Diploma in Computer Engineering Fifth Semester (I Scheme) CO5I

Elective 1: Advance Computer Networks (22520)

Theory Paper (TH-ESE) : 70 marks
Test + Micro Project (TH-PA) : 30 marks
External (PR-ESE) : 25 marks
Term Work (PR-PA) : 25 marks
Total : 150 marks
Chapter 1 Network Layer and Protocols (8 marks)
1. IP Addressing
Address Space, Notations, Classfull Addressing, Classless Addressing, Network Address Translation
2. Internet Protocol
Datagram Format, Fragmentation , Options.
3. ICMPv4
 Messages, Debugging Tools, ICMP Checksum.
4. Mobile IP
Addressing, Agents, Three Phases, Inefficiency in Mobile IP.
5. Virtual Private Network VPN Technology.
IP Addressing
Address Space
• A protocol such as IPv4 that defines addresses has an address space. An address space is the total number of
addresses used by the protocol. If a protocol uses N bits to define an address, the address space is 2 Nbecause each
bit can have two different values (0 or 1) and N bits can have 2N values.
• IPv4 uses 32-bit addresses, which means that the address space is 232 or 4,294,967,296 (more than 4 billion).
• This means that, theoretically, if there were no restrictions, more than 4 billion devices could be connected to the
Internet.
• NOTE: We will see shortly that the actual number is much less because of the restrictions imposed on the
addresses.
 • IPv4 addresses may be between 0.0.0.1 – 255.255.255.255

Class A 50 %

6.25 % Class B 25 %

6.25 % Class C

12.5 %
Fig. Address Space for IPv4

NOTATIONS
There are two prevalent notations to show an IPv4 address: binary notation and
dotted- decimal notation.

Binary Notation
In binary notation, the IPv4 address is displayed as 32 bits. Each octet is often
referred to as a byte. So it is common to hear an IPv4 address referred to as a 32-bit
 address or a 4-byte address. The following is an example of an IPv4 address in binary
notation:
01110101 10010101 00011101 00000010

Dotted-Decimal Notation
To make the IPv4 address more compact and easier to read, Internet addresses are
usually written in decimal form with a decimal point (dot) separating the bytes. The
fol- lowing is the dotted-decimal notation of the above address:
117.149.29.2
Example
Find the error, if any, in the following IPv4 addresses.
a. 111.56.045.78
b. 221.34.7.8.20
c. 75.45.301.14
d. 11100010.23.14.67
 Example
Find the error, if any, in the following IPv4 addresses.
a. 111.56.045.78
b. 221.34.7.8.20
c. 75.45.301.14
d. 11100010.23.14.67

Solution
a. There must be no leading zero (045).
b. There can be no more than four numbers in an IPv4 address.
c. Each number needs to be less than or equal to 255 (301 is outside this range).
d. A mixture of binary notation and dotted-decimal notation is not allowed.
Classfull Addressing
•IPv4 addressing, at its inception, used the concept of classes. This architecture is called classful
addressing.
•In classfull addressing, the address space is divided into five classes: A, B, C, D, and E. Each class
occupies some part of the address space which is fixed.

Class Number of Blocks Block Size Application

A 128 16,777,216 Unicast

B 16384 65,536 Unicast

C 2,097,152 256 Unicast

D 1 268,435,456 Multicast
E 1 268,435.456 Reserved
Class less IP Addressing
In classless addressing, when an entity, small or large, needs to be connected to the
Internet, it is granted a block (range) of addresses.
 The size of the block (the number of addresses) varies based on the nature and size of the
entity
Restriction
To simplify the handling of addresses, the Internet authorities impose three restrictions
on classless address blocks:

1. The addresses in a block must be contiguous, one after another.

2. The number of addresses in a block must be a power of 2 ( 2, 4, 8, ... ).
3. The first address must be evenly divisible by the number of addresses
NETWORK ADDRESS TRANSLATION (NAT)
One of the main functions of NAT is to enable private IP networks to connect to the Internet. NAT replaces a private
IP address with a public IP address, translating the private addresses in the internal private network into legal,
routable addresses that can be used on the public Internet. As shown in diagram Step 1:
A host prepared a packet, with its own IP address (Private IP) using as Source IP address and yahoo.com IP address
as destination address. This packet is forwarded to default gateway router.
Step 2:
Default gateway router working as a NAT Device and consist a NAT Translation table using this table private IP
address of a internal host in packet is mapped and Public IP will be known.
Step 3:
Private IP in a packet replaced by Public IP.

