Network Layer

OSI Layer (Layer 3)

The network layer is concerned with concepts such as routing, forwarding,
and addressing across a dispersed network or multiple connected networks of
nodes or machines. The network layer may also manage flow control. Across
the internet, the Internet Protocol v4 (IPv4) and IPv6 are used as the main
network layer protocols
Introductions

• The network Layer is the third layer in the OSI model of computer
networks. Its main function is to transfer network packets from the
source to the destination. It is involved both the source host and the
destination host.
• At the source, it accepts a packet from the transport layer,
encapsulates it in a datagram, and then delivers the packet to the
data link layer so that it can further be sent to the receiver.
• At the destination, the datagram is decapsulated, and the packet is
extracted and delivered to the corresponding transport layer.
 Task at Network layer
✔ It handles the service requests from the transport layer and further
forwards the service request to the data link layer.
✔ The network layer translates the logical addresses into physical
addresses
✔ It determines the route from the source to the destination and also
manages the traffic problems such as switching, routing and controls
the congestion of data packets.
✔ The main role of the network layer is to move the packets from
sending host to the receiving host.
Layer -3
• In the 7-layer OSI model (see below), the network layer is layer 3.
The Internet Protocol (IP) is one of the main protocols used at this layer,
along with several other protocols for routing, testing, and encryption.

• Suppose Bob and Alice are connected to the same local area network
(LAN), and Bob wants to send Alice a message.
• Because Bob is on the same network as Alice, he could send it directly to
her computer across the network.
• However, if Alice is instead on a different LAN several miles away, Bob's
message will have to be addressed and sent to Alice's network before it can
reach her computer, which is a network layer process.
Features of Network Layer

• The main responsibility of the Network layer is to carry the data

packets from the source to the destination without changing or using
them.
• If the packets are too large for delivery, they are fragmented i.e.,
broken down into smaller packets.
• It decides the route to be taken by the packets to travel from the
source to the destination among the multiple routes available in a
network (also called routing).
• The source and destination addresses are added to the data packets
inside the network layer.
Services Offered by Network Layer

Routing: When a packet reaches the router's input link,

• The services which are the router will move the packets to the router's output
offered by the network link. For example, a packet from S1 to R1 must be
forwarded to the next router on the path to S2.
layer protocol are as Logical Addressing: The data link layer implements the
follows: physical addressing and network layer implements the
logical addressing. Logical addressing is also used to
• Packetizing distinguish between source and destination system. The
network layer adds a header to the packet which includes
• Routing the logical addresses of both the sender and the receiver.
Internetworking: This is the main role of the network
• Forwarding layer that it provides the logical connection between
different types of networks.
Fragmentation: The fragmentation is a process of
breaking the packets into the smallest individual data
units that travel through different networks.
Working of the Network Layer
• The data flow between the network layer and other layers in the OSI Model, i.e., to begin with, the network
layer will receive data from the transport layer of the OSI model.
•
1. Packetizing

• The process of encapsulating the data received from the upper layers of the network (also called
payload) in a network layer packet at the source and decapsulating the payload from the network
layer packet at the destination is known as packetizing.
The source host adds a header that contains the source and destination address and some other
relevant information required by the network layer protocol to the payload received from the
upper layer protocol and delivers the packet to the data link layer.
The destination host receives the network layer packet from its data link layer, decapsulates the
packet, and delivers the payload to the corresponding upper layer protocol.
• The routers in the path are not allowed to change either the source or the destination address.
• The routers in the path are not allowed to decapsulate the packets they receive unless they need to
be fragmented.
•
The network layer is the third layer in
the OSI model and is responsible for
breaking down the data segments into
data packets and is tasked with
reassembling them on the receiver side.
Layer handles
• The network layer handles these data packets by integrating them
with source and destination addresses.
• It also integrates the network protocols for proper transmission over
the network channel to the data-link layer.
Network Addressing

The network layer does the task of adding the source and destination address in the header in the network channel.

Network addressing is performed to identify the device where the data is being shared on the channel.
Inter-Networking

• It is one of the main tasks of the network layer to handle the network
connection between multiple devices in the channel.

• This task applies multiple protocols available in the network layer of

the OSI model for stable network connection.
 Packet Routing

Establishing a routing path for the data packet is one of the main functions of the network layer in a network model.

The Network layer is responsible for choosing the most suitable routing path out of all available network channels.
Forwarding table
• In Network layer, a router is used to forward the packets. Every router has a forwarding
table.

• A router forwards a packet by examining a packet's header field and then using the
header field value to index into the forwarding table.

