Unit 9

Classless Inter-Domain Routing (CIDR)

• Basically the method that ISPs (Internet Service

Providers) use to allocate an amount of
addresses to a company, a home
• Ex : 192.168.10.32/28
• The slash notation (/) means how many bits are
turned on (1s)
CIDR Values
 Determining Available Host Addresses
Network Host

172 16 0 0
N

16
15

10
14
13
12
11
9
8
7
6
5
4
3
2
1
10101100 00010000 00000000 00000000 1
00000000 00000001 2
00000000 00000011 3

...
...

...
11111111 11111101 65534
11111111 11111110 65535
11111111 11111111 65536
– 2
2N – 2 = 216 – 2 = 65534 65534
 IP Address Classes Exercise

Address Class Network Host

10.2.1.1

128.63.2.100

201.222.5.64

192.6.141.2

130.113.64.16

256.241.201.10
IP Address Classes Exercise Answers

Address Class Network Host

10.2.1.1 A 10.0.0.0 0.2.1.1

128.63.2.100 B 128.63.0.0 0.0.2.100

201.222.5.64 C 201.222.5.0 0.0.0.64

192.6.141.2 C 192.6.141.0 0.0.0.2

130.113.64.16 B 130.113.0.0 0.0.64.16

256.241.201.10 Nonexistent
Addressing Without Subnets

172.16.0.1 172.16.0.2 172.16.0.3 172.16.255.253 172.16.255.254

…...

172.16.0.0

• Network 172.16.0.0
Addressing with Subnets

172.16.3.0

172.16.4.0

172.16.1.0 172.16.2.0

• Network 172.16.0.0
 Subnet Mask Exercise

Address Subnet Mask Class Subnet

172.16.2.10 255.255.255.0

10.6.24.20 255.255.240.0

10.30.36.12 255.255.255.0
Subnet Mask Exercise Answers

Address Subnet Mask Class Subnet

172.16.2.10 255.255.255.0 B 172.16.2.0

10.6.24.20 255.255.240.0 A 10.6.16.0

10.30.36.12 255.255.255.0 A 10.30.36.0

 Broadcast Addresses

172.16.3.0

172.16.4.0

172.16.1.0

172.16.3.255 172.16.2.0
(Directed Broadcast)

255.255.255.255
(Local Network Broadcast)
X
172.16.255.255
(All Subnets Broadcast)
 Exercise
• 192.168.10.0
• /27

? – SNM
? – Block Size
?- Subnets
 Exercise
• /27

? – SNM – 224
? – Block Size = 256-224 = 32
?- Subnets

Subnets 10.0 10.32 10.64

FHID 10.1 10.33

LHID 10.30 10.62

Broadcast 10.31 10.63

 Exercise
• 192.168.10.0
• /30

? – SNM
? – Block Size
?- Subnets
 Exercise
• /30

? – SNM – 252
? – Block Size = 256-252 = 4
?- Subnets

Subnets 10.0 10.4 10.8

FHID 10.1 10.5

LHID 10.2 10.6

Broadcast 10.3 10.7

 Exercise
Mask Subnets Host
/26 ? ? ?
/27 ? ? ?
/28 ? ? ?
/29 ? ? ?
/30 ? ? ?
 Exercise
Mask Subnets Host
/26 192 4 62
/27 224 8 30
/28 240 16 14
/29 248 32 6
/30 252 64 2
 Exercise
192.168.10.54 /29
Mask ?
Subnet ?
Broadcast ?
 Exercise
192.168.10.130 /28
Mask ?
Subnet ?
Broadcast ?
 Exercise
192.168.10.193 /30
Mask ?
Subnet ?
Broadcast ?
 Exercise
192.168.1.100 /26
Mask ?
Subnet ?
Broadcast ?
 Exercise
192.168.20.158 /27
Mask ?
Subnet ?
Broadcast ?
 Class B
172.16.0.0 /19
Subnets ?
Hosts ?
Block Size ?
 Class B
172.16.0.0 /19
Subnets 23 = 8
Hosts 213 -2 = 8190
Block Size 256-224 = 32

