CCCN 312 Computer Networks

Instructor: YOUR NAME

1st Trimester 2022/23
Chapter 4
Network
Layer:
Data Plane
A note on the use of these PowerPoint slides:
We’re making these slides freely available to all (faculty, students,
readers). They’re in PowerPoint form so you see the animations; and
can add, modify, and delete slides (including this one) and slide content
to suit your needs. They obviously represent a lot of work on our part.
In return for use, we only ask the following:
 If you use these slides (e.g., in a class) that you mention their source
(after all, we’d like people to use our book!)
 If you post any slides on a www site, that you note that they are
adapted from (or perhaps identical to) our slides, and note our
copyright of this material.
Computer Networking: A
For a revision history, see the slide note for this page.
Top-Down Approach
Thanks and enjoy! JFK/KWR 8th edition
Jim Kurose, Keith Ross
All material copyright 1996-2020
J.F Kurose and K.W. Ross, All Rights Reserved Pearson, 2020
 Outline

1. Introduction

2. Application layer

3. Transport layer

4. Network layer: Data Plane

5. Network layer: Control Plane

6. Link layer
Network layer: our goals
 understand principles  instantiation, implementation
behind network layer in the Internet
services, focusing on data • IP protocol
plane: • NAT, DHCP
• network layer service models
• forwarding versus routing
• how a router works
• addressing
• forwarding
• Internet architecture
Network Layer: 4-4
Network layer: “data plane” roadmap
 Network layer: overview
• data plane
• control plane
 What’s inside a router
• input ports, switching, output ports
• buffer management, scheduling
 IP: the Internet Protocol
• datagram format
• addressing
• network address translation
• IPv6
Network Layer: 4-5
Network-layer services and protocols
 transport segment from sending to mobile network

receiving host national or global ISP

• sender: encapsulates segments into

datagrams, passes to link layer application
transport

• receiver: delivers segments to network

link

transport layer protocol physical

network
link
network
link

 network layer protocols in every

physical physical

Internet device: hosts, routers network

link network
link
physical

 routers: physical network

link
physical
datacenter
network

• examines header fields in all IP

datagrams passing through it application
transport
network
enterprise
• moves datagrams from input ports to network
link
physical

output ports to transfer datagrams

along end-end path Network Layer: 4-6
Two key network-layer functions

network-layer functions: analogy: taking a trip

 forwarding: process of getting
 forwarding: move packets from through single interchange
a router’s input link to  routing: process of planning trip
appropriate router output link from source to destination
 routing: determine route taken
by packets from source to
destination
• routing algorithms
forwarding

routing
Network Layer: 4-7
Network layer: data plane, control plane

Data plane: Control plane

 local, per-router function  network-wide logic
 determines how datagram  determines how datagram is
arriving on router input port routed among routers along end-
is forwarded to router end path from source host to
output port destination host
values in arriving  two control-plane approaches:
packet header
• traditional routing algorithms:
0111 1 implemented in routers
2
3 • software-defined networking (SDN):
implemented in (remote) servers

Network Layer: 4-8

 Per-router control plane
Individual routing algorithm components in each and every
router interact in the control plane (interact by exchanging routing messages )
the routing algorithm determines the
contents of the routers’ forwarding tables
routing algorithm
computes paths Routing
between each pair Algorithm
control
of routers plane

data
plane

values in arriving
packet header
0111 1 traditional routing
3
2 algorithms

Network Layer: 4-9

Software-Defined Networking (SDN) control plane
Remote controller computes, installs forwarding tables in routers

Remote Controller

control
plane

data
plane

CA
CA CA CA CA
values in arriving
packet header

0111 1 This is the

3
2 concept of SDN

Network Layer: 4-10

Network service model
Q: What service model for “channel” transporting datagrams
from sender to receiver?
example services for example services for a flow of
individual datagrams: datagrams:
 guaranteed delivery  in-order datagram delivery
 guaranteed delivery with  guaranteed minimum bandwidth
less than 40 msec delay to flow
 restrictions on changes in inter-
packet spacing

Network Layer: 4-11

 Network-layer service model
Quality of Service (QoS) Guarantees ?
Network Service
Architecture Model Bandwidth Loss Order Timing

Internet best effort none no no no

ATM Constant Bit Rate Constant rate yes yes yes

Internet “best effort” service model
ATM Available Bit Rate
No guarantees on: Guaranteed min no yes no

Internet i. successful
Intserv Guaranteed datagram
yes deliveryyes
to destination
yes yes
(RFC 1633)
ii. timing or order of delivery
Internet iii. bandwidth
Diffserv (RFC 2475)
available
possibleto end-end flow possibly
possibly no

Network Layer: 4-12

 FY
Network-layer service model
I
Quality of Service (QoS) Guarantees ?
Network Service
Architecture Model Bandwidth Loss Order Timing

Internet best effort none no no no

ATM Constant Bit Rate Constant rate yes yes yes

ATM Available Bit Rate Guaranteed min no yes no

Internet Intserv Guaranteed yes yes yes yes

(RFC 1633)

Internet Diffserv (RFC 2475) possible possibly possibly no

There are other service models with better QoS, but

none of them succeeded Network Layer: 4-13
Reflections on best-effort service: FY I
 simplicity of mechanism has allowed Internet to be widely deployed
adopted
 sufficient provisioning of bandwidth allows performance of real-time
applications (e.g., interactive voice, video) to be “good enough” for
“most of the time”
 replicated, application-layer distributed services (datacenters, content
distribution networks) connecting close to clients’ networks, allow
services to be provided from multiple locations
 congestion control of “elastic” services helps

