Unit 2: Network Layer

Network Layer:

The network layer is responsible for the source-to-destination delivery of a packet, possibly across
multiple networks. It ensures that each packet gets from its point of origin to its final destination. The
network layer adds a header that includes the logical addresses of the sender and receiver to the packet
coming from the upper layer. If a packet travels through the Internet, we need to distinguish the source
and destination. When independent networks or links are connected together to create an
internetwork, routers or switches route packets to their final destination. One of the functions of the
network layer is to provide a routing mechanism.

Connection Oriented Services:

A connection-oriented service needs an established connection between peers before data can be sent
between the connected terminals. This method is often called a "reliable" network service. This handles
real-time traffic more efficiently than connectionless protocols because data arrives in the same order as
it was sent. Connection-oriented protocols are also less error-prone. There is a sequence of operation to
be followed by the users of connection oriented service. These are:

1. Connection is established.
2. Information is sent.
3. Connection is released.

In connection oriented service, we have to establish a connection before starting the communication.
When connection is established, we send the message or the information and then we release the
connection. Example of connection oriented is TCP (Transmission Control Protocol) protocol.

Connection less Services:

Connectionless service means that a terminal or node can send data packets to its destination without
establishing a connection to the destination. A session connection between the sender and the receiver
is not required, the sender just starts sending the data. The message or datagram is sent without prior
arrangement, which is less reliable but faster transaction than a connection-oriented service. This works
because of error handling protocols, which allow for error correction like requesting retransmission. It is
similar to the postal services, as it carries the full address where the message (letter) is to be carried.
Each message is routed independently from source to destination. The order of message sent can be
different from the order received.

LANs are actually connectionless systems with each computer able to transmit data packets as soon as it
can access the network. The Internet is a large connectionless packet network in which all packet
delivery is handled by Internet providers. Example of Connectionless service is UDP (User Datagram
Protocol) protocol.

Connection Oriented Protocols:

Virtual Circuits:

A virtual circuit (VC) is a means of transporting data over a packet switched computer network in such a
way that it appears as though there is a dedicated physical layer link between the source and destination

Compiled by: Krishna Bhandari www.genuinenotes.com

end systems of this data. In all major computer network architectures to date (Internet, ATM, frame
relay, and so on), the network layer provides either a host-to-host connectionless service or a host-to-
host connection service, but not both. Computer networks that provide only a connection service at the
network layer are called virtual-circuit (VC) networks; computer networks that provide only a
connectionless service at the network layer are called datagram networks. While the Internet is a
datagram network, many alternative network architectures— including those of ATM and frame relay—
are virtual-circuit networks and, therefore, use connections at the network layer. These network-layer
connections are called virtual circuits (VCs). A VC consists of:
(1) A path (that is, a series of links and routers) between the source and destination hosts,
(2) VC numbers, one number for each link along the path, and
(3) Entries in the forwarding table in each router along the path.
A packet belonging to a virtual circuit will carry a VC number in its header. Because a virtual circuit may
have a different VC number on each link, each intervening router must replace the VC number of each
traversing packet with a new VC number. The new VC number is obtained from the forwarding table.

There are three identifiable phases in a virtual circuit:

 VC Setup: During this setup phase, the sending transport layer contacts the network layer,
specifies the receiver’s address, and waits for the network to set up the VC. The network layer
determines the path between sender and receiver, that is, the series of links and routers
through which all packets of the VC will travel. The network layer also determines the VC
number for each link along the path. Finally, the network layer adds an entry in the forwarding
table in each router along the path. During VC setup, the network layer may also reserve
resources (for example, bandwidth) along the path of the VC.
 Data Transfer: As shown in the figure below, once the VC has been established, packets can
begin to flow along the VC.
 VC Teardown: This is initiated when the sender (or receiver) informs the network layer of its
desire to terminate the VC. The network layer will then typically inform the end system on the
other side of the network of the call termination and update the forwarding table sin each of the
packet routers on the path to indicate that the VC no longer exists.

