Chapter 1

Network Layer and protocol

Introduction
• Layer-3 in the OSI model is called Network layer.
• Network layer manages host and network addressing, managing sub-
networks, and internetworking.
• Network layer takes the responsibility for routing packets from source to
destination within or outside a subnet.
• Two different subnet may have different addressing schemes or non-
compatible addressing types. Same with protocols, two different subnet may
be operating on different protocols which are not compatible with each other.
• Network layer has the responsibility to route the packets from source to
destination, mapping different addressing schemes and protocols.

Two version of Internet Protocol (IP)

Internet Protocol Version 4 (IPv4)

• 32 bit number
• 4 octets
• Limitation : 4294967296 (232) addresses
• It is described in RFC 761 September 1981
• commonly in use today
• e.g. 172.115.56.48

Internet Protocol Version 6 (IPv6)

• 128 bit number

• 16 octets
• Limitation : (2128) 3.403×1038 addresses
• It was developed in 1995 and standardized as rfc2460 in 1998.
• Not yet widely used.
• e.g. 2001:0:9d38:90d7:2c0f:19de:4b28:afba
Types of IP address
Static vs Dynamic IP Addresses
Static
• Static IP address does not change once it is assigned to a device / computer
in a network.
• Since, the IP is static and known there is more possibility for network attacks
• Used by Web Servers, E-mail Servers
• Number of allocatable IP addresses is limited in IPv4.Hence, nowadays it is
not possible to connect all the devices that exists in world
to Internet simultaneously by using IPv4.

Dynamic
• Dynamic IP addresses are assigned by ISP using DHCP
• Available IP address is assigned to a device when it is connected to the
network, after the session expiry the IP address released for other
device's use.
• Effective use of IP addresses is an advantage of Dynamic IP address
assigning.
• Since, the IP address changes frequently, it become not traceable.

Four Level of addresses

Physical Addresses
• The physical address, also known as the link address, is the address of a node
as defined by its LAN or WAN.
• The size and format of these addresses vary depending on the network. For
example, Ethernet uses a 6-byte (48-bit) physical address.
 • Physical addresses can be either unicast (one single recipient), multicast (a
group of recipients), or broadcast (to be received by all systems in the
network.
• Example: Most local area networks use a 48-bit (6-byte) physical address
written as 12 hexadecimal digits; every byte (2 hexadecimal digits) is
separated by a colon, as shown below: A 6-byte (12 hexadecimal digits)
physical address 07:01:02:01:2C:4B

Logical Addresses
• Logical addresses are used by networking software to allow packets to be
independent of the physical connection of the network, that is, to work with
different network topologies and types of media.
• A logical address in the Internet is currently a 32-bit address that can
uniquely define a host connected to the Internet. An internet address in IPv4
in decimal numbers 132.24.75.9
• No two publicly addressed and visible hosts on the Internet can have the
same IP address.
• The logical addresses can be either unicast (one single recipient), multicast (a
group of recipients), or broadcast (all systems in the network). There are
limitations on broadcast addresses.

Port Addresses
• There are many applications running on the computer. Each application run
with a port no.(logically) on the computer.
• A port number is part of the addressing information used to identify the
senders and receivers of messages.
• Port numbers are most commonly used with TCP/IP connections.
• These port numbers allow different applications on the same computer to
share network resources simultaneously.
• Example: a port address is a 16-bit address represented by one decimal
number 753.
Application-Specific Addresses
• Some applications have user-friendly addresses that are designed for that
specific application.
• Examples include the e-mail address (for example, forouzan@fhda.edu) and
the Universal Resource Locator (URL) (for example, www.mhhe.com). The
first defines the recipient of an e-mail; the second is used to find a document
on the World Wide Web.

IP Addressing
An Internet Protocol address (IP address) is a logical numeric address that is
assigned to every single computer, printer, switch, router or any other device that is
part of a TCP/IP-based network.
The IP address is the core component on which the networking architecture is built;
no network exists without it.
An IP address is a logical address that is used to uniquely identify every node in the
network. Because IP addresses are logical, they can change.
They are similar to addresses in a town or city because the IP address gives the
network node an address so that it can communicate with other nodes or networks,
just like mail is sent to friends and relatives.