• The value stored in the forwarding table corresponding to the header field value indicates
the router's outgoing interface link to which the packet is to be forwarded.
• For example, the router with a header field value of 0111 arrives at a router, and then
router indexes this header value into the forwarding table that determines the output link
interface is 2.
• The router forwards the packet to the interface 2. The routing algorithm determines the
values that are inserted in the forwarding table.
• The routing algorithm can be centralized or decentralized.
2. Routing

• Routing is the process of moving data from one device to another device.
• These are two other services offered by the network layer. In a network,
there are a number of routes available from the source to the destination.
• The network layer specifies some strategies which find out the best
possible route.
• This process is referred to as routing.
• There are a number of routing protocols that are used in this process and
they should be run to help the routers coordinate with each other and help
in establishing communication throughout the network.
Packet Network - Router
Multiple path to reach Destination

This layer also ensures that the packets are

transmitted over the best possible route to
the destination system, governed by Internet
protocols.
3. Forwarding

• Forwarding is simply defined as the action applied by each router

when a packet arrives at one of its interfaces.
• When a router receives a packet from one of its attached networks, it
needs to forward the packet to another attached network (unicast
routing) or to some attached networks (in the case of multicast
routing).
• Routers are used on the network for forwarding a packet from the
local network to the remote network.
• So, the process of routing involves packet forwarding from an entry
interface out to an exit interface.
Forwarding
Difference between Routing and Forwarding

Routing Forwarding
Forwarding is simply defined as the action
Routing is the process of moving data from one
applied by each router when a packet arrives at
device to another device.
one of its interfaces.

Operates on the Network Layer. Operates on the Network Layer.

Checks the forwarding table and work according

Work is based on Forwarding Table.
to that.

Works on protocols like Routing Information Works on protocols like UDP Encapsulating
Protocol (RIP) for Routing. Security Payloads
Other Services Expected from Network Layer

❑ Error Control
❑ Flow Control
❑ Congestion Control
1. Error Control

• Although it can be implemented in the network layer, it is usually not

preferred because the data packet in a network layer may be
fragmented at each router, which makes error-checking inefficient in
the network layer.
2. Flow Control

• It regulates the amount of data a source can send without

overloading the receiver.
• If the source produces data at a very faster rate than the receiver can
consume it, the receiver will be overloaded with data.
• To control the flow of data, the receiver should send feedback to the
sender to inform the latter that it is overloaded with data.
• There is a lack of flow control in the design of the network layer.
• It does not directly provide any flow control.
• The datagrams are sent by the sender when they are ready, without
any attention to the readiness of the receiver.
3. Congestion Control

• Congestion occurs when the number of datagrams sent by the source

is beyond the capacity of the network or routers.
• This is another issue in the network layer protocol.
• If congestion continues, sometimes a situation may arrive where the
system collapses and no datagrams are delivered.
• Although congestion control is indirectly implemented in the network
layer, still there is a lack of congestion control in the network layer.
Advantages of Network Layer Services

• Packetization service in the network layer provides ease of

transportation of the data packets.
• Packetization also eliminates single points of failure in data
communication systems.
• Routers present in the network layer reduce network traffic by
creating collision and broadcast domains.
• With the help of Forwarding, data packets are transferred from one
place to another in the network.
Disadvantages of Network Layer Services

• There is a lack of flow control in the design of the network layer.

• Congestion occurs sometimes due to the presence of too many
datagrams in a network that is beyond the capacity of the network or
the routers. Due to this, some routers may drop some of the
datagrams, and some important pieces of information may be lost.
• Although indirect error control is present in the network layer, there
is a lack of proper error control mechanisms as due to the presence
of fragmented data packets, error control becomes difficult to
implement.
 • Layer 3 is the Network layer, which utilizes multiple common
protocols to perform routing on the network.
• Layer 3 protocol attacks consist of Internet Protocol (IP), packet
sniffing and DoS attacks i.e. ICMP attacks or ping of death.
• These types of attacks can be performed remotely.
• To reduce the risk of these types of attacks, packet filtering controls
should be used.
1. IP Address Spoofing
2. Routing attacks
3. Back Hole/Selective Forwarding
• 1) IP Address Spoofing
• IP address spoofing is also known as IP address forgery or a host file
hijack. This can be mitigated by deploying packet filtering to detect
inconsistencies.
• 2) Back Hole
• In this attack malicious node pretends like normal node and forward
packets but selectively drops some packets.
• Malicious node acts like a black hole, it discards all the packet passing
through it.
•
Error Control in TCP