To illustrate the concept, consider the network shown in the figure. The numbers next to the links of R1
in figure are the link interface numbers. Suppose now that Host A requests that the network establish a
VC between itself and Host B. Suppose also that the network chooses the path A-R1-R2-B and assigns VC
numbers 12, 22, and 32 to the three links in this path for this virtual circuit. In this case, when a packet in
this VC leaves Host A, the value in the VC number field in the packet header is 12; when it leaves R1, the
value is 22; and when it leaves R2, the value is 32.

Fig: A simple virtual circuit network

Compiled by: Krishna Bhandari www.genuinenotes.com

VC forwarding table:

For a VC network, each router’s forwarding table includes VC number translation; for example, the
forwarding table in R1 might look something like this:

Incoming interface Incoming VC # Outgoing interface Outgoing VC #

1 12 2 22
2 63 1 18
3 7 2 17
1 97 3 87
… … … …

Whenever a new VC is established across a router, an entry is added to the forwarding table. Similarly,
whenever a VC terminates, the appropriate entries in each table along its path are removed.

VC Signaling Protocols:

The message that the end systems send into the network to initiate or terminate a VC, and the message
passed between the routers to set up the VC (that is, to modify connection state in router tables ) are
known as signaling messages, and the protocols used to exchange these message are often referred to
as signaling protocols. The signaling protocols are used to setup, maintain and teardown the virtual
circuits.

Fig: Virtual-Circuit Setup

Connectionless Protocols:

The connectionless services at the network layer are called datagram networks. In a datagram network,
each time an end system wants to send a packet, it stamps the packet with the address of the

Compiled by: Krishna Bhandari www.genuinenotes.com

destination end system and then pops the packet into the network. As shown in Figure, there is no VC
setup and routers do not maintain any VC state information (because there are no VCs).

Fig: Datagram network

Issues in IP:

IP provides connectionless (datagram) service. Each packet is treated separately. There are some issues
regarding the Internet protocol listed as follows:

 Routing
 Datagram lifetime
 Fragmentation and re-assembly
 Error control
 Flow control
 Addressing

Security issues in Internet protocol are: packet sniffing, packet modification, IP spoofing.

Packet sniffing: An intruder may intercept an IP packet and make a copy of it. Packet sniffing is a passive
attack, in which the attacker does not change the contents of the packet but the confidentiality of the
data will be lost.

Packet Modification: The contents of the data packet may be modified which is a kind of active packet.
This violates the integrity of the data.

IP spoofing: The attacker pretends to be an authorized person and creates an IP packet that carries the
source address of another, which violates authenticity of the data packet.

Next Hop Routing:

Next hop is a routing term that refers to the next closest router a packet can go through. The next hop is
among the series of routers that are connected together in a network and is the next possible
destination for a data packet. More specifically, next hop is an IP address entry in a router's routing
table, which specifies the next closest/most optimal router in its routing path. Every single router
maintains its routing table with a next hop address, which is calculated based on the routing protocol
used. The next hop may also be referred to as the next optimal router.

Internet Routing Table:

Compiled by: Krishna Bhandari www.genuinenotes.com

A routing table is a set of rules, often viewed in a table format, which is used to determine where the
data packets traveling over an Internet Protocol (IP) network will be directed. All IP-enabled devices,
including routers and switches, use routing tables. A routing table contains the information necessary to
forward a packet along the best path toward its destination. Each packet contains information about its
origin and destination. When a packet is received, a network device examines the packet and matches it
to the routing table entry providing the best match for its destination. The table then provides the
device with instructions for sending the packet to the next hop on its route across the network. A basic
routing table includes the following information:

 Destination: The IP address of the packet's final destination

 Next hop: The IP address to which the packet is forwarded
 Interface: The outgoing network interface the device should use when forwarding the packet to
the next hop or final destination
 Metric: Assigns a cost to each available route so that the most cost-effective path can be chosen
 Routes: Includes directly-attached subnets, indirect subnets that are not attached to the device
but can be accessed through one or more hops, and default routes to use for certain types of
traffic or when information is lacking.

