Chapter 4

Network Layer
 If you use these slides (e.g., in a class) that you mention their source
(after all, we’d like people to use our book!)
 If you post any slides on a www site, that you note that they are
adapted from (or perhaps identical to) our slides, and note our
copyright of this material.

For a revision history, see the slide note for this page.

Thanks and enjoy! JFK/KWR

All material copyright 1996-2020

J.F Kurose and K.W. Ross, All Rights Reserved

Computer Networking: A
A note on the use of these PowerPoint slides:
We’re making these slides freely available to all (faculty, students, Top-Down Approach
readers). They’re in PowerPoint form so you see the animations; and 8th edition
can add, modify, and delete slides (including this one) and slide content Jim Kurose, Keith Ross
to suit your needs. They obviously represent a lot of work on our part. Pearson, 2020
In return for use, we only ask the following:
Network-layer services and protocols
 transport segment from sending to mobile network

receiving host national or global ISP

• sender: encapsulates segments into

datagrams, passes to link layer application
transport
• receiver: delivers segments to transport network
link
layer protocol physical
network network
link

 network layer protocols in every Internet

link
physical physical

device: hosts, routers network

link network

 routers: physical link

physical network
link datacenter
network
• examines header fields in all IP
physical

datagrams passing through it application

transport
• moves datagrams from input ports to enterprise
network
link
output ports to transfer datagrams along network physical

end-end path Network Layer: 4-2

Two key network-layer functions
network-layer functions: analogy: taking a trip
 forwarding: move packets from  forwarding: process of getting
a router’s input link to through single interchange
appropriate router output link  routing: process of planning trip
 routing: determine route taken from source to destination
by packets from source to
destination
• routing algorithms

forwarding

routing
Network Layer: 4-3
Network Layer: Internet
host, router network layer functions:

transport layer: TCP, UDP

Path-selection
IP protocol
• datagram format
algorithms: • addressing
network implemented in • packet handling conventions
• routing protocols forwarding
layer (OSPF, BGP) table ICMP protocol
• error reporting
• router “signaling”

link layer

physical layer

Network Layer: 4-4

 IP Datagram format
32 bits
IP protocol version number type of total datagram
ver head. length length (bytes)
header length(bytes) len service
fragment fragmentation/
“type” of service: 16-bit identifier flgs
 diffserv (0:5) offset reassembly
time to upper header
 ECN (6:7) header checksum
live layer checksum
TTL: remaining max hops source IP address 32-bit source IP address
(decremented at each router)
Maximum length: 64K bytes
destination IP address 32-bit destination IP address
upper layer protocol (e.g., TCP or UDP) Typically: 1500 bytes or less
options (if any) e.g., timestamp, record
overhead route taken
 20 bytes of TCP payload data
 20 bytes of IP (variable length,
 = 40 bytes + app typically a TCP
layer overhead for or UDP segment)
TCP+IP
Network Layer: 4-5
IP addressing: introduction
223.1.1.1

 IP address: 32-bit identifier 223.1.2.1

associated with each host or 223.1.1.2
router interface 223.1.1.4 223.1.2.9

 interface: connection between 223.1.1.3

223.1.3.27

host/router and physical link 223.1.2.2

• router’s typically have multiple

interfaces 223.1.3.1 223.1.3.2

• host typically has one or two

interfaces (e.g., wired Ethernet,
wireless 802.11) dotted-decimal IP address notation:
223.1.1.1 = 11011111 00000001 00000001 00000001

223 1 1 1
Network Layer: 4-6
Subnets
223.1.1.1

 What’s a subnet ? 223.1.2.1

• device interfaces that can 223.1.1.2

223.1.1.4 223.1.2.9
physically reach each other
without passing through an 223.1.1.3
223.1.3.27

intervening router 223.1.2.2

 IP addresses have structure:

• subnet part: devices in same subnet 223.1.3.1 223.1.3.2

have common high order bits

• host part: remaining low order bits network consisting of 3 subnets

Network Layer: 4-7

Subnets subnet 223.1.1.0/24
223.1.1.1 subnet 223.1.2.0/24

Recipe for defining subnets: 223.1.2.1

 detach each interface from its 223.1.1.2

223.1.1.4 223.1.2.9

host or router, creating

“islands” of isolated networks 223.1.1.3
223.1.3.27
223.1.2.2

 each isolated network is

subnet
called a subnet 223.1.3.0/24 223.1.3.1 223.1.3.2

subnet mask: /24

(high-order 24 bits: subnet part of IP address)

Network Layer: 4-8

Subnets 223.1.1.2

subnet 223.1.1/24
223.1.1.1
 where are the 223.1.1.4

subnets? 223.1.1.3

 what are
223.1.9.2 223.1.7.0
the /24 subnet 223.1.9/24
subnet 223.1.7/24
subnet
addresses? 223.1.9.1 223.1.7.1
223.1.8.1 223.1.8.0

subnet 223.1.2/24 223.1.2.6 subnet 223.1.8/24 223.1.3.27

subnet 223.1.3/24
223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2

Network Layer: 4-9

IP addressing: CIDR
CIDR: Classless InterDomain Routing (pronounced “cider”)
• subnet portion of address of arbitrary length
• address format: a.b.c.d/x, where x is # bits in subnet portion
of address
subnet host
part part
11001000 00010111 00010000 00000000
200.23.16.0/23

Network Layer: 4-10

IP addresses: how to get one?
That’s actually two questions:
1. Q: How does a host get IP address within its network (host part of
address)?
2. Q: How does a network get IP address for itself (network part of
address)

How does host get IP address?

