UNIT 3

Network Layer
The network layer is a part of the communication process in computer networks. Its main job
is to move data packets between different networks. It helps route these packets from the
sender to the receiver across multiple paths and networks. Network-to-network connections
enable the Internet to function. These connections happen at thenetwork layer which sends
data packets between different networks. In the 7-layer OSI model, the network layer is layer
3. The Internet Protocol (IP) is a key protocol used at this layer, along with other protocols
for routing, testing, and encryption.
Services Offered by Network Layer

The services which are offered by the network layer are as follows:
1. Assigning Logical Address
Logical addressing is the process of assigning unique IP addresses (IPv4 or IPv6) to devices
within a network. Unlike physical addresses (MAC addresses), logical addresses can change
based on network configurations. These addresses are hierarchical and help identify both the
network and the device within that network. Logical addressing is important for:
 Enabling communication between devices on different networks.
 Facilitating routing by providing location-based information.
2. Packetizing
The process of encapsulating the data received from the upper layers of the network (also
called payload) in a network layer packet at the source and decapsulating the payload from
the network layer packet at the destination is known as packetizing.

The source host adds a header that contains the source and destination address and some
other relevant information required by the network layer protocol to the payload received
from the upper layer protocol and delivers the packet to the data link layer.

The destination host receives the network layer packet from its data link layer, decapsulates
the packet, and delivers the payload to the corresponding upper layer protocol. The routers in
the path are not allowed to change either the source or the destination address. The routers in
the path are not allowed to decapsulate the packets they receive unless they need to be
fragmented.
3. Host-to-Host Delivery
The network layer ensures data is transferred from the source device (host) to the destination
device (host) across one or multiple networks. This involves:
 Determining the destination address.
 Ensuring that data is transmitted without duplication or corruption.
Host-to-host delivery is a foundational aspect of communication in large-scale,
interconnected systems like the internet.
4. Forwarding
Forwarding is the process of transferring packets between network devices such as routers,
which are responsible for directing the packets toward their destination. When a router
receives a packet from one of its attached networks, it needs to forward the packet to another
attached network (unicast routing) or to some attached networks (in the case of multicast
routing).The router uses:
 Routing tables: These tables store information about possible paths to different
networks.
  Forwarding decisions: Based on the destination IP address in the packet header.
Forwarding ensures that packets move closer to their destination efficiently.
5. Fragmentation and Reassembly of Packets
Some networks have a maximum transmission unit (MTU) that defines the largest packet
size they can handle. If a packet exceeds the MTU, the network layer:
 Fragments the packet into smaller pieces.
 Adds headers to each fragment for identification and sequencing. At the destination,
the fragments are reassembled into the original packet. This ensures compatibility
with networks of varying capabilities without data loss.
Read more about Fragmentation at Network Layer.
6. Logical Subnetting
Logical subnetting involves dividing a large IP network into smaller, more manageable sub-
networks (subnets). Subnetting helps:
 Improve network performance by reducing congestion.
 Enhance security by isolating parts of a network.
 Simplify network management and troubleshooting. Subnetting uses subnet masks to
define the range of IP addresses within each subnet, enabling efficient address
allocation and routing.
7. Network Address Translation (NAT)
NAT allows multiple devices in a private network to share a single public IP address for
internet access. This is achieved by:
 Translating private IP addresses to a public IP address for outbound traffic.
 Reversing the process for inbound traffic. Benefits of NAT include:
 Conserving IPv4 addresses by reducing the need for unique public IPs for each
device.
 Enhancing security by masking internal IP addresses from external networks.
8. Routing
Routing is the process of moving data from one device to another device. These are two other
services offered by the network layer. In a network, there are a number of routes available
from the source to the destination. The network layer specifies some strategies which find out
the best possible route. This process is referred to as routing. There are a number of routing
protocols that are used in this process and they should be run to help the routers coordinate
with each other and help in establishing communication throughout the network.
Advantages of Network Layer Services
 Packetization service in the network layer provides ease of transportation of the data
packets.
 Packetization also eliminates single points of failure in data communication systems.
 Routers present in the network layer reduce network traffic by creating collision and
broadcast domains.
 With the help of Forwarding, data packets are transferred from one place to another in
the network.
Disadvantages of Network Layer Services
 There is a lack of flow control in the design of the network layer.
 Congestion occurs sometimes due to the presence of too many datagrams in a network
that is beyond the capacity of the network or the routers. Due to this, some routers
may drop some of the datagrams, and some important pieces of information may be
lost.
 Although indirect error control is present in the network layer, there is a lack of
proper error control mechanisms as due to the presence of fragmented data packets,
error control becomes difficult to implement.
Point-to-point networks
A point-to-point (P2P) network is a direct, dedicated connection between two devices,
providing a secure and private link for data transmission, often used for applications requiring
high bandwidth and low latency.
Here's a more detailed explanation:
 Direct Connection:
P2P networks establish a direct link between two endpoints, unlike networks that involve
multiple devices or a central hub.
 Dedicated Bandwidth:
The entire capacity of the link is reserved for communication between the two devices,
ensuring high-speed and reliable data transfer.
 Security:
P2P connections are inherently more secure as data travels directly between the two devices,
minimizing the risk of interception or eavesdropping.
 Applications:
 Leased Lines: Connecting two locations with a dedicated, secure connection.
 Remote Access: Establishing secure connections for remote control,
monitoring, or data transfer.
 High-Bandwidth Applications: Supporting applications like video
conferencing, live data streams, or real-time collaboration.
 Data Center Interconnects: Facilitating high-speed data transfer and
synchronization between data centers.
 Protocols:
 Point-to-Point Protocol (PPP): A data link layer protocol used for establishing
connections over various physical media, such as phone lines or serial cables.
 Point-to-Point Protocol over Ethernet (PPPoE): An extension of PPP that
allows for establishing connections over Ethernet networks.
 Examples:
 Connecting a remote computer to a home network.
 Establishing a dedicated connection between two branches of a company.
 Using a wireless bridge to connect two buildings.
 Advantages:
 Security: Data travels directly between two endpoints, minimizing the risk of
interception.
  Reliability: Dedicated bandwidth ensures consistent and reliable data transfer.
 High Bandwidth: Ideal for applications requiring high-speed data transfer.
 Disadvantages:
 Cost: P2P connections can be expensive to set up and maintain.
 Scalability: Difficult to scale beyond two endpoints.
 Fault Tolerance: A single point of failure can disrupt the entire connection

Logical addressing- Logical address also referred to as IP (Internet Protocol) address is

an universal addressing system. It is used in the Network layer. This address facilitates
universal communication that are not dependent on the underlying physical networks. There
are two types of IP addresses - IPv4 and IPv6.
The size of IPv4 is 32 bits. For example ,
192 : 180 : 210 where, 1 octant = 8 bits.
The size of IPv6 is 128 bits. For example ,
1C18 : 1B32 : C450 : 62A5 : 34DC : AE24 : 15BC : 6A5D where , 1 octant = 16 bits.
Below is a diagram representing the working mechanism of Logical address:

Mechanism of Logical Address

In the above diagram , we can see that there are two networks - Network 1 and Network 2.
A1 is the sender and there are two receivers - D1 and D2. In case of logical address, receiver
D1 as well as D2 receives the data. This is because logical address can be passed in different
networks. The purpose of using logical address is to send the data across networks.
Advantages
  Logical address can be used in different networks because they can traverse
through routers.
 They can handle a number devices and networks. Even if the number of devices and
network increases, the logical address is able to handle all them very easily. Thus,
they are highly scalable.
Disadvantages
 Internet Protocol is vulnerable to attacks such as hacking, phishing etc. and there can
be data loss.
 It lacks privacy. The data which is moving through the packets can be intercepted,
traced and monitored by unauthorized entities.

What is a Physical Address?

The physical address is also known as the MAC (Media Access Control) address or link address.
It is the address of a node which is defined by its LAN or WAN. It is used by the data link layer
and is the lowest level of addresses. MAC address is the unique address of a device. The size of
a physical address is 48 bits (6 bytes). Below is the format for representing a physical address:
XX : XX : XX : YY : YY : YY, where 1 octant = 8 bits.
Example:
16 : 1A : BB : 6F : 90 : E5
The first 24 bits of a MAC address XX : XX: XX is decided by OUI (Organizationally Unique
Identifier). It represents the identity of the manufacturer. The next 24 bits of a MAC address YY
: YY : YY represents the unique identity of the device. It is assigned by the manufacturer. They
represent NIC (Network Interface Card).
Below is a diagram representing the working mechanism of a physical address:

M
echanism of Physical Address
In the above diagram, we can see that there are two networks - Network 1 and Network 2. A1 is
the sender and there are two receivers - D1 and D2. In case of physical address, receiver D1
receives the data but receiver D2 is unable to receive data. This is because receiver D2 does not
belong to the same network as the sender A1 belongs to. Physical address can only be passed in
the same network and not in different networks. The purpose of using Physical address is to
identify devices in the same network.
Advantages
 Physical address can uniquely identify devices and deliver data packets accurately.
 We can restrict access to any network by allowing only those devices which have the
authorized MAC addresses to connect. Thus, it can also be used for network security.
Disadvantages
 MAC addresses can be easily spoofed. Thus, the devices can easily gain unauthorized
access to a network.
 As physical addresses cannot traverse through the routers therefore they can only be
used in local networks and not between different networks.