It’s hard to argue with success of best-effort service model

Network Layer: 4-14
Network layer: “data plane” roadmap
 Network layer: overview
• data plane
• control plane
 What’s inside a router
• input ports, switching, output ports
• buffer management, scheduling
 IP: the Internet Protocol
• datagram format
• addressing
• network address translation
• IPv6

Network Layer: 4-15

Router architecture overview
high-level view of generic router architecture:
routing, management
routing control plane (software)
processor operates in millisecond
time frame
forwarding data plane
(hardware) operates
in nanosecond
timeframe
high-speed
switching
fabric

router input ports router output ports

Network Layer: 4-16

 Input port functions
lookup,
link
layer forwarding
line switch
protocol fabric
termination
(receive)
queueing

physical layer:
bit-level reception
decentralized switching:
link layer:
 using header field values, lookup output port using
e.g., Ethernet
forwarding table in input port memory (“match plus action”)
(chapter 6)
 goal: complete input port processing at ‘line speed’
IP packet  input port queuing: if datagrams arrive faster than forwarding
0111
rate into switch fabric
header Network Layer: 4-17
 Input port functions
lookup,
link
layer forwarding
line switch
protocol fabric
termination
(receive)
queueing

physical layer:
bit-level reception
decentralized switching:
link layer:
 using header field values, lookup output port using
e.g., Ethernet
forwarding table in input port memory (“match plus action”)
(chapter 6)
 destination-based forwarding: forward based only on
destination IP address (traditional)
 generalized forwarding: forward based on any set of header
field values Network Layer: 4-18
Destination-based forwarding

Q: but what happens if ranges don’t divide up so nicely?

Network Layer: 4-19
Longest prefix matching
longest prefix match
when looking for forwarding table entry for given
destination address, use longest address prefix that
matches destination address.

Destination Address Range Link interface

11001000 00010111 00010*** ******** 0
11001000 00010111 00011000 ******** 1
11001000 00010111 00011*** ******** 2
otherwise 3

11001000 00010111 00010110 10100001 which interface?

examples:
11001000 00010111 00011000 10101010 which interface?
Network Layer: 4-20
Longest prefix matching
longest prefix match
when looking for forwarding table entry for given
destination address, use longest address prefix that
matches destination address.

Destination Address Range Link interface

11001000 00010111 00010*** ******** 0
11001000 00010111 00011000 ******** 1
11001000 match!
00010111 00011*** ******** 2
otherwise 3

11001000 00010111 00010110 10100001 which interface?

examples:
11001000 00010111 00011000 10101010 which interface?
Network Layer: 4-21
Longest prefix matching
longest prefix match
when looking for forwarding table entry for given
destination address, use longest address prefix that
matches destination address.

Destination Address Range Link interface

11001000 00010111 00010*** ******** 0
11001000 00010111 00011000 ******** 1
11001000 00010111 00011*** ******** 2
otherwise 3
match!
11001000 00010111 00010110 10100001 which interface?
examples:
11001000 00010111 00011000 10101010 which interface?
Network Layer: 4-22
Longest prefix matching
longest prefix match
when looking for forwarding table entry for given
destination address, use longest address prefix that
matches destination address.

Destination Address Range Link interface

11001000 00010111 00010*** ******** 0
11001000 00010111 00011000 ******** 1
11001000 00010111 00011*** ******** 2
otherwise 3
match!
11001000 00010111 00010110 10100001 which interface?
examples:
11001000 00010111 00011000 10101010 which interface?
Network Layer: 4-23
Longest prefix matching FY I
 we’ll see why longest prefix matching is used shortly, when
we study addressing
 longest prefix matching: often performed using ternary
content addressable memories (TCAMs)
• content addressable: present address to TCAM: retrieve address in
one clock cycle, regardless of table size
• Cisco Catalyst: ~1M routing table entries in TCAM

Network Layer: 4-24

Switching fabrics
 transfer packet from input link to appropriate output link
 switching rate: rate at which packets can be transfer from
inputs to outputs
• often measured as multiple of input/output line rate
• For N inputs: switching rate N times line rate R is desirable

R (rate = NR, R
ideally)

...
...

N input ports high-speed N output ports

switching
fabric

R R

Network Layer: 4-25

Switching fabrics
 transfer packet from input link to appropriate output link
 switching rate: rate at which packets can be transfer from
inputs to outputs
• often measured as multiple of input/output line rate
• For N inputs: switching rate N times line rate R is desirable
 three major types of switching fabrics:

memory

memory bus interconnection

network
Network Layer: 4-26
Input port queuing
 If switch fabric slower than input ports combined -> queueing may
occur at input queues
• queueing delay and loss due to input buffer overflow!
 Head-of-the-Line (HOL) blocking: queued datagram at front of queue
prevents others in queue from moving forward

switch switch
fabric fabric

output port contention: only one red one packet time later: green
datagram can be transferred. lower red packet experiences HOL blocking
packet is blocked
Network Layer: 4-27
Output port queuing
datagram This is a really important slide
switch buffer link
layer line
fabric termination
protocol
(rate: NR) queueing (send) R

 Buffering required when datagrams arrive

from fabric faster than link transmission Datagrams can be lost
rate. Drop policy: which datagrams to due to congestion, lack of
drop if no free buffers? buffers
 Scheduling discipline chooses Priority scheduling – who
among queued datagrams for gets best performance,
transmission network neutrality
Network Layer: 4-28
Output port queuing

switch
switch
fabric
fabric

at t, packets move one packet time later

from input to output

 buffering when arrival rate via switch exceeds output line speed
 queueing (delay) and loss due to output port buffer overflow!

Network Layer: 4-29

 Queuing
queue
REMEMBER we said that R switch
fabric
packets can be “lost within the
network” or “dropped at a router.”
 It is here, at these queues within a router,
where such packets are actually dropped and
lost.
 The location and extent of queueing (either at
the input port queues or the output port
switch queue
queues) will depend on:
fabric
 the traffic load,
(rate: NR) R
 the speed of the switching fabric, and
 the line speed.

