Chapter 18

Introduction to Network Layer

Summary of Layer Functions
 Packetizing
 - encapsulating the payload in a network-
layer packet at the source and decapsulating
the payload from the network-layer packet at
the destination.
 - In other words, one duty of the network
layer is to carry a payload from the source to
the destination without changing it or using
it.
 - Similar to the service of a carrier such as
the postal office
 Routing and Forwarding

 Other duties of the network layer are

 - routing

 - forwarding
 Routing

 The network layer is responsible for routing the packet from

its source to the destination.
 A physical network is a combination of networks (LANs and
WANs) and routers that connect them. This means that there
is more than one route from the source to the destination.
 The network layer is responsible for finding the best one
among these possible routes, using some specific strategies
 In the Internet today, this is done by running some routing
protocols to help the routers coordinate their knowledge
about the neighbourhood and to come up with consistent
tables to be used when a packet arrives.
 Forwarding
 Can be defined as the action applied by each router when a
packet arrives at one of its interfaces.
 The decision-making table a router normally uses for
applying this action is sometimes called the forwarding table
and sometimes the routing table.
 When a router receives a packet from one of its attached
networks, it needs to forward the packet to another attached
network (in unicast routing) or to some attached networks
(in multicast routing).
 To make this decision, the router uses a piece of information
in the packet header, which can be the destination address or
a label, to find the corresponding output interface number in
the forwarding table.
Other Services
 Error Control: Not implemented
 A reason for this decision is the fact that the packet in
the network layer may be fragmented at each router,
which makes error checking at this layer inefficient.
 Partially implemented through Checksum for header
and ICMP protocol
 Flow Control: does not directly provide any flow
control
1. Since there is no error control in this layer, the job of NL at
receiver is so simple that it may rarely be overwhelmed.
2. The upper layers that use the service of the network layer can
implement buffers to receive data from the network layer as
they are ready and do not have to consume the data as fast as it
is received.
 3. Flow control is provided for most of the upper-layer protocols
that use the services of the network layer, so another level of flow
control makes the network layer more complicated and the whole
system less efficient.

 Congestion Control : may occur if the number

of datagrams sent by source computers is beyond
the capacity of the network or routers.
 In this situation, some routers may drop some of the datagrams.
 But, as more datagrams are dropped, the situation may become
worse because, due to the error control mechanism at the upper
layers, the sender may send duplicates of the lost packets. If the
congestion continues, sometimes a situation may reach a point
where the system collapses and no datagrams are delivered.
 QoS : As the Internet has allowed new
applications such as multimedia
communication (in particular real-time
communication of audio and video), the quality
of service (QoS) of the communication has
become more and more important.
 The Internet has thrived by providing better quality
of service to support these applications.
 However, to keep the network layer untouched, these
provisions are mostly implemented in the upper
layer.
 Security
 Security was not a concern when the Internet was
originally designed because it was used by a small
number of users at universities for research activities;
other people had no access to the Internet.
 The network layer was designed with no security
provision.
 Today, however, security is a big concern -To provide
security for a connectionless network layer, we need
to have another virtual level that changes the
connectionless service to a connection-oriented
service. This virtual layer, called IPSec
 PACKET SWITCHING

 A kind of switching occurs at the network layer.

 A router, in fact, is a switch that creates a connection
between an input port and an output port (or a set of
output ports)
 Although in data communication switching techniques are
divided into two broad categories, circuit switching and
packet switching, only packet switching is used at the
network layer because the unit of data at this layer is a
packet
 Today, a packet-switched network can use two different
approaches to route the packets: the datagram approach
and the virtual circuit approach.
Datagram Approach
 The network layer was designed to provide
a connectionless service in which the network-layer
protocol treats each packet independently, with each
packet having no relationship to any other packet.
 The idea was that the network layer is
only responsible for delivery of packets from the
source to the destination.
 In this approach, the packets in a message may
or may not travel the same path to their
destination.
A connectionless packet-switched network
Virtual Circuit Approach

 There is a relationship between all packets

belonging to a message.
 Before all datagrams in a message can be sent, a virtual
connection should be set up to define the path for the
datagrams.
 After connection setup, the datagrams can all
follow the same path.
 In this type of service, not only must the packet contain
the source and destination addresses, it must also
contain a flow label, a virtual circuit identifier that
defines the virtual path the packet should follow.
A virtual-circuit packet-switched network
 Setup Phase
 In the setup phase, a router creates an entry
for a virtual circuit.
 For example, suppose source A needs to create a
virtual circuit to destination B.
 Two auxiliary packets need to be exchanged
between the sender and the receiver: the request
packet and the acknowledgment packet.
Forwarding process in a router when used in a virtual-circuit
network
Note

In the virtual-circuit approach, the

forwarding decision is based on the
label of the packet.
Sending request packet in a virtual-circuit network
Sending acknowledgments in a virtual-circuit network
 2. Data-Transfer Phase
• After all routers have created their forwarding table for a
specific virtual circuit, then the network-layer packets
belonging to one message can be sent one after another.

