ch07.pdf

Full Transcript

Because learning changes everything. ®

Chapter 07

Network Layer: Data
Transfer
Data Communications and
Networking, With TCP/IP
protocol suite
Sixth Edition
Behrouz A. Forouzan

© 2022 McGraw Hill, LLC. All rights reserved. Authorized only for instructor use in the classroom.
No reproduction or further distribution permitted without the prior written consent of McGraw Hill, LLC.
 Chapter 7: Outline

7.1 Services

7.2 Packet Switching

7.3 Performance

7.4 Internet Protocol V4

7.5 Internet Protocol V6

7.6 Transition from V4 To V6

© McGraw Hill, LLC 2
 Figure 7.1 Communication at the network layer

Access the text alternative for slide images.

© McGraw Hill, LLC 3
 7-1 SERVICES

We briefly discuss the services provided at the network layer.

© McGraw Hill, LLC 4
 7.1.1 Packetizing

The first duty of the network layer is definitely packetizing:
encapsulating the payload in a network-layer packet at the source
and decapsulating the payload from the network-layer packet at the
destination. In other words, one duty of the network layer is to
carry a payload from the source to the destination without
changing it or using it. The network layer is doing the service of a
carrier such as the postal office, which is responsible for delivery
of packages from a sender to a receiver without changing or using
the contents.

© McGraw Hill, LLC 5
 7.1.2 Routing

Other duties of the network layer, which are as important as the
first, are routing and forwarding, which are directly related to each
other.

© McGraw Hill, LLC 6
 7.1.3 Error Control

Although error control can be implemented in the network layer,
the designers of the network layer in the Internet ignored this issue
for the data being carried by the network layer. One reason for this
decision is the fact that the packet in the network layer may be
fragmented at each router, which makes error checking at this layer
inefficient.

© McGraw Hill, LLC 7
 7.1.4 Flow Control

Flow control regulates the amount of data a source can send
without overwhelming the receiver. If the upper layer at the source
computer produces data faster than the upper layer at the
destination computer can consume it, the receiver will be
overwhelmed with data. To control the flow of data, the receiver
needs to send some feedback to the sender to inform the latter that
it is overwhelmed with data.

© McGraw Hill, LLC 8
 7.1.5 Congestion Control

Another issue in a network-layer protocol is congestion control.
Congestion in the network layer is a situation in which too many
datagrams are present in an area of the Internet. Congestion may
occur if the number of datagrams sent by source computers is
beyond the capacity of the network or routers.

© McGraw Hill, LLC 9
 7.1.6 Quality of Service

As the Internet has allowed new applications such as multimedia
communication (in particular real-time communication of audio
and video), the quality of service (QoS) of the communication has
become more and more important. The Internet has thrived by
providing better quality of service to support these applications.
However, to keep the network layer untouched, these provisions are
mostly implemented in the upper layer.

© McGraw Hill, LLC 10
 7.1.7 Security

Another issue related to communication at the network layer is
security. Security was not a concern when the Internet was
originally designed because it was used by a small number of users
at universities for research activities; other people had no access to
the Internet. The network layer was designed with no security
provision. Today, however, security is a big concern. To provide
security for a connectionless network layer, we need to have
another virtual level that changes the connectionless service to a
connection-oriented service.

© McGraw Hill, LLC 11
 7-2 PACKET SWITCHING

From the discussion of routing and forwarding in the previous
section, we infer that a kind of switching occurs at the
network layer. A router, in fact, is a switch that creates a
connection between an input port and an output port (or a set
of output ports), just as an electrical switch connects the
input to the output to let electricity flow.

© McGraw Hill, LLC 12
 7.2.1 Datagram Approach

When the Internet started, to make it simple, the network layer was
designed to provide a connectionless service in which the network-
layer protocol treats each packet independently, with each packet
having no relationship to any other packet. The idea was that the
network layer is only responsible for delivery of packets from the
source to the destination. In this approach, the packets in a
message may or may not travel the same path to their destination.

© McGraw Hill, LLC 13
 7.2.2 Virtual-Circuit Approach

In a connection-oriented service (also called virtual-circuit
approach), there is a relationship between all packets belonging to
a message. Before all datagrams in a message can be sent, a
virtual connection should be set up to define the path for the
datagrams. After connection setup, the datagrams can all follow
the same path. In this type of service, not only must the packet
contain the source and destination addresses, it must also contain a
flow label, a virtual circuit identifier that defines the virtual path
the packet should follow.

© McGraw Hill, LLC 14
 7-3 PERFORMANCE

The upper-layer protocols that use the service of the network
layer expect to receive an ideal service, but the network layer
is not perfect. The performance of a network can be
measured in terms of delay, throughput, and packet loss.
Congestion control is an issue that can improve the
performance.

