechanisms are proposed for
transitioning from IPv4 to IPv6.

IPv3 header: 12 basic header fields + options & padding | data (transport segment).
Fixed size = 20 octets + options
IPv6 header: 8 fields = 40 octets. 1 new (Flow label), 7 similar to IPv4, 7 removed.
Extension headers.

25

3. Address representation
128 bit IPv6 addresses = 8 16 bit segments. Each segment is written in its hexadecimal form
(0x0000 0xFFFF). All segments are separated using colons :
Ex. 3ffe:1944:0100:000a:0000:00bc:2500:0d0b
4. Network prefix
IPv4, network prefix network part of the address is identified using the subnet mask
in dot decimal form or using bitcount
255.255.255.0 or /24
IPv6 network prefix is always identified using bitcount. All addresses are followed by a
slash notation.
CIDR notation or prefix notation
3ffe:1944:100:a::/64
16

32

48 64 bits

IPv6 addresses types

Unicast Global Unicast. Link Local Unicast
Multicast Set of interfaces. The packet is sent to all interfaces that are identified with the
address.
Anycast Set of interfaces (usually different nodes). The packet is sent to any interface, the
closest one.
No broadcast address in IPv6
IPv4 to IPv6
IPv4 to IPv6 transition strategies

Dual stack
Tunneling : 6to4 tunnel. ISATAP tunnel. Teredo tunnel. Etc

a) Dual stack Two protocol stacks for IPv4 and IPv6 implemented in the hosts. The
implementations are independent or hybrid. With Ipv4 the host communicates using the
IPv4 protocol. With IPv6 the host communicates using the IPv6 protocol.
b) Tunneling Tunnels connect isolated IPv6 hosts over IPv4 infrastructure. IPv6 packets
are packed into IPv4 packets. IPv4 protocol is used as a data layer protocol for the IPv6
protocol.

26

5. Dynamic Host Configuration Protocol

When the host connect to the network, it sends a broadcast DHCPDISCOVER message
The DHCP serves in the network respond with a unicast offer - IP address, subnet mask,
gateway and lease time.
The host chooses one offer and using broadcast informs all DHCP serves for his decision
The DHCP server the offer, uses unicast message to acknowledge the parameters lease
If the DHCP server doesnt acknowledge, the host returns to step 1.

27

Lecture 10: Transport Layer

Addressing
Connection establishment
Connection release
Flow control & buffering
Multiplexing

Both data link layer and transport layer protocols implement flow and error control, that is way
they have protocols. We need two very similar protocols because there is a huge difference in
the medium over which the protocols communicate. Data link layer protocols communicate
directly over the medium, while transport layer protocols over a network of nodes they may
unpredictably delay, drop or duplicate packets.
1. Addressing
You have opened a couple of Gmail messages in different browser tabs. The Gmail server
decides to which of the tabs to send which message content through the transport layer which
includes addressing. Each browser tab has its own transport address and using that address
creates a connection to the Gmail server. TCP/IP address = port. In ATM = AAL SAP.
2. Connection establishment
The simplest case:
- Send CONNECTION REQUEST
- Wait CONNECTION ACCEPTED
Packets can be delayed, lost, or worst of all duplicated. The problem of delayed duplicates is
not solved for 100% of the cases. For solving the problem of delayed duplicates:
a) Use new transport layer address for each connection.
b) Assign a connection IP to each connection (sequence number that is incremented
with each packet)
c) Setup a mechanism for killing the old packets using: Special loopless network design.
Setting a hop count in the packets. Setting a timestamp in each packet (needs
synchronization)
3. Flow control and buffering.
Similar to data link layer flow control => sliding window. Differences: routers have multiple
interfaces, hosts have a large number of connections => hard to implement the data link layer
strategies. The sender must buffer the messages that need to be sent in case they need to be
resent. The receiver, may, but doesnt have to, buffer the messages temporarily.

28

4. Multiplexing
a) Upward multiplexing (one network address for all connections)
b) Downward multiplexing (one connection uses multiple network addresses for increasing
sending speed)

UDP + RTP
1. UDP header | User Datagram Protocol (UDP) | UDP Protocol | UDP Services

Connectionless-oriented protocol, described in RFC 768.

Advantage: providing low overhead data delivery
Each UDP segment adds 8 byte header to the Application layer data
Stateless protocol neither the client, nor the server, is obligated to keep track of the
state of the communication session.
UDP PDU = datagram
Generic transport layer PDU = segment
o UDP datagrams are sent as best effort
Applications that use UDP include
o Domain Name System (DNS)
o Video Streaming
o Voice over IP (VoIP)
UDP is simpler than TCP doesnt provide the sophisticated retransmission, sequencing
and flow control mechanisms
Unlike TCP, UDP doesnt provide segmentation or reassembly or:

Connectionless (No session establishment): UDP doesnt establish a connection between the
hosts before data can be send and received.
Unreliable Delivery (Any segments lost are not resent): UDP doesnt guarantee delivery of data,
data can be lost on the way, lost data is not retransmitted by the source.

29

No ordered Data Reconstruction (Data is reconstructed in the order that it is received):

Occasionally data is received in different order that it was sent. UDP doesnt provide any
mechanism for reassembling the data in its original sequence. The data is simply delivered to
the application in the order that it arrives.
No Flow Control (No congestion management): There are no flow control mechanisms within
UDP. If resources on the destination host become overtaxed, the destination host mostly likely
drops data sent until resources become available. Unlike TCP, with UDP there is no mechanism
for automatic retransmission of dropped data.
2. The Real-Time Transport Protocol
Popular streaming services:
-

Internet radio
Internet telephony
On-demand music
Videoconference

Each application re-invented the same stuff. Thus, the need for a generic real-time transport
protocol had arisen. RTP is positioned in the application layer, it is executed in the OS user
space. Packet nesting.

