Network Layer Services- Packetizing,

Routing and Forwarding

The network Layer is the third layer in the OSI model of computer networks. Its
main function is to transfer network packets from the source to the destination. It
involves both the source host and the destination host.
Key among these services are packetizing, routing, and forwarding. Packetizing
involves encapsulating data into packets suitable for transmission. Routing
determines the optimal path for these packets through the network, ensuring they
navigate through multiple nodes and networks efficiently. Forwarding is the
process of directing these packets to their next hop along the selected path.
In this article, we will discuss these topics in detail, along with the services
provided by the network layer, etc.
Features of Network Layer
 The main responsibility of the Network layer is to carry the data packets from
the source to the destination without changing or using them.
 If the packets are too large for delivery, they are fragmented i.e., broken down
into smaller packets.
 It decides the route to be taken by the packets to travel from the source to the
destination among the multiple routes available in a network (also called
routing).
 The source and destination addresses are added to the data packets inside the
network layer.
Services Offered by Network Layer
The services which are offered by the network layer protocol are as follows:
 Packetizing
 Routing
 Forwarding

1. Packetizing
The process of encapsulating the data received from the upper layers of the network
(also called payload) in a network layer packet at the source and decapsulating the
payload from the network layer packet at the destination is known as packetizing.
The source host adds a header that contains the source and destination address and
some other relevant information required by the network layer protocol to the
payload received from the upper layer protocol and delivers the packet to the data
link layer.
The destination host receives the network layer packet from its data link layer,
decapsulates the packet, and delivers the payload to the corresponding upper layer
protocol. The routers in the path are not allowed to change either the source or the
destination address. The routers in the path are not allowed to decapsulate the
packets they receive unless they need to be fragmented.
 Packetizing

2. Routing
Routing is the process of moving data from one device to another device. These are
two other services offered by the network layer. In a network, there are a number of
routes available from the source to the destination. The network layer specifies some
strategies which find out the best possible route. This process is referred to as
routing. There are a number of routing protocols that are used in this process and
they should be run to help the routers coordinate with each other and help in
establishing communication throughout the network.
 Routing

3. Forwarding
Forwarding is simply defined as the action applied by each router when a packet
arrives at one of its interfaces. When a router receives a packet from one of its
attached networks, it needs to forward the packet to another attached network
(unicast routing) or to some attached networks (in the case of multicast routing).
Routers are used on the network for forwarding a packet from the local network to
the remote network. So, the process of routing involves packet forwarding from an
entry interface out to an exit interface.
 Forwarding

Differences Between Routing and Forwarding

Routing Forwarding

Forwarding is simply defined as

Routing is the process of moving data from one the action applied by each
device to another device. router when a packet arrives at
one of its interfaces.

Operates on the Network Layer. Operates on the Network Layer.

Checks the forwarding table and

Work is based on Forwarding Table.
work according to that.

Works on protocols like UDP

Works on protocols like Routing Information
Encapsulating Security
Protocol (RIP) for Routing.
Payloads

Other Services Expected from Network Layer

 Error Control
 Flow Control
 Congestion Control
1. Error Control
Although it can be implemented in the network layer, it is usually not preferred
because the data packet in a network layer may be fragmented at each router, which
makes error-checking inefficient in the network layer.
2. Flow Control
It regulates the amount of data a source can send without overloading the receiver.
If the source produces data at a very faster rate than the receiver can consume it, the
receiver will be overloaded with data. To control the flow of data, the receiver should
send feedback to the sender to inform the latter that it is overloaded with data.
There is a lack of flow control in the design of the network layer. It does not directly
provide any flow control. The datagrams are sent by the sender when they are ready,
without any attention to the readiness of the receiver.
3. Congestion Control
Congestion occurs when the number of datagrams sent by the source is beyond the
capacity of the network or routers. This is another issue in the network layer
protocol. If congestion continues, sometimes a situation may arrive where the system
collapses and no datagrams are delivered. Although congestion control is indirectly
implemented in the network layer, still there is a lack of congestion control in the
network layer.
Advantages of Network Layer Services
 Packetization service in the network layer provides ease of transportation of the
data packets.
 Packetization also eliminates single points of failure in data communication
systems.
 Routers present in the network layer reduce network traffic by creating collision
and broadcast domains.
 With the help of Forwarding, data packets are transferred from one place to
another in the network.
Disadvantages of Network Layer Services
 There is a lack of flow control in the design of the network layer.
 Congestion occurs sometimes due to the presence of too many datagrams in a
network that is beyond the capacity of the network or the routers. Due to this,
some routers may drop some of the datagrams, and some important pieces of
information may be lost.
 Although indirect error control is present in the network layer, there is a lack of
proper error control mechanisms as due to the presence of fragmented data
packets, error control becomes difficult to implement.

Packet Switching
Packet Switching in computer networks is a method of transferring data to
a network in the form of packets. In order to transfer the file fast and
efficiently over the network and minimize the transmission latency, the data
is broken into small pieces of variable length, called Packet. At the
destination, all these small parts (packets) have to be reassembled,
belonging to the same file. A packet is composed of a payload and various
control information. No pre-setup or reservation of resources is needed.
Packet Switching uses the Store and Forward technique while switching
the packets; while forwarding the packet each hop first stores that packet
then forwards. This technique is very beneficial because packets may get
discarded at any hop for some reason. More than one path is possible
between a pair of sources and destinations. Each packet contains the
Source and destination address using which they independently travel
through the network. In other words, packets belonging to the same file
may or may not travel through the same path. If there is congestion at
some path, packets are allowed to choose different paths possible over an
existing network.
Diagram of Packet Switching
In packet switching the data is divided into small packets which allow faster
movement of data. Each packet contains two parts that is Header and
Payload, the header on each packet conation information. Below is the
diagram of how packet switching works.

Packet Switching

We just read that in packet-switched networks, data is broken into

packets before being sent over a network. Due to this approach allows for
efficient use of network resources, but it can also introduce delays due to
factors like propagation time and queueing delays. To excel in both
theoretical exams and practical networking environments, a deeper
understanding of packet switching mechanisms is crucial. Engaging with a
structured study plan, such as the GATE CS and IT – 2025 course, can
provide you with a comprehensive understanding of these concepts,
ensuring you’re prepared for a wide range of questions in your exams.
Types of Delays in Packet Switching
 Transmission Delay: Time required by the spent station to transmit
data to the link.
 Propagation Delay: Time of data propagation through the link.
 Queueing Delay: Time spent by the packet at the destination’s queue.
 Processing Delay: Processing time for data at the destination.
Advantages of Packet Switching over Circuit
Switching
 More efficient in terms of bandwidth, since the concept of reserving a
circuit is not there.
 Minimal transmission latency.
 More reliable as a destination can detect the missing packet.
 More fault tolerant because packets may follow a different path in case
any link is down, Unlike Circuit Switching.
 Cost-effective and comparatively cheaper to implement.
Disadvantage of Packet Switching over Circuit
Switching
 Packet Switching doesn’t give packets in order, whereas Circuit
Switching provides ordered delivery of packets because all the packets
follow the same path.
 Since the packets are unordered, we need to provide sequence
numbers for each packet.
 Complexity is more at each node because of the facility to follow
multiple paths.
 Transmission delay is more because of rerouting.
 Packet Switching is beneficial only for small messages, but for bursty
data (large messages) Circuit Switching is better.
Types of Packet Switching
1. Connection-oriented Packet Switching (Virtual Circuit)
Before starting the transmission, it establishes a logical path or virtual
connection using a signaling protocol, between sender and receiver and all
packets belongs to this flow will follow this predefined route. Virtual Circuit
ID is provided by switches/routers to uniquely identify this virtual
connection. Data is divided into small units and all these small units are
appended with help of sequence numbers. Packets arrive in order at the
destination. Overall, three phases take place here- The setup, data transfer
and tear-down phases.
 Virtual Circuit

All address information is only transferred during the setup phase. Once the
route to a destination is discovered, entry is added to the switching table of
each intermediate node. During data transfer, packet header (local header)
may contain information such as length, timestamp, sequence number, etc.
Connection-oriented switching is very useful in switched WAN. Some
popular protocols which use the Virtual Circuit Switching approach are
X.25, Frame-Relay, ATM, and MPLS(Multi-Protocol Label Switching).
2. Connectionless Packet Switching (Datagram)
Unlike Connection-oriented packet switching, In Connectionless Packet
Switching each packet contains all necessary addressing information such
as source address, destination address, port numbers, etc. Packets
belonging to one flow may take different routes because routing decisions
are made dynamically, so the packets that arrived at the destination might
be out of order. It has no connection setup and teardown phase, like
Virtual Circuits.
Packet delivery is not guaranteed in connectionless packet switching, so
reliable delivery must be provided by end systems using additional
protocols.
 Datagram Packet Switching

A—R1—R2—BA is the sender (start)R1, R2 are two routers that store and
forward dataB is receiver(destination)
To send a packet from A to B there are delays since this is a Store and
Forward network.
Difference Between Packet Switching and Circuit
Switching
Packet Switching Circuit Switching

In packet switching data is divided into

There is a dedicated path for each
packets, and packets is sent
packet in circuit switching.
independently.

