www.gradeup.

co

1
Page 1
www.gradeup.co

COMPUTER NETWORKS

1 OSI, TCP/IP MODELS

1. OSI MODEL

• OSI consists of seven layers, and each layer performs a particular network function.
• OSI model was developed by the International Organization for Standardization (ISO) in
1984, and it is now considered as an architectural model for the inter-computer
communications.
• OSI model divides the whole task into seven smaller and manageable tasks. Each layer is
assigned a particular task.
• Each layer is self-contained, so that task assigned to each layer can be performed
independently.

Physical Layer: It is responsible for transmitting bits from one node to another node.
Data link layer: It is responsible for node to node delivery within the LAN and the systems
will be identified by the MAC address. It checks for physical transmission errors and packages
bits into data frames. The data link layer encompasses two sub-layers of its own:
i. Media Access Control (MAC) layer- It is responsible for controlling how device in a network
gain access to medium and permits to transmit data.
ii. Logical link control layer- This layer is responsible for identity and encapsulating network-
layer protocols and allows you to find the error.

2
Page 2
www.gradeup.co

Network layer: It is responsible for source to destination delivery and the system will be
identified by IP Address. It is responsible for receiving frames from the data link layer and
delivering them to their intended destinations among based on the addresses contained inside
the frame.
Transport layer: It is responsible for process to process or end to end delivery and the system
will be identified by port address. It regulates the size, sequencing, and ultimately the transfer
of data between systems and hosts. One of the most common examples of the transport layer
is TCP or the Transmission Control Protocol.
It determines how much data should be sent where and at what rate. This layer builds on the
message which are received from the application layer. It helps ensure that data units are
delivered error-free and in sequence.
Transport layer helps you to control the reliability of a link through flow control, error control,
and segmentation.
The transport layer also offers an acknowledgment of the successful data transmission and
sends the next data in case no errors occurred. TCP is the best-known example of the transport
layer.
Session layer: It is used to establish, maintain and synchronizes the interaction between
communicating devices. Session Layer controls the dialogues between computers. It helps in
establishing the starting and terminating connections between the local and remote application.
Presentation layer: It is mainly concerned with the syntax and semantics of the information
exchanged between the two systems. Because of this, it at times also called the syntax layer. It
also helps in handling the data compression and data encryption.
Application layer: It serves as a window for users and application processes to access network
service. The application layer identifies communication partners, resource availability, and
synchronizes communication.
• The lower layer will always encapsulate the higher level i.e. higher layer will act as a data
to lower layer and attach a header of its own.

3
Page 3
www.gradeup.co

1.1. Comparison of Networking Devices in different layers

Layer Device Address Functionality Protocols

• Point-To-Point Configuration,
• Bit synchronization,
Physical Hub, MAC
Layer Repeater Address • Physical Topology,
• defines direction of
transmission,
• Node-to-Node delivery
Data Link • Logic link control
IEEE 802.2, IEEE
MAC
Layer Bridge • Access control 802.11, Token Ring,
Address
PPP
• Error control
• Flow control
• Logical Addressing
Network IP • Routing IP, IPv6, ICMP,
Router
Layer address IGMP, ARP, RARP
• Datagram encapsulation,
fragmentation & reassembling
• End to End transmission
• Process level addressing

Transport Port • Segmentation

Gateway TCP, UDP
Layer Address • Multiplexing/Demultiplexing
• Congestion control
• Flow Control
Session • Session Establishment Sockets, RPC,
Layer • Management and termination NetBIOS
• Data translation
Presentation
• Compression SSL, MIME
Layer
• Encryption
DNS, BOOTP, DHCP,
Application SNMP, FTP, TFTP,
Layer
• User application services SMTP, HTTP, Telnet,
IMAP, POP3

1.2. Advantages of OSI:

• It is a generic model and acts as a guidance tool to develop any network model.
• It is a layered model. Changes are one layer do not affect other layers, provided that
the interfaces between the layers do not change drastically.
• It distinctly separates services, interfaces, and protocols. Hence, it is flexible in nature.
Protocols in each layer can be replaced very conveniently depending upon the nature
of the network.
• It supports both connection-oriented services and connectionless services.

4
Page 4
www.gradeup.co

1.3. Disadvantages of OSI:

• It is purely a theoretical model that does not consider the availability of appropriate
technology. This restricts its practical implementation.
• The OSI model is very complex. The initial implementation was cumbersome, slow and
costly.
• Though there are many layers, some of the layers like the session layer and
presentation layer have very little functionality when practically deployed.
• There is a duplication of services in various layers. Services like addressing, flow
control and error control are offered by multiple layers.
• The OSI model did not meet the practical needs as well as the TCP/IP model. So, it
was labelled as inferior quality.
1.4. TCP/IP Model:
• The TCP/IP model was developed prior to the OSI model.
• The TCP/IP model consists of five layers: the application layer, transport layer, network
layer, data link layer and physical layer.
• The first four layers provide physical standards, network interface, internetworking,
and transport functions that correspond to the first four layers of the OSI model and
these four layers are represented in TCP/IP model by a single layer called the
application layer.
• TCP/IP is a hierarchical protocol made up of interactive modules, and each of them
provides specific functionality.
Here, hierarchical means that each upper-layer protocol is supported by two or more
lower-level protocols.

5
Page 5
www.gradeup.co

• The application layer provides applications with standardized data exchange. Its
protocols include the HTTP (Hyper Text Transfer protocol) , FTP (File Transfer Protocol),
Post Office Protocol 3 (POP3), Simple Mail Transfer Protocol (SMTP) and Simple
Network Management Protocol (SNMP), TELNET (TERminal NETwork). At the
application layer, the payload is the actual application data.
• The transport layer is responsible for maintaining end-to-end communications
across the network. TCP handles communications between hosts and provides flow
control, multiplexing and reliability. The transport protocols include (TCP) and User
Datagram Protocol (UDP), which is sometimes used instead of TCP for special purposes
• The network layer, also called the internet layer, deals with packets and connects
independent networks to transport the packets across network boundaries. The
network layer protocols are the IP and the Internet Control Message Protocol (ICMP),
which is used for error reporting.
• The physical layer, also known as the network interface layer or data link layer,
consists of protocols that operate only on a link -- the network component that
interconnects nodes or hosts in the network. The protocols in this lowest layer
include Ethernet for local area networks (LANs) and the Address Resolution Protocol
(ARP).

Protocols

Application Layer

HTTP Hyper Text Transfer protocol

FTP File Transfer Protocol

POP3 Post Office Protocol 3

SMTP Simple Mail Transfer Protocol

SNMP Simple Network Management Protocol

TELNET Terminal Network

DNS Domain Name System

TFTP Trivial File Transfer Protocol (TFTP)

NFC Near Field Communication

RPC Remote Procedure Call

Transport Layer

TCP Transmission Control Protocol

UDP User Datagram Protocol

6
Page 6
www.gradeup.co

Network Layer

ICMP Internet Control Message Protocol

IGMP Internet Group Management Protocol

ARP Address Resolution Protocol

RARP Reverse Address Resolution Protocol

LSR Link State Routing

OSB Open shortest path first

1.5. Importance of TCP/IP:

TCP/IP is non-proprietary and, as a result, is not controlled by any single company.
Therefore, the Internet Protocol suite can be modified easily. It is compatible with all
operating systems, so it can communicate with any other system. The Internet Protocol
suite is also compatible with all types of computer hardware and networks
TCP/IP is highly scalable and, as a routable protocol, can determine the most efficient
path through the network. It is widely used in current internet architecture.

****

7
Page 7
www.gradeup.co

8
Page 8
www.gradeup.co

1
Page 9
www.gradeup.co

COMPUTER NETWORKS

2 PHYSICAL LAYER

2. LAN TECHNOLOGIES

Local Area Network (LAN) is a data communications network connecting terminals, computers,
and printers within a building or other geographically limited areas. These devices could be
connected through wired cables or wireless links. The LAN technology will assist the devices on
the network communicate with each other
LAN Protocols function at the lowest two layers of the OSI reference model between the physical
layer and the data link layer.
2.1. Data Flow
Communication between two devices can be either simplex, half duplex or full duplex.
a. Simplex Transmission: Only one can transmit the data whereas other can only
receive the data.

b. Half duplex transmission: Both can transmit the data but only one can transmit at
a time.

c. Full Duplex Transmission: Both stations can transmit and receive data
simultaneously.

d. Full Full Duplex: A station can send and receive at the same time but from different
nodes i.e. if A is sending to B and B is sending to C and C is sending to A.
eg: Conference Communication.

2
Page 10
www.gradeup.co

2.2. Topologies

The term physical topology refers to the way in which a network is laid out physically.

Two or more devices connect to a link; two or more links form a topology. The topology

of a network is the geometric representation of the relationship of all the links and linking

devices (usually called nodes) to one another. There are four basic topologies possible:

mesh, star, bus, ring.

2.2.1. Bus Topology:

Bus topology is a network type in which every computer and network device is connected

to single cable. When it has exactly two endpoints, then it is called Linear Bus topology.

2.2.2. Mesh Topology:

It is a point-to-point connection to other nodes or devices. All the network nodes are

connected to each other. Mesh has n(n-1)/2 physical channels to link n devices.

3
Page 11
www.gradeup.co

2.2.3. Star Topology:

In this type of topology all the computers are connected to a single hub through a cable.
This hub is the central node and all others nodes are connected to the central node.

2.2.4. Ring topology:

It is called ring topology because it forms a ring as each computer is connected to another
computer, with the last one connected to the first. Exactly two neighbours for each device.

2.3. Networking Devices

2.3.1. Repeater
A repeater operates at the physical layer. Its job is to regenerate the signal over the
same network before the signal becomes too weak or corrupted so as to extend the length
to which the signal can be transmitted over the same network. An important point to be
noted about repeaters is that they do not amplify the signal. It is a two-port device.
2.3.2. Hub
A hub is basically a multiport repeater. A hub connects multiple wires coming from
different branches, for example, the connector in star topology which connects different
stations. Hubs cannot filter data, so data packets are sent to all connected devices. In
other words, collision domain of all hosts connected through Hub remains one

4
Page 12
www.gradeup.co

2.3.3. Bridge
A bridge operates at data link layer. A bridge is a repeater, with add on the functionality
of filtering content by reading the MAC addresses of source and destination. It is also
used for interconnecting two LANs working on the same protocol. It has a single input
and single output port, thus making it a two-port device.
2.3.4. Switch
A switch is a multiport bridge with a buffer and a design that can boost its efficiency
(many ports imply less traffic) and performance. A switch is a data link layer device. In
other words, switch divides collision domain of hosts, but broadcast domain remains
same.
2.3.5. Router
A router is a hardware component used to interconnect networks. Routers are devices
whose primary purpose is to connect two or more networks and to filter network signals
so that only desired information travels between them. Routers are much more powerful
than bridges.
• A router has interfaces on multiple networks
• Networks can use different technologies
• A router forwards packets between networks
• Transforms packets as necessary to meet standards for each network
Two key router functions of Router:
• Run routing algorithms/protocol (RIP, OSPF, BGP)
• Forwarding datagrams from incoming to outgoing link.
2.3.6. Gateway
A gateway, as the name suggests, is a passage to connect two networks together that
may work upon different networking models. They basically work as the messenger
agents that take data from one system, interpret it, and transfer it to another system.
Gateways are also called protocol converters and can operate at any network layer.
Gateways are generally more complex than switch or router.
2.4. IEEE Standards
• IEEE 802.1: Standards related to network management.
• IEEE 802.2: Standard for the data link layer in the OSI Reference Model
• IEEE 802.3: Standard for the MAC layer for bus networks that use CSMA/CD. (Ethernet
standard)
• IEEE 802.4: Standard for the MAC layer for bus networks that use a token-passing
mechanism (token bus networks).
• IEEE 802.5: Standard for the MAC layer for token-ring networks.
• IEEE 802.6: Standard for Metropolitan Area Networks (MANs).

5
Page 13
www.gradeup.co

2.4.1. IEEE 802.3 standard (Ethernet)

An Ethernet frame is a piece of data along with the information that is required to
transport and deliver that piece of data. In networking reference models, such as; OSI
Seven Layers model and TCP/IP, the Ethernet frame is defined in the Data link layer.
Maximum 802.3 frame size is 1518 bytes and the minimum size is 64 bytes.