© McGraw Hill, LLC 15
 7.3.1 Delay

All of us expect instantaneous response from a network, but a
packet, from its source to its destination, encounters delays. The
delays in a network can be divided into four types: transmission
delay, propagation delay, processing delay, and queuing delay. Let
us first discuss each of these delay types and then show how to
calculate a packet delay from the source to the destination.

© McGraw Hill, LLC 16
 Transmission Delay 1

A source host or a router cannot send a packet instantaneously. A
sender needs to put the bits in a packet on the line one by one. If
the first bit of the packet is put on the line at time t1 and the last bit
is put on the line at time t2, transmission delay of the packet is (t2 -
t1). Definitely, the transmission delay is longer for a longer packet
and shorter if the sender can transmit faster. In other words, the
transmission delay is.

Delay tr   Packet length   Transmission rate 

© McGraw Hill, LLC 17
 Propagation Delay

Propagation delay is the time it takes for a bit to travel from point
A to point B in the transmission media. The propagation delay for a
packet-switched network depends on the propagation delay of each
network (LAN or WAN). The propagation delay depends on the
propagation speed of the media, which is 3 ´ 108 meters/second in
a vacuum and normally much less in a wired medium; it also
depends on the distance of the link. In other words, propagation
delay is.

Delay pg   Distance   Propagation speed 

© McGraw Hill, LLC 18
 Processing Delay

The processing delay is the time required for a router or a
destination host to receive a packet from its input port, remove the
header, perform an error detection procedure, and deliver the
packet to the output port (in the case of a router) or deliver the
packet to the upper-layer protocol (in the case of the destination
host). The processing delay may be different for each packet, but
normally is calculated as an average.

Delay pr  Time required to process a packet

© McGraw Hill, LLC 19
 Queueing delay:

Let the packet is received by the destination, the packet will not be
processed by the destination immediately. It has to wait in a queue
in something called a buffer. So the amount of time it waits in queue
before being processed is called queueing delay.

In general, we can’t calculate queueing delay because we don’t
have any formula for that.

Delayqu  The time a packet waits in queues

© McGraw Hill, LLC 20
 Transmission Delay 2

A source host or a router cannot send a packet instantaneously. A
sender needs to put the bits in a packet on the line one by one. If
the first bit of the packet is put on the line at time t1 and the last bit
is put on the line at time t2, transmission delay of the packet is (t2 -
t1). Definitely, the transmission delay is longer for a longer packet
and shorter if the sender can transmit faster. In other words, the
transmission delay is:

Delay tr   Packet length   Transmission rate 

© McGraw Hill, LLC 21
 Total Delay

Assuming equal delays for the sender, routers, and receiver, the
total delay (source-to-destination delay) a packet encounters can
be calculated if we know the number of routers, n, in the whole
path.

Ttotal = Tt + Tp + Tq + Tpro

© McGraw Hill, LLC 22
 7.3.2 Throughput

Throughput at any point in a network is defined as the number of
bits passing through the point in a second, which is actually the
transmission rate of data at that point. In a path from source to
destination, a packet may pass through several links (networks),
each with a different transmission rate. How, then, can we
determine the throughput of the whole path? To see the situation,
assume that we have three links, each with a different transmission
rate, as shown in Figure 7.2.

© McGraw Hill, LLC 23
 Figure 7.2 Throughput in a path with three links in a series

Access the text alternative for slide images.

© McGraw Hill, LLC 24
 Figure 7.3 A path through the Internet backbone

Access the text alternative for slide images.

© McGraw Hill, LLC 25
 7.3.3 Packet Loss

Another issue that severely affects the performance of
communication is the number of packets lost during transmission.
When a router receives a packet while processing another packet,
the received packet needs to be stored in the input buffer waiting
for its turn. A router, however, has an input buffer with a limited
size. A time may come when the buffer is full and the next packet
needs to be dropped. The effect of packet loss on the Internet
network layer is that the packet needs to be resent, which in turn
may create overflow and cause more packet loss.

© McGraw Hill, LLC 26
 7.3.4 Congestion Control

Congestion control is a mechanism for improving performance.
Although congestion at the network layer is not explicitly addressed
in the Internet model, the study of congestion at this layer may help
us to better understand the cause of congestion at the transport
layer and find possible remedies to be used at the network layer.
Congestion at the network layer is related to two issues, throughput
and delay, which we discussed in the previous section.

© McGraw Hill, LLC 27
 7-4 INTERNET PROTOCOL VERSION 4

The network layer in the Internet has gone through several
versions, but only two versions have survived: IP Version 4
(IPv4) and IP Version 6 (IPv6). Although IPv4 is almost
depleted, we discuss it because there are still some areas
that use this version and also because it is the foundation for
IPv6.

© McGraw Hill, LLC 28
 7.4.1 IPv4 Addressing

The identifier used in the IP layer of the TCP/IP protocol suite to
identify the connection of each device to the Internet is called the
Internet address or IP address. An IPv4 address is a 32-bit address
that uniquely and universally defines the connection of a host or a
router to the Internet. The IP address is the address of the
connection, not the host or the router, because if the device is
moved to another network, the IP address may be changed.

