Module-4 Internet Protocols

Regulation – 2017 Scheme

COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Internet Protocols

The network layer in version 4 can be thought of as one main protocol and three auxiliary.
➢ Internet Protocol version 4 (IPv4), is responsible for packetizing, forwarding, and delivery
of a packet at the network layer.
➢ The Internet Control Message Protocol version 4 (ICMPv4) helps IPv4 to handle some
errors that may occur in the network-layer delivery.
➢ The Internet Group Management Protocol (IGMP) is used to help IPv4 in multicasting.
➢ The Address Resolution Protocol (ARP) is used to glue the network and data-link layers in
mapping network-layer addresses to link-layer addresses.
IPv4:
❖ The Interne Internet Protocol version 4 (IPv4) is the deliver delivery mechanism used by
the TCP/IP protocols.
❖ IPv4 is an unreliable and connectionless datagram protocol called as best-effort delivery
service.
❖ For reliability, IPv4 must be paired with a reliable protocol such as TCP.
❖ Each datagram is handled independently, and each datagram can follow a different route to
the destination.
❖ IPv4 relies on a higher-level protocol to take care of packet lost or corrupted during
transmission

Position of IPv4 in TCP/IP protocol suite

Datagram
Packets in the IPv4 layer are called datagram’s. The fig shows the IPv4 datagram format.
A datagram is a variable-length packet consisting of two parts: Header and Data. The header is 20
to 60 bytes in length, contains information to routing and delivery.

❖ Version (VER): This 4-bit field defines the version of the IPv4 protocol. This field tells the IPv4
software running in the processing machine that the datagram has the format of version 4.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 1

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
❖ Header length (HLEN): This 4-bit field defines the total length of the datagram header in 4-
byte words. This field is needed because the length of the header is variable (between 20 and
60 bytes). Minimum field size is 5 (5 × 4 = 20) and its maximum field size is 15 (15 × 4 = 60).

IPv4 datagram format

❖ Services: Name of this 8-bit field is previously called service type, and is renamed as
differentiated services.
Below shows the interpretation of both services:
Service Type: Differentiated Services:

➢ The first 3 bits are called precedence bits.

➢ The next 4 bits are called type of service ➢ The first 6 bits make up the code point
(TOS) bits, and subfield, and the last 2 bits are not used.
➢ The last bit is not used.
➢ The code point subfield can be used in two
different ways.
➢ Precedence is a 3-bit subfield ranging from
0 (000 in binary) to 7 (111 in binary), defines ➢ Rightmost 3 bits are 0s and leftmost 3 bits
the priority of the datagram in issues such as are precedence bits.
congestion.
➢ During router congestion lowest priority
datagram’s are discarded first. ➢ The 6 bits define 64 services based on the
priority assignment by the Internet or local

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 2


Regulation – 2017 Scheme
Type of Service (TOS) bits is a 4-bit subfield with
each bit having a special meaning. Although a bit
can be either 0 or 1, one and only one of the bits
can have the value of 1 in each datagram and
have five different types of services.
Module-4 Internet Protocols
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
authorities.
➢ The first category contains 32(numbers 0, 2,
4, . . . , 62) service types assigned by internet
authorities.
➢ The second category contains 16 (3, 7, 11,
15,…, 63) can be used by local authorities.
➢ The third category contains 16 (1, 5, 9,….61)
is temporary and can be used for
experimental purposes.

➢ Application programs can request a specific

type of service.
➢ The defaults for some Applications ICMP,
BOOTP, NNTP, IGP, SNMP, TELNET, FTP,
TFTP, SMTP, DNS.
➢ Interactive activities need minimum delay
for immediate attention and response.
➢ Activities that send bulk data require
maximum throughput.
➢ Management activities need maximum
reliability.
➢ Background activities need minimum cost.

❖ Total length: This is a 16-bit field that defines the total length (header plus data) of the IPv4
datagram in bytes.
❖ Length of data = total length − header length

Since the field length is 16 bits, the total length of the IPv4 datagram is limited to 65,535 (216 −
1) bytes, of which 20 to 60 bytes are the header and the rest is data from the upper layer.

