UNIT-6

NETWORK LAYER continued.........

6.1 CONGESTION CONTROL ALGORITHMS

 Congestion: When too many packets are present in the subnet, performance degrades.
This situation is called congestion.

Figure: Effect of congestion on the network

 The above figure depicts the symptom.

o When the number of packets dumped into the subnet by the hosts is within its
carrying capacity, they are all delivered (except for a few that are afflicted
with transmission errors) and the number delivered is proportional to the
number sent.
o However, as traffic increases too far, the routers are no longer able to cope and
they begin losing packets. This tends to make matters worse.
o At very high trafffic, performance collapses completely and almost no packets
are delivered.

 Congestion can be caused by several factors.

o If all of a sudden, streams of packets begin arriving on three or four input

lines and all need the same output line, a queue will build up.
o If there is insufficient memory to hold all of them, packets will be lost.
o Slow processors can also cause congestion. If the routers' CPUs are slow at
performing the bookkeeping tasks required of them (queuing buffers, updating
tables, etc.), queues can build up, even though there is excess line capacity.
o Low-bandwidth lines can also cause congestion. Upgrading the lines but not
changing the processors, or vice versa, often helps a little, but frequently just
shifts the bottleneck.

 The metrics to monitor the subnet for congestion.

 The percentage of all packets discarded for lack of buffer space

 The average queue lengths
1
  The number of packets that time out and are retransmitted,
 The average packet delay, and the standard deviation of packet delay.

In all cases, rising numbers indicate growing congestion.

 Congestion Control Vs Flow Control

o Congestion control has to do with making sure the subnet is able to carry the
offered traffic. It involves the behaviour of all the hosts, all the routers, the
store-and-forwarding processing within the routers, and all the other factors
that tend to diminish the carrying capacity of the subnet.
o Flow control, in contrast, relates to the point-to-point traffic between a given
sender and a given receiver. Its job is to make sure that a fast sender cannot
continually transmit data faster than the receiver is able to absorb it. Flow
control frequently involves some direct feedback from the receiver to the
sender to tell the sender how things are doing at the other end.

 Some congestion control algorithms operate by sending messages back to the various
sources telling them to slow down when the network gets into trouble. Thus, a host
can get a ''slow down'' message either because the receiver cannot handle the load or
because the network cannot handle it.

GENERAL PRINCIPLES OF CONGESTION CONTROL

 This approach leads to dividing all solutions into two groups:

1. Open loop congestion control:

 Open loop solutions attempt to solve the problem by good design, in

essence, to make sure it does not occur in the first place.
 Tools for doing open-loop control include deciding when to accept
new traffic, deciding when to discard packets and which ones, and
making scheduling decisions at various points in the network. All of
these have in common the fact that they make decisions without regard
to the current state of the network.
 Various open loop control techniques:

o Retransmission policy: Retransmission is avoided to prevent

congestion. Since retransmission can be the main case for
increasing the congestion. By using some effective
retransmission policy and timer, congestion will be controlled.
o Window Policy: By specifying the receiver's window size
before the transmission starts, the congestion can be avoided as
sender transmits the packet according to the size of receiver's
window.
o Acknowledgement Policy: A receiver should not acknowledge
each and every packet that it receives due to which the load on
the network is very much reduced.
o Discarding Policy: Routers should adopt a good discarding
policy to prevent congestion. This will reduce the integrity of
transmission.
o Admission Policy: According to this policy, a new virtual
connection request is not accepted if that request leads to
2
 congestion.

 Drawback: Once the system is up and running, midcourse corrections

are not made.

2. Closed loop congestion control:

 In contrast, closed loop solutions are based on the concept of a

feedback loop.
 This approach has three parts when applied to congestion control:

1. Monitor the system to detect when and where congestion occurs.

2. Pass this information to places where action can be taken.

3.Adjust system operation to correct the problem.

 Various methods used for closed loop congestion

o Back pressure: This is the congestion control technique in

which, the congested node will stop accepting data from its
previous node, due to which that node will be congested and
which in turn stop accepting data from its previous node and so
on.
o Choke Packet: It is a packet created by the congested node
that warns the source about the congestion.
o Implicit Congestion: In this, the sources automatically learn
about congestion by observing the delay in packets
acknowledgement, time-out condition and retransmission of
packet.
o Explicit congestion: In this the information about the
congestion is used along with the packet carrying data which is
different packet is used to inform the source about the
congestion.

CONGESTION PREVENTION POLICIES

 These methods are used to control congestion by looking at open loop systems.
 These systems are designed to minimize congestion in the first place, rather than
letting it happen and reacting after the fact.

3
 Figure: Policies that affect congestion

 Data Link Layer:

 Selective repeat is a better policy than Go-back N for retransmission.