Other functions of NAT include(Advantages):

•Security—Keeping internal IP addresses hidden discourages direct attacks.
•IP routing solutions—Overlapping IP addresses are not a problem when you use NAT.
NAT : Network Address Translation
IPv4 datagram format
IPv4 Datagram Header fields
VER (4 bits):
This 4-bit field defines the version ofthe IPv4 protocol. Currently the version is 4. However, version 6 (or IPng) may totally
replace version 4 in the future.
HLEN (4 bits):
This 4-bit field defines the total length of the datagram header in 4-byte words. This field is needed because the length of
the header is variable (between 20 and 60 bytes).
When there are no options, the header length is 20 bytes, and the value of this field is 5 (5 x 4 = 20). When the option field
is at its maximum size, the value of this field is 15 (15 x 4 = 60).
Total Length (16 bits):
Length in bytes of the datagram, including headers. Maximum datagram size is 65536 bytes.
Service Type (8 bits):
IETF has changed the interpretation and name of this 8-bit field. This field, previously called service type, is now called
differentiated services.
SERVICE TYPE:
First three bits denote PRECEDENCE(priority) of a packet. Ranging from 0 (000) to 7 (111) higher number have highest
priority. Packets having lowest priority discarded first in case of congestion.
Next 4 bits denotes service type. Description for these 4 bits shown in following table
Last one bit is not used.
Time to Live (8 bits):

The precedence subfield was part of version 4, but never used.

 Prevents a packet from traveling forever in a loop. Senders sets a value, that is decremented at each hop. If it reaches
zero, packet is discarded.
Protocol:
Defines the higher level protocol that uses the service of the IP layer
Header Checksum (16 bits): Datagram is discarded in case of mismatch in checksum
values
Source IP address (32 bits): Internet address of the sender.
Destination IP address (32 bits): Internet address of the destination.

Identification, Flags, Fragment Offset: Used for handling fragmentation. (Discussed in detail later)

Options (variable width): Can be used to provide more functionality to the IP datagram
Fragmentation
The format and size (Maximum Transfer Unit) of the sent frame depend
on the protocol used by the physical network through which the frame is
going to travel.
E.g. As shown in table each protocol which is used to design a physical
network have its own MTU.
Table . Frame Size

To make the IPv4 protocol independent of the physical network, the designers decided to make the maximum length of
the IPv4 datagram equal to 65,535 bytes. This makes transmission more efficient if we use a protocol with an MTU of this
 size. How- ever, for other physical networks, we must divide the datagram to make it possible to pass through these
networks. This is called fragmentation.

Fields Related to Fragmentation

The fields that are related to fragmentation and reassembly ofan IPv4 datagram are the identification, flags, and fragmentation
offset fields.
Identification
When a data- gram is fragmented, the value in the identification field is copied to all fragments. In other words, all
fragments have the same identification number, the same as the original datagram. The identification number helps the
destination in reassembling the datagram. Itknows that all fragments having the same identification value must be assembled
into one datagram.
Flags.
This is a 3-bit field.
The first bit is reserved.

The second bit is called the do not fragment bit. If its value is 1, the machine must not fragment the datagram. If it cannot pass the
datagram through any available physical network, it discards the datagram and sends an ICMP error message to the source host
(see Chapter 21). If its value is 0, the datagram can be fragmented if necessary.

