NETWORK-LAYER SERVICES

• Before discussing the network layer in the Internet

today, let’s briefly discuss the network-layer services
that, in general, are expected from a network-layer
protocol.
• Figure next shows the communication between Alice
and Bob at the network layer. This is the same
scenario we used previously to show the
communication at the physical and the data-link
layers, respectively.

18.2
 Communication at the network layer

18.3
 Packetizing
• The first duty of the network layer is definitely packetizing:
encapsulating the payload in a network-layer packet at the source
and decapsulating the payload from the network-layer packet at the
destination.
• In other words, one duty of the network layer is to carry a payload
from the source to the destination without changing it or using it.
• The network layer is doing the service of a carrier such as the postal
office, which is responsible for delivery of packages from a sender to
a receiver without changing or using the contents.

18.4
 Routing and Forwarding
• Other duties of the network layer, which are as important as
the first, are routing and forwarding, which are directly related
to each other.
• Routing is applying strategies and running some routing
protocols to create the decision-making tables for each router,
The decision-making table a router normally uses for applying
this action is sometimes called the forwarding table and
sometimes the routing table.
• forwarding can be defined as the action applied by each router
when a packet arrives at one of its interfaces.
18.5
 Methods of routing
• Static routing
– routes to a destination are manually configured by a network
administrator.
– easy to configure in a small network.
– path between nodes is predictable.
– no overhead on the routers.
– unable to adapt to network failure.
– difficult to configure for a large network.
• Dynamic routing
– automatically adjust to changes in network topology and
information received from other routers.
 Routing metrics
• variable used by a dynamic router (routing
algorithm) to determine the best of several
matching routes in a routing table.
• This determines which route the router should
use to forward a packet.
Examples of Routing Metrics
• Path length/hop count
• Reliability
• Delay
• Bandwidth
• Load
• Communication cost
 Path Length
• Some routing protocols allow network
administrators to assign arbitrary costs to each
network link.
• path length is the sum of the costs associated
with each link traversed.
• Also called hop count.
 Reliability
• dependability (usually described in terms of
the bit-error rate) of each network link.
• Some network links might go down more
often than others.
• After a network fails, certain network links
might be repaired more easily or more quickly
than other links.
 Delay
• Length of time required to move a packet
from source to destination
• Depends on many factors e.g bandwidth of
intermediate network links, the port queues
at each router along the way, network
congestion on all intermediate network links,
and the physical distance to be traveled.
 Bandwidth
• available traffic capacity of a link.
• Although bandwidth is a rating of the
maximum attainable throughput on a link,
routes through links with greater bandwidth
do not necessarily provide better routes than
routes through slower links.
 Load
• degree to which a network resource, such as a
router, is busy.
• calculated in a variety of ways, including CPU
utilization and packets processed per second.
 Communication Cost
• Some companies may not care about
performance as much as they care about
operating expenditures.
• Even though line delay may be longer, they
will send packets over their own lines rather
than through the public lines that cost money
for usage time.
 Routable protocols
• A Routable protocol includes or is
encapsulated in a protocol that contains
source and destination addresses.
• Examples:
– Internet Protocol (IP)
– Internet Packet Exchange (IPX)
– Routing Information Protocol (RIP)
 Non-routable protocol
• These cannot be routed as they do not
possess source and destination address.
• Example: of non-routable Protocols:
• Address Resolution Protocol (ARP).
 Routing and routed protocols
• A routing protocol is a network protocol that is
possible to select path in a computer network
along which to forward packets.
• Examples:
– Routing Information Protocol (RIP)
– Intermediate System to Intermediate System (IS - IS)
– Border Gateway Protocol (BGP)
– Exterior Gateway Protocol (EGP)
– Open Shortest Path First (OSPF)
– Enhanced gateway routing protocol (EIGRP)
 Routed Protocols
• can be transported across networks.
• contains the data elements required for a
packet to be sent outside of its host or
network segment.
• handles encapsulation of data that is to be
forwarded in a network;
 Routing algorithms
• step by step procedures which a router uses to dynamically
select paths in a network along which to send network
traffic.
• assist the routers to create routing table which is then used
for packet forwarding.
• main examples:
– link state; and
– distance vector.
– Path attribute - Border Gateway protocol

21
 DV versus LS
• DV routing algorithms are simple and efficient in small
networks, and require little, if any management.
• However, simple distance-vector algorithms do not scale well
(due to the count-to-infinity problem), and have poor
convergence properties.

22
• Link state algorithms are just contrary to the distance vector
algorithms.
• Link state algorithms send small broadcast updates whereas
distance vector send larger updates only to neighbouring
routers.
• Because they converge more quickly, link-state algorithms are
somewhat less prone to routing loops

23
• On the other hand, link-state algorithms require more CPU
power and memory than distance vector algorithms. Link-
state algorithms, therefore, can be more expensive to
implement and support.
• Link-state protocols are generally more scalable than
distance vector protocols.

