MODULE 1

Syllabus :

1. Introduction: Data Communications: Components, Representations, Data Flow.

Networks: Physical Structures,
Network Types: LAN, WAN, Switching, Internet.

2. Network Models: Protocol Layering: Scenarios, Principles, Logical Connections.

TCP/IP Protocol Suite: Layered Architecture, Layers in TCP/IP suite, Description of layers,
Encapsulation and Decapsulation, Addressing, Multiplexing and Demultiplexing,
The OSI Model: OSI Versus TCP/IP.

3. Data-Link Layer: Introduction: Nodes and Links, Services, Categories’ of link, Sublayers.
Link Layer addressing: Types of addresses, ARP.
Data Link Control (DLC) services: Framing, Flow and Error Control,
Data Link Layer Protocols: Simple Protocol, Stop and Wait protocol, Piggybacking (concept)

References :
 Data Communications and Networking , Forouzan, 5th Edition, McGraw Hill, 2016.
 Computer Networks, James J Kurose, Keith W Ross, Pearson Education, 2013.
 Introduction to Data Communication and Networking, Wayarles Tomasi, Pearson Education, 2007.
 Computer Networks by Andrew S. Tanenbaum, David J. Wetherall 5th Edition.

Courtesy : The many of images used in this notes been taken from the text book Data Communications and
Networking by Forouzan, 5th Edition
 MODULE 1:
1. INTRODUCTION

1.1 DATA COMMUNICATIONS

Communication: Sharing of information
When we communicate, we are sharing information. This sharing can be local or remote. Between individuals,
local communication usually occurs face to face, while remote communication takes place over distance.

Telecommunication: It means communication at a distance (tele is Greek for “far”). It includes telephony,
telegraphy, and television.

Data: It refers to information presented in whatever form, which is agreed by the parties creating and using the
data.

Data communications: Exchange of data between two devices via some form of transmission medium such as a
wire cable.

Communication system:
For data communications to occur, the communicating devices must be part of a communication system made up
of a combination of hardware (physical equipment) and software (programs).

Four fundamental characteristics of Data Communication system :

The effectiveness of a data communications system depends on four fundamental characteristics:
1. delivery
2. accuracy,
3. timeliness,
4. Jitter.

1. Delivery. The system must deliver data to the correct destination. Data must be received by the intended
device or user and only by that device or user.
2. Accuracy. The system must deliver the data accurately. If data is altered or corrupted during transmission
and if not corrected, then it becomes unusable
3. Timeliness. The system must deliver data in a timely manner. Data delivered late are useless. In the case
of video and audio, timely delivery means delivering data as they are produced, in the same order that they
are produced, and without significant delay. This kind of delivery is called real-time transmission.
4. Jitter: Jitter refers to the variation in the packet arrival time. It is the uneven delay in the delivery of audio
or video packets. For example, let us assume that video packets are sent every 30 ms. If some of the
packets arrive with 30-ms delay and others with 40-ms delay, then it results an uneven quality in the
video.

1.11 Components of Communication System,:

A data communications system has five components :
 1. Message: The message is the information (data) to be communicated. Popular forms of information include
text, numbers, pictures, audio, and video.
2. Sender: The sender is the device that sends the data message. It can be a computer, workstation, telephone
handset, video camera, and so on.
3. Receiver: The receiver is the device that receives the message. It can be a computer, workstation, telephone
handset, television, and so on.
4. Transmission medium : The transmission medium is the physical path by which a message travels from
sender to receiver. Some examples of transmission media include twisted-pair wire, coaxial cable, fiber-optic
cable, and radio waves.
5. Protocol: A protocol is a set of rules that govern data communications. It represents an agreement between
the communicating devices. Without a protocol, two devices may be connected but not communicating, just
as a person speaking French cannot be understood by a person who speaks only Japanese.

1.1.2 Data Representation

Information today comes in different forms such as
 text
 numbers
 images
 audio
 Video.

Text
 In data communications, text is represented as a bit pattern, a sequence of bits (0s or 1s). Different sets of
bit patterns are used to represent text symbols.
 Each set is called a code, and the process of representing symbols is called coding.
 Presently, Coding system used is Unicode, which uses 32 bits to represent a symbol or character used in
any language in the world.
 The ASCII is another coding system developed by American Standard Code for Information
Interchange (ASCII), some decades ago, now it constitutes the first 127 characters in Unicode and it is
also referred to as Basic Latin.

Numbers
 Numbers are also represented by bit patterns.
 However, a code such as ASCII is not used to represent numbers; the number is directly converted to a
binary number to simplify mathematical operations.

Images
 Images are also represented by bit patterns. In its simplest form, an image is composed of a matrix of
pixels (picture elements), where each pixel is a small dot.
 The size of the pixel depends on the resolution. For example, an image can be divided into 1000 pixels or
10,000 pixels. In the second case, there is a better representation of the image (better resolution), but more
memory is needed to store the image. After an image is divided into pixels, each pixel is assigned a bit
pattern.
 The size and the value of the pattern depend on the image. For an image made of only black and- white
dots (e.g., a chessboard), a 1-bit pattern is enough to represent a pixel.
 If an image is not made of pure white and pure black pixels, we can increase the size of the bit pattern to
include gray scale. For example, to show four levels of gray scale, we can use 2-bit patterns. A black pixel
can be represented by 00, a dark gray pixel by 01, a light gray pixel by 10, and a white pixel by 11.
 There are several methods to represent color images. One method is called RGB, so called because each
color is made of a combination of three primary colors: red, green, and blue. The intensity of each color is
measured, and a bit pattern is assigned to it.
 Another method is called YCM, in which a color is made of a combination of three other primary colors:
yellow, cyan, and magenta.
Audio
 Audio refers to the recording or broadcasting of sound or music. Audio is by nature different from text,
numbers, or images.
 It is continuous, not discrete. Even when we use a microphone to change voice or music to an electric
signal, we create a continuous signal.

Video
 Video refers to the recording or broadcasting of a picture or movie. Video can either be produced as a
continuous entity (e.g., by a TV camera), or it can be a combination of images, each a discrete entity,
arranged to convey the idea of motion.

1.1.1 Data Flow

Communication between two devices can be
 Simplex,
 Half-duplex,
 Full-duplex

Simplex
 In simplex mode, the communication is unidirectional, as on a one-way street. Only one of the two
devices on a link can transmit; the other can only receive (see Figure 1.2a).
 Keyboards and traditional monitors are examples of simplex devices. The keyboard can only introduce
input; the monitor can only accept output. The simplex mode can use the entire capacity of the channel to
send data in one direction.

Half-Duplex
 In half-duplex mode, each station can both transmit and receive, but not at the same time. When one
device is sending, the other can only receive, and vice versa (see Figure 1.2b).
 In a half-duplex transmission, the entire capacity of a channel is taken over by whichever of the two
devices is transmitting at the time.
 Ex: The half-duplex mode is like a one-lane road with traffic allowed in both directions. When cars are
traveling in one direction, cars going the other way must wait
 Walkie-talkies and CB (citizens band) radios are both half-duplex systems. The half-duplex mode is
used in cases where there is no need for communication in both directions at the same time; the entire
capacity of the channel can be utilized for each direction.
Full-Duplex
 In full-duplex mode (also called duplex), both stations can transmit and receive simultaneously (see
Figure 1.2c). The full-duplex mode is like a two-way street with traffic flowing in both directions at the
same time.
 In full-duplex mode, signals going in one direction share the capacity of the link with signals going in the
other direction. This sharing can occur in two ways: Either the link must contain two physically separate
transmission paths, one for sending and the other for receiving; or the capacity of the channel is divided
between signals traveling in both directions.
 Example of full-duplex communication is the telephone network. When two people are communicating by
a telephone line, both can talk and listen at the same time. The full-duplex mode is used when
communication in both directions is required all the time. The capacity of the channel, however, must be
divided between the two directions.