Multimedia applications have multiple streams: audio, video, text, etc. Streams are sent to the
RTP library, that works in the OS user space together with the multimedia application. The
library multiplexes the streams and forms RTP packets. These packets are sent using a socket.
The OS core creates UDP segments that are picked into IP packets, packed into Ethernet
frames. RTP multiplexes multiple real-time streams into one UDP stream. No delivery guarantee
or jitter guarantee. Each RTP packet has a sequence number:

Incremented in the next packet

If the packet is lost, interpolation is used to replace the lost packet

30

RTP has no flow control, error control, acknowledgments, and re-transmissions. RTP time
stamps the packets. This enables jitter reduction and synchronization of multiple strams.

Payload type what coding algorithm is being used in the segment (MP3)
Sequence number to identify lost packet
Timestamp time the first packet is made (for synchronization and jitter regulation)

TCP

31

1. Transmission Control Protocol

Connection-oriented protocol, described in RFC 793: TCP incurs additional overhead to
gain functions. Each TCP segment adds a 20-byte header to the Application layer data.
Applications that use TCP include: Web Browsers, E-mail, File Transfers.
The TCP PDU is called a segment
Acknowledgment number, Sequence Number & Window Size are used by sliding
window algorithm. TCP is byte-oriented protocol; each byte has its own sequence
number. Sequence Number = of the first data byte in the segment. Acknowledgment
number & Window Size carry information about the reversed data stream. Host
(network address) + port number combination = socket in TCP/IP.
6-bit Flags field = control information exchange.
Flags: SYN, FIN, RESET, PUSH, URG & ACK. SYN & FIN are used for TCP connection
establishment and termination. ACK is set every time the Acknowledgment field is valid
and the receiver should process it. URG the segment contains urgent data. Urgent
Pointer shows where the not-urgent data start. RESET the receiver is confused
received a segment that is not expected and wants to terminate the connection.
Checksum same as UDP
TCP connection establishment
Step 1:
TCP client starts the threeway handshake by sending a
segment with the SYN
(Synchronize Sequence
Number) flag set to 1.
Sequence number holds the
value known as Initial
Sequence Number (ISN)
random number used to
track the data flow between
the client and the server.
Step 2:
Server returns a segment with:
- ACK flag set to 1 = Acknowledgment number is valid: Value of acknowledgment number
= initial sequence number of the client +1. This is expected acknowledgment the next
byte expected to be received by the host.
- SYN flag set to 1 together with a random number in the Sequence number field.

32

Step 3:
TCP client answers with a segment that contains the ACK as a response to the SYN sent by the
server. Acknowledgment number = sequence number form the server +1. The client can start
sending data.
Silly window syndrome:
The buffer at the receiver is
full. The application at the
receiver will read one byte.
The TCP layer at the receiver
will send a message to the TCP
layer at the sender that there
is free space for one byte. The
sender will send one byte. The
communication is byte-bybyte as in a stop & wait
scenario. Clarks solution is to
force the sender to wait until
there is a significant amount
of free space in the buffer.

Nagles algorithm:
If we have data to send, but the open window is smaller than the max segment size, we might
wait with the transmission. If we wait too long, interactive applications like telnet suffer. If it is
too soon, we risk to send small packets and enter the silly window syndrome. Solution: set a
timer and send when it expires. We can segment every 100 ms, for an example Nagle presented
a more elegant solution. The key ideas were as long as TCP has unacknowledged data, the
receiver will eventually get an ACK. This ACK can be used as a trigger event to send new data.
Half of the window or max segment size has been reached.
Slow start:
The sender is limited by two windows. One window is flow control. The other is congestion
control. The amount of information that the sender can send at once is the min of the two
windows. Example on setting the size of the congestion window: Sender sends a segment and
33

waits for ACK; Then sends 2 segments and waits for ACK; Then sends 4 segments and waits for
ACK; As long as an ACK is received, the number of segments that can be sent doubles.
Internet congestion control algorithm:
There is one more parameter: threshold. If the unACK segments timers expire, the threshold is
set to the half of the congestion window. The congestion window is reset to 1. The slow start
algorithm is activated as long as the congestion window is smaller than the threshold. Above
the threshold, the congestion window increases linearly.

Well Known Ports (Numbers 0 to 1023) Reserved for common services and
applications. Client: TCP destination port ;
Server: TCP source port.
Registered Ports (Numbers 1024 to 49151) Assigned to user processes or applications.
Non-common applications: Client: TCP destination port
;
Server: TCP source
port. May also be used as dynamic or private port.
Dynamic or Private Ports (Numbers 49152 to 65535) Also known as Ephemeral Ports.
Usually assigned dynamically to client applications when initiating a connection: Client:
TCP source port
;
Server: TCP destination port. May also include the range of
Registered Ports (Numbers 1024 to 49151).

The thing that makes each connection unique is the connection defined by the pair of numbers:
Source IP address, Source port (From Client to Server)
; Destination IP address, Destination
port (From Server to Client). Different connections can use the same destination port on server
host as long as the source ports or source IPs are different.
Sockets
Combining the transport layer port number and the network layer IP address uniquely identifies
a particular application process running on an individual host device. This combination is called
a socket. A socket pair, consisting of the source and destination IP addresses and port numbers,
is also unique and identifies the specific conversation between the two hosts. A client socket
might look like this, representing the source IP address and source port number:
192.168.1.101:49888. The socket on a web server might be, representing the destination IP
address and destination port number: 192.133.219.25:80. Together, these two sockets combine
to form a socket pair: 192.168.1.101:49888, 192.133.219.25:80.