• Preamble: It contains 7 bytes of alternating 0s and 1s that alert the receiving system
to the coming frame and enable it to synchronize its input timing.
• Start frame delimiter: This field tells the receiver that everything that follows is data,
starting with the addresses.
• Destination address: This field is allotted 6 bytes or 48 bits and contains the physical
address of the packets next destination.
• Source address: This field is allotted 2-6 bytes and contains the physical address of
the last device to forward the packet.
• Length/type of PDU: This field is allotted 2 bytes, indicates the number of bytes in
the coming PDU. Specifies the number of LLC data bytes.
• PAD: Zeros added to the data field to 'Pad out' a short data field to 46 bytes.
• Data: Actual data which is allowed anywhere between 46 to 1500 bytes within one
frame.
• FCS: Frame Check Sequence to detect errors that occur during transmission.
Ethernet Specifications:
Ethernet
Characteristic IEEE 802.3 Values
value
10Base-
10Base 5 10Base2 10BaseT 10BaseF 100BaseT4
TX
Data rate
10 10 10 10 10 100 100
(Mbps)
Signaling
Baseband Baseband Baseband Baseband Baseband Baseband Baseband
method
Maximum
segment length 500 500 185 100 2,000 100 100
(m)
50-ohm 50-ohm 50-ohm Unshielded Unshielded
Fiber- Cat 5
Media coax coax coax twisted-pair twisted-pair
optic UTP
(thick) (thick) (thin) cable cable
Nodes/segment 100 100 30 1024 1024
Point-to-
Topology Bus Bus Bus Star Bus Bus
point
2.4.2 IEEE 802.5 standard (Token Ring)
IEEE 802.5 standard is token ring. In token ring, each station may transmit only during
its turn and may send only one frame during each turn. The mechanism that coordinates
this rotation is called token passing.

6
Page 14
www.gradeup.co

2.5. Wireless Network

A wireless network enables people to communicate and access applications and
information without wires. This provides freedom of movement and the ability to extend
applications to different parts of a building, city, or nearly anywhere in the world. Wireless
networks allow people to interact with e-mail or browse the Internet from a location that
they prefer.
Mobile extension
Within a building or IEEE 802.11, Wi-Fi,
Wireless LAN of wired
campus and HiperLAN
networks
Fixed wireless
Proprietary, IEEE between homes
Wireless MAN Within a city
802.16, and WIMAX and businesses
and the Internet
CDPD and Cellular Mobile access to
Wireless WAN Worldwide 2G, 2.5G, and 3G the Internet from
outdoor areas

2.5.1. Types of Wireless Networks:

a. Second Generation (2G) technology:
• It is based on the technology known as global system for mobile communication or
GSM.
• It enabled various networks to provide services like text messages, picture messages
and MMS.
• In 2G all text messages are digitally encrypted due to which only the intended receiver
receives message. These digital signals consume less battery power, so it helps in
saving the battery of mobiles.
• The technologies used in 2G are either TDMA (Time Division Multiple Access) which
divides signal into different time slots or CDMA (Code Division Multiple Access) which
allocates a special code to each user so as to communicate over a multiplex physical
channel.
• 2G technology uses a broad range of frequencies in both upper and lower bands, under
which the transmission depends on conditions such as weather.
b. Third Generation (3G) technology:
• 3G technology generally refers to the standard of accessibility and speed of mobile
devices.
• The standards of the technology were set by the International Telecommunication
Union (ITU).
• It enables use of various services like GPS (Global Positioning System), mobile
television and video conferencing. It not only enables them to be used worldwide, but
also provides with better bandwidth and increased speed.
• 3G technology offers a high level of security as compared to 2G.

7
Page 15
www.gradeup.co

c. Bluetooth:
• Bluetooth is an open wireless technology standard for transmitting fixed and mobile
electronic device data over short distances.
• Bluetooth communicates with a variety of electronic devices and creates personal
networks operating within the unlicensed 2.4 GHz band.
• Bluetooth is that when the device is within the scope of another devices automatically
start the transfer information. A small network between the devices is created and the
user can access as if there were cables.
802.11 Wireless Standards
IEEE Standard 802.11a 802.11b 802.11g 802.11n 802.11ac
Year Adopted 1999 1999 2003 2009 2014
Frequency 5GHz 2.4 GHz 2.4 GHz 2.4/5 GHz 5 GHz
Max. Data Rate 54 Mbps 11 Mbps 54 Mbps 600 Mbps 1 Gbps
Typical Range
100 ft. 100 ft. 125 ft. 225 ft. 90 ft.
Indoors*
Typical Range
400 ft. 450 ft. 450 ft. 825 ft. 1,000 ft.
Outdoors*

2.6. Network delay:

Network delay refers to the amount of time it takes for a packet to go from point A to
point B. If Point A is the source and point B is the destination, then the delay is called an
end to end delay.
The types of delays encountered in a packet-switched network are:
2.6.1. Propagation delay:
Propagation delay is the time that it takes for a bit to reach from one end of a link to the
other. The delay depends on the distance (DDD) between the sender and the receiver,
and the propagation speed (SSS) of the wave signal. It is calculated as:
𝐷
𝑆
2.6.2. Transmission delay
Transmission delay refers to the time it takes to transmit a data packet onto the outgoing
link. The delay is determined by the size of the packet and the capacity of the outgoing
link. If a packet consists of LLL bits and the link has a capacity of BBB bits per second,
then the transmission delay is equal to:
𝐿
𝑆
2.6.3. Queuing delay
Queuing delay refers to the time that a packet waits to be processed in the buffer of a
switch. The delay is dependent on the arrival rate of the incoming packets, the
transmission capacity of the outgoing link, and the nature of the network’s traffic.
2.6.4. Processing delay
Processing delay is the time taken by a switch to process the packet header. The delay
depends on the processing speed of the switch.
****

8
Page 16
www.gradeup.co

9
Page 17
www.gradeup.co

1
Page 18
www.gradeup.co

COMPUTER NETWORKS

3 DATA LINK LAYER

3. DATA LINK LAYER

• In the OSI model, the data link layer is a 2nd layer.

• The communication in the data link layer is node to node. The data unit from one point in
the internet needs to pass through many networks (LANs and WANs) to reach other points.
• The main responsibility of the Data Link Layer is to transfer the datagram across an
individual link.
• The Data link layer protocol defines the format of the packet exchanged across the nodes
as well as the actions such as Error detection, retransmission, flow control, and random
access.
• The Data Link Layer protocols are Ethernet, token ring, FDDI and PPP.
3.1. Services provided by Data Link Layer
a) Framing:
The data-link layer at each node needs to encapsulate the datagram (packet received
from the network layer) in a frame before sending it to the next node. The node also
needs to decapsulate the datagram from the frame received on the logical channel.
Different data-link layers have different formats for framing.
Bit Stuffing:
• Bit stuffing is the process of inserting noninformation bits into data to break up bit
patterns to affect the synchronous transmission of information.
• A bit is used to stuff in between the characters to reduce the size of stuffing.
• In order to fill bit frames, the position where the new bits are stuffed is communicated
to the receiving end of the data link.
• The receiver removes the extra bits to return the bit streams to their original bit rate.
This is used when a communication protocol requires a fixed frame size. Bits are
inserted to make the frame size equal to the defined frame size.
• Mostly flag is a special 8-bit pattern “01111110” used to define the beginning and the
end of the frame.
• If flag is given as data then, stuff 0 after five 1’s (if flag is 01111110) to differentiate
it from start and end flag.

2
Page 19
www.gradeup.co

b) Flow Control:
The sending data-link layer at the end of a link is a producer of frames, the receiving
data-link layer at the other end of a link is a consumer. If the rate of produced frames is
higher than the rate of consumed frames, frames at the receiving end need to be buffered
while waiting to be consumed (processed). To overcome this problem, the data link layer
uses the flow control to prevent the sending node on one side of the link from
overwhelming the receiving node on another side of the link.
c) Error Control:
At the sending node, a frame in a data-link layer needs to be changed to bits, transformed
to electromagnetic signals and transmitted through the transmission media. At the
receiving node, electromagnetic signals are received, transformed to bits, and put
together to create a frame. Since electromagnetic signals are susceptible to error, a frame
is susceptible to error. The error needs first to be detected. After detection, it needs to
be either corrected at the receiver node or discarded and retransmitted by the sending
node.
d) Reliable Delivery:
Data Link Layer provides a reliable delivery service, i.e., transmits the network layer
datagram without any error. A reliable delivery service is accomplished with transmissions
and acknowledgements. A data link layer mainly provides the reliable delivery service
over the links as they have higher error rates and they can be corrected locally, link at
which an error occurs rather than forcing to retransmit the data.
3.2. MAC Address
A media access control address is a unique identifier assigned to a network interface
controller for use as a network address in communications within a network segment
MAC Addresses are represented by using 48-bits (12 hexadecimal digits separated by
colons).
Types of MAC Address
a. Unicast MAC Address: Each host or each interface of a router is assigned a unicast
address. A frame with a unicast address destination is destined for one entity in the link.
If the last bit of first octet is 0, then it is said to be unicast.
A2 : 56 : 78 : 23 : 90 : F1
b. Multicast Address: One to many communications. If the last bit of first octet is 1,
then it is said to be multicast.
A3 : 56 : 78 : 23 : 90 : F1
c. Broadcast: Transmitting data from one source host to all other hosts residing in the
same or other network is called as broadcast. All the bits are 1 then it is said to be
broadcast.
FF: FF : FF : FF : FF : FF

3
Page 20
www.gradeup.co

3.3. Error Control Policies

3.3.1. Error Detection:
When data is transmitted from one device to another device, the system does not
guarantee whether the data received by the device is identical to the data transmitted by
another device. An Error is a situation when the message received at the receiver end is
not identical to the message transmitted.
The receiver can detect a change in the original codeword:
(1) The receiver has a list of valid codewords.
(2) The original codeword has changed to an invalid one.
Types of Error:
Errors can be classified into two categories:
• Single-Bit Error: The term single-bit error means that only 1 bit of a given data unit
(such as a byte, character, or packet) is changed from 1 to 0 or from 0 to 1.
• Burst Error: The term burst error means that two or more bits in the data unit have
changed from 1 to 0 or from 0 to 1.
Error detecting Techniques:
i. Parity Check:
• Single Parity checking is the simple mechanism and inexpensive to detect the errors.
• In this technique, a redundant bit is also known as a parity bit which is appended at
the end of the data unit so that the number of 1s becomes even. Therefore, the total
number of transmitted bits would be 9 bits.
• If the number of 1s bits is odd, then parity bit 1 is appended and if the number of 1s
bits is even, then parity bit 0 is appended at the end of the data unit.
• At the receiving end, the parity bit is calculated from the received data bits and
compared with the received parity bit.
• This technique generates the total number of 1s even, so it is known as even-parity
checking.

4
Page 21
www.gradeup.co

Drawbacks of Single Parity Checking

• It can only detect single-bit errors which are very rare.
• If two bits are interchanged, then it cannot detect the errors.
ii. Checksum:
• Checksum is an error-detecting technique that can be applied to a message of any
length.
• In the Internet, the checksum technique is mostly used at the network and transport
layer rather than the data-link layer.
• Checksum is an error detection technique based on the concept of redundancy.

Data + Checksum Bits = Codeword.

Sender Side Receiver Side

• The block unit is divided into k sections, and

• The block unit is divided into k sections and each
each of n bits.
of n bits.
• All the k sections are added together by
• All the k sections are added together by using
using one's complement to get the sum.
one's complement algorithm to get the sum.
• The sum is complemented, and it becomes
• The sum is complemented.
the checksum field.
• If the result of the sum is zero, then the data is
• The original data and checksum field are
accepted otherwise the data is discarded.
sent across the network.

Note:
• Consider while adding the m bit segments, the result obtained consists of more than
m bits.
• Then, wrap around the extra bits and add to the result so that checksum value consists
of m bits.
iii. Cyclic Redundancy Check (CRC)
• In CRC technique, a string of n-1 0s is appended to the data unit, where n is the
number of divisor bits.
• CRC divisor is also called as CRC generator.
• The newly extended data is divided by a divisor using a process is known as binary
division. The remainder generated from this division is known as CRC remainder also
known as syndrome.
• The syndrome replaces the appended 0s at the end of the original data. This newly
generated unit is sent to the receiver.
• The receiver receives the data followed by the Syndrome.
• The receiver treats this whole unit as a single unit, and it is divided by the same divisor
that was used to find the syndrome.

