UNIT-4

The Network Layer & Internet Working

Introduction:
The network layer is the third level of the Open Systems Interconnection Model (OSI Model) and the layer
that provides data routing paths for network communication. Data is transferred in the form of packets via logical
network paths in an ordered format controlled by the network layer.

The network layer is considered the backbone of the OSI Model. It selects and manages the best logical
path for data transfer between nodes. This layer contains hardware devices such as routers, bridges, firewalls and
switches, but it actually creates a logical image of the most efficient communication route and implements it with a
physical medium. Network layer protocols exist in every host or router. The router examines the header fields of
all the IP packets that pass through it. Internet Protocol and Netware IPX/SPX are the most common protocols
associated with the network layer.

In the OSI model, the network layer responds to requests from the layer above it (transport layer) and
issues requests to the layer below it (data link layer).

Functionalities of network layer:

• Internetworking one of the main responsibilities of network layer is to provide internetworking between
different networks. It provides logical connection between different types of network. It is because of this
layer, we can combine various different networks to form a bigger network.
• Logical Addressing Large number of different networks can be combined together to from bigger
networks or internetwork. In order to identify each device on internetwork uniquely, network layer defines
an addressing scheme. Such an address distinguishes each device uniquely and universally.
• Routing: When independent networks or links are combined together to create internet works, multiple
routes are possible from source machine to destination machine. The network layer protocols determine
which route or path is best from source to destination. This function of network layer is known as routing.
• Packetizing the network layer receives the data from the upper layers and creates its own packets by
encapsulating these packets. The process is known as packetizing. This packetizing in done by Internet
Protocol (IP) that defines its own packet format.
• Fragmentation means dividing the larger packets into small fragments. For this, network layer divides the
large packets into fragments so that they can be easily sent on the physical medium
Design issues of network layer: These issues include the service provided to the transport layer and the
internal design of the network.

1. Store-and-Forward Packet Switching: Packet switching can be used as an alternate to circuit switching. In the
packet switched networks, data is sent in discrete units that have variable length. They are called as packets. There
is a strict upper bound limit on the size of packets in a packet switch network. The packet contains data and various
control information. The packet switched networks allow any host to send data to any other host without reserving
the circuit. Multiple paths between a pair of sender and receiver may exist in a packet switched network.
One path is selected between source and destination. Whenever the sender has data to send, it converts
them into packets and forwards them to next computer or router. The router stores this packet till the output line is
free. Then, this packet is transferred to next computer or router (called as hop). This way, it moves to the
destination hop by hop. All the packets belonging to a transmission may or may not take the same route. The route
of a packet is decided by network layer protocols.

Fig 5-1 this equipment is used as follows. A host with a packet to send transmits it to the nearest router, either on
its own LAN or over a point-to-point link to the ISP.The packet is stored there until it has fully arrived and the link
has finished its processing by verifying the checksum. Then it is forwarded to the next router along the path until it
reaches the destination host, where it is delivered. This mechanism is store-and-forward packet switching.

2. Services Provided to the Transport Layer: The network layer provides services to the transport layer at the
network layer/transport layer interface.

1. The services should be independent of the router technology.

2. The transport layer should be shielded from the number, type, and topology of the routers present.
3. The network addresses made available to the transport layer should use a uniform numbering plan, even
across LANs and WANs.

