Computer Networks (18EC71) Module 03

MODULE 3
SYLLABUS
Network Layer:
Introduction, Network Layer services: Packetizing, Routing and Forwarding, Other services,
Packet Switching: Datagram Approach, Virtual Circuit Approach, IPV4 Addresses: Address
Space, Classful Addressing, Classless Addressing, DHCP, Network Address Resolution,
Forwarding of IP Packets: Based on destination Address and Label. (18.1, 18.2, 18.4, 18.5.1,
18.5.2 of Text)
Network Layer Protocols:
Internet Protocol (IP): Datagram Format, Fragmentation, Options, Security of IPv4 Datagrams.
(19.1 of Text).
Unicast Routing:
Introduction, Routing Algorithms: Distance Vector Routing, Link State Routing, Path vector
routing. (20.1, 20.2 of Text).

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 1

Computer Networks (18EC71) Module 03

NETWORK-LAYER SERVICES
Introduction
The network layer in the TCP/IP protocol suite is responsible for the host-to-host delivery of
datagrams. It provides services to the transport layer and receives services from the data-link
layer. Fig.1 shows the communication between Alice and Bob at the network layer.

Fig.1 Communication at the network layer

As the fig.1 shows, the network layer is involved at the source host, destination host, and all
routers in the path (R2, R4, R5, and R7). At the source host (Alice), the network layer accepts
a packet from a transport layer, encapsulates the packet in a datagram, and delivers the packet
to the data-link layer. At the destination host (Bob), the datagram is decapsulated, and the
packet is extracted and delivered to the corresponding transport layer. Although the source and
destination hosts are involved in all five layers of the TCP/IP suite, the routers use three layers
if they are routing packets only.
NETWORK-LAYER SERVICES
• Packetizing
• Routing and Forwarding
• Other Services like i) Error Control ii) Flow Control iii) Congestion Control iv) Quality
of Service v) Security

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 2

Computer Networks (18EC71) Module 03

Packetizing:
The first duty of the network layer is definitely packetizing: encapsulating the payload in a
packet at the source and decapsulating the payload from the packet at the destination. In other
words, network layer is to carry a payload from the source to the destination without changing
it or using it. The source is not allowed to change the content of the payload unless it is too
large for delivery and needs to be fragmented. If the packet is fragmented at the source or at
routers along the path, the network layer is responsible for waiting until all fragments arrive,
reassembling them, and delivering them to the upper-layer protocol. The routers are not
allowed to change source and destination addresses either.
Routing and Forwarding
Routing:
The network layer is responsible for routing the packet from its source to the destination.
Generally, there is more than one route from the source to the destination. The network layer
is responsible for finding the best one among these possible routes. The network layer needs to
have some specific strategies for defining the best route. The routing protocols, should be run
before any communication occurs.
Forwarding:
Forwarding can be defined as the action applied by each router when a packet arrives at one of
its interfaces. A router normally uses forwarding table for applying this action is sometimes
called the routing table. To make decision, the router uses a piece of information in the packet
header, which can be the destination address or a label, to find the corresponding output
interface number in the forwarding table. Fig.2 shows the idea of the forwarding process in a
router.

Fig.2 Forwarding process

Other Services
Error Control Although error control also can be implemented in the network layer, the
designers of the network layer ignore this issue. One reason is the fact that the packet in the
network layer may be fragmented at each router, which makes error checking at this layer
inefficient. Although the network layer in the Internet does not directly provide error control,
the Internet uses an auxiliary protocol, ICMP, that provides some kind of error control.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 3

Computer Networks (18EC71) Module 03

Flow control: It regulates the amount of data a source can send without overwhelming the
receiver. To control the flow of data, the receiver needs to send some feedback to the sender to
inform the latter that it is overwhelmed with data. The network layer, however, does not directly
provide any flow control. The datagrams are sent by the sender when they are ready, without
any attention to the readiness of the receiver.
Congestion Control: Congestion in the network layer is a situation in which too many
datagrams are present in an area of the Internet. Congestion may occur if the number of
datagrams sent by source computers is beyond the capacity of the network or routers. In this
situation, some routers may drop some of the datagrams. However, as more datagrams are
dropped, the situation may become worse because, due to the error control mechanism at the
upper layers, the sender may send duplicates of the lost packets. If the congestion continues,
sometimes a situation may reach a point where the system collapses and no datagrams are
delivered.
Quality of Service: As the Internet has allowed new applications such as multimedia
communication the quality of service (QoS) of the communication has become more and more
important. However, to keep the network layer untouched, these provisions are mostly
implemented in the upper layer.
Security: Security was not a concern when the Internet was originally designed because it was
used by a small number of users at universities for research activities; other people had no
access to the Internet. The network layer was designed with no security provision. Today,
however, security is a big concern. To provide security for a connectionless network layer, we
need to have another virtual level that changes the connectionless service to a connection-
oriented service.

