Module – III

Network Layer:
The Network Layer is the 5th Layer from the top and the 3rd layer from the Bottom of the OSI
Model. It is one of the most important layers which plays a key role in data transmission. The
main job of this layer is to maintain the quality of the data and pass and transmit it from its
source to its destination. It also handles routing, which means that it chooses the best path to
transmit the data from the source to its destination, not just transmitting the packet. There are
several important protocols that work in this layer.

Data is transmitted in the form of packets via various logical network pathways between various
devices. It offers routes for data packet transfers across the network. The network layer is also
responsible for organizing and controlling the available paths for data transfer.
Functions of Network Layer
Some of the most important functions of the network layer are given below :
1. Assigning Logical Address: It provides unique IP addresses to devices for identification
and communication across networks.
2. Packetizing: It encapsulates data into packets for efficient transmission.
3. Host-to-Host Delivery: It ensures data is delivered from the sender to the intended
receiver across networks.
4. Forwarding: It is the process of moving packets from the input to the appropriate output
interface in a router, based on the destination address
5. Fragmentation and Reassembly: It splits large packets into smaller fragments for
transmission and reassembles them at the destination.
6. Logical Subnetting: It divides larger networks into smaller subnetworks for better
management and routing efficiency.
7. Network Address Translation (NAT): Maps private IP addresses to a public IP for
internet access, conserving IPs and adding security.
8. Routing: It determines the best path for packets to travel to their destination across
multiple networks.

Network Layer Work:

 Every device gets a unique address (IP address) to identify it on the network.
 Data is packaged into small packets, with labels showing where it’s coming from and
where it’s going.
 Routers figure out the best path to send the packets to their destination.
 Packets travel step by step through different routers until they reach the right device.
 If a packet is too big, it gets broken into smaller pieces to fit through the network.
 At the destination, the pieces are put back together into the original data.
 If something goes wrong, like the destination can’t be reached, an error message is sent
back.
Protocols Used at Network Layer
The protocols used at the Network Layer are:
1. IP (Internet Protocol)
2. ICMP (Internet Control Message Protocol)
3. ARP (Address Resolution Protocol)
4. RARP (Reverse Address Resolution Protocol)
5. NAT (Network Address Translation)
6. Routing Protocols:
 RIP (Routing Information Protocol)
 OSPF (Open Shortest Path First)
 BGP (Border Gateway Protocol)

Advantages of Network Layer:

 Using the network layer in the OSI paradigm offers a multitude of advantages. Let’s
delve into some of these benefits:
 The network layer takes the data and breaks it down into packets, which makes
transmitting the data over the network easier. This process also eliminates any weak points
in the transmission, ensuring that the packet successfully reaches its intended destination.
 Router is the important component of the network layer . Its role is to reduce network
congestion by facilitating collisions and broadcasting the domains within the network layer.
 Used to send data packets across the network nodes, the forwarding method is various.

Switching concepts:

Switching is the process of transferring data packets from one device to another in a network, or
from one network to another, using specific devices called switches. A computer user
experiences switching all the time for example, accessing the Internet from your computer
device, whenever a user requests a webpage to open, the request is processed through switching
of data packets only.
 A switch is a hardware device in a network that connects and helps multiple devices
share a network without their data interfering with each other.
 A switch works like a traffic cop at a busy intersection. When a data packet arrives, the
switch decides where it needs to go and sends it through the right port.
 Some data packets come from devices directly connected to the switch, like computers
or VoIP phones. Other packets come from devices connected through hubs or routers.
 The switch knows which devices are connected to it and can send data directly between
them. If the data needs to go to another network, the switch sends it to a router, which
forwards it to the correct destination.

The switching process involves the following steps:

 Frame Reception: The switch receives a data frame or packet from a computer connected
to its ports.
 MAC Address Extraction: The switch reads the header of the data frame and collects the
destination MAC Address from it.
 MAC Address Table Lookup: Once the switch has retrieved the MAC Address, it
performs a lookup in its Switching table to find a port that leads to the MAC Address of the
data frame.
 Forwarding Decision and Switching Table Update: If the switch matches the destination
MAC Address of the frame to the MAC address in its switching table, it forwards the data
 frame to the respective port. However, if the destination MAC Address does not exist in its
forwarding table, it follows the flooding process, in which it sends the data frame to all its
ports except the one it came from and records all the MAC Addresses to which the frame
was delivered. This way, the switch finds the new MAC Address and updates its forwarding
table.
 Frame Transition: Once the destination port is found, the switch sends the data frame to
that port and forwards it to its target computer/network.

Types of Switching:
There are three types of switching methods:
 Message Switching
 Circuit Switching
 Packet Switching
o Datagram Packet Switching
o Virtual Circuit Packet Switching

Message Switching: This is an older switching technique that has become obsolete. In message
switching technique, the entire data block/message is forwarded across the entire network thus,
making it highly inefficient.
Circuit Switching: In this type of switching, a connection is established between the source and
destination beforehand. This connection receives the complete bandwidth of the network until
the data is transferred completely.

This approach is better than message switching as it does not involve sending data to the entire
network, instead of its destination only.
Packet Switching: This technique requires the data to be broken down into smaller
components, data frames, or packets. These data frames are then transferred to their destinations
according to the available resources in the network at a particular time.

This switching type is used in modern computers and even the Internet. Here, each data frame
contains additional information about the destination and other information required for proper
transfer through network components.
Datagram Packet Switching: In Datagram Packet switching, each data frame is taken as an
individual entity and thus, they are processed separately. Here, no connection is established
before data transmission occurs. Although this approach provides flexibility in data transfer, it
may cause a loss of data frames or late delivery of the data frames.
Virtual-Circuit Packet Switching: In Virtual-Circuit Packet switching, a logical connection
between the source and destination is made before transmitting any data. These logical
connections are called virtual circuits. Each data frame follows these logical paths and provides
a reliable way of transmitting data with less chance of data loss.

Internet Protocol:
Internet Protocol (IP) is a set of rules that allows devices to communicate with each other over
the Internet. It is like the address system used for sending data. Every device connected to the
internet has a unique IP address.
Internet protocols are a set of rules that allow computers and other devices to communicate
over the Internet. These protocols ensure that data is sent, received, and understood correctly
between different systems. There are many types of internet protocols, each serving a specific
purpose, such as transferring files, sending emails, or securing data.

