K.D.

POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Unit-1
1.2 IPV4 Addresses
1.2.IP Introduction
The identifier used in the IP layer of the TCP/IP protocol suite to identify each device connected
to the Internet is called the Internet address or IP address. An IPv4 address is a 32-bit address
that uniquely and universally defines the connection of a host or a router to the Internet; an IP
address is the address of the interface. An IPv4 address is 32 bits long.

IPv4 addresses are unique. They are unique in the sense that each address defines one, and only
one, connection to the Internet. Two devices on the Internet can never have the same address at
the same time. However, if a device has two connections to the Internet, via two networks, it has
two IPv4 addresses. The IPv4 addresses are universal in the sense that the addressing system
must be accepted by any host that wants to be connected to the Internet.

Address Space

A protocol like IPv4 that defines addresses has an address space. An address space is the total
number of addresses used by the protocol. If a protocol uses b bits to define an address, the
address space is 2b because each bit can have two different values (0 or 1). IPv4 uses 32-bit
addresses, which means that the address space is 232 or 4,294,967,296.

Notation

There are three common notations to show an IPv4 address: binary notation (base 2), dotted-
decimal notation (base 256), and hexadecimal notation (base 16). The most prevalent, however,
is base 256.

Binary Notation: Base 2 in binary notation, an IPv4 address is displayed as 32 bits. To make the
address more readable, one or more spaces is usually inserted between each octet (8 bits). Each
octet is often referred to as a byte.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Change the following IPv4 addresses from binary notation to dotted-decimal notation.

a. 10000001 00001011 00001011 11101111

b. 11000001 10000011 00011011 11111111

c. 11100111 11011011 10001011 01101111

d. 11111001 10011011 11111011 00001111

Solution

Replace each group of 8 bits with its equivalent decimal number and add dots for
separation:

a. 129.11.11.239

b. 193.131.27.255

c. 231.219.139.111

d. 249.155.251.15

Change the following IPv4 addresses from dotted-decimal notation to binary notation.

a. 111.56.45.78

b. 221.34.7.82

c. 241.8.56.12

d. 75.45.34.78

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Solution

Replace each decimal number with its binary equivalent:

a. 01101111 00111000 00101101 01001110

b. 11011101 00100010 00000111 01010010

c. 11110001 00001000 00111000 00001100

d. 01001011 00101101 00100010 01001110

Find the error, if any, in the following IPv4 addresses:

a. 111.56.045.78

b. 221.34.7.8.20

c. 75.45.301.14

d. 11100010.23.14.67

Solution

a. There should be no leading zeroes (045).

b. We may not have more than 4 bytes in an IPv4 address.

c. Each byte should be less than or equal to 255.

d.A mixture of binary notation and dotted-decimal notation

Change the following IPv4 addresses from binary notation to hexadecimal notation.

a. 10000001 00001011 00001011 11101111

b. 11000001 10000011 00011011 11111111

Solution

Replace each group of 4 bits with its hexadecimal equivalent. Note that 0X (or 0x) is added
at the beginning or the subscript 16 at the end.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

a. 0X810B0BEF or 810B0BEF16

b. 0XC1831BFF or C1831BFF16

Classful Addressing

In classful addressing, the IP address space is divided into five classes: A, B, C, D, and E. Each
class occupies some part of the whole address space.

Recognizing Classes
We can find the class of an address when the address is given either in binary or dotted decimal
notation. In the binary notation, the first few bits can immediately tell us the class of the address;
in the dotted-decimal notation, the value of the first byte can give the class of an address

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Find the class of each address:

a. 227.12.14.87
b. 193.14.56.22
c. 14.23.120.8
d. 252.5.15.111
Solution
a. The first byte is 227 (between 224 and 239); the class is D.
b. The first byte is 193 (between 192 and 223); the class is C.
c. The first byte is 14 (between 0 and 127); the class is A.
d. The first byte is 252 (between 240 and 255); the class is E

Netid and Hostid

In classful addressing, an IP address in classes A, B, and C is divided into netid and hostid.
These parts are of varying lengths, depending on the class of the address.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

In class A, 1 byte defines the netid and 3 bytes define the hostid. In class B, 2 bytes define the
netid and 2 bytes define the hostid. In class C, 3 bytes define the netid and 1 byte defines the
hosted.

