Network Layer Tasks•The network layer concerns with getting packets from thesource all the way to the destination which may require manyhops through intermediate routers.•This contrasts with the data link layer, which just movesframes from one end of a wire to another.•To achieve its goals the network layer must know about thetopology of the communication subnet ( the set of all routers)and choose appropriate paths through it.•It must take care to choose routers to avoid overloadingsome of the lines and routers while leaving others idle.•When source and destination are in different networks, it hasto deal with the differences.
MAC Address Vs IP Addressing• MAC addresses are typically used only to direct packets in the device-to-device portion of a network transaction. That means that your computers MAC address will be in network packets only until the next device in the chain. If you have a router, then your machines MAC address will go no further than that.• Communication in network layer is host-to-host for this we need a global addressing scheme we call this logical addressing• IP addresses are 32 bits in length giving a max of 232 commonly referred to as IPv4• IP address identifies uniquely all devices (computers or routers) on the internet.
Dotted Decimal Notation• IP addresses are written in a so-called dotted decimal notation• Each byte is identified by a decimal number in the range [0..255]: 10000000 10001111 10001001 10010000• Example: 1st Byte 2nd Byte 3rd Byte 4th Byte = 128 = 143 = 137 = 144 220.127.116.11
Notations of IPv4Change the following IPv4 addresses from binary notation to dotted-decimal notation.
Change the following IPv4 addresses from dotted-decimalnotation to binary notation. • Two addressing schemes Classful Classless
Classful Addressing scheme IPv4• Uses concept of classes divides address space into 5 classes A, B, C, D, and E.• The first three bits of the most significant octet of an IP address were defined as the class of the address. Three classes (A, B, and C) were definedHistorical classful network architecture for universal unicast addressing. The following Leading Number of table gives first octet ID format format networks addresses per Class address an overview Range of Network of this now obsolete Host ID Number of bits network system. A 0 0 - 127 a b.c.d 27 = 128 224 = 16777216 B 10 128 - 191 a.b c.d 214 = 16384 216 = 65536 C 110 192 - 223 a.b.c d 221 = 2097152 28 = 256
Network prefix and Host number• The network prefix identifies a network and the host number identifies a specific host (actually, interface on the network). network prefix host number• How do we know how long the network prefix is? – The network prefix is implicitly defined (see class-based addressing) – The network prefix is indicated by a netmask.
Example• Example: 128.143 137.144• Network id is: 18.104.22.168• Host number is: 137.144• Network mask is: 255.255.0.0 or ffff0000
• In classful IP addressing each address contains a self-encoding key that identifies the dividing point b/w network prefix & host.• This simplified the routing system during the early years of the Internet as the original routing protocols did not supply a deciphering key or mask with each route to identify the length of the network prefix.• Since the /8 address block contains 231 (2,147,483,648 ) individual addresses and the IPv4 address space contains a maximum of 232
IP AddressesThe class A, B, C formats allow for 128, 16,384 and 2 million networkswith 16 million, 64K and 254 hosts.Network numbers are managed by a non-profit corporation calledICANN ( Internet corporation for assigned names and numbers) toavoid conflicts.
Unforeseen Limitations to Classful Addressing• The original Internet designers never envisioned that Internet would grow into what it has become today.• During the early days of the Internet, the seemingly unlimited address space allowed IP addresses to be allocated to an organization based on its request rather than its actual need.• As a result, addresses were freely assigned to those who asked for them without concerns about the eventual depletion of the IP address space.
Unforeseen Limitations to Classful Addressing• classful A, B, and C octet boundaries were easy to understand and implement, but they did not foster the efficient allocation of a finite address space.• Problems resulted from the lack of a network class that was designed to support medium-sized organizations.• For example, a /24, which supports 254 hosts, is too small while a /16, which supports 65,534 hosts, is too large.• In the past, sites with several hundred hosts were
Classful Addressing “Issues”“Three Bears” problem• class A (16M hosts) too large for most organizations, and there aren’t very many of them (128)• class C (254 hosts) too small for most• class B (65,534 hosts) is “just right”, but there aren’t enough of them (16,384)“Flat” host ID part of the address means very
A Hypothetical Solution: Redefine Class CE.g., use 19 bits for network ID, 10 bits for host ID• result: approx. 5,24,288 such networks, having 1022 host addrProblem: not backwards compatible with originaladdressing scheme• i.e., old class B and C address space allocations would have to be reclaimed and reassigned• Any solution should be backwards compatible with the original addressing scheme• Each organization should be free to interpret the “host ID” part of its addresses any way it wishes
SubnetsSame network number but internal subnets for departments.
