Computer Networks

Chapter 5
Network Layer 2

Prof. M.Sreenivasa Rao

 The Weeks Ahead
Mar 11 Chapter 5.1: Network Layer
Mar 13 Chapter 5.1
Mar 18 EXAM 2
Mar 20 Chapter 5.1:
Mar 21 LAB – You should have several tests running.
Mar 25 Chapter 5.2: More Network Layer
Mar 27 Chapter 5.2:
Apr 1 Chapter 5.2
Apr 3 Chapter 6.1: Transport Layer
Apr 8 Chapter 6.1:
Apr 10 EXAM 3
Apr 15 Chapter 6.1:
Apr 17 Chapter 6.1:
Apr 22 Chapter 6.1:
Apr 24 Chapter 6.1:
Apr 25 LAB – Drop Dead Date!!
May 3 Final Exam – 8:00 – 10:00

Chap. 5- Net2 2
 Chapter Overview
The Network Layer is concerned about getting
packets from source to destination, no
matter how many hops it may take. It’s all
about routing.

5.1 Network Layer Design Issues

What do we need to think about in this layer?
5.2 Routing Algorithms
Strategies for getting from source to
destination.
5.3 Congestion Control Algorithms
How do we keep from bottlenecking from too
many packets?

5.4 Internetworking
Working with multiple networks and protocols in
order to deliver packets.

5.5 The Network Layer in the Internet

Gluing together a collection of subnets.

Chap. 5- Net2 3
 Overview
Internetworking

5.1 Network Layer Design Issues Getting various networks to all play together.
5.2 Routing Algorithms Problems occur because:
1. Companies don’t have cohesive policies for
5.3 Congestion Control networking.
Algorithms 2. New technology replaces some of the old
5.4 Internetworking technology.
5.5 The Network Layer in the
Internet

Chap. 5- Net2 4
 Internetworking Overview

Reminder: The Internet is a homogeneous collection of networks,

all using TCP/IP and associated protocols. The internet, the
more generic term, is made up of a hodgepodge of different
hardware and protocols.

Multiple networks and multiple network types are a fact of life:

There are a number of reasons for this:

• Growth: Individual departments in a university buy LANs for

their own machines and eventually want to interconnect with
other campus LANs.

• Fault isolation, geography, and security: Even when feasible to

use one network, an organization can obtain exclusive control
over a single local network.

• Control: Some organizations want to be able to say what

happens on their network.

• Modernization: As new technology appears, some

organizations replace their networks while other’s don't.

Chap. 5- Net2 5
Internetworking Overview

An example of mixing together multiple types of networks.

Chap. 5- Net2 6
 Internetworking Overview

Internetworking deals with the issues of interconnecting multiple networks. Physical networks can be
connected at several levels:

1. Repeaters operate at the physical layer (layer 1), copying signals from one LAN to another. They
operate at the bit level, and have no notion of what the bits (or even frames!) mean.

2. Bridges operate at the data link layer (layer 2), copying frames from one LAN to another.
a. They perform store-and-forward packet switching, but use only level-2 (e.g. frame fields)
information.
b. We've talked about these before in regard to the MAC layer, where we looked at spanning tree
and source routing methods.

3. Routers operate at the network layer (level 3).

a. Similar to bridges in concept.
b. At the network layer, they are fully aware of different network technologies, and can problems
as interconnect different between them.

4. Transport gateways connect two networks at the transport layer (level 4).

5. Application gateways operate at higher levels (level “7”). Application gateways can translate
between OSI mail and SMTP (Internet) mail formats, for instance.

Chap. 5- Net2 7
 Internetworking Overview

Router Ownership

One issue that arises with Routers is who owns them.

1. Typically, bridges connect LANs of one organization, and so ownership is not an

issue.

2. The ownership question is important for routers because someone has to be

responsible for the router's operation and dual ownership frequently leads to finger
pointing when something goes wrong.

3. One solution is to use half gateways.

• If two countries are involved, for instance, each country owns its half of the router,
with a wire separating the two.
• A special protocol operates over the wire, and each half of the router is
responsible for implementing the protocol.
• For example, the CCITT X.75 standard is used to connect half gateways in
connection-oriented networks.

The reality isn't so simply layered - many products combine bridge and router functionality.

Chap. 5- Net2 8
 Internetworking How Networks Differ

We've looked at some of these properties before, but here are a list of differences:

Item Some Possibilities

Service Offered Connection-oriented versus connectionless
Protocols IP, IPX, CLNP, Appletalk, DecNet, . . . .
Addressing Flat (802) versus hierarchical (IP)
Multicasting Present or absent (also broadcasting)
Packet Size Every network has its own max
Quality of Service May be present or absent - many different kinds
Error Handling Reliable, ordered, and unordered delivery
Flow control Sliding window, rate control, other, none
Congestion Control Leaky bucket, choke packets, etc.
Security Privacy rules, encryption, etc.
Parameters Different timeouts, flow specs, etc.
Accounting By connect time, by packet, by byte, or none

Chap. 5- Net2 9
 Internetworking Multiprotocol Routers

Can use "routers" and "gateways" interchangeably or think of routers as within a subnet (same network)
versus gateways (between subnets).

Text calls gateways multi-protocol routers.

Protocol Routers are packet switches that operate at the network layer (level 3). Operating at the
network level gives routers increased flexibility compared to bridges in terms of:

1. Translating addresses between dissimilar networks.

2. Fragmenting large packets for transmission across networks that carry only small maximum
packet lengths.

3. Selecting an appropriate path through the subnet.

4. Enforcing policies (e.g., don't forward any local packets off of this network).

Because routers do more work than bridges, they generally run slower than bridges.

Chap. 5- Net2 10
 Internetworking Concatenated Virtual Circuits

Internetworking in a connection-oriented environment operates essentially as in the single network case:

1. The sending host opens a virtual circuit as before, but now a circuit goes through router hops.

2. Any two neighboring routers at the internetworking level must be connected to a common network.

3. Regular router-based virtual circuits connect neighboring routers on the same physical network.

4. The end-to-end virtual circuit is a concatenation of individual virtual circuits through each of the
networks along the path.

So each gateway/router maintains tables for each of the connections passing through it - what router to
pass the packet on to, and an identifier for the virtual circuit.

Chap. 5- Net2 11
 Internetworking Connectionless Internetworking
Connectionless internets operate just as connectionless networks.
• A host sends a packet to a neighboring router, which forwards it the next router, and so forth.
• Just as with connectionless networks, routers make only a best-effort attempt at delivering the packet.

