Wireless and Mobile Computing

Unit-1

The Network allows computers to connect and communicate with different computers via any
medium. LAN, MAN, and WAN are the three major types of networks designed to operate over the
area they cover. There are some similarities and dissimilarities between them. One of the major
differences is the geographical area they cover, i.e. LAN covers the smallest area, MAN covers an
area larger than LAN and WAN comprises the largest of all.
There are other types of Computer Networks also, like :

● PAN (Personal Area Network)

● SAN (Storage Area Network)
● EPN (Enterprise Private Network)
● VPN (Virtual Private Network)
Personal Area Network (PAN)-
PAN is a personal area network having an interconnection of personal technology devices to
communicate over a short distance. It covers only less than 10 meters or 33 feet of area. PAN has
fewer users as compared to other networks such as LAN, WAN, etc. PAN typically uses some form of
wireless technology. PAN involves the transmission of data between information devices such as
smart phones, personal computers, tablet computers, etc.
Advantages:
● Allows for easy communication between personal devices in close proximity.
● Can be set up easily and quickly.
● Uses wireless technology, which eliminates the need for wires and cables.
● PANs are designed to be energy efficient, which means that devices can communicate with each
other without draining their batteries quickly.
● PANs are typically secured using encryption and authentication protocols, which helps to prevent
unauthorized access to data and resources.
Disadvantages:
● Limited coverage area.
● May not be suitable for large-scale data transfer or communication. PANs typically have limited
bandwidth, which means that they may not be able to handle large amounts of data or high-speed
communication.
● May experience interference from other wireless devices.
Local Area Network (LAN) –
LAN or Local Area Network connects network devices in such a way that personal computers and
workstations can share data, tools, and programs. The group of computers and devices are connected
together by a switch, or stack of switches, using a private addressing scheme as defined by the TCP/IP
protocol. Private addresses are unique in relation to other computers on the local network. Routers are
found at the boundary of a LAN, connecting them to the larger WAN.
Data transmits at a very fast rate as the number of computers linked is limited. By definition, the
connections must be high-speed and relatively inexpensive hardware (Such as hubs, network adapters,
and Ethernet cables). LANs cover a smaller geographical area (Size is limited to a few kilometres)
and are privately owned. One can use it for an office building, home, hospital, school, etc. LAN is
easy to design and maintain. A Communication medium used for LAN has twisted-pair cables and
coaxial cables. It covers a short distance, and so the error and noise are minimized.
Early LANs had data rates in the 4 to 16 Mbps range. Today, speeds are normally 100 or 1000 Mbps.
Propagation delay is very short in a LAN. The smallest LAN may only use two computers, while
larger LANs can accommodate thousands of computers. LAN has a range up to 2km. A LAN
typically relies mostly on wired connections for increased speed and security, but wireless connections
can also be part of a LAN. The fault tolerance of a LAN is more and there is less congestion in this
network. For example A bunch of students playing Counter-Strike in the same room (without
internet).
Advantages:
● Provides fast data transfer rates and high-speed communication.
● Easy to set up and manage.
● Can be used to share peripheral devices such as printers and scanners.
● Provides increased security and fault tolerance compared to WANs.
Disadvantages:
● Limited geographical coverage.
● Limited scalability and may require significant infrastructure upgrades to accommodate growth.
● May experience congestion and network performance issues with increased usage.
Metropolitan Area Network (MAN) –
MAN or Metropolitan area Network covers a larger area than that covered by a LAN and a smaller
area as compared to WAN. MAN has a range of 5-50km. It connects two or more computers that are
apart but reside in the same or different cities. It covers a large geographical area and may serve as an
ISP (Internet Service Provider). MAN is designed for customers who need high-speed connectivity.
Speeds of MAN range in terms of Mbps. It’s hard to design and maintain a Metropolitan Area
Network.

