Chapter 18

Introduction to Network Layer

Part-2
After completing the Contents, We have Learnt
• Subnetting
• NAT
• Desgning Subnets
• Address Translation
• Address Aggregation
• Translation Field
• Special Address
• Forwarding of IP Packets
• DHCP Dynamic Host Configuration Control
• Address Aggregation
• DHCP Message Format
• Longest Mask Matching
• DHCP Option Field
• Hierarchical Routing
• Options of DHCP
• Geographical Routing
○ DHCPOFFER
• Forwarding Table Search Algorithm
○ DHCPREQUEST
• Forwarding based on Tables
○ DHCPACK
• MPLS Multi-Protocol Label
• Using FTP
Switching
• Error Control
• A New Header
• Transition States
• MPLS Header Stack
• NAT Network Address Resolution
• Hierarchical Switching
• Private IPv4 Addresses
• Router on Packet Switches
Subnetting

• More levels of hierarchy can be created using subnetting.

• An organization (or an ISP) that is granted a range of addresses
may divide the range into several subranges and assign each
subrange to a subnetwork (or subnet).
• Note that nothing stops the organization from creating more
levels.
• A subnetwork can be divided into several sub-subnetworks.

• A sub-subnetwork can be divided into several

sub-sub-subnetworks, and so on.
Designing Subnets
• The subnetworks in a network should be carefully designed to enable the routing
of packets.
• We assume the total number of addresses granted to the organization is N,
the prefix length is n,
the assigned number of addresses to each subnetwork is Nsub, and
the prefix length for each subnetwork is nsub.
• The following steps need to be carefully followed to guarantee the proper
operation of the subnetworks:
• The number of addresses in each subnetwork should be a power of 2.
• The prefix length for each subnetwork should be found using the
following formula:

• The starting address in each subnetwork should be divisible by the

number of addresses in that subnetwork. This can be achieved if we
first assign addresses to larger subnetworks.
Example 18.5
An organization is granted a block of addresses with the
beginning address 14.24.74.0/24.

How many nodes are granted?

= Power of 2 [32 - 24 = 8]
= 28
= 256

What is the first IP address?

14.24.74.0

What is the last IP address?

14.24.74.255
Example 18.5
An organization is granted a block of addresses with the
beginning address 14.24.74.0/24.

The organization needs to have 3 sub-blocks of addresses

to use in its three subnets:

one sub-block of 10 addresses,

one sub-block of 60 addresses,
and one sub-block of 120 addresses.

Design the sub-blocks.

Example 18.5
An organization is granted a block of addresses with the
beginning address 14.24.74.0/24. The organization needs
to have 3 subblocks of addresses to use in its three
subnets: one subblock of 10 addresses, one subblock of 60
addresses, and one subblock of 120 addresses. Design the
subblocks.
Solution
There are 232– 24 =26 = 256 addresses in this block.

The first address is 14.24.74.0/24;

the last address is 14.24.74.255/24.
To satisfy the third requirement, we assign addresses to
subblocks, starting with the largest and ending with the
smallest one.
Example 18.5 (cont.)
a. The number of addresses in the largest sub-block, which
requires 120 addresses, is not a power of 2.
We allocate 128 addresses.
The subnet mask for this subnet can be found as
n1 = 32 − log2 128 = 32 - 7 = 25.
The first address in this block is 14.24.74.0/25;
the last address is 14.24.74.127/25.

b. The number of addresses in the second largest subblock,

which requires 60 addresses, is not a power of 2 either.
We allocate 64 addresses.
The subnet mask for this subnet can be found as
n2 = 32 − log2 64 = 32 - 6 = 26.
The first address in this block is 14.24.74.128/26;
the last address is 14.24.74.191/26.
Example 18.5 (cont.)
c. The number of addresses in the smallest sub-block,
which requires 10 addresses, is not a power of 2. We
allocate 16 addresses. The subnet mask for this subnet
can be found as n1 = 32 − log2 16 = 32 - 4 = 28.
The first address in this block is 14.24.74.192/28;
the last address is 14.24.74.207/28.
If we add all addresses in the previous subblocks, the
result is 208 addresses, which means 48 addresses are
left in reserve.
The first address in this range is 14.24.74.208.
The last address is 14.24.74.255. We don’t know about
the prefix length yet.
Solution to Example 18.5
Address Aggregation