Subnet Addressing• • Particularly useful for class B sized networks• Result: three-level hierarchical addressing• good for routing inside an organization (reduces the size of internal routing tables)
Advantages of Subnetting• The size of the global Internet routing table does not grow as the site administrator does not need to obtain additional address space and the routing requests for all of the subnets are combined into a single routing table entry.• The local administrator has the flexibility to deploy additional subnets without obtaining a new network number from the Internet.• Route flapping (that is, the rapid changing of routes) within the private network does not
Another Solution…Supernetting• Possible solution to “exhaustion” of Class B addresses• use multiple Class C addresses instead• Assign organizations blocks of 2n contiguous Class C addresses – ex.: if 2000 addresses (hosts) are needed, allocate a block of 2048 addresses ( = 8 contiguous Class C networks)• Problem: no longer have one network address for each organization• inter-organization routing tables will be larger
Yet another solution…Classless Inter-Domain Routing (CIDR)• CIDR is a new addressing scheme for the Internet which allows for more efficient allocation of IP addresses than the old Class A, B, and C address scheme.• Why Do We Need CIDR?• With a new network being connected to the Internet every 30 minutes the Internet was faced with two critical problems: – Running out of IP addresses – Running out of capacity in the global routing tables
• As IP addresses were generally only assigned in these 3 sizes, there was a lot of wasted addresses. Eg., if you needed 100 addresses you would be assigned the smallest address (Class C), but that still meant 154 unused addresses.• The overall result was that while the Internet was running out of unassigned addresses, only 3% of the assigned addresses were actually being used.• CIDR Promotes Efficient Allocation of the IPv4 Address Space• CIDR eliminates the traditional concept of Class A, Class B, and Class C network addresses and replaces them with the generalized concept of a
Figure 19.3 A block of 16 addresses granted to a small organization Restrictions on CIDR • The addresses must be contiguous. • The number of addresses should be a power of 2 (16 = 24), • And the first address is divisible by 16.
• CIDR currently uses prefixes anywhere from 13 to 27 bits. Thus, blocks of addresses can be assigned to networks as small as 32 hosts or to those with over 500,000 hosts.• This allows for address assignments that much more closely fit an organizations specific needs.• A CIDR address includes the standard 32-bit IP address and also information on how many bits are used for the network prefix.• For example, in the CIDR address 206.13.01.48/25, the "/25" indicates the first 25 bits are used to identify the unique network
Example 19.6A block of addresses is granted to a small organization. Weknow that one of the addresses is 22.214.171.124/28. What isthe first & last address in the block?SolutionThe binary representation of the given address is11001101 00010000 00100101 00100111If we set 32−28 rightmost bits to 0, we get11001101 00010000 00100101 0010000or126.96.36.199.
Example 19.9Another way to find the first address, the last address, andthe number of addresses is to represent the mask as a 32-bitbinary (or 8-digit hexadecimal) number. In Example 19.5the /28 can be represented as11111111 11111111 11111111 11110000(twenty-eight 1s and four 0s).Finda. The first addressb. The last addressc. The number of addresses.
Example 19.9 (continued) a. The first address can be found by ANDing the given addresses with the mask bit by bit. The result of ANDing 2 bits is 1 if both bits are 1s; the result is 0 otherwise.b. The last address can be found by ORing the given addresses with the complement of the mask. ORing here is done bit by bit.
Example 19.9 (continued)c. The number of addresses can be found by complementing the mask, interpreting it as a decimal number, and adding 1 to it.ISP has been assigned the address block 188.8.131.52/18.client requires 800 host addressesHow to allocate class B Vs Class C Vs CIDR
How to: Convert a Decimal Number to a Base-256 dotted-decimalStep 1 Evaluate the number: •If the decimal number is less than 256, then use that decimal number for the 4th octet, and pad the rest with zeros so that the result is in dotted-decimal form, with four octets. •If the decimal number is >= 256, then continue to step 2. 2 Divide the decimal number by 256 3 Multiply the decimal portion of the result from step 2 by 256 4 Subtract the result of step 3 from the original decimal number to yield the Base-256 octet 5 Examine the decimal portion of the result from step 2 a.If that decimal portion of the number is less than 256, then use that number for the next octet. •Use zeroes for any remaining octets, so that the number is in dotted-decimal form. b.if that number is larger than, or equal to 256, then continue from step 2, using that number.