Network Layer: 4-30

Network layer: “data plane” roadmap
 Network layer: overview
• data plane
• control plane
 What’s inside a router
• input ports, switching, output ports
• buffer management, scheduling
 IP: the Internet Protocol
• datagram format
• addressing
• network address translation
• IPv6
Network Layer: 4-31
Network Layer: Internet
host, router network layer functions:

transport layer: TCP, UDP

Path-selection
IP protocol
• datagram format
algorithms: • addressing
network implemented in • packet handling conventions
• routing protocols forwarding
layer (OSPF, BGP) table ICMP protocol
• SDN controller • error reporting
• router “signaling”

link layer

physical layer

Network Layer: 4-32

 IP Datagram format
32 bits
IP protocol version number total datagram
ver head. type of length length (bytes)
header length(bytes) len service
fragment fragmentation/
To distinguish different “type” of service: 16-bit identifier flgs
types of IP datagrams.  diffserv (0:5) offset reassembly
 ECN (6:7)
time to upper header
live layer checksum header checksum
TTL: remaining max hops source IP address 32-bit source IP address
(decremented at each router)
Maximum length: 64K bytes
destination IP address 32-bit destination IP address
upper layer protocol (e.g., TCP 6 or UDP 17) Typically: 1500 bytes or less
https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers
options (if any) e.g., timestamp, record
overhead route taken
 20 bytes of TCP payload data
 20 bytes of IP (variable length,
 = 40 bytes + app typically a TCP
layer overhead for or UDP segment)
TCP+IP
Network Layer: 4-33
Network layer: “data plane” roadmap
 Network layer: overview
• data plane
• control plane
 What’s inside a router
• input ports, switching, output ports
• buffer management, scheduling
 IP: the Internet Protocol
• datagram format
• addressing
• network address translation
• IPv6
Network Layer: 4-34
 IP addressing: introduction
 IP address: 32-bit = 4 bytes separated by “.” dots (also called 4 octs)
 Each bit can be 0 or 1 (21 possibilities)
 32 bits total possibilities 232 (> 4 billion)
 Each oct has a value between 0 and 255 Oct format

IP address format x xx xx xxx

xxxxxxxx . xxxxxxxx . xxxxxxxx . xxxxxxxx 27 2 6 2 5 2 4 2 3 2 2 2 1 2 0
Ex: 10100000 . 00110100 . 00001111 . 11110000 128 64 32 16 8 4 2 1 =255
160 . 52 . 15 . 240

1 01 00 000 0 01 10 100 0 00 01 111 1 11 10 000

27 0 25 0 0 0 0 0 0 0 25 24 0 22 0 0 0 0 0 0 23 22 22 21 27 26 25 24 0 0 0 0

128 0 32 0 0 0 0 0 0 0 32 16 0 4 0 0 0 0 0 0 8 4 2 1 128 64 32 16 0 0 0 0

160 52 15 240
Network Layer: 4-35
IP addressing: introduction
223.1.1.1

 IP address: 32-bit identifier 223.1.2.1

associated with each host or 223.1.1.2
router interface 223.1.1.4 223.1.2.9

 interface: connection between 223.1.3.27

223.1.1.3
host or router and a physical link 223.1.2.2

• router’s typically have multiple

interfaces 223.1.3.1 223.1.3.2

• host typically has one or two

interfaces (e.g., wired Ethernet,
wireless 802.11) dotted-decimal IP address notation:
223.1.1.1 = 11011111 00000001 00000001 00000001

223 1 1 1
Network Layer: 4-36
IP addressing: introduction
223.1.1.1

Q: how are interfaces 223.1.2.1

actually connected? 223.1.1.2

A: we’ll learn about A: wired

223.1.1.4 223.1.2.9

that in chapters 6, 7 Ethernet interfaces

connected by 223.1.1.3
223.1.3.27
223.1.2.2
Ethernet switches

223.1.3.1 223.1.3.2

For now: don’t need to worry

about how one interface is
connected to another (with no
intervening router) A: wireless WiFi interfaces
connected by WiFi base station

Network Layer: 4-37

 Subnets
223.1.1.1

 What’s a subnet ? 223.1.2.1

• device interfaces that can 223.1.1.2

223.1.1.4 223.1.2.9
physically reach each other
without passing through an 223.1.1.3
223.1.3.27

intervening router 223.1.2.2

 IP addresses have structure:

• subnet part: devices in same subnet 223.1.3.1 223.1.3.2

have common high order bits

• host part: remaining low order bits network consisting of 3 subnets
223.1.1.1 = 11011111 00000001 00000001 00000001
223.1.1.2 = 11011111 00000001 00000001 00000010
A portion of an interface’s IP address will be determined by the
223.1.1.3 = 11011111 00000001 00000001 00000011
subnet to which it is connected. 223.1.1.4 = 11011111 00000001 00000001 00000100
Network Layer: 4-38
Subnets subnet 223.1.1.0/24
223.1.1.1 subnet 223.1.2.0/24

Recipe for defining subnets: 223.1.2.1

 detach each interface from its 223.1.1.2

223.1.1.4 223.1.2.9

host or router, creating

“islands” of isolated networks 223.1.1.3
223.1.3.27
223.1.2.2

 each isolated network is

subnet
called a subnet 223.1.3.0/24 223.1.3.1 223.1.3.2

subnet mask: /24

(high-order 24 bits: subnet part of IP address)