© McGraw Hill, LLC 29
 Address Space 1

A protocol like IPv4 that defines addresses has an address space.
An address space is the total number of addresses used by the
protocol. If a protocol uses b bits to define an address, the address
space is 2b because each bit can have two different values (0 or 1).
IPv4 uses 32-bit addresses, which means that the address space is
232 or 4,294,967,296 (more than four billion). If there were no
restrictions, more than 4 billion devices could be connected to the
Internet.

© McGraw Hill, LLC 30
 Notation

There are three common notations to show an IPv4 address: binary
notation (base 2), dotted-decimal notation (base 256), and
hexadecimal notation (base 16).

© McGraw Hill, LLC 31
 Figure 7.4 Three different notations in IPv4 addressing

Access the text alternative for slide images.

© McGraw Hill, LLC 32
 Hierarchy in Addressing

In any communication network that involves delivery, such as a
telephone network or a postal network, the addressing system is
hierarchical. A 32-bit IPv4 address is also hierarchical but divided
only into two parts. The first part of the address, called the prefix,
defines the network; the second part of the address, called the
suffix, defines the node.

© McGraw Hill, LLC 33
 Figure 7.5 Hierarchy in addressing

Access the text alternative for slide images.

© McGraw Hill, LLC 34
 Classful Addressing

When the Internet started, an IPv4 address was designed with a
fixed-length prefix, but to accommodate both small and large
networks, three fixed-length prefixes were designed instead of one
(n = 8, n = 16, and n = 24). The whole address space was divided
into five classes (class A, B, C, D, and E), as shown in Figure 7.6.
This scheme is referred to as classful addressing. Although classful
addressing belongs to the past, it helps us to understand classless
addressing, discussed later.

© McGraw Hill, LLC 35
 Figure 7.6 Occupation of the address space in classful addressing

Access the text alternative for slide images.

© McGraw Hill, LLC 36
 Classful addressing

© McGraw Hill, LLC 37
 Classless Addressing

With the growth of the Internet, it was clear that a larger address
space was needed as a long-term solution. The larger address
space, however, requires that the length of IP addresses also be
increased, which means the format of the IP packets needs to be
changed. Although the long-range solution has already been
devised and is called IPv6, a short-term solution was also devised
to use the same address space but to change the distribution of
addresses to provide a fair share to each organization. The short-
term solution still uses IPv4 addresses, but it is called classless
addressing.

© McGraw Hill, LLC 38
19.39

© McGraw Hill, LLC
 Figure 7.7 Variable-length blocks in classless addressing

Access the text alternative for slide images.

© McGraw Hill, LLC 40
 Figure 7.8 Slash notation (CIDR)

Access the text alternative for slide images.

© McGraw Hill, LLC 41
19.42

Note

In IPv4 addressing, a block of
addresses can be defined as
x.y.z.t /n
in which x.y.z.t defines one of the
addresses and the /n defines the mask.

© McGraw Hill, LLC
19.43

Note

The first address in the block can be
found by setting the rightmost
32 − n bits to 0s.

© McGraw Hill, LLC
19.44

Note

The last address in the block can be
found by setting the rightmost
32 − n bits to 1s.

© McGraw Hill, LLC
19.45

Note

The number of addresses in the block
can be found by using the formula
232−n.

© McGraw Hill, LLC
 Example 7.1

A classless address is given as 167.199.170.82/27. We can find the
above three pieces of information as follows. The number of
addresses in the network is 232n  25  32 addresses. The first
address can be found by keeping the first 27 bits and changing the
rest of the bits to 0s.
Address: 167.199.170.82/27 10100111 11000111 10101010 01010010
First address: 167.199.170.64/27 10100111 11000111 10101010 01000000

The last address can be found by keeping the first 27 bits and
changing the rest of the bits to 1s.
Address: 167.199.170.82/27 10100111 11000111 10101010 01011111
Last address: 167.199.170.95/27 10100111 11000111 10101010 01011111

© McGraw Hill, LLC 46
19.47
Example 7.2

Another way to find the first address, the last address, and
the number of addresses is to represent the mask as a 32-
bit binary (or 8-digit hexadecimal) number. This is
particularly useful when we are writing a program to find
these pieces of information. For example for the block
205.16.37.39/28, the mask is represented as
11111111 11111111 11111111 11110000
(twenty-eight 1s and four 0s).

Find
a. The first address
b. The last address
c. The number of addresses.
© McGraw Hill, LLC
19.48

Solution
a. The first address can be found by ANDing the given
addresses with the mask. ANDing here is done bit by
bit. The result of ANDing 2 bits is 1 if both bits are 1s;
the result is 0 otherwise.

© McGraw Hill, LLC
19.49

b. The last address can be found by ORing the given
addresses with the complement of the mask. ORing
here is done bit by bit. The result of ORing 2 bits is 0 if
both bits are 0s; the result is 1 otherwise. The
complement of a number is found by changing each 1
to 0 and each 0 to 1.

