Advance Computer Network

IMRAN SHAIKH

Computer Engineering | Networking | 2023

Address Space
An address space is the total number of addresses used by the protocol. If a protocol uses
b bits to define an address, the address space is 2b because each bit can have two different
values (0 or 1).

IPV4 Address Space

IPv4 uses 32-bit addresses, which means that the address space is 232 or 4,294,967,296
(more than four billion). If there were no restrictions, more than 4 billion devices could be
connected to the Internet.

IPV6 Address Space

The address space of IPv6 contains 2128 addresses. This address space is 296 times the IPv4
address—definitely, no address depletion—as shown, the size of the space is

340, 282, 366, 920, 938, 463, 374, 607, 431, 768, 211, 456.

Notation
There are three common notations to represent IPv4 address

1. Binary Notation
2. Dotted Decimal Notation
3. Hexadecimal Notation

In binary notation, an IPv4 address is displayed as 32 bits. To make the address more
readable, one or more spaces are usually inserted between each octet (8 bits). Each octet is
often referred to as a byte.

To make the IPv4 address more compact and easier to read, it is usually written in decimal
form with a decimal point (dot) separating the bytes. This format is referred to as dotted-
decimal notation.

In hexadecimal notation that is used in network programming, each hexadecimal digit

is equivalent to four bits. This means that a 32-bit address has 8 hexadecimal digits.

PAGE 1
 Fig. 1.1 Notations in IPv4 addressing

Hierarchy in Addressing

A 32-bit IPv4 address is also hierarchical, but divided only into two parts. The first part of
the address, called the prefix, defines the network; the second part of the address, called
the suffix, defines the node (host).

Fig. 1.2 Hierarchy in IPv4 addressing

Class full Addressing

When the Internet started, an IPv4 address was designed with a fixed-length prefix, but to
accommodate both small and large networks, three fixed-length prefixes were designed
instead of one (n = 8, n = 16, and n = 24). The whole address space was divided into five
classes (class A, B, C, D, and E), as shown in Figure 18.18. This scheme is referred to as
classful addressing.

PAGE 2
 Fig. 1.3 address space in classful addressing

Class D is not divided into prefix and suffix. It is used for multicast addresses. All addresses
that start with 1111 in binary belong to class E. As in Class D, Class E is not divided into prefix
and suffix and is used as reserve.

Class less Addressing

In 1996, the Internet authorities announced a new architecture called classless addressing.

In classless addressing prefix length is not fixed (Unlikely to Classfulll addressing).

In classless addressing, variable-length blocks are used that belong to no classes.

We can have a block of 1 address, 2 addresses, 4 addresses, 128 addresses, and so on.

One of the restrictions, as we discuss later, is that the number of addresses in a block needs
to be a power of 2.

Classless Inter Domain Routing or CIDR

The first question that we need to answer in classless addressing is how to find the prefix
length if an address is given. In this case, the prefix length, n, is added to the address,
separated by a slash. The notation is informally referred to as slash notation and formally
as classless interdomain routing or CIDR.

PAGE 3
 Fig. 1.4 CIDR Notation

Network Address Translation

The technology allows a site to use a set of private addresses for internal communication
and a set of global Internet addresses (at least one) for communication with the rest of the
world. The site must have only one connection to the global Internet through a NAT-
capable router that runs NAT software. Figure 1.5 shows a simple implementation of NAT.

Fig. 1.5 Network Address Translation

As the figure shows,

 The private network uses private addresses.

 The router that connects the network to the global address uses one private
address and one global address.
 The private network is invisible to the rest of the Internet; the rest of the Internet
sees only the NAT router with the address 145.12.131.7

PAGE 4
IPv4 Datagram

Fig. 1.6 IPv4 Datagram Header

− Maximum size of IPv4 datagram : 65536B

− Maximum size of Header in IPv4: 60B

− Minimum size of Header in IPv4 : 20B

IPV4 DATAGRAM HEADER FIELDS

VER (4 bits):

This 4-bit field defines the version ofthe IPv4 protocol. Currently the version is 4.
However, version 6 (or IPng) may totally replace version 4 in the future.

HLEN (4 bits):

This 4-bit field defines the total length of the datagram header in 4-byte words. This field
is needed because the length of the header is variable (between 20 and 60 bytes).

When there are no options, the header length is 20 bytes, and the value of this field is 5

(5 x 4 = 20). When the option field is at its maximum size, the value of this field is 15 (15 x
4 = 60).

