Professional Documents
Culture Documents
unit4 cn
unit4 cn
The network Layer is the third layer in the OSI model of computer networks.
Its main function is to transfer network packets from the source to the destination.
It is involved both the source host and the destination host. At the source, it accepts a
packet from the transport layer, encapsulates it in a datagram, and then delivers the packet
to the data link layer so that it can further be sent to the receiver. At the destination, the
datagram is de-capsulated, and the packet is extracted and delivered to the corresponding
transport layer.
1. Packetizing
The process of encapsulating the data received from the upper layers network layer
packet at the source and de-capsulating the from the network layer packet at the
destination is known as packetizing.
The source host adds a header that contains the source and destination address and
some other relevant information required by the network layer protocol received from the
upper layer.
The destination host receives the network layer packet from its data link layer, de-
capsulates the packet, and delivers the payload to the corresponding upper layer protocol.
NOTE: The routers in the path are not allowed to change either the source or the
destination address. The routers in the path are not allowed to de-capsulate the packets
they receive unless they need to be fragmented.
2. Routing
In a network, there are a number of routes available from the source to the destination. The
network layer specifies some strategies which find out the best possible route. This process
is referred to as routing.
There are a number of routing protocols that are used in this process and they should be run
to help the routers coordinate with each other and help in establishing communication
throughout the network.
3. Forwarding
Forwarding is simply defined as the action applied by each router when a packet arrives at
one of its interfaces. When a router receives a packet from one of its attached networks, it
needs to forward the packet to another attached network (unicast routing) or to some
attached networks (in the case of multicast routing).
Routers are used on the network for forwarding a packet from the local network to the remote
network. So, the process of routing involves packet forwarding from an entry interface out to
an exit interface.
Other Services of Network Layer
1. Error Control
2. Flow Control
3. Congestion Control
1. Error Control
Although it can be implemented in the network layer, it is usually not preferred because
the data packet in a network layer may be fragmented at each router, which makes
error-checking inefficient in the network layer.
2. Flow Control
It regulates the amount of data a source can send without overloading the receiver.
If the source produces data at a very faster rate than the receiver can consume it, the
receiver will be overloaded with data. To control the flow of data, the receiver should
send feedback to the sender to inform the latter that it is overloaded with data.
3. Congestion Control
Congestion occurs when the number of datagrams sent by the source is beyond the
capacity of the network or routers. This is another issue in the network layer protocol. If
congestion continues, sometimes a situation may arrive where the system collapses and
no datagrams are delivered.
The network layer provides service to its immediate upper layer, namely transport layer, through
the network − transport layer interface. The two types of services provided are −
Connection Oriented Service − In this service, a path is setup between the source and
the destination, and all the data packets belonging to a message are routed along this path.
Connectionless Service − In this service, each packet of the message is considered as an
independent entity and is individually routed from the source to the destination.
The objectives of the network layer while providing these services are:
To use a connection-oriented service, first we establish a connection, use it and then release
it. In connection-oriented services, the data packets are delivered to the receiver in the
same order in which they have been sent by the sender.
It can be done in either two ways :
1. Circuit Switched Connection:
The data stream is transferred over a packet switched network, in such a way that it
seems to the user that there is a dedicated path from the sender to the receiver.
A virtual path is established here. While, other connections may also be using the same
path.
What are Virtual Circuits?
It is connection-oriented, meaning that there is a reservation of resources like
buffers, CPU, bandwidth, etc.
The first sent packet reserves resources at each server along the path. Subsequent packets
will follow the same path as the first sent packet for the connection time.
Since all the packets are going to follow the same path, a global header is required. Only
the first packet of the connection requires a global header, the remaining packets generally
don’t require global headers.
Since all packets follow a specific path, packets are received in order at the destination.
Virtual Circuit Switching ensures that all packets successfully reach the Destination. No
packet will be discarded due to the unavailability of resources.
Virtual Circuits are a highly reliable method of data transfer.
The issue with virtual circuits is that each time a new connection is set up, resources and
extra information have to be reserved at every router along the path, which becomes
problematic if many clients are trying to reserve a router’s resources simultaneously.
It is used by the ATM (Asynchronous Transfer Mode) Network, specifically for Telephone
calls.
The communication management station, which is the telco’s central office, manually
configures the switches.
The main use for these always-on circuits is high-speed communication.
