Se li Priya_ , Revat:UNIT-IIT NETWORK LAYER acket Switching - Internet protocol - IPV4 ubnetting - IPV6, ARP, RARP, ICMP, DHCP 3.1 NETWORK LAYER SERVICES Network layer is the third layer in OSI model. It provides end to end communication by forwarding packets from source to destination. Network layer plays functions such as: e Determination of path/ route from source to destination. e Forwarding data packets © Providing data flow. Services-provided by network layer to the transport layer is referred as Network layer services. Services are : (i) Packeting (i) Routing and forwarding (iii) Addressing (iv) Error control (v) Flow control (vi) Congestion control (vii) Quality of service In general, Network layer provides © Guaranteed delivery « Guaranteed delivery with bounded delay.32 Computer Networks ‘ In-order packet delivery. ¢ Guaranteed minimal bandwidth © Guaranteed maximum jitter © Security services. (i) Packeting It is the process where the network layer encapsulates, (payload with header) the packets received from upper layer protocol and makes new packet. It is done by network layer protocol called Internetworking Protocol (IP). Three main functions of network layer are — Packeting — Routing — Addressing. Gi) Routing and Forwarding Routing is the process responsible for transmitting packets from source to destination. Network layer chooses best path to transmit data. Best path is choosen based on factors such as shortest path and greatest available bandwidth. Forwarding is an action done by each router, when packet arrives to it. Forwarding process implements a forwarding table which helps to lookup for a destination of arrived packet. i) Addressing : Addressing enables to have unique identifier for the each device connected in a network. (iv) Error Control : Since packets in the network layer are fragmented into pieces in router, error control could not be efficient, if implemented in this layer. However, checksum field is added to find any corruption in the header point of payload. ICMP (Internet Control Message Protocol) takes care of this job. () Flow control : It controls the amount of data being transmitted without blocking or congesting any of the participating node in a network. Reasons for lack of flow control in network layer are : - Lack of error control. - Upper level layers use buffers to receive data from network layers. - _ Upper layers that use services of network layer were implemented with flow control.Network Layer 33 (vi) Congestion control: Congestion occurs when sender sends data beyond the receiver limit. Congestion is an overloaded condition in a network. Congestion can be,avoided by allocating resources that can be adjustable by the devices connected to the network. (vii) Quality of Service (QOS) ; QOS important as the network supports different types of data. (viii) Security : IPSec plays vital role in providing security to the network. 3.2 PACKET SWITCHING In Data Communication, switching techniques divided into two broad categories : (i) Circuit switching (ii) Packet switching Packet switching is the process of transferring packets in form of packets in a network. Data is broken into sized chunks of data, added with header portion and transmitted in the network. It is a connectionless network switching technique. Header | Payload Packet e Header contains address details of packet. e Payload contains the actual data. e Packets are always not sent in the same path, so recording of packet must be done at the destination side. Packet switching employs store and forward technique, Advantages of packet switching ¢ — Efficient utilisation of bandwidth. * Minimal transmission delay. e More reliable and fault tolerant. « Allows simultaneous use of same channel by multiple users. «Robustness of link.34 Computer Network Disadvantages : ¢ — Have high installation costs. «Not suitable for applications, that cannot afford delay. (ex) high quality Voice calls. «Need to add sequence number to reorder packet at destination side. «Switching nodes require more processing power. Different types of packet switching : There are 2 different approaches in packet switching: (i). Connectionless service — Datagram approach. (ii) Connection oriented service — Virtual circuit approach. (i) Conneetionless packet switching : (Datagram approach) Each packet in datagram packet switching contain full address which includes source and destination address. Each packet is treated independently, without relationship between packets belonging to the same message. Routers are used to transmit data between source and destination. Packets in this approach is normally referred as datagrams. Figure Datagram Packet Switching The above figure depicts the path taken by the four packets belong to the same message to reach the destination (ex) Internet.Network Layer 35 The datagrams arrives at the destination with different order from the order sent by the source. The routers decide the route for the packet based on the source and destination address. Internet use datagram approach at the network lay Forwarding packet is decided based on the destination address, Advantages : ()_ Can decide link by their own, Failure of one link can be replaced by other link. (ii) No additional time required for connection set up and connection tear down. (iii) Store and forward mechanism help at times of packet loss or link failure. Disadvantages : (i) Extra processing power needed to connect devices. (ii) Packet delivery is not guaranteed, so no reliability, (iii) Different types of delay takes place, since it works on store and forwards. Delays in packet switching : Transmission delay Propagation delay © — Queing delay © Processing delay (ii) Connection oriented packet switching : (Virtual Circuit Approach) Before transmission of data, a virtual connection need to be established between the source and destination is known as connection oriented service. It overcomes the drawback of packet loss in connectionless packet switching approach. It also overcomes the drawback of circuit switching, which takes dedicated full circuit for a single connection. Individual packets of same message doesnot take different path as in connectionless Service. Instead, it takes the selected path by source-destination pair from a set of predefined paths. It is called virtual, because the circuit is not real and dedicated to a source-destination Pair,Computer Net 36 ; ji ith ID is created and allocateg f ; ‘SD) pair, a pat , urce-destination (' Based on SO! i session. = particular er volume of traffic between source and deine oon dation oriented packet switching is better than connectionless conn packet switching. | cireuit ID is provided by routers to uniquely identify the path. It is aj, Virtual circt : known as Virtual Circuit Identifier. i cess : Connection oriented service works on three phase pro: e =©Setup Data transfer e = Tear down Setup phase In this phase, router creates a virtual circuit. Address information only transferred during setup phase. 