PAGE 5
Total Length (16 bits):

Length in bytes of the datagram, including headers. Maximum datagram size is 65536
bytes.

Service Type (8 bits):

IETF has changed the interpretation and name of this 8-bit field. This field, previously
called service type, is now called differentiated services.

SERVICE TYPE:

 First three bits denote PRECEDENCE (priority) of a packet. Ranging from 0

(000) to 7 (111) higher number have highest priority. Packets having lowest
priority discarded first in case of congestion.

 Next 4 bits denotes service type. Description for these 4 bits shown in
following table

 Last one bit is not used.

Time to Live (8 bits):

Prevents a packet from traveling forever in a loop. Senders sets a value, which is
decremented at each hop. If it reaches zero, packet is discarded.

Protocol:

Defines the higher level protocol that uses the service of the IP layer

Header Checksum (16 bits):

Datagram is discarded in case of mismatch in checksum values

Source IP address (32 bits): Internet address of the sender.

PAGE 6
Destination IP address (32 bits): Internet address of the destination.

Identification, Flags, Fragment Offset:

Used for handling fragmentation. (Discussed in detail later)

Options (variable width):

Can be used to provide more functionality to the IP datagram

Fragmentation
The format and size (Maximum Transfer Unit) of the sent frame depend on the protocol
used by the physical network through which the frame is going to travel.
E.g. As shown in table each protocol which is used to design a physical network have
its own MTU.

Table 1.1 - Frame Size

To make the IPv4 protocol independent of the physical network, the designers decided to
make the maximum length of the IPv4 datagram equal to 65,535 bytes. This makes
transmission more efficient if we use a protocol with an MTU of this size.

However, for other physical networks, we must divide the datagram to make it possible
to pass through these networks. This called fragmentation.

PAGE 7
Fields Related To Fragmentation
The fields, which are related to fragmentation and reassembly of an IPv4 datagram, are the
identification, flags, and fragmentation offset fields.

Identification

When a data- gram is fragmented, the value in the identification field is copied to
all fragments. In other words, all fragments have the same identification number, the same
as the original datagram. The identification number helps the destination in reassembling
the datagram. It knows that all fragments having the same identification value must be
assembled into one datagram.

Flags

This is a 3-bit field.

− The first bit is reserved.

− The second bit is called the do not fragment bit. If its value is 1, the machine must
not fragment the datagram. If it cannot pass the datagram through any available
physical network, it discards the datagram and sends an ICMP error message to the
source host (see Chapter 21). If its value is 0, the datagram can be fragmented if
necessary.

− The third bit is called the more fragment bit. If its value is 1, it means the datagram
is not the last fragment; there are more fragments after this one. If its value is 0, it
means this is the last or only fragment

Fragmentation-offset

− This 13-bit field shows the relative position of this fragment with respect to the
whole datagram. It is the offset of the data in the original datagram measured in
units of 8 bytes. Following Figure shows a datagram with a data size of4000 bytes
fragmented into three fragments.

Fig. 1.7 Fragmentation Offset

PAGE 8
IPv4 Datagram Header - Options
The header of the IPv4 datagram is made of two parts: a fixed part and a variable part. The
fixed part is 20 bytes long and it was discussed in the previous section. The variable part
comprises the options that can be a maximum of 40 bytes. Options, as the name implies,
are not required for a datagram. They can be used for network testing and debugging.

Length Option
Description
(bytes) Name

End Of
1 Indicates the end of the option list.
Options List

No
1 Used for padding between options.
Operation

Loose Source Specifies a list of IP addresses that the datagram must pass
Variable
Route through.

If a source device sends a datagram with this option in it, each

router that “handles” the datagram adds its IP address to this
option. The recipient can then extract the list of IP addresses to
Record see the route taken by the datagram.
Variable
Route Note that the length of this option is set by the originating device.
It cannot be enlarged as the datagram is routed, and if it “fills up”
before it arrives at its destination, only a partial route will be
recorded.

Strict Source Specifies a list of IP addresses that the datagram must pass
Variable
Route through, in the exact order specified.

This option is similar to the Record Route option. However,

instead of each device that handles the datagram inserting its IP
address into the option, it puts in a timestamp, so the recipient
can see how long it took for the datagram to travel between
Variable Timestamp
routers.
As with the Record Route option, the length of this option is set
by the originating device and cannot be enlarged by intermediate
devices.

PAGE 9
Internet Control Message Protocol (ICMPv4)
IPv4 has no mechanism for error reporting or error correcting.