Working of Internet Protocol

Step by step working of internet protocol:
 Dividing Data into Packets: When you send information over the internet, IP split it
into small parts called packets. Each packet contains a piece of the data and the address of
where it needs to go.
 Addressing: Every device connected to the internet has its own IP address. This
address helps identify where the data is being sent from and where it should be delivered.
 Routing the Packets: As the packets travel across the internet, they pass through several
devices called routers. These routers help direct the packets toward the correct destination,
like how mail is sorted at different post offices.
 Reassemble the Data: Once all the packets arrive at the destination, they are put back
together to recreate the original message or file.
 Handling Missing Packets: If some packets don’t arrive, the system can request that
they be sent again, making sure the complete data is received.

Types of Internet Protocol

Internet Protocols are of different types having different uses. These are mentioned below:
1. TCP/IP(Transmission Control Protocol/ Internet Protocol)
2. SMTP(Simple Mail Transfer Protocol)
3. PPP(Point-to-Point Protocol)
4. FTP (File Transfer Protocol)
5. SFTP(Secure File Transfer Protocol)
6. HTTP(Hyper Text Transfer Protocol)
7. HTTPS(HyperText Transfer Protocol Secure)
8. TELNET(Terminal Network)
9. POP3(Post Office Protocol 3)
10. IPv4
11. IPv6
12. ICMP
13. UDP
14. IMAP

1.TCP/IP(Transmission Control Protocol/ Internet Protocol)

In TCP/IP, the IP protocol ensures that each computer that is connected to the Internet is having
a specific serial number called the IP address. TCP specifies how data is exchanged over the
internet and how it should be broken into IP packets. It also makes sure that the packets have
information about the source of the message data, the destination of the message data, the
sequence in which the message data should be re-assembled, and checks if the message has been
sent correctly to the specific destination. The TCP is also known as a connection-oriented
protocol.

2. SMTP(Simple Mail Transfer Protocol)

SMTP protocol is important for sending and distributing outgoing emails. This protocol uses the
header of the mail to get the email id of the receiver and enters the mail into the queue of
outgoing mail. And as soon as it delivers the mail to the receiving email id, it removes the email
from the outgoing list. The message or the electronic mail may consider the text, video, image,
etc. It helps in setting up some communication server rules.

3. PPP(Point-to-Point Protocol)
PPP is a communication protocol that is used to create a direct connection between two
communicating devices. This protocol defines the rules using which two devices will
authenticate with each other and exchange information with each other. For example, A user
connects his PC to the server of an Internet Service Provider and also uses PPP. Similarly, for
connecting two routers for direct communication it uses PPP.

4. FTP (File Transfer Protocol)

This protocol is used for transferring files from one system to the other. This works on a client-
server model. When a machine requests for file transfer from another machine, the FTO sets up
a connection between the two and authenticates each other using their ID and Password. And,
the desired file transfer takes place between the machines.

5. SFTP(Secure File Transfer Protocol)

SFTP which is also known as SSH FTP refers to File Transfer Protocol (FTP) over Secure Shell
(SSH) as it encrypts both commands and data while in transmission. SFTP acts as an extension
to SSH and encrypts files and data then sends them over a secure shell data stream. This
protocol is used to remotely connect to other systems while executing commands from the
command line.

6. HTTP(Hyper Text Transfer Protocol)

HTTP protocol is used to transfer hypertexts over the internet and it is defined by the
www(world wide web) for information transfer. This protocol defines how the information
needs to be formatted and transmitted. And, it also defines the various actions the web browsers
should take in response to the calls made to access a particular web page. Whenever a user
opens their web browser, the user will indirectly use HTTP as this is the protocol that is being
used to share text, images, and other multimedia files on the World Wide Web.

7. HTTPS(HyperText Transfer Protocol Secure)

HTTPS is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure
communication over a computer network with the SSL/TLS protocol for encryption and
authentication. So, generally, a website has an HTTP protocol but if the website is such that it
receives some sensitive information such as credit card details, debit card details, OTP, etc then
it requires an SSL certificate installed to make the website more secure. So, before entering any
sensitive information on a website, we should check if the link is HTTPS or not. If it is not
HTTPS then it may not be secure enough to enter sensitive information.

8. TELNET(Terminal Network)
TELNET is a standard TCP/IP protocol used for virtual terminal service given by ISO. This
enables one local machine to connect with another. The computer which is being connected is
called a remote computer and which is connecting is called the local computer. TELNET
operation lets us display anything being performed on the remote computer in the local
computer. This operates on the client/server principle. The local computer uses the telnet client
program whereas the remote computer uses the telnet server program.

9. POP3(Post Office Protocol 3)

POP3 stands for Post Office Protocol version 3. It has two Message Access Agents (MAAs)
where one is client MAA (Message Access Agent) and another is server MAA(Message Access
Agent) for accessing the messages from the mailbox. This protocol helps us to retrieve and
manage emails from the mailbox on the receiver mail server to the receiver’s computer. This is
implied between the receiver and the receiver mail server. It can also be called a one-way client-
server protocol. The POP3 works on two ports i.e port 110 and port 995.

10. IPv4
The fourth and initially widely used version of the Internet Protocol is called IPv4 (Internet
Protocol version 4). It is the most popular version of the Internet Protocol and is in charge of
distributing data packets throughout the network. Maximum unique addresses for IPv4 are
4,294,967,296 (232), which are possible due to the use of 32-bit addresses. The network address
and the host address are the two components of each address. The host address identifies a
particular device within the network, whereas the network address identifies the network to
which the host belongs. In the “dotted decimal” notation, which is the standard for IPv4
addresses, each octet (8 bits) of the address is represented by its decimal value and separated by
a dot (e.g. 192.168.1.1).

11. IPv6
The most recent version of the Internet Protocol, IPv6, was created to address the IPv4
protocol’s drawbacks. A maximum of 4.3 billion unique addresses are possible with IPv4’s 32-
bit addresses. Contrarily, IPv6 uses 128-bit addresses, which enable a significantly greater
number of unique addresses. This is significant because IPv4 addresses were running out and
there are an increasing number of devices that require internet access. Additionally, IPv6 offers
enhanced security features like integrated authentication and encryption as well as better support
for mobile devices. IPv6 support has spread among websites and internet service providers, and
it is anticipated to gradually displace IPv4 as the main internet protocol.