The numerals in an IP address are divided into 2 parts:

• Network ID

The network part specifies which networks this address belongs to .

• Host ID

The host part further pinpoints the exact device.

IP Addressing
There are two systems in which IP Addresses are classified-

1. Classful Addressing System

2. Classless Addressing System

Introduction and Classful Addressing

IP address is an address having information about how to reach a specific host,
especially outside the LAN. An IP address is a 32 bit unique address having an
address space of 232.
Generally, there are two notations in which IP address is written, dotted decimal
notation and hexadecimal notation.

Dotted Decimal Notation

Some points to be noted about dotted decimal notation :
1. The value of any segment (byte) is between 0 and 255 (both included).
2. There are no zeroes preceding the value in any segment (054 is wrong, 54 is
correct).

Classful Addressing

The 32 bit IP address is divided into five sub-classes. These are:

• Class A
• Class B
• Class C
• Class D
• Class E
Each of these classes has a valid range of IP addresses. Classes D and E are
reserved for multicast and experimental purposes respectively. The order of bits in
the first octet determine the classes of IP address.
IPv4 address is divided into two parts:
• Network ID
• Host ID

The class of IP address is used to determine the bits used for network ID and host
ID and the number of total networks and hosts possible in that particular class. Each
ISP or network administrator assigns IP address to each device that is connected to
its network.
Note: While finding the total number of host IP addresses, 2 IP addresses are not
counted and are therefore, decreased from the total count because the first IP
address of any network is the network number and whereas the last IP address is
reserved for broadcast IP.

Class A:

IP address belonging to class A are assigned to the networks that contain a large
number of hosts.
• The network ID is 8 bits long.
• The host ID is 24 bits long.

The higher order bit of the first octet in class A is always set to 0.
The remaining 7 bits in first octet are used to determine network ID.

The 24 bits of host ID are used to determine the host in any network. The default
subnet mask for class A is 255.x.x.x. Therefore, class A has a total of:
• 2^7= 128 network ID
• 2^24 – 2 = 16,777,214 host ID
IP addresses belonging to class A ranges from 0.x.x.x – 127.x.x.x
Class B:
IP address belonging to class B are assigned to the networks that ranges from
medium-sized to large-sized networks.
• The network ID is 16 bits long.
• The host ID is 16 bits long.
The higher order bits of the first octet of IP addresses of class B are always set to
10. The remaining 14 bits are used to determine network ID. The 16 bits of host ID
is used to determine the host in any network. The default sub-net mask for class B is
255.255.x.x. Class B has a total of:
• 2^14 = 16384 network address
• 2^16 – 2 = 65534 host address
IP addresses belonging to class B ranges from 128.0.x.x – 191.255.x.x.

Class C:
IP address belonging to class C are assigned to small-sized networks.
• The network ID is 24 bits long.
• The host ID is 8 bits long.

The higher order bits of the first octet of IP addresses of class C are always set to
110. The remaining 21 bits are used to determine network ID. The 8 bits of host ID
is used to determine the host in any network. The default sub-net mask for class C is
255.255.255.x. Class C has a total of:
• 2^21 = 2097152 network address
• 2^8 – 2 = 254 host address
IP addresses belonging to class C ranges from 192.0.0.x – 223.255.255.x.

Class D:
IP address belonging to class D are reserved for multi-casting. The higher order bits
of the first octet of IP addresses belonging to class D are always set to 1110. The
remaining bits are for the address that interested hosts recognize.
Class D does not posses any sub-net mask. IP addresses belonging to class D ranges
from 224.0.0.0 – 239.255.255.255.

Class E:
IP addresses belonging to class E are reserved for experimental and research
purposes. IP addresses of class E ranges from 240.0.0.0 – 255.255.255.254.

This class doesn’t have any sub-net mask. The higher order bits of first octet of
class E are always set to 1111.

Range of special IP addresses:

169.254.0.0 – 169.254.0.16 : Link local addresses
127.0.0.0 – 127.0.0.8 : Loop-back addresses
0.0.0.0 – 0.0.0.8 : used to communicate within the current network.
Rules for assigning Host ID:
Host ID’s are used to identify a host within a network. The host ID are assigned
based on the following rules:
• Within any network, the host ID must be unique to that network.
 • Host ID in which all bits are set to 0 cannot be assigned because this host ID is
used to represent the network ID of the IP address.
• Host ID in which all bits are set to 1 cannot be assigned because this host ID is
reserved as a broadcast address to send packets to all the hosts present on that
particular network.