The fault tolerance of a MAN is less and also there is more congestion in the network. It is costly and
may or may not be owned by a single organization. The data transfer rate and the propagation delay of
MAN are moderate. Devices used for transmission of data through MAN are Modem and Wire/Cable.
Examples of a MAN are part of the telephone company network that can provide a high-speed DSL
line to the customer or the cable TV network in a city.
Advantages:
● Provides high-speed connectivity over a larger geographical area than LAN.
● Can be used as an ISP for multiple customers.
● Offers higher data transfer rates than WAN in some cases.
Disadvantages:
● Can be expensive to set up and maintain.
● May experience congestion and network performance issues with increased usage.
● May have limited fault tolerance and security compared to LANs.
Wide Area Network (WAN) –
WAN or Wide Area Network is a computer network that extends over a large geographical area,
although it might be confined within the bounds of a state or country. WAN has a range of above 50
km. A WAN could be a connection of LAN connecting to other LANs via telephone lines and radio
waves and may be limited to an enterprise (a corporation or an organization) or accessible to the
public. The technology is high-speed and relatively expensive.
There are two types of WAN: Switched WAN and Point-to-Point WAN. WAN is difficult to design
and maintain. Similar to a MAN, the fault tolerance of a WAN is less and there is more congestion in
the network. A Communication medium used for WAN is PSTN(Public Switched Telephone
Network) or Satellite Link. Due to long-distance transmission, the noise and error tend to be more in
WAN.
WAN’s data rate is slow about a 10th LAN’s speed since it involves increased distance and increased
number of servers and terminals etc. The speed of WAN ranges from a few kilobits per second (Kbps)
to megabits per second (Mbps). Propagation delay is one of the biggest problems faced here. Devices
used for the transmission of data through WAN are Optic wires, Microwaves, and Satellites. An
 example of a Switched WAN is the asynchronous transfer mode (ATM) network and Point-to-Point
WAN is a dial-up line that connects a home computer to the Internet.
Advantages:
● Covers large geographical areas and can connect remote locations.
● Provides connectivity to the internet.
● Offers remote access to resources and applications.
● Can be used to support multiple users and applications simultaneously.
Disadvantages:
● Can be expensive to set up and maintain.
● Offers slower data transfer rates than LAN or MAN.
● May experience higher latency and longer propagation delays due to longer distances and multiple
network hops.
● May have lower fault tolerance and security compared to LANs.

What is the Internet?

The Internet is used to connect the different networks of computers simultaneously. It is a public
network therefore anyone can access the internet. On the internet, there are multiple users and it
provides unlimited information to the users.
What is an Intranet?
Intranet is the type of internet that is used privately. It is a private network therefore anyone can’t
access the intranet. On the intranet, there is a limited number of users and it provides a piece of
limited information to its users.

Types of network

Difference Between the Internet and Intranet

Internet Intranet

Internet is used to connect different networks of

Intranet is owned by private firms.
computers simultaneously.

On the internet, there are multiple users. On an intranet, there are limited users.
 Internet Intranet

Internet is unsafe. Intranet is safe.

On the internet, there is more number of visitors. In the intranet, there is less number of visitors.

Internet is a public network. Intranet is a private network.

Anyone can access the Internet. In this, anyone can’t access the Intranet.

The Internet provides unlimited information. Intranet provides limited information.

Using Social media on your phone or researching A company used to communicate internally
resources via Google. with its employees and share information

The Internet is a global network that connects An intranet is a private network that connects
millions of devices and computers worldwide. devices and computers within an organization.

It is open to everyone and allows access to public An intranet is only accessible to authorized
information, such as websites and online services. users within the organization.

It is used for communication, sharing of An intranet is primarily used for internal

information, e-commerce, education, entertainment, communication, collaboration, and
and other purposes. information sharing within an organization.

Access to an intranet is restricted to

Users can access the Internet from any location with authorized users within the organization and is
an Internet connection and a compatible device. typically limited to specific devices and
locations.

Security measures, such as firewalls, encryption,

Intranets employ similar security measures to
and secure sockets layer (SSL) protocols, are used to
protect against unauthorized access and ensure
protect against threats like hacking, viruses, and
the privacy and integrity of shared data.
malware.
 Internet Intranet

Intranets are private networks that are owned

The Internet is a public network that is not owned by
and managed by the organization that uses
any particular organization or group.
them.

