0% found this document useful (0 votes)
18 views37 pages

Network Security Unit 2

IPv4 is the fourth version of the Internet Protocol, using a 32-bit address system to uniquely identify devices on a network with a format of four decimal numbers separated by periods. It supports various addressing modes such as unicast, broadcast, and multicast, and has advantages like encryption for security but also faces limitations like address exhaustion. The document also discusses Internet Protocols, their functions, and the transition to IPv6 due to the limitations of IPv4.

Uploaded by

karthik28mano
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
18 views37 pages

Network Security Unit 2

IPv4 is the fourth version of the Internet Protocol, using a 32-bit address system to uniquely identify devices on a network with a format of four decimal numbers separated by periods. It supports various addressing modes such as unicast, broadcast, and multicast, and has advantages like encryption for security but also faces limitations like address exhaustion. The document also discusses Internet Protocols, their functions, and the transition to IPv6 due to the limitations of IPv4.

Uploaded by

karthik28mano
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 37

UNIT 2

PROTOCOLS IN
NETWORK LAYERS
What is IPv4?
• IP stands for Internet Protocol version v4 stands for Version
Four (IPv4), is the system for identifying devices on a
network.
• It uses a set of four numbers, separated by periods (like
192.168.0.1), to give each device a unique address.
• This address helps data find its way from one device to another
over the internet.
• IP version four addresses are 32-bit integers which will be
expressed in decimal notation.
• Example- 192.0.2.126 could be an IPv4 address.
What is an IP Address?
• An IP address (Internet Protocol address) is a unique identifier
assigned to each device connected to a network that uses the Internet
Protocol for communication. It serves two main purposes:

• Identification: It uniquely identifies a device on a network.

• Location Addressing: It indicates where a device is located within a


network, making data routing possible.
Understanding IPv4 Addressing
• An IPv4 address consists of series of four eight-bit binary numbers
which are separated by decimal point.
• Although any numbering system can be used to represent a unique 32-
bit number, most commonly you see IP address expressed in dot
decimal notation.
IPv4 Address Format
• An IPv4 address consists of 32 bit (binary digit), grouped into four
section of known as octets or bytes.
• Each octet has 8 bits and this bits can be represented only in 0 or 1
form, and when they grouped together, they form a binary number.
• Since each octet has 8 bits, it can represent 256 numbers ranging from
o to 255.
• These four octets are represented as decimal numbers, separated by
periods known as dotted decimal notation.
• For example: IPv4 address 185.107.80.231 consists of four octets.
Binary Representation
• IPv4 is basically converted into binary form by computer although these are usually
seen in decimal form for human readability.
• Each octet is converted into instance, binary number .
• For instance,185.107.80.231 in binary looks like:
185: 10111001

107: 01101011

80: 01010000

231: 11100111

So,185.107.80.231 in binary is: 10111001.01101011.01010000.11100111


Parts of IPv4
IPv4 addresses consist of three parts:
• Network Part: The network part indicates the distinctive variety that’s
appointed to the network. The network part conjointly identifies the
category of the network that’s assigned.

• Host Part: The host part uniquely identifies the machine on your network.
This part of the IPv4 address is assigned to every host.
For each host on the network, the network part is the same, however, the
host half must vary.

• Subnet Number: This is the non obligatory part of IPv4. Local networks
that have massive numbers of hosts are divided into subnets
and subnet numbers are appointed to that.
Types of IPv4 Addressing
IPv4 basically supports three different types of addressing modes:
• Unicast Addressing Mode: This addressing mode is used to specify
single sender and single receiver. Example: Accessing a website.
• Broadcast Addressing Mode: This addressing mode is used to send
messages to all devices in a network. Example: sending a message in
local network to all the devices.
• Multicast Addressing Mode: This addressing mode is typically used
within a local network or across networks and sends messages to a
group of devices. Example: Streaming audio to multiple devices at
once.
Characteristics of IPv4
• IPv4 could be a 32-bit IP Address.
• IPv4 could be a numeric address, and its bits are
separated by a dot.
• The number of header fields is twelve and the length of
the header field is twenty.
• It has Unicast, broadcast, and multicast-style addresses.
Advantages of IPv4
• IPv4 security permits encryption to keep up privacy and security.

