UNIT III

NETWORK LAYER

Switching : Packet Switching - Internet protocol - IPV4 – IP Addressing

– Subnetting - IPV6, ARP, RARP, ICMP, DHCP
PACKET SWITCHING

 The packet switching is a switching technique in which the message is sent in

one go, but it is divided into smaller pieces, and they are sent individually.
 The message splits into smaller pieces known as packets and packets are given a
unique number to identify their order at the receiving end.
 Every packet contains some information in its headers such as source address,
destination address and sequence number.
 Packets will travel across the network, taking the shortest path as possible.
 All the packets are reassembled at the receiving end in correct order.
 If any packet is missing or corrupted, then the message will be sent to resend the
message.
 If the correct order of the packets is reached, then the acknowledgment message
will be sent.

Advantages of Packet Switching:

 Cost-effective: In packet switching technique, switching devices do not require

massive secondary storage to store the packets, so cost is minimized to some extent.
Therefore, we can say that the packet switching technique is a cost- effective
technique.
 Reliable: If any node is busy, then the packets can be rerouted. This ensures that
the Packet Switching technique provides reliable communication.
 Efficient: Packet Switching is an efficient technique. It does not require any
established path prior to the transmission, and many users can use the same
communication channel simultaneously, hence makes use of available bandwidth
very efficiently.
Disadvantages of Packet Switching:

 Packet Switching technique cannot be implemented in those applications that

require low delay and high-quality services.
 The protocols used in a packet switching technique are very complex and
requires high implementation cost.
 If the network is overloaded or corrupted, then it requires retransmission of lost
packets. It can also lead to the loss of critical information if errors are nor
recovered.

APPROACHES OF PACKET SWITCHING

There are two approaches to Packet Switching:

 Datagram Packet switching
 Virtual Circuit Switching

Datagram Packet switching

 It is a packet switching technology in which packet is known as a datagram, is

considered as an independent entity.
 Each packet contains the information about the destination and switch uses this
information to forward the packet to the correct destination.
 The packets are reassembled at the receiving end in correct order. oIn Datagram
Packet Switching technique, the path is not fixed. oIntermediate nodes take the
routing decisions to forward the packets.
 Datagram Packet Switching is also known as connectionless switching.
 There are no setup or teardown phases.
 Each packet is treated the same by a switch regardless of its source or
destination.
In this example, all four packets (or datagrams) belong to the same message, but
may travel different paths to reach their destination.

Routing Table

In this type of network, each switch (or packet switch) has a routing table
which is based on the destination address. The routing tables are dynamic and are
updated periodically. The destination addresses and the corresponding forwarding

output ports are recorded in the tables.

Delay in a datagram network

 The packet travels through two switches.

 There are three transmission times (3T),three propagation delays (slopes 3t of
the lines), and two waiting times (w1 + w2).
We ignore the processing time in each switch.
Total delay = 3T + 3t + w1 + w2

Virtual Circuit Switching

 Virtual Circuit Switching is also known as connection-oriented switching.

 In the case of Virtual circuit switching, a virtual connection is established before
the messages are sent.
 Call request and call accept packets are used to establish the connection between
sender and receiver.
 In this case, the path is fixed for the duration of a logical connection.

Virtual Circuit Identifier (VCI)

A virtual circuit identifier (VCI) that uniquely identifies the connection at
this switch. A VCI, unlike a global address, is a small number that has only switch
scope; it is used bya frame between two switches. When a frame arrives at a switch,
it has a VCI; when it leaves, it has a different VCI.

Virtual Circuit Table

  Every Virtual Circuit (VC) maintains a table called Virtual Circuit table. One
entry in the VC table on a single switch contains the following :
 An incoming interface on which packets for this VC arrive at the switch
 An outgoing interface in which packets for this VC leave the switch.
 A outgoing VCI that will be used for outgoing packets

Example :
Source A sends a frame to Source B through Switch 1, Switch 2 and Switch 3.

Types of Virtual Circuits

There are two broad classes of Virtual Circuits. They are
 PVC – Permanent Virtual Circuit
 Network Administrator will configure the state

The virtual circuit is permanent (PVC)

SVC – Switched Virtual Circuit

 A host can send messages into the network to cause the state to be established.
This is referred as signaling.
 A host may set up and delete such a VC dynamically without the involvement of
a network administrator
Delay in Virtual-Circuit Networks

 The packet is traveling through two switches (routers).