12. ICMP
ICMP (Internet Control Message Protocol) is a network protocol that is used to send error
messages and operational information about network conditions. It is an integral part of the
Internet Protocol (IP) suite and is used to help diagnose and troubleshoot issues with network
connectivity. ICMP messages are typically generated by network devices, such as routers, in
response to errors or exceptional conditions encountered in forwarding a datagram.

13. UDP
UDP (User Datagram Protocol) is a connectionless, unreliable transport layer protocol. Unlike
TCP, it does not establish a reliable connection between devices before transmitting data, and it
does not guarantee that data packets will be received in the order they were sent or that they will
be received at all. Instead, UDP simply sends packets of data to a destination without any error
checking or flow control. UDP is typically used for real-time applications such as streaming
video and audio, online gaming, and VoIP (Voice over Internet Protocol) where a small amount
of lost data is acceptable and low latency is important. UDP is faster than TCP because it has
less overhead. It doesn’t need to establish a connection, so it can send data packets immediately.
It also doesn’t need to wait for confirmation that the data was received before sending more, so
it can transmit data at a higher rate.
14. IMAP
IMAP (Internet Message Access Protocol) is a protocol used for retrieving emails from a mail
server. It allows users to access and manage their emails on the server, rather than downloading
them to a local device. This means that the user can access their emails from multiple devices
and the emails will be synced across all devices. IMAP is more flexible than POP3 (Post Office
Protocol version 3) as it allows users to access and organize their emails on the server, and also
allows multiple users to access the same mailbox.

IPV4 Packet Format:

IPv4 is a connectionless protocol used for packet-switched networks. Internet Protocol Version
4 (IPv4) is the fourth revision of the Internet Protocol and a widely used protocol in data
communication over different kinds of networks. IPv4 is a connectionless protocol used in
packet-switched layer networks, such as Ethernet. It provides a logical connection between
network devices by providing identification for each device. There are many ways to configure
IPv4 with all kinds of devices – including manual and automatic configurations – depending on
the network type. IPv4 uses 32-bit addresses for Ethernet communication in five classes: A, B,
C, D and E. Classes A, B, and C have a different bit length for addressing the network host.
Class D addresses are reserved for multicasting, while class E addresses are reserved for
military purposes. IPv4 uses 32-bit (4-byte) addressing, which gives 232 addresses. IPv4
addresses are written in the dot-decimal notation, which comprises four octets of the address
expressed individually in decimal and separated by periods, for instance, 192.168.1.5.

Characteristics of IPv4
 IPv4 could be a 32-Bit IP Address.
 IPv4 could be a numeric address, and its bits are separated by a dot.
 The number of header fields is twelve and the length of the header field is twenty.
 It has Unicast, broadcast, and multicast style of addresses.
 IPv4 supports VLSM (Virtual Length Subnet Mask).
 IPv4 uses the Post Address Resolution Protocol to map to the MAC address.
 RIP may be a routing protocol supported by the routed daemon.
 Networks ought to be designed either manually or with DHCP.
 Packet fragmentation permits from routers and causing host.
 Version − Version no. of Internet Protocol used (e.g. IPv4).
 IHL − Internet Header Length; Length of entire IP header.
 DSCP − Differentiated Services Code Point; this is Type of Service.
 ECN − Explicit Congestion Notification; It carries information about the congestion seen
in the route.
 Total Length − Length of entire IP Packet (including IP header and IP Payload).
 Identification − If IP packet is fragmented during the transmission, all the fragments
contain same identification number. to identify original IP packet they belong to.
 Flags − As required by the network resources, if IP Packet is too large to handle, these
‘flags’ tells if they can be fragmented or not. In this 3-bit flag, the MSB is always set to ‘0’.
 Fragment Offset − This offset tells the exact position of the fragment in the original IP
Packet.
 Time to Live − To avoid looping in the network, every packet is sent with some TTL
value set, which tells the network how many routers (hops) this packet can cross. At each hop, its
value is decremented by one and when the value reaches zero, the packet is discarded.
 Protocol − Tells the Network layer at the destination host, to which Protocol this packet
belongs to, i.e. the next level Protocol. For example protocol number of ICMP is 1, TCP is 6 and
UDP is 17.
 Header Checksum − This field is used to keep checksum value of entire header which is
then used to check if the packet is received error-free.
 Source Address − 32-bit address of the Sender (or source) of the packet.
 Destination Address − 32-bit address of the Receiver (or destination) of the packet.
 Options − This is optional field, which is used if the value of IHL is greater than 5. These
options may contain values for options such as Security, Record Route, Time Stamp, etc.

IP Addressing:

An IP address, or Internet Protocol address, is a unique string of numbers assigned to each

device connected to a computer network that uses the Internet Protocol for communication. It
serves as an identifier that allows devices to send and receive data over the network, ensuring
that this data reaches the correct destination.

Types of IP Address
IP addresses can be classified in several ways based on their structure, purpose, and the type of
network they are used in. Here’s a breakdown of the different classifications of IP addresses:

1. Based on Addressing Scheme (IPv4 vs. IPv6)

IPv4:
This is the most common form of IP Address. It consists of four sets of numbers separated by
dots. For example, 192.158.1.38. Each set of numbers can range from 0 to 255. This format can
support over 4 billion unique addresses. Here’s how the structure is broken down:
 Four Octets: Each octet represents eight bits, or a byte, and can take a value from 0 to
255. This range is derived from the possible combinations of eight bits (2^8 = 256
combinations).
 Example of IPv4 Address: 192.168.1.1
o 192 is the first octet
o 168 is the second octet
o 1 is the third octet
o 1 is the fourth octet
Each part of the IP address can indicate various aspects of the network configuration, from the
network itself to the specific device within that network. In most cases, the network part of the
address is represented by the first one to three octets, while the remaining section identifies the
host (device).

IPv6:
IPv6 addresses were created to deal with the shortage of IPv4 addresses. They use 128 bits
instead of 32, offering a vastly greater number of possible addresses. These addresses are
expressed as eight groups of four hexadecimal digits, each group representing 16 bits. The
groups are separated by colons.
 Example of IPv6 Address: 2001:0db8:85a3:0000:0000:8a2e:0370:7334
o Each group (like 2001, 0db8, 85a3, etc.) represents a 16-bit block of the address.