4\3}2i4 4131214 |. R3- Ra s 1, R2, R3, R4 and RS are routers Figure Virtual packet switched network. During setup phase, virtual path is established by using two packets. © Request packet * Acknowledgement packet Request packet is set from Source to destination, e Source A sends Tequest packet to router RI, e Source A understands packet goes through port 3.Network Layer : 37 The router assigns label (ID) as 14, and outgoing port 3. The router then forward packet through port 3 to router R3. R3 awn Ra _AtoB 4 Fig, Request packet ¢ Router R3 receives setup request packet. Enters incoming port, label 66 and outgoing port3 in forwarding table. 7 © Router R4 receives setup request packet. Enters incoming port 1, incoming label 22 and outgoing port 4. © Destination B receives setup packet. If it is ready to receive assign label 77. (Labels 66, 22 and 77 are assumptions) . Acknowledgement packet completes the switching table entry by filling the 4th entry in forwarding routing table. Destination B sends acknowledgement packet to A, through router R4, R3 and RI. After recei the destination. ing acknowledgement, connection is established between source and Data transfer phase: Duging data transfer phase, packets belonging to one message is sent from the source and destination through the selected path. Tear down phase : Sender, after sending all available packets to destination sends a tear down packet to destination to terminate the connection. Destination node on receiving tear down packet, sends a confirmation packet to terminate the connection.Computer Networ. 38 ANCE 3.3 NETWORK LAYER PERFORM. . Performance of a network layer is measured based on the following factors/metrigg «Delay «Throughput « Packet loss Congestion control Delay : The delay defines the additional taken by a bit of data to travel from source tg destination. There are 4 types of delay : «Transmission delay © Propagation delay «Processing delay © — Queuing delay ‘Transmission delay : Transmission delay is the time between last bit of message reaching the destination to the first bit of message reached the destination. It is denoted by delay. Distance Delay, =————_ Y= "Transmission rate Propagation delay : It is the time taken for a bit to travel from source to destination. The propagation delay depends on the propagation speed of medium. It is of 3 x 10° m/s in a vaccum and much less for wired medium. It is denoted by Delay,,- Distance Delay,, = Distance _ Yrs = Propagation speed Processing delay : es Itis the time taken by a router to receive a packet. It consider time to receive packe from input port, remove header, perform error detection procedure, deliver packet !@ output port (router) or deliver packet to the destination port. It is denoted as P, Delay,, = Time required to process a packet in router or destination port.aa etwork Laver quewing delay : 3.9 Each router maintains input queue connected to input port (packet arrival) and output queve connected to output port (packet waiting to be transmitted.) The queuing delay for a packet is the time a packet waits in the input queue and output queue ofa router. (ex) Busy airport, where flight wait for landing and departure. It js denoted as Delayg, [Petar = Time a packet waits in input queue and output queue of a router. Total delay a packet encounters is computed by sum of all the delay, If there are n nodes in a network, then it will have (n+1) links. Total delay = (n+1) (Delay, + Delay,, + Delay,,) + (n) (Delay,,) ‘Throughput : Throughput is defined as the number of data packets transmitted per second. ‘Throughput measures the performance and quality of a network. Network throughput is based on the factors like physical channel, packet loss and congestion in network. It is denoted by TR. Ifthere are n links, on which packet has to travel to reach destination, then Throughput = minimum {TR,, TR,,.....TR,} Packet loss : Non receipt of sent packet at the destination is termed as packet loss. It occurs due to transmission errors or congestion in network. (overflow of buffer). The causes of packet loss are high latency, bandwidth, jitter, hardware/sofiware failure and so on. Lost packet can be recovered by packet retransmission. Congestion control : Congestion control improves the performance of a network load (packet size)and throughput are inversely proportional to each other. When load increases beyond the capacity of network, then throughput decreases. When load is minimum, throughput increases. Congestion at network layer is based on two issues : © Throughput * Delay __ Packet size (load) and delay are directly proportional to one another. When load is minimum, delay will be minimum.3.10 Computer Netiotig ~—\finimum delay composed of propagation delay and processing delay, When delay increases, it includes queing delay. Throughput Delay No. congestion > LoaniCapacity Delays Vs Load Load/Capacity Throughput Vs Load Figure Congestion - Delay & Throughput There are two broad categories of congestion control mechanism : (@_ Open loop congestion control (controls congestion before it happens) (ii) Closed loop congestion control (controls congestion after it happens) (i) | Open-loop congestion control : In open-loop congestion control mechanism, several approaches are carried to prevent congestion. Congestion control is performed by either source or destination.) Different approaches of open-loop congestion control