24
• LS protocols:
– Open Shortest Path First (OSPF);
– Intermediate System to Intermediate System (IS - IS)
• DV protocols:
– Routing Information Protocol (RIP)
– Enhanced Interior Gateway Routing Protocol (IGRP)

25
Path Attribute - BGP
•BGP (Border Gateway Protocol) is the standard exterior
gateway protocol designed to exchange routing
information between autonomous systems (AS) on the
Internet.
Types of BGP:
•EBGP (External BGP): Used between different
autonomous systems (ASes).
•IBGP (Internal BGP): Used within the same
autonomous system.
 Forwarding process

Forwarding Send the packet

value out of interface 2
B Data B Data

18.25
 Other Services

Let us briefly discuss other services expected from the network layer.
Error Control
• The designers of the network layer, however, have added a checksum field to the
datagram to control any corruption in the header, but not in the whole datagram.
This checksum may prevent any changes or corruptions in the header of the
datagram.
• We need to mention that although the network layer in the Internet does not
directly provide error control, the Internet uses an auxiliary protocol, ICMP,
thatprovides some kind of error control if the datagram is discarded or has some
unknown information in the header.

18.26
Flow Control
• A few reasons for the lack of flow control in the design of the network
layer can be mentioned.
• First, since there is no error control in this layer, the job of the network
layer at the receiver is so simple that it may rarely be overwhelmed.
• Second, the upper layers that use the service of the network layer can
implement buffers to receive data from the network layer as they are
ready and do not have to consume the data as fast as it is received.
• Third, flow control is provided for most of the upper-layer protocols
that use the services of the network layer, so another level of flow
control makes the network layer more complicated and the whole
system less efficient.
 Congestion Control
• Another issue in a network-layer protocol is congestion control.
• Congestion in the network layer is a situation in which too many
datagrams are present in an area of the Internet.
• Congestion may occur if the number of datagrams sent by source
computers is beyond the capacity of the network or routers.
• In this situation, some routers may drop some of the datagrams.
However, as more datagrams are dropped, the situation may become
worse because, due to the error control mechanism at the upper layers,
the sender may send duplicates of the lost packets.
• If the congestion continues, sometimes a situation may reach a point
where the system collapses and no datagrams are delivered.
 Quality of Service

• As the Internet has allowed new applications such as

multimedia communication (in particular real-time
communication of audio and video), the quality of
service (QoS) of the communication has become
more and more important.
• The Internet has thrived by providing better quality
of service to support these applications.
 Security
• Another issue related to communication at the network layer is
security.
• Security was not a concern when the Internet was originally
designed because it was used by a small number of users at
universities for research activities; other people had no access to the
Internet.
• The network layer was designed with no security provision.
• Today, however, security is a big concern. To provide security for a
connectionless network layer, we need to have another virtual level
that changes the connectionless service to a connection-oriented
service. This virtual layer, called IPSec (VPN)
 PACKET SWITCHING
• From the discussion of routing and forwarding in the
previous section, we infer that a kind of switching
occurs at the network layer.
• A router, in fact, is a switch that creates a
connection between an input port and an output
port (or a set of output ports), just as an electrical
switch connects the input to the output to let
electricity flow.

18.31
 Datagram Approach

• When the Internet started, to make it simple, the network

layer was designed to provide a connectionless service in
which the network-layer protocol treats each packet
independently, with each packet having no relationship to any
other packet.
• The idea was that the network layer is only responsible for
delivery of packets from the source to the destination. In this
approach, the packets in a message may or may not travel the
same path to their destination. Figure next shows the idea..

18.32
 A connectionless packet-switched network

18.33
• Each packet is routed based on the information
contained in its header: source and destination
addresses.
• The destination address defines where it should go; the
source address defines where it comes from.
• The router in this case routes the packet based only on
the destination address.
• The source address may be used to send an error
message to the source if the packet is discarded.
 Forwarding process in a router when used in a
connectionless network

SA DA Data SA DA Data

18.35
 Virtual-Circuit Approach
• In a connection-oriented service (also called virtual-circuit
approach), there is a relationship between all packets
belonging to a message.
• Before all datagrams in a message can be sent, a virtual
connection should be set up to define the path for the
datagrams.
• After connection setup, the datagrams can all follow the same
path. In this type of service, not only must the packet contain
the source and destination addresses, it must also contain a
flow label, a virtual circuit identifier that defines the virtual
path the packet should follow.

18.36
 A virtual-circuit packet-switched network

18.37
Forwarding process in a router when used in a virtual
circuit network

18.38
Sending request packet in a virtual-circuit network

A to B

A to B

A to B A to B

18.39
Sending acknowledgments in a virtual-circuit network

18.40
 Flow of one packet in an established virtual circuit

18.41
 NETWORK-LAYER PERFORMANCE

• The upper-layer protocols that use the service of the

network layer expect to receive an ideal service, but the
network layer is not perfect.
• The performance of a network can be measured in
terms of delay, throughput, and packet loss.
• Congestion control is an issue that can improve the
performance.

18.42
 Delay

• All of us expect instantaneous response from a network, but a

packet, from its source to its destination, encounters delays.
• The delays in a network can be divided into four types:
transmission delay, propagation delay, processing delay, and
queuing delay. Let us first discuss each of these delay types
and then show how to calculate a packet delay from the
source to the destination..