Routing tables can be maintained manually or dynamically. Tables for static network devices do not
change unless a network administrator manually changes them. In dynamic routing, devices build and
maintain their routing tables automatically by using routing protocols to exchange information about
the surrounding network topology. Dynamic routing tables allow devices to "listen" to the network and
respond to occurrences like device failures and network congestion.

A general internet routing table format is:

An example of what the routing table above could look like is shown below:

Compiled by: Krishna Bhandari www.genuinenotes.com

  The column Network Destination and Netmask together describe the Network ID. For example,
destination 192.168.0.0 and netmask 255.255.255.0 can be written as network ID
192.168.0.0/24.
 The Gateway column contains the same information as the Next hop, i.e. it points to the
gateway through which the network can be reached.
 The Interface indicates what locally available interface is responsible for reaching the gateway.
In this example, gateway 192.168.0.1 (the internet router) can be reached through the local
network card with address 192.168.0.100.
 Finally, the Metric indicates the associated cost of using the indicated route. This is useful for
determining the efficiency of a certain route from two points in a network.

Forwarding Table: Routing tables are generally not used directly for packet forwarding in modern router
architectures; instead, they are used to generate the information for a smaller forwarding table. A
forwarding table contains only the routes which are chosen by the routing algorithm as preferred routes
for packet forwarding.

Longest Prefix Matching:

Longest prefix match (also called Maximum prefix length match) refers to an algorithm used by routers
in Internet Protocol (IP) networking to select an entry from a forwarding table. Because each entry in a
forwarding table may specify a sub-network, one destination address may match more than one
forwarding table entry. The most specific of the matching table entries — the one with the longest
subnet mask — is called the longest prefix match. It is called this because it is also the entry where the
largest number of leading address bits of the destination address match those in the table entry.

What is forwarding?

Forwarding is moving incoming packets to appropriate interface. Routers use forwarding table to decide
which incoming packet should be forwarded to which next hop.

What is IP prefix?

IP prefix is a prefix of IP address. All computers on one network have same IP prefix. For example, in
192.24.0.0/18, 18 is length of prefix and prefix is first 18 bits of the address.

How does forwarding work?

Routers basically look at destination address’s IP prefix, searches the forwarding table for a match and
forwards the packet to corresponding next hop in forwarding table.

Compiled by: Krishna Bhandari www.genuinenotes.com

In this example, the longest prefix of the candidate routes is 192.168.2.0/29, since its subnet mask (/29)
is longer than the other entry's mask, making the route more specific.

IP Forwarding:

IP forwarding, also known as IP routing or Internet routing, is a process used to determine which path a
packet or datagram will be sent. Basically it finds out where should that datagram should go next and
then forward it accordingly. The process uses routing information to make decisions and is designed to
send a packet over multiple networks. It works when a device on a local network sends a packet toward
a destination node that's external to the network. Generally, networks are separated from each other by
routers. For packets to travel between networks, they must be “routed” from one network to another.
These routers contain a routing table that can contain specific instructions on how to send packets to a
destination network (known as a route), or a set of generic instructions on where to send packets that
do not match any of the other specified routes (called a default route), or both.

IP Header:

Unlike the post office, a router or computer cannot determine the size of a package without additional
information. A person can look at a letter or box and determine how big it is, but a router cannot.
Therefore, additional information is required at the IP layer, in addition to the source and destination IP
addresses. An IP header is header information at the beginning of an IP packet which contains
information about IP version, source IP address, destination IP address, time-to-live, etc. Two different
versions of IP are used in practice today: IPv4 and IPv6. The IPv6 uses 128 bit addresses and thus offers a
much bigger address space while IPv4 uses 32 bit address space providing lesser number of address
space.