Ethernet protocol has a minimum and maximum restriction on the size of data that can be
encapsulated in a frame (46 to 1500 bytes). If the size of an IPv4 datagram is less than 46
bytes, some padding will be added to meet this requirement. The mechanism of decapsulation
needs to check the total length field to determine real data and padding.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 3

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
❖ Identification: This field is used in fragmentation.
❖ Flags: This field is used in fragmentation.
❖ Fragmentation offset: This field is used in fragmentation.
❖ Time to live: A datagram has a limited lifetime in its travel through an internet. This field was
originally designed to hold a timestamp, which was decremented by each visited router. This
field is used mostly to control the maximum number of hops (routers) visited by the datagram.
This field limits the lifetime of a datagram which travel between two or more routers for a long
time without ever getting delivered to the destination host.
❖ Protocol: This 8-bit field defines the higher-level protocol that uses the services of the IPv4
layer and specifies the final destination protocol to which the IPv4 datagram is delivered. An
IPv4 datagram can encapsulate data from several higher-level protocols such as TCP, UDP,
ICMP, and IGMP.

❖ Checksum: The checksum concept is like error detection and correction.

❖ Source address: This 32-bit field defines the IPv4 address of the source. This field must
remain unchanged during travels from the source host to the destination host.
❖ Destination address: This 32-bit field defines the IPv4 address of the destination. This field
must remain unchanged during travels from the source host to the destination host.

Example: 1
An IPv4 packet has arrived with the first 8 bits as (01000010)2. The receiver discards the packet.
Why?

Solution:
There is an error in this packet.
The 4 leftmost bits (0100)2 show the version, which is correct.
The next 4 bits (0010)2 show an invalid header length (2 × 4 = 8).
The minimum number of bytes in the header must be 20.
The packet has been corrupted in transmission.

Example: 2
In an IPv4 packet, the value of HLEN is (1000)2. How many bytes of options are being carried by
this packet?
Solution:
The HLEN value is 8, which means the total number of bytes in the header is 8 × 4, or 32 bytes.
The first 20 bytes are the base header; the next 12 bytes are the options.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 4

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Example: 3
In an IPv4 packet, the value of HLEN is 5, and the value of the total length field is (0028)16. How
many bytes of data are being carried by this packet?

Solution:
The HLEN value is 5, which means the total number of bytes in the header is 5 × 4, or 20 bytes (no
options).
The total length is (0028)16 or 40 bytes, which means the packet is carrying 20 bytes of data (40 −
20).

Example: 4
An IPv4 packet has arrived with the first few hexadecimal digits as shown.
(45000028000100000102…) 16
How many hops can this packet travel before being dropped? The data belong to what upper-layer
protocol?

Solution:
To find the time-to-live field, we skip 8 bytes (16 hexadecimal digits).

(45000028000100000102…) 16

The time-to-live field is the ninth byte, which is (01)16. This means the packet can travel only one
hop.
The protocol field is the next byte (02)16, which means that the upper-layer protocol is IGMP.

Example: 5
Figure shows an example of a checksum calculation for an IPv4 header without options. The
header is divided into 16-bit sections. All the sections are added and the sum is complemented
after wrapping the leftmost digit.

The result is inserted in the checksum field.

Note that the calculation of wrapped sum and checksum can also be done as follows in
hexadecimal: Checksum = Complement of Sum.
Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 5
 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Fragmentation
A datagram can travel through different networks. Each router decapsulates the IPv4 datagram
from the frame it receives, processes it, and then encapsulates it in another frame. The format and
size of the sent frame depend on the protocol used by the physical network through which the
frame is going to travel.

Maximum Transfer Unit (MTU)

Each data link layer protocol has its own frame format in most protocols. One of the fields defined
in the format is the maximum size of the data field. In other words, when a datagram is
encapsulated in a frame, the total size of the datagram must be less than this maximum size, which
is defined by the restrictions imposed by the hardware and software used in the network. The
value of the MTU depends on the physical network protocol.

Table shows the values for some protocols.

Fields Related to Fragmentation

The fields that are related to fragmentation and reassembly of an IPv4 datagram are the
IDENTIFICATION, FLAGS, and FRAGMENTATION OFFSET fields.