18.43
Transmission Delay
• A source host or a router cannot send a packet instantaneously.
A sender needs to put the bits in a packet on the line one by one.
If the first bit of the packet is put on the line at time t1 and the
last bit is put on the line at time t2, transmission delay of the
packet is (t2 − t1).
• Definitely, the transmission delay is longer for a longer packet
and shorter if the sender can transmit faster. In other words, the
transmission delay is
Delaytr = (Packet length) / (Transmission rate).
Propagation Delay
• Propagation delay is the time it takes for a bit to travel from
point A to point B in the transmission media.
• The propagation delay for a packet-switched network depends
on the propagation delay of each network (LAN or WAN). The
propagation delay depends on the propagation speed of the
media, which is 3 x108 meters/second in a vacuum and
normally much less in a wired medium; it also depends on the
distance of the link. In other words, propagation delay is
Delay = (Distance) / (Propagation speed).
pg
Processing Delay
• The processing delay is the time required for a router or a
destination host to receive a packet from its input port, remove the
header, perform an error detection procedure, and deliver the packet
to the output port (in the case of a router) or deliver the packet to the
upper-layer protocol (in the case of the destination host).
• The processing delay may be different for each packet, but normally
is calculated as an average.

Delay = Time required to process a

pr

packet in a router or a destination host

Queuing Delay
• Queuing delay can normally happen in a router. As we discuss in the
next section, a router has an input queue connected to each of its input
ports to store packets waiting to be processed; the router also has an
output queue connected to each of its output ports to store packets
waiting to be transmitted.
• The queuing delay for a packet in a router is measured as the time a
packet waits in the input queue and output queue of a router. We can
compare the situation with a busy airport. Some planes may need to
wait to get the landing band (input delay); some planes may need to
wait to get the departure band (output delay).
Delayqu = The time a packet waits in input and output queues
in a router
Total Delay
• Assuming equal delays for the sender, routers, and receiver, the total
delay (source-to destination delay) a packet encounters can be calculated
if we know the number of routers, n, in the whole path.

Total delay = (n + 1) (Delaytr + Delaypg + Delaypr) + (n) (Delayqu)

• Note that if we have n routers, we have (n + 1) links. Therefore, we

have (n + 1) transmission delays related to n routers and the source, (n
+ 1) propagation delays related to (n + 1) links, (n + 1) processing
delays related to n routers and the destination, and only n queuing
delays related to n routers.
 2. Throughput
• Throughput at any point in a network is defined as
the number of bits passing through the point in a
second, which is actually the transmission rate of
data at that point. In a path from source to
destination, a packet may pass through several links
(networks), each with a different transmission rate.
• How, then, can we determine the throughput of the
whole path? To see the situation, assume that we
have three links, each with a different transmission
rate, as shown in Figure next.

18.49
 Throughput in a path with three links in a series

18.50
A path through the Internet backbone

18.51
 Effect of throughput in shared links

18.52
 3. Packet Loss
• Another issue that severely affects the performance of
communication is the number of packets lost during
transmission.
• When a router receives a packet while processing another packet,
the received packet needs to be stored in the input buffer waiting
for its turn.
• A router, however, has an input buffer with a limited size. A time
may come when the buffer is full and the next packet needs to be
dropped. The effect of packet loss on the Internet network layer
is that the packet needs to be resent, which in turn may create
overflow and cause more packet loss.

18.53
 Congestion Control
• Congestion control is a mechanism for improving
performance.
• Although congestion at the network layer is not
explicitly addressed in the Internet model, the study of
congestion at this layer may help us to better understand
the cause of congestion at the transport layer and find
possible remedies to be used at the network layer.
Congestion at the network layer is related to two issues,
throughput and delay, which we discussed in the
previous section.

18.54
Open-Loop Congestion Control
• In open-loop congestion control, policies are applied to prevent congestion
before it happens.
• In these mechanisms, congestion control is handled by either the source or
the destination. We give a brief list of policies that can prevent congestion.

Retransmission Policy
• Retransmission is sometimes unavoidable. If the sender feels that a sent
packet is lost or corrupted, the packet needs to be retransmitted.
• Retransmission in general may increase congestion in the network.
However, a good retransmission policy can prevent congestion. The
retransmission policy and the retransmission timers must be designed to
optimize efficiency and at the sametime prevent congestion.
Window Policy
• The type of window at the sender may also affect congestion. The Selective Repeat
window is better than the Go-Back-N window for congestion control. In the Go-Back-N
window, when the timer for a packet times out, several packets may be resent, although
some may have arrived safe and sound at the receiver.
• This duplication may make the congestion worse. The Selective Repeat window, on the
other hand, tries to send the specific packets that have been lost or corrupted.
Acknowledgment Policy
• The acknowledgment policy imposed by the receiver may also affect congestion.
• If the receiver does not acknowledge every packet it receives, it may slow down the
sender and help prevent congestion.
• Several approaches are used in this case. A receiver may send an acknowledgment only
if it has a packet to be sent or a special timer expires. A receiver may decide to
acknowledge only N packets at a time.
• We need to know that the acknowledgments are also part of the load in a network.
Sending fewer acknowledgments means imposing less load on the network.
Discarding Policy
• A good discarding policy by the routers may prevent congestion and at
the same time may not harm the integrity of the transmission. For
example, in audio transmission, if the policy is to discard less sensitive
packets when congestion is likely to happen, the quality of sound is
still preserved and congestion is prevented or alleviated.
Admission Policy
• An admission policy, which is a quality-of-service mechanism, can also
prevent congestion in virtual-circuit networks. Switches in a flow first
check the resource requirement of a flow before admitting it to the
network. A router can deny establishing a virtual-circuit connection if
there is congestion in the network or if there is a possibility of future
congestion.
 Packet delay and throughput as functions of load