are : Retransmission policy * Window policy “e Acknowledgement policy © Discarding policy” « Admission policy. Retransmission policy : Normally sender retransmits the packet during packet loss or transmission errors. But retransmission congest the network. So proper retransmission policy and retransmission timer must be designed to improve the performance of | network by preventing congestion. Window policy : Selective repeat window is far better than the Go-back-N window. Selective repeat congestion on network and improve the performance by sending only the lost or corrupt packet.Network Layer ‘Acknowledgement policy : 3 Acknowledgement on every Successful delivery of packet induce congestion on network. So, receiver can avoid sending acknowledgement for all the packets received. Moreover sending acknowledgement for N packets and corrupted packets improve the performance of network and prevent the congestion, Disearding policy : Discarding noisy/corrupted packet also prevent congestion. ‘Admission policy : Admission policy also referred as Quality of Service (QOS) mechanism. In this approach, switches and routers disallow the heavy load packets and thus prevent congestion. Routers can also deny establishment of virtual connection, when there is a possibility of congestion in future transmission. Closed loop congestion control : In closed loop congestion control, several mechanisms are carried to alleviate (control) congestion after it happens. Different approaches are : «Back pressure © Choke packet ¢ Implicit signalling © Explicit signalling Back pressure : Inback pressure approach, the congested node stops receiving data from immediate upstream node or nodes. It is a node to node congestion control mechanism. This back pressure approach is applied only to virtual circuit network. (j.e.) Nodes which know the upstream node from where the data comes) but not to the datagram network connectionless network.) R2 Ra R4 RS @—(«)—_®—_@) <_— <_— Back Back Back Pressure Pressure Pressure Figure Back Pressure If R3 is congested, it stops receiving from R2 and informs R2 to slow down. R2 inturn gets congested, so stops receiving data from RI and informs R1 to slow down and RI continues the same.Computer Netw 32 (tke Choke packet : Inchoke packet, whenever a node is conges! called choke packet to the source node. Interme¢ ted, it directly sends the warning messao, diate nodes does not get any warnins message. nt from congested node In back pressure, congestion warning is sent f Ss to upstream node whereas in choke packet is congested node to source node. ingested Choke Packet, ee [Best 5 © O00 3, Dataflow Figure Choke packet Implicit signallin; In implicit signalling, no separate warning message is sent to intimate the occurrence of congestion. Sender on non-receiving of ack for receive packet, concludes congestion in network and slows down the rate of sending data. No participating nodes involved in sending warning message. Explicit signalling : In explicit signalling, whenever node feels congestion, it sends a congestion signal along with the data packet. No separate warning message is sent to alert the congestion. But it includes alert signal of congestion being occurred in the data packet itself. 3.4 IPV4 Addresses An IP (Internet Protocol) address is a unique address used to identify’a device in network. , There are two types of IP addressing : @ IPva (ii) IPV6 Address space : Address space is total number of discrete address used by the protocol.ea yerwor IpV4 is made up of 32 bits divided into network and host portion with the help of aunet mask: The 32 bits are divided in to 4 Octets, jgimal that is seperated by dot(.). Each oct yer 3.13 , each of 8 bits. Each octet is represented in tet range from 0 to 255 decimal. Ex : 128.0.0.1 (or) 01000000.00000000.00000000.00000001 gxample of binary octet convert to decimal: badd Pde] | Le 1 de xs 2 Ix?= 4 Ix2= 8 1x2*= 16 Tx 25= 32 1x2°= 64 1x27= 128 255 ‘Address can be represented in three notations : (i) Binary notation (i) Dotted decimal notation (iii) Hexadecimal notation. Binary 10000000 00001011 00000011 ooo Dotted Decimal 128 : 5 3 : 31 Hexa Decimal 80 0B 03 IF 32 bits —— Prefix | Suffix Prefix = ‘n’ bits oe Suffix = 32-n bits IP Address Defines Network Defines nodeComputer Netiion, oy d length called lagi. Former, IPV4 designed by keeping prefix as fixe addressing. «The variable length of prefix is termed as classless addressing, 3.4.1 Classful Addressing Aclassful addressing is a network ai of IP addressing in 1981. In this all host in a network, share a common network prefix and nodes connecteg ddressing scheme used during the introductio, to have a unique host number. To support different network size, IP address space is divided into 5 classes like class A, B,C, D and E. Each class fixes boundary between network size and host number. 8 bits Bbits 8 bits ! 8 bits 1 Class Prefixes First byte Class A | 0 Prefix A | n=8bits Oto 127 Class B | 10 Prefix B n=16 bits 128 to 191 Class C | 110 Prefix Cc n=24 bits 192 to 223 Class D | 110 Multicast addresses D_ Not applicable] 224 to 239 Glass E | 1111 Reserved for future use E [Not applicable) 240 to 255 Nbits | (32-n) bits Prefix Suffix 32 bits “+ Figure Address space in classful addressing. ClassA : n= 8 bits, By default prefix is « belongs to class A. 27 = 7 bits is used as network identifier (0), 128 network in the world have class A address. Cl : n= 16 bi = 2 bit lass B a 16 bits. prefix = 2 bits (10), defines class B14 bits is used as network identifier. By default Prefix is 10, 24 = 16, 384 networks in the world will have class B address. ClassC : n=24 bits, prefix (110) 221 =2,097,152 nnn belongs to class C. By default prefix 110, 3 bits. $0 rks in the world will have class C address.Network Layer 3.15 Class D : In this no prefix or suffix. It is used for multicast address. ClassE : No prefix or suffix. Addresses start with 1111 belongs to class E. 7 bit 24 bit <> ClassA | 0 | Network Host 27= 128 network ID 28 — 2 = 16,777,214 host ID lxxx to 126.xx.x. 14 bit, 16 bit ClassB | 1] 0] Network Host 24 = 16384 network ID 2! — 2 = 65534 host ID 128.0.x.x% — 191,255.x.x. 21 bit B bit a. Class C | [1 Jo Network Host 2?! = 2097152 