Identification: This 16-bit field identifies a datagram originating from the source host. The
combination of the identification and source IPv4 address must uniquely define a datagram as it
leaves the source host.

Flags: This is a 3-bit field.

❖ The first bit is reserved.
❖ The second bit is called the do not fragment bit. If its value is 1, the machine must not fragment
the datagram; it discards the datagram and sends an ICMP error message to the source host. If
its value is 0, the datagram can be fragmented if necessary.
❖ The third bit is called the more fragment bit. If its value is 1, it means the datagram is not the
last fragment; there are more fragments after this one. If its value is 0, it means this is the last
or only fragment.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 6

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Fragmentation offset:
❖ This 13-bit field shows the relative position of this fragment with respect to the whole
datagram.

❖ The offset of the data in the original datagram measured in units of 8 bytes.
❖ Datagram with a data size of 4000 bytes fragmented into three fragments.
❖ The bytes in the original datagram are numbered 0 to 3999.
❖ The first fragment carries bytes 0 to 1399. The offset for this datagram is 0/8 = 0.
❖ The second fragment carries bytes 1400 to 2799; the offset value for this fragment is 1400/8 =
175.
❖ Finally, the third fragment carries bytes 2800 to 3999. The offset value for this fragment is
2800/8 = 350.
❖ Remember that the value of the offset is measured in units of 8 bytes. This is done because the
length of the offset field is only 13 bits and cannot represent a sequence of bytes greater than
8191. This forces hosts or routers that fragment datagram’s to choose a fragment size so that
the first byte number is divisible by 8.

The identification field is the same in all fragments and the value of the flags field with the more
bit set for all fragments except the last. Also, the value of the offset field for each fragment is
shown.

The below figure shows a fragment itself is fragmented. In this case the value of the offset field is
always relative to the original datagram.

For example, in the figure, the second fragment is itself fragmented later to two fragments of 800
bytes and 600 bytes, but the offset shows the relative position of the fragments to the original
data.

It is obvious that even if each fragment follows a different path and arrives out of order, the final
destination host can reassemble the original datagram from the fragments received (if none of
them is lost) by using the following strategy:

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 7

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols

1. The first fragment has an offset field value of zero.

2. Divide the length of the first fragment by 8. The second fragment has an offset value equal
to that result.
3. Divide the total length of the first and second fragments by 8. The third fragment has an
offset value equal to that result.
4. Continue the process. The last fragment has a more bit value of 0.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 8

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Example: 6
A packet has arrived with an M bit value of 0. Is this the first fragment, the last fragment, or a
middle fragment? Do we know if the packet was fragmented?

Solution:
If the M bit is 0, it means that there are no more fragments; the fragment is the last one.
However, we cannot say if the original packet was fragmented or not. A non-fragmented packet is
considered the last fragment.

Example: 7
A packet has arrived with an M bit value of 1. Is this the first fragment, the last fragment, or a
middle fragment? Do we know if the packet was fragmented?

Solution:
If the M bit is 1, it means that there is at least one more fragment.
This fragment can be the first one or a middle one, but not the last one.
We don’t know if it is the first one or a middle one; we need more information (the value of the
fragmentation offset).

Example: 8
A packet has arrived with an M bit value of 1 and a fragmentation offset value of 0. Is this the first
fragment, the last fragment, or a middle fragment?

Solution:
Because the M bit is 1, it is either the first fragment or a middle one. Because the offset value is 0, it
is the first fragment.

Example: 9
A packet has arrived in which the offset value is 100. What is the number of the first byte? Do we
know the number of the last byte?

Solution:
To find the number of the first byte, we multiply the offset value by 8.
This means that the first byte number is 800.
We cannot determine the number of the last byte unless we know the length of the data.

Example: 10
A packet has arrived in which the offset value is 100, the value of HLEN is 5, and the value of the
total length field is 100. What are the numbers of the first byte and the last byte?