18.58
Closed-Loop Congestion Control
Closed-loop congestion control mechanisms try to alleviate congestion after it happens.
Several mechanisms have been used by different protocols. We describe a few of
them here.
Backpressure
• The technique of backpressure refers to a congestion control mechanism in which a
congested node stops receiving data from the immediate upstream node or nodes.
• This may cause the upstream node or nodes to become congested, and they, in turn,
reject data from their upstream node or nodes, and so on. Backpressure is a node to-
node congestion control that starts with a node and propagates, in the opposite
direction of data flow, to the source.
• The backpressure technique can be applied only to virtual circuit networks, in which
each node knows the upstream node from which a flow of data is coming. Figure next
shows the idea of backpressure.
Backpressure method for alleviating congestion

18.60
• Node III in the figure has more input data than it can handle. It drops
some packets in its input buffer and informs node II to slow down. Node
II, in turn, may be congested because it is slowing down the output flow
of data.
• If node II is congested, it informs node I to slow down, which in turn may
create congestion. If so, node I informs the source of data to slow down.
• This, in time, alleviates the congestion. Note that the pressure on node III
is moved backward to the source to remove the congestion. It is important
to stress that this type of congestion control can only be implemented in
virtual-circuit. The technique cannot be implemented in a datagram
network, in which a node (router) does not have the slightest knowledge
of the upstream router.
Choke Packet
• A choke packet is a packet sent by a node to the source to inform it of congestion.
• Note the difference between the backpressure and choke-packet methods. In
backpressure, the warning is from one node to its upstream node, although the
warning may eventually reach the source station. In the choke-packet method, the
warning is from the router, which has encountered congestion, directly to the source
station. The intermediate nodes through which the packet has travelled are not
warned.
• an example of this type of control in ICMP . When a router in the Internet is
overwhelmed with IP datagrams, it may discard some of them, but it informs the
source host, using a source quench ICMP message. The warning message goes
directly to the source station; the intermediate routers do not take any action. Figure
Next shows the idea of a choke packet.
 Choke packet

18.63
Implicit Signaling
• In implicit signaling, there is no communication between the congested node or
nodes and the source. The source guesses that there is congestion somewhere in the
network from other symptoms.
• For example, when a source sends several packets and there is no acknowledgment
for a while, one assumption is that the network is congested. The delay in receiving
an acknowledgment is interpreted as congestion in the network; the source should
slow down. We saw this type of signaling when we discuss TCP congestion control
in Chapter 24.
Explicit Signaling

• The node that experiences congestion can explicitly send a signal to the
source or destination.
• The explicit-signaling method, however, is different from the choke-packet
method. In the choke-packet method, a separate packet is used for this
purpose; in the explicit-signaling method, the signal is included in the
packets that carry data.
• Explicit signaling can occur in either the forward or the backward
direction. This type of congestion control can be seen in an ATM network.
 IP Addressing and Subnetting
By the end of this subtopic you ought to be able to:
• Understand the classes of IP (IPV4 and IPv6)
addresses;
• Identify reserved IP addresses;
• Determine valid network and host addresses;
• Design an IP addressing scheme for any given
scenario; and
• Understand subnetting.
26
• When a router receives a packet from one of its attached networks,
it needs to forward the packet to another attached network (in
unicast routing) or to some attached networks (in multicast routing).
• To make this decision, the router uses a piece of information in the
packet header, which can be the destination address or a label, to
find the corresponding output interface number in the forwarding
table.
 Internet Protocol (IP)
What is Internet Protocol?
◦ Internet Protocol is a set of technical rules that
defines how computers communicate over a
network.

◦ Currently, There are two versions of IP

IP version 4 (IPv4) IP
version 6 (IPv6).
 IPv4 ADDRESSES

• The identifier used in the IP layer of the TCP/IP

protocol suite to identify the connection of each
device to the Internet is called the Internet address
or IP address.
• An IPv4 address is a 32-bit address that uniquely
and universally defines the connection of a host or a
router to the Internet. The IP address is the address
of the connection, not the host or the router.

18.69
 Address Space – IPv4
• A protocol like IPv4 that defines addresses has an address
space. An address space is the total number of addresses
used by the protocol.
• If a protocol uses b bits to define an address, the address
space is 2b because each bit can have two different values
(0 or 1).
• IPv4 uses 32-bit addresses, which means that the address
space is 232 or 4,294,967,296 (more than four billion). If
there were no restrictions, more than 4 billion devices
could be connected to the Internet.