34

Lecture 11: Application Layer

1. Web and HTTP A web page consists of base HTML-file which includes several
referenced objects (An Object can be an HTML file, JPEG image, JAVA applet, audio
file). Each object is addressable by an URL.
2. HTTP Overview HTTP (Hypertext transfer protocol), Application layer protocol for the
Web. Client/Server model.
Client: browser that requests, receives, displays Web objects.
Server: Web server sends objects in response to requests.
Uses TCP: client initiates TCP connection (creates socket) to server, port 80. Server
accepts TCP connection from client. HTTP messages (application-layer protocol
messages exchanged between browser (HTTP client) and Web server (HTTP server)).
TCP connection is closed.
HTTP is stateless: Server maintains no information about past client requests.
Protocols that maintain state are complex: Past history (state) must be maintained. If
server/client crashes, their views of state may be inconsistent, must be reconciled.
3. Non-persistent HTTP: At most one object is sent over a TCP connection
HTTP client initiates TCP connection to HTTP server (process) at www.finki.ukim.mk on port 80.
HTTP server at host www.finki.ukim.mk waiting for TCP connection at port 80, accepts
connection, notifying client. HTTP client sends HTTP request message (containing URL) into TCP
connection socket. Message indicates that client wants object. HTTP server receivers the
request message, forms a response message containing requested object and sends message
into its socket. HTTP server closes TCP Connection. HTTP client receives response message
containing html file, displays html. Parsing html file, the browser finds 10 referenced jpeg
objects. Steps 1-5 repeated for each of the 10 jpeg objects.
Definition of RTT: time for a small packet to travel from client to server and back.
Response time: One RTT to initiate TCP connection. One RTT for HTTP request and first few
bytes of HTTP response to return. File transmission time total = 2RTT+transmit time.
4. Persistent HTTP: Multiple objects can be sent over single TCP connection between client
and server.
Server leaves connection open after sending response. Subsequent HTTP messages between
same client/server sent over open connection. Client sends requests as soon as it encounters a
referenced object. A little as one RTT for all the referenced objects.
Non-persistent HTTP issues: requires 2 RTTs per object. OS overhead for each TCP connection.
Browsers often open parallel TCP connections to fetch referenced objects.

35

5. HTTP Request message There are two types of HTTP messages: request and response
a. HTTP request message ASCII (human-readable format) general format:

b. Uploading form input we have

Post method: Web page often includes form input. Input is uploaded to server in entity body.
URL method: Uses GET method. Input is uploaded in URL field of request line.
c. Method types:
HTTP 1.0 GET, POST, HEAD (asks server to leave requested object out of response)
HTTP 1.1 GET, POST, HEAD, PUT (uploads file in entity body to path specified in URL field),
DELETE (deletes file specified in the URL field).
d. HTTP Response message
In first line in server -> client response message. A
few simple codes:
200 OK request succeeded, requested object later
in this message
301 Moved Permanently requested object moved,
new location specified later in this message.
400 Bad Request request message not understood
by server
404 Not Found requested document not found on this server.
505 HTTP Version Not Supported.

36

6. Web caches (proxy server) The goal is to satisfy client request without involving origin
server. User sets browser: Web access via cache. Browser sends all HTTP request to
cache:
- Object in cache: cache returns object
- Else cache requests object from origin server, then returns object to client.
Cache acts as both client and server. Typically, cache is installed by ISP. Web caching is used to
reduce response time for client request. Reduce traffic on an institutions access link.
Assumptions Average object size = 1 000 000 bits. Average request rate from institutions
browsers to origin servers = 15sec. Delay from institutional router to any origin server and back
to router = 2 sec.
Consequences Utilization on LAN = 15%. Utilization on access link = 100%. Total delay =
Internet delay + access delay + LAN delay = 2 sec + minutes (congested) + milliseconds.
Possible solution Increase bandwidth of access link to, say, 100 Mbps
Consequence Utilization on LAN = 15%. Utilization of access link = 15%. Total delay = Internet
delay + access delay + LAN delay = 2 sec + msecs + msecs. But often a costly upgrade.
Possible solution: install cache Suppose hit rate is 0.4
Consequence 40% requests will be satisfied almost immediately. 60% requests satisfied by
origin server. Utilization of access link reduces to 60%, resulting in negligible delays (say 10
msec). Total average delay = Internet delay + access delay + LAN delay = 0.6*(2.01)sec +
0.4*milliseconds <1.4 secs.
Caching Conditional GET The goal is to dont send object if cache has up-to-date cached
version. Cache: specify date of cached copy in HTTP request if-modified-since:<date>. Sever:
response contains no object if cached copy is up-to-date: HTTP/1.0 304 Not Modified.
7. FTP: File Transfer Protocol Transfer file to/from remote host. Client/Server model
(Client: side that initiates transfer either to/from remote |
Server: remote host).
ftp: RFC 959. ftp server: port 21.
8. FTP: Separate control, data connections
FTP client contact FTP server at port 21, TCP is transport protocol. Client authorized over
control connection. Client browses remote directory by sending commands over control
connection. When serer receives file transfer command, server opens 2nd TCP connection (for
file) to client. After transferring one file, server closes data connection. Server opens another
TCP data connection to transfer another file. Control connection is out of band (http has inband). FTP server maintains state: current directory, earlier authentication.

37

9. FTP commands, responses

Sample commands:

Sent as ASCII text over control channel.

USER username
PASS password
LIST returns list of file in current directory
RETR filename retrieves (gets) file (mget)
STOR filename stores (puts) file onto remote host (mput)

Sample return codes:

Status code and phrase (as in http)

331 Username OK, password required
125 data connection already open; transfer starting.
425 cant open data connection
452 error writing file

SYNTHESIS: A DAY IN THE LIFE OF WEB

REQUEST
Journey down protocol stack complete!
- Application, transport, network, link
Putting-it-all-together:synthesis!
- Goal: identify, review, understand protocols (at all layers) involved in seemingly simple
scenario: requesting www page
- Scenario: strunet attaches laptop to campus network, requests/receives
www.google.com
Connection laptop needs to get its own IP address, address of first-hop router, address of DNS
server: use DHCP
DHCP request; encapsulated in UDP; encapsulated in IP; encapsulated in 802.1 Ethernet
Ethernet frame broadcast (destination: FFFFFFFFFFFF) on LAN , received at router running
DHCP server. Ethernet demuxed to IP demuxed, UDP demuxed to DHCP.