5
Page 22
www.gradeup.co

RESULT:
• If syndrome is 0 the there is no error and the data is accepted.
• If syndrome is not equal to 0 then there’s an error present so data is rejected.
Example:
Let original data is 111001 and divisor is 1001.
So, as divisor is 4 bit
∴ 3-buts are appended in the data i.e. 111001000 and the resultant is divided by 1001.
Senders End:

Add this syndrome in place of appended bits and send the data across the network i.e.
111001110.
Receiver’s End:

6
Page 23
www.gradeup.co

CRC Rules:
• CRC generator does not contain x or multiple of x.
• “X+1” calculates odd number of errors i.e. if “X+1” is the generator then it can detect
odd number of errors.
• CRC can detect all single-bit errors
• CRC can detect all double-bit errors provided the divisor contains at least three logic
1’s.
• CRC 32 is a standard for detecting all types of errors (i.e. odd, even, vertical bit errors).
3.3.2. Error Correction:
For correcting the errors, one must know the exact position of the error. For example, if
you want to calculate a single-bit error, the error correction code will determine which
one of the seven bits has an error. To achieve this, some additional redundant bits are
added.
Hamming Code:

Data + Parity Bits = Codeword

Parity bits: The bit which is appended to the original data of binary bits so that the total
number of 1s is even or odd.
Even parity: To check for even parity, if the total number of 1s is even, then the value
of the parity bit is 0. If the total number of 1s occurrences is odd, then the value of the
parity bit is 1.
Odd Parity: To check for odd parity, if the total number of 1s is even, then the value of
parity bit is 1. If the total number of 1s is odd, then the value of parity bit is 0.
To calculate the number of Parity Bits we have:

2r>=d+r+1, where m are the message bits &

r are the parity bits

Parity Bits are always placed in the powers of 2 position.

Drawback: It will only correct single bit errors.
Example:
Let Data = 10101011
then, 2r ≥ m + r + 1
where m = message bit i.e. 8
r = parity bits.
Senders Side
Using trial and error.
24 > 8 + 4 + 1
16 > 13
∴ parity bits, x = 4

7
Page 24
www.gradeup.co

As parity bits are always placed in power of 2 position. i.e., 20 , 21 , 22, 23. So parity bits
will be placed in positions 1, 2, 4 & 8.
P1 P2 1 P4 0 1 0 P8 1 0 1 1
1 2 3 4 5 6 7 8 9 10 11 12
To calculate P1 : Start with position 1 and leave the next position i.e., 1, 3, 5, 7, 9, 11
and check for even parity for the value of P 1.
P1 : 1 3 5 7 9 11
1 1 0 0 1 1
As number of 1’s are add so for even parity P1 = 1
∴ P1 = 1
To calculate P2 : Start with position 2 and take 2 position and leave 2 position i.e., 2,
3, 6, 7, 10, 11.
P2 : 2 3 6 7 10 11
1 1 1 0 0 1
∴ P2 = 1 because number of 1 are even.
P4 : 4 5 6 7 12
0 0 1 0 1
∴ P4 = 0
P8 : 8 9 10 11 12
1 1 0 1 1
∴ P8 = 1
Codeword

Receiver’s side :
Received Codeword : 111001011111
Received parities :
P1 = 1, P2 = 1, P4 = 0 , P8 = 1
So,
P1 P2 1 P4 0 1 0 P8 1 1 1 1
1 2 3 4 5 6 7 8 9 10 11 12
P1 : 1 3 5 7 9
1 1 0 0 1
∴ P1 = 1

8
Page 25
www.gradeup.co

P2 : 2 3 6 7 10 11
0 1 1 0 1 1
∴ P2 = 0 , Wrong because received P2 = 1
P4 : 4 5 6 7 12
0 0 1 0 1
∴ P4 = 0
P8 : 8 9 10 11 12
0 1 1 1 1
∴ P8 = 0, error because received P8 = 1
As we have error at parity 2 and 8
So, 2 + 8 = 10
∴ error at position 10.
Corrected codeword = 111001011011
Hamming Distance:
• The number of bits that vary between two codewords.
Example: in 1110 and 1100 the hamming distance is 2.
• If different hamming distances are present, then take the minimum hamming distance.
• To detect “d” errors the minimum hamming distance is (d+1)
• To correct “d” errors the minimum hamming distance is (2d+1)
3.4. Flow Control Policies

3.4.1. Stop and Wait

• In the Stop-and-wait method, the sender waits for an acknowledgement after every
frame it sends.

9
Page 26
www.gradeup.co

• When acknowledgement is received, then only next frame is sent. The process of
alternately sending and waiting of a frame continues until the sender transmits the
EOT (End of transmission) frame.
Advantage of Stop-and-wait
The Stop-and-wait method is simple as each frame is checked and acknowledged before
the next frame is sent.
Disadvantage of Stop-and-wait
Stop-and-wait technique is inefficient to use as each frame must travel across all the way
to the receiver, and an acknowledgement travels all the way before the next frame is
sent. Each frame sent and received uses the entire time needed to traverse the link.

3.4.2. Stop and Wait ARQ

Stop and wait ARQ is a one-bit sliding window protocol where:
Sender window size = 1
Receiver window size = 1
Thus, in stop and wait ARQ,
Minimum number of sequence numbers required
= Sender Window Size + Receiver Window Size
= 1+1
=2
• The two sequence numbers used are 0 and 1.
• Once the data reaches to the receiver, sequence number of the data that is sent by
the sender is compared with the receivers sequence number.
• If the sequence number matches then the data will be accepted and the recivers
window will slide with 1-bit.
• The achnowledgement number will always be sequence number of next data that will
be accepted, and the senders window will slide with 1-bit.
• A timer is started as soon as data is sent.

10
Page 27
www.gradeup.co

• Once the data is lost there is no acknowledgement received from the receiver, so the
timer expires, and the sender resends the data.
• When the data reaches the receiver safely, but acknowledgement is not received by
the sender then automatically the timer will expire.
• The sender will resend the data but with the new data a different sequence number
will be sent which won’t match the receivers sequence number, so the receiver will
send the previous ACK as a reply.
3.4.3. Go-Back N ARQ
In Go back N,
Sender window size = N. Example in Go back 10, sender window size will be 10.
• Receiver window size is always 1 for any value of N.
• Go back N uses cumulative acknowledgements as well as individual acknowledgement.
• Go back N does not accept out of order frames and silently discards them.
• Go back N leads to retransmission of entire window if for any frame, no ACK is received
by the sender.

• If sender window size is m then number of

sequence bits is log 2 (1 + m)
• Sender window size < 2m

3.4.4. Selective Repeat ARQ

In Selective Repeat protocol,
Sender window size = Receiver window size
• The size is of course greater than 1 otherwise the protocol will become Stop and Wait
ARQ.
• If m bits are available for sequence numbers, then:
•
Sender window size = Receiver window size = 2 m/2 = 2m-1
N+1
• Maximum size of sender’s window if sequence number is ‘N’ = ( )
2

• Selective Repeat protocol uses independent acknowledgements only.

• Selective Repeat protocol accepts the out of order frames.
3.5. Efficiency Formula

( Transmission delay )packet

Efficiency ( ) =
( Transmission delay )packet + 2  Propagation delay
OR

Tt
Efficiency ( ) =
Tt = 2Tp

11
Page 28
www.gradeup.co

Stop and Wait:

1
Efficiency ( ) =
 Tp 
1 + 2 
T
 t 

OR

1  Tp 
Efficiency ( ) = , where a =  
1 + 2a  Tt 

Go-Back N ARQ:
Sender Window Size in Protocol
Efficiency =
1 + 2a

Selective Repeat ARQ:

Sender Window Size in Protocol
Efficiency =
1 + 2a

3.6. Access Control

3.6.1. CSMA/CD:
• It stands for Carrier Sense Multiple Access / Collision Detection.
• In wireless LAN, every node has its own shared channel unlike in wired LAN where
there is a single shared channel for all the nodes.
Working:
Step 1: Any station willing to transmit the data senses the carrier.
If it finds the carrier free, it starts transmitting its data packet otherwise not.
Step 2: In CSMA / CD,
• It is the responsibility of the transmitting station to detect the collision.
• For detecting the collision, CSMA / CD implements the following condition.
• This condition is followed by each station-

Transmission delay ≥ 2 x Propagation delay

12
Page 29
www.gradeup.co

NOTE:
Binary exponential back-off algorithm is used in CSMA/CD

3.7. Framing
The data-link layer at each node needs to encapsulate the datagram (packet received
from the network layer) in a frame before sending it to the next node. The node also
needs to decapsulate the datagram from the frame received on the logical channel.
Different data-link layers have different formats for framing.
3.7.1. Character Count Method:
• The first field in the frame’s header represents the length of the frame.
• When the data link layer at the destination sees the character count, it knows how
many characters follow and hence where the end of the frame is.
• If noise modifies the data, CRC can find out the error easily.
• If noise modifies the count values both sender and receiver are out of synchronization.

3.7.2. Bit Stuffing

• Bit stuffing is the process of inserting noninformation bits into data to break up bit
patterns to affect the synchronous transmission of information.
• A bit is used to stuff in between the characters to reduce the size of stuffing.

13
Page 30
www.gradeup.co

• In order to fill bit frames, the position where the new bits are stuffed is communicated
to the receiving end of the data link.
• The receiver removes the extra bits to return the bit streams to their original bit rate.
This is used when a communication protocol requires a fixed frame size. Bits are
inserted to make the frame size equal to the defined frame size.
• Mostly flag is a special 8-bit pattern “01111110” used to define the beginning and the
end of the frame.
• If flag is given as data then, stuff 0 after five 1’s (if flag is 01111110) to differentiate
it from start and end flag.

3.7.3. Character Stuffing:

• It is same as bit-stuffing but operates on bytes instead of bits.
• It uses reserved bits called flag to represent the start and end of the frame.
• If flag is itself present in the data, then ESC is used to distinguish flag from start and
end flag.
• If noise modifies the data, then CRC detects it.
• If noise modifies the flag, then receiver does not accept it.
Example:
Data= XY
Senders data link layer = FlagXYFlag
Example:
Data = XFlagY
Senders data link layer = FlagXESCFlagYFlag

****

14
Page 31
www.gradeup.co

15
Page 32
www.gradeup.co

1
Page 33
www.gradeup.co

COMPUTER NETWORKS

4 NETWORK LAYER

4. NETWORK LAYER

• The Network Layer is the third layer of the OSI model.

• the network layer's primary function is to move data into and through other networks i.e.
moving the packets from sending host to the receiving host.
• It handles the service requests from the transport layer and further forwards the service
request to the data link layer.
• The network layer translates the logical addresses into physical addresses
• The network layer relies on the Internet Control Message Protocol (ICMP) for error handling
and diagnostics to ensure packets are sent correctly.
• It determines the route from the source to the destination and manages the traffic problems
such as switching, routing and controls the congestion of data packets.
The main functions performed by the network layer are:
Routing: When a packet reaches the router's input link, the router will move the packets to
the router's output link. For example, a packet from P1 to R1 must be forwarded to the next
router on the path to P2.
Logical Addressing: The data link layer implements the physical addressing and network
layer implements the logical addressing. Logical addressing is also used to distinguish between
source and destination system. The network layer adds a header to the packet which includes
the logical addresses of both the sender and the receiver.
Internetworking: This is the main role of the network layer that it provides the logical
connection between different types of networks.
Fragmentation: The fragmentation is a process of breaking the packets into the smallest
individual data units that travel through different networks.