1.2 NETWORKS
 A network is the interconnection of a set of devices capable of communication.
 In this definition, a device can be a host (or an end system) such as a large computer, desktop, laptop,
workstation, cellular phone, or security system.
 A device can also be a connecting device such as a router, which connects the network to other networks,
a switch, which connects devices together, a modem (modulator-demodulator), which changes the form of
data, and so on.
 These devices in a network are connected using wired or wireless transmission media such as cable or
air. When we connect two computers at home using a plug-and-play router, we have created a network,
although very small.

1.2.1 Network Criteria

A network must be able to meet a certain number of criteria.
 Performance,
 Reliability,
 Security.

Performance
 Performance can be measured in many ways, including transit time and response time.
o Transit time: It is the amount of time required for a message to travel from one device to another.
o Response time: It is the elapsed time between an inquiry and a response.
 The performance of a network depends on a number of factors: the number of users, the type of
transmission medium, the capabilities of the connected hardware, and the efficiency of the software.
 Performance is evaluated by two networking metrics: throughput and delay.
 We often need more throughput and less delay. However, these two criteria are often contradictory. If we
try to send more data to the network, we may increase throughput but we increase the delay because of
traffic congestion in the network.

Reliability
Network reliability is measured by:
 Frequency of failure,
 Time it takes a link to recover from a failure
 Network’s robustness in a catastrophe.
 Accuracy of the delivery

Security
 Network security issues include :
 Protecting data from unauthorized access.
 Protecting data from damage and development, and
 Implementing policies and procedures for recovery from breaches and data losses.
1.2.2 Physical Structures

Network attributes:
 Type of connection
 Physical Topology

Type of Connection
 A network is two or more devices connected through links. A link is a communications pathway that
transfers data from one device to another. For visualization purposes, it is simplest to imagine any link as a
line drawn between two points. For communication to occur, two devices must be connected in some way
to the same link at the same time.
 There are two possible types of connections:
o Point-to-point
o Multipoint.

i) Point-to-Point
 A point-to-point connection provides a dedicated link between two devices.
 The entire capacity of the link is reserved for transmission between those two devices.
 Most point-to-point connections use an actual length of wire or cable to connect the two ends, but other
options, such as microwave or satellite links, are also possible (see Figure 1.3a).
 When we change television channels by infrared remote control, we are establishing a point-to-point
connection between the remote control and the television’s control system.

ii) Multipoint
 A multipoint (also called multidrop) connection is one in which more than two specific devices share a
single link (see Figure 1.3b).
 In a multipoint environment, the capacity of the channel is shared, either spatially or temporally.
 If several devices can use the link simultaneously, it is a spatially shared connection. If users must take
turns, it is a timeshared connection.
Physical Topology

 Physical topology: Refers to the way in which a network is laid out physically.
 The topology of a network is the geometric representation of the relationship of all the links and linking
devices (usually called nodes) to one another.
 There are four basic topologies possible: i) mesh ii) star iii) bus iv) ring.

i) Mesh Topology
 In a mesh topology, every device has a dedicated point-to-point link to every other device. The term
dedicated means that the link carries traffic only between the two devices it connects.
 To find the number of physical links in a fully connected mesh network with n nodes, we first consider that
each node must be connected to every other node. Node 1 must be connected to n – 1 nodes, node 2 must
be connected to n – 1 nodes, and finally node n must be connected to n – 1 nodes. We need n (n – 1)
physical links.
 However, if each physical link allows communication in both directions (duplex mode), we can divide the
number of links by 2. In other words, we can say that in a mesh topology, we need n (n – 1) / 2 duplex-
mode links.
 To accommodate that many links, every device on the network must have n – 1 input/output (I/O) ports to
be connected to the other n – 1 station.
Advantages:
A mesh offers several advantages over other network topologies.
1. The dedicated links guarantees that each connection can carry its own data load, thus eliminating the
traffic problems that can occur when links must be shared by multiple devices.
2. Mesh topology is robust. If one link becomes unusable, it does not incapacitate the entire system.
3. There is the advantage of privacy or security. When every message travels along a dedicated line, only the
intended recipient sees it. Physical boundaries prevent other users from gaining access to messages.
4. Point-to-point links make fault identification and fault isolation easy. Traffic can be routed to other paths
so to avoid links with suspected problems. This facility enables the network manager to discover the
precise location of the fault and aids in finding its cause and solution.
Disadvantages :
1. The main disadvantages of a mesh are related to the more amount of cabling and the number of I/O ports
required.
2. As every device must be connected to every other device, installation and reconnection are difficult.
3. the sheer bulk of the wiring can be greater than the available space (in walls, ceilings, or floors) can
accommodate.
4. Finally, the hardware required to connect each link (I/O ports and cable) can be very expensive.

Applications:
 For these reasons a mesh topology is usually implemented in a limited fashion, for example, as a backbone
connecting the main computers of a hybrid network that can include several other topologies.
 One practical example of a mesh topology is the connection of telephone regional offices in which each
regional office needs to be connected to every other regional office.

ii) Star Topology

 In a star topology, each device has a dedicated point-to-point link only to a central controller, usually
called a hub. The devices are not directly linked to one another. Unlike a mesh topology, a star topology
does not allow direct traffic between devices.
 The controller acts as an exchange: If one device wants to send data to another, it sends the data to the
controller, which then relays the data to the other connected device (see Figure) .
Advantages:
 A star topology is less expensive than a mesh topology. In a star, each device needs only one link and one
I/O port to connect it to any number of others.
 This factor also makes it easy to install and reconfigure.
 Far less cabling needs to be housed, and additions, moves, and deletions involve only one connection:
between that device and the hub.
 Other advantages include robustness. If one link fails, only that link is affected. All other links remain
active.
 This factor also lends itself to easy fault identification and fault isolation. As long as the hub is working, it
can be used to monitor link problems and bypass defective links.
Disadvantages:
 One big disadvantage of a star topology is the dependency of the whole topology on one single point, the
hub. If the hub goes down, the whole system is dead.
 Although a star requires far less cable than a mesh, each node must be linked to a central hub. For this
reason, often more cabling is required in a star than in some other topologies (such as ring or bus).
Application:
 The star topology is used in local-area networks (LANs). High-speed LANs often use a star topology with
a central hub.
iii) Bus Topology

 A bus topology is multipoint.

