Unit 5

18 March 2023 11:08

Functionalities of network layer:

Network Connection
When the Network layer receives a call request from the transport layer, it establishes a
network connection across the subnetwork. For this, it makes use of data link connections. The
end system's network layer interacts with the network layer of the subnetwork access point for
this purpose.

Routing
The Network Layer selects an appropriate route between source and destination device. This
route is either decided in the beginning or for each N-SDU, depending on the type of services.
The routing functions are facilitated by sub layering of the network layer.

Multiplexing
For optimum use of data link connections, many network connections are sometimes required
to be multiplexed on a single data-link connection. This is done by a network entity that can
multiplex several network connections on a data link connection, as shown in the figure.

Error Detection
The network layer uses error detection functions to ensure that the quality of service provided
over the network connection is maintained. Most of the errors are detected and corrected at
the data link layer. The residual errors, Network Layer, notifies any. It relies on the quality of
service provided, and the network layer incorporates the mechanism for error recovery.

Other Functions
The network service data unit is segmented at the network layer, and blocking is done to
produce a network protocol data unit (N-PDU). The delimiter of NSDU is preserved during
segmenting and blocking.
The process is shown in the figure. The network entity also carries out sequencing and flow
control of network service data units on request of the transport layer. At the request of the
transport layer, it can reset the network connection too.

From <https://www.tutorialspoint.com/what-are-the-functions-of-network-layer>

Network layer protocols

ARP
Address Resolution Protocol is one of the most important protocols of the
network layer in the OSI model which helps in finding the MAC(Media
Access Control) address given the IP address of the system i.e. the main duty
of the ARP is to convert the 32-bit IP address(for IPv4) to 48-bit address i.e.
the MAC address.

How does ARP work?

• At the network layer when the source wants to find out the MAC
address of the destination device it first looks for the MAC
address (Physical Address) in the ARP cache or ARP table. If present
there then it will use the MAC address from there for communication.

• If the MAC address is not present in the ARP table then the source
device will generate an ARP Request message. In the request message
the source puts its own MAC address, its IP address, destination IP
address and the destination MAC address is left blank since the source
is trying to find this.The source device will broadcast the ARP request
message to the local network.
• The broadcast message is received by all the other devices in the LAN
network. Now each device will compare the IP address of the
destination with its own IP address. If the IP address of destination
matches with the device's IP address then the device will send an ARP
Reply message. If the IP addresses do not match then the device will
simply drop the packet.
• The device whose IP address has matched with the destination IP
address in the packet will reply and send the ARP Reply message. This
ARP Reply message contains the MAC address of this device. The
destination device updates its ARP table and stores the MAC address of
the source as it will need to contact the source soon. Now, the source
becomes destination(target) for this device and the ARP Reply message
is sent.
• The ARP reply message is unicast and it is not broadcasted because the
source which is sending the ARP reply to the destination knows the
MAC address of the source device.
• When the source receives the ARP reply it comes to know about the
destination MAC address and it also updates its ARP cache. Now the
 packets can be sent as the source nows destination MAC address.

From <https://afteracademy.com/blog/what-is-arp-and-how-does-it-work/>

Internet Control Message Protocol (ICMP)

ICMP or Internet Control Message Protocol is one of the major protocols of
the TCP/IP. ICMP is a mechanism used by the host, routers, and gateways to
send error messages back to the sender. As the IP does not provide any
mechanism for error reporting and control, ICMP has been designed to
compensate for these deficiencies of the IP. However, it only reports the
error and doesn't correct the error .

The ICMP messages are divided into two categories:

1. Error Message
2. Query Message

From <https://afteracademy.com/blog/what-are-icmp-and-igmp-protocols/>

IPv4
IP version 4 is the older version. It uses 32 bits to create a single uniques
address on the internet. IPv4 is limited to 4,294,967,296 addresses
i.e. 2³² addresses. It consists of four numbers each of which can contain one
to three digits ranging from 0 to 255 separated by a single dot(.). Here, each
number is the decimal representation(base-10) for an 8 digit binary
number(base-2). These IP addresses pretty much guarantee that our emails
will come and go as expected, our google searches would take us to the
website where we want and so many other things that we do on the
internet.

Example of an IPv4 address: 63.171.234.171

IPv4 Packet Format

IPv4 datagram is a variable-length packet composed of the header(20 bytes)
and data(up to 65,536 bytes).

• Version: It defines the version number of IP which is 4 for this version.