38

DHCP server formulates DHCP, ACK containing clients IP address, IP address of first-hop router
for client, name & IP address of DNS server. Encapsulation at DHCP server, frame forwarded
(switch learning) through LAN, demultiplexing at client. DHCP client receives DHCP ACK reply.
Client now has IP address, knows name & address of DNS server, IP address of its first-hop
router. Before sending HTTP request need IP address of www.google.com: DNS
- DNS query created, encapsulated in UDP, encapsulated in IP, encapsulated in Ethernet.
In order to send frame to router, need MAC address of router interface: ARP.
- ARP query broadcast, received by router, which replies with ARP reply giving MAC
address of router interface.
- Client now knows MAC address of first hop router, so can now send frame containing
DNS query.
- IP datagram containing DNS query forwarded via LAN switch from client to 1 st hop
router.
- IP datagram forwarded from campus network into Comcast network, routed (tables
created by RIP, OSPF, IS-IS and/or BGP routing protocols) to DNS server.
- Demuxed to DNS server
- DNS server replies to client with IP address of www.google.com
- To send HTTP request, client first opens TCP socket to web server.
- TCP SYN segment (step 1 in 3-way handshake) inter-domain routed to web server.
- Web server responds with TCP SYNACK (step 2 in 3-way handshake)
- TCP connection established!
WEB PAGE FINALLY DISPLAYED
-

HTTP request sent into TCP socket

IP datagram containing HTTP request routed to www.google.com
Web server responds with HTTP reply (containing web page)
IP datagram containing HTTP reply routed back to client.

39

Exercise 6: Network layer

There is no need for IP addresses to communicate inside the borders of a local network. Devices
can communicate with the use of MAC addresses only. But, we do not know the MAC
addresses. They are written NIC card. To find the MAC address if we know the IP we send an
ARP (Address Resolution Protocol) request.
MAC address resolution
when we send a packet to
the local network IP.
When A sends an ARP to
know the MAC address of C,
it than can send a frame. In
As ARP CACHE we have the
IP address of C next to the
MAC address of C.

If an IP packet is sent
outside of the local
network.
When A wants to
send a packet outside
the network it sends
an ARP to the router.
In As ARP CACHE the
IP address of the
router and the MAC
address are written,
and the packet is
sent. When the
packet reaches the
router, the router will
forward the frame
based on a route in
its table.
40

When a computer is switched off the

local network.
If As ARP CACHE has Cs IP address
and MAC address, A will still try to
communicate with C.
And C is switched off the network.

1. Message types in ARP there are 4 message types in ARP protocol. They are identified
by 4 values in the operation field in the ARP message.
ARP request
ARP reply
RARP request
RARP reply
The ARP message format has: 16bits for HARDWARE TYPE, 16bits for PROTOCOL TYPE. 8bits
HARDWARE ADDRESS LENGTH, 8bits PROTOCOL ADDRESS LENGTH, 16bits OPERATION, 32bits
SENDER HARDWARE ADDRESS, 16bits SENDER HARDWARE ADDRESS, 16bits SENDER IP
ADDRESS, 16bits SENDER IP ADDRESS, 16bits TARGET HARDWARE ADDRESS, 32bits TARGET
HARDWARE ADDRESS, 32bits TARGE IP ADDRESS.

41

2. Internet network layer Consists of the routers network layer functions.

Routing Protocols
i. Path choice
ii. RIP, OSPF, BGP
iii. Routing table
IP protocol
i. Addressing
ii. Datagram format
iii. Handling packets
ICMP protocol
i. Errors reporting
ii. signalization to router
3. IP addresses:
Logical addresses
i. IPv4
ii. IPv6
Layer 3 addressing
IPv4
i. 32-bit address
ii. 4 octets of 8 bits
Address range
i. Host addresses
0.0.0.0 223.255.255.255
ii. Multicast addresses 224.0.0.0 239.255.255.255
iii. Experimental
240.0.0.0 255.255.255.254
The problem is that there is a lack of IPv4 addresses
Private addresses concept:
i. 192.168.0.0 192.168.255.255
ii. 172.16.0.0 172.31.255.255
iii. 10.0.0.0 10.255.255.255
Special addresses
i. 127.0.0.0 127.255.255.255 local services (loopback)
ii. 169.254.0.0 169.254.255.255 local link
Classes Addresses are classified into 5 disjunctive classes, that differ among
each other by the first bits of the first octet
i. A 00000000 01111111 (0-127)
ii. B 10000000 10111111 (128-191)
iii. C 11000000 11011111 (192-223)
iv. D 11100000 11101111 (224-239)
v. E 11110000 11111111 (240-255)

42

IP addresses hierarchy In order to find the packet destination faster, IP

addresses are grouped. Similar to addressing a State, City, Street and number.
Network and host part Specified by subnet mask. If k bits specify the network
address, 32 k bits specify the host address. Subnet mask consists of k ones and
32 k zeros. The mask /25 represents 11111111.11111111.11111111.10000000
= 255.255.255.128
3 types of addresses
i. Network address
ii. Broadcast address
iii. Host address

- Network address determination from IP address and subnet mask. Logical AND of the address
and the subnet mask

Left part (k bits) marked by the 1-s of the subnet mask (remains the same)
Right part (32 k bits) is replaces by 0-s

- Broadcast address determination from a given IP address and subnet mask.

