UNIT III - NETWORK LAYER

Switching: Packet Switching - Internet protocol - IPV4 – IP Addressing –

Subnetting - IPV6, ARP, RARP, ICMP, DHCP

NETWORK LAYER SERVICES

 The network layer in the TCP/IP protocol suite is responsible for the host-to-
host delivery of datagrams.
 It provides services to the transport layer and receives services from the data-
link layer.
 The network layer translates the logical addresses into physical addresses
 It determines the route from the source to the destination and also manages the
traffic problems such as switching, routing and controls the congestion of data
packets.
 The main role of the network layer is to move the packets from sending host to
the receiving host.

Services provided by network layer are

PACKETIZING
 The first duty of the network layer is definitely packetizing.
 This means encapsulating the payload (data received from upper layer) in a
network-layer packet at the source and decapsulating the payload from the
network-layer packet at the destination.
 The network layer is responsible for delivery of packets from a sender to a
receiver without changing or using the contents.

ROUTING AND FORWARDING

Routing
 The network layer is responsible for routing the packet from its source to the
destination.
 The network layer is responsible for finding the best one among these possible
routes.
 The network layer needs to have some specific strategies for defining the best
route.
 Routing is the concept of applying strategies and running routing protocols to
create the decision-making tables for each router.
 These tables are called as routing tables.
Forwarding
 Forwarding can be defined as the action applied by each router when a
packet arrives at one of its interfaces.
 The decision-making table, a router normally uses for applying this action
is called the forwarding table.
 When a router receives a packet from one of its attached networks, it needs
to forward the packet to another attached network.

ERROR CONTROL
 The network layer in the Internet does not directly provide error control.
 It adds a checksum field to the datagram to control any corruption in
the header, but not in the whole datagram.
 This checksum prevents any changes or corruptions in the header of
the datagram.
 The Internet uses an auxiliary protocol called ICMP, that provides some
kind of error control if the datagram is discarded or has some unknown
information in the header.

FLOW CONTROL
 Flow control regulates the amount of data a source can send without
overwhelming the receiver.
 The network layer in the Internet, however, does not directly provide any
flow control.
 The datagrams are sent by the sender when they are ready, without
any attention to the readiness of the receiver.
 Flow control is provided for most of the upper-layer protocols that use the
services of the network layer, so another level of flow control makes the
network layer more complicated and the whole system less efficient.

CONGESTION CONTROL
 Another issue in a network-layer protocol is congestion control.
 Congestion in the network layer is a situation in which too many datagrams
are present in an area of the Internet.
 Congestion may occur if the number of datagrams sent by source computers
is beyond the capacity of the network or routers.
 In this situation, some routers may drop some of the datagrams.

SECURITY
 Another issue related to communication at the network layer is security.
 To provide security for a connectionless network layer, we need to
have another virtual level that changes the connectionless service to a
connection- oriented service. This virtual layer is called as called IPSec (IP
Security).
 PACKET SWITCHING

o The technique of transferring the information from one computer network to

another network is known as switching.
o Switching in a computer network is achieved by using switches.
o A switch is a small hardware device which is used to join multiple computers
together with one local area network (LAN).
o Switches are devices capable of creating temporary connections between two or
more devices linked to the switch.
o Switches are used to forward the packets based on MAC addresses.
o A Switch is used to transfer the data only to the device that has been addressed. It
verifies the destination address to route the packet appropriately.
o It is operated in full duplex mode.
o It does not broadcast the message as it works with limited bandwidth.

Advantages of Switching:
o Switch increases the bandwidth of the network.
o It reduces the workload on individual PCs as it sends the information to only that
device which has been addressed.
o It increases the overall performance of the network by reducing the traffic on the
network.
o There will be less frame collision as switch creates the collision domain for each
connection.

Disadvantages of Switching:
o A Switch is more expensive than network bridges.
o A Switch cannot determine the network connectivity issues easily.
o Proper designing and configuration of the switch are required to handle multicast
packets.
Types of Switching Techniques

CIRCUIT SWITCHING

o Circuit switching is a switching technique that establishes a dedicated path

between sender and receiver.
o In the Circuit Switching Technique, once the connection is established then the
dedicated path will remain to exist until the connection is terminated.
o Circuit switching in a network operates in a similar way as the telephone works.
o A complete end-to-end path must exist before the communication takes place.
o In case of circuit switching technique, when any user wants to send the data, voice,
video, a request signal is sent to the receiver then the receiver sends back the
acknowledgment to ensure the availability of the dedicated path. After receiving
the acknowledgment, dedicated path transfers the data.
o Circuit switching is used in public telephone network. It is used for voice
transmission.
o Fixed data can be transferred at a time in circuit switching technology.

Phases in Circuit Switching

Communication through circuit switching has 3 phases:

1. Connection Setup / Establishment - In this phase, a dedicated circuit is established

from the source to the destination through a number of intermediate switching
centres. The sender and receiver transmits communication signals to request and
acknowledge establishment of circuits.

2. Data transfer - Once the circuit has been established, data and voice are transferred
from the source to the destination. The dedicated connection remains as long as the
end parties communicate.
3. Connection teardown / Termination - When data transfer is complete, the
connection is relinquished. The disconnection is initiated by any one of the user.
Disconnection involves removal of all intermediate links from the sender to the
receiver.

Advantages
 It is suitable for long continuous transmission, since a continuous transmission
route is established, that remains throughout the conversation.
 The dedicated path ensures a steady data rate of communication.
 No intermediate delays are found once the circuit is established. So, they are
suitable for real time communication of both voice and data transmission.

Disadvantages
 Circuit switching establishes a dedicated connection between the end parties. This
dedicated connection cannot be used for transmitting any other data, even if the
data load is very low.
 Bandwidth requirement is high even in cases of low data volume.
 There is underutilization of system resources. Once resources are allocated to a
particular connection, they cannot be used for other connections.
 Time required to establish connection may be high.
 It is more expensive than other switching techniques as a dedicated path isrequired
for each connection.

PACKET SWITCHING

o The packet switching is a switching technique in which the message is sent in one
go, but it is divided into smaller pieces, and they are sent individually.
o The message splits into smaller pieces known as packets and packets are given a
unique number to identify their order at the receiving end.
o Every packet contains some information in its headers such as source address,
destination address and sequence number.
o Packets will travel across the network, taking the shortest path as possible.
o All the packets are reassembled at the receiving end in correct order.
 o If any packet is missing or corrupted, then the message will be sent to resend the
message.
o If the correct order of the packets is reached, then the acknowledgment message
will be sent.

Advantages of Packet Switching:

o Cost-effective: In packet switching technique, switching devices do not require
massive secondary storage to store the packets, so cost is minimized to some extent.
Therefore, we can say that the packet switching technique is a cost-effective
technique.
o Reliable: If any node is busy, then the packets can be rerouted. This ensures that
the Packet Switching technique provides reliable communication.
o Efficient: Packet Switching is an efficient technique. It does not require any
established path prior to the transmission, and many users can use the same
communication channel simultaneously, hence makes use of available bandwidth
very efficiently.