Network Layer: 4-39

 Subnets 223.1.1.2

subnet 223.1.1/24
223.1.1.1
223.1.1.4
 where are the
223.1.1.3
subnets?
 what are the /24 223.1.9.2 223.1.7.0
subnet 223.1.7/24
subnet 223.1.9/24
subnet addresses?
223.1.9.1 223.1.7.1
223.1.8.1 223.1.8.0
subnet 223.1.2/24
223.1.2.6 subnet 223.1.8/24 223.1.3.27
subnet 223.1.3/24
223.1.1 = 11011111 00000001 00000001 xxxxxxxx
223.1.2 = 11011111 00000001 00000010 xxxxxxxx 223.1.2.1 223.1.2.2
223.1.3 = 11011111 00000001 00000011 xxxxxxxx 223.1.3.1 223.1.3.2
223.1.4 = 11011111 00000001 00000100 xxxxxxxx

Network Layer: 4-40

IP Classful addressing
In the past, when an organization requests a range of IP addresses, they receive a from one of
these classes:
 Class A: from 0.0.0.1 to 126.0.0.0
Organization requires
• 126 networks and 224 = 16,777,216 hosts.
• 1 byte for the network & 3 bytes for the host. 20 addresses?
• Mask: 255.0.0.0 /8
2000 addresses?
 Class B: from 128.0.0.0 to 191.255.0.0 Which class they get?
• 16,384 networks and 216= 65,534 hosts.
• 2 bytes for the network & two for the host.
• Mask: 255.255.0.0 /16

 Class C: from 192.0.0.0 to 223.255.255.0  Class D: from 224.0.0.0 to 239.255.255.

• 2,097,152 networks and 2 = 254 hosts.
8

• 3 bytes for the network and the 4th byte for the host. • for multicasting.
• Mask: 255.255.255.0 /24  Class E: from 240.0.0.0 to 255.255.255.
• used for experimentation.
IP addressing: CIDR
CIDR: Classless InterDomain Routing (pronounced “cider”)
• subnet portion of address of arbitrary length
• address format: a.b.c.d/x, where x is # bits in subnet portion
of address (x = mask)
subnet host
part part
11001000 00010111 00010000 00000000
200.23.16.0/23

Network Layer: 4-42

IP addressing
x 32-x
aaaaaaaa bbbbbbbb cccccccc dddddddd

a.b.c.d/x Number of IP addresses = 232-x

a.b.c.d/20 4096 a.b.c.d/26 64

a.b.c.d/21 2048 a.b.c.d/27 32
a.b.c.d/22 1024 a.b.c.d/28 16
a.b.c.d/23 512 a.b.c.d/29 8
a.b.c.d/24 256 a.b.c.d/30 4
a.b.c.d/25 128 a.b.c.d/31 2

• 1st IP address = Network address

• Last IP address = broadcast address
• Number of IP addresses for hosts = 232-x -2
• a.b.c.d/x  4096 IP address & 4094 address for hosts Network Layer: 4-43
Example 223.1.1.1

223.1.2.1

223.1.1.2
223.1.1.4 223.1.2.9

223 1 1 0
223.1.3.27
223.1.1.0 = 11011111 00000001 00000001 00000000 223.1.1.3
223.1.2.2

# Leftmost bits = 24

223.1.3.1 223.1.3.2

223.1.1.0/24

 Address Range 223.1.1.0 to 223.1.1.255 subnet mask: /24

Network Layer: 4-44

Mask Notation
 Values: Network = 1 & Host = 0
 Classful example (Class B address)
• 128.35.17.25/ 16
• Binary: 11111111 . 11111111 . 00000000 . 00000000
• Decimal: 255 . 255 . 0 . 0
 Classless IP example
• 128.35.17.25/ 17
• Binary: 11111111 . 11111111 . 10000000 . 00000000
• Decimal: 255 . 255 . 128 . 0

Network Layer: 4-45

IP addresses: how to get one?
That’s actually two questions:
1. Q: How does a host get IP address within its network (host part of
address)?
2. Q: How does a network get IP address for itself (network part of
address)

How does host get IP address?

 hard-coded by sys. admin in config file (e.g., /etc/rc.config in UNIX)
 DHCP: Dynamic Host Configuration Protocol: dynamically get address
from as server
• “plug-and-play”
Network Layer: 4-46
DHCP: Dynamic Host
Configuration Protocol
goal: host dynamically obtains IP address from network server when it “joins” the
network
 can renew its lease on address in use
 allows reuse of addresses (only hold address while
connected/on)
 support for mobile users who join/leave network

DHCP overview:
 host broadcasts DHCP discover msg [optional]
 DHCP server responds with DHCP offer msg [optional]
 host requests IP address: DHCP request msg
 DHCP server sends address: DHCP ack msg
Network Layer: 4-47
DHCP client-server scenario
Typically, DHCP server will be co-
DHCP server located in router, serving all subnets
223.1.1.1
223.1.2.1
to which router is attached

223.1.2.5
223.1.1.2
223.1.1.4 223.1.2.9

223.1.1.3
223.1.3.27 arriving DHCP client needs
223.1.2.2 address in this network

223.1.3.1 223.1.3.2

Network Layer: 4-48

 DHCP client-server scenario Initially, client does not have IP
address and does not know
server IP address  use 0.0.0.0
DHCP server: 223.1.2.5 DHCP discover Arriving client
src : 0.0.0.0, 68
Broadcast: is there a
dest.: 255.255.255.255,67
DHCP server
yiaddr: 0.0.0.0out
transaction
there?ID: 654