In Packet switching, data is processed

In-Circuit switching, data is
at all intermediate nodes including the
processed at the source system only.
source system.

The delay between data units in The delay between data units in
packet switching is not uniform. circuit switching is uniform.

Packet switching is less reliable. Circuit switching is more reliable.

 Packet Switching Circuit Switching

Transmission of the data is done not

Transmission of the data is done by
only by the source but also by the
the source.
intermediate routers.

Wastage of resources is more in

Less wastage of resources.
Circuit Switching.

In Packet Switching there is no In-Circuit Switching there is a

physical path between the source and physical path between the source and
the destination. the destination.

Call setup is not required in packet Call setup is required in circuit

switching. switching.

Packet switching requires complex Circuit switching requires simple

protocols for delivery. protocols for delivery.

Latency is high in Packet switching. Latency is low in circuit switching.

Littel bit more overheating in packet Overheading is low in circuit

switching. switching.

Internet Protocol (IP)

The Internet Protocol (IP) which is pivotal in computer network protocols is
responsible for the transmission of data packages from or to devices that are
connected to the Internet or any other network. Moreover, it provides the addressing
and routing mechanisms that the devices require for their communications. IP
addresses represent the unique identifiers given to each device on a network to be
able to route data packets to their receivers. IP operates at the network layer of the
OSI model. Consequently, IP operates together with other protocols, including CP
(Connection Protocol) and UDP (User Datagram Protocol), to provide reliable and
efficient communication for different devices.
History of Internet Protocol
In 1974 the starting of the protocol development kicks in. Vint Cerf and Bob Kahn
are the architects. It is coupled with TCP so together then they are called the TCP/IP
protocols (the transmission control protocol and internet protocol). Each major
version of the internet protocol took its own letter of the alphabet and assigned an
address to the protocol version number, for instance, IPv4 was Version 4 of the
internet protocol. Finally, in RFC 791, IETF made an official declaration of such
protocol in September per year, 1981. After the IPv4 (version 4), according to the
internet protocol protocol and IPv6, which was IPv6 (version 6). It was introduced
to the community by the IETF in 1998 but in a trial form. The main objective of the
design of IPv6 was an extension to replace IPv4. The most notable distinction
between IPv4 and IPv6 is that the former resources 32 bits to an address, while the
latter uses 128 bits for an address.
Primary Terminologies
 IP Address: IP address is referred as a number sticker given to each device that
belongs to the network which utilizes Internet Protocol to communicate. It
serves two main purposes: host or network interface recognition, identifier or
location addressing.
 Packet: A packet is a parcel of data that is switched between an origin and a
destination via the Internet or some other network that is based on the packet
switching mechanism. This component mainly has a header and a payload.
 Router: A router is a network device that (serves as) a forwarding point for
data packets between computer networks. Routers carry out the traffic routing
functions through the Internet.
 IPv4: Internet Protocol version 4 (IPv4) is a protocol that tends to provide
connectivity between the desktop computers online and that application layer is
the wider application one that covers most of the Internet communications
nowadays
 IPv6: Internet Protocol version 6 (IPv6), the final iteration in the series of the
upgrades to the Internet Protocol, is used for the purpose of identifying,
locating and routing of various computers so that traffic through Internet can be
transferred properly.
What is an IP Packet?
A packet in IP is a meaning of both data bits and meta information for each network
step. As part of it, there is a header and a payload too. The header transport on the
other hand contains control information like source and destination IP addresses,
what kind of IP is being used (V4 and V6 respectively), and others. The transmitted
data is, in fact, carried in the payload of the data stream. IP header helps in locating
destination by such routers. Routers look up into the header and check the target IP
address with their routing tables and decide the most optimal route for the packet
through the entire network. Then at the moment when the packet is to reach the
destination, the header of the IP is peeled off and the payload in which the data is
encapsulated is presented to the appropriate application or protocol running on the
destination device. IP packets are the unit packets which serves as the building
blocks of message exchange on the IPR network and allows the devices to
communicate with each other irrespective of the network they use to convey data.
IP Packet

How Does the IP Routing Perform?

IP routing is a procedure of routing the information from the source to the recipient
to enable its direction to the final destination. As we also know that the data is broken
into several pieces, and then each piece will almost definitely go through several
routers until these data ends up in the final destination. The path that the set of data
package follows is determined by the routing algorithm. Besides the size of packet
and the header length, the design of the routing algorithm takes into account other
factors related to determining the most suitable route for the data from the sender to
the destination. At the arrival of the datagram at some router, then source address
and destination address fields are employed with a routing table to decide the
subsequent hop's address. Considering that, it runs until it ultimately arrives at its
desired point. The data which is getting distributed into multiple packages will be
reached destination by travelling through different independent packets.
Example:
The TCP layer in an email server carries out this service by means of dividing the
data into packets, providing numbers to each of the packets as well as to send these
packets to the IP layer. This IP layer later resends the packet to the email server
becoming the destination. On the recipient server, other way around, the TCP layer
separates the data packets from the IP layer and remains its original text. This
command goes to the mail application.
What is an IP Addressing?
IP Address is a number assigned to a particular computer and is usually assigned to
those that have access to the internet. IP address consists of a block of characters
like 192.168.1.2. The process in which human-readable domain names are converted
into a series of characters is performed by DNS resolvers and as a result the users
cannot access for each website the domain name with the help of these characters.
This packet includes two addresses: the IP address of the device that is transferring
the packet and that of the device where the packet is being received.
Types of IP Addresses
1. Public Address
2. Private Address
Public Address
The public media, sometimes called the external media outside the local area
network, is also known as the public address. The word 'public address' can also
define a defile of talk outside the network. This IP address is for the purpose of
connecting to the internet. Through our computer public address remote access to
our computer can be obtained. Along with using a public address, we can put up the
home server for accessing the internet. This IP usually is a part of the ISP's (Internet
Service Provider) IP range.
Key Points
 Scope of public address is worldwide, so we can transcend generally among the
network.
 This IPv4 is identified by the ISP (Internet Service Provider).
 Unfortunately, it is not free of cost access.
 We can get the Public IP by typing on google search engine "What is my IP".
Private Address
Address to the private is also referred to as a DAN (LAN), as LAN numbers are
inserted within the addresses. It is used for communication between the network.
Listen to the given audio and then select the most appropriate option. They are not
public IP addresses that have IP protocols for internet routing. The private address
space is then use InterNIC utility to ensure that the create network does not have
address conflict. The private addresses are for those computers that are used within
organizations and their networks act as the homes of these private IPs. For instance,
as our family member comes into our home, we will give him or her an in-house
address number that is assigned to the printer to pick up the printed document. The
true local network only continues to launch the device's private address, whereas
other devices within the local network can view the computer using its private IP
address. Nevertheless, outside the connected network, external devices will not be
able to reach the computer with the use of the private IP but by now the computer is
available through the public address of the router. NAT (Network Address
Translator) is the necessary entity for the computer direct access.

Forwarding of IP Packets

Forwarding means to place the packet in its route to its destination. Forwarding
requires a host or a router to have a routing table. When a host has a packet to
send or when a router has received a packet to be forwarded, it looks at this table
to find the route to the final destination. However, this simple solution is
impossible today in an internetwork such as the Internet because the number of
entries needed in the routing table would make table lookups inefficient.

Forwarding Techniques

Several techniques can make the size of the routing table manageable and also
handle issues such as security.

a. Next-Hop Method versus Route Method

One technique to reduce the contents of a routing table is called the next-hop
method. In this technique, the routing table holds only the address of the next hop
instead of information about the complete route (route method). The entries of a
routing table must be consistent with one another.

b. Network-Specific Method versus Host-Specific Method

A second technique to reduce the routing table and simplify the searching process
is called the network-specific method. Here, instead of having an entry for every
destination host connected to the same physical network (host-specific method),
we have only one entry that defines the address of the destination network itself.
Host-specific routing is used for purposes such as checking the route or providing
security measures

c. Default Method

Another technique to simplify routing is called the default method. Host A is

connected to a network with two routers. Router R1 routes the packets to hosts
connected to network N2. However, for the rest of the Internet, router R2 is used.
So instead of listing all networks in the entire Internet, host A can just have one
entry called the default (normally defined as network address 0.0.0.0).

Example 3.18
Make a routing table for router R1, using the configuration in Figure 3.43
Example 3.19

Show the forwarding process if a packet arrives at R1 with the destination address
180.70.65.140.

Solution
The router performs the following steps:
1. The first mask (/26) is applied to the destination address. The result is
180.70.65.128, which does not match the corresponding network address.

2. The second mask (/25) is applied to the destination address. The result is
180.70.65.128, which matches the corresponding network address. The next-hop
address (the destination address of the packet in this case) and the interface
number m0 are passed to ARP for further processing.

Example 3.20
Show the forwarding process if a packet arrives at R1 with the destination address
201.4.22.35.

Solution
The router performs the following steps:

 The first mask (/26) is applied to the destination address. The result is
201.4.22.0, which does not match the corresponding network address (row 1).

 The second mask (/25) is applied to the destination address. The result is
201.4.22.0, which does not match the corresponding network address (row 2).

