Network Layer

Ante Prodan
School of Computing Engineering and
Mathematics

1
Important Concepts
 How Routers work – forwarding and Routing
 Network Layer Services
 Connection oriented and Connection less paths between hosts
 IP Packet Structure, IP fragmentation and reassembly
 IP Addresses, Class base and Classless
 Subnets and Subnet masks
 How Computer get an IP address – Static and DHCP
 Connecting a computer to a network – Gateway, Subnet mask
and DNS
 How Organisations get IP addresses
 NAT ; Network Address Translation
 ICMP – Internet Control Message Protocol – Traceroute and
ICMP
 IPv6 – 128 bit address space

2
 Network layer
application
transport
network
 transport segments from data link
physical

sending to receiving host network

data link
network
data link
network physical
on sending side
physical
data link
 physical network network

encapsulates segments data link

physical
data link
physical

into datagrams network network

on rcving side, delivers data link data link

 physical
network
physical

segments to transport data link

physical
application
layer network
data link
transport
network
network
data link
 network layer protocols in network
data link
physical data link
physical
physical

every host, router physical

 router examines header

fields in all IP datagrams
passing through it
3
 Two Key Network-Layer Functions
 forwarding: move analogy:
packets from router’s
input to appropriate  routing: process of
router output planning trip from
source to dest
 routing: determine
route taken by packets  forwarding: process of
from source to dest. getting through single
interchange
 routing algorithms

4
Interplay between routing and forwarding

routing algorithm

local forwarding table

header value output link
0100 3
0101 2
0111 2
1001 1

value in arriving
packet’s header
0111 1

3 2

5
 Network service model
Q: What service model for “channel” transporting
datagrams from sender to receiver?

Example services for Example services for a

individual datagrams: flow of datagrams:
 guaranteed delivery  in-order datagram

 guaranteed delivery
delivery
with less than 40 msec  guaranteed minimum

delay bandwidth to flow

 restrictions on changes

in inter-packet spacing

6
Network layer connection and
connection-less service
 datagram network provides network-
layer connectionless service
 VC network provides network-layer
connection service
 analogous to the transport-layer
services, but:
 service: host-to-host
 no choice: network provides one or the
other
 implementation: in network core 7
 Virtual circuits (VC)
“source-to-dest path behaves much like telephone
circuit”
 performance-wise
 network actions along source-to-dest path

 call setup, teardown for each call before data can flow
 each packet carries VC identifier (not destination host address)
 every router on source-dest path maintains “state” for each
passing connection
 link, router resources (bandwidth, buffers) may be allocated to
VC (dedicated resources = predictable service)

8
 Connection setup
 3rd important function in some network
architectures:
 ATM, frame relay, X.25

 before datagrams flow, two end hosts and

intervening routers establish virtual connection
 routers get involved

 network vs transport layer connection service:

 network: between two hosts (may also

involve intervening routers in case of VCs)

 transport: between two processes
9
VC implementation
a VC consists of:
1. path from source to destination
2. VC numbers, one number for each link along
path
3. entries in forwarding tables in routers along path
 packet belonging to VC carries VC number
(rather than dest address)
 VC number can be changed on each link.
 New VC number comes from forwarding table

10
 Forwarding table
VC number

12 22 32

1 3
2

Forwarding table in interface

number
northwest router:
Incoming interface Incoming VC # Outgoing interface Outgoing VC #

1 12 3 22
2 63 1 18
3 7 2 17
1 97 3 87
… … … …

Routers maintain connection state information!

11
 Virtual circuits: signaling protocols
 used to setup, maintain teardown VC
 used in ATM, frame-relay, X.25
 not used in today’s Internet

application
6. Receive data application
transport 5. Data flow begins
network 4. Call connected 3. Accept call transport
data link 1. Initiate call 2. incoming call network
data link
physical
physical

12
 Datagram networks
 no call setup at network layer
 routers: no state about end-to-end connections
 no network-level concept of “connection”
 packets forwarded using destination host address
 packets between same source-dest pair may take different
paths

application
application
transport
transport
network
data link 1. Send data 2. Receive data network
data link
physical
physical