DHCP uses (UDP), DHCP offer

server port# 67 src: 223.1.2.5, 67
Broadcast: I’m a DHCP
dest: 255.255.255.255, 68
IP 255.255.255.255 is server!
yiaddrr:Here’s
223.1.2.4an IP
used for broadcast transaction
address youID:can
654 use
lifetime: 3600 secs
The two steps above can
DHCP request be skipped “if a client
src: 0.0.0.0, 68 remembers and wishes to
dest:: 255.255.255.255, 67
Broadcast: OK. I would reuse a previously
yiaddrr: 223.1.2.4 allocated network address”
like to useID:this
transaction 655 IP
[RFC 2131]
address!
lifetime: 3600 secs

DHCP ACK
src: 223.1.2.5, 67
dest: 255.255.255.255,
Broadcast: 68
OK. You’ve
yiaddrr: 223.1.2.4
gottransaction
that IPID:address!
655
lifetime: 3600 secs
Network Layer: 4-49
 DHCP: more than IP addresses
DHCP can return more than just allocated IP address on
subnet:
 address of first-hop router for client
 name and IP address of DNS sever
 network mask (indicating network versus host portion of address)
223.1.1.1 DHCP
server 223.1.2.1

223.1.2.5
223.1.1.2
223.1.2.9
223.1.1.4

223.1.1.3 223.1.3.27
223.1.2.2

223.1.3.1 223.1.3.2
Network Layer: 4-50
DHCP: example
DHCP DHCP  Connecting laptop will use DHCP
UDP
to get IP address, address of first-
DHCP
DHCP IP
DHCP Eth hop router, address of DNS server.
Phy
DHCP
 DHCP REQUEST message encapsulated
in UDP, encapsulated in IP, encapsulated
DHCP DHCP 168.1.1.1 in Ethernet
DHCP UDP
IP
DHCP

Eth
 Ethernet frame broadcast (dest:
DHCP router with DHCP
Phy server built into FFFFFFFFFFFF) on LAN, received at router
router running DHCP server

 Ethernet demux’ed to IP demux’ed,

UDP demux’ed to DHCP
Network Layer: 4-51
DHCP: example
DHCP DHCP  DCP server formulates DHCP ACK
DHCP UDP containing client’s IP address, IP
DHCP

DHCP
IP
Eth
address of first-hop router for client,
Phy name & IP address of DNS server

 encapsulated DHCP server reply

DHCP DHCP forwarded to client, demuxing up to
UDP
DHCP
DHCP IP
DHCP at client
DHCP Eth router with DHCP
DHCP
Phy server built into  client now knows its IP address, name
router and IP address of DNS server, IP
address of its first-hop router

Network Layer: 4-52

 IP addresses: how to get one?
Q: how does network get subnet part of IP address?
A: gets allocated portion of its provider ISP’s address space
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

ISP can then allocate out its address space in 8 blocks:

Organization 0 11 0 0 1 0 0 0 0 0 0 1 0 111 00010000 00000000 200.23.16.0/23
Organization 1 11 0 0 1 0 0 0 0 0 0 1 0 111 00010010 00000000 200.23.18.0/23
Organization 2 11 0 0 1 0 0 0 0 0 0 1 0 111 00010100 00000000 200.23.20.0/23
... ….. …. ….

Organization 7 11 0 0 1 0 0 0 0 0 0 1 0 111 0 0 0 1 111 0 00000000 200.23.30.0/23

Network Layer: 4-53
Hierarchical addressing: route
aggregation
hierarchical addressing allows efficient advertisement of
routing information:
Route aggregation facilitate routing

Organization 0 advertises to the outside world that it

should be sent any datagrams whose first
200.23.16.0/23 20 address bits match 200.23.16.0/20.
Organization 1
“Send me anything
200.23.18.0/23 with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
beginning
199.31.0.0/16”

Network Layer: 4-54

Hierarchical addressing: route
aggregation
hierarchical addressing allows efficient advertisement of
routing information:
• Hierarchical addressing: addresses are given to ISPs in chunks (continuous set of
IP address range) ex. All addresses in a /20 block
• Then, ISP breaks the big chunk into multiple chunks ex. say /23
• These chunks can be further broken into smaller chunks ex. /25 and less
• And so on.
• All the smaller addresses are part of the original ISP chunk.

• Route aggregation: the ability to use a single prefix to advertise multiple

networks is often referred to as address aggregation or route aggregation.

Network Layer: 4-55

Hierarchical addressing: more specific
routes
 If Organization 1 moves from Fly-By-Night-ISP to ISPs-R-Us
 ISPs-R-Us now advertises a more specific route to Organization 1

Organization 0
200.23.16.0/23
Organization 1
“Send me anything
200.23.18.0/23 with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
Organization 1 beginning
199.31.0.0/16”
200.23.18.0/23 “or 200.23.18.0/23”

Network Layer: 4-56

Hierarchical addressing: more specific
routes
 If Organization 1 moves from Fly-By-Night-ISP to ISPs-R-Us
 ISPs-R-Us now advertises a more specific route to Organization 1

Organization 0
200.23.16.0/23

“Send me anything
with addresses
Organization 2 beginning
200.23.20.0/23 . Fly-By-Night-ISP 200.23.16.0/20”
.
. . Internet
.
Organization 7 .
200.23.30.0/23
“Send me anything
ISPs-R-Us
with addresses
Organization 1 beginning
199.31.0.0/16”
200.23.18.0/23 “or 200.23.18.0/23”