• Question) a company was assigned the class C network 184.108.40.206 from the ISP. If the administrator were to subnet this network using the 255.255.255.224 subnet mask, how many hosts will they be able to support on each subnet?• The subnet mask 255.255.255.224 is a 27 bit mask (11111111.11111111.11111111.11100000) it uses 3 bits from the last octet for the network
Network Address Translation• The Internet is expanding at an exponential rate. As the amount of information and resources increases, it is becoming a requirement for even the smallest businesses and homes to connect to the Internet.• Network Address Translation (NAT) is a method of connecting multiple computers to the Internet (or any other IP network) using one IP address. This allows home users and small businesses to connect their network to the Internet cheaply and efficiently.
Network Address Translation•NAT allows a single device, such as a router, to actas an agent between the Internet (or "publicnetwork") and a local (or "private") network. Thismeans that only a single, unique IP address isrequired to represent an entire group ofcomputers.•The basic purpose of NAT is to multiplex trafficfrom the internal network and present it to theInternet as if it was coming from a single computerhaving only one IP address.•The TCP/IP protocols include a multiplexing facilityso that any computer can maintain multiple
Network Address Translation• NAT is like the receptionist in a large office. Lets say you have left instructions with the receptionist not to forward any calls to you unless you request it. Later on, you call a potential client and leave a message for that client to call you back.• You tell the receptionist that you are expecting a call from this client and to put her through. The client calls the main number to your office, which is the only number the client knows.• When the client tells the receptionist that she is looking for you, the receptionist checks a lookup table that matches your name with your
NAT – Network Address Translation Placement and operation of a NAT box.
IP v6• IPv6 header is 16 bytes long in contrast to 4 bytes in IPv4• Or 128 bits in contrast with 32 bits• Has a much larger address space ( 2128 in contrast with 232)
IPv6 or Ipng (IP next generation)The major goals of the new IPv6 protocol were:• Support billions of hosts, even with inefficient address space allocation• Reduce the size of the routing tables• Simplify the protocol, to allow routers to process packets faster• Provide better security (authentication and privacy)• Pay more attention to type of service, particularly for real time data
Header Changes between IPv4 & IPv6• Streamlined Fragmentation fields moved out of base header IP options moved out of base header Header Checksum eliminated Header Length field eliminated Length field excludes IPv6 header Alignment changed from 32 to 64 bits• Revised Time to Live Hop Limit Protocol Next Header Precedence & TOS Traffic Class:is used to distinguish between packets with real time delivery requirements Addresses increased 32 bits 128 bits• Extended Flow Label used to allow a source and destination to set up a pseudoconnection with particular properties and requirements.
Extension header Extension Headers Description Miscellaneous information for routers Hop-by-hop options Support for datagrams larger than 64K (jumbograms) Routing Full or partial route to follow Management of datagram fragments. Similar to IPv4, Fragmentation but only the sending host can fragment a packet Authentication Verification of the senders identity Encrypted payload Information about the encryption Destination options Additional information for the destinationThe use of jumbograms is important for supercomputer applications that must transfergigabytes efficiently across the Internet.The routing header list up to 24 routers that must be visited on the way to thedestination. Both strict (the full path is supplied) and loose (only selected routers aresupplied) are available, and they can be combined.
Summary of Main IPv6 Benefits• Expanded addressing capabilities• Structured hierarchy to manage routing table growth• Serverless auto configuration and reconfiguration• Streamlined header format and flow identification• Improved support for options / extensions• Security - Built-in, strong IP-layer encryption and authentication
Key Network-Layer Functions• forwarding: move packets from one router to other router correctly routing algorithm• routing: determine route taken by packets from source to dest. forwarding table local header value output link 0100 3 0101 2 0111 2 1001 1 value in arriving packet’s header 0111 1 3 2
Forwarding Techniques:making the size of routing tables manageable Route method versus next-hop method
Host-specific versus network-specific method
Network Layer Design Issues• Store-and-Forward Packet Switching• Implementation of Connectionless Service• Implementation of Connection-Oriented Service• Comparison of Virtual-Circuit and Datagram Subnets
Store-and-Forward Packet SwitchingThe environment of the network layer protocols. fig 5-1
Implementation of Connectionless Service Routing within a datagram subnet.