 There are three transmission times (3T ), three propagation times (3t), data
transfer depicted by the sloping lines, a setup delay (which includes transmission and
propagation in two directions), and a teardown delay (which includes transmission
and propagation in one direction).

Total delay = 3T + 3t + Setup delay + Teardown delay

COMPARISON – CIRCUIT SWITCHING AND PACKET SWITCHING

PACKET SWITCHING
CIRCUIT
SWITCHING
Virtual Circuit Datagram Switching
Switching
Connection oriented Connection oriented Connection less

Packets may be delivered

Ensures in order Ensures in order delivery out of order
delivery
 No reordering is No reordering is Reordering is required
required required
A dedicated path exists A dedicated path exists No dedicated path exists
for data transfer fordata transfer fordata transfer
All the packets take the All the packets take the All the packets may not
same path same path take the same path
Resources are allocated Resources are allocated
before data transfer on demand using 1st No resources are allocated
packet
Stream oriented Packet oriented Packet oriented

Fixed bandwidth Dynamic Bandwidth Dynamic bandwidth

Reliable Reliable Unreliable

No overheads Less overheads Higher overheads

Implemented at physical Implemented at data link Implemented at network

layer layer layer
Inefficient in terms of Provides better Provides better efficiency
resource utilization efficiency than message switched
than circuit switched systems
systems
Example- Telephone Examples- X.25, Frame Example- Internet
systems relay

IPV4

 The identifier used in the IP layer of the TCP/IP protocol suite to identify the
connection of each device to the Internet is called the Internet address or IP address.
 Internet Protocol version 4 (IPv4) is the fourth version in the development of the
Internet Protocol (IP) and the first version of the protocol to be widely deployed.
 IPv4 is described in IETF publication in September 1981.
 The IP address is the address of the connection, not the host or the router. An
IPv4 address is a 32-bit address that uniquely and universally defines the connection
.
 If the device is moved to another network, the IP address may be changed.
 IPv4 addresses are unique in the sense that each address defines one, and only
one, connection to the Internet.
 If a device has two connections to the Internet, via two networks, it has two IPv4
addresses.
 IPv4 addresses are universal in the sense that the addressing system must be
accepted by any host that wants to be connected to the Internet.

IPV4 ADDRESS SPACE

 IPv4 defines addresses has an address space.

 An address space is the total number of addresses used by the protocol.
 If a protocol uses b bits to define an address, the address space is 2 b because
each bit can have two different values (0 or 1).
 IPv4 uses 32-bit addresses, which means that the address space is 2 32
or4,294,967,296 (more than four billion).
 4 billion devices could be connected to the Internet.

IPV4 ADDRESS NOTATION

 There are three common notations to show an IPv4 address:

 binary notation (base 2)
 dotted-decimal notation (base 256)
 hexadecimal notation (base 16).

In binary notation, an IPv4 address is displayed as 32 bits. To make the address

more readable, one or more spaces are usually inserted between bytes (8 bits).

In dotted-decimal notation,IPv4 addresses are usually written in decimal form with

a decimal point (dot) separating the bytes. Each number in the dotted-decimal
notation is between 0 and 255.
In hexadecimal notation, each hexadecimal digit is equivalent to four bits. This
means that a 32-bit address has 8 hexadecimal digits. This notation is often used in
network programming.

HIERARCHY IN IPV4 ADDRESSING

 In any communication network that involves delivery, the addressing system is
hierarchical.
 A 32-bit IPv4 address is also hierarchical, but divided only into two parts.
 The first part of the address, called the prefix, defines the network(Net ID); the
second part of the address, called the suffix, defines the node (Host ID).
 The prefix length is n bits and the suffix length is (32- n) bits.

 A prefix can be fixed length or variable length.

 The network identifier in the IPv4 was first designed as a fixed-length prefix.
 This scheme is referred to as classful addressing.
 The new scheme, which is referred to as classless addressing, uses a variable-
length network prefix.

CATEGORIES OF IPV4 ADDRESSING

There are two broad categories of IPv4 Addressing techniques. They are
 Classful Addressing
 Classless Addressing

CLASSFUL ADDRESSING

 An IPv4 address is 32-bit long(4 bytes).