Fragmentation-MTU:

Not all link-layer protocols can carry network-layer packets of the same size. Some protocols can carry
big datagrams, whereas other protocols can carry only little packets. For example, Ethernet frames can
carry up to 1,500 bytes of data, whereas frames for some wide-area links can carry no more than 576
bytes. The maximum amount of data that a link-layer frame can carry is called the maximum
transmission unit (MTU). Because each IP datagram is encapsulated within the link-layer frame for
transport from one router to the next router, the MTU of the link-layer protocol places a hard limit on
the length of an IP datagram. Having a hard limit on the size of an IP datagram is not much of a problem.
What is a problem is that each of the links along the route between sender and destination can use
different link-layer protocols, and each of these protocols can have different MTUs.

To understand the forwarding issue better, imagine that you are a router that interconnects several
links, each running different link-layer protocols with different MTUs. Suppose you receive an IP
datagram from one link. You check your forwarding table to determine the outgoing link, and this
outgoing link has an MTU that is smaller than the length of the IP datagram. The solution is to fragment
the data in the IP datagram into two or more smaller IP datagrams, encapsulate each of these smaller IP
datagrams in a separate link-layer frame; and send these frames over the outgoing link. Each of these
smaller datagrams is referred to as a fragment. When a destination host receives a series of datagrams
from the same source, it needs to determine whether any of these datagrams are fragments of some
original, larger datagram. If some datagrams are fragments, it must further determine when it has
received the last fragment and how the fragments it has received should be pieced back together to
form the original datagram.
Compiled by: Krishna Bhandari www.genuinenotes.com
Internet Control Message Protocol (ICMP):

ICMP is a TCP/IP network layer protocol that provides troubleshooting, control and error message
services. Internet Control Message Protocol is also known as RFC 792. While ICMP is not used regularly
in end-user applications, it is used by network administrators to troubleshoot Internet connections in
diagnostic utilities. An ICMP message is created as a result of errors in an IP datagram. These errors are
reported to the originating datagram's source IP address. An ICMP message is encapsulated directly
within a single IP datagram and reports errors in the processing of datagrams. ICMP messages are
transmitted as datagrams and consist of an IP header that encapsulates the ICMP data. ICMP packets are
IP packets with ICMP in the IP data portion. ICMP messages also contain the entire IP header from the
original message, so the end system knows which packet failed.

Some of the ICMP messages are:

 Destination unreachable
 Time Exceeded
 Parameter Problem (header field parameters corrupted)
 Redirect messages (when packet being routed wrongly, informed by intermediate router)

ICMP Error Reporting:

Technically, ICMP is an error reporting mechanism. Whenever a datagram causes an error, ICMP can
report the error condition back to the original source of the datagram; the source must accordingly
relate the error to an individual application program or take appropriate action to correct the problem.
For example, suppose a datagram is supposed to follow a path through a sequence of routers R1, . . . ,
Rk−1, Rk. If Rk−1 has incorrect routing information and mistakenly routes the datagram to router RE,
then RE uses an ICMP to report the problem to router R1 and not Rk−1. This is because the IP datagram
only contains the source IP address of router R1. It is now the responsibility of router R1 to remedy the
situation.

ICMP Error Restrictions:

An ICMP error message MUST NOT be sent as the result of receiving:

 An ICMP error message, or

 A packet which fails the IP header validation tests (except where that section specifically permits
the sending of an ICMP error message), or
 A packet destined to an IP broadcast or IP multicast address, or
 A packet sent as a Link Layer broadcast or multicast, or
 A packet whose source address has a network prefix of zero or is an invalid source address, or
 Any fragment of a datagram other than the first fragment (i.e., a packet for which the fragment
offset in the IP header is nonzero).

Furthermore, an ICMP error message MUST NOT be sent in any case where this memo states that a
packet is to be silently discarded.

Compiled by: Krishna Bhandari www.genuinenotes.com

Router Architecture:

A high-level view of a generic router architecture is as follows;

Four router components can be identified: Input ports, Switching fabric, Output ports, Routing processor.