• We show the flow of a single packet, but the process is the

same for 1, 2, or 100 packets.

• The source computer uses the label 14, which it has received
from router R1 in the setup phase.

• Router R1 forwards the packet to router R3, but changes the

label to 66. Router R3 forwards the packet to router R4, but
changes the label to 22.

• Finally, router R4 delivers the packet to its final destination with

the label 77. All the packets in the message follow the same
sequence of labels, and the packets arrive in order at the
destination.
Flow of one packet in an established virtual circuit
Teardown Phase

• In the teardown phase, source A, after sending all

packets to B, sends a special packet called a
teardown packet.

• Destination B responds with a confirmation packet.

• All routers delete the corresponding entries from

their tables.
Logical Addressing
 IPv4 ADDRESSES

• An IPv4 address is a 32-bit address that uniquely and

universally defines the connection of a device (for
example, a computer or a router) to the Internet.

• The IP address is the address of the connection,

not the host or the router.
Topics discussed in this section:
Address Space
Notations
Classful Addressing
Classless Addressing
DHCP
Network Address Translation (NAT)
Note

An IPv4 address is 32 bits long.

Note

The IPv4 addresses are unique

and universal.
Note

The address space of IPv4 is

232 or 4,294,967,296.
Three different notations in IPv4 addressing
Most common are Dotted-decimal notation and binary notation for an IPv4 address
 Example 1

Change the following IPv4 addresses from binary

notation to dotted-decimal notation.

Solution
We replace each group of 8 bits with its equivalent
decimal number and add dots for separation.
 Example 2

Change the following IPv4 addresses from dotted-decimal

notation to binary notation.

Solution
We replace each decimal number with its binary
equivalent
 Example 3

Find the error, if any, in the following IPv4 addresses.

 Example 3

Find the error, if any, in the following IPv4 addresses.

Solution
a. There must be no leading zero (045).
b. There can be no more than four numbers.
c. Each number needs to be less than or equal to 255.
d. A mixture of binary notation and dotted-decimal
notation is not allowed.
 IPv4 addressing

Classful Classless
addressing addressing
Becoming obsolete Normally used now a days
Hierarchy in addressing
Note

In classful addressing, the address

space is divided into five classes:
A, B, C, D, and E.
Figure Finding the classes in binary and dotted-decimal notation

Netid : The portion of the IP address that identifies the

network is called the netid.

The portion of the IP address that identifies the

Hostid: host or router on the network is called the hostid.
 Table 1 Number of blocks and block size in classful IPv4 addressing

(1) (27) (224)

(2) (214) (216)
(3) (221) (28)
(4) (228)
(4)

* Unicast communication is one source sending a packet to one

destination.

* Multicast communication is one source sending a packet to

multiple destinations.
 Example 4

Find the class of each address.

a. 00000001 00001011 00001011 11101111
b. 11000001 10000011 00011011 11111111
c. 14.23.120.8
d. 252.5.15.111
 Example 4

Find the class of each address.

a. 00000001 00001011 00001011 11101111
b. 11000001 10000011 00011011 11111111
c. 14.23.120.8
d. 252.5.15.111

Solution
a. The first bit is 0. This is a class A address.
b. The first 2 bits are 1; the third bit is 0. This is a class C
address.
c. The first byte is 14; the class is A.
d. The first byte is 252; the class is E.
Default masking is a process that extracts the network
address from an IP address.

Table 2 Default masks for classful addressing

*Subnetting divides one large network into several
smaller ones.
*Subnetting adds an intermediate level of hierarchy in IP
addressing.

* Supernetting combines several networks into

one large one.
Note

In classful addressing, a large part of the

available addresses were wasted.
Note

Classful addressing, which is almost

obsolete, is replaced with classless
addressing.
 Classless Addressing
• With the growth of the Internet, it was clear that a larger
address space was needed as a long-term solution.
• This requires that the length of IP addresses also be
increased, which means the format of the IP packets needs
to be changed.
• The long-range solution has already been devised and is
called IPv6
• A short-term solution called classless addressing was also
devised to use the same address space but to change the
distribution of addresses to provide a fair share to each
organization..
• In other words, the class privilege was removed from the
distribution to compensate for the address depletion.
 An ISP can provide these services. An ISP is granted a large
range of addresses and then subdivides the addresses (in
groups of 1, 2, 4, 8, 16, and so on), giving a range of
addresses to a household or a small business. The customers
are connected via a dial-up modem, DSL, or cable modem to
the ISP.
In classless addressing, there are
variable-length blocks that belong to
no class. The entire address space is
divided into blocks based on
organization needs.
Classless addressing

*To overcome address depletion in classfull

addressing.