network ID 28 — 2 = 254 host ID 192.0.0.x — 223.255.255.x 28 bit Class D 1}/1)1/0 Host 224.0.0.0 — 239.255.255.255 28 bit Class E q}1}aqd Host 224.0.0.0 — 255.255.255.2543.16 Computer Netviors Host ID : «It must be unique. «In Host ID, all bits cannot be set to zero or one. Network ID: Hosts connected to same network are identified by network ID. Network ID must not start with 127, because it is reserved for internal loop back functions in Class A. « All bits of network ID, set to one are reserved for broadcast address, e All bits set to ‘0’, denote a specified host on local network and cannot be routed or used. Problems with classful addressing : * Number of Class A, Class B address are wasted (Address depletion) * Number of Class C address is small, that it. couldnot satisfy the needs of organisation. © Class D used for multicast are available as single block only. e Class E address are reserved. Advantage : Itis easy to identify the class of the address. « — Use of subnetting and supernetting. 3.4.2 Classless Addressing To overcome the drawbacks of classful addressing, it is replace by Classless Inter Domain Routing (CIDR) in 1993. In this, variable length blocks are used, that belong to no classes. This is referred as classless addressing. The number of address in a block needs to be power of 2, A organisation can be granted with one block of address. Block 1] [ Block2 Figure. Address space.Network Layer 3.17 Subnetting : It is the process of dividing large block of address to several contiguous sub blocks. These subblocks can be assigned to different smaller network called subnetting. To reduce waste of IP address in a block, subnetting is used. Mask : It is a 32 bit binary number that provides network address in address block when AND operation performed over each bit on the mask. Default mask : Class A — 255,0.0.0 Class B — 255.255.0.0 Class C — 255.255.255.0 byte |+] byte |-| byte |-} byte | / | n¢— Prefix length Slash Figure CIDR — Slash notation. When n is provided we can retrieve, number of address, first address and last address in block. Number of address in block N = 2°" . To find first address, keep n leftmost bits and set (32—n) rightmost bits all to 0’s. . e — To find last address, keep n leftmost bits and set (32—n) rightmost bits all to 1’s. IANA (Internet Assigned Number Authority) Class E 44113.18 Computer Networks For small organisation, we choose Class C. So, 2*= 256 eas but that organisation may need only 200 IP, hence 56 waste are there. This is the problem in classful addressing. This problem is overcome by classless addressing. In classless addressing, exact number of IP address can be obtained irrespective gp classes, That is, whenever user asks for IP address, requested number of IP address yy be provided in blocks. Block Network, But in classless, it is difficult to identify network when provided with IP address, In CIDR it is difficult to identify block ID and host ID. So to overcome this confusion, notation can be | a.b.c.d /n_], where n tells the number of bits in network part. For ex, 20.10.50.100/20. Number 20, implies the number of bits used in network part. Normally IP is 32 bits, if network part is 20 bits, then host ID part is 12 bits (32-n), so it is understood 2" IP address are present. Rules for forming CIDR block 1. All the IP address should be contiguous. (continuing of IP address should be maintained) 2, Block size should always power of 2. (fi ind block number (tag) is easy, whenever it is power of 2). If Block size is 25(Ip is 32 bit) u Network | Host | 27 5 Q 5 2 1 ms 0 a- Network Layer 3.19 1234 3. First IP address in the block should be evenly divisible by size of the block. (i.e.) any binary number divisible by 32 is zero. Always zero’s are maitained in least significant part, Reason is, if first ID starts with all zero, then only it ends with all 1’s in last IP addressing, satisfying 2", These three rules must be satisfied for CIDR blocks. Quest: Check whether given block is CIDR? 100.1.2.32 100.1.2.33 100.1.2.47 Rule 1 : Satisfied, continuous IP address. Rule 2: Satisfy 2", given 32 to 47 is 16, where 2*= 16. Rule 3: First IP address should be evenly divisible (remainder should be zero — least significant bits) by size of block. Lets take 100.1.2.32 as [n=4, so 4 zero’s] 100.1.2.0010 [0000 | so condition three also satisfied. Quest: 150.10.20.64 150.10.20.65 150.10.20:66 150.10.20.127 Check for CIDR? Solution : Rule 1: Satisfied, continuous IP address,os” 3.20 Computer Netione Rule 2: Size of block n 2" : 64 to 127 = 64 = 2%, yes satisfied; n = 6 Rule 3: First IP 150.10.20.64 150.10.20.01 {000000 |[n=6, so 6 zero’s] Satisfied, so CIDR block. Representation of CIDR 100.1.2.32 , 16 = 24 IP Address Host ID part is rere 4 and network / block ID is : 32-4 = 28 bits 100.1.2.47 Now 100.1.2.32/28 100.1.2.33 /28 100.1.2.47/28 It means block ID constitute of 28 bits and host ID is 4 bits. First IP address is used for block ID, and las! Address). So even though there are 16 IP address on practical purpose. is used for DBA (Direct Broadcast ly, only 14 IP address can be used for Givern CIDR representation of one IP address, Given 20.10.30.35 /27 retrieve all IP address of a block. Solution : 27 bits for block ID and 5 bits for host ID. tg 20,10 30 35 bits—-—.—. 8 8 8 € In this 5 bits are host ID 20.10.30. 010 oon an 24bit 3 bits y 001 00000 — first IP Address (32) 27 bits Block ID 001 00001 — second IP Address (32) 001 11111 — last IP address (63)network Layer Ez) => 32 to 63 = 32 IP address = 25 5 bit for host ID ‘Address Aggregation : Itis the advantage of CIDR strategy. It is also known as address summarisation or route summarisation, When number of blocks of address are combined together to forma larger block, then routing can be done based on the prefix of the larger block. Special Address in IPV4 : (i)_ this ~ host address (0.0.0.0/32 used by the host, which doesn’t know its own address) (ii) Limited — broadcast address (255.255.255.255/32, where host or router sends packet to all host or devices within a network.) (iii) loopback address. (iv) Private address (v) Multicast address. 