Computer Networks:

Introduction to the Internet/Network

Layer and the Internet Protocol (IP)
CS455/CS555/EE407/EE507
Fall 2024

Pat Wilbur
[email protected]
Internet/Network Layer (“Layer 3”)
Internet
Standard OSI
Model Model
(a.k.a.
(a.k.a.
“TCP/IP
“TCP/IP
Model”)
model”)

Source: Wikipedia
Internet/Network Layer (“Layer 3”)
Internet
Standard OSI
Model Model
(a.k.a.
(a.k.a.
“TCP/IP
“TCP/IP
Model”)
model”)

Source: Wikipedia
Common network components

Switch: A node on a network responsible for (electronic) switching
between different physical links on the same network (e.g. packet
comes into switch on one physical link, then the switch sends it out on
another physical link); a switch is only aware of the adjacent nodes
(connected directly to it)

Router: A node on a network responsible for forwarding packets from
one network to another network (or the Internet); a router is aware of
“addresses” and can decide where a packet should beyond the
current network; can also be a “gateway router”

Gateway: A node that bridges different networks (or protocols)
Application Traffic Flow Example
1) User opens web browser and selects a website to connect to
2) Browser uses HTTP (application-layer protocol) to fetch web page
3) HTTP uses TCP (a connection-oriented transport-layer protocol) to
set up a robust connection to the web server that hosts the web page
4) TCP uses IP to route and deliver packets across multiple networks
5) ... Host Google.com

connect

OK

get page

page; close *
Application Traffic Flow Example
Host A Host B

HTTP HTTP

TCP Router 1 Router 2 TCP

IP IP IP IP

link link link link link

link

*
Application Traffic Flow Example
Host A Host B

HTTP HTTP

TCP Router 1 Router 2 TCP

IP IP IP IP

link link link link link

link

*
Establishing Paths

Packets flow from end to end across many links

Routers receive packets and try to forward them one step closer to
their destination (routing)

The packets contain all the information necessary to indicate their
destination (addressing)

Packet switching:
➢ each packet is processed individually
➢ subsequent packets can take different paths

*
Network resource: switch

Hosts on the same network connected to a switch (common configuration known as a “star topology”)

Source
Network resource: switches

Hosts on the same network connected to switches, where a switch can forward packets to other switches
to reach destination (note: routers forward to different networks, but these are the same network)
Source
Network resource: routers

H = Hosts
R = Routers
AP = Wireless access point and radio

Ethernet = most common family of wired network standards and protocols

(spanning the link/data link layer of the Internet Standard and
OSI models, as well as the physical layer of the OSI Model)

Ethernet is in what is commonly referred to as “Layer 2” or “L2” regardless

of which (OSI vs. Internet Standard) model is being used, and Internet
Protocol (IP) is in what is commonly referred to as “Layer 3” or “L3” as well

An example of an internetwork (multiple networks connected together). What makes a network a distinct
network? Typically who administers/controls it, but also how, e.g., IP address management is delineated.
Source
Traceroute (tracepath)

Recall: ping command measures end-to-end latency (RTT) between hosts

traceroute command (tracepath on some OSes) allows seeing the path
taken and the routers along the way between endpoints (Host A → Host B)
➢ traceroute <destination host IP address or hostname>
➢ Other commands: tracepath (equivalent to traceroute), tracepath6 (IPv6-
specific, although has been moved into modern versions of tracepath)

Note: Some nodes don’t respond to ping and/or to traceroute/tracepath, so
can lack a complete picture of in-between nodes

Online traceroute example (can try traceroute from different geo locations),
note same query can follow different paths from source to destination hosts
*
Transport Layer vs. “Layer 3”
Recall, the Transport Layer: The Internet/network Layer (“Layer 3”):

Establishes a transport between two 
Establishes an end-to-end way to
processes on different hosts (one on address/communicate between two
one host, one on another host) hosts (on same or different networks)

Prepares application-layer data for 
Prepares higher-layer PDUs for
port-based multiplexing/buffering address-based routing (get from
(so that multiple apps on the same Host A to Host B) on one or more
host can all use the same network(s)) networks

Prepares application-layer data and 
Prepares higher-layer PDUs for lower
segments data for transmission over layers and to, ultimately, be sent over
a packet-switched network (so that physical media; if necessary,
individual pieces can be ACKed, and so fragments data so it can fit within
that time sharing can occur on network physical constraints (e.g. max sizes of
resources like physical links/media) network buffers in-between the hosts)
Application Traffic Flow Example
Host A Host B

HTTP HTTP

TCP TCP
Establishes process-to-process communication for processes

IP IP
Establishes host-to-host communication over one or more networks

link link

Derived from *
Network resource: routers

Source
Layer 3 (Network-layer) Protocols

Two categories:
➢ Virtual Circuit Style: Replicate some of the unique attributes of a
circuit-switched network, such as guaranteed performance and
deterministic physical/geographic path, by preallocating and reserving
(some of the) network resources until hosts decide to stop using them
➢ Datagram Style: The essence of packet-switched networks—stateless,
elastic (not necessarily reserved the entire time and not necessarly a
single path), and more scalable; (not to be confused w/ UDP datagrams)