 Selective repeat is a best choice for buffering out of order packets.
 Sending acknowledgements to each packet increases traffic.
Piggybacking, may decrease retransmissions.
 Tight flow control should be used for acknowledging packets.

 Network Layer:

 Virtual circuit is a better choice for congestion control.

 No of queues in input and output lines and the other in which the
packets in those queues are not processed are addressed by queuing
and service policy.
 When there is no sufficient space in the queues, discard policy is used
to decide which packet is to be discarded.
 A routing algorithm which distributes the traffic all over the network is
a better choice.
 Packets lifetime should be long enough to avoid retransmissions and
short enough to reduce the number of packets in the system.

 Transport Layer:

 Transport layer congestion control is almost similar to the data link

layer.
 In addition to data link layer, the transport layer determine the timeout
interval is header because the transit time across the network is less
predictable than transit time over a wire between two routers.
 If the timeout is too short, extra packets will be sent unnecessarily.
 If it is too long, congestion will be reduced.

6.2 INTERNETWORKING

 Internet: when two or more networks are connected to form an internet. The Internet
connects networks of different types.

Figure: Collection of Interconnected networks

4
  The networks differ because of the following reasons,

 First of all, the installed base of different networks is large.

 Second, as computers and networks get cheaper, the place where decisions get
made moves downward in organizations.
 Third, different networks (e.g., ATM and wireless) have radically different
technology, so it should not be surprising that as new hardware developments
occur, new software will be created to fit the new hardware.

 The above figure shows, a corporate network with multiple locations tied together by
a wide area ATM network. At one of the locations, an FDDI optical backbone is used
to connect an Ethernet, an 802.11 wireless LAN, and the corporate data centre's SNA
mainframe network.
 The purpose of interconnecting all these networks is to allow users on any of them to
communicate with users on all the other ones and also to allow users on any of them
to access data on any of them.
 Networks can differ in many ways. The below table shows the criteria for different
networks

Table : Some of many ways the networks can differ

The Connectors Used for Internetworking at different Layers:

 In the physical layer, networks can be connected by repeaters or hubs, which just
move the bits from one network to an identical network. These are mostly analog
devices and do not understand anything about digital protocols (they just regenerate
signals).
 In Data Link Layer, we use bridges and switches, which operate at the data link
layer. They can accept frames, examine the MAC addresses, and forward the frames
to a different network while doing minor protocol translation in the process, for
5
 example, from Ethernet to FDDI or to 802.11.
 In the network layer, we have routers that can connect two networks. If two networks
have dissimilar network layers, the router may be able to translate between the packet
formats, A router that can handle multiple protocols is called a multiprotocol router
also called Gateways.
 In the transport layer we find transport gateways, which can interface between two
transport connections. For example, a transport gateway could allow packets to flow
between a TCP network and an SNA network, which has a different transport
protocol, by essentially gluing a TCP connection to an SNA connection.
 Finally, in the application layer, application gateways translate message semantics. As
an example, gateways between Internet e-mail (RFC 822) and X.400 e-mail must
parse the email messages and change various header fields.

Figure (a): Two Ethernets connected by a switch (data link layer).

(b) Two Ethernets connected by routers (network layer).

TYPES OF INTERNETWORKING:

Two styles of internetworking are possible:

1. Connection-oriented concatenation of virtual circuit subnets, and

2. Connection Less datagram internet style.

CONCATENATED VIRTUAL CIRCUITS:

 In the concatenated virtual-circuit model, a connection to a host in a distant network is

set up in a way similar to the way connections are normally established.
 The subnet sees that the destination is remote and builds a virtual circuit to the router
nearest the destination network.
 Then it constructs a virtual circuit from that router to an external gateway
(multiprotocol router).
 This gateway records the existence of the virtual circuit in its tables and proceeds to
build another virtual circuit to a router in the next subnet.
 This process continues until the destination host has been reached.
 Once data packets begin flowing along the path, each gateway relays incoming
packets, converting between packet formats and virtual-circuit numbers as needed.
Clearly, all data packets must traverse the same sequence of gateways. Consequently,

6
 packets in a flow are never reordered by the network.
 Each gateway maintains tables telling which virtual circuits pass through it, where
they are to be routed, and what the new virtual circuit number is.

Figure: Internetworking using Concatenated Virtual Circuits

CONNECTION LESS INTERNETWORKING ( DATAGRAM INTERNETWORKING):

 In this model, the only service the network layer offers to the transport layer is the
ability to inject datagrams into the subnet and hope for the best.
 There is no notion of a virtual circuit at all in the network layer, let alone a
concatenation of them.
 This model does not require all packets belonging to one connection to traverse the
same sequence of gateways.
 In the figure, datagrams from host 1 to host 2 are shown taking different routes
through the internetwork.
 A routing decision is made separately for each packet, possibly depending on the
traffic at the moment the packet is sent.
 This strategy can use multiple routes and thus achieve a higher bandwidth than the
concatenated virtual-circuit model. On the other hand, there is no guarantee that the
packets arrive at the destination in order, assuming that they arrive at all.