Datagrams

The Network layer puts datagrams on the subnet. See Figure 5.37

Issues that must be dealt with:

• Networks with different networks protocols are tough to translate between. This is rarely attempted.
(See tunneling below.)
• Addressing - when adjacent networks have differing address schemes, the going gets tough. Again,
problems are generally insurmountable.

Chap. 5- Net2 12
Internetworking Connectionless Internetworking

Model Advantages Disadvantages

• Buffers can be reserved in advance • Table space required

Virtual Circuit • Sequencing guaranteed • Can't avoid congestion
• No delayed/duplicate packets • Vulnerable to failures
• Impossible to implement if intervening
network is unreliable

• Can adapt to congestion • Susceptible to congestion

Datagrams • Can handle router failures
• None of intervening networks need
to be virtual circuits.

Chap. 5- Net2 13
 Internetworking Tunneling

Tunneling is a special case between two same-type networks across intervening foreign
network(s).
• The whole packet is encapsulated in the protocol of the foreign network to be crossed,
and then restored on the other side. See Figure 5.38
• This avoids, totally, trying to translate the packet.

Chap. 5- Net2 14
 Internetworking Fragmentation
How to cross networks whose maximum transmission unit (MTU) is smaller than the packet being
transmitted.

1. Connection-oriented internets avoid this problem.

a. By selecting a maximum packet size at connection set up time.
b. That maximum is just min( MTU 1, MTU2, ...) of the MTUs in the intervening network.
c. Once the connection is established, the path never changes, so the sender can select a
packet size and never again worry that it will be too large.

2. In connectionless internets, the appropriate packet size depends on the path used.
a. Thus, it can change at any time.

In the general case, setting a minimum MTU for all networks is impractical. A minimum MTU would of
necessity be small, yet sending larger packets should be encouraged for efficiency reasons.

Solutions:

1. Have router drop packets that are too large to send across a network and return an error message
to the sender. The sending host could then retransmit the data in a smaller packet.

2. Have router fragment large packets into several fragments, each small enough to traverse the
network. There are two flavors called Transparent and non-Transparent Fragmentation.

Chap. 5- Net2 15
 Internetworking Fragmentation

Transparent Fragmentation

With transparent fragmentation, end hosts (sender and receiver) are unaware that fragmentation has
taken place.
A router fragments a packet, and the next-hop router on the same network reassembles the fragments
back into the original packet.

Drawbacks are:

1. All fragments must travel through to the same router. They must all be reassembled by the same
next-hop router

2. Routers must be careful to avoid re-assembly lockup. (The deadlock problem discussed earlier,
where a router has used up all of its buffer space to hold fragments and can no longer accept
new ones).

3. Reassembling fragments uses precious router resources that could otherwise be used
forwarding packets).

4. May fragment/re-assemble several times along the route!

Chap. 5- Net2 16
 Internetworking Fragmentation

Non-Transparent Fragmentation:

As before, routers fragment packets when needed. Routers along the path do not reassemble.
Destination hosts perform re-assembly (if needed).
Downsides are:

1. Now every host must be prepared to do this job.

2. Overhead of carrying along small segments lasts until destination.

Problems Associated With Fragmentation in General:

1. Fragmenting increases waste: the sum of the bits of the individual fragments exceeds the
number of bits in the original message.

2. Loss of a single fragment requires an end-to-end retransmission; the loss of a single fragment
has the same effect as losing the entire packet.

3. More work to forward three small packets than one large one. The cost of forwarding packets
includes a fixed per-packet cost, that includes doing the route lookup, fielding interrupts, etc.

Chap. 5- Net2 17
 Internetworking Firewalls
Require all network traffic to/from organization to go through a single point (firewall). The firewall has:
1. Packet filters
2. Application Gateway
3. Proxy Server

Packet Filters:

A router that inspects packets according to a set of rules. Rules generally consist of tables detailing what:
• remote machines can be communicated with.
• ports can be accessed.
Since functionality is associated with ports, incoming requests to port 79 (Finger) could be blocked.
Users could be prevented from telneting into the company, instead going through a modem with additional
password protection.

Chap. 5- Net2 18
 Internetworking Firewalls

Application Gateway:

Actually looks at content - mail handler might reject spams, very large messages, “lurid” words, etc.

Editorial: If you allow the Internet on your site, you have only modest hope of real security.

Proxy Server:

• Works as an intermediary between a browser and an database/FTP/etc. server.

• This Proxy Server translates between HTTP and FTP for instance.
• Keeps browser from having to know many protocols.
• Can cache previously requested pages.

Within a firewall:
• A local browser talks to the local proxy server (within the firewall.)
• That Proxy contacts remote sites and fetches pages.
• This fetching can be selective (protecting schoolkids, etc.)

Chap. 5- Net2 19
 Overview
Network Layer In
The Internet
5.1 Network Layer Design Issues This section is TCP specific
5.2 Routing Algorithms
It’s how the Internet works.
5.3 Congestion Control
Algorithms Defined by RFC 791.
5.4 Internetworking
5.5 The Network Layer in the Most Popular Layer 3.
Internet

Chap. 5- Net2 20
 Network Layer In The IP Protocol
The Internet
The Internet protocol suite covers (mostly) layers 3, 4, and 5, where ‘layer 5' means
everything in OSI layers 5-7.

At the physical and datalink layers, the TCP/IP protocols don't define any standards.

The protocols have been designed to operate over a large number of layer 2 protocols.

The Internet Protocol (IP) is a network layer protocol.

a. Hosts and gateways process packets called Internet datagrams (IP datagrams).
b. IP provides connectionless, best-effort delivery service to the layers above it.

The Transmission Control Protocol (TCP) is a transport layer protocol.

a. Provides reliable stream service between processes on two machines.
b. It is a sliding window protocol that uses acknowledgments and retransmissions to
overcome the unreliability of IP.

The Universal Datagram Protocol (UDP) is a Transport Layer Protocol.

a. It provides connectionless datagram service between processes.

Chap. 5- Net2 21
 Network Layer In The IP Protocol
The Internet
Application protocols include:

SMTP:
The Simple Mail Transfer Protocol is used to send mail from one machine to another.

SNMP:
The Simple Network Management Protocol provides monitoring and managing capabilities
for a network.

Telnet:
Provides remote login service. It allows a user on one machine to log into another machine
on the network.

FTP:
The File Transfer Protocol copies arbitrary files (e.g. binary, data, and source) from one
machine to another.

SSH, RLOGIN, RSH:

Methods for logging on to a remote machine.
Chap. 5- Net2 22
 Network Layer In The IP Protocol
The Internet
Network Byte Order

One problem that often arises is that different machines represent integers in different ways:

Big Endian machines such as IBM and Sun-3 computers store the most significant byte of
a 32-bit integer in the lowest memory address of the word (e.g. to the left).
• The integer 0x01020304 is laid out in memory as bytes 0x01, 0x02, 0x03, and 0x04.