 The third mask (/24) is applied to the destination address. The result is
201.4.22.0, which matches the corresponding network address. The destination
address of the packet and the interface number m3 are passed to ARP.

Example 3.21

Show the forwarding process if a packet arrives at R1 with the destination address
18.24.32.78.

Solution
This time all masks are applied, one by one, to the destination address, but no
matching network address is found. When it reaches the end of the table, the
module gives the next-hop address 180.70.65.200 and interface number m2 to
ARP. This is probably an outgoing package that needs to be sent, via the default
router, to someplace else in the Internet.
1. INTRODUCTION
Communication at the network layer is host-to-host (computer-to-computer); a computer
somewhere in the world needs to communicate with another computer somewhere else in
the world. Usually, computers communicate through the Internet. The packet transmitted
by the sending computer may pass through several LANs or WANs before reaching the
destination computer. For this level of communication, we need a global addressing
scheme; we called this logical addressing or IP address.

2. IPv4 ADDRESSES
An IPv4 address is a 32-bit address that uniquely and universally defines the connection of a
device (for example, a computer or a router) to the Internet.
 IPv4 addresses are unique. They are unique in the sense that each address defines
one, and only one, connection to the Internet. Two devices on the Internet can never
have the same address at the same time. But by using some strategies, an address
may be assigned to a device for a time period and then taken away and assigned to
another device.
 On the other hand, if a device operating at the network layer has m connections to
the Internet, it needs to have m addresses. A router is such a device which needs as
many IP addresses as the number of ports are there in it.

2.1. Address Space

A protocol such as IPv4 that defines addresses has an address space.
 An address space is the total number of addresses used by the protocol. If a
protocol uses N bits to define an address, the address space is 2N because each bit
can have two different values (0 or 1) and N bits can have 2N values.
 IPv4 uses 32-bit addresses, which means that the address space is 232 or
4,294,967,296 (more than 4 billion).
This means that, theoretically, if there were no restrictions, more than 4 billion devices
could be connected to the Internet. But the actual number is much less because of the
restrictions imposed on the addresses.

2.2. IPv4 Address Notations

There are two prevalent notations to show an IPv4 address:
a. Binary notation and
b. Dotted decimal notation.
a. Binary Notation
In binary notation, the IPv4 address is displayed as 32 bits. Each octet is often referred to as
a byte. So it is common to hear an IPv4 address referred to as a 32-bit address or a 4-byte
address. The following is an example of an IPv4 address in binary notation:

01110101 10010101 00011101 00000010

b. Dotted-Decimal Notation
To make the IPv4 address more compact and easier to read, Internet addresses are usually
written in decimal form with a decimal point (dot) separating the bytes. The following is the
dotted decimal notation of the above address:

117.149.29.2
Figure 19.1 shows an IPv4 address in both binary and dotted-decimal notation. Note that
because each byte (octet) is 8 bits, each number in dotted-decimal notation is a value
ranging from 0 to 255.

Figure 19.1 Dotted-decimal notation and binary notation for an IPv4 address

Example 19.1
Change the following IPv4 addresses from binary notation to dotted-decimal notation.
a. 10000001 00001011 00001011 11101111
b. 11000001 10000011 00011011 11111111
Solution
We replace each group of 8 bits with its equivalent decimal number (see Appendix B) and
add dots for separation.
a. 129.11.11.239
b. 193.131.27.255

Example 19.2
Change the following IPv4 addresses from dotted-decimal notation to binary notation.
a. 111.56.45.78
b. 221.34.7.82
Solution
We replace each decimal number with its binary equivalent.
a. 01101111 00111000 00101101 01001110
b. 11011101 00100010 00000111 01010010

2.3. Types of IPv4 Addressing Schemes

There are two types of IPv4 addressing schemes:
 Classful Addressing
 Classless Addressing
2.3.1. Classful Addressing
IPv4 addressing, at its inception, used the concept of classes. This architecture is called
classful addressing. Although this scheme is becoming obsolete, we briefly discuss it here to
show the rationale behind classless addressing.
 In classful addressing, the address space is divided into five classes: A, B, C, D, and E.
 Each class occupies some part of the address space.
 We can find the class of an address when given the address in binary notation or
dotted-decimal notation.
 If the address is given in binary notation, the first few bits can immediately tell us the
class of the address.
 If the address is given in decimal-dotted notation, the first byte defines the class.
Both methods are shown in Figure 19.2.

Figure 19.2 Finding the classes in binary and dotted-decimal notation

Example 19.4
Find the class of each address.
a. 00000001 00001011 00001011 11101111
b. 11000001 10000011 00011011 11111111
c. 14.23.120.8
d. 252.5.15.111
Solution
a. The first bit is 0. This is a class A address.
b. The first 2 bits are 1; the third bit is 0. This is a class C address.
c. The first byte is 14 (between 0 and 127); the class is A.
d. The first byte is 252 (between 240 and 255); the class is E.

2.3.1.1. Classes and Blocks

One problem with classful addressing is that each class is divided into a fixed number of
blocks with each block having a fixed size as shown in Table 19.1.
 Table 19.1 Number of blocks and block size in Classful IPv4 addressing

Class Number of Blocks Block Size Application

A 27=128 224=16,777,216 Unicast

B 214=16,384 216=65,536 Unicast

C 221=2,097,152 28=256 Unicast

D 1 228=268,435,456 Multicast

E 1 228=268,435,456 Reserved

 Class A addresses were designed for large organizations with a large number of
attached hosts or routers.
 Class B addresses were designed for midsize organizations with tens of thousands of
attached hosts or routers.
 Class C addresses were designed for small organizations with a small number of
attached hosts or routers.

2.3.1.2. Limitations of Classful Addressing:

 A block in class A address is too large for almost any organization. This means most
of the addresses in class A were wasted and were not used.
 A block in class B is also very large, probably too large for many of the organizations
that received a class B block.
 A block in class C is probably too small for many organizations.
 Class D addresses were designed for multicasting. Each address in this class is used
to define one group of hosts on the Internet. The Internet authorities wrongly
predicted a need for 268,435,456 groups. This never happened and many addresses
were wasted here too.
 And lastly, the class E addresses were reserved for future use; only a few were used,
resulting in another waste of addresses.

2.3.1.3. Netid and Hostid

 In classful addressing, an IP address in class A, B, or C is divided into netid and
hostid.
 These parts are of varying lengths, depending on the class of the address. Figure 19.2
shows some netid and hostid bytes.
 The netid is in color, the hostid is in white. Note that the concept does not apply to
classes D and E.
 In class A, one byte defines the netid and three bytes define the hostid.
  In class B, two bytes define the netid and two bytes define the hostid.
 In class C, three bytes define the netid and one byte defines the hostid.

Table 19.2 Default masks for classful addressing

2.3.1.4. Mask
A mask (also called the default mask) is a 32-bit number made of contiguous 1s followed by
contiguous 0s. The masks for classes A, B, and C are shown in Table 19.2. The concept does
not apply to classes D and E.
 The mask can help us to find the netid and the hostid. For example, the mask for a
class A address has eight 1s, which means the first 8 bits of any address in class A
define the netid; the next 24 bits define the hostid.
 The last column of Table 19.2 shows the mask in the form /n where n can be 8, 16, or
24 in classful addressing.
 This notation is also called slash notation or Classless Interdomain Routing (CIDR)
notation.

2.3.1.5. Address Depletion Problem

The fast growth of the Internet led to the near depletion of the available addresses in
classful addressing scheme. Yet the number of devices on the Internet is much less than the
232 address space. We have run out of class A and B addresses, and a class C block is too
small for most midsize organizations.
 One solution that has alleviated the problem is the idea of classless addressing.
 Classful addressing, which is almost obsolete, is replaced with classless addressing.

2.3.2. Classless Addressing

To overcome address depletion and give more organizations access to the Internet, classless
addressing was designed and implemented. In this scheme, there are no classes, but the
addresses are still granted in blocks.

Address Blocks
 In classless addressing, when an entity, small or large, needs to be connected to the
Internet, it is granted a block (range) of addresses.
 The size of the block (the number of addresses) varies based on the nature and size
of the entity. For example, a household may be given only two addresses; a large
organization may be given thousands of addresses. An ISP, as the Internet service
 provider, may be given thousands or hundreds of thousands based on the number of
customers it may serve.
 The Internet authorities impose three restrictions on classless address blocks:

1. The addresses in a block must be contiguous, one after another.

2. The number of addresses in a block must be a power of 2 (1, 2, 4, 8, ... ).
3. The first address must be evenly divisible by the number of addresses.

Example 19.5
Figure 19.3 shows a block of addresses, in both binary and dotted-decimal notation, granted
to a small business that needs 16 addresses. We can see that the restrictions are applied to
this block. The addresses are contiguous. The number of addresses is a power of 2 (16 = 2 4),
and the first address is divisible by 16. The first address, when converted to a decimal
number, is 3,440,387,360, which when divided by 16 results in 215,024,210.

Figure 19.3 A block of16 addresses granted to a small organization

2.3.2.1. Mask
A better way to define a block of addresses is to select any address in the block and the
mask. As we discussed before, a mask is a 32-bit number in which the n leftmost bits are 1s
and the 32 - n rightmost bits are 0s.