PVCs require telco resources (switches) to be allocated to a single communication circuit
whether or not that circuit is in use, making them an expensive solution for wide-area
networks (WANs).
What is Routing:
Routing is the process of establishing the routes that data packets must follow to reach the
destination. In this process, a routing table is created which contains information regarding
routes that data packets follow. Various routing algorithms are used for the purpose of deciding
which route an incoming data packet needs to be transmitted on to reach the destination
efficiently.
1. Adaptive Algorithms
2. Non-Adaptive Algorithms
3. Hybrid Algorithms
1. Adaptive Algorithms:
These are the algorithms that change their routing decisions whenever network topology or
traffic load changes. The changes in routing decisions are reflected in the topology as well as the
traffic of the network. Also known as dynamic routing, these make use of dynamic information
such as current topology, load, delay, etc. to select routes. Optimization parameters are distance,
number of hops, and estimated transit time.
Further, these are classified as follows:
Isolated: In this method each, node makes its routing decisions using the information it has
without seeking information from other nodes. The sending nodes don’t have information about
the status of a particular link. The disadvantage is that packets may be sent through a congested
network which may result in delay. Examples: Hot potato routing, and backward learning.
Centralized: In this method, a centralized node has entire information about the network and
makes all the routing decisions. The advantage of this is only one node is required to keep the
information of the entire network and the disadvantage is that if the central node goes down the
entire network is done. The link state algorithm is referred to as a centralized algorithm since it is
aware of the cost of each link in the network.
Distributed: In this method, the node receives information from its neighbors and then takes the
decision about routing the packets. A disadvantage is that the packet may be delayed if there is a
change in between intervals in which it receives information and sends packets. It is also known
as a decentralized algorithm as it computes the least-cost path between source and destination.
2. Non-Adaptive Algorithms
These are the algorithms that do not change their routing decisions once they have been selected.
This is also known as static routing as a route to be taken is computed in advance and
downloaded to routers when a router is booted.
Random walk: In this method, packets are sent host by host or node by node to one of its
neighbors randomly. This is a highly robust method that is usually implemented by sending
packets onto the link which is least queued.
Random Walk
3. Hybrid Algorithms
As the name suggests, these algorithms are a combination of both adaptive and non-adaptive
algorithms. In this approach, the network is divided into several regions, and each region uses a
different algorithm.
Link-state: In this method, each router creates a detailed and complete map of the network
which is then shared with all other routers. This allows for more accurate and efficient routing
decisions to be made.
Distance vector: In this method, each router maintains a table that contains information about
the distance and direction to every other node in the network. This table is then shared with other
routers in the network. The disadvantage of this method is that it may lead to routing loops.
Dijkstra’s Algorithm
Bellman Ford’s Algorithm
Floyd Warshall’s Algorithm
Dijkstra’s Algorithm
This is a single-source shortest path algorithm and aims to find solution to the given
problem statement
This algorithm works for both directed and undirected graphs
It works only for connected graphs
The graph should not contain negative edge weights
The algorithm predominantly follows Greedy approach for finding locally optimal
solution. But, it also uses Dynamic Programming approach for building globally optimal
solution, since the previous solutions are stored and further added to get final distances
from the source vertex
Algorithm:
1: Mark the source node current distance as 0 and all others as infinity.
2: Set the node with the smallest current distance among the non-visited nodes as the current
node.
3: For each neighbor, N, of the current node:
Calculate the potential new distance by adding the current distance of the current node
with the weight of the edge connecting the current node to N.
If the potential new distance is smaller than the current distance of node N, update N’s
current distance with the new distance.
Apply Dijkstra’s Algorithm for the graph given below, and find the shortest path from node A to
node C:
Solution:
1. All the distances from node A to the rest of the nodes is ∞.
2. Calculating the distance between node A and the immediate nodes (node B & node D):
For node B,
Node A to Node B = 3
For node D,
Node A to Node D = 8
3. Choose the node with the shortest distance to be the current node from unvisited nodes, i.e.,
node B. Calculating the distance between node B and the immediate nodes:
For node E,
Node B to Node D = 3+5 = 8
For node E,
Node B to Node E = 3+6 = 9
4. Choose the node with the shortest distance to be the current node from unvisited nodes, i.e.,
node D. Calculating the distance between node D and the immediate nodes:
For node E,
Node D to Node E = 8+3 = 11 ( [9 < 11] > TRUE: So, No Change)
For node F,
Node D to Node F = 8+2 = 10
5. Choose the node with the shortest distance to be the current node from unvisited nodes, i.e.,
node E. Calculating the distance between node E and the immediate nodes:
For node C,
Node E to Node C = 9+9 = 18
For node F,
Node E to Node F = 9+1 = 10
6. Choose the node with the shortest distance to be the current node from unvisited nodes, i.e.,
node F. Calculating the distance between node F and the immediate nodes:
For node C,
Node F to Node C = 10+3 = 13 ([18 < 13] FALSE: So, Change the previous value)
So, after performing all the steps, we have the shortest path from node A to node C, i.e., a value
of 13 units.
