Network Layer

Forwarding: move packets from router’s input to appropriate router output

Routing: determine route taken by packets from source to dest.

❖ Connection set up:

3rd important function in some network architectures:

● ATM, frame relay, X.25

Before datagrams flow, two end hosts and intervening routers

establish virtual connection

● routers get involved

Network vs transport layer connection service:

● network: between two hosts (may also involve intervening routers in

case of VCs)
● transport: between two processes

❖ Connection, connection-less services

Datagram network provides network-layer connectionless service

Virtual-circuit network provides network-layer connection service

Analogous to TCP/UDP connecton-oriented / connectionless transport-

layer services, but:

➢ Service: host-to-host

➢ No choice: network provides one or the other

➢ Implementation: in network core

Call setup, teardown for each call before data can flow

Each packet carries VC identifier (not destination host address)

Every router on source-dest path maintains “state” for each passing

connection

Link, router resources (bandwidth, buffers) may be allocated to VC

(dedicated resources = predictable service)

❖ IP fragmentation, reassembly
Network links have MTU (max.transfer size) - largest possible link-
level frame

➢ different link types, different MTUs

large IP datagram divided (“fragmented”) within net

➢ one datagram becomes several datagrams

➢ “reassembled” only at final destination

➢ IP header bits used to identify, order related fragments

IP address
 ❖ Introduction
IP address: 32-bit identifier for host, router interface

Interface: connection between host/router and physical link

➢ router’s typically have multiple interfaces

➢ host typically has one or two interfaces (e.g., wired Ethernet,

wireless 802.11)
IP addresses associated with each interface

❖ Types of addresses

Physical Address (MAC Address):

➢ Also known as a Media Access Control address.

➢ A unique 48-bit (6-byte) hardware address burned into the

network interface card (NIC) of a device.

➢ Used for communication at the data link layer (Layer 2) of the

OSI model.

➢ Not routable across networks, but essential for identifying

devices on the same physical network segment.

Logical Address (IP Address):

➢ Also known as an Internet Protocol address.

➢ A 32-bit (4-byte) or 128-bit (16-byte for IPv6) logical address

assigned to a device.

➢ Used for routing data packets across networks (Layer 3 of the

OSI model).

➢ Can be static (manually configured) or dynamic (assigned by a

DHCP server).

❖ IP addressing schemes

CIDR: Classless InterDomain Routing

● A more flexible system that allows subnet masks to be applied within

any IP address range.

● Enables creation of subnets with varying numbers of usable hosts,

optimizing IP address management.

● Widely used for both public and private networks.

● Subnet portion of address of arbitrary length

● Address format: a.b.c.d/x, where x is # bits in subnet portion of

address
Classful networks (Traditional, not commonly used for public IP

allocation):

● A more flexible system that allows subnet masks to be applied within

any IP address range.

● Enables creation of subnets with varying numbers of usable hosts,

optimizing IP address management.

● Widely used for both public and private networks.

❖ Three classes of Networks

1. Class A Networks (0.0.0.0 - 127.255.255.255):

● Structure:

○ The first octet (byte) identifies the network. (8 bits)

○ The remaining three octets (bytes) identify the hosts within the

network. (24 bits)

● Valid Host ID:

○ Range: 1 to 16,777,214 (2^24 - 2, where 2 accounts for the

network address (0) and broadcast address (255))

● Reserved Address Spaces:

○ 0.0.0.0 - Used for network designation (all bits are 0)

○ 127.0.0.1 - Loopback address (used for internal

communication)
2. Class B Networks (128.0.0.0 - 191.255.255.255):

● Structure:

○ The first two octets identify the network. (16 bits)

○ The remaining two octets identify the hosts within the network.

(16 bits)

● Valid Host ID:

○ Range: 1 to 65,534 (2^16 - 2)

● Reserved Address Spaces:

○ None within the Class B range

3. Class C Networks (192.0.0.0 - 223.255.255.255):

● Structure:

○ The first three octets identify the network. (24 bits)

○ The last octet identifies the hosts within the network. (8 bits)

● Valid Host ID:

○ Range: 1 to 254 (2^8 - 2)

● Reserved Address Spaces:

○ None within the Class C range

Important Notes:

● Broadcast Address: Each network class also has a broadcast

address, which is used to send packets to all devices on the network.

It's calculated by setting all host bits to 1 (e.g., for Class C network

192.168.1.0, the broadcast address would be 192.168.1.255).

● Class D (Multicast) and Class E (Reserved): There are also Class

D (224.0.0.0 - 239.255.255.255) used for multicast addressing and

Class E (240.0.0.0 - 255.255.255.255) reserved for future use.

 ❖ Public vs Private addresses
Private Addresses:

➢ Specific address ranges (10.0.0.0/8, 172.16.0.0/12, and

192.168.0.0/16) reserved for use on private networks.