Disadvantages of Packet Switching:

o Packet Switching technique cannot be implemented in those applications that
require low delay and high-quality services.
o The protocols used in a packet switching technique are very complex and requires
high implementation cost.
o If the network is overloaded or corrupted, then it requires retransmission of lost
packets. It can also lead to the loss of critical information if errors are norrecovered.

APPROACHES OF PACKET SWITCHING

There are two approaches to Packet Switching:
o Datagram Packet switching
o Virtual Circuit Switching

Datagram Packet switching

o It is a packet switching technology in which packet is known as a datagram, is
considered as an independent entity.
o Each packet contains the information about the destination and switch uses this
 information to forward the packet to the correct destination.
o The packets are reassembled at the receiving end in correct order.
o In Datagram Packet Switching technique, the path is not fixed.
o Intermediate nodes take the routing decisions to forward the packets.
o Datagram Packet Switching is also known as connectionless switching.
o There are no setup or teardown phases.
o Each packet is treated the same by a switch regardless of its source or destination.

In this example, all four packets (or datagrams) belong to the same message, but may
travel different paths to reach their destination.

Routing Table
In this type of network, each switch (or packet switch) has a routing table which is based
on the destination address. The routing tables are dynamic and are updated periodically.
The destination addresses and the corresponding forwarding output ports are recorded in
the tables.

Delay in a datagram network

  The packet travels through two switches.
 There are three transmission times (3T),three propagation delays (slopes 3t of the
lines), and two waiting times (w1 + w2).
 We ignore the processing time in each switch.
Total delay = 3T + 3t + w1 + w2

Virtual Circuit Switching

o Virtual Circuit Switching is also known as connection-oriented switching.
o In the case of Virtual circuit switching, a virtual connection is established before
the messages are sent.
o Call request and call accept packets are used to establish the connection between
sender and receiver.
o In this case, the path is fixed for the duration of a logical connection.

Virtual Circuit Identifier (VCI)

A virtual circuit identifier (VCI) that uniquely identifies the connection at this switch. A
VCI, unlike a global address, is a small number that has only switch scope; it is used by
a frame between two switches. When a frame arrives at a switch, it has a VCI; when it
leaves, it has a different VCI.

Virtual Circuit Table

Every Virtual Circuit (VC) maintains a table called Virtual Circuit table.
One entry in the VC table on a single switch contains the following :
 An incoming interface on which packets for this VC arrive at the switch
 An outgoing interface in which packets for this VC leave the switch
 A outgoing VCI that will be used for outgoing packets

Example :
Source A sends a frame to Source B through Switch 1, Switch 2 and Switch 3.
 Types of Virtual Circuits
There are two broad classes of Virtual Circuits.
They are
1. PVC – Permanent Virtual Circuit
 Network Administrator will configure the state
 The virtual circuit is permanent (PVC)

2. SVC – Switched Virtual Circuit

 A host can send messages into the network to cause the state to be
established. This is referred as signaling.
 A host may set up and delete such a VC dynamically without the
involvement of a network administrator

Delay in Virtual-Circuit Networks

 The packet is traveling through two switches (routers).

 There are three transmission times (3T ), three propagation times (3t), data transfer
depicted by the sloping lines, a setup delay (which includes transmission and
propagation in two directions), and a teardown delay (which includes transmission
 and propagation in one direction).
Total delay = 3T + 3t + Setup delay + Teardown delay

COMPARISON – CIRCUIT SWITCHING AND PACKET SWITCHING

PACKET SWITCHING
CIRCUIT
SWITCHING
Virtual Circuit Switching Datagram Switching

Connection oriented Connection oriented Connection less

Packets may be delivered out

Ensures in order delivery Ensures in order delivery
of order

No reordering is required No reordering is required Reordering is required

A dedicated path exists A dedicated path exists for No dedicated path exists for
for data transfer data transfer data transfer

All the packets take the All the packets take the All the packets may not take
same path same path the same path

Resources are allocated Resources are allocated on

No resources are allocated
before data transfer demand using 1st packet

Stream oriented Packet oriented Packet oriented

Fixed bandwidth Dynamic Bandwidth Dynamic bandwidth

Reliable Reliable Unreliable

No overheads Less overheads Higher overheads

Implemented at physical Implemented at data link Implemented at network

layer layer layer

Inefficient in terms of Provides better efficiency Provides better efficiency

resource utilization than circuit switched than message switched
systems systems
Example- Telephone Examples- X.25, Frame
Example- Internet
systems relay
 MESSAGE SWITCHING

o Message Switching is a switching technique in which a message is transferred asa

complete unit and routed through intermediate nodes at which it is stored and
forwarded.
o In Message Switching technique, there is no establishment of a dedicated path
between the sender and receiver.
o The destination address is appended to the message. Message Switching provides a
dynamic routing as the message is routed through the intermediate nodes based on the
information available in the message.
o Message switches are programmed in such a way so that they can provide the most
efficient routes.
o Each and every node stores the entire message and then forward it to the next node.
This type of network is known as store and forward network.
o Message switching treats each message as an independent entity.

NETWORK-LAYER PERFORMANCE
 The performance of a network can be measured in terms of
Delay, Throughput and Packet loss.
 Congestion control is an issue that can improve the performance.

DELAY
 A packet from its source to its destination, encounters delays.
 The delays in a network can be divided into four types:
Transmission delay, Propagation delay, Processing delay and Queuing delay.

Transmission Delay
 A source host or a router cannot send a packet instantaneously.
 A sender needs to put the bits in a packet on the line one by one.
 If the first bit of the packet is put on the line at time t 1 and the last bit is put on
the line at time t2, transmission delay of the packet is (t2 - t1).
 The transmission delay is longer for a longer packet and shorter if the sender
can transmit faster.
 The Transmission delay is calculated using the formula
 Delaytr = (Packet length) / (Transmission rate)

 Example :
In a Fast Ethernet LAN with the transmission rate of 100 million bits per
second and a packet of 10,000 bits, it takes (10,000)/(100,000,000) or 100
microseconds for all bits of the packet to be put on the line.

Propagation Delay
 Propagation delay is the time it takes for a bit to travel from point A to point B
in the transmission media.
 The propagation delay for a packet-switched network depends on the
propagation delay of each network (LAN or WAN).
 The propagation delay depends on the propagation speed of the media, which is
3X108 meters/second in a vacuum and normally much less in a wired medium.
 It also depends on the distance of the link.
 The Propagation delay is calculated using the formula
Delaypg = (Distance) / (Propagation speed)
 Example
If the distance of a cable link in a point-to-point WAN is 2000 meters and the
propagation speed of the bits in the cable is 2 X◻10 8 meters/second, then the
propagation delay is 10 microseconds.

Processing Delay
 The processing delay is the time required for a router or a destination host to
receive a packet from its input port, remove the header, perform an error
detection procedure, and deliver the packet to the output port (in the case of
router) or deliver the packet to the upper-layer protocol (in the case of the
destination host).
 The processing delay may be different for each packet, but normally is
calculated as an average.