 One long cable acts as a backbone to link all the devices in a network (see Figure 1.6).
 Nodes are connected to the bus cable by drop lines and taps. A drop line is a connection. running between
the device and the main cable. A tap is a connector that either splices into the main cable or punctures the
sheathing of a cable to create a contact with the metallic core.
 As a signal travels along the backbone, some of its energy is transformed into heat. Therefore, it becomes
weaker and weaker as it travels farther and farther. For this reason there is a limit on the number of taps a
bus can support and on the distance between those taps.
Advantages:
 Ease of installation is the biggest advantages of bus topology
 Less cabling: Backbone cable can be laid along the most efficient path, and then connected to the nodes
by drop lines of various lengths. In this way, a bus uses less cabling than mesh or star topologies. In a star,
for example, four network devices in the same room require four lengths of cable reaching all the way to
the hub. In a bus, this redundancy is eliminated. Only the backbone cable stretches through the entire
facility. Each drop line has to reach only as far as the nearest point on the backbone.
Disadvantages:
 Disadvantages include difficult reconnection and fault isolation.
 A bus is usually designed to be optimally efficient at installation. It can therefore be difficult to add new
devices.
 Adding new devices may therefore require modification or replacement of the backbone
 Signal reflection at the taps can cause degradation in quality. This degradation can be controlled by
limiting the number and spacing of devices connected to a given length of cable.
 Fault or break in the bus cable stops all transmission, even between devices on the same side of the
problem. The damaged area reflects signals back in the direction of origin, creating noise in both
directions.
Applications :
 Bus topology was the one of the first topologies used in the design of early local area networks. Traditional
Ethernet LANs can use a bus topology, but they are less popular now

iv) Ring Topology

 In a ring topology, each device has a dedicated point-to-point connection with only the two devices on
either side of it.
 A signal is passed along the ring in one direction, from device to device, until it reaches its destination.
Each device in the ring incorporates a repeater. When a device receives a signal intended for another
device, its repeater regenerates the bits and passes them along (see Figure 1.7).
 In a ring topology, a signal is circulating at all times. If one device does not receive a signal within a
specified period, it can issue an alarm. The alarm alerts the network operator to the problem and its
location.
Advantages:
 A ring is relatively easy to install and reconfigure.
 Each device is linked to only its immediate neighbors (either physically or logically). So adding or
deleting a device requires changing only two connections.
 Fault identification and isolation is very simple.
Disadvantages:
 Unidirectional Traffic.
 In a simple ring, a break in the ring (such as a disabled station) can disable the entire network. This
weakness can be solved by using a dual ring or a switch capable of closing off the break.
Applications:
 Ring topology was prevalent when IBM introduced its local-area network, Token Ring.
 Today, the need for higher-speed LANs has made this topology less popular.

1.3 NETWORK TYPES

Many criteria’s are there for distinguishing one type of network from another. We use a few criteria such as size,
geographical coverage, and ownership to make this classification.
LAN
MAN
WAN

1.3.1 Local Area Network

 A local area network (LAN) is usually privately owned and connects some hosts in a single office,
building, or campus.
 Depending on the needs of an organization, a LAN can be as simple as two PCs and a printer in home or
office, or it can extend throughout a company and include audio and video devices.
 Each host in a LAN has an identifier, an address that uniquely defines the host in the LAN. A packet sent
by a host to another host carries both the source host’s and the destination host’s addresses.
 In the past, all hosts in a network were connected through a common cable, which meant that a packet sent
from one host to another was received by all hosts. The intended recipient kept the packet; the others
dropped the packet.
 Today, most LANs use a smart connecting switch, which is able to recognize the destination address of the
packet and guide the packet to its destination without sending it to all other hosts.
 The switch alleviates (reduces) the traffic in the LAN and allows more than one pair to communicate with
each other at the same time if there is no common source and destination among them.
 Figure 1.8 shows a LAN using either a common cable or a switch.
1.3.2 Wide Area Network
 A wide area network (WAN) is also an interconnection of devices capable of communication. However,
there are some differences between a LAN and a WAN.
 A LAN is normally limited in size, spanning an office, a building, or a campus; a WAN has a wider
geographical span, spanning a town, a state, a country, or even the world.
 A LAN interconnects hosts; a WAN interconnects connecting devices such as switches, routers, or
modems. A LAN is normally privately owned by the organization that uses it; a WAN is normally created
and run by communication companies and leased by an organization that uses it.
 The distinct examples of WAN:
o Point-to-point WANs
o Switched WANs.
o Internetwork

Point-to-Point WAN
 A point-to-point WAN is a network that connects two communicating devices through a transmission
media (cable or air).
 Figure 1.9 shows an example of a point-to-point WAN.
Switched WAN
 A switched WAN is a network with more than two ends. A switched WAN is used in the backbone of
global communication today. We can say that a switched WAN is a combination of several point-to-point
WANs that are connected by switches.
 Figure 1.10 shows an example of a switched WAN.

Internetwork
 If two or more LAN (or WAN ) are connected to one another, they make an internetwork, or internet.
 For example, assume that an organization has two offices, one on the east coast and the other on the west
coast. Each office has a LAN that allows all employees in the office to communicate with each other.
 To make the communication between employees at different offices, these 2 LANs are connected through
dedicated point-to-point WAN from a service provider, such as a telephone company.
 Now the company has an internetwork, or a private internet (with lowercase i).

 Figure 1.11 shows this internet. When a host in the west coast office sends a message to another host in the
same office, the router blocks the message, but the switch directs the message to the destination. On the
other hand, when a host on the west coast sends a message to a host on the east coast, router R1 routes the
packet to router R2, and the packet reaches the destination.
 Figure 1.12 shows another internet with several LANs and WANs connected. One of the WANs is a
switched WAN with four switches.
1.3.3 Switching
 Switching is used to connect networks to form an internetwork (a network of networks).
 An internet is a switched network in which a switch connects at least two links together.
 Switch forwards data from a network to another network whenever required.
 The two most common types of switched networks are
o Circuit-switched and
o Packet-switched networks.

Circuit-Switched Network
 In a circuit-switched network, a dedicated connection, called a circuit, is always available between the
two end systems; the switch can only make it active or inactive.
 Figure 1.13 shows a simple switched network that connects four telephones to each end. Here telephone
sets are used instead of computers as hosts; because circuit switching is very common in telephone
networks (but today part of the telephone network is a packet-switched network)
 In Figure the four telephones at each side are connected to a switch. The switch connects a telephone set
at one side to a telephone set at the other side. The thick line connecting two switches is a high-capacity
communication line that can handle four voice communications at the same time; the capacity can be
shared between all pairs of telephone sets.
 The switches used in this example have forwarding tasks but no storing capability. Let us look at two
cases.
 In the first case, all telephone sets are busy; four people at one site are talking with four people at the other
site; the capacity of the thick line is fully used.
 In the second case, only one telephone set at one side is connected to a telephone set at the other side; only
one-fourth of the capacity of the thick line is used. This means that a circuit-switched network is efficient
 only when it is working at its full capacity; most of the time, it is inefficient because it is working at partial
capacity.
 The reason to make the capacity of the thick line four times the capacity of each voice line is, that we do
not want communication to fail when all telephone sets at one side want to be connected with all telephone
sets at the other side.

Packet-Switched Network
 In a computer network, the communication between the two ends is done in blocks of data called packets.
Here, instead of the continuous communication which happens between two telephone sets, we see the
exchange of individual data packets between the two computers.
 This allows switches to perform both storing and forwarding operations. Because each packet is an
independent entity that can be stored and sent later. Figure 1.14 shows a small packet-switched network
that connects four computers at one site to four computers at the other site.

 A router in a packet-switched network has a queue (buffer –memory) that can store and forward the
packet.
 Now assume that the capacity of the thick line is only twice the capacity of the data line connecting the
computers to the routers. If only two computers (one at each site) need to communicate with each other,
there is no waiting for the packets.
 If packets arrive at one router when the thick line is already working at its full capacity, then packets are
stored and forwarded in the same order they arrived. The two simple examples show that a packet-
switched network is more efficient than a circuit switched network, but the packets may encounter some
delays.
1.3.4 The Internet

 An internet (small “i”) is a series of networks owned by same organization; two or more organizations
(Microsoft and Google, for example) set up to communicate with each other.
 The Internet (big “I”) is the world wide network comprising of all other networks interconnected and
communicating on the open Web. Figure 1.15 shows a conceptual (not geographical) view of the Internet.
 The figure shows the Internet as several backbones, provider networks, and customer networks. At the
top level, the backbones are large networks owned by some communication companies such as Sprint,
Verizon (MCI), AT&T, and NTT.
 The backbone networks are connected through some complex switching systems, called peering points.
 At the second level, there are smaller networks, called provider networks, that use the services of the
backbones for a fee. The provider networks are connected to backbones and sometimes to other provider
networks. The customer networks are networks at the edge of the Internet that actually use the services
provided by the Internet.
 They pay fees to provider networks for receiving services. Backbones and provider networks are also
called Internet Service Providers (ISPs). The backbones are often referred to as international ISPs; the
provider networks are often referred to as national or regional ISPs.