Input Ports: An input port performs several key functions. It performs the physical layer function of
terminating an incoming physical link at a router. An input port also performs link-layer functions
needed to interoperate with the link layer at the other side of the incoming link; this is represented by
the middle boxes in the input and output ports.
Switching fabric: The switching fabric connects the router’s input ports to its output ports. This switching
fabric is completely contained within the router— a network inside of a network router.
Output ports: An output port stores packets received from the switching fabric and transmits these
packets on the outgoing link by performing the necessary link-layer and physical-layer functions. When a
link is bidirectional (that is, carries traffic in both directions), an output port will typically be paired with
the input port for that link on the same line card (a printed circuit board containing one or more input
ports, which is connected to the switching fabric).
Routing processor: The routing processor executes the routing protocols, maintains routing tables and
attached link state information, and computes the forwarding table for the router. It also performs the
network management functions.

Input Port Functions:

The input port’s line termination function and link-layer processing implement the physical and link
layers for that individual input link. The lookup performed in the input port is central to the router’s
operation— it is here that the router uses the forwarding table to look up the output port to which an
arriving packet will be forwarded via the switching fabric. The forwarding table is computed and updated
by the routing processor, with a shadow copy typically stored at each input port. The forwarding table is
copied from the routing processor to the line cards over a separate bus.

Compiled by: Krishna Bhandari www.genuinenotes.com

Input Port Queuing

If switching fabric is slower than input ports taken together, queueing may occur at input queues.

Head-of-the-Line (HOL) blocking: queued packet at the front of queue prevents others in queue from
moving forward.

Type of Switching Fabrics:

The switching fabric is at the very heart of a router, as it is through this fabric that the packets are
actually switched (that is, forwarded) from an input port to an output port. Switching can be
accomplished in a number of ways.

 Switching via memory: The simplest, earliest routers were traditional computers, with switching
between input and output ports being done under direct control of the CPU (routing processor).
Input and output ports functioned as traditional I/O devices in a traditional operating system. An
input port with an arriving packet first signaled the routing processor via an interrupt. The
packet was then copied from the input port into processor memory. The routing processor then
extracted the destination address from the header, looked up the appropriate output port in the
forwarding table, and copied the packet to the output port’s buffers.
 Switching via a bus: In this approach, an input port transfers a packet directly to the output port
over a shared bus, without intervention by the routing processor. This is typically done by having
the input port pre-pend a switch-internal label (header) to the packet indicating the local output
port to which this packet is being transferred and transmitting the packet onto the bus. The
packet is received by all output ports, but only the port that matches the label will keep the
packet. The label is then removed at the output port, as this label is only used within the switch
to cross the bus. If multiple packets arrive to the router at the same time, each at a different
input port, all but one must wait since only one packet can cross the bus at a time.
 Switching via an interconnection network (crossbar): One way to overcome the bandwidth
limitation of a single, shared bus is to use a more sophisticated interconnection network, such as
those that have been used in the past to interconnect processors in a multiprocessor computer
architecture. A crossbar switch is an interconnection network consisting of 2N buses that
connect N input ports to N output ports, as shown in figure. Each vertical bus intersects each
horizontal

Compiled by: Krishna Bhandari www.genuinenotes.com

 bus at a cross point, which can be opened or closed at any time by the switch fabric controller
(whose logic is part of the switching fabric itself).

Fig: Three switching techniques

Output Ports:

Output port processing takes packets that have been stored in the output port’s memory and transmits
them over the output link. This includes selecting and de-queueing packets for transmission, and
performing the needed link layer and physical-layer transmission functions.

Fig: Output port processing

Compiled by: Krishna Bhandari www.genuinenotes.com

Output Port Queuing:

Fig: Output port queuing

Output port queuing is illustrated in the figure above. At time t, a packet has arrived at each of the
incoming input ports, each destined for the uppermost outgoing port. Assuming identical line speeds
and a switch operating at three times the line speed, one time unit later (that is, in the time needed to
receive or send a packet), all three original packets have been transferred to the outgoing port and are
queued awaiting transmission. In the next time unit, one of these three packets will have been
transmitted over the outgoing link. In our example, two new packets have arrived at the incoming side
of the switch; one of these packets is destined for this uppermost output port.

Compiled by: Krishna Bhandari www.genuinenotes.com