 An IPv4 address is divided into sub-classes:
Classful Network Architecture
Class A

 In Class A, an IP address is assigned to those networks that contain a large

number of hosts.
 The network ID is 8 bits long.
 The host ID is 24 bits long.
 In Class A, the first bit in higher order bits of the first octet is always set to 0 and
the remaining 7 bits determine the network ID.
 The 24 bits determine the host ID in any network.
 The total number of networks in Class A = 2 7 = 128 network address

 The total number of hosts in Class A = 2 24 - 2 =

Class B

 In Class B, an IP address is assigned to those networks that range from small-

sized to large-sized networks.
 The Network ID is 16 bits long.
 The Host ID is 16 bits long.
 In Class B, the higher order bits of the first octet is always set to 10, and the
remaining14 bits determine the network ID.
 The other 16 bits determine the Host ID.
 The total number of networks in Class B = 2 14 = 16384 network address

 The total number of hosts in Class B = 2 16 - 2 = 65534 host address.

Class C

 In Class C, an IP address is assigned to only small-sized networks.

 The Network ID is 24 bits long.
 The host ID is 8 bits long.
 In Class C, the higher order bits of the first octet is always set to 110, and the
remaining 21 bits determine the network ID.
 The 8 bits of the host ID determine the host in a network.
 The total number of networks = 2 21 = 2097152 network address

 The total number of hosts = 2 8 - 2 = 254 host address.

Class D

 In Class D, an IP address is reserved for multicast addresses.

 It does not possess subnetting.
 The higher order bits of the first octet is always set to 1110, and the remaining

bits determines the host ID in any network.

Class E
 In Class E, an IP address is used for the future use or for the research and
development purposes.
 It does not possess any subnetting.
 The higher order bits of the first octet is always set to 1111, and the remaining

bits determines the host ID in any network.

Address Depletion in Classful Addressing

 The reason that classful addressing has become obsolete is address depletion.
Since the addresses were not distributed properly, the Internet was faced with the
problem of the addresses being rapidly used up.
 This results in no more addresses available for organizations and individuals that
needed to be connected to the Internet.
 To understand the problem, let us think about class A.
 This class can be assigned to only 128 organizations in the world, but each
organization needs to have a single network with 16,777,216 nodes .
 Since there may be only a few organizations that are this large, most of the
addresses in this class were wasted (unused).
 Class B addresses were designed for midsize organizations, but many of the
addresses in this class also remained unused.
 Class C addresses have a completely different flaw in design. The number of
addresses that can be used in each network (256) was so small that most companies
were not comfortable using a block in this address class.
 Class E addresses were almost never used, wasting the whole class.

Advantage of Classful Addressing

 Although classful addressing had several problems and became obsolete, it had
one advantage.
 Given an address, we can easily find the class of the address and, since the
prefix length for each class is fixed, we can find the prefix length immediately.
 In other words, the prefix length in classful addressing is inherent in the address;
no extra information is needed to extract the prefix and the suffix.

Subnetting

 In subnetting, a class A or class B block is divided into several subnets.

 Each subnet has a larger prefix length than the original network.
 For example, if a network in class A is divided into four subnets, each subnet has
a prefix of nsub = 10.
 At the same time, if all of the addresses in a network are not used, subnetting
allows the addresses to be divided among several organizations.

CLASSLESS ADDRESSING

 In 1996, the Internet authorities announced a new architecture called classless

addressing.
 In classless addressing, variable-length blocks are used that belong to no classes.
 We can have a block of 1 address, 2 addresses, 4 addresses, 128 addresses, and
so on.
 In classless addressing, the whole address space is divided into variable length
blocks.
 The prefix in an address defines the block (network); the suffix defines the node
(device).
 Theoretically, we can have a block of 2 0, 21, 22, 232 addresses.
 The number of addresses in a block needs to be a power of 2. An organization
can be granted one block of addresses.

 The prefix length in classless addressing is variable.

 We can have a prefix length that ranges from 0 to 32.
 The size of the network is inversely proportional to the length of the prefix.
 A small prefix means a larger network; a large prefix means a smaller network.
 The idea of classless addressing can be easily applied to classful addressing.
 An address in class A can be thought of as a classless address in which the prefix
length is 8.
 An address in class B can be thought of as a classless address in which the
prefix is 16, and so on. In other words, classful addressing is a special case of
classless addressing.

Notation used in Classless Addressing

 The notation used in classless addressing is informally referred to as slash

notation and formally as classless interdomain routing or CIDR.