 However, in classless addressing the mask for a block can take any value from 0 to
32. It is very convenient to give just the value of n preceded by a slash (CIDR
notation).
 In 1Pv4 addressing, a block of addresses can be defined as x.y.z.t/n in which x.y.z.t
defines one of the addresses and the /n defines the mask.
 The address and the /n notation completely define the whole block (the first
address, the last address, and the number of addresses).

First Address: The first address in the block can be found by setting the 32 - n rightmost bits
in the binary notation of the address to 0s.
Example 19.6
A block of addresses is granted to a small organization. We know that one of the addresses
is 205.16.37.39/28. What is the first address in the block?

Solution
The binary representation of the given address is 11001101 00010000 00100101 00100111.
If we set 32 - 28 rightmost bits to 0, we get 11001101 0001000 00100101 0010000 or
205.16.37.32. This is actually the block shown in Figure 19.3.

Last Address: The last address in the block can be found by setting the 32 - n rightmost bits
in the binary notation of the address to 1s.

Example 19.7
Find the last address for the block in Example 19.6.
Solution
The binary representation of the given address is 11001101 00010000 00100101 00100111.
If we set 32 - 28 rightmost bits to 1, we get 11001101 00010000 00100101 0010 1111 or
205.16.37.47. This is actually the block shown in Figure 19.3.

Figure 19.3 A block of16 addresses granted to a small organization

Number of Addresses: The number of addresses in the block is the difference between the
last and first address. It can easily be found using the formula 232- n.

Example 19.8
Find the number of addresses in Example 19.6.
Solution
The value of n is 28, which means that number of addresses is 232- 28 or 16.

Example 19.9
Another way to find the first address, the last address, and the number of addresses is to
represent the mask as a 32-bit binary (or 8-digit hexadecimal) number. This is particularly
useful when we are writing a program to find these pieces of information. In Example 19.5
the /28 can be represented as 11111111 11111111 11111111 11110000 (twenty-eight 1s
and four 0s). Find
a. The first address
b. The last address
c. The number of addresses
Solution
a. The first address can be found by ANDing the given addresses with the mask. ANDing
here is done bit by bit. The result of ANDing 2 bits is 1 if both bits are 1s; the result is 0
otherwise.

Address: 11001101 00010000 00100101 00100111

Mask: 11111111 11111111 11111111 11110000
First address: 11001101 00010000 00100101 00100000

b. The last address can be found by ORing the given addresses with the complement of the
mask. ORing here is done bit by bit. The result of ORing 2 bits is 0 if both bits are 0s; the
result is 1 otherwise. The complement of a number is found by changing each 1 to 0 and
each 0 to 1.

Address: 11001101 00010000 00100101 00100111

Mask complement: 00000000 00000000 00000000 00001111
Last address: 11001101 00010000 00100101 00101111

c. The number of addresses can be found by complementing the mask, interpreting it as a

decimal number, and adding 1 to it.

Mask complement: 000000000 00000000 00000000 00001111

Number of addresses: 15 + 1 =16

2.3.2.2. Network Addresses

A very important concept in IP addressing is the network address. When an organization is
given a block of addresses, the organization is free to allocate the addresses to the devices
that need to be connected to the Internet.
 The first address in the class, however, is normally (not always) treated as a special
address. The first address is called the network address and defines the organization
network.
 It defines the organization itself to the rest of the world. Usually the first address is
the one that is used by routers to direct the message sent to the organization from
the outside.
Figure 19.4 shows an organization that is granted a 16-address block. The organization
network is connected to the Internet via a router. The router has two addresses. One
belongs to the granted block; the other belongs to the network that is at the other side of
the router. We call the second address x.y.z.t/n because we do not know anything about the
network it is connected to at the other side. All messages destined for addresses in the
organization block (205.16.37.32 to 205.16.37.47) are sent, directly or indirectly, to x.y.z.t/n.
We say directly or indirectly because we do not know the structure of the network to which
the other side of the router is connected.

Figure 19.4 A network configuration for the block 205.16.37.32/28

The first address in a block is normally not assigned to any device; it is used as the
network address that represents the organization to the rest of the world.

2.3.2.3. Hierarchy
IP addresses, like other addresses or identifiers we encounter these days, have levels of
hierarchy.
Two-Level Hierarchy: No Subnetting
An IP address can define only two levels of hierarchy when not subnetted.
 The n leftmost bits of the address x.y.z.t/n define the network (organization
network).
 The 32 – n rightmost bits define the particular host (computer or router) to the
network.
 The two common terms are prefix and suffix.
 The part of the address that defines the network is called the prefix; the part that
defines the host is called the suffix. Figure 19.5 shows the hierarchical structure of an
IPv4 address.
 Figure 19.5 Two levels of hierarchy in an IPv4 address

 The prefix is common to all addresses in the network; the suffix changes from one
device to another.
Each address in the block can be considered as a two-level hierarchical structure: the
leftmost n bits (prefix) define the network; the rightmost 32 - n bits define the host.

Three-Levels of Hierarchy: Subnetting

An organization that is granted a large block of addresses may want to create clusters of
networks (called subnets) and divide the addresses between the different subnets. The rest
of the world still sees the organization as one entity; however, internally there are several
subnets. All messages are sent to the router address that connects the organization to the
rest of the Internet; the router routes the message to the appropriate subnets. The
organization, however, needs to create small sub blocks of addresses, each assigned to
specific subnets. The organization has its own mask; each subnet must also have its own.

Figure 19.6 Configuration and addresses in a subnetted network

Example, suppose an organization is given the block 17.12.40.0/26, which contains 64
addresses. The organization has three offices and needs to divide the addresses into three
sub blocks of 32, 16, and 16 addresses. We can find the new masks by using the following
arguments:
1. Suppose the mask for the first subnet is n1, then 232- n1 must be 32, which means that n1
=27.
2. Suppose the mask for the second subnet is n2, then 232- n2 must be 16, which means that
n2 = 28.
3. Suppose the mask for the third subnet is n3, then 232- n3 must be 16, which means that n3
=28.
This means that we have the masks 27, 28, 28 with the organization mask being 26. Figure
19.6 shows one configuration for the above scenario.
Let us check to see if we can find the subnet addresses from one of the addresses in the
subnet.

a. In subnet 1, the address 17.12.14.29/27 can give us the subnet address if we use the
mask /27 because
Host: 00010001 00001100 00001110 00011101
Mask: /27
Subnet: 00010001 00001100 00001110 00000000 .... (17.12.14.0)

b. In subnet 2, the address 17.12.14.45/28 can give us the subnet address if we use the
mask /28 because
Host: 00010001 00001100 00001110 00101101
Mask: /28
Subnet: 00010001 00001100 00001110 00100000 .... (17.12.14.32)

c. In subnet 3, the address 17.12.14.50/28 can give us the subnet address if we use the mask
/28 because
Host: 00010001 00001100 00001110 00110010
Mask: /28
Subnet: 00010001 00001100 00001110 00110000 .... (17.12.14.48)
Note that applying the mask of the network, /26, to any of the addresses gives us the
network address 17.12.14.0/26. We can say that through subnetting, we have three levels
of hierarchy. Note that in our example, the subnet prefix length can differ for the subnets as
shown in Figure 19.7.
 Figure 19.7 Three-level hierarchy in an IPv4 address

More Levels of Hierarchy

The structure of classless addressing does not restrict the number of hierarchical levels. An
organization can divide the granted block of addresses into sub blocks. Each sub block can in
turn be divided into smaller sub blocks. And so on. One example of this is seen in the ISPs.
 A national ISP can divide a granted large block into smaller blocks and assign each of
them to a regional ISP.
 A regional ISP can divide the block received from the national ISP into smaller blocks
and assign each one to a local ISP.
 A local ISP can divide the block received from the regional ISP into smaller blocks and
assign each one to a different organization.
 Finally, an organization can divide the received block and make several subnets out
of it.

2.3.2.4. Address Allocation

 The next issue in classless addressing is address allocation. How are the blocks
allocated? The ultimate responsibility of address allocation is given to a global
authority called the Internet Corporation for Assigned Names and Addresses (ICANN).
 However, ICANN does not normally allocate addresses to individual organizations. It
assigns a large block of addresses to an ISP. Each ISP, in turn, divides its assigned
block into smaller sub blocks and grants the sub blocks to its customers.
 In other words, an ISP receives one large block to be distributed to its Internet users.
This is called address aggregation: many blocks of addresses are aggregated in one
block and granted to one ISP.
Example 19.10
An ISP is granted a block of addresses starting with 190.100.0.0/16 (65,536 addresses). The
ISP needs to distribute these addresses to three groups of customers as follows:
a. The first group has 64 customers; each needs 256 addresses.
b. The second group has 128 customers; each needs 128 addresses.
c. The third group has 128 customers; each needs 64 addresses.
Design the sub blocks and find out how many addresses are still available after these
allocations.
Solution
Figure 19.8 shows the situation.