• One of the advantages of the CIDR (Classless Inter-Domain

Routing) strategy is address aggregation (sometimes called
address summarization or route summarization).
• When blocks of addresses are combined to create a larger
block, routing can be done based on the prefix of the larger
block.
• ICANN (Internet Corporation for Assigned Names and
Numbers) assigns a large block of addresses to an ISP.
• Each ISP in turn divides its assigned block into smaller
subblocks and grants the subblocks to its customers.
Example of address aggregation
Special Addresses

• Five special addresses that are used for special purposes:

• This-host address:
• 0.0.0.0/32 is called the this-host address. It is used whenever a
host needs to send an IP datagram but it does not know its own
address to use as the source address
• Limited-broadcast address:
• 255.255.255.255/32 is called the limited-broadcast address. It is
used whenever a router or a host needs to send a datagram to all
devices in a network. The routers in the network, however, block
the packet having this address as the destination; the packet
cannot travel outside the network.
Special Addresses (cont.)

• Loopback address:
• The block 127.0.0.0/8 is called the loopback address. A packet with one of
the addresses in this block as the destination address never leaves the host;
it will remain in the host. Any address in the block is used to test a piece of
software in the machine
• Private addresses:
• Four blocks are assigned as private addresses:
10.0.0.0/8,
172.16.0.0/12,
192.168.0.0/16, and
169.254.0.0/16.
• Multicast addresses:
• The block 224.0.0.0/4 is reserved for multicast addresses.
Dynamic Host Configuration Protocol (DHCP)
• Address assignment in an organization can be done automatically using the Dynamic Host
Configuration Protocol (DHCP).
• DHCP is an application-layer program, using the client-server paradigm, that actually helps
TCP/IP at the network layer.
• DHCP has found such widespread use in the Internet that it is often called a plugand- play
protocol.
• A network manager can configure DHCP to assign permanent IP addresses to the host and
routers.
• DHCP can also be configured to provide temporary, on demand, IP addresses to hosts.
• The second capability can provide a temporary IP address to a traveller to connect her
laptop to the Internet while she is staying in the hotel.
• It also allows an ISP with 1000 granted addresses to provide services to 4000 households,
assuming not more than one-forth of customers use the Internet at the same time.
• In addition to its IP address, a computer also needs to know the network prefix (or address
mask).
• Most computers also need two other pieces of information, such as the address of a default
router to be able to communicate with other networks and the address of a name server to
be able to use names instead of addresses
DHCP Message Format
• DHCP is a client-server protocol in which the client sends a request message and the server
returns a response message.

A 64-byte option field has a dual purpose: It can carry either additional
information or some specific vendor information.
DHCP Option Field
• The 64-byte option field has a dual purpose.
• It can carry either additional information or some specific vendor information.
• The server uses a number, called a magic cookie, in the format of an IP address with the
value of 99.130.83.99.
• When the client finishes reading the message, it looks for this magic cookie.
• If present, the next 60 bytes are options.
• An option is composed of three fields: a 1-byte tag field, a 1-byte length field, and a
variable-length value field.
• There are several tag fields that are mostly used by vendors.
• If the tag field is 53, the value field defines one of the 8 message types shown below:
Operation of DHCP: DHCPDISCOVER

• The joining host creates a DHCPDISCOVER message in which only the

transaction-ID field is set to a random number.
• No other field can be set because the host has no knowledge with which to
do so.
• This message is encapsulated in a UDP user datagram with the source port
set to 68 and the destination port set to 67.
• The user datagram is encapsulated in an IP datagram with the source
address set to 0.0.0.0 (“this host”) and the destination address set to
255.255.255.255 (broadcast address).
• The reason is that the joining host knows neither its own address nor the
server address.
Operation of DHCP: DHCPOFFER