Its length is 4 bits.
• Header length(HLEN): It shows the size of the header. Its length is 4
bits.
• DSCP: It stands for a differentiated services code field. It determines
how datagram should be handled. Its length is 8 bits.
• Total length: It tells the entire length of IP datagram. Its length is 16
bits.
• Identification: During transmission, if the data packet is fragmented
then this field is used to allocate the same number to each fragment
and so that it can be used for reconstructing the original packet. Its
length is 16 bits.
• Flags: It is used to handle fragmentation and it identifies the first,
middle or last fragment. Its length is 3 bits.
• Fragment offset: It represents the offset of data in the original data
stream. Its length is 13 bits.
• Time to leave(TTL): It tells the number of hops a datagram can travel
before it is abandoned. At each hop, the value of TTL is decreased by 1
and when it reaches 0, the packet is abandoned. Its length is 8 bits.
• Protocol: It tells which protocol is used for data transmitting i.e. TCP,
UDP, etc. TCP has protocol number 6 and UDP has protocol number 17.
Its length is 8 bits.
• Header Checksum: This is used for error-detection. Its length is 16 bits.
• Source IP address: It has the IP address of the source. The length is 32
bits.
• Destination IP address: It has the address of the destination. The length
is 32 bits.
• Options: It provides more functionality to IP datagram. It contains
information like routing, timing, management, etc.
IPv6
It is the replacement for IPv4. It uses 128 bits to create a uniques address.
This means that there can be theoretically 2¹²⁸uniques address i.e.
340,282,366,920,938,463,463,374,607,431,768,211,456 and this number
will never run out(at least in near future). It consists of eight groups of
hexadecimal numbers separated by a colon(:). The IPV4 version used
numerical values, so, IPv6 adopted the hexadecimal numbers to avoid any
conflict. If any group contains all zeros then the notation can be shortened
by using a colon to replace the zeroes.

Example of an IPv6 : adba:1925:0000:0000:0000:0000:8a2e:7334

In the above IP address, four groups contain only zeros. This zero can be
replaced by a colon and can be re-written as adba:1925::8a2e:7334.

IPv6 Packet Format

IPv6 datagram is a packet composed of the base header ( 40 bytes)
and payload (up to 65,536 bytes) Payload has extension header (optional)
and data packet .

The base header consists of the following fields:

• Version: It defines the version number of IP which is 6 here. Its length is

4 bits.
• Priority: It defines the priority of the packet. Its length is 4 bits.
 • Flow label: It helps in controlling the flow of data. The source device
labels to the data packets so that the router route the packet in
sequence efficiently. Its length is 24 bits.
• Payload length: It tells the entire length of the IP datagram except for
the base header. Its length is 16 bits.
• Next header: It denotes the presence of any extension headers or if is
not present then it denotes the protocol such as TCP or UDP.
• Hop limit: This works similarly as TTL as in IPv4. This is used to prohibit
the data to go in an infinite loop in the system. At each hop, the value of
TTL is decreased by 1 and when it reaches 0, the packet is abandoned.
Its length is 8 bits.
• Source address: It has the IP address of the source. The length is 128
bits.
• Destination address: It has the IP address of the destination. The length
is 128 bits.

Difference between IPv4 and IPv6

1. Size of IP address: IPv4 is a 32 bits address and IPv6 is a 128 bits
address.
2. Addressing Method: IPv4 uses a numeric( decimal ) addressing method.
The binary bits are separated by dots(.). It uses decimal representation.
The IPv6 uses alphanumeric addressing(alphabets and numbers)
method. The binary bits are separated by a colon(:). It
uses hexadecimal representation.
3. Address Space: IPv4 can generate 2³² address spaces. IPv6 can
generate 2¹²⁸ address spaces.
4. Address Configuration: IPv4 uses the DHCP server to allocate IP
addresses to the host or it is done manually. In IPv6 this is done by IPv6
Stateless Address Autoconfiguration . The general idea is to have a
 device generate a temporary address until it can determine the
characteristics of the network it is on, and then create a permanent
address it can use based on that information.
5. Mapping : IPV4 uses ARP to map IPv4 addresses to the MAC address.
IPv6 uses NDP (Neighbour Discovery Protocol)map IPv6 addresses to
MAC address.
6. Security: IPv4 security is dependent on the application. IPSEC (Internet
Protocol Security) is an inbuilt security feature of IPV6 protocol.
7. Encryption: In IPv4 encryption and authentication are not provided. In
IPv6 encryption and authentication are provided.
8. Packet Fragmentation: In IPv4, fragmentation is done
by sender and forwarding routers . In IPv6, fragmentation is done by
only sender routers. We can also say that IPv6 uses end-to-sender
fragmentation whereas the in IPv4 fragmentation can also be done by
the intermediate routers if the packet is larger.
9. Header Length: The header length of 20 bytes in IPv4 whereas the
header length is 40 bytes in IPv6.
10. Checksum Field: IPv4 uses the checksum field in the header format for
handling errors whereas the IPv6 doesn't have this filed.