Figure 19.8 An example of address allocation and distribution by an ISP

1. Group 1
For this group, each customer needs 256 addresses. This means that 8 (log 2256) bits are
needed to define each host. The prefix length is then 32 - 8 =24. The addresses are

1st Customer: 190.100.0.0/24 190.100.0.255/24

2nd Customer: 190.100.1.0/24 190.100.1.255/24

64th Customer: 190.100.63.0/24 190.100.63.255/24

Total =64 X 256 =16,384

2. Group2
For this group, each customer needs 128 addresses. This means that 7 (log 2 128) bits are
needed to define each host. The prefix length is then 32 - 7 =25. The addresses are:

1st Customer: 190.100.64.0/25 190.100.64.127/25

2nd Customer: 190.100.64.128/25 190.100.64.255/25

128th Customer: 190.100.127.128/25 190.100.127.255/25

Total =128 X 128 = 16,384

3. Group3
For this group, each customer needs 64 addresses. This means that 6 (log2 64) bits are
needed to each host. The prefix length is then 32 - 6 =26. The addresses are

1st Customer: 190.100.128.0/26 190.100.128.63/26

2nd Customer: 190.100.128.64/26 190.100.128.127/26

128th Customer: 190.100.159.192/26 190.100.159.255/26

Total =128 X 64 = 8192

2.3.3. Network Address Translation (NAT)

The number of home users and small businesses that want to use the Internet is ever
increasing. In the beginning, a user was connected to the Internet with a dial-up line, which
means that she was connected for a specific period of time. An ISP with a block of addresses
could dynamically assign an address to this user. An address was given to a user when it was
needed. But the situation is different today. Home users and small businesses can be
connected by an ADSL line or cable modem. In addition, many are not happy with one
address; many have created small networks with several hosts and need an IP address for
each host. With the shortage of addresses, this is a serious problem.
A quick solution to this problem is called network address translation (NAT).
 NAT enables a user to have a large set of addresses internally and one address, or a
small set of addresses, externally. The traffic inside can use the large set; the traffic
outside, the small set.
  To separate the addresses used inside the home or business and the ones used for
the Internet, the Internet authorities have reserved three sets of addresses as
private addresses, shown in Table 19.3.
Table 19.3 Addresses for private networks

 Any organization can use an address out of this set without permission from the
Internet authorities. Everyone knows that these reserved addresses are for private
networks.
 They are unique inside the organization, but they are not unique globally. No router
will forward a packet that has one of these addresses as the destination address.
 The site must have only one single connection to the global Internet through a
router that runs the NAT software.
Figure 19.9 shows a simple implementation of NAT. As Figure 19.9 shows, the private
network uses private addresses. The router that connects the network to the global address
uses one private address and one global address. The private network is transparent to the
rest of the Internet; the rest of the Internet sees only the NAT router with the address
200.24.5.8.

Figure 19.9 A NAT implementation

Address Translation
 All the outgoing packets go through the NAT router, which replaces the source
address in the packet with the global NAT address.
 All incoming packets also pass through the NAT router, which replaces the
destination address in the packet (the NAT router global address) with the
appropriate private address. Figure 19.10 shows an example of address translation.
 Figure 19.10 Addresses in a NAT

Translation Table
Translating the source addresses for outgoing packets is straightforward. But how does the
NAT router know the destination address for a packet coming from the Internet? There may
be tens or hundreds of private IP addresses, each belonging to one specific host. The
problem is solved if the NAT router has a translation table.

Using One IP Address

 In its simplest form, a translation table has only two columns: the private' address
and the external address (destination address of the packet).
 When the router translates the source address of the outgoing packet, it also makes
note of the destination address-where the packet is going.
 When the response comes back from the destination, the router uses the source
address of the packet (as the external address) to find the private address of the
packet.
Figure 19.11 shows the idea. Note that the addresses that are changed (translated) are
shown in color.
 In this strategy, communication must always be initiated by the private network.
 The NAT mechanism described requires that the private network start the
communication.
 NAT is used mostly by ISPs which assign one single address to a customer. The
customer, however, may be a member of a private network that has many private
addresses. In this case, communication with the Internet is always initiated from the
customer site, using a client program such as HTTP, TELNET, or FTP to access the
corresponding server program. For example, when e-mail that originates from a
noncustomer site is received by the ISP e-mail server, the e-mail is stored in the
mailbox of the customer until retrieved.
 A private network cannot run a server program for clients outside of its network if it
is using NAT technology.
 Figure 19.11 NAT address translation

Using a Pool of IP Addresses Since the NAT router has only one global address, only one
private network host can access the same external host. To remove this restriction, the NAT
router uses a pool of global addresses. For example, instead of using only one global
address (200.24.5.8), the NAT router can use four addresses (200.24.5.8, 200.24.5.9,
200.24.5.10, and 200.24.5.11). In this case, four private network hosts can communicate
with the same external host at the same time because each pair of addresses defines a
connection. However, there are still some drawbacks. In this example, no more than four
connections can be made to the same destination. Also, no private-network host can access
two external server programs (e.g., HTTP and FTP) at the same time.
Using Both IP Addresses and Port Numbers
 To allow a many-to-many relationship between private-network hosts and external
server programs, we need more information in the translation table. For example,
suppose two hosts with addresses 172.18.3.1 and 172.18.3.2 inside a private
network need to access the HTTP server on external host 25.8.3.2.
 If the translation table has five columns, instead of two, that include the source and
destination port numbers of the transport layer protocol, the ambiguity is
eliminated. Table 19.4 shows an example of such a table.
 Table 19.4 Five-column translation table

 When the response from HTTP comes back, the combination of source address
(25.8.3.2) and destination port number (1400) defines the-private network host to
which the response should be directed. Note also that for this translation to work,
the temporary port numbers (1400 and 1401) must be unique.
NAT and ISP
 An ISP that serves dial-up customers can use NAT technology to conserve addresses.
For example, suppose an ISP is granted 1000 addresses, but has 100,000 customers.
Each of the customers is assigned a private network address.
 The ISP translates each of the 100,000 source addresses in outgoing packets to one
of the 1000 global addresses; it translates the global destination address in incoming
packets to the corresponding private address. Figure 19.12 shows this concept.

Figure 19.12 An ISP and NAT

19.2 IPv6 ADDRESSES

Despite all short-term solutions, such as classless addressing and NAT, address depletion is
still a long-term problem for the Internet. This and other problems in the IP protocol itself,
such as lack of accommodation for real-time audio and video transmission, and encryption
and authentication of data for some applications, have been the motivation for IPv6.
Structure
An IPv6 address consists of 16 bytes (octets); it is 128 bits long.
Hexadecimal Colon Notation
To make addresses more readable, IPv6 specifies hexadecimal colon notation. In this
notation, 128 bits is divided into eight sections, each 2 bytes in length. Two bytes in
hexadecimal notation requires four hexadecimal digits. Therefore, the address consists of 32
hexadecimal digits, with every four digits separated by a colon, as shown in Figure 19.13.

Figure 19.13 IPv6 address in binary and hexadecimal colon notation

Abbreviation
Although the IP address, even in hexadecimal format, is very long, many of the digits are
zeros. In this case, we can abbreviate the address. The leading zeros of a section (four digits
between two colons) can be omitted. Only the leading zeros can be dropped, not the trailing
zeros (see Figure 19.14).

Figure 19.14 Abbreviated IPv6 addresses

Using this form of abbreviation, 0074 can be written as 74, 000F as F, and 0000 as 0. Note
that 3210 cannot be abbreviated. Further abbreviations are possible if there are consecutive
sections consisting of zeros only. We can remove the zeros altogether and replace them
with a double semicolon. Note that this type of abbreviation is allowed only once per
address. If there are two runs of zero sections, only one of them can be abbreviated.
Reexpansion of the abbreviated address is very simple: Align the unabbreviated portions
and insert zeros to get the original expanded address.

Example 19.11
Expand the address 0:15::1:12:1213 to its original.
Solution
We first need to align the left side of the double colon to the left of the original pattern and
the right side of the double colon to the right of the original pattern to find now many 0s we
need to replace the double colon.

This means that the original address is

Reference:
1. B. A. Forouzan: Data Communications and Networking, Fourth edition, TMH .
RIP Protocol
RIP stands for Routing Information Protocol.
RIP is an intra-domain routing protocol used within an autonomous system.
Here, intra-domain means routing the packets in a defined domain, for example, web browsing within
an institutional area.
To understand the RIP protocol, our main focus is to know the structure of the packet, how many fields
it contains, and how these fields determine the routing table.
Before understanding the structure of the packet, we first look at the following points:
o RIP is based on the distance vector-based strategy, so we consider the entire structure as a
graph where nodes are the routers, and the links are the networks.
o In a routing table, the first column is the destination, or we can say that it is a network address.
o The cost metric is the number of hops to reach the destination. The number of hops available
in a network would be the cost. The hop count is the number of networks required to reach the
destination.
o In RIP, infinity is defined as 16, which means that the RIP is useful for smaller networks or small
autonomous systems. The maximum number of hops that RIP can contain is 15 hops, i.e., it
should not have more than 15 hops as 16 is infinity.
o The next column contains the address of the router to which the packet is to be sent to reach
the destination.
How is hop count determined?
When the router sends the packet to the network segment, then it is counted as a single hop.