Rules for assigning Network ID:

Hosts that are located on the same physical network are identified by the network
ID, as all host on the same physical network is assigned the same network ID. The
network ID is assigned based on the following rules:
• The network ID cannot start with 127 because 127 belongs to class A address
and is reserved for internal loop-back functions.
• All bits of network ID set to 1 are reserved for use as an IP broadcast address
and therefore, cannot be used.
• All bits of network ID set to 0 are used to denote a specific host on the local
network and are not routed and therefore, aren’t used.

Classful addressing :

Using a classful IP addressing format worked well when the Internet was
relatively small. But as the number of networks on the Internet grew, the
limitations of classful addresses became apparent. The Class A address space
contains only 125 usable networks in the range 0–127 because networks 0
and 127 are reserved, and network 10 is used for private addressing. Each of
these 125 Class A networks could theoretically contain 224 – 2 or 16,777,214
hosts, but it's not realistic to have more than 16 million hosts on the same
network. Therefore, in the early 1990s, the Internet moved away from a
classful address space to a classless address space. In other words, the
number of bits used for the network portion of an IP address became variable
instead of fixed.

The network portion of classful IP addresses is fixed. For the network portion
of an IP address, Class A addresses use 8 bits, Class B addresses use 16
bits, and Class C addresses use 24 bits. A router could determine the address
class by inspecting the first byte of the address. A value of 1–126 is Class A,
128–191 is Class B, and 192–223 is Class C.

For classless IP addressing, there is no longer a relationship between the

number of bits used in the network portion and the value of the first byte of the
address. A different method has to be used to determine the size of the
network portion of an IP address. This new method allows you to borrow bits
that are normally used for the host portion of an IP address, and use them to
extend the network portion of an IP address.

A router is a computer of sorts, and can therefore manipulate binary numbers

quite well. It would seem natural to use a 1 to identify a bit in an IP address
that is part of the network address, and a 0 to identify a bit that is used as the
host address. These bits can be thought of as masking off the network address
from the host address. An IP address is 32 bits, so a 32-bit mask is needed to
determine the network and host components of an IP address. Figure 3-19
contains the natural mask values for Class A, B, and C addresses.
Figure 3-19 - Classful IP Address Masks

There are two common ways to refer to the mask that is used to determine the
number of bits used for the network component of an IP address. The first is to
use the number of 1 bits in the mask. A Class A mask is an 8-bit mask, Class
B is a 16- bit mask, and Class C is a 24-bit mask. The other way is to
represent the mask as / (slash) and then the number of 1 bits in the mask.
Class A is /8 (slash 8), Class B is /16 (slash 16), and Class C is /24 (slash 24).
An important rule is that the number of 1s and 0s in a mask must be
contiguous (all the 1s must be together and all the 0s must be together). For
example:

11111111 11111111 00000000 00000000 is a valid mask.

11111111 00111111 00000000 00000111 is not a valid mask.

Using a mask to determine the network component of an IP address is called

a bitwise logical AND operation. Bitwise AND is equivalent to bitwise
multiplication:
A*1=A

A * 0 = 0 where A = 0 or 1

A router can determine the network component of the classful IP address

156.26.32.1 by using a mask as shown:

156.26.32.1

AND

255.255.0.0

Equals

156.26.0.0

This might seem like a trivial operation. For classful addresses, this is a fair
statement because the network component is on an easy-to-use byte
boundary. But you want to be able to switch from classful to classless
addressing, and you will need a mask to do that.

