Network Security Unit 2
Network Security Unit 2
PROTOCOLS IN
NETWORK LAYERS
What is IPv4?
• IP stands for Internet Protocol version v4 stands for Version
Four (IPv4), is the system for identifying devices on a
network.
• It uses a set of four numbers, separated by periods (like
192.168.0.1), to give each device a unique address.
• This address helps data find its way from one device to another
over the internet.
• IP version four addresses are 32-bit integers which will be
expressed in decimal notation.
• Example- 192.0.2.126 could be an IPv4 address.
What is an IP Address?
• An IP address (Internet Protocol address) is a unique identifier
assigned to each device connected to a network that uses the Internet
Protocol for communication. It serves two main purposes:
107: 01101011
80: 01010000
231: 11100111
• Host Part: The host part uniquely identifies the machine on your network.
This part of the IPv4 address is assigned to every host.
For each host on the network, the network part is the same, however, the
host half must vary.
• Subnet Number: This is the non obligatory part of IPv4. Local networks
that have massive numbers of hosts are divided into subnets
and subnet numbers are appointed to that.
Types of IPv4 Addressing
IPv4 basically supports three different types of addressing modes:
• Unicast Addressing Mode: This addressing mode is used to specify
single sender and single receiver. Example: Accessing a website.
• Broadcast Addressing Mode: This addressing mode is used to send
messages to all devices in a network. Example: sending a message in
local network to all the devices.
• Multicast Addressing Mode: This addressing mode is typically used
within a local network or across networks and sends messages to a
group of devices. Example: Streaming audio to multiple devices at
once.
Characteristics of IPv4
• IPv4 could be a 32-bit IP Address.
• IPv4 could be a numeric address, and its bits are
separated by a dot.
• The number of header fields is twelve and the length of
the header field is twenty.
• It has Unicast, broadcast, and multicast-style addresses.
Advantages of IPv4
• IPv4 security permits encryption to keep up privacy and security.
• IPV4 network allocation is significant and presently has quite 85000 practical routers.
• It becomes easy to attach multiple devices across an outsized network while not NAT.
• IPv4 has high System Management prices and it’s labor-intensive, complex, slow & prone to
errors.
• Routing is scalable and economical as a result of addressing its collective more effectively.
• Data communication across the network becomes a lot of specific in multicast organizations.
Limitations of IPv4
• IP relies on network layer addresses to identify end-points on the network,
and each network has a unique IP address.
• If there are multiple hosts, we need the IP addresses of the next class.
• These protocols ensure that data is sent, received, and understood correctly
between different systems.
• There are many types of internet protocols, each serving a specific purpose,
such as transferring files, sending emails, or securing data.
• Addressing: Every device connected to the internet has its own IP address. This address
helps identify where the data is being sent from and where it should be delivered.
• Routing the Packets: As the packets travel across the internet, they pass through several
devices called routers. These routers help direct the packets toward the correct
destination, like how mail is sorted at different post offices.
• Reassemble the Data: Once all the packets arrive at the destination, they are put back
together to recreate the original message or file.
• Handling Missing Packets: If some packets don’t arrive, the system can request that they
be sent again, making sure the complete data is received.
Need for Internet Protocols
• The sender and receiver of data are parts of different networks, located in
different parts of the world having different data transfer rates.
• So, we need protocols to manage the flow control of data and access control
of the link being shared in the communication channel.
• Suppose there is a sender X who has a data transmission rate of 10 Mbps.
• And, there is a receiver Y who has a data receiving rate of 5Mbps.
• Since the rate of receiving the data is slow so some data will be lost during
transmission.
• In order to avoid this, receiver Y needs to inform sender X about the speed
mismatch so that sender X can adjust its transmission rate.
• Similarly, the access control decides the node which will access the link
shared in the communication channel at a particular instant in time.
• If not the transmitted data will collide if many computers send data
simultaneously through the same link resulting in the corruption or loss of
data.
Internet Control Message Protocol (ICMP)
• Internet Control Message Protocol is known as ICMP.
• The protocol is at the network layer.
• It is mostly utilized on network equipment like routers and is utilized
for error handling at the network layer.
• Since there are various kinds of network layer faults, ICMP can be
utilized to report and troubleshoot these errors.
• Since IP does not have an inbuilt mechanism for sending error and
control messages. It depends on Internet Control Message
Protocol(ICMP) to provide error control.
ICMP Packet Format
• In the ICMP packet format, the first 32 bits of the packet contain three fields:
• Type (8-bit): The initial 8-bit of the packet is for message type, it provides a brief
description of the message so that receiving network would know what kind of
message it is receiving and how to respond to it. Some common message types are
as follows:
• Type 0 – Echo reply
• Whenever an attacker sends a ping, whose size is greater than the maximum allowable size, oversized packets
are broken into smaller parts. When the sender re-assembles it, the size exceeds the limit which causes
a buffer overflow and makes the machine freeze. This is simply called a Ping of Death Attack. Newer devices
have protection from this attack, but older devices did not have protection from this attack.