Basic internetworking-
Internetworking is combined of 2 words, inter and networking which implies an association
between totally different nodes or segments. This connection area unit is established through
intercessor devices akin to routers or gateway. The first term for associate degree
internetwork was catenet. This interconnection is often among or between public, private,
commercial, industrial, or governmental networks. Thus, associate degree internetwork could
be an assortment of individual networks, connected by intermediate networking devices, that
function as one giant network. Internetworking refers to the trade, products, and procedures
that meet the challenge of making and administering internet works.
To enable communication, every individual network node or phase is designed with a similar
protocol or communication logic, that is Transfer Control Protocol (TCP) or Internet Protocol
(IP). Once a network communicates with another network having constant communication
procedures, it’s called Internetworking. Internetworking was designed to resolve the matter of
delivering a packet of information through many links.
There is a minute difference between extending the network and Internetworking. Merely
exploitation of either a switch or a hub to attach 2 local area networks is an extension of LAN
whereas connecting them via the router is an associate degree example of Internetworking.
Internetworking is enforced in Layer three (Network Layer) of the OSI-ISO model. The
foremost notable example of internetworking is the Internet.
There is chiefly 3 units of Internetworking:
1. Extranet
2. Intranet
3. Internet
Intranets and extranets might or might not have connections to the net. If there is a
connection to the net, the computer network or extranet area unit is usually shielded from
being accessed from the net if it is not authorized. The net isn’t thought-about to be a section
of the computer network or extranet, though it should function as a portal for access to parts
of the associate degree extranet.
1. Extranet – It’s a network of the internetwork that’s restricted in scope to one
organization or entity however that additionally has restricted connections to the
networks of one or a lot of different sometimes, however not essential. It’s the very
lowest level of Internetworking, usually enforced in an exceedingly personal area.
Associate degree extranet may additionally be classified as a Man, WAN, or different
form of network however it cannot encompass one local area network i.e. it should
have a minimum of one reference to associate degree external network.
2. Intranet – This associate degree computer network could be a set of interconnected
networks, which exploits the Internet Protocol and uses IP-based tools akin to web
browsers and FTP tools, that are underneath the management of one body entity. That
body entity closes the computer network to the remainder of the planet and permits
solely specific users. Most typically, this network is the internal network of a
corporation or different enterprise. An outsized computer network can usually have its
own internet server to supply users with browsable data.
3. Internet – A selected Internetworking, consisting of a worldwide interconnection of
governmental, academic, public, and personal networks based mostly upon the
Advanced analysis comes Agency Network (ARPANET) developed by ARPA of the
U.S. Department of Defense additionally home to the World Wide Web (WWW) and
cited as the ‘Internet’ to differentiate from all different generic Internetworks.
Participants within the web, or their service suppliers, use IP Addresses obtained from
address registries that manage assignments.

Internetworking involves connecting multiple networks to enable seamless communication.

The Internet Protocol (IP) and other networking protocols like CIDR, ARP, RARP, DHCP,
and ICMP play crucial roles in this process. Let's explore each in detail.

1. Internet Protocol (IP)

IP is the primary protocol of the Internet that enables addressing and routing of data packets
across networks.

Features of IP:
✔ Logical Addressing: Each device gets a unique IP address.
✔ Connectionless Protocol: IP does not establish a connection before sending data.
✔ Best-Effort Delivery: IP does not guarantee packet delivery (handled by TCP if needed).
✔ Fragmentation & Reassembly: Splits large packets into smaller ones for transmission.

Types of IP Addresses:
IPv4 (Internet Protocol Version 4)

32-bit address (e.g., 192.168.1.1)

Supports ~4.3 billion addresses

Written in dot-decimal format: A.B.C.D (each section is 8 bits)

Example: 192.168.10.5

IPv6 (Internet Protocol Version 6)

128-bit address (e.g., 2001:0db8::1)

Supports ~340 undecillion addresses

Written in hexadecimal notation

Example: 2001:0db8:85a3::8a2e:0370:7334

IP Addressing Methods:
Static IP: Manually assigned, does not change.

Dynamic IP: Assigned by DHCP, can change periodically.

Private IP: Used within local networks (e.g., 192.168.x.x, 10.x.x.x).

Public IP: Used for Internet communication, globally unique.

2. Classless Inter-Domain Routing (CIDR)

CIDR is a method for allocating and routing IP addresses efficiently by using subnet masks
instead of traditional class-based addressing.

Why CIDR?
Reduces IP address wastage

Improves routing efficiency

Allows flexible subnetting

CIDR Notation Example:

192.168.1.0/24

/24 means the first 24 bits represent the network.

Remaining 8 bits are for hosts.

CIDR Subnet Mask Table:
CIDR Subnet Mask Hosts per Subnet
/8 255.0.0.0 16,777,214
/16 255.255.0.0 65,534
/24 255.255.255.0 254
/30 255.255.255.252 2

🔹 Example Calculation:

192.168.1.0/28

Subnet Mask: 255.255.255.240

Hosts per subnet: 2⁴ - 2 = 14 usable hosts

3. Address Resolution Protocol (ARP)

ARP is used to map an IP address to a MAC (Media Access Control) address within a local
network.

How ARP Works:

A device sends an ARP request: "Who has IP 192.168.1.10? Tell me your MAC address."

The target device responds with an ARP reply, providing its MAC address.

The sender updates its ARP cache for future reference.

ARP Table Example:

IP Address MAC Address

192.168.1.10 00:1A:2B:3C:4D:5E
192.168.1.20 00:1B:2C:3D:4E:5F

Command to View ARP Table:

arp -a

4. Reverse Address Resolution Protocol (RARP)

RARP is the reverse of ARP. It helps a device obtain its IP address when it only knows its
MAC address.

How RARP Works:

A device sends a RARP request: "I have MAC 00:1A:2B:3C:4D:5E, what is my IP?"

A RARP server responds with the correct IP address.

🔹 Used by diskless computers that do not store an IP address locally.

5. Dynamic Host Configuration Protocol (DHCP)

DHCP is used to dynamically assign IP addresses to devices on a network.

DHCP Process:
Discovery: The client sends a broadcast message to find a DHCP server.

Offer: The DHCP server responds with an available IP address.

Request: The client requests to lease the offered IP.

Acknowledge: The server assigns the IP address to the client.

Advantages of DHCP:
✔ Automates IP assignment
✔ Reduces manual configuration errors
✔ Centralized management of IPs

🔹 Command to Check Assigned IP:

ipconfig /all (Windows)
ifconfig (Linux/Mac)

6. Internet Control Message Protocol (ICMP)

ICMP is used for network diagnostics and error reporting.

Common ICMP Messages:

Echo Request & Echo Reply: Used by ping to check network connectivity.

Destination Unreachable: Sent when a device cannot reach the destination.

Time Exceeded: Used in traceroute to detect delays.

Example: Using Ping Command

ping 8.8.8.8
This sends ICMP packets to Google’s DNS server to check connectivity.

Summary Table of Internetworking Concepts

Protocol Purpose
IP Provides unique addressing & routing
CIDR Efficient IP address allocation & subnetting
ARP Resolves IP to MAC address
RARP Resolves MAC to IP address
DHCP Dynamically assigns IP addresses
ICMP Network diagnostics & error reporting

Internetworking protocols ensure smooth communication between different networks.

IP & CIDR manage addressing and routing.

ARP & RARP resolve addresses.

DHCP dynamically assigns IPs.

ICMP helps diagnose network issues.

Routing-
The process of choosing a path across one or more networks is known as Network Routing.
Nowadays, individuals are more connected on the internet and hence, the need to use Routing
Communication is essential.
Routing chooses the routes along which Internet Protocol (IP) packets get from their source
to their destination in packet-switching networks. This article will discuss the details of the
Routing Process along with its different types and working principles.
What is a Router?
Routers are specialized pieces of network hardware that make these judgments about Internet
routing. It is a networking device that forwards data packets between computer networks.
Also, it helps to direct traffic based on the destination IP address. It ensures that data reaches
its intended destination.
As the router connects different networks, it manages data traffic between them. The Router
operates at Layer 3 (the network layer) of the OSI Model. It is also responsible for
determining the best path for data to travel from one network to another.
What is Routing?
Routing refers to the process of directing a data packet from one node to another. It is an
autonomous process handled by the network devices to direct a data packet to its intended
destination. Note that, the node here refers to a network device called - 'Router'.
Routing is a crucial mechanism that transmits data from one location to another across a
network (Network type could be any like LAN, WAN, or MAN). The process of routing
involves making various routing decisions to ensure reliable & efficient delivery of the data
packet by finding the shortest path using various routing metrics which we will be discussing
in this article.
Routing of a data packet is done by analyzing the destination IP Address of the packet. Look
at the below image:

Routing of packets
 The Source Node (Sender) sends the data packet on the network, embedding the IP in
the header of the data packet.
 The nearest router receives the data packet, and based on some metrics, further routes
the data packet to other routers.
 Step 2 occurs recursively till the data packet reaches its intended destination.
Note: There are limits to how many hop counts a packet can do if it is exceeded, the packet is
considered to be lost.
What are Different Types of Routing?
Routing is typically of 3 types, each serving its purpose and offering different functionalities.
1. Static Routing
Static routing is also called as "non-adaptive routing". In this, routing configuration is done
manually by the network administrator. Let's say for example, we have 5 different routes to
transmit data from one node to another, so the network administrator will have to manually
enter the routing information by assessing all the routes.
 A network administrator has full control over the network, routing the data packets to
their concerned destinations
 Routers will route packets to the destination configured manually by the network
administrator.
 Although this type of routing gives fine-grained control over the routes, it may not be
suitable for large-scale enterprise networks.
2. Dynamic Routing
Dynamic Routing is another type of routing in which routing is an autonomous procedure
without any human intervention. Packets are transmitted over a network using various
shortest-path algorithms and pre-determined metrics. This type of routing is majorly preferred
in modern networks as it offers more flexibility and versatile functionality.
 It is also known as adaptive routing.
 In this, the router adds new routes to the routing table based on any changes made in
the topology of the network.
 The autonomous procedure of routing helps in automating every routing operation
from adding to removing a route upon updates or any changes made to the network.
3. Default Routing
Default Routing is a routing technique in which a router is configured to transmit packets to a
default route that is, a gateway or next-hop device if no specific path is defined or found. It is
commonly used when the network has a single exit point. The IP Router has the following
address as the default route: 0.0.0.0/0.
What is the Working Principle of Routing?
Routing works by finding the shortest path from the source node to the destination node
across a network. Here's the step-by-step working of routing:
Step 1: Communication initiation
The first step that typically happens is, one node (client or server) initiates a communication
across a network using HTTP protocols.
Step 2: Data Packets
The source device now breaks a big chunk of information into small data packets for reliable
and efficient transmission. This process is called de-assembling and encapsulating the data
payload. Then each data packet is labeled with the destination node's IP address.
Step 3: Routing Table
The Routing table is a logical data structure used to store the IP addresses and relevant
information regarding the nearest routers. The source node then looks up the IP addresses of
all the nodes that can transmit the packet to its destination selects the shortest path using the
shortest path algorithm and then routes accordingly.
The Routing Table is stored in a router, a network device that determines the shortest path
and routes the data packet.
Step 4: Hopping procedure
In the procedure or routing, the data packet will undergo many hops across various nodes in a
network till it reaches its final destination node. Hop count is defined as the number of nodes
required to traverse through to finally reach the intended destination node.
This hopping procedure has certain criteria defined for every data packet, there's a limited
number of hops a packet can take if the packet exceeds that, then it's considered to be lost and
is retransmitted.
Step 5: Reaching the destination node
Once all the data packets reach their intended destination node, they re-assemble and
transform into complete information that was sent by the sender (source node). The receiver
will perform various error-checking mechanisms to verify the authenticity of the data
packets.
Overall, the data packet will be transmitted over the least hop-count path as well as the path
on which there is less traffic to prevent packet loss.