© McGraw Hill, LLC
19.50

c. The number of addresses can be found by
complementing the mask, interpreting it as a decimal
number, and adding 1 to it.

© McGraw Hill, LLC
 Example 7.3

In classless addressing, an address cannot per se define the block
the address belongs to. For example, the address 230.8.24.56 can
belong to many blocks. Some of them are shown below with the
value of the prefix associated with that block.
1110 0110.0000 1000. 0001 1000. 0011 1000
Prefix length:16 → Block: 230.8.0.0 to 230.8.255.255
Prefix length:20 → Block: 230.8.16.0 to 230.8.31.255
Prefix length:26 → Block: 230.8.24.0 to 230.8.24.63
Prefix length:27 → Block: 230.8.24.32 to 230.8.24.63
Prefix length:29 → Block: 230.8.24.56 to 230.8.24.63
Prefix length:31 → Block: 230.8.24.56 to 230.8.24.57

© McGraw Hill, LLC 51
 Figure 7.9 Network address

Access the text alternative for slide images.

© McGraw Hill, LLC 52
 Example 7.4

An ISP has requested a block of 1000 addresses. Since 1000 is not
a power of 2, 1024 addresses are granted. The prefix length is
calculated as n  32  log 2 1024  22. An available block,
18.14.12.0/22, is granted to the ISP. It can be seen that the first
address in decimal is 302,910,464, which is divisible by 1024.

© McGraw Hill, LLC 53
 Example 7.5 (1)

An organization is granted a block of addresses with the beginning
address 14.24.74.0/24. The organization needs to have 3 subblocks
of addresses to use in its three subnets: one subblock of 10
addresses, one subblock of 60 addresses, and one subblock of 120
addresses. Design the subblocks.

Solution
There are 232–24  256 addresses in this block. The first address is
14.24.74.0/24; the last address is 14.24.74.255/24. To satisfy the
third requirement, we assign addresses to subblocks, starting with
the largest and ending with the smallest one.

© McGraw Hill, LLC 54
 Example 7.5 (2)

a. The number of addresses in the largest subblock, which
requires 120 addresses, is not a power of 2. We allocate 128
addresses. The subnet mask for this subnet can be found as
n1  32  log 2 128  25. The first address in this block is
14.24.74.0/25; the last address is 14.24.74.127/25.

b. The number of addresses in the second largest subblock,
which requires 60 addresses, is not a power of 2 either. We
allocate 64 addresses. The subnet mask for this subnet can be
found as n2  32  log 2 64  26. The first address in this
block is 14.24.74.128/26; the last address is 14.24.74.191/26.

© McGraw Hill, LLC 55
 Example 7.5 (3)

c. The number of addresses in the smallest subblock, which
requires 10 addresses, is not a power of 2. We allocate 16
addresses. The subnet mask for this subnet can be found as
n = 32 – log2 16 = 28 The first address in this block is
14.24.74.192/28; the last address is 14.24.192.207/28.

If we add all addresses in the previous subblocks, the result is
208 addresses, which means 48 addresses are left in reserve. The
first address in this range is 14.24.74.208. The last address is
14.24.74.255. We don’t know about the prefix length yet. Figure
4.36 shows the configuration of blocks. We have shown the first
address in each block.

© McGraw Hill, LLC 56
 Figure 7.10 Solution to Example 4.5

14.24.74.192/28

Access the text alternative for slide images.

© McGraw Hill, LLC 57
 Example 7.6

Figure 7.11 shows how four small blocks of addresses are assigned
to four organizations by an ISP. The ISP combines these four
blocks into one single block and advertises the larger block to the
rest of the world. Any packet destined for this larger block should
be sent to this ISP. It is the responsibility of the ISP to forward the
packet to the appropriate organization. This is similar to routing we
can find in a postal network. All packages coming from outside a
country are sent first to the capital and then distributed to the
corresponding destination.

© McGraw Hill, LLC 58
 Figure 7.11 Example of address aggregation

Access the text alternative for slide images.

© McGraw Hill, LLC 59
 7.4.2 Four Related Protocols

The network layer in version 4 can be thought of as one main
protocol and three auxiliary ones. The main protocol, IPv4, is
responsible for packetizing, forwarding, and delivery of a
packet. The ICMPv4 helps IPv4 to handle some errors that
may occur in delivery. The IGMP is used to help IPv4 in
multicasting. ARP is used in address mapping.

© McGraw Hill, LLC 60
 Figure 7.12 Position of IP and other network-layer protocols in
TCP/IP protocol suite

Access the text alternative for slide images.

© McGraw Hill, LLC 61
 Datagram Format

Packets used by the IP are called datagrams. Figure 7.13 shows the
IPv4 datagram format. A datagram is a variable-length packet
consisting of two parts: header and payload (data). The header is
20 to 60 bytes in length and contains information essential to
routing and delivery. It is customary in TCP/IP to show the header
in 4-byte sections.