2. NETWORK MODELS
2.1 PROTOCOL LAYERING
 In data communication and networking, a protocol defines the rules that both the sender and receiver and
all intermediate devices need to follow to have effective communication.
 When communication is simple, we need only one simple protocol; but when the communication is
complex, a task is divided into smaller tasks between different layers; in this case, each layer has separate
protocols, it is known as Protocol layering.
2.1.1 Scenarios
Let us develop two simple scenarios to better understand the need for protocol layering.

First Scenario
 In the first scenario, communication is so simple that it can occur in only one layer. Assume Maria and
Ann are neighbors with a lot of common ideas. Communication between Maria and Ann takes place in one
layer, face to face, in the same language, as shown in Figure 2.1.

 Even in this simple scenario, we can see that a set of rules needs to be followed.
1. Maria and Ann know that they should greet each other when they meet.
2. They should confine their vocabulary to the level of their friendship.
3. Each party knows that she should refrain from speaking when the other party is speaking.
4. Each party knows that the conversation should be a dialog, not a monolog: both should have the
opportunity to talk about the issue.
5. They should exchange some nice words when they leave.

 Protocol used by Maria and Ann is different from the communication between a professor and the students
in a lecture hall. The communication in the second case is mostly monolog; the professor talks most of the
time unless a student has a question, a situation in which the protocol dictates that she should raise her
hand and wait for permission to speak. In this case, the communication is normally very formal and limited
to the subject being taught.

Second Scenario
 In the second scenario, we assume that Ann and Maria are higher-level Managers in the different branches
(situated in different cities); The two managers want to have communication and exchange ideas related to
project.
 They decided to have communication using regular mail service through the post office. However, they do
not want their ideas to be revealed to other people if the letters are intercepted.
 They agree on an encryption/decryption technique. The sender of the letter encrypts so that it is unreadable
by an intruder; the receiver of the letter decrypts it to get the original letter.
 Now the communication between Maria and Ann takes place in three layers, as shown in Figure 2.2.
  We assume that Ann and Maria each have three machines (or robots) that can perform the task at each
layer. Let us assume that Maria sends the first letter to Ann.
 Maria talks to the machine at the third layer as though the machine is Ann and is listening to her. The third
layer machine listens to what Maria says and creates the plaintext (a letter in English), which is passed to
the second layer machine.
 The second layer machine takes the plaintext, encrypts it, and creates the ciphertext, which is passed to the
first layer machine.
 The first layer machine, presumably a robot, takes the ciphertext, puts it in an envelope, adds the sender
and receiver addresses, and mails it.
 At Ann’s side, the first layer machine picks up the letter from Ann’s mail box, recognizing the letter from
Maria by the sender address. The machine takes out the ciphertext from the envelope and delivers it to the
second layer machine.
 The second layer machine decrypts the message, creates the plaintext, and passes the plaintext to the third-
layer machine.
 The third layer machine takes the plaintext and reads it as though Maria is speaking.

 Modularity: In protocol layering a complex task is divided into several smaller and simpler tasks between
several layers and each layer is independent of each other, this is known as modularity. For example,
if only one machine is used to do the job of all three machines. Then, if Maria and Ann feel that the
encryption/decryption done by the machine is not enough to protect their secrecy, then they have to change
the whole machine. But in this case only the second layer machine is changed; the other two can remain
the same.
o Modularity in this case means independent layers. A layer (module) can be treated as a black box, without
knowing how inputs are processed and outputs are produced. If two machines provide the same outputs for
same inputs, then they can replace each other. For example, Ann and Maria can buy the second layer
machine from two different manufacturers, since two machines create the same ciphertext from the same
plaintext and vice versa.

Advantages of protocol layering

 One of the advantages of protocol layering is that it allows us to separate the services from the
implementation. A layer receives a set of services from the lower layer and to give the services to the
upper layer; it is not required to know how the layer is implemented. For example, if Maria decides not
to buy the machine (robot) for the first layer; & wants do the tasks (of fist layer) by herself, still the
communication system works.
  Another advantage of protocol layering is that, in communication, there are intermediate systems that need
only some layers, but not all layers. If protocol layering is not used, then each intermediate system is
forced use all layers, which makes the whole system more expensive and complex.
 If second layer machine is broken, instead of replacing whole machine with a new one, just we have to
replace only machine in the second layer.

2.1.2 Principles of Protocol Layering

Let us discuss two principles of protocol layering.
First Principle
 If we want bidirectional communication, each layer should be able to e to perform two opposite tasks. (one
in each direction).
 For example, the third layer task is to listen (in one direction) and talk (in the other direction). The second
layer needs to be able to encrypt and decrypt. The first layer needs to send and receive mail.
Second Principle
 Two objects under each layer at both sites should be identical.
 For example, the object under layer 3 at both sites should be a plaintext letter. The object under layer 2 at
both sites should be a ciphertext letter. The object under layer 1 at both sites should be a piece of mail.

2.1.3 Logical Connections

 After following the above two principles, we can think about logical connection between each layer as
shown in Figure 2.3. This means that we have layer-to-layer communication. Maria and Ann can think that
there is a logical (imaginary) connection at each layer through which they can send data

2.2 TCP/IP PROTOCOL SUITE

 TCP/IP is a protocol suite (a set of protocols organized in different layers) is a implemented network
model in the Internet. It is a hierarchical protocol stack made up of interactive layers(modules), each
provides a specific functionality.
 The term hierarchical means that each upper level protocol is supported by the services provided by lower
level protocols. The original TCP/IP protocol suite had four software layers. Today TCP/IP is thought of as
a five-layer model. Figure 2.4 shows both configurations.
2.2.1 Layered Architecture
 To show how the layers in the TCP/IP protocol suite are involved in communication between two hosts, let
us consider small internet made up of three LANs (links), each with a link-layer switch. Here LANs are
connected by a router, as shown in Figure 2.5.
 Let us assume that computer A communicates with computer B.
 As shown in figure, we have 5 communicating devices in this communication: source host (computer A),
the link-layer switch in link 1, the router, the link-layer switch in link 2, and the destination host
(computer B).
 Each device is involved with a set of layers depending on the role of the device in the internet. The two
hosts are involved in all five layers; the source host needs to create a message in the application layer and
send it down the layers so that it is physically sent to the destination host. The destination host needs to
receive the communication at the physical layer and then deliver it through the other layers to the
application layer.
 The router is involved in only 3 layers; there is no transport or application layer. Router is having only
one network layer and ‘n’ number of link and physical layers. Because if router has “n” ports, then “ n”
number of devices can be connected to it & each link uses its own data-link or physical protocol, so it is
involved in n number of link and physical layers.
 For example, in the above figure, the router has three links, but the message sent from source A to
destination B is involved in two links. Each link may be using different link-layer and physical-layer
protocols; the router needs to receive a packet from link 1 based on one pair of protocols and deliver it to
link 2 based on another pair of protocols.
 A link-layer switch in a link is involved only in two layers, data-link and physical. Although each switch in
the above figure has two different connection ns, the connections are in the same link, which uses only one
set of protocols. This means that, unlike a router, a link-layer switch is involved only in one data-link and
one physical layer.
2.2.2 Layers in the TCP/IP Protocol Suite
To better understand the duties of each layer of TCP/IP suite, let us think about the logical connections
between layers. Figure 2.6 shows logical connections in our simple internet
  As shown in the figure, the duty of the application, transport, and network layers is end-to-end & the duty
of the data-link and physical layers is hop-to-hop . Here hop is intermediate a host or router. It means the
top three layers contribute for internet, and the domain of duty of the two lower layers is the LAN
 The data unit (packet) of the top three layers, is not changed by any router or link-layer switch (in
intermediate stages). But router (3 layer and intelligent device) can change, the packet at bottom two
layers, not the link-layer switches.