Left part (k bits) marked by the 1s of the subnet mask (remains the same)
Right part (32 k bits) of the address are set to 1s

4. IP addressing
IP address has 32 bits identifier for host, router interface. An interface is a connection between
host, router and physical link. Routers typically have multiple interfaces. Host may have
multiple interfaces. IP addresses associated with interface, not host, router. To find the
networks we detach each interface from router, host and create islands of isolated networks.
43

5. Subnet Addressing External routers need to store entries only for the network ID.
Internal routers and hosts use subnet mask to identify subnet ID and route packets
between subnets within the network
6. How to get an IP address:
Hosts hard-coded by system admin in a file. DHCP (Dynamic Host Configuration
Protocol) dynamically get address: plug-and-play. Host broadcasts DHCP
discover msg. DHCP server responds with DHCP offer msg. Host requests IP
address: DHCP request msg. DHCP server sends address: DHCP ack msg.
ISP gets block of addresses with ICANN (Internet Corporation for Assigned
Names and Numbers) allocates addresses, manages DNS, assigns domain
names, resolves disputes.
7. Local network output
Default Gateway network output port One IP address from the local address
space is defined to be an output. All packets addressed outside of the local
network will be sent to the output port.

8. Getting a datagram form source to destination

IP datagram | misc fields | source IP address | Destination IP address | Data
Datagram remains unchanged, as it travels source to destination fields of
interest here.
If A and B are on the same network Starting at A, given IP datagram addressed
to B. Looks up network address of B and finds B is on the same networks as A.

44

Link layer will send datagram directly to B inside link-layer frame. A and B are
directly connected.
Starting at A, destination E looking up network address of E. E is on a different
network. A and E are not directly attached. Routing table: next hop router to E is
223.1.1.4 link layer sends datagram to router 223.1.1.4 inside link-layer frame.
Datagram arrives at 223.1.1.4, destination is 223.1.2.2. Look up network address
of E, E on the same network as routers interface. Router and E are directly
attached. Link layer sends datagram to 223.1.2.2 inside link-layer frame via
interface 223.1.2.9 datagram arrives at E.
9. IP Features
Provides:
Connectionless service
Addressing
Data forwarding
Fragmentation and reassembly
Supports variable size datagrams
Best-effort delivery
Provides only Send and Delivery services. Error and control messages
generated by Internet Control Message Protocol (ICMP)
Doesnt provide

End-to-end data reliability and flow control (done by TCP or application layer
protocols)
Sequencing of packets (like TCP)
Error detection in payload (TCP, UDP or other transport layers)
Error reporting
(ICMP)
Setting up route
tables (RIP, OSPF,
BGP etc)
Connection setup
Address/Name
resolution (ARP,
RARP, DNS)
Configuration
(BOOTP, DHCP)
Multicast

45

10. IP Fragmentation and Reassembly

Network links have MTU (max transfer size) largest possible link-level frame.
For different link types, different MTUs.
Large IP datagram divided (fragmented) within net one datagram becomes
several datagrams. Reassembled only at final destination. IP header bits used
to identify, order related fragments.

46

Exercise 7: Network layer

1. The IP Routing Process The IP routing process is fairly simple and doesnt change,
regardless of the size of your network.

(packet creation) Internet Control Message Protocol (ICMP) creates an echo request payload.
ICMP hands that payload to Internet Protocol (IP), which then creates a packet. At a minimum,
this packet contains an
o IP source address
o IP destination address
o Protocol field with 01h
All of that tells the receiving host whom it should hand the payload to when the destination I
reached in this example ICMP. Once the packet is created, IP determines whether the
destination IP address is on the local network or a remote one. Since IP determines that this is a
remote request, the packet needs to be sent to the default gateway so the packet can be
routed to the remote network. The Registry in Windows is parsed to find the configured default
gateway.
(resolve interface) The default gateway of host 172.16.10.2 (HostA) is configured to
172.16.10.1. For this packet to be sent to the default gateway, the hardware address of the
routers interface Ethernet 0 (configured with the IP address of 172.16.10.1) must be known. So
the packet can be handed down to the Data Link layer, framed, and sent to the routers
interface thats connected to the 172.16.10.0 network. Because hosts only communicate via
hardware address on the local LAN, its important to recognize that for HostA to communicate
to HostB, it has to send packets to the Media Access Control (MAC) address of the default
gateway on the local network. MAC addresses are always local on the LAN never go through
and past a router.
(ARP in action) Next, the Address Resolution Protocol (ARP) cache of the host is checked to see
if the IP address of the default gateway has already been resolved to a hardware address. If it
has, the packet is then free to be handed to the Data Link layer for framing. If the hardware
address isnt already in the ARP cache of the host and ARP broadcast is sent out onto the local

47

network to search for the hardware address of 172.16.10.1. The router responds to the request
and provides the hardware address of Ethernet 0, and the host caches this address.
(frame creation) Once the packet and destination hardware address are handed to the Data
Link layer, the LAN driver is used to provide media access via the type of LAN being used (in this
example Ethernet). A frame is then generated, encapsulating the packet with control