The Bell man Ford’s algorithm is a single source graph search algorithm which help us to
find the shortest path between a source vertex and any other vertex in a given graph.
We can use it in both directed and undirected graphs.
This algorithm is slower than Dijkstra’s algorithm and it can also use negative edge weight.
Algorithm
We can say that a negative cycle exists if for any edge uv the sum of distance from the
source node (dist[u]) and the edge weight (weight) is less than the current distance to the
largest node(dist[v])
It indicates the absence of negative edge cycle if none of the edges satisfies case1.
Graph G
Solution:
Step 1:
Step 2:
Step 3:
Step 4:
Step 5:
Outcome: The graph contains a negative cycle in the path from node D to node F and then to
node E.
Algorithm:
1: Using the data about the graph, make a matrix.
2: By taking all vertices as an intermediate vertex, we have to update the final matrix.
3: It is to be noted that it includes at a time we pick one vertex, and we update the shortest path
which includes this chosen vertex as an in-between point along the path.
4: When we select a vertex say k almost like the middle of the path, in previous calculations
we have already taken all vertices P{0,1,2..,k-1} as potential middle points.
5: We have to consider the following subpoints while dealing with the source and destination
vertices I,j respectively
If vertex k is not the part of shortest path from I to j, we don’t have to change dist[i][j]
value .ie, it will remain unchanged.
If vertex k is indeed part of shortest path from I to j, update dist[i][j] to the sum of dist[i][k]
and dist[k][j] but note that only if dist[i][j] is greater than this value we newly calculated.
Example: Consider the given graph G,
Graph G
Step 1:
Step 2:
Step 3:
Step 4:
Step 5:
Step 6:
Step 7:
In hierarchical routing, the routers are divided into regions. Each router has complete details
about how to route packets to destinations within its own region. But it does not have any
idea about the internal structure of other regions.
As we know, in both LS and DV algorithms, every router needs to save some information
about other routers. When network size is growing, the number of routers in the network will
increase. Therefore, the size of routing table increases, then routers cannot handle network
traffic as efficiently. To overcome this problem we are using hierarchical routing.
In hierarchical routing, routers are classified in groups called regions. Each router has
information about the routers in its own region and it has no information about routers in
other regions. So, routers save one record in their table for every other region.
For huge networks, a two-level hierarchy may be insufficient hence, it may be necessary to
group the regions into clusters, the clusters into zones, the zones into groups and so on.
Example
Let see the full routing table for router 1A which has 17 entries, as shown below −
When routing is done hierarchically then there will be only 7 entries as shown below −
Hierarchical Table for 1A
Unfortunately, this reduction in table space comes with the increased path length.
Explanation
Step 1 − For example, the best path from 1A to 5C is via region 2, but hierarchical routing of all
traffic to region 5 goes via region 3 as it is better for most of the other destinations of region 5.
Step 2 − Consider a subnet of 720 routers. If no hierarchy is used, each router will have 720
entries in its routing table.
Step 3 − Now if the subnet is partitioned into 24 regions of 30 routers each, then each router will
require 30 local entries and 23 remote entries for a total of 53 entries.
Broadcast Routing
Broadcast routing plays a role, in computer networking and telecommunications. It involves
transmitting data, messages, or signals from one source to destinations within a network.
Unlike routing (one-to-one communication) or multicast routing (one-to-many communication)
broadcast routing ensures that information reaches all devices or nodes within the network.
Broadcast
Mechanisms for Broadcast Routing
The mechanisms and protocols are employed to efficiently distribute data to multiple recipients
through broadcast routing. Here are some important methods:
Flooding: Flooding is an approach to broadcast routing. In this method, the sender
broadcasts the message to all connected devices, which then forwards it to their connected
devices and so on. This continues until the message reaches all intended recipients or a
predefined maximum number of hops is reached. However flooding can lead to network
congestion and inefficiency.