18.70
 Three different notations in IPv4 addressing

18.71
 Hierarchy in addressing

18.72
 Classful Addressing
• When the Internet started, an IPv4 address was designed
with a fixed-length prefix, but to accommodate both
small and large networks, three fixed-length prefixes
were designed instead of one (n = 8, n = 16, and n = 24).
• The whole address space was divided into five classes
(class A, B, C, D, and E), as shown in Figure next. This
scheme is referred to as classful addressing. Although
classful addressing belongs to the past, it helps us to
understand classless addressing, discussed later.

18.73
Occupation of the address space in classful addressing

18.74
Hosts and networks for IP address classes

• Not all IP addresses are valid host address.

• Network addresses are obtained by assigning
0s in host portion
• Not all network addresses are valid addresses
Class Host IP address range
A 0.0.0.0 – 127.255.255.255
B 128.0.0.0 – 191.255.255.255
C 192.0.0.0 – 223.255.255.255
D 224.0.0.0 – 239.255.255.255
E 240.0.0.0 – 255.255.255.255
Class Network IP address range
A 0.0.0.0 – 127.0.0.0
B 128.0.0.0 – 191.255.0.0
C 192.0.0.0 – 223. 255.255.0

7-Jan-14 [email protected] 51
Class Number of Number of Total number
networks hosts of hosts
per
networ
k
A 128 16,777,216 2,147,483,643
B 16,384 65,536 1,073,741,824
C 2,097,152 256 536,870,912

52
 IP address subdivisions
• Public addresses
• Private addresses
• All 0s address
• Loopback address
• Network address
• Broadcast address
• Class D
• Class E

53
 Public Addresses
• Most IP addresses are public addresses.
• registered as belonging to a specific organisation.
• routed across the internet as hosts freely
communicate globally.
• No organisation is permitted to use these
addresses if they are not registered with that
organisation.
• Which organisation (s) in Malawi allocates these
addresses?, how about Africa?
 Private Addresses
• can freely be used by any organisation without
need for registration.
• cannot tell where they are coming from or
going to since anyone can use them hence
they are not permitted to be routed across the
internet.
Class IP address range

A 10.0.0.0 – 10.255.255.255

B 172.16.0.0 – 172.31.255.255

C 192.168.0.0 – 192.168.255.255
 All 0s address

• The IP address 0.0.0.0 and is the default IP

address
• used to specify a default route.
• reserved for cases where a host needs to
communicate but does not yet know its IP
address.
• This is not a valid network address
• Try to assign this address on computer
 Loopback address

• Addresses with a network address 127.0.0.0 are reserved

for internal loopback
• intended for use in testing TCP/IP connectivity and for inter-
process communication on the local computer.
• When a program uses this address as destination for a packet,
the computer processes the data without sending traffic across
any network.
• Try to ping an IP address beginning with 127.
 Network address

• An address with a host portion all 0s is never

assigned to an individual host instead it is
used to refer to the network itself.
• If a packet is routed to this address, the packet
is sent to the host belonging to that network.
 Broadcast address

• An address with a host portion all 1s is also never assigned

to an individual host.
• used for transmission destined for all hosts on a specific local
network.
• a one to all transmission address and maybe directed, global
or limited broadcast.
 Class D

• reserved for multicasting.

• A subset of computer on a network can agree
to listen to a given multicast address forming a
multicast group.
• Only devices with a multicast address can
communicate to the group.
 Class E

• reserved for future use and are never assigned

to any network device
Valid hosts and networks for IP address classes

• 0.0.0.0 invalid??
• 127.XXX.YYY.ZZZ invalid??
• All 0s in host portion invalid??
• All 1s in host portions invalid??
Class Valid Network IP address
range

A 1.0.0.0 – 126.0.0.0

B 128.0.0.0 – 191.0.0.0

C 192.0.0.0 – 223. 0.0.0

Class Number of Number of Total number
valid networks valid hosts per of valid hosts
network

A 126 16,777,214 2,113,928,964

B 16,384 65,534 1,073,709,056

C 2,097,152 254 532,676,608

65
 IP address authority
• Since each network must be unique, there is need for global authority.
• Internet Corporation for Assigned Names and Numbers (ICANN) sets
policies and assigns values for names and other constants used in
protocols as well as addresses.
• ICANN has authorized the following to administer blocks of
addresses:
– ARIN
– RIPE
– APNIC
– LATNIC
– AFRINIC
• Small Internet Service Providers (ISPs) contact
larger ISPs e.g. SDNP – AFRINIC – ICANN.
• The central authority only assigns network
addresses.
• What about IANA (Internet Assigned
Numbers Authority)??
 Classless Addressing
• With the growth of the Internet, it was clear that a larger
address space was needed as a long-term solution.
• The larger address space, however, requires that the length of
IP addresses also be increased, which means the format of the
IP packets needs to be changed.
• Although the long-range solution has already been devised
and is called IPv6, a short-term solution was also devised to
use the same address space but to change the distribution of
addresses to provide a fair share to each organization. The
short-term solution still uses IPv4 addresses, but it is called
classless addressing.
18.94
 Subnet Mask
• Netmask
• network mask
• address mask
• a 32 bitmask used to identify how many bits in an
octet(s) identify a subnetwork.
• A site using subnetting must choose a 32 bit
subnet mask for each network.
• Bits are set to 1 to treat the part as subnet prefix and 0
for host identify e.g.
11111111 11111111 11111111 00000000
• The first three octets identify a network and the fourth
octet identifies a host on that network.
 Subnet mask representation
• Binary notation
• Dotted decimal notation
• CIDR/Slash notation
 Default Subnet Mask
• subnet mask that represents the original
classful IP addressing scheme.
• When subnetting is not used most computers
use the default allocation for each particular
class.
• As previously discussed under classful IP
addressing, the classes A, B and C have 8, 16
and 24 bits representing the network
Default Subnet Masks
Subnet and broadcast addresses