Figure: Connectionless Internetworking

7
  Advantage of the datagram approach to internetworking is that it can be used over
subnets that do not use virtual circuits inside.

TUNNELING:

 Tunneling is where the source and destination hosts are on the same type of network,
but there is a different network in between.

Figure: Tunneling

 To send an IP packet to host 2, host 1 constructs the packet containing the IP address
of host 2, inserts it into an Ethernet frame addressed to the Paris multiprotocol router,
and puts it on the Ethernet.
 When the multiprotocol router gets the frame, it removes the IP packet, inserts it in
the payload field of the WAN network layer packet, and addresses the latter to the
WAN address of the London multiprotocol router. When it gets there, the London
router removes the IP packet and sends it to host 2 inside an Ethernet frame.
 The WAN can be seen as a big tunnel extending from one multiprotocol router to the
other. The IP packet just travels from one end of the tunnel to the other. It does not
have to worry about dealing with the WAN at all. Neither do the hosts on either
Ethernet. Only the multiprotocol router has to understand IP and WAN packets. In
effect, the entire distance from the middle of one multiprotocol router to the middle of
the other acts like a serial line.

INTERNETWORK ROUTING

 Routing through an internetwork is similar to routing within a single subnet, but with
some added complications.

8
 Figure: (a) The Internetwork (b) The graph of Internetwork

 Consider, the internetwork in the above figure, in which five networks are connected
by six (possibly multiprotocol) routers.
 Making a graph model of this situation is complicated by the fact that every router can
directly access (i.e., send packets to) every other router connected to any network to
which it is connected.
 For example, B in Figure(a) can directly access A and C via network 2 and also D via
network 3. This leads to the graph of in Figure(b)
 Once the graph has been constructed, known routing algorithms, such as the distance
vector and link state algorithms, can be applied to the set of multiprotocol routers.
This gives a two-level routing algorithm: within each network an interior gateway
protocol is used, but between the networks, an exterior gateway protocol is used
(''gateway'' is an older term for ''router'').
 Since each network is independent, they may all use different algorithms. Because
each network in an internetwork is independent of all the others, it is often referred to
as an Autonomous System (AS).
 A typical internet packet starts out on its LAN addressed to the local multiprotocol
router (in the MAC layer header). After it gets there, the network layer code decides
which multiprotocol router to forward the packet to, using its own routing tables.
 If that router can be reached using the packet's native network protocol, the packet is
forwarded there directly. Otherwise it is tunneled there, encapsulated in the protocol
required by the intervening network. This process is repeated until the packet reaches
the destination network.

FRAGMENTATION:

 Each network imposes some maximum size on its packets. These limits have various
causes, among them:
1. Hardware (e.g., the size of an Ethernet frame).
2. Operating system (e.g., all buffers are 512 bytes).
3. Protocols (e.g., the number of bits in the packet length field).
4. Compliance with some (inter)national standard.
5. Desire to reduce error-induced retransmissions to some level.

6. Desire to prevent one packet from occupying the channel too long.

 The obvious solution for forwarding the packets with smaller size is to fragment the
incoming packet and transmit only those fragments. This process is called
"Fragmentation".
 There are two choices for Fragmentation

9
 1. Transparent Fragmentation: A packet is fragmented upon entering a
network and is recombined when fragments leave out of that network, so that
the other networks are not able to know event that some fragmentation took
place somewhere. This is called "Transparent Fragmentation".

Figure: Transparent Fragmentation

Disadvantages:

o All elements should reach the exit gateway where the reassembly takes
place. Restricting all fragments via the same node may cause some
performance loss.
o Large overhead of repeated fragmentation and reassembly when large
packets pass through several small packet networks.

2. Non-Transparent Fragmentation: When packet is fragmented, it is never,

combined back at intermediate node. The packet is recovered by combining
only at the destination node.

Figure: Non-transparent Fragmentation

Disadvantages:

o Every host should be able to reassemble.

o The processing overhead in the intermediate routers increase.

6.3 NETWORK LAYER IN THE INTERNET

 The Principles for designing the network layer in the internet

1. Protocol should work: The design and standard must be thoroughly checked before
finalization.
2. Keep the design simple: The protocol should be designed in such a way that it
should be simple to understand and implement.
10
3. Make clear choices: If there are several ways of doing the same thing, choose one.
4. Emphasis on modularity principle: It is always recommended to partition the
protocol as a set of modules.
5. Environment will be heterogeneous: Different types of hardware, transmission
facilities, and applications will occur on any large network. To handle them, the
network design must be simple, general, and flexible.
6. Avoid static options and parameters: Instead of fixing a particular value for a
parameter, let the sender and the receiver negotiate and decide the value according to
their needs.
7. Look for a good design; it need not be perfect: The designers have a good design
but it cannot handle some weird special case.
8. Be strict when sending and tolerant when receiving: Packet sending should always
comply with the standards. But, the protocol should be ready to receive packets with
full concentration and deal with patiently.
9. The Protocol should be scalable: If the system is to handle millions of hosts and
billions of users effectively, no centralized databases of any kind are tolerable and
load must be spread as evenly as possible over the available resources.
10. Protocol Performance must be more and cost is less: The protocol must be
designed in such a way that the performance should be more compared to the cost.