3. Implementation of Connectionless Service: Datagram network

If connectionless service is offered, packets are injected into the network individually and routed
independently of each other. No advance setup is needed. In this context, the packets are frequently called
datagrams (in analogy with telegrams) and the network is called a datagram network.
Let us now see how a datagram network works. Suppose that the process P1 in Fig. 5-2 has a long message
for P2. It hands the message to the transport layer, with instructions to deliver it to process P2 on host H2. The
transport layer code runs on H1, typically within the operating system. It prepends a transport header to the front of
the message and hands the result to the network layer, probably just another procedure within the operating system.
Let us assume for this example that the message is four times longer than the maximum packet size, so the
network layer has to break it into four packets, 1, 2, 3, and 4, and send each of them in turn to router A using some
point-to-point protocol, for example, PPP. At this point the ISP takes over. Every router has an internal table telling
it where to send packets for each of the possible destinations. Each table entry is a pair consisting of a destination
and the outgoing line to use for that destination. Only directly connected lines can be used. For example, in
Fig. 5-2, A has only two outgoing lines—to B and to C—so every incoming packet must be sent to one of these
routers, even if the ultimate destination is to some other router. A’s initial routing table is shown in the figure under
the label ‘‘initially.’’ At A, packets 1, 2, and 3 are stored briefly, having arrived on the incoming link and had their
checksums verified. Then each packet is forwarded according to A’s table, onto the outgoing link to C within a
new frame. Packet 1 is then forwarded to E and then to F. When it gets to F, it is sent within a frame over the LAN
to H2. Packets 2 and 3 follow the same route. However, something different happens to packet 4. When it gets to A
it is sent to router B, even though it is also destined for F. For some reason, A decided to send packet 4 via a
different route than that of the first three packets. Perhaps it has learned of a traffic jam somewhere along the ACE
path and updated its routing table, as shown under the label ‘‘later.’’

4. Implementation of Connection-Oriented Service: virtual circuit network

For connection-oriented service, we need a virtual-circuit network. Let us see how that works. The idea
behind virtual circuits is to avoid having to choose a new route for every packet sent, as in Fig. 5-2. Instead, when
a connection is established, a route from the source machine to the destination machine is chosen as part of the
connection setup and stored in tables inside the routers. That route is used for all traffic flowing over the
connection, exactly the same way that the telephone system works. When the connection is released, the virtual
circuit is also terminated. With connection-oriented service, each packet carries an identifier telling which virtual
circuit it belongs to.
As an example, consider the situation shown in Fig. 5-3. Here, host H1 has established connection 1 with
host H2. This connection is remembered as the first entry in each of the routing tables. The first line of A’s table
says that if a packet For connection-oriented service, we need a virtual-circuit network. Let us see how that works.
As an example, consider the situation shown in Fig. 5-3. Here, host H1 has established connection 1 with host H2.
This connection is remembered as the first entry in each of the routing tables. The first line of A’s table says that if
a packet bearing connection identifier 1 comes in from H1, it is to be sent to router C and given connection
identifier 1. Similarly, the first entry at C routes the packet to E, also with connection identifier 1.
Now let us consider what happens if H3 also wants to establish a connection to H2. It chooses connection
identifier 1 (because it is initiating the connection and this is its only connection) and tells the network to establish
the virtual circuit. This leads to the second row in the tables. Note that we have a conflict here because although A
can easily distinguish connection 1 packets from H1 from connection 1 packets from H3, C cannot do this. For this
reason, A assigns a different connection identifier to the outgoing traffic for the second connection. Avoiding
conflicts of this kind is why routers need the ability to replace connection identifiers in outgoing packets.

Comparison of Virtual-Circuit and Datagram Networks

Routing Algorithms:
Router: a network device working in the network layer; it receives packets, puts them in a queue and
dispatches the packets to the links toward their destinations. To do this, it uses the IP header of packets together
with its precalculated forwarding table. Routing is the process of selecting best paths in a network.
The routing algorithm is that part of the network layer software responsible for deciding which output
line an incoming packet should be transmitted on. Routing algorithms can be grouped into two major classes:
nonadaptive and adaptive.
Nonadaptive algorithms do not base their routing decisions on any measurements or estimates of the
current topology and traffic. Instead, the choice of the route to use to get from I to J (for all I and J) is computed in
advance, offline, and downloaded to the routers when the network is booted. This procedure is sometimes called
static routing. Because it does not respond to failures, static routing is mostly useful for situations in which the
routing choice is clear.
Adaptive algorithms, in contrast, change their routing decisions to reflect changes in the topology, and
sometimes changes in the traffic as well. These dynamic routing algorithms differ in where they get their
information (e.g., locally, from adjacent routers, or from all routers), when they change the routes (e.g., when the
topology changes, or every ΔT seconds as the load changes), and what metric is used for optimization (e.g.,
distance, number of hops, or estimated transit time).