Figure 2.7 shows the second principle discussed previously for protocol layering.

2.2.3 Description of Each Layer

Physical Layer
 Physical layer is responsible for carrying or transmitting individual bits in a frame across the link.
 Two devices or nodes in the network are connected by a transmission medium (cable or air). The
transmission medium does not carry bits; it carries electrical or optical signals. There is another hidden
layer known as transmission media under physical layer.
 At source node, this hidden layer-transmission media converts the bits received in a frame from the
data-link layer to electrical signal or optical signal and sends these signals through the transmission
medium (cable or air).
 At receiving node, the hidden layer- transmission media coverts the received electrical signals to bits
and send these bits to data link layer. There are several protocols that transform a bit to a signal.
 It also deals with the physical characteristics & electrical properties
 Although the physical layer is the lowest level in the TCP/IP protocol suite, the communication between
two devices at the physical layer is considered to be a logical communication because of hidden layer -
transmission media. Hence the unit of communication in the physical layer is bit.
Data-link Layer
 The communication at data link layer is node to node or hop to hop.
 Internet is made up of several links (LANs and WANs) connected by routers. There may be several
overlapping links (paths) from the host to the destination.
 If routers are responsible for choosing the best links (next best or shortest paths) for the datagram; then
data-link layer is responsible for taking the datagram and moving it across the link. The link can be a wired
LAN with a link-layer switch, a wireless LAN, a wired WAN, or a wireless WAN.
 Different protocols may be used in different LANs or link type. In such each cases, the data-link layer is
responsible for moving the packet through theses links. TCP/IP does not define any specific protocol for
the data-link layer. It supports all the standard and proprietary protocols.
 The data-link layer takes a datagram and encapsulates it in a packet called a frame.
 Other services : Framing, error detection and correction, Flow control.
 The unit of communication in the data link layer is frame.
 Data link layer deals with MAC or physical or hardware address.
 The two sub layers of Data link layer are Data link control and MAC layer.

Network Layer
o The network layer is responsible for creating a connection between the source computer and the
destination computer. The communication at the network layer is host-to-host.
o However, since there can be seve ral routers from the source to the destination, the routers in the path are
responsible for choosing the best route or shortest path for each packet.
o The address in Network layer is called IP address or logical address
 The network layer has one main protocol : Internet Protocol (IP)
& 4 supporting (auxiliary) protocols : ARP, RARP, ICMP.

Internet Protocol (IP) :

 The internet Protocol (IP) is the transmission mechanism used by TCP/IP model. IP defines the format of
the packet, called a datagram at the network layer. IP also defines the format and the structure of
addresses used in this layer.
 IP is also responsible for routing a packet from its source to its destination, which is achieved by each
router forwarding the datagram to the next router in its path.
 IP is a connectionless protocol that provides no flow control, no error control, and no congestion control
services. If any of these services are required for an application, then it has to rely only on the transport-
layer protocol.
Auxiliary (supporting) protocols of Network layer : These Help IP for delivery of packets and routing tasks.
 The Internet Control Message Protocol (ICMP) : Helps IP to report some problems when routing a packet.
 The Internet Group Management Protocol (IGMP) : Helps IP in multitasking.
 The Dynamic Host Configuration Protocol (DHCP) : Helps IP to get the network-layer address for a host.
 The Address Resolution Protocol (ARP) : Helps IP to find the link-layer address (MAC) of a node a
router when its network-layer (IP) address is given.

 The network layer also includes unicast (one-to-one) and multicast (one-to-many) routing protocols. A
routing protocol does not take part in routing (it is the responsibility of IP), but it creates forwarding tables
for routers to help them in the routing process.

Transport Layer
 The logical connection at the transport layer is also end-to-end
 The transport layer is responsible to provide service to the application layer . At the source host, it takes
the message from the application layer, it adds the port address & encapsulates it in a transport layer
packet called a segment and sends it, through the logical (imaginary) connection, to the transport layer at
the destination host, and here segment is de-capsulated and will be sent to application program.
 The transport layer is independent of the application layer.
 There are a few transport-layer protocols, each designed for some specific task : TCP, UDP and SCTP
TCP
 Transmission Control Protocol (TCP) is connection oriented protocol. Connection-oriented protocol
first establishes a logical connection between transports layers at two hosts before transferring data. It
creates a logical pipe between two TCPs for transferring a stream of bytes.
 TCP provides flow control (matches the sending data rate of the source host with the receiving data rate of
the destination host to prevent overwhelming the destination),
 Error control (to guarantee that the segments arrive at the destination without error and resending the
corrupted ones), and congestion control to reduce the loss of segments due to congestion in the network.
 User Datagram Protocol (UDP): It is a connectionless protocol that transmits user datagrams without
first creating a logical connection. In UDP, each user datagram is an independent entity without being
related to the previous or the next one (the meaning of the term connectionless).
 UDP is a simple protocol that does not provide flow, error, or congestion control. Because of its
simplicity, (small overhead ), it is used in the applications, where program wants to send short messages
and cannot afford the retransmission of the packets, when a packet is corrupted or lost.
 Stream Control Transmission Protocol (SCTP) :A new protocol, is designed to respond to new
applications that are emerging in the multimedia.

Application Layer
 The logical connection between the two application layers is end to-end. The data is called Message
 The two application layers exchange messages between each other as though there were a bridge between
the two layers. However, the communication is done through all the layers.
 Communication at the application layer is between two processes (two programs running at this layer). To
communicate, a process sends a request to the other process and receives a response.
 Process-to-process communication is the duty of the application layer. The application layer includes many
predefined protocols; still user can also create a pair of processes to be run at the two hosts.

 Application layer protocols: HTTP, SMTP, FTP, TELNET, SSH, SNMP, DNS, IGMP.

 The Hypertext Transfer Protocol (HTTP) is a vehicle for accessing the World Wide Web (WWW).
 The Simple Mail Transfer Protocol (SMTP) is the main protocol used in electronic mail (e-mail) service.
 The File Transfer Protocol (FTP) is used for transferring files from one host to another.
 The Terminal Network (TELNET) and Secure Shell (SSH) are used for accessing a site remotely.
 The Simple Network Management Protocol (SNMP) is used by an administrator to manage the Internet at
global and local levels.
  The Domain Name System (DNS) is used by other protocols to find the network-layer address of a
computer.
 The Internet Group Management Protocol (IGMP) is used to collect membership in a group.

2.2.4 Encapsulation and Decapsulation

 One of the important concepts in protocol layering in the Internet is encapsulation/ decapsulation. Figure
2.8 shows this concept for the small internet

 Encapsulation/ decapsulation does not occur in link-layer switches, hence those are not shown.
 Encapsulation occurs in the source host, decapsulation in the destination host, and both encapsulation and
decapsulation in the router.