3.4.3 Dynamic host configuration protocol (DHCP) Itis a network protocol that automaticall assigns IP address to a computer configured ina network. © The dynamic host configuration protocol is used to simplifiy the installation and maintenance of networked computers. © — Ifanew computer is connected to a network, DHCP can provide it with all the necessary information for full system integration into the network, e.g., addresses of a DNS server and the default router, the subnet mask, the domain name, and an IP address. « Providing an IP address, makes DHCP very attractive for mobile IP as a source of care-of-addresses. DHCPDISCOVER <—~——> DHCPDISCOVER <———> Gen Relay Fig.: Basic DHCP ConfigurationComputer Netwon = DHCP Hi VER in the e; clients send a request to a server (DI CO i aimee Toren) wi ing MAC bro: bo i . A client sends requests ust ch . hich the aa srr oe relay might be needed to forward requests across inte, levices in AN. working units to a DHCP server. : Server Glient Rey Initialization (selected) oT DHCPDISCOVER | DHCPDISCOVER | petermine the Determine the configuration configuration DHCPOFFER DHCPOFFER “Collection of replies é Selection of configuration E DHCPREQUEST DHCPREQUEST. Confirmation of (reject) (options) configuration DHCPACK ! Initialization’completed ! # 4 4g i Release i DHCPRELEASE ">| Delete context Fig.: Client initialization via DHCP From the case shown in above figure: 1. Two servers receive this broadcast and determine the configuration they can offer to the client. 2, Servers reply to the client’s request with DHCPOFFER and offer a list of configuration parameters. 3. The client can now choose one of the configurations offered. The client replies to the servers, accepting one of the configurations and rejecting others using DHCPREQUEST. | 4. Ifa server receives a DHCPREQUEST with a rejection, it can free the reserved configuration for other Possible clients. 5. The server with the configuration accepted by the client now confirms the configuration with DHCPACK. This completes the initialization phase. Ifa client leaves a subnet, it should release the Configuration received by the serve! using DHCPRELEASE. Now the server can free the context stored for the client and offer the configuration again.network Layer 7, The configuration a client gets froma time, it has to be reconfirmed from tir 3.23 Server is only leased for a certain amount of me to time. g, Otherwise the server will free the configuration. This timeout of configuration helps in the case of crashed nodes or nodes moved away without releasing the context. 9, Authentication for DHCP messages is needed to protect mobile nodes from malicious DHCP servers. Without authentication, the mobile node cannot trust a DHCP server, and the DHCP server cannot trust the mobile node. DHCP message format : Hardware type Hardware address , 0 8 16 24 31 1: request > Hi = _i0pcode] H type Hlen — |Hcountl—s Hop count Transaction ID Time in 0: unicast seconds since "ime elapsed Flags 7? 1: mutticast client started Client IP address —1+ sat too ‘to boot Your Ip address —+ IP address sent by server Server IP address —}> Broadcast IP address Gateway IP address —}+ Address of default router Client hardware address 4. DHCP Discover Server name 2. DHCP Offer - 3. DHCP Request Boot file name 4, DHCP Decline rath Value 5. DHCP Ack Teg ae 6. DHCP Nack 7. DHCP Release Transition states of DHCP 8. DHCP Inform DHCP assigns IP address in three way : (i) Static allocation (ii) Dynamic allocation (iii) Least time allocation Static allocation : Unique address is assigned automatically to network card based on MAC address. Dynamic allocation : DHCP assigns IP address permanently to a device (Infinite lease time) Lease time allocation : DHCP assigns IP address for a period of time,3.24 Lease Time expired, DHCP request Initialisation state Selection state Bound state Renewing state Rebinding state COMPU Hee Initialization ICP Discover DH DHCP offer Selection DHOP Request Requisition DHCP. Ack Lease cancelled, DHCP release DHCP Ack DHCP Ack Lease time expired (HOP Request) Figure Transition state of dhcp DHCP client broadcast DHCP discover message. After sending DHCP discover message, client goes to selection state. Server responds by sending DHCP OFFER and locks with the requested IP address. Client remains in this state, until receives DHCP ack from server, After receiving DHCP ACK the client goes to bound state. Client use IP address, until the lease expires. When 50% lease period reached client again sends DHCP REQUEST. Then it goes for renewing state. The client remains in renewing state under two conditions: ~ receives DHCP ack and renew lease agreement. - DHCP ack not received, and 87.5% lease time expires, clit goes to rebinding state. Client remains in rebinding state until, + Client receives DHCPN ACK oes to initialisation state. lease expires, goes back to initialisation state. - Onreceiving DHCPACK, goes back to bound state and set tim®*network Layer Bas 3.4.4 Network Address Translation (NAT) Computers with private network connected with internet is connected through yy to ISP (Internet Service Provider). ISP provides IP address and asks the internal gatewa: A dress. This host to use that IP address. All IP address is work through single public IP ad ‘al approach faces problems such as : Security vulnerability due to public IP address. Any one can access: private network. classic - IP address exhaustion. To resolve this, NAT (Network Address Translation) plays its role. Network Address Translation is used to convert private IP address to public IP address and public IP address to private IP address. NAT is mainly used to overcome shortage of IP address. Let’s take an example of four computers in a network connected to internet. All computers have private IP address such as 10.0.0.1, 10.0.0.2, 10.0.0.3 and 10.0.0.4, But these private address are not directly'routed into the internet. NAT Router Internet ‘The computer 10.0.0.1 which wants to access internet sends request to the router, then the router converts private IP address to public and add a unique port number, stores itin NAT forwarding table and forwards the same to internet. So with the help of port number, it is easy to identify which particular device Tequested for a packet. Now