Solution:
The first byte number is 100 × 8 = 800. The total length is 100 bytes, and the header length is 20
bytes (5 × 4), which means that there are 80 bytes in this datagram.
If the first byte number is 800 and the last byte number must be 879.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 9

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Options:
❖ The header of the IPv4 datagram is made of two parts: Fixed part and Variable part.
❖ The fixed part is 20 bytes long
❖ The variable part comprises the options that can be a maximum of 40 bytes.
❖ Options, as the name implies, are not required for a datagram. They can be used for
network testing and debugging.

No Operation
A no-operation option is a 1-byte option used as filler between options.

End of Option
An end-of-option option is a 1-byte option used for padding at the end of the option field. It,
however, can only be used as the last option.

Record Route
A record route option is used to record the Internet routers that handle the datagram. It can list up
to nine router addresses. It can be used for debugging and management purposes.

Strict Source Route

❖ A strict source route option is used by the source to predetermine a route for the datagram
as it travels through the Internet.
❖ Dictation of a route by the source can be useful for several purposes.
❖ The sender can choose a route with a specific type of service, such as minimum delay or
maximum throughput. Alternatively, it may choose a route that is safer or more reliable for
the sender’s purpose.

Example:
❖ If a datagram specifies a strict source route, all the routers defined in the option must be
visited by the datagram.
❖ A router must not be visited if its IPv4 address is not listed in the datagram.
❖ If the datagram visits a router that is not on the list, the datagram is discarded and an error
message is issued.
❖ If the datagram arrives at the destination and some of the entries were not visited, it will
also be discarded and an error message issued.

Loose Source Route

A loose source route option is similar to the strict source route, but it is less rigid. Each router in
the list must be visited, but the datagram can visit other routers as well.

Timestamp
A timestamp option is used to record the time of datagram processing by a router.

The time is expressed in milliseconds from midnight, Universal time or Greenwich meantime.
Knowing the time a datagram is processed can help users and managers track the behavior of the
routers in the Internet. We can estimate the time it takes for a datagram to go from one router to
another. We say estimate because, although all routers may use Universal time, their local clocks
may not be synchronized.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 10

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Drawbacks of IPv4
IPv4 has some deficiencies that make it unsuitable for the fast-growing Internet.
➢ Despite all short-term solutions, such as subnetting, classless addressing, NAT, address
depletion is still a long-term problem in the Internet.
➢ Transmission requires minimum delay strategies and reservation of resources not provided in
the IPv4 design.
➢ No encryption or authentication is provided by IPv4.

Three security issues in IPv4 Datagrams

There are three security issues that are particularly applicable to the IP protocol:
➢ Packet sniffing
➢ Packet modification and
➢ IP spoofing

Packet Sniffing
Packet sniffing cannot be stopped, encryption of the packet can make the attacker’s effort useless.
The attacker may still sniff the packet, but the content is not detectable.

Packet Modification
This type of attack can be detected using a data integrity mechanism. The receiver, before opening
and using the contents of the message, can use this mechanism to make sure that the packet has
not been changed during the transmission.

IP Spoofing
An attacker can send an IP packet to a bank pretending that it is coming from one of the
customers. This type of attack can be prevented using an origin authentication mechanism.

Security of IPV4 Datagram: IPSec

The IP packets today can be protected from the previously mentioned attacks using a protocol
called IPSec (IP Security).
IPSec is used in conjunction with the IP protocol, creates a connection-oriented service between
two entities in which they can exchange IP packets.

IPSec provides the following four services:

❖ Defining Algorithms and Keys:
The two entities that want to create a secure channel between themselves can agree on
some available algorithms and keys to be used for security purposes.

❖ Packet Encryption:
The packets exchanged between two parties can be encrypted for privacy using one of the
encryption algorithms and a shared key agreed upon in the first step. This makes the
packet sniffing attack useless.

❖ Data Integrity:
Data integrity guarantees that the packet is not modified during the transmission. If the
received packet does not pass the data integrity test, it is discarded. This prevents the
second attack, packet modification, described above.
Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 11
 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
❖ Origin Authentication:
IPSec can authenticate the origin of the packet to be sure that the packet is not created by
an imposter. This can prevent IP spoofing attacks as described above.