• IPV4 network allocation is significant and presently has quite 85000 practical routers.

• It becomes easy to attach multiple devices across an outsized network while not NAT.

• This is a model of communication so provides quality service also as economical knowledge


transfer.

• IPV4 addresses are redefined and permit flawless encoding.

• IPv4 has high System Management prices and it’s labor-intensive, complex, slow & prone to
errors.

• Routing is scalable and economical as a result of addressing its collective more effectively.

• Data communication across the network becomes a lot of specific in multicast organizations.
Limitations of IPv4
• IP relies on network layer addresses to identify end-points on the network,
and each network has a unique IP address.

• The world’s supply of unique IP addresses is dwindling, and they might


eventually run out theoretically.

• If there are multiple hosts, we need the IP addresses of the next class.

• Complex host and routing configuration, non-hierarchical addressing,


difficult to re-numbering addresses, large routing tables, non-trivial
implementations in providing security, QoS (Quality of Service), mobility,
and multi-homing, multicasting, etc. are the big limitations of IPv4 so that’s
why IPv6 came into the picture.
TYPES OF INTERNET PROTOCOLS
• Internet protocols are a set of rules that allow computers and other devices
to communicate over the Internet.

• These protocols ensure that data is sent, received, and understood correctly
between different systems.

• There are many types of internet protocols, each serving a specific purpose,
such as transferring files, sending emails, or securing data.

• Understanding these protocols is important for making the internet work


efficiently and securely.
Working of Internet Protocol
Step by step working of internet protocol:
• Dividing Data into Packets: When you send information over the internet, IP split it into
small parts called packets. Each packet contains a piece of the data and the address of
where it needs to go.

• Addressing: Every device connected to the internet has its own IP address. This address
helps identify where the data is being sent from and where it should be delivered.

• Routing the Packets: As the packets travel across the internet, they pass through several
devices called routers. These routers help direct the packets toward the correct
destination, like how mail is sorted at different post offices.

• Reassemble the Data: Once all the packets arrive at the destination, they are put back
together to recreate the original message or file.

• Handling Missing Packets: If some packets don’t arrive, the system can request that they
be sent again, making sure the complete data is received.
Need for Internet Protocols
• The sender and receiver of data are parts of different networks, located in
different parts of the world having different data transfer rates.
• So, we need protocols to manage the flow control of data and access control
of the link being shared in the communication channel.
• Suppose there is a sender X who has a data transmission rate of 10 Mbps.
• And, there is a receiver Y who has a data receiving rate of 5Mbps.
• Since the rate of receiving the data is slow so some data will be lost during
transmission.
• In order to avoid this, receiver Y needs to inform sender X about the speed
mismatch so that sender X can adjust its transmission rate.
• Similarly, the access control decides the node which will access the link
shared in the communication channel at a particular instant in time.
• If not the transmitted data will collide if many computers send data
simultaneously through the same link resulting in the corruption or loss of
data.
Internet Control Message Protocol (ICMP)
• Internet Control Message Protocol is known as ICMP.
• The protocol is at the network layer.
• It is mostly utilized on network equipment like routers and is utilized
for error handling at the network layer.
• Since there are various kinds of network layer faults, ICMP can be
utilized to report and troubleshoot these errors.
• Since IP does not have an inbuilt mechanism for sending error and
control messages. It depends on Internet Control Message
Protocol(ICMP) to provide error control.
ICMP Packet Format
• In the ICMP packet format, the first 32 bits of the packet contain three fields:
• Type (8-bit): The initial 8-bit of the packet is for message type, it provides a brief
description of the message so that receiving network would know what kind of
message it is receiving and how to respond to it. Some common message types are
as follows:
• Type 0 – Echo reply