PACKET SWITCHING
A router, in fact, is a switch that creates a connection between an input port and an output port
(or a set of output ports), Just as an electrical switch connects the input to the output to let
electricity flow. Switching techniques are divided into two broad categories, circuit switching
and packet switching, only packet switching is used at the network layer because the unit of
data at this layer is a packet. Circuit switching is mostly used at the physical layer; A packet-
switched network can use two different approaches to route the packets:
1. Datagram Approach: Connectionless Service
When the network layer provides a connectionless service, each packet traveling in the
Internet is an independent entity; There is no relationship between packets belonging to the
same message. The switches in this type of network are called routers. A packet belonging
to a message may be followed by a packet belonging to the same message or to a different
message. Each packet is routed based on the information contained in its header: source
and destination addresses. The destination address defines where it should go; the source
address defines where it comes from.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 4

Computer Networks (18EC71) Module 03

A connectionless packet-switched network

Forwarding process in a router when used in a connectionless network

2. Virtual-Circuit Approach: Connection-Oriented Service

In a connection-oriented service (also called virtual-circuit approach), there is a
relationship between all packets belonging to a message. Before all datagrams in a
message can be sent, a virtual connection should be set up to define the path for the
datagrams. After connection setup, the datagrams can all follow the same path. In this
type of service, not only must the packet contain the source and destination addresses,
it must also contain a flow label. A flow label is a virtual circuit identifier that defines
the virtual path the packet should follow.

A virtual-circuit packet-switched network

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 5

Computer Networks (18EC71) Module 03

IPV4 ADDRESSES
The identifier used in the IP layer of the TCP/IP protocol suite to identify the connection of
each device to the Internet is called the Internet address or IP address. An IPv4 address is a 32-
bit address that uniquely and universally defines the connection of a host or a router to the
Internet.
The IP address is the address of the connection, not the host or the router, because if the device
is moved to another network, the IP address may be changed. IPv4 addresses are unique in the
sense that each address defines one, and only one, connection to the Internet.
Address Space
An address space is the total number of addresses used by the protocol. If a protocol uses b bits
to define an address, the address space is 2b because each bit can have two different values (0
or 1). IPv4 uses 32-bit addresses, which means that the address space is 232 or 4,294,967,296
(more than four billion). If there were no restrictions, more than 4 billion devices could be
connected to the Internet.
Notation
There are three common notations to show an IPv4 address:
➢ binary notation (base 2),
➢ dotted-decimal notation (base 256), and
➢ hexadecimal notation (base 16)

Three different notations in IPv4 addressing

Types of IPv4 Addressing Schemes

There are two types of IPv4 addressing schemes:
1) Classful Addressing
2) Classless Addressing
CLASSFUL ADDRESSING
IPv4 addressing uses the concept of classes. This architecture is called classful addressing.
Although this scheme is becoming obsolete, we briefly discuss it here to show the rationale
behind classless addressing.
• In classful addressing, the address space is divided into five classes: A, B, C, D, and E.
• Each class occupies some part of the address space.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 6

Computer Networks (18EC71) Module 03

• We can find the class of an address when given the address in binary notation or dotted-
decimal notation.
• If the address is given in binary notation, the first few bits can immediately tell us the
class of the address.
• If the address is given in decimal-dotted notation, the first byte defines the class. Both
methods are shown in Figure 19.2.

Classes and Blocks

One problem with classful addressing is that each class is divided into a fixed number of blocks
with each block having a fixed size as shown in Table 19.1.

Netid and Hostid

• In classful addressing, an IP address in class A, B, or C is divided into netid and hostid.

• These parts are of varying lengths, depending on the class of the address. Figure 19.2
shows some netid and hostid bytes.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 7

Computer Networks (18EC71) Module 03

• The netid is in color, the hostid is in white. Note that the concept does not apply to
classes D and E.
• In class A, one byte defines the netid and three bytes define the hostid.
• In class B, two bytes define the netid and two bytes define the hostid.
• In class C, three bytes define the netid and one byte defines the hostid.

Advantage of Classful Addressing Given an address, we can easily find the class of the
address and, since the prefix length for each class is fixed, we can find the prefix length
immediately. In other words, the prefix length in classful addressing is inherent in the address;
no extra information is needed to extract the prefix and the suffix.

CLASSLESS ADDRESSING
To overcome address depletion and give more organizations access to the Internet, classless
addressing was designed and implemented. In this scheme, there are no classes, but the
addresses are still granted in blocks.
Address Blocks
• In classless addressing, when an entity, small or large, needs to be connected to the
Internet, it is granted a block (range) of addresses.
• The size of the block (the number of addresses) varies based on the nature and size of
the entity. For example, a household may be given only two addresses; a large
organization may be given thousands of addresses. An ISP, as the Internet service
provider, may be given thousands or hundreds of thousands based on the number of
customers it may serve.
• The Internet authorities impose three restrictions on classless address blocks:
i. The addresses in a block must be contiguous, one after another.
ii. The number of addresses in a block must be a power of 2 (1, 2, 4, 8, ... ).
iii. The first address must be evenly divisible by the number of addresses.
Mask

A better way to define a block of addresses is to select any address in the block and the mask.
As we discussed before, a mask is a 32-bit number in which the n leftmost bits are 1s and the
32 - n rightmost bits are 0s.
• However, in classless addressing the mask for a block can take any value from 0 to 32.
It is very convenient to give just the value of n preceded by a slash (CIDR notation).
• In 1Pv4 addressing, a block of addresses can be defined as x.y.z.t/n in which x.y.z.t
defines one of the addresses and the /n defines the mask.
• The address and the /n notation completely define the whole block (the first address,
the last address, and the number of addresses).
• First Address: The first address in the block can be found by setting the 32 - n rightmost
bits in the binary notation of the address to 0s.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 8