13
Question 1
What are the service model/s that network
layer can provide?

a) Application and transport service.

b) Connectionless and connection service.
c) Peer to peer service only
d) IP protocol service

14
 4 billion
Forwarding table possible entries

Destination Address Range Link Interface

11001000 00010111 00010000 00000000

through 0
11001000 00010111 00010111 11111111

11001000 00010111 00011000 00000000

through 1
11001000 00010111 00011000 11111111

11001000 00010111 00011001 00000000

through 2
11001000 00010111 00011111 11111111

otherwise 3

15
Router Architecture Overview

Two key router functions:

 run routing algorithms/protocol (RIP, OSPF, BGP)
 forwarding datagrams from incoming to outgoing link

16
 Input Port Functions

Physical layer:
bit-level reception
Data link layer: Decentralized switching:
e.g., Ethernet  given datagram dest., lookup output port
see chapter 5 using forwarding table in input port
memory
 goal: complete input port processing at ‘line
speed’
 queuing: if datagrams arrive faster than
forwarding rate into switch fabric

17
Three types of switching fabrics

18
 Output Ports

 Buffering required when datagrams arrive

from fabric faster than the transmission rate
 Scheduling discipline chooses among queued
datagrams for transmission
19
 Output port queueing

 buffering when arrival rate via switch exceeds

output line speed
 queueing (delay) and loss due to output port
buffer overflow!
20
Question 2
The two main function of a router are?

a) Firewall and Network Address Translation

b) Routing and buffering
c) Forwarding and routing
d) Forwarding and buffering

21
 The Internet Network layer
Host, router network layer functions:

Transport layer: TCP, UDP

Routing protocols IP protocol

•path selection •addressing conventions
•RIP, OSPF, BGP •datagram format
Network •packet handling conventions
layer forwarding
ICMP protocol
table
•error reporting
•router “signaling”

Link layer

physical layer

22
 IP datagram format

IP protocol version 32 bits total datagram

number length (bytes)
type of
header length ver head. length
(bytes) len service for
fragment fragmentation/
“type” of data 16-bit identifier flgs
offset reassembly
max number time to upper header
remaining hops live layer checksum
(decremented at
32 bit source IP address
each router)
32 bit destination IP address
upper layer protocol
to deliver payload to Options (if any) E.g. timestamp,
record route
how much overhead data taken, specify
with TCP? (variable length, list of routers
 20 bytes of TCP typically a TCP to visit.
 20 bytes of IP or UDP segment)
 = 40 bytes + app
layer overhead 23
 IP Fragmentation & Reassembly

 network links have MTU

(max.transfer size) - largest fragmentation:
possible link-level frame. in: one large datagram
 different link types, different out: 3 smaller datagrams
MTUs
 large IP datagram divided
(“fragmented”) within net
reassembly
 one datagram becomes
several datagrams
 “reassembled” only at final
destination
 IP header bits used to
identify, order related
fragments

24
 IP Fragmentation and Reassembly
length ID fragflag offset
=4000 =x =0 =0
Example
 4000 byte One large datagram becomes
datagram several smaller datagrams

 MTU = 1500
length ID fragflag offset
bytes =1500 =x =1 =0
1480 bytes in
data field length ID fragflag offset
=1500 =x =1 =185
offset =
1480/8 length ID fragflag offset
=1040 =x =0 =370

25
 IP Addressing: introduction
223.1.1.1
 IP address: 32-bit 223.1.2.1
identifier for host, 223.1.1.2

router interface 223.1.1.4 223.1.2.9

 interface: connection 223.1.1.3 223.1.3.27

223.1.2.2

between host/router
and physical link
 router’s typically have 223.1.3.1 223.1.3.2
multiple interfaces
 host typically has one
interface
 IP addresses associated 223.1.1.1 = 11011111 00000001 00000001 00000001
with each interface
223 1 1 1

26
 Subnets
223.1.1.1
 IP address:
223.1.2.1
 subnet part (high order 223.1.1.2
bits) 223.1.1.4 223.1.2.9
 host part (low order
223.1.2.2
bits) 223.1.1.3 223.1.3.27
 What’s a subnet ? subnet
 device interfaces with
same subnet part of IP 223.1.3.1 223.1.3.2
address
 can physically reach
each other without network consisting of 3 subnets
intervening router

27
 Subnets
223.1.1.0/24
223.1.2.0/24
Recipe
 To determine the

subnets, detach each

interface from its host
or router, creating
islands of isolated
networks. Each isolated
network is called a
subnet.