ICMPv4: Internet Control Message Protocol Version 4

❖ It is a companion to the IP protocol.
❖ ICMP itself is a network-layer protocol.
❖ Its messages are first encapsulated inside IP datagrams before going to the data link layer.
❖ When an IP datagram encapsulates an ICMP message, the value of the protocol field in the IP
datagram is set to 1 to indicate that the IP payroll is an ICMP message.
❖ It has been designed to compensate for the below two deficiencies.
➢ Error-reporting or error-correcting mechanism.
➢ Mechanism for host and management queries.

ICMP MESSAGES
ICMP messages are divided into two broad categories:
➢ Error-reporting messages:
The error-reporting messages report problems that a router or a host (destination) may
encounter when it processes an IP packet.

➢ Query messages:
The query messages, which occur in pairs, help a host or a network manager get specific
information from a router or another host.

An ICMP message has an 8-byte header and a variable-size data section. Although the general
format of the header is different for each message type. As shows in below figure, the first field,
ICMP type, defines the type of the message. The code field specifies the reason for the particular
message type. The last common field is the checksum field. The rest of the header is specific for
each message type.

General format of ICMP messages

Type of code values:

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 12

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Error Reporting Messages

The following are important points about ICMP error messages:

➢ No ICMP error message will be generated in response to a datagram carrying an ICMP error
message.
➢ No ICMP error message will be generated for a fragmented datagram that is not the first
fragment.
➢ No ICMP error message will be generated for a datagram having a multicast address.
➢ No ICMP error message will be generated for a datagram having a special address such as
127.0.0.0 or 0.0.0.0.

Destination Unreachable
➢ The most widely used error message is the destination unreachable (type 3).
➢ This message uses different codes (0 to 15) to define the type of error message and the
reason for not reached its final destination.

Source Quench
➢ Source quench (type 4) message, informs the sender that the network has encountered
congestion and the datagram has been dropped; the source needs to slow down sending
more datagrams.
➢ In other words, ICMP adds a kind of congestion control mechanism to the IP protocol by
using this type of message.

Redirection Message
➢ The redirection message (type 5) is used when the source uses a wrong router to send out
its message.
➢ The router redirects the message to the appropriate router, but informs the source that it
needs to change its default router in the future.
➢ The IP address of the default router is sent in the message.

Parameter Problem
A parameter problem message (type 12) can be sent when either there is a problem in the header
of a datagram (code 0) or some options are missing or cannot be interpreted (code 1).
Query Messages
➢ Query messages in ICMP can be used independently without relation to an IP datagram.
➢ Query message needs to be encapsulated in a datagram, as a carrier.
➢ Query messages are used to test the liveliness of hosts or routers in the Internet.
➢ Query messages come in pairs: request and reply.
➢ The echo request (type 8) and the echo reply (type 0) pair of messages is used by a host or
a router to test the liveliness of another host or router.
➢ A host or router sends an echo request message to another host or router; if the later is
alive, it responds with an echo reply message.
➢ The timestamp request (type 13) and the timestamp reply (type 14) pair of messages is
used to find the round-trip time between two devices or to check whether the clocks in two
devices are synchronized.
➢ The timestamp request message sends a 32-bit number, which defines the time the
message is sent.
➢ The timestamp reply resends a two new 32-bit number representing the time the request
was received and the time the response was sent.
Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 13
 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
➢ If all timestamps represent Universal time, the sender can calculate the one-way and
round-trip time.

Deprecated Messages
Three pairs of messages are declared obsolete by IETF:
1. Information request and replay messages are not used today because their duties are done
by the Address Resolution Protocol (ARP).
2. Address mask request and reply messages are not used today because their duties are
done by the Dynamic Host Configuration Protocol (DHCP).
3. Router solicitation and advertisement messages are not used today because their duties
are done by the Dynamic Host Configuration Protocol (DHCP).

Debugging Tools
There are two tools that use ICMP for debugging:
➢ Ping and
➢ Traceroute
Ping
➢ The ping program is to find if a host is alive and responding.
➢ The ping program sets the identifier field in the echo-request and echo-reply message and
starts the sequence number from 0; this number is incremented by 1 each time a new
message is sent.
➢ Ping can calculate the round-trip time. It inserts the sending time in the data section of the
message. When the packet arrives, it subtracts the arrival time from the departure time to
get the round-trip time (RTT).