Subnets 0.0 32.0 64.0 96.0

FHID 0.1 32.1 64.1 96.1

LHID 31.254 63.254 95.254 127.254

Broadcast 31.255 63.255 95.255 127.255

 Class B
172.16.0.0 /27
Subnets ?
Hosts ?
Block Size ?
 Class B
172.16.0.0 /27
Subnets 211 = 2048
Hosts 25 -2 = 30
Block Size 256-224 = 32

Subnets 0.0 0.32 0.64 0.96

FHID 0.1 0.33 0.65 0.97

LHID 0.30 0.62 0.94 0.126

Broadcast 0.31 0.63 0.95 0.127

 Class B
172.16.0.0 /23
Subnets ?
Hosts ?
Block Size ?
 Class B
172.16.0.0 /23
Subnets 27 = 128
Hosts 29 -2 = 510
Block Size 256-254 = 2

Subnets 0.0 2.0 4.0 6.0

FHID 0.1 2.1 4.1 6.1

LHID 1.254 3.254 5.254 7.254

Broadcast 1.255 3.255 5.255 7.255

 Class B
172.16.0.0 /24
Subnets ?
Hosts ?
Block Size ?
 Class B
172.16.0.0 /24
Subnets 28 = 256
Hosts 28 -2 = 254
Block Size 256-255 = 1

Subnets 0.0 1.0 2.0 3.0

FHID 0.1 1.1 2.1 3.1

LHID 0.254 1.254 2.254 3.254

Broadcast 0.255 1.255 2.255 3.255

 Class B
172.16.0.0 /25
Subnets ?
Hosts ?
Block Size ?
 Class B
172.16.0.0 /25
Subnets 29 = 512
Hosts 27 -2 = 126
Block Size 256-128 = 128

Subnets 0.0 0.128 1.0 1.128 2.0 2.128

FHID 0.1 0.129 1.1 1.129 2.1 2.129

LHID 0.126 0.254 1.126 1.254 2.126 2.254

Broadcast 0.127 0.255 1.127 1.255 2.127 2.255

 Find out Subnet and Broadcast Address

• 172.16.85.30/29
 Find out Subnet and Broadcast Address

• 172.30.101.62/23
 Find out Subnet and Broadcast Address

• 172.20.210.80/24
 Class A
10.0.0.0 /10
Subnets ?
Hosts ?
Block Size ?
 Class A
10.0.0.0 /10
Subnets 22 = 4
Hosts 222 -2 = 4194302
Block Size 256-192 = 64

Subnets 10.0 10.64 10.128 10.192

FHID 10.0.0.1 10.64.0.1 10.128.0.1 10.192.0.1

LHID 10.63.255.254 10.127.255.254 10.191.255.254 10.254.255.254

Broadcast 10.63.255.255 10.127.255.255 10.191.255.255 10.254.255.255

 Class A
10.0.0.0 /18
Subnets ?
Hosts ?
Block Size ?
 Class A
10.0.0.0 /18
Subnets 210 = 1024
Hosts 214 -2 = 16382
Block Size 256-192 = 64

Subnets 10.0.0.0 10.0.64.0 10.0.128.0 10.0.192.0

FHID 10.0.0.1 10.0.64.1 10.0.128.1 10.0.192.1

LHID 10.0.63.254 10.0.127.254 10.0.191.254 10.0.254.254

Broadcast 10.0.63.255 10.0.127.255 10.0.191.255 10.0.254.255

VLSM(Variable Length Subnet Mask)
• VLSM extends classic subnetting.
• VLSM is a process of breaking down subnets
into the smaller subnets, according to the
need of individual networks.
 VLSM
 An organization with a class C address and
needs to have 5 subnets with the following
number of hosts: 60, 60, 60, 30, 30.