Network Layer Protocols

ICMP Internet Control Message Protocol
IGMP Internet Group Management Protocol
ARP Address Resolution Protocol
RARP Reverse Address Resolution Protocol
LSR Link State Routing
OSPF Open shortest path first

2
Page 34
www.gradeup.co

4.1. IPv4:
• Source and destination addresses are 32 bits (4 bytes) in length allowing it to store
232 addresses.
• Connectionless Protocol.
• Allow creating a simple virtual communication layer over diversified devices.
• It requires less memory, and ease of remembering addresses.
• Already supported protocol by millions of devices.
• Offers video libraries and conferences.
• Identification of packet flow for QoS handling by routers is absent within the IPv4
header.
• Fragmentation is performed by both routers and the sending host.
• The header includes a checksum.
• The header includes options.
• Address Resolution Protocol (ARP) uses broadcast ARP request frames to resolve an
IPv4 address to a link-layer address.
• Internet Group Management Protocol (IGMP) is used to manage local subnet group
membership.
• ICMP router discovery is used to determine the IPv4 address of the best default
gateway and is optional.

Version: The first header field is a 4-bit version indicator. In the case of IPv4, the value
of its four bits is set to 0100 which indicates 4 in binary.
Header Length: This header component is used to show how many 32-bit words are
present in the header. This size can be between 20 bytes to 60 bytes.
Type of Service: ToS is also called Differentiated Services Code Point or DSCP. This field
is used to provide features related to the quality of service such as for data streaming or
Voice over IP (VoIP) calls. It is used to specific how a datagram will be handled.
Total Length: Size of this field is 16 bit and it is used to denote the size of the entire
datagram. The minimum size of an IP datagram is 20 bytes and at the maximum, it can

3
Page 35
www.gradeup.co

be 65,535 bytes. Practically, all hosts are required to be able to read 576-byte datagrams.
If a datagram is too large for the hosts in the network, fragmentation is used which is
handled in the host or packet switch.
Identification: Identification or ID field in a packet is used to uniquely identify fragments
of an IP datagram. Some have suggested using this field for other things such as adding
information for packet tracing etc.
Flags: flag in an IPv4 header is a three-bit field that is used to control and identify
fragments. The following can be their possible configuration:
Bit 0: this is reserved and must be set to zero
Bit 1: DF or do not fragment
Bit 2: MF or more fragments.
Fragment Offset: This field is 13 bit long in length and it is measured by blocks that
units of 8-byte blocks. As you can expect, the first offset of a fragment is always set to
zero.
Time to live: Time to live (or TTL in short) is an 8-bit field to indicate the maximum time
the datagram will be live in the internet system. TTL can be between 0 – 255.
Protocol: This is a filed in the IPv4 header reserved to denote which protocol is used in
the later (data) portion of the datagram.
The checksum of the header: The checksum field is of 16-bit length and it is used to
check the header for any errors. The header is compared to the value of its checksum at
each hop and in case the header checksum is not matching, the packet is discarded.
Source Address: It is a 32-bit address of the source of the IPv4 packet.
Destination Address: the destination address is also 32 bit in size and it contains the
address of the receiver.
Options: This is an optional field of IPv4 header. It is used only when the value of IHL is
set to more than 5. In many cases, you will find that the list of options component ends
with an End of Options or EOL.
4.2. IPv6: It is a newer numbering system that provides a much larger address pool than
IPv4.
• Hierarchical addressing and routing infrastructure
• Stateful and Stateless configuration
• Support for quality of service (QoS)
• An ideal protocol for neighbouring node interaction
• Address Size: 128 bits
• Address Format: Hexadecimal Notation: 3FFE:F200:0234:AB00:
0123:4567:8901:ABCD
• Number of Addresses: 2128 (4.2 billion)

4
Page 36
www.gradeup.co

• IPv6 header is the double, it has 40 bytes

• IPv6 header has fewer fields, it has 8 fields.
• It is classless.
• It uses a prefix and an Identifier ID known as IPv4 network
• It uses a prefix length.
• It has a built-in strong security (Encryption and Authentication)

4.3. IPv4 vs IPv6

IPv4 IPv6

It is 32-Bit IP address It is 128-Bit IP address

IPv6 is an alphanumeric addressing
IPv4 is a numeric addressing method
method.
It offers 12 header fields. It offers 8 header fields.

Here bits are separated by a dot (.) Here bits are separated by a colon (:).

Supports broadcast Does not support broadcast.

IPv4 has checksum field. IPv6 does not have checksum field.
IPv4 offers five different classes of IP lPv6 allows storing an unlimited number of
Address. Class A to E. IP Address.

4.4. IP Addressing
• IP Address stands for Internet Protocol Address.
• It is a numeric identity of an interface. Just like a postal address provides a unique
identity to a house, an IP address provides a unique identity to an interface.
• Computing devices use IP Address to identify and communicate with other devices in
the IP network.

5
Page 37
www.gradeup.co

Physical address:
• Any device connected in a network contains a 48-bit address called the MAC address
• It is also known as MAC address, NIC address, LAN card address, Ethernet Address,
implicit address.
• The scope of physical address is local.
IP address are of following types:

1. Static IP Address:
• Static IP Address is an IP Address that once assigned to a network element always
remains the same.
• They are configured manually.
2. Dynamic IP address:
• Dynamic IP Address is a temporarily assigned IP Address to a network element.
• It can be assigned to a different device if it is not in use.
IP address Supports 2- level hierarchy.

1. Host : Whenever the computer is assigned an IP address it is treated as a host.

2. Net-id: Entering LAN network will be represented by a number known as net id.
4.5. Representation of IP Address
• IP Address is a 32 bit binary address written as 4 8-bit numbers separated by dots.
• The 4 numbers are called octets.
• The octets are divided into 2 components- Net ID and Host ID.
There are two ways to represent IP Address:
(i) Binary Notation:
10101111 10101010 10101011 11110000
• It is system friendly but not user friendly.
• In binary notation first few bits will decide the type of class.
(ii) Dotted Decimal Notation:
41.89.69.118
• It is user friendly.
• In dotted decimal notation first octet will decide the type of class.
• The value of any segment (byte) is between 0 and 255 (both included).
• There are no zeros preceding the value in any segment (054 is wrong, 54 is correct).

6
Page 38
www.gradeup.co

4.6. IP Address classification

There are two systems in which IP Addresses are classified-

(CIDR)
4.6.1. Classful IP Addressing:
The classful IP Addressing is divided into 5 sub-classes:
• Class A
• Class B
• Class C
• Class D
• Class E
Classes A, B, C are used for unicasting. Class D is used for multicasting. Class E is used
for research purposes.
(a) Class A:
Class A identifier

0 (27 − 2)(224 − 2)
Net bits Host bits
(8–bits) (24 bits)

Range : 0 0000000 = 0
.
.
.
.
0 1111111 = 127
Here, Range is from (1 – 126)
Because, two addresses are excluded:
0.0.0 ⇒ DHCP client [Default address]
177.x.y.z ⇒ Loop back address
Example: 64.49.63.189 ⇒ Class A.
The higher order bit of the first octet in class A is always set to 0. The remaining 7 bits in
first octet are used to determine network ID. The 24 bits of host ID are used to determine
the host in any network. The default subnet mask for class A is 255.0.0.0.
• 27-2= 126 network ID
• 224– 2 = 16,777,214 host ID (the reason for subtracting 2 is explained later)

7
Page 39
www.gradeup.co

(b) Class B:
Class B identifier

10 (214 )(216 − 2)
Net-bits Host-bits
(8-bits) (16-bits)

Range : 10 000000 = 128

10 111111 = 191
∴ Range is (128 – 191)
Example: 140.89.99.113 ⇒ Class B
→ Class B continuous 214 networks in which each network will have (2 16 – 2) host
The higher order bits of the first octet of IP addresses of class B are always set to 10. The
remaining 14 bits are used to determine network ID. The 16 bits of host ID is used to
determine the host in any network. The default sub-net mask for class B is 255.255.0.0.
Class B has a total of:
• 214 = 16384 network address
• 216 – 2 = 65534 host address
(c) Class C:
Class C Identifier

21
110(2 ) (28 − 2)
Net-Id Host-Id
(24-bit) (8-bits)

Range : 110 00000 = 192

110 11111 = 223

∴ Range is (192 – 223)
Example: 194.89.69.119 ⇒ Class C
→ In class C there are 221 networks in which each network will have (28 – 2) hosts.
The higher order bits of the first octet of IP addresses of class C are always set to 110.
The remaining 21 bits are used to determine network ID. The 8 bits of host ID is used to
determine the host in any network. The default sub-net mask for class C is
255.255.255.0. Class C has a total of:
• 221 = 2097152 network address
• 28 – 2 = 254 host address
(d) Class D:
Class D Identifier

1110
No group because it
it is used for
multicasting

8
Page 40
www.gradeup.co

Range : 1110 0000 = 224

1110 1111 = 239

∴ Range is (224 – 239)
(e) Class E:
Class E Identifier

1111
After E there is no other class present
 We don' t require 0 to distinguish

Range : 1111 0000 = 240

1111 1111 = 255

∴ Range is (240 – 255)

Number of Number of
Class of IP Leading Total Number of
Range Networks Hosts per Default Mask
Address Bits IP Addresses
available network

Class A 0 231 1 – 126 27 – 2 224 – 2 255.0.0.0

128 –
Class B 10 230 214 216 – 2 255.255.0.0
191

192 –
Class C 110 229 221 28 – 2 255.255.255.0
223

224 –
Class D 1110 228 Not defined Not defined Not defined
239

240 –
Class E 1111 228 Not defined Not defined Not defined
254

Notes:
• All the hosts in the same network have same net-id but different host-id.
• IP Address of the network is obtained by setting all the bits for Host ID to zero.
• By performing Bitwise AND between IP Address and the network mask will give network
ID.
• We are subtracting 2 addresses in the number of hosts in the network because one is
used for Net-id and other one is used for DBA of the network.
Example:
IP = 201.99.89.118
Net lD =?
Solution:
To find the net-id take bitwise AND between IP Address and its subnet mask
As, 201.89.118 belong to class C

9
Page 41
www.gradeup.co

So, Subnet mask is 255.255.255.0

IP = 201.99.89.118 118 = 01110110

Mask = 225.255.255.0 0 = 00000000
Net-id = 201.99 .89 .0 0 = 00000000

∴ Net Id = 201.99.89.0

DBA = 201.99.89.255.
4.6.2. Classless IP Addressing:
• It is an improved IP addressing system.
• CIDR dynamically assigns a block of IP address based on certain rules.
• It is represented in terms of block
• A block is a group of IP Addresses.

The number of addresses of blocks = 232 – n , where n represents the mask

Notation: p.q.r.s / n , where p.q.r.s represents the IP Address and n represents the
mask.
a. Types of Casting:

• Unicast: Transmitting data from one source host to one destination host is called
as unicast.

It is a unicast packet within the network.

10
Page 42
 www.gradeup.co

It is a unicast packet between the networks because it is sending data only to

one host.
• Broadcast: Transmitting data from one source host to all other hosts residing in the
same or other network is called as broadcast.
Based on the recipient it is classified as:
a. Limited broadcast:
• Broadcasting within the network.
• Always used as destination IP address

b. Direct Broadcast: (DBA)

• Broadcasting outside the network.
• Always used as destination IP address
• For DBA of the network all the host bits are 1.

It is broadcast address on other networks because it is sending to all the hosts on the
other network
4.7. Private IP vs Public IP:

Private IP Address Public IP Address

Scope is local. Scope is Global.

It is used to communicate outside the
It is used to communicate within the network.
network.
It is used to get internet service
It works only in LAN.
Private IP addresses of the systems connected in a network Public IP may differ in uniform or non-
differ in a uniform manner. uniform manner.
It is used to load network operating system. It is controlled by ISP.

It is available in free of cost. It is chargeable.

• Range:
• 10.0.0.0 to 10.255.255.255 Besides private IP addresses, rest are
• 172.16.0.0 to 172.31.255.255 public.
• 192.168.0.0 to 192.168.255.255
Will not get internet service. Will get internet service.

11
Page 43
www.gradeup.co

4.8. Subnetting
• Dividing a network into small parts for effective utilization of IP addresses is known as
subnetting.
• The number of sub networks created depends upon the requirements.

4.9. Subnet Mask

It is a 32-bit number which is a sequence of 1’s followed by a sequence of 0’s
• 1’s represents the global network ID part and the subnet ID part.
• 0’s represents the host ID part.
• The number of 1’s in host are the subnets.
• For subnet ID host bits are 0’s.

Number of subnets = 2m – 2, where m is the number of subnet bits.