Internet Protocol (IP) implements a datagram-style network; older early-
Internet protocols were VC-style (ATM, Frame Relay, X.25), and VC-style
protocols can be used to implement modern non-Internet realtime networks
*
Virtual Circuit vs. Datagram Styles
Virtual Circuit Style: Datagram Style (used in packet-
switched networks and the Internet):

Inspired by telephony, stateful

Best-effort

Once a “call” is set up, all network
resources along path provide 
Stateless: No network-level concept
dedicated allocation of CPU/ of “connection” or “call”
memory/etc. system resources, until
call is ended (resources released)

Routers: no state about end-to-end
connections

Predicatble/guaranteed network
performance for “realtime”

Packets typically routed using
applications destination host ID (IP address)


Not used on the Internet or Ethernet

Subsequent packets between same
(LANs) source & destination pair may take
different paths *
Why choose one or the other?
Virtual Circuit Style: Datagram Style (used in packet-
switched networks and the Internet):

Strict timing and reliabilty
requirements 
Data exchange among computers

Deterministic 
“Elastic” service, no strict timing req.

“Dumb” hosts (telephones, tiny 
“Smart” hosts (computers) can adapt,
sensors) → push complexity of states perform control, error recovery
and reliability to network

Simplicity inside network core,
complexity at “edge”

*
Best effort?
Datagrams can be:

Corrupted at the physical level

Dropped because of full buffers

Unable to be delivered due to an unreachable destination

Subjected to routing issues (e.g. a routing loop)

*
Internet Protocol (IP)

The Internet is a network of heterogeneous networks:
➢ using different technologies (ex. different maximum packet sizes)
➢ belonging to different administrative authorities (ex. Willing to accept
packets from different addresses)

Goal of IP: interconnect all these networks so can send end-to-end without
any knowledge of the intermediate networks

Routers: machines that forward packets between heterogeneous networks

*
Internet Protocol (IP) PDU header

IPv4 (IP Version 4) PDU header

Source
Internet Protocol (IP) PDU header

Version number (4-bit):
➢ 4 for IPv4, 6 for IPv6
➢ Fields that follow can vary based on this number

Header length (4-bit):
➢ Number of 32-bit words
➢ Includes length of options (40 bytes max)

*
Internet Protocol (IP) PDU header

Type-of-service (TOS) field (8 bits):
➢ 3-bit precedence field
➢ 4 TOS bits (only one may be turned on)
➢
Minimize delay
➢
Maximize throughput
➢
Maximize reliability
➢
Minimize monetary cost
➢ 1 unused bit
➢ Many implementations ignore; most implementations don’t allow
application to set this to indicate preference anyway
*
Internet Protocol (IP) PDU header

Header Checksum:
➢ Calculated over IP header
➢ 16-bit one’s complement
➢ When change TTL, checksum updated

Source and destination IP addresses

Options (variable-length):
➢ Security options
➢ Record route/timestamp (alternative to traceroute)

*
Internet Protocol (IP) PDU header

Total length field (16 bits):
➢ Length in bytes
➢ Max total length = 216 - 1 = 65,535 bytes
➢ Max data = 65,535 - header length

Can you really send that much?
➢ Link layer might not be enough to handle that much, as various link layer
technologies have different limits
➢ As pass over various link layers, packet will be fragmented if necessary
➢ Total length field will change when fragmented
*
IP fragmentation & reassembly

Each network link has an MTU (max transmission unit): largest possible
packet that can be supported within the payload of a link-level PDU (frame)
➢ Different links → different MTUs
➢ Lower-layer protocols tunneled (encapsulated) within app layer (e.g.
VPN) → lower MTUs

Larger IP packets divided (fragmented) within network
➢ Reassembled only at final destination (even if passes over other links
that could handle larger packets)
➢ Can be fragmented multiple times
➢ One fragment dropped → entire packet dropped
*
IP PDU header: fragmentation

Identification (16 bits):
➢ “Unique ID” for datagram
➢ Usually set to value of variable in IP layer that is incremented by one for
each packet sent from that host (regardless of destination)

Flags (3 bits):
➢ 1 bit used to say whether there are more fragments following this one in
the original datagram
➢ 1 bit used to say “do not fragment” (drop and send error message back
to source if need to fragment)

Fragment Offset (13 bits): offset of data in this fragment into original packet
*
 IP fragmentation & reassembly

Example: A 1420-byte packet (20-byte header + 1400-byte payload) traverses Network 1 (1500-byte
MTU), Network 2 (1500-byte MTU), Network 3 (523-byte MTU), and Network 4 (1500-byte MTU).
Fragmentation must occur to fit packet through MTU bottleneck (Network 3). Source
 IP fragmentation & reassembly

Example: A 1420-byte packet (20-byte header + 1400-byte payload) traverses Network 1 (1500-byte
MTU), Network 2 (1500-byte MTU), Network 3 (523-byte MTU), and Network 4 (1500-byte MTU).
Fragmentation must occur to fit packet through MTU bottleneck (Network 3).