© McGraw Hill, LLC 62
 Figure 7.13 IP datagram

Access the text alternative for slide images.

© McGraw Hill, LLC 63
 Figure 7.14 Multiplexing and demultiplexing using the value of
the protocol field

Access the text alternative for slide images.

© McGraw Hill, LLC 64
 Example 7.7

An IPv4 packet has arrived with the first 8 bits as  01000010 2. The
receiver discards the packet. Why?

Solution
There is an error in this packet. The 4 leftmost bits (0100)2 show
the version, which is correct. The next 4 bits (0010)2 show an
invalid header length (2 * 4 = 8). The minimum number of bytes in
the header must be 20. The packet has been corrupted in
transmission.

© McGraw Hill, LLC 65
 Example 7.8

In an IPv4 packet, the value of HLEN is 1000 2. How many bytes
of options are being carried by this packet?

Solution
The HLEN value is 8, which means the total number of bytes in the
header is 8 * 4, or 32 bytes. The first 20 bytes are the base header,
the next 12 bytes are the options.

© McGraw Hill, LLC 66
 Example 7.9

In an IPv4 packet, the value of HLEN is 5, and the value of the
total length field is  0028 16. How many bytes of data are being
carried by this packet?

Solution
The HLEN value is 5, which means the total number of bytes in the
header is 5 * 4, or 20 bytes (no options). The total length is  0028 16
or 40 bytes, which means the packet is carrying 20 bytes of data
(40 - 20).

© McGraw Hill, LLC 67
 Example 7.10

An IPv4 packet has arrived with the first few hexadecimal digits as
shown
 45000028000100000102 16
How many hops can this packet travel before being dropped? The
data belong to what upper-layer protocol?

Solution
To find the time-to-live field, we skip 8 bytes (16 hexadecimal
digits). The time-to-live field is the ninth byte, which is  0116. This
means the packet can travel only one hop. The protocol field is the
next byte  02 16 , which means that the protocol is IGMP. It is not
note that ICMP, IGMP is a network layer protocol

© McGraw Hill, LLC 68
 Fragmentation

A datagram can travel through different networks. Each router
decapsulates the IP datagram from the frame it receives, processes
it, and then encapsulates it in another frame. The format and size of
the received frame depend on the protocol used by the physical
network through which the frame has just traveled. The format and
size of the sent frame depend on the protocol used by the physical
network through which the frame is going to travel. For example, if
a router connects a LAN to a WAN, it receives a frame in the LAN
format and sends a frame in the WAN format.

© McGraw Hill, LLC 69
 Maximum Transfer Unit

Each link-layer protocol has its own frame format. One of the
features of each format is the maximum size of the payload that can
be encapsulated in a frame, total size of the datagram must be less
than the maximum size (see Figure 7.16).

© McGraw Hill, LLC 70
 Figure 7.16 Maximum transfer unit (MTU)

Access the text alternative for slide images.

© McGraw Hill, LLC 71
 Fields Related to Fragmentation

We mentioned before that three fields in an IP datagram are related
to fragmentation: identification, flags, and fragmentation offset.

The 16-bit identification field identifies a datagram originating
from the source host.

The 3-bit flags field defines three flags.

The 13-bit fragmentation offset field shows the relative position of
this fragment with respect to the whole datagram.

© McGraw Hill, LLC 72
 Figure 7.17 Fragmentation example: MTU 1400 bytes

4000/1400=2.857: so we will have 3 fragments

Access the text alternative for slide images.

© McGraw Hill, LLC 73
 Figure 7.18 Detailed fragmentation example
MTU=1400
MTU=1400

MTU=800
MTU=800
4020: the 20 for header
Note 175*8=1400
Note 175+175=350
Note:4000-(1400+1400)=1200

800/8
=100
Access the text alternative for slide images.

© McGraw Hill, LLC 74
 Example 7.12

A packet has arrived with an M bit value of 0. Is this the first
fragment, the last fragment, or a middle fragment? Do we know if
the packet was fragmented?

Solution
If the M bit is 0, it means that there are no more fragments; the
fragment is the last one. However, we cannot say if the original
packet was fragmented or not. A non-fragmented packet is
considered the last fragment.

© McGraw Hill, LLC 75
 Example 7.13

A packet has arrived with an M bit value of 1. Is this the first
fragment, the last fragment, or a middle fragment? Do we know if
the packet was fragmented?

Solution
If the M bit is 1, it means that there is at least one more fragment.
This fragment can be the first one or a middle one, but not the last
one. We don’t know if it is the first one or a middle one; we need
more information (the value of the fragmentation offset).

© McGraw Hill, LLC 76
 Example 7.14

A packet has arrived with an M bit value of 1 and a fragmentation
offset value of 0. Is this the first fragment, the last fragment, or a
middle fragment?