information. Within that frame are the hardware destination and source addresses plus, in this
case, an Ether-Type field that describes the Network layer protocol that handed the packet to
the Data Link layer in this instance, IP. At the end of the frame is something called a Frame
Check Sequence (FCS) field that houses the result of the cyclic redundancy check (CRC). It
contains HostAs hardware (MAC) address and the destination hardware address of the default
gateway. It doesnt include the remote hosts MAC address remember that!
Once the frame is completed, its handed down to the Physical layer to be put on the physical
medium one bit at a time. Every device in the collision domain receives these bits and builds
the frame. They each run a CRC and check the answer in the FCS field. If the answers dont
match, the frame is discarded. If the CRC matches, then the hardware destination address is
checked to see if it matches too. If its a match, then the Ether-Type field is checked to find the
protocol used at the Network layer. The packet is pulled from the frame, and what is left of the
frame is discarded. The packet is handed to the protocol listed in the Ether-Type field Its
given to IP. IP receives the packet and checks the IP destination address. Since the packets
destination address doesnt match any of the addresses configured on the receiving router
itself, the router will look up the destination IP network address in its routing table. The routing
table must have an entry for the network 172.16.20.0 or the packet will be discarded
immediately and an ICMP message will be sent back to the originating device with a destination
network unreachable message. If the router does find an entry for the destination network in
its table, the packet is switched to the exit interface in this example, interface Ethernet 1. The
router packet-switches the packet to the Ethernet 1 buffer. The Ethernet 1 buffer need to know
the hardware address of the destination host and first checks the ARP cache. If the hardware
address of HostB has already been resolved and is in the routers ARP cache, then the packet
and the hardware address are handed down to the Data Link layer to be framed. If the
hardware address has not already been resolved, the router sends an ARP request out E1
looking for the hardware address 172.16.20.2. HostB responds with its hardware address, and
the packet and destination hardware address are both sent to the Data Link layer for framing.
The Data Link layer creates a frame with the destination and source hardware address, EtherType field and FCS field at the end. The frame is handed to the Physical layer to be sent out on
the physical medium one bit at a time. HostB receives the frame and immediately runs a CRC. If
the result matches whats in the FCS field, the hardware destination address is checked. If the
48

host finds a match, the Ether-Type field is then checked to determine the protocol that the
packet should be handed to at the Network layer IP in this example. At the Network layer, IP
receives the packet and checks the IP destination address. Since theres finally a match made,
the Protocol field is checked to find out whom the payload should be given to. The payload is
handed to ICMP, which understands that this is an echo request. ICMP responds to this my
immediately discarding the packet and generating a new payload as an echo reply. A packet is
then created including the source and destination addresses, Protocol field and payload. The
destination device is now HostA.

(packet sending) IP then checks to see whether the destination IP address is a device on the
local LAN or on a remote network. Since the destination device is on a remote network, the
packet needs to be sent to the default gateway. The default gateway IP address is gound in the
Registry of the Windows device, and the ARP cache is checked to see if the hardware address
has already been resolved from IP address. Once the hardware address of the default gateway
is found, the packed and destination hardware addresses are handed down to the Data Link
layer form framing.
(frame sending) The Data Link layer frames the packet of information and includes the following
in the header:
o The destination and source hardware addresses
o The Ether-Type field with 0x0800 (IP) in it
o The FCS field with the CRC result in tow
The frame is now handed down to the Physical layer to be sent out over the network medium
one bit at a time. The routers Ethernet 1 interface receives the bits and builds a frame. The CRC
is run, and the FCS field is checked to make sure the answers match. Once the CRC is found to
be okay, the hardware destination address is checked. Since the routers interface is a match,
the packet is pulled from the frame and the Ether-Type field is checked to see what protocol at
the Network layer the packet should be delivered to.
(packet routing) The protocol is determined to be IP, so it gets the packet IP runs a CRC check
on the IP header first and then checks the destination IP address. (IP doesnt run a complete
CRC as the Data Link layer does it only checks the header of errors). In this case, the router
does know how to get to network 172.16.10.0 the exit interface is Ethernet 0 so the packet
is switched to interface Ethernet 0. The router checks the ARP cache to determine whether the
hardware address for 172.16.10.2 has already been resolved. Since the hardware address to
172.16.10.2 is already cached from the originating trip to HostB, the hardware address and
packet are handed to the Data Link layer. The Data Link layer builds a frame with the
destination hardware address and source hardware address and then puts IP in the Ether-Type
field. A CRC is run on the frame and the result is placed in the FCS field. The frame is then
handed to the Physical layer to be sent out onto the local network one bit at a time. The
49

destination host receives the frame, runs a CRC, checks the destination hardware address, and
looks in the Ether-Type field to find out whom to hand the packet to.
(Receive ICMP response) IP is the designated receiver, and after the packet is handed to IP at
the Network layer, it checks the protocols field for further direction. IP finds instructions to give
payload to ICMP, and ICMP determines the packet to be an ICMP echo reply. ICMP
acknowledges that it has received the reply by sending an exclamation point (!) to the user
interface. ICMP then attempts to send four more echo requests to the destination host.
IP routing example 1
HostA sends data to the HTTP server:
- The destination address of a frame, from
HostA, will be the MAC address of the F0/0
interface of the RouterA router.
- The destination address of a packet will be
the IP address of the network interface card
(NIC) of the HTTP server.
- The destination port number is the segment
header will have a value of 80.
IP routing example 2
HostA sends data to the HTTPS server:
-The destination address of a frame, from
HostA, will be the MAC address of the F0/0
interface of the RouterA router.
-The destination address of a packet will be
IP address of the network interface card (NIC)
of the HTTPS server.
-The destination port number in the
segment header will have a value of 443.
-Switches arent used as either a default
gateway of another destination, because
they have nothing to do with routing.
IP routing example 3
Host 4 communicated with the Sales server.
Host 4 sends ARP request. Host 4 receives ARP
reply, then creates package and frame. The
router Lab_A receives the package and forwards
it through the interface F0/0 towards the
server.
50

Exercise 8: Network layer

1. The function of the network layer is to: transfer packet from source to destination. We
have network layer protocols at each host and router. There are 3 important functions:
Determining routes: route through which the packet move from source to destination.
Routing algorithms.
Switching: forwarding packet from an input interface to an appropriate output interface
Connection setup: (optional) some network architectures require connection setup
along the route before forwarding data.
2. Datagram network: Internet model
No connection setup at network layer. Routers: no end-to-end connection. There is no concept
of connection at network layer. Packets usually travel using the ID of the destination host.
Packet between the same source-destination pair can travel through different routes.