internet reply back to the NAT where it converts public IP address to private and forwards to the requested client (computer). In this NAT works.ay 3.26 Computer Netwon, Advantages : e Provides security. It hides IP address of internal network to Private edo, and thus acts as firewall. tk e Extends life span. It allows multiple number of private adress to acces, Sin, internet connection. e Reduces cost. Disadvantages : * — It will be tedius to configure, when IP address changes. «It may block some incoming connection. ¢ Some TCP /IP applications like peer to peer, multicast routing does Not work well with NAT. NAT isa technology where a router or any network device translate one IP address into another IP address. There are 4 types of NAT: (i) Statie NAT (SNAT) (ii) Dynamic NAT (DNAT) (iii) PAT (Port Address Translation) (iv) Port Forwarding (i) Static NAT: One private address is mapped with one public IP address. This public address never change, hence it is called as. Static NAT. File Server 192.168,100.2 168.1 Web = 168.1 rower FSS Server aU 192.168.1008 Mail Server 192,168.100.4 J File server 192.168.100.2 — 1.23.4 Web server 192.168.100.3 < 1.2.3.5 Mail server 192.168.100.4 — 1.2.3.6etwork LAVEr 3.27 wwback ! Extensive use of public address, prat . Deals with more incoming traffic, namic NAT : . qi PY In this mapping of private IP address into the router public address is not static. It is g dynamic one. It is also IP masquerading, since it masks internal host. So it is difficult jor the hackers to rhonitor a specific host. Router maintains a pool of public address, whenever an internal host connect to the internet, the router connects the internal host with the first available public address from the pool of IP address maintained in the router and do the same for all the upcoming request from internal host. When response packet comes from the internet, the router uses the NAT table to forward the packet to the corresponding internal host. Switch a 192,168.10. 192,168.10. r 192.168.10.4=56.4.2.3 Advantage : Secure since it is dynamic. Drawback : It is very expensive, since router need to maintain block of public IP address. (iii) Port Address Translation (PAT) Port numbers are used to map traffic from specific hosts on the network. Each host on a LAN is translated to router’s WAN side public IP address with a different port number assignment.Computer Neti, S 3.28 WAN Route 192.168.100.3 192.168.100.4 When LAN establishes connection with WAN (external server) then each host ong LAN swaps with public IP address and generates a unique port number making each session unique. Advantages : ¢ -Handle number of private IP address with single public-IP address. ¢ Port numbers enables fair communication. (iv) Port Forwarding : It enables single public IP address with many public servers. Deals with more incoming traffic. = File Server File [| =3 192.168.100.2 —» 200.100.10.1:10 Server | ¢ 192.168.100.3 —» 200.100.10.1:20 192.168.100.4 — 200.100.10.1:30 192.168.100.2 il Gatway/ Mail [= Server [fo Router 192.168,100.3 Port || Port I] Port , 10 |] 20 |} 30 Public Internet User Web | Server | o 192.168.100.4 External user NAT improves Security, since internal IP address is-hidden.network Layer 3.5 FORWARDING OF IP PACKETS 3.29 Forwarding means route the packet to destination. Role of IP address is forwarding. Inconnectionless protocol, forwarding is based on destination IP address, whereas in connection oriented protocol, forwarding is based on the field attached to IP datagram. Conneetionless forwarding [Based on Destination Address] Whenever a host need to send a packet, it looks into the forwarding table to find the next hop. The table need to search destination based on network address. In classless addressing, there is no information about the network address. So, to resolve this problem. need to include mask (/n) in the table, Packet extract coco rac Search Forwards > Destination table Matches accordingly Router - 2ddress Compare with Subnet Mask Whenever a router connects to a network, the router gets IP address of that network as interface. Network 180.76.65,128/25 201.416.0122 7 ma 01aaa.vey aa TO (160.70.05.195/25) 201.422.0724 Ora. 1A Router) Network s807pe5.192/26 etwork Gateway Reuter (Gince itis connected ‘0 the internet) 180708520028 Wawore \m2(180.70.85.200/28) m0, mt, m2, ma are intertaces that connects router to the networki | 3.30 Computer Netw, - S RI can directly connect to the network through interface. If RI needs to connect to the internet, then it connects to the interface of R2, Routing table / forwarding table will contain only the network address, When IP address comes in, it search for the corresponding network address ;, forwarding table. All entry in the forwarding table starting from longest subnet mask. In the given diagram, longest subnet mask is 26. Construct table by referring previous diagram, [S.No] Network Address Next hop Interface 1 | 180.70.65.192/26 - m2 2. | 180.70.65.128/25 - m0 3 | 201.4.22.0/24 - m3 4 | 201.4.16.0/22 - mi 5_| Default 180.70.65.200 m2 1,2,3,4,5 are directly connected with the interface m0, m1, m2, m3. For the network which is not directly connected through router, next hop is interface 180.70.65.200. ae Network Address Next hop | Interface 26 | 10110100 . 01000110. 01000001.11 - m2 25 | 10110100 . 01000110 . 01000001.1 - m0 24 | 11001001 . 00000100 . 00011100 - m3 22 | 11001001 . 00000100 . 000100 = mi Default 180.70.65.200 | m2 Ifa packet matches with first row, then packet is transferred through interface m2. Example : Packet arrives at R1 with destination address 180.70.65.140 Find the interface through which it can forward, Solution : Destination address : 180.70.65.140 first subnet mask’ from table is 26.work Layer ne 331 180.70. 65 tL WHIT. WITT. 11111111, 11000000 26 2, To get 140 => 10001100, Apply subnet mark 1000 1100 Subnet mask 1100 0000 1000 0000 180.70 . 65 . 10000000 180.70. 65. 128/26, this does not match the table first row, so it cannot be transmitted through m. => If subnet mask is 25, then 1000 1101 Subnet mask 1000 0000 F000 0000 => 180.70. 65 . 