Solution
Because the M bit is 1, it is either the first fragment or a middle
one. Because the offset value is 0, it is the first fragment.

© McGraw Hill, LLC 77
 Example 7.15

A packet has arrived in which the offset value is 100. What is the
number of the first byte? Do we know the number of the last byte?

Solution
To find the number of the first byte, we multiply the offset value by
8. This means that the first byte number is 800. We cannot
determine the number of the last byte unless we know the length of
the data.

© McGraw Hill, LLC 78
 Example 7.16

A packet has arrived in which the offset value is 100, the value of
HLEN is 5, and the value of the total length field is 100. What are
the numbers of the first byte and the last byte?

Solution
The first byte number is 100 * 8 = 800. The total length is 100
bytes, and the header length is 20 bytes (5 * 4), which means that
there are 80 bytes in this datagram. If the first byte number is 800,
the last byte number must be 879.
Note: The Total Length=MTU (80 i.e. payload)+Header( 20, no
option)

© McGraw Hill, LLC 79
 7.4.3 Options

The header of the IPv4 datagram is made of two parts: a fixed part
and a variable part. The fixed part is 20 bytes long and was
discussed in the previous section. The variable part comprises the
options that can be a maximum of 40 bytes (in multiples of 4 bytes)
to preserve the boundary of the header.
The variable part comprises the options, which can be a maximum
of 40 bytes. Options, as the name implies, are not required for a
datagram. They can be used for network testing and debugging.
Although options are not a required part of the IP header, option
processing is required of the IP software.

© McGraw Hill, LLC 80
 Single-Byte Options

There are two single-byte options.

No Operation
A no-operation option is a 1-byte option used as a filler between
options.

End of Option
An end-of-option option is a 1-byte option used for padding at the
end of the option field. It, however, can only be used as the last
option.

© McGraw Hill, LLC 81
 Security of IPv4 Datagrams

We give a brief idea about the security issues in IP protocol.
Packet Sniffing
An intruder may intercept an IP packet and make a copy of it.
Packet Modification
The attacker intercepts the packet, changes its contents, and sends
the new packet to the receiver..
IP Spoofing
An attacker can masquerade as somebody else and create an IP
packet that carries the source address of another computer.

© McGraw Hill, LLC 82
 IPSec

The IP packets today can be protected from the previously
mentioned attacks using a protocol called IPSec (IP Security). This
protocol, which is used in conjunction with the IP protocol, creates
a connection-oriented service between two entities in which they
can exchange IP packets without worrying about the three attacks
discussed above. We will discuss IPSec in detail in Chapter 13.

© McGraw Hill, LLC 83
 7.4.4 ICMPv4

The IPv4 has no error-reporting or error-correcting
mechanism. The IP protocol also lacks a mechanism for host
and management queries. The Internet Control Message
Protocol version 4 (ICMPv4) has been designed to
compensate for the above two deficiencies.

© McGraw Hill, LLC 84
 Messages

ICMP messages are divided into two broad categories: error-
reporting messages and query messages. The error-reporting
messages report problems that a router or a host (destination) may
encounter when it processes an IP packet. The query messages,
which occur in pairs, help a host or a network manager get specific
information from a router or another host. For example, nodes can
discover their neighbors. Also, hosts can discover and learn about
routers on their network and routers can help a node redirect its
messages.

© McGraw Hill, LLC 85
 Figure 7.19 General format of ICMP messages

Access the text alternative for slide images.

© McGraw Hill, LLC 86
 Figure 7.20 Contents of data field for error messages

Access the text alternative for slide images.

© McGraw Hill, LLC 87
 Deprecated Messages

Three pairs of messages are declared obsolete by IETF:

1. Information request and replay messages

2. Address mask request and reply messages

3. Router solicitation and advertisement messages

© McGraw Hill, LLC 88
 Debugging Tools

There are several tools that can be used in the Internet for
debugging. We can determine the viability of a host or router. We
can trace the route of a packet. We introduce two tools that use
ICMP for debugging: ping and traceroute.

© McGraw Hill, LLC 89
 Ping

We can use the ping program to find if a host is alive and is
responding.

© McGraw Hill, LLC 90
 Example 7.17

The following shows how we send a ping message to the
auniversity.edu site.
$ ping auniversity.edu
PING auniversity.edu (152.181.8.3) 56 (84) bytes of data. ttl=62 time=1.91 ms
64 bytes from auniversity.edu (152.181.8.3): icmp_seq=0 ttl=62 time=2.04 ms
64 bytes from auniversity.edu (152.181.8.3): icmp_seq=1 ttl=62 time=1.90 ms
64 bytes from auniversity.edu (152.181.8.3): icmp_seq=2 ttl=62 time=1.90 ms
64 bytes from auniversity.edu (152.181.8.3): icmp_seq=3 ttl=62 time=1.97 ms
64 bytes from auniversity.edu (152.181.8.3): icmp_seq=4 ttl=62 time=1.93 ms
64 bytes from auniversity.edu (152.181.8.3): icmp_seq=5 ttl=62 time=2.00 ms
--- auniversity.edu statistics ---
6 packets transmitted, 6 received, 0% packet loss
rtt min/avg/max = 1.90/1.95/2.04 ms

© McGraw Hill, LLC 91
 Traceroute or Tracert

The traceroute program in UNIX or tracert in Windows can be
used to trace the path of a packet from a source to the destination.
It can find the IP addresses of all the routers that are visited
along the path. The program is usually set to check for the
maximum of 30 hops (routers) to be visited. The number of hops in
the Internet is normally less than this. Since these two programs
behave different in Unix and Windows, we explain them separately.

