Network Layer

Computer
Networking: A Top
Down Approach
6th edition
Jim Kurose, Keith Ross
Addison-Wesley
March 2012
 Network layer
Goals:
understand principles behind network layer
services:
 network layer service models
 forwarding versus routing
 how a router works
 routing (path selection)
 broadcast, multicast
implementation in the Internet
Outline
 Introduction  routing algorithms
 datagram networks – link state
– distance vector
 IP: Internet Protocol
– hierarchical routing
– datagram format
– IPv4 addressing  routing in the Internet
– ICMP – RIP
– IPv6 – OSPF
Network layer
application

• transport segment from transport

network
data link
sending to receiving host physical
network network

• on sending side encapsulates data link data link

network physical
physical
data link

segments into datagrams physical network

data link
network
data link
physical physical
• on receiving side, delivers
network
segments to transport layer network
data link data link
physical physical
network
• network layer protocols in data link
physical
every host, router network
application
transport
data link
• router examines header fields network network
network physical data link data link
data link physical physical
in all IP datagrams passing physical

through it
 Two key network-layer functions
• forwarding: move
packets from router’s
input to appropriate
router output
• routing: determine
route taken by
packets from source
to destination
– routing algorithms
Interplay between routing and forwarding

routing algorithm routing algorithm determines

end-end-path through network

local forwarding table forwarding table determines

header value output link local forwarding at this router
0100 3
0101 2
0111 2
1001 1

value in arriving
packet’s header
0111 1

3 2
Outline
 Introduction  routing algorithms
 datagram networks – link state
– distance vector
 IP: Internet Protocol
– hierarchical routing
– datagram format
– IPv4 addressing  routing in the Internet
– ICMP – RIP
– IPv6 – OSPF
– BGP
Datagram networks
• no call setup at network layer
• routers: no state about end-to-end connections
– no network-level concept of “connection”
• packets forwarded using destination host address

application application
transport transport
network 1. send datagrams 2. receive datagrams network
data link data link
physical physical
Datagram forwarding table
4 billion IP addresses, so
routing algorithm rather than list individual
destination address
local forwarding table
list range of addresses
dest address output link (aggregate table entries)
address-range 1 3
address-range 2 2
address-range 3 2
address-range 4 1

IP destination address in
arriving packet’s header
1
3 2
Datagram forwarding table
Destination Address Range Link Interface

11001000 00010111 00010000 00000000

through 0
11001000 00010111 00010111 11111111

11001000 00010111 00011000 00000000

through 1
11001000 00010111 00011000 11111111

11001000 00010111 00011001 00000000

through 2
11001000 00010111 00011111 11111111

otherwise 3

Q: but what happens if ranges don’t divide up so nicely?

Longest prefix matching
longest prefix matching
when looking for forwarding table entry for given
destination address, use longest address prefix that
matches destination address.

Destination Address Range Link interface

11001000 00010111 00010*** ********* 0
11001000 00010111 00011000 ********* 1
11001000 00010111 00011*** ********* 2
otherwise 3

examples:
DA: 11001000 00010111 00010110 10100001 which interface?
DA: 11001000 00010111 00011000 10101010 which interface?
Outline
 Introduction  routing algorithms
 datagram networks – link state
– distance vector
 IP: Internet Protocol
– hierarchical routing
– datagram format
– IPv4 addressing  routing in the Internet
– ICMP – RIP
– IPv6 – OSPF
– BGP
 The Internet network layer
host, router network layer functions:

transport layer: TCP, UDP

routing protocols IP protocol

• path selection • addressing conventions
• RIP, OSPF, BGP • datagram format
network • packet handling conventions
layer forwarding
table ICMP protocol
• error reporting
• router “signaling”

link layer

physical layer
 IP datagram format
IP protocol version 32 bits
number total datagram
header length head. type of length (bytes)
ver service length
(bytes) len
for
“type” of data fragment fragmentation/
16-bit identifier flgs
offset reassembly
max number time to upper header
remaining hops live layer checksum
(decremented at
32 bit source IP address
each router)
32 bit destination IP address
upper layer protocol
to deliver payload to options (if any) e.g. timestamp,
record route
how much overhead? data taken, specify
(variable length, list of routers
 20 bytes of TCP
typically a TCP to visit.
 20 bytes of IP
or UDP segment)
 = 40 bytes + app
layer overhead
 IP fragmentation, reassembly
• network links have MTU
(max.transfer unit) - largest
possible link-level frame fragmentation:

…
– different link types, in: one large datagram
different MTUs out: 3 smaller datagrams