Two-Level Addressing
The whole purpose of IPv4 addressing is to define a destination for an Internet packet (at the
network layer). When classful addressing was designed, it was assumed that the whole Internet is
divided into many networks and each network connects many hosts. Since all addresses in a
network belonged to a single block, each address in classful addressing contains two parts: netid
and hostid. The netid defines the network; the hostid defines a particular host connected to that
network.
If n bits in the class defines the net, then 32 − n bits defines the host.

Extracting Information in a Block

A block is a range of addresses. Given any address in the block, we normally like to know three
pieces of information about the block: the number of addresses, the first address, and the last
address. Before we can extract these pieces of information, we need to know the class of the

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

address, which we showed how to find in the previous section. After the class of the block is
found, we know the value of n, the length of netid in bits.
1. The number of addresses in the block, N, can be found using N = 2 32-N
2. To find the first address, we keep the n leftmost bits and set the (32 − n) rightmost bits all to
0s.
3. To find the last address, we keep the n leftmost bits and set the (32 − n) rightmost bits all to
1s.

Example:
An address in a block is given as 73.22.17.25. Find the number of addresses in the block, the first
address, and the last address.
Solution
1. The number of addresses in this block is N = 2 32−n = 16,777,216.
2. To find the first address, we keep the leftmost 8 bits and set the rightmost 24 bits all to 0s.
The first address is 73.0.0.0/8, in which 8 is the value of n.
3. To find the last address, we keep the leftmost 8 bits and set the rightmost 24 bits all to 1s. The
last address is 73.255.255.255.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Sample Internet

Network Address
The first address, network address, is particularly important because it is used in routing a packet
to its destination network. When a packet arrives at the router from any source host, the router
needs to know to which network the packet. After the network address has been found, the router
consults its routing table to find the corresponding interface from which the packet should be
sent out. The network address is actually the identifier of the network; each network is identified
by its network address.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Network Mask
The routers in the Internet normally use an algorithm to extract the network address from the
destination address of a packet. To do this, we need a network mask. A network mask or a
default mask in classful addressing is a 32-bit number with n leftmost bits all set to 1’s and (32 −
n) rightmost bits all set to 0s. Since n is different for each class in classful addressing.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

To extract the network address from the destination address of a packet, a router uses the AND
operation. When the destination address (or any address in the block) is ANDed with the default
mask, the result is the network address.
Three-Level Addressing: Subnetting
In subnetting, a network is divided into several smaller subnetworks (subnets) with each
subnetwork having its own subnetwork address.
Subnet Mask
The network mask is used when a network is not subnetted. When we divide a network to several
subnetworks, we need to create a subnetwork mask (or subnet mask) for each subnetwork.

Subnetting increases the length of the netid and decreases the length of hostid. When we divide a
network to s number of subnetworks, each of equal numbers of hosts.
Subnet Address
When a network is subnetted, the first address in the subnet is the identifier of the subnet and is
used by the router to route the packets destined for that subnetwork. Given any address in the
subnet, the router can find the subnet mask using the same procedure iused to find the network
mask: ANDing the given address with the subnet mask.
Classless Addressing
In classless addressing, the whole address space is divided into variable length blocks.
Theoretically, we can have a block of 20, 21, 22, . . . , 232 addresses. The only restrictionis that
the number of addresses in a block needs to be a power of 2. In classless addressing, the prefix
defines the network and the suffix defines the host.
Two-Level Addressing

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

In classful addressing, two-level addressing was provided by dividing an address into netid and
hostid. The netid defined the network; the hostid defined the host in the network. The same idea
can be applied in classless addressing. In classless addressing, the length of the prefix, n,
depends on the size of the block; it can be 0, 1, 2, 3, . . . , 32. In classless addressing, the value of
n is referred to as prefix length; the value of 32 − n is referred to as suffix length.
Slash Notation
The netid length in classful addressing or the prefix length in classless addressing play a very
important role when we need to extract the information about the block from a given address in
the block. However, there is a difference here in classful and classless addressing.
 In classful addressing, the netid length is inherent in the address. Given an address, we
know the class of the address that allows us to find the netid length (8, 16, or 24).
 In classless addressing, the prefix length cannot be found if we are given only an address
in the block. The given address can belong to a block with any prefix length. In classless
addressing, we need to include the prefix length to each address if we need to find the
block of the address. In this case, the prefix length, n, is added to the address separated by
a slash. The notation is informally referred to as slash notation.
The slash notation is formally referred to as classless interdomain routing or CIDR
(pronounced cider) notation.
Extracting Block Information
An address in slash notation (CIDR) contains all information we need about the block:

Example:
An organization is granted the block 130.34.12.64/26. The organization needs four
subnetworks, each with an equal number of hosts. Design the subnetworks and find the
information about each network.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Solution
The number of addresses for the whole network can be found as N = 2 32 − 26 = 64. The first
address in the network is 130.34.12.64/26 and the last address is 130.34.12.127/26. We now
design the subnetworks:
1. We grant 16 addresses for each subnetwork to meet the first requirement (64/16 is a power of
2).
2. The subnetwork mask for each subnetwork is:28
3. We grant 16 addresses to each subnet starting from the first available address

Special Address
In classful addressing some addresses were reserved for special purposes. The classless
addressing scheme inherits some of these special addresses from classful addressing.
Special Blocks Some blocks of addresses are reserved for special purposes.
All-Zeros Address: The block 0.0.0.0/32, which contains only one single address, is reserved for
communication when a host needs to send an IPv4 packet but it does not know its own address.
All-Ones Address: Limited Broadcast Address The block 255.255.255.255/32, which contains
one single address, is reserved for limited broadcast address in the current network.
Loopback Addresses: The block 127.0.0.0/8 is used for the loopback address, which is an
address used to test the software on a machine.
Private Addresses A number of blocks are assigned for private use. They are not recognized
globally. These blocks are given below:

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Multicast Addresses: The block 224.0.0.0/4 is reserved for multicast communication

Direct Broadcast Address: The last address in a block or subblock (with the suffix set all to 1s)
can be used as a direct broadcast address. This address is usually used by a router to send a
packet to all hosts in a specific network. All hosts will accept a packet having this type of
destination address
Network address translation
The distribution of addresses through ISPs has created a new problem. If the business grows or
the household needs a larger range, the ISP may not be able to grant the demand because the
addresses before and after the range may have already been allocated to other networks. In most
situations, however, only a portion of computers in a small network need access to the Internet
simultaneously. A technology that can help in this cases is network address translation (NAT).
All of the outgoing packets go through the NAT router, which replaces the source address in the
packet with the global NAT address. All incoming packets also pass through the NAT router,
which replaces the destination address in the packet (the NAT router global address) with the
appropriate private address.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Address resolution

NAT router has a translation table. Using One IP Address In its simplest form, a translation table
has only two columns: the private address and the external address (destination address of the
packet). When the router translates the source address of the outgoing packet, it also makes note
of the destination address— where the packet is going. When the response comes back from the
destination, the router uses the source address of the packet (as the external address) to find the
private address of the packet.

1.4. IP Header

IP is an unreliable and connectionless datagram protocol. If reliability is important, IP must be

paired with a reliable protocol such as TCP. IP is also a connectionless protocol for a packet
switching network that uses the datagram approach. This means that each datagram is handled
independently, and each datagram can follow a different route to the destination. This implies
that datagrams sent by the same source to the same destination could arrive out of order. Also,
some could be lost or corrupted during transmission. Again, IP relies on a higher-level protocol
to take care of all these problems.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Packets in the network (internet) layer are called datagrams. A datagram is a variable-length
packet consisting of two parts: header and data. The header is 20 to 60 bytes in length and
contains information essential

Version (VER). This 4-bit field defines the version of the IP protocol. Currently the version is 4.
However, version 6 (or IPv6) may totally replace version 4 in the future. This field tells the IP
software running in the processing machine that the datagram has the format of version 4. In
IPv4, the value of its four bits is set to 0100, which indicates 4 in binary. All fields must be
interpreted as specified in the fourth version of the protocol. If the machine is using some other
version of IP, the datagram is discarded rather than interpreted incorrectly.

Header length (HLEN). This 4-bit field defines the total length of the datagram header in 4-
byte words. This field is needed because the length of the header is variable (between 20 and 60
bytes). When there are no options, the header length is 20 bytes, and the value of this field is 5 (5

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

× 4 = 20). When the option field is at its maximum size, the value of this field is 15 (15 × 4 =
60).