Encapsulation at the Source Host

At the source, we have only encapsulation.
1. At the application layer, the data to be exchanged is referred to as a message. A message usually does not
contain any header or trailer. The message is passed to the transport layer.
2. The transport layer takes the message as the payload (the load that the transport layer should take care
of). It adds the transport layer header to the payload.
Header contains the identifiers (port address) of the source and destination application programs. Also
contains information needed for the end-to end delivery of the message & information needed for
flow control, error control, or congestion control.
This encapsulated the transport-layer packet is called the segment (in TCP) and the user datagram (in
UDP).
The transport layer then passes the packet to the network layer.
3. The network layer takes the transport-layer packet as data or payload and adds its own header to the
payload.The header contains the IP addresses of the source and destination hosts and some more
information used for error checking of the header, fragmentation information, and so on.
This encapsulated network-layer packet is called a datagram. The network layer then passes the packet to
the data-link layer.
4. The data-link layer takes the network-layer packet as data or payload and adds its own header, which
contains the link-layer MAC addresses of the host or the next hop (the router). This encapsulated link-
layer packet is called a frame. The frame is passed to the physical layer for transmission.

Decapsulation and Encapsulation at the Router

At the router, we have both decapsulation and encapsulation because the router is intermediate node (It acts as both
host and destination) connected to two or more links. It has only 3 layers [ AL, DL, NL]
 1. (As destination ): The data link layer of the router receives set of bits from physical layer. Then this data
link layer decapsulates the datagram from the frame and passes it to the network layer.
2. The network layer only inspects the source and destination addresses in the datagram header and consults
its forwarding table to find the next hop to which the datagram is to be delivered. The contents of the
datagram are not be changed by the network layer in the router unless there is a need to fragment the
datagram if it is too big to be passed through the next link.
As a source Network layer passes the datagram to the data-link layer of the next link.
3. The data-link layer of the next link encapsulates the datagram in a frame and passes it to the physical layer
for transmission.

Decapsulation at the Destination Host

 At the destination host, each layer only decapsulates the packet received, removes the payload, and
delivers the payload to the next-higher layer protocol until the message reaches the application layer.
 Decapsulation in the host involves error checking.

2.2.5 Addressing

 We know that there is logical communication (connection) between pairs (source and destination) of layers
in TCP/IP model.
 Even though there are 5 layers in TCP/IP model, but it defines only four addresses because the physical
layer does not need addresses; the unit of data exchange or communication in the physical layer is a bit,
which cannot have an address.
 At the application layer, we normally use names (Application specific addresses) to define the site that
provides services, such as someorg.com, or the e-mail address, such as [email protected].
 At the transport layer, addresses are called port numbers, and these define the application-layer programs
at the source and destination. Port numbers are local addresses that distinguish between several programs
running at the same time.
 At the network-layer, the addresses are global, with the whole Internet as the scope. A network-layer
address uniquely defines the connection of a device to the Internet. Network layer address is called IP
address or logical address
 The Data link-layer addresses, sometimes called MAC addresses, are locally defined addresses, each of
which defines a specific host or router in a network (LAN or WAN).

2.2.6 Multiplexing and Demultiplexing

 Since the TCP/IP protocol suite uses many protocols at some layers, so we have multiplexing at the source
and demultiplexing at the destination.
 In this case : Multiplexing means, a protocol in a layer can encapsulate a packet from several higher layer
protocols (but one at a time); demultiplexing means , a protocol can decapsulate packets received from
lower layers and deliver this decapsulated packet to several higher layer protocols (one at a time).
  Figure shows the concept of multiplexing and demultiplexing at the three upper layers.
 To perform multiplex and demultiplex, a protocol header has field in it to identify to which protocol the
encapsulated packets belong.
 At transport layer, either UDP or TCP can accept a message from several application-layer protocols. At
the network layer, IP can accept a segment from TCP or a user datagram from UDP.
 IP can also accept a packet from other protocols such as ICMP, IGMP, and so on. At the data-link layer, a
frame may carry the payload coming from IP or other protocols such as ARP

2.3 THE OSI MODEL

 [The International Organization for Standardization (ISO) is a multinational body dedicated to
worldwide agreement on international standards.
 An ISO introduced the Open Systems Interconnection (OSI) model in the late 1970s. An open system is
a set of protocols that allows any two different systems to communicate regardless of their underlying
architecture.
 The purpose of the OSI model is to show how to facilitate communication between different systems
without requiring changes to the logic of the underlying hardware and software.
 The OSI model is not a protocol; it is a model for understanding and designing a network
architecture that is flexible, robust, and interoperable.
 The OSI model is a layered framework to design of network systems which allows communication
between all types of computer systems. It consists of seven separate but related layers, each of which
defines a part of the process of moving information across a network (see Figure 2.11).

Note : ISO is the organization; OSI is the model.

2.3.1 OSI versus TCP/IP [ Comparison of OSI and TCP/IP ]

 When the two models are compared we find that two layers, session and presentation, are missing in the
TCP/IP protocol suite. The application layer in the TCP/IP is considered to be the combination of three
layers ( Application, presentation, session ) of the OSI model, as shown in Figure.

Two reasons for this only 5 layers in TCP/IP as compare to 7 layers in OSI :
1. TCP/IP has more than one transport-layer protocol. Some of the functionalities of the session layer are
available in some of the transport-layer protocols.
2. The application layer is not only one piece of software. Many applications can be developed at this layer.
If some of the functionalities of session and presentation layers are needed for a particular application, they
can be developed & included.

2.3.2 Lack of OSI Model’s Success

The OSI model appeared after the TCP/IP protocol suite. Most experts were at first thought that the TCP/IP
protocol would be fully replaced by the OSI model. This did not happen for several reasons:
1. When OSI was completed, TCP/IP was fully in place and a lot of time and money had been spent on
the suite; changing it would cost a lot.
2. Some layers in the OSI model were never fully defined. For example, although the services provided by
the presentation and the session layers were listed in the document, actual protocols for these two layers
were not fully defined, nor were they fully described, and the corresponding software was not fully

DATA LINK LAYER

3.1 INTRODUCTION
 The Internet is a combination of networks glued together by connecting devices (routers or switches). If a
packet is to travel from a source -host to another destination- host, it needs to pass through these networks.
 Since we are now interested in communication at the data-link layer, So only Communication at the data-
link layers of the intermediate devices (Router) in the path is highlighted
  The data-link layer at Alice’s computer communicates with the data-link layer at router R2. The data-link
layer at router R2 communicates with the data-link layer at router R4, and so on. Finally, the data-link
layer at router R7 communicates with the data-link layer at Bob’s computer.
 Only one data-link layer is involved at the source or the destination, but two data-link layers are involved
at each router. The reason is that Alice’s and Bob’s computers are each connected to a single network, but
each router takes input from one network and sends output to another network.
 Note that although switches are also involved in the data-link-layer communication, for simplicity we have
not shown them in the figure.

3.1.1 Nodes and Links

Communication at the data-link layer is node-to-node. A data unit from one point in the Internet needs to pass
through many networks (LANs and WANs) to reach another point. Theses LANs and WANs are connected by
routers.
 Two end hosts and the routers are referred as nodes
 The networks (LAN or WAN) in between source and receiver are referred as links.