2. Based on Usage (Public vs. Private)

Public IP Addresses
A Public IP address is assigned to every device that directly accesses the internet. This address
is unique across the entire internet. Here are the key characteristics and uses of public IP
addresses:
 Uniqueness: Each public IP address is globally unique. No two devices on the internet
can have the same public IP address at the same time.
 Accessibility: Devices with a public IP address can be accessed directly from anywhere
on the internet, assuming no firewall or security settings block the access.
 Assigned by ISPs: Public IP addresses are assigned by Internet Service Providers
(ISPs). When you connect to the internet through an ISP, your device or router receives a
public IP address.
 Types: Public IP addresses can be static (permanently assigned to a device) or dynamic
(temporarily assigned and can change over time).
Private IP Addresses
Private IP addresses are used within private networks (such as home networks, office networks,
etc.) and are not routable on the internet. This means that devices with private IP addresses
cannot directly communicate with devices on the internet without a translating mechanism like a
router performing Network Address Translation (NAT). Key features include:
 Not globally unique: Private IP addresses are only required to be unique within their
own network. Different private networks can use the same range of IP addresses without
conflict.
 Local communication: These addresses are used for communication between devices
within the same network. They cannot be used to communicate directly with devices on the
internet.
 Defined ranges: The Internet Assigned Numbers Authority (IANA) has reserved
specific IP address ranges for private use:
o IPv4: 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, 192.168.0.0 to
192.168.255.255
o IPv6: Addresses starting with FD or FC
3. Based on Assignment Method (Static vs. Dynamic)
Static IP Addresses:
 These are permanently assigned to a device, typically important for servers or devices
that need a constant address.
 Reliable for network services that require regular access such as websites, remote
management.
Dynamic IP Addresses:
 Temporarily assigned from a pool of available addresses by the Dynamic Host
Configuration Protocol (DHCP).
 Cost-effective and efficient for providers, perfect for consumer devices that do not
require permanent addresses.

Subnetting:
Subnetting is the process of dividing a large network into smaller networks called “subnets.”
Subnets provide each group of devices with their own space to communicate, which ultimately
helps the network to work easily.
A subnet is like a smaller group within a large network. It is a way to split a large network into
smaller networks so that devices present in one network can transmit data more easily. For
example, in a company, different departments can each have their own subnet, keeping their
data traffic separate from others. Subnet makes the network faster and easier to manage and also
improves the security of the network.

Use Subnetting:

1. Efficient IP Address Utilization – Prevents wastage of IP addresses by dividing a large

network into smaller segments.
2. Improved Network Performance – Reduces congestion by localizing traffic within subnets.
3. Enhanced Security – Limits unauthorized access between subnets.
4. Simplified Network Management – Easier troubleshooting and better organization of
devices.

Subnet Mask
A subnet mask determines which part of an IP address represents the network and which part
represents the host.
Example:
 IP Address: 192.168.1.10
 Subnet Mask: 255.255.255.0
 Network Portion: 192.168.1
 Host Portion: .10
Subnetting in IPv4
IPv4 addresses use a 32-bit structure, divided into 4 octets.
Subnetting is performed by borrowing bits from the host portion to create additional network
segments.
Subnet Mask Notation (CIDR)
Instead of writing the full subnet mask, CIDR (Classless Inter-Domain Routing) notation is used:
 /8 = 255.0.0.0
 /16 = 255.255.0.0
 /24 = 255.255.255.0
 /30 = 255.255.255.252
Example of Subnetting
Suppose you have a network 192.168.1.0/24 and want to create four subnets:
  Convert /24 to /26 (borrowing 2 bits from the host portion).
 New Subnets:
o 192.168.1.0/26 (Range: 192.168.1.1 - 192.168.1.62)
o 192.168.1.64/26 (Range: 192.168.1.65 - 192.168.1.126)
o 192.168.1.128/26 (Range: 192.168.1.129 - 192.168.1.190)
o 192.168.1.192/26 (Range: 192.168.1.193 - 192.168.1.254)
Subnetting in IPv6
IPv6 uses a 128-bit address and does not require traditional subnetting like IPv4. However, prefix
length (e.g., /64, /48) determines the subnet division.
Subnetting Formula
To calculate the number of subnets and hosts per subnet:
 Number of Subnets: 2^borrowed bits
 Number of Hosts per Subnet: 2^(remaining host bits) - 2 (subtract 2 for network and
broadcast addresses)

Classless Inter Domain Routing (CIDR):

Classless Inter-Domain Routing (CIDR) is a method of IP address allocation and IP routing that
allows for more efficient use of IP addresses. CIDR is based on the idea that IP addresses can be
allocated and routed based on their network prefix rather than their class, which was the
traditional way of IP address allocation.
CIDR addresses are represented using a slash notation, which specifies the number of bits in the
network prefix. For example, an IP address of 192.168.1.0 with a prefix length of 24 would be
represented as 192.168.1.0/24. This notation indicates that the first 24 bits of the IP address are
the network prefix and the remaining 8 bits are the host identifier.
Several Advantages of the Traditional Class-Based Addressing System of CIDR
 Efficient use of IP addresses: CIDR allows for more efficient use of IP addresses by
allowing the allocation of IP addresses based on their network prefix rather than their class.
 Flexibility: CIDR allows for more flexible IP address allocation, as it allows for the
allocation of arbitrary-sized blocks of IP addresses.