• Whenever the sender sends so many pings that the device on whom the target is done is unable to handle the
echo request. This type of attack is called an ICMP Flood Attack. This attack is also called a ping flood attack.
It stops the target computer’s resources and causes a denial of service for the target computer.
• Smurf Attack
• Smurf Attack is a type of attack in which the attacker sends an ICMP packet with a spoofed source IP address.
These type of attacks generally works on older devices like the ping of death attack.
Mobile Internet Protocol (or Mobile IP)
• Mobile IP is a communication protocol (created by extending Internet
Protocol, IP) that allows users to move from one network to another with
the same IP address.
• It ensures that the communication will continue without the user’s sessions
or connections being dropped.
• Imagine having a phone number that stays the same no matter where you
go.
• Mobile IP works similarly, ensuring that even if your device changes its
network connection, it can still communicate without interruption.
• This is particularly useful for mobile devices like smartphones, laptops, and
tablets, which frequently switch between different networks, such as Wi-Fi
and cellular.
• Mobile IP helps keep internet connections stable and reliable, making it
easier to stay connected while on the move.
Basic Terminologies Related to Mobile IP
• A Mobile Node (MN): It is the hand-held communication device that the user carries e.g. Cell
phone.
• A Home Network: It is a network to which the mobile node originally belongs as per its
assigned IP address (home address).
• Home Agent (HA): It is a router in-home network to which the mobile node was originally
connected
• Home Address: It is the permanent IP address assigned to the mobile node (within its home
network).
• Foreign Network: It is the current network to which the mobile node is visiting (away from its
home network).
• A Foreign Agent (FA): It is a router in a foreign network to which the mobile node is currently
connected. The packets from the home agent are sent to the foreign agent which delivers them to
the mobile node.
• The Correspondent Node (CN): It is a device on the internet
communicating to the mobile node.
• Care-of Address (COA): It is the temporary address used by a mobile node
while it is moving away from its home network.
• Foreign Agent COA: The COA could be located at the FA, i.e., the COA is
an IP address of the FA. The FA is the tunnel end-point and forwards
packets to the MN. Many MN using the FA can share this COA as a
common COA.
• Co-Located COA: The COA is co-located if the MN temporarily acquires
an additional IP address that acts as a COA. This address is now
topologically correct, and the tunnel endpoint is at the MN. Co-located
addresses can be acquired using services such as DHCP.
•
Key Mechanisms in Mobile IP
• Agent Discovery: Agents advertise their presence by periodically
broadcasting their agent advertisement messages. The mobile node
receiving the agent advertisement messages observes whether the
message is from its own home agent and determines whether it is in
the home network or foreign network.
• The first 48 bits represent Global Routing Prefix. The next 16 bits represent the
student ID and the last 64 bits represent the host ID. The first 64 bits represent the
network portion and the last 64 bits represent the interface id.
• Global Routing Prefix: The Global Routing Prefix is the portion of
an IPv6 address that is used to identify a specific network or subnet
within the larger IPv6 internet. It is assigned by an ISP or a regional
internet registry (RIR).
• Host Id: The last part of the address, is used to identify a specific host
on a network.
• Example: 3001:0da8:75a3:0000:0000:8a2e:0370:7334
IPv6 IPv4
IPv6 has a 128-bit address length. IPv4 has a 32-bit address length.
IPv6 has a header of 40 bytes fixed. IPv4 has a header of 20-60 bytes.
IPv6 does not support VLSM. IPv4 supports VLSM(Variable Length subnet mask).
• Types of IPv6 Address
• Now that we know about what is IPv6 address let’s take a look at its
different types.
• Unicast Addresses : Only one interface is specified by the unicast address.
A packet moves from one host to the destination host when it is sent to a
unicast address destination.
• Anycast Addresses: The multicast address and the anycast address are the
same. The way the anycast address varies from other addresses is that it can
deliver the same IP address to several servers or devices. Keep in mind that
the hosts do not receive the IP address. Stated differently, multiple
interfaces or a collection of interfaces are assigned an anycast address.
Transition From IPv4 to IPv6 Address
• The expansion of users in the Internet and the devices connecting to it,
the Internet Protocol version 4 (IPv4) having 32-bit address is
running out of capacity.
• To overcome this problem, the Internet Protocol version 6 (IPv6) is
introduced having 128-bit addresses and therefore allows trillions of
unique IPs through which many devices can connect easily.
• The transition from IPv4 to IPv6 not only solves the issue of limitation
of addresses but also brings improvements in network efficiency,
security, and performance.
How Transition Happens From IPv4 to
IPv6?
• Various organizations are currently working with IPv4 technology and in a very short
time, we can not switch directly from IPv4 to IPv6. Instead of only using IPv6, we use a
combination of both and transition means not replacing IPv4 but co-existing of both.
• When we want to send a request from an IPv4 address to an IPv6 address, it is not
possible because IPv4 and IPv6 transition is not compatible. For a solution to this
problem, we use some technologies that help in an easy transition from IPv4 to IPv6.
• These technologies are mentioned below:
• Dual Stack Routers
• Tunneling