Professional Documents
Culture Documents
Acn Chap 1
Acn Chap 1
Acn Chap 1
Class A 50 %
6.25 % Class B 25 %
6.25 % Class C
12.5 %
Fig. Address Space for IPv4
NOTATIONS
There are two prevalent notations to show an IPv4 address: binary notation and
dotted- decimal notation.
Binary Notation
In binary notation, the IPv4 address is displayed as 32 bits. Each octet is often
referred to as a byte. So it is common to hear an IPv4 address referred to as a 32-bit
address or a 4-byte address. The following is an example of an IPv4 address in binary
notation:
01110101 10010101 00011101 00000010
Dotted-Decimal Notation
To make the IPv4 address more compact and easier to read, Internet addresses are
usually written in decimal form with a decimal point (dot) separating the bytes. The
fol- lowing is the dotted-decimal notation of the above address:
117.149.29.2
Example
Find the error, if any, in the following IPv4 addresses.
a. 111.56.045.78
b. 221.34.7.8.20
c. 75.45.301.14
d. 11100010.23.14.67
Example
Find the error, if any, in the following IPv4 addresses.
a. 111.56.045.78
b. 221.34.7.8.20
c. 75.45.301.14
d. 11100010.23.14.67
Solution
a. There must be no leading zero (045).
b. There can be no more than four numbers in an IPv4 address.
c. Each number needs to be less than or equal to 255 (301 is outside this range).
d. A mixture of binary notation and dotted-decimal notation is not allowed.
Classfull Addressing
•IPv4 addressing, at its inception, used the concept of classes. This architecture is called classful
addressing.
•In classfull addressing, the address space is divided into five classes: A, B, C, D, and E. Each class
occupies some part of the address space which is fixed.
Identification, Flags, Fragment Offset: Used for handling fragmentation. (Discussed in detail later)
Options (variable width): Can be used to provide more functionality to the IP datagram
Fragmentation
The format and size (Maximum Transfer Unit) of the sent frame depend
on the protocol used by the physical network through which the frame is
going to travel.
E.g. As shown in table each protocol which is used to design a physical
network have its own MTU.
Table . Frame Size
To make the IPv4 protocol independent of the physical network, the designers decided to make the maximum length of
the IPv4 datagram equal to 65,535 bytes. This makes transmission more efficient if we use a protocol with an MTU of this
size. How- ever, for other physical networks, we must divide the datagram to make it possible to pass through these
networks. This is called fragmentation.
The second bit is called the do not fragment bit. If its value is 1, the machine must not fragment the datagram. If it cannot pass the
datagram through any available physical network, it discards the datagram and sends an ICMP error message to the source host
(see Chapter 21). If its value is 0, the datagram can be fragmented if necessary.
The third bit is called the more fragment bit. If its value is 1, it means the datagram is not the last fragment; there are more
fragments after this one. If its value is 0, it means this is the last or only fragment
Fragmentation-offset
This 13-bit field shows the relative position of this fragment with respect to the whole datagram. It is the offset of the data in the
original datagram measured in units of 8 bytes. Following Figure shows a datagram with a data size of4000 bytes fragmented into
three fragments.
Figure Detailed fragmentation example
IPv4 OPTIONS
The header of the IPv4 datagram is made of two parts: a fixed palt and a variable part. The fixed part is 20 bytes long and was discussed
in the previous section. The variable part comprises the options that can be a maximum of40 bytes. Options, as the name implies, are not
required for a datagram. They can be used for network testing and debugging.
Length
Option Name Description
(bytes)
1 End Of Options List An option containing just a single zero byte, used to mark the end of a list of options.
A “dummy option” used as “internal padding” to align certain options on a 32-bit boundary when
1 No Operation
required.
Variable Loose Source Route One of two options for source routing of IP datagrams. See below for an explanation.
This option allows the route used by a datagram to be recorded within the header for the datagram
itself. If a source device sends a datagram with this option in it, each router that “handles” the
datagram adds its IP address to this option. The recipient can then extract the list of IP addresses to
see the route taken by the datagram.
Variable Record Route
Note that the length of this option is set by the originating device. It cannot be enlarged as the
datagram is routed, and if it “fills up” before it arrives at its destination, only a partial route will be
recorded.
Variable Strict Source Route One of two options for source routing of IP datagrams. See below for an explanation.
This option is similar to the Record Route option. However, instead of each device that handles the
datagram inserting its IP address into the option, it puts in a timestamp, so the recipient can see
how long it took for the datagram to travel between routers.
Variable Timestamp
As with the Record Route option, the length of this option is set by the originating device and cannot
By: IMRAN SHAIKH
be enlarged by intermediate devices.