Little Endian machines such as the Intel Processor store the most significant byte at the
highest address.
• The integer 0x01020304 is laid out in memory as bytes 0x04, 0x03, 0x02, 0x01.

Other machines (such as DEC-10s) use 36-bit words to hold integers.

As with all network protocols, the standards specify the meanings of all bits in each field,
right down to the bit and byte order.
The Internet defines a network Big Endian standard byte order that is used when referring to
the fields of Internet datagrams.

Chap. 5- Net2 23
 Network Layer In The IPV4 Protocol
The Internet
INTERNET PROTOCOL (IP)

The goal of IP is to interconnect networks of diverse technologies and create a single, virtual
network to which all hosts connect.

Hosts communicate with other hosts by handing datagrams to the IP layer;

• The sender doesn't worry about the details of how the networks are actually interconnected.
• IP provides unreliable, connectionless delivery service.
• IP defines a universal packet called an Internet Datagram.

All Internet hosts and gateways

process IP datagrams.

Chap. 5- Net2 24
 Network Layer In The IPV4 Protocol
The Internet
1. Version number (4-bits):
• The current protocol version is 4.
• Including a version number allows a future version of IP be used along side the current
version, facilitating migration to new protocols.

2. Header length (4-bits):

• Length of the datagram header (excluding data) in 32-bit words.
• The minimum length is 5 words = 20 bytes, but can be up to 15 words if options are
used.
• In practice, the length field is used to locate the start of the data portion of the datagram.

Chap. 5- Net2 25
 Network Layer In The IPV4 Protocol
The Internet
3. Type-of-service (8-bits):
A hint to the routing algorithms as to what type of service we desire.

Precedence (3-bits): A priority indication, where 0 is the lowest and means normal service, while 7 is
highest and is intended for network control messages (e.g., routing, congestion control).

Delay (1-bit): An Application can request low delay service (e.g., for interactive use).

Throughput (1-bit): Application requests high throughput.

Reliability (1-bit): Application requests high reliability.

Note: These last three TOS bits will generally be mutually exclusive. Does setting the low-delay bit
guarantee getting such service? No. The type-of-service field is meant as a request or hint to the
routing algorithms, but does not guarantee that your request can be honored (e.g., there may not
be a low-delay path available).

In practice, routers ignore the TOS field in IPV4.

Chap. 5- Net2 26
 Network Layer In The IPV4 Protocol
The Internet
4. Total length (16-bits):

Total length of the IP datagram (in bytes), including data and header. The size of the data
portion of the datagram is the total length minus the size of the header.

Chap. 5- Net2 27
 Network Layer In The IPV4 Protocol
The Internet
5 - 8. Identification (16-bits), Flags (3-bits), Fragment offset (13-bits):

These three fields are used for fragmentation and reassembly.

• Gateways along a path are free to fragment datagrams as needed; hosts are
required to reassemble fragments before passing complete datagrams to the higher
layer protocols.
• Each fragment contains a complete copy of the original datagram header plus some
portion of the data.
• A receiving host must match arriving fragments with the proper original datagram.
• These fragments may be out of order and interleaved with other fragments.
• All fragments of a datagram will have the same source and destination IP address.
• But, other datagrams between those two machines will share these fields as well, so
this is not enough.

Chap. 5- Net2 28
 Network Layer In The IPV4 Protocol
The Internet
5 - 8. Identification (16-bits), Flags (3-bits), Fragment offset (13-bits) (Continued):
The identification field uniquely identifies fragments of the same original datagram.

Whenever a host sends a datagram, it sets the identification field of the outgoing datagram
and increments its local identification counter.

The offset field shows order of the fragments.

When a gateway fragments a datagram, it sets the offset field of each fragment to reflect at
what data offset with respect to the original datagram the current fragment belongs.

Fragmentation occurs in 8-byte chunks, so the offset holds the “chunk number”.

Gateways can further fragment fragments!

A 400-byte fragment having an offset of 300 chunks could be split into two 200-byte
fragments having offsets of 300 and 325 chunks, respectively.

Chap. 5- Net2 29
 Network Layer In The IPV4 Protocol
The Internet
We need to know when we’ve received all of the fragments. To help with this, the flags field
may contain:

A Don't Fragment indication (set by host, honored by gateways). (A 1-bit flag.)

The More Fragments field indicates that another fragment follows this one. This
fragment is not the last fragment of the original datagram.

An unfragmented datagram has an offset of 0, and a More Fragment bit of 0.

The last fragment of a fragmented datagram contains More Fragment = Clear and the Offset
non-zero.

Note:
The total length field of the IP header refers to the current datagram, not the original.
Thus, the More Fragment bit is needed in order for the recipient host to determine when it
has all fragments of a datagram.

Chap. 5- Net2 30
 Network Layer In The IPV4 Protocol
The Internet
5 - 8. Identification (16-bits), Flags (3-bits), Fragment offset (13-bits) (Continued):

Example:
Original Frame: IHL = 5, Length = 656, Fragment Offset = 0, More = 0
Fragment 1: IHL = 5, Length = 252, Fragment Offset = 0, More = 1
Fragment 2: IHL = 5, Length = 252, Fragment Offset = 29, More = 1
Fragment 3: IHL = 5, Length = 192, Fragment Offset = 58, More = 0

Chap. 5- Net2 31
 Network Layer In The IPV4 Protocol
The Internet
9. Time-to-live (8-bits):

• A counter that is decremented by each gateway.

• Should this hopcount reach 0, discard the datagram.
• Originally, the time-to-live field was intended to reflect real time.
• In practice, it is now a hopcount.
• The time-to-live field squashes looping packets.
• It also guarantees that packets don't stay in the network for longer than 255 seconds, a
property needed by higher layer protocols that reuse sequence numbers.

10. Protocol (8-bits):

• What type of data the IP datagram carries (e.g., TCP, UDP, etc.).
• Needed by the receiving IP to know the higher level service that will next handle the
data.

Chap. 5- Net2 32
 Network Layer In The IPV4 Protocol
The Internet
11. Header Checksum (16-bits):

A checksum of the IP header (excluding data).

The IP checksum is computed as follows:

 Treat the data as a stream of 16-bit words (appending a 0 byte if needed).

 Compute the 1's complement sum of the 16-bit words. Take the 1's complement of
the computed sum.

This checksum is much weaker than the CRCs we have studied.

But, it has the property that the order in which the 16-bit words are summed is irrelevant.
We can place the checksum in a fixed location in the header, set it to zero, compute the
checksum, and store its value in the checksum field.

On receipt of a datagram, the computed checksum calculated over the received packet
should be zero.

