Unit 2: Network layer                                                              LH 4
Network layer service
       Connection oriented services,
       Connection less services
Connection oriented protocols
       Virtual Circuits (VC), VC forwarding table, VC signaling protocols
Connection less protocols
       Issues in IP, Next hop Routing, Internet Routing tables, longest prefix matching,
       IP router model, IP Forwarding, IP header in detail, Fragmentation-MTU, ICMP,
       ICMP error reporting, ICMP error restrictions
Router Architecture Overview
       Input port functions, Type of switching fabrics (memory, bus, crossbar) in detail
       Output ports, Output port queuing, Input port queuing
Q. Assume a link layer protocol, called Newnet with MTU 1600 bytes. A TCP segment with
7540 bytes of user data is to be sent over Newnet link. There are 20 bytes of IP options involved.
How many IP fragments are transmitted and what is the offset and IP payload length of each
fragment?                                                                          [4-2017]
Q. Use an Ethernet channel with MTU = 1500 bytes to transmit one large datagram of 5500
bytes. Show fragmentation in details.                                              [4-2018]
Q. Assume a new link layer protocol called EXAM_NET with MTU 1720 bytes. A UDP
datagram with 5996 bytes of user data are to be sent over a EXAM_NET link. There are 30 bytes
of IP options involved. Find i> How many IP fragments are transmitted? ii> What is the offset
and IP payload length of each fragment?
Types of Packet Switching
The packet switching has two approaches:
   1. Virtual Circuit Approach and
   2. Datagram Approach.
ATM, Frame Relay and telephone networks use connection oriented virtual circuit approach;
whereas Internet relies on connectionless datagram based packet switching.
1. Virtual Circuit Packet Switching
Computer networks that provide only a connection oriented service at the network layer are
called Virtual Circuit (VC) networks
                                                                                Virtual Circuit path
                                                                                from A to B
                                                                                                  A VC
consists of
   i.         A path (i.e. a series of links and routers) between the source and destination hosts
   ii.        VCI (Virtual Circuit Identification) numbers, one number for each link along the path
   iii.       Entries in the forwarding table in each router along the route.
A packet belonging to a virtual circuit will carry a VC number in its header. Because a VC may
have a different VC number on each link, each intervening router must replace the VC number of
each traversing packet with a new VC number. The new VC number is obtained from the VC
forwarding table.
There are three identifiable phases in a virtual circuit.
      VC setup: During the setup phase, the sending transport layer contacts the network layer,
       specifies the receiver’s address and waits for the network to set up the virtual circuit. The
       network layer determines the path between sender and receiver, i.e. series of links and
       routers through which all packets of the VC will travel. The network layer also
       determines the VC number for each link along the path. During VC setup, the network
       layer may also reserve resources (eg. bandwidth, memory via RSVP) along the path of
       VC.
       VCIs are not global in the switch network, they have
           o Link local scope – only has significance on given link
           o VCI and interface uniquely define the virtual connection
           o Outgoing packets may use a different VCI
           o Virtual Circuits can be established before the circuit is needed or on demand
      Data transfer: As shown in figure once the VC has been established, the packets can
       begin to flow along the path.
      VC termination: This is initiated when the sender or receiver informs the network layer of
       its desire to terminate the VC. The network layer will then typically inform the end
       system on the other side of the network of the call termination and update the forwarding
       tables in each of the packet routers on the path to indicate that the VC no longer exits.
VC signaling protocols
      Used to setup, maintain teardown VC.
       Used in ATM, frame-relay, X.25
      Not as popular as packet switching in today’s Internet
2. Datagram Packet Switching Networks
In datagram packet switching each packet is transmitted without any regard to other packets.
Every packet contain full packet of source and destination. Every packet is treated as individual,
independent transmission.
Even if a packet is a part of multi-packet transmission the network treats it as though it existed
alone. Packets in this approach are called datagrams. Datagram switching is done at the network
layer. Figure show how a datagram approach is used to deliver four packets from station A to
station D. All four packets belong to same message but they may travel via different paths to
reach the destination station D.