Computer Networks (18EC71) Module 03

• Last Address: The last address in the block can be found by setting the 32 - n rightmost
bits in the binary notation of the address to 1s.
• Number of Addresses: The number of addresses in the block is the difference between
the last and first address. It can easily be found using the formula 𝟐𝟑𝟐−𝒏 .
Network Addresses
A very important concept in IP addressing is the network address. When an organization is
given a block of addresses, the organization is free to allocate the addresses to the devices that
need to be connected to the Internet.
• The first address in the class, however, is normally (not always) treated as a special
address. The first address is called the network address and defines the organization
network.
• It defines the organization itself to the rest of the world. Usually the first address is the
one that is used by routers to direct the message sent to the organization from the
outside.
DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP)
The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used
on Internet Protocol (IP) networks for automatically assigning IP addresses and other
communication parameters to devices connected to the network using a client–
server architecture.
DHCP provides a temporary IP address for a limited period of time DHCP has two databases.
First one has static bindings for physical addresses (MAC) with IP addresses. Second one has
a list of available IP addresses that may be assigned for a period of time. Client request to
DHCP server causes server to see if MAC is in static database. If so assign the static IP entry
to client. If not, choose from available pool. Assigned addresses are temporary (leased). When
client’s lease expires, must renew or stop using.
DHCP Message Format
The general format of the DHCP message in Figure 18.25.

Figure 18.25 DHCP message format

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 9

Computer Networks (18EC71) Module 03

Operation Code: One byte field defines type of DHCP packet: Request = 1, Reply = 2
Hardware Type: One byte field defining physical network: Ethernet = 1
Hardware Length: One byte field specifying length of physical address: Ethernet = 6
Hop Count: One byte field maximum hops packet can go. Client sets this to 0
Transaction ID: Four Byte field used by client to make sure server is talking to this client and
not another simultaneous request’s response
Number of seconds: two-byte field number of seconds since client became alive
Flag: One bit flag allows client to force server to broadcast reply instead of sending reply to a
specific IP address. If client does not know its IP address yet, it wants a broadcast reply from
server.
Client IP address: Four byte field of client’s IP address. If unknown is zero.
Your IP address: Four byte field server fills in to tell client the clients IP address
Server IP address: four byte field. Server responding fills in it’s own IP
Gateway IP Address: Four byte field containing IP address of router (filled in by server)
Client Hardware Address: In our case 6 byte Ethernet MAC of client sending. Can get this
from Ethernet frame source MAC but this makes life easy for lazy server.
Server Name: Optional 64-byte field filled in by server contains the domain name of the server
Boot File Name: Optional 128-byte field filled in by server containing full pathname for boot
file when legacy BOOTP protocol is being used instead of DHCP. DHCP is backward
compatible with BOOTP (Aside: Bootstrap Protocol provides IP address, subnet mask, IP
address of a router, IP address of a name server to a diskless computer).
Option: Optional 64-byte field. Options consist of three fields: One byte Tag field, One byte
length field for just this particular option, a variable length value field.

DHCP OPERATION:
1) Client broadcasts on 255.255.255.255 a DHCPDISCOVER message using destination
server port 67.
2) Server(s) respond with DHCPOFFER message. Contains IP address, duration of lease
which by default is one hour.If client does not receive a DHCPOFFER, attempts again
up to 4 more attempts in two second intervals, then waits 5 minutes to try again.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 10

Computer Networks (18EC71) Module 03

3) Client chooses one of the offers and sends DHCPREQUEST to the selected server.
4) Server responds with DHCPACK and creates a binding between MAC address and the
IP address offered. Client has rights to that IP address until lease expires.
5) At the 50% of lease period expiration time, client sends a DHCPREQUEST to request
renewal.
6) If server responds with DHCPACK, client is good to go and resets client timer. If server
denies request with DHCPNACK, client must immediately stop using that IP address
and try to find another server.
7) If no server responds with anything in step 6, client sends another DHCPREQUEST at
87.5% time of the original lease.
8) If no server response, client uses IP until lease time expires and then starts from scratch.
Client sends DHCPRELEASE message to the mean server.
Aside: Server cannot initiate early lease termination unless client sends a DHCPREQUEST
DHCP TRANSITION DIAGRAM

NETWORK ADDRESS TRANSLATION (NAT)

Network Address Translation (NAT) is a method of mapping the private IP address of a

private network to the public IP address of the global network and vice versa. With this
method, the local host in a private network can access the internet. NAT is used at the routers
as they help the router to identify that to which localhost the message is to be forwarded.
Introduction

The Internet Service Provider (ISP) provides a variable block of IPv4 addresses to the
midsize organization or home users. Now, what if the organization grows and requires a large

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 11

Computer Networks (18EC71) Module 03

block of addresses or the number of devices accessing the internet increased at home? It would
be impossible for the ISP to fulfil the increased demand for addresses. This is because the range
of addresses before the allocated range and the range of addresses after the allocated range may
be assigned to other small organizations.

Now, the question arises how to fulfil this increased demand for addresses?

Here, the role of Network Address Translation (NAT) is introduced. In the situation
discussed above, such midsize organization or home users can have several private
IP addresses for a large set of devices/computer to allows internal communication whereas,
few devices/computers are provided with the public addresses for global communication.

Private IP addresses need to be unique inside the organization. No matter if they are not unique
globally as everyone is aware that there are three blocks of addresses which are reserved for
private networks. The users can use private IP addresses without the permission of Internet
authorities. The private IP addresses are not routable means any router will not forward the
packet having private addresses in its destination address field.

Address Translation

If the computer or a device with private IP address wants to communicate with the outside
world, it would connect to the NAT capable router with the public IP address and here, the
address translation takes place. In the address translation, a private IP address is mapped to the
public IP address and the request is forwarded to the (destination) outside world.

How Does NAT Work?

Consider a small private network of a home having four devices i.e. 1 laptop, 1 desktop, 1 tablet
and one Smartphone, in its network. As all these devices are the local host they are provided
private IP addresses and all these devices are connected to a NAT router with a public IP
address.