 At the network layer, the Internet can be viewed as a collection of subnetworks or

Autonomous Systems (ASes) that are interconnected.
 There is no real structure, but several major backbones exist.
 These are constructed from high-bandwidth lines and fast routers. Attached to the
backbones are regional (midlevel) networks, and attached to these regional networks
are the LANs at many universities, companies, and Internet service providers.
 IP (Internet Protocol) holds the whole Internet together is the network layer. Its job is
to provide a best-efforts (i.e., not guaranteed) way to transport datagrams from source
to destination, without regard to whether these machines are on the same network or
whether there are other networks in between them.
 Communication in the Internet works as follows.

 The transport layer takes data streams and breaks them up into datagrams.
 Each datagram is transmitted through the Internet, possibly being fragmented
into smaller units as it goes.
 When all the pieces finally get to the destination machine, they are
reassembled by the network layer into the original datagram.
 This datagram is then handed to the transport layer, which inserts it into the
receiving process' input stream.

11
 Figure: The Internet

The IP Protocol

 An IP datagram consists of a header part and a text part.

 The header has a 20-byte fixed part and a variable length optional part.

Figure: IP Datagram Format

 Version (VER): This 4-bit field defines the version of the IPv4 protocol.
Currently the version is 4. However, version 6 (or IPng) may totally replace
version 4 in the future. This field tells the IPv4 software running in the
processing machine that the datagram has the format of version 4.
 Header length (HLEN): This 4-bit field defines the total length of the
datagram header in 4-byte words.
 Type of Service: This field allows the host to inform the subnet about the
kind of service it requires. Originally, the 6-bit field contained (from left to
right), a three-bit Precedence field and three flags, D, T, and R.
o The Precedence field was a priority, from 0 (normal) to 7 (network
control packet).
12
 o The three flag bits allowed the host to specify the most preferable
service form the set{Delay, Throughput, Reliability}.
 Next comes an unused bit and then two 1-bit fields.
 Total Length (TL): Specifies the total length of the IP datagram, in bytes.
Since this field is 16 bits wide, the maximum length of an IP datagram is
65,535 bytes, though most are much smaller.
 Identification: This field allows the destination host to determine the identity
of the datagram fragment.
 DF stands for Don't Fragment: It is an order to the routers not to fragment
the datagram because the destination is incapable of putting the pieces back
together again. By marking the datagram with the DF bit, the sender knows it
will arrive in one piece.
 MF stands for More Fragments: All fragments except the last one have this
bit set. It is needed to know when all fragments of a datagram have arrived.
 Fragment offset: This tells about the location of the fragment in the current
datagram. All fragments except the last one in a datagram must be a multiple
of 8 bytes, the elementary fragment unit.
 The Time to live field: is a counter used to limit packet lifetimes. It is
supposed to count time in seconds, allowing a maximum lifetime of 255 sec. It
must be decremented on each hop and is supposed to be decremented multiple
times when queued for a long time in a router.
 The Protocol: Identifies the higher layer protocol carried in the datagram.

 Header Checksum: A checksum computed over the header to provide basic

protection against corruption in transmission. This is not the more complex
CRC code typically used by data link layer technologies such as Ethernet; it's
just a 16-bit checksum. It is calculated by dividing the header bytes into words
(a word is two bytes) and then adding them together. The data is not
checksummed, only the header. At each hop the device receiving the datagram
does the same checksum calculation and on a mismatch, discards the datagram
as damaged.
 Source Address: The 32-bit IP address of the originator of the datagram. Note
that even though intermediate devices such as routers may handle the
datagram, they do not normally put their address into this field—it is always
the device that originally sent the datagram.
 Destination Address: The 32-bit IP address of the intended recipient of the
13
 datagram. Again, even though devices such as routers may be the intermediate
targets of the datagram, this field is always for the ultimate destination.
 Options: One or more of several types of options may be included after the
standard headers in certain IP datagrams. Various options are discussed below,
o Security option tells how secret the information is.
o Strict source routing option gives the complete path from source to
destination as a sequence of IP addresses.
o Loose source routing option requires the packet to traverse the list of
routers specified, and in the order specified, but it is allowed to pass
through other routers on the way.
o Record route option tells the routers along the path to append their IP
address to the option field.
o Timestamp option is like the Record route option, except that in
addition to recording its 32-bit IP address, each router also records a
32-bit timestamp.