As an introduction to classless addressing, assume that your company has

been assigned the Class B address 156.26.0.0. If you use this as a classful
address, you can have one network with 65,534 hosts. You would like to have
more than one network with fewer hosts on each network. This means you will
have to create subnets from the assigned Class B address space. Instead of
using a 16-bit mask, or /16, see what happens if you use a 17-bit subnet mask:

IP Address = 156.26.0.0

Subnet Mask = 255.255.128.0

The Class B part, or 156.26, is fixed and cannot be changed. But your
company owns the following 16 bits, so they can be any value you want. The
seventeenth bit of your network address can either be a 0 or a 1. If it is 0, that
identifies network 156.26.0.0. If the seventeenth bit is a 1, that identifies
network 156.26.128.0. By borrowing 1 bit from the standard host portion of the
IP address and assigning it to the network portion, you have created two
subnets of the Class B address space 156.26. The first subnetwork has host
addresses in the range 156.26.0.1– 156.26.127.254.

The broadcast address is 156.26.127.255.

The second subnetwork has host addresses in the range 156.26.128.1–

156.26.255.254.

The broadcast address is 156.26.255.255.

This operation is shown in Figure 3-20.

Figure 3-20 - Subnetting a Class B Address with a 17-bit Mask

If you use 2 additional bits, or a /18 bit mask, you will have four subnets. These
four subnets are identified by the four values possible with 2 bits:

00
01

10

11

Remember, the network is identified by setting the host portion of the IP

address to 0. So, the first subnet using an 18-bit mask is 156.26.0.0.

The second subnet is determined by calculating the value of the third byte
when the most significant bits are 0 1:

0 1 0 0 0 0 0 0 = 64

Subnet 2 has a network address of 156.26.64.0.

The third subnet is determined by calculating the value of the third byte when
the most significant bits are 1 0:

1 0 0 0 0 0 0 0 = 128

Subnet 2 has a network address of 156.26.128.0.

And the fourth subnet is determined by calculating the value of the third byte
when the most significant bits are 1 1:

1 1 0 0 0 0 0 0 = 192

Subnet 4 has a network address of 156.26.192.0.

Classless Inter Domain Routing provides the flexibility of borrowing bits

of Host part of the IP address and using them as Network in Network, called
Subnet. By using subnetting, one single Class A IP address can be used to
have smaller sub-networks which provides better network management
capabilities.

Class A Subnets
In Class A, only the first octet is used as Network identifier and rest of three
octets are used to be assigned to Hosts (i.e. 16777214 Hosts per Network).
To make more subnet in Class A, bits from Host part are borrowed and the
subnet mask is changed accordingly.

For example, if one MSB (Most Significant Bit) is borrowed from host bits of
second octet and added to Network address, it creates two Subnets (2 1=2)
with (223-2) 8388606 Hosts per Subnet.

The Subnet mask is changed accordingly to reflect subnetting. Given below

is a list of all possible combination of Class A subnets:
In case of subnetting too, the very first and last IP address of every subnet
is used for Subnet Number and Subnet Broadcast IP address respectively.
Because these two IP addresses cannot be assigned to hosts, sub-netting
cannot be implemented by using more than 30 bits as Network Bits, which
provides less than two hosts per subnet.

Class B Subnets
By default, using Classful Networking, 14 bits are used as Network bits
providing (214) 16384 Networks and (216-2) 65534 Hosts. Class B IP
Addresses can be subnetted the same way as Class A addresses, by
borrowing bits from Host bits. Below is given all possible combination of
Class B subnetting:

Class C Subnets
Class C IP addresses are normally assigned to a very small size network
because it can only have 254 hosts in a network. Given below is a list of all
possible combination of subnetted Class B IP address:
Network Address Translation
(NAT)
To access Internet, one public IP address is needed, but we can use private
IP address in our private network. The idea of NAT is to allow multiple
devices to access Internet through a single public address. To achieve this,
translation of private IP address to a public IP address is required. Network
Address Translation (NAT) is a process in which one or more local IP address
is translated into one or more Global IP address and vice versa in order to
provide Internet access to the local hosts. Also, it does the translation of port
numbers i.e. masks the port number of the host with another port number, in
the packet that will be routed to destination. It then makes the corresponding
entries of ip address and port number in the NAT table. NAT generally
operates on router or firewall.

Network Address Translation (NAT) working –

Generally, the border router is configured for NAT i.e the router which have
one interface in local (inside) network and one interface in global (outside)
network. When a packet traverse outside the local (inside) network, then NAT
converts that local (private) IP address to a global (public) IP address. When
a packet enters the local network, the global (public) IP address is converted
to local (private) IP address.
If NAT run out of addresses, i.e., no address is left in the pool configured
then the packets will be dropped and an Internet Control Message Protocol
(ICMP) host unreachable packet to the destination is send.