Following are the routing algorithms:

1. Shortest Path Algorithm
2. Flooding
3. Distance Vector Routing
4. Link State Routing
5. Hierarchical Routing
6. Broadcast Routing
7. Multicast Routing

Hierarchical Routing:

As networks grow in size, the router routing tables grow proportionally. Not only is router memory
consumed by ever-increasing tables, but more CPU time is needed to scan them and more bandwidth is needed to
send status reports about them. At a certain point, the network may grow to the point where it is no longer feasible
for every router to have an entry for every other router, so the routing will have to be done hierarchically, as it is in
the telephone network.
In hierarchical routing, routers are classified in groups known as regions. Each router has only the
information about the routers in its own region and has no information about routers in other regions. So routers
just save one record in their table for every other region.

Hierarchy level
• Clusters: group the regions
• Zones: group of clusters
• zones into groups

In the following example (fig 5-14 (a)) the subnet is divided into 5 regions. The fig (b) specifies the routing
table of 1A without Hierarchy. The full routing table for router 1A has 17 entries. Fig. 5-14(c), there are entries for
all the local routers, as before, but all other regions are condensed into a single router, so all traffic for region 2
goes via the 1B-2A line, but the rest of the remote traffic goes via the 1C-3B line. Hierarchical routing has reduced
the table from 17 to 7 entries. As the ratio of the number of regions to the number of routers per region grows, the
savings in table space increase.
6 Broadcast Routing:

Sending a packet to all destinations simultaneously is called broadcasting. Various methods have been
proposed for doing it.
One broadcasting method that requires no special features from the network is for the source to simply
send a distinct packet to each destination. Not only is the method wasteful of bandwidth and slow, but it also
requires the source to have a complete list of all destinations. This method is not desirable in practice, even though
it is widely applicable.
Another broadcasting method is multidestination routing, in which each packet contains either a list of
destinations or a bit map indicating the desired destinations. When a packet arrives at a router, the router checks all
the destinations to determine the set of output lines that will be needed. (An output line is needed if it is the best
route to at least one of the destinations.) The router generates a new copy of the packet for each output line to be
used and includes in each packet only those destinations that are to use the line. In effect, the destination set is
partitioned among the output lines. The network bandwidth is therefore used more efficiently. However, this
scheme still requires the source to know all the destinations, plus it is as much work for a router to determine
where to send one multidestination packet as it is for multiple distinct packets.

Another broadcasting method is Reverse Path Forwarding (RPF)

In this strategy, the router only forwards those packets that have traveled the shortest path from source to
destination.
• To achieve this, the router pretends that it has a packet to send to the source from where the packet has arrived.
• In this way, the shortest path to the sender of the packet is computed.
• If the same route is followed by the received packet, it is forwarded to the next router and it is discarded
otherwise.
• The reverse path forwarding ensures that the network receives a copy of the packet without formation of loops. A
loop occurs when a packet that has left the router may come back again from another interface or the same
interface and be forwarded again.
• RPF does not guarantee that there would be no duplicate packets in the network i.e. the network may receive two
or more copies.
• The reason for this is that the routing is based on the source address and not on the destination address.
A sink tree is a subnet of network, which has all the nodes covered with minimum possible number of
links. Hence, a sink tree does not have loops and it cannot be disconnected.
Distance Vector Routing Algorithm:
Routing Table
 Two process occurs:
• Creating the Table
• Updating the Table
Creating the Table:
• Dest: defines the final destination of the packet.
• Cost: The cost is the number of hops that packet must take to get there.
• Next hop: It is the router to which the packet must be delivered.

Consider the following network

Updating the tables:
Multicast routing:
 Congestion control algorithms
Leaky Bucket Algorithm:
Let us consider an example to understand Imagine a bucket with a small hole in the bottom. No matter at what
rate water enters the bucket, the outflow is at constant rate. When the bucket is full with water additional water
entering spills over the sides and is lost.

Similarly, each network interface contains a leaky bucket and the following steps are involved in leaky bucket
algorithm:
1. When host wants to send packet, packet is thrown into the bucket.
2. The bucket leaks at a constant rate, meaning the network interface transmits packets at a constant rate.
3. Bursty traffic is converted to a uniform traffic by the leaky bucket.
4. In practice the bucket is a finite queue that outputs at a finite rate.