Spanning Tree Protocol (STP): STP is utilized in Ethernet networks to prevent loops and
ensure broadcast routing. It establishes a tree structure that connects all devices, in the
network while avoiding paths. Reducing network congestion and avoiding broadcast
messages are the benefits of implementing this approach.
The Internet Group Management Protocol (IGMP): It is a communication protocol
utilized in IP networks to facilitate the management of group memberships. Its purpose is
to enable hosts to join or leave groups ensuring that only interested recipients receive the
multicast traffic. This not enhances network efficiency. Also prevents unnecessary data
transmission.
Broadcast Domains: Segmenting a network into broadcast domains also known as sub-
netting is a way to manage and control the scope of broadcast messages. By dividing a
network into segments we can contain the impact of broadcast traffic within each segment
minimizing its overall effect, on the entire network.
For multicast routing, special IP addresses known as Class D addresses are utilized. These
addresses range from 224.0.0.0 to 239.255.255.255. These are not assigned to any host or
interface but represent groups of hosts interested in receiving the same data. For instance,
224.0.0.1 represents all hosts on the network, while 224.0.0.9 represents all routers.
To join a multicast group, a host sends a message via the Internet Group Management Protocol
(IGMP) to its router, which then forwards it to other routers in the network using Protocol
Independent Multicast (PIM). PIM’s role is to construct and maintain trees that establish paths
connecting sources and destinations for multicast data.
The primary objective of multicast routing is to optimize the delivery of data to multiple
receivers within the network. By sending one copy of the data to each group of receivers,
multicast routing conserves bandwidth and reduces network congestion. This will also enhance
scalability. Generally speaking, multicast requires low bandwidth because it transmits one
information stream. This makes it particularly suitable for handling high volumes of data across
software and technologies such as media.
There are various applications of multicast routing. The most popular uses of multicasting
include videoconferencing and streaming media on organizational networks such as hotels or
campuses. Multicast routing has numerous other uses, such as online gaming, distance learning,
and stock market updates.
Multicast routing protocols are classified into two categories: dense mode and sparse mode.
Dense-mode protocols assume that most nodes in the network are interested in receiving
multicast data, while sparse-mode protocols assume that only a few nodes are interested.
Different protocols may be suitable for different scenarios depending on the network
topology and traffic pattern.
1.Dense Mode:
Dense mode protocols assume that there are many receivers in the network and use flooding
to send data packets to all nodes. Then, nodes that are not interested in receiving the data
prune themselves from the multicast tree by sending messages to their upstream routers. This
way, only the nodes that want to receive the data remain in the tree. Below we have shown
with the help of an image.
In the flood phase, the source router sends multicast packets to the rendezvous point, which then
forwards them to all other routers in a network. In the pruning phase, routers without receivers
send prune messages upstream to cease receiving traffic for that particular group.
2. Sparse Mode
Sparse mode protocols assume that there are few receivers in the network and use explicit join
messages to build multicast trees. They use a rendezvous point (RP) as a central node that
connects sources and receivers. Receivers send join messages to the RP, which then forwards
them to the sources. Sources send data packets to the RP, which then forwards them to the
receivers.
PIM sparse mode is also a multicast routing protocol that mainly operates in scenarios where all
network routers do not need the transmitted multicast traffic. When we talk about its functioning,
the routers who want to join a multicast group first send the join message to a DR (Designated
Router), which is connected to the source of the multicast stream. After this, the DR builds an
SPT (Shortest path tree) to the source in order to forward the multicast packets.
Apart from all this, it assists in reducing the amount of multicast traffic in the network. This
helps in the efficient distribution of multicast data.
RPF or Reverse Path Forwarding is a technique mainly used by some of the multicast routing
protocols to prevent loops and duplicate packets in multicast trees. Now, if we discuss the
functioning of RPF, it simply checks the incoming interface of a data packet with the
unicast routing table. In cases where the incoming interface is the same as the interface that
would be used to send a unicast packet to the source, then the packet is accepted and forwarded
to the next node. If not, the packet is dropped.
What is an IP Address?
All the computers of the world on the Internet network communicate with each other with
underground or underwater cables or wirelessly. If I want to download a file from the internet
or load a web page or literally do anything related to the internet, my computer must have an
address so that other computers can find and locate mine in order to deliver that particular file
or webpage that I am requesting. In technical terms, that address is called IP Address or
Internet Protocol Address.