Working of Routing
In the above image, we have 3 major components
 Sender
 Receiver
 Routers
The shortest path is highlighted in red, the path with the least hop count. As we can see, there
are multiple paths from source to node but if all the appropriate metrics are satisfied, the data
packets will be transmitted through the shortest path (highlighted in red).
What are the Main Routing Protocols?
 RIP (Routing Information Protocol): It is a distance-vector protocol that uses hop
count as a metric.
 OSPF (Open Shortest Path First): OSPF is a link-state protocol that finds the
shortest path using the Dijkstra algorithm.
 EIGRP (Enhanced Interior Gateway Routing Protocol): It is a hybrid protocol that
combines features of distance-vector and link-state.
 BGP (Border Gateway Protocol): It is a path-vector protocol that is used for routing
between different autonomous systems on the internet.
  IS-IS (Intermediate System to Intermediate System): It is a link-state protocol that
is primarily used in large networks like ISPs.
What are Different Routing Metrics?
The purpose of routing protocols is to learn about all the available paths to route data packets,
build routing tables, and make routing decisions based on specified metrics. There are two
primary types of routing protocols rest of them ideate from these two only.
1. Distance Vector Routing
In this type of routing protocol, all the nodes that are a part of the network advertise their
routing table to their adjacent nodes (nodes that are directly connected) at regular intervals.
With each router getting updated at regular intervals, it may take time for all the nodes to
have the same accurate network view.
 Uses fixed length sub-net, not suitable for scaling.
 Algorithm used: Bellman Ford Algorithm to find the shortest path.
2. Link State Routing
Link State Routing is another type of dynamic routing protocol in which routes advertise their
updated routing tables only when some new updates are added. This results in the effective
use of bandwidth. All the routers keep exchanging information dynamically regarding
different links such as cost and hop count to find the best possible path.
 Uses a variable length subnet mask, which is scalable and uses addressing more
effectively.
 The algorithm used: Dijkstra's Algorithm to find the shortest path.
Let's look at the metrics used to measure the cost of travel from one node to another:-
1. Hop Count: Hop count refers to the number of nodes a data packet has to traverse to
reach its intended destination. Transmitting from one node to another node counts as 1
- hop count. The goal is to minimize the hop count and find the shortest path.
2. Bandwidth Consumption: Bandwidth is the ability of a network to transmit data
typically measured in Kbps (Kilobits per second), Mbps (Megabits per second),
or Gbps (Gigabits per second). The bandwidth depends on several factors such as -
the volume of data, traffic on a network, network speed, etc. Routing decision is made
in a way to ensure efficient bandwidth consumption.
3. Delay: Delay is the time it takes for a data packet to travel from the source node to its
destination node. There are different types of delay such as - propagation delay,
transmission delay, and queuing delay.
4. Load: Load refers to the network traffic on a certain path in the context of routing. A
data packet will be routed to the path with a lesser load so that it reaches its
destination in the specified time.
5. Reliability: Reliability refers to the assured delivery of the data packet to its intended
destination although there are certain other factors, the data packet is routed in such a
way that it reaches its destination. The stability and availability of the link in the
network are looked over before routing the data packet from a specific path.
What are the Advantages of Routing?
 Overall routing can be done in various ways its important to know the requirements
and use the one that fits right for our specific needs, hence automated routing is
typically preferred as the routing of packets is done by the algorithms defined and the
manually configurable routing can give us a fine-grained control over the network.
 Routing is a highly scalable operation for transmitting data that is, in a large-scale
enterprise network it becomes crucial to manage information related to all the nodes
that may be sharing sensitive and confidential information regarding the organization.
  Load Balancing is also one of the crucial aspects taken care of by routing data packets
off the routes that are generally busy as sending data through those routes will only
put our data at risk of getting lost.

What are the Disadvantages of Routing?

Every type of routing comes with some pros and cons here are some of the disadvantages for
specific types of routing :
 Static Routing: This type of routing is appropriate only for smaller networks where
the network administrator has an accurate view of the network & good knowledge of
topology else it might raise some security concerns and complex configuration issues.
 Dynamic Routing: Everything is done automatically by the algorithms, providing less
control over the network that may not be suitable for every kind of network. It is also
computationally expensive and consumes more bandwidth.
 Default Routing: The path on which the packets are to be transmitted by default is
configurable but can be a complex procedure if not defined clearly.

The process of packet forwarding simply implies the forwarding of incoming packets to their
intended destination.
 Internet is made up of generally two terms- Interconnection and Network. So, it is a
connection to a large collection of networks. A packet that is to be forwarded may be
associated with the same network as the source host or may belong to a destination
host in a different network. Thus, it depends on the destination how much a packet
may need to travel before arriving at its destination.
 The router is responsible for the process of packet forwarding. It accepts the packet
from the origin host or another router in the packet’s path and places it on the route
leading to the target host.
 The routing table is maintained by the router which is used for deciding the packet
forwarding.
Packet Forwarding in Router:
Routers are used on the network for forwarding a packet from the local network to the remote
network. So, the process of routing involves the packet forwarding from an entry interface out to
an exit interface.
Working:
The following steps are included in the packet forwarding in the router-
 The router takes the arriving packet from an entry interface and then forwards that
packet to another interface.
 The router needs to select the best possible interface for the packet to reach the
intended destination as there exist multiple interfaces in the router.
 The forwarding decision is made by the router based on routing table entries. The
entries in the routing table comprise destination networks and exit interfaces to which
the packet is to be forwarded.
 The selection of exit interface relies on- firstly, the interface must lead to the target
network to which the packet is intended to send, and secondly, it must be the best
possible path leading to the destination network.
Packet Forwarding Techniques:
Following are the packet forwarding techniques based on the destination host:
 Next-Hop Method: By only maintaining the details of the next hop or next router in
the packet’s path, the next-hop approach reduces the size of the routing table. The
routing table maintained using this method does not have the information regarding
the whole route that the packet must take.
 Network-Specific Method: In this method, the entries are not made for all of the
destination hosts in the router’s network. Rather, the entry is made of the destination
networks that are connected to the router.
 Host-Specific Method: In this method, the routing table has the entries for all of the
destination hosts in the destination network. With the increase in the size of the
routing table, the efficiency of the routing table decreases. It finds its application in
the process of verification of route and security purposes.
 Default Method: Let’s assume- A host in network N1 is connected to two routers,
one of which (router R1) is connected to network N2 and the other router R2 to the
rest of the internet. As a result, the routing table only has one default entry for the
router R2.

In computer networks, "delivery" refers to the process of a packet being handled by the
underlying network to reach its destination, encompassing methods like direct and indirect
delivery, and routing techniques like static and dynamic routing.
Methods of Delivery:
 Direct Delivery: Occurs when the source and destination are on the same physical
network, or when the delivery is between the last router and the destination host.
 Indirect Delivery: Involves multiple hops or routers to reach the destination.
Routing Techniques:
 Static Routing: Routes are manually configured and do not adapt to network
changes.
 Dynamic Routing: Routes are automatically updated based on network conditions,
using protocols like RIP, OSPF, or BGP.
 Anycast: A routing method that groups multiple routing paths to a collection of
endpoints and assigns them the same IP address.
What is Static Routing?
Static Routing is also known as non-adaptive routing which doesn’t change the routing table
unless the network administrator changes or modifies them manually. Static routing does not
use complex routing algorithms and It provides higher or more security than dynamic
routing.

Advantages of Static Routing

 No routing overhead for the router CPU which means a cheaper router can be used to
do routing.
 It adds security because only an only administrator can allow routing to particular
networks only.
 No bandwidth usage between routers.
Disadvantage of Static Routing
 For a large network, it is a hectic task for administrators to manually add each route
for the network in the routing table on each router.
 The administrator should have good knowledge of the topology. If a new
administrator comes, then he has to manually add each route so he should have very
good knowledge of the routes of the topology.
What is Dynamic Routing?
Dynamic routing is also known as adaptive routing which changes the routing table
according to the change in topology. Dynamic routing uses complex routing algorithms and it
does not provide high security like static routing. When the network change(topology)
occurs, it sends the message to the router to ensure that changes then the routes are
recalculated for sending updated routing information.

Advantages of Dynamic Routing

 Easy to configure.
 More effective at selecting the best route to a destination remote network and also for
discovering remote networks.
Disadvantage of Dynamic Routing
 Consumes more bandwidth for communicating with other neighbors.
 Less secure than static routing.

Difference between Static and Dynamic Routing

Static routing and dynamic routing are two fundamental concepts in network
communication. Static routing uses preconfigured paths, while dynamic routing automatically
adjusts paths based on current network conditions.

Key Static Routing Dynamic Routing

In static routing, user-defined

In dynamic routing, routes are updated
Routing pattern routes are used in the routing
as per the changes in network.
table.

Routing No complex algorithm used to Dynamic routing employs complex

Algorithm figure out the shortest path. algorithms to find the shortest routes.

Security Static routing provides higher Dynamic routing is less secure.

 security.

Static routing is a manual Dynamic routing is an automatic

Automation
process. process.

Static routing is used in smaller Dynamic routing is implemented in

Applicability
networks. large networks.

Static routing may not follow any Dynamic routing follows protocols like
Protocols
specific protocol. BGP, RIP and EIGRP.

Additional Static routing does not require Dynamic routing requires additional
Resources any additional resources. resources like memory, bandwidth etc.

Routing is a procedure of making decisions in which the router (which is a hardware device
used in networking to receive and send data in the form of packets on a network) selects the
best path to make data transfer from source to destination. A router exists in the network
layer in the OSI as well as TCP/IP model. Some functions of a router are:
1. Building an optimal path on a network to reach its destination (in which static and
dynamic routing take place).
2. Taking routing decisions.
3. Balancing load.
Types of Routing:
1. Static routing
2. Default routing
3. Dynamic routing
Static and Default routing has some drawbacks, due to which Dynamic Routing was
introduced.
Drawbacks of Static Routing:
 It is a burdensome task to sum up or add-on each route manually to the routing map in
a large network.
 Managing its ordering is time-consuming.
 It cannot reroute traffic in case some link fails.
Drawbacks of Default routing was:
 If the network is complex then it is more difficult to set up.
To overcome the shortcomings of static and default routing, Back in the 1980s, the first-ever
Dynamic routing was used in a computer and the protocol which was used in it was the
RIP(routing information protocol).