IPv4 protocol also lacks a mechanism for host and management queries.

The Internet Control Message Protocol version 4 (ICMPv4) has been designed to
compensate for the above two deficiencies. It is a companion to the IP protocol.

There are two categories of ICMP messages

− Error Reporting Message

− Destination Unreachable

− Source Quench

− Time Exceeded

− Parameter problem

− Redirection

− Query Message

− Echo Request and Echo Reply

− Timestamp Request and Timestamp Reply

− Router Solicitation and Advertisement

− Address Mask and Reply

Error Reporting Message

Destination Unreachable (type 3)

When a router cannot route a datagram or a host cannot deliver a datagram, the
datagram is discarded and the router or the host sends a destination-unreachable
message back to the source host that initiated the datagram. Note that destination-
unreachable messages can be created by either a router or the destination host.

Source Quench

PAGE 10
A source-quench message informs the source that a datagram has been discarded
due to congestion in a router or the destination host. The source must slow down
the sending of datagram's until the congestion is relieved.

Time Exceeded

Whenever a router decrements a datagram with a time-to-live value to zero, it

discards the datagram and sends a time-exceeded message to the original source.

When the final destination does not receive all of the fragments in a set time, it
discards the received fragments and sends a time-exceeded message to the original
source.

Parameter Problem

Any ambiguity in the header part of a datagram can create serious problems as the
data- gram travels through the Internet. If a router or the destination host discovers
an ambiguous or missing value in any field of the datagram, it discards the datagram
and sends a parameter-problem message back to the source.

Redirect Message

IP packet 1

RM
2

3 4
IP packet IP packet

• R1 will send a Redirection Message to Host A that Host A can send datagram
directly to R2.

• A host usually starts with a small routing table that is gradually augmented and
updated. One of the tools to accomplish this is the redirection message.

PAGE 11
Query Messages (ICMP)
ECHO-REQUEST(type 8) and REPLY(type 0)

The echo-request and echo-reply messages can be used to determine if there is

communication at the IP level. Because ICMP messages are encapsulated in IP
datagram's, the receipt of an echo-reply message by the machine that sent the echo
request is proof that the IP protocols in the sender and receiver are communicating
with each other using the IP datagram.

Fig 1.8. ICMP Echo Request/Reply Format

Identifier: An identifier to match Timestamp Replies to the corresponding

Timestamp Requests

Sequence Number: A sequence number to match Timestamp Replies to the

corresponding Timestamp Requests

TIMESTAMP REQUEST (type 13) AND REPLY (type 14)

Two machines (hosts or routers) can use the timestamp request and timestamp
reply messages to determine the round-trip time needed for an IP datagram to travel
between them.

Fig 1.9. ICMP Echo Request/Reply Format

PAGE 12
 Originate Timestamp: A time value filled in by the originating device just before
sending the Timestamp message.

Receive Timestamp: A time value filled in by the responding device just as it

receives the Timestamp message.

Transmit Timestamp: A time value filled in by the responding device just before
sending back the Timestamp Reply message.

ADDRESS MASK REQUEST (type 17) & ADDRESS MASK REPLY (type 18):
A host may be aware of its own IP address but it is not necessary that it is aware of
its own subnet mask. To know your subnet mask sends the address mask request to
the host router and the router sends this host's subnet mask address as the mask
reply message. If the host is aware of the router's address, then he sends the request
directly to the router, otherwise this request is broadcast.

ROUTER SOLICITATION (type 10) AND ADVERTISEMENT (type 9)

As we discussed in the redirection message section, a host that wants to send data
to a host on another network needs to know the address of routers connected to its
own network. In addition, the host must know if the routers are alive and
functioning. The router-solicitation and router-advertisement messages can help in
this situation.

Debugging Tools
Several tools can be used in the Internet for debugging. We introduce two tools that use
ICMP for debugging: ping and traceroute.

1. Ping
2. Tracert

Ping

We can use the ping program to find if a host is alive and responding. The source host sends
ICMP echo-request messages; the destination, if alive, responds with ICMP echo-reply
messages.

traceroute OR tracert

The traceroute program in UNIX or tracert in Windows can be used to trace the path of a
packet from a source to the destination. It can find the IP addresses of all the routers that
are visited along the path. The program is usually set to check for the maximum of 30 hops
(routers) to be visited.