We are subtracting two addresses in number of subnets in each subnet because one is
used for net-id and other one is used for DBA of the network

Number of hosts = 2n – 2, where n is the number of hosts bits.

We are subtracting two addresses in number of hosts in each subnet because one is used
for subnet id and other one is used for DBA of the subnet.
By performing Bitwise AND between IP and Subnet mask we get the subnet ID.
Example: In class C, if subnet mask is 255.255.255.240 then calculate the
number of subnet and host.
Solution: In Class, mask is 255.255.255.0
So, the last octet will tell us the subnet.
i.e., 11111111 11111111 11111111 11110000
Subnet Hosts
Net-id

Number of Subnets = 24 – 2 = 14
Number of Hosts = 24 – 2 = 14.
Note:
• Whenever the continuous mask is taken designing of a network will become simple and
easy i.e. deterministic.
• Discontinuous mask can be applied in security because we cannot determine the next
event from the previous event.

12
Page 44
www.gradeup.co

4.10. Supernetting
• Joining two or more networks to form a larger network.
• The number of supernet bits are borrowed from network bits.
• During supernetting we can only add in the powers of 2 networks

Number of networks that can be joined are = 2r , where r are the number of supernet bits.

Range of supernet = supernet ID to DBA of Supernet

Note:
If in question it is mentioned as, network explicitly configured with 0 subnet, DBA subnet
or network wishes to form subnets,

Then, number of subnets = 2n.

4.11. Longest prefix matching

Whenever a packet comes to a router and the router identifies that there are multiple
paths, that are available for a packet then the path which is having a greater number of
1’s in the mask is preferred.
Example: Consider the following case if IP address 192.168.20.19 is given:
Router A having IP prefix as: 192.168.20.16/28
Router B having IP prefix as: 192.168.0.0/16
According to the longest prefix match algorithm, node A will be chosen. Because it has a
longer subnet mask as shown

Hex Format Binary Format

192.168.20.191 11000000.10101000.00010100.10111111

192.168.20.16/28 11000000.10101000.00010100.00010000

192.168.0.0/16 11000000.10101000.00000000.00000000
4.12. Routing:
It is an act of moving information across an inter-network from a source to a destination.
Routers use routing protocols: -
• To know all the available paths of the network.
• To select the best and fastest path for each destination in the network.
• To select a single and fastest path if more than one path exists for a single destination.

13
Page 45
www.gradeup.co

4.12.1. Classification of Routing Algorithms:

Static Vs Dynamic:

Static Dynamic

It is known as non-adaptive algorithm It is also referred as adaptive routing.

In this network topology determines the final Each router can check the network status by
path. All the possible paths which are already communicating with the neighbours. So, the
calculated are loaded into the routing table. changes in the topology are reflected to all routers.
Unable to respond quickly in case of network The main disadvantage is, its complexity in the
failure. router.
Intra-domain Routing vs Inter-domain Routing:

Intra-domain Routing Inter-domain Routing

Routing takes place between the

Routing takes place within domains.
In this domain routers need to know only about other
routers within their domain. This protocol ignores the
internet outside the autonomous system.
Example: RIP (or Distance Vector Routing), OSPF (Open
Shortest Path First)
two domains.
This protocol assumes that internet
consists of a collection of interconnected
autonomous systems.
Example: BGP (Border Gateway Protocol)

4.13. Routing Algorithms:

4.13.1. Flooding:
Flooding is the simplest method packet forwarding. It occurs when source packets
(without routing data) are transmitted to all attached network nodes. When a packet is
received, the routers send it to all the interfaces except the one on which it was received.
Because flooding uses every path in the network, the shortest path is also used. Time
to Live (TTL) can be used to avoid infinite looping of packets. The flooding algorithm is
easy to implement.
4.13.2. Distance Vector Routing:
• It is a dynamic algorithm.
• It also known as Bellman-Ford routing algorithm and Ford- Fulkerson algorithm.
• Each router shares its knowledge through the entire network, a node router constructs
a table containing the distance (total cost of path) to all other nodes.
• The Router sends its collected knowledge about the network to its neighbours which
have direct links.
• Distance-vector protocols use timers to broadcast routing information. Once their
periodic timer expires, they broadcast their routing information from all active
interfaces, no matter whether the routing information has changed since the previous
broadcast or not.

14
Page 46
www.gradeup.co

Node Cost to Read Node

A B C D E F G
A 0 1 1 3 4 5 4
B 1 0 2 2 4 4 3
C 1 2 0 4 3 6 4
D 3 2 4 0 2 2 1
E 4 4 3 2 0 3 1
F 5 4 6 2 3 0 3
G 4 3 4 1 1 3 0

Count to Infinity Problem:

• If the link between B and C is disconnected, then B will know that it can no longer get
to C via that link and will remove it from it’s table.
• Before it can send any updates it’s possible that it will receive an update from A which
will be advertising that it can get to C at a cost of 2.
• B can get to A at a cost of 1, so it will update a route to C via A at a cost of 3.
• A will then receive updates from B later and update its cost to 4. They will then go on
feeding each other bad information toward infinity which is called as Count to Infinity
problem.
4.13.3. Link State Routing:
• It is a dynamic algorithm
• It uses Dijsktra Algorithm.
• Link-state protocols share routing information only with neighbours.
• When a router is booted, to discover neighbours, link-state protocols use a special
protocol known as the hello protocol.
• Then second router sends back a reply and asking about the sender and the
communication starts.
• Each router sends the information to every other router on the internetwork except its
neighbours. This process is known as Flooding. Every router that receives the packet
sends the copies to all its neighbours. Finally, each router receives a copy of the same
information.
• To determine the cost of line or path, the router sends an ECHO packet over the line
which the other router is required to send back immediately. By measuring the round-
trip time and dividing it by two, the router (sender) can get a reasonable estimate of
the delay.

15
Page 47
www.gradeup.co

• Instead of sending its routing table, a router sends the information about its
neighbourhood only. A router broadcast its identities and cost of the directly attached
links to other routers.
• From all available routes, to select the best route for each destination of the network,
the link-state protocols use an algorithm called the Shortest Path First (SPF) algorithm.

Distance Vector Routing Link State Routing

• It uses Bellman Ford Algorithm. • It uses Dijsktra Algorithm.

• Based on local knowledge i.e. it has topology
information from the neighbour point of view
• Bandwidth required is less due to local sharing.
• Based on global knowledge i.e. it has
complete information about the entire
network.
• Bandwidth required is more due to flooding.

• It has count to infinity problem. • It does not have count to infinity problem.

4.14. IPv6
• IPv6 was created to create a much larger space. IPv6 addresses consist of 128 bits,
instead of 32 bits, and include a scope field that identifies the type of application suitable
for the address.
• IPv6 addresses consist of 8 groups of 16-bit hexadecimal values separated by colons
(:). IPv6 addresses have the following format:
xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
• Each xxxx is a 16-bit hexadecimal value, and each a is a 4-bit hexadecimal value.
Following is a sample IPv6 address:
4FFE:0000:0000:0001:0200:F9FF:FE75:50DF
• The leading zeros can be omitted in each 16-bit group, as follows:
4FFE:0:0:1:200:F9FF:FE75:50DF
• 16-bit groups of zeros can be compressed to double colons (::) as shown in the
following example, but only once per address:
4FFE::1:200:F9FF:FE75:50DF
4.14.1. Types of IPv6 Addresses:
IPv6 addressing is classified by the primary addressing and routing methodologies
common in networking as follows
• Unicast address: It identifies a single network interface. Only one packet is sent to one
destination.
• Anycast address: It is assigned to a group of interfaces. A packet is sent to any one
member of a group of devices that are configured with the anycast address. By default,
packets sent to an anycast address are forwarded to the closet interface (node), which
is based on the routing process employed to get the packet to the destination.

16
Page 48
www.gradeup.co

• Multicast address: It is also used by multiple hosts. One packet is sent to all members
of the multicast group.
IPv6 addressing does not implement broadcast addressing, the use of the all-nodes
group is not recommended, and most IPv6 addressing protocols use a dedicated link-
local multicast group to avoid disturbing every interface in the network.
4.14.2. Rules for IPv6:
IPv6 consists of:
• Prefix: Which is used to identify a subnet.
Length = n bits
• Interface ID (or Extended MAC): Which is used to identify an interface on a subnet and
needs to be unique on that subnet.
Length = 128 – n bits
4.13.3. Converting MAC to Extended MAC:
• The IPv6 format address is obtained through the 48-bit MAC address.
• The MAC address is first separated into two 24-bits.
• The 16-bit 0xFFFE is then inserted between these two 24-bits for the 64-bit.
• IEEE has chosen FFFE as a reserved value for the 64-bit address.
• The 48-bit MAC address will be converted to 64-bit address as shown below:

Conversion of Extended MAC into IPv6 Interface Identifier:

• The seventh bit from the left, needs to be inverted.
• This bit identifies whether this interface identifier is universally or locally administered.
• If it is 0, the address is locally administered and if it is 1, the address is globally unique.

4.13.4. IPv6 Unspecified Address:

• The unspecified address / all-zeros address
Value of 0:0:0:0:0:0:0:0 (short = ::0)
• The loopback address
Value of 0:0:0:0:0:0:0:1 (short = ::1)

****

17
Page 49
www.gradeup.co

18
Page 50
www.gradeup.co

1
Page 51
www.gradeup.co

COMPUTER NETWORKS

5 TRANSPORT LAYER

5. TRANSPORT LAYER

5.1. Transport Layer Functionalities-

The transport layer is responsible for the reliability, flow control, and correction of data
which is being sent over the network.
There are mainly two transport layer protocols that are used on the Internet-
1. Transmission Control Protocol (TCP)
2. User Datagram Protocol (UDP)
5.1.1. Transmission Control Protocol (TCP)-
• TCP is a reliable protocol. This is because-
➢ It guarantees the delivery of data packets to its correct destination.
➢ After receiving the data packet, receiver sends an acknowledgement to the sender.
➢ It tells the sender whether data packet has reached its destination safely or not.
➢ TCP employs retransmission to compensate for packet loss.
• TCP is a connection-oriented protocol. This is because-
➢ TCP establishes an end to end connection between the source and destination.
➢ The connection is established before exchanging the data.
➢ The connection is maintained until the application programs at each end finishes
exchanging the data.
• TCP handles both congestion and flow control.
➢ TCP handles congestion and flow control by controlling the window size.
➢ TCP reacts to congestion by reducing the sender window size.
• TCP ensures in-order delivery.
➢ TCP ensures that the data packets get deliver to the destination in the same order
they are sent by the sender.
➢ Sequence Numbers are used to coordinate which data has been transmitted and
received.
• TCP connections are full duplex.
• TCP connection allows to send data in both the directions at the same time. So, TCP
connections are Full Duplex.
• TCP works in collaboration with Internet Protocol.
• A TCP connection is uniquely identified by using-

2
Page 52
www.gradeup.co

Combination of port numbers and IP Addresses of sender and receiver.