The third bit is called the more fragment bit. If its value is 1, it means the datagram is not the last fragment; there are more
fragments after this one. If its value is 0, it means this is the last or only fragment
Fragmentation-offset
This 13-bit field shows the relative position of this fragment with respect to the whole datagram. It is the offset of the data in the
original datagram measured in units of 8 bytes. Following Figure shows a datagram with a data size of4000 bytes fragmented into
three fragments.
Figure Detailed fragmentation example
IPv4 OPTIONS
The header of the IPv4 datagram is made of two parts: a fixed palt and a variable part. The fixed part is 20 bytes long and was discussed
in the previous section. The variable part comprises the options that can be a maximum of40 bytes. Options, as the name implies, are not
required for a datagram. They can be used for network testing and debugging.
Length
Option Name Description
(bytes)
1 End Of Options List An option containing just a single zero byte, used to mark the end of a list of options.
A “dummy option” used as “internal padding” to align certain options on a 32-bit boundary when
1 No Operation
required.
Variable Loose Source Route One of two options for source routing of IP datagrams. See below for an explanation.
This option allows the route used by a datagram to be recorded within the header for the datagram
itself. If a source device sends a datagram with this option in it, each router that “handles” the
datagram adds its IP address to this option. The recipient can then extract the list of IP addresses to
see the route taken by the datagram.
Variable Record Route
Note that the length of this option is set by the originating device. It cannot be enlarged as the
datagram is routed, and if it “fills up” before it arrives at its destination, only a partial route will be
recorded.
Variable Strict Source Route One of two options for source routing of IP datagrams. See below for an explanation.
 This option is similar to the Record Route option. However, instead of each device that handles the
datagram inserting its IP address into the option, it puts in a timestamp, so the recipient can see
how long it took for the datagram to travel between routers.
Variable Timestamp
As with the Record Route option, the length of this option is set by the originating device and cannot
By: IMRAN SHAIKH
be enlarged by intermediate devices.
ICMP
The IP protocol has no error-reporting or error-correcting mechanism. What happens if something goes wrong?

The Internet Control Message Protocol (ICMP) has been designed to compensate for the above two deficiencies. It is a companion to the
IP protocol.

Types of Messages
ICMP messages are divided into two broad categories: error-reporting messages and query messages.
The error-reporting messages report problems that a router or a host (destination) may encounter when it processes an IP packet.

The query messages, which occur in pairs, help a host or a network manager get specific information from a router or another host. For
example, nodes can discover their neighbours. Also, hosts can discover and learn about routers on their network, and routers can help a
node redirect its messages.

General format of ICMP messages

By: IMRAN SHAIKH
ICMP Error Reporting Messages

Destination Unreachable
When a router cannot route a datagram or a host cannot deliver a datagram, the datagram is discarded and the router or the host
sends a destination-unreachable message back to the source host that initiated the datagram. Note that destination-unreachable
messages can be created by either a router or the destination host

By: IMRAN SHAIKH

 Source Quench
A source-quench message informs the source that a datagram has been discarded due to congestion in a router or the destination host.
The source must slow down the sending of datagrams until the congestion is relieved.

Time Exceeded
Whenever a router decrements a datagram with a time-to-live value to zero, it discards the datagram and sends a time-exceeded
message to the original source.
When the final destination does not receive all of the fragments in a set time, it discards the received fragments and sends a time-
exceeded message to the original source.
Redirection Message
IP packet 1

RM
2

3 4
IP packet IP packet

•R1 will send a Redirection Message to Host A that Host A can send datagram directly to R2.
•A host usually starts with a small routing table that is gradually augmented and updated. One of the tools to accomplish this is the
redirection message.

By: IMRAN SHAIKH

Parameter Problem
Any ambiguity in the header part of a datagram can Create serious problems as the data- gram travels through the Internet. If a
router or the destination host discovers an ambiguous or missing value in any field of the datagram, it discards the datagram and
sends a parameter-problem message back to the source.
QUERY MESSAGES (ICMP)
ECHO-REQUEST and REPLY
The echo-request and echo-reply messages can be used to determine if there is communication at the IP level.
Because ICMP messages are encapsulated in IP datagram's, the receipt of an echo-reply message by the machine that sent the echo
request is proof that the IP protocols in the sender and receiver are communicating with each other using the IP datagram.

TIMESTAMP REQUEST ANDREPLY

Two machines (hosts or routers) can use the timestamp request and timestamp reply messages to determine the round-trip time
needed for an IP datagram to travel between them.

ADDRESS-MASK REQUEST AND REPLY

To obtain its mask, a host sends an address-mask-request message to a router on the LAN . If the host knows the address of the
router, it sends the request directly to the router. If it does not know, it broadcasts the message. The router receiving the
addressmask-request message responds with an address-mask-reply message, providing the necessary mask for the host.

By: IMRAN SHAIKH

Router Solicitation and Advertisement
As we discussed in the redirection message section, a host that wants to send data to a host on another network needs to know the
address of routers connected to its own network. Also, the host must know if the routers are alive and functioning. The
routersolicitation and router-advertisement messages can help in this situation.
ICMP Checksum
Checksum is used to detect any occurrence of error in a message during transfer.

Figure shows an example of checksum calculation for a simple echo-request message (see Figure 9.12). We randomly chose the
identifier to be 1 and the sequence number to be 9. The message is divided into 16-bit (2-byte) words. The words are added together
and the sum is complemented. Now the sender can put this value in the checksum field.