➢ Not routable on the public internet, offering a layer of security

for internal devices.

➢ Used for home networks, small offices, and internal corporate

networks.

Public Addresses:

➢ Assigned by internet service providers (ISPs) and are routable

on the global internet.

➢ Allow devices to communicate directly with other devices

across the internet.

Private addresses, as opposed to public addresses, are specifically

designated for use on private networks and are not routable on the global

internet. This means devices with private IP addresses can communicate

with each other within the same network but cannot be directly accessed

from the public internet.

❖ DHCP: Dynamic Host Configuration Protocol
Goal: allow host to dynamically obtain its IP address from network
server when it joins network

● can renew its lease on address in use

● allows reuse of addresses (only hold address while
connected/“on”)
● support for mobile users who want to join network (more
shortly)

DHCP overview:

● Host broadcasts “DHCP discover” msg (optional)

● DHCP server responds with “DHCP offer” msg (optional)
● Host requests IP address: “DHCP request” msg
● DHCP server sends address: “DHCP ack” msg
DHCP can return more than just allocated IP address on subnet:

● address of first-hop router for client

● name and IP address of DNS sever
● network mask (indicating network versus host portion of address)
 ❖ IMCP (internet message control protocol)
Used by hosts & routers to communicate network-level information

➢ error reporting: unreachable host, network, port, protocol

➢ echo request/reply (used by ping)

Network-layer “above” IP:

➢ ICMP msgs carried in IP datagrams

ICMP message: type, code plus first 8 bytes of IP datagram causing error

❖ IPv6:
Initial motivation: 32-bit address space soon to be completely allocated.
Additional motivation:

➢ header format helps speed processing/forwarding

➢ header changes to facilitate QoS

IPv6 datagram format:

➢ fixed-length 40 byte header

➢ no fragmentation allowed

Subnet
IP address:

➢ subnet part - high order bits

➢ host part - low order bits

What’s a subnet ?

Subnetting is a technique used in computer networks to divide a large

network (a single network prefix) into smaller, logical subnetworks

(subnets). This helps to:

❖ Improve network efficiency: By creating smaller subnets, you can

group devices with similar needs or functions together, reducing

overall network traffic on the main network.

 ❖ Enhance network security: Subnetting can isolate network

segments, potentially limiting the spread of security threats if they

occur in one subnet.

❖ Optimize IP address usage: You can allocate IP addresses more

efficiently by tailoring the subnet size to the specific number of

devices required in each subnetwork.

➢ device interfaces with same subnet part of IP address

➢ can physically reach each other without intervening router

Subneting:

To determine the subnets, detach each interface from its host or

router, creating islands of isolated networks

Each isolated network is called a subnet

Usable Hosts = 2^(number of host bits) - 2

Number of Subnets = 2^(number of bits borrowed from the host

portion)

Explanation:

● Borrowing bits from the host portion of the subnet mask essentially

creates more network addresses (subnets) at the expense of fewer

usable host addresses within each subnet.

 In relation to the number of required hosts,

● 2^h - 2 >= number of required hosts for each network

Here, h represents the number of bits belonging to the host_id portion

and is also the remaining number of bits after borrowing n bits.

● n = 32 - number of bits in the Net_ID portion - h

❖ 5 steps to remember

1) Identify the class of the IP address and note the Default Subnet

Mask.

2) Convert the Default Subnet Mask into Binary.

3) Note the number of hosts required per subnet and find the Subnet

Generator (SG) and octet position.

4) Generate the new subnet mask.

5) Use the SG and generate the network ranges (subnets) in the

appropriate octet position.

 Routing algorithm
Dijkstra’s algorithm:

➢ Net topology, link costs known to all nodes

● accomplished via “link state broadcast”
● all nodes have same info
➢ Computes least cost paths from one node (‘source”) to all other
nodes
● Gives forwarding table for that node
➢ Iterative: after k iterations, know least cost path to k dest.’s

Notation:

c(x,y): link cost from node x to y; = ∞ if not direct neighbors

D(v): current value of cost of path from source to dest. v

p(v): predecessor node along path from source to v

N': set of nodes whose least cost path definitively known

 Routing protocol
❖ RIP (Routing information protocol)
Included in BSD-UNIX distribution in 1982

Distance vector algorithm

➢ Distance metric: # hops (max = 15 hops), each link has cost 1

➢ DVs exchanged with neighbors every 30 sec in response

message (aka advertisement)

➢ Each advertisement: list of up to 25 destination subnets (in IP

addressing sense)

❖ RIP: link failure, recovery

 If no advertisement heard after 180 sec --> neighbor/link declared dead

● Routes via neighbor invalidated

● New advertisements sent to neighbors
● Neighbors in turn send out new advertisements (if tables changed)
● Link failure info quickly (?) propagates to entire net
● Poison reverse used to prevent ping-pong loops (infinite distance =
16 hops)