Now suppose, if the tablet user at home network wants the information regarding today’s
news. As you can see in the image below, it would send this request to the server in the outside

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 12

Computer Networks (18EC71) Module 03

world with a public IP address, which would have this information. The server would create a
reply packet with the information of today’s new. The reply packet will have source as server
IP address and destination as tablets private IP address and as we know the private IP
address is not routable. The Tablet would never receive the reply as no router will forward this
packet to the table.

Solution

NAT router analyzes the request packet sent from a tablet which has tablets private IP address
in its source field and servers public IP address in destination fields. NAT router put the source
private IP address in private IP address column of translation table the destination (server)
address in public IP address column. NAT router replaces the source private address with
the NAT public IP address as you can see in the image below.

The destination server receives the request packet now, with the NAT routers public IP address
as the source address. So, when the server prepares the reply it puts the NAT routers public
IP address in the destination address field and its own global IP address in
the source address field of the reply packet.

Now, as the reply packet has the public IP address in its destination address field so, it would
route the packet to the destination NAT router. The NAT router analyses the reply packet which
has source address as server’s address. The NAT router then remaps the servers public IP
address to the tablet’s private IP address with the help of translation table using the source
address field of the received packet and send the reply packet to the corresponding private IP
address.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 13

Computer Networks (18EC71) Module 03

This is how a local host in the private network, communicates with the devices with global
addresses.

FORWARDING OF IP PACKETS
Forwarding of packets means to place the packet in its route to its destination. Since the Internet
today is made of a combination of links (networks), forwarding means to deliver the packet to
the next hop (which can be the final destination or the intermediate connecting device).
When IP is used as a connectionless protocol, forwarding is based on the destination address
of the IP datagram; when the IP is used as a connection-oriented protocol, forwarding is based
on the label attached to an IP datagram.
Forwarding Based on Destination Address
Packet forwarding based on the destination address requires the source host and routers in the
path of the packet to have the routing table. Whenever the host is ready with the packet to be
sent or the router receives a packet to forward it to the next router or the destination host, they
look up the routing table to decide the route of the packet toward the destination host.

But nowadays Internet has grown too far, so many entries in routing make the table lookup
inefficient. There are several techniques to minimize the size of the routing table and also
manage the security of the routing table.

Forwarding Techniques

1. Next-Hop Method

The next-hop method minimizes the size of the routing table by just keeping the details of
the next hop or next router in the path of the packet. Here the routing table does not involve
the information about the entire route the packet has to follow.

2. Network-Specific Method

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 14

Computer Networks (18EC71) Module 03

Here the routing table does not have an entry for all the destination hosts in the network
connected to the router. Instead, it has an entry of the destination networks itself connected to
the router.

3. Host-Specific Method

It is the reverse of the network-specific method. Here the routing table has an entry for all the
destination hosts in the destination network. It reduces the efficiency of the routing table as the
size of the routing table is increased. It is usually used for checking the routes and for security
purposes.

4. Default Method

Consider the situation that a host in a network N1 is connected to two routers where one router
R1 is connected to the network N2 and another router R2 connects it to the rest of the internet.
So here the routing table has only one entry for the router R2 as a default entry.

PACKET FORWARDING PROCESS

1. Forwarding with Classful Addressing

In classful addressing the entire address, space is divided into classes we have studied this in
our previous content classful addressing. The classful addressing has a default mask which
makes the packet forwarding easier. We will see packet forwarding in classful addresses with
and without subnetting.

a. Forwarding without Subnetting

Routers on the global Internet using classful addressing do not perform subnetting. Usually,
subnetting is performed inside an organization. Packet forwarding module where subnetting is
not involved includes three tables where each table represents a unicast class (A, B, C).

If the routers of the global internet support multicasting a new table is added to handle the class
D address. With the different routing tables for each class searching the routing table for next-
hop becomes easier. Let us see the structure of the routing table.

In the points below we will discuss the columns of the routing table:

• The first column is the network address which defines the address of the network to
which the destination host belongs.
• The second column is of next-hop which specifies the address of the next router in the
path of the packet if it is an indirect delivery. In case it is the direct delivery the next-
hop column is empty.
• The third column specifies the interface number. The router has many outgoing ports,
where each outgoing port connects the router to a different port. Each connection has a
different numbered port which we refer to as interface number.

The following steps describe the forwarding module that is used to forward packets in the
classful addressing where subnetting is not involved.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 15

Computer Networks (18EC71) Module 03

1. From the packets header, the destination address is determined.

2. The destination address is used to determine the class of the address.
3. After identifying the class of the address, the destination address and class are
combinedly used to extract the network address.
4. Now the class of the destination address is used to decide which table among the three
must be referred and the network address extracted is used to determine the next-hop
and interface number.
5. The next-hop (logical address of next router) and interface number are provided to ARP
to determine the physical address of the next router.

b. Forwarding with Subnetting

Subnetting always happens inside the organization and the routers handling the subnetting are
either at the boundary of the organization or just inside the border of the organization.

If the variable length subnetting is used then several routing tables will be used else only one
routing table will do the work. For the fixed-length subnetting the following steps are used to
forward the packet.

1. First, the destination address is extracted from the packet’s header.

2. If the extracted destination address goes with any of the host addresses in the table, then
the destination address and the mask are used together to determine the subnet address.
3. Using subnet address as index the next-hop and interface number are determined.
4. The next-hop address and the interface number are provided to the ARP protocol to
determine the physical address of the next hop.