In the above figure, when the router 1 forwards the packet to the router 2 then it will count as 1 hop
count. Similarly, when the router 2 forwards the packet to the router 3 then it will count as 2 hop count,
and when the router 3 forwards the packet to router 4, it will count as 3 hop count. In the same
way, RIP can support maximum upto 15 hops, which means that the 16 routers can be configured in a
RIP.
RIP Message Format
Now, we look at the structure of the RIP message format. The message format is used to share
information among different routers. The RIP contains the following fields in a message:
 o Command: It is an 8-bit field that is used for request or reply. The value of the request is 1, and
the value of the reply is 2.
o Version: Here, version means that which version of the protocol we are using. Suppose we are
using the protocol of version1, then we put the 1 in this field.
o Reserved: This is a reserved field, so it is filled with zeroes.
o Family: It is a 16-bit field. As we are using the TCP/IP family, so we put 2 value in this field.
o Network Address: It is defined as 14 bytes field. If we use the IPv4 version, then we use 4 bytes,
and the other 10 bytes are all zeroes.
o Distance: The distance field specifies the hop count, i.e., the number of hops used to reach the
destination.

How does the RIP work?

If there are 8 routers in a network where Router 1 wants to send the data to Router 3. If the network is
configured with RIP, it will choose the route which has the least number of hops. There are three routes
in the above network, i.e., Route 1, Route 2, and Route 3. The Route 2 contains the least number of
hops, i.e., 2 where Route 1 contains 3 hops, and Route 3 contains 4 hops, so RIP will choose Route 2.
Let's look at another example.

Suppose R1 wants to send the data to R4. There are two possible routes to send data from r1 to r2. As
both the routes contain the same number of hops, i.e., 3, so RIP will send the data to both the routes
simultaneously. This way, it manages the load balancing, and data reach the destination a bit faster.
Disadvantages of RIP
The following are the disadvantages of RIP:
o In RIP, the route is chosen based on the hop count metric. If another route of better bandwidth
is available, then that route would not be chosen. Let's understand this scenario through an
example.
We can observe that Route 2 is chosen in the above figure as it has the least hop count. The Route 1
is free and data can be reached more faster; instead of this, data is sent to the Route 2 that makes the
Route 2 slower due to the heavy traffic. This is one of the biggest disadvantages of RIP.
o The RIP is a classful routing protocol, so it does not support the VLSM (Variable Length Subnet
Mask). The classful routing protocol is a protocol that does not include the subnet mask
information in the routing updates.
o It broadcasts the routing updates to the entire network that creates a lot of traffic. In RIP, the
routing table updates every 30 seconds. Whenever the updates occur, it sends the copy of the
update to all the neighbors except the one that has caused the update. The sending of updates
to all the neighbors creates a lot of traffic. This rule is known as a split-horizon rule.
o It faces a problem of Slow convergence. Whenever the router or link fails, then it often takes
minutes to stabilize or take an alternative route; This problem is known as Slow convergence.
o RIP supports maximum 15 hops which means that the maximum 16 hops can be configured in
a RIP
o The Administrative distance value is 120 (Ad value). If the Ad value is less, then the protocol is
more reliable than the protocol with more Ad value.
o The RIP protocol has the highest Ad value, so it is not as reliable as the other routing protocols.
How RIP updates its Routing table
The following timers are used to update the routing table:
o RIP update timer : 30 sec
The routers configured with RIP send their updates to all the neighboring routers every 30 seconds.
o RIP Invalid timer : 180 sec
The RIP invalid timer is 180 seconds, which means that if the router is disconnected from the network
or some link goes down, then the neighbor router will wait for 180 seconds to take the update. If it does
not receive the update within 180 seconds, then it will mark the particular route as not reachable.
o RIP Flush timer : 240 sec
The RIP flush timer is 240 second which is almost equal to 4 min means that if the router does not
receive the update within 240 seconds then the neighbor route will remove that particular route from
the routing table which is a very slow process as 4 minutes is a long time to wait.
Advantages of RIP
The following are the advantages of a RIP protocol:
o It is easy to configure
o It has less complexity
o The CPU utilization is less.
OSPF Protocol

 The OSPF stands for Open Shortest Path First.

 It is a widely used and supported routing protocol.
 It is an intradomain protocol, which means that it is used within an area or a network.
 It is an interior gateway protocol that has been designed within a single autonomous system.
 It is based on a link-state routing algorithm in which each router contains the information of
every domain, and based on this information, it determines the shortest path.
 The goal of routing is to learn routes.
 The OSPF achieves by learning about every router and subnet within the entire network.
 Every router contains the same information about the network.
 The way the router learns this information by sending LSA (Link State Advertisements).
  These LSAs contain information about every router, subnet, and other networking information.
 Once the LSAs have been flooded, the OSPF stores the information in a link-state database
known as LSDB.
 The main goal is to have the same information about every router in an LSDBs.

OSPF Areas

 OSPF divides the autonomous systems into areas where the area is a collection of networks,
hosts, and routers.
 Like internet service providers divide the internet into a different autonomous system for easy
management and OSPF further divides the autonomous systems into Areas.
 Routers that exist inside the area flood the area with routing information
 In Area, the special router also exists.
 The special routers are those that are present at the border of an area, and these special routers
are known as Area Border Routers.
 This router summarizes the information about an area and shares the information with other
areas.
 All the areas inside an autonomous system are connected to the backbone routers, and these
backbone routers are part of a primary area. The role of a primary area is to provide
communication between different areas.

How does OSPF work?

There are three steps that can explain the working of OSPF:
Step 1: The first step is to become OSPF neighbors. The two connecting routers running OSPF on the
same link creates a neighbor relationship.
Step 2: The second step is to exchange database information. After becoming the neighbors, the two
routers exchange the LSDB information with each other.
Step 3: The third step is to choose the best route. Once the LSDB information has been exchanged
with each other, the router chooses the best route to be added to a routing table based on the calculation
of SPF.
How a router forms a neighbor relationship?
The first thing is happened before the relationship is formed is that each router chooses the router ID.
Router ID (RID): The router ID is a number that uniquely identifies each router on a network. The router
ID is in the format of the IPv4 address. There are few ways to set the router ID, the first way is to set
the router ID manually and the other way is to let the router decides itself.

The following is the logic that the router chooses to set the router ID:
o Manually assigned: The router checks whether the router ID is manually set or not. If it manually
set, then it is a router ID. If it is not manually set, then it will choose the highest 'up' status
 loopback interface IP address. If there are no loopback interfaces, then it will choose the highest
'up' status non-loopback interface IP address.
 Two routers connected to each other through point to point or multiple routers are connected
can communicate with each other through an OSPF protocol.
 The two routers are adjacent only when both the routers send the HELLO packet to each other.
When both the routers receive the acknowledgment of the HELLO packet, then they come in a
two-way state. As OSPF is a link state routing protocol, so it allows to create the neighbor
relationship between the routers.
 The two routers can be neighbors only when they belong to the same subnet, share the same
area id, subnet mask, timers, and authentication.
 The OSPF relationship is a relationship formed between the routers so that they can know each
other. The two routers can be neighbors if atleast one of them is designated router or backup
designated router in a network, or connected through a point-to-point link.

Types of links in OSPF

A link is basically a connection, so the connection between two routers is known as a link.
There are four types of links in OSPF:
1. Point-to-point link: The point-to-point link directly connects the two routers without any host
or router in between.
2. Transient link: When several routers are attached in a network, they are known as a
transient link.
The transient link has two different implementations:
Unrealistic topology: When all the routers are connected to each other, it is known as an
unrealistic topology.
Realistic topology: When some designated router exists in a network then it is known as a
realistic topology. Here designated router is a router to which all the routers are connected. All
the packets sent by the routers will be passed through the designated router.
3. Stub link: It is a network that is connected to the single router. Data enters to the network
through the single router and leaves the network through the same router.
4. Virtual link: If the link between the two routers is broken, the administration creates the virtual
path between the routers, and that path could be a long one also.
OSPF Message Format
The following are the fields in an OSPF message format:

o Version: It is an 8-bit field that specifies the OSPF protocol version.