❖ OSPF (Open Shortest Path First)

“open”: publicly available

Uses link state algorithm

➢ LS packet dissemination

➢ topology map at each node

➢ route computation using Dijkstra’s algorithm

OSPF advertisement carries one entry per neighbor

Advertisements flooded to entire AS

● Carried in OSPF messages directly over IP (rather than TCP or UDP

IS-IS routing protocol: nearly identical to OSPF

❖ OSPF “advanced” features (not in RIP)

Security: all OSPF messages authenticated (to prevent malicious
intrusion)

Multiple same-cost paths allowed (only one path in RIP)

For each link, multiple cost metrics for different TOS (e.g., satellite
link cost set “low” for best effort ToS; high for real time ToS)

Integrated uni- and multicast support:

Multicast OSPF (MOSPF) uses same topology data base as OSPF

Hierarchical OSPF in large domains.

❖ Hierarchical OSPF
Two-level hierarchy: local area, backbone.

➢ link-state advertisements only in area

➢ each nodes has detailed area topology; only know direction

(shortest path) to nets in other areas.

Area border routers: “summarize” distances to nets in own area, advertise

to other Area Border routers.

Backbone routers: run OSPF routing limited to backbone.

Boundary routers: connect to other AS’s.

 Transport layer
❖ Connection-oriented transport (TCP)
Point-to-point:

➢ one sender, one receiver

Reliable, in-order byte steam:

➢ no “message boundaries”

Pipelined:

➢ TCP congestion and flow control set window size

Full duplex data:

➢ bi-directional data flow in same connection

 ➢ MSS: maximum segment size

Connection-oriented:

➢ handshaking (exchange of control msgs) inits sender, receiver

state before data exchange

Flow controlled:

➢ sender will not overwhelm receiver

1. Reliable Data Transfer (RDT) Protocols:

Definition: Reliable Data Transfer (RDT) protocols ensure that data

transmitted between sender and receiver is delivered reliably, without
errors or loss, despite potential network problems such as packet loss,
duplication, or reordering.

Stop-and-Wait Protocol: A simple RDT protocol where the sender

sends one packet at a time and waits for an acknowledgment from the
receiver before sending the next packet.

Selective Repeat Protocol: An advanced RDT protocol where the

sender can transmit multiple packets without waiting for acknowledgment,
and the receiver selectively acknowledges correctly received packets,
allowing for better utilization of network resources.

2. TCP Operations:

Slow Start: A TCP congestion control algorithm used to increase the

transmission rate gradually until the network congestion is detected. It
starts with a slow initial transmission rate and exponentially increases the
congestion window size until a congestion event occurs.

Congestion Avoidance: After reaching the congestion threshold or

experiencing a congestion event, TCP switches to the congestion
avoidance phase. In this phase, the congestion window size is increased
linearly instead of exponentially to avoid overloading the network.

Fast Retransmit: When TCP detects the loss of one or more packets
due to congestion, it retransmits the missing packets immediately without
waiting for a timeout event. Fast retransmit helps reduce the delay caused
by timeouts and speeds up the recovery process.

Fast Recovery: After detecting packet loss through fast retransmit,

TCP enters the fast recovery state where it reduces the congestion window
size to half and retransmits the lost packets. Fast recovery allows TCP to
recover from congestion events more quickly and efficiently.

Timeout: In TCP, a timeout occurs when the sender does not receive
an acknowledgment (ACK) for a transmitted segment within a certain
period, known as the retransmission timeout (RTO). The RTO is
dynamically adjusted based on network conditions and typically increases
after each timeout event. When a timeout occurs, the sender assumes that
the segment was lost in transit and retransmits it, along with subsequent
unacknowledged segments. Timeouts are crucial for TCP reliability,
ensuring that lost or delayed packets are eventually retransmitted to
maintain data integrity and flow control.
 Triple Duplicate ACKs: Triple duplicate ACKs occur when the
sender receives three consecutive duplicate acknowledgments for the
same sequence number from the receiver. This indicates that the receiver
has received out-of-order segments and is able to process them but is
missing one specific segment, which is presumed lost. Upon detecting
triple duplicate ACKs, the sender performs a fast retransmit of the missing
segment without waiting for the retransmission timeout (RTO) to expire.
This mechanism helps expedite the recovery from packet loss and
minimizes the delay caused by timeouts, enhancing the efficiency of TCP
congestion control algorithms.