Check summing only the header reduces the processing time at each gateway, but forces
transport layer protocols to perform error detection (if desired).

The header must be recalculated at every router since the time_to_live field is decremented.
Chap. 5- Net2 33
 Network Layer In The IPV4 Protocol
The Internet
12. Source address (32-bits):

Original sender's address. This is an IP address, not a MAC address.

13. Destination address (32-bits):

Datagram's ultimate destination.

Note: When a gateway forwards a frame to another gateway, it forwards an Ethernet frame.

The IP embedded datagram contains the source of the original sender (not the forwarding
gateway) and the destination address of the ultimate destination.

Chap. 5- Net2 34
 Network Layer In The IPV4 Protocol
The Internet
14. IP Options

IP datagrams allow the inclusion of optional, varying length fields that need not appear in every
datagram. We may sometimes want to send special information, but we don't want to dedicate a
field in the packet header for this purpose.

Options start with a 1-byte option code, followed by zero or more bytes of option data.

The option code byte contains three parts:

copy flag (1 bit): If 1, replicate option in each fragment of a fragmented datagram. That is, this option
should appear in every fragment as well. If 0, option need only appear in first fragment.

option class (2 bits): Purpose of option:

0 = network control
1 = reserved
2 = debugging and measurement
3 = reserved

option number (5 bits): A code indicating the option's type. See Figure 5.46 for these.
Chap. 5- Net2 35
 Network Layer In IPV4 Addresses
The Internet
In the Internet, names consist of human-readable strings such as osborne, babbage, or
[email protected] or [email protected].

Addresses consist of compact, 32-bit identifiers. Internet software translates names into addresses and
addresses into names; lower protocol layers always uses addresses rather than names.

Internet addresses are hierarchical, consisting of two parts:

• network: The network part of an address identifies which network a host is on. Conceptually, each
LAN has its own unique IP network number.

• local: The local part of an address identifies which host on that network.

We'll look at subnets that add a third level to the hierarchy. With subnetting, the local part may consist of
a `site'), which is further broken down into local network number, local host.

The Internet consists of a collection of physical networks, each of which is assigned a unique number.
The network number is used to route between gateways.
Only the gateway on the same network as the destination uses the local part of the address in forwarding
a datagram.
Analogy: Zip codes get a letter to the local post office, the address takes it from the post office to your
house.
Chap. 5- Net2 36
 Network Layer In IPV4 Addresses
The Internet
Address Classes

The Internet designers were unsure whether the world would evolve into a few networks with many hosts
(e.g., large networks), or many networks each supporting only a few hosts (e.g., small networks).
Thus, Internet addresses handle both large and small networks.
Internet address are four bytes in size, where:

Class A addresses start with a `0' in the most

significant bit, followed by a 7-bit network
address and a 24-bit local part.

Class B addresses start with a `10' in the two most

significant bits, followed by a 14-bit network
number and a 16-bit local part.

Class C addresses start with a `110' in the three

most significant bits, followed by a 21-bit
network number and an 8-bit local part.

Class D addresses start with a `1110' in the four

most significant bits, followed by a 28-bit group
number. Used for multicast.

Class E addresses start with a ‘11110’ and are

reserved for future use.
Chap. 5- Net2 37
Network Layer In IPV4 Addresses
The Internet

Chap. 5- Net2 38
 Network Layer In IPV4 Addresses
The Internet
Address Classes

The use of fixed-sized IP addresses makes the routing operation efficient.

In the ISO world, addresses are of varying format and length and extracting the address
from the packet may not be straightforward.

Registration of addresses is through the NIC (Network Information Center.)

See Figure 5.48 for the use of special addresses.

Chap. 5- Net2 39
 Network Layer In IPV4 Addresses
The Internet
Address Classes
Sample addresses can be obtained by using gethostbyname.

1998 Addresses 2002 Addresses

garden.wpi.edu 130.215.8.145 (class B) 130.215.28.200 (class B)
wpi.edu: 130.215 (a network addr) 130.215.24.6
gwen.cs.purdue.edu: 128.10.3.8 (class B)
eznet.net: 198.70.51.10 (Class C) 209.105.128.10
home.eznet.net 205.247.58.99 (Class C)
stanford.edu: 36.56.0.10 (class A)
breecher.net 216.168.224.70
clark.edu 192.102.5.4
babbage.clarku.edu 140.232.101.102
osborne.clarku.edu 140.232.101.115 (Class ?)
www.microsoft.com 207.46.197.102
207.46.197.113
207.46.230.218
207.46.230.219
207.46.230.220
207.46.197.100

Chap. 5- Net2 40
 Network Layer In IPV4 Addresses
The Internet
Address Classes

Note: Internet addresses refer to network connections rather than hosts.

a) Gateways, for instance, have two or more network connections and each interface
has its own IP address.
b) There is not a one-to-one mapping between host names and IP addresses.

Internet addresses are hierarchical addresses.

a) Datagrams are initially routed only by network number.
b) Only the gateway connected to the destination network uses the local part while
performing the routing operation.

What happens to a host's internet address if that host moves from one network to another?
a) Its Internet address must change.
b) It’s important to distinguish between a machine's name and its address.
c) Physical (ethernet) address is constant, network (IP) address may change.

Chap. 5- Net2 41
 Network Layer In Subnets
The Internet
This usage of “Subnets” is different from that we used
Goals: before to define the routers and lines in a network.
• We want to be able to reduce the number of networks seen by the outside world;
• We want to simplify the management of those many networks within the organization;
• We want to be able to slice the network/node “pie” in various ways.

1. A large organization or campus might have 30 or more LANs (one for each
department).
2. An organization will probably have only a single connection to the rest of the Internet.
3. In order for every local host to be able to communicate with other Internet machines,
routing entries for each of the 30 networks must exist in the core gateways.
4. In order for other sites to be able to respond to our queries, they must be able to route
packets back to us.
5. Wouldn't it be nice if we only needed to advertise a single network number for all 30
networks?

The Answer:
• Subnet addressing is a technique that allows a set of multiple, interconnected networks
to be covered by a single IP network number.
• IP addresses have a well-defined structure that allows a gateway to extract the network
portion of an address by simply looking at its class and an optional netmask.

Chap. 5- Net2 42
 Network Layer In Subnets
The Internet
With subnetting, the local part of an IP address is further subdivided into a network and a
host part:

Consider two addresses 128.204.2.29 and 128.204.3.109.

Are they on the same network?

NO.
• They refer to hosts on the same network address (128.204), but they can actually be on
different ethernets connected by a bridge.

• To do this, we divide the local part (the two bytes to the right of 128.204) into a 1-byte
network part and a 1-byte host part.