Dynamic Routing
Dynamic routing is known as a technique of finding the best path for the data to travel over
a network in this process a router can transmit data through various different routes and reach
its destination on the basis of conditions at that time of communication circuits.
Dynamic Routing
Dynamic routers are smart enough to take the best path for data based on the condition of the
present scenario at that time of the network. In case one section fails in the network to
transfer data forward dynamic router will use its algorithm (in which they use routing
protocols to gather and share information of the current path among them) and it will re-route
the previous network over another network in real-time. And this amazing capability and
functionality to change paths in real-time over the network by sharing status among them is
the key functionality of Dynamic Routing. OSPF (open shortest path first) and RIP are some
protocols used for dynamic routing.
In the image above the upper image depicts the path R1->R2->R5->R9->R10 to take data
from R1 (source) to R10 (destination) but, then due to some reason R9 fails to process its
work then it dynamically builds a new path which is R1->R2->R5->R8->R10.
Unlike the static routers in which the admin was there to reconfigure the change in the router,
here it itself changes the route and finds the best network/path.
Working of Dynamic Routing
Working of Dynamic Routing
First, A routing protocol (a protocol that states how the information is going to share
between routers and how are they going to communicate with each other to share/distribute
information between nodes on a network) must be installed in each router in the network to
share information among each other.
Second, it is started manually to go to the first routing table of the router with router
information, and then after that it goes on automatically with the help of a dynamic routing
algorithm and dynamically forms the routing table for the rest of the routers in the network.
Third, then the routing information is exchanged among the routers so in case if the network
goes down or the router fails to work and share information with its connected routers then
the routing table of each router is modified correctly to that present condition so that it never
fails to deliver information to the destination.
Fourth, hosts are present to check or match the default gateway address to the IP addresses
of the local router.
Purpose
Dynamic protocols were introduced to:
1. Explore every single path and choose the best path.
2. Sharing of information about the network with each other router present in the
network.
3. Updating the path on its own and rerouting the best possible path.
Components
There are three main components that were used in dynamic routing:
1. Data structure ( to structure information )
2. Algorithm ( to construct or re-update path )
3. The routing protocol ( to share information about the network )
Advantages
 1. Beneficial in Performance as well as scalable networking with a high frequency of
data on nodes.
2. Makes fewer mistakes as it reroutes itself compared to other routing protocols.
3. No need to be manually configured by the admin.
4. Shares information about the network with each other makes them more reliable to
work efficiently.
Disadvantages
1. Requires more heavy and reliable powerful hardware.
2. Higher maintenance compared to static protocol

Routing algorithms and protocols-

Routing is the process of establishing the routes that data packets must follow to reach the
destination. In this process, a routing table is created which contains information regarding
routes that data packets follow. Various routing algorithms are used for the purpose of
deciding which route an incoming data packet needs to be transmitted on to reach the
destination efficiently.
Classification of Routing Algorithms
The routing algorithms can be classified as follows:
1. Adaptive Algorithms
2. Non-Adaptive Algorithms
3. Hybrid Algorithms

Types of Routing Algorithm

Routing algorithms can be classified into various types such as distance vector, link state, and
hybrid routing algorithms. Each has its own strengths and weaknesses depending on the
network structure.
1. Adaptive Algorithms
These are the algorithms that change their routing decisions whenever network topology or
traffic load changes. The changes in routing decisions are reflected in the topology as well as
the traffic of the network. Also known as dynamic routing, these make use of dynamic
information such as current topology, load, delay, etc. to select routes. Optimization
parameters are distance, number of hops, and estimated transit time.
Further, these are classified as follows:
  Isolated: In this method each, node makes its routing decisions using the information
it has without seeking information from other nodes. The sending nodes don’t have
information about the status of a particular link. The disadvantage is that packets may
be sent through a congested network which may result in delay. Examples: Hot potato
routing, and backward learning.
 Centralized: In this method, a centralized node has entire information about the
network and makes all the routing decisions. The advantage of this is only one node is
required to keep the information of the entire network and the disadvantage is that if
the central node goes down the entire network is done. The link state algorithm is
referred to as a centralized algorithm since it is aware of the cost of each link in the
network.
 Distributed: In this method, the node receives information from its neighbors and
then takes the decision about routing the packets. A disadvantage is that the packet
may be delayed if there is a change in between intervals in which it receives
information and sends packets. It is also known as a decentralized algorithm as it
computes the least-cost path between source and destination.
2. Non-Adaptive Algorithms
These are the algorithms that do not change their routing decisions once they have been
selected. This is also known as static routing as a route to be taken is computed in advance
and downloaded to routers when a router is booted.
Further, these are classified as follows:
 Flooding: This adapts the technique in which every incoming packet is sent on every
outgoing line except from which it arrived. One problem with this is that packets may
go in a loop and as a result of which a node may receive duplicate packets. These
problems can be overcome with the help of sequence numbers, hop count, and
spanning trees.
 Random walk: In this method, packets are sent host by host or node by node to one
of its neighbors randomly. This is a highly robust method that is usually implemented
by sending packets onto the link which is least queued.
Random Walk
3. Hybrid Algorithms
As the name suggests, these algorithms are a combination of both adaptive and non-adaptive
algorithms. In this approach, the network is divided into several regions, and each region uses
a different algorithm.
Further, these are classified as follows:
 Link-state: In this method, each router creates a detailed and complete map of the
network which is then shared with all other routers. This allows for more accurate and
efficient routing decisions to be made.
 Distance vector: In this method, each router maintains a table that contains
information about the distance and direction to every other node in the network. This
table is then shared with other routers in the network. The disadvantage of this
method is that it may lead to routing loops.
Difference between Adaptive and Non-Adaptive Routing Algorithms
The main difference between Adaptive and Non-Adaptive Algorithms is:
Adaptive Algorithms are the algorithms that change their routing decisions whenever
network topology or traffic load changes. It is called Dynamic Routing. Adaptive Algorithm
is used in a large amount of data, highly complex network, and rerouting of data.
Non-Adaptive Algorithms are algorithms that do not change their routing decisions once they
have been selected. It is also called static Routing. Non-Adaptive Algorithm is used in case of
a small amount of data and a less complex network.

For more differences, you can refer to Differences between Adaptive and Non-Adaptive
Routing Algorithms.
Types of Routing Protocol in Computer Networks
1. Routing information protocol (RIP)
One of the earliest protocols developed is the inner gateway protocol, or RIP. we can use it
with local area networks (LANs), that are linked computers in a short range, or wide area
networks (WANs), which are telecom networks that cover a big range. Hop counts are used
by the Routing Information Protocol (RIP) to calculate the shortest path between networks.
2. Interior gateway protocol (IGRP)
IGRP was developed by the multinational technology corporation Cisco. It makes use of
many of the core features of RIP but raises the maximum number of supported hops to 100. It
might therefore function better on larger networks. IGRPs are elegant and distance-vector
protocols. In order to work, IGRP requires comparisons across indicators such as load,
reliability, and network capacity. Additionally, this kind updates automatically when things
change, such as the route. This aids in the prevention of routing loops, which are mistakes
that result in an unending data transfer cycle.
3. Exterior Gateway Protocol (EGP)
Exterior gateway protocols, such as EGP, are helpful for transferring data or information
between several gateway hosts in autonomous systems. In particular, it aids in giving routers
the room they need to exchange data between domains, such as the internet.
4. Enhanced interior gateway routing protocol (EIGRP)
This kind is categorised as a classless protocol, inner gateway, and distance vector routing. In
order to maximise efficiency, it makes use of the diffusing update method and the dependable
transport protocol. A router can use the tables of other routers to obtain information and store
it for later use. Every router communicates with its neighbour when something changes so
that everyone is aware of which data paths are active. It stops routers from
miscommunicating with one another. The only external gateway protocol is called Border
Gateway Protocol (BGP).
5. Open shortest path first (OSPF)
OSPF is an inner gateway, link state, and classless protocol that makes use of the shortest
path first (SPF) algorithm to guarantee effective data transfer. Multiple databases containing
topology tables and details about the network as a whole are maintained by it. The ads, which
resemble reports, provide thorough explanations of the path’s length and potential resource
requirements. When topology changes, OSPF recalculates paths using the Dijkstra algorithm.
In order to guarantee that its data is safe from modifications or network intrusions, it also
employs authentication procedures. Using OSPF can be advantageous for both large and
small network organisations because to its scalability features.
6. Border gateway protocol (BGP)
Another kind of outer gateway protocol that was first created to take the role of EGP is called
BGP. It is also a distance vector protocol since it performs data package transfers using the
best path selection technique. BGP defines communication over the internet. The internet is a
vast network of interconnected autonomous systems. Every autonomous system has
autonomous system number (ASN) that it receives by registering with the Internet Assigned
Numbers Authority.