Delaypr = Time required to process a packet in a router or a destination host

Queuing Delay
 Queuing delay can normally happen in a router.
 A router has an input queue connected to each of its input ports to store packets
waiting to be processed.
 The router also has an output queue connected to each of its output ports to
store packets waiting to be transmitted.
 The queuing delay for a packet in a router is measured as the time a packet
waits in the input queue and output queue of a router.
Delayqu = The time a packet waits in input and output queues in a router
Total Delay
 Assuming equal delays for the sender, routers and receiver, the total delay
(source-to-destination delay) of a packet can be calculated if we know the
number of routers, n, in the whole path.
Total delay = (n + 1) (Delaytr + Delaypg + Delaypr) + (n) (Delayqu)
 If we have n routers, we have (n +1) links.
 Therefore, we have (n +1) transmission delays related to n routers and the
source, (n +1) propagation delays related to (n +1) links, (n +1) processing
delays related to n routers and the destination, and only n queuing delays
related to n routers.

THROUGHPUT
 Throughput at any point in a network is defined as the number of bits passing
through the point in a second, which is actually the transmission rate of data at
that point.
 In a path from source to destination, a packet may pass through several links
(networks), each with a different transmission rate.
 Throughput is calculated using the formula
Throughput = minimum{TR1 , TR2, . . . TRn}
 Example:
Let us assume that we have three links, each with a different transmission
rate.
The data can flow at the rate of 200 kbps in Link1, 100 kbps in Link2 and
150kbps in Link3.
Throughput = minimum{200,100,150} = 100.

IPV4ADDRESSES
 The identifier used in the IP layer of the TCP/IP protocol suite to identify the
connection of each device to the Internet is called the Internet address or IP
address.
 Internet Protocol version 4 (IPv4) is the fourth version in the development of
the Internet Protocol (IP) and the first version of the protocol to be widely
deployed.
 IPv4 is described in IETF publication in September 1981.
 The IP address is the address of the connection, not the host or the router. An
IPv4 address is a 32-bit address that uniquely and universally defines the
connection .
 If the device is moved to another network, the IP address may be changed.
 IPv4 addresses are unique in the sense that each address defines one, and only
one, connection to the Internet.
 If a device has two connections to the Internet, via two networks, it has two
IPv4 addresses.
 Pv4 addresses are universal in the sense that the addressing system must be
accepted by any host that wants to be connected to the Internet.
IPV4 ADDRESS SPACE
 IPv4 defines addresses has an address space.
 An address space is the total number of addresses used by the protocol.
 If a protocol uses b bits to define an address, the address space is 2 b because

each bit can have two different values (0 or 1).

 IPv4 uses 32-bit addresses, which means that the address space is 2 32 or

4,294,967,296 (more than four billion).

 4 billion devices could be connected to the Internet.

IPV4 ADDRESS NOTATION

There are three common notations to show an IPv4 address:
(i) binary notation (base 2), (ii) dotted-decimal notation (base 256), and
(ii) hexadecimal notation (base 16).

In binary notation, an IPv4 address is displayed as 32 bits. To make the address more
readable, one or more spaces are usually inserted between bytes (8 bits).

In dotted-decimal notation,IPv4 addresses are usually written in decimal form with a

decimal point (dot) separating the bytes. Each number in the dotted-decimal notation is
between 0 and 255.

In hexadecimal notation, each hexadecimal digit is equivalent to four bits. This means
that a 32-bit address has 8 hexadecimal digits. This notation is often used in network
programming.

HIERARCHY IN IPV4 ADDRESSING

 In any communication network that involves delivery, the addressing system is
hierarchical.
 A 32-bit IPv4 address is also hierarchical, but divided only into two parts
 The first part of the address, called the prefix, defines the network(Net ID); the
second part of the address, called the suffix, defines the node (Host ID).
 The prefix length is n bits and the suffix length is (32-◻n) bits.
  A prefix can be fixed length or variable length.
 The network identifier in the IPv4 was first designed as a fixed-length prefix.
 This scheme is referred to as classful addressing.
 The new scheme, which is referred to as classless addressing, uses a variable-
length network prefix.

CATEGORIES OF IPV4 ADDRESSING

 There are two broad categories of IPv4 Addressing techniques.
 They are
 Classful Addressing
 Classless Addressing

CLASSFUL ADDRESSING
 An IPv4 address is 32-bit long(4 bytes).
 An IPv4 address is divided into sub-classes:

Classful Network Architecture

Class A
 In Class A, an IP address is assigned to those networks that contain a large
number of hosts.
 The network ID is 8 bits long.
 The host ID is 24 bits long.
 In Class A, the first bit in higher order bits of the first octet is always set to 0
and the remaining 7 bits determine the network ID.
 The 24 bits determine the host ID in any network.
 The total number of networks in Class A = 2 7 = 128 network address
 The total number of hosts in Class A = 2 24 - 2 = 16,777,214 host address
Class B
 In Class B, an IP address is assigned to those networks that range from small-
sized to large-sized networks.
 The Network ID is 16 bits long.
 The Host ID is 16 bits long.
 In Class B, the higher order bits of the first octet is always set to 10, and the
remaining14 bits determine the network ID.
 The other 16 bits determine the Host ID.
 The total number of networks in Class B = 2 14 = 16384 network address
 The total number of hosts in Class B = 2 16 - 2 = 65534 host address

Class C
 In Class C, an IP address is assigned to only small-sized networks.
 The Network ID is 24 bits long.
 The host ID is 8 bits long.
 In Class C, the higher order bits of the first octet is always set to 110, and the
remaining 21 bits determine the network ID.
 The 8 bits of the host ID determine the host in a network.
 The total number of networks = 2 21 = 2097152 network address
 The total number of hosts = 2 8 - 2 = 254 host address

Class D
 In Class D, an IP address is reserved for multicast addresses.
 It does not possess subnetting.
 The higher order bits of the first octet is always set to 1110, and the remaining
bits determines the host ID in any network.

Class E
 In Class E, an IP address is used for the future use or for the research and
development purposes.
 It does not possess any subnetting.
 The higher order bits of the first octet is always set to 1111, and the remaining
bits determines the host ID in any network.
Address Depletion in Classful Addressing
 The reason that classful addressing has become obsolete is address depletion.
 Since the addresses were not distributed properly, the Internet was faced with
the problem of the addresses being rapidly used up.
 This results in no more addresses available for organizations and individuals
that needed to be connected to the Internet.
 To understand the problem, let us think about class A.
 This class can be assigned to only 128 organizations in the world, but each
organization needs to have a single network with 16,777,216 nodes .
 Since there may be only a few organizations that are this large, most of the
addresses in this class were wasted (unused).
 Class B addresses were designed for midsize organizations, but many of the
addresses in this class also remained unused.
 Class C addresses have a completely different flaw in design. The number of
addresses that can be used in each network (256) was so small that most
companies were not comfortable using a block in this address class.
 Class E addresses were almost never used, wasting the whole class.

Advantage of Classful Addressing

 Although classful addressing had several problems and became obsolete, it had
one advantage.
 Given an address, we can easily find the class of the address and, since the
prefix length for each class is fixed, we can find the prefix length immediately.
 In other words, the prefix length in classful addressing is inherent in the
address; no extra information is needed to extract the prefix and the suffix.

Subnetting and Supernetting

 To alleviate address depletion, two strategies were proposed and implemented:
(i) Subnetting and (ii) Supernetting.