• large IP datagram divided

(“fragmented”) within net
– one datagram becomes reassembly
several datagrams
– “reassembled” only at final
destination …
– IP header bits used to
identify, order related
fragments
 IP fragmentation, reassembly
length ID fragflag offset
example: =4000 =x =0 =0
 4000 byte datagram
one large datagram becomes
 MTU = 1500 bytes several smaller datagrams

1480 bytes in length ID fragflag offset

data field =1500 =x =1 =0

offset = length ID fragflag offset

1480/8 =1500 =x =1 =185

length ID fragflag offset

=1040 =x =0 =370
Outline
 Introduction  routing algorithms
 datagram networks – link state
– distance vector
 IP: Internet Protocol
– hierarchical routing
– datagram format
– IPv4 addressing  routing in the Internet
– ICMP – RIP
– IPv6 – OSPF
– BGP
 IP Addressing
– must include full address in each packet
– addresses must be unique for entire network

10000000 00001010 00000010 00011101

128.10.2.29
IP Address : 32-bit identifier for host/router interface
(decimal notation)
 IP addressing: introduction
223.1.1.1

• IP address: 32-bit 223.1.2.1

identifier for host, router
interface 223.1.1.2
223.1.1.4 223.1.2.9

• interface: connection
between host/router and 223.1.1.3
223.1.3.27

physical link 223.1.2.2

– routers typically have

multiple interfaces
– host typically has one active 223.1.3.1 223.1.3.2

interface (e.g., wired

Ethernet, wireless 802.11)
• one IP address associated 223.1.1.1 = 11011111 00000001 00000001 00000001
with each interface 223 1 1
1
 IP Address Classes
“class-full” addressing:
Bit position:
0 1 2 3 8 16 31
Class A 0 1.0.0.0 to
Net ID Host ID 126.255.255.255

Class B 1 0 128.0.0.0 to
Net ID Host ID
191.255.255.255

Class C 1 1 0 192.0.0.0 to
Net ID Host ID
223.255.255.255

Class D 1 1 1 0 224.0.0.0 to
Multicast address 239.255.255.255

Class E 1 1 1 1 Reserved for future

Reserved use, experiment
for experiments

Determining the class:

if first bit is 0 then class A
else if second bit 0 then class B
else if ...
 Subnets
• IP address: 223.1.1.1
–subnet part - high order
bits 223.1.1.2 223.1.2.1
223.1.1.4 223.1.2.9
–host part - low order
bits 223.1.2.2
223.1.1.3 223.1.3.27
• what’s a subnet ?
subnet
–device interfaces with
same subnet part of IP 223.1.3.1 223.1.3.2
address
–can physically reach
each other without network consisting of 3 subnets
intervening router
Subnets
223.1.1.0/24
223.1.2.0/24
223.1.1.1
recipe
to determine the 223.1.1.2
223.1.1.4 223.1.2.9
223.1.2.1

subnets, detach each

223.1.2.2
interface from its host 223.1.1.3 223.1.3.27
or router, creating subnet
islands of isolated
223.1.3.2
networks 223.1.3.1

each isolated network

is called a subnet 223.1.3.0/24

subnet mask: /24

Subnet Masking

IP address:
10101000 11110000 00010100 00100101

Mask:
11111111 11111111 11111111 00000000

Applying Mask:
10101000 11110000 00010100 00000000
00000000
Example Subnet Masks

• host’s address is 140.134.6.5

– subnet mask is 255.255.0.0
No subnetting

• host address is 140.134.6.5

– subnet mask is 255.255.255.0
Subnetting with 8 bits

• host address is 140.134.6.5

– subnet mask is 255.255.255.192
Subnetting with 10 bits
Subnets 223.1.1.2

223.1.1.1 223.1.1.4
how many?
223.1.1.3

223.1.9.2 223.1.7.0

223.1.9.1 223.1.7.1
223.1.8.1 223.1.8.0

223.1.2.6 223.1.3.27

223.1.2.1 223.1.2.2 223.1.3.1 223.1.3.2

 Host Addresses
172.16.2.2 10.1.1.1
10.6.24.2
E1
172.16.3.10 E0 10.250.8.11
172.16.2.1

172.16.12.12 10.180.30.118

Routing Table
172.16 . 12 . 12 Network Interface
Network Host 172.16.0.0 E0
10.0.0.0 E1
IP Address Classes Exercise