The disadvantages compared with the leaky-bucket algorithm are the inefficient use of available network resources.
The leak rate is a fixed parameter. In the case of the traffic, volume is deficient, the large area of network resources
such as bandwidth is not being used effectively. The leaky-bucket algorithm does not allow individual flows to burst
up to port speed to effectively consume network resources

Token Bucket Algorithm:

The leaky bucket algorithm has a rigid output design at the average rate independent of the bursty traffic. In
some applications, when large bursts arrive, the output is allowed to speed up. This calls for a more flexible
algorithm, preferably one that never loses information. Therefore, a token bucket algorithm finds its uses in network
traffic shaping or rate-limiting.
Steps of this algorithm can be described as follows:
1. In regular intervals tokens are thrown into the bucket. ƒ
2. The bucket has a maximum capacity. ƒ
3. If there is a ready packet, a token is removed from the bucket, and the packet is sent.
4. If there is no token in the bucket, the packet cannot be sent.
Consider the following example
In figure (A) we see a bucket holding three tokens, with five packets waiting to be transmitted. For a
packet to be transmitted, it must capture and destroy one token. In figure (B) We see that three of the five
packets have gotten through, but the other two are stuck waiting for more tokens to be generated.

For example, if a system generates 100 tokens in one clock tick and the host is idle for 100 ticks. The
bucket will contain 10,000 tokens.
Now, if the host wants to send bursty data, it can consume all 10,000 tokens at once for sending 10,000 cells
or bytes.
Thus a host can send bursty data as long as bucket is not empty.
 Internetworking

Internetworking One of the main responsibilities of network layer is to provide internetworking

between different networks. It provides logical connection between different types of network. It is
because of this layer, we can combine various different networks to form a bigger network.

The Network layer in the internet:

In the network layer, the Internet can be viewed as a collection of networks or ASes (Autonomous
Systems) that are interconnected.

The glue that holds the whole Internet together is the network layer protocol,IP (Internet Protocol). its job is to
provide a best-effort (i.e., not guaranteed) way to transport packets from source to destination, without regard to
whether these machines are on the same network or whether there are other networks in between them.
Communication in the Internet works as follows. The transport layer takes data streams and breaks them
up so that they may be sent as IP packets. In theory, packets can be up to 64 KB each, but in practice they are
usually not more than 1500 bytes (so they fit in one Ethernet frame). IP routers forward each packet through the
Internet, along a path from one router to the next, until the destination is reached. At the destination, the network
layer hands the data to the transport layer, which gives it to the receiving process. When all the pieces finally get to
the destination machine, they are reassembled by the network layer into the original datagram. This datagram is
then handed to the transport layer.

The IP Version 4 Protocol:

An IPv4 datagram consists of a header part and a body or payload part. The header has a 20-byte fixed part and
a variable-length optional part. The header format is shown in Fig. 5-46

• The Version field keeps track of which version of the protocol the datagram belongs to.
• Since the header length is not constant, a field in the header, IHL, is provided to tell how long the header
is, in 32-bit words.
• The Differentiated services field it was called the Type of service field. The Type of service field provided
3 bits to signal priority and 3 bits to signal whether a host cared more about delay, throughput, or
reliability.
• The Total length includes everything in the datagram—both header and data. The maximum length is
65,535 bytes.
• The Identification field is needed to allow the destination host to determine which packet a newly arrived
fragment belongs to. All the fragments of a packet contain the same Identification value.
• DF stands for Don’t Fragment. It is an order to the routers not to fragment the packet.
• MF stands for More Fragments. All fragments except the last one have this bit set. It is needed to know
when all fragments of a datagram have arrived.
• The Fragment offset tells where in the current packet this fragment belongs.
• The TtL (Time to live) field is a counter used to limit packet lifetimes. It was originally supposed to count
time in seconds, allowing a maximum lifetime of 255 sec. It must be decremented on each hop and is
supposed to be decremented multiple times when a packet is queued for a long time in a router.
• The Protocol field tells it which transport process to give the packet to. TCP is one possibility, but so are
UDP and some others.
• Header checksum is assumed to be zero upon arrival. Such a checksum is useful for detecting errors while
the packet travels through the network. Note that it must be recomputed at each hop because at least one
field always changes (the Time to live field).
• The Source address and Destination address indicate the IP address of the source and destination network
interfaces.
• The Options field was designed to provide an escape to allow subsequent versions of the protocol to
include information not present in the original design, to permit experimenters to try out new ideas, and to
avoid allocating header bits to information that is rarely needed.
IP address:
Internet Protocol address, an IP or IP address is a number (example shown right) used to indicate the
location of a computer or other device on a network using TCP/IP.