Better routing: CIDR allows for better routing of IP traffic, as it allows routers to aggregate
IP addresses based on their network prefix, reducing the size of routing tables.
 Reduced administrative overhead: CIDR reduces administrative overhead by allowing
for the allocation and routing of IP addresses in a more efficient and flexible way.
 CIDR is a method of IP address allocation and routing that allows for more efficient use
of IP addresses and better routing of IP traffic. It has several advantages over the traditional
class-based addressing system, including greater flexibility, better routing, and reduced
administrative overhead.
Advantages of CIDR
 Efficient use of IP addresses: CIDR allows for more efficient use of IP addresses, which
is important as the pool of available IPv4 addresses continues to shrink.
 Flexibility: CIDR allows for more flexible allocation of IP addresses, which can be
important for organizations with complex network requirements.
 Better routing: CIDR allows for more efficient routing of IP traffic, which can lead to
better network performance. Reduced administrative overhead: CIDR reduces administrative
overhead by allowing for easier management of IP addresses and routing.
Features of CIDR:

1. No Fixed Address Classes:

o CIDR removes the rigid Class A, B, and C structure of IP addresses.
o Instead, it uses variable-length subnet masking (VLSM) to allocate IP addresses
more efficiently.
2. CIDR Notation:
o CIDR uses a prefix notation to represent the network and host portion of an IP
address.
o Example: 192.168.1.0/24
 The /24 means that the first 24 bits represent the network, and the
remaining 8 bits are for hosts.
3. Subnetting and Supernetting:
o Subnetting: Divides a larger network into smaller networks.
o Supernetting: Combines multiple smaller networks into a larger one (often used for
route aggregation).
4. Efficient IP Address Allocation:
o CIDR enables ISPs to allocate addresses in blocks (e.g., /22, /28) based on actual
needs rather than class-based restrictions.
5. Aggregation of Routing Tables:
o CIDR reduces the number of entries in routing tables by allowing multiple
networks to be represented by a single route (route summarization).
o Example: Instead of having separate routes for 192.168.0.0/24 and 192.168.1.0/24,
they can be combined into 192.168.0.0/23

Variable Length Subnet Mask (VLSM):

Variable Length Subnet Mask (VLSM) is a technique used in IP network design to create
subnets with different subnet masks. VLSM allows network administrators to allocate IP
addresses more efficiently and effectively, by using smaller subnet masks for subnets with fewer
hosts and larger subnet masks for subnets with more hosts.
In a traditional subnetting scheme, a fixed subnet mask is applied to all subnets in the network,
which can lead to inefficient use of IP addresses. For example, if a network has two subnets, one
with 10 hosts and another with 50 hosts, a traditional subnet mask of 255.255.255.0 would be
used for both subnets, which means that each subnet would have 254 available IP addresses.
This would result in wasted IP addresses for the smaller subnet.
VLSM allows network administrators to create subnets with different subnet masks to more
effectively utilize IP addresses. Using the example above, VLSM could be used to assign a
subnet mask of 255.255.255.128 to the smaller subnet with 10 hosts, which would provide 126
available IP addresses, and a subnet mask of 255.255.255.192 to the larger subnet with 50 hosts,
which would provide 62 available IP addresses.
VLSM is widely used in modern networks to create subnets of different sizes and to optimize
the use of IP addresses.
VLSM stands for Variable Length Subnet Mask where the subnet design uses more than one
mask in the same network which means more than one mask is used for different subnets of a
single class A, B, C or a network. It is used to increase the usability of subnets as they can be of
variable size. It is also defined as the process of subnetting of a subnet. Procedure of
implementing VLSM – In VLSM, subnets use block size based on requirement so subnetting is
required multiple times. Suppose there is an administrator that has four departments to manage.
These are sales and purchase department with 120 computers, development department with 50
computers, accounts department with 26 computers and management department with 5
computers. If the administrator has IP 192.168.1.0/24, department wise IPs can be allocated by
following these steps:
1. For each segment select the block size that is greater than or equal to the actual
requirement which is the sum of host addresses, broadcast addresses and network addresses.
Make a list of subnets

2. Arrange all the segments in descending order based on the block size that is from highest
to lowest requirement.
Sales and Purchase: 120
Development: 50
Accounts: 26
Management: 5
1. The highest IP available has to be allocated to highest requirement so the sales and
purchase department gets 192.168.1.0/25 which has 126 valid addresses that can easily be
available for 120 hosts. The subnet mask used is 255.255.255.128
2. The next segment requires an IP to handle 50 hosts. The IP subnet with network number
192.168.1.128/26 is the next highest which can be assigned to 62 hosts thus fulfilling the
requirement of development department. The subnet mask used is 255.255.255.192
3. Similarly the next IP subnet 192.168.1.192/27 can fulfill the requirements of the
accounts department as it has 30 valid hosts IP which can be assigned to 26 computers. The
mask used is 255.255.255.224
4. The last segment requires 5 valid hosts IP which can be fulfilled by the subnet
192.168.1.224/29 which has the mask as 255.255.255.248 is chosen as per the requirement.
The IP with the mask 255.255.255.240 could be chosen but it has 14 valid host IPs and the
requirement is less in comparison so the one that is comparable with the requirement is
chosen. Thus there is less IP wastage in VLSM as compared to FLSM.
Features of VLSM:
1. Efficient IP Address Usage – Reduces wasted IP addresses by allocating only the
necessary number of addresses to each subnet.
2. Multiple Subnet Masks – Allows different subnet masks within the same network, unlike
traditional fixed-length subnetting.
3. Hierarchical Subnetting – Enables logical organization of a network with different subnet
sizes.
 4. Enhanced Network Scalability – Useful for large networks with varying subnet
requirements, such as ISPs and enterprise networks.

DHCP (Dynamic Host Configuration Protocol):

Dynamic Host Configuration Protocol is a network protocol used to automate the process of
assigning IP addresses and other network configuration parameters to devices (such as
computers, smartphones, and printers) on a network. Instead of manually configuring each
device with an IP address, DHCP allows devices to connect to a network and receive all
necessary network information, like IP address, subnet mask, default gateway, and DNS server
addresses, automatically from a DHCP server.
This makes it easier to manage and maintain large networks, ensuring devices can communicate
effectively without conflicts in their network settings. DHCP plays a crucial role in modern
networks by simplifying the process of connecting devices and managing network resources
efficiently.
Working of DHCP
DHCP works on the Application layer of the UDP Protocol. The main task of DHCP is to
dynamically assigns IP Addresses to the Clients and allocate information on TCP/IP
configuration to Clients. For more, you can refer to the Article Working of DHCP.
The DHCP port number for the server is 67 and for the client is 68. It is a client-server protocol
that uses UDP services. An IP address is assigned from a pool of addresses. In DHCP, the client
and the server exchange mainly 4 DHCP messages in order to make a connection, also called
the DORA process, but there are 8 DHCP messages in the process.