Difference between Routing and Flooding

Congestion control algorithms -

Congestion in a computer network happens when there is too much data being sent at the
same time, causing the network to slow down. Just like traffic congestion on a busy road,
network congestion leads to delays and sometimes data loss. When the network can’t handle
all the incoming data, it gets “clogged,” making it difficult for information to travel smoothly
from one place to another.
Congestion control is a crucial concept in computer networks. It refers to the methods used to
prevent network overload and ensure smooth data flow.Congestion control techniques help
manage the traffic, so all users can enjoy a stable and efficient network connection. These
techniques are essential for maintaining the performance and reliability of modern networks.
Effects of Congestion Control
 Improved Network Stability: Congestion control helps keep the network stable by
preventing it from getting overloaded. It manages the flow of data so the network
doesn’t crash or fail due to too much traffic.
  Reduced Latency and Packet Loss: Without congestion control, data transmission can
slow down, causing delays and data loss. Congestion control helps manage traffic
better, reducing these delays and ensuring fewer data packets are lost, making data
transfer faster and the network more responsive.
 Enhanced Throughput: By avoiding congestion, the network can use its resources
more effectively. This means more data can be sent in a shorter time, which is
important for handling large amounts of data and supporting high-speed applications.
 Fairness in Resource Allocation: Congestion control ensures that network resources
are shared fairly among users. No single user or application can take up all
the bandwidth, allowing everyone to have a fair share.
 Better User Experience: When data flows smoothly and quickly, users have a better
experience. Websites, online services, and applications work more reliably and
without annoying delays.
 Mitigation of Network Congestion Collapse: Without congestion control, a sudden
spike in data traffic can overwhelm the network, causing severe congestion and
making it almost unusable. Congestion control helps prevent this by managing traffic
efficiently and avoiding such critical breakdowns.
Congestion Control Algorithm
Congestion Control is a mechanism that controls the entry of data packets into the network,
enabling a better use of a shared network infrastructure and avoiding congestive
collapse. Congestive-avoidance algorithms (CAA) are implemented at the TCP layer as the
mechanism to avoid congestive collapse in a network.There are two congestion control
algorithms which are as follows:
Leaky Bucket Algorithm
 The leaky bucket algorithm discovers its use in the context of network traffic shaping
or rate-limiting.
 A leaky bucket execution and a token bucket execution are predominantly used for
traffic shaping algorithms.
 This algorithm is used to control the rate at which traffic is sent to the network and
shape the burst traffic to a steady traffic stream.
 The disadvantages compared with the leaky-bucket algorithm are the inefficient use
of available network resources.
 The large area of network resources such as bandwidth is not being used effectively.
Let us consider an example to understand. Imagine a bucket with a small hole in the bottom.
No matter at what rate water enters the bucket, the outflow is at constant rate. When the
bucket is full with water additional water entering spills over the sides and is lost.
Leaky Bucket
Similarly, each network interface contains a leaky bucket and the following steps are
involved in leaky bucket algorithm:
 When host wants to send packet, packet is thrown into the bucket.
 The bucket leaks at a constant rate, meaning the network interface transmits packets at
a constant rate.
 Bursty traffic is converted to a uniform traffic by the leaky bucket.
 In practice the bucket is a finite queue that outputs at a finite rate.
Read in detail about Leaky Bucket Algorithm
Token Bucket Algorithm
 The leaky bucket algorithm has a rigid output design at an average rate independent of
the bursty traffic.
 In some applications, when large bursts arrive, the output is allowed to speed up. This
calls for a more flexible algorithm, preferably one that never loses information.
Therefore, a token bucket algorithm finds its uses in network traffic shaping or rate-
limiting.
 It is a control algorithm that indicates when traffic should be sent. This order comes
based on the display of tokens in the bucket.
 The bucket contains tokens. Each of the tokens defines a packet of predetermined
size. Tokens in the bucket are deleted for the ability to share a packet.
 When tokens are shown, a flow to transmit traffic appears in the display of tokens.
 No token means no flow sends its packets. Hence, a flow transfers traffic up to its
peak burst rate in good tokens in the bucket.
Read in detail about Token Bucket Algorithm
Need of Token Bucket Algorithm
The leaky bucket algorithm enforces output pattern at the average rate, no matter how bursty
the traffic is. So in order to deal with the bursty traffic we need a flexible algorithm so that
the data is not lost. One such algorithm is token bucket algorithm.
Steps of this algorithm can be described as follows:
 In regular intervals tokens are thrown into the bucket.
 The bucket has a maximum capacity.
 If there is a ready packet, a token is removed from the bucket, and the packet is sent.
 If there is no token in the bucket, the packet cannot be sent.
Let’s understand with an example, In figure (A) we see a bucket holding three tokens, with
five packets waiting to be transmitted. For a packet to be transmitted, it must capture and
destroy one token. In figure (B) We see that three of the five packets have gotten through, but
the other two are stuck waiting for more tokens to be generated.
Token Bucket vs Leaky Bucket
The leaky bucket algorithm controls the rate at which the packets are introduced in the
network, but it is very conservative in nature. Some flexibility is introduced in the token
bucket algorithm. In the token bucket algorithm, tokens are generated at each tick (up to a
certain limit). For an incoming packet to be transmitted, it must capture a token and the
transmission takes place at the same rate. Hence some of the busty packets are transmitted at
the same rate if tokens are available and thus introduces some amount of flexibility in the
system.

Leaky Bucket
Advantages
 Stable Network Operation: Congestion control ensures that networks remain stable
and operational by preventing them from becoming overloaded with too much data
traffic.
 Reduced Delays: It minimizes delays in data transmission by managing traffic flow
effectively, ensuring that data packets reach their destinations promptly.
 Less Data Loss: By regulating the amount of data in the network at any given time,
congestion control reduces the likelihood of data packets being lost or discarded.
 Optimal Resource Utilization: It helps networks use their resources efficiently,
allowing for better throughput and ensuring that users can access data and services
without interruptions.
 Scalability: Congestion control mechanisms are scalable, allowing networks to handle
increasing volumes of data traffic as they grow without compromising performance.
  Adaptability: Modern congestion control algorithms can adapt to changing network
conditions, ensuring optimal performance even in dynamic and unpredictable
environments.
Disadvantages
 Complexity: Implementing congestion control algorithms can add complexity to
network management, requiring sophisticated systems and configurations.
 Overhead: Some congestion control techniques introduce additional overhead, which
can consume network resources and affect overall performance.
 Algorithm Sensitivity: The effectiveness of congestion control algorithms can be
sensitive to network conditions and configurations, requiring fine-tuning for optimal
performance.
 Resource Allocation Issues: Fairness in resource allocation, while a benefit, can also
pose challenges when trying to prioritize critical applications over less essential ones.
 Dependency on Network Infrastructure: Congestion control relies on the underlying
network infrastructure and may be less effective in environments with outdated or
unreliable equipment.

IPv6- Internet Protocol version 6 (IPv6)

The most common version of the Internet Protocol currently is IPv6. The well-known IPv6
protocol is being used and deployed more often, especially in mobile phone markets. IP
address determines who and where you are in the network of billions of digital devices that
are connected to the Internet. It is a network layer protocol which allows communication to
take place over the network. IPv6 was designed by the Internet Engineering Task Force
(IETF) in December 1998 with the purpose of superseding IPv4 due to the global
exponentially growing internet of users. In this article we will see IPv6 protocol in detail.
IPv6
The next generation Internet Protocol (IP) address standard, known as IPv6, is meant to work
in cooperation with IPv4. To communicate with other devices, a computer, smartphone, home
automation component, Internet of Things sensor, or any other Internet-connected device
needs a numerical IP address. Because so many connected devices are being used, the
original IP address scheme, known as IPv4, is running out of addresses. This new IP address
version is being deployed to fulfil the need for more Internet addresses. With 128-bit address
space, it allows 340 undecillion unique address space. IPv6 support a theoretical maximum of
340, 282, 366, 920, 938, 463, 463, 374, 607, 431, 768, 211, 456.

The major differences between IPv4 and IPv6 are:

IPv4 (Internet Protocol Version 4) IPv6 (Internet Protocol Version 6)

Encryption and authentication is not provided in IPv4 Encryption and authentication is provided
(Internet Protocol Version 4). in IPv6 (Internet Protocol Version 6)

Header of IPv4 is 20 – 60 bytes. Header of IPv6 is fixed at 40 bytes

Checksumfield is available in IPv4. Checksumfield is not available in IPv6.

 Packet flow identification is not available in IPv4 Packet flow identification is available in
(Internet Protocol Version 4). IPv6. Flow label field is available in the
header.

IPv4 addresses are usually represented in dot-decimal An IPv6 address is represented as eight
notation, consisting of four decimal numbers, each groups of four hexadecimal digits, each
ranging from 0 to 255, separated by dots. group representing 16 bits.

Sender and forwarding routers performs fragmentation Fragmentation is performed only by the
in IPv4 sender in IPv6.

In IPv4, security features relies on application In IPv6, there is an inbuilt security feature
named IPSEC.

End to end connection integrity cannot be achieved in End to end connection integrity can be
IPv4. done in IPv6.

IPv4 supports DHCP and Manual address configuration IPv6 supports renumbering and auto
address configuration.

IPv4 addresses are 32-bit long IPv6 addresses are 128 bits long.

The address space in IPv4 is 4.29 ×109 The address space in IPv6 is 3.4 ×1038

IPv4 has a broadcast message transmission scheme. Multicast and Anycast message
transmission scheme is available in IPv6.

Representation of IPv6
An IPv6 address consists of eight groups of four hexadecimal digits separated by ‘ . ‘ and
each Hex digit representing four bits so the total length of IPv6 is 128 bits. Structure given
below.
IPV6-Representation
gggg.gggg.gggg.ssss.xxxx.xxxx.xxxx.xxxx
The first 48 bits represent Global Routing Prefix. The next 16 bits represent the student ID
and the last 64 bits represent the host ID. The first 64 bits represent the network portion and
the last 64 bits represent the interface id.
 Global Routing Prefix: The Global Routing Prefix is the portion of an IPv6 address
that is used to identify a specific network or subnet within the larger IPv6 internet. It
is assigned by an ISP or a regional internet registry (RIR).
 Student Id: The portion of the address used within an organization to identify subnets.
This usually follows the Global Routing Prefix.
 Host Id: The last part of the address, is used to identify a specific host on a network.
Example: 3001:0da8:75a3:0000:0000:8a2e:0370:7334
Types of IPv6 Address
Now that we know about what is IPv6 address let’s take a look at its different types.
 Unicast Addresses : Only one interface is specified by the unicast address. A packet
moves from one host to the destination host when it is sent to a unicast address
destination.
 Multicast Addresses: It represents a group of IP devices and can only be used as the
destination of a datagram.
 Anycast Addresses: The multicast address and the anycast address are the same. The
way the anycast address varies from other addresses is that it can deliver the same IP
address to several servers or devices. Keep in mind that the hosts do not receive the IP
address. Stated differently, multiple interfaces or a collection of interfaces are
assigned an anycast address.
Advantages
 Faster Speeds: IPv6 supports multicast rather than broadcast in IPv4.This feature
allows bandwidth-intensive packet flows (like multimedia streams) to be sent to
multiple destinations all at once.
 Stronger Security: IPSecurity, which provides confidentiality, and data integrity, is
embedded into IPv6.
 Routing efficiency
 Reliability
 Most importantly it’s the final solution for growing nodes in Global-network.
 The device allocates addresses on its own.
 Internet protocol security is used to support security.
 Enable simple aggregation of prefixes allocated to IP networks; this saves bandwidth
by enabling the simultaneous transmission of large data packages.
Disadvantages
 Conversion: Due to widespread present usage of IPv4 it will take a long period to
completely shift to IPv6.
 Communication: IPv4 and IPv6 machines cannot communicate directly with each
other.
 Not Going Backward Compatibility: IPv6 cannot be executed on IPv4-capable
computers because it is not available on IPv4 systems.
 Conversion Time: One significant drawback of IPv6 is its inability to uniquely
identify each device on the network, which makes the conversion to IPV4 extremely
time-consuming.
 Cross-protocol communication is forbidden since there is no way for IPv4 and IPv6 to
communicate with each other.
IPV4:Internet Protocol Version 4 (IPv4)
Internet Protocol is one of the major protocols in the TCP/IP protocols suite. This protocol
works at the network layer of the OSI model and at the Internet layer of the TCP/IP model.
Thus this protocol has the responsibility of identifying hosts based upon their logical
addresses and to route data among them over the underlying network.
IP provides a mechanism to uniquely identify hosts by an IP addressing scheme. IP uses best
effort delivery, i.e. it does not guarantee that packets would be delivered to the destined host,
but it will do its best to reach the destination. Internet Protocol version 4 uses 32-bit logical
address.
IPv4 - Packet Structure
Internet Protocol being a layer-3 protocol (OSI) takes data Segments from layer-4 (Transport)
and divides it into packets. IP packet encapsulates data unit received from above layer and
add to its own header information.