Service type. In the original design of IP header, this field was referred to as type of service
(TOS), which defined how the datagram should be handled. Part of the field was used to define
the precedence of the datagram; the rest defined the type of service (low delay, high throughput,
and so on). IETF has changed the interpretation of this 8-bit field. This field now defines a set of
differentiated services. The new interpretation as shown in Figure. In this interpretation, the first
6 bits make up the codepoint subfield and the last 2 bits are not used. The codepoint subfield can
be used in two different ways.

 When the 3 right-most bits are 0s, the 3 left-most bits are interpreted the same as the
precedence bits in the service type interpretation. In other words, it is compatible with
the old interpretation. The precedence defines the eight-level priority of the datagram (0
to 7) in issues such as congestion. If a router is congested and needs to discard some
datagrams, those datagrams with lowest precedence are discarded first. Some datagrams
in the Internet are more important than the others. For example, a datagram used for
network management is much more urgent and important than a datagram containing
optional information for a group

 When the 3 right-most bits are not all 0s, the 6 bits define 56 (64 − 8) services based on
the priority assignment by the Internet or local authorities according to Table. The first
category contains 24 service types; the second and the third each contain 16. The first
category is assigned by the Internet authorities (IETF). The second category can be used
by local authorities (organizations). The third category is temporary and can be used for
experimental purposes. Note that these assignments have not yet been finalized

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

 Total length: The total length is measured in bytes. The minimum size of an IP datagram
is 20 bytes and the maximum, it can be 65535 bytes. HELEN and Total length can be
used to calculate the dimension of the payload. All hosts are required to be able to read
576-byte datagrams. However, if a datagram is too large for the hosts in the network, the
fragmentation method is widely used.
 Identification: Identification is a packet that is used to identify fragments of an IP
datagram uniquely. Some have recommended using this field for other things like adding
information for packet tracing, etc.
 IP Flags: Flag is a three-bit field that helps you to control and identify fragments. The
following can be their possible configuration: Bit 0: is reserved and has to be set to zero
Bit 1: means do not fragment Bit 2: means more fragments.
 Fragment Offset: Fragment Offset represents the number of Data Bytes ahead of the
particular fragment in the specific Datagram. It is specified in terms of the number of 8
bytes, which has a maximum value of 65,528 bytes.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

 Time to live: It is an 8-bit field that indicates the maximum time the Datagram will be
live in the internet system. The time duration is measured in seconds, and when the value
of TTL is zero, the Datagram will be erased. Every time a datagram is processed its TTL
value is decreased by one second. TTL are used so that datagrams are not delivered and
discarded automatically. The value of TTL can be 0 to 255.
 Protocol: This IPv4 header is reserved to denote that internet protocol is used in the latter
portion of the Datagram. For Example, 6 number digit is mostly used to indicate TCP,
and 17 is used to denote the UDP protocol.
 Header Checksum: The next component is a 16 bits header checksum field, which is
used to check the header for any errors. The IP header is compared to the value of its
checksum. When the header checksum is not matching, then the packet will be discarded.
 Source Address: The source address is a 32-bit address of the source used for the IPv4
packet.
 Destination address: The destination address is also 32 bit in size stores the address of
the receiver.
 IP Options: It is an optional field of IPv4 header used when the value of IHL (Internet
Header Length) is set to greater than 5. It contains values and settings related with
security, record route and time stamp, etc. You can see that list of options component
ends with an End of Options or EOL in most cases.
 Data: This field stores the data from the protocol layer, which has handed over the data
to the IP layer.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

1.5. ICMP4

The IP protocol has no error-reporting or error-correcting mechanism. The IP protocol also lacks
a mechanism for host and management queries. A host sometimes needs to determine if a router
or another host is alive. And sometimes a network manager needs information from another host
or router. The Internet Control Message Protocol (ICMP) has been designed to compensate these
two problems.

 ICMP itself is a network layer protocol.

 Its messages are not passed directly to the data link layer as would be expected.

 The messages are first encapsulated inside IP datagrams before going to the lower layer

The ICMP messages are usually divided into two categories:

ICMP Message Format

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

The message format has two things; one is a category that tells us which type of message it is. If
the message is of error type, the error message contains the type and the code. The type defines
the type of message while the code defines the subtype of the message.

The ICMP message contains the following fields:

o Type: It is an 8-bit field. It defines the ICMP message type. The values range from 0 to
127 are defined for ICMPv6, and the values from 128 to 255 are the informational
messages.
o Code: It is an 8-bit field that defines the subtype of the ICMP message
o Checksum: It is a 16-bit field to detect whether the error exists in the message or not.