Network Layer: 4-57

IP addressing: last words ...
Q: how does an ISP get block of Q: are there enough 32-bit IP
addresses? addresses?
 There are (232 > 4.3) billion address
A: ICANN: Internet Corporation for
Assigned Names and Numbers  ICANN allocated last chunk of IPv4
http://www.icann.org/ addresses to RRs in 2011
• allocates IP addresses, through 5  NAT (next) helps IPv4 address
regional registries (RRs) (who may space exhaustion
then allocate to local registries)  IPv6 has 128-bit address space
• manages DNS root zone, including "Who the hell knew how much address
delegation of individual TLD (.com, space we needed?" Vint Cerf (reflecting
on decision to make IPv4 address 32 bits
.edu , …) management long)
Network Layer: 4-58
Network layer: “data plane” roadmap
 Network layer: overview
• data plane
• control plane
 What’s inside a router
• input ports, switching, output ports
• buffer management, scheduling
 IP: the Internet Protocol
• datagram format
• addressing
• network address translation
• IPv6
Network Layer: 4-59
 Private IP addresses
The private IP address ranges follow: # Hosts

• Class A: 10.0.0.0 – 10.255.255.255 232-8 ~ 16.8 million

• 10.0.0.0/8, or just 10/8

• Class B: 172.16.0.0 – 172.31.255.255 232-12 ~ 1.05 million

• 172.16.0.0/12, or just 172.16/12

• Class C: 192.168.0.0 – 192.168.255.255

• 192.168.0.0/16, or just 192.168/16 232-16 =65,536

• Private IP addresses are not routable outside the local network (they cannot
be advertised to the public Internet).
• They are widely used on almost all local networks today.
• Private addresses are usually translated with NAT at an edge router to map the
private addresses used on a LAN to the public address space used by the ISP.

Network Layer: 4-60

 Local Network (Home, Company, or university, etc)

Public IP address
95.1.14.77

Private IP addresses

10/8, link to ISP

172.16/12, (Internet)
or 192.168/16

• Private IP addresses are not routable outside the local network (they cannot
be advertised to the public Internet).
• They are widely used on almost all local networks today.
• Private addresses are usually translated with NAT at an edge router to map the
private addresses used on a LAN to the public address space used by the ISP. Network Layer: 4-61
 NAT: network address translation
NAT: all devices in local network share just one IPv4 address as
far as outside world is concerned
rest of local network (e.g., home
Internet network) 10.0.0/24

10.0.0.1
138.76.29.7 10.0.0.4

10.0.0.2

10.0.0.3

all datagrams leaving local network have datagrams with source or destination in
same source NAT IP address: 138.76.29.7, this network have 10.0.0/24 address for
but different source port numbers source, destination (as usual)
Network Layer: 4-62
NAT: network address translation
 all devices in local network have 32-bit addresses in a “private” IP
address space (10/8, 172.16/12, 192.168/16 prefixes) that can only
be used in local network
 advantages:
 just one IP address needed from provider ISP for all devices
 can change addresses of host in local network without notifying
outside world
 can change ISP without changing addresses of devices in local
network
 security: devices inside local net not directly addressable, visible
by outside world

Network Layer: 4-63

NAT: network address translation
implementation: NAT router must (transparently):
 outgoing datagrams: replace (source IP address, socket port #) of every
outgoing datagram to (NAT IP address, new port #)
• remote clients/servers will respond using (NAT IP address, new port
#) as destination address
 remember (in NAT translation table) every (source IP address, port #)
to (NAT IP address, new port #) translation pair
 incoming datagrams: replace (NAT IP address, new port #) in
destination fields of every incoming datagram with corresponding
(source IP address, port #) stored in NAT table
Network Layer: 4-64
 NAT: network address translation
NAT translation table
2: NAT router changes 1: host 10.0.0.1 sends
WAN side addr LAN side addr datagram to
datagram source address
from 10.0.0.1, 3345 to 138.76.29.7, 5001 10.0.0.1, 3345 128.119.40.186, 80
138.76.29.7, 5001, …… ……
updates table
S: 10.0.0.1, 3345
D: 128.119.40.186, 80
10.0.0.1
1
S: 138.76.29.7, 5001
2 D: 128.119.40.186, 80 10.0.0.4
10.0.0.2
138.76.29.7 S: 128.119.40.186, 80
D: 10.0.0.1, 3345
4
S: 128.119.40.186, 80 10.0.0.3
D: 138.76.29.7, 5001 3
3: reply arrives, destination
address: 138.76.29.7, 5001

Network Layer: 4-65

NAT: network address translation
 NAT has been controversial:
• routers “should” only process up to layer 3 socket port #  transport layer

• address “shortage” should be solved by IPv6 2  3.4 x 10

128 38

• violates end-to-end argument (port # manipulation by network-layer device)

• NAT traversal: what if client wants to connect to server behind NAT?
 but NAT is here to stay:
• extensively used in home and institutional nets, 4G/5G cellular nets

Network Layer: 4-66

IPv6: motivation
 initial motivation: 32-bit IPv4 address space would be
completely allocated
 additional motivation:
• speed processing/forwarding: 40-byte fixed length header
• Enable different network-layer treatment of “flows”

Network Layer: 4-67

IPv6 datagram format
flow label: identify
priority: identify
32 bits datagrams in same
priority among ver pri flow label "flow.” (concept of
datagrams in flow
payload len next hdr hop limit “flow” not well defined).
source address
128-bit (128 bits)
IPv6 addresses destination address
(128 bits)

payload (data)

What’s missing (compared with IPv4):

 no checksum (to speed processing at routers)
 no fragmentation/reassembly
 no options (available as upper-layer, next-header protocol at router)
Network Layer: 4-68
IPv6: adoption
 Google1: ~ 30% of clients access services via IPv6
 NIST: 1/3 of all US government domains are IPv6 capable

https://www.google.com/intl
/en/ipv6/statistics.html
Network Layer: 4-69
IPv6: adoption
 Google1: ~ 30% of clients access services via IPv6
 NIST: 1/3 of all US government domains are IPv6 capable
 Long (long!) time for deployment, use
• 25 years and counting!
• think of application-level changes in last 25 years: WWW, social
media, streaming media, gaming, telepresence, …
• Why?