• TCP protocol has methods for finding out corrupted segments, missing segments,
out-of-order segments and duplicated segments.
• Error control in TCP is mainly done through the use of three simple techniques :
• Checksum – Every segment contains a checksum field which is used to find corrupted
segments. If the segment is corrupted, then that segment is discarded by the destination
TCP and is considered lost.
• Acknowledgement – TCP has another mechanism called acknowledgement to affirm that
the data segments have been delivered. Control segments that contain no data but have
sequence numbers will be acknowledged as well but ACK segments are not
acknowledged.
• Retransmission – When a segment is missing, delayed to deliver to a receiver, corrupted
when it is checked by the receiver then that segment is retransmitted again. Segments are
retransmitted only during two events: when the sender receives three duplicate
acknowledgements (ACK) or when a retransmission timer expires.
• Retransmission after RTO: TCP always preserves one retransmission
time-out (RTO) timer for all sent but not acknowledged segments.
When the timer runs out of time, the earliest segment is
retransmitted. Here no timer is set for acknowledgement. In TCP, the
RTO value is dynamic in nature and it is updated using the round trip
time (RTT) of segments. RTT is the time duration needed for a
segment to reach the receiver and an acknowledgement to be
received by the sender.
• Retransmission after Three duplicate ACK segments: RTO method
works well when the value of RTO is small. If it is large, more time is
needed to get confirmation about whether a segment has been
delivered or not. Sometimes one segment is lost and the receiver
receives so many out-of-order segments that they cannot be saved.
In order to solve this situation, three duplicate acknowledgement
method is used and missing segment is retransmitted immediately
instead of retransmitting already delivered segment. This is a fast
retransmission because it makes it possible to quickly retransmit lost
segments instead of waiting for timer to end.
Congestion Control in Computer Networks

• What is congestion?
• A state occurring in network layer when the message traffic is so
heavy that it slows down network response time.
•
• Effects of Congestion
• As delay increases, performance decreases.
• If delay increases, retransmission occurs, making situation worse.
•
Congestion control algorithms

• Congestion Control is a mechanism that controls the entry of data

packets into the network, enabling a better use of a shared network
infrastructure and avoiding congestive collapse.
• Congestive-Avoidance Algorithms (CAA) are implemented at the TCP
layer as the mechanism to avoid congestive collapse in a network.
• There are two congestion control algorithm which are as follows:
Leaky Bucket Algorithm

• The leaky bucket algorithm discovers its use in the context of network
traffic shaping or rate-limiting.
• A leaky bucket execution and a token bucket execution are
predominantly used for traffic shaping algorithms.
• This algorithm is used to control the rate at which traffic is sent to the
network and shape the burst traffic to a steady traffic stream.
• The disadvantages compared with the leaky-bucket algorithm are the
inefficient use of available network resources.
• The large area of network resources such as bandwidth is not being
used effectively.
Let us consider an example to understand

• Imagine a bucket with a small hole in the bottom.No matter at what

rate water enters the bucket, the outflow is at constant rate.When
the bucket is full with water additional water entering spills over the
sides and is lost.
Similarly, each network interface contains a leaky
bucket and the following steps are involved in
leaky bucket algorithm:
1. When host wants to send packet, packet is thrown into the bucket.
2. The bucket leaks at a constant rate, meaning the network interface
transmits packets at a constant rate.
3. Bursty traffic is converted to a uniform traffic by the leaky bucket.
4. In practice the bucket is a finite queue that outputs at a finite rate.
Token bucket Algorithm

• The leaky bucket algorithm has a rigid output design at an average rate
independent of the bursty traffic.
• In some applications, when large bursts arrive, the output is allowed to speed up.
This calls for a more flexible algorithm, preferably one that never loses
information. Therefore, a token bucket algorithm finds its uses in network traffic
shaping or rate-limiting.
• It is a control algorithm that indicates when traffic should be sent. This order
comes based on the display of tokens in the bucket.
• The bucket contains tokens. Each of the tokens defines a packet of predetermined
size. Tokens in the bucket are deleted for the ability to share a packet.
• When tokens are shown, a flow to transmit traffic appears in the display of
tokens.
• No token means no flow sends its packets. Hence, a flow transfers traffic up to its
peak burst rate in good tokens in the bucket.
Need of token bucket Algorithm:-
• The leaky bucket algorithm enforces output pattern at the average rate, no
matter how bursty the traffic is. So in order to deal with the bursty traffic
we need a flexible algorithm so that the data is not lost. One such
algorithm is token bucket algorithm.
•
• Steps of this algorithm can be described as follows:
•
• In regular intervals tokens are thrown into the bucket. ƒ
• The bucket has a maximum capacity. ƒ
• If there is a ready packet, a token is removed from the bucket, and the
packet is sent.
• If there is no token in the bucket, the packet cannot be sent.
• Let’s understand with an example,
•
• In figure (A) we see a bucket holding three tokens, with five packets
waiting to be transmitted. For a packet to be transmitted, it must
capture and destroy one token. In figure (B) We see that three of the
five packets have gotten through, but the other two are stuck waiting
for more tokens to be generated.
• Ways in which token bucket is superior to leaky bucket: The leaky
bucket algorithm controls the rate at which the packets are
introduced in the network, but it is very conservative in nature. Some
flexibility is introduced in the token bucket algorithm. In the token
bucket, algorithm tokens are generated at each tick (up to a certain
limit). For an incoming packet to be transmitted, it must capture a
token and the transmission takes place at the same rate. Hence some
of the busty packets are transmitted at the same rate if tokens are
available and thus introduces some amount of flexibility in the
system.
• Formula: M * s = C + ? * s where S – is time taken M – Maximum
output rate ? – Token arrival rate C – Capacity of the token bucket in
byte
Difference between Flow Control and Congestion
Control