By: IMRAN SHAIKH

 8&0 00001000 00000000
0 00000000 00000000
1 00000000 00000001
9 00000000 00001001
T&E 01010100 01000101
S&T 01010011 01010100
Sum 10101111 10100011
Checksum 01010000 01011100
MOBILE IP Addressing
Current versions of the Internet Protocol (IP) assume that the point at which a computer attaches to the Internet or a network is fixed
and its IP address identifies the network to which it is attached. Datagrams are sent to a computer based on the location information
contained in the IP address.

If a mobile computer, or mobile node, moves to a new network while keeping its IP address unchanged, its address does not reflect
the new point of attachment. Consequently, existing routing protocols cannot route datagrams to the mobile node correctly. In this
situation, you must reconfigure the mobile node with a different IP address representative of its new location, which is a cumbersome

By: IMRAN SHAIKH

 process. Thus, under the current Internet Protocol, if the mobile node moves without changing its address, it loses routing; but if it
does change its address, it loses connections.

Mobile IP solves this problem by allowing the mobile node to use two IP addresses: a fixed home address and a care-of address

Home Address: The “normal”, permanent IP address assigned to the mobile node. This is the address used by the device on its
home network, and the one to which datagram's intended for the mobile node are always sent.

Care-Of Address: A secondary, temporary address used by a mobile node while it is travelling away from its home network. It is a
normal 32-bit IP address in most respects, but is used only by Mobile IP for forwarding IP datagram's and for administrative functions.
Higher layers never use it, nor do regular IP devices when creating datagram's.

AGENTS
Home Agent (HA)–
Router on a mobile node's home network that intercepts datagrams destined for the mobile node, and delivers them through the care-
of address. The home agent also maintains current location information for the mobile node.

Foreign Agent (FA)–

Router on a mobile node's visited network that provides routing services to the mobile node while the mobile node is registered.

By: IMRAN SHAIKH

Mobile IP Packet Forwarding

By: IMRAN SHAIKH

THREE PHASES
This section explains how Mobile IP works. The Mobile IP process has three main phases, which are
discussed in the following sections.

Agent Discovery
A Mobile Node discovers its Foreign and Home Agents during agent discovery.
Registration
The Mobile Node registers its current location with the Foreign Agent and Home Agent
during registration.
Tunneling
A reciprocal tunnel is set up by the Home Agent to the care-of address (current location of
the Mobile Node on the foreign network) to route packets to the Mobile Node as it roams.
VIRTUAL PRIVATE NETWORK (VPN)
“A VPN is a mechanism of employing encryption, authentication, and integrity protection so that we can
use a public network as if it is a private network.”

VPNArchitecture
Suppose an organization has two networks, Network 1 and Network 2, which are physically apart from
By: IMRAN SHAIKH
each other and we want to connect them using VPN approach. In such case we set up two firewalls, Firewall 1 and
Firewall 2.The encryption and decryption are performed by firewalls. Network 1 connects to the Internet via a firewall
named Firewall 1 and Network 2 connects to the Internet with its own firewall , Firewall 2.

Working
Let us assume that host X on Network 1 wants to send a data packet to host Y on Network 2.
1) Host X creates the packet, inserts its own IP address as the source address and the IP address of
host Y as the destination address.

By: IMRAN SHAIKH

 IP of host X Actual Data IP of host Y

Source IP Destination IP address address

2) The packet reaches Firewall 1. Firewall 1 now adds new headers to the packet. It changes the
source IP address of the packet from that of host X to its own address(i.e. IP address of Firewall 1,

IP of Firewall 1 Step 1 Header + Actual Data IP of Firewall 2

F1).
Source IP Destination IP

By: IMRAN SHAIKH

 address address

3) It also changes the destination IP address of the packet from that of host Y to the IP address of
Firewall 2,F2.It also performs the packet encryption and authentication, depending on the settings
and sends the modified packet over the Internet

Firewall 1 IP IP of X Actual Data IP of Y Firewall 2 IP

ENCRYPTION & AUTHENTICATION
Source
IP Destination IP address address

4) The packet reaches to firewall 2 over the Internet, via routers. Firewall 2 discards the outer
header and performs the appropriate decryption. It then takes a look at the plain text contents of
the packet and realizes that the packet is meant for host Y. It delivers the packet to host Y.
By: IMRAN SHAIKH