Table: Options in IP
 Padding: If one or more options are included, and the number of bits used for
them is not a multiple of 32, enough zero bits are added to “pad out” the
header to a multiple of 32 bits (4 bytes).

IP ADDRESSES

 Every host and router on the Internet has an IP address, which encodes its network
number and host number.
 The combination is unique: in principle, no two machines on the Internet have the
same IP address.
 All IP addresses are 32 bits long and are used in the Source address and Destination
address fields of IP packets.
 IP address does not actually refer to a host. It really refers to a network interface, so if
a host is on two networks, it must have two IP addresses.
 IP addresses were divided into the five categories. This allocation has come to be
called class-full addressing.

14
 Figure: IP address Classes

 Network addresses, which are 32-bit numbers, are usually written in dotted decimal
notation. In this format, each of the 4 bytes is written in decimal, from 0 to 255. For
example, the 32-bit hexadecimal address C0290614 is written as 192.41.6.20. The
lowest IP address is 0.0.0.0 and the highest is 255.255.255.255.
 Class A addresses are used for large sized networks.
 Class B addresses are used for medium sized networks.
 Class C addresses are used for small sized networks.

SPECIAL IP ADDRESSES

 The IP address 0.0.0.0 is used by hosts when they are being booted.
 IP addresses with 0 as network number refer to the current network. These addresses
allow machines to refer to their own network without knowing its number.
 The address consisting of all 1s allows broadcasting on the local network, typically a
LAN.
 The addresses with a proper network number and all 1s in the host field allow
machines to send broadcast packets to distant LANs anywhere in the Internet
(although many network administrators disable this feature).
 Finally, all addresses of the form 127.xx.yy.zz are reserved for loopback testing.
Packets sent to that address are not put out onto the wire; they are processed locally
and treated as incoming packets. This allows packets to be sent to the local network
without the sender knowing its number.

Figure: Special IP addresses

SUBNETS

 The practice of dividing a network into two or more networks is called subnetting.
 All computers that belong to a subnet are addressed with a common, identical, most-
significant bit-group in their IP address. This results in the logical division of an IP
address into two fields, a network or routing prefix and the rest field or host identifier.
The rest field is an identifier for a specific host or network interface.
 A subnet allows the flow of network traffic between hosts to be segregated based on
a network configuration. By organizing hosts into logical groups, subnetting can
improve network security and performance.
 SUBNET MASKS:
 These are frequently expressed in dotted decimal notation.
 After the bits are set for the network ID and host ID portion, the resulting 32-

15
 bit number is converted to dotted decimal notation.
 A subnet mask is not an IP address.
 A default subnet mask is based on the IP address classes and is used on
TCP/IP networks that are not divided into subnets.
 Default masks for IP addresses are,
o Class A: 255.0.0.0
o Class B: 255.255.0.0
o Class C: 255.255.255.0
 To extract the network ID from an arbitrary IP address using an arbitrary
subnet mask, IP uses a mathematical operation called a logical AND
comparison. In an AND comparison, the result of two items being compared is
true only when both items being compared are true; otherwise, the result is
false. Applying this principle to bits, the result is 1 when both bits being
compared are 1, otherwise the result is 0.
 IP performs a logical AND comparison with the 32-bit IP address and the 32-
bit subnet mask. This operation is known as a bit-wise logical AND. The
result of the bit-wise logical AND of the IP address and the subnet mask is the
network ID.
 For example, what is the network ID of the IP node 129.56.189.41 with a
subnet mask of 255.255.240.0?
 To obtain the result, turn both numbers into their binary equivalents and line
them up. Then perform the AND operation on each bit and write down the
result.

10000001 00111000 10111101 00101001 IP Address

11111111 11111111 11110000 00000000 Subnet Mask
10000001 00111000 10110000 00000000 Network ID

 The result of the bit-wise logical AND of the 32 bits of the IP address and the
subnet mask is the network ID 129.56.176.0.

5.4 INTERNET CONTROL PROTOCOLS

 In addition to IP, which is used for data transfer, the Internet has several control
protocols used in the network layer, including ICMP, ARP, RARP, BOOTP, and
DHCP.

ICMP: Internet Control Message Protocol

 The IP protocol has no error-reporting or error-correcting mechanism.