• When sending data to 128.204.3.109 local gateways first route datagrams to the
(sub)network 128.204.3 rather than (IP network) 128.204.

• 128.204.2 and 128.204.3 are distinct (sub)networks.

• To the outside world, there is only a single network 128.204.

• Each of the individual networks is called a subnet.

Chap. 5- Net2 43
 Network Layer In Subnets
The Internet
With subnetting, the local part of an IP address is further subdivided into a network and a host
part:

Consider two addresses 128.204.2.29 and 128.204.3.109.

Are they on the same network?

YES.
• They refer to hosts on the same network address (128.204), but they can actually be on
the same ethernet.
• To do this, we divide the local part (the two bytes to the right of 128.204) into a 7-bit
network part and a 9-bit host part.
• Our example above is a Class B address; the technique applies also to Classes A and C.

Chap. 5- Net2 44
 Network Layer In Subnets
The Internet

To implement subnetting, hosts and gateways use a subnet mask to extract the network
part of an IP address. This mask can be seen in Figure 5.49. In this example, 6 bits
are reserved for subnet, and 10 bits for host.

To distinguish between direct (the router knows how to get to the destination) and indirect
(the router sends the packet off for someone else to figure it out) routing,

Without subnets, a router has tables of the form:

(other_network, 0) and (this_network, host).

With subnets, a router has tables of the form:

(this_network, subnet, 0) and (this_network, this_subnet, host).

Chap. 5- Net2 45
 Network Layer In Subnets
The Internet
1. Determining the subnetwork number of a network interface:
a) Each network interface has a subnet mask.
b) The subnet mask ANDed with the interface address yields the network number of the
interface.

2. For each of the machine's interface ports (hosts usually have only one, routers have
many):
a) Extract the destination address DEST from the datagram.

b) If ( ( port_interface_address & subnet_mask ) == ( DEST & subnet_mask ) ), direct

routing with this port can be used.

The routing algorithms described earlier remain essentially the same when subnetting is in use.
a) Routing algorithms may need to propagate the mask with a network number in routing
updates.
b) They need the mask to extract (sub)network numbers.
c) Subnetting extends the number of levels in the Internet's hierarchical routing scheme.
d) It trades off optimality of routes vs. table space in gateways.

Host can find out its mask: Host sends ICMP address mask requests; responses contain the
mask for the local network.

Chap. 5- Net2 46
Network Layer In Subnets
The Internet
27 26 25 24 23 22 21 20

128 64 32 16 8 4 2 1

140.192.56.45

140 192 56 45
IP Address
1 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 1 0 1 1 0 1
Network Subnet Host
255 255 255 0
NetMask
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0

140 192 56 0
Network Address
1 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0

140.192.56.0/24
24-bit mask
8-bit subnet mask

140.192.56.45
140 192 56 45
IP Address
1 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 1 0 1 1 0 1
Network Subnet Host
255 255 240 0
NetMask
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0

140 192 48 0
Network Address
1 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0

140.192.48.0/20
20-bit mask
4-bit subnet mask

Chap. 5- Net2 47
Network Layer In Subnets
The Internet
27 26 25 24 23 22 21 20

128 64 32 16 8 4 2 1

140.192.138.95
140 192 138 95
IP Address
1 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0

255 255 240 0

NetMask
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0

140 192
Network Address
1 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0

140.192.138.95
140 192 138 95
1 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0

255 255 255 252

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

140 192
1 0 0 0 1 1 0 0 1 1 0 0 0 0 0 0

Chap. 5- Net2 48
 Network Layer In Internet Control Protocols
The Internet
INTERNET CONTROL MESSAGE PROTOCOL (ICMP)

The Internet Control Message Protocol (ICMP) allows gateways and hosts
to send network control information to each other.

From a layering point of view, ICMP is a separate protocol that sits above
IP and uses IP to transport messages.

In practice, ICMP is an integral part of IP and all IP modules must support

the ICMP protocol.
Transport
ICMP datagrams are encapsulated within IP datagrams and processed by TCP/UDP
IP in the same way as TCP and UDP datagrams;
ICMP
if special processing is needed, the IP type-of-service (TOS) field could be
used.

IP

Chap. 5- Net2 49
 Network Layer In Internet Control Protocols
The Internet
INTERNET CONTROL MESSAGE PROTOCOL (ICMP)

There are two general types of ICMP messages:

Information messages, where a sender sends a query to another

machine (either host or gateway) and expects an answer. For
example, a host might want to know if a gateway is alive.

Error indication messages, where the IP software on a host or

gateway has encountered a problem processing an IP datagram. Transport
For example, it may be unable to route a datagram to its TCP/UDP
destination, or it may have had to drop a frame.

ICMP
There are a number of message types of which we will talk about
only a few:

IP

Chap. 5- Net2 50
 Network Layer In Internet Control Protocols
The Internet
Echo Requests
The ICMP echo request and echo reply messages are useful for network debugging.

If machine A sends an echo request message to machine B, machine B is required to

respond with an ICMP echo reply.

Most systems supply an application program that sends and receives ICMP echo
messages.

In UNIX, the program ping allows a user to check whether a machine is reachable and
functioning.

Because ICMP messages are handled just like other IP datagrams, ICMP echo messages
test the reach-ability of any host. Also, because ICMP is an integral part of IP, all hosts
and gateways must implement ICMP.

Chap. 5- Net2 51
 Network Layer In Internet Control Protocols
The Internet
Timestamp Messages
ICMP timestamp messages are used to estimate the transmission delays between
machines and to synchronize clocks:

Including both the receive and transmit timestamp allows the sending host to determine the
fraction of time spent transmitting vs. processing the request.

By averaging the measurements of several messages, the sender can estimate the offset
between its local clock and that on the remote machine. Note: it is quite feasible to
synchronize the clocks of all machines on a LAN to within several milliseconds of each
other.

Chap. 5- Net2 52
 Network Layer In Internet Control Protocols
The Internet
When an IP module encounters an error while processing a datagram, it sends an ICMP
error message back to the original sender of the datagram. Errors include:

Destination Unreachable: When a gateway cannot route a datagram (e.g., it doesn't

have an appropriate route in its local table), it discards the message and returns an
ICMP "destination unreachable" message to the sending host. In effect, the host
needs different routing or needs to try again later.

Time Exceeded: As a datagram is processed, gateways decrement its time-to-live

(TTL) field. If the TTL value reaches 0, the gateway discards the datagram and
sends a time exceeded message to the sender. The data portion of the message
includes part of the offending datagram's header.