o Type: It is an 8-bit field. It specifies the type of the OSPF packet.
o Message: It is a 16-bit field that defines the total length of the message, including the header.
Therefore, the total length is equal to the sum of the length of the message and header.
 o Source IP address: It defines the address from which the packets are sent. It is a sending
routing IP address.
o Area identification: It defines the area within which the routing takes place.
o Checksum: It is used for error correction and error detection.
o Authentication type: There are two types of authentication, i.e., 0 and 1. Here, 0 means for
none that specifies no authentication is available and 1 means for pwd that specifies the
password-based authentication.
o Authentication: It is a 32-bit field that contains the actual value of the authentication data.
OSPF Packets
There are five different types of packets in OSPF:
o Hello
o Database Description
o Link state request
o Link state update
o Link state Acknowledgment
Let's discuss each packet in detail.
1. Hello packet
The Hello packet is used to create a neighborhood relationship and check the neighbor's reachability.
Therefore, the Hello packet is used when the connection between the routers need to be established.
2. Database Description
After establishing a connection, if the neighbor router is communicating with the system first time, it
sends the database information about the network topology to the system so that the system can update
or modify accordingly.
3. Link state request
The link-state request is sent by the router to obtain the information of a specified route. Suppose there
are two routers, i.e., router 1 and router 2, and router 1 wants to know the information about the router
2, so router 1 sends the link state request to the router 2. When router 2 receives the link state request,
then it sends the link-state information to router 1.
4. Link state update
The link-state update is used by the router to advertise the state of its links. If any router wants to
broadcast the state of its links, it uses the link-state update.
5. Link state acknowledgment
The link-state acknowledgment makes the routing more reliable by forcing each router to send the
acknowledgment on each link state update. For example, router A sends the link state update to the
router B and router C, then in return, the router B and C sends the link- state acknowledgment to the
router A, so that the router A gets to know that both the routers have received the link-state update.
OSPF States
The device running the OSPF protocol undergoes the following states:
o Down: If the device is in a down state, it has not received the HELLO packet. Here, down does
not mean that the device is physically down; it means that the OSPF process has not been
started yet.
o Init: If the device comes in an init state, it means that the device has received the HELLO
packet from the other router.
o 2WAY: If the device is in a 2WAY state, which means that both the routers have received the
HELLO packet from the other router, and the connection gets established between the routers.
o Exstart: Once the exchange between the routers get started, both the routers move to the
Exstart state. In this state, master and slave are selected based on the router's id. The master
controls the sequence of numbers, and starts the exchange process.
o Exchange: In the exchange state, both the routers send a list of LSAs to each other that contain
a database description.
o Loading: On the loading state, the LSR, LSU, and LSA are exchanged.
o Full: Once the exchange of the LSAs is completed, the routers move to the full state.
Router attributes

 Before going to the Extract state, OSPF chooses one router as a Designated router and another
router as a backup designated router.
 These routers are not the type, but they are the attributes of a router. In the case of broadcast
networks, the router selects one router as a designated router and another router as a backup
 designated router. The election of designated and the backup designated router is done to
avoid the flooding in a network and to minimize the number of adjacencies.
 They serve as a central point for exchanging the routing information among all the routers.
Since point-to-point links are directly connected, so DR and BDR are not elected.
 If DR and BDR are not elected, the router will send the update to all the adjacent neighbors,
leading to the flooding in a network.
 To avoid this problem, DR and BDR are elected. Each non-DR and non-BDR send the update
only to the DR and BDR instead of exchanging it with other routers in a network segment. DR
then distributes the network topology information to other routers in the same area whereas the
BDR serves a substitute for the DR.
 The BDR also receives the routing information from all the router but it does not distribute the
information. It distributes the information only when the DR fails.
 The multicast address 224.0.0.6 is used by the non-DR and non-BDR to send the routing
information to the DR and BDR. The DR and BDR send the routing information to the multicast
address 224.0.0.5.

Based on the following rules, the DR and BDR are elected:

o The router with the highest OSPF priority is chosen as the DR. By default, the highest priority
is set as 1.
o If there is no highest priority, then the router with the highest router Id is chosen as the DR, and
the router with the second-highest priority is chosen as the BDR.
Let's understand this scenario through an example.

In the above figure, R1 is chosen as the DR, while R2 is chosen as the BDR as R1 has the highest
router ID, whereas the R2 has the second-highest router ID. If the link fails between R4 and the system,
then R4 updates only R1 and R4 about its link failure. Then, DR updates all the non-DR and non-BDR
about the change, and in this case, except R4, only R3 is available as a non-DR and non-BDR.
Border Gateway Protocol (BGP)
 The protocol can connect any internetwork of the autonomous system using an arbitrary
topology.
 The only requirement is that each AS have at least one router that can run BGP and that is the
router connected to at least one other AS’s BGP router.
 BGP’s main function is to exchange network reachability information with other BGP systems.
 Border Gateway Protocol constructs an autonomous systems graph based on the information
exchanged between BGP routers.
Characteristics of Border Gateway Protocol (BGP)
 Inter-Autonomous System Configuration: The main role of BGP is to provide communication
between two autonomous systems.
 BGP supports the Next-Hop Paradigm.
 Coordination among multiple BGP speakers within the AS (Autonomous System).
 Path Information: BGP advertisements also include path information, along with the reachable
destination and next destination pair.
 Policy Support: BGP can implement policies that can be configured by the administrator. For
ex:- a router running BGP can be configured to distinguish between the routes that are known
within the AS and that which are known from outside the AS.
 Runs Over TCP.
 BGP conserves network Bandwidth.
 BGP supports CIDR.
 BGP also supports Security.
Functionality of Border Gateway Protocol (BGP)
BGP peers perform 3 functions, which are given below.
 The first function consists of initial peer acquisition and authentication. both the peers established
a TCP connection and performed message exchange that guarantees both sides have agreed to
communicate.
 The second function mainly focuses on sending negative or positive reachability information.
 The third function verifies that the peers and the network connection between them are
functioning correctly.
Importance of Border Gateway Protocol(BGP)
 Security: BGP is highly secure because it authenticates messages between routers using
preconfigured passwords through which unauthorized traffic is filtered out.
 Scalability: BGP is more scalable because it manages a vast number of routes and networks
present on the internet.
 Supports Multihoming: BGP allows multihoming means an organization can connect to multiple
networks simultaneously.
 Calculate the Best Path: As we know data packets is traveled across the internet from source to
destination every system in between the source and destination has to decide where the data
packet should go next
 TCP/IP Model: BGP is based on the TCP/IP model and it is used to control the network layer by
using transport layer protocol.
Types of Border Gateway Protocol
 External BGP: It is used to interchange routing information between the routers in different
autonomous systems, it is also known as eBGP(External Border Gateway Protocol). The below
image shows how eBGP interchange routing information.

eBGP
 Internal BGP: It is used to interchange routing information between the routers in the same
autonomous system, it is also known as iBGP(Internal Border Gateway Protocol). Internal routers
also ensure consistency among routers for sharing routing information. The below image shows
how iBGP interchange routing information.

iBGP

Elements of BGP
Some elements of BGP are assigned to each path and these elements help routers to select a path
from multiple paths.Here below are some elements of BGP:
 Weight: Weight is defined as a Cisco-specific attribute that tells a router which path is preferred.
The weight having a higher value is preferred.
 Originate: This tells how a router choose routes and adds to BGP itself.
 Local Preference: Local Preference is an element used to select the outbound routing path.
Greater local preference is preferred.
 Autonomous System Path: This element tells the router to select a path having a shorter length.
 Next Hop: To reach the destination the next hop elements specify the IP address that should be
used as the next hop.
BGP Route Information Management Functions:
 Route Storage: Each BGP stores information about how to reach other networks.
 Route Update: In this task, Special techniques are used to determine when and how to use the
information received from peers to properly update the routes.
 Route Selection: Each BGP uses the information in its route databases to select good routes to
each network on the internet network.
 Route advertisement: Each BGP speaker regularly tells their peer what is known about various
networks and methods to reach them.

Path attributes

The BGP chooses the best route based on the attributes of the path.
As we know that path-vector routing is used in the border gateway routing protocol, which contains the
routing table that shows the path information. The path attributes provide the path information. The
attributes that show or store the path information are known as path attributes. This list of attributes
helps the receiving router to make a better decision while applying any policy. Let's see the different
types of attributes. The path attribute is broadly classified into two categories:
 1. Well-known attribute: It is an attribute that should be recognized by every BGP router.
The well-known attribute is further classified into two categories:

o Well-known mandatory: When BGP is going to advertise any network, but it also advertises
extra information, and that information with path attributes information. The information includes
AS path information, origin information, next-hop information. Here, mandatory means that it
has to be present in all the BGP routing updates.
o Well-known discretionary: It is recognized by all the BGP routers and passed on to other
BGP routers, but it is not mandatory to be present in an update.
2. Optional attribute: It is an attribute that is not necessarily to be recognized by every BGP router. In
short, we can say that it is not a mandatory attribute.
The optional attribute is further classified into two categories:

o Optional transitive: BGP may or may not recognize this attribute, but it is passed on to the
other BGP neighbors. Here, transitive means that if the attribute is not recognized, then it is
marked as a partial.
o Optional non-transitive: If the BGP cannot recognize the attribute, it ignores the update and
does not advertise to another BGP router.

BGP Tables

There are three types of BGP tables:

o Neighbor table: It contains the neighbors who are configured by the administrator manually.
The neighbor relationship has to be manually configured by using the neighbor command.
For the verification, the following commands are used:

1. #show ip bgp summary

2. # show ip bgp neighbors
The above commands are very useful to verify whether the neighbor relationship is up or not.

o BGP forwarding table: It contains all the routes advertised in BGP and can be verified using
the following command:
1. # show ip bgp
 o IP routing table: The IP routing table contains the best path routes required to reach the
destination. The following command shows the best routing path:
1. #SH ip route
There are four different types of packets exist in BGP:

o Open: When the router wants to create a neighborhood relation with another router, it sends
the Open packet.
o Update: The update packet can be used in either of the two cases:
1. It can be used to withdraw the destination, which has been advertised previously.
2. It can also be used to announce the route to the new destination.
o Keep Alive: The keep alive packet is exchanged regularly to tell other routers whether they are
alive or not. For example, there are two routers, i.e., R1 and R2. The R1 sends the keep alive
packet to R2 while R2 sends the keep alive packet to R1 so that R1 can get to know that R2 is
alive, and R2 can get to know that R1 is alive.
o Notification: The notification packet is sent when the router detects the error condition or close
the connection.