Working of DHCP

The 8 DHCP Messages

1. DHCP Discover Message: This is the first message generated in the communication process
between the server and the client. This message is generated by the Client host in order to
discover if there is any DHCP server/servers are present in a network or not. This message is
broadcasted to all devices present in a network to find the DHCP server. This message is 342 or
576 bytes long.
 DHCP Discover Message

As shown in the figure, the source MAC address (client PC) is 08002B2EAF2A, the destination
MAC address(server) is FFFFFFFFFFFF, the source IP address is 0.0.0.0(because the PC has
had no IP address till now) and the destination IP address is 255.255.255.255 (IP address used
for broadcasting). As they discover message is broadcast to find out the DHCP server or servers
in the network therefore broadcast IP address and MAC address is used.
2. DHCP Offers A Message: The server will respond to the host in this message specifying the
unleased IP address and other TCP configuration information. This message is broadcasted by
the server. The size of the message is 342 bytes. If there is more than one DHCP server present
in the network then the client host will accept the first DHCP OFFER message it receives. Also,
a server ID is specified in the packet in order to identify the server.

DHCP Offer Message

Now, for the offer message, the source IP address is 172.16.32.12 (server’s IP address in the
example), the destination IP address is 255.255.255.255 (broadcast IP address), the source MAC
address is 00AA00123456, the destination MAC address is 00:11:22:33:44:55 (client’s MAC
address). Here, the offer message is broadcast by the DHCP server therefore destination IP
address is the broadcast IP address and destination MAC address is 00:11:22:33:44:55 (client’s
MAC address)and the source IP address is the server IP address and the MAC address is the
server MAC address.
Also, the server has provided the offered IP address 192.16.32.51 and a lease time of 72
hours(after this time the entry of the host will be erased from the server automatically). Also,
the client identifier is the PC MAC address (08002B2EAF2A) for all the messages.
3. DHCP Request Message: When a client receives an offer message, it responds by
broadcasting a DHCP request message. The client will produce a gratuitous ARP in order to
find if there is any other host present in the network with the same IP address. If there is no
reply from another host, then there is no host with the same TCP configuration in the network
and the message is broadcasted to the server showing the acceptance of the IP address. A Client
ID is also added to this message.
 DHCP Request Message

Now, the request message is broadcast by the client PC therefore source IP address is 0.0.0.0(as
the client has no IP right now) and destination IP address is 255.255.255.255 (the broadcast IP
address) and the source MAC address is 08002B2EAF2A (PC MAC address) and destination
MAC address is FFFFFFFFFFFF.
Note – This message is broadcast after the ARP request broadcast by the PC to find out whether
any other host is not using that offered IP. If there is no reply, then the client host broadcast the
DHCP request message for the server showing the acceptance of the IP address and Other
TCP/IP Configuration.
4. DHCP Acknowledgment Message: In response to the request message received, the server
will make an entry with a specified client ID and bind the IP address offered with lease time.
Now, the client will have the IP address provided by the server.

Now the server will make an entry of the client host with the offered IP address and lease time.
This IP address will not be provided by the server to any other host. The destination MAC
address is 00:11:22:33:44:55 (client’s MAC address) and the destination IP address is
255.255.255.255 and the source IP address is 172.16.32.12 and the source MAC address is
00AA00123456 (server MAC address).
5. DHCP Negative Acknowledgment Message: Whenever a DHCP server receives a request
for an IP address that is invalid according to the scopes that are configured, it sends a DHCP
Nak message to the client. Eg-when the server has no IP address unused or the pool is empty,
then this message is sent by the server to the client.
6. DHCP Decline: If the DHCP client determines the offered configuration parameters are
different or invalid, it sends a DHCP decline message to the server. When there is a reply to the
gratuitous ARP by any host to the client, the client sends a DHCP decline message to the server
showing the offered IP address is already in use.
7. DHCP Release: A DHCP client sends a DHCP release packet to the server to release the IP
address and cancel any remaining lease time.
8. DHCP Inform: If a client address has obtained an IP address manually then the client uses
DHCP information to obtain other local configuration parameters, such as domain name. In
reply to the DHCP inform message, the DHCP server generates a DHCP ack message with a
local configuration suitable for the client without allocating a new IP address. This DHCP ack
message is unicast to the client.

Features of DHCP:
 Automatic IP Address Assignment: Eliminates the need for manually configuring each
device.
 IP Lease System: Assigns IPs temporarily; after lease expiration, the client must renew the
address.
 Subnet Mask, Default Gateway, and DNS Configuration: Along with IP addresses, DHCP
also provides network parameters.
 Prevention of IP Conflicts: Ensures each device gets a unique IP address

Address Resolution Protocol (ARP):

ARP (Address Resolution Protocol) is an important protocol that plays an important role in the
networking world. When working with your network systems, this protocol helps to identify
specified network devices and find their addresses. Its main purpose is to duly transport data
packets over the network, allowing them to move between devices connected to network.
ARP stands for “Address Resolution Protocol”. It is a network protocol used to determine the
MAC address (hardware address) from any IP address.
In other words, ARP is used to mapping the IP Address into MAC Address. When one device
wants to communicate with another device in a LAN (local area network) network, the ARP
protocol is used.
This protocol is used when a device wants to communicate with another device over a local area
network or Ethernet.
ARP protocol finds the MAC address based on IP address. IP address is used to communicate
with any device at the application layer. But to communicate with a device at the data link layer
or to send data to it, a MAC address is required.
When data is sent to a local host, the data travels between networks via IP address. But to reach
that host in LAN, it needs the MAC address of that host. In this situation the address resolution
protocol plays an important role.

Types of ARP
There are four types of ARP protocol they are as follows:-
1. Proxy ARP
2. Gratuitous ARP
3. Reverse ARP
4. Inverse ARP
1. Proxy ARP
This is a technique through which proxy ARP in a network can answer ARP queries of IP
addresses that are not in that network. That is, if we understand it in simple language, the Proxy
server can also respond to queries of IP-address of other networks.
Through this we can fool the other person because instead of the MAC address of the
destination device, the MAC address of the proxy server is used and the other person does not
even know.
2. Gratuitous ARP
This is an arp request of a host, which we use to check duplicate ip-address. And we can also
use it to update the arp table of other devices. That is, through this we can check whether the
host is using its original IP-address, or is using a duplicate IP-address.
This is a very important ARP. Which proves to be very helpful in protecting us from the wrong
person, and by using it we can check the ip-address.
3. Reverse ARP
This is also a networking protocol, which we can use through client computer. That is, it is used
to obtain information about one's own network from the computer network. That is, if
understood in simple language, it is a TCP/IP protocol which we use to obtain information about
the IP address of the computer server.
That is, to know the IP address of our computer server, we use Reverse ARP, which works
under a networking protocol.
4. Inverse ARP (InARP)
Inverse ARP, it is the opposite of ARP, that is, we use it to know the IP address of our device
through MAC Address, that is, it is such a networking technology, through this we convert
MAC Address into IP address. Can translate. It is mainly used in ATM machines.