Parameter Problem: When a host or gateway encounters a problem parsing an IP

datagram, it returns a parameter problem message to the datagram's sender:

Source Quench: When a gateway becomes congested and runs out of buffer space,
it may discard a datagram and return a source quench message. Source quench
messages are used to request that the sender reduce the rate at which it is sending
datagrams.
Chap. 5- Net2 53
 Network Layer In Internet Control Protocols
The Internet
MAPPING BETWEEN INTERNET AND PHYSICAL ADDRESSES

Suppose we have two machines A and B connected to the same network, and A wants to
send an internet datagram to B.

A must know B 's data link layer (MAC) address in order to send frames to B.

The problem of mapping Internet addresses to physical addresses is known as the address
resolution problem.

1. Each e-net device has its own unique number. Change the card and you change its
physical address.

2. Physical address are 6 bytes long, too large to multiplex within an Internet address.

3. New machines can be added to the network with no disruption of service.

4. But, adding new hosts should not require reconfiguring existing hosts to inform them
of the new machine.
Chap. 5- Net2 54
 Network Layer In ARP
The Internet
ARP

The Address Resolution Protocol (ARP) is a protocol that allows hosts to dynamically map
Internet addresses to physical addresses:

1. The requesting machine only needs to know the target machine's IP address.

2. It sends out a special ARP request frame using the Ethernet's broadcast capability.
Thus, every machine on the LAN will receive the ARP request.

3. The ARP request asks `what is the Ethernet address of Internet address A.B.C.D'?

4. Each machine receives a copy of the broadcast message, and the machine having
the desired IP address responds with its Ethernet address.

Of course, a machine doesn't send out an ARP packet each time it wishes to send an IP
datagram.

Instead, each machine maintains a cache of recently used mappings, and an ARP request
is only sent if the desired mapping is not already in the cache.

Chap. 5- Net2 55
 Network Layer In ARP
The Internet
ARP request packets also contain the sender's IP and Ethernet address
pair.
• This eliminates the need for a second ARP request.

If machine A wishes to communicate with machine B, there is high

probability that B will need A 's Ethernet address as well.

Since every machine receives every ARP request (which is broadcast),

how about adding the source address in each ARP request to the
cache?
Transport
• Not a terribly good idea.
TCP/UDP
• Although a network may consist of hundreds of machines, a given
host is unlikely to actively communicate with more than a few at any
one time. IP
• Thus, adding every mapping to the local cache is likely to waste
memory, and may cause the flushing of entries that will be used
again soon to make room for entries that will never be used. ARP

DLL

Chap. 5- Net2 56
 Network Layer In ARP
The Internet
Solution:
Upon receipt of an ARP request from a machine whose IP address is already in the local
ARP cache, update the information for that entry.
• This handles the case of a machine whose Ethernet address changes; ARP entries with
the old value will be overwritten with the new value.

For a target on a remote network, it's a bit more complicated. Broadcasts don't cross
routers. So, the requester, seeing that a request is remote, essentially needs to hand it
off to a router to handle further.

From a layering point of view, ARP sits below IP, but above the data link layer. Transport
TCP/UDP

IP

ARP

DLL

Chap. 5- Net2 57
 Network Layer In ARP
The Internet
ARP Details

Conceptually, ARP consists of two parts: the software responsible for finding the physical
address of an IP address (e.g., a client), and the software responsible for answering
ARP requests from other machines (e.g., a server).

When sending an IP datagram, the sender searches its local ARP cache for the desired
target address. If found, ARP is done.

If not found, send out a broadcast ARP request and wait for the response.

In practice, waiting for a response is somewhat tricky, because the target machine may be
down, the request might become lost and need to be retransmitted, and so forth.

Chap. 5- Net2 58
 Network Layer In ARP
The Internet
ARP packets have been designed in a general way so that the protocol can be used over many different
network technologies. ARP packets have the following format:

1. The 2-byte Hardware-Type field gives the type of the hardware address we are interested in
(e.g., 1 for Ethernet).

2. The 2-byte Protocol-Type field gives the type of the higher level protocol address we are
interested in (e.g., 0x0800 for IP). Note, it is two bytes long, just like the Ethernet type field.

3. A 1-byte Hardware-Length field specifying the length of the hardware address (6 bytes would be
the length for Ethernet).

4. A 1-byte Protocol-Length field specifying the length of the target protocol address (4 for IP).

5. A 16-bit Operation Code field specifying the operation desired (e.g., REQUEST or RESPONSE).

6. The sender's Ethernet address (Sender Hardware Address) (if known).

7. The sender's Internet address (Sender Protocol Address) (if known).

8. The target's Ethernet address (Target Hardware Address) (filled in response).

9. The target's Internet address (Target Protocol Address) (filled in response).

Chap. 5- Net2 59
 Network Layer In Reverse ARP
The Internet
ARP handles the problem of determining the hardware address that corresponds to a given IP address.

But how do I find my own IP address? The protocol that maps hardware addresses to Internet
addresses is called Reverse ARP, or RARP.

Necessary when a diskless machine first boots. It doesn't know its own IP address (and can't read it
from a local disk!). The booting client contacts a server to obtain its Internet address.

1. The client communicates with a server by using a special protocol that requires only Ethernet
frames. In essence it says "My ethernet address is aa.bb.cc.dd.ee.ff. Does anyone know my IP
address?"

2. The broadcast goes to all nodes, including the RARP server. The RARP server maintains a
database of physical address to Internet address mappings.

 The actual format of RARP messages is similar to those of ARP:

 The Ethernet frame type is set to type RARP (0x8035), and RARP defines two new message
types; `RARP request' and `RARP response'.
 The remaining fields are the same as in ARP.

We now see one of the primary benefits of broadcasting; locating servers.

However, because broadcasting is resource intensive, (every machine on the local network must
process the message, even if only to reject it) broadcasting should be used sparingly.

Chap. 5- Net2 60
Network Layer In DHCP
The Internet
DHCP: Dynamic Host Configuration Protocol (RFC 1531)
Used to match workstations with an IP address. This address can be changed every
time the machine boots. Allows configuration flexibility.

Here’s the protocol:

1. Workstation broadcasts DHCPDISCOVER message on power-up.
2. Several DHCP Servers may respond with DHCPOFFER messages containing:
IP address, subnet mask
Router address
Renewal Time
3. Workstation responds to one offer with DHCPREQUEST.
Request may include items like: DNS servers, time servers, boot files,
DHCP Server now binds IP address and replies with DHCPACK message with
requested options.
Manager assigns multiple ranges of IP addresses to each DHCP server and server
manages distribution to clients.
Client must renew IP address at regular intervals indicated by Renewal Time.

Chap. 5- Net2 61
 Network Layer In Gateway Protocol
The Internet
AS - Autonomous System:

Those networks run by independent organizations (for instance, companies.)