Note: Offset = 64 = 512/8, because IP inventors decided fragmentation should always occur on 8-
byte intervals. Also note: Last fragment doesn’t have “more” bit set (“more” flag is 0). Source
Fragmentation stinks

Complex to maintain/implement fragmentation and reassembly, so best to
avoid (can even become basis for denial of service (DoS) attacks)

Alternatives?
➢ IP wants to be able to run anywhere over any network: make packet size
as small as the minimum packet size anywhere along a route
➢ Problem: Detection? What if minimum increases after detection?
➢ Look before you leap?

Path MTU discovery: to avoid overhead of fragmentation and reassembly
in network, hosts can send a series of probe packets to determine the
smallest MTU along a route and size packets accordingly at source
*
Path MTU discovery in TCP

If doing path MTU discovery in TCP, start with minimum of receiver’s
specified MSS (maximum segment size in TCP) or local sender’s MTU and
set the Don’t Fragment bit

If ICMP message received indicating that fragmentation was required, then
segment size will be reduced

Periodically (every so often), TCP can try a higher segment size up to the
receiver’s MSS to see if new route is being used that would allow larger
segments

Not all implementations support this

*
Path MTU discovery in UDP

Not like TCP where sender sends stream in chunks as they see fit and
receiver reads in chunks as they see fit

With UDP, the size of the UDP packet is much more visible to the application

May send with DF bit off and see if message received → requires app-layer
feedback since no transport-layer acknowledgement

May send with DF bit on and if get ICMP messages then IP on host may
fragment before sent but these messages are not really exposed to
application layer

Again, not all implementations support

*
IP PDU header: protocol

Identifies payload protocol; or, in the case of TCP (proto 6) or UDP (proto
17), identifies which upper-layer protocol that IP should pass the payload
(SDU) up to

8 bits: 28-1 = 255 max number protocols
➢ 1= ICMP
➢ 2= IGMP
➢ 6 = TCP
➢ 17 = UDP
➢ 135-254: Unassigned

http://www.iana.org/assignments/protocol-numbers
*
ICMP

Internet Control Message Protocol (ICMP): Used by hosts, routers,
gateways to communication network-level information like error notification
or querying network conditions

Network-layer “above” IP:
➢ ICMP messages carried as payload in IP packets
➢ ICMP message: 8-bit type, 8-bit code, 16-bit checksum, ICMP message
content (e.g. first 8 bytes of IP datagram causing error)

Some error conditions flagged by ICMP include: unreachable
host/network/port/protocol, need to fragment but can’t, TTL expired

*
ICMP types/codes
Type Code Description
0 0 echo reply (ping)
3 0 dest network unreachable
3 1 dest host unreachable
3 2 dest protocol unreachable
3 3 dest port unreachable
3 6 dest network unknown
3 7 dest host unknown
4 0 source quench (congestion
control - not used)
8 0 echo request (ping)
9 0 route advertisement
10 0 router discovery
11 0 TTL expired
12 0 bad IP header
*
ICMP & ping & traceroute

ping command uses ICMP (as does traceroute)

Sends ICMP echo request to a host and looks for ICMP echo reply

Used to measure RTT

Most implementations support ping directly in the kernel

Try to ping google.com from terminal window

*
ICMP router discovery

Can use ICMP to find routers

Broadcast an ICMP router solicitation request

Routers that hear respond with ICMP router advertisements

Advertisements contain the IP address(es) of available routers

*
ICMP route advertisement/redirect

ICMP can be used to tell a source host that it sent a packet through an
inefficient path

If router sends packet out the same interface and it is an inefficient route
(path), ICMP information could redirect it

Simple dynamic routing

*
Preventing ICMP “storms”

To avoid “broadcast storms” of ICMP messages, do not send an ICMP
message in response to:
➢ Datagram sent to special IP addresses (broadcast, multicast, loopback)
➢ Fragments other than the first
➢ Other ICMP error messages

*
IP PDU header: TTL

Time-to-live (TTL) field (8 bits):
➢ Initialized by sender and decremented at each hop
➢ If TTL reaches zero, packet is dropped

Limits total number of hops from source to destination (28-1 = 255)

Prevents things like infinite routing loops

Usually set to 32 or 64

*
References & attribution:
Original slides by Patrick F. Wilbur, 2024.

Other slides adapted from slides by Professor Yu Liu and Professor Jeanna Matthews.

In this file, slides marked * are heavily adapted or taken from slides by Professor Yu Liu and Professor Matthews.

Other references are depicted on individual slides themselves.