*No classes, but addresses are in blocks

*Restriction:
1.The addresses in a block must be contiguous
2.The number of addresses in a block must be
power of 2
3. The first address must be divisible by the
number of addresses
Figure A block of 16 addresses granted to a small organization
 Example 19.5

The addresses are contiguous.

The number of addresses is a power of 2 (16 = 24).

The first address is divisible by 16.

The first address, when converted to a decimal number, is

3,440,387,360, which when divided by 16 results in 215,024,210.
• Unlike classful addressing, the prefix length in classless
addressing is variable - ranges from 0 to 32.
• The size of the network is inversely proportional to the
length of the prefix - A small prefix means a larger
network; a large prefix means a smaller network.
• The idea of classless addressing can be easily applied to
classful addressing.
• An address in class A can be thought of as a
classless address in which the prefix length is 8.
• An address in class B can be thought of as a
classless address in which the prefix is 16, and so on.
In other words, classful addressing is a special case
of classless addressing.
Prefix Length: Slash Notation

• Since the prefix length is not inherent in the address, we

need to separately give the length of the prefix.
• In this case, the prefix length, n, is added to the address,
separated by a slash. The notation is informally referred
to as slash notation and formally as classless interdomain
routing or CIDR (pronounced cider) strategy. An address
in classless addressing can then be represented as
Note

In IPv4 classless addressing, a block of

addresses can be defined as
x.y.z.t /n
in which x.y.z.t defines one of the
addresses and the /n defines the mask.
Note

The number of addresses in the block

can be found by using the formula
232−n.
Note

The first address in the block can be

found by setting the rightmost
“32 − n” bits to 0s.
Note

The last address in the block can be

found by setting the rightmost
“32 − n” bits to 1s.
Extracting Information from an Address
• Given any address in the block, we normally like to
know three pieces of information about the block to
which the address belongs: the number of addresses, the
first address in the block, and the last address.

Since the value of prefix length, n, is given, we can easily

find these three pieces of information
• The number of addresses in the block is found as N =
32−n
2
• To find the first address, we keep the n leftmost bits and
set the (32 − n) rightmost bits all to 0s.
• To find the last address, we keep the n leftmost bits and
set the (32 − n) rightmost bits all to 1s.
 Example 6

A block of addresses is granted to a small organization.

We know that one of the addresses is 205.16.37.39/28.
What is the first address in the block?

Solution
The binary representation of the given address is
11001101 00010000 00100101 00100111
If we set 32−28 rightmost bits to 0, we get
11001101 00010000 00100101 0010000
or
205.16.37.32.
This is actually the block shown in Figure .
 Example 7

Find the last address for the block in Example 6.

Solution
The binary representation of the given address is
11001101 00010000 00100101 00100111
If we set 32 − 28 rightmost bits to 1, we get
11001101 00010000 00100101 00101111
or
205.16.37.47
This is actually the block shown in Figure
 Example 8

Find the number of addresses in Example 6.

Solution
The value of n is 28, which means that number
of addresses is 2 32−28 or 16.
Example 9
A classless address is given as 167.199.170.82/27. Find the
number of addresses, first and last address

Solution: 32 − n 5
The number of addresses in the network is 2 = 2 = 32
addresses.
 Example 10

Another way to find the first address, the last address, and
the number of addresses is to represent the mask as a 32-
bit binary (or 8-digit hexadecimal) number. This is
particularly useful when we are writing a program to find
these pieces of information. In 205.16.37.39/28 the /28
can be represented as
11111111 11111111 11111111 11110000
(twenty-eight 1s and four 0s).

Find
a. The first address
b. The last address
c. The number of addresses.
 Example 10 (continued)

Solution
a. The first address can be found by ANDing the given
addresses with the mask. ANDing here is done bit by
bit. The result of ANDing 2 bits is 1 if both bits are 1s;
the result is 0 otherwise.
 Example 10(continued)

b. The last address can be found by ORing the given

addresses with the complement of the mask. ORing
here is done bit by bit. The result of ORing 2 bits is 0 if
both bits are 0s; the result is 1 otherwise. The
complement of a number is found by changing each 1
to 0 and each 0 to 1.
 Example 10(continued)

c. The number of addresses can be found by

complementing the mask, interpreting it as a decimal
number, and adding 1 to it.
Figure A network configuration for the block 205.16.37.32/28
Note

The first address in a block is

normally not assigned to any device;
it is used as the network address that
represents the organization
to the rest of the world.
Example 11
Example 11(continued)
 Example 11(continued)

c. The number of addresses in the smallest subblock,

which requires 10 addresses, is not a power of 2. We
allocate 16 addresses. The subnet mask for this subnet
can be found as n1 = 32 − log 2 16 = 28. The first
address in this block is 14.24.74.192/28; the last address
is 14.24.74.207/28.
Example 11(continued)
Example 12 – Address aggregation
Figure A frame in a character-oriented protocol
Note