Advantages:
      Call setup phase is avoided (for transmission of few packets, this approach is much
       better)
      It is more flexible
      Congestion/failed link can be avoided.
Disadvantages:
      Packets may be delivered out of order.
Comparisons between Virtual Circuit and Datagram Network or Comparison between
Connection-oriented and Connectionless service
Basis for Comparison       Virtual Circuit Network/                   Datagram Network/
                           Connection-oriented                        Connectionless
Circuit Setup              Required                                   Not needed
Addressing                 Each packet contains a short VC Each packet contains the full
                           number                                     source & destination address.
State Information          Each     VC     requires      router   VC Routers do not hold state
                           forwarding table state per connection      information about connection.
Routing                    Route is determined after VC setup. Each            packet    is     routed
                           All packets follow same path.              independently i.e. packets can
                                                                      follow different paths.
Effect of Router Failure   All VCs that passes through that Almost no impact.
                           failed router are affected.
Quality of Service         Easy if enough resources can be Difficult
                           allocated in advance for each VC.
Congestion Control         Easy if enough resources can be Difficult
                           allocated in advance for each VC.
Speed                      Faster                                     Slower
Reliability                More reliable                              Less reliable
Issues in IP
        IP provides connectionless (datagram) service. Each packet is treated separately. There are
some issues regarding the Internet protocol listed as follows:
• Routing
• Datagram lifetime
• Fragmentation and re-assembly
• Error control
• Flow control
• Addressing
        Security issues in Internet protocol are: packet sniffing, packet modification, IP spoofing. Packet
sniffing: An intruder may intercept an IP packet and make a copy of it. Packet sniffing is a passive attack,
in which the attacker does not change the contents of the packet but the confidentiality of the data will
be lost. Packet Modification: The contents of the data packet may be modified which is a kind of active
packet. This violates the integrity of the data. IP spoofing: The attacker pretends to be an authorized
person and creates an IP packet that carries the source address of another, which violates authenticity
of the data packet.
IP Datagram and IP header
Version: IP Version
          •   4 for IPv4 (i.e. 0100)
HLEN: Header Length
          •   4-bit words (typically 5).
          •   Specifically, header length = HLEN*4
TOS: Type of Service
           •   Priority information
Length: Packet Length
           •   Total Packet Length in Bytes including header.
           •   16 bits. So, maximum packet length (including header) = 216 -1 = 65,535
           •   In practice, break into much smaller packets for network performance
               considerations  Fragmentation
Identifier, flags, fragment offset à used primarily for fragmentation
Time to live
           •   Must be decremented at each router
           •   Packets with TTL=0 are thrown away
           •   Ensure packets exit the network
Protocol
           •   Points to higher layer protocols
           •   ICMP = 1, TCP = 6, UDP = 17 etc
Header checksum
           •   Ensures some degree of header integrity
Source Address
           •   32-bit IP address of sender
Destination Address
           •   32-bit IP address of destination
Options
           •   E.g. Source routing, record route, etc.
           •   Performance issues
           •   0-40 bytes.
Fragmentation
   Fragmentation is done by the network layer when the maximum size of datagram is greater
than the maximum size of data that can be held, i.e. Maximum Transmission Unit (MTU). The
network layer divides the datagram received from the transport layer into fragments so that data
flow is not disrupted.
Since there are 16 bits for total length in IP header so, maximum size of IP datagram = 2 16-1
=65,535 bytes.
The following fields of IP header are related to fragmentation
      Identification
      Flags
      Fragment offset (13 bits)
Remember
The amount of data that is sent in each fragmented datagram is chosen such that:
      The value is as large as possible but less than or equal to MTU size.
      The value is multiple of 8 so that we obtain pure decimal value for the fragment offset
       field.