Administrative regions that contain a set of networks and gateways.
A site is free to manage routing within its region any way it wishes, and routing information flows among
regions only through carefully controlled mechanisms.

IGP - Interior Gateway Protocol:

A routing protocol that's run within an AS.

1. ASs must be able to isolate themselves from other sites. They should be able to keep their local
internets operating even when other parts of the Internet have failed.
2. Local gateways (probably) don't want to know (in much detail) about topological changes that take
place far away.
3. Sites want administrative control over their gateways and networks and may not want to run the
same routing protocols as other sites.

EGP - Exterior Gateway Protocol:

A routing protocol that's run between ASs. The `glue' that ties autonomous systems together. It:
1. Allows a site to advertise to the rest of the world a path to the networks within its autonomous
system.
2. Allows sites to learn about networks located in other autonomous regions.

Chap. 5- Net2 62
 Network Layer In Interior Gateway Protocol - OSPF
The Internet
OSPF – Open Shortest Path First

Becoming the primary IGP. Allows an addressing hierarchy and thus makes routing easier.

The requirements used when designing OSPF included:

1. Had to be "Open" - published in the literature.

2. Had to support a number of "distance" metrics, including physical length, delay, capacity, etc.

3. Had to be dynamic, able to adapt to changing topologies.

4. Had to support "type of service" - able to change routing behavior based on frame characteristics.

5. Had to do load balancing; able to use multiple routes rather than one at a time.

6. Had to support hierarchical systems so that no one router needed to understand the entire flat
network.

7. Had to provide some kind of security.

Chap. 5- Net2 63
 Network Layer In Interior Gateway Protocol - OSPF
The Internet
OSPF supports three kinds of networks:

1. Point to point lines between two routers.

2. Multiaccess networks with broadcasting (LANs).
3. Multiaccess networks without broadcasting
(packet switched WANs ).

[Here a multiaccess network is one that has multiple

routers, each of which can talk to all the other
routers. This is a common LAN/WAN property.]

As OSPF is defined, it:

1. Divides an Autonomous System into “areas”.

An area is a network or set of contiguous
networks. All routers in an AS do not need to
be in an Area.

2. Uses a link-state algorithm within an area.

Thus distances are calculated based on length,
or other properties. See Figure 5.52

Chap. 5- Net2 64
 Network Layer In Interior Gateway Protocol - OSPF
The Internet
As OSPF is defined (continued), it:

3. Utilizes a Backbone. All areas are

connected to the backbone so packets
can travel from area to area via the
backbone.

4. Employs four classes of routers see

Figure 5.53

 Internal routers connecting

networks wholly within one area.

 Backbone routers on the backbone

area.

 Area border routers connecting two

or more areas (includes connecting
the backbone with an area.)

 AS boundary routers which talk to

routers in other ASes.
Chap. 5- Net2 65
 Network Layer In Interior Gateway Protocol - OSPF
The Internet
As OSPF is defined (continued), it:

5. Supports type of service routing. It provides for multiple paths, with gateways choosing
paths based on the type of service field in IP headers.

6. Supports multipath routing. It distributes traffic over multiple paths to a destination.

7. Includes integrated support for subnetting. Specifically, (network number, network mask)
pairs are distributed in updates.

8. Authenticates updates: Unauthenticated updates make the network extremely vulnerable

to denial of service attacks (e.g., any workstation can send out bogus updates that break
routing).

Chap. 5- Net2 66
 Network Layer In Exterior Gateway Protocol - BGP
The Internet
BORDER GATEWAY PROTOCOL (BGP)

BGP is the current Exterior Gateway Routing Protocol ( EGP ) used.

Distance vector protocol, but not only does it account for distance, but also for specific route
criteria.

BGP can take into account politics, security and economic issues.

Chap. 5- Net2 67
 Network Layer In IPv6
The Internet
Motivation:
1. We will run out of Class B addresses soon (within years).

2. The entire address space of 32 bits will eventually be exhausted. Although 32 bits is 4 billion
nodes, hierarchical routing doesn't distribute addresses evenly.

3. We simply don't know how to scale routing beyond a few tens of thousands of networks. Thus,
increasing the size of IP addresses solves problems 1 and 2, but doesn't help with the scaling
problem.

This is an engineering problem in the sense that distributing routing updates, computing new routing
tables, and holding all routes in memory uses processor and memory resources.

We can do that for 10,000 networks, maybe even 100,000, but not 1,000,000. Finding the right balance
between these costs is difficult.

Need for more addresses provides an opportunity to improve upon other aspects of current IP (IPv4).

Look at header in Figure 5.56 , and address space use in Figure 5.57 on the next page.

During transition period, IPv4 addresses will be included in IPv6 addresses.

Chap. 5- Net2 68
Network Layer In IPv6
The Internet

Chap. 5- Net2 69
 Examples
TCP/IP Routing
IP Routing

140.192.10.5 140.192.10.25 140.192.100.34 140.192.100.8

0060CA23BE45 0060CA34CD29 0060CA4AD2EE 0060CAAABBCC

140.192.10.1 140.192.100.1
00C0C1AA3411 00C0C1AA3412

Router
140.192.201.1 140.192.34.1
00C0C1AA3410 00C0C1AA3413

140.192.201.22 140.192.201.126 140.192.34.34 140.192.34.35

0060CA3499CC 0060CA3499DE 0060CA114499 0060CA7819AA

Chap. 5- Net2 70
 Examples
TCP/IP Routing
140.192.10.5 140.192.10.25 140.192.100.34 140.192.100.8
0060CA23BE45 0060CA34CD29 0060CA4AD2EE 0060CAAABBCC

140.192.10.1 140.192.100.1
00C0C1AA3411 00C0C1AA3412

Router
140.192.201.1 140.192.34.1
00C0C1AA3410 00C0C1AA3413

140.192.201.22 140.192.201.126 140.192.34.34 140.192.34.35

0060CA3499CC 0060CA3499DE 0060CA114499 0060CA7819AA

Layer 2

DA SA Protocol P. DA P. SA Data FCS

Layer 3 P. DA P. SA Data

Layer 2

00C0C1AA3413 0060CA114499 IP 140.192.10.5 140.192.34.34 Data FCS

Layer 3 140.192.10.5 140.192.34.34 Data Chap. 5- Net2 71

 Examples
TCP/IP Routing
140.192.10.5 140.192.10.25 140.192.100.34 140.192.100.8
0060CA23BE45 0060CA34CD29 0060CA4AD2EE 0060CAAABBCC