128/25. It matches with table entry. So, this packet can be transmitted through m,. Address Aggregation : 140.24.7.0/26 Network 4 140.24.7.64 /26 mo Network 2 na mo, mt 140.24.7.128/26] |, Ne Network 3 m3 140.24.7.192 /26 Network 4oo Computer Neto, 3.32 Routing table for R2 Routing table for RI twork Next etou Next | interface news Hop | IMterfac, ‘Address Hop 140.24.7.0/26 - m0 140.24.7.0/24 = mo 140.24.7.64/26 - ml 0.0.0.0/0 (other) peel ml ce router 140.24.7.128/26 - m2 140.24.7.192/26 - m3 0.0.0.0/0(other) Address. m4 of R2 Routing table RI and R2 clearly describes the interface to access different network, Combining different networks is called as supernetting or aggregation. Each network have 2° = 24 (24 1@220.. There are 4 networks 4 x 28 = 22 x 28 Longest mask matching = 2'° number of hosts are possible. ‘These two bits used to determine Host ID, Each packet has a destination address, through which packet can be forwarded, If more than one network address matches with the destination address, then have to choos the longest mask matching with the destination address. If and /24, then /27 is first entered than /24. Hieravichal routing Consider : 120.14.64.0/18 — Starting IP address, 16384 ~ Total number of IP address 4096 address 4096 address 4096 address 4096 address 4096 address in each subnet 5 there are masks like /27, /26etwork Layer 3.33 120.14.64.0/18 16,384 e185, ISP| address @ = 2) ‘Sub~ Sub Sub ‘Sub network network network network F 20 pit 2 3 4 = we) (4096) (4096) (4096) .14.64,0/20 (Unused) 120.14.96.0/20 420.14.112.0/20 120.14.80.0/20 Sub Sub network a 8 sub network network eaoh of 512 address Peas (612) 2 =512 120.14.64.0/23 120.14.78.0/23 Connection Oriented Protocol (forwarding based on label) In connection network, it has to search entire table to find matching with destination address which is time consuming. So in connection oriented approach, label is attached to the packet and searching of routing table is done through the label. On matching with label in the routing table, it also refers the next label to identify the next hop.Computer Net, ee Label [jptertace _|_Nextlabel index | ee : Label A Matches 5 : anes with : : or Next label : : hop 4000 0004 Switch 0017 Forward Packet Multi Protocol Label Switching (MPLS) MPLS can act like both router and switch. MPLS as router, forward packet to destination and as a switch, forward packet based on label. The entire IP packet is encapsulated as payload in MPLS packet and MPLS header is added. MPLS: pie MPLS Payload <— |Pheader+ —_, IP payload MPLS header is a stack of sub headers used for hierarchial switching. In hierarchiel switching, a packet with two labels use top label to forward packet outside the organisation and bottom label to route packet inside the organisation, 0 2024 31 label | &xp ]s) a7 MPLS headerwork Layer Exp ~ for experimental purpose Ss — if bit TTL Net 3.35 |, the header is last one in stack. — On visiting each router, its value decreases. On reaching TTL = 0, packet is discarded to prevent looping. 3.6 NETWORK LAYER PROTOCO1S Network layer is the third layer of OSI mod i ; lel. It is responsible for forwarding packets which includes routing through intermediate ro uters, Different protocols available in network layer are : « Internet Protocol (IP) + Internet Control Message Protocol (ICMP) + _ Internet Group Message Protocol (IGMP) e Address Resolution Protocol (ARP) 3.6.1 Internet Protocol (IP) Internet Protocol is connectionless protocol which does not guarantee the transmission of data. Hence it is referred as unreliable datagram protocol. It uses datagram approach. It is known as unreliable datagram protocol - a best effort delivery service. Internet protocol works to send data in effective manner but which may be corrupted, lost, out of order delivery, delayed or being congested in a network, thus make it unreliable, Datagram Format : It is of varying length divided into two parts : header and payload. Header | Payload IP datagram 0 4 8 16 3t Version Hlen Service bits Total length Flags] Fragmentation| |Sbits)) offset TTL Protocol Header checksum Identification Source IP address Destination IP address Options + padding Figure HeaderComputer Neti, aoe tagram header. IPV4 has Yaviags gth of dat H len is header length defines the total leng' length header. a frestanen ie . sented as Type of Service (TOS). De gi 8 Met Server bits are repre traffic and providing QOS. Options - used for testing and debugging. Options are.not actually required for the datagram. It is divided into two categories : ¢ — Sinele byte options ¢ Multiple byte options Single byte options are : ¢ No operation (used as Filler) ¢ End of option (used for padding) Multiple byte options are : ¢ Record route [used to record routers that handle datagram] ¢ — Strict source route [option used by source to predetermine route based TOs, min delay and max throughput] ©. Loose source route [similar to strict source € route in addition of datagram can visit other routers not in list.] * Time stamp : [Records the time taken by router to Process the datagram. Payload is the original data, Total length : Provide length of header and Payload. To find the length of payload header, header must be subtracted, Header length is obtained by multiplying HLEN field by 4, Length of payload /data = Total length — ( HLEN) x 4. Time to Live : It is used to control maximum nur mber of routers visi rhis TTL ‘ 4, Sited by the datagram. This TT! value normally two times the maximum number of routers a cd the destination, etween the source aner etwork Lav 337 protocol Itis a 8-bit number inserted in Protocol field. Thi «ane «and demultiplexing at the dest Held. This field performs’multiplexing at soure' ‘ination, Transport layer top | | upp 7 01 - ICMP. (ou a 02 - IGMP MP Network OSPF 06- TCP layer 47- UDP 89 - OSPF Payload Figure Protocol Field Header checksum : Itchecks error in header. Error on payload is left to the protocol that is responsible for payload. Source and Destination Address : It is a 32-bit field that defines the source and destination address of IP. Fragmentati IP fragmentation is an internet protocol process that splits packets into small fragments. Small pieces of fragments can be easily transmitted with smaller Maximum Transmission Unit (MTU) On receiver side these