 DHCP: Dynamic Host Configuration Protocol: dynamically get address
from as server
• “plug-and-play”

Network Layer: 4-11

DHCP: Dynamic Host Configuration
Protocol
goal: host dynamically obtains IP address from network server when it
“joins” network
 can renew its lease on address in use
 allows reuse of addresses (only hold address while connected/on)
 support for mobile users who join/leave network

DHCP overview:
 host broadcasts DHCP discover msg [optional]
 DHCP server responds with DHCP offer msg [optional]
 host requests IP address: DHCP request msg
 DHCP server sends address: DHCP ack msg
Network Layer: 4-12
DHCP client-server scenario
Typically, DHCP server will be co-
DHCP server located in router, serving all subnets
223.1.1.1
223.1.2.1
to which router is attached

223.1.2.5
223.1.1.2
223.1.1.4 223.1.2.9

223.1.1.3
223.1.3.27 arriving DHCP client needs
223.1.2.2 address in this network

223.1.3.1 223.1.3.2

Network Layer: 4-13

DHCP client-server scenario
DHCP server: 223.1.2.5 DHCP discover Arriving client
src : 0.0.0.0, 68
Broadcast: is there a
dest.: 255.255.255.255,67
DHCPyiaddr:
server 0.0.0.0
out there?
transaction ID: 654

DHCP offer
src: 223.1.2.5, 67
Broadcast: I’m a DHCP
dest: 255.255.255.255, 68
server! Here’s an IP
yiaddr: 223.1.2.4
transaction ID: 654
address you can use
lifetime: 3600 secs
The two steps above can
DHCP request be skipped “if a client
src: 0.0.0.0, 68 remembers and wishes to
dest:: 255.255.255.255,
Broadcast: 67
OK. I would reuse a previously
yiaddr: 223.1.2.4 allocated network address”
like to transaction
use this ID:IP 655
address!
lifetime: 3600 secs
[RFC 2131]

DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
Broadcast: OK. You’ve
yiaddr: 223.1.2.4
got that IPID:
transaction address!
655
lifetime: 3600 secs
Network Layer: 4-14
DHCP: more than IP addresses
DHCP can return more than just allocated IP address on
subnet:
 address of first-hop router for client
 name and IP address of DNS sever
 network mask (indicating network versus host portion of address)

Network Layer: 4-15

DHCP: example
DHCP DHCP  Connecting laptop will use DHCP
UDP
to get IP address, address of first-
DHCP
DHCP IP
DHCP Eth hop router, address of DNS server.
Phy
 DHCP REQUEST message encapsulated
DHCP

in UDP, encapsulated in IP, encapsulated

DHCP DHCP 168.1.1.1 in Ethernet
DHCP UDP
DHCP IP
DHCP Eth router with DHCP
 Ethernet frame broadcast (dest:
Phy server built into FFFFFFFFFFFF) on LAN, received at router
router running DHCP server

 Ethernet demux’ed to IP demux’ed,

UDP demux’ed to DHCP
Network Layer: 4-16
DHCP: example
DHCP DHCP  DCP server formulates DHCP ACK
DHCP UDP containing client’s IP address, IP
DHCP

DHCP
IP
Eth
address of first-hop router for client,
Phy name & IP address of DNS server

 encapsulated DHCP server reply

DHCP DHCP forwarded to client, demuxing up to
UDP
DHCP
DHCP IP
DHCP at client
DHCP Eth router with DHCP
DHCP
Phy server built into  client now knows its IP address, name
router and IP address of DNS server, IP
address of its first-hop router

Network Layer: 4-17

IP addresses: how to get one?
Q: how does network get subnet part of IP address?
A: gets allocated portion of its provider ISP’s address space
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

ISP can then allocate out its address space in 8 blocks:

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23
Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23
Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23
... ….. …. ….
Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

Network Layer: 4-18

Hierarchical addressing: route aggregation
hierarchical addressing allows efficient advertisement of
routing information:
Organization 0
200.23.16.0/23
Organization 1
“Send me anything
200.23.18.0/23 with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
beginning
199.31.0.0/16”