IP address is a short form of "Internet Protocol Address." It is a unique number provided to every
device connected to the internet network, such as Android phone, laptop, Mac, etc. An IP address
is represented in an integer number separated by a dot (.), for example, 192.167.12.46.
IP Address Format
Originally IP addresses were divided into five different categories called classes. These divided
IP classes are class A, class B, class C, class D, and class E. Out of these, classes A, B, and C are
most important. Each address class defines a different number of bits for its network prefix
(network address) and host number (host address). The starting address bits decide from
which class an address belongs.
Network Address: The network address specifies the unique number which is assigned to your
network. In the above figure, the network address takes two bytes of IP address.
Host Address: A host address is a specific address number assigned to each host machine. With
the help of the host address, each machine is identified in your network. The network address
will be the same for each host in a network, but they must vary in host address.
Types of IP Address
An IP address is categorized into two different types based on the number of IP address it
contains. These are:
What is IPv4?
IPv4 is version 4 of IP. It is a current version and the most commonly used IP address. It is a 32-
bit address written in four numbers separated by a dot (.), i.e., periods. This address is unique for
each device. For example, 66.94.29.13
What is IPv6?
IPv4 produces 4 billion addresses, and the developers think that these addresses are enough, but
they were wrong. IPv6 is the next generation of IP addresses. The main difference between IPv4
and IPv6 is the address size of IP addresses. The IPv4 is a 32-bit address, whereas IPv6 is a 128-
bit hexadecimal address. IPv6 provides a large address space, and it contains a simple header as
compared to IPv4.
Class A
Class A address uses only first higher order octet (byte) to identify the network prefix, and
remaining three octets (bytes) are used to define the individual host addresses. The class A
address ranges between 0.0.0.0 to 127.255.255.255. The first bit of the first octet is always set to
0 (zero), and next 7 bits determine network address, and the remaining 24 bits determine host
address. So the first octet ranges from 0 to 127 (00000000 to 01111111).
Class B
Class B addresses use the initial two octets (two bytes) to identify the network prefix, and the
remaining two octets (two bytes) define host addresses. The class B addresses are range between
128.0.0.0 to 191.255.255.255. The first two bits of the first higher octet is always set to 10 (one
and zero bit), and next 14 bits determines the network address and remaining 16 bits determines
the host address. So the first octet ranges from 128 to 191 (10000000 to 10111111).
Class C
Class C addresses use the first three octets (three bytes) to identify the network prefix, and the
remaining last octet (one byte) defines the host address. The class C address ranges between
192.0.0.0 to 223.255.255.255. The first three bit of the first octet is always set to 110, and next
21 bits specify network address and remaining 8 bits specify the host address. Its first octet
ranges from 192 to 223 (11000000 to 11011111).
Class D
Class D IP address is reserved for multicast addresses. Its first four bits of the first octet are
always set to 1110, and the remaining bits determine the host address in any IP address. The first
higher octet bits are always set to 1110, and the remaining bits specify the host address. The
class D address ranges between 224.0.0.0 to 239.255.255.255. In multicasting, data is not
assigned to any particular host machine, so it is not require to find the host address from the IP
address, and also, there is no subnet mask present in class D.
Class E
Class E IP address is reserved for experimental purposes and future use. It does not contain any
subnet mask in it. The first higher octet bits are always set to 1111, and next remaining bits
specify the host address. Class E address ranges between 240.0.0.0 to 255.255.255.255.
In every IP address class, all host-number bits are specified by a power of 2 that indicates the
total numbers of the host's address that can create for a particular network address. Class A
address can contain the maximum number of 224 (16,777,216) host numbers. Class B addresses
contain the maximum number of 216 (65, 536) host numbers. And class C contains a maximum
number of 28 (256) host numbers.
IP Address Table
On the basis of ranges, IP addresses are categorized into five address classes which are given
below.
Among them, public and private addresses are based on their location of the network private,
which should be used inside a network while the public IP is used outside of a network.
Public IP Addresses:
A public IP address is an address where one primary address is associated with your whole
network. In this type of IP address, each of the connected devices has the same IP address.
This type of public IP address is provided to your router by your ISP.