PAGE 13
ICMP Checksum
In ICMP the checksum is calculated over the entire message (header and data).
Following figure shows an example of checksum calculation for a simple echo-
request message. We randomly chose the identifier to be 1 and the sequence number
to be 9. The message is divided into 16-bit (2-byte) words. The words are added and
the sum is complemented. Now the sender can put this value in the checksum field.

Fig 1.10. ICMP Checksum Calculation

Mobile IP Addressing
The original IP addressing was based on the assumption that a host is stationary, attached
to one specific network.

However, what in case if the host is movable or mobile and changing its network.

If the host roams/move from one network to another during a transmission, the data
exchange will be interrupted. To avoid interruption problem ports and IP addresses of the
client and the server must remain constant for the duration of the connection.

The approach that is more feasible is the use of two addresses. The host has its original
address, called the home address, and a temporary address, called the care-of address.

The home address is permanent; it associates the host with its home network,

The home network is a network that is permanent home of the host.

The care-of address is temporary. When a host moves from one network to another, the
care-of address changes, it is associated with the foreign network.

The foreign network is a network to which the host moves.

Mobile IP Addressing

PAGE 14
 Fig 1.11 mobile IP network

Three Phases

To communicate with a remote host, a mobile host goes through three phases:

1. Agent Discovery
2. Registration
3. Data Transfer

Phase 1: Agent Discovery

The first phase in mobile communication, agent discovery, consists of two subphases. A
mobile host must discover (learn the address of) a home agent before it leaves its home
network. A mobile host must also discover a foreign agent after it has moved to a foreign
network. This discovery consists of learning the care-of address as well as the foreign agent’s
address. The discovery involves two types of messages: advertisement and solicitation.

When the foreign agent reply a Router Advertisement message (step 4) it sends a list of care
of addresses so that mobile host choose one of them.

PAGE 15
 Fig 1.12 Operation of mobile IP

Phase 2: Registration

A registration request is sent from the mobile host to the foreign agent to register its care-
of address and also to announce its home address and home agent address. The foreign
agent, after receiving and registering the request, relays the message to the home agent.

Note that the home agent now knows the address of the foreign agent because the IP packet
that is used for relaying has the IP address of the foreign agent as the source address as well
as in this request home agent found the current care of address of mobile host.

A registration reply is sent from the home agent to the foreign agent and then relayed to
the mobile host. The reply confirms or denies the registration request.

Phase 3: Data Transfer

PAGE 16
 Fig 1.13 Data Transfer in Mobile IP

1. When a remote host wants to send a packet to the mobile host, it uses its address as the
source address and the home address of the mobile host as the destination address. In
other words, the remote host sends a packet as though the mobile host is at its home
network.

2. After receiving the packet, the home agent sends the packet to the foreign agent, using
the tunneling concept.

3. When the foreign agent receives the packet, it removes the original packet. However,
since the destination address is the home address of the mobile host, the foreign agent
consults a registry table to find the care-of address of the mobile host. The packet is then
sent to the care-of address.

4. When a mobile host wants to send a packet to a remote host, it sends as it does
normally.

PAGE 17
Virtual Private Network
“A VPN is a mechanism of employing encryption, authentication, and integrity protection
so that we can use a public network as if it is a private network.”

VPN Architecture Suppose an organization has two networks, Network 1 and Network 2,
which are physically apart from each other and we want to connect them using VPN
approach. In such case we set up two firewalls, Firewall 1 and Firewall 2.The encryption and
decryption are performed by firewalls. Network 1 connects to the Internet via a firewall
named firewall 1 and Network 2 connects to the Internet with its own firewall , Firewall 2.

Fig 1.14 Architecture of VPN

Working

Let us assume that host X on Network 1 wants to send a data packet to host Y on Network
2.

1) Host X creates the packet, inserts its own IP address as the source address and the IP
address of host Y as the destination address.

2) The packet reaches Firewall 1. Firewall 1 now adds new headers to the packet. It changes
the source IP address of the packet from that of host X to its own address(i.e. IP address of
Firewall 1, F1).

PAGE 18
3) It also changes the destination IP address of the packet from that of host Y to the IP
address of Firewall 2,F2.It also performs the packet encryption and authentication,
depending on the settings and sends the modified packet over the Internet.

4) The packet reaches to firewall 2 over the Internet, via routers. Firewall 2 discards the
outer header and performs the appropriate decryption. It then looks at the plain text
contents of the packet and realizes that the packet is meant for host Y. It delivers the
packet to host Y.

PAGE 19