Datagram networks• no call setup at network layer• routers: no state about end-to-end connections – no network-level concept of “connection”• packets forwarded using destination host address – packets between same source-dest pair may take different paths application application transport transport network data link 1. Send data 2. Receive data network data link physical physical
Implementation of Connection-Oriented Service Routing within a virtual-circuit subnet.
• Virtualeach call before data can flow protocols call setup, for circuits: signaling• each packet carries VC identifier (not destination host address)• every router on source-dest path maintains “state” for each passing connection• router resources (bandwidth, buffers) may be allocated to VC• not used in today’s Internet application 6. Receive data application transport 5. Data flow begins network 4. Call connected 3. Accept call transport data link 1. Initiate call 2. incoming call network data link physical physical
Comparison of Virtual-Circuit and Datagram Subnets 5-4
Routing Algorithms• Routing algo is that part of n/w layer software responsible for deciding which output line an incoming packet should be transmitted on.• Subnet using datagrams• Subnet using virtual circuit (session routing)• Routing algos: adaptive & non-adaptive• Non-adaptive don’t base their routing decisions on estimates on current traffic and topology. The choice of route is computed in advance, off-line and downloaded to routers when n/w is booted. Referred to as static routing.• Adaptive change their routing decisions to reflect changes in the topology and traffic. They get their information from adjacent routers also called as dynamic routing.
Routing Algorithm classificationGlobal or decentralized information?Global:• all routers have complete topology, link cost info• “link state” algorithmsDecentralized:• router knows physically-connected neighbors, link costs to neighbors• iterative process of computation, exchange of info with neighbors• “distance vector” algorithms
Unicast Routing Protocols• Routing table – Static – Dynamic• Routing protocol : set of rules that lets routers on the internet to inform each other of changes on the internet or in the neighborhood• Intra & Inter domain routing• Routing inside a group of networks and routers under a single administration is referred to as intra domain routing• Else it is inter domain routing
Shortest Path Subnet as an undirected graph Routing node: a router arc: a communication link. Each arc is labeled with a length.Dijkstras algorithm is used to compute the path with the shortestlength between any two nodes.Several metrics of length are possible. When using the number of hopsas a measure, each arc has a length of 1. Physical distance can also betaken.In general the labels on the arcs can be computed as a function ofdistance, bandwidth, average traffic, communication costs, meanqueue length, measured delay, etc.
The first 5 steps used in computing the shortest path from A to D. The arrows indicate the working node.
Flooding• According to this algo whenever the router on a subnet receives the data then it will send the data on every outgoing line except the one thru which it had rec’d it.• Used in case of broadcasting• A variation of the same technique called selective flooding can also be used for multi-casting.• It generates a vast number of duplicate packets, an infinite number unless some measures are taken to damp the process.
Popular routing protocols
Distance Vector Routing• Each router maintains a table (i.e. a vector) giving the best known distance to each destination & line to use to get there.• The table at each node also guides the packets to desired node by showing the next hop in the route• Also called as Bellman-Ford and Ford- Fulkerson algorithm• Each router maintains a routing table containing one entry for each router in the
Initialization of tables in distance vector routingIn distance vector routing, each node shares its routing table with itsimmediate neighbors periodically and when there is a change.
Distance vector routing tables22.63
Distance Vector Routing(a) A subnet. (b) Input from A, I, H, K, and the new routing table for J.(b) J computes new route to router G.