Each address in the block can be

considered as a two-level
hierarchical structure:
the leftmost n bits (prefix) define
the network;
the rightmost 32 − n bits define
the host.
Figure Configuration and addresses in a subnetted network
Figure Three levels of hierarchy in an IPv4 address
Figure Three-level hierarchy in an IPv4 address
 Example 12

An ISP is granted a block of addresses starting with

190.100.0.0/16 (65,536 addresses). The ISP needs to
distribute these addresses to three groups of customers as
follows:
a. The first group has 64 customers; each needs 256
addresses.
b. The second group has 128 customers; each needs 128
addresses.
c. The third group has 128 customers; each needs 64
addresses.
Design the subblocks and find out how many addresses
are still available after these allocations.
 Example 12 (continued)

Solution
Figure shows the situation.
Group 1
For this group, each customer needs 256 addresses. This
means that 8 (log2 256) bits are needed to define each
host. The prefix length is then 32 − 8 = 24. The addresses
are
 Example 12 (continued)

Group 2
For this group, each customer needs 128 addresses. This
means that 7 (log2 128) bits are needed to define each
host. The prefix length is then 32 − 7 = 25. The addresses
are
 Example 12 (continued)
Group 3
For this group, each customer needs 64 addresses. This
means that 6 (log264) bits are needed to each host. The
prefix length is then 32 − 6 = 26. The addresses are

Number of granted addresses to the ISP: 65,536

Number of allocated addresses by the ISP: 40,960
Number of available addresses: 24,576
Figure An example of address allocation and distribution by an ISP
 Special Addresses

IPv4 has Five special addresses that are used for

special purposes:
• this-host address,
• limited-broadcast address,
• loopback address,
• private addresses, and
• multicast addresses.
1. This-host Address : The only address in the block 0.0.0.0/32 is
called the this-host address. It is used whenever a host needs
to send an IP datagram but it does not know its own address
to use as the source address.

2. Limited-broadcast Address: The only address in the block

255.255.255.255/32 is called the limited-broadcast address. It
is used whenever a router or a host needs to send a datagram
to all devices in a network. The routers in the network,
however, block the packet having this address as the
destination; the packet cannot travel outside the network

3. Loopback Address: The block 127.0.0.0/8 is called the

loopback address. A packet with one of the addresses in this
block as the destination address never leaves the host; it will
remain in the host. Any address in the block is used to test a
piece of software in the machine. For example, we can write a
client and a server program in which one of the addresses in
the block is used as the server address.
4. Private Addresses : Four blocks are assigned as
private addresses: 10.0.0.0/8, 172.16.0.0/12,
192.168.0.0/16, and 169.254.0.0/16. We will see the
applications of these addresses when we discuss NAT
later in the chapter.

5. Multicast Addresses The block 224.0.0.0/4 is reserved

for multicast addresses. We discuss these addresses
later in the chapter
DHCP – Dynamic Host Configuration Protocol

Note: DHCP is a client-server protocol in which the client sends a

request message and the server returns a response message
DHCP Message Format
 Option field
• The 64-byte option field has a dual purpose. It can carry
either additional information or some specific vendor
information.
• The server uses a number, called a magic cookie, in the
format of an IP address with the value of 99.130.83.99. When
the client finishes reading the message, it looks for this
magic cookie. If present, the next 60 bytes are options.
• An option is composed of three fields: a 1-byte tag field, a 1-
byte length field, and a variable-length value field.
• There are several tag fields that are mostly used by vendors.
If the tag field is 53, the value field defines one of the 8
message types shown in Figure.We show how these message
types are used by DHCP.
Operation of DHCP
Note: We said that the DHCP uses two well-
known ports (68 and 67) instead of one well-
known and one ephemeral.
FSM for the DHCP client
Network Address Translation(NAT):

•NAT enables a user to have a large set of

Addresses internally and one address
or small set of addresses, externally.

•The traffic inside can use the large set,

The traffic outside , the small set
 Table Addresses for private networks

• Any organization can use any above address

without permission from Internet authorities
•Private addresses are unique inside the organization
but they are not unique Globally.
•No router will forward a packet that has one of
these addresses as the destination.
Figure A NAT implementation

The site must have only one single connection to the Global
Internet through a router that runs the NAT software
Figure Addresses in a NAT
Address Translation

•The private network starts the communication

The communication with the internet always initiated from

the customer site , using a client program such as HTTP,
TELNET or FTP to access the corresponding server program.
Ex: e-mail stored in mailbox until retrieved
Translation table
•Using one IP Address
•Using pool of IP addresses
•Using both IP addresses and port Numbers
Figure NAT address translation
Table Five-column translation table
Figure An ISP and NAT