ARP Protocol Works:

Below is a Working flow diagram of ARP Protocol

Below is the working of address resolution protocol is being explained in some steps :-
 When a sender wants to communicate with a receiver, the sender first checks its ARP
cache. Sender checks whether the receiver's MAC address is already present in the ARP
cache or not?
 If the receiver's MAC address is already present in the ARP cache, the sender will
communicate with the receiver using that MAC address.
 If the MAC address of the receiver device is not already present in the ARP cache, then
in such a situation an ARP request message is prepared by the sender device.This message
contains the MAC address of the sender, IP address of the sender and IP address of the
receiver. The field containing the MAC address of the receiver is left blank because it is
being searched.
 Sender device broadcasts this ARP request message in the LAN. Because this is a
broadcast message, every device connected to the LAN receives this message.
 All devices match the receiver IP address of this request message with their own IP
address. Devices whose IP address does not match drop this request message.
 The device whose IP address matches the receiver IP address of this request message
receives this message and prepares an ARP reply message. This is a unicast message which
is sent only to the sender.
 In ARP reply message, the sender's IP address and MAC address are used to send the
reply message. Besides, in this message the receiver also sends its IP address and MAC
address.
 As soon as the sender device receives this ARP reply message, it updates its ARP cache
with the new information (Receiver's MAC address). Now the MAC address of the receiver
is present in the ARP cache of the sender. The sender can send and receive data without any
problem.
Advantages of ARP Protocol:
There are many Advantages of ARP protocol but below we have told you about some important
advantages.
 By using this protocol we can easily find out the MAC Address of the device.
 There is no need to configure the end nodes at all to extract the MAC address through
this protocol.
 Through this protocol we can easily translate IP address into MAC Address.
 There are four main types of this protocol. Which we can use in different ways, and they
prove to be very helpful.

Network Address Translation (NAT):

Network Address Translation allows (NAT) multiple devices to use the same public IP address
and access the Internet.
 Which is very less considering the number of IPv4 devices connected to the Internet?
 The idea of NAT saves from IP address exhaustion. One public IP address is needed to
access the Internet but we can use multiple IP addresses in our private network and access
the internet from different devices and same IP address. To achieve this, a private IP address
must be translated into a public IP address.
Network Address Translation (NAT) is a process in which one or more local IP addresses are
translated into one or more Global IP addresses and vice versa to provide Internet access to the
local hosts. It also does the translation of port numbers, i.e., masks the port number of the host
with another port number in the packet that will be routed to the destination. It then makes the
corresponding entries of IP address and port number in the NAT table. NAT generally operates
on a router or firewall.

Working of Network Address Translation (NAT)

Generally, the border router is configured for NAT i.e. the router which has one interface in the
local (inside) network and one interface in the global (outside) network. When a packet traverse
outside the local (inside) network, then NAT converts that local (private) IP address to a global
(public) IP address. When a packet enters the local network, the global (public) IP address is
converted to a local (private) IP address.
If NAT runs out of addresses, i.e., no address is left in the pool configured then the packets will
be dropped and an Internet Control Message Protocol (ICMP) host unreachable packet to the
destination is sent.
Types of Network Address Translation (NAT)
There are 3 ways to configure NAT:
Static NAT
In this, a single unregistered (Private) IP address is mapped with a legally registered (Public) IP
address i.e one-to-one mapping between local and global addresses. This is generally used for
Web hosting. These are not used in organizations as there are many devices that will need
Internet access and to provide Internet access, a public IP address is needed.
Suppose, if there are 3000 devices that need access to the Internet, the organization has to buy
3000 public addresses that will be very costly.
Dynamic NAT
In this type of NAT, an unregistered IP address is translated into a registered (Public) IP address
from a pool of public IP addresses. If the IP address of the pool is not free, then the packet will
be dropped as only a fixed number of private IP addresses can be translated to public addresses.
Suppose, if there is a pool of 2 public IP addresses then only 2 private IP addresses can be
translated at a given time. If 3rd private IP address wants to access the Internet then the packet
will be dropped therefore many private IP addresses are mapped to a pool of public IP
addresses. NAT is used when the number of users who want to access the Internet is fixed. This
is also very costly as the organization has to buy many global IP addresses to make a pool.
Port Address Translation (PAT)
This is also known as NAT overload. In this, many local (private) IP addresses can be translated
to a single registered IP address. Port numbers are used to distinguish the traffic i.e., which
traffic belongs to which IP address. This is most frequently used as it is cost-effective as
thousands of users can be connected to the Internet by using only one real global (public) IP
address.
Advantages of NAT
 NAT conserves legally registered IP addresses.
 It provides privacy as the device’s IP address, sending and receiving the traffic, will be
 hidden.
 Eliminates address renumbering when a network evolves.

Internet Control Message Protocol (ICMP):

Internet Control Message Protocol is known as ICMP. The protocol is at the network layer. It is
mostly utilized on network equipment like routers and is utilized for error handling at the
network layer. Since there are various kinds of network layer faults, ICMP can be utilized to
report and troubleshoot these errors.
It depends on Internet Control Message Protocol(ICMP) to provide error control. In this article,
we are going to discuss ICMP in detail along with their uses, messages, etc.
ICMP is used for reporting errors and management queries. It is a supporting protocol and is
used by network devices like routers for sending error messages and operations information. For
example, the requested service is not available or a host or router could not be reached.
Since the IP protocol lacks an error-reporting or error-correcting mechanism, information is
communicated via a message. For instance, when a message is sent to its intended recipient, it
may be intercepted along the route from the sender. The sender may believe that the
communication has reached its destination if no one reports the problem. If a middleman reports
the mistake, ICMP helps in notifying the sender about the issue. For example, if a message can’t
reach its destination, if there’s network congestion, or if packets are lost, ICMP sends back
feedback about these issues. This feedback is essential for diagnosing and fixing network
problems, making sure that communication can be adjusted.
Uses of ICMP:
ICMP is used for error reporting if two devices connect over the internet and some error occurs,
So, the router sends an ICMP error message to the source informing about the error. For
Example, whenever a device sends any message which is large enough for the receiver, in that
case, the receiver will drop the message and reply to the ICMP message to the source.
Another important use of ICMP protocol is used to perform network diagnosis by making use of
traceroute and ping utility.
Traceroute: Traceroute utility is used to know the route between two devices connected over
the internet. It routes the journey from one router to another, and a traceroute is performed to
check network issues before data transfer.
Ping: Ping is a simple kind of traceroute known as the echo-request message, it is used to
measure the time taken by data to reach the destination and return to the source, these replies are
known as echo-replies messages.