Network Layer: 4-19

IP addressing: last words ...
Q: how does an ISP get block of Q: are there enough 32-bit IP
addresses? addresses?
A: ICANN: Internet Corporation for  ICANN allocated last chunk of
Assigned Names and Numbers IPv4 addresses to RRs in 2011
http://www.icann.org/  NAT (next) helps IPv4 address
• allocates IP addresses, through 5 space exhaustion
regional registries (RRs) (who may
then allocate to local registries)  IPv6 has 128-bit address space
• manages DNS root zone, including
delegation of individual TLD (.com,
.edu , …) management

Network Layer: 4-20

 NAT: network address translation
NAT: all devices in local network share just one IPv4 address as
far as outside world is concerned
rest of local network (e.g., home
Internet network) 10.0.0/24

10.0.0.1
138.76.29.7 10.0.0.4

10.0.0.2

10.0.0.3

all datagrams leaving local network have datagrams with source or destination in
same source NAT IP address: 138.76.29.7, this network have 10.0.0/24 address for
but different source port numbers source, destination (as usual)
Network Layer: 4-21
NAT: network address translation
 all devices in local network have 32-bit addresses in a “private” IP
address space (10/8, 172.16/12, 192.168/16 prefixes) that can only
be used in local network
 advantages:
 just one IP address needed from provider ISP for all devices
 can change addresses of host in local network without notifying
outside world
 can change ISP without changing addresses of devices in local
network
 security: devices inside local net not directly addressable, visible
by outside world

Network Layer: 4-22

NAT: network address translation
implementation: NAT router must (transparently):
 outgoing datagrams: replace (source IP address, port #) of every
outgoing datagram to (NAT IP address, new port #)
• remote clients/servers will respond using (NAT IP address, new port
#) as destination address
 remember (in NAT translation table) every (source IP address, port #)
to (NAT IP address, new port #) translation pair
 incoming datagrams: replace (NAT IP address, new port #) in
destination fields of every incoming datagram with corresponding
(source IP address, port #) stored in NAT table
Network Layer: 4-23
 NAT: network address translation
NAT translation table
2: NAT router changes 1: host 10.0.0.1 sends
WAN side addr LAN side addr datagram to
datagram source address
from 10.0.0.1, 3345 to 138.76.29.7, 5001 10.0.0.1, 3345 128.119.40.186, 80
138.76.29.7, 5001, …… ……
updates table
S: 10.0.0.1, 3345
D: 128.119.40.186, 80
10.0.0.1
1
S: 138.76.29.7, 5001
2 D: 128.119.40.186, 80 10.0.0.4
10.0.0.2
138.76.29.7 S: 128.119.40.186, 80
D: 10.0.0.1, 3345
4
S: 128.119.40.186, 80 10.0.0.3
D: 138.76.29.7, 5001 3
3: reply arrives, destination
address: 138.76.29.7, 5001

Network Layer: 4-24

IP fragmentation/reassembly
 network links have MTU (max.
transfer size) - largest possible link-
fragmentation:
level frame

…
in: one large datagram
• different link types, different MTUs out: 3 smaller datagrams

 large IP datagram divided

(“fragmented”) within net reassembly
• one datagram becomes several
datagrams
• “reassembled” only at destination

…
• IP header bits used to identify, order
related fragments

Network Layer: 4-25

IP fragmentation/reassembly
example: length ID fragflag offset
=4000 =x =0 =0
 4000 byte datagram
 MTU = 1500 bytes one large datagram becomes
several smaller datagrams

1480 bytes in length ID fragflag offset

data field =1500 =x =1 =0

offset = length ID fragflag offset

1480/8 =1500 =x =1 =185

length ID fragflag offset

=1040 =x =0 =370

Network Layer: 4-26

Consider sending a 3000 byte datagram into a link that has an MTU of 500 bytes. How many
fragments are generated? What are their characteristics (i.e. what are the flags and offset
values for each

Assume that no optional fields of the IP header are in use (i.e. IP header is 20 bytes)
The original datagram was 3000 bytes, subtracting 20 bytes for header, that leaves 2980 bytes of data.
Assume the ID of the original packet is 'x'
With an MTU of 500 bytes, 500 - 20 = 480 bytes of data may be transmitted in each packet
Therefore, ceiling(2980 / 480) = 7 packets are needed to carry the data.
The packets will have the following characteristics (NOTE: offset is measured in 8 byte blocks, you
don't need to specify Total_len)

Packet 1: ID=x, Total_len=500, MF=1, Frag_offset=0

Packet 2: ID=x, Total_len=500, MF=1, Frag_offset=60
Packet 3: ID=x, Total_len=500, MF=1, Frag_offset=120
Packet 4: ID=x, Total_len=500, MF=1, Frag_offset=180
Packet 5: ID=x, Total_len=500, MF=1, Frag_offset=240
Packet 6: ID=x, Total_len=500, MF=1, Frag_offset=300
Packet 7: ID=x, Total_len=120, MF=0, Frag_offset=360

Network Layer: 4-27