2. Forwarding with Classless Addressing

In the classless addressing, there is no division of address space into the classes. We have
studied classless addressing, in our previous content classless addressing So, the address of the
destination does not provide any information about the destination network. To overcome this
issue, we require masking.

So, the routing table of in-classless addressing requires one more column as compared to
classful addressing i.e., mask column.

a. Address Aggregation

Address Aggregation is similar to subnetting. A set of addresses or a block of addresses are

summarized in the routing entries to minimize the size of the routing table.

b. Longest Mask Matching

The longest mask matching helps the IP router to select an entry from the routing table. An
entry in the routing table may specify a subnetwork. In this case, a destination address may do
with more entries. Among these entries, the entry with the longest subnet mask is the most
specific one. An this is called longest mask matching.

c. Hierarchical Routing

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 16

Computer Networks (18EC71) Module 03

To reduce the size of the routing table, a hierarchy can be implemented in the routing table.
Hierarchical routing is achieved by organizing routers in some hierarchy. This reduces the
complexity of the network and even increases the routing efficiency.

d. Geographical Routing

To further minimize the size of the routing table, above hierarchical routing, geographical
routing must be practiced. The geographical routing divides the entire space in the world into
few large blocks. For example, we divide the space into blocks such as America, Africa, Asia,
Europe, and so on.

In this case, there will be only one entry for Asia, one entry for Europe, one for America, and
so on in the routing table.

Forwarding Based on Label

To send IP packets in a connection-oriented fashion the routing was replaced by the switching.
We had studied the switching process in our earlier content IP Over ATM.

In routing, the destination address present in the header of the packet is used to forward the
packet. In the switching process, the switch forwards the packet by analyzing the label attached
to it. The label contains the identifiers that define which specific virtual path and virtual circuit
the packet has to follow.

1. Multiprotocol Label Switching

During 1980 most of the vendors were launching the routers with switching technology.
Considering this a new protocol was approved which is multi-protocol label switching (MPLS).
This packet forwarding technology uses the label to forward the packet.

The MPLS protocol can convert the routing network to an appropriate switching network. So,
when required the MPLS router can forward the packet using the destination address and when
required it can forward the packet based on the label attached to it.

2. Hierarchical Switching

A packet can have stacks of labels for this the MPLS protocol allows hierarchical switching
which is similar to hierarchical routing. The top label of the packet is used to route the packet
outside the enterprise and the bottom label is used to route the packet inside the enterprise to
reach the destination subnet.

So, this is all about packet forwarding, we have seen how this is done using a destination
address or a label attached to the packet

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 17

Computer Networks (18EC71) Module 03

NETWORK LAYER PROTOCOLS

INTERNET PROTOCOL (IP)

The network layer in version 4 can be thought of as one main protocol and three auxiliary ones
as shown in Fig 4.1.
• The main protocol, Internet Protocol version 4 (IPv4), is responsible for packetizing,
forwarding, and delivery of a packet at the network layer.
• The Internet Control Message Protocol version 4 (ICMPv4) helps IPv4 to handle some
errors that may occur in the network-layer delivery.
• The Internet Group Management Protocol (IGMP) is used to help IPv4 in multicasting.
• The Address Resolution Protocol (ARP) is used to glue the network and data-link layers
in mapping network-layer addresses to link-layer addresses.

Fig 4.1 Position of IP and other network-layer protocols in TCP/IP protocol suite

IPV4 DATAGRAM FORMAT

The Internet Protocol version 4 (IPv4) is the delivery mechanism used by the TCP/IP
protocols. Packets used by the IP are called datagrams. A datagram is a variable-length
packet consisting of two parts: header and payload (data). The header is 20 to 60 bytes in
length and contains information essential to routing and delivery.

Fig 4.2: IPv4 Datagram

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 18

Computer Networks (18EC71) Module 03

The operation of IPv4 header fields are

➢ Version Number(VER): The 4-bit version number (VER) field defines the version
of the IPv4 protocol, which has the value of 4.
➢ Header Length (HLEN): This 4-bit field defines the total length of the datagram
header in 4-byte words. This field is needed because the length of the header is
variable (between 20 and 60 bytes).
➢ Service Type: This field was referred to as type of service (TOS), which defined
how the datagram should be handled. The first 3 bits tell the precedence, and the
next 4 bits tell the type of service, and the last bits are not used. The 4 bits of services
define the delay, throughput, reliability, cost.

TOS
D: Minimize Delay T: Maximize Throughput MEANING
CODE
R: Maximize Reliability C: Minimize Cost 1000 Minimum Delay(D)
0100 Maximum throughput(T)
0010 Maximum Reliability(R)
0001 Minimum monetary cost(C)
0000 Normal Service
1100 Invalid

➢ Total Length: The total length field defines the total length of the datagram including
the header. This 16-bit field defines the total length (header plus data) of the IP
datagram in bytes. A 16-bit number can define a total length of up to 65,535 (when all
bits are 1s). However, the size of the datagram is normally much less than this. This
field helps the receiving device to know when the packet has completely arrived.
➢ Identification, Flags, and Fragmentation Offset: These three fields are related to
the fragmentation of the IP datagram when the size of the datagram is larger.
➢ Time-to-live: Due to some malfunctioning of routing protocols a datagram may be
circulating in the Internet, visiting some networks over and over without reaching
the destination. This may create extra traffic in the Internet. The time-to-live (TTL)
field is used to control the maximum number of hops (routers) visited by the
datagram. When a source host sends the datagram, it stores a number in this field.
This value is approximately two times the maximum number of routers between
any two hosts. Each router that processes the datagram decrements this number by
one. If this value, after being decremented, is zero, the router discards the datagram.
➢ Protocol:. When the payload is encapsulated in a datagram at the source IP, the
corresponding protocol number is inserted in this field; when the datagram arrives
at the destination, the value of this field helps to define to which protocol the
payload should be delivered. In other words, this field provides multiplexing at the
source and demultiplexing at the destination.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 19