Examples of Internet-based services include email, Examples of intranet-based services include

social media, search engines, and online shopping internal communications, knowledge
sites. management systems, and collaboration tools

Network devices or networking hardware are the physical devices that are used for establishing
connections and facilating interaction between different devices in a computer network.

Hub

Hubs work in the physical layer of the OSI model. A hub is a device for connecting multiple Ethernet
devices and making them act as a single network segment. It has multiple inputs and output ports in
which a signal introduced at the input of any port appears at the output of every port except the
original incoming port.

A hub can be used with both digital and analog data. Hubs do not perform packet filtering or
addressing function, they send the data packets to all the connected devices.

Types of Hub −

● Active Hub
● Passive Hub
● Intelligent Hub

Repeater

A repeater operates at the physical layer of the OSI model.

● A Repeater connects two segments of a network cable.

● Sometimes it regenerates the signals to proper amplitudes and sends them to the other
segment.
● If the signal becomes weak, it can copy the signal bit by bit and regenerate it at the original
strength.
● It is a 2-port device.

Bridge

A bridge operates at the data link layer of the OSI model. It can read only the outmost hardware
address of the packet but cannot read the IP address. It reads the outmost section of the data packet to
tell where the message is going. It reduces the traffic on other network segments. It does not send all
the packets. So, a bridge can be programmed to reject packets from a particular network.
Switch

Switches may operate at one or more layers of the OSI model. They may operate in the data link layer
and network layer; a device that operates simultaneously at more than one of these layers is known as
a multilayer switch.

A Switch can check the errors before forwarding the data, which makes it more efficient and improves
its performance. A switch is the better version of a hub. It is a multi-port bridge device.

Router

Routers are small physical devices that operate at the network layer to join multiple networks together.

● A router is a device like a switch that routes data packets based on their IP addresses.
● Routers normally connect LANs and WANs and have a dynamically updating routing table
based on which they make decisions on routing the data packets.
● A Router divides the broadcast domains of hosts connected through it.
● Routers perform the traffic directing functions on the Internet. A data packet is typically
forwarded from one router to another through the networks that constitute the internetwork
until it reaches its destination code.
● Routers may also be used to connect two or more logical groups of computer devices known
as subnets, each with a different subnet work address. The subnet addresses recorded in a
router do not necessarily map directly to the physical interface connections.

Two types of routers −

● Static routers – Static routers are configured manually and route data packets based on the
information in a router table.
● Dynamic routers – Dynamic routers use adaptive routing which is a process where a router
can forward data by a different route.

Gateway

A gateway is an internetworking capable of joining together two networks that use different base
protocols.

A network gateway can be implemented completely in software, hardware, or a combination of both,

depending on the types of protocols they support.

A network gateway can operate at any level of the OSI model. A broadband router typically serves as
the network gateway, although ordinary computers can also be configured to perform equivalent
functions.

● A gateway is a router or proxy server that routes between networks.

● A gateway belongs to the same subnet to which the PC belongs.

Brouter

A brouter is a combination of a Bridge and a Router. It provides the functions of a bridge and a
router, so it can operate at the data link and network layers of the OSI Model.

● A Brouter can connect networks that use different protocols.

● It can be programmed to work only as a bridge or only as a router.
● When it is configured as a bridge, it forwards data packets to the appropriate segment using a
specific protocol.
● When it is configured as a router, it routes the data packets to the appropriate network using a
routed protocol such as IP.
● TCP/IP protocol stands for the Transmission Control Protocol/ Internet Protocol. It was
developed by the United States Department of Defence in the 1960s. It is a conceptual model
that has a set of communication protocols used for the transfer of information over the
internet and computer networks.
● This protocol tells us how data should be addressed, stored, transferred, coded and decoded
by the devices for end-to-end communication between devices. It is the main protocol of the
Intenet Protocol Suite. TCP/IP provides a reliable, safe and error-free transfer of data between
applications running on hosts through an Internet media.