1. Destination unreachable

The destination unreachable error occurs when the packet does not reach the destination.
Suppose the sender sends the message, but the message does not reach the destination, then the
intermediate router reports to the sender that the destination is unreachable.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Type: It defines the type of message. The number 3 specifies that the destination is unreachable.

Code (0 to 15): It is a 4-bit number which identifies whether the message comes from some
intermediate router or the destination itself.

The code field for this type specifies the reason for discarding the datagram:

❑ Code 0. The network is unreachable, possibly due to hardware failure.

❑ Code 1. The host is unreachable. This can also be due to hardware failure.

❑ Code 2. The protocol is unreachable. An IP datagram can carry data belonging to higher-level
protocols such as UDP, TCP, and OSPF. If the destination host receives a datagram that must be
delivered, for example, to the TCP protocol, but the TCP protocol is not running at the moment,
a code 2 message is sent.

❑ Code 3. The port is unreachable. The application program (process) that the data gram is
destined for is not running at the moment.

❑ Code 4. Fragmentation is required, but the DF (do not fragment) field of the data gram has
been set. In other words, the sender of the datagram has specified that the datagram not be
fragmented, but routing is impossible without fragmentation.

❑ Code 5. Source routing cannot be accomplished. In other words, one or more routers defined
in the source routing option cannot be visited.

❑ Code 6. The destination network is unknown. This is different from code 0. In code 0, the
router knows that the destination network exists, but it is unreachable at the moment. For code 6,
the router has no information about the destination network.

❑ Code 7. The destination host is unknown. This is different from code 1. In code 1, the router
knows that the destination host exists, but it is unreachable at the moment. For code 7, the router
is unaware of the existence of the destination host.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

❑ Code 8. The source host is isolated.

❑ Code 9. Communication with the destination network is administratively prohibited.

❑ Code 10. Communication with the destination host is administratively prohibited.

❑ Code 11. The network is unreachable for the specified type of service. This is different from
code 0. Here the router can route the datagram if the source had requested an available type of
service.

❑ Code 12. The host is unreachable for the specified type of service. This is different from code
1. Here the router can route the datagram if the source had requested an available type of service.

❑ Code 13. The host is unreachable because the administrator has put a filter on it.

❑ Code 14. The host is unreachable because the host precedence is violated. The message is sent
by a router to indicate that the requested precedence is not permitted for the destination.

❑ Code 15. The host is unreachable because its precedence was cut off. This message is
generated when the network operators have imposed a minimum level of precedence for the
operation of the network, but the datagram was sent with a precedence below this level.

2. Source quench

There is no flow control or congestion control mechanism in the network layer or the IP
protocol. The sender is concerned with only sending the packets, and the sender does not think
whether the receiver is ready to receive those packets or is there any congestion occurs in the
network layer so that the sender can send a lesser number of packets, so there is no flow control
or congestion control mechanism. In this case, ICMP provides feedback, i.e., source quench.
Suppose the sender resends the packet at a higher rate, and the router is not able to handle the

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

high data rate. To overcome such a situation, the router sends a source quench message to tell the
sender to send the packet at a lower rate.

3. Time exceeded

Sometimes the situation arises when there are many routers that exist between the sender and the
receiver. When the sender sends the packet, then it moves in a routing loop. The time exceeded is
based on the time-to-live value. When the packet traverses through the router, then each router
decreases the value of TTL by one. Whenever a router decreases a datagram with a time-to-live
value to zero, then the router discards a datagram and sends the time exceeded message to the
original source.

The above message format shows that the type of time-exceeded is 11, and the code can be either
0 or 1. The code 0 represents TTL, while code 1 represents fragmentation. In a time-exceeded
message, the code 0 is used by the routers to show that the time-to-live value is reached to zero.
The code 1 is used by the destination to show that all the fragments do not reach within a set
time.

4. Parameter problems

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

The router and the destination host can send a parameter problem message. This message
conveys that some parameters are not properly set.

The above diagram shows the message format of the parameter problem. The type of message is
12, and the code can be 0 or 1. 0 indicates error, 1 indicates missing a required option

5. Redirection

When the packet is sent, then the routing table is gradually augmented and updated. The tool
used to achieve this is the redirection message. For example, A wants to send the packet to B,
and there are two routers exist between A and B. First, A sends the data to the router 1. The
router 1 sends the IP packet to router 2 and redirection message to A so that A can update its
routing table.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

ICMP Query Messages

The ICMP Query message is used for error handling or debugging the internet. This message is
commonly used to ping a message.