ICMP Work:
ICMP is the primary and important protocol of the IP suite, but ICMP isn’t associated with any
transport layer protocol (TCP or UDP) as it doesn’t need to establish a connection with the
destination device before sending any message as it is a connectionless protocol.
The working of ICMP is just contrasting with TCP, as TCP is a connection-oriented protocol
whereas ICMP is a connectionless protocol. Whenever a connection is established before the
message sending, both devices must be ready through a TCP Handshake.
ICMP packets are transmitted in the form of datagrams that contain an IP header with ICMP
data. ICMP datagram is similar to a packet, which is an independent data entity.

ICMP Packet Format:

ICMP header comes after IPv4 and IPv6 packet header.

ICMPv4 Packet Format

In the ICMP packet format, the first 32 bits of the packet contain three fields:
Type (8-bit): The initial 8-bit of the packet is for message type, it provides a brief description
of the message so that receiving network would know what kind of message it is receiving and
how to respond to it. Some common message types are as follows:
 Type 0 – Echo reply
 Type 3 – Destination unreachable
 Type 5 – Redirect Message
 Type 8 – Echo Request
 Type 11 – Time Exceeded
 Type 12 – Parameter problem
Code (8-bit): Code is the next 8 bits of the ICMP packet format, this field carries some
additional information about the error message and type.
Checksum (16-bit): Last 16 bits are for the checksum field in the ICMP packet header.
The checksum is used to check the number of bits of the complete message and enable the
ICMP tool to ensure that complete data is delivered.
The next 32 bits of the ICMP Header are Extended Header which has the work of pointing out
the problem in IP Message. Byte locations are identified by the pointer which causes the
problem message and receiving device looks here for pointing to the problem.
The last part of the ICMP packet is Data or Payload of variable length. The bytes included in
IPv4 are 576 bytes and in IPv6, 1280 bytes.

Advantages of ICMP:
 Network devices use ICMP to send error messages, and administrators can use the Ping
and Tracert commands to debug the network.
 These alerts are used by administrators to identify issues with network connectivity.
 A prime example is when a destination or gateway host notifies the source host via an
ICMP message if there is a problem or a change in network connectivity that needs to be
reported. Examples include when a destination host or networking becomes unavailable,
when a packet is lost during transmission, etc.
 Furthermore, network performance and connection monitoring tools commonly employ
ICMP to identify the existence of issues that the network team has to resolve.
 One quick and simple method to test connections and find the source is to use the ICMP
protocol.

Concept of Software defined networking (SDN):

Software defined networking (SDN) is an approach to network management that enables
dynamic, programmatically efficient network configuration to improve network performance
and monitoring. It is a new way of managing computer networks that makes them easier and
more flexible to control.
In traditional networks, the hardware (like routers and switches) decides how data moves
through the network, but SDN changes this by moving the decision-making to a central software
system. This is done by separating the control plane (which decides where traffic is sent) from
the data plane (which moves packets to the selected destination).

SDN Architecture:
In a traditional network, each switch has its own control plane and data plane. Switches
exchange topology information to build a forwarding table that decides where to send data
packets. In Software-Defined Networking (SDN), the control plane is removed from switches
and assigned to a centralized SDN controller. This allows network administrators to manage
traffic from a single console instead of configuring each switch individually.
The data plane remains in the switch, forwarding packets based on flow tables set by the
controller. These tables contain match fields (like input port and packet header) and instructions
(forward, drop, or modify packets). If a packet doesn’t match any entry, the switch contacts the
controller, which provides a new flow entry to decide the packet’s path. A typical SDN
architecture consists of three layers.

SDN Architecture

 Application Layer: It contains the typical network applications like intrusion

detection, firewall, and load balancing.
 Control Layer: It consists of the SDN controller which acts as the brain of the network.
It also allows hardware abstraction to the applications written on top of it.
 Infrastructure Layer: This consists of physical switches which form the data plane and
carries out the actual movement of data packets.
The layers communicate via a set of interfaces called the north-bound APIs(between the
application and control layer) and southbound APIs(between the control and infrastructure
layer).
Different Models of SDN:
There are several models, which are used in SDN:
 Open SDN
 SDN via APIs
 SDN via Hypervisor-based Overlay Network
 Hybrid SDN
Open SDN
Open SDN is implemented using the OpenFlow switch. It is a straight forward implementation
of SDN. In Open SDN, the controller communicates with the switches using south-bound API
with the help of OpenFlow protocol.

Open SDN
SDN via APIs
In SDN via API, the functions in remote devices like switches are invoked using conventional
methods like SNMP or CLI or through newer methods like Rest API. Here, the devices are
provided with control points enabling the controller to manipulate the remote devices using
APIs.
SDN via Hypervisor-based Overlay Network
In SDN via the hypervisor, the configuration of physical devices is unchanged. Instead,
Hypervisor based overlay networks are created over the physical network. Only the devices at
the edge of the physical network are connected to the virtualized networks, thereby concealing
the information of other devices in the physical network.

SDN via Hypervisor

Hybrid SDN
Hybrid Networking is a combination of Traditional Networking with software-defined
networking in one network to support different types of functions on a network.

Advantages of SDN:
 The network is programmable and hence can easily be modified via the controller rather
than individual switches.
 Switch hardware becomes cheaper since each switch only needs a data plane.
 Hardware is abstracted, hence applications can be written on top of the controller
independent of the switch vendor.
 Provides better security since the controller can monitor traffic and deploy security
policies. For example, if the controller detects suspicious activity in network traffic, it can
reroute or drop the packets.