fragments are reassembled to get the original message. This process is called defragmentation. Since different networks have different MTU, fragmentation is | required in IPV4. Header Payload IP datagram Header Frame payload Trailer | Frame ——————— Figure Maximum Transfer Unit (mtu)Computer Nety Oy i. ch fragment is converted into packets, where a During fragmentation, & 5 Total length is changed to size of fragment. rect number of fragments that can be Se . Fragment offset is set to indi Checksum is recalculated. n has its impacts on three fields : . IP datagram on fragmentatior (i) Identification (ii) Flags (iii) Fragmentation offset Identification Field : This field helps the destination in reassembling the datagram. It is a 16 bit fielq says that the datagram is originating from source. Identification field and source IP addres uniquely define the datagram. Flags : It is a three bit flag. Left most bit is reserved (not used). Second bit is D, do not fragment bit. If D =1, it must not undergo fragmentation. D = 1, fragmentation is necessan, Third bit is M bit called more fragment bit. if M =1, datagram is not the lay fragment.If M =0, then datagram is the last or only one fra; gment. Fragmentation offset tItisa 13 bi + ua | entre datagrai: it field shows the relation Position of fragment in the Packet Fragments 2) Ft = 2 fF am S15 F2.2 Figure Fragmentationyetvotk Layer security is most important aspect to be provide security issues that are faced by datagrams are Packet Sniffing « Packet modification «IP Spooting packet Sniffing : Anattacker intercept the communication and coy the intend users. It is a passive attack so it does not packet sniffing by attacker can be made useless by pies the IP packet without disturbing corrupt or disturb data on a network. encryption. packet modification : It is active attack where attacker modifi fy identi F . ies the actual data and send to the receiver. But receiver Can identify this activity, if communication is implemented with proper integrity mechanism, IP Spoofing : Anattacker can masquerade by entering into the internal IP address and sends packet to other in network by forging them. IP sec provides following services to provide security to the network. (i) Private keys (ii) Packet Encryption (iii) Data integrity (iv) Origin Authentication (i) Private keys : The two parties who agree to establish connection between them can share a secret key. (ii) Packet Encryption : The packet to be transmitted can be encrypted and can make the data unreadable to the attackers. (iii) Data Integrity : \t guarantees the data being transmitted does not undergo any malfunction by the attackers. (iv) Origin Authentication : It can authenticate the origin of packet. Thus prevents IP spoofing attacks.Computer Se Bg 3.6.2 ICMPV4 IPV4 has no i anism. . Error reporting and correcting mechi jueries, © Mechanism for host and management 4 iencies. ICMP designed to overcome above two deficient — i » NO ICMP is a network layer protocol, an integral part a eed wen ebe Den numbers are associated with ICMP packets since these are a tansy layer above. ICMP is an error reporting protocol, that sends error mensaes fe source |P addres, fe i cket. Error message includes the information about non delivery of pa ICMP is not in regular use of end users, H is used by network administration for troubleshooting mechanism that includes ping and traceroute. ICMP packets are IP packets with ICMP in the IP data Portion. 'EMP message contains entire IP header of original payload, thits helps to identi packet failed during transmission. Messages : . There are two broad categories of ICMP messages, @® Error reporting messages (i) Query messages An ICMP message includes header of 8 byte and variable data section. @ Error reporting messages ; . * ICMP can report errors but does not correct it, ¢ Error messages are sent only to the original source. ICMP does not generate error Message for (rules) * this-host multicast address or does not know its o: wn address) datagram carrying error Message, Special address (which fragmented datagram, that is not the first datagram.yorwork Laver 8bits — Bbits - 3.41 <—— <> 16 bits Type Code Checksum Rest of Header Encapsulated Error-reporting Data / Payload message Figure ICMP Error Message Format Common errorreporting Message type and code are ; 03 — Destination unreachable (code 0 to 15) 04 — Source quench (only code 0) 05 — Redirection (codes 0 10 3) 11 — Time exceeded (codes 0 and 1) 12 ~ Parameter Problem (codes 0 and 1) Data Section in error message finds the original packet that has error. Destination Unreachable Its type = 3, it use different codes between 0 to 15. Specifies the reason for non- delivery of message to the destination. Code 0 — Host unreachable. Example : Access web page using HTTP protocol but server is down. Source Quench : Its type = 4. This error message informs sender about the congestion in network. Redirection Message : Its type = 51 sends error message to source and informs that the sender has chosen Wrong router to route the message. Parameter problem : Its type = 12, specifies any error in header or some options are missing. WH) Query Messages : Query message is encapsulated in a datagram, is used to check liveliness of host in network,3.42 Computer Networig There is a pair of query message e —echo request e echo reply 8 bits 8 bits 16 bits < ><——> Type | Code Checksum Identifier Sequence number Data / Payload Figure Query Messages ‘Type and code values of Query messages are 08 and 00 ~ Echo request and reply (only code 0) 13 and 14 — Timestamp request and reply (only code 0). Echo request and Echo reply It tests the existence period of host or router. Time stamp request and time stamp reply It is used to find RTT (Round Trip Time) between two devices to check their synchronisation. Message obsolete in ICMPV4 are : «Information request and reply (ARP) Address mask request and reply (DHCP) ¢ Router solicitation and advertisement (DHCP) Debugging tools : ICMP uses the following as a debugging tools. @) Ping (ii) Traceroute @ ~~ Ping: It is used to find existence of host in a network, Role of ping in ICMP is corresponding to echo-request and echo reply message: