Session-3

Network Layer
Protocols
Session delivered by:

Dr. Jyothi A P

1
Session Objectives

• To understand the function and operation of network layer protocols

such as IPv4, IPv6, ARP and ICMP

• To understand DHCP and NAT

• To learn Linux DHCP server configuration

• To learn Linux arp commands

2
22
Session Topics
• DHCP
• Network Address Translation (NAT)
• Network Layer Protocols
• Address Resolution Protocol (ARP)
• IP Datagram.
• Internet Control Message Protocol (ICMP)
• Error-Reporting Messages
• Query Messages
• Internet Protocol version 6 (IPv6)
• IPv4 Vs IPv6
• Three Transition Strategies

3
33
Dynamic Host Configuration Protocol
(DHCP)

• DHCP is a protocol designed to provide the

information dynamically (based on demand)

• It is also used to assign address to a host

dynamically.

• DHCP has two databases:

• The first database statically binds physical addresses to
IP addresses
• The second database makes DHCP dynamic

4
44
DHCP Transition Diagram

5
5
Exchanging Messages

6
66
Addresses for Private
Networks

7
7
Network Address Translation (NAT)

• Network address translation(NAT) allows a private

network to use a set of private Addresses for internal
communication and a set of global Internet addresses
for external Communication.

• It uses a translation tables to route messages. 8

8
Network Address Translation
(NAT)

9
9
Network Address Translation
(NAT)

10
10
Five-column Translation
Table
Private Private External External Transport
Address Port Address Port Protocol

172.18.3.1 1400 25.8.3.2 80 TCP

172.18.3.2 1401 25.8.3.2 80 TCP

... ... ... ... ...

11
11
Network Layer
Protocols

12
12
Protocols at Network Layer
• Main protocol in this layer is IP, it is responsible for host to host
delivery of datagrams from a source to a destination.
• It needs a protocol ARP to find the physical address of the next hop.
• Also needs services of ICMP to handle unusual situations such as the
occurrence of an error.

13
13
13
Address Resolution Protocol
(ARP)
• The Address Resolution Protocol(ARP) is a dynamic mapping
method that finds a physical address, given an IP address.
• The IP address is a logical address because it is assigned by
software to identify a device on a network, while the MAC
address is a physical address because it is hardcoded into the
hardware of a network interface card to identify the device
on a physical network.
• An ARP request is broadcast to all devices on the network.

• An ARP reply is unicast to the host requesting the mapping.

• An ARP request is broadcast; an ARP reply is unicast.

14
14
14
ARP Operation

15
15
ARP Packet
Hardware type: This is 16 bits field defining the type of the network on which
ARP is running. Ethernet is given type 1.
Protocol type: This is 16 bits field defining the protocol. The value of this field
for the IPv4 protocol is 0800H.
Hardware length: This is an 8 bits field defining the length of the physical
address in bytes. Ethernet is the value 6.
Protocol length: This is an 8 bits field defining the length of the logical address
in bytes. For the IPv4 protocol, the value is 4.
Operation (request or reply): This is a 16 bits field defining the type of packet.
Packet types are ARP request (1), and ARP reply (2).
Sender hardware address: This is a variable length field defining the physical
address of the sender. For example, for Ethernet, this field is 6 bytes long.
Sender protocol address: This is also a variable length field defining the logical
address of the sender For the IP protocol, this field is 4 bytes long.
Target hardware address: This is a variable length field defining the physical
address of the target. For Ethernet, this field is 6 bytes long. For the ARP
request messages, this field is all Os because the sender does not know the
physical address of the target.
Target protocol address: This is also a variable length field defining the logical
address of the target. For the IPv4 protocol,
16 this field is 4 bytes long.
16
Encapsulation of ARP Packet

EtherType for ARP is 0x0806

SFD-start frame delimiter

17
17
Four Cases Using ARP

18
18
Example
A host with IP address 130.23.3.20 and physical address
B23455102210 has a packet to send to another host with IP address
130.23.43.25 and physical address A46EF45983AB. The two hosts
are on the same Ethernet network. Show the ARP request and reply
packets encapsulated in Ethernet frames.

Figure(next slide) shows the ARP request and reply packets. Note
that the ARP data field in this case is 28 bytes, and that the
individual addresses do not fit in the 4-byte boundary. That is why
we do not show the regular 4-byte boundaries for these addresses.
Note that we use hexadecimal for every field except the IP
addresses.