 For example , 192.168.100.14 /24 represents the IP address 192.168.100.14 and,
its subnet mask 255.255.255.0, which has 24 leading 1-bits.

Address Aggregation
 One of the advantages of the CIDR strategy is address aggregation
(sometimes called address summarization or route summarization).
 When blocks of addresses are combined to create a larger block, routing can be
done based on the prefix of the larger block.
 ICANN assigns a large block of addresses to an ISP.
 Each ISP in turn divides its assigned block into smaller subblocks and grants the
subblocks to its customers.

Special Addresses in IPv4

There are five special addresses that are used for special purposes:
 this-host address
 limited-broadcastaddress
 loopback address
 private addresses
 multicast addresses.
This-host Address
 The only address in the block 0.0.0.0/32 is called the this-host address.
 It is used whenever a host needs to send an IP datagram but it does not know its
own address to use as the source address.

Limited-broadcast Address
 The only address in the block 255.255.255.255/32 is called the limited-
broadcast address.
 It is used whenever a router or a host needs to send a datagram to all devices in a
network.
 The routers in the network, however, block the packet having this address as the
destination;the packet cannot travel outside the network.

Loopback Address
 The block 127.0.0.0/8 is called the loopback address.
 A packet with one of the addresses in this block as the destination address never
leaves the host; it will remain in the host.

Private Addresses
 Four blocks are assigned as private addresses: 10.0.0.0/8, 172.16.0.0/12,
192.168.0.0/16, and 169.254.0.0/16.

Multicast Addresses
 The block 224.0.0.0/4 is reserved for multicast addresses.
ADDRESS RESOLUTION PROTOCOL (ARP)

 ARP stands for Address Resolution Protocol.

 ARP is the most important protocol of the Data Link Layer.
 ARP is a network layer protocol used to convert a IP address (Network/Logical
address) into a MAC Address (Hardware /Physical address).

 The computer programs/applications use logical address (IP address) to

send/receive messages, however the actual communication happens over the
physical address (MAC address).
 To send a datagram over a network, we need both the logical and physical
address.
 IP addresses are made up of 32 bits whereas MAC addresses are made up of 48
bits.
 ARP enables each host to build a table of IP address and corresponding physical
address.
 ARP relies on broadcast support from physical networks.
 The Address Resolution Protocol is a request and response protocol.
 The types of ARP messages are:
 ARP request
 ARP reply
 ARP Operation
 ARP maintains a cache table in which MAC addresses are mapped to IP
addresses.
 If a host wants to send an IP datagram to a host,it first checks for a mapping in
the cache table.
 If no mapping is found, it needs to invoke the Address Resolution Protocol over
the network.
 It does this by broadcasting an ARP query onto the network.
 This query contains the target IP address.
 Each host receives the query and checks to see if it matches its IP address.
 If it does match, the host sends a response message that contains its link-
layer address (MAC Address) back to the originator of the query.
 The originator adds the information contained in this response to its ARP
table.
For example,
 To determine system B’s physical (MAC) address, system A broadcasts an ARP
request containing B’s IP address to all machines on its network.

 All nodes except the destination discard the packet but update their ARP
table.
 Destination host (System B)constructs an ARP Response packet
 ARP Response is unicast and sent back to the source host (System A).
 Source stores target Logical & Physical address pair in its ARP table from ARP
Response.
 If target node does not exist on same network, ARP request is sent to
default router.

ARP Packet
RARP – Reverse ARP

Reverse Address Resolution protocol (RARP) allows a host to convert its MAC
address to the corresponding IP address.

ICMPV4 - INTERNET CONTROL MESSAGE PROTOCOL

VERSION 4
 ICMP is a network-layer protocol.
 It is a companion to the IP protocol.
 Internet Control Message Protocol (ICMP) defines a collection of error
messages that are sent back to the source host whenever a router or host is unable to
process an IP datagram successfully.