• Type 3 – Destination unreachable

• Type 5 – Redirect Message

• Type 8 – Echo Request

• Type 11 – Time Exceeded


• Type 12 – Parameter problem
• Code (8-bit): Code is the next 8 bits of the ICMP packet format, this field
carries some additional information about the error message and type.
• Checksum (16-bit): Last 16 bits are for the checksum field in the ICMP
packet header. The checksum is used to check the number of bits of the
complete message and enable the ICMP tool to ensure that complete data is
delivered.
• The next 32 bits of the ICMP Header are Extended Header which has the
work of pointing out the problem in IP Message. Byte locations are
identified by the pointer which causes the problem message and receiving
device looks here for pointing to the problem.
• The last part of the ICMP packet is Data or Payload of variable length.
The bytes included in IPv4 are 576 bytes and in IPv6, 1280 bytes.
• ICMP in DDoS Attacks
• In Distributed DOS (DDoS) attacks, attackers provide so much extra traffic to the target, so that it cannot
provide service to users. There are so many ways through which an attacker executes these attacks, which are
described below.

• Ping of Death Attack

• Whenever an attacker sends a ping, whose size is greater than the maximum allowable size, oversized packets
are broken into smaller parts. When the sender re-assembles it, the size exceeds the limit which causes
a buffer overflow and makes the machine freeze. This is simply called a Ping of Death Attack. Newer devices
have protection from this attack, but older devices did not have protection from this attack.

• ICMP Flood Attack

• Whenever the sender sends so many pings that the device on whom the target is done is unable to handle the
echo request. This type of attack is called an ICMP Flood Attack. This attack is also called a ping flood attack.
It stops the target computer’s resources and causes a denial of service for the target computer.

• Smurf Attack

• Smurf Attack is a type of attack in which the attacker sends an ICMP packet with a spoofed source IP address.
These type of attacks generally works on older devices like the ping of death attack.
Mobile Internet Protocol (or Mobile IP)
• Mobile IP is a communication protocol (created by extending Internet
Protocol, IP) that allows users to move from one network to another with
the same IP address.
• It ensures that the communication will continue without the user’s sessions
or connections being dropped.
• Imagine having a phone number that stays the same no matter where you
go.
• Mobile IP works similarly, ensuring that even if your device changes its
network connection, it can still communicate without interruption.
• This is particularly useful for mobile devices like smartphones, laptops, and
tablets, which frequently switch between different networks, such as Wi-Fi
and cellular.
• Mobile IP helps keep internet connections stable and reliable, making it
easier to stay connected while on the move.
Basic Terminologies Related to Mobile IP
• A Mobile Node (MN): It is the hand-held communication device that the user carries e.g. Cell
phone.

• A Home Network: It is a network to which the mobile node originally belongs as per its
assigned IP address (home address).

• Home Agent (HA): It is a router in-home network to which the mobile node was originally
connected

• Home Address: It is the permanent IP address assigned to the mobile node (within its home
network).

• Foreign Network: It is the current network to which the mobile node is visiting (away from its
home network).

• A Foreign Agent (FA): It is a router in a foreign network to which the mobile node is currently
connected. The packets from the home agent are sent to the foreign agent which delivers them to
the mobile node.
• The Correspondent Node (CN): It is a device on the internet
communicating to the mobile node.
• Care-of Address (COA): It is the temporary address used by a mobile node
while it is moving away from its home network.
• Foreign Agent COA: The COA could be located at the FA, i.e., the COA is
an IP address of the FA. The FA is the tunnel end-point and forwards
packets to the MN. Many MN using the FA can share this COA as a
common COA.
• Co-Located COA: The COA is co-located if the MN temporarily acquires
an additional IP address that acts as a COA. This address is now
topologically correct, and the tunnel endpoint is at the MN. Co-located
addresses can be acquired using services such as DHCP.

Key Mechanisms in Mobile IP
• Agent Discovery: Agents advertise their presence by periodically
broadcasting their agent advertisement messages. The mobile node
receiving the agent advertisement messages observes whether the
message is from its own home agent and determines whether it is in
the home network or foreign network.