19
19
Example

20
20
Internet Protocol (IP)

• IP is an unreliable connectionless protocol

responsible for source to destination delivery.

• Packets in the IP layers are called data grams.

• A data gram consists of a header(20 to 60 bytes)

and data.

• Fragmentation is the division of a data gram into

smaller units to accommodate the MTU of a data
link protocol.
21
21
21
IP Datagram
VERSION: Version of the IP protocol (4 bits), which is 4 for IPv4
HLEN: IP header length (4 bits), which is the number of 32 bit words in
the header. The minimum value for this field is 5 and the maximum is
15.
Type of service: Low Delay, High Throughput, Reliability (8 bits)
Total Length: Length of header + Data (16 bits), which has a minimum
value 20 bytes and the maximum is 65,535 bytes.
Identification: Unique Packet Id for identifying the group of fragments
of a single IP datagram (16 bits)
Flags: 3 flags of 1 bit each : reserved bit (must be zero), do not
fragment flag, more fragments flag (same order)
Fragment Offset: Represents the number of Data Bytes ahead of the
particular fragment in the particular Datagram. Specified in terms of
number of 8 bytes, which has the maximum value of 65,528 bytes.
Time to live: Datagram’s lifetime (8 bits), It prevents the datagram to
loop through the network by restricting the number of Hops taken by a
Packet before delivering to the Destination.
Protocol: Name of the protocol to which the data is to be passed (8
bits)
Header Checksum: 16 bits header checksum for checking errors in the
datagram header
Source IP address: 32 bits IP address of the sender
Destination IP address: 32 bits 22 IP address of the receiver
Option: Optional information such as source route, record route. 22 Used
by the Network administrator to check whether a path is working or not.
Multiplexing

• ICMP : 1
• IGMP : 2
• TCP : 6
• UDP : 17
• OSPF : 89
23
23
23
Checksum Calculation

24
24
Maximum Transfer Unit
(MTU)

The MTU is the maximum number of bytes that a data link

protocol can encapsulate.

MTUs vary from protocol to protocol.

Token ring (17,914), PPP (296), Ethernet (1500)

25
25
Fragmentation Example

• Value of offset measured in units of 8 bytes. As length of offset field is

only 13 bits, it can not represent sequence of bytes beyond 8191. This
forces hosts and routers to fragment the datagram with a size such that
first byte number is divisible by 8.
26
26
26
Internet Control
Message Protocol
(ICMP)

27
27
Internet Control Message Protocol (ICMP)

• ICMP is used by Internet Protocol to provide the

services that IP itself is not capable of.

• ICMP produces two types of messages:

• Error reporting messages.
• Query messages.

• ICMP is used to perform network error reporting

and status.
28
28
28
Internet Control Message Protocol (ICMP)

• The errors reported by ICMP are generally related

to datagram processing.

• ICMP only reports errors involving fragment 0 of

any fragmented datagrams.

• The IP, UDP or TCP layer will usually take action

based on ICMP messages.

29
29
29
Internet Control Message Protocol (ICMP)

• ICMP(Internet Control Message Protocol) is a

network layer protocol.

• Its messages are not passed directly to the data

link layer as would be expected, instead , the
messages are first encapsulated inside IP data
grams before going to the lower layer.

• ICMP always reports error messages to the original

source.
30
30
30
Internet Control Message Protocol (ICMP)

31
31
Error-Reporting Messages

• Error messages are always sent to the original source

node. ICMP uses source IP address to send the error
message to the source of the datagram.

32
32
32
Error-Reporting Messages

• The source- quench error message is sent in an effort to

alleviate congestion.

• The time- exceeded message notifies a source host that

• the time –to- live field has reached zero or
• fragments of a message have not arrived in a set amount of time.

• Where as, Destination unreachable error message is sent to

the source host when a data gram is undeliverable.

• The Parameter-problem message notifies a host that there

is a problem in the header field of a data gram.

33
33
33
Error-Reporting Messages

• The redirection message is sent to make the routing table of a host

more efficient.
• There is no flow control or congestion control mechanism in IP.

• ICMP can diagnose some network problems through query messages,

actually it is a group of four different pairs of messages.

34
34
34
Query Messages

35
35
Query Messages
• The echo-request and echo- reply messages test the
connectivity between two systems.

• The time- stamp-request and time-stamp-reply messages

can determine the roundtrip time between two systems or
the difference in time between two systems.

• The address-mask request and address-mask reply

messages are used to obtain the subnet mask.

• The router- solicitation and router-advertisement

messages allow host to update their routing tables.
36
36
36
Internet Protocol version 6 (IPv6)

• IPv6, the latest version of the Internet Protocol,

has a 128- bit address space, a revised header
format, new options, an allowance for extension,
support for resource allocation, and increased
security measures.

• IPv6 uses hexadecimal colon notation with

abbreviation methods available.

37
37
37
Comparison of Network Layers in Version 4 and Version 6

38
38
IPv6 Address

39
39
Abbreviated Address

40
40
Abbreviated Address with Consecutive Zeros

41
41
 Address Structure

• Type Prefix: Variable length prefix defines the purpose of the

address.

• The type prefix codes are defined in such a way that no code is
identical to any other code
42
42
Type Prefixes for IPv6 Addresses

43
43
Provider-Based Address

• Type Identifier: 3-bit field defining address as a provider based address

• Registry identifier: Indicates agency that has registered the address. Currently
three registry centers are defined. INTERNIC for north America, RIPNIC for
European countries and APNIC for Asian and Pacific countries.
• Provider Identifier: Variable length field identifying the provider of internet
access (such as ISP). 16-bit length recommended

44
44
 Provider-Based Address
• Subscriber identifier:
• 24-bit length recommended for this field.
• When an organization subscribes to the internet through a provider, it is assigned
a subscriber identification.

• Subnet identifier:
• Subnet identifier defines a specific network under the territory of the subscriber
• 32-bit length recommended for this field

• Node identifier:
• Last field, defining identity of the node connected to a subnet
• 48-bit length recommended
45
45
45
Address Hierarchy

• Each prefix defines a level of hierarchy

46
46
 Compatible Address

• This is an address having 96 bits of zeros followed by 32 bits of

IPv4 address.

• The ipv4 address 2.13.17.14 (in dotted decimal format) becomes

0::020D:110E (in hexadecimal colon format)
47
47
Mapped Address

• This address comprises of 80 bits of zero, followed by

16 bits of one, followed by 32 bits of IPv4 address

• IPv4 address 2.13.17.14 (in dotted decimal format)

changes to 0::FFFF:020D:110E

48
48
IPv6 Datagram

49
49
Format of an IPv6 Datagram

50
50
Format of an IPv6 Datagram
• VER: 4-bit field
• Priority: 4-bit filed
• Flow label: 24-bit field, for special handling for a particular flow of
data (sequencing of packets)
• Payload length: 2-byte
• Next header: 8-bit field, either one of the optional extension headers
or UDP/TCP etc.
• Hop limit: 8-bit field. Same as TTL
• SA: 128-bit field
• DA: 128-bit field
51
51
51
Next Header Codes

52
52
52
Priorities for Congestion-Controlled
Traffic

53
53
53
Priorities for Non-Congestion
Controlled Traffic

• 0 : No need to define priority

• 1 : Management data
• 2 : email. Delay is acceptable
• 3 : FTP or HTTP
• 4 : TELNET, VoIP
• 5 : RIP, OSPF,BGP, SNMP

54
54
54
Comparison Between IPv4 and IPv6 Packet Header

55
55
55
Extension Header Types

56
56
56
Extension Header Format

57
57
57
Three Transition Strategies

58
58
Dual Stack

59
59
Tunneling

60
60
Header Translation

61
61
Summary
• ARP is a dynamic mapping method that finds a physical address, given
an IP address.

• IP is an unreliable connectionless protocol responsible for source to

destination delivery.

• ICMP sends five types of error reporting messages and four pairs of
query messages to support the unreliable and connectionless Internet
Protocol.

• IPv6,latest version of Internet Protocol, has a128 bit address space, a

revised header format, new options , an allowance for extension,
support for resource allocation, and increased security measure.

62
62
62
Summary
• The network layer in the Internet model is responsible carrying a
packet from one computer to another.

• Switching at the network layer in the Internet is done using the

datagram approach to packet switching.

• Using DHCP the server issues a lease for an IP address to a client for a
specific period of time.

• Network address translation(NAT) allows a private network to use a set

of private Addresses for internal communication and a set of global
Internet addresses for external Communication.

63
63
63
References
• Behrouz A. Forouzan, Data Communication and Networking, 2nd
edition, Tata McGraw-Hill, 2000

• Behrouz A. Forouzan, TCP/IP Protocol Suite, 3rd edition, Tata McGraw-

Hill, 2007

• http://www.yolinux.com/TUTORIALS/LinuxTutorialNetworking.html

64
64
64