• The DHCP server or servers (if more than one) responds with a
DHCPOFFER message in which the your address field defines the offered
IP address for the joining host and the server address field includes the IP
address of the server.
• The message also includes the lease time for which the host can keep the
IP address.
• This message is encapsulated in a user datagram with the same port
numbers, but in the reverse order.
• The user datagram in turn is encapsulated in a datagram with the server
address as the source IP address, but the destination address is a broadcast
address, in which the server allows other DHCP servers to receive the
offer and give a better offer if they can.
Operation of DHCP: DHCPREQUEST

• The joining host receives one or more offers and selects the best of
them.
• The joining host then sends a DHCPREQUEST message to the
server that has given the best offer.
• The fields with known value are set.
• The message is encapsulated in a user datagram with port
numbers as the first message.
• The user datagram is encapsulated in an IP datagram with the source
address set to the new client address, but the destination address still
is set to the broadcast address to let the other servers know that
their offer was not accepted.
Operation of DHCP: DHCPACK

• Finally, the selected server responds with a DHCPACK message

to the client if the offered IP address is valid.
• If the server cannot keep its offer (for example, if the address is
offered to another host in between), the server sends a
DHCPNACK message and the client needs to repeat the process.
• This message is also broadcast to let other servers know that the
request is accepted or rejected.
Operation of DHCP
Two Well-Known Ports
• DHCP uses two well-known ports (68 and 67) instead of one well-known and one
ephemeral.
• The reason for choosing the well-known port 68 instead of an ephemeral port for the client
is that the response from the server to the client is broadcast.
• An IP datagram with the limited broadcast message is delivered to every host on the
network.
• Now assume that a DHCP client and a DAYTIME client, for example, are both waiting to
receive a response from their corresponding server and both have accidentally used the
same temporary port number (56017, for example). Both hosts receive the response
message from the DHCP server and deliver the message to their clients.
• The DHCP client processes the message; the DAYTIME client is totally confused with a
strange message received.
• Using a well-known port number prevents this problem from happening.
• The response message from the DHCP server is not delivered to the DAYTIME client,
which is running on the port number 56017, not 68.
• The temporary port numbers are selected from a different range than the well-known port
numbers.
• If two DHCP clients are running at the same time: the messages can be distinguished
by the value of the transaction ID, which separates each response from the other.
Using FTP

• The server does not send all of the information that a client may
need for joining the network.
• In the DHCPACK message, the server defines the pathname of a
file in which the client can find complete information such as the
address of the DNS server.
• The client can then use a file transfer protocol to obtain the rest of
the needed information.
Error Control

• DHCP uses the service of UDP, which is not reliable.

• To provide error control, DHCP uses two strategies:
• First, DHCP requires that UDP use the checksum.
• Second, the DHCP client uses timers and a retransmission
policy if it does not receive the DHCP reply to a request.
• However, to prevent a traffic jam when several hosts need to
retransmit a request (for example, after a power failure),
DHCP forces the client to use a random number to set its
timers.
Transition States
Network Address Resolution (NAT)
• In most situations, only a portion of computers in a small network need access to the
Internet.
• For example, assume that in a small business with 20 computers the maximum number of
computers that access the Internet simultaneously is only 4.
• Most of the computers are either doing some task that does not need Internet access or
communicating with each other.
• This small business can use the TCP/IP protocol for both internal and universal
communication.
• The business can use 20 (or 25) addresses from the private block addresses (discussed
before) for internal communication; five addresses for universal communication can be
assigned by the ISP
• A technology that can provide the mapping between the private and universal addresses, and
at the same time support virtual private networks, is Network Address Translation (NAT).
• The technology allows a site to use a set of private addresses for internal communication
and a set of global Internet addresses (at least one) for communication with the rest of the
world.
• The site must have only one connection to the global Internet through a NAT-capable router
that runs NAT software
Private IPv4 Addresses

Class A range 10.0.0.0 to 10.255.255.255

Class B range 172.16.0.0 to 172.31.255.255
Class C range 192.168.0.0 to 192.168.255.255
Other: 127.0.0.0 to 127.255.255.255
NAT
Address translation
• All of the outgoing packets go through the NAT router, which replaces the source address in
the packet with the global NAT address.
• All incoming packets also pass through the NAT router, which replaces the destination
address in the packet (the NAT router global address) with the appropriate private address.
 Topics of Today