Computer Networks (18EC71) Module 03

➢ Header checksum: IP is not a reliable protocol; it does not check whether the
payload carried by a datagram is corrupted during the transmission. IP puts the
burden of error checking of the payload on the protocol that owns the payload, such
as UDP or TCP. The datagram header, however, is added by IP, and its error-
checking is the responsibility of IP. Errors in the IP header can be a disaster.
• For example, if the destination IP address is corrupted, the packet can be
delivered to the wrong host.
• If the protocol field is corrupted, the payload may be delivered to the wrong
protocol.
• If the fields related to the fragmentation are corrupted, the datagram cannot
be reassembled correctly at the destination, and so on. For these reasons, IP
adds a header checksum field to check the header, but not the payload.
➢ Source and Destination Addresses: These 32-bit source and destination address
fields define the IP address of the source and destination respectively.
➢ Options: A datagram header can have up to 40 bytes of options. Options can be
used for network testing and debugging. Although options are not a required part
of the IP header, option processing is required of the IP software.
➢ Payload: Payload is the packet coming from other protocols that use the service of
IP.

FRAGMENTATION AND MAXIMUM TRANSFER UNIT:

When a datagram is encapsulated in a frame, the total size of the datagram must be less
than maximum size of frame format in the link layer protocol. The value of the MTU differs
from one physical network protocol to another.

Fig. Maximum transfer unit (MTU)

In IP protocol maximum length of the IP datagram equal to 65,535 bytes to make transmission more
efficient. for other physical networks, we must divide the datagram to make it possible for it to pass
through these networks. This is called fragmentation.

A datagram may be fragmented several times before it reaches the final destination.
Fields Related to Fragmentation:
There are three fields in an IP datagram are related to fragmentation: identification, flags,
and fragmentation offset.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 20

Computer Networks (18EC71) Module 03

Identification field: The 16-bit identification field identifies a datagram originating from
the source host. The identification number helps the destination in reassembling the
datagram. It knows that all fragments having the same identification value should be
assembled into one datagram.
Flag field: The 3-bit flags field defines three flags. The leftmost bit is reserved (not used).
The second bit (D bit) is called the do not fragment bit. If its value is 1, the machine must
not fragment the datagram. If its value is 0, the datagram can be fragmented if it’s
necessary. The third bit (M bit) is called the more fragment bit. If its value is 1, it means
the datagram is not the last fragment; there are more fragments after this one. If its value is
0, it means this is the last or only fragment.
R D M
R: Reserved, D: Do not Fragment and M More fragment.

Fragmentation Offset: The 13 bit fragmentation offset field helps the destination device
to place the fragments in the proper sequence to build the original packet. The
fragmentation offset for the 1st fragment is always zero(0). The field is 13 bit wide, so the
offset can be from 0 to 8191. Fragments are specified in units of 8 bytes.

Fragmentation example

Detailed fragmentation example

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 21

Computer Networks (18EC71) Module 03

OPTIONS
The header of the IPv4 datagram is made of two parts: a fixed part and a variable part. The
fixed part is 20 bytes long and was discussed in the previous section. The variable part
comprises the options that can be a maximum of 40 bytes (in multiples of 4-bytes) to
preserve the boundary of the header. Options, as the name implies, are not required for a
datagram. They can be used for network testing and debugging.
Types of options:

Figure 4.10: Classification of Options

1) Single-Byte Options: There are two single-byte options.

a) No Operation: A no-operation option is a 1- byte option used as a filler
between options.
b) End of Option: An end-of-option option is a 1-byte option used for padding
at the end of the option field. It, however, can only be used as the last option.
2) Multliple-Byte Options: There are four multiple-byte options.
a) Record Route: A record route option is used to record the Internet routers that
handle the datagram. It can list up to nine router addresses. It can be used for
debugging and management purposes.
b) Strict Source Route: A strict source route option is used by the source to
predetermine a route for the datagram as it travels through the Internet. Here, the
sender can choose a route with a specific type of service, such as minimum delay
or maximum throughput. Alternatively, it may choose a route that is safer or more
reliable for the sender’s purpose.
c) Loose Source Route: A loose source route option is similar to the strict source
route, but it is less rigid. Each router in the list must be visited, but the datagram
can visit other routers as well.
d) Timestamp: A timestamp option is used to record the time of datagram processing
by a router. The time is expressed in milliseconds.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 22

Computer Networks (18EC71) Module 03

SECURITY OF IPV4 DATAGRAMS

There are three security issues IP protocol: packet sniffing, packet modification, and IP
spoofing.
Packet Sniffing: An intruder may intercept an IP packet and make a copy of it. Packet
sniffing is a passive attack, in which the attacker does not change the contents of the
packet. This type of attack is very difficult to detect because the sender and the receiver
may never know that the packet has been copied. Although packet sniffing cannot be
stopped, encryption of the packet can make the attacker’s effort useless. The attacker
may still sniff the packet, but the content is not detectable.
Packet Modification: The attacker intercepts the packet, changes its contents, and
sends the new packet to the receiver. The receiver believes that the packet is coming
from the original sender. This type of attack can be detected using a data integrity
mechanism.
IP Spoofing: IP spoofing is the creation of Internet Protocol (IP) packets which have a
modified source address in order to either hide the identity of the sender, to impersonate
another computer system, or both.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 23