The encapsulated data is referred to as IP Payload. IP header contains all the necessary
information to deliver the packet at the other end.

IP header includes many relevant information including Version Number, which, in this
context, is 4. Other details are as follows −
 Version − Version no. of Internet Protocol used (e.g. IPv4).
 IHL − Internet Header Length; Length of entire IP header.
 DSCP − Differentiated Services Code Point; this is Type of Service.
 ECN − Explicit Congestion Notification; It carries information about the congestion
seen in the route.
 Total Length − Length of entire IP Packet (including IP header and IP Payload).
  Identification − If IP packet is fragmented during the transmission, all the fragments
contain same identification number. to identify original IP packet they belong to.
 Flags − As required by the network resources, if IP Packet is too large to handle, these
flags tells if they can be fragmented or not. In this 3-bit flag, the MSB is always set to
0.
 Fragment Offset − This offset tells the exact position of the fragment in the original IP
Packet.
 Time to Live − To avoid looping in the network, every packet is sent with some TTL
value set, which tells the network how many routers (hops) this packet can cross. At
each hop, its value is decremented by one and when the value reaches zero, the packet
is discarded.
 Protocol − Tells the Network layer at the destination host, to which Protocol this
packet belongs to, i.e. the next level Protocol. For example protocol number of ICMP
is 1, TCP is 6 and UDP is 17.
 Header Checksum − This field is used to keep checksum value of entire header which
is then used to check if the packet is received error-free.
 Source Address − 32-bit address of the Sender (or source) of the packet.
 Destination Address − 32-bit address of the Receiver (or destination) of the packet.
 Options − This is optional field, which is used if the value of IHL is greater than 5.
These options may contain values for options such as Security, Record Route, Time
Stamp, etc.
IPv4 - Addressing
IPv4 supports three different types of addressing modes. −
Unicast Addressing Mode
In this mode, data is sent only to one destined host. The Destination Address field contains
32- bit IP address of the destination host. Here the client sends data to the targeted server −

Broadcast Addressing Mode

In this mode, the packet is addressed to all the hosts in a network segment. The Destination
Address field contains a special broadcast address, i.e. 255.255.255.255. When a host sees
this packet on the network, it is bound to process it. Here the client sends a packet, which is
entertained by all the Servers −
Multicast Addressing Mode
This mode is a mix of the previous two modes, i.e. the packet sent is neither destined to a
single host nor all the hosts on the segment. In this packet, the Destination Address contains a
special address which starts with 224.x.x.x and can be entertained by more than one host.

Here a server sends packets which are entertained by more than one servers. Every network
has one IP address reserved for the Network Number which represents the network and one
IP address reserved for the Broadcast Address, which represents all the hosts in that network.
Hierarchical Addressing Scheme
IPv4 uses hierarchical addressing scheme. An IP address, which is 32-bits in length, is
divided into two or three parts as depicted −
A single IP address can contain information about the network and its sub-network and
ultimately the host. This scheme enables the IP Address to be hierarchical where a network
can have many sub-networks which in turn can have many hosts.
Subnet Mask
The 32-bit IP address contains information about the host and its network. It is very necessary
to distinguish both. For this, routers use Subnet Mask, which is as long as the size of the
network address in the IP address. Subnet Mask is also 32 bits long. If the IP address in
binary is ANDed with its Subnet Mask, the result yields the Network address. For example,
say the IP Address is 192.168.1.152 and the Subnet Mask is 255.255.255.0 then −

This way the Subnet Mask helps extract the Network ID and the Host from an IP Address. It
can be identified now that 192.168.1.0 is the Network number and 192.168.1.152 is the host
on that network.
Binary Representation
The positional value method is the simplest form of converting binary from decimal value. IP
address is 32 bit value which is divided into 4 octets. A binary octet contains 8 bits and the
value of each bit can be determined by the position of bit value '1' in the octet.

Positional value of bits is determined by 2 raised to power (position 1), that is the value of a
bit 1 at position 6 is 2^(6-1) that is 2^5 that is 32. The total value of the octet is determined by
adding up the positional value of bits. The value of 11000000 is 128+64 = 192. Some
examples are shown in the table below −
IPv4 - Address Classes
Internet Protocol hierarchy contains several classes of IP Addresses to be used efficiently in
various situations as per the requirement of hosts per network. Broadly, the IPv4 Addressing
system is divided into five classes of IP Addresses. All the five classes are identified by the
first octet of IP Address.
Internet Corporation for Assigned Names and Numbers is responsible for assigning IP
addresses.
The first octet referred here is the left most of all. The octets numbered as follows depicting
dotted decimal notation of IP Address −
The number of networks and the number of hosts per class can be derived by this formula −

When calculating hosts' IP addresses, 2 IP addresses are decreased because they cannot be
assigned to hosts, i.e. the first IP of a network is network number and the last IP is reserved
for Broadcast IP.
Class A Address
The first bit of the first octet is always set to 0 (zero). Thus the first octet ranges from 1 127,
i.e.

Class A addresses only include IP starting from 1.x.x.x to 126.x.x.x only. The IP range
127.x.x.x is reserved for loopback IP addresses.
The default subnet mask for Class A IP address is 255.0.0.0 which implies that Class A
addressing can have 126 networks (27-2) and 16777214 hosts (224-2).
Class A IP address format is thus: 0NNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH
Class B Address
An IP address which belongs to class B has the first two bits in the first octet set to 10, i.e.

Class B IP Addresses range from 128.0.x.x to 191.255.x.x. The default subnet mask for Class
B is 255.255.x.x.
Class B has 16384 (214) Network addresses and 65534 (216-2) Host addresses.
Class B IP address format is: 10NNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH
Class C Address
The first octet of Class C IP address has its first 3 bits set to 110, that is −

Class C IP addresses range from 192.0.0.x to 223.255.255.x. The default subnet mask for
Class C is 255.255.255.x.
Class C gives 2097152 (221) Network addresses and 254 (28-2) Host addresses.
Class C IP address format is: 110NNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH
Class D Address
Very first four bits of the first octet in Class D IP addresses are set to 1110, giving a range of
−
Class D has IP address range from 224.0.0.0 to 239.255.255.255. Class D is reserved for
Multicasting. In multicasting data is not destined for a particular host, that is why there is no
need to extract host address from the IP address, and Class D does not have any subnet mask.
Class E Address
This IP Class is reserved for experimental purposes only for R&D or Study. IP addresses in
this class ranges from 240.0.0.0 to 255.255.255.254. Like Class D, this class too is not
equipped with any subnet mask.
IPv4 - Subnetting
Each IP class is equipped with its own default subnet mask which bounds that IP class to
have prefixed number of Networks and prefixed number of Hosts per network. Classful IP
addressing does not provide any flexibility of having less number of Hosts per Network or
more Networks per IP Class.
CIDR or Classless Inter Domain Routing provides the flexibility of borrowing bits of Host
part of the IP address and using them as Network in Network, called Subnet. By using
subnetting, one single Class A IP address can be used to have smaller sub-networks which
provides better network management capabilities.
Class A Subnets
In Class A, only the first octet is used as Network identifier and rest of three octets are used
to be assigned to Hosts (i.e. 16777214 Hosts per Network). To make more subnet in Class A,
bits from Host part are borrowed and the subnet mask is changed accordingly.
For example, if one MSB (Most Significant Bit) is borrowed from host bits of second octet
and added to Network address, it creates two Subnets (2 1=2) with (223-2) 8388606 Hosts per
Subnet.
The Subnet mask is changed accordingly to reflect subnetting. Given below is a list of all
possible combination of Class A subnets −
In case of subnetting too, the very first and last IP address of every subnet is used for Subnet
Number and Subnet Broadcast IP address respectively. Because these two IP addresses
cannot be assigned to hosts, sub-netting cannot be implemented by using more than 30 bits as
Network Bits, which provides less than two hosts per subnet.
Class B Subnets
By default, using Classful Networking, 14 bits are used as Network bits providing (2 14) 16384
Networks and (216-2) 65534 Hosts. Class B IP Addresses can be subnetted the same way as
Class A addresses, by borrowing bits from Host bits. Below is given all possible combination
of Class B subnetting −
Class C Subnets
Class C IP addresses are normally assigned to a very small size network because it can only
have 254 hosts in a network. Given below is a list of all possible combination of subnetted
Class B IP address −

IPv4 - VLSM
Internet Service Providers may face a situation where they need to allocate IP subnets of
different sizes as per the requirement of customer. One customer may ask Class C subnet of 3
IP addresses and another may ask for 10 IPs. For an ISP, it is not feasible to divide the IP
addresses into fixed size subnets, rather he may want to subnet the subnets in such a way
which results in minimum wastage of IP addresses.
For example, an administrator have 192.168.1.0/24 network. The suffix /24 (pronounced as
"slash 24") tells the number of bits used for network address. In this example, the
administrator has three different departments with different number of hosts. Sales
department has 100 computers, Purchase department has 50 computers, Accounts has 25
computers and Management has 5 computers. In CIDR, the subnets are of fixed size. Using
the same methodology the administrator cannot fulfill all the requirements of the network.
The following procedure shows how VLSM can be used in order to allocate department-wise
IP addresses as mentioned in the example.
Step - 1
Make a list of Subnets possible.