• IP Addresses indicate which systems are communicating.
• Port numbers indicate which end to end sockets are communicating.
• Port numbers are contained in the TCP header and IP Addresses are contained in the IP
header.
• TCP segments are encapsulated into an IP datagram.
• So, TCP header immediately follows the IP header during transmission.
• TCP can use both selective & cumulative acknowledgements.
• TCP uses a combination of Selective Repeat and Go back N protocols.
• In TCP, sender window size = receiver window size.
• In TCP, out of order packets are accepted by the receiver.
• When receiver receives an out of order packet, it accepts that packet but sends an
acknowledgement for the expected packet.
• Receiver may choose to send independent acknowledgements or cumulative
acknowledgement.
• To sum up, TCP is a combination of 75% SR protocol and 25% Go back N protocol.
• TCP is a byte stream protocol.
• Application layer sends data to the transport layer without any limitation.
• TCP divides the data into chunks where each chunk is a collection of bytes.
• Then, it creates a TCP segment by adding IP header to the data chunk.
• TCP segment = TCP header + Data chunk.
• TCP provides error checking and recovery using three simple techniques-
I. Checksum
II. Acknowledgement
III. Retransmission
5.1.2 TCP Segment Format-

3
Page 53
www.gradeup.co

1. Source Port-
• Source Port is a 16 bit field.
• It identifies the port of the sending application.
2. Destination Port-
• Destination Port is a 16 bit field.
• It identifies the port of the receiving application.
NOTE
• A TCP connection is uniquely identified by using-
Combination of port numbers and IP Addresses of sender and receiver
• IP Addresses indicate which systems are communicating.
• Port numbers indicate which end to end sockets are communicating.
3. Sequence Number-
• Sequence number is a 32 bit field.
• TCP assigns a unique sequence number to each byte of data contained in the TCP
segment.
• This field contains the sequence number of the first data byte.
4. Acknowledgement Number-
• Acknowledgment number is a 32 bit field.
• It contains sequence number of the data byte that receiver expects to receive next from
the sender.
• It is always sequence number of the last received data byte incremented by 1.
5. Header Length-
• Header length is a 4 bit field.
• It contains the length of TCP header.
• It helps in knowing from where the actual data begins.
Minimum and Maximum Header length-
The length of TCP header always lies in the range- [20 bytes , 60 bytes]
• The initial 5 rows of the TCP header are always used.
• So, minimum length of TCP header = 5 x 4 bytes = 20 bytes.
• The size of the 6th row representing the Options field vary.
• The size of Options field can go up to 40 bytes.
• So, maximum length of TCP header = 20 bytes + 40 bytes = 60 bytes.
NOTES
• Header length and Header length field value are two different things.
• The range of header length field value is always [5, 15].
• The range of header length is always [20, 60].

4
Page 54
www.gradeup.co

6. Reserved Bits-
• The 6 bits are reserved.
• These bits are not used.
7. URG Bit-
• URG bit is used to treat certain data on an urgent basis.
• When URG bit is set to 1, It indicates the receiver that certain amount of data within
the current segment is urgent.
8. ACK Bit-
• ACK bit indicates whether acknowledgement number field is valid or not.
• When ACK bit is set to 1, it indicates that acknowledgement number contained in the
TCP header is valid.
• For all TCP segments except request segment, ACK bit is set to 1.
• Request segment is sent for connection establishment during Three Way Handshake.
9. PSH Bit-
• PSH bit is used to push the entire buffer immediately to the receiving application
• When PSH bit is set to 1, All the segments in the buffer are immediately pushed to the
receiving application.
10. RST Bit-
• RST bit is used to reset the TCP connection.
• When RST bit is set to 1,
It indicates the receiver to terminate the connection immediately.
11. SYN Bit-
• SYN bit is used to synchronize the sequence numbers.
• When SYN bit is set to 1, It indicates the receiver that the sequence number contained
in the TCP header is the initial sequence number.
• Request segment sent for connection establishment during Three way handshake
contains SYN bit set to 1.
12. FIN Bit-
• FIN bit is used to terminate the TCP connection.
• When FIN bit is set to 1, It indicates the receiver that the sender wants to terminate
the connection.
• FIN segment sent for TCP Connection Termination contains FIN bit set to 1.
13. Window Size-
• Window size is a 16-bit field.
• It contains the size of the receiving window of the sender.
• It advertises how much data (in bytes) the sender can receive without
acknowledgement.
• Thus, window size is used for Flow Control.

5
Page 55
www.gradeup.co

NOTE:
• The window size changes dynamically during data transmission.
• It usually increases during TCP transmission up to a point where congestion is detected.
• After congestion is detected, the window size is reduced to avoid having to drop
packets.
14. Checksum-
• Checksum is a 16-bit field used for error control.
• It verifies the integrity of data in the TCP payload.
• Sender adds CRC checksum to the checksum field before sending the data.
• Receiver rejects the data that fails the CRC check.
15. Urgent Pointer-
• Urgent pointer is a 16-bit field.
• It indicates how much data in the current segment counting from the first data byte is
urgent.
• Urgent pointer added to the sequence number indicates the end of urgent data byte.
• This field is considered valid and evaluated only if the URG bit is set to 1.
16. Options-
• Options field is used for several purposes.
• The size of options field varies from 0 bytes to 40 bytes.
Options field is generally used for the following purposes-
1. Time stamp
2. Window size extension
3. Parameter negotiation
4. Padding
A. Time Stamp-
When wrap around time is less than life-time of a segment,
• Multiple segments having the same sequence number may appear at the receiver side.
• This makes it difficult for the receiver to identify the correct segment.
• If time stamp is used, it marks the age of TCP segments.
• Based on the time stamp, receiver can identify the correct segment.
B. Window Size Extension-
• Options field may be used to represent a window size greater than 16 bits.
• Using window size field of TCP header, window size of only 16 bits can be represented.
• If the receiver wants to receive more data, it can advertise its greater window size using
this field.
• The extra bits are then appended in Options field.

6
Page 56
www.gradeup.co

C. Parameter Negotiation-
Options field is used for parameters negotiation.
Example- During connection establishment,
• Both sender and receiver have to specify their maximum segment size.
• To specify maximum segment size, there is no special field.
• So, they specify their maximum segment size using this field and negotiates.
D. Padding-
• Addition of dummy data to fill up unused space in the transmission unit and make it
conform to the standard size is called as padding.
• Options field is used for padding.
5.1.3 TCP Sequence Number Field
• Each TCP segment sent by the sender contains some bytes of data.
• TCP assigns a unique number to each data byte for its identification.
• This unique number is called as TCP Sequence Number.
Purpose of Sequence Number-
Sequence number serves the following purposes-
• It helps to identify each data byte uniquely.
• It helps in the segmentation of data into TCP segments and reassemble them later.
• It helps to keep track of how much data has been transferred and received.
• It helps to put the data back into the correct order if it is received in the wrong order.
• It helps to request data when it has been lost in transit.
Maximum Number of Sequence Numbers-
• In TCP header, sequence number is a 32-bit field.
• So, maximum number of possible sequence numbers = 2 32.
• These sequence numbers lie in the range [0 , 232 – 1].
5.2. Concept Of Wrap Around-
The concept of wrap around states:
“After all the 232 sequence numbers are used up and more data is to be sent, the
sequence numbers can be wrapped around and used again from the starting”.
In general,
• If the initial sequence number chosen is X.
• Then sequence numbers are used from X to 2 32 – 1 and then from to 0 to X-1.
• Then, sequence numbers are wrapped around to send more data.
Example-
• Consider the initial sequence number used is 0.
• Then after sending 4 GB data, all the sequence numbers would get used up.
• To send more data, sequence numbers are reused from the starting.
• Wrapping around can be done again and again to send more and more data.

7
Page 57
www.gradeup.co

1
5.2.1. Wrap Around Time: Wrap Around Time ∝
Bandwidth

• Time taken to use up all the 232 sequence numbers is called as wrap around time.
• It depends on the bandwidth of the network i.e. the rate at which the bytes go out.
• More the bandwidth, lesser the wrap around time and vice versa.
Formula:
If bandwidth of the network = x bytes/sec, then-
32
2
Wrap Around Time = sec
x

5.2.3. How Wrap Around Is Possible?

It is possible to wrap around the sequence numbers because-
• The lifetime of a TCP segment is just 180 seconds.
• Wrap around time is much greater than lifetime of a TCP segment.
• So, by the time the sequence numbers wrap around, there is no probability of existing
any segment having the same sequence number.
• Thus, even after wrapping around, the sequence number of all the bytes will be unique
at any given time.
5.2.4. Reducing Wrap Around Time-
Wrap around time can be reduced to the life time of a TCP segment.
This is because-
• After the life time of a segment completes, it is considered that the segment no longer
exists.
• So, sequence numbers used by the segment frees up and can be reused.
To reduce the wrap around time to the life time of segment,
• There must exist as many sequence numbers as there are number of data bytes sent
in time equal to life time of segment.
Formula-
Number of bits required in the sequence number field so that wrap around time becomes
equal to lifetime of TCP segment= log2 (lifetime of TCP segment x Bandwidth)
• The number of bits will be greater than 32 bits.
• The extra bits are appended in the Options field of TCP header.
Example:
Given the bandwidth of a network is 1 MB / sec. Calculate the wrap around time.
Solution-
We know,
• Wrap around time = Time taken to use all the 232 sequence numbers.
• TCP assigns 1 sequence number to each byte of data.

8
Page 58
www.gradeup.co

To calculate wrap around time, we just need to calculate how much time will be taken to
send 232 bytes of data.
Now,
Given bandwidth = 1 MB / sec = 106 bytes / sec.
It means 106 bytes of data is sent in time = 1 sec.
So, 232 bytes of data will be sent in time = ( 1 / 106 ) x 232 sec = 1.19 hours.
Thus,
• It will take 1.19 hours to consume all the 2 32 sequence numbers if bandwidth = 1 MB /
sec.
• Wrap Around Time = 1.19 hours.
Alternatively,
Using the formula, we have-
Wrap Around Time = 232 / 106 sec = 1.19 hours
5.3. Congestion in Network-
Congestion refers to a network state where-
The message traffic becomes so heavy that it slows down the network response time.
• Congestion is an important issue that can arise in Packet Switched Network.
• Congestion leads to the loss of packets in transit.
• So, it is necessary to control the congestion in network.
• It is not possible to completely avoid the congestion.
5.3.1 Congestion Control-
Congestion control refers to techniques and mechanisms that can-
• Either prevent congestion before it happens
• Or remove congestion after it has happened
Now, let us discuss how congestion is handled at TCP.
5.3.2 TCP Congestion Control-
TCP reacts to congestion by reducing the sender window size.
The size of the sender window is determined by the following two factors-
1. Receiver window size
2. Congestion window size
a. Receiver Window Size-
Receiver window size is an advertisement of-
“How much data (in bytes) the receiver can receive without acknowledgement?”
• Sender should not send data greater than receiver window size.
• Otherwise, it leads to dropping the TCP segments which causes TCP Retransmission.
• So, sender should always send data less than or equal to receiver window size.
• Receiver dictates its window size to the sender through TCP Header.

9
Page 59
www.gradeup.co

b. Congestion Window-
• Sender should not send data greater than congestion window size.
• Otherwise, it leads to dropping the TCP segments which causes TCP Retransmission.
• So, sender should always send data less than or equal to congestion window size.
• Different variants of TCP use different approaches to calculate the size of congestion
window.
• Congestion window is known only to the sender and is not sent over the links.
So, always-
Sender window size = Minimum (Receiver window size, Congestion window size)
Congestion control categories

5.4. TCP Congestion Policy:

TCP’s general policy for handling congestion consists of following three phases-
1. Slow Start
2. Congestion Avoidance
3. Congestion Detection
5.4.1. Slow Start Phase-
• Initially, sender sets congestion window size = Maximum Segment Size (1 MSS).
• After receiving each acknowledgment, sender increases the congestion window size by
1 MSS.
• In this phase, the size of congestion window increases exponentially.
The followed formula is-
Congestion window size = Congestion window size + Maximum segment size
This is shown below-

10
Page 60
www.gradeup.co

• After 1 round trip time, congestion window size = (2) 1 = 2 MSS

• After 2 round trip time, congestion window size = (2) 2 = 4 MSS
• After 3 round trip time, congestion window size = (2) 3 = 8 MSS and so on.
This phase continues until the congestion window size reaches the slow start threshold.
Threshold = Maximum number of TCP segments that receiver window can accommodate
/2
= (Receiver window size / Maximum Segment Size) / 2

11
Page 61
www.gradeup.co

5.4.2. Congestion Avoidance Phase-

After reaching the threshold,
• Sender increases the congestion window size linearly to avoid the congestion.
• On receiving each acknowledgement, sender increments the congestion window size
by 1.
The followed formula is-
Congestion window size = Congestion window size + 1
This phase continues until the congestion window size becomes equal to the receiver
window size.

5.4.3. Congestion Detection Phase-

When sender detects the loss of segments, it reacts in different ways depending on how
the loss is detected-
Case-01: Detection On Time Out-
• Time Out Timer expires before receiving the acknowledgement for a segment.
• This case suggests the stronger possibility of congestion in the network.
• There are chances that a segment has been dropped in the network.
In this case, sender reacts by-
• Setting the slow start threshold to half of the current congestion window size.
• Decreasing the congestion window size to 1 MSS.
• Resuming the slow start phase.
Case-02: Detection on Receiving 3 Duplicate Acknowledgements-
• Sender receives 3 duplicate acknowledgements for a segment.
• This case suggests the weaker possibility of congestion in the network.
• There are chances that a segment has been dropped but few segments sent later may
have reached.