Traceroute or Tracert
❖ The traceroute program in UNIX or tracert in Windows can be used to trace the path of a
packet from a source to the destination.
❖ It can find the IP addresses of all the routers that are visited along the path.
❖ The program is usually set to check for the maximum of 30 hops (routers) to be visited.
❖ The number of hops in the Internet is normally less than this. Since these two programs
behave differently in Unix and Windows.

Traceroute
The traceroute program gets help from two error-reporting messages: time-exceeded and
destination-unreachable.
The traceroute is an application layer program, but only the client program is needed, because
there is no traceroute server program.
The traceroute application program is encapsulated in a UDP user datagram, but traceroute
intentionally uses a port number that is not available at the destination.

Example:
If there are n routers in the path, the traceroute program sends (n + 1) messages. The first n
messages are discarded by the n routers, one by each router; the last message is discarded by the
destination host.
The traceroute client program uses the (n + 1) ICMP error-reporting messages received to find the
path between the routers.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 14

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols

In Figure, the value of n (Router) is 3.

The first traceroute message is sent with time-to-live (TTL) value set to 1; the message is
discarded at the first router and a time-exceeded ICMP error message is sent, from which the
traceroute program can find the IP address of the first router (the source IP address of the error
message) and the router name (in the data section of the message).

The second traceroute message is sent with TTL set to 2, which can find the IP address and the
name of the second router.

Similarly, the third message can find the information about router 3. The fourth message,
however, reaches the destination host. This host is also dropped, but for another reason.
The destination host cannot find the port number specified in the UDP user datagram.

This time ICMP sends different message, the destination-unreachable message with code 3 to
show the port number is not found.

After receiving this different ICMP message, the traceroute program knows that the final
destination is reached. It uses the information in the received message to find the IP address and
the name of the final destination.

The traceroute program also sets a timer to find the round-trip time for each router and the
destination. Most traceroute programs send three messages to each device, with the same TTL
value, to be able to find a better estimate for the round-trip time.

Tracert
The tracert program in windows behaves differently. The tracert messages are encapsulated
directly in IP datagrams. The tracert, like traceroute, sends echo-request messages. However,
when the last echo request reaches the destination host, an echo replay message is issued.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 15

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
ICMP Checksum
In ICMP the checksum is calculated over the entire message (header and data).
Example:
Figure shows an example of checksum calculation for a simple echo-request message.
We randomly chose the identifier to be 1 and the sequence number to be 9.
The message is divided into 16-bit (2-byte) words.
The words are added and the sum is complemented.
Now the sender can put this value in the checksum field.

MOBILE IP
The extension of IP protocol allows mobile computers to be connected to the Internet at any
location; where the connection is possible.

Addressing
The main problem that must be solved in providing mobile communication using the IP protocol is
addressing.

Stationary Hosts
➢ The IP addresses are designed to work with stationary hosts because part of the address
defines the network to which the host is attached.
➢ IP address has two parts: a prefix and a suffix.
➢ The prefix associates a host with a network. They use the prefix to deliver the packet to the
network to which the host is attached. This scheme works perfectly with stationary hosts.

Mobile Hosts
When a host moves from one network to another, the IP addressing structure needs to be
modified.

Changing the Address

One simple solution is to let the mobile host change its address as it goes to the new network. The
host can use DHCP to obtain a new address to associate it with the new network.

This approach has several drawbacks.

❖ First, the configuration files would need to be changed.
❖ Second, each time the computer moves from one network to another, it must be rebooted.
❖ Third, the DNS tables need to be revised so that every other host in the Internet is aware of

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 16

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
the change.
❖ Fourth, if the host roams from one network to another during a transmission, the data
exchange will be interrupted.