Private IP Addresses
A private IP address is a unique IP number assigned to every device that connects to your home
internet network, which includes devices like computers, tablets, smartphones, which is used in
your household.
It also likely includes all types of Bluetooth devices you use, like printers or printers, smart
devices like TV, etc. With a rising industry of internet of things (IoT) products, the number of
private IP addresses you are likely to have in your own home is growing.
Dynamic IP address:
Dynamic IP addresses always keep changing. It is temporary and are allocated to a device every
time it connects to the web. Dynamic IPs can trace their origin to a collection of IP addresses that
are shared across many computers.
Dynamic IP addresses are another important type of internet protocol addresses. It is active for a
specific amount of time; after that, it will expire.
Static IP Addresses
A static IP address is an IP address that cannot be changed. In contrast, a dynamic IP address will
be assigned by a Dynamic Host Configuration Protocol (DHCP) server, which is subject to
change. Static IP address never changes, but it can be altered as part of routine network
administration.
Static IP addresses are consistent, which is assigned once, that stays the same over the years.
This type of IP also helps you procure a lot of information about a device.
IP Address Classification Based on Operational Characteristics
Unicast addressing:
Unicast addressing is the most common concept of an IP address in the Unicast addressing
method. It is available in both IPv4 and IPv6.
This IP address method refers to a single sender/receiver. It can be used for both sending and
receiving the data.
In most cases, a Unicast address is associated with a single device or host, but a device or
host that may have more than one unicast address.
Broadcast addressing
Broadcasting addressing is another addressing method available in IPv4. It allows you to
manage data to all destinations on a network with a single transmission operation.
The IP address 255.255.255.255 is mostly used for network broadcast. Moreover, limited
directed-broadcast uses the all-ones host address with the network prefix.
IPv6 does not provide any implementation and any broadcast addressing. It replaces it with
multicast to the specially defined all-nodes of the multicast address.
Multicast IP addresses
Multicast IP addresses are used mainly for one-to-many communication. Multicast messages
are mostly sent to the IP multicast group address.
In this, routers forward copies of the packet out to every interface with hosts subscribed to
that specific group address. Only the hosts that require receiving the message will process the
packets. All other hosts on that LAN will discard them.
IPV4 header format is 20 to 60 bytes in length. It contains information need for routing and
delivery. It consists of 13 fields such as Version, Header length, total distance, identification,
flags, checksum, source IP address, destination IP address. It provides essential data need to
transmit the data.
Various fields of IP packet header
Version: The first IP header field is a 4-bit version indicator. In IPv4, the value of its
four bits is set to 0100, which indicates 4 in binary. However, if the router does not
support the specified version, this packet will be dropped.
Internet Header Length: Internet header length, shortly known as IHL, is 4 bits in size.
It is also called HELEN (Header Length). This IP component is used to show how many
32-bit words are present in the header.
Type of Service: Type of Service is also called Differentiated Services Code Point or
DSCP. This field is provided features related to the quality of service for data streaming
or VoIP calls. The first 3 bits are the priority bits. It is also used for specifying how you
can handle Datagram.
Total length: The total length is measured in bytes. The minimum size of an IP datagram
is 20 bytes and the maximum, it can be 65535 bytes . HELEN and Total length can be
used to calculate the dimension of the payload. All hosts are required to be able to read
576-byte datagrams. However, if a datagram is too large for the hosts in the network, the
fragmentation method is widely used.
Identification: Identification is a packet that is used to identify fragments of an IP
datagram uniquely. Some have recommended using this field for other things like adding
information for packet tracing, etc.
IP Flags: Flag is a three-bit field that helps you to control and identify fragments. The
following can be their possible configuration. Bit 0: is reserved and has to be set to zero,
Bit 1: means do not fragment, Bit 2: means more fragments.
Fragment Offset: Fragment Offset represents the number of Data Bytes ahead of the
particular fragment in the specific Datagram. It is specified in terms of the number of 8
bytes, which has a maximum value of 65,528 bytes.
Time to live: It is an 8-bit field that indicates the maximum time the Datagram will be
live in the internet system. The time duration is measured in seconds, and when the value
of TTL is zero, the Datagram will be erased. Every time a datagram is processed its TTL
value is decreased by one second. TTL are used so that datagrams are not delivered and
discarded automatically. The value of TTL can be 0 to 255.
Protocol: This IPv4 header is reserved to denote that internet protocol is used in the latter
portion of the Datagram. For Example, 6 number digit is mostly used to indicate TCP,
and 17 is used to denote the UDP protocol.