3. Routing
The goal of the routing protocols is to find good (the minimal cost) route (sequence of
routers) through the network from source to destination. Graph abstraction for routing
algorithms: nodes are router. Links are the physical connections. Link price: delay, price or
congestion level.
4. Classification of routing algorithms
Global: All routers know the whole network topology and link costs. Link state algorithms
Decentralized: Routers know only about the physically connected neighbors and the link costs
to them. Interactive process of calculation, exchange of partial information with neighbors.
Distance vector: algorithms.
Static: Routers change slowly in time. Manually entered routers. Stable

51

Dynamic: Routers learned by routing protocols. Routers change much faster. Periodic updates.
Depending on the link costs changes.
5. Static routing Used at hosts or very small networks. For each network prefix the
routers are manually entered.

6. Link-State routing algorithm

Dijkstras algorithm. Network topology and link costs known to all nodes. Information exchange
using link state broadcast. All nodes have the same information. Calculate the cheapest route
from one source node to all other nodes. Finds the routing table for that node. Iterative: after k
iterations, fins the cheapest route to k destinations.
7.

Distance vector routing protocol

Iterative: Performed until the node stop exchanging information
Self-terminating: No stop signal
Asynchronous: Nodes dont exchange information in lock step!
Distributed: Each node communicates only with the directly connected neighbors.

Distance table Separate for each router. Row for each possible destination. Column for each
directly connected neighbor of the node. For example: in node X, for destination Y through
neighbor Z.

52

8. Distance vector routing: overview

Iterative, asynchronous: each local iteration trigged by:
- Local link cost change
- Message from a neighbor: change of some of his routes
Distributed: each node notifies its neighbors only when its shortest route to some destination
change. Neighbors then notify their neighbors if it is required.
Each node:
- WAIT for a change in the local cost, or message from a neighbor
- CALCULATE distance table
- If the smallest cost to some destination changes, NOTIFY the neighbors.
Link cost change The node detects local link cost change and updates the distance table, if the
new cost is lowest for that destination it notifies its neighbors. Good news travel fast. Bad news
travel slowly count to infinity problem.
9. Comparison of LS and DV algorithms
Message complexity:
- LS: with n nodes, E links, O(nE) messages sent
- DV: message exchange only with neighbors convergence time is variable
Converges speed:
- LS: O(n) algorithm Can oscillate
- DV: convergence time varies Can have routing hops. Count-to-infinity problem.
Robustness: what if a router brakes down?
- LS: The node may advertise incorrect link cost. Each node calculates its own routing
table
- DV: Can advertise a misleading route. The routing table of routers are used by everyone
The error propagates through the whole network.

10. Routing Information Protocol (RIP) RIP distributed in BSD UNIX in 1982. Uses the
distance-vector algorithm. Metric: number of hops (max 15). Suitable for small
networks. Distance vectors: exchanged at every 30 seconds using Response Message
(called advertisements). Each advertisement has at maximum 25 routes. Classful
protocol, doesnt support VLSM. RIPv2 supports VLSM.

53

11. RIP Operation Router sends update message to neighbors every 30 seconds. A router
expects to receive an update message from each of its neighbors within 180 seconds in
the worst case. If router doesnt receive update message from neighbor X within this
limit, it assumes the link to X has failed and sets the corresponding minimum cost to 16
(infinity).
- The routes through the neighbor are invalid.
- New advertisement is sent to the other neighbors.
- The neighbors send new advertisements (if there is change in their routing table)
Uses split horizon with poisoned reverse. Convergence speeded up by trigged updates.
Neighbors notified immediately of changes in distance vector table. Routing tables in RIP are
managed by an application process named route-d (daemon). Advertisements are sent in UDP
packets, which are periodically repeated.

54

12. RIP problems

- Count-to-infinity problem Simple configuration A->B->C fails; B needs to update thinks
there is a route through A. A needs to update and thinks there is a route thru B. No clear
solution, expect to set infinity to be small (ex. 16 in RIP). Split-horizon: If As route to C
is thru B, then A advertises Cs route (only to B) as infinity.
- May have slow convergence after topology change Due to count to infinity problem.
Also information cannot propagate thru node until it recalculates routing info.
- Black-holes If one node goes broke and advertises route of zero to several key
networks, all nodes immediately point to it.
- How to Install a fix in a distributed manner Require protocol to be self-stebilizing.
I.e. even if some nodes are faulty, once they are isolated, the system should quickly
return to normal operation.
- Broadcasts consume non-router resources.
- Doesnt support subnet masks (VLSMs)
- No authentication
- Router B advertises
192.168.3.0 to Router A
with a Metric of 1 Hop.
- Router A installs
192.168.3.0 in its table
with a Metric of 1.
Advertises with a Metric
of 2.
55

13. RIPv2
Provides:
-

VLSM support
Authentication
Multicasting
Tags to support EGP/BGP routes

Uses reserved fields in RIPv1 header. First route entry replaced by authentication info.