Echo-request and echo-reply message

A router or a host can send an echo-request message. It is used to ping a message to another host
that "Are you alive". If the other host is alive, then it sends the echo-reply message. An echo-
reply message is sent by the router or the host that receives an echo-request message.

1. The echo-request message and echo-reply message can be used by the network managers
to check the operation of the IP protocol. Suppose two hosts, i.e., A and B, exist, and A
wants to communicate with host B. The A host can communicate to host B if the link is
not broken between A and B, and B is still alive.
2. The echo-request message and echo-reply message check the host's reachability, and it
can be done by invoking the ping command.

The message format of echo-request and echo-reply message

The above diagram shows the message format of the echo-request and echo-reply message. The
type of echo-request is 8, and the request of echo-reply is 0. The code of this message is 0.

Timestamp-request and timestamp-reply message

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

The timestamp-request and timestamp-reply messages are also a type of query messages.
Suppose the computer A wants to know the time on computer B, so it sends the timestamp-
request message to computer B. The computer B responds with a timestamp-reply message.

Message format of timestamp-request and timestamp-reply

The type of timestamp-request is 13, and the type of timestamp-reply is 14. The code of this type
of message is 0.

o It can be used to calculate the round-trip time between the source and the destination,
even if the clocks are not synchronized.
o It can also be used to synchronize the clocks in two different machines if the exact transit
time is known.

If the sender knows the exact transit time, then it can synchronize the clock. The sender asks the
time on the receiver's clock, and then it adds the time and propagation delay. Suppose the time is
1:00 clock and propagation delay is 100 ms, then time would be 1:00 clock plus 100 ms.

Checksum Calculation

The sender follows these steps using one’s complement arithmetic:

1. The checksum field is set to zero.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

2. The sum of all the 16-bit words (header and data) is calculated.

3. The sum is complemented to get the checksum.

4. The checksum is stored in the checksum field.

Checksum Testing The receiver follows these steps using one’s complement arithmetic:

1. The sum of all words (header and data) is calculated.

2. The sum is complemented.

3. If the result obtained in step 2 is 16 0s, the message is accepted; otherwise, it is rejected.

Example

An example of checksum calculation for a simple echo-request message. We randomly chose the
identifier to be 1 and the sequence number to be 9. The message is divided into 16-bit (2-byte)
words. The words are added together and the sum is complemented. Now the sender can put this
value in the checksum field.

Debugging Tools

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

There are two tools that use ICMP for debugging: ping and traceroute

Ping We can use the ping program to find if a host is alive and responding. Ping We can use the
ping program to find if a host is alive and responding

Traceroute

The traceroute program in UNIX or tracert in Windows can be used to trace the route of a packet
from the source to the destination.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

1.3. Delivery and Forwarding of IP Packets

The delivery of a packet to its final destination is accomplished using two different methods of
delivery: direct and indirect.

Direct Delivery: In a direct delivery, the final destination of the packet is a host connected to the
same physical network as the deliverer. Direct delivery occurs when the source and destination
of the packet are located on the same physical network or if the delivery is between the last
router and the destination host

The sender can easily determine if the delivery is direct. It can extract the network address of the
destination (using the mask) and compare this address with the addresses of the networks to
which it is connected. If a match is found, the delivery is direct. In direct delivery, the sender
uses the destination IP address to find the destination physical address. The IP software then
gives the destination IP address with the destination physical address to the data link layer for
actual delivery. This process is called mapping the IP address to the physical address. Although
this mapping can be done by finding a match in a table, we will see in Chapter 8 that a protocol
called Address Resolution Protocol (ARP) dynamically maps an IP address to the corresponding
physical address.