• The subnet address is obtained in a similar

way as network address as it has all 0s
assigned to the host portion.
• The broadcast address for a particular subnet
is also obtained by assigning all 1s to the host
portion like the mere broadcast address for
addresses.
 Subnet possibilities
• The number of subnet addresses possible
depends on the subnet mask and how many
bits are included in the address.
• If 2 subnet bits are used, there are 4 possible
subnet combinations i.e. 00, 01, 10 and 11. In
general:
Number of subnets = 2n address
Where n is the number of bits

87
• With classful IP addressing, subnet address
containing all 0s and all 1s cannot be used.
• An all 0s address is used as the address of the
subnet
• An all 1s address is used for the subnet broadcast
address.
• In general the number of valid subnet addresses
is thus 2 less than the probable subnets.
Number of valid subnet addresses = 2n -2

88
No of subnet bits Number of valid subnet addresses

2 22-2 = 2
3 23-2 = 6
4 14
5 30
6 62
7 126
8 254
11 2046
13 8190
 Illustration to calculate subnet mask

• If 3 bits are borrowed from Class B

• No. of subnets = 23 -2 = 6
• No. of hosts per subnet = 213 -2 = 8190

90
Variable-length blocks in classless addressing

18.106
 Slash notation (CIDR)

18.107
Information extraction in classless addressing/Subnetting

Set all
suffix bits
to 0s

Set all
suffix bits
to 1s

18.108
EXAMPLE 1
A classless address is given as 167.199.170.82/27. We can
find the above three pieces of information as follows. The
number of addresses in the network is 232− n = 25 = 32
addresses. The first address can be found by keeping the
first 27 bits and changing the rest of the bits to 0s.

The last address can be found by keeping the first 27 bits

and changing the rest of the bits to 1s.

18.109
We repeat Example previously using the mask. The mask in
dotted-decimal notation is 256.256.256.224 The AND, OR,
and NOT operations can be applied to individual bytes using
calculators and applets at the book website.

18.110
In classless addressing, an address cannot per se define the
block the address belongs to. For example, the address
230.8.24.56 can belong to many blocks. Some of them are
shown below with the value of the prefix associated with
that block.

18.111
 Network address

18.112
An ISP has requested a block of 1000 addresses. Since 1000
is not a power of 2, 1024 addresses are granted. The prefix
length is calculated as n = 32 − log21024 = 22. An available
block, 18.14.12.0/22, is granted to the ISP. It can be seen
that the first address in decimal is 302,910,464, which is
divisible by 1024.

18.113
An organization is granted a block of addresses with the beginning
address 14.24.74.0/24. The organization needs to have 3 subblocks of
addresses to use in its three subnets: one subblock of 10 addresses, one
subblock of 60 addresses, and one subblock of 120 addresses. Design
the subblocks.

Solution
There are 232– 24 = 256 addresses in this block. The first
address is 14.24.74.0/24; the last address is 14.24.74.255/24.
To satisfy the third requirement, we assign addresses to
subblocks, starting with the largest and ending with the
smallest one.

18.114
a. The number of addresses in the largest subblock, which requires
120 addresses, is not a power of 2. We allocate 128 addresses. The
subnet mask for this subnet can be found as n1 = 32 − log2 128 = 25.
The first address in this block is 14.24.74.0/25; the last address is
14.24.74.127/25.

b. The number of addresses in the second largest subblock, which

requires 60 addresses, is not a power of 2 either. We allocate 64
addresses. The subnet mask for this subnet can be found as n2 = 32 −
log2 64 = 26. The first address in this block is 14.24.74.128/26; the
last address is 14.24.74.191/26.

18.115
c. The number of addresses in the largest subblock, which
requires 10 addresses, is not a power of 2. We allocate 16
addresses. The subnet mask for this subnet can be found as
n1 = 32 − log2 16 = 28. The first address in this block is
14.24.74.192/28; the last address is 14.24.74.207/28.

If we add all addresses in the previous subblocks, the result

is 208 addresses, which means 48 addresses are left in
reserve. The first address in this range is 14.24.74.208. The
last address is 14.24.74.255. We don’t know about the prefix
length yet. Figure 18.23 shows the configuration of blocks.
We have shown the first address in each block.