IP address classes:

With an IPv4 IP address there are five classes of available IP ranges: Class A, Class B, Class C, Class D
and Class E, while only A, B, and C are commonly used. Each class allows for a range of valid IP addresses,
shown in the following table.
Class Address Range Supports
Class A 1.0.0.1 to 126.255.255.254 Supports 16 million hosts on each of 127 networks.
Class B 128.1.0.1 to 191.255.255.254 Supports 65,000 hosts on each of 16,000 networks.
Class C 192.0.1.1 to 223.255.254.254 Supports 254 hosts on each of 2 million networks.
Class D 224.0.0.0 to 239.255.255.255 Reserved for multicast groups.
Class E 240.0.0.0 to 254.255.255.254 Reserved for future use, or Research and Development Purposes.

The IP Version 4 Protocol:

Its major goals were:
1. Support billions of hosts, even with inefficient address allocation.
2. Reduce the size of the routing tables.
3. Simplify the protocol, to allow routers to process packets faster.
4. Provide better security (authentication and privacy).
5. Pay more attention to the type of service, particularly for real-time data.
6. Aid multicasting by allowing scopes to be specified.
7. Make it possible for a host to roam without changing its address.
8. Allow the protocol to evolve in the future.
9. Permit the old and new protocols to coexist for years.

Improvement of IPv6 is the simplification of the header. It contains only seven fields (versus 13 in IPv4).
This change allows routers to process packets faster and thus improves throughput and delay. Other the major
improvement is better support for options. This change was essential with the new header because fields that
previously were required are now optional (because they are not used so often). In addition, the way options are
represented is different, making it simple for routers to skip over options not intended for them. This feature speeds
up packet processing time.
The Main IPv6 Header:
• The Version field is always 6 for IPv6 (and 4 for IPv4).
• The Differentiated services field (originally called Traffic class) is used to distinguish the class of service
for packets with different real-time delivery requirements.
• The Flow label field provides a way for a source and destination to mark groups of packets that have the
same requirements and should be treated in the same way by the network, forming a pseudoconnection.
The flow can be set up in advance and given an identifier. When a packet with a nonzero Flow label shows
up, all the routers can look it up in internal tables to see what kind of special treatment it requires.
• The Payload length field tells how many bytes follow the 40-byte header.
• The Next header field tells which transport protocol handler (e.g., TCP, UDP) to pass the packet to.
• The Hop limit field is used to keep packets from living forever.

Internet control protocols: They include ICMP,ARP, and DHCP.

1) ICMP (The Internet Control Message Protocol):

The Internet Control Message Protocol (ICMP) is an error reporting protocol that is an integral part of
the IP protocol. ICMP communicate control data, information data, and error recovery data across the network.
Problems that are less severe than transmission errors result in error conditions that can be reported. The protocol
is required for a standard implementation of IP. Two protocols are co-dependent. IP uses ICMP when it sends an
error message, and ICMP uses IP to transport messages.

• The DESTINATION UNREACHABLE message is used when the router cannot locate the destination.
 • The TIME EXCEEDED message is sent when a packet is dropped because its TtL (Time to live) counter
has reached zero.
• The PARAMETER PROBLEM message indicates that an illegal value has been detected in a header field.
This problem indicates a bug in the sending host’s IP software or possibly in the software of a router
transited.
• The SOURCE QUENCH message was long ago used to throttle hosts that were sending too many packets.
When a host received this message, it was expected to slow down.
• The REDIRECT message is used when a router notices that a packet seems to be routed incorrectly. It is
used by the router to tell the sending host to update to a better route.
• The ECHO and ECHO REPLY messages are sent by hosts to see if a given destination is reachable and
currently alive.
• The TIMESTAMP REQUEST and TIMESTAMP REPLY messages are similar, except that the arrival
time of the message and the departure time of the reply are recorded in the reply. This facility can be used
to measure network performance.
• The ROUTER ADVERTISEMENT and ROUTER SOLICITATION messages are used to let hosts find
nearby routers. A host needs to learn the IP address of at least one router to be able to send packets off the
local network.