Why mask port numbers?

Suppose, in a network, two hosts A and B are connected. Now, both of them
request for the same destination, on the same port number, say 1000, on
host side, at the same time. If NAT does only translation of ip addresses,
then when their packets will arrive at the NAT, both of their IP addresses
would be masked by the public IP address of the network and sent to the
destination. Destination will send replies on the public ip address of the
router. Thus, on receiving reply, it will be unclear to NAT as to which reply
belongs to which host (because source port numbers for both A and B are
same). Hence, to avoid such a problem, NAT masks the source port number
as well and makes an entry in the NAT table.
NAT inside and outside addresses –
Inside refers to the addresses which must be translated. Outside refers to the addresses
which are not in control of an organisation. These are the network Addresses in which
the translation of the addresses will be done.

• Inside local address – An IP address that is assigned to a host on the Inside

(local) network. The address is probably not a IP address assigned by the service
provider i.e., these are private IP address. This is the inside host seen from the
inside network.
• Inside global address – IP address that represents one or more inside local IP
addresses to the outside world. This is the inside host as seen from the outside
network.
• Outside local address – This is the actual IP address of the destination host in the
local network after translation.
• Outside global address – This is the outside host as seen form the outside
network. It is the IP address of the outside destination host before translation.
Network Address Translation (NAT) Types –
There are 3 ways to configure NAT:
1. Static NAT – In this, a single unregistered (Private) IP address is mapped with a
legally registered (Public) IP address i.e one-to-one mapping between local and
global address. This is generally used for Web hosting. These are not used in
organisations as there are many devices who will need Internet access and to
provide Internet access, public IP address is needed.

Suppose, if there are 3000 devices who needs access to Internet, the organisation
have to buy 3000 public addresses that will be very costly.
2. Dynamic NAT – In this type of NAT, an unregistered IP address is translated into a
registered (Public) IP address from a pool of public IP address. If the IP address of
pool are not free, then the packet will be dropped as only fixed number of private IP
address can be translated to public addresses.
 Suppose, if there is pool of 2 public IP addresses then only 2 private IP addresses
can be translated at a given time. If 3rd private IP address wants to access Internet
then the packet will be dropped therefore many private IP addresses are mapped to
a pool of public IP addresses. NAT is used when the number of users who wants to
access the Internet are fixed. This is also very costly as the organisation have to
buy many global IP addresses to make a pool.
3. Port Address Translation (PAT) – This is also known as NAT overload. In this,
many local (private) IP addresses can be translated to single registered IP address
.Port numbers are used to distinguish the traffic i.e., which traffic belongs to which
IP address. This is most frequently used as it is cost effective as thousands of users
can be connected to the Internet by using only one real global (public) IP address.
Advantages of NAT –
• NAT conserves legally registered IP addresses .
• It provides privacy as the device IP address, sending and receiving the traffic, will
be hidden.
• Eliminates address renumbering when a network evolves.
Disadvantage of NAT –
• Translation results in switching path delays.
• Certain applications will not function while NAT is enabled.
• Complicates tunneling protocols such as IPsec.
• Also, router being a network layer device, should not tamper with port
numbers(transport layer) but it has to do so because of NAT.

Supernetting

Internet Protocol

• The Internet Protocol is a protocol or set of rules, for routing data packets
across the network and reached towards its destination.
• Data Travels on the internet that divided in to smaller chunks, called as
Packets. IP information is attached to the packets and that helps the router to
route the packets towards its Destination.
• Every device that connected on the internet has IP address and packets are
directed towards the IP address.
• Internet Protocol is connectionless and unreliable protocol. It ensures no
guarantee of successfully transmission of data.
• In order to make it reliable, it must be paired with reliable protocol such as
TCP at the transport layer.
 • Internet protocol transmits the data in form of a datagram Format as shown
in the following diagram:

Header Format

• A 20 byte header contains 13 multipurpose fields, which hold specific object

information such as application , Data type and source and destination
address.