RIP• Routing information protocol is intra domain routing protocol based on distance vector routing• Metric used by RIP is the number of links to reach the destination or hop count• The next node column defines the address of the router to which the packet is to be sent to reach it’s destination Example of a domain using RIP
Link State Routing• Distance vector routing reacts slowly on bad news, e.g. break down of a link (count to infinity problem).• The core of the problem is that when X tells Y that it has a path somewhere, Y has no way of knowing whether it itself is on the path.• Link State Routing: each router sends costs to neighbors, to all other routers.• In this technique each node in the domain has the entire topology- list of nodes and links, cost, condition of links (up or down)• Nodes use Dijkstra’s algorithm to build a routing
Each router must do the following:• Discover its neighbors, learn their network address.• Measure the delay or cost to each of its neighbors.• Construct a packet telling all it has just learned.• Send this packet to all other routers.• Compute the shortest path to every other router.
Learning about the Neighbors(a)Nine routers and a LAN. (b) A graph model of (a).Learning is done by sending Hello packets at booting time
Algo Measuring Lineknow or requires each router to Cost have an idea of the delay to each of it’s neighbors done by sending ECHO packets & measuring the Creationtime Link state packets round trip of• A LSP can carry a large amount of information : the node identity, the list of links, a sequence number, and age.• The ﬁrst two, node identity and the list of links, are needed to make the topology.
Link State Packets
Flooding of LSPs• The trickiest part is distributing the LSPs reliably, to assure that each router has basically the same view of the subnet.• For this, a 32 bit sequence number is used.• After a node has prepared an LSP, it must be disseminated to all other nodes, not only to its neighbors. This is done as follows: – Creating node sends a copy of the LSP out of each interface. – A node that receives an LSP compares it with the copy it may already have. If the newly arrived LSP is older than the one it has (found by checking the sequence number), it discards the LSP. If it is newer, the node does the following:
Formation of shortest path tree Dijkstra algorithm
Example of formation of shortest path tree
OSPF – The Interior Gateway Routing Protocol• A routing algorithm in an AS is an interior gateway protocol.• An algorithm for routing b/w ASes is exterior gateway protocol.• Features of Open Shortest Path First (OSPF) : – published in open literature, – Supports variety of distance metrics(min delay, max throughput) – load balancing, splitting the load over multiple lines, – support for hierarchical systems is needed, no router could be expected to know the entire topology, – some extent of security is required,
OSPF(a) An autonomous system. (b) A graph
• OSPF supports three kinds of connections and networks: – Point-to-point lines between exactly two routers. – Multi-access n/w with broadcasting (most LANs). – Multi-access n/w w/o broadcasting (most packet n/w).• A multi-access network is one that can have multiple routers on it, each of which can directly communicate with all others. All LANs and WANs have this property• OSPF works by abstracting the collection of actual networks, routers, and lines into a directed graph in which each arc is assigned a cost.• It then computes the shortest path based on the
• During the normal operation, three kinds of routes may be needed: – intra-area - here the source router already knows the shortest path to the destination router, – inter-area, – inter AS.• Inter-area routing proceeds in three steps: – go from the source to the backbone, – go across the backbone to the destination area, – go to the destination
• OSPF distinguishes four classes of routers: – internal routers are wholly within one area, – area border routers connect two or more areas, – backbone routers are on the backbone, – AS boundary routers talk to routers in other ASes.• When a router boots, it sends HELLO messages on all of its point-to-point lines and multicasts them on LANs to the group consisting of all other routers. From the responses, each router learns who its neighbors are.• Using flooding, each router informs all the other routers in its area of its neighbors and costs. This information allows each router to construct the Routing Protocols
Hierarchical Routing• As networks grow in size, the router’s routing tables grow proportionally consuming router’s memory• More CPU time is needed to scan them and more bandwidth is needed to send status reports about them• A better solution is to do routing hierarchically.• With this scheme the routers are divided into regions,• Each router knows how to route packets to all destinations within its region and knows nothing about the internal structure of other regions
Hierarchical Routing Hierarchical routing.
Inter domain routing protocol Path vector routing• All of the previous routing protocols become intractable when the domain of operation becomes large• So we need third routing protocol - path vector routing.• In this we designate one node in each autonomous system (AS) that acts on behalf of the entire AS and call it the speaker node.• The speaker node in an AS creates a routing table and advertises it to speaker nodes in the
Initial routing tables in path vector routingSharing: Just as in distance vector routing, in path vector routing, a speaker in anAS shares its table with immediate neighbours.• Node A1 shares its table with nodes B1 and C1.• Node C1 shares its table with nodes D1, B1, and A1.• Node B1 shares its table with C1 and A1.• Node D1 shares its table with C1.