56

Exercise 9: Network layer

1. Link State Routing
Building Routing Tables
I.
II.
III.
IV.

Creation of the states of the links by each node, called the link state packet or LSP.
Dissemination of LSPs to every other router, called flooding, in efficient and reliable
way.
Formation of a shortest path tree for each mode
Calculation of a routing table based on the shortest path tree

Flooding of LSPs The creating node sends a copy of LSP out of each interface. A node that
receives an LSP compares it with the copy it may already have.
Sequence number of the copy > sequence number of the arrived LSP = discard the arrived LSP
Otherwise, Discard the old LSP and keeps the new one. Send a copy of it out of each interface
except the one from which the packet arrived.
2. RFC 2328 (v2). Fixes some of the deficiencies in RIP. Enables each router to learn
complete network topology. Each router monitors the link state to each neighbor and
floods the link-state information to other routers. Each router builds an identical linkstate database. Allows router to build shortest path tree with router as root. OSPF
typically converges faster than RIP when there is a failure in the network.
Three tables:

Neighbor
Topology (no gossiping)
Routing

3. OSPF Logic
I. Each router discovers its neighbors on each interface. The list of neighbors is kept in a
neighbor table.
II.
Each router uses a reliable protocol to exchange topology information with its
neighbors.
III.
Each router places the learned topology information in its topology database.
IV. Each router runs SPF algorithm against its own topology database to calculate the best
routes to each subnet in the database.
V. Each router places the best route to each subnet in the IP routing table.

57

RID Router ID, the name of the router. The highest physical IP address. Virtual IP address beat
physical IP addresses. Router ID command.
OSPF terminology:
-

RID router ID highest IP (virtual, physical)

DR designated router (highest priority, highest RID)
No. SPtree = No. areas for all interfaces
Metric = cost
Advertises list of connections
Multicast hellos

OSPF Features:
- Multiple routes to a given destination, one per type of service
- Support for variable-length subnetting by including the subnet mask in the routing
message
- Distribution of traffic over multiple paths of equal cost
- Authentication to ensure routers exchange information with trusted neighbors
- Uses notion of area to partition sites into subsets
- Designated router to minimize table maintenance ovverhead
At steady state All routers have same LS database. Know how many routers in network.
Interfaces & links between routers. Cost of each link (1-65.535) (CISCO -> 10^8 / bandwidth).
Occasional Hello messages (10 sec) & LS updates sent (30 min).
Metric OSPF protocol allows the administrator to assign a cost called the metric, to each
route. Base on a type of service (minimum delay, maximum throughput, and so on).
OSPF Network
- To improve scalability, AS may be partitioned into areas
o Area is identified by 32-bit Area ID
o Router in area only knows complete topology inside area & limits the flooding of
link-state information to area.
o Area border routers summarize information to areas
Each area must be connected to backbone area (area 0)
o Distributes routing info between areas
- Internal router (IR) has all links to nets within the same area
- Area border router (ABR) has links to more than one area
- Backbone router (BR) has links connected to the backbone
- Autonomous system boundary (ASB) router has links to another autonomous system

58

4. Neighbor, Adjacent & Designated Routers

- Neighbor routers: two routers that have interfaces to a common network. Neighbors
are discovered dynamically by Hello protocol
- Adjacent router: neighbor routers become adjacent when they synchronize topology
databases by exchange of link state information. Neighbors on point-to-point links
become adjacent. Routers on multi-access nets become adjacent only to designated &
backup designated routers. Reduces size of topological database & routing traffic.
- Designated router: Receives updates and distributes them to each segment router. DR
and BDR are elected on the basis of highest OSPF priority, and highest IP address.
Default priority is 1 and a priority of 0 prevents a router from being elected. DRs are
stable.
5. Becoming adjacent routers
- Send hello (R1 sends hello to R2) -> Down state
- Receive hello (R2 receives hello and checks the criterion). If the criterion are satisfied ->
Init state. Otherwise -> Down state
- Receive hello (r1 receives hello if criterion are satisfied) -> 2way state.
o Am I listed as a neighbor?
Yes reset Dead timer
No add R2 as a neighbor
- Master-slave -> ExStart state
o The highest router ID is the master. Master sends DD (DatabaseDescription).
Slave sends DD.
- DD acknowledges and reviewed -> Load state
o Slave sends LSR (LinkStateRequest); master sends LSU (LinkStateUpdate). Master
sends LSR; slave sends LSU
- Neighbors are synchronized -> Full state
Types of OSPF packets

59

6. Link State advertisements

- Link state info exchanged by adjacent routers to allow
o Area topology databases to be maintained
o Inter-area & inter-AS routers to be advertised
- Router link ad: generated by all OSPF routers. State of router links within area; flooded
within area only.
- Net link ad: generated by the designated router. Lists routers connected to net: flooded
within area only.
- Summary link ad: generated by area border routers. Routes to destination in other
areas. Routes to ASB routers.
- AS external link ad: generated by ASB routers. Describes routes to destinations outside
of OSPF network. Flooded in all areas in the OSPF network.
Types of links

7.
8.
-

OSPF Issues
Processor intensive
Flooding traffic
Complexity: Five messages (Hello, exchange, request, update and ack). A lot of code
Open shortest path first
Suited for large networks
High CPU and memory demands
OSPF Concepts
o Link, Link-state, Area, Cost, Adjacencies database, Topological database,
Designated router (Router election with router ID), Backup designated router
60

Exercise 10: Network layer

1. Summarization
- Summary routes. Group few neighbor subnets into one larger subnet with shorter
subnet mask. We need summarization for fewer records, faster search and less routes.
Auto-summarization is the summary to classful subnet mask (Class A - /8, Class B - /16
and Class C - /24). Only in the case of Distance Vector routing protocols. It is not
supported by Link-State routing protocols. The problems in auto-summarization are:
o Separated address space
o R1 has 2 networks from 172.30.0.0/16
o But R3 also has 2 networks from 172.30.0.0/16
o There is another classful address between R1-R3

- R1 will send to R2 information for the network 172.30.0.0/16 (HopCount=1)

- But R3 will also send to R2 information for the network 172.30.0.0/16 (HopCount=1)
- R2 will have 2 routes to 172.30.0.0/16 with the same metrics
o It will balance the load
o If we ping 172.30.1.0/24
Half of the requests will be send to R1. Response will be received.
Half of the requests will be send to R2. R2 will not send a response. It
doesnt know the network 172.30.1.0

61

62