Note
      It is not compulsory for the last fragmented datagram to contain the amount of data that is
       a multiple of 8 because it does not have to decide the fragment offset value of any
       datagram.
Router Architecture Overview
                               Figure: Router Architecture
              Figure: Input port
           Figure: Output port
The router has four components:
   1. Input Port
   2. Switching Fabrics
   3. Output Port
   4. Routing Processor
   1. Input Port
   An input port performs several key functions.
      It performs the physical layer function of terminating an incoming physical link at a
       router. Shown in leftmost box of the input port.
      An input port also performs link-layer functions needed to interoperate with the link layer
       at the other side of the incoming link. Show in middle box in the input port.
      Perhaps, most crucially, the lookup function is also performed at the input port; this will
       occur in the rightmost box of the input port. It is here that the forwarding table is
       consulted to determine the router output port to which an arriving packet will be
       forwarded via the switching fabric. The forwarding table is computed and updated by the
       routing processor, with a shadow copy typically stored at each input port. The forwarding
       table is copied from the routing processor to the line cards over a separate bus indicated
       by the dashed line from the routing processor to the input line cards in figure. With a
       shadow copy, forwarding decisions can be made locally, at each input port without
       invoking the centralized routing process on a per-packet basis and thus avoiding a
       centralized processing bottleneck. Control packets (for example, packets carrying routing
       protocol information) are forwarded from an input port to the routing processor.
    2. Switching Fabrics
    The switching fabrics connect the router’s input ports to its output ports. This switching
    fabric is completely contained within the router- a network inside of a router.
    3. Output Port
    An output port stores packet received from the switching fabric and transmits these packets
    on the outgoing link by performing the necessary link-layer and physical-layer functions
    similar to input port.
    4. Routing Processor
    The routing processor executes the routing protocols, maintains routing tables, attaches link
    state information and computes the forwarding table for the router. It also performs the
    network management functions.
Types of Switching Fabrics
The switching fabric is at the very heart of a router, as it is through this fabric that the packets are
actually switched (i.e. forwarded) from an input port to an output port. There are three types of
switching fabrics.
    1. Switching via Memory
       Used in first generation routers.
   Switching between input and output ports in routers being done under direct control of
    the CPU (routing processor).
   Input and output ports functioned as traditional I/O devices in a traditional operating
    system.
   When packets arrive at the input port it first signals the routing processor through an
    interrupt. The packet is then copied in to the processor memory from input port. The
    processor then extracts the destination address in the header and looks the appropriate
    output for the address in the forwarding table and copy the packet to the output ports
    buffer.
   Disadvantage
       o Speed limited by memory.
       o Two packets cannot be forwarded at the same time, even if they have different
              destination ports, since only one memory read/write over the shared system bus
              can be done at a time.
2. Switching via Bus
   An input port transfers a packet directly to the output port over a shared bus, without
    intervention by the routing processor.
   Disadvantage
       o Switching speed of router is limited to bus speed
       o If multiple packets arrive to the router at the same time, each at different input
              port, all but one must wait since only one packet can cross the bus at one time.
       o Switching via bus is suitable only in small Local Area and Enterprise Network.
3. Switching via Crossbar
   One way to overcome the bandwidth limitation of single, or shared bus is to use a
    crossbar switch
   A crossbar switch is an interconnection network consisting of 2N buses that connect N
    input ports to N output ports
      Each vertical bus intersects each horizontal bus at a crosspoint, which can be opened or
       closed at any time by the switch fabric controller. When a packet arrives from port A and
       needs to be forwarded to port Y, the switch controller closes the crosspoint at the
       intersection of busses A and Y. And port A then sends the packet onto its bus, which is
       picked up by Y. Note that a packet from port B and be forwarded to port X at the same
       time, since the A-to-Y and B-to-X packets use different input and output bus.
      Advantage
           o Unlike the previous two switching approaches, crossbar networks are capable of
               forwarding multiple packets.