 The IP protocol also lacks a mechanism for host and management queries.
 The Internet Control Message Protocol (ICMP) has been designed to compensate for
the above two deficiencies.
 It is a companion to the IP protoco1.
 ICMP does not correct errors-it simply reports them.
 Error correction is left to the higher-level protocols.
 Types of Messages

16
ICMP messages are divided into two broad categories: error-reporting messages and
query messages.
 The error-reporting messages: report problems that a router or a host
(destination) may encounter when it processes an IP packet.
 The query messages: Used by a host or a network manager get specific
information from a router or another host.
 Error Reporting:
o One of the main responsibilities of ICMP is to report errors.
o ICMP does not correct errors-it simply reports them. Error correction
is left to the higher-level protocols.
o Error messages are always sent to the original source because the only
information available in the datagram about the route is the source and
destination IP addresses.
o ICMP uses the source IP address to send the error message to the
source (originator) of the datagram.
o Five types of errors are handled: Destination Unreachable, Source
Quench, Time Exceeded, Parameter Problems, And Redirection

o Destination Unreachable

 When a router cannot route a datagram or a host cannot deliver

a datagram, the datagram is discarded and the router or the host
sends a destination-unreachable message back to the source
host that initiated the datagram.
 The destination-unreachable messages can be created by either
a router or the destination host.
o Source Quench
 IP does not have a flow control mechanism embedded in the
protocol.
 The lack of flow control can create a major problem in the
operation of IP: congestion.
 The source host never knows if the routers or the destination
host has been overwhelmed with datagrams. The source host
never knows if it is producing datagrams faster than can be
forwarded by routers or processed by the destination host.
 The lack of flow control can create congestion in routers or the
destination host.
 A router or a host has a limited-size queue (buffer) for
incoming datagrams waiting to be forwarded (in the case of a
router) or to be processed (in the case of a host). If the
datagrams are received much faster than they can be forwarded
or processed, the queue may overflow.
 In this case, the router or the host has no choice but to discard
some of the datagrams.
 The source-quench message in ICMP was designed to add a
kind of flow control to the IP. When a router or host discards a

17
 datagram due to congestion, it sends a source-quench message
to the sender of the datagram.
 This message has two purposes.
 First, it informs the source that the datagram has been
discarded.
 Second, it warns the source that there is congestion
somewhere in the path and that the source should slow
down (quench) the sending process.
o Time Exceeded
 The time-exceeded message is generated in two cases:
 If there are errors in one or more routing tables, a packet
can travel in a loop or a cycle, going from one router to
the next or visiting a series of routers endlessly. Each
datagram contains a field called time to live that
controls this situation. When a datagram visits a router,
the value of this field is decremented by 1. When the
time-to-live value reaches 0, after decrementing, the
router discards the datagram. when the datagram is
discarded, a time-exceeded message must be sent by the
router to the original source.
 Second, a time-exceeded message is also generated
when not all fragments that make up a message arrive at
the destination host within a certain time limit.
o Parameter Problem
 Any ambiguity in the header part of a datagram can Create
serious problems as the datagram travels through the Internet.
 If a router or the destination host discovers an ambiguous or
missing value in any field of the datagram, it discards the
datagram and sends a parameter-problem message back to the
source.
o Redirection
 Both routers and hosts, then, must have a routing table to find
the address of the router or the next router.
 The hosts usually use static routing. When a host comes up, its
routing table has a limited number of entries.
 It usually knows the IP address of only one router, the default
router.
 For this reason, the host may send a datagram, which is
destined for another network, to the wrong router. In this case,
the router that receives the datagram will forward the datagram
to the correct router.
 However, to update the routing table of the host, it sends a
redirection message to the host.

 Query Messages:

18
o In addition to error reporting, ICMP can diagnose some network
problems. This is accomplished through the query messages.
o In Query message, a node sends a message that is answered in a
specific format by the destination node.
o A query message is encapsulated in an IP packet, which in turn is
encapsulated in a data link layer frame.
o There are some combinational query messages,
1. Echo Request and Reply
2. Timestamp Request and Reply
3. Address Mask Request and Reply
4. Router Solicitation and Advertisement

o Echo Request and Reply

 This pair of messages to identify network problems.

 The combination of echo-request and echo-reply messages
determines whether two systems (hosts or routers) can
communicate with each other.
 The echo-request and echo-reply messages can be used to
determine if there is communication at the IP level.
 Because ICMP messages are encapsulated in IP datagrams, the
receipt of an echo-reply message by the machine that sent the
echo request is proof that the IP protocols in the sender and
receiver are communicating with each other using the IP
datagram. Also, it is proof that the intermediate routers are
receiving, processing, and forwarding IP datagrams.

o Timestamp Request and Reply

 Two machines (hosts or routers) can use the timestamp request
and timestamp reply messages to determine the round-trip time
needed for an IP datagram to travel between them.
 It can also be used to synchronize the clocks in two machines.

o Address-Mask Request and Reply

 A host may know its IP address, but it may not know the
corresponding mask.
 To obtain its mask, a host sends an address-mask-request
message to a router on the LAN.
 If the host knows the address of the router, it sends the
request directly to the router.
 If it does not know, it broadcasts the message.
 The router receiving the address-mask-request message
responds with an address-mask-reply message, providing the
necessary mask for the host. This can be applied to its full IP
address to get its subnet address.