Subnetting
 In subnetting, a class A or class B block is divided into several subnets.
 Each subnet has a larger prefix length than the original network.
 For example, if a network in class A is divided into four subnets, each subnet
has a prefix of nsub = 10.
 At the same time, if all of the addresses in a network are not used, subnetting
allows the addresses to be divided among several organizations.

CLASSLESS ADDRESSING
 In 1996, the Internet authorities announced a new architecture called classless
addressing.
 In classless addressing, variable-length blocks are used that belong to no
classes.
 We can have a block of 1 address, 2 addresses, 4 addresses, 128 addresses, and
so on.
  In classless addressing, the whole address space is divided into variable length
blocks.
 The prefix in an address defines the block (network); the suffix defines the
node (device).
 Theoretically, we can have a block of 2 0, 21, 22, ◻◻◻◻◻◻◻◻232 addresses.
 The number of addresses in a block needs to be a power of 2. An organization
can be granted one block of addresses.

 The prefix length in classless addressing is variable.

 We can have a prefix length that ranges from 0 to 32.
 The size of the network is inversely proportional to the length of the prefix.
 A small prefix means a larger network; a large prefix means a smaller network.
 The idea of classless addressing can be easily applied to classful addressing.
 An address in class A can be thought of as a classless address in which the
prefix length is 8.
 An address in class B can be thought of as a classless address in which the
prefix is 16, and so on. In other words, classful addressing is a special case of
classless addressing.

Notation used in Classless Addressing

 The notation used in classless addressing is informally referred to as slash
notation and formally as classless interdomain routing or CIDR.

 For example , 192.168.100.14 /24 represents the IP address 192.168.100.14

and, its subnet mask 255.255.255.0, which has 24 leading 1-bits.

Address Aggregation
 One of the advantages of the CIDR strategy is address aggregation
(sometimes called address summarization or route summarization).
 When blocks of addresses are combined to create a larger block, routing can be
done based on the prefix of the larger block.
 ICANN assigns a large block of addresses to an ISP.
 Each ISP in turn divides its assigned block into smaller subblocks and grants
the subblocks to its customers.

Special Addresses in IPv4

 There are five special addresses that are used for special purposes:
this-host address, limited-broadcastaddress, loopback address,
private addresses, and multicast addresses.
This-host Address
 The only address in the block 0.0.0.0/32 is called the this-host address.
 It is used whenever a host needs to send an IP datagram but it does not know its
own address to use as the source address.

Limited-broadcast Address
 The only address in the block 255.255.255.255/32 is called the limited-
broadcast address.
 It is used whenever a router or a host needs to send a datagram to all devices in
a network.
 The routers in the network, however, block the packet having this address as
the destination;the packet cannot travel outside the network.

Loopback Address
 The block 127.0.0.0/8 is called the loopback address.
 A packet with one of the addresses in this block as the destination address
never leaves the host; it will remain in the host.

Private Addresses
 Four blocks are assigned as private addresses: 10.0.0.0/8, 172.16.0.0/12,
192.168.0.0/16, and 169.254.0.0/16.

Multicast Addresses
 The block 224.0.0.0/4 is reserved for multicast addresses.

DHCP – DYNAMIC HOST CONFIGURATION PROTOCOL

 The dynamic host configuration protocol is used to simplify the installation and
maintenance of networked computers.
 DHCP is derived from an earlier protocol called BOOTP.
 Ethernet addresses are configured into network by manufacturer and they are
unique.
 IP addresses must be unique on a given internetwork but also must reflect the
structure of the internetwork
 Most host Operating Systems provide a way to manually configure the IP
information for the host
 Drawbacks of manual configuration :
1. A lot of work to configure all the hosts in a large network
2. Configuration process is error-prune
 It is necessary to ensure that every host gets the correct network number and that
no two hosts receive the same IP address.
 For these reasons, automated configuration methods are required.
 The primary method uses a protocol known as the Dynamic Host Configuration
Protocol (DHCP).
 The main goal of DHCP is to minimize the amount of manual configuration
required for a host.
 If a new computer is connected to a network, DHCP can provide it with all the
necessary information for full system integration into the network.
 DHCP is based on a client/server model.
 DHCP clients send a request to a DHCP server to which the server responds with
an IP address
 DHCP server is responsible for providing configuration information to hosts.
 There is at least one DHCP server for an administrative domain.
 The DHCP server can function just as a centralized repository for host
configuration information.
 The DHCP server maintains a pool of available addresses that it hands out to hosts
on demand.

 A newly booted or attached host sends a DHCPDISCOVER message to a special IP

address (255.255.255.255., which is an IP broadcast address.
 This means it will be received by all hosts and routers on that network.
 DHCP uses the concept of a relay agent. There is at least one relay agent on each
network.
 DHCP relay agent is configured with the IP address of the DHCP server.
 When a relay agent receives a DHCPDISCOVER message, it unicasts it to the DHCP
server and awaits the response, which it will then send back to the requesting client.
DHCP Message Format

 A DHCP packet is actually sent using a protocol called the User Datagram
Protocol (UDP).

FORWARDING OF IP PACKETS

 Forwarding means to deliver the packet to the next hop (which can be the final
destination or the intermediate connecting device).
 Although IP protocol was originally designed as a connectionless protocol,
today the tendency is to use IP as a connection-oriented protocol based on the
label attached to an IP datagram .
 When IP is used as a connectionless protocol, forwarding is based on the
destination address of the IP datagram.
 When the IP is used as a connection-oriented protocol, forwarding is based on
the label attached to an IP datagram.

FORWARDING BASED ON DESTINATION ADDRESS

 This is a traditional approach.
 In this case, forwarding requires a host or a router to have a forwarding table.
 When a host has a packet to send or when a router has received a packet to be
forwarded, it looks at this table to find the next hop to deliver the packet to.

 The main points in forwarding of IP Packets(datagram) are the following:

 Every IP Packets contains the IP address of the destination host.
 The network part of an IP address uniquely identifies a single physical
network that is part of the larger Internet.
 All hosts and routers that share the same network part of their address
are connected to the same physical network and can thus communicate
with each other by sending frames over that network.
 Every physical network that is part of the Internet has at least one router
that, by definition, is also connected to at least one other physical
network; this router can exchange packets with hosts or routers on either
 network.

 Forwarding IP Packets can therefore be handled in the following way.

 A Packets is sent from a source host to a destination host, possibly
passing through several routers along the way.
 Any node, whether it is a host or a router, first tries to establish whether
it is connected to the same physical network as the destination.

 To do this, it compares the network part of the destination address with the
network part of the address of each of its network interfaces. (Hosts normally
have only one interface, while routers normally have two or more, since they
are typically connected to two or more networks.)
 If a match occurs, then that means that the destination lies on the same physical
network as the interface, and the packet can be directly delivered over that
network that has a reasonable chance of getting the packet closer to its
destination.
 If there is no match, then the node is not connected to the same physical
network as the destination node, then it needs to send the packet to a router.

 In general, each node will have a choice of several routers, and so it needs to
pick the best one, or at least one that has a reasonable chance of getting the
datagram closer to its destination.
 The router that it chooses is known as the next hop router.
 The router finds the correct next hop by consulting its forwarding table. The
forwarding table is conceptually just a list of (NetworkNum, NextHop) pairs.
 There is also a default router that is used if none of the entries in the table
matches the destination’s network number.
 All Packets destined for hosts not on the physical network to which the sending
host is attached will be sent out through the default router.