 The site cannot use a subnet mask with only 2

bits in the subnet section because this allows
only 4 subnetworks each 62.
 Nor can the site use a subnet mask with 3 bits in
the subnet section because this allows 8
subnetworks each with 30 hosts.
 VLSM
 The router uses 2 different masks, one
applied after the other.
 It first uses the masks with 26 1s(11111111
11111111 11111111 11000000 or
255.255.255.192) to divide the network into 4
subnets.
 Then it applies the mask with 27 1s (11111111
11111111 11111111 11100000 or
255.255.255.224) to one of the subnets to
divide it into two smaller subnets.
Steps for VLSM
 Question
• If an ISP has a 200.1.1.0 Network, he wants to
give assign IPs to 5 customers who need 20,
12, 6, 25, 18 hosts.
– What should the subnet mask be?
– What is the address range in each subnet?
– Can it be done efficiently to conserve IP
addresses?
VLSM - example
 Supernetting
• Supernets are the opposite of Subnets in that
they combine multiple Class C networks into
blocks rather than dividing them into segments.
• When Subnetting, we borrow bits from the Host
ID portion, which increases the number of bits
used for the Network ID portion.
• With Supernetting we do exactly the opposite,
meaning we take the bits from the Network ID
portion and give them to the Host ID portion
 Supernet Masks
 A supernet mask is the reverse of the subnet
mask.
 In a supernet mask, we change some 1s in
the netid section to 0s.
 Example
• With the supernet mask of 255.255.252.0 we can
have 4 class C address combined into one
supernetwork.
• If we choose the first address to be X.Y.32.0, the other
three addresses are X.Y.33.0, X.Y.34.0, and X.Y.35.0.
• Whenever the router receives a packet, it applies the
supernet mask to the destination address and
compares the result to the lowest address. If the
result and the lowest address are the same, the
packet belongs to the supernet.
 Exercises
200.1.0.0/24
200.1.1.0/24
200.1.2.0/24
200.1.3.0/24
 Exercises
200.1.32.0/24
200.1.33.0/24
200.1.34.0/24
.
.
.
.
200.1.47.0/24
 Private IP
• Class A
– 10.0.0.0 to 10.255.255.255
• Class B
– 172.16.0.0 to 172.31.255.255
• Class C
– 192.168.0.0 to 192.168.255.255
 NAT: network address translation
rest of local network
Internet (e.g., home network)
10.0.0/24 10.0.0.1

10.0.0.4
10.0.0.2
138.76.29.7

10.0.0.3

all datagrams leaving local datagrams with source or

network have same single destination in this network
source NAT IP address: have 10.0.0/24 address for
138.76.29.7,different source source, destination (as usual)
port numbers
 NAT: network address translation

motivation: local network uses just one IP address

as far as outside world is concerned:
– range of addresses not needed from ISP: just one IP
address for all devices
– can change addresses of devices in local network
without notifying outside world
– can change ISP without changing addresses of
devices in local network
– devices inside local net not explicitly addressable,
visible by outside world (a security plus)
 NAT: network address translation
implementation: NAT router must:

– outgoing datagrams: replace (source IP address, port #) of

every outgoing datagram to (NAT IP address, new port #)
– remember (in NAT translation table) every (source IP
address, port #) to (NAT IP address, new port #)
translation pair

– incoming datagrams: replace (NAT IP address, new port #)