© McGraw Hill, LLC 92
 Figure 7.21 Example of traceroute program

Access the text alternative for slide images.

© McGraw Hill, LLC 93
 7.4.6 Forwarding of IP Packets

We discussed the concept of forwarding at the network layer earlier
in this chapter. In this section, we extend the concept to include the
role of IP addresses in forwarding. As we discussed before,
forwarding means to place the packet in its route to its
destination. Since the Internet today is made of a combination of
links (networks), forwarding means to deliver the packet to the
next hop (which can be the final destination or the intermediate
connecting device). Although the IP protocol was originally
designed as a connectionless protocol, today the tendency is to
change it to connection-oriented protocol. We discuss both cases.

© McGraw Hill, LLC 94
 Forwarding Based on Destination Address

We first discuss forwarding based on the destination address. This
is a traditional approach, which is prevalent today. In this case,
forwarding requires a host or a router to have a forwarding table.
When a host has a packet to send or when a router has received a
packet to be forwarded, it looks at this table to find the next hop to
deliver the packet to.

© McGraw Hill, LLC 95
 Figure 7.32 Simplified forwarding module in classless address

Access the text alternative for slide images.

© McGraw Hill, LLC 96
 Example 7.19

Make a forwarding table for router R1 using the configuration in
Figure 7.33.

© McGraw Hill, LLC 97
 Network Next hop Interface
address/mask
Figure 7.33 Configuration for Example 7.19—
180.70.65.192/26 m2
180.70.65.128/25 — m0
201.4.22.0/24 — m3
201.4.16.0/22 — m1
Default 180.70.65.200 m2

10110100.01000110.01000001.11000000

10110100.01000110.01000001.10000000
11001001.00000100.00010110.00000000
11001001.00000100.00010000.00000000

Access the text alternative for slide images.

© McGraw Hill, LLC 98
 Table 7.3 Forwarding table for router R1

Network address/mask Next hop Interface
180.70.65.192/26 — m2
180.70.65.128/25 — m0
201.4.22.0/24 — m3
201.4.16.0/22 — m1
Default 180.70.65.200 m2

© McGraw Hill, LLC 99
22.100
Example 22.1

Make a routing table for router R1, using the
configuration in Figure 22.6.

Solution
Table 22.1 shows the corresponding table.

© McGraw Hill, LLC
22.101
Figure 22.6 Configuration for Example 22.1

© McGraw Hill, LLC
22.102

Table 22.1 Routing table for router R1 in Figure 22.6

© McGraw Hill, LLC
22.103
Example 22.2

Show the forwarding process if a packet arrives at R1 in
Figure 22.6 with the destination address 180.70.65.140.
Solution
The router performs the following steps:
1. The first mask (/26) is applied to the destination address.
The result is 180.70.65.128, which does not match the
corresponding network address.
2. The second mask (/25) is applied to the destination
address. The result is 180.70.65.128, which matches the
corresponding network address. The next-hop address
and the interface number m0 are passed to ARP for
further processing.
© McGraw Hill, LLC
22.104
Example 22.3

Show the forwarding process if a packet arrives at R1 in
Figure 22.6 with the destination address 201.4.22.35.

Solution
The router performs the following steps:
1. The first mask (/26) is applied to the destination
address. The result is 201.4.22.0, which does not
match the corresponding network address.
2. The second mask (/25) is applied to the destination
address. The result is 201.4.22.0, which does not
match the corresponding network address (row 2).
© McGraw Hill, LLC
22.105
Example 22.4

Show the forwarding process if a packet arrives at R1 in
Figure 22.6 with the destination address 18.24.32.78.

Solution
This time all masks are applied, one by one, to the
destination address, but no matching network address is
found. When it reaches the end of the table, the module
gives the next-hop address 180.70.65.200 and interface
number m2 to ARP. This is probably an outgoing package
that needs to be sent, via the default router, to someplace
else in the Internet.

© McGraw Hill, LLC
 Address Aggregation

When we use classful addressing, there is only one entry in the
forwarding table for each site outside the organization. The entry
defines the site even if that site is subnetted. When a packet arrives
at the router, the router checks the corresponding entry and
forwards the packet accordingly. When we use classless
addressing, it is likely that the number of forwarding table entries
will increase. To alleviate the problem, the idea of address
aggregation was designed. In Figure 7.34 we have two routers.