Forwarding Algorithm

Simplified Forwarding Module

 The job of the forwarding module is to search the table, row by row.
 In each row, the n leftmost bits of the destination address (prefix) are kept and
the rest of the bits (suffix) are set to 0s.
 If the resulting address ( network address), matches with the address in the first
column, the information in the next two columns is extracted; otherwise the
search continues. Normally, the last row has a default value in the first column,
which indicates all destination addresses that did not match the previous rows.
 Routing in classless addressing uses another principle, longest mask
matching.
 This principle states that the forwarding table is sorted from the longest mask
to the shortest mask.
 In other words, if there are three masks, /27, /26, and /24, the mask /27 must be
the first entry and /24 must be the last.

 Let us make a forwarding table for router R1 using the configuration as given
in the figure above
  When a packet arrives whose leftmost 26 bits in the destination address match
the bits in the first row, the packet is sent out from interface m2.
 When a packet arrives whose leftmost 25 bits in the address match the bits in
the second row, the packet is sent out from interface m0, and so on.
 The table clearly shows that the first row has the longest prefix and the fourth
row has the shortest prefix.
 The longer prefix means a smaller range of addresses; the shorter prefix means
a larger range of addresses.

FORWARDING BASED ON LABEL

 In a connection-oriented network (virtual-circuit approach), a switch forwards a
packet based on the label attached to the packet.
 Routing is normally based on searching the contents of a table; switching can
be done by accessing a table using an index.
 In other words, routing involves searching; switching involves accessing.

 The Figure below shows a simple example of using a label to access a

switching table.
 Since the labels are used as the index to the table, finding the information in the
table is immediate.

Multi-Protocol Label Switching (MPLS)

 During the 1980s, several vendors created routers that implement switching
 technology.
 Later IETF approved a standard that is called Multi-Protocol Label Switching.
 In this standard, some conventional routers in the Internet can be replaced by
MPLS routers, which can behave like a router and a switch.
 When behaving like a router, MPLS can forward the packet based on the
destination address; when behaving like a switch, it can forward a packet based
on the label.

NETWORK LAYER PROTOCOLS : IP, ICMPV4

 The main protocol Internet Protocol is responsible for packetizing, forwarding,
and delivery of a packet at the network layer.
 The Internet Control Message Protocol version 4 (ICMPv4) helps IPv4 to
handle some errors that may occur in the network-layer delivery.

IP - INTERNET PROTOCOL
 The Internet Protocol is the key tool used today to build scalable,
heterogeneous internetworks.
 IP runs on all the nodes (both hosts and routers) in a collection of networks
 IP defines the infrastructure that allows these nodes and networks to function
as a single logical internetwork.

IP SERVICE MODEL
 Service Model defines the host-to-host services that we want to provide
 The main concern in defining a service model for an internetwork is that we can
provide a host-to-host service only if this service can somehow be provided over
each of the underlying physical networks.
 The Internet Protocol is the key tool used today to build scalable, heterogeneous
internetworks.
 The IP service model can be thought of as having two parts:
 A GLOBAL ADDRESSING SCHEME - which provides a way to
identify all hosts in the internetwork
 A DATAGRAM DELIVERY MODEL – A connectionless model of data
delivery.

IP PACKET FORMAT / IP DATAGRAM FORMAT

 A key part of the IP service model is the type of packets that can be carried.
 The IP datagram consists of a header followed by a number of bytes of data.
 FIELD DESCRIPTION

Version Specifies the version of IP. Two versions exists – IPv4 and IPv6.
HLen Specifies the length of the header
TOS An indication of the parameters of the quality of service
(Type of Service) desired such as Precedence, Delay, Throughput and Reliability.
Length Length of the entire datagram, including the header. The
maximum size of an IP datagram is 65,535(210 )bytes
Ident Uniquely identifies the packet sequence number.
(Identification) Used for fragmentation and re-assembly.
Flags Used to control whether routers are allowed to fragment a packet.
If a packet is fragmented , this flag value is 1.If not, flag value is
0.
Offset Indicates where in the datagram, this fragment belongs.
(Fragmentation The fragment offset is measured in units of 8 octets
offset) (64 bits). The first fragment has offset zero.
TTL Indicates the maximum time the datagram is allowed to
(Time to Live) remain in the network. If this field contains the value zero, then
the datagram must be destroyed.
Protocol Indicates the next level protocol used in the data portion of the
datagram
Checksum Used to detect the processing errors introduced into the packet

Source Address The IP address of the original sender of the packet.

Destination The IP address of the final destination of the packet.
Address
Options This is optional field. These options may contain values for
options such as Security, Record Route, Time Stamp, etc
Pad Used to ensure that the internet header ends on a 32 bit boundary.
The padding is zero.
IP DATAGRAM - FRAGMENTATION AND REASSEMBLY
Fragmentation :
 Every network type has a maximum transmission unit (MTU), which is the
largest IP datagram that it can carry in a frame.

 Fragmentation of a datagram will only be necessary if the path to the

destination includes a network with a smaller MTU.
 When a host sends an IP datagram,it can choose any size that it wants.
 Fragmentation typically occurs in a router when it receives a datagram that it
wants to forward over a network that has an MTU that is smaller than the
received datagram.
 Each fragment is itself a self-contained IP datagram that is transmitted over a
sequence of physical networks, independent of the other fragments.
 Each IP datagram is re-encapsulated for each physical network over which it
travels.

 For example , if we consider an Ethernet network to accept packets up to 1500

bytes long.
 This leaves two choices for the IP service model:
 Make sure that all IP datagrams are small enough to fit inside one packet
on any network technology
 Provide a means by which packets can be fragmented and reassembled
when they are too big to go over a given network technology.
 Fragmentation produces smaller, valid IP datagrams that can be readily
reassembled into the original datagram upon receipt, independent of the order
of their arrival.

Example:

 The original packet starts at the client; the fragments are reassembled at the
 server.
 The value of the identification field is the same in all fragments, as is the value
of the flags field with the more bit set for all fragments except the last.
 Also, the value of the offset field for each fragment is shown.
 Although the fragments arrived out of order at the destination, they can be
correctly reassembled.

 The value of the offset field is always relative to the original datagram.
 Even if each fragment follows a different path and arrives out of order, the
final destination host can reassemble the original datagram from the
fragments received (if none of them is lost) using the following strategy:
1) The first fragment has an offset field value of zero.
2) Divide the length of the first fragment by 8. The second fragment has an
offset value equal to that result.
3) Divide the total length of the first and second fragment by 8. The third
fragment has an offset value equal to that result.
4) Continue the process. The last fragment has its M bit set to 0.
5) Continue the process. The last fragment has a more bit value of 0.