Stabilized tables for three autonomous systemsLoop prevention:• The instability of distance vector routing and the creation of loops can be avoided in path vector routing.• When a router receives a message, it checks to see if its autonomous system is in the path list to the destination.• If it is, looping is involved and the message is ignored.
BGP – The Exterior Gateway Routing Protocol• Exterior gateway protocol is used between ASes and unlike interior gateway protocol it has to worry about politics.• For example, a corporate AS might be unwilling to carry transit packets originating in a foreign AS and ending in a different foreign AS.• Exterior gateway protocols in general, and BGP in particular, have been designed to allow many kinds of routing policies to be enforced in the inter AS traffic.
Border Gateway Protocol• BGP is fundamentally a distance vector protocol.• Instead of maintaining just the cost to each destination, each BGP router keeps track of the exact path used.• Similarly, instead of periodically giving each neighbor its estimated cost to each possible destination, each BGP router tells its neighbors the exact path it is using.• Every BGP router contains a module that examines routes to a given destination and scores them, returning a number for the "distance" to
BGP basics• pairs of routers (BGP peers) exchange routing info over semi-permanent TCP connections: BGP sessions – BGP sessions need not correspond to physical links.• when AS2 advertises a prefix to AS1: – AS2 promises it will forward datagrams towards that prefix. – AS2 can aggregate prefixes in its advertisement eBGP session 3c iBGP session 3a 2c 3b 2a AS3 2b 1c AS2 1a 1b AS1 1d Network Layer
Distributing reachability info• using eBGP session between 3a and 1c, AS3 sends prefix reachability info to AS1. – 1c can then use iBGP do distribute new prefix info to all routers in AS1 – 1b can then re-advertise new reachability info to AS2 over 1b- to-2a eBGP session• when router learns of new prefix, it creates entry for prefix in its forwarding table. eBGP session 3c iBGP session 3a 2c 3b 2a AS3 2b 1c AS2 1a 1b AS1 1d
BGP route selection• router may learn about more than 1 route to some prefix. Router must select route. elimination rules: 1. local preference value attribute: policy decision 2. shortest AS-PATH 3. closest NEXT-HOP router• 4. additional criteria Typical policies involve political, security, or economic considerations. Some examples: • No transit traffic through certain ASes. • Never put Iraq on a route starting at the Pentagon. • Traffic starting/ ending at IBM should not transit Microsoft.• Policies are manually configured into each BGP router.• They are not part of the protocol itself.
BGP routing policy legend: provider B network X W A customer C network: Yr A,B,C are provider networksr X,W,Y are customer (of provider networks)r X is dual-homed: attached to two networks m X does not want to route from B via X to C m .. so X will not advertise to B a route to C Network Layer 4-91
Broadcast RoutingFlooding. A router receives a packet and, without even looking at thedestination group address, sends it out from every interface except theone from which it was received.Flooding accomplishes the ﬁrst goal of multicasting:Flooding has a major problem: it creates loops. A packet that has leftthe router may come back again from another interface or the sameinterface and be forwarded again.A sink tree (b) is the fastest, e.g. 4 hops and 14 messages send. But all routers must know thesink tree.
Reverse Path Forwarding rely on router’s knowledge of unicast shortest path from it to sender each router has simple forwarding behavior: if (mcast datagram received on incoming link on shortest path back to center) then flood datagram onto all outgoing links else ignore datagram
Flooding broadcasts packets, but creates loops ...• Reverse Path Forwarding (RPF). RPF is a modiﬁed ﬂooding strategy. To prevent loops, only one copy is forwarded; the other copies are dropped.• In RPF, a router forwards only the copy that has travelled the shortest path from the source to the router. To ﬁnd this copy, RPF uses the unicast routing table to extracts the source address.• The table tells the router the next hop. If the multicast packet has just come from the hop deﬁned in the table, the packet has travelled the shortest path from the source to the router because the shortest path is reciprocal in unicast DV routing protocols.• If the path from A to B is the shortest, then it is also the shortest from B to A. The router forwards the packet if it has travelled from the shortest path; it discards it otherwise.• This strategy prevents loops because there is always one shortest path from the source to the router.