1
https://www.google.com/intl/en/ipv6/statistics.html
Network Layer: 4-70
 Revision
Additional IP addressing problems

Network Layer: 4-71

Additional Problems
IP addressing

Network Layer: 4-72

IP addressing
x 32-x
aaaaaaaa bbbbbbbb cccccccc dddddddd
Oct format

x xx xx xxx
27 2 6 2 5 2 4 2 3 2 2 2 1 2 0
a.b.c.d/x Number of hosts = 2 32-x
128 64 32 16 8 4 2 1 =255

a.b.c.d/20 4096 a.b.c.d/26 64

a.b.c.d/21 2048 a.b.c.d/27 32
a.b.c.d/22 1024 a.b.c.d/28 16
a.b.c.d/23 512 a.b.c.d/29 8 Usually, first and last IP
a.b.c.d/24 256 a.b.c.d/30 4 addresses are reserved for
a.b.c.d/25 128 a.b.c.d/31 2 network address (or subnet)
and broadcast address
Network Layer: 4-73
IP addressing
• Network address - the address by which we refer to the example:
network.
223.1.1.0/24
• the first IP address in it which all host part bits = 0
• Network Addresses have all 0’s in the host portion. 11011111 00000001 00000001 00000000
• Broadcast address - A special address used to send data Number of IP addresses: 232-24 = 28 = 256 IP address
to all hosts in the network
• the last IP address in the network which all host part bits
Network address = 223.1.1.0
=1
• Broadcast Addresses have all 1’s in the host portion. broadcast = 223.1.1.255

• Host addresses - The addresses assigned to the end

devices in the network Hosts take the remaining addresses from 223.1.1.1
• Host Addresses can not have all 0’s or all 1’s in the host to 223.1.1.254  256-2 = 254 hosts
portion.

Network Layer: 4-74

IP addressing
- Which IP address should be assigned to PC B ?
A: 192.168.5.33/24

a) 192.168.15.5 ✗ 3ed byte “15”

b) 192.168.5.0 ✗ subnet address

C: 192.168.5.30/24
c) 192.168.5.40 ✓
B: ???
d) 192.168.5.255 ✗ broadcast

e) 192.168.5.256 ✗ error

Network Layer: 4-75

IP addressing
- Which IP address should be assigned to PC B ?
A: 172.16.20.20/16

a) 172.16.255.255 ✗ broadcast

b) 172.16.0.255 ✓

c) 172.168.20.21 ✗ another subnet C: 172.16.100.20/16

✓
d) 172.16.254.255 B: ???

✗ subnet address
e) 172.16.0.0

Network Layer: 4-76

IP addressing
- Which IP address should be assigned to PC B ?

We can’t tell !! A: 192.168.5.60/28

a) 192.168.5.5 Need to convert to binary

b) 192.168.5.0 192. 168. 5. 60 /28

11000000 . 10101000 . 00000101 . 00111100
c) 192.168.5.66
Network
11000000 . 10101000 . 00000101 . 0011 0000
d) 192.168.5.255 192.168.5.48/28
B: ???

e) 192.168.5.50 Broadcast
11000000 . 10101000 . 00000101 . 0011 1111
192.168.5.63/28

Host addresses = any IP between these: 192.168.5.48 to 192.168.5.63

Network Layer: 4-77
IP addressing
- Which IP address should be assigned to PC B ?

We can’t tell !! A: 192.168.5.61/30

a) 192.168.5.5 Need to convert to binary

b) 192.168.5.0 192. 168. 5. 61 /30

11000000 . 10101000 . 00000101 . 00111101
c) 192.168.5.62
Network
11000000 . 10101000 . 00000101 . 00111100
d) 192.168.5.255 192.168.5.60/30
B: ???

e) 192.168.5.50 Broadcast
11000000 . 10101000 . 00000101 . 001111 11
192.168.5.63/30

Host addresses = any IP between these: 192.168.5.60 to 192.168.5.63

Network Layer: 4-78
 IP addresses: how to get one?
Q: how does network get subnet part of IP address?
A: gets allocated portion of its provider ISP’s address space
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

ISP can then allocate out its address space in 8 blocks:

Organization 0 11 0 0 1 0 0 0 0 0 0 1 0 111 00010000 00000000 200.23.16.0/23
Organization 1 11 0 0 1 0 0 0 0 0 0 1 0 111 00010010 00000000 200.23.18.0/23
Organization 2 11 0 0 1 0 0 0 0 0 0 1 0 111 00010100 00000000 200.23.20.0/23
... ….. …. ….

Organization 7 11 0 0 1 0 0 0 0 0 0 1 0 111 0 0 0 1 111 0 00000000 200.23.30.0/23

Network Layer: 4-79
 IP addresses: how to get one?
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

What if ISP want to divide its address space into 4 blocks:

Organization 0 11001000 00010111 00010000 00000000 200.23.16.0/22

Organization 1 11001000 00010111 00010100 00000000 200.23.20.0/22
Organization 2 11001000 00010111 00011000 00000000 200.23.24.0/22
Organization 3 11001000 00010111 00011100 00000000 200.23.28.0/22

Network Layer: 4-80

 IP addresses: how to get one?
ISP's block 11001000 00010111 00010000 00000000 200.23.16.0/20

What if ISP want to divide its address space into 16 blocks:

Organization 0 11001000 00010111 0001 0000 00000000 200.23.16.0/24
Organization 1 11001000 00010111 0001 0001 00000000 200.23.17.0/24
Organization 2 11001000 00010111 0001 0010 00000000 200.23.18.0/24
… … ….
… … ….
Organization16 11001000 00010111 0001 1111 00000000 200.23.31.0/24