Two Addresses
❖ Mobile IP has two addresses for a mobile host:
➢ Home address and
➢ Care-of address
❖ The approach that is more feasible is the use of two addresses.
❖ The host has its original address, called the home address, and a temporary address, called the
care-of address.
❖ The home address is permanent; it associates the host with its home network, the network
that is the permanent home of the host.
❖ The care-of address is temporary. When a host moves from one network to another, the care-
of address changes; it is associated with the foreign network, the network to which the host
moves.
❖ Figure shows the concept.

Agents
The position of a home agent relative to the home network and a foreign agent relative to the
foreign network are shown in figure to make the change of address transparent. They are both
routers and hosts.

Home Agent
The home agent is usually a router attached to the home network of the mobile host.
It receives the packet and sends it to the foreign agent.
Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 17
 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Foreign Agent
The foreign agent is usually a router attached to the foreign network.
The foreign agent receives and delivers packets sent by the home agent to the mobile host. The
mobile host can also act as a foreign agent.

➢ The mobile host can act as foreign agent with care-of address.
➢ In addition, the mobile host needs the necessary software to allow it to communicate with
the home agent and to have two addresses: its home address and its care-of address.
➢ When the mobile host acts as a foreign agent, the care-of address is called a collocated care-
of address.
❖ The advantage of using a collocated care-of address is that the mobile host can move to
any network without worrying about the availability of a foreign agent.
❖ The disadvantage is that the mobile host needs extra software to act as its own foreign
agent.
Three Phases
To communicate with a remote host, a mobile host goes through three phases:
❖ Agent discovery
❖ Registration and
❖ Data transfer

❖ The first phase, agent discovery, involves the mobile host, the foreign agent, and the home
agent.
❖ The second phase, registration, also involves the mobile host and the two agents.
❖ Finally, in the third phase, the remote host is also involved.
Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 18
 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Agent Discovery
❖ The first phase in mobile communication, agent discovery, consists of two sub phases.
❖ A mobile host must discover (learn the address of) a home agent before it leaves its home
network.
❖ A mobile host must also discover a foreign agent after it has moved to a foreign network.
❖ This discovery consists of learning the care-of address as well as the foreign agent’s
address.
❖ The discovery involves two types of messages:
o Advertisement and
o Solicitation
Agent Advertisement
When a router advertises its presence on a network using an ICMP router advertisement, it can
append an agent advertisement to the packet if it acts as an agent.
Figure shows how an agent advertisement is piggybacked to the router advertisement packet.

The field descriptions are as follows:

❖ Type. The 8-bit type field is set to 16.
❖ Length. The 8-bit length field defines the total length of the extension message (not the
length of the ICMP advertisement message).
❖ Sequence number. The 16-bit sequence number field holds the message number. The
recipient can use the sequence number to determine if a message is lost.
❖ Lifetime. The lifetime field defines the number of seconds that the agent will accept
requests. If the value is a string of 1s, the lifetime is infinite.
❖ Code. The code field is an 8-bit flag in which each bit is set (1) or unset (0). The meanings of
the bits are shown in Table belowCare-of Addresses. This field contains a list of addresses
available for use as care-of addresses. The mobile host can choose one of these addresses.

The selection of this care-of address is announced in the registration request. Note that this
Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 19
 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
field is used only by a foreign agent.

Agent Solicitation
When a mobile host has moved to a new network and has not received agent advertisements, it
can initiate an agent solicitation. It can use the ICMP solicitation message to inform an agent that it
needs assistance.
Registration
The second phase in mobile communication is registration. After a mobile host has moved to a
foreign network and discovered the foreign agent, it must register. There are four aspects of
registration:
1. The mobile host must register itself with the foreign agent.
2. The mobile host must register itself with its home agent. This is normally done by the
foreign agent on behalf of the mobile host.
3. The mobile host must renew registration if it has expired.
4. The mobile host must cancel its registration (deregistration) when it returns home.

Request and Reply

To register with the foreign agent and the home agent, the mobile host uses a registration request
and a registration reply as shown in Figure.

Registration Request
A registration request is sent from the mobile host to the foreign agent to register its care-of
address and also to announce its home address and home agent address. The foreign agent, after
receiving and registering the request, relays the message to the home agent. Note that the home
agent now knows the address of the foreign agent because the IP packet that is used for relaying
has the IP address of the foreign agent as the source address. Figure 19.16 shows the format of the
registration request.