in dest fields of every incoming datagram with
corresponding (source IP address, port #) stored in NAT
table
 NAT: network address translation
NAT translation table 1: host 10.0.0.1
2: NAT router WAN side addr LAN side addr
changes datagram sends datagram to
source addr from 138.76.29.7, 5001 10.0.0.1, 3345 128.119.40.186, 80
10.0.0.1, 3345 to …… ……
138.76.29.7, 5001,
updates table S: 10.0.0.1, 3345
D: 128.119.40.186, 80
10.0.0.1
1
S: 138.76.29.7, 5001
2 D: 128.119.40.186, 80 10.0.0.4
10.0.0.2
138.76.29.7 S: 128.119.40.186, 80
D: 10.0.0.1, 3345
4
S: 128.119.40.186, 80
D: 138.76.29.7, 5001 3 10.0.0.3
4: NAT router
3: reply arrives changes datagram
dest. address: dest addr from
138.76.29.7, 5001 138.76.29.7, 5001 to 10.0.0.1, 3345
 ICMP
• The IP protocol has no error-reporting or error-
correcting mechanism
• Also lacks a mechanism for host and
management queries
• Internet Control Message Protocol (ICMP) has
been designed to compensate for the above two
deficiencies.
• Always reports error messages to the original
source
 Types of ICMP Messages
• Error Reporting Messages
– Report problems that a router or a host (destination)
may encounter when it processes an IP packet
• Query Messages
– occur in pairs, help a host or a network manager get
specific information from a router or another host
– For example, nodes can discover their neighbors
– Also, hosts can discover and learn about routers on
their network, and routers can help a node redirect its
messages
 Destination Unreachable
• When a router cannot route a datagram or a
host cannot deliver a datagram, the datagram
is discarded
• Router or the host sends a destination-
unreachable message back to the source host
that initiated the datagram
• Can be created by either a router or the
destination host.
 Source Quench
• Designed to add a kind of flow control to the IP
• When a router or host discards a datagram due to
congestion , it sends a source-quench message to
the sender of the datagram
• This message has two purposes
– First, it informs the source that the datagram has been
discarded
– Second, it warns the source that there is congestion
somewhere in the path and that the source should slow
down (quench) the sending process.
 Time Exceeded
• If there are errors in one or more routing tables, a
packet can travel in a loop or a cycle
• When the time-to-live value reaches 0, the router
discards the datagram
• When the datagram is discarded, a time-exceeded
message must be sent by the router to the original
source
• Is also generated when not all fragments that make up
a message arrive at the destination host within a
certain time limit.
 Parameter Problem
• Any ambiguity in the header part of a
datagram can Create serious problems
• If a router or the destination host discovers an
ambiguous or missing value in any field of the
datagram
– it discards the datagram
– sends a parameter-problem message back to the
source
Redirection
• No ICMP error message will be generated in
response to a datagram carrying an ICMP error
message.
• No ICMP error message will be generated for a
fragmented datagram that is not the first fragment.
• No ICMP error message will be generated for a
datagram having a multicast address.
• No ICMP error message will be generated for a
datagram having a special address such as 127.0.0.0
 Echo Request and Reply
• The echo-request and echo-reply messages
can be used to determine if there is
communication at the IP level.
• Also, it is proof that the intermediate routers
are receiving, processing, and forwarding IP
datagrams
 Timestamp Request and Reply
• Two machines (hosts or routers) can use the
timestamp request and timestamp reply
messages to determine the round-trip time
needed for an IP datagram to travel between
them
• It can also be used to synchronize the clocks in
two machines
 Address-Mask Request and Reply
• A host may know its IP address, but it may not know the
corresponding mask.
• For example, a host may know its IP address as 159.31.17.24,
but it may not know that the corresponding mask is /24.
– To obtain its mask, a host sends an address-mask-request message
to a router on the LAN.
– If the host knows the address of the router, it sends the request
directly to the router.
– If it does not know, it broadcasts the message.
– The router receiving the address-mask-request message responds
with an address-mask-reply message, providing the necessary mask
for the host.
 Router Solicitation and Advertisement
• A host broadcast (or multicast) a router-
solicitation message.
• The router or routers that receive the
solicitation message broadcast their routing
information using the router-advertisement
message
• A router can also periodically send router-
advertisement messages even if no host has
solicited.
IGMP(Internet Group Management Protocol)

• IGMP is a protocol that manages group

membership.
• The IGMP protocol gives the multicast routers
information about the membership status of
hosts (routers) connected to the network.
Position of IGMP in network layer
 Note:

IGMP is a group management protocol.