• Agent Registration: Mobile node after discovering the foreign agent


sends a Registration Request (RREQ) to the foreign agent. The foreign
agent, in turn, sends the registration request to the home agent with the
care-of-address. The home agent sends a Registration Reply (RREP)
to the foreign agent. Then it forwards the registration reply to the
mobile node and completes the process of registration.
Tunnelling: It establishes a virtual pipe for the packets available between a
tunnel entry and an endpoint. It is the process of sending a packet via a tunnel
and it is achieved by a mechanism called encapsulation. It takes place to
forward an IP datagram from the home agent to the care-of-address.
Whenever the home agent receives a packet from the correspondent node, it
encapsulates the packet with source address as home address and destination
as care-of-address.
Route Optimization in Mobile IP
• The route optimization adds a conceptual data structure, the binding
cache, to the correspondent node. The binding cache contains
bindings for the mobile node’s home address and its current care-of-
address. Every time the home agent receives an IP datagram that is
destined to a mobile node currently away from the home network, it
sends a binding update to the correspondent node to update the
information in the correspondent node’s binding cache.
Intradomain and Interdomain Routing
• In this section, we shall discuss how Intra-domain Routing is different from Inter-domain
Routing. Intra domain is any protocol in which Routing algorithm works only within domains on
the other hand Inter domain is any protocol in which Routing algorithm works within and between
domains.

S.No Intradomain Routing Interdomain Routing


Routing algorithm works only within Routing algorithm works within and
1.
domains. between domains.
It need to know only about other
It need to know only about other
2. routers within and between their
routers within their domain.
domain.
Protocols used in intradomain routing Protocols used in interdomain routing
3. are known as Interior-gateway are known as Exterior-gateway
protocols. protocols.
In this Routing, routing takes place In this Routing, routing takes place
4.
within an autonomous network. between the autonomous networks.
Interdomain routing protocol assumes
Intradomain routing protocols ignores
that the internet contains the
5. the internet outside the
collection of interconnected
AS(autonomous system).
AS(autonomous systems).
Popular Protocols of this routing is
Some Popular Protocols of this routing
BGP(Border Gateway Protocol) used to
6. are RIP(routing information protocol)
connect two or more AS(autonomous
and OSPF(open shortest path first).
system).
Internet Protocol version 6 (IPv6)
• The Internet Protocol version 6, or IPv6, is the latest version of the Internet
Protocol (IP), which is the system used for identifying and locating computers on
the Internet.
• IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with
the problem of IPv4 exhaustion.
• IPv6 is a 128-bit address having an address space of 2128, which is way bigger than
IPv4.
What is IP Address?
• An IP address, which stands for Internet Protocol address, is like a home address
for your computer or any device connected to the internet. Just as your home
address lets mail find its way to your house, an IP address helps information find
its way to your device.
Components in IPv6 Address Format
• There are 8 groups and each group represents 2 Bytes (16-bits).

• Each Hex-Digit is of 4 bits (1 nibble)

• Delimiter used – colon (:)


Representation of IPv6
• An IPv6 address consists of eight groups of four hexadecimal digits separated by ‘ . ‘
and each Hex digit representing four bits so the total length of IPv6 is 128 bits.
Structure given below.

• The first 48 bits represent Global Routing Prefix. The next 16 bits represent the
student ID and the last 64 bits represent the host ID. The first 64 bits represent the
network portion and the last 64 bits represent the interface id.
• Global Routing Prefix: The Global Routing Prefix is the portion of
an IPv6 address that is used to identify a specific network or subnet
within the larger IPv6 internet. It is assigned by an ISP or a regional
internet registry (RIR).

• Student Id: The portion of the address used within an organization to


identify subnets. This usually follows the Global Routing Prefix.

• Host Id: The last part of the address, is used to identify a specific host
on a network.

• Example: 3001:0da8:75a3:0000:0000:8a2e:0370:7334
IPv6 IPv4

IPv6 has a 128-bit address length. IPv4 has a 32-bit address length.