© McGraw Hill, LLC 106
 Figure 7.34 Address aggregation
10001100.00011000.00000111.00000000

Access the text alternative for slide images.

© McGraw Hill, LLC 107
 Figure 7.35 Longest mask addressing

Access the text alternative for slide images.

© McGraw Hill, LLC 108
 Example 7.22

As an example of hierarchical routing, let us consider. A regional
ISP is granted 16,384 addresses starting from 120.14.64.0. The
regional ISP has decided to divide this block into 4 subblocks, each
with 4096 addresses. Three of these subblocks are assigned to three
local ISPs, the second subblock is reserved for future use. Note that
the mask for each block is /20 because the original block with mask
/18 is divided into 4 blocks.

© McGraw Hill, LLC 109
 Figure 7.36 Hierarchical routing with ISPs

Access the text alternative for slide images.

© McGraw Hill, LLC 110
 Forwarding Table Search Algorithm

In classless addressing, there is no network information in the
destination address. The simplest, but not the most efficient, search
method is called the longest prefix match (as we discussed before).
The forwarding table can be divided into buckets, one for each
prefix. The router first tries the longest prefix. If the destination
address is found in this bucket, the search is complete. If the
address is not found, the next prefix is searched, and so on. It is
obvious that this type of search takes a long time.

© McGraw Hill, LLC 111
 Example 7.23

Figure 7.37 shows a simple example of searching in a forwarding
table using the longest mask algorithm. Although there are some
more efficient algorithms today, the principle is the same.

© McGraw Hill, LLC 112
 Figure 7.37 Example 7.23

Access the text alternative for slide images.

© McGraw Hill, LLC 113
 7.5 NEXT GENERATION IP (IPv6)

The address depletion of IPv4 and other shortcoming of this
protocol prompted a new version of IP protocol in the early
1990s, which is called Internet Protocol version 6 (IPv6) or
IP new generation (Ipng).

© McGraw Hill, LLC 114
 7.5.1 IPv6 Addressing

The main reason for migration from IPv4 to IPv6 was the small size
of the address space of IPv4. An IPv6 address is 128 bytes or 16
bytes, four times the address length in IPv4.

© McGraw Hill, LLC 115
 Representation

An IPv6 address is 128 bits or 16 bytes long; four times the address
length of IPv4.

Binary (128 bits) 11111110111101101011 … 1111111100000000
Colon hexadecimal FEF6:BA98:7654:3210:ADEF:BBFF:2922:FF00

© McGraw Hill, LLC 116
 Address Space 2

The address space of IPv6 contains 2128 addresses. This address
space is 296 times the IPv4 address—definitely no address
depletion—as shown, the size of the space is

340, 282, 366, 920, 938, 463, 374, 607, 431, 768, 211, 456

© McGraw Hill, LLC 117
 Address Space Allocation

Like the address space of IPv4, the address space of IPv6 is divided
into several blocks of varying size and each block is allocated for a
special purpose. Most of the blocks are still unassigned and have
been set aside for future use. Table 7.5 shows only the assigned
blocks. In this table, the last column shows the fraction each block
occupies in the whole address space.

© McGraw Hill, LLC 118
 Table 7.5 Prefixes for assigned IPv6 addresses

Block prefix CIDR Block assignment Fraction
0000 0000 0000::/8 Special addresses 1/256
001 2000::/3 Global unicast 1/8
1111 110 FC00::/7 Unique local unicast 1/128
1111 1110 10 FE80::/10 Link local addresses 1/1024
1111 1111 FF00::/8 Multicast addresses 1/256

© McGraw Hill, LLC 119
 Figure 7.41 Global unicast address

Access the text alternative for slide images.

© McGraw Hill, LLC 120
 Figure 7.44 Special addresses

Access the text alternative for slide images.

© McGraw Hill, LLC 121
 Other Assigned Blocks

IPv6 uses two large blocks for private addressing and one large
block for multicasting, as shown in Figure 7.45.

© McGraw Hill, LLC 122
 Figure 7.45 Unique local unicast block

Access the text alternative for slide images.

© McGraw Hill, LLC 123
 Autoconfiguration

One of the interesting features of IPv6 addressing is the auto-
configuration of hosts. As we discussed in IPv4, the host and
routers are originally configured manually by the network
manager. However, the Dynamic Host Configuration Protocol,
DHCP, can be used to allocate an IPv4 address to a host that joins
the network. In IPv6, DHCP protocol can still be used to allocate
an IPv6 address to a host, but a host can also configure itself.

© McGraw Hill, LLC 124
Because learning changes everything. ®

www.mheducation.com

© 2022 McGraw Hill, LLC. All rights reserved. Authorized only for instructor use in the classroom.
No reproduction or further distribution permitted without the prior written consent of McGraw Hill, LLC.