19
 o Router Solicitation and Advertisement
 The router-solicitation and router-advertisement messages can
help in the redirection situation.
 A host can broadcast (or multicast) a router-solicitation
message.
 The router or routers that receive the solicitation message
broadcast their routing information using the router-
advertisement message.
 A router can also periodically send router-advertisement
messages even if no host has solicited.
 When a router sends out an advertisement, it announces not
only its own presence but also the presence of all routers on the
network of which it is aware.

 Message Format

 An ICMP message has an 8-byte header and a variable-size data section. The
general format of the header is different for each message type, the first 4
bytes are common to all.

Figure: ICMP Packet Format

 ICMP type, defines the type of the message.
 The code field specifies the reason for the particular message type.
 The last common field is the checksum field (to be discussed later in the
chapter).
 The rest of the header is specific for each message type.
 The data section in error messages carries information for finding the original
packet that had the error.
In query messages, the data section carries extra information based on
the type of the query.

Address Resolution Protocol (ARP)

 Anytime a host or a router has an IP datagram to send to another host or router, it has
the logical (IP) address of the receiver.
 If the sender is the host, the logical (IP) address is obtained from the DNS or
If the sender is a router the logical(IP) address is found in a routing
 But the IP datagram must be encapsulated in a frame to be able to pass through the
physical network. This means that the sender needs the physical address of the
receiver.

20
 The host or the router sends an ARP query packet. The packet includes the physical
and IP addresses of the sender and the IP address of the receiver.
 Because the sender does not know the physical address of the receiver, the query is
broadcast over the network.
 Every host or router on the network receives and processes the ARP query packet, but
only the intended recipient recognizes its IP address and sends back an ARP response
packet.
 The response packet contains the recipient's IP and physical addresses. The packet is
unicast directly to the inquirer by using the physical address received in the query
packet.
 ARP Operation
1. The sender knows the IP address of the target. We will see how the sender
obtains this shortly.
2. IP asks ARP to create an ARP request message, filling in the sender physical
address, the sender IP address, and the target IP address. The target physical
address field is filled with 0s.
3. The message is passed to the data link layer where it is encapsulated in a
frame by using the physical address of the sender as the source address and the
physical broadcast address as the destination address.
4. Every host or router receives the frame. Because the frame contains a
broadcast destination address, all stations remove the message and pass it to
ARP.
5. All machines except the one targeted drop the packet. The target machine
recognizes its IP address.
6. The target machine replies with an ARP reply message that contains its
physical address. The message is unicast. The sender receives the reply
message. It now knows the physical address of the target machine.
7. The IP datagram, which carries data for the target machine, is now
encapsulated in a frame and is unicast to the destination.

Figure: ARP operation

 ARP Packet Format:

21
 Figure: ARP Packet
The fields are as follows:

 Hardware type: This is a 16-bit field defining the type of the network on
which ARP is running. Each LAN has been assigned an integer based on its
type. For example, Ethernet is given type 1.
 Protocol type: This is a 16-bit field defining the protocol. For example, the
value of this field for the IPv4 protocol is 080016, ARP can be used with any
higher-level protocol.
 Hardware length: This is an 8-bit field defining the length of the physical
address in bytes. For example, for Ethernet the value is 6.
 Protocol length: This is an 8-bit field defining the length of the logical
address in bytes. For example, for the IPv4 protocol the value is 4.
 Operation: This is a 16-bit field defining the type of packet. Two packet
types are defined: ARP request (1) and ARP reply (2).
 Sender hardware address: This is a variable-length field defining the
physical address of the sender. For example, for Ethernet this field is 6 bytes
long.
 Sender protocol address: This is a variable-length field defining the logical
(for example, IP) address of the sender. For the IP protocol, this field is 4
bytes long.
 Target hardware address: This is a variable-length field defining the
physical address of the target. For example, for Ethernet this field is 6 bytes
long. For an ARP request message, this field is all 0's because the sender does
not know the physical address of the target.
 Target protocol address: This is a variable-length field defining the logical
(for example, IP) address of the target. For the IPv4 protocol, this field is 4
bytes long.
 Proxy ARP:
 A technique called proxy ARP is used to create a subnetting effect.
 A proxy ARP is an ARP that acts on behalf of a set of hosts. Whenever a
router running a proxy ARP receives an ARP request looking for the IP
address of one of these hosts, the router sends an ARP reply announcing its
own hardware (physical) address. After the router receives the actual IP
packet, it sends the packet to the appropriate host or router.