It supports Auto and renumbering address


It Supports Manual and DHCP address configuration.
configuration.

The address space of IPv6 is quite large it can produce


It can generate 4.29×109 address space.
3.4×1038 address space.

Address Representation of IPv6 is in hexadecimal. Address representation of IPv4 is in decimal.

In IPv6 checksum field is not available. In IPv4 checksum field is available.

IPv6 has a header of 40 bytes fixed. IPv4 has a header of 20-60 bytes.

IPv6 does not support VLSM. IPv4 supports VLSM(Variable Length subnet mask).
• Types of IPv6 Address
• Now that we know about what is IPv6 address let’s take a look at its
different types.
• Unicast Addresses : Only one interface is specified by the unicast address.
A packet moves from one host to the destination host when it is sent to a
unicast address destination.

• Multicast Addresses: It represents a group of IP devices and can only be


used as the destination of a datagram.

• Anycast Addresses: The multicast address and the anycast address are the
same. The way the anycast address varies from other addresses is that it can
deliver the same IP address to several servers or devices. Keep in mind that
the hosts do not receive the IP address. Stated differently, multiple
interfaces or a collection of interfaces are assigned an anycast address.
Transition From IPv4 to IPv6 Address
• The expansion of users in the Internet and the devices connecting to it,
the Internet Protocol version 4 (IPv4) having 32-bit address is
running out of capacity.
• To overcome this problem, the Internet Protocol version 6 (IPv6) is
introduced having 128-bit addresses and therefore allows trillions of
unique IPs through which many devices can connect easily.
• The transition from IPv4 to IPv6 not only solves the issue of limitation
of addresses but also brings improvements in network efficiency,
security, and performance.
How Transition Happens From IPv4 to
IPv6?
• Various organizations are currently working with IPv4 technology and in a very short
time, we can not switch directly from IPv4 to IPv6. Instead of only using IPv6, we use a
combination of both and transition means not replacing IPv4 but co-existing of both.
• When we want to send a request from an IPv4 address to an IPv6 address, it is not
possible because IPv4 and IPv6 transition is not compatible. For a solution to this
problem, we use some technologies that help in an easy transition from IPv4 to IPv6.
• These technologies are mentioned below:
• Dual Stack Routers

• Tunneling

• NAT Protocol Translation


Dual-Stack Routers
• A dual-stack router is a network device
that can support both IPv4 and IPv6
protocols simultaneously. It allows
communication between devices using any
of the protocol, making it a key
component during the transition from IPv4
to IPv6. In dual-stack router, A router’s
interface is attached with IPv4 and IPv6
addresses configured are used in order to
transition from IPv4 to IPv6.
• In this above diagram, A given server with
both IPv4 and IPv6 addresses configured
can communicate with all hosts of IPv4
and IPv6 via dual-stack router (DSR). The
dual stack router (DSR) gives the path for
all the hosts to communicate with the
server without changing their IP
addresses.
Tunneling
• Tunneling is a technique used to enable
communication between IPv4 and IPv6
networks during the transition from IPv4 to
IPv6. Tunneling encapsulates IPv6 packets
within IPv4 packets (or vice versa). Tunneling
is used as a medium to communicate the transit
network with the different IP versions.
• In this above diagram, the different IP versions
such as IPv4 and IPv6 are present. The IPv4
networks can communicate with the transit or
intermediate network on IPv6 with the help of
the Tunnel. It’s also possible that the IPv6
network can also communicate with IPv4
networks with the help of a Tunnel.
NAT Protocol Translation
• NAT (Network Address Translation) Protocol
Translation (NAT-PT), is a technique used to
enable communication between IPv4 and IPv6
networks by translating one protocol to the other.
With the help of the NAT Protocol Translation
technique, the IPv4 and IPv6 networks can also
communicate with each other without
understanding the address of different IP version.
• In the above diagram, an IPv4 address
communicates with the IPv6 address via a
NAT-PT device to communicate easily. In
this situation, the IPv6 address
understands that the request is sent by the
same IP version (IPv6) and it responds.

You might also like