Address Class Network Host

10.2.1.1

128.63.2.100

201.222.5.64

192.6.141.2

130.113.64.16

256.241.201.10
IP Address Classes Exercise Answers

Address Class Network Host

10.2.1.1 A 10.0.0.0 0.2.1.1

128.63.2.100 B 128.63.0.0 0.0.2.100

201.222.5.64 C 201.222.5.0 0.0.0.64

192.6.141.2 C 192.6.141.0 0.0.0.2

130.113.64.16 B 130.113.0.0 0.0.64.16

256.241.201.10 Nonexistent
Subnet Mask Exercise

Address Subnet Mask Class Subnet

172.16.2.10 255.255.255.0

10.6.24.20 255.255.240.0

10.30.36.12 255.255.255.0
Subnet Mask Exercise Answers

Address Subnet Mask Class Subnet

172.16.2.10 255.255.255.0 B 172.16.2.0

10.6.24.20 255.255.240.0 A 10.6.16.0

10.30.36.12 255.255.255.0 A 10.30.36.0

 Addressing Summary Example

172 16 2 160

172.16.2.160 10101100 00010000 00000010 10100000 Host 1

255.255.255.192 11111111 11111111 11111111 11000000 Mask 2

9 8
172.16.2.128 10101100 00010000 00000010 10000000 Subnet 4

172.16.2.191 10101100 00010000 00000010 10111111 Broadcast

5
172.16.2.129 10101100 00010000 00000010 10000001 First 6

172.16.2.190 10101100 00010000 00000010 10111110 Last 7

 Broadcast Addresses Exercise

Address Subnet Mask Class Subnet Broadcast

201.222.10.60 255.255.255.248

15.16.193.6 255.255.248.0

128.16.32.13 255.255.255.252

153.50.6.27 255.255.255.128
 Broadcast Addresses Exercise Answers

Address Subnet Mask Class Subnet Broadcast

201.222.10.60 255.255.255.248 C 201.222.10.56 201.222.10.63

15.16.193.6 255.255.248.0 A 15.16.192.0 15.16.199.255

128.16.32.13 255.255.255.252 B 128.16.32.12 128.16.32.15

153.50.6.27 255.255.255.128 B 153.50.6.0 153.50.6.127

IP addressing: CIDR

CIDR: Classless InterDomain Routing

 subnet portion of address of arbitrary length
 address format: a.b.c.d/x, where x is # bits in
subnet portion of address

subnet host
part part
11001000 00010111 00010000 00000000
200.23.16.0/23
 IP addressing: how to get a block?

 ICANN: Internet Corporation for Assigned

Names and Numbers http://www.icann.org/
 allocates addresses
 manages DNS
 assigns domain names, resolves disputes
 IP addresses: how to get one?
Q: How does a host get IP address?

• hard-coded by system admin in a file

– Windows: control-panel->network->configuration->tcp/ip-
>properties
– UNIX: /etc/rc.config
• DHCP: Dynamic Host Configuration Protocol: dynamically
get address from a server
– “plug-and-play”
DHCP: Dynamic Host Configuration Protocol
goal: allow host to dynamically obtain its IP address from network server when it joins
network
– can renew its lease on address in use
– allows reuse of addresses (only hold address while connected/“on”)
– support for mobile users who want to join network
DHCP overview:
– host broadcasts “DHCP discover” msg [optional]
– DHCP server responds with “DHCP offer” msg [optional]
– host requests IP address: “DHCP request” msg
– DHCP server sends address: “DHCP ack” msg
DHCP client-server scenario

DHCP
223.1.1.0/24
server
223.1.1.1 223.1.2.1

223.1.1.2 arriving DHCP

223.1.1.4 223.1.2.9
client needs
address in this
223.1.3.27
223.1.2.2 network
223.1.1.3

223.1.2.0/24

223.1.3.1 223.1.3.2

223.1.3.0/24
DHCP client-server scenario
DHCP server: 223.1.2.5 DHCP discover arriving
client
src : 0.0.0.0, 68
dest.: 255.255.255.255,67
yiaddr: 0.0.0.0
transaction ID: 654

DHCP offer
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4
transaction ID: 654
lifetime: 3600 secs
DHCP request
src: 0.0.0.0, 68
dest:: 255.255.255.255, 67
yiaddrr: 223.1.2.4
transaction ID: 655
lifetime: 3600 secs

DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4
transaction ID: 655
lifetime: 3600 secs
DHCP: more than IP addresses
DHCP returns:
 IP address
 address of first-hop router for client
 name and IP address of DNS sever
 network mask (indicating network versus host
portion of address)
DHCP: example
DHCP DHCP  connecting laptop needs its
DHCP UDP IP address, addr of first-hop
DHCP IP router, addr of DNS server:
DHCP Eth use DHCP
Phy
DHCP request encapsulated
DHCP

in UDP, encapsulated in IP,
DHCP DHCP 168.1.1.1 encapsulated in 802.3
DHCP UDP Ethernet
DHCP IP
DHCP Eth router with DHCP  Ethernet frame broadcast
Phy server built into (dest: FFFFFFFFFFFF) on LAN,
router received at router running
DHCP server
 Ethernet demuxed to IP
demuxed, UDP demuxed to
DHCP
DHCP: example
DHCP DHCP • DHCP server formulates
DHCP UDP DHCP ACK containing
DHCP IP client’s IP address, IP
DHCP Eth address of first-hop router
Phy for client, name & IP
address of DNS server

 encapsulation of DHCP
DHCP
DHCP
DHCP UDP
server, frame forwarded
DHCP IP to client, demuxing up to
DHCP Eth router with DHCP DHCP at client
Phy server built into
DHCP
router  client now knows its IP
address, name and IP
address of DNS server, IP
address of its first-hop
router
 DHCP: Wireshark Message type: Boot Reply (2)
reply
output (home LAN) Hardware type: Ethernet
Hardware address length: 6
Hops: 0
Transaction ID: 0x6b3a11b7
Seconds elapsed: 0
Message type: Boot Request (1) Bootp flags: 0x0000 (Unicast)
Hardware type: Ethernet Client IP address: 192.168.1.101 (192.168.1.101)
Hardware address length: 6 Your (client) IP address: 0.0.0.0 (0.0.0.0)
Hops: 0
Transaction ID: 0x6b3a11b7
request Next server IP address: 192.168.1.1 (192.168.1.1)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Seconds elapsed: 0 Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)
Bootp flags: 0x0000 (Unicast) Server host name not given
Client IP address: 0.0.0.0 (0.0.0.0) Boot file name not given
Your (client) IP address: 0.0.0.0 (0.0.0.0) Magic cookie: (OK)
Next server IP address: 0.0.0.0 (0.0.0.0) Option: (t=53,l=1) DHCP Message Type = DHCP ACK
Relay agent IP address: 0.0.0.0 (0.0.0.0) Option: (t=54,l=4) Server Identifier = 192.168.1.1
Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a) Option: (t=1,l=4) Subnet Mask = 255.255.255.0
Server host name not given Option: (t=3,l=4) Router = 192.168.1.1
Boot file name not given Option: (6) Domain Name Server
Magic cookie: (OK) Length: 12; Value: 445747E2445749F244574092;
Option: (t=53,l=1) DHCP Message Type = DHCP Request IP Address: 68.87.71.226;
Option: (61) Client identifier IP Address: 68.87.73.242;
Length: 7; Value: 010016D323688A; IP Address: 68.87.64.146
Hardware type: Ethernet Option: (t=15,l=20) Domain Name = "hsd1.ma.comcast.net."
Client MAC address: Wistron_23:68:8a (00:16:d3:23:68:8a)
Option: (t=50,l=4) Requested IP Address = 192.168.1.101
Option: (t=12,l=5) Host Name = "nomad"
Option: (55) Parameter Request List
Length: 11; Value: 010F03062C2E2F1F21F92B
1 = Subnet Mask; 15 = Domain Name
3 = Router; 6 = Domain Name Server
44 = NetBIOS over TCP/IP Name Server
……
 NAT: network address translation

rest of local network

Internet (e.g., home network)
10.0.0/24 10.0.0.1

10.0.0.4
10.0.0.2
138.76.29.7

10.0.0.3

all datagrams leaving local datagrams with source or

network have same single source destination in this network
NAT IP address:
138.76.29.7,different source port have 10.0.0/24 address for
numbers source, destination (as usual)
 NAT: network address translation

motivation: local network uses just one IP

address as far as outside world is concerned:
– range of addresses not needed from ISP: just one
IP address for all devices
– can change addresses of devices in local network
without notifying outside world
– can change ISP without changing addresses of
devices in local network
– devices inside local net not explicitly addressable,
visible by outside world (a security plus)
 NAT: network address translation
NAT translation table 1: host 10.0.0.1
2: NAT router WAN side addr LAN side addr
changes datagram sends datagram to
source addr from 138.76.29.7, 5001 10.0.0.1, 3345 128.119.40.186, 80
10.0.0.1, 3345 to …… ……
138.76.29.7, 5001,
updates table S: 10.0.0.1, 3345
D: 128.119.40.186, 80
10.0.0.1
1
S: 138.76.29.7, 5001
2 D: 128.119.40.186, 80 10.0.0.4
10.0.0.2
138.76.29.7 S: 128.119.40.186, 80
D: 10.0.0.1, 3345
4
S: 128.119.40.186, 80
D: 138.76.29.7, 5001 3 10.0.0.3
4: NAT router
3: reply arrives changes datagram
dest. address: dest addr from
138.76.29.7, 5001 138.76.29.7, 5001 to 10.0.0.1, 3345
NAT: network address translation