Reassembly:
 Reassembly is done at the receiving host and not at each router.
 To enable these fragments to be reassembled at the receiving host, they all
carry the same identifier in the Ident field.
 This identifier is chosen by the sending host and is intended to be unique
among all the datagrams that might arrive at the destination from this source
over some reasonable time period.
 Since all fragments of the original datagram contain this identifier, the
reassembling host will be able to recognize those fragments that go together.
 For example, if a single fragment is lost, the receiver will still attempt to
reassemble the datagram, and it will eventually give up and have to garbage-
collect the resources that were used to perform the failed reassembly.
 Hosts are now strongly encouraged to perform “path MTU discovery,” a
process by which fragmentation is avoided by sending packets that are small
enough to traverse the link with the smallest MTU in the path from sender to
receiver.
IP SECURITY
There are three security issues that are particularly applicable to the IP protocol:
(1) Packet Sniffing (2) Packet Modification and (3) IP Spoofing.

Packet Sniffing
 An intruder may intercept an IP packet and make a copy of it.
 Packet sniffing is a passive attack, in which the attacker does not change the
contents of the packet.
 This type of attack is very difficult to detect because the sender and the receiver
may never know that the packet has been copied.
 Although packet sniffing cannot be stopped, encryption of the packet can make
the attacker’s effort useless.
 The attacker may still sniff the packet, but the content is not detectable.

Packet Modification
 The second type of attack is to modify the packet.
 The attacker intercepts the packet,changes its contents, and sends the new
packet to the receiver.
 The receiver believes that the packet is coming from the original sender.

 This type of attack can be detected using a data integrity mechanism.

 The receiver, before opening and using the contents of the message, can use
this mechanism to make sure that the packet has not been changed during the
transmission.

IP Spoofing
 An attacker can masquerade as somebody else and create an IP packet that
carries the source address of another computer.
 An attacker can send an IP packet to a bank pretending that it is coming from
one of the customers.
 This type of attack can be prevented using an origin authentication
mechanism
IP Sec
 The IP packets today can be protected from the previously mentioned attacks
using a protocol called IPSec (IP Security).
 This protocol is used in conjunction with the IP protocol.
 IPSec protocol creates a connection-oriented service between two entities in
which they can exchange IP packets without worrying about the three attacks
such as Packet Sniffing, Packet Modification and IP Spoofing.
 IP Sec provides the following four services:
1) Defining Algorithms and Keys : The two entities that want to create a
secure channel between themselves can agree on some available
algorithms and keys to be used for security purposes.
2) Packet Encryption : The packets exchanged between two parties can be
encrypted for privacy using one of the encryption algorithms and a shared
key agreed upon in the first step. This makes the packet sniffing attack
useless.
3) Data Integrity : Data integrity guarantees that the packet is not
modified during the transmission. If the received packet does not pass
 the data integrity test, it is discarded.This prevents the second attack,
packet modification.
4) Origin Authentication : IPSec can authenticate the origin of the
packet to be sure that the packet is not created by an imposter. This can
prevent IP spoofing attacks.

ICMPV4 - INTERNET CONTROL MESSAGE PROTOCOL VERSION 4

 ICMP is a network-layer protocol.
 It is a companion to the IP protocol.
 Internet Control Message Protocol (ICMP) defines a collection of error
messages that are sent back to the source host whenever a router or host is
unable to process an IP datagram successfully.

ICMP MESSAGE TYPES

 ICMP messages are divided into two broad categories: error-reporting
messages and query messages.
 The error-reporting messages report problems that a router or a host
(destination) may encounter when it processes an IP packet.

 The query messages help a host or a network manager get specific information
from a router or another host.

ICMP Error – Reporting Messages

 Destination Unreachable―When a router cannot route a datagram, the datagram

is discarded and sends a destination unreachable message to source host.
 Source Quench―When a router or host discards a datagram due to congestion, it
sends a source-quench message to the source host. This message acts as flow
control.
 Time Exceeded―Router discards a datagram when TTL field becomes 0 and a
time exceeded message is sent to the source host.
 Parameter Problem―If a router discovers ambiguous or missing value in any
 field of the datagram, it discards the datagram and sends parameter problem
message to source.
 Redirection―Redirect messages are sent by the default router to inform the source
host to update its forwarding table when the packet is routed on a wrong path.
DHCP

ICMP Query Messages

 Echo Request & Reply―Combination of echo request and reply messages

determines whether two systems communicate or not.
 Timestamp Request & Reply―Two machines can use the timestamp request
and reply messages to determine the round-trip time (RTT).
 Address Mask Request & Reply―A host to obtain its subnet mask, sends an
address mask request message to the router, which responds with an address
mask reply message.
 Router Solicitation/Advertisement―A host broadcasts a router solicitation
message to know about the router. Router broadcasts its routing information
with router advertisement message.

ICMP MESSAGE FORMAT

 An ICMP message has an 8-byte header and a variable-size data section.

Type Defines the type of the message

Code Specifies the reason for the particular message type
Checksum Used for error detection
 Rest of the header Specific for each message type
Data Used to carry information
Identifier Used to match the request with the reply
Sequence Number Sequence Number of the ICMP packet

ICMP DEBUGGING TOOLS

Two tools are used for debugging purpose. They are (1) Ping (2) Traceroute

Ping
 The ping program is used to find if a host is alive and responding.
 The source host sends ICMP echo-request messages; the destination, if alive,
responds with ICMP echo-reply messages.

 The ping program sets the identifier field in the echo-request and echo-reply
message and starts the sequence number from 0; this number is incremented by
1 each time a new message is sent.
 The ping program can calculate the round-trip time.
 It inserts the sending time in the data section of the message.
 When the packet arrives, it subtracts the arrival time from the departure time to
get the round-trip time (RTT).
$ ping google.com

Traceroute or Tracert
 The traceroute program in UNIX or tracert in Windows can be used to trace
the path of a packet from a source to the destination.
 It can find the IP addresses of all the routers that are visited along the path.
 The program is usually set to check for the maximum of 30 hops (routers) to be
visited.
 The number of hops in the Internet is normally less than this.
$ traceroute google.com

IPV69.- NEXT
UNICAST ROUTINGIP
GENERATION

 IPv6 was evolved to solve address space problem and offers rich set of
services.
 Some hosts and routers will run IPv4 only, some will run IPv4 and IPv6 and
some will run IPv6 only.

DRAWBACKS OF IPV4
 Despite subnetting and CIDR, address depletion is still a long-term problem.
 Internet must accommodate real-time audio and video transmission that
requires minimum delay strategies and reservation of resources.
 Internet must provide encryption and authentication of data for some
applications

FEATURES OF IPV6
 1. Better header format - IPv6 uses a new header format in which options are
separated from the base header and inserted, when needed, between the base
header and the data. This simplifies and speeds up the routing process because
most of the options do not need to be checked by routers.
2. New options - IPv6 has new options to allow for additional functionalities.
3. Allowance for extension - IPv6 is designed to allow the extension of the
protocol if required by new technologies or applications.
4. Support for resource allocation - In IPv6, the type-of-service field has been
removed, but two new fields, traffic class and flow label, have been added to
enable the source to request special handling of the packet. This mechanism
can be used to support traffic such as real-time audio and video.