• Flow Control and Congestion Control are traffic controlling methods

for different situations. The main difference between flow control
and congestion control is that, In flow control, rate of traffic received
from a sender can be controlled by a receiver. On the other hand, In
congestion control, rate of traffic from sender to the network is
controlled.
Flow Control:

• Flow control is a technique used to regulate the flow of data between different
nodes in a network. It ensures that a sender does not overwhelm a receiver with
too much data too quickly. The goal of flow control is to prevent buffer overflow,
which can lead to dropped packets and poor network performance.
• Advantages of Flow Control:
• Prevents buffer overflow: Flow control prevents buffer overflow by regulating the
rate at which data is sent from the sender to the receiver.
• Helps in handling different data rates: Flow control helps in handling different
data rates by regulating the flow of data to match the capacity of the receiving
device.
• Efficient use of network resources: Flow control helps in efficient use of network
resources by avoiding packet loss and reducing the need for retransmissions.
Disadvantages of Flow Control:
• May cause delays: Flow control may cause delays in data transmission
as it regulates the rate of data flow.
• May not be effective in congested networks: Flow control may not be
effective in congested networks where the congestion is caused by
multiple sources.
• May require additional hardware or software: Flow control may
require additional hardware or software to implement the flow
control mechanism.
Congestion Control:

• Congestion control is a technique used to prevent congestion in a network.

Congestion occurs when too much data is being sent over a network, and the
network becomes overloaded, leading to dropped packets and poor network
performance.
• Advantages of Congestion Control:
• Prevents network congestion: Congestion control prevents network congestion by
regulating the rate at which data is sent from the sender to the receiver.
• Efficient use of network resources: Congestion control helps in efficient use of
network resources by reducing the number of lost packets and retransmissions.
• Fair allocation of network resources: Congestion control ensures a fair allocation
of network resources by regulating the rate of data flow for all sources.
• Similarities between Flow Control and Congestion Control:
• Both regulate the flow of data: Both flow control and congestion
control regulate the flow of data in a network.
• Both prevent packet loss: Both flow control and congestion control
prevent packet loss by regulating the rate of data flow.
 Flow Control Congestion Control

Traffic entering the network from a sender is controlled by

Traffic from sender to receiver is controlled, to avoid reducing rate of packets.
overwhelming the slow receiver. Here, the sender has to control/modulate his own rate to
achieve optimal network utilization.

Flow control is typically used in data link layer. Congestion control is applied in network and transport layer.

In this, Receiver’s data is prevented from being overwhelmed. In this, Network is prevented from congestion.

In flow control, sender needs to take measures to avoid In this, many algorithms designed for transport layer/network
receiver from being overwhelmed depending on feedback layer define how endpoints should behave to avoid
from receiver and also in absence of any feedback. congestion.

Types of Flow control are

1.Stop and Wait – For every frame transmitted, sender expects Mechanisms designed to prevent network congestions are
ACK from receiver. 1.Network Queue Management
2.Sliding Window – ACK needed only after sender transmits 2.Explicit Congestion Notification
data until window is full, which is allocated initially by 3.TCP Congestion control
receiver.
What protocols are used at the network
layer?
• A protocol is an agreed-upon way of formatting data so that two or
more devices are able to communicate with and understand each
other. A number of different protocols make connections, testing,
routing, and encryption possible at the network layer, including:
• IP
• IPsec
• ICMP
• IGMP
• GRE
Reference
• https://www.geeksforgeeks.org/network-layer-in-osi-model/
• https://www.cloudflare.com/network-services/products/magic-transi
t/
• https://www.cloudflare.com/learning/ddos/layer-3-ddos-attacks/
Protocol Name
Layer :-
Protocol Data Unit:- •Protocol Header format – Image

Description Detail

Vulnerabilities : it has inherent vulnerabilities

that make it prone to attacks, such as limited
packet verification, IP spoofing and DDoS
attacks.
Vulnerability Details with: CVE

Exploit prediction scoring system (EPSS)

score

Impact of attack:
Products affected by CVE