• Translation Tables
• Forwarding of IP Packets
• Forwarding Based on Destination Address
• Address Aggregation
• Longest Mask Matching
• Hierarchical Routing
• Forwarding Table Search Algorithm
• Geographical Routing
• Forwarding based on Tables
• MPLS Multi-Protocol Label Switching
• A New Header
• MPLS Header Stack
• Hierarchical Switching
• Router on Packet Switches
Translation Table: Using One IP Address
• In its simplest form, a translation table has only two columns: the private address and
the external address (destination address of the packet).
• When the router translates the source address of the outgoing packet, it also makes note of
the destination address— where the packet is going.
• When the response comes back from the destination, the router uses the source address of
the packet (as the external address) to find the private address of the packet.
• In this strategy, communication must always be initiated by the private network.
Translation Table: Using a Pool of IP Addresses
• The use of only one global address by the NAT router allows only one
private-network host to access a given external host.
• To remove this restriction, the NAT router can use a pool of global addresses.
• For example, instead of using only one global address (200.24.5.8), the NAT router
can use four addresses (200.24.5.8, 200.24.5.9, 200.24.5.10, and 200.24.5.11).
• In this case, four private-network hosts can communicate with the same external
host at the same time because each pair of addresses defines a separate connection.

• However, there are still some drawbacks:

• No more than four connections can be made to the same destination.
• No private-network host can access two external server programs (e.g.,
HTTP and TELNET) at the same time.
• Two private-network hosts cannot access the same external server
program (e.g., HTTP or TELNET) at the same time.
Translation Table: Using Both IP Addresses and Port Addresses
• To allow a many-to-many relationship between private-network hosts and external
server programs, we need more information in the translation table.
• For example, suppose two hosts inside a private network with addresses 172.18.3.1 and
172.18.3.2 need to access the HTTP server on external host 25.8.3.2. If the translation table
has five columns, instead of two, that include the source and destination port addresses
and the transport-layer protocol, the ambiguity is eliminated.
• Note that when the response from HTTP comes back, the combination of source address
(25.8.3.2) and destination port address (1401) defines the private network host to which
the response should be directed.
• Note also that for this translation to work, the ephemeral port addresses (1400 and 1401)
must be unique.
Forwarding of IP Packets

• Forwarding means to place the packet in its route to its destination

• Since the Internet today is made of a combination of links (networks),
forwarding means to deliver the packet to the next hop (which can be
the final destination or the intermediate connecting device).
• Although the IP protocol was originally designed as a connectionless
protocol, today the tendency is to change it to a connection-oriented
protocol.
• When IP is used as a connectionless protocol, forwarding is based on
the destination address of the IP datagram
• When the IP is used as a connection-oriented protocol, forwarding is
based on the label attached to an IP datagram.
Forwarding Based on Destination Address
• This is a traditional approach, which is prevalent today
• In this case, forwarding requires a host or a router to have a forwarding table.
• When a host has a packet to send or when a router has received a packet to be
forwarded, it looks at this table to find the next hop to deliver the packet to
• In classless addressing, the whole address space is one entity; there are no
classes
• Forwarding requires one row of information for each block involved.
• The table needs to be searched based on the network address (first address in
the block)
• The destination address in the packet gives no clue about the network address
• To solve the problem, we need to include the mask (/n) in the table
• In other words, a classless forwarding table needs to include four pieces of
information: the mask, the network address, the interface number, and the IP
address of the next router
• However, we often see in the literature that the first two pieces are combined
• For example, if n is 26 and the network address is 180.70.65.192, then one can
Simplified forwarding module in classless address
 Forwarding Based on Destination Address (cont.)

• The job of the forwarding module is to search the table, row by

row.
• In each row, the n leftmost bits of the destination address
(prefix) are kept and the rest of the bits (suffix) are set to 0s.
• If the resulting address (which we call the network address),
matches with the address in the first column, the information in
the next two columns is extracted; otherwise the search
continues.
• Normally, the last row has a default value in the first column
which indicates all destination addresses that did not match the
previous rows.
Example 18.7
Make a forwarding table for router R1 using the
configuration in Figure below
Example 18.7

Solution
Table below shows the corresponding table.
Forwarding table for router R1
Example 18.8
Instead of previous Table, we can use Table below, in
which the network address/mask is given in bits.
Forwarding table for router R1 using prefix bits

When a packet arrives whose leftmost 26 bits in the

destination address match the bits in the first row, the packet
is sent out from interface m2.
And so on.
Example 18.9
Show the forwarding process if a packet arrives at R1 in
Figure below with the destination address 180.70.65.140.
Example 18.9

Solution
1. The first mask (/26) is applied to the destination address.
The result is 180.70.65.128, which does not match the
corresponding network address.