ICMP
The IP protocol has no error-reporting or error-correcting mechanism. What happens if something goes wrong?
The Internet Control Message Protocol (ICMP) has been designed to compensate for the above two deficiencies. It is a companion to the
IP protocol.
Types of Messages
ICMP messages are divided into two broad categories: error-reporting messages and query messages.
The error-reporting messages report problems that a router or a host (destination) may encounter when it processes an IP packet.
The query messages, which occur in pairs, help a host or a network manager get specific information from a router or another host. For
example, nodes can discover their neighbours. Also, hosts can discover and learn about routers on their network, and routers can help a
node redirect its messages.
Destination Unreachable
When a router cannot route a datagram or a host cannot deliver a datagram, the datagram is discarded and the router or the host
sends a destination-unreachable message back to the source host that initiated the datagram. Note that destination-unreachable
messages can be created by either a router or the destination host
Time Exceeded
Whenever a router decrements a datagram with a time-to-live value to zero, it discards the datagram and sends a time-exceeded
message to the original source.
When the final destination does not receive all of the fragments in a set time, it discards the received fragments and sends a time-
exceeded message to the original source.
Redirection Message
IP packet 1
RM
2
3 4
IP packet IP packet
•R1 will send a Redirection Message to Host A that Host A can send datagram directly to R2.
•A host usually starts with a small routing table that is gradually augmented and updated. One of the tools to accomplish this is the
redirection message.
Figure shows an example of checksum calculation for a simple echo-request message (see Figure 9.12). We randomly chose the
identifier to be 1 and the sequence number to be 9. The message is divided into 16-bit (2-byte) words. The words are added together
and the sum is complemented. Now the sender can put this value in the checksum field.
If a mobile computer, or mobile node, moves to a new network while keeping its IP address unchanged, its address does not reflect
the new point of attachment. Consequently, existing routing protocols cannot route datagrams to the mobile node correctly. In this
situation, you must reconfigure the mobile node with a different IP address representative of its new location, which is a cumbersome
Mobile IP solves this problem by allowing the mobile node to use two IP addresses: a fixed home address and a care-of address
Home Address: The “normal”, permanent IP address assigned to the mobile node. This is the address used by the device on its
home network, and the one to which datagram's intended for the mobile node are always sent.
Care-Of Address: A secondary, temporary address used by a mobile node while it is travelling away from its home network. It is a
normal 32-bit IP address in most respects, but is used only by Mobile IP for forwarding IP datagram's and for administrative functions.
Higher layers never use it, nor do regular IP devices when creating datagram's.
AGENTS
Home Agent (HA)–
Router on a mobile node's home network that intercepts datagrams destined for the mobile node, and delivers them through the care-
of address. The home agent also maintains current location information for the mobile node.
Agent Discovery
A Mobile Node discovers its Foreign and Home Agents during agent discovery.
Registration
The Mobile Node registers its current location with the Foreign Agent and Home Agent
during registration.
Tunneling
A reciprocal tunnel is set up by the Home Agent to the care-of address (current location of
the Mobile Node on the foreign network) to route packets to the Mobile Node as it roams.
VIRTUAL PRIVATE NETWORK (VPN)
“A VPN is a mechanism of employing encryption, authentication, and integrity protection so that we can
use a public network as if it is a private network.”
VPNArchitecture
Suppose an organization has two networks, Network 1 and Network 2, which are physically apart from
By: IMRAN SHAIKH
each other and we want to connect them using VPN approach. In such case we set up two firewalls, Firewall 1 and
Firewall 2.The encryption and decryption are performed by firewalls. Network 1 connects to the Internet via a firewall
named Firewall 1 and Network 2 connects to the Internet with its own firewall , Firewall 2.
Working
Let us assume that host X on Network 1 wants to send a data packet to host Y on Network 2.
1) Host X creates the packet, inserts its own IP address as the source address and the IP address of
host Y as the destination address.
2) The packet reaches Firewall 1. Firewall 1 now adds new headers to the packet. It changes the
source IP address of the packet from that of host X to its own address(i.e. IP address of Firewall 1,
F1).
Source IP Destination IP
3) It also changes the destination IP address of the packet from that of host Y to the IP address of
Firewall 2,F2.It also performs the packet encryption and authentication, depending on the settings
and sends the modified packet over the Internet
4) The packet reaches to firewall 2 over the Internet, via routers. Firewall 2 discards the outer
header and performs the appropriate decryption. It then takes a look at the plain text contents of
the packet and realizes that the packet is meant for host Y. It delivers the packet to host Y.
By: IMRAN SHAIKH