● TCP/IP Protocol Architecture

● It is a four-layered protocol stack. It helps in the interconnection of network devices over the
internet. Each layer contains certain protocols that help in the functioning of the layer. The
four layers of TCP/IP protocol are Application Layer, Transport Layer, Networking/Internet
Layer and the Data Link/physical layer.

●
● Data-Flow-of-TCP/IP-protocol
● The application, Presentation and Session Layers of the OSI model are combined as the
Application/Process Layer in TCP/IP protocol. It is the top layer of this protocol stack. This
layer controls the user-interface and node-to-node communication. This layer provides the
network interface, internetworking and transport functions. It sends the data to the transport
layer.

● The reliability, flow-control, and correction of data that is sent over the network are taken care
of by the transport layer. User Datagram Protocol and the Transmission control protocol are
present in the transport layer. After the transport layer, the control is given to the Internet
layer.

● The Internet layer is also known as the network layer. Its function is to move the data packets
over the internet to the destination. Data packets can take any of the optimized routes
suggested by this layer. The most important protocol -IP Protocol is present in this layer. This
protocol is responsible for adding the IP addresses to the data, routing the packets, data
encapsulation, formatting.

● The last layer in the TCP/IP protocol stack is the Network Access Layer. It is the combination
of the physical and data link layers of the OSI model. The transmission of data physically
over a network between two devices is controlled by this layer. The mapping of IP addresses
of the devices into physical addresses is also done at this layer.
Address Resolution Protocol (ARP) –

Address Resolution Protocol is a communication protocol used for discovering physical address
associated with given network address. Typically, ARP is a network layer to data link layer mapping
process, which is used to discover MAC address for given Internet Protocol Address. In order to send
the data to destination, having IP address is necessary but not sufficient; we also need the physical
address of the destination machine. ARP is used to get the physical address (MAC address) of
destination machine.

Before sending the IP packet, the MAC address of destination must be known. If not so, then sender
broadcasts the ARP-discovery packet requesting the MAC address of intended destination. Since
ARP-discovery is broadcast, every host inside that network will get this message but the packet will
be discarded by everyone except that intended receiver host whose IP is associated. Now, this receiver
will send a unicast packet with its MAC address (ARP-reply) to the sender of ARP-discovery packet.
After the original sender receives the ARP-reply, it updates ARP-cache and start sending unicast
message to the destination.

Example – GATE CS 2005, Question 24 (ARP Based).

2. Reverse Address Resolution Protocol (RARP) –

Reverse ARP is a networking protocol used by a client machine in a local area network to request its
Internet Protocol address (IPv4) from the gateway-router’s ARP table. The network administrator
creates a table in gateway-router, which is used to map the MAC address to corresponding IP address.
When a new machine is setup or any machine which don’t have memory to store IP address, needs an
IP address for its own use. So the machine sends a RARP broadcast packet which contains its own
MAC address in both sender and receiver hardware address field.

A special host configured inside the local area network, called as RARP-server is responsible to reply
for these kind of broadcast packets. Now the RARP server attempt to find out the entry in IP to MAC
address mapping table. If any entry matches in table, RARP server send the response packet to the
requesting device along with IP address.
● LAN technologies like Ethernet, Ethernet II, Token Ring and Fiber Distributed Data Interface
(FDDI) support the Address Resolution Protocol.
● RARP is not being used in today’s networks. Because we have much great featured protocols like
BOOTP (Bootstrap Protocol) and DHCP( Dynamic Host Configuration Protocol).

IP Address:

An IP address represents a unique address that distinguishes any device on the internet or any network
from another. IP or Internet Protocol defines the set of commands directing the setup of data
transferred through the internet or any other local network.

An IP address is represented by a series of numbers segregated by periods(.). They are expressed in

the form of four pairs - an example address might be 255.255.255.255 wherein each set can range
from 0 to 255.

IP addresses are not produced randomly. They are generated mathematically and are further assigned
by the IANA (Internet Assigned Numbers Authority), a department of the ICANN.