Network Layer: 4-81

Consider a router that interconnects three subnets: Subnet 1, Subnet 2, and Subnet 3.
Suppose all the three subnets are required to have the prefix 223.1.17/24.
Suppose that Subnet 1 is required to support at least 60 interfaces,
Subnet 2 is to support at least 90 interfaces, and
/mask # host
Subnet 3 is to support at least 12 interfaces. a.b.c.d/20 4096
a.b.c.d/21 2048
Provide three network addresses (of the form a.b.c.d/x) a.b.c.d/22 1024
that satisfy these constraints. a.b.c.d/23 512
a.b.c.d/24 256
a.b.c.d/25 128
223.1.17/24  256
a.b.c.d/26 64
a.b.c.d/27 32
Subnet 1 > 60 interfaces  Closest is 64  mask /26
a.b.c.d/28 16
a.b.c.d/29 8
Subnet 2 > 90 interfaces  Closest is 128  mask /25 a.b.c.d/30 4
a.b.c.d/31 2

Subnet 3 > 12 interfaces  Closest is 16  mask /28

Network Layer: 4-82
 Continue….
Oct format
223.1.17/24
x xx xx xxx
11011111 00000001 00010001 xxxxxxxx 27 2 6 2 5 2 4 2 3 2 2 2 1 2 0
128 64 32 16 8 4 2 1

Subnet 1 (/26) 11011111 00000001 00010001 00 xxxxxx 223.1.17.0 /26

00 000000 223.1.17.0
00 111111 223.1.17.63

Subnet 2 (/25) 11011111 00000001 00010001 1 xxxxxxx 223.1.17.128 /25

1 0000000 223.1.17.128
1 1111111 223.1.17.255

Subnet 3 (/28) 11011111 00000001 00010001 0100 xxxx 223.1.17.64 /28

or, 0110 xxxx 223.1.17.192 /28

or, 0111 xxxx 223.1.17. /28
Network Layer: 4-83
 Subnettin
 g
Use this block: 64.1.1/24 subnet 64.1.1.0/27

 Each subnet should have 32 IP addresses

 Subnets between routers  2 IP addresses
64.1.1.98/31
• 232-27 = 25 = 32 host addresses 64.1.1.96/31
• 232-31 = 2 host addresses
01000000 00000001 00000001 xxxxxxxx 64.1.1/24

01000000 00000001 00000001 000xxxxx 64.1.1.0/27

01000000 00000001 00000001 001xxxxx 64.1.1.32/27 64.1.1.100/31
01000000 00000001 00000001 010xxxxx 64.1.1.64/27

01000000 00000001 00000001 0110000x 64.1.1.96/31

01000000 00000001 00000001 0110001x 64.1.1.98/31
01000000 00000001 00000001 0110010x 64.1.1.100/31
subnet 64.1.1.32/27
subnet 64.1.1.64/27
Network Layer: 4-84
 Forwarding decision
Q: Given this forwarding table, computer the forwarding decision for the following:
16.16.20.28 00010000 00010000 00010100 00011100 1
16.16.4.28 00010000 00010000 0000 0100 00011100 2
16.100.100.234 00010000 01100100 01100100 11101010 5

Forwarding Table Preparation for answer 1st step: convert to binary (easy way)

Dest. Address range Output interface 128 64 32 16 8 4 2 1 128 64 32 16 8 4 2 1 128 64 32 16 8 4 2 1

16.16.0.0/16 1 1
00010000 00010000
16.16.0.0/20 2 00010000 00010000 0000 xxxx 2
64.1.0.0/20 3 01000000 00000001 0000 xxxx 3
64.1.1.0/24 4 01000000 00000001 0000 0001 4
16 /8 5 00010000 5

Network Layer: 4-85

Alternative
methods to
subnetting
If you like it, you can use it.
Network Layer: 4-86
Alternative approach to
Subnetting

Network Layer: 4-87

IP addressing
 The prefix and the subnet mask are different ways of
representing the same thing - the network portion of an
address.

Network Layer: 4-88

Alternative approach to
Subnetting
Example Divide network 192.168.1.0/24
into 4 subnets
Solution :
Old mask /24  11111111.11111111.11111111.00000000
255 . 255 . 255 . 0

4 subnets need 2 bits

- New subnet mask = 255 . 255 . 255 . 192
11111111.11111111.11111111. 11000000 (/26)
- interesting octet is 192
- hop count = 256 – 192 = 64

- The first subnet is  192.168.1.0/26

- The second subnet is  192.168.1.64/26
- The third subnet is  192.168.1.128/26
- The fourth subnet is  192.168.1.192/26
Alternative approach to
Subnetting
Example Divide network 172.168.0.0/16
into 8 subnets
Solution :
Old mask /16  11111111.11111111.00000000.00000000
255 . 255 . 0 . 0
- 8 subnets need 3 bits
- new subnet mask = 255 . 255 . 224 . 0
11111111.11111111.11100000.00000000 (/19)
- interesting octet is 224
- hop count = 256 – 224 = 32

- The first subnet is  172.168.0.0/19

- The second subnet is  172.168.32.0/19
- The third subnet is  172.168.64.0/19

-The 8th subnet is  172.168.224.0/19

Alternative approach to
Subnetting
Example Divide network 10.0.0.0/10 into 4 subn
Solution :
Old mask /10  11111111.11000000.00000000.00000000
255 . 192 . 0 . 0

4 subnets need 2 bits

- subnet mask = 255 . 240 . 0 . 0
11111111.11111111.11111111.00000000 (/12)

- interesting octet is 240

- hop count = 256 – 240= 16

- The first subnet is  10.0.0.0/12

- The second subnet is  10.16.0.0/12
- The third subnet is  10.32.0.0/12
- The fourth subnet is  10.48.0.0/12