18.116
 Solution to Example

18.117
Figure next shows how four small blocks of addresses are assigned
to four organizations by an ISP. The ISP combines these four blocks
into one single block and advertises the larger block to the rest of the
world. Any packet destined for this larger block should be sent to
this ISP. It is the responsibility of the ISP to forward the packet to
the appropriate organization. This is similar to routing we can find in
a postal network. All packages coming from outside a country are
sent first to the capital and then distributed to the corresponding
destination.

18.118
 Example of address aggregation

18.119
 DHCP

• After a block of addresses are assigned to an organization,

the network administration can manually assign addresses
to the individual hosts or routers.
• However, address assignment in an organization can be
done automatically using the Dynamic Host Configuration
Protocol (DHCP). DHCP is an application-layer program,
using the client-server paradigm, that actually helps TCP/IP
at the network layer.

18.120
 NAT
• In most situations, only a portion of computers in a small
network need access to the Internet simultaneously.
• A technology that can provide the mapping between the
private and universal addresses, and at the same time
support virtual private networks, which is Network Address
Translation (NAT).
• The technology allows a site to use a set of private
addresses for internal communication and a set of global
Internet addresses (at least one) for communication with the
rest of the world.

18.121
 NAT

18.122
 Address translation

18.123
 Translation

18.124
 Five-column translation table

18.125
As an example of hierarchical routing, let us consider Figure
18.36. A regional ISP is granted 16,384 addresses starting
from 120.14.64.0. The regional ISP has decided to divide
this block into 4 subblocks, each with 4096 addresses. Three
of these subblocks are assigned to three local ISPs, the
second subblock is reserved for future use. Note that the
mask for each block is /20 because the original block with
mask /18 is divided into 4 blocks.

The figure also shows how local and small ISPs have
assigned addresses.

18.126
 Hierarchical routing with ISPs

18.127
 Internet Protocol (IP)
What is IPv6?
◦ IPv6 is a newer numbering system that provides a
much larger address pool than IPv4. It was deployed
in 1999 and should meet the world’s IP addressing
needs well into the future.
 128-bit IPv6 Address
3FFE:085B:1F1F:0000:0000:0000:00A9:1234

8 groupsof 16-bit hexadecimalnumbersseparatedby “:”

Leading zeroscanbe
removed

3FFE:85B:1F1F::A9:1234

:: = all zerosin oneor moregroupof 16-bit hexadecimal numbers

Rationale for IPv6
• IPv4 address space consumption
• Now ~10 years free space remaining
• Up to 17 if unused addresses reclaimed
• These are today’s projections – reality will be different
• Loss of “end to end” connectivity
• Widespread use of NAT due to ISP policies and marketing
• Additional complexity and performance degradation

130
The NAT “Problem”
The Internet

ISP 61.100.0.0/16

61.100.32.0/25 61.100.32.128

R NAT*

61.100.32.1 ..2 ..3 ..4 10.0.0.1 ..2 ..3 ..4

131
*AKA home router, ICS, firewall
The NAT “Problem”
Phone
Internet Network

NAT PABX
61.100.32.128 10 4567 9876

?
10.0.0.1 Extn 10
132
NAT implications
• Breaks end-to-end network model
• Some applications cannot work through NATs
• Breaks end-end security (IPsec)
• Requires application-level gateway (ALG)
• When new application is not NAT-aware, ALG device must be upgraded
• ALGs are slow and do not scale
• Merging of separate private networks is difficult
• Due to address clashes
• See RFC2993
• Architectural Implications of NAT

133
IPv6 feature summary
• Increased size of address space
• Header simplification
• Autoconfiguration
• Stateless (RFC 2462) or stateful (DHCPv6)
• Facilitates renumbering
• QoS
• Integrated services (int-serv), Differentiated services (diff-serv and RFC2998)
• RFC 3697
• IPSec
• As for IPv4
• Transition techniques
• Dual stack
• Tunnelling

134
IPv6 addressing model
• Unicast
• Single interface

• Anycast
• Any one of several

• Multicast
• All of a group of interfaces
• Replaces IPv4 “broadcast”

• See RFC 3513

135
Unicast Address
• Corresponds to a single computer
• The format is:

010 Registry Provider Subscriber Subnet Interface

Unicast Address
• 3 types of Unicast Address
• Global unicast n bits m bits 128 – n – m – bits
Global Routing Prefix Subnet Id Interface ID

• Site-local unicast
• it is designed to used for addressing inside of a site without the need for a global prefix

10 bits 54 bits 64 bits

1111111011 Subnet ID Interface ID
Unicast Address
• Link - local unicast
• it is used on a single link. The addresses are designed on a single link for purposes such as
automatic address configuration, neighbor discovery, or when no routers are present

10 bits 54 bits 64 bits

1111111010 0 Interface ID
Anycast Address
• assigned to more than one interface, with the property that a packet
sent to an anycast address is routed to the “nearest” interface having
that address, according to the routing protocols’ measurement.
• allocated from the unicast address space by using any of the defined
unicast address formats
Anycast Address
• A longest prefix P identifies the topological region in which all interfaces
belonging to that anycast address reside.