Congestion Window (cwin): The congestion window (cwin) is a

dynamic parameter in TCP congestion control algorithms that regulates the
amount of data a sender can transmit into the network before receiving
acknowledgments from the receiver. It represents the maximum number of
segments that the sender can have outstanding in the network at any given
time. The value of the congestion window is determined by various factors,
including the slow start threshold (ssthresh), the current network
congestion level, and the receiver's advertised window size. TCP adjusts
the congestion window size dynamically based on network conditions,
aiming to maximize throughput while avoiding congestion and minimizing
packet loss. The congestion window plays a crucial role in TCP's
congestion avoidance and control mechanisms, helping to maintain stability
and efficiency in data transmission across the network.
 ssThresh: The slow start threshold (ssthresh) is a critical parameter

in TCP congestion control, defining the point at which TCP switches from

exponential growth to linear growth of the congestion window size, and

influencing how TCP reacts to congestion events in the network.

Please answer the following questions:

i) Identify the “transmission rounds” at which the “Slow Start” phase of TCP
Reno takes place?

ii) Identify the “transmission rounds” at which the “Congestion Avoidance”

phase of TCP Reno takes place?

iii) After 16th transmission round, is packet loss detected based on “Triple
duplicate ACKs” or “Timeout”?

iv) After 22th transmission round, is packet loss detected based on “Triple
duplicate ACKs” or “Timeout”?

v) What is the value of SSthreshold at 1st transmission round?

vi) What is the value of SSthreshold at 18st transmission round?

vii) Determine the transmission round at which a packet (segment) with

sequence index 70 is sent?

viii) Suppose there is 01 packet loss (segment loss) detected at the 26th
transmission round due to "Triple duplicate ACKs". Determine the value of
the congestion window and SSthreshold.

Answers:

1) (1:6), (23:26)

2) (6:16), (17:22)

3) triple duplicate ACKs

4) Timeout

5) around 32

6) around 21

7) at transmission round 7

8) SSthreshold = 4,cwin = 7
Explain the operations of tcp Reno at the points A, B, C, D in above figure!

Answers:

A. End of Low start and waiting for timeout

B. Timeout -> threshold = cwin / 2 and cwin = 1

C. Congestion Avoidence start -> Cwin++

D. packet loss detected by triple ACKS -> threshold = cwin / 2 and cwin =
threshold + 3 MSS

Question:

In order to do the congestion control in TCP, the sender maintains a

parameter CWin (congestion window) which indicates the number of bytes
that it can send before receiving an acknowledgement. Additionally, TCP
also maintains another parameter, called SSThreshold (in bytes). Once
CWin > SSThreshold, the sender pays particularly attention to prevent any
congestion

a) suppose that SSThreshold is 8000 bytes, CWin is 4000 bytes, packet

size is 500 bytes. The sender sends 8 packets of 500 bytes in the period of
one time RTT, and receives 8 acknowledges. What becomes the value of
SSThreshold and CWin?

b) Suppose that SSThreshold is 4000 bytes, CWin is 8000 bytes, packet

size is 500 bytes. A sender sends 16 packets of 500 bytes in the period of
one time RTT, and receives 16 acknowledges. What becomes the value of
SSThreshold and CWin?

c) Let us suppose that SSThreshold is 8000 bytes, and CWin is 4000

bytes. The sender sends 8 packets and receives an indication of
congestion before receiving the first acknowledge. What becomes the
value of SSThreshold and CWin?

Answer:

a) threshold : 8000, cwin = 8*2*500 = 8000

b) threshold: 4000, cwin = 8000+500

c) threshold: 4000/2, cwin = 1

Question:

In order to do the congestion control in TCP, the sender maintains a

parameter CWin (congestion window) which indicates the number of bytes
that it can send before receiving an acknowledgement. Additionally, TCP
also maintains another parameter, called SSThreshold (in bytes). Once
CWin > SSThreshold, the sender pays particularly attention to prevent any
congestion.
a) cwin=16000 bytes, slow start threshold: SSThreshold=32000 bytes
Sender sends 100 packets and receives 100 ACKs from receiver, size of
packet is 500bytes
cwin? SSThreshold?

b) cwin=36000 bytes, slow start threshold: SSThreshold=32000 bytes

In1 RTT, Sender sends 100 packets and receives 100 ACKs from receiver,
size of packet is 100bytes
cwin? SSThreshold?
c) cwin=36000 bytes, slow start threshold: SSThreshold=I32000 bytes
Sender sends 100 packets and congestion detected (timeout), size of
packet is 100bytes
cwin? SSThreshold?

Answer:

a) Because it sended 100 packets and receiveed 100 ACKs, It's 100%
success .so Cwin is 33000 and threshold is still 32000

b) Because it sended 100 packets and receiveed 100 ACKs It's 100%
success and cwin is much exceed threshold(32000<36000). So it start a
Congestion Avoidance phase. So CWIN is 36500 and threshold is still
32000

c) Because it's timeout. So Cwin is 100 and threshold = 32000/2 = 16000