22
 Figure: Proxy ARP

Reverse Address Resolution Protocol (RARP)

 Reverse Address Resolution Protocol (RARP) finds the logical address for a machine
that knows only its physical address. Each host or router is assigned one or more
logical (IP) addresses, which are unique and independent of the physical (hardware)
address of the machine.
 To create an IP datagram, a host or a router needs to know its own IP address or
addresses.
 The IP address of a machine is usually read from its configuration file stored on a disk
file.
 The machine can get its physical address (by reading its NIC, for example), which is
unique locally. It can then use the physical address to get the logical address by using
the RARP protocol.
 A RARP request is created and broadcast on the local network.
 Another machine on the local network that knows all the IP addresses will respond
with a RARP reply.
 The requesting machine must be running a RARP client program; the responding
machine must be running a RARP server program.

Figure: RARP Operation

 RARP Packet Format:

23
 Figure: RARP Packet
The fields are as follows:

 Hardware type: This is a 16-bit field defining the type of the network on
which ARP is running. Each LAN has been assigned an integer based on its
type. For example, Ethernet is given type 1.
 Protocol type: This is a 16-bit field defining the protocol. For example, the
value of this field for the IPv4 protocol is 080016, ARP can be used with any
higher-level protocol.
 Hardware length: This is an 8-bit field defining the length of the physical
address in bytes. For example, for Ethernet the value is 6.
 Protocol length: This is an 8-bit field defining the length of the logical
address in bytes. For example, for the IPv4 protocol the value is 4.
 Operation: This is a 16-bit field defining the type of packet. Two packet
types are defined: RARP request (3) and RARP reply (4).
 Sender hardware address: This is a variable-length field defining the
physical address of the sender. For example, for Ethernet this field is 6 bytes
long.
 Sender protocol address: This is a variable-length field defining the logical
(for example, IP) address of the sender. For the IP protocol, this field is 4
bytes long. This is not filled in the RARP request.
 Target hardware address: This is a variable-length field defining the
physical address of the target. For example, for Ethernet this field is 6 bytes
long. For an ARP request message, this field is all 0's because the sender does
not know the physical address of the target.
 Target protocol address: This is a variable-length field defining the logical
(for example, IP) address of the target. For the IPv4 protocol, this field is 4
bytes long.

 Limitation of RARP:
 Broadcasting is done at the data link layer. The physical broadcast address, all
is in the case of Ethernet, does not pass the boundaries of a network. This
means that if an administrator has several networks or several subnets, it needs
to assign a RARP server for each network or subnet. This is the reason that
RARP is almost obsolete.

24
BOOTP:

 The Bootstrap Protocol (BOOTP) is a client/server protocol designed to provide

physical address to logical address mapping. BOOTP is an application layer protocol.
 The administrator may put the client and the server on the same network or on
different networks.
 One of the advantages of BOOTP over RARP is that the client and server are
application-layer processes.
 The BOOTP request is broadcast because the client does not know the IP address of
the server.
 A broadcast IP datagram cannot pass through any router.
 To solve the problem, there is a need for an intermediary.
 One of the hosts (or a router that can be configured to operate at the application layer)
can be used as a relay.
 The host in this case is called a relay agent. The relay agent knows the unicast
address of a BOOTP server.
 When it receives this type of packet, it encapsulates the message in a unicast datagram
and sends the request to the BOOTP server.
 The packet, carrying a unicast destination address, is routed by any router and reaches
the BOOTP server.
 The BOOTP server knows the message comes from a relay agent because one of the
fields in the request message defines the IP address of the relay agent.
 The relay agent, after receiving the reply, sends it to the BOOTP client.

Figure: BOOTP operation

 BOOTP Packet Format:

25
 Figure: BOOTP Packet

Figure: Option Format in BOOTP

DHCP:

 BOOTP is not a dynamic configuration protocol. When a client requests its IP

address, the BOOTP server consults a table that matches the physical address of the
client with its IP address. This implies that the binding between the physical address
and the IP address of the client already exists. The binding is predetermined.
 The Dynamic Host Configuration Protocol (DHCP) has been devised to provide static
and dynamic address allocation that can be manual or automatic.
 When a DHCP client sends a request to a DHCP server,
 The server first checks its static database.
o If an entry with the requested physical address exists in the static
database, the permanent IP address of the client is returned.
o If the entry does not exist in the static database, the server selects an IP
address from the available pool, assigns the address to the client, and
adds the entry to the dynamic database.
 The dynamic aspect of DHCP is needed when a host moves from network to network
or is connected and disconnected from a network.
 DHCP provides temporary IP addresses for a limited time.
 The addresses assigned from the pool are temporary addresses.
 The DHCP server issues a lease for a specific time. When the lease expires, the client
must either stop using the IP address or renew the lease. The server has the option to

26
 agree or disagree with the renewal. If the server disagrees, the client stops using the
address.
 DHCP Packet Format:

Figure: DHCP Packet

27