Header Checksum: The next component is a 16 bits header checksum field, which is
used to check the header for any errors. The IP header is compared to the value of its
checksum. When the header checksum is not matching, then the packet will be discarded.
Source Address: The source address is a 32-bit address of the source used for the IPv4
packet.
Destination address: The destination address is also 32 bit in size stores the address of
the receiver.
IP Options: It is an optional field of IPv4 header used when the value of IHL (Internet
Header Length) is set to greater than 5. It contains values and settings related with
security, record route and time stamp, etc. You can see that list of options component
ends with an End of Options or EOL in most cases.
Data: This field stores the data from the protocol layer, which has handed over the data
to the IP layer.
The following steps are included in the packet forwarding in the router-
The router takes the arriving packet from an entry interface and then forwards that packet
to another interface.
The router needs to select the best possible interface for the packet to reach the intended
destination as there exist multiple interfaces in the router.
The forwarding decision is made by the router based on routing table entries. The entries in
the routing table comprise destination networks and exit interfaces to which the packet is to
be forwarded.
The selection of exit interface relies on- firstly, the interface must lead to the target
network to which the packet is intended to send, and secondly, it must be the best possible
path leading to the destination network.
Routing Vs Forwarding
Parameter
Routing Forwarding
Purpose Determining the optimal path for Transmitting data packets from one
packets interface to the other
Decision Involves decision making Doesn't involve complex decisions
What is Fragmentation
Fragmentation in networking takes place in the Network Layer. In the network layer, when the
maximum size of the datagram exceeds the maximum limit of the frame (Maximum
Transmission Unit) at that time fragmentation in networking occurs.
There are some factors that arise the requirement of fragmentation in computer networks:
The Maximum Transmission Unit (MTU) is the largest size of a data packet that can be
transmitted over a particular network. It represents the maximum amount of data that can
be carried in a single packet from one network device to another without the packet being
fragmented. A data packet must be divided into smaller fragments before being
transmitted over the network if its size exceeds the MTU.
2.Bandwidth Utilization:
In a network sometimes, large-sized data packets may end up consuming a large amount
of network bandwidth. To solve this problem, fragmentation divides the large-sized data
packet into small fragments which helps to improve the bandwidth utilization in the
network.
3.Network Performance:
The network performance can be affected by the large-sized data packets. Fragmentation
can help to solve this critical problem by dividing the large-sized data packets into small
fragments which can be transferred more effectively.
Identification Field (16 bits): To identify the fragments of the same frame this field is used.
Fragment offset field (13 bits): This field is used to identify the sequence of the fragments in
the frame. In most cases, it denotes the number of data bytes before or before the fragment. The
largest fragment offset that can be achieved is (65535 – 20) = 65515, where 65535 is the largest
datagram size possible and 20 is the smallest IP header size. Since the fragment offset field only
has 13 bits, we need ceil(log265515) = 16 bits for a fragment offset. Therefore, in order to
efficiently represent, we need to scale the fragment offset field down by 216/213 = 8, which
serves as a scaling factor. As a result, all fragments other than the final fragment should have
data in multiples of 8, ensuring that the fragment offset equals N.
More Fragment Field (MF): The size of this field is 1 bit. This field helps to determine whether
ant fragments are ahead of this fragment or not. If the value of MF is 1 then there are some
fragments ahead of this fragment. If the value of MF is 0 then this fragment is the last fragment.
Don’t Fragment Field (DF): This is also a 1-bit size field. If the value of the DF field is 1 it
means we do not want to fragment the packet.
As the packets take different paths in the router so reassembly of the fragments takes place at the
destination side, not at the router. We have to take care two facts into consideration while
performing the reassembly of the fragments. The first one is that all the fragments may not meet
at the router and the second one is that all the fragments may not arrive into the sequence.
Based on the MF, Fragment offset field, the destination should be able to determine that the
datagram is fragmented.
The destination should identify each fragment that is a part of the same datagram using the
Identification field.
Advantages of Fragmentation:
It is used for network resources by allowing large data packets to be transmitted over a network.
These have improved network reliability by reducing the likelihood of packet loss or corruption
during transmission.
Disadvantages of Fragmentation:
Increased overhead due to the additional packet headers needed for reassembly.
Longer transmission times due to the need for reassembly at the destination.