From <https://afteracademy.com/blog/difference-between-ipv4-and-ipv6/>

Tcp connection establishment and release - 3 way handshake

What is a TCP 3-way handshake

process?
TCP 3-Way Handshake Process
The 3-Way Handshake process is the defined set of steps that takes place
in the TCP for creating a secure and reliable communication link and also
closing it. Actually, TCP uses the 3-way handshake process to establish a
connection between two devices before transmitting the data. After the
establishment of the connection, the data transfer takes place between the
devices. After which the connection needs to be terminated, which is also
done by using the 3-way handshake process. The secure and reliable
connection is established to reserve the CPU, buffer, and bandwidth of the
devices to communicate properly. Thus, it is a must to free these resources
by terminating the connection after data transmission. Hence, the TCP 3-
way handshake process can be used to establish and terminate connections
in the network in a secure way.

Below is the pictorial representation of the TCP header.

There are a few elements in the TCP header file which are used in the 3-
way handshake process, they are:

1. Sequence Number: Sequence number is a random 32 bits(in the range

of 0 to (2^32 -1)) number which is assigned to the first bit of the data.
Generally, a sequence number is used only once in one connection. For
other data transmission in the same connection, some other random
sequence number can be used.
2. Acknowledgement Number: It is the next sequence number that the
acknowledgement sending device expects from the sender. It is
generally, 1 greater than the sequence number received from the
sender.
3. Window Size: Window size is the buffer size. It is the capacity up to
which data can be received in the buffer.
4. Maximum Segment Size: It is the maximum acceptable size of each
data segment by the connected device. Above this size, the device will
not be able to receive the data segments.
5. SYN Flag: SYN stands for synchronization. It can be described as a
request for establishing a connection. If SYN is 1, it means that the
device wants to establish a secure connection, else not.
6. ACK Flag: ACK stands for acknowledgement. It can be described as the
response of SYN. If ACK is 1, the device has received the SYN message
 and acknowledges it, else not.
7. FIN Flag: FIN stands for Finished. After the data transmission has been
completed, devices have to terminate the connection using the FIN flag.
If FIN is 1, the device wants to terminate the connection, else not.
Below is the pictorial representation of the connection establishment using
the 3-way handshake process.

Following are the three steps involved in establishing the connection using
the 3-way handshake process in TCP:

1. The client sends the SYN to the server: When the client wants to
connect to the server. It sets the 'SYN' flag as 1 and sends the message
to the server. The message has also some additional information like
the sequence number(any random 32 bits number), the ACK is set here
to 0, the window size, and the maximum segment size. For Example, if
the window size is 2000 bits, and the maximum segment size is 200 bits
then a maximum of 10 data segments (2000/200 = 10) can be
transmitted in the connection.
2. The server replies with the SYN and the ACK to the client: After
receiving the client's synchronization request, the server sends an
acknowledge to the client by setting the ACK flag to '1'. The
acknowledgement number of the ACK is one more than the received
 sequence number. For Example, if the client has sent the SYN with
sequence number = 1000, then the server will send the ACK with
acknowledgement number = 10001. Also, the server sets the SYN flag to
'1' and sends it to the client, if the server also wants to establish the
connection. The sequence number used here for the SYN will be
different from the client's SYN. The server also advertises its window
size and maximum segment size to the client. After completion of this
step, the connection is established from the client to the server-side.
3. The client sends the ACK to the server: After receiving the SYN from the
server, the client sets the ACK flag to '1' and sends it with an
acknowledgement number 1 greater than the server's SYN sequence
number to the client. Here, the SYN flag is kept '0'. After completion of
this step, the connection is now established from the server to the
client-side also. After the connection is being established, the minimum
of the sender's and receiver's maximum segment size is taken under
consideration for data transmission.
Below is the pictorial representation of the connection termination using
the 3-way handshake process.

Following are the three steps involved in terminating the connection using
the 3-way handshake process in TCP:

1. The client sends the FIN to the server: When the client wants to
 terminate the connection. It sets the FIN flag as '1' and sends the
message to the server with a random sequence number. Here, the ACK
is set to 0.
2. The server replies with the FIN and the ACK to the client: After
receiving the client's termination request, the server sends an
acknowledge to the client by setting the ACK flag to '1'. The
acknowledgement number of the ACK is one more than the received
sequence number. For Example, if the client has sent the FIN with
sequence number = 1000, then the server will send the ACK with
acknowledgement number = 10001. Also, the server sets the FIN flag to
'1' and sends it to the client, if the server also wants to terminate the
connection. The sequence number used here for the FIN will be
different from the client's FIN. After completion of this step, the
connection is terminated from the client to the server-side.
3. The client sends the ACK to the server: After receiving the FIN from the
server, the client sets the ACK flag to '1' and sends it with an
acknowledgement number 1 greater than the server's FIN sequence
number to the client. Here, the FIN flag is kept '0'. After completion of
this step, the connection is now terminated from the server to the
client-side also.

From <https://afteracademy.com/blog/what-is-a-tcp-3-way-handshake-process/>