12
Page 62
www.gradeup.co

In this case, sender reacts by-

• Setting the slow start threshold to half of the current congestion window size.
• Decreasing the congestion window size to slow start threshold.
• Resuming the congestion avoidance phase.
Example-
Suppose that the TCP congestion window is set to 18 KB and a time out occurs. How big
will the window be if the next four transmission bursts are all successful? Assume that
the MSS is 1 KB.
Solution-
Congestion window size in terms of MSS = 18 KB / Size of 1 MSS = 18 KB / 1 KB = 18
MSS
TCP reacts by-
Setting the slow start threshold to half of the current congestion window size.
Decreasing the congestion window size to 1 MSS.
Resuming the slow start phase.
So now,
Slow start threshold = 18 MSS / 2 = 9 MSS
Congestion window size = 1 MSS
Slow Start Phase-
Window size at the start of 1st transmission = 1 MSS
Window size at the start of 2nd transmission = 2 MSS
Window size at the start of 3rd transmission = 4 MSS
Window size at the start of 4th transmission = 8 MSS
Window size at the start of 5th transmission = 9 MSS
Thus, after 4 successful transmissions, window size will be 9 MSS or 9 KB.
5.4.4. Congestion control algorithms
a. Leaky Bucket Algorithm
Let us consider an example to understand
Imagine a bucket with a small hole in the bottom. No matter at what rate water enters
the bucket, the outflow is at constant rate. When the bucket is full with water additional
water entering spills over the sides and is lost.

13
Page 63
www.gradeup.co

Similarly, each network interface contains a leaky bucket and the following steps are
involved in leaky bucket algorithm:
• When host wants to send packet, packet is thrown into the bucket.
• The bucket leaks at a constant rate, meaning the network interface transmits packets
at a constant rate.
• Bursty traffic is converted to a uniform traffic by the leaky bucket.
• In practice the bucket is a finite queue that outputs at a finite rate.
b. Token bucket Algorithm
Need of token bucket Algorithm:-
The leaky bucket algorithm enforces output pattern at the average rate, no matter how
bursty the traffic is. So in order to deal with the bursty traffic we need a flexible
algorithm so that the data is not lost. One such algorithm is token bucket algorithm.
Steps of this algorithm can be described as follows:
• In regular intervals tokens are thrown into the bucket. ƒ
• The bucket has a maximum capacity. ƒ
• If there is a ready packet, a token is removed from the bucket, and the packet is sent.
• If there is no token in the bucket, the packet cannot be sent.
Difference between Leaky and Token buckets –

LEAKY BUCKET TOKEN BUCKET

When the host has to send a packet ,
packet is thrown in bucket.
Bucket leaks at constant rate
Bursty traffic is converted into uniform
traffic by leaky bucket.
In practice bucket is a finite queue
outputs at finite rate
In this leaky bucket holds tokens generated at
regular intervals of time.
Bucket has maximum capacity.
If there is a ready packet , a token is removed
from Bucket and packet is send.
If there is a no token in bucket, packet can not
be send.

5.5. TCP Timers

The 4 important timers used by a TCP implementation are-
5.5.1. Time Out Timer-
TCP uses a time out timer for retransmission of lost segments.
• Sender starts a time out timer after transmitting a TCP segment to the receiver.
• If sender receives an acknowledgement before the timer goes off, it stops the timer.
• If sender does not receives any acknowledgement and the timer goes off, then TCP
Retransmission occurs.
• Time out timer is also called as Retransmission Timer.

14
Page 64
www.gradeup.co

5.5.2. Time Wait Timer-

TCP uses a time wait timer during connection termination.
• Sender starts the time wait timer after sending the ACK for the second FIN segment.
• It allows to resend the final acknowledgement if it gets lost.
• It prevents the just closed port from reopening again quickly to some other application.
• It ensures that all the segments heading towards the just closed port are discarded.
• The value of time wait timer is usually set to twice the lifetime of a TCP segment.
5.5.3. Keep Alive Timer-
TCP uses a keep alive timer to prevent long idle TCP connections.
• Each time server hears from the client, it resets the keep alive timer to 2 hours.
• If server does not hear from the client for 2 hours, it sends 10 probe segments to the
client.
• These probe segments are sent at a gap of 75 seconds.
• If server receives no response after sending 10 probe segments, it assumes that the
client is down.
• Then, server terminates the connection automatically.
5.5.4. Persistent Timer-
• TCP uses a persistent timer to deal with a zero-widow-size deadlock situation.
• It keeps the window size information flowing even if the other end closes its receiver
window.
• Sender starts the persistent timer on receiving an ACK from the receiver with a zero
window
5.6. Silly Window Syndrome-
• Silly Window Syndrome is a problem that arises due to the poor implementation of TCP.
• It degrades the TCP performance and makes the data transmission extremely
inefficient.
The problem is called so because-
• It causes the sender window size to shrink to a silly value.
• The window size shrinks to such an extent where the data being transmitted is smaller
than TCP Header.
The problem arises due to following causes-
1. ender transmitting data in small segments repeatedly
2. Receiver accepting only few bytes at a time repeatedly
5.6.1. Sender Transmitting Data In Small Segments Repeatedly-
• Consider application generates one byte of data to send at a time.
• The poor implementation of TCP causes the sender to send each byte of data in an
individual TCP segment.
This problem is solved using Nagle’s Algorithm.

15
Page 65
www.gradeup.co

Nagle’s Algorithm-
Nagle’s Algorithm tries to solve the problem caused by the sender delivering 1 data byte
at a time.
Nagle’s algorithm suggests-
• Sender should send only the first byte on receiving one byte data from the application.
• Sender should buffer all the rest bytes until the outstanding byte gets acknowledged.
• In other words, sender should wait for 1 RTT.
• After receiving the acknowledgement, sender should send the buffered data in one TCP
segment.
• Then, sender should buffer the data again until the previously sent data gets
acknowledged.
5.6.2. Receiver Accepting Only Few Bytes Repeatedly-
• Consider the receiver continues to be unable to process all the incoming data.
• In such a case, its window size becomes smaller and smaller.
• A stage arrives when it repeatedly sends the window size of 1 byte to the sender.
This problem is solved using Clark’s Solution.
Clark’s Solution-
Clark’s Solution tries to solve the problem caused by the receiver sucking up one data
byte at a time.
Clark’s solution suggests-
• Receiver should not send a window update for 1 byte.
• Receiver should wait until it has a decent amount of space available.
• Receiver should then advertise that window size to the sender.
Specifically, the receiver should not send a window update-
• Until it can handle the MSS it advertised during Three Way Handshake
• Or until its buffer is half empty, whichever is smaller.
5.7. UDP Protocol-
• UDP is short for User Datagram Protocol.
• It is the simplest transport layer protocol.
• It has been designed to send data packets over the Internet.
• It simply takes the datagram from the network layer, attaches its header and sends it
to the user.
5.7.1. Characteristics of UDP-
• It is a connectionless protocol.
• It is a stateless protocol.
• It is an unreliable protocol.
• It is a fast protocol.

16
Page 66
www.gradeup.co

• It offers the minimal transport service.

• It is almost a null protocol.

• It does not guarantee in order delivery.

• It does not provide congestion control mechanism.

• It is a good protocol for data flowing in one direction.

5.7.2 Need of UDP-

• TCP proves to be an overhead for certain kinds of applications.

• The Connection Establishment Phase, Connection Termination Phase etc of TCP

are time consuming.

• To avoid this overhead, certain applications which require fast speed and less overhead

use UDP.

5.7.3 UDP Header-

The following diagram represents the UDP Header Format-

• Source Port-

Source Port is a 16 bit field.

It identifies the port of the sending application.

• Destination Port-

Destination Port is a 16 bit field.

It identifies the port of the receiving application.

• Length-

Length is a 16 bit field.

It identifies the combined length of UDP Header and Encapsulated data.

Length = Length of UDP Header + Length of encapsulated data

• Checksum-

Checksum is a 16 bit field used for error control.

It is calculated on UDP Header, encapsulated data and IP pseudo header.

Checksum calculation is not mandatory in UDP.

17
Page 67
www.gradeup.co

5.7.4. Applications Using UDP-

Following applications use UDP-
• Applications which require one response for one request use UDP. Example- DNS.
• Routing Protocols like RIP and OSPF use UDP because they have very small amount of
data to be transmitted.
• Trivial File Transfer Protocol (TFTP) uses UDP to send very small sized files.
• Broadcasting and multicasting applications use UDP.
• Streaming applications like multimedia, video conferencing etc use UDP since they
require speed over reliability.
• Real time applications like chatting and online games use UDP.
• Management protocols like SNMP (Simple Network Management Protocol) use UDP.
• Bootp / DHCP uses UDP.
• Other protocols that use UDP are- Kerberos, Network Time Protocol (NTP), Network
News Protocol (NNP), Quote of the day protocol etc.
Note-01: Checksum calculation is not mandatory in UDP.
This is because-
• UDP is already an unreliable protocol and error checking does not make much sense.
• Also, time is saved and transmission becomes faster by avoiding to calculate it.
Note-02: UDP does not guarantee in order delivery.
This is because-
• UDP allows out of order delivery to ensure better performance.
• If some data is lost on the way, it does not call for retransmission and keeps transmitting
data.

****

18
Page 68
www.gradeup.co

19
Page 69
www.gradeup.co

1
Page 70
www.gradeup.co

COMPUTER NETWORKS

6 APPLICATION LAYER

6. APPLICATION LAYER

The application layer in the OSI model is the closest layer to the end user which means that

the application layer and end user can interact directly with the software application. The

application layer programs are based on client and servers.

6.1. Services of Application Layers:

• Network Virtual terminal: An application layer allows a user to log on to a remote

host. To do so, the application creates a software emulation of a terminal at the remote

host. The user's computer talks to the software terminal, which in turn, talks to the

host. The remote host thinks that it is communicating with one of its own terminals,

so it allows the user to log on.

• File Transfer, Access, and Management (FTAM): An application allows a user to

access files in a remote computer, to retrieve files from a computer and to manage

files in a remote computer. FTAM defines a hierarchical virtual file in terms of file

structure, file attributes and the kind of operations performed on the files and their

attributes.

• Addressing: To obtain communication between client and server, there is a need for

addressing. When a client made a request to the server, the request contains the

server address and its own address. The server response to the client request, the

request contains the destination address, i.e., client address. To achieve this kind of

addressing, DNS is used.

• Mail Services: An application layer provides Email forwarding and storage.

• Directory Services: An application contains a distributed database that provides

access for global information about various objects and services.

• Authentication: It authenticates the sender or receiver's message or both.

2
Page 71
www.gradeup.co

6.2. Protocols in Application Layer:

Application Type Application-layer protocol Transport Protocol

Send: Simple Mail Transfer Protocol
Electronic mail TCP 25
SMTP
Receive: Post Office Protocol v3
POP3 POP3 TCP 110

Remote terminal access Telnet TCP 23

Hyper Text Transfer Protocol 1.1
World Wide Web (WWW) HTTP 1.1 TCP 80

File Transfer Protocol TCP 20

File Transfer
FTP TCP 21
Trivial File Transfer Protocol
TFTP UDP 69
TFTP
DNS Usually UDP
HTTPS Hypertext Transfer Protocol Secure

• TELNET: Telnet stands for the Terminal Emulation NETwork. It helps in terminal
emulation. It allows Telnet client to access the resources of the Telnet server. It is
used for managing the files on the internet. It is used for initial set up of devices like
switches. The telnet command is a command that uses the Telnet protocol to
communicate with a remote device or system. Port number of Telnet is 23.
• FTP: FTP stands for file transfer protocol. It is the protocol that lets the user to transfer
files. It FTP promotes sharing of files via remote computers with reliable and efficient
data transfer. Port number for FTP is 20 for data and 21 for control.
• TFTP: The Trivial File Transfer Protocol (TFTP) is the stripped-down, stock version of
FTP, but it’s the protocol of choice if the user knows exactly what he wants and where
to find it. Port number of TFTP is 69. It’s a technology for transferring files between
network devices and is a simplified version of FTP.
• SMTP (Simple Mail Transfer Protocol): One of the most popular network service is
electronic mail (e-mail). Its port number is 25. The TCP/IP protocol that supports
electronic mail on the Internet is called Simple Mail Transfer Protocol (SMTP). SMTP
transfers messages from senders' mail servers to the recipients' mail servers using
TCP connections. SMTP provides services for mail exchange between users on the
same or different computers.
• SNMP: It stands for Simple Network Management Protocol. It gathers data by polling
the devices on the network from a management station at fixed or random intervals,
requiring them to disclose certain information. It is a way that servers can share
information about their current state, and also a channel through which an
administrate can modify pre-defined values. Port number of SNMP is 161(TCP) and
162(UDP).