2. The second mask (/25) is applied to the destination

address. The result is 180.70.65.128, which matches the
corresponding network address. The next-hop address and
the interface number m0 are extracted for forwarding the
packet
Address Aggregation
• When we use classful addressing, there is only one entry in the
forwarding table for each site outside the organization.
• The entry defines the site even if that site is subnetted.
• When a packet arrives at the router, the router checks the
corresponding entry and forwards the packet accordingly.
• When we use classless addressing, it is likely that the number of
forwarding table entries will increase.
• This is because the intent of classless addressing is to divide up the
whole address space into manageable blocks.
• The increased size of the table results in an increase in the amount of
time needed to search the table.
• To alleviate the problem, the idea of address aggregation was
designed.
Address aggregation
Longest Mask Matching

• What happens if one of the organizations in the previous figure is not

geographically close to the other three
• For example, if organization 4 cannot be connected to router R1 for some
reason,
• can we still use the idea of address aggregation and still assign block
140.24.7.192/26 to organization 4?
• The answer is yes, because routing in classless addressing uses another
principle, longest mask matching.
• This principle states that the forwarding table is sorted from the longest
mask to the shortest mask.
• In other words, if there are three masks, /27, /26, and /24, the mask /27
must be the first entry and /24 must be the last.
• Let us see if this principle solves the situation in which organization 4 is
separated from the other three organizations.
Longest mask matching
Hierarchical Routing
• We said that the Internet is divided into backbone and national ISPs.
• National ISPs are divided into regional ISPs, and regional ISPs are divided into local ISPs.
• If the forwarding table has a sense of hierarchy like the Internet architecture, the forwarding
table can decrease in size
• A local ISP can be assigned a single, but large, block of addresses with a certain prefix
length.
• The local ISP can divide this block into smaller blocks of different sizes, and assign these to
individual users and organizations, both large and small.
• If the block assigned to the local ISP starts with a.b.c.d/n, the ISP can create blocks starting
with e.f.g.h/m, where m may vary for each customer and is greater than n.
• The rest of the Internet does not have to be aware of this division.
• All customers of the local ISP are defined as a.b.c.d/n to the rest of the Internet.
• Every packet destined for one of the addresses in this large block is routed to the local ISP.
• There is only one entry in every router in the world for all of these customers.
• They all belong to the same group.
• Of course, inside the local ISP, the router must recognize the subblocks and route the packet
to the destined customer.
Example 18.10
As an example of hierarchical routing, let us consider Figure below. A regional ISP is
granted 16,384 addresses starting from 120.14.64.0. The regional ISP has decided to divide
this block into 4 subblocks, each with 4096 addresses. Three of these sub-blocks are
assigned to three local ISPs, the second sub-block is reserved for future use. Note that the
mask for each block is /20 because the original block with mask /18 is divided into 4 blocks.
Geographical Routing

• To decrease the size of the forwarding table even further, we

need to extend hierarchical routing to include geographical
routing.
• We must divide the entire address space into a few large blocks.
• We assign a block to America, a block to Europe, a block to
Asia, a block to Africa, and so on.
• The routers of ISPs outside of Europe will have only one entry
for packets to Europe in their forwarding tables.
• The routers of ISPs outside of America will have only one entry
for packets to America in their forwarding tables, and so on.
Forwarding Table Search Algorithms

• In classless addressing, there is no network information in the

destination address.
• The simplest, but not the most efficient, search method is called the
longest prefix match (as we discussed before).
• The forwarding table can be divided into buckets, one for each prefix.
• The router first tries the longest prefix.
• If the destination address is found in this bucket, the search is complete.
• If the address is not found, the next prefix is searched, and so on.
• It is obvious that this type of search takes a long time.
• One solution is to change the data structure used for searching.
• Instead of a list, other data structures (such as a tree or a binary tree)
can be used.
Forwarding Based on Label