Increased likelihood of network congestion due to the higher number of packets generated.
ICMP Protocol
The ICMP stands for Internet Control Message Protocol. It is a network layer protocol. It is used
for error handling in the network layer, and it is primarily used on network devices such as
routers. As different types of errors can exist in the network layer, so ICMP can be used to report
these errors and to debug those errors.
For example, some sender wants to send the message to some destination, but the router couldn't
send the message to the destination. In this case, the router sends the message to the sender that I
could not send the message to that destination.
The IP protocol does not have any error-reporting or error-correcting mechanism, so it uses a
message to convey the information. For example, if someone sends the message to the
destination, the message is somehow stolen between the sender and the destination. If no one
reports the error, then the sender might think that the message has reached the destination. If
someone in-between reports the error, then the sender will resend the message very quickly.
1. Error-reporting messages:
The error-reporting message means that the router encounters a problem when it processes an IP
packet then it reports a message.
2. Query messages:
The query messages are those messages that help the host to get the specific information of
another host. For example, suppose there are a client and a server, and the client wants to know
whether the server is live or not, then it sends the ICMP message to the server.
ICMP Message Format
The message format has two things; one is a category that tells us which type of message it is. If
the message is of error type, the error message contains the type and the code. The type defines
the type of message while the code defines the subtype of the message.
Type: It is an 8-bit field. It defines the ICMP message type. The values range from 0 to 127
are defined for ICMPv6, and the values from 128 to 255 are the informational messages.
Code: It is an 8-bit field that defines the subtype of the ICMP message
Checksum: It is a 16-bit field to detect whether the error exists in the message or not.
ICMP will take the source IP from the discarded packet and inform the source by sending a
source quench message. The source will reduce the speed of transmission so that router will be
free from congestion.
When the congestion router is far away from the source the ICMP will send a hop-by-hop
source quench message so that every router will reduce the speed of transmission.
Parameter Problem
Whenever packets come to the router then the calculated header checksum should be equal to
the received header checksum then only the packet is accepted by the router.
Parameter Problem
A notification with the subject line “Time Exceeded” is typically generated by routers or
gateways. You need to know what an IP header is in a packet in order to comprehend this
ICMP message in its entirety. The IP protocol structure is covered in great detail in the section
on IP Protocol, which is freely available to our readers.
Destination Un-reachable
The destination is unreachable and is generated by the host or its inbound gateway to inform
the client that the destination is unreachable for some reason.
Destination Un-reachable
There is no necessary condition that only the router gives the ICMP error message time the
destination host sends an ICMP error message when any type of failure (link failure, hardware
failure, port failure, etc) happens in the network.
Redirection Message:
Redirect requests data packets are sent on an alternate route. The message informs a host to
update its routing information (to send packets on an alternate route).
Example: If the host tries to send data through a router R1 and R1 sends data on a router R2
and there is a direct way from the host to R2. Then R1 will send a redirect message to inform
the host that there is the best way to the destination directly through R2 available. The host
then sends data packets for the destination directly to R2.
The router R2 will send the original datagram to the intended destination.
But if the datagram contains routing information then this message will not be sent even if a
better route is available as redirects should only be sent by gateways and should not be sent by
Internet hosts.
Redirection Message
Two important limitations of Internet Control Message Protocol are mentioned below –
The router rejects data transmission due to an error and there is no mechanism in the Internet
Control Message Protocol to notify the sender of this error.
For example: while surfing the Internet the lifetime of the data packet has expired and the value
of the time live field in the data packet has become zero; If the data packet will be rejected.
2.No Communication
Generally, one device needs to connect to another, in such a situation ICMP protocol has no
process to transmit information to the device.
For example: The host has to analyze whether the destination is still active after sharing the
data.
This is a type of DDoS attack that involves sending malformed or oversized ICMP echo request
messages to a target from multiple sources. The target may not be able to handle or process the
invalid packets, which may cause it to crash or reboot.
Smurf attack
This is a type of DDoS attack that involves sending ICMP echo request messages with a spoofed
source address to a broadcast address on a network. The broadcast address is a special address
that reaches all devices on the network. The devices on the network will respond to the echo
request messages by sending ICMP echo reply messages to the spoofed source address, which is
actually the target. The target will receive a large amount of unsolicited traffic from multiple
sources, which may overwhelm its resources and bandwidth.
IPv4 Vs IPv6