• Within the region identified by P, the anycast address must be maintained as a

separate entry in the routing system

• Outside the region identified by P, the anycast address may be aggregated into
the routing entry for prefix P.
Multicast Address
• Pre-defined Multicast addresses
• defined for explicit scope values
• The following slide shows the reserved Multicast Addresses. This reserved
addresses shall never be assigned to any multicast group.
Multicast Address
FF00:0:0:0:0:0:0:0
FF01:0:0:0:0:0:0:0
FF02:0:0:0:0:0:0:0
FF03:0:0:0:0:0:0:0
FF04:0:0:0:0:0:0:0
FF05:0:0:0:0:0:0:0
FF06:0:0:0:0:0:0:0
FF07:0:0:0:0:0:0:0
FF08:0:0:0:0:0:0:0
FF09:0:0:0:0:0:0:0
FF0A:0:0:0:0:0:0:0
FF0B:0:0:0:0:0:0:0
FF0C:0:0:0:0:0:0:0
FF0D:0:0:0:0:0:0:0
FF0E:0:0:0:0:0:0:0
FF0F:0:0:0:0:0:0:0
Multicast Address
• All nodes addresses
• identify the group of all IPv6 nodes within 1 scope 1 (interface-local) or 2
(link-local).

FF01:0:0:0:0:0:0:1
FF02:0:0:0:0:0:0:1
Multicast Address
• All routers addresses
• identify the group of all IPv6 routers within scope 1 (interface-local), 2 (link-
local), or 5 (site-local).

FF01:0:0:0:0:0:0:2
FF02:0:0:0:0:0:0:2
FF05:0:0:0:0:0:0:2
Multicast Address
• Solicited-Nodes Address:
• Computed as a function of a node’s unicast and anycast addresses
• formed by taking the low-order 24 bits of an address (unicast or anycast) and appending
those bits to the prefix FF02:0:0:0:0:1:FF00::/104 resulting in a multicast address in the
range FF02:0:0:0:0:1:FF00:0000 to FF02:0:0:0:0:1:FFFF:FFFF.
• Format:

FF02:0:0:0:0:1:FFXX:XXXX
IPv4 vs IPv6
IPv4: 32 bits

• 232 addresses
= 4,294,967,296 addresses
= 4 billion addresses

IPv6: 128 bits

• 2128 addresses?
= 340,282,366,920,938,463,463,374,607,431,770,000,000
= 340 billion billion billion billion addresses?

• No, due to IPv6 address structure…

147
IPv6 transition
• Dual stack hosts
• Two TCP/IP stacks co-exists on one host
• Supporting IPv4 and IPv6
• Client uses whichever protocol it wishes

? ?
www.apnic.net

IPv4 Application IPv6

TCP/UDP
IPv4 IPv6
Link
148
IPv6 transition
• IPv6 tunnel over IPv4

IPv4
Network
IPv6 IPv6
tunnel

IPv4 Header IPv6 Header Data

149
IPv6 Header Data IPv6 Header Data
IPv6 address format
2001:0DA8:E800:0000:0260:3EFF:FE47:0001
128 bits

• 8 groups of 4 hexadecimal digits

• Each group represents 16 bits
• Separator is “:”
• Case-independent

150
 IPv6 address format

2001:0DA8:E800:0000:0260:3EFF:FE47:0001
Zero compresssion

2001:DA8:E800:0:260:3EFF:FE47:1

Leading Zero compresssion

2001:0DA8:E800:0000:0000:0000:0000:0001

2001:DA8:E800::1

151
IPv6 compression rules
• The rules to compress the IPv6 address are followed.
• Rule 1: That rule is also called the zero compression rule. According to that
rule, if an IPv6 address contains continuous zeros, then they are replaced
with (::).
• Rule 2: That rule is also known as leading zero compression. You can
remove the leading zeros (0s) in the 16 bits field of an IPv6 address. But
each block in which you do that has at least one number remaining. If the
field contains all zeros (0s), you must leave one zero (0) remaining.
Removing leading zeros (0s) from the start does not have any effect on the
value. However, you cannot apply that rule to trailing zeros (0s).
• Rule 3: If zeros (0s) are present in a discontinuous pattern in IPv6 address,
then at only one joining, the zeros (0s) are replaced with (::).
IPv6 address structure
/0 /48 /64

Infrastructure Site

Infrastructure
ISP Customer
/0 /32 /48

• Current ISP allocation (min) is /32

• Providing 216 = 65,536 customer site addresses
• ISP allocation can be larger and can increase

• Each site address is /48

• Providing 216 = 65,536 subnet addresses
153
IPv6 – ISP addressing
• Every ISP receives a /32 (or more)
• Providing 65,536 site addresses (/48)

/32

/32

/32

154
IPv6 – Site addressing
• Every “site” receives a /48
• Providing 65,536 /64 (LAN) addresses

/48

155
IPv6 – LAN addressing
• Every LAN segment receives a /64
• Providing 264 interface addresses per LAN

/64

156
IPv6 – Device addressing
• Every device interface receives a /128
• May be EUI-64 (derived from interface MAC address), random number (RFC
3041), autoconfiguration, or manual configuration

/128

/128 /128

/128

157
THANK YOU