 Figure shows: simple representation of links and nodes. The in between LAN and WAN(Networks) are
treated as links.
 The first, the third, and the fifth links represent the three LANs; the second and the fourth links represent
the two WANs.
 The first node is the source host; the last node is the destination host. The other four nodes are four routers.
3.1.2 Services
 The data-link layer is located between the physical and the network layers. The datalink layer provides
services to the network layer; it receives services from the physical layer.
 The duty scope of the data-link layer is node-to-node. When a packet is travelling in the Internet, the data-
link layer of a node (host or router) is responsible for delivering a datagram to the next node in the
path.
 Data-link layer of the source only encapsulates, the data-link layer of the destination host only
decapsulates, but each intermediate node (router or switch) needs both Encapsulation and decapsulation,
reason is that each link may be using a different protocol with a different frame format. Even if one link
and the next use same protocol, encapsulation and decapsulation are needed because the link-layer
addresses are normally different.
Exapmle

 Figure shows the encapsulation and decapsulation at the data-link layer in the network of one router
between the source and destination.
 The datagram received by the data-link layer of the source host is encapsulated in a frame. The frame is
logically transported from the source host to the router. The frame is decapsulated at the data-link layer of
the router and encapsulated at another frame.
 The new frame is logically transported from the router to the destination host.
 Even though only two data-link layers are shown at the router, but actually router has three data-link layers
because it is connected to three physical links.
Services provided by Data Link Layer
 Framing
 Flow Control
 Error Control
 Congestion control

Framing
 First service provided by the data-link layer is framing. The data-link layer at each node encapsulates the
datagram (packet received from the network layer) by adding header and trailer to form frame .
 The node also needs to decapsulate the datagram by removing the header (de-framing) when the frame is
received. Different data-link layers have different formats for framing.
 The header and trailer may contain the soruce and destination MAC address and error, flow control
information.
 Different types of framing :
 Character oriented framing
 Bit oriented framing

Flow Control
 Whenever source produces data-items faster than they are consumed by destination, then consumer will be
overwhelmed and hence some items may be dropped or lost. We need to prevent loss of the data items at
the consumer site.
 Solutions :
 Feedback (or ack) : Flow control can be done by sending feedback from the receiving node to the
sending nod to stop or slow down pushing frames till it is ready to receive the next packets
 Buffers To use two buffers (memory); one at the sending data-link layer and the other at the receiving
data-link layer. A buffer (memory) holds packets at the sender and receiver to avoid the drop of
packets. When the buffer of the receiving data-link layer is full, it informs the sending data-link layer to
stop pushing frames. The flow control communication can occur by sending signals from the consumer
to the producer.

Error Control
 At the sending node, (before transmitting through media), a frame of data-link layer are changed to bits &
converted to electromagnetic signals, and transmitted through the transmission media. At the receiving
node, electromagnetic signals are received, converted to bits, and put together to create a frame.
 Since electromagnetic signals are susceptible to error, a frame is susceptible to error. The error needs first
to be detected. After detection, it needs to be either corrected at the receiver node or discarded and
retransmitted by the sending node. Error detection and correction is an issue in every layer (node-to node
or host-to-host).
 Error control at the data-link layer is implemented using one of the following two methods. In both
methods, a CRC is added to the frame header by the sender and checked by the receiver.
1. if the frame is corrupted, it is silently discarded; if it is not corrupted, the packet is delivered to the
network layer. This method is used mostly in wired LANs such as Ethernet.
2. If the frame is corrupted, it is silently discarded; if it is not corrupted, an acknowledgment is sent (for
the purpose of both flow and error control) to the sender.

Congestion Control
 Link may be congested with frames, which may result in frame loss, but most data-link-layer protocols do
not directly use a congestion control to alleviate congestion ( some WANss do).
 In general, congestion control is considered an issue in the network layer or the transport layer because of
its end-to-end nature.
3.1.3 Two Categories of Links
point-to-point link :
 In a point-to-point link, the link is dedicated to the two devices; For example, when two friends use the
traditional home phones to chat, they are using a point-to-point link;

broadcast link.
 In a broadcast link, the link is shared between several pairs of devices. When the two friends use their
cellular phones, they are using a broadcast link (the air is shared among many cell phone users).

3.1.4 Two Sublayers

Data-link layer can be sub divided into two sublayers:
 Data link control (DLC)
 Media access control (MAC).

Note : The data link control sublayer deals with all issues common to both point-to-point and broadcast
links; Media access control sublayer deals only with issues specific to broadcast links.
If the link is broadcast ,then MAC sublayer comes into picture as it deals with shared medium ie how the
medium has be shared. If the link is point to point, then MAC sublayer is not required

The division of Datalink layer based on type of link is as shown figure

3.2 LINK-LAYER ADDRESSING

Need for Link layer addressing
 IP addresses as the identifiers in the network layer define the exact points (end nodes) in the Internet where
the source and destination hosts are connected.
In a connectionless internetwork such as the Internet, datagram cannot reach its destination using only IP
addresses. Because, every datagram in the Internet, from the same source host to the same destination host,
may take a different path. The source and destination IP addresses define the two ends but cannot define
through which intermediate node or links (path) the datagram should pass.
 So, we need another addressing mechanism in a connectionless internetwork:, to define the next
intermediate node or link(path). The link-layer addresses of the two nodes. A link-layer address is
sometimes called a link address, physical address, or MAC address.
 Since a link is controlled by the data-link layer, the addresses need to belong to the data-link layer.
 When a data link layer of source receives datagram from the network layer , datagram is encapsulated in a
frame and two data-link addresses are added to the frame header.
 First MAC address is of source itself & second is MAC address of the next intermediate node to which
frame has to reach
 These two MAC addresses are changed every time, when frame moves from one link (node) to another.
Figure demonstrates the concept in a small internet.
 [Note : Since IP addresses in datagram define end to end nodes, so it should not be changed. If the
destination IP address in a datagram is changed, then packet never reaches its destination; Also any
intermediate node or destination host or a router never be able to communicate with the source node if a
response needs to be sent back or an error needs to be reported back to the source ]
Link layer addressing example
  As shown in the figure, the internet has three links , two routers & only two hosts: Alice (source) and Bob
(destination).
 Each host has two addresses; the IP addresses (N) and the link-layer addresses (L). Router has many pairs
of addresses. The no of addresses which router has, depends on the number of links it is connected too.

Figure 3.5 IP addresses and link-layer addresses in a small internet

 The movement of frame from alice (source) to Bob (destination) via all 3 links is shown. In each link,
source and destination IP addresses (N1 and N8) remains same , but the link-layer addresses of the frame
change from link to link. In link 1, here source link-layer addresses is L1 and next node link layer address
is L2. In link 2, they are L4 and L5. In link 3, they are L7 and L8.
 Note that the IP addresses and the link-layer addresses are not in the same order. For IP addresses, the
source address comes before the destination address; for link-layer addresses, the destination address
comes before the source.

Note :
 If the IP address of a router does not appear in any datagram sent from a source to a destination, why do
we need to assign IP addresses to routers? The answer is that in some protocols a router may act as a
sender or receiver of a datagram. If router is a sender or a receiver of a message, then communications in
these protocols are between routers.
 Why do we need more than one IP address in a router, one for each interface? The answer is that an
interface is a connection of a router to a link. We will see that an IP address defines a point in the Internet
at which a device is connected. A router with n interfaces is connected to the Internet at n points. This is
the situation of a house at the corner of a street with two gates; each gate has the address related to the
corresponding street.
 How are the source and destination IP addresses in a packet determined? The answer is that the host
should know its own IP address, which becomes the source IP address in the packet. The application layer
uses the services of DNS to find the destination address of the packet and passes it to the network layer to
be inserted in the packet.
 How are the source and destination link-layer addresses determined for each link? Again, each hop (router
or host) should know its own link-layer address, as we discuss later in the chapter. The destination link-
layer address is determined by using the Address Resolution Protocol.
 What is the size of link-layer addresses? The answer is that it depends on the protocol used by the link.
Although we have only one IP protocol for the whole Internet, we may be using different data-link
protocols in different links. This means that we can define the size of the address when we discuss
different link-layer protocols.
3.2.1 Three Types of addresses
Three types of addresses defined by link-layer protocols :
1. Unicast
2. Multicast,
3. Broadcast.