Computer Networks (18EC71) Module 03

ROUTING ALGORITHMS
In unicast routing, a packet is routed, hop by hop, from its source to its destination by the
help of forwarding tables. The source host needs no forwarding table because it delivers its
packet to the default router in its local network.
The destination host needs no forwarding table because it receives the packet from its default
router in its local network.
Routing a packet from its source to its destination means routing the packet from a source
router to a destination router.
Least-Cost Routing
When an internet is modelled as a weighted graph, one of the ways to interpret the best route
from the source router to the destination router is to find the least cost between the two.
That is, the source router chooses a route to the destination router in such a way that the total
cost for the route is the least cost among all possible routes.
In Figure (below) the best route between A and E is A-B-E, with the cost of 6. This means
that each router needs to find the least-cost route between itself and all the other routers to
be able to route a packet towards the destination.

Fog. 20.1 An internet and its graphical representation

If there are N routers in an internet, there are (N - 1) least-cost paths from each router to any
other router. This means we need N  (N - 1) least-cost paths for the whole internet. For
example, If we have only 10 routers in an internet, we need 90 least-cost paths. A least-cost
tree is a tree with the source router as the root that spans the whole graph (visits all other
nodes) and in which the path between the root and any other node is the shortest. In this way,
we can have only one shortest-path tree for each node; we have N least cost trees for the
whole internet. Figure (below) shows the seven least-cost trees for the internet.

Least-cost trees for nodes in the internet of Figure 20.1

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 24

Computer Networks (18EC71) Module 03

1) The least-cost route from X to Y in X’s tree is the inverse of the least-cost route from
Y to X in Y’s tree; the cost in both directions is the same. For example, in Figure, the
route from A to F in A’s tree is (A - B- E- F), but the route from F to A in F’s tree is
(F - E- B- A), which is the inverse of the first route. The cost is 8 in each case.
2) Instead of travelling from X to Z using X’s tree, we can travel from X to Y using X’s
tree and continue from Y to Z using Y’s tree
For example, in Figure, we can go from A to G in A’s tree using the route (A - B- E
- F - G). We can also go from A to E in A’s tree (A - B- E) and then continue in E’s
tree using the route (E - F- G). The combination of the two routes in the second case
is the same route as in the first case. The cost in the first case is 9; the cost in the
second case is also 9 (6 + 3).

Routing algorithms are meant for determining the routing of packets in a node. Routing
algorithms are classified as- (i)
(Explain Distance vector routing using a Bellman Ford Algorithm providing a suitable
illustration.)
DISTANCE-VECTOR ROUTING
In distance-vector routing, a router continuously tells all of its neighbours what it knows about
the whole internet. Bellman-Ford Equation In distance-vector routing Bellman-Ford equation
is used to find the least cost (shortest distance) between a source node, x, and a destination
node, y, through some intermediary nodes (a, b, c,   ) when the costs between the source and
the intermediary nodes and the least costs between the intermediary nodes and the destination
are given. The following shows the general case in which Dij is the shortest distance and cij is
the cost between nodes i and j.

𝑫𝒙𝒚 = 𝐦𝐢𝐧⁡{(𝒄𝒙𝒂 + 𝑫𝒂𝒚 ), (𝒄𝒙𝒃 + 𝑫𝒃𝒚 ), (𝒄𝒙𝒄 + 𝑫𝒄𝒚 ), … . . }

In distance-vector routing, we want to update an existing least cost with a least cost through an
intermediary node, such as z, ie, if the intermediate node is shorter. In this case, the equation
can be written as:

𝑫𝒙𝒚 = 𝐦𝐢𝐧⁡{(𝒄𝒙𝒛 + 𝑫𝒛𝒚 )}

Graphical idea behind Bellman-Ford equation

Fig. Graphical idea behind Bellman-Ford equation

Bellman-Ford equation help us to build a new least-cost path from previously established least-
cost paths.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 25

Computer Networks (18EC71) Module 03

In the Figure (above), we can think of (a-y),(b-y), and (c-y) as previously established least-cost
paths and (x-y) as the new least-cost path.
We can even think of this equation as the builder of a new least-cost tree from previously
established least-cost trees if we use the equation repeatedly.
Distance Vectors
The concept of a distance vector is the reason for the name distance-vector routing. A least-
cost tree is a combination of least-cost paths from the root of the tree to all destinations.
Figure shows the tree for node A in the internet in Figure and the corresponding distance vector.
A distance vector does not give the path to the destinations as the least-cost tree does; it gives
only the least costs to the destinations.
Note that the name of the distance vector defines the root, the indexes define the destinations,
and the value of each cell defines the least cost from the root to the destination.

The distance vector corresponding to a tree

Each node in an internet, when it starts its function, creates a very basic distance vector with
the minimum information the node can obtain from its neighbourhood. The node sends some
greeting messages out of its interfaces and discovers the identity of the immediate neighbours
and the distance between itself and each neighbour. It then makes a simple distance vector by
inserting the discovered distances in the corresponding cells and leaves the value of other cells
as infinity.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 26

Computer Networks (18EC71) Module 03

The first distance vector for an internet

Description of above diagram

Consider (For example), Node A thinks that it is not connected to node G because the
corresponding cell shows the least cost of infinity.
To improve these vectors, the nodes in the internet need to help each other by exchanging
information. After each node has created its vector, it sends a copy of the vector to all its
immediate neighbours. After a node receives a distance vector from a neighbor, it updates its
distance vector using the Bellman-Ford equation (second case).
The figure(below) shows two asynchronous events, happening one after another with some
time in between.
In the first event, node A has sent its vector to node B. Node B updates its vector using the cost
cBA= 2. In the second event, node E has sent its vector to node B. Node B updates its vector
using the cost cEA= 4.
After the first event, node B has one improvement in its vector: its least cost to node D has
changed from infinity to 5 (via node A). After the second event, node B has one more
improvement in its vector; its least cost to node F has changed from infinity to 6 (via node E).
By exchanging the vectors, we can stabilize the system and allows all nodes to find the ultimate
least cost between themselves and any other node.
After updating a node, it immediately sends its updated vector to all neighbors.