It helps a multicast router create and
update a list of loyal members related
to each router interface.
IGMP messages types
• Query
– General: Used to learn which groups have members on
an attached networks
– Special: Use to learn if specific group has any members
on an attached network
• Membership Report
– Is sent by host whenever it joins multicast group and
when responding to membership queries
• Leave Report
– Is sent when host leave the multicast group
 Hierarchical routing
• aggregate routers into gateway router:
regions, “autonomous • at “edge” of its own AS
systems” (AS) • has link to router in
• routers in same AS run another AS
same routing protocol
– “intra-AS” routing
protocol
– routers in different AS
can run different intra-
AS routing protocol
 Interconnected ASes

3c
3a 2c
3b 2a
AS3 2b
1c AS2
1a 1b
1d AS1
 forwarding table configured
by both intra- and inter-AS
routing algorithm
Intra-AS Inter-AS
Routing
algorithm
Routing
algorithm
 intra-AS sets entries
Forwarding
for internal dests
table  inter-AS & intra-AS
sets entries for
external dests
 Inter-AS tasks
 suppose router in AS1 AS1 must:
receives datagram 1. learn which dests are
destined outside of AS1: reachable through AS2,
 router should which through AS3
forward packet to 2. propagate this
gateway router, but reachability info to all
routers in AS1
which one?
job of inter-AS routing!
3c
3a
3b
AS3 2c other
1c 2a networks
other 1a 2b
networks 1b AS2
AS1 1d
 Intra-AS Routing
also known as interior gateway protocols (IGP)
most common intra-AS routing protocols:
 RIP: Routing Information Protocol
 OSPF: Open Shortest Path First
 IGRP: Interior Gateway Routing Protocol (Cisco
proprietary)
 OSPF (Open Shortest Path First)
• “open”: publicly available
• uses link state algorithm
– route computation using Dijkstra’s algorithm
• OSPF advertisement carries one entry per
neighbor
• advertisements flooded to entire AS
– carried in OSPF messages directly over IP
 OSPF Messages
• The hello message (type 1) is used by a router to
introduce itself to the neighbors and announce all
neighbors that it already knows.
• The database description message (type 2) is
normally sent in response to the hello message to
allow a newly joined router to acquire the full
LSDB.
• The linkstate request message (type 3) is sent by a
router that needs information about a specific LS.
• The link-state update message (type 4) is the
main OSPF message used for building the
LSDB.
• The link-state acknowledgment message (type
5) is used to create reliability in OSPF; each
router that receives a link-state update
message needs to acknowledge it.
 Working
• When a router starts, it first initializes the
routing protocol
• It then uses the OSPF’s handshaking Hello
Protocol to learn about each other, exchange
information and later perform pings with
neighbor routers to make certain the link
and/or router is up.
• Now the peer routers are considered to be
merely adjacent (part of synchronization-not
complete).
• The routers exchange information describing
their knowledge of the routing domain. This
information is called database description and
is placed in LSA messages.
• Using LSA messages the receiving router
knows if its LSDB is consistent with its peer’s
databases. If all is consistent the neighbor is
now defined as fully adjacent.
• A router periodically advertises its state (link
state) to detect dead routers in a timely
fashion.
• From this database each router calculates a
shortest path tree with itself the root.
• This shortest path tree in turn yields a routing
table for the protocol.
 OSPF “advanced” features (not in RIP)

• security: all OSPF messages authenticated (to

prevent malicious intrusion)
• multiple same-cost paths allowed (only one
path in RIP)
• for each link, multiple cost metrics for
different TOS(Type Of Service)
• integrated uni- and multicast support
• hierarchical OSPF in large domains.
 Internet inter-AS routing: BGP
• BGP (Border Gateway Protocol): the de facto inter-
domain routing protocol
– “glue that holds the Internet together”
• BGP provides each AS a means to:
– eBGP: obtain subnet reachability information from
neighboring ASs.
– iBGP: propagate reachability information to all AS-internal
routers.
– determine “good” routes to other networks based on
reachability information and policy.
• allows subnet to advertise its existence to rest of
Internet: “I am here”
 BGP basics
 BGP session: two BGP routers (“peers”) exchange BGP
messages:
 advertising paths to different destination network
 exchanged over semi-permanent TCP connections