Indirect Delivery: If the destination host is not on the same network as the deliverer, the packet
is delivered indirectly. In an indirect delivery, the packet goes from router to router until it
reaches the one connected to the same physical network as its final destination. In an indirect

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

delivery, the sender uses the destination IP address and a routing table to find the IP address of
the next router to which the packet should be delivered. The sender then uses ARP (see Chapter
8) to find the physical address of the next router. Note that in direct delivery, the address
mapping is between the IP address of the final destination and the physical address of the final
destination. In an indirect delivery, the address mapping is between the IP address of the next
router and the physical address of the next router

Forwarding

Forwarding means to place the packet in its route to its destination. Forwarding means to deliver
the packet to the next hop (which can be the final destination or the intermediate connecting
device. When IP is used as a connectionless protocol, forwarding is based on the destination
address of the IP datagram; when the IP is used as a connection-oriented protocol, forwarding is
based on the label attached to an IP datagram.

Forwarding Based on Destination Address

This is a traditional approach, which is prevalent today. In this case, forwarding requires a host
or a router to have a routing table. When a host has a packet to send or when a router has
received a packet to be forwarded, it looks at this table to find the route to the final destination.
However, this simple solution is inefficient today in an internetwork such as the Internet because
the number of entries needed in the routing table would make table lookups inefficient.

Forwarding Techniques several techniques can make the size of the routing table manageable
and also handle issues such as security.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Next-Hop Method One technique to reduce the contents of a routing table is called the next-hop
method. In this technique, the routing table holds only the address of the next hop instead of
information about the complete route. The entries of a routing table must be consistent with each
other.

Network-Specific Method

A second technique to reduce the routing table and simplify the searching process is called the
network-specific method. Here, instead of having an entry for every destination host connected
to the same physical network, we have only one entry that defines the address of the destination
network itself. In other words, we treat all hosts connected to the same network as one single
entity. For example, if 1000 hosts are attached to the same network, only one entry exists in the
routing table instead of 1000.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Host-Specific Method

In the host-specific method, the destination host address is given in the routing table. The
rationale behind this method is the inverse of the network-specific method. Here efficiency is
sacrificed for other advantages: Although it is not efficient to put the host address in the routing
table, there are occasions in which the administrator wants to have more control over routing.
For example if the administrator wants all packets arriving for host B delivered to router R3
instead of R1, one single entry in the routing table of host A can explicitly define the route. Host-
specific routing is used for purposes such as checking the route or providing security measures.

Default Method

Another technique to simplify routing is called the default method. In host A is connected to a
network with two routers. Router R1 routes the packets to hosts connected to network N2.
However, for the rest of the Internet, router R2 is used. So instead of listing all networks in the
entire Internet, host A can just have one entry called the default (normally defined as network
address 0.0.0.0).

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

Forwarding without Subnetting

In classful addressing, most of the routers in the global Internet are not involved in subnetting.
Subnetting happens inside the organization. A typical forwarding module in this case can be
designed using three tables, one for each unicast class (A, B, C). If the router supports
multicasting, another table can be added to handle class D addresses. Having three different
tables makes searching more efficient. Each routing table has a minimum of three columns:

1. The network address of the destination network tells us where the destination host is located.
Note that we use network-specific forwarding and not the rarely used host-specific forwarding.

2. The next-hop address tells us to which router the packet must be delivered for an indirect
delivery. This column is empty for a direct delivery.

3. The interface number defines the outgoing port from which the packet is sent out. A router is
normally connected to several networks. Each connection has a different numbered port or
interface. We show them as m0, m1, and so on.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

In its simplest form, the forwarding module follows these steps:

1. The destination address of the packet is extracted.

2. A copy of the destination address is used to find the class of the address. This is done by
shifting the copy of the address 28 bits to the right. The result is a 4-bit number between 0 and
15. If the result is

a. 0 to 7, the class is A.

b. 8 to 11, the class is B.

c. 12 or 13, the class is C

d. 14, the class is D.

e. 15, the class is E.

3. The result of Step 2 for class A, B, or C and the destination address are used to extract the
network address. This is done by masking off (changing to 0s) the rightmost 8, 16, or 24 bits
based on the class.

ADVANCED COMPUTER NETWORK-4350706

 K.D.POLYTECHNIC PATAN-DEPARTMENT OF COMPUTER ENGINEERING

4. The class of the address and the network address are used to find next-hop information. The
class determines which table is to be searched. The module searches this table for the network
address. If a match is found, the next-hop address and the interface number of the output port
are extracted from the table. If no match is found, the default is used.

5. The ARP module uses the next-hop address and the interface number to find the physical
address of the next router. It then asks the data link layer to deliver the packet to the next hop.

ADVANCED COMPUTER NETWORK-4350706