Updating distance vectors

LINK-STATE ROUTING
(Explain Link state routing (Dijkstra Algorithm) Algorithm)
A routing algorithm that directly creates least-cost trees and forwarding tables is linkstate (LS)
routing. This method uses the term link-state to define the characteristic of a link (an edge) that
represents a network in the internet.
Link-State Database (LSDB)

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 27

Computer Networks (18EC71) Module 03

To create a least-cost tree with this method, each node needs to have a complete map of the
network, which means it needs to know the state of each link. The collection of states for all
links is called the link-state database (LSDB). This method is called flooding ( all nodes are
sharing data at a time).
Example for LSDB

Example of a link-state database

Each node can send some greeting messages to all its immediate neighbors (those nodes to
which it is connected directly) to collect two pieces of information for each neighboring node:
the identity of the node and the cost of the link.
The combination of these two pieces of information is called the LS packet (LSP); the LSP is
sent out of each interface, as shown in Figure . When a node receives an LSP from one of its
interfaces, it compares the LSP with the copy it may already have. If the newly arrived LSP is
older than the one it has (found by checking the sequence number),it discards the LSP. If it is
newer or the first one received, the node discards the old LSP (if there is one) and keeps the
received one. It then sends a copy of it out of each interface except the one from which the
packet arrived. This guarantees that flooding stops somewhere in the network (where a node
has only one interface).
After receiving all new LSPs, each node creates the comprehensive LSDB as shown in
Figure(below). This LSDB is the same for each node and shows the whole map of the internet.
In other words, a node can make the whole map if it needs to, using this LSDB.

LSPs created and sent out by each node to build LSDB

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 28

Computer Networks (18EC71) Module 03

Note: In the distance-vector routing algorithm, each router tells its neighbors what it knows
about the whole internet; in the link-state routing algorithm, each router tells the whole internet
what it knows about its neighbors.
Formation of Least-Cost Trees
To create a least-cost tree for itself, using the shared LSDB, each node needs to run the famous
Dijkstra Algorithm.
This algorithm uses the following steps:
1. The node chooses itself as the root of the tree, creating a tree with a single node, and
sets the total cost of each node based on the information in the LSDB.
2. The node selects one node, among all nodes not in the tree, which is closest to the root,
and adds this to the tree. After this node is added to the tree, the cost of all other nodes
not in the tree needs to be updated because the paths may have been changed.
3. The node repeats step 2 until all nodes are added to the tree.
Explain Path vector routing algorithm using spanning trees for the following internet.

PATH-VECTOR ROUTING:
Both link-state and distance-vector routing are based on the least-cost. However, in some cases
the least cost is not the priority. Sometimes we need to choose a path which has high security.
This option is not available in least cost routing. In least cost routing we cant choose a path
with more security. To fulfil these demands, a third routing algorithm called path vector routing
has been implemented.
SPANNING TREES
In path-vector routing, the path from a source to all destinations is also determined by
the best spanning tree. The best spanning tree is not the least-cost tree; it is the tree
determined by the source when it imposes its own policy. If there is more than one route
to a destination, the source can choose the route that meets its policy best. A source
may apply several policies at the same time. One of the common policies uses the
minimum number of nodes to be visited (something similar to least-cost). Another
common policy is to avoid some nodes as the middle node in a route.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 29

Computer Networks (18EC71) Module 03

Fig. 1) Spanning trees in path-vector routing

Fig. 1)shows a small internet with only five nodes. Each source has created its own spanning
tree that meets its policy. The policy imposed by all sources is to use the minimum number of
nodes to reach a destination. The spanning tree selected by A and E is such that the
communication does not pass-through D as a middle node. Similarly, the spanning tree selected
by B is such that the communication does not pass-through C as a middle node.
Creation of Spanning tree:
The spanning trees are made, gradually and asynchronously, by each node. When a node is
booted, it creates a path vector based on the information it can obtain about its immediate
neighbor. A node sends greeting messages to its immediate neighbors to collect these pieces of
information. Fig. 2 shows all of these path vectors for our internet in Fig.1).
Each node, after the creation of the initial path vector, sends it to all its immediate neighbors.
Each node, when it receives a path vector from a neighbor, updates its path vector using an
equation similar to the Bellman-Ford, but applying its own policy instead of looking for the
least cost. We can define this equation as

Fig. 2) Path vectors made at booting time

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 30

Computer Networks (18EC71) Module 03

Fig. 3) Updating path vectors

Fig.3) shows the path vector of node C after two events. In the first event, node C receives
a copy of B’s vector, which improves its vector: now it knows how to reach node A. In the
second event, node C receives a copy of D’s vector, which does not change its vector. As
a matter of fact, the vector for node C after the first event is stabilized and serves as its
forwarding table.

Dept. Of ECE, Ghousia College of Engineering. Prof. Nadeem Pasha 31