Additional Features :
1. Need to accommodate scalable routing and addressing
2. Support for real-time services
3. Security support
4.Autoconfiguration -
The ability of hosts to automatically configure themselves with such
information as their own IP address and domain name.
5. Enhanced routing functionality, including support for mobile hosts
6. Transition from ipv4 to ipv6

ADDRESS SPACE ALLOCATION OF IPV6

◻IPv6 provides a 128-bit address space to handle up to 3.4 × 10 38 nodes.
◻IPv6 uses classless addressing, but classification is based on MSBs.
◻The address space is subdivided in various ways based on the leading bits.
◻The current assignment of prefixes is listed in Table

◻A node may be assigned an “IPv4-compatible IPv6 address” by zero-extending a

32-bit IPv4 addressto128 bits.

◻A node that is only capable of understanding IPv4 can be assigned an “IPv4-

mapped IPv6 address” by prefixing the 32-bit IPv4 address with 2 bytes of all
1s and then zero-extending the result to 128 bits.
GLOBAL UNICAST
◻Large chunks (87%) of address space are left unassigned for future use.
◻IPv6 defines two types of local addresses for private networks.
oLink local - enables a host to construct an address that need not be
globally unique.
oSite local - allows valid local address for use in a isolated site with
several subnets.
◻Reserved addresses start with prefix of eight 0's.
 oUnspecified address is used when a host does not know its address
oLoopback address is used for testing purposes before connecting
oCompatible address is used when IPv6 hosts uses IPv4 network
o Mapped address is used when a IPv6 host communicates with a IPv4 host
◻IPv6 defines anycast address, assigned to a set of interfaces.
◻Packet with anycast address is delivered to only one of the nearest interface.

ADDRESS NOTATION OF IPV6

◻Standard representation of IPv6 address is x : x : x : x : x : x : x : x where x is a
16-bit hexadecimal address separated by colon (:).
For example,
47CD : 1234 : 4422 : ACO2 : 0022 : 1234 : A456 : 0124

◻IPv6 address with contiguous 0 bytes can be written compactly.

For example,
47CD : 0000 : 0000 : 0000 : 0000 : 0000 : A456 : 0124 → 47CD : : A456 : 0124

◻IPv4 address is mapped to IPv6 address by prefixing the 32-bit IPv4 address
with 2 bytes of 1s and then zero-extending the result to 128 bits.
For example,
128. 96.33.81 → : : FFFF : 128.96.33.81
This notation is called as CIDR notation or slash notation.

ADDRESS AGGREGATION OF IPV6

◻IPv6 provides aggregation of routing information to reduce the burden on
routers.
◻Aggregation is done by assigning prefixes at continental level.
◻For example, if all addresses in Europe have a common prefix, then routers in
other continents would need one routing table entry for all networks in Europe.

 Prefix - All addresses in the same continent have a common prefix

 RegistryID ― identifies the continent
 ProviderID ― identifies the provider for Internet access, i.e., ISP.
 SubscriberID ― specifies the subscriber identifier

 SubnetID ― contains subnet of the subscriber.

 InterfaceID ―contains link level or physical address.

PACKET FORMAT OF IPV6

◻IPv6 base header is 40 bytes long.
  Version — specifies the IP version, i.e., 6.
 Traffic Class — defines priority of the packet with respect to traffic
congestion. It is either congestion-controlled or non-congestion controlled
 Flow Label — provides special handling for a particular flow of data. Router
handles different flows with the help of a flow table.
 Payload Len — gives length of the packet, excluding IPv6 header.
 Next Header — Options are specified as a header following IP header.
NextHeader contains a pointer to optional headers.
 Hop Limit — Gives the TTL value of a packet.
 Source Address / Destination Address — 16-byte addresses of source and
destination host

Extension Headers
◻Extension header provides greater functionality to IPv6.
◻Base header may be followed by six extension headers.
◻Each extension header contains a NextHeader field to identify the header
following it.

 Hop-by-Hop — source host passes information to all routers visited by the

packet
 Destination — source host information is passed to the destination only.
 Source Routing — routing information provided by the source host.
 Fragmentation — In IPv6, only the source host can fragment. Source uses a
path MTU discovery technique to find smallest MTU on the path.
 Authentication — used to validate the sender and ensures data integrity.
 ESP (Encrypted Security Payload) — provides confidentiality against
eavesdropping.

ADVANCED CAPABILITIES OF IPV6

◻Auto Configuration — Auto or stateless configuration of IP address to hosts
without the need for a DHCP server, i.e., plug and play.
◻Advanced Routing — Enhanced routing support for mobile hosts is provided.
◻Additional Functions ― Enhanced routing functionality with support for
mobile hosts.
 ◻Security ― Encryption and authentication options provide confidentiality and
integrity.
◻Resource allocation ― Flow label enables the source to request special
handling of real-time audio and video packets

ADVANTAGES OF IPV6
◻Address space ― IPv6 uses 128-bit address whereas IPv4 uses 32-bit address.
Hence IPv6 has huge address space whereas IPv4 faces address shortage
problem.
◻Header format ― Unlike IPv4, optional headers are separated from base
header in IPv6. Each router thus need not process unwanted addition
information.
◻Extensible ― Unassigned IPv6 addresses can accommodate needs of future
technologies.

Dual-Stack Operation and Tunneling

◻In dual-stack, nodes run both IPv6 and IPv4, uses Version field to decide which
stack should process an arriving packet.
◻IPv6 packet is encapsulated with an IPv4 packet as it travels through an IPv4
network. This is known as tunneling and packet contains tunnel endpoint as its
destination address.

Network Address Translation

◻NAT enables hosts on a network to use Internet with local addresses.
◻Addresses reserved for internal use range from 172.16.0.0 to 172.31.255.255
◻Organization must have single connection to the Internet through a router that
runs the NAT software.

ADDRESS RESOLUTION PROTOCOL(ARP)

ARP stands for Address Resolution Protocol, which is used to find the MAC address of the device from its
known IP address. This means, the source device already knows the IP address but not the MAC address of
the destination device. The MAC address of the device is required because you cannot communicate with a
device in a local area network (Ethernet) without knowing its MAC address. So, the Address Resolution
Protocol helps to obtain the MAC address of the destination device.

Scenario 1: When the data packet is lost or erroneous.

The purpose of ARP is to convert the 32-bit logical address (IPv4 address) to the 48-bit physical address (MAC
address). This protocol works between layer 2 and layer 3 of the OSI model. The MAC address resides at layer
2, which is also known as the data link layer and IP address resides at layer 3, this layer is also known as the
network layer.
Note: The ARP request is generated only when both the devices (source and destination) are in the same
network.

Example: Suppose two devices (device A and device B) want to communicate with each other. The
device A already knows the IP address of the Device B. But in order to communicate with the device
B, device A still needs the MAC address of the device B. The IP address is used to locate a device
on a local area network and the MAC address is used to identify the actual device. The device A
first look at its internal list known as ARP cache (table) to check if the IP address of the device B
already consists of its MAC address or not. If the ARP table consists of the MAC address of the
device B, then device A simply use that MAC address and start communication.
If the table does not consist of the MAC address of device B, then
device A sends an ARP broadcast message on the network to know which device has that specific IP
address and ask for the MAC address of that particular device. Then the device that has matching IP
address to the source address sends an ARP response message that consists of the MAC address of
the device B. When device A obtains the MAC address of the device B, it will store the information
in the ARP cache (table). The ARP cache is used to make the network more efficient. It stores the IP
address of the device along with its MAC address. The stored information is used when device A
wants to communicate with device B on a network, and it does not need to broadcast a message on
the network again. It will simply check the ARP cache for the entries and then use it for
communication.