ICMP Message Transport

ICMP uses IP to transport each error message. When a router has an ICMP message to send, it creates datagram
and encapsulates the ICMP message in the datagram. It means that the ICMP message placed in the data area of
the IP data gram. The· datagram is forwarded as usual with the complete data gram being encapsulated in a frame
for transmission.

2) ARP—the Address Resolution Protocol:

Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a
physical machine address that is recognized in the local network.

How ARP Works

When an incoming packet destined for a host machine on a particular local area network arrives at a
gateway(A gateway is a network node connecting two networks that use different protocols.), the gateway asks the
ARP program to find a physical host or MAC address that matches the IP address. The ARP program looks in the
ARP cache and, if it finds the address, provides it so that the packet can be converted to the right packet length and
format and sent to the machine. If no entry is found for the IP address, ARP broadcasts a request packet in a special
format to all the machines on the LAN to see if one machine knows that it has that IP address associated with it. A
machine that recognizes the IP address as its own returns a reply so indicating. ARP updates the ARP cache for
future reference and then sends the packet to the MAC address that replied.
DHCP—the Dynamic Host Configuration Protocol:
Dynamic Host Configuration Protocol (DHCP) is a protoco for assigning dynamic IP addresses to devices
on a network. With dynamic addressing, a device can have a different IP address every time it connects to the
network. DHCP allows hosts to obtain necessary TCP/IP configuration information from a DHCP server.

Benefits of DHCP

In Windows Server 2003, the DHCP Server service provides the following benefits:

• Reliable IP address configuration. DHCP minimizes configuration errors caused by manual IP address
configuration, such as typographical errors, or address conflicts caused by the assignment of an IP address
to more than one computer at the same time.
• Reduced network administration. DHCP includes the following features to reduce network
administration:
o Centralized and automated TCP/IP configuration.
o The ability to define TCP/IP configurations from a central location.
o The ability to assign a full range of additional TCP/IP configuration values by means of DHCP
options.
o The efficient handling of IP address changes for clients that must be updated frequently, such as
those for portable computers that move to different locations on a wireless network.
o The forwarding of initial DHCP messages by using a DHCP relay agent, thus eliminating the need
to have a DHCP server on every subnet.

Why use DHCP

Every device on a TCP/IP-based network must have a unique unicast IP address to access the network and its
resources. Without DHCP, IP addresses must be configured manually for new computers or computers that are
moved from one subnet to another, and manually reclaimed for computers that are removed from the network.
DHCP enables this entire process to be automated and managed centrally. The DHCP server maintains a pool of IP
addresses and leases an address to any DHCP-enabled client when it starts up on the network. Because the IP
addresses are dynamic (leased) rather than static (permanently assigned), addresses no longer in use are
automatically returned to the pool for reallocation.
The network administrator establishes DHCP servers that maintain TCP/IP configuration information and provide
address configuration to DHCP-enabled clients in the form of a lease offer. The DHCP server stores the
configuration information in a database, which includes:

• Valid TCP/IP configuration parameters for all clients on the network.

• Valid IP addresses, maintained in a pool for assignment to clients, as well as excluded addresses.
• Reserved IP addresses associated with particular DHCP clients. This allows consistent assignment of a
single IP address to a single DHCP client.
• The lease duration, or the length of time for which the IP address can be used before a lease renewal is
required.

A DHCP-enabled client, upon accepting a lease offer, receives:

• A valid IP address for the subnet to which it is connecting.

• Requested DHCP options, which are additional parameters that a DHCP server is configured to assign to
clients. Some examples of DHCP options are Router (default gateway), DNS Servers, and DNS Domain
Name. For a full list of DHCP options, see “DHCP Tools and Settings.