• In the 1980s, an effort started to somehow change IP to behave like a

connection oriented protocol in which the routing is replaced by
switching
• As we discussed earlier in the chapter, in a connectionless network
(datagram approach), a router forwards a packet based on the
destination address in the header of the packet.
• On the other hand, in a connection-oriented network (virtual-circuit
approach), a switch forwards a packet based on the label attached to the
packet.
• Routing is normally based on searching the contents of a table;
switching can be done by accessing a table using an index.
• In other words, routing involves searching; switching involves
accessing
Example 18.11
• Figure below shows a simple example of searching in a forwarding table using the
longest mask algorithm. Although there are some more efficient algorithms today, the
principle is the same.

• When the forwarding algorithm gets the destination address of the packet, it needs to
delve into the mask column.
• For each entry, it needs to apply the mask to find the destination network address.
• It then needs to check the network addresses in the table until it finds the match.
• The router then extracts the next-hop address and the interface number to be delivered
to the data-link layer.
Example 18.12
• Figure below shows a simple example of using a label to access a switching
table. Since the labels are used as the index to the table, finding the
information in the table is immediate.
Multi-Protocol Label Switching (MPLS)

• During the 1980s, several vendors created routers that implement

switching technology.
• Later IETF approved a standard that is called Multi-Protocol
Label Switching.
• In this standard, some conventional routers in the Internet can be
replaced by MPLS routers, which can behave like a router and a
switch.
• When behaving like a router, MPLS can forward the packet based
on the destination address; when behaving like a switch, it can
forward a packet based on the label.
 A New Header
• To simulate connection-oriented switching using a protocol like IP, the first thing
that is needed is to add a field to the packet that carries the label
• The IPv4 packet format does not allow this extension (although this field is
provided in the IPv6 packet format).
• The solution is to encapsulate the IPv4 packet in an MPLS packet (as though
MPLS were a layer between the data-link layer and the network layer).
• The whole IP packet is encapsulated as the payload in an MPLS packet and an
MPLS header is added
 MPLS Header Stack
• The MPLS header is actually a stack of subheaders that is used for multilevel
hierarchical switching
• MPLS header in which each subheader is 32 bits (4 bytes) long.

• Label: This 20-bit field defines the label that is used to index the forwarding table
in the router.
• Exp: This 3-bit field is reserved for experimental purposes.
• S: The one-bit stack field defines the situation of the subheader in the stack. When
the bit is 1, it means that the header is the last one in the stack.
• TTL: This 8-bit field is similar to the TTL field in the IP datagram. Each visited
router decrements the value of this field. When it reaches zero, the packet is
discarded to prevent looping.
Hierarchical Switching

• A stack of labels in MPLS allows hierarchical switching.

• This is similar to conventional hierarchical routing.
• For example, a packet with two labels can use the top label to
forward the packet through switches outside an organization; the
bottom label can be used to route the packet inside the
organization to reach the destination subnet.

Routers as Packet Switches

• As we may have guessed by now, the packet switches that are
used in the network layer are called routers.
• Routers can be configured to act as either a datagram switch or
a virtual-circuit switch.
We have Discussed the Key Terms
• Subnetting
• NAT
• Desgning Subnets
• Address Translation
• Address Aggregation
• Translation Field
• Special Address
• Forwarding of IP Packets
• DHCP Dynamic Host Configuration Control
• Address Aggregation
• DHCP Message Format
• Longest Mask Matching
• DHCP Option Field
• Hierarchical Routing
• Options of DHCP
• Geographical Routing
○ DHCPOFFER
• Forwarding Table Search Algorithm
○ DHCPREQUEST
• Forwarding based on Tables
○ DHCPACK
• MPLS Multi-Protocol Label
• Using FTP
Switching
• Error Control
• A New Header
• Transition States
• MPLS Header Stack
• NAT Network Address Resolution
• Hierarchical Switching
• Private IPv4 Addresses
• Router on Packet Switches
Thats All for Today