140.192.10.1 140.192.100.1
00C0C1AA3411 00C0C1AA3412

Router
140.192.201.1 140.192.34.1
00C0C1AA3410 00C0C1AA3413

140.192.201.22 140.192.201.126 140.192.34.34 140.192.34.35

0060CA3499CC 0060CA3499DE 0060CA114499 0060CA7819AA
F r o m 1 4 0 .1 9 2 .3 4 .3 4 to 1 4 0 .1 9 2 .1 0 .5
1 4 0 .1 9 2 .3 4 .3 4 k n o w s t h a t 1 4 0 .1 9 2 .1 0 .5 is n 't o n t h e s a m e n e t a n d s e n d s it t o r o u t e r a t 1 4 0 .1 9 2 .3 4 .1
N o te D A fo r la y e r 2

00C 0C 1A A 3413 0060C A 114499 IP 1 4 0 .1 9 2 .1 0 .5 1 4 0 .1 9 2 .3 4 .3 4 D a ta F C S

In s id e th e r o u te r th e L a y e r 2 h e a d e r s a n d tr a ile r s a r e r e m o v e d le a v in g o n ly th e
la y e r 3 p a c k e t.
T h e r o u t e r lo o k s u p t h e p a c k e t 's D A in t h e r o u t in g t a b le a n d f o r w a r d s t o t h e
a p p r o p r ia te in te r fa c e .

1 4 0 .1 9 2 .1 0 .5 1 4 0 .1 9 2 .3 4 .3 4 D a ta

A t th e in te r fa c e , la y e r 2 h e a d e r s a n d tr a ile r s a r e a d d e d b a c k .
D A is th e a d d r e s s o f th e d e s tin a tio n h o s t.
S A is th e a d d r e s s o f th e ro u te r.
F C S is r e c a lc u la te d .

0060C A 23B E 45 00C 0C 1A A 3411 IP 1 4 0 .1 9 2 .1 0 .5 1 4 0 .1 9 2 .3 4 .3 4 D a ta F C S

Chap. 5- Net2 72
 Examples
TCP/IP Routing
140.192.10.5 140.192.10.25 140.192.100.34 140.192.100.8
0060CA23BE45 0060CA34CD29 0060CA4AD2EE 0060CAAABBCC

140.192.10.1 140.192.100.1
00C0C1AA3411 00C0C1AA3412

ARP Table 140.192.201.1

Router
140.192.34.1
00C0C1AA3410 00C0C1AA3413

Network.Host Layer 2

140.192.10.5 0060CA23BE45

140.192.10.25 0060CA34CD29 140.192.201.22 140.192.201.126 140.192.34.34 140.192.34.35

0060CA3499CC 0060CA3499DE 0060CA114499 0060CA7819AA

140.192.100.34 0060CA4AD2EE
Layer 2 <--> Layer 3 Table
140.192.100.8 0060CAAABBCC Routing Table
Network Interface
140.192.201.22 0060CA3499CC
140.192.10.0 0
140.192.201.126 0060CA3499DE
140.192.100.0 1
140.192.34.34 0060CA114499
140.192.201.0 2
140.192.34.35 0060CA7819AA
140.192.34.0 3

Chap. 5- Net2 73
 Network Layer In Some Useful Tools
The Internet
Netstat - tells you about the connections you have open on your machine.
Ping - tells you how long it takes to get to a destination (and if there is a
route to that destination.
Arp - gives information about the routing table.
Finger - tells you who is logged on.
ftp - gets you data from a remote site.
Route - tells you information about the routing tables.
Netsh – lots of niffty data.
Telnet – allows you to log on to a remote host.
Tracert – Find the paths to remote sites. A useful site is www.traceroute.org

These tools are available on your

windows machine in c:\winnt\system32

Find out where a web site is located.

www.netsol.com/cgi-bin/whois/whois Chap. 5- Net2 74
 Network Layer In An Example Network
The Internet
Figure 1. Network Topology
.
G
R4 .8
.16 128.32.3.0
.4
.15 .7

F R3 Z
128.32.4.0
.3 .17
128.32.2.0

.13 .6 .14
.5

R1 D R2 E
.1 .2 128.32.1.0

.10 .11 .12

A B C

Chap. 5- Net2 75
 Network Layer In An Example Network
The Internet
Table 1: Ethernet addresses, by IP address.
IP Address Ethernet Address Alias IP Address Ethernet Address Alias
.
128.32.1.1
128.32.1.2
08:00:20:21:77:b2
00:a0:c9:2a:1f:69
EA-1
EA-2
128.32.2.14
128.32.2.17
08:00:09:24:a4:11
08:00:20:7e:82:91
EA-9
EA-10
128.32.1.10 00:a0:c9:2a:1f:53 EA-3 128.32.3.7 08:00:20:1a:df:ff EA-11
128.32.1.11 00:a0:c9:2a:1e:d8 EA-4 128.32.3.8 08:00:20:1b:52:7d EA-12
128.32.1.12 00:60:8c:36:b2:7f EA-5 128.32.3.15 08:00:20:0b:2a:8b EA-13
128.32.2.3 00:60:8c:52:d0:00 EA-6 128.32.3.16 08:00:20:7e:d3:27 EA-14
128.32.2.6 08:00:20:81:b9:d0 EA-7 128.32.4.4 08:00:07:46:29:4c EA-15
128.32.2.13 08:00:20:23:79:ee EA-8 128.32.4.5 08:00:07:17:9b:7d EA-16
Table 2: Routing Tables for Selected Nodes
Router or Host Destination Next Hop
A: 128.32.1.10 128.32.1.0 direct, Ethernet, port 1
default (R1) 128.32.1.1
R1: 128.32.1.1 128.32.1.0 direct, Ethernet, port 1
or 128.32.4.5 128.32.4.0 direct, Ethernet, port 2
128.32.2.0 (R4) 128.32.4.4
128.32.3.0 (R4) 128.32.4.4
R2: 128.32.1.2 128.32.1.0 direct, Ethernet, port 1
or 128.32.2.6 128.32.2.0 direct, Ethernet, port 2
128.32.3.0 (R3) 128.32.2.3
128.32.4.0 (R1) 128.32.1.1
R3: 128.32.2.3 128.32.2.0 direct, Ethernet, port 1
or 128.32.3.7 128.32.3.0 direct, Ethernet, port 2
128.32.1.0 (R3) 128.32.2.6
128.32.4.0 (R4) 128.32.3.8
R4: 128.32.4.4 128.32.4.0 direct, Ethernet, port 1
or 128.32.3.8 128.32.3.0 direct, Ethernet, port 2
128.32.1.0 (R1) 128.32.4.5
128.32.2.0 (R3) 128.32.3.7
Z: 128.32.2.17 128.32.2.0 direct, Ethernet, port 1
default (R2)128.32.2.6

Chap. 5- Net2 76