• when AS3 advertises a prefix to AS1:

– AS3 promises it will forward datagrams towards that prefix
– AS3 can aggregate prefixes in its advertisement

3c
BGP
3a message
3b
AS3 2c other
1c 2a networks
other 1a 2b
networks 1b AS2
AS1 1d
BGP basics: distributing path information
 using eBGP session between 3a and 1c, AS3 sends prefix
reachability info to AS1.
 1c can then use iBGP do distribute new prefix info to all routers in AS1
 1b can then re-advertise new reachability info to AS2 over 1b-to-2a
eBGP session
 when router learns of new prefix, it creates entry for prefix in
its forwarding table.

eBGP session
3a iBGP session
3b
AS3 2c other
1c 2a networks
other 1a 2b
networks 1b AS2
AS1 1d
 BGP Messages
• Uses four types of messages for communication:
• Open Message
– To create a neighborhood relationship, a router running BGP
opens a TCP connection with a neighbor and sends an open
message.
• Update Message
– Is used by a router to withdraw destinations that have been
advertised previously, to announce a route to a new
destination, or both.
– It can only advertise one new destination in a single update
message.
• Keepalive Message
– The BGP peers that are running exchange
keepalive messages regularly (before their hold
time expires) to tell each other that they are alive.
• Notification
– A notification message is sent by a router
whenever an error condition is detected or a
router wants to close the session.
 IPv6: motivation
• initial motivation: 32-bit address space soon
to be completely allocated.
• additional motivation:
– header format helps speed processing/forwarding
– header changes to facilitate QoS

IPv6 datagram format:

– fixed-length 40 byte header
– no fragmentation allowed
 IPv6 datagram format
priority: identify priority among datagrams in flow
flow Label: identify datagrams in same “flow.”
next header: identify upper layer protocol for data

ver pri flow label

payload len next hdr hop limit
source address
(128 bits)
destination address
(128 bits)

data

32 bits
 Other changes from IPv4
• checksum: removed entirely to reduce
processing time at each hop
• options: allowed, but outside of header,
indicated by “Next Header” field
• ICMPv6: new version of ICMP
– additional message types, e.g. “Packet Too Big
 Transition from IPv4 to IPv6
• not all routers can be upgraded simultaneously
– no “flag days”
– how will network operate with mixed IPv4 and IPv6
routers?
• tunneling: IPv6 datagram carried as payload in
IPv4 datagram among IPv4 routers
IPv4 header fields IPv6 header fields
IPv4 payload
IPv4 source, dest addr IPv6 source dest addr
UDP/TCP payload

IPv6 datagram
IPv4 datagram
 Tunneling
A B IPv4 tunnel E F
connecting IPv6 routers
logical view:
IPv6 IPv6 IPv6 IPv6

A B C D E F
physical view:
IPv6 IPv6 IPv4 IPv4 IPv6 IPv6
 Tunneling
A B IPv4 tunnel E F
connecting IPv6 routers
logical view:
IPv6 IPv6 IPv6 IPv6

A B C D E F
physical view:
IPv6 IPv6 IPv4 IPv4 IPv6 IPv6

flow: X src:B src:B flow: X

src: A dest: E src: A
dest: F
dest: E
dest: F
Flow: X Flow: X
Src: A Src: A
data Dest: F Dest: F data

data data

A-to-B: E-to-F:
IPv6 B-to-C: B-to-C: IPv6
IPv6 inside IPv6 inside
IPv4 IPv4
 IPv6: adoption
• US National Institutes of Standards estimate
[2013]:
– ~3% of industry IP routers
– ~11% of US gov’t routers

• Long (long!) time for deployment, use

– 20 years and counting!
– think of application-level changes in last 20 years:
WWW, Facebook, …
– Why?