223.1.3.0/24

Subnet mask: /24

28
IP addressing: CIDR

CIDR: Classless InterDomain Routing

 subnet portion of address of arbitrary length
 address format: a.b.c.d/x, where x is # bits
in subnet portion of address

subnet host
part part
11001000 00010111 00010000 00000000
200.23.16.0/23
29
 IP addresses: how to get one?

Q: How does a host get IP address?

 hard-coded by system admin in a file
 Windows: control-panel->network-

>configuration->tcp/ip->properties
 UNIX: /etc/rc.config

 DHCP: Dynamic Host Configuration Protocol:

dynamically get address from as server
 “plug-and-play”

30
 DHCP: Dynamic Host Configuration
Protocol

Goal: allow host to dynamically obtain its IP address from

network server when it joins network
Can renew its lease on address in use
Allows reuse of addresses (only hold address while connected an
“on”)
Support for mobile users who want to join network (more
shortly)
DHCP overview:
 host broadcasts “DHCP discover” msg

 DHCP server responds with “DHCP offer” msg

 host requests IP address: “DHCP request” msg

 DHCP server sends address: “DHCP ack” msg

31
DHCP client-server scenario

A 223.1.1.1 DHCP 223.1.2.1

server
223.1.1.2
223.1.1.4 223.1.2.9
B
223.1.2.2 arriving DHCP
223.1.1.3 223.1.3.27 E client needs
address in this
223.1.3.1 223.1.3.2
network

32
DHCP client-server scenario
DHCP server: 223.1.2.5 arriving
DHCP discover
client
src : 0.0.0.0, 68
dest.: 255.255.255.255,67
yiaddr: 0.0.0.0
transaction ID: 654

DHCP offer
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4
transaction ID: 654
Lifetime: 3600 secs
DHCP request
src: 0.0.0.0, 68
dest:: 255.255.255.255, 67
yiaddrr: 223.1.2.4
transaction ID: 655
time Lifetime: 3600 secs

DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255, 68
yiaddrr: 223.1.2.4
transaction ID: 655
Lifetime: 3600 secs
33
 IP addresses: how to get one?
Q: How does network get subnet part of IP addr?
A: gets allocated portion of its provider ISP’s
address space

ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/23

Organization 1 11001000 00010111 00010010 00000000 200.23.18.0/23
Organization 2 11001000 00010111 00010100 00000000 200.23.20.0/23
... ….. …. ….
Organization 7 11001000 00010111 00011110 00000000 200.23.30.0/23

34
 Hierarchical addressing: route
aggregation
Hierarchical addressing allows efficient advertisement of routing
information:

Organization 0
200.23.16.0/23
Organization 1
“Send me anything
200.23.18.0/23 with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
beginning
199.31.0.0/16”

35
 Hierarchical addressing: more specific route

ISPs-R-Us has a more specific route to Organization 1

Organization 0
200.23.16.0/23

“Send me anything
with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
Organization 1 beginning 199.31.0.0/16
or 200.23.18.0/23”
200.23.18.0/23

36
 NAT: Network Address Translation

rest of local network

Internet (e.g., home network)
10.0.0/24 10.0.0.1

10.0.0.4
10.0.0.2
138.76.29.7

10.0.0.3

All datagrams leaving local Datagrams with source or

network have same single source destination in this network
NAT IP address: 138.76.29.7, have 10.0.0/24 address for
different source port numbers source, destination (as usual)

37
 NAT: Network Address Translation

 Motivation: local network uses just one IP address as far as

outside world is concerned:
 range of addresses not needed from ISP: just one IP

address for all devices

 can change addresses of devices in local network

without notifying outside world

 can change ISP without changing addresses of devices

in local network
 devices inside local net not explicitly addressable, visible

by outside world (a security plus).