Step - 2
Sort the requirements of IPs in descending order (Highest to Lowest).
 Sales 100
 Purchase 50
 Accounts 25
 Management 5
Step - 3
Allocate the highest range of IPs to the highest requirement, so let's assign 192.168.1.0 /25
(255.255.255.128) to the Sales department. This IP subnet with Network number 192.168.1.0
has 126 valid Host IP addresses which satisfy the requirement of the Sales department. The
subnet mask used for this subnet has 10000000 as the last octet.
Step - 4
Allocate the next highest range, so let's assign 192.168.1.128 /26 (255.255.255.192) to the
Purchase department. This IP subnet with Network number 192.168.1.128 has 62 valid Host
IP Addresses which can be easily assigned to all the PCs of the Purchase department. The
subnet mask used has 11000000 in the last octet.
Step - 5
Allocate the next highest range, i.e. Accounts. The requirement of 25 IPs can be fulfilled with
192.168.1.192 /27 (255.255.255.224) IP subnet, which contains 30 valid host IPs. The
network number of Accounts department will be 192.168.1.192. The last octet of subnet
mask is 11100000.
Step - 6
Allocate the next highest range to Management. The Management department contains only 5
computers. The subnet 192.168.1.224 /29 with the Mask 255.255.255.248 has exactly 6 valid
host IP addresses. So this can be assigned to Management. The last octet of the subnet mask
will contain 11111000.
By using VLSM, the administrator can subnet the IP subnet in such a way that least number
of IP addresses are wasted. Even after assigning IPs to every department, the administrator, in
this example, is still left with plenty of IP addresses which was not possible if he has used
CIDR.
IPv4 - Reserved Addresses
There are a few reserved IPv4 address spaces which cannot be used on the internet. These
addresses serve special purpose and cannot be routed outside the Local Area Network.
Private IP Addresses
Every class of IP, (A, B & C) has some addresses reserved as Private IP addresses. These IPs
can be used within a network, campus, company and are private to it. These addresses cannot
be routed on the Internet, so packets containing these private addresses are dropped by the
Routers.

In order to communicate with the outside world, these IP addresses must have to be translated
to some public IP addresses using NAT process, or Web Proxy server can be used.
The sole purpose to create a separate range of private addresses is to control assignment of
already-limited IPv4 address pool. By using a private address range within LAN, the
requirement of IPv4 addresses has globally decreased significantly. It has also helped
delaying the IPv4 address exhaustion.
IP class, while using private address range, can be chosen as per the size and requirement of
the organization. Larger organizations may choose class A private IP address range where
smaller organizations may opt for class C. These IP addresses can be further sub-netted and
assigned to departments within an organization.
Loopback IP Addresses
The IP address range 127.0.0.0 127.255.255.255 is reserved for loopback, i.e. a Hosts self-
address, also known as localhost address. This loopback IP address is managed entirely by
and within the operating system. Loopback addresses, enable the Server and Client processes
on a single system to communicate with each other. When a process creates a packet with
destination address as loopback address, the operating system loops it back to itself without
having any interference of NIC.
Data sent on loopback is forwarded by the operating system to a virtual network interface
within operating system. This address is mostly used for testing purposes like client-server
architecture on a single machine. Other than that, if a host machine can successfully ping
127.0.0.1 or any IP from loopback range, implies that the TCP/IP software stack on the
machine is successfully loaded and working.
Link-local Addresses
In case a host is not able to acquire an IP address from the DHCP server and it has not been
assigned any IP address manually, the host can assign itself an IP address from a range of
reserved Link-local addresses. Link local address ranges from 169.254.0.0 --
169.254.255.255.
Assume a network segment where all systems are configured to acquire IP addresses from a
DHCP server connected to the same network segment. If the DHCP server is not available,
no host on the segment will be able to communicate to any other. Windows (98 or later), and
Mac OS (8.0 or later) supports this functionality of self-configuration of Link-local IP
address. In absence of DHCP server, every host machine randomly chooses an IP address
from the above mentioned range and then checks to ascertain by means of ARP, if some other
host also has not configured itself with the same IP address. Once all hosts are using link
local addresses of same range, they can communicate with each other.
These IP addresses cannot help system to communicate when they do not belong to the same
physical or logical segment. These IPs are also not routable.
IPv4 - Example
This chapter describes how actual communication happens on the Network using Internet
Protocol version 4.
Packet Flow in Network
All the hosts in IPv4 environment are assigned unique logical IP addresses. When a host
wants to send some data to another host on the network, it needs the physical (MAC) address
of the destination host. To get the MAC address, the host an broadcasts ARP message and
asks to give the MAC address whoever is the owner of destination IP address. All the hosts
on that segment receive the ARP packet, but only the host having its IP matching with the
one in the ARP message, replies with its MAC address. Once the sender receives the MAC
address of the receiving station, data is sent on the physical media.
In case the IP does not belong to the local subnet, the data is sent to the destination by means
of Gateway of the subnet. To understand the packet flow, we must first understand the
following components −
 MAC Address − Media Access Control Address is 48-bit factory hard coded physical
address of network device which can uniquely be identified. This address is assigned
by device manufacturers.
 Address Resolution Protocol − Address Resolution Protocol is used to acquire the
MAC address of a host whose IP address is known. ARP is a Broadcast packet which
is received by all the host in the network segment. But only the host whose IP is
mentioned in ARP responds to it providing its MAC address.
 Proxy Server − To access the Internet, networks use a Proxy Server which has a
public IP assigned. All the PCs request the Proxy Server for a Server on the Internet.
The Proxy Server on behalf of the PCS sends the request to the server and when it
receives a response from the Server, the Proxy Server forwards it to the client PC.
This is a way to control Internet access in computer networks and it helps to
implement web based policies.
 Dynamic Host Control Protocol − DHCP is a service by which a host is assigned IP
address from a pre-defined address pool. DHCP server also provides necessary
information such as Gateway IP, DNS Server Address, lease assigned with the IP, etc.
By using DHCP services, a network administrator can manage assignment of IP
addresses at ease.
 Domain Name System − It is very likely that a user does not know the IP address of a
remote Server he wants to connect to. But he knows the name assigned to it, for
example, tutorialpoints.com. When the user types the name of a remote server he
wants to connect to, the localhost behind the screens sends a DNS query. Domain
Name System is a method to acquire the IP address of the host whose Domain Name
is known.
 Network Address Translation − Almost all PCs in a computer network are assigned
private IP addresses which are not routable on the Internet. As soon as a router
receives an IP packet with a private IP address, it drops it. In order to access servers
on public private address, computer networks use an address translation service,
which translates between public and private addresses, called Network Address
Translation. When a PC sends an IP packet out of a private network, NAT changes
the private IP address with public IP address and vice versa.

We can now describe the packet flow. Assume that a user wants to access
www.TutorialsPoint.com from her personal computer. She has internet connection from her
ISP. The following steps will be taken by the system to help her reach the destination
website.
Step 1 Acquiring an IP Address (DHCP)
When the users PC boots up, it searches for a DHCP server to acquire an IP address. For the
same, the PC sends a DHCPDISCOVER broadcast which is received by one or more DHCP
servers on the subnet and they all respond with DHCPOFFER which includes all the
necessary details such as IP, subnet, Gateway, DNS, etc. The PC sends DHCPREQUEST
packet in order to request the offered IP address. Finally, the DHCP sends DHCPACK packet
to tell the PC that it can keep the IP for some given amount of time that is known as IP lease.
Alternatively, a PC can be assigned an IP address manually without taking any help from
DHCP server. When a PC is well configured with IP address details, it can communicate
other computers all over the IP enabled network.
Step 2 DNS Query
When a user opens a web browser and types www.tutorialpoints.com which is a domain
name and a PC does not understand how to communicate with the server using domain
names, then the PC sends a DNS query out on the network in order to obtain the IP address
pertaining to the domain name. The pre-configured DNS server responds to the query with IP
address of the domain name specified.
Step 3 ARP Request
The PC finds that the destination IP address does not belong to his own IP address range and
it has to forward the request to the Gateway. The Gateway in this scenario can be a router or a
Proxy Server. Though the Gateways IP address is known to the client machine but computers
do not exchange data on IP addresses, rather they need the machines hardware address which
is Layer-2 factory coded MAC address. To obtain the MAC address of the Gateway, the
client PC broadcasts an ARP request saying "Who owns this IP address?" The Gateway in
response to the ARP query sends its MAC address. Upon receiving the MAC address, the PC
sends the packets to the Gateway.
An IP packet has both source and destination addresses and it connects the host with a remote
host logically, whereas MAC addresses help systems on a single network segment to transfer
actual data. It is important that source and destination MAC addresses change as they travel
across the Internet (segment by segment) but source and destination IP addresses never
change.

CIDR
CIDR, or Classless Inter-Domain Routing, is a method for allocating IP addresses that
improves efficiency in how IP addresses are used and routed across networks. It allows for
more flexible and efficient use of IP address space compared to the older classful system.
Key points about CIDR:
 Flexibility:
CIDR allows for variable-length subnet masks, meaning that networks can be divided into
smaller subnets of different sizes.
 Efficiency:
By using CIDR, organizations can allocate IP addresses more efficiently, reducing waste and
making more addresses available.
 Improved Routing:
CIDR also improves routing efficiency by allowing routers to summarize multiple network
routes into a single entry, reducing the size of routing tables.
 CIDR Notation:
CIDR is represented using a notation that specifies the network prefix and the number of bits
used for the network portion of the address.
 Supernetting:
CIDR is also known as supernetting because it allows for the aggregation of multiple IP
address blocks into larger blocks.
Example:
A CIDR block like 192.168.1.0/24 indicates that the first 24 bits of the IP address are used to
define the network, and the remaining 8 bits can be used for host addresses within that
network.
Benefits of CIDR:
 Reduced IP Address Wasting:
CIDR helps to reduce the amount of IP address space that is wasted by allowing for more
precise allocation of addresses.
 Improved Routing Performance:
By summarizing routes, CIDR improves routing performance and reduces the size of routing
tables.
 Scalability:
CIDR allows for more scalable network designs by enabling the efficient allocation of IP
addresses for different sizes of networks.

What is Address Resolution Protocol (ARP)?