BGP Packet Format

Now we will see the format in which the packet travels. The following are the fields in a BGP
packet format:

1. Marker: It is a 32-bit field which is used for the authentication purpose.

2. Length: It is a 16-bit field that defines the total length of the message, including the header.
3. Type: It is an 8-bit field that defines the type of the packet.

Difference Between BGP and OSPF

BGP OSPF

It follows the Path Vector Routing Algorithm It follows the Link State Routing Algorithm

The speed of convergence is fast in the case of

The speed of convergence is very slow in BGP
OSPF

OSPF is also called intra-domain routing

BGP is also called inter-domain routing protocol
protocol

In BGP routing operation is performed between In OSPF routing operation is performed inside
two AS an AS
 BGP OSPF

In BGP, TCP protocol is used In OSPF, IP protocol is used

What is Multicasting?
Multicasting is a method of sending network packets to a specific group of recipients
simultaneously, rather than broadcasting to all devices on the network or sending
individual copies to each recipient. It is an efficient way to distribute data such as
streaming media or real-time updates to multiple users without the duplicating the
data stream for each recipient. In multicasting, the sender transmits the data only
once and network devices use multicast addressing to forward the packets to the
subscribed group members.
Advantages
 IGMP communication protocol efficiently transmits the multicast data to the
receivers and so, no junk packets are transmitted to the host which shows
optimized performance.
 Bandwidth is consumed totally as all the shared links are connected.
 Hosts can leave a multicast group and join another.
Disadvantages
 It does not provide good efficiency in filtering and security.
 Due to lack of TCP, network congestion can occur.
 IGMP is vulnerable to some attacks such as DOS attack (Denial-Of-Service).
Conclusion

IGMP(Internet Group Management Protocol)

IGMP is an acronym for Internet Group Management Protocol. IGMP is a
communication protocol used by hosts and adjacent routers for multicasting
communication with IP networks and uses the resources efficiently to transmit the
message/data packets. Multicast communication can have single or multiple senders
and receivers and thus, IGMP can be used in streaming videos, gaming, or web
conferencing tools. This protocol is used on IPv4 networks and for using this on
IPv6, multicasting is managed by Multicast Listener Discovery (MLD).
Like other network protocols, IGMP is used on the network layer. MLDv1 is almost
the same in functioning as IGMPv2 and MLDv2 is almost similar to IGMPv3. The
communication protocol, IGMPv1 was developed in 1989 at Stanford University.
IGMPv1 was updated to IGMPv2 in the year 1997 and again updated to IGMPv3 in
the year 2002. The IGMP protocol is used by the hosts and router to identify the
hosts in a LAN that are the members of a group. IGMP is a part of the IP layer and
IGMP has a fixed-size message. The IGMP message is encapsulated within an IP
datagram.
The IP protocol supports two types of communication:
 Unicasting- It is a communication between one sender and one receiver.
Therefore, we can say that it is one-to-one communication.
 Multicasting: Sometimes the sender wants to send the same message to a large
of receivers simultaneously. This process is known as multicasting which has
one-to-many communication.
Applications:
 Streaming – Multicast routing protocols are used for audio and video
streaming over the network i.e., either one-to-many or many-to-many.
 Gaming – Internet group management protocol is often used in simulation
games which has multiple users over the network such as online games.
 Web Conferencing tools – Video conferencing is a new method to meet
people from your own convenience and IGMP connects to the users for
conferencing and transfers the message/data packets efficiently.

The IGMP uses several types of messages to manage multicast group memberships:
 IGMP Membership Query: The Sent by routers to determine which multicast
groups have members on a particular network segment. This query helps
routers maintain accurate multicast group membership information.
 IGMP Membership Report: Sent by hosts to indicate their interest in joining a
multicast group. This report informs the router of the presence of a host that
wants to receive multicast traffic.
 IGMP Leave Group: Sent by hosts to indicate that they are leaving a multicast
group. This message informs the router that the host no longer wants to receive
traffic for that group.
 IGMP V3 Membership Report (in IGMPv3): This allows hosts to specify the
exact multicast group addresses they want to join or leave and can include
source-specific multicast (SSM) information.
Working of IGMP
IGMP works on devices that are capable of handling multicast groups and dynamic
multicasting. These devices allow the host to join or leave the membership in the
multicast group. These devices also allow to add and remove clients from the group.
This communication protocol is operated between the host and the local multicast
router. When a multicast group is created, the multicast group address is in the range
of class D (224-239) IP addresses and is forwarded as the destination IP address in
the packet.
 L2 or Level-2 devices such as switches are used in between host and multicast router
for IGMP snooping. IGMP snooping is a process to listen to the IGMP network
traffic in controlled manner. Switch receives the message from host and forwards
the membership report to the local multicast router. The multicast traffic is further
forwarded to remote routers from local multicast routers using PIM (Protocol
Independent Multicast) so that clients can receive the message/data packets. Clients
wishing to join the network sends join message in the query and switch intercepts
the message and adds the ports of clients to its multicast routing table.
What is IGMP Snooping?
The IGMP snooping is a network switch feature that allows switches to listen to the
IGMP messages exchanged between the hosts and routers. By “snooping” on these
messages the switch can maintain a mapping of which ports are associated with the
specific multicast groups. This mapping enables the switch to efficiently forward
multicast traffic only to the ports that have subscribed members reducing
unnecessary broadcast traffic and improving network performance.
How is Multicasting Different from Anycast and Unicast?
 Multicast: A method where data is sent from one sender to multiple specific
recipients using the multicast address. It allows efficient data distribution to the
group of users.
 Anycast: A method where data is sent to the nearest member of a group of
potential recipients. It is used to route data to the closest server or service
instance based on the network distance.
 Unicast: A method where data is sent from one sender to one specific recipient.
Each communication session is established between a single sender and a single
receiver.
Is IGMP a Layer 3 Protocol?
Yes, IGMP operates at Layer 3 of the OSI model which is the Network layer. It is
used to the manage the membership of the multicast groups within IP networks
facilitating the efficient distribution of the multicast traffic across the network
segments.
Types: There are 3 versions of IGMP. These versions are backward compatible.
Following are the versions of IGMP: 1. IGMPv1 : The version of IGMP
communication protocol allows all the supporting hosts to join the multicast groups
using membership request and include some basic features. But, host cannot leave
the group on their own and have to wait for a timeout to leave the group. The message
packet format in IGMPv1:

 Version – Set to 1.
 Type – 1 for Host Membership Query and Host Membership Report.
 Unused – 8-bits of zero which are of no use.
 Checksum – It is the one’s complement of the sum of IGMP messages.
 Group Address – The group address field is zero when sent and ignored when
received in membership query message. In a membership report message, the
group address field takes the IP host group address of the group being reported.
2. IGMPv2 : IGMPv2 is the revised version of IGMPv1 communication protocol.
It has added functionality of leaving the multicast group using group membership.
The message packet format in IGMPv2:

Type:
0x11 for Membership Query
0x12 for IGMPv1 Membership Report
0x16 for IGMPv2 Membership Report
0x22 for IGMPv3 Membership Report
0x17 for Leave Group
 Max Response Time – This field is ignored for message types other than
membership query. For membership query type, it is the maximum time
allowed before sending a response report. The value is in units of 0.1 seconds.
 Checksum – It is the one’s complement of the sum of IGMP message. It
determines the entire payload of the IP datagram in which IGMP message is
encapsulated.
 Group Address – It is set as 0 when sending a general query. Otherwise,
multicast address for group-specific or source-specific queries. The behavior of
this field depends on the type of the message sent.
For Membership Query, the group address is set to zero for General Query and set
to multicast group address for a specific query. For Membership Report, the group
address is set to the multicast group address is set to the multicast group address. For
Leave Group, it is set to the multicast group address.
3. IGMPv3 : IGMPv2 was revised to IGMPv3 and added source-specific multicast
and membership report aggregation. These reports are sent to 224.0.0.22. The
message packet format in IGMPv3:

 Max Response Time – This field is ignored for message types other than
membership query. For membership query type, it is the maximum time
allowed before sending a response report. The value is in units of 0.1 seconds.
 Checksum – It is the one’s complement of the one’s complement of the sum of
IGMP message.
 Group Address – It is set as 0 when sending a general query. Otherwise,
multicast address for group-specific or source-specific queries.
 Resv – It is set zero of sent and ignored when received.
 S flag – It represents Suppress Router-side Processing flag. When the flag is
set, it indicates to suppress the timer updates that multicast routers perform
upon receiving any query.
 QRV – It represents Querier’s Robustness Variable. Routers keeps on
retrieving the QRV value from the most recently received query as their own
value until the most recently received QRV is zero.
 QQIC – It represents Querier’s Query Interval Code.
 Number of sources – It represents the number of source addresses present in
the query. For general query or group-specific query, this field is zero and for
group-and-source-specific query, this field is non-zero.
 Source Address[i] – It represents the IP unicast address for N fields.