1. Unicast Address
Each host or each interface of a router is assigned a unicast address. Unicasting means one-to-one communication.
A frame with a unicast address destination is destined only for one entity in the link.
Example 3.1
The unicast link-layer addresses in Ethernet LAN, are 48 bits (six bytes) . These are represented as 12 hexadecimal
digits separated by colons;
For example, the following is a link-layer address of a computer. The second digit needs to be an odd number.
A3 : 34 : 45 : 11 : 92 : F1

2. Multicast Address
Some link-layer protocols define multicast addresses. Multicasting means one-to-many communication. However,
the jurisdiction is local (inside the link).
Example 3.2
The multicast link-layer addresses in LAN , are 48 bits (six bytes) that are presented as 12 hexadecimal digits
separated by colons. The second digit, however, needs to be an even number in hexadecimal.
The following shows a multicast address :
A2: 34 : 45 : 11 : 92 : F1

3. Broadcast Address
Some link-layer protocols define a broadcast address. Broadcasting means one-to-all communication. A frame with
a destination broadcast address is sent to all entities in the link.

Example 3.3
The broadcast link-layer addresses in LAN, are 48 bits, all 1s, that are presented as 12 hexadecimal digits
separated by colons. The following shows a broadcast address:
FF : FF : FF : FF : FF : FF

Address Resolution Protocol (ARP)

ARP (Address Resolution Protocol) is a network layer (auxiliary ) protocol used to find out the hardware
(MAC) address of a device if its IP address is known. ( It maps IP address to Mac address )

 Whenever a node wants to send packet to another node, it knows the IP address of the receiving node.
Here packet travels from hop to hop (through various intermediate routers) to reach the destination. So it is
necessary to know the IP and Mac address of the next router. The source host knows IP address of the next
 (default) router from forwarding table. But, the IP address of the next node is not helpful in moving a
frame through a link; we also need the link-layer address of the next node. To obtain the link layer address
Address Resolution Protocol (ARP) is used
 ARP accepts an IP address from the IP protocol, maps the address to the corresponding link-layer address,
and passes it to the data-link layer.
 Anytime a host or a router needs to find the link-layer address of another host or router in its network, it
sends an ARP request packet. The packet includes the link-layer (MAC) and IP addresses of the sender
and the only IP address of the receiver. Because the sender does not know the link-layer address of the
receiver, the request or query is broadcast over the link using the link-layer broadcast address. Every host
or router on the network receives and processes the ARP request packet, but only the intended recover
recognizes its IP address and sends back an ARP response packet. The response packet contains the
receiver’s IP and link-layer (MAC) addresses. The packet is unicast (point to point ) directly to the node
that sent the request packet.

 In Figure , the system on the left (A) has a packet that needs to be delivered to another system (B) with IP
address N2. System A needs to pass the packet to its data-link layer for the actual delivery, but it does not
know the physical address of the recipient.
 It uses the services of ARP by asking the ARP protocol to send a broadcast ARP request packet to ask for
the physical address of a system with an IP address of N2. This packet is received by every system on the
physical network, but only system B will answer it, as shown in Figure. System B sends an ARP reply
packet that includes its physical address. Now system A can send all the packets it has for this destination
using the physical address it received.

Note : Caching
 A question that is often asked is this: If system A can broadcast a frame to find the linklayer address of
system B, why can’t system A send the datagram for system B using a broadcast frame?
 To answer the question, we need to think about the efficiency. It is probable that system A has more than
one datagram to send to system B in a short period of time. For example, if system B is supposed to
receive a long e-mail or a long file, the data do not fit in one datagram.
  Let us assume that there are 20 systems connected to the network (link): system A, system B, and 18 other
systems. We also assume that system A has 10 datagrams to send to system B in one second.
1. Without using ARP, system A needs to send 10 broadcast frames. Each of the 18 other systems need to
receive the frames, decapsulate the frames, remove the datagram and pass it to their network-layer to find
out the datagrams do not belong to them.This means processing and discarding 180 broadcast frames.
2. Using ARP, system A needs to send only one broadcast frame. Each of the 18 other systems need to
receive the frames, decapsulate the frames, remove the ARP message and pass the message to their ARP
protocol to find that the frame must be discarded. This means processing and discarding only 18 (instead
of 180) broadcast frames. After system B responds with its own data-link address, system A can store the
link-layer address in its cache memory. The rest of the nine frames are only unicast. Since processing
broadcast frames is expensive (time consuming), the first method is preferable.

ARP Packet Format

 Figure shows the format of an ARP packet.

 Hardware type : This field defines the type of the link-layer protocol; Ethernet is given the type 1.
 Protocol type : This field defines the network-layer protocol: IPv4 protocol is (0800)16.
 The source hardware and source protocol addresses are variable-length fields defining the link-layer and
network-layer addresses of the sender.
 The destination hardware address and destination protocol address fields define the receiver link-layer and
network-layer addresses.
 An ARP packet is encapsulated directly into a data-link frame. The frame needs to have a field to show
that the payload belongs to the ARP and not to the network-layer datagram.

Example 9.4
A host with IP address N1 and MAC address L1 has a packet to send to another host with IP address N2 and
physical address L2 (which is unknown to the first host). The two hosts are on the same network. Figure shows
the ARP request and response messages.
3.2.3 An Example of Communication [ Using ARP Protocol ]
Let us consider an example as shown in figure to see how communication is done at the data-link layer
and how link-layer addresses are found in the internet. Assume Alice wants to send a datagram to Bob, who is
three nodes away in the Internet. Also assume that Alice knows network-layer (IP) address of source (alice itself)
& destination (Bob)

Activities at Alice’s Site

 The network layer knows it has source and destination IP addresses NA, NB, and the packet, but it needs
to find the link-layer address of the next node. The network layer consults its routing table to find next
router(R1) & its IP address N1, but the network layer also to find the link-layer address of router R1. It
uses its ARP to find the link-layer address L1. The network layer can now pass the datagram with the link-
layer address (L1) to the data-link layer. The data-link layer knows its own link-layer address, LA. It
creates the frame and passes it to the physical layer, where the address is converted to signals and sent
through the media.
Activities at Router R1
 Let us see what happens at Router R1. Router has only three lower layers, packet received goes up
through these three layers and come down.
 At arrival, the physical layer of the left link creates the frame and passes it to the data-link layer. The data-
link layer decapsulates the datagram and passes it to the network layer. The network layer examines the
network-layer address of the datagram and finds that the datagram needs to be delivered to the device with
IP address NB.
 The network layer consults its routing table to find out which is the next node (router) in the path to NB.
The forwarding table returns IP address N3 of router R2. The network layer now uses the ARP to find the
link-layer address of this router, which comes up as L3.
 The network layer passes the datagram and L3 to the data-link layer belonging to the link at the right side.
The link layer encapsulates the datagram, adds L3 and L2 (its own link-layer address), and passes the
frame to the physical layer. The physical layer encodes the bits to signals and sends them through the
medium to R2.
Activities at Router R2
Activities at router R2 are almost the same as in R1, as shown in Figure 9.13.

Activities at Bob’s Site

  Now let us see what happens at Bob’s site. At Bob’s site , no more addresses or mapping is needed. The
signal received from the link is changed to a frame. The frame is passed to the data-link layer, which
decapsulates the datagram and passes it to the network layer. The network layer decapsulates the message
and passes it to the transport layer.

Note : Changes in Addresses

This example shows that the source and destination network-layer addresses, NA and NB, have not been changed
during the whole journey. However, all four network-layer addresses of routers R1 and R2 (N1, N2, N3, and N4)
are needed to transfer a datagram from Alice’s computer to Bob’s computer.