Address Resolution Protocol (ARP) is a protocol that maps dynamic IP addresses to
permanent physical machine addresses in a local area network (LAN). The physical machine
address is also known as a media access control (MAC) address.
ARP translates 32-bit addresses to 48-bit addresses and vice versa, which is necessary
because IP addresses in IP version 4 (IPv4) are 32 bits but MAC addresses are 48 bits.
ARP works between Layer 2 and Layer 3 of the Open Systems Interconnection model (OSI
model). The MAC address exists on Layer 2 of the OSI model, the data link layer. The IP
address exists on Layer 3, the network layer.
ARP can also be used for IP over other LAN technologies, such as token ring, Fiber
Distributed Data Interface and IP over Asynchronous Transfer Mode.
How ARP works
When a new computer joins a LAN, the network assigns it a unique IP address for
identification and communication. When an incoming packet destined for a host machine on
a particular LAN arrives at a gateway, the gateway asks the ARP program to find a MAC
address that matches the IP address. The ARP cache table maintains a record of each IP
address and its corresponding MAC address.
All operating systems in an IPv4 Ethernet network keep an ARP cache. Every time a host
requests a MAC address to send a packet to another host in the LAN, it checks its ARP cache
to see if the IP to MAC address translation already exists. If it does, a new ARP request is
unnecessary. If the translation doesn't already exist, ARP performs the request.
ARP broadcasts a request packet to all the machines on the LAN and asks if any of the
machines are using that particular IP address. When a machine recognizes the IP address as
its own, it sends a reply so ARP can update the cache for future reference and proceed with
the communication.
Host machines that don't know their own IP address can use the Reverse ARP protocol for
discovery.
ARP has a limited cache size, and ARP periodically cleanses entries to free up space.
Addresses tend to stay in the cache for only a few minutes. Frequent updates enable other
devices in the network to see when a physical host changes their requested IP addresses.
When ARP cleanses its cache, it detects unused entries along with any unsuccessful attempts
to communicate with computers that aren't currently powered on.
 ARP
translates IP addresses and MAC addresses so devices can properly communicate and send
data.
Proxy ARP
Proxy ARP enables a network proxy to answer ARP queries for IP addresses that are outside
the network. This enables the successful transfer of packets from one subnet to another.
When ARP broadcasts an inquiry packet, a router examines the routing table to find which
device on the LAN can reach the destination fastest. This device, which is often also a router,
acts as a gateway for forwarding packets outside the network to their intended destinations.
ARP spoofing
LANs that use ARP are vulnerable to ARP spoofing, also called ARP poison routing or ARP
cache poisoning.
ARP spoofing is a device attack in which a hacker broadcasts false ARP messages over a
LAN to link an attacker's MAC address with the IP address of a legitimate computer or server
within the network. Once a link has been established, the target computer can send frames
meant for the original destination to the hacker's computer first, as well as any data meant for
the legitimate IP address.
ARP spoofing can have unfavorable effects on an enterprise. In their simplest form, ARP
spoofing attacks can steal sensitive information. However, the attacks can also facilitate other
malicious attacks, including the following:
 Man-in-the-middle attacks.
 Denial-of-service attacks.
 Session hijacking.
History and future of ARP
ARP was first proposed and discussed in Request for Comments 826, published in November
1982 by David C. Plummer. The problem of address resolution was immediately evident in
the early days of the IP suite because Ethernet quickly became the preferred LAN technology
but Ethernet cables required 48-bit addresses.
IP version 6 (IPv6) addresses, which are 128 bits, use the Neighbor Discovery protocol
acquire configuration information instead of ARP. While IPv4 addresses are currently more
common, the use of IPv6 is increasing, largely due to the influx of internet of things devices
that require IP addresses. Neighbor Discovery operates in the Layer 2 of the OSI model and
uses Internet Control Message Protocol version 6 to discover neighboring nodes.
RARP-
Reverse Address Resolution Protocol (RARP) is a network-specific standard protocol. It is
described in RFC 903. Some network hosts, such as a diskless workstation, do not know their
own IP address when they are booted. To determine their own IP address, they use a
mechanism similar to ARP, but now the hardware address of the host is the known parameter,
and the IP address is the queried parameter.
The reverse address resolution is performed the same way as the ARP address resolution. The
same packet format is used for the ARP.
An exception is the operation code field that now takes the following values−
 3 for RARP request
 4 for RARP reply
The physical header of the frame will now indicate RARP as the higher-level protocol (8035
hex) instead of ARP (0806 hex) or IP-(0800 hex) in the Ether type field.

When a framework with a local disk is bootstrapped, it generally accepts its IP address from a
configuration document that's read from a disk file. But a system without a disk, including an
X terminal or a diskless workstation, needs some other way to accept its IP address.
The feature of RARP is for the diskless framework to read its specific hardware address from
the interface card and send a RARP request asking for someone to reply with the diskless
systems IP address.
The format of a RARP packet is almost identical to an ARP packet. The only difference is
that the frame type is 0X8035 for a RARP request or reply, and the op-field has a value of 3
for a RARP request and 4 for a RARP reply.
The problem with RARP includes its use of a link-layer broadcast, preventing most routers
from forwarding a RARP request, and the minimal information returned just the system's IP
address. While the RARP concept is easy, the implementation of a RARP server is system
dependent.
Some differences arise from the concept of RARP itself−
 ARP only assumes that every host knows the mapping between its own hardware
address and protocol address. RARP requires one or more server hosts in the network
to maintain a database of mapping between hardware address and protocol address so
that they will be able to reply to requests from client hosts.
 Due to the size of this database, part of the server function is usually implemented
outside the adapter−s microcode, with optionally a small cache in the microcode. The
microcode part is then only responsible for reception and transmission of the RARP
frames, the RARP mapping itself being taken care of by server software running as a
normal process on the host machine.
 The nature of this database also requires some software to create and update the
database manually.
 If there are multiple RARP servers in the network, the RARP requests only uses the
first RARP reply received in response to its broadcast RARP request and discards the
others.

DHCP -
Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically
provides an Internet Protocol (IP) host with its IP address and other related configuration
information such as the subnet mask and default gateway. In DHCP, port number 67 is used
for the server and 68 is used for the client.
DHCP allows a network administrator to supervise and distribute IP addresses from a central
point and automatically sends a new Internet Protocol (IP) address when a computer is
plugged into a different place in the network.
DHCP is an application layer protocol that provides −
 Subnet Mask
 Router Address
 IP Address
DHCP Client-Server Communication Diagram
In DHCP, the client and the server exchange DHCP messages to establish a connection.
Advertisement
-
PauseSkip backward 5 secondsSkip forward 5 seconds
Mute

Fullscreen
DHCP Discover Message − Client Requests DHCP Information
 It is the first message produced by a client in the communication process between the
client and server with the target address 255.255.255.255 and the source address
0.0.0.0.
  This message is produced by the client host to discover if there are any DHCP servers
present in a network or not.
 The message might contain other requests like subnet mask, domain name server, and
domain name, etc.
 The message is broadcast to all the devices in a network to find the DHCP server.

Explore our latest online courses and learn new skills at your own pace. Enroll and become
a certified expert to boost your career.

DHCP Offer Message − DHCP Server Offers Information to Client

 The DHCP server will reply/respond to the host in this message, specifying the
unleashed IP address and other TCP configuration information.
 This message is broadcasted by the server.
 If there are more than one DHCP servers present in the network, then the client host
accepts the first DHCP OFFER message it receives.
 Also, a server ID is specified in the packet to identify the server.
DHCP Request Message − Client Accepts DHCP Server Offer
 The Client receives the DHCP offer message from the DHCP server that
replied/responded to the DHCP discover message.
 After receiving the offer message, the client will compare the offer that is requested,
and then select the server it wants to use.
 The client sends the DHCP Request message to accept the offer, showing which
server is selected.
 Then this message is broadcast to the entire network to let all the DHCP servers know
which server was selected.
DHCP Acknowledgment Message − DHCP server acknowledges the client and leases the IP
address.
 If a server receives a DHCP Request message, the server marks the address as leased.
 Servers that are not selected will return the offered addresses to their available pool.
 Now, the selected server sends the client an acknowledgment (DHCP ASK), which
contains additional configuration information.
 The client may use the IP address and configuration parameters. It will use these
settings till its lease expires or till the client sends a DHCP Release message to the
server to end the lease.
DHCP Request, DHCP ACK Message − Client attempts to renew the lease
 The client starts to renew a lease when half of the lease time has passed.
 The client requests the renewal by sending a DHCP Request message to the server.
 If the server accepts the request, it will send a DHC ACK message back to the client.
 If the server does not respond to the request, the client might continue to use the IP
address and configuration information until the lease expires.
 As long as the lease is still active, the client and server do not need to go through the
DHCP Discover and DHCP Request process.
 When the lease has expired, the client must start over with the DHCP Discover
process.

ICMP -
Internet Control Message Protocol (ICMP) works in the network layer of the OSI model and
the internet layer of the TCP/IP model. It is used to send control messages to network devices
and hosts. Routers and other network devices monitor the operation of the network. When an
error occurs, these devices send a message using ICMP. Messages that can be sent include
"destination unreachable", "time exceeded", and "echo requests".
 ICMP is a network layer protocol.
 ICMP messages are not passed directly to the data link layer. The message is first
encapsulated inside the IP datagram before going to the lower layer.
Types of ICMP messages
 Information Messages − In this message, the sender sends a query to the host or
router and expects an answer. For example, A host wants to know if a router is alive
or not.
 Error-reporting message − This message report problems that a router or a host
(destination) may encounter when it processes an IP packet.
 Query Message − It helps a router or a network manager to get specific information
from a router or another host.
Category Type Message

3 Destination unreachable

4 Source quench

Error-Reporting Messages 11 Time Exceeded

12 Parameter Problem

5 Redirection

8 or 0 Echo request or reply

13 or 14 Timestamp request or reply

Query Message
17 or 18 Address mask request or reply

10 or 9 Router Solicitation or advertisement

 Source Quench − It requests to decrease the traffic rate of message sending from
source to destination.
 Time Exceeded − When fragments are lost in a network the fragments hold by the
router will be dropped and then ICMP will take the source IP from the discarded
packet and inform the source, that datagram is discarded due to the time to live field
reaches zero, by sending time exceeded message.
 Fragmentation Required − When a router is unable to forward a datagram because it
exceeds the MTU of the next-hop network and the DF (Don't Fragment) bit is set, the
router is required to return an ICMP Destination Unreachable message to the source
of the datagram, with the Code indicating fragmentation is needed and DF (Don’t
Fragment) set.
 Destination Unreachable − This error message indicates that the destination host,
network, or port number that is specified in the IP packet is unreachable. This may
happen due to the destination host device is down, an intermediate router is unable to
find a path to forward the packet, and a firewall is configured to block connections
from the source of the packet.
  Redirect Message − A redirect error message is used when a router needs to tell a
sender that it should use a different path for a specific destination. It occurs when the
router knows a shorter path to the destination.
ICMP Basic Error Message Format
A basic ICMP error message would have the following format −

 Type − The type field identifies the type of the message.

 Code − The code field in ICMP describes the purpose of the message.
 Checksum − The checksum field is used to validate ICMP messages.