38
 NAT: Network Address Translation
Implementation: NAT router must:

 outgoing datagrams: replace (source IP address,

port #) of every outgoing datagram to (NAT IP
address, new port #)
. . . remote clients/servers will respond using (NAT
IP address, new port #) as destination addr.

 remember (in NAT translation table) every

(source IP address, port #) to (NAT IP address, new
port #) translation pair

 incoming datagrams: replace (NAT IP address,

new port #) in dest fields of every incoming
datagram with corresponding (source IP address, port
#) stored in NAT table
39
 NAT: Network Address Translation
NAT translation table
2: NAT router 1: host 10.0.0.1
WAN side addr LAN side addr
changes datagram sends datagram to
138.76.29.7, 5001 10.0.0.1, 3345 128.119.40.186, 80
source addr from
…… ……
10.0.0.1, 3345 to
138.76.29.7, 5001, S: 10.0.0.1, 3345
updates table D: 128.119.40.186, 80
10.0.0.1
1
S: 138.76.29.7, 5001
2 D: 128.119.40.186, 80 10.0.0.4
10.0.0.2
138.76.29.7 S: 128.119.40.186, 80
D: 10.0.0.1, 3345
4
S: 128.119.40.186, 80
D: 138.76.29.7, 5001 3 10.0.0.3
4: NAT router
3: Reply arrives changes datagram
dest. address: dest addr from
138.76.29.7, 5001 138.76.29.7, 5001 to 10.0.0.1, 3345

40
NAT: Network Address Translation
 16-bit port-number field:
 60,000 simultaneous connections with a
single LAN-side address!
 NAT is controversial:
 routers should only process up to layer 3
 violates end-to-end argument
 NAT possibility must be taken into account by
app designers, eg, P2P applications
 address shortage should instead be solved
by IPv6
41
 ICMP: Internet Control Message Protocol
 used by hosts & routers to
communicate network-level Type Code description
information 0 0 echo reply (ping)
3 0 dest. network unreachable
 error reporting:
3 1 dest host unreachable
unreachable host, 3 2 dest protocol unreachable
network, port, protocol 3 3 dest port unreachable
 echo request/reply (used
3 6 dest network unknown
by ping) 3 7 dest host unknown
4 0 source quench (congestion
 network-layer “above” IP: control - not used)
 ICMP msgs carried in IP 8 0 echo request (ping)
datagrams 9 0 route advertisement
10 0 router discovery
 ICMP message: type, code
11 0 TTL expired
plus first 8 bytes of IP 12 0 bad IP header
datagram causing error

42
 Traceroute and ICMP
 Source sends series of UDP  When ICMP message arrives,
segments to destination source calculates RTT
 First has TTL =1  Traceroute does this 3 times
 Second has TTL=2, etc. Stopping criterion
 Unlikely port number  UDP segment eventually
 When n-th datagram arrives to arrives at destination host
n-th router:  Destination returns ICMP
 Router discards datagram “host unreachable” packet
 And sends to source an ICMP (type 3, code 3)
message (type 11, code 0)
 When source gets this ICMP,
Message includes name of

stops.
router& IP address

43
 Question 3
Which of the following are network (Internet)
layer protocols?

a) POP3 and ICMP

b) ICMP and IP
c) IP and DNS
d) Ethernet and 802.11

44
 IPv6

 Initial motivation: 32-bit address space

already completely allocated so replace it with
128-bit address space.
 Additional motivation:
 header format helps speed processing/forwarding
 header changes to facilitate QoS

IPv6 datagram format:

 fixed-length 40 byte header

 no fragmentation allowed

45
 Other resources
 Internet (IP) layer of TCP/IP
 Wikipedia http://en.wikipedia.org/wiki/Internet_layer
 Video
http://www.youtube.com/watch?v=STvq52WOIiw
 DHCP (video)
 http://www.youtube.com/watch?v=bv1itFPQ7O0&list
=PL547999D71DCAB1D0
 ICMP (video)
 http://www.youtube.com/watch?v=iWX1-QKG-
8Q&list=PL547999D71DCAB1D0

46
Other resources
 An introduction to IPv6
 https://www.youtube.com/watch?v=qLpxn
Hk6q50

47