The field descriptions are as follows:

❖ Type. The 8-bit type field defines the type of message. For a request message the value of
this field is 1.
❖ Flag. The 8-bit flag field defines forwarding information. The value of each bit can be set or
unset. The meaning of each bit is given in Table below.
❖ Lifetime. This field defines the number of seconds the registration is valid. If the field is a
string of 0s, the request message is asking for deregistration. If the field is a string of 1s, the
lifetime is infinite.
❖ Home address. This field contains the permanent (first) address of the mobile host.
❖ Home agent address. This field contains the address of the home agent.
❖ Care-of address. This field is the temporary (second) address of the mobile host.
Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 20
 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
❖ Identification. This field contains a 64-bit number that is inserted into the request by the
mobile host and repeated in the reply message. It matches a request with a reply.
❖ Extensions. Variable length extensions are used for authentication. They allow a home
agent to authenticate the mobile agent.

Registration Reply
A registration reply is sent from the home agent to the foreign agent and then relayed to the
mobile host.
The reply confirms or denies the registration request.

The fields are similar to those of the registration request with the following exceptions.
The value of the type field is 3.
The code field replaces the flag field and shows the result of the registration request (acceptance
or denial).
The care-of address field is not needed.

Encapsulation
Registration messages are encapsulated in a UDP user datagram.
An agent uses the well-known port 434; a mobile host uses an ephemeral port.

Data Transfer
After agent discovery and registration, a mobile host can communicate with a remote host.

1. Path 1 of Figure shows this step: From Remote agent to Home Agent
The remote host sends a packet as though the mobile host is at its home network. The packet is
intercepted by the home agent, which pretends it is the mobile host. This is done using the
proxy ARP technique.

2. Path 2 of Figure shows this step: From Home Agent to Foreign Agent
Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 21
 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
After receiving the packet, the home agent sends the packet to the foreign agent, using the
tunneling concept. The home agent encapsulates the whole IP packet inside another IP packet
using its address as the source and the foreign agent’s address as the destination.

3. Path 3 of Figure shows this step: From Foreign Agent to Mobile Host
When the foreign agent receives the packet, it removes the original packet. The packet is then
sent to the care-of address.

4. Path 4 of Figure shows this step: From Mobile Host to Remote Host
When a mobile host wants to send a packet to a remote host, it sends as it does normally. The
mobile host prepares a packet with its home address as the source, and the address of the
remote host as the destination. Although the packet comes from the foreign network, it has the
home address of the mobile host.

Transparency
In this data transfer process, the remote host is unaware of any movement by the mobile host. The
remote host sends packets using the home address of the mobile host as the destination address;
it receives packets that have the home address of the mobile host as the source address. The
movement is totally transparent. The rest of the Internet is not aware of the movement of the
mobile host.

Inefficiency in Mobile IP
Communication involving mobile IP can be inefficient.
The inefficiency can be severe or moderate.
❖ The severe case is called double crossing or 2X.
❖ The moderate case is called triangle routing or dog-leg routing.

Double Crossing

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 22

 Module-4 Internet Protocols
Regulation – 2017 Scheme
COMPUTER COMMUNICATION NETWORKS-17EC64
Module - 4 - Internet Protocols
Double crossing occurs when a remote host communicates with a mobile host that has moved to
the same network (or site) as the remote host.
❖ When the mobile host sends a packet to the remote host, there is no inefficiency; the
communication is local.
❖ When the remote host sends a packet to the mobile host, the packet crosses the Internet
twice inefficiency from double crossing is significant.

Triangle Routing
Triangle routing, the less severe case, occurs when the remote host communicates with a mobile
host that is not attached to the same network (or site) as the mobile host.
❖ When the mobile host sends a packet to the remote host, there is no inefficiency.
❖ When the remote host sends a packet to the mobile host, the packet goes from the remote
host to the home agent and then to the mobile host.
❖ The packet travels the two sides of a triangle, instead of just one side.

Prepared by Aruna R , Dept. of ECE, Sri Sairam College of Engineering, Anekal. 23