      Disadvantage
           o If two packets from two different input ports are destined to the same output port,
               then one will have to wait at the input, since only one packet can be sent over any
               given bus at a time.
Queuing
   Queue occurs at a port if incoming traffic rate is greater than outgoing traffic rate. The
queues are placed in memory.
Input port queuing
   It occurs if incoming line traffic rate is greater than switching rate. The packet will be
dropped if the queue is full.
Output port queuing
   It occurs if incoming switching rate is greater than outgoing line traffic rate. The packet will
be dropped if the queue is full.
Longest Prefix Match
      Packets are forwarded using destination address and looking in the forwarding table for
       the outgoing interface.
      When looking for forwarding table entry for destination address, use longest address
       prefix that matches destination address.
Q. A router has the following routing table. What will be the outgoing interface if a packet has
arrived at the router with destination address of 110010000 00010111 00011000 10101010?
Destination Address Range                         Link Interface
11001000 00010111 00010000 00000000 to            0
11001000 00010111 00010111 11111111
11001000 00010111 00011000 00000000 to            1
11001000 00010111 00011000 11111111
11001000 00010111 00011001 00000000 to            2
11001000 00010111 00011111 11111111
Otherwise                                         3
Solution:
Destination Address Range                         Link Interface
11001000 00010111 00010*** ********               0
11001000 00010111 00011000 ********               1
11001000 00010111 00011*** ********               2
Otherwise                                         3
So, by using the longest prefix matching rule the packets destined for 110010000 00010111
00011000 10101010 will exit via Link Interface no. …….
Forwarding: Moves packets from router’s input to appropriate router output port. Associated
with physical switching of packets.
Routing: Determine route taken by packets from source to destination. Associated with logical
packet switching path determination/calculation.
Routing Tables
A routing table contains several entries, each containing a destination network and a next hop.
The destination network is specified by an address / netmask pair. For example, the address
192.168.3.4 is in the network 192.0.0.0/255.0.0.0, and is also in the network
192.168.0.0/255.255.0.0, but is not in the network 192.0.0.0/255.255.255.0.
To determine the next hop for a given packet, the router will compare it to each of the entries in
the routing table (by ANDing it with the NetMask and comparing it to the network address). It
will forward the packet to the first next-hop that matches.
For example, suppose a router is connected to four networks, n1, n2, n3, and n4, and that it has
the following routing table:
 Destination
                   Subnet Mask           Next-hop
 Address
1. 2. 3. 0         255.255.255. 0        n1
 1. 2. 0. 0        255.255. 0. 0         n2
 1. 3. 0. 0        255.255. 0. 0         n3
 1. 4. 6. 2        255.255.255.255       n4
 0. 0. 0. 0        0. 0. 0. 0            n1
While routing a packet destined for 1.2.3.4, it will compare it to the first row, and find that it
matches (because 1.2.3.4 & 255.255.255.0 = 1.2.3.0), so the packet will be routed to n1. If the
packet is destined for 1.2.5.6, the first row will not match, but the second will, so it will be
forwarded to n2.
Similarly, a packet destined for 1.4.6.5 will be routed to n1, while a packet destined for 1.4.6.2
will be routed to n4.
ICMP (Internet Control Message Protocol)
   ICMP is error reporting mechanism that is required by IP to handle different types of error.
ICMP is an integral part of errors. ICMP is used by hosts and routers to communicate network-
layer information to each other. The most typical use of ICMP is for error reporting. For
example, when running a Telnet, FTP or HTTP session, you may have encountered an error
message such as “Destination Network Unreachable”. This message has it origin in ICMP.
   ICMP messages have a type and a code field, and contain the header and the first 8 bytes of
the IP datagram that caused the ICMP message to be generated in the first place (so that the
sender can determine the datagram that caused the error). The well know “ping” application
sends an ICMP type 8 code 0 message to the specified host. The destination host seen the echo
request sends back a type 3 code 0 ICMP reply.