3
Page 72
www.gradeup.co

• DHCP: Dynamic Host Configuration Protocol (DHCP) is used assigning IP addresses to

computers in a network. The IP addresses are assigned dynamically. Certainly, using
DHCP, the computer will have a different IP address every time it is connected to the
network. In some cases the IP address may change even when the computer is in
network.
• HTTP: The Hypertext Transfer Protocol (HTTP) is used to access the data on WWW
(World Wide Web). The functions of HTTP are the combination of FTP (File Transfer
Protocol) and SMTP (Simple Mail Transfer Protocol). It uses port number 80.
HTTP is similar to FTP, because it uses only one TCP connection (data is transferred
between Client and Server). In SMTP, the messages are stored and then forwarded to
the destination, but the HTTP messages are delivered immediately. HTTP uses the
services of TCP on well-known port 80.
• HTTPS (Hypertext Transfer Protocol Secure): Hyper Text Transfer Protocol Secure
(HTTPS) is the secure version of HTTP, the protocol over which data is sent between
your browser and the website that you are connected to. The 'S' at the end of HTTPS
stands for 'Secure'. It means all communications between your browser and the
website are encrypted.
• POP (Post Office Protocol): POP is also called as POP3 protocol. This is a protocol
used by a mail server in conjunction with SMTP to receive and holds mail for hosts. It
uses port number 110. POP3 mail server receives e-mails and filters them into the
appropriate user folders. When a user connects to the mail server to retrieve his mail,
the messages are downloaded from mail server to the user's hard disk.
• DNS: DNS stands for Domain Name System. DNS is a directory service that provides
a mapping between the name of a host on the network and its numerical address. DNS
is required for the functioning of the internet. Each node in a tree has a domain name,
and a full domain name is a sequence of symbols specified by dots. DNS is a service
that translates the domain name into IP addresses. This allows the users of networks
to utilize user-friendly names when looking for other hosts instead of remembering the
IP addresses. DNS is a TCP/IP protocol used on different platforms. The domain name
space is divided into three different sections: generic domains, country domains, and
inverse domain.
Port Number is 53.
a. Generic Domains: It defines the registered hosts according to their generic
behaviour.
b. Country Domain : The format of country domain is same as a generic domain, but
it uses two-character country abbreviations (e.g., us for the United States) in place
of three-character organizational abbreviations.

4
Page 73
www.gradeup.co

c. Inverse Domain : The inverse domain is used for mapping an address to a name.
When the server has received a request from the client, and the server contains the
files of only authorized clients.
6.3. Network Security
Cryptography is associated with the process of converting ordinary plain text into
unintelligible text and vice-versa. It is a method of storing and transmitting data in a form
so that only those for whom it is intended can read and process it. Cryptography not only
protects data from theft or alteration but can also be used for user authentication.
6.3.1. Security Services:
a. Data Integrity:
It can apply to a stream of messages, a single message, or selected fields within a
message. A loss of integrity is the unauthorized modification or destruction of information.
b. Data Confidentiality:
Preserving authorized restrictions on information access and disclosure, including means
for protecting personal privacy and proprietary information. A loss of confidentiality is the
unauthorized disclosure of information.
c. Authenticity:
Provide authentication to all the node and base station for utilizing the available limited
resources. It also ensures that only the authorized node can participant for the
communication.
d. Nonrepudiation:
Nonrepudiation prevents either sender or receiver from denying a transmitted message.
Thus, when a message is sent, the receiver can prove that the alleged sender in fact sent
the message. Similarly, when a message is received, the sender can prove that the
alleged receiver in fact received the message.
e. Access Control:
Access control is the ability to limit and control the access to host systems and
applications via communications links. To achieve this, each entity trying to gain access
must first be identified, or authenticated, so that access rights can be tailored to the
individual.
6.3.2. Types of Cryptography:
a. Symmetric Cryptography:
Symmetric key cryptography is a type of cryptography in which the single common key
is used by both sender and receiver for the purpose of encryption and decryption of a
message. This system is also called private or secret key cryptography.
Eg: AES (Advanced Encryption Standard), DES.

5
Page 74
www.gradeup.co

b. Asymmetric Cryptography:
In asymmetric cryptography, every user uses two keys or a pair of keys (private key and
public key) for encryption and decryption process. Private key is kept as a secret with
every user and public key is distributed over the network so if anyone wants to send
message to any user can use those public keys. Either of the key can be used to encrypt
the message and the one left is used for decryption purpose. Asymmetric key
cryptography is also known as public key cryptography.
Eg: RSA
c. Hash Cryptography:
A Hash function is a cryptography algorithm that takes input of arbitrary length and gives
the output in fixed length. The hash function is also considered as a mathematical
equation that takes seed (numeric input) and produce the output that is called hash or
message digest. This system operates in one-way manner and does not require any key.
6.4. Key Exchange Algorithms:
6.4.1. RSA Algorithm (Rivest, Shamir, and Adleman Algorithm):
RSA algorithm is a public key encryption technique and is considered as the most secure
way of encryption.
It is often used to encrypt and decrypt symmetric keys.
Asymmetric means that it works on two different keys i.e. Public Key and Private Key. As
the name describes that the Public Key is given to everyone and Private key is kept
private.
Algorithm:
Step 1: Generate the RSA modulus
Two prime numbers namely p and q are selected, and then calculate their product N, as
shown:
N=p*q
Here, let N be a large number.
Step 2: Derived Number (e)
Consider number e as a derived number which should be greater than 1 and less than
(p-1) and (q-1). The primary condition will be that there should be no common factor of
(p-1) and (q-1) except 1
Step 3: Public key
The specified pair of numbers n and e forms the RSA public key and it is made public.
Step 4: Private Key
Private Key d is calculated from the numbers p, q and e. The mathematical relationship
between the numbers is as follows:
ed = 1 mod (p-1) (q-1)
The above formula is the basic formula for Extended Euclidean Algorithm, which takes p
and q as the input parameters.

6
Page 75
www.gradeup.co

Encryption Formula

Consider a sender who sends the plain text message to someone whose public key is

(n,e). To encrypt the plain text message in the given scenario, use the following syntax:

C = Pe mod n

Decryption Formula

The decryption process is very straightforward and includes analytics for calculation in a

systematic approach. Considering receiver C has the private key d, the result modulus

will be calculated as:

Plaintext = Cd mod n

6.4.2. SHA Algorithm:

• Secure Hash Algorithms, also known as SHA, are a family of cryptographic functions

designed to keep data secured. It works by transforming the data using a hash function.

• SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function which takes an input

and produces a 160-bit (20-byte) hash value known as a message digest – typically

rendered as a hexadecimal number, 40 digits long.

6.4.3. Message Digest (MD)

• MD5 was most popular and widely used hash function for quite some years.

• The MD family comprises of hash functions MD2, MD4, MD5 and MD6. It was adopted

as Internet Standard RFC 1321.

• It is a 128-bit hash function.

• MD5 digests have been widely used in the software world to provide assurance about

integrity of transferred file. For example, file servers often provide a pre-computed MD5

checksum for the files, so that a user can compare the checksum of the downloaded file

to it.

6.4.4. Honeypot:

• The honeypot is a kind of proactive defence technology against malicious attacks in the

field of information security. Successful and timely detection of network attacks highly

depends on efficient honeypot deployment.

• A honeypot is a computer security mechanism set to detect, deflect, or, in some

manner, counteract attempts at unauthorized use of information systems. Generally, a

honeypot consists of data (for example, in a network site) that appears to be a legitimate

part of the site that seems to contain information or a resource of value to attackers, but

actually, is isolated and monitored and, enables blocking or analysing the attackers. This

is similar to police sting operations, colloquially known as "baiting" a suspect.

7
Page 76
www.gradeup.co

6.5. Types of Cyber Attack:

6.5.1. Denial of Service:
• A denial-of-service (DoS) attack is a type of cyber-attack in which a malicious actor
aims to render a computer or other device unavailable to its intended users by
interrupting the device's normal functioning.
• A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or
network, making it inaccessible to its intended users.
• DoS attacks accomplish this by flooding the target with traffic, or sending it
information that triggers a crash. In both instances, the DoS attack deprives legitimate
users (i.e. employees, members, or account holders) of the service or resource they
expected.
6.5.2. Man-in-the-middle attack:
• Man-in-the-middle (MitM) attacks, also known as eavesdropping attacks, occur when
attackers insert themselves into a two-party transaction. Once the attackers interrupt the
traffic, they can filter and steal data.
• Two common points of entry for MitM attacks:
1. On unsecure public Wi-Fi, attackers can insert themselves between a visitor’s device
and the network. Without knowing, the visitor passes all information through the attacker.
2. Once malware has breached a device; an attacker can install software to process all of
the victim’s information.
6.5.3. Birthday Attack:
• Birthday attack is a type of cryptographic attack that belongs to a class of brute force
attacks. It exploits the mathematics behind the birthday problem in probability theory. T
• he success of this attack largely depends upon the higher likelihood of collisions found
between random attack attempts and a fixed degree of permutations, as described in
the birthday paradox problem.
6.5.4. Trojan Horses:
• A Trojan is a malicious software program that misrepresents itself to appear useful.
They spread by looking like routine software and persuading a victim to install
6.6. Digital Signature:
A digital signature is a mathematical technique used to validate the authenticity and
integrity of a message, software, or digital document.
It provides message integrity, message authentication, and non-reputation.
In digital signature the sender can sign the message digest using receiver’s public key,
and the receiver can verify the message digest using own private key.

8
Page 77
www.gradeup.co

Steps:
• The miniature version (digest) of the message is created by using a hash function.
• The digest is encrypted by using the sender's private key.
• After the digest is encrypted, then the encrypted digest is attached to the original
message and sent to the receiver.
• The receiver receives the original message and encrypted digest and separates the two.
• The receiver implements the hash function on the original message to create the second
digest, and it also decrypts the received digest by using the public key of the sender. If
both the digests are same, then all the aspects of security are preserved.
At the Sender site

At the Receiver site

9
Page 78
www.gradeup.co

6.7. Firewall
A firewall is a network security device that monitors incoming and outgoing network traffic
and permits, or blocks data packets based on a set of security rules. Its purpose is to
establish a barrier between your internal network and incoming traffic from external
sources (such as the internet) in order to block malicious traffic like viruses and hackers.
Firewalls need to be able to perform the following tasks:
• Defend resources
• Validate access
• Manage and control network traffic
• Record and report on events
• Act as an intermediary
Firewalls use one or more of three methods to control traffic flowing in and out of the
network:
• Packet filtering: Packets (small chunks of data) are analysed against a set of filters.
Packets that make it through the filters are sent to the requesting system and all others
are discarded.
• Proxy service: Information from the Internet is retrieved by the firewall and then sent
to the requesting system and vice versa.
• Stateful inspection: Information traveling from inside the firewall to the outside is
monitored for specific defining characteristics, then incoming information is compared to
these characteristics. If the comparison yields a reasonable match, the information is
allowed through. Otherwise it is discarded.
6.7.1. Firewall in wireless network:
• Wireless networks are vulnerable in multiple ways, the most likely nuisance being rogue
access points and the use of mobile devices by employees without appropriate security.
Although there is a good potential for vindictive hacking attempts and denial-of-service
attacks.
• Installing a firewall is a good security practice. You must also install a firewall directly
on your wireless devices. Attackers who can instantly access your wireless network may
be able to dodge your network firewall.
• Hence a host-based firewall will add another layer of protection to the data on the
computer.

****

10
Page 79
www.gradeup.co

11
Page 80