ICMP MESSAGE TYPES

 ICMP messages are divided into two broad categories: error-reporting messages
and query messages.
 The error-reporting messages report problems that a router or a host (destination)
may encounter when it processes an IP packet.
 The query messages help a host or a network manager get specific information
from a router or another host.
ICMP Error – Reporting Messages

Destination Unreachable―When a router cannot route a datagram, the datagram is

discarded and sends a destination unreachable message to source host.
Source Quench―When a router or host discards a datagram due to congestion, it
sends a source-quench message to the source host. This message acts as flow
control.
Time Exceeded―Router discards a datagram when TTL field becomes 0 and a time
exceeded message is sent to the source host.
Parameter Problem―If a router discovers ambiguous or missing value in any field
of the datagram, it discards the datagram and sends parameter problem message to
source.
Redirection―Redirect messages are sent by the default router to inform the source
host to update its forwarding table when the packet is routed on a wrong path.

ICMP Query Messages

 Request sent by host to a router or host.

 Reply sent back to querying host.
Echo Request & Reply―Combination of echo request and reply messages
determines whether two systems communicate or not.
Timestamp Request & Reply―Two machines can use the timestamp request
and reply messages to determine the round-trip time (RTT).
Address Mask Request & Reply―A host to obtain its subnet mask, sends an
address mask request message to the router, which responds with an address mask
reply message.
Router Solicitation/Advertisement―A host broadcasts a router solicitation message
to know about the router. Router broadcasts its routing information with router
advertisement message.

ICMP MESSAGE FORMAT

 An ICMP message has an 8-byte header and a variable-size data section.

Type Defines the type of the message

Code Specifies the reason for the particular message
type
Checksum Used for error detection
Rest of the Specific for each message type
header
Data Used to carry information
Identifier Used to match the request with the reply
Sequence Sequence Number of the ICMP packet
 Number

ICMP DEBUGGING TOOLS

Two tools are used for debugging purpose. They are
(1) Ping
(2) Traceroute
Ping

 The ping program is used to find if a host is alive and responding.

 The source host sends ICMP echo-request messages; the destination, if alive,
responds with ICMP echo-reply messages.
 The ping program sets the identifier field in the echo-request and echo-reply
message and starts the sequence number from 0; this number is incremented by 1
each time a new message is sent.
 The ping program can calculate the round-trip time.
 It inserts the sending time in the data section of the message.
 When the packet arrives, it subtracts the arrival time from the departure time to
get the round-trip time (RTT).
 $ ping google.com

Traceroute or Tracert

 The traceroute program in UNIX or tracert in Windows can be used to trace the
path of a packet from a source to the destination.
 It can find the IP addresses of all the routers that are visited along the path.
 The program is usually set to check for the maximum of 30 hops (routers) to be
visited.
 The number of hops in the Internet is normally less than this.
 $ traceroute google.com

DHCP – DYNAMIC HOST CONFIGURATION

PROTOCOL
 The dynamic host configuration protocol is used to simplify the installation and
maintenance of networked computers.
 DHCP is derived from an earlier protocol called BOOTP.
 Ethernet addresses are configured into network by manufacturer and they are
unique.
 IP addresses must be unique on a given internetwork but also must reflect the
structure of the internetwork
 Most host Operating Systems provide a way to manually configure the IP
information for the host
 Drawbacks of manual configuration :
 A lot of work to configure all the hosts in a large network
Configuration process is error-prune
 It is necessary to ensure that every host gets the correct network number and
that no two hosts receive the same IP address.
 For these reasons, automated configuration methods are required.
 The primary method uses a protocol known as the Dynamic Host Configuration
Protocol (DHCP).
 The main goal of DHCP is to minimize the amount of manual configuration
required for a host.
 If a new computer is connected to a network, DHCP can provide it with all the
necessary information for full system integration into the network.
 DHCP is based on a client/server model.
 DHCP clients send a request to a DHCP server to which the server responds
withan IP address
 DHCP server is responsible for providing configuration information to hosts.
 There is at least one DHCP server for an administrative domain.
 The DHCP server can function just as a centralized repository for host
configuration information.
 The DHCP server maintains a pool of available addresses that it hands out to
hosts on demand.
 A newly booted or attached host sends a DHCPDISCOVER message to a
special IP address (255.255.255.255., which is an IP broadcast address.
 This means it will be received by all hosts and routers on that network.
 DHCP uses the concept of a relay agent. There is at least one relay agent on
each network.
 DHCP relay agent is configured with the IP address of the DHCP server.
 When a relay agent receives a DHCPDISCOVER message, it unicasts it to the
DHCP server and awaits the response, which it will then send back to the
requesting client.

DHCP Message Format

 A DHCP packet is actually sent using a protocol called the User Datagram
Protocol (UDP).