ICANN stands for Internet Corporation for Assigned Names and Numbers. It is a non-profit
corporation founded in the US back in 1998 with an aim to manage Internet security and enable it to
be available by all.

KEY TAKEAWAYS

● An internet protocol (IP) address allows computers to send and receive information.
● An IP address allows information to be sent and received by the correct parties, which means
it can also be used to track down a user's physical location in some instances.
● IP addresses are generated through a hierarchical system involving the IANA, RIRs and ISPs.
● Common IP security threats include hijacking, blacklisting, and DDoS attacks.
 ● Users can protect their IP address by using firewalls, keeping software updated, using VPNs,
and enabling two-factor authentication.

How IP Addresses Work

An IP address allows computers to send and receive data over the internet. Most IP addresses are
purely numerical, but as internet usage grows, letters have been added to some addresses.

There are four types of IP addresses:

● Public
● Private
● Static
● Dynamic

While the public and private types indicate the location of the computer or computer
network—private being used inside a network, public being used outside of a network—static and
dynamic indicate permanency or lack thereof. You'll find more information about the types of IP
addresses in "Types of IP Addresses" below.

Unique Identifiers

An IP address can be compared to a Social Security Number (SSN) as each one is unique to the
computer or user it is assigned to. The creation of these numbers allows routers to identify where they
are sending information on the internet.

How IP Addresses Are Generated

1. IP addresses are generated automatically using an integrated algorithm provided by the

Internet of Assigned Numbers Authority (IANA).
2. IANA then allocates IP address blocks to regional internet registries (RIRs) which in turn
geographically distribute these blocks to internet service providers (ISPs).
3. To generate individual IP addresses for their customers, ISPs typically use a technique called
Dynamic Host Configuration Protocol (DHCP). DHCP allows devices to have an IP address
assigned automatically when they connect to a network.
4. At a more technical level, IP addresses are generated using two main versions of Internet
Protocol (IP): IPv4 and IPv6. IPv4 addresses are 32-bit numbers, represented in a
dotted-decimal format (e.g., 192.168.0.1), while IPv6 addresses are 128-bit numbers,
represented in a hexadecimal format (e.9., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).

Types of IP Addresses
Consumer IP Addresses: These are the IP addresses of individuals and businesses who use the
internet. Consumer IP addresses can be either public or private addresses. As noted above, devices use
private IP addresses within a network and public IP addresses outside of a network.

For example, each device within the same network is assigned a unique private IP address, whereas a
public IP can be accessed directly over the internet and is assigned to your network router by your
ISP.

Public IP addresses come in two types: dynamic IP addresses and static IP addresses.

Dynamic IP Addresses: A dynamic IP address refers to a temporary address assigned to a device by

an ISP. It is active only for a certain amount of time, after which it expires. The computers will either
automatically request a new lease, or it may receive a completely new IP address.
Dynamic IP addresses typically are assigned to devices such as computers, smart phones, or routers.
They provide a level of anonymity and security as the IP address changes periodically.

Dynamic IP addresses make it more difficult to track a specific device or user. When a device
connects to the ISP's network, it is assigned an available IP address from a pool. This address is then
used for a specific duration before being returned to the pool and assigned to another device.

Dynamic IP addresses are the most common type of internet protocol address.

Static IP Addresses: A static IP address is a fixed address that remains constant when assigned to a
device. These addresses typically are used for hosting websites or running servers. By having a fixed
IP address, users can easily connect domain names to their servers, ensuring that their websites or
services are always accessible.

Static addresses are manually configured either on the device itself or by the network administrator.
Normally, static IP addresses are provided by the user’s ISP or network administrator, and typically
come at an additional cost.

IP Addresses and Security Threats

IP address security threats refer to the risks and vulnerabilities associated with the security of IP
addresses. Insufficient security can result in cybercriminals gaining unauthorized access to devices,
launching attacks, or compromising a network’s integrity.

Three common IP address security threats include hijacking, blacklisting, and distributed denial of
service (DDoS) attacks.

Hijacking: IP address hijacking refers to attackers gaining control over IP addresses, which allows
them to intercept and manipulate network traffic. This can lead to unauthorized access, data breaches,
or disruption of services.

Implementing secure protocols, strong authentication mechanisms, and regular monitoring of IP

address assignments can help mitigate the risks associated with IP address hijacking.

Blacklisting: IP addresses can be blacklisted if they are associated with malicious activities, such as
spamming, malware distribution, or hacking attempts. If an IP address is blacklisted, it can result in
restricted access to certain services, reduced email deliverability, or disruption to a network.

To guard against blacklisting, users should consider implementing security measures such as
periodically updating passwords, avoiding public Wi-Fi hotspots, and using anti-virus/anti-malware
software to protect devices.

DDoS Attacks: In a DDoS attack, multiple compromised devices flood a target IP address or network
with an overwhelming amount of traffic, rendering it inaccessible to legitimate users. DDoS attacks
can disrupt online services or potentially cause a network to crash.

Implementing robust network infrastructure, traffic filtering mechanisms, and DDoS mitigation
solutions can help protect against IP address-focused attacks.

A static IP address is one that was manually created, as opposed to having been assigned. A static
address does not change. A dynamic IP address is assigned by a dynamic host configuration protocol
(DHCP) server and is subject to change.
How to Protect Your IP Address
Protecting an IP address is crucial to ensure the security and privacy of your network and systems.
Users can safeguard their IP addresses using firewalls, keeping software updated, using VPNs and
enabling two-factor authentication.

Use a Firewall: Implementing a firewall protects your IP address from unauthorized access. Firewalls
act as a barrier between your network and external threats, filtering incoming and outgoing traffic
based on predefined rules. Configure your firewall to block suspicious IP addresses and restrict access
to suspicious sites.

Keep Software Updated: Regularly update your operating system, applications, and firmware to
patch security vulnerabilities. Outdated software can expose your IP address to potential attacks.
Enable automatic updates or regularly check for updates from trusted sources to ensure you have the
latest security patches.

Use VPNs: Virtual Private Networks (VPNs) encrypt your internet traffic and route it through a
secure server, masking your IP address. This helps protect your IP address from eavesdropping and
unauthorized access. Choose a reputable VPN provider and enable it whenever you connect to public
networks or need to access sensitive information.

Enable Two-Factor Authentication (2FA): Setting up 2FA adds an extra layer of security to your
accounts and devices. It requires users to provide a second form of authentication, such as a unique
code sent to their mobile device, in addition to their password. This prevents unauthorized access even
if someone manages to obtain your IP address and password.

IP Datagram Format

IP stands for Internet Protocol and v4 stands for Version Four (IPv4). IPv4 was the primary version
brought into action for production within the ARPANET in 1983. IP version four addresses are 32-bit
integers which will be expressed in decimal notation.

Characteristics of IPv4
● IPv4 could be a 32-Bit IP Address.
● IPv4 could be a numeric address, and its bits are separated by a dot.
● The number of header fields is twelve and the length of the header field is twenty.
● It has Unicast, broadcast, and multicast style of addresses.
● IPv4 supports VLSM (Virtual Length Subnet Mask).
● IPv4 uses the Post Address Resolution Protocol to map to the MAC address.
● RIP may be a routing protocol supported by the routed daemon.
● Networks ought to be designed either manually or with DHCP.
● Packet fragmentation permits from routers and causing host.
IPv4 Datagram Header
● VERSION: Version of the IP protocol (4 bits), which is 4 for IPv4
● HLEN: IP header length (4 bits), which is the number of 32 bit words in the header. The
minimum value for this field is 5 and the maximum is 15.
● Type of service: Low Delay, High Throughput, Reliability (8 bits)
● Total Length: Length of header + Data (16 bits), which has a minimum value 20 bytes and the
maximum is 65,535 bytes.
● Identification: Unique Packet Id for identifying the group of fragments of a single IP datagram
(16 bits)
● Flags: 3 flags of 1 bit each : reserved bit (must be zero), do not fragment flag, more fragments
flag (same order)
 ● Fragment Offset: Represents the number of Data Bytes ahead of the particular fragment in the
particular Datagram. Specified in terms of number of 8 bytes, which has the maximum value of
65,528 bytes.
● Time to live: Datagram’s lifetime (8 bits), It prevents the datagram to loop through the network
by restricting the number of Hops taken by a Packet before delivering to the Destination.
● Protocol: Name of the protocol to which the data is to be passed (8 bits)
● Header Checksum: 16 bits header checksum for checking errors in the datagram header
● Source IP address: 32 bits IP address of the sender
● Destination IP address: 32 bits IP address of the receiver
● Option: Optional information such as source route, record route. Used by the Network
administrator to check whether a path is working or not.