Types of Mapping in ARP

There are two different ways to map the IP address into the MAC address, which are given
below:

o Static Mapping
o Dynamic Mapping

Static Mapping - In the static mapping, a table consists of a logical address and corresponding
physical address of the destination device. In this, the IP and MAC address of the device is entered
manually in an ARP table. The source device has to access the table first if a source wants to
communicate with the destination device.

Dynamic Mapping - In the dynamic mapping, if a device knows the logical address of the other
device, then by using the Address Resolution protocol, this device will also find the physical address
of the device. The dynamic entries are created automatically when the source device sends an ARP
broadcast request. These entries are not permanent and cleared periodically.

Address Resolution Protocol (ARP) and its types

Address Resolution Protocol (ARP) is a communication protocol used to find the MAC (Media Access
Control) address of a device from its IP address. This protocol is used when a device wants to
communicate with another device on a Local Area Network or Ethernet.

There are four types of Address Resolution Protocol, which is given below:

1. Proxy ARP
2. Gratuitous ARP
 3. Reverse ARP (RARP)
4. Inverse ARP

ARP Packet Format

The fields are as follows:

a. Hardware type. This is a 16-bit field defining the type of the network on which ARP is running.
Each LAN has been assigned an integer based on its type. For example, Ethernet is given type
1. ARP can be used on any physical network.
b. Protocol type. This is a 16-bit field defining the protocol. For example, the value of this field for
the IPv4 protocol is 080016, ARP can be used with any higher-level protocol.
c. Hardware length. This is an 8-bit field defining the length of the physical address in bytes. For
example, for Ethernet the value is 6.
d. Protocol length. This is an 8-bit field defining the length of the logical address in bytes. For
example, for the IPv4 protocol the value is 4.
e. Operation. This is a 16-bit field defining the type of packet. Two packet types are defined: ARP
request (1) and ARP reply (2).
f. Sender hardware address. This is a variable-length field defining the physical address of the
sender. For example, for Ethernet this field is 6 bytes long.
g. Sender protocol address. This is a variable-length field defining the logical (for example, IP)
address of the sender. For the IP protocol, this field is 4 bytes long.
h. Target hardware address. This is a variable-length field defining the physical address of the
target. For example, for Ethernet this field is 6 bytes long. For an ARP request message, this field
is alI 0s because the sender does not know the physical address of the target.
i. Target protocol address. This is a variable-length field defining the logical (for example, IP)
address of the target. For the IPv4 protocol, this field is 4 bytes long.
Encapsulation
An ARP packet is encapsulated directly into a data link frame. For example, in Figure 21.5 an
ARP packet is encapsulated in an Ethernet frame. Note that the type field indicates that the data
carried by the frame are an ARP packet.

Four Different Cases of ARP Operation

The following are four different cases in which the services of ARP can be used
Case 1: The sender is a host and wants to send a packet to another host on the same network. In this
case, the logical address that must be mapped to a physical address is the destination IP address in the
datagram header.

Case 2: The sender is a host and wants to send a packet to another host on another network.
In this case, the host looks at its routing table and finds the IP address of the next hop (router)
for this destination. If it does not have a routing table, it looks for the IP address of the default
router. The IP address of the router becomes the logical address that must be mapped to a physical
address.
 Case 3: The sender is a router that has received a datagram destined for a host on another network. It checks its
routing table and finds the IP address of the next router. The IP address of the next router becomes the logical
address that must be mapped to a physical address.

Case 4: The sender is a router that has received a datagram destined for a host on the same network. The destination
IP address of the datagram becomes the logical address that must be mapped to a physical address.

REVERSE ADDRESS RESOLUTION PROTOCOL(RARP)

Reverse Address Resolution Protocol (RARP) finds the logical address for a machine that knows
only its physical address. To create an IP datagram, a host or a router needs to know its own IP address or
addresses. The IP address of a machine is usually read from its configuration file stored on a disk file.
However, a diskless machine is usually booted from ROM, which has minimum booting information.
The ROM is installed by the manufacturer. It cannot include the IP address because the IP addresses
on a network are assigned by the network administrator. The machine can get its physical address (by
reading its NIC, for example), which is unique locally. It can then use the physical address to get the
logical address by using the RARP protocol.

RARP Operation
RARP operation is displayed in Fig
a. A RARP request is created and broadcast on the local network.
b. Another machine on the local network that knows all the IP addresses will respond with a RARP
reply.
c. The requesting machine must be running a RARP client program; the responding machine must
 be running a RARP server program.

RARP Packet Format & Encapsulation

 The format of the RARP packet is the same as the ARP packet format as displayed in Figure
21.4, except that the operation field. It’s value is 3 for RARP request message and 4 for RARP
reply message.
 An RARP packet is also encapsulated directly into a data link frame just like ARP packet as
displayed in Figure.
Limitations of RARP:
 As broadcasting is done at the data link layer. The physical broadcast address, all 1’s in the case
of Ethernet, does not pass the boundaries of a network.
 This means that if an administrator has several networks or several subnets, it needs to assign a
RARP server for each network or subnet.
 This is the reason that RARP is almost obsolete.
 Two protocols, BOOTP and DHCP, are replacing RARP.

COMPARISION OF IPV4 AND IPV6

IPv4 IPv6

IPv4 has a 32-bit address length IPv6 has a 128-bit address length

It Supports Manual and DHCP address

It supports Auto and renumbering address configuration
configuration

In IPv4 end to end, connection integrity

In IPv6 end-to-end, connection integrity is Achievable
is Unachievable
 IPv4 IPv6

The address space of IPv6 is quite large it can produce

It can generate 4.29×109 address space
3.4×1038 address space

The Security feature is dependent on the

IPSEC is an inbuilt security feature in the IPv6 protocol
application

Address representation of IPv4 is in

Address Representation of IPv6 is in hexadecimal
decimal

Fragmentation performed by Sender and

In IPv6 fragmentation is performed only by the sender
forwarding routers

In IPv4 Packet flow identification is not In IPv6 packet flow identification are Available and uses
available the flow label field in the header

In IPv4 checksum field is available In IPv6 checksum field is not available

It has a broadcast Message Transmission In IPv6 multicast and anycast message transmission
Scheme scheme is available

In IPv4 Encryption and Authentication In IPv6 Encryption and Authentication are provided
facility not provided

IPv6 has a header of 40 bytes fixed

IPv4 has a header of 20-60 bytes.

IPv4 can be converted to IPv6 Not all IPv6 can be converted to IPv4

IPv4 consists of 4 fields which are IPv6 consists of 8 fields, which are separated by a colon
separated by addresses dot (.) (:)

IPv4’s IP addresses are divided into

five different classes. Class A , Class B, IPv6 does not have any classes of the IP address.
Class C, Class D , Class E.

IPv4 supports VLSM(Variable Length

IPv6 does not support VLSM.
subnet mask).

Example of IPv6:
Example of IPv4: 66.94.29.13
2001:0000:3238:DFE1:0063:0000:0000:FEFB