• NAT is controversial:
– routers should only process up to layer 3
– violates end-to-end argument
• NAT possibility must be taken into account by app
designers, e.g., P2P applications
– address shortage should instead be solved by IPv6
Outline
 Introduction  routing algorithms
 datagram networks – link state
– distance vector
 IP: Internet Protocol
– hierarchical routing
– datagram format
– IPv4 addressing  routing in the Internet
– ICMP – RIP
– IPv6 – OSPF
– BGP
 ICMP: Internet control message protocol

• used by hosts & routers to

Type Code description
communicate network- 0 0 echo reply (ping)
level information 3 0 dest. network unreachable
– error reporting: 3 1 dest host unreachable
unreachable host, network, 3 2 dest protocol unreachable
port, protocol 3 3 dest port unreachable
– echo request/reply (used 3 6 dest network unknown
by ping) 3 7 dest host unknown
4 0 source quench (congestion
• network-layer “above” IP: control - not used)
– ICMP msgs carried in IP 8 0 echo request (ping)
datagrams 9 0 route advertisement
• ICMP message: type, code 10 0 router discovery
11 0 TTL expired
plus first 8 bytes of IP 12 0 bad IP header
datagram causing error
 IPv6: motivation
• initial motivation: 32-bit address space soon
to be completely allocated.
• additional motivation:
– header format helps speed processing/forwarding
– header changes to facilitate QoS

IPv6 datagram format:

– fixed-length 40 byte header
– no fragmentation allowed
 IPv4 & IPv6 Header Comparison

IPv4 Header IPv6 Header

Version IHL Type of Service Total Length
Version Traffic Class Flow Label

Fragment
Identification Flags
Offset
Next
Payload Length Hop Limit
Header
Time to Live Protocol Header Checksum

Source Address
Destination Address
Source Address
Options Padding

- field’s name kept from IPv4 to IPv6

Legend

- fields not kept in IPv6 Destination Address

- Name & position changed in IPv6
- New field in IPv6
IPv6 datagram format
priority: identify priority among datagrams in flow
flow Label: identify datagrams in same “flow.”

next header: identify upper layer protocol for data

ver pri flow label
payload len next hdr hop limit
source address
(128 bits)
destination address
(128 bits)

data

32 bits
 IPv6 Header

• Version: This 4 bit field identifies the IP version number.

• Payload Length: This 16-bit value is treated as an
unsigned integer giving the number of bytes in the IPv6
datagram following the fixed-length, 40-byte datagram
header.
• Hop limit: The contents of this field are determined by
one by each router that forwards the datagram. If the
hop limit count reaches zero, the datagram is discarded.
• Source & destination address: The various formats of
the IPv6 128-bit address are described in RFC 2373.
• Data: This is the payload portion of the IPv6 datagram.
Other changes from IPv4
• checksum: removed entirely to reduce
processing time at each hop
• options: allowed, but outside of header,
indicated by “Next Header” field
• ICMPv6: new version of ICMP
– additional message types, e.g. “Packet Too Big”
– multicast group management functions
Transition from IPv4 to IPv6
• not all routers can be upgraded simultaneously
– no “flag days”
– how will network operate with mixed IPv4 and IPv6
routers?
• tunneling: IPv6 datagram carried as payload in
IPv4 datagram among IPv4 routers

IPv4 header fields IPv6 header fields

IPv4 payload
IPv4 source, dest addr IPv6 source dest addr
UDP/TCP payload

IPv6 datagram
IPv4 datagram
Tunneling
A B IPv4 tunnel E F
connecting IPv6 routers
logical view:
IPv6 IPv6 IPv6 IPv6

A B C D E F
physical view:
IPv6 IPv6 IPv4 IPv4 IPv6 IPv6
 Tunneling
A B IPv4 tunnel E F
connecting IPv6 routers
logical view:
IPv6 IPv6 IPv6 IPv6

A B C D E F
physical view:
IPv6 IPv6 IPv4 IPv4 IPv6 IPv6

flow: X src:B src:B flow: X

src: A dest: E src: A
dest: F
dest: E
dest: F
Flow: X Flow: X
Src: A Src: A
data Dest: F Dest: F data

data data

A-to-B: E-to-F:
IPv6 B-to-C: B-to-C: IPv6
IPv6 inside IPv6 inside
IPv4 IPv4