Routing format

Routing Table:
A routing table is a set of rules, often viewed in table format, that is used to determine where data
packets traveling over an Internet Protocol (IP) network will be directed. All IP-enabled devices,
including routers and switches, use routing tables. See below a Routing Table:
Destination Subnet mask Interface
128.75.43.0 255.255.255.0 Eth0
128.75.43.0 255.255.255.128 Eth1
192.12.17.5 255.255.255.255 Eth3
default Eth2
The entry corresponding to the default gateway configuration is a network destination of 0.0.0.0 with
a network mask (netmask) of 0.0.0.0. The Subnet Mask of default route is always 0.0.0.0 .
Entries of an IP Routing Table:
A routing table contains the information necessary to forward a packet along the best path toward its
destination. Each packet contains information about its origin and destination. Routing Table provides
the device with instructions for sending the packet to the next hop on its route across the network.
Each entry in the routing table consists of the following entries:
1. Network ID:
The network ID or destination corresponding to the route.
2. Subnet Mask:
The mask that is used to match a destination IP address to the network ID.
3. Next Hop:
The IP address to which the packet is forwarded
4. Outgoing Interface:
Outgoing interface the packet should go out to reach the destination network.
5. Metric:
A common use of the metric is to indicate the minimum number of hops (routers crossed) to the
network ID.
Routing table entries can be used to store the following types of routes:
● Directly Attached Network IDs
● Remote Network IDs
● Host Routes
● Default Route
● Destination
When a router receives a packet, it examines the destination IP address, and looks up into its Routing
Table to figure out which interface packet will be sent out.
How are Routing Tables populated?
There are ways to maintain Routing Table:
● Directly connected networks are added automatically.
● Using Static Routing.
● Using Dynamic Routing.
These Routing tables can be maintained manually or dynamically. In dynamic routing, devices build
and maintain their routing tables automatically by using routing protocols to exchange information
about the surrounding network topology. Dynamic routing tables allow devices to “listen” to the
network and respond to occurrences like device failures and network congestion. Tables for static
network devices do not change unless a network administrator manually changes them.
Route Determination Process (finding Subnet ID using Routing Table):
Consider a network is subnetted into 4 subnets as shown in the above picture. The IP Address of the 4
subnets are:
200.1.2.0 (Subnet a)
200.1.2.64 (Subnet b)
200.1.2.128 (Subnet c)
200.1.2.192 (Subnet d)

Then, Routing table maintained by the internal router looks like:

 Destination Subnet Mask Interface

200.1.2.0 255.255.255.192 a

200.1.2.64 255.255.255.192 b

200.1.2.128 255.255.255.192 c

200.1.2.192 255.255.255.192 d

Default 0.0.0.0 e

To find its right subnet (subnet ID), router performs the bitwise ANDing of destination IP Address
mentioned on the data packet and all the subnet masks one by one.
● If there occurs only one match, router forwards the data packet on the corresponding interface.
● If there occurs more than one match, router forwards the data packet on the interface corresponding
to the longest subnet mask.
● If there occurs no match, router forwards the data packet on the interface corresponding to the
default entry.

Internet Control Message Protocol (ICMP)

Internet Control Message Protocol is known as ICMP. The protocol is at the network layer. It is
mostly utilized on network equipment like routers and is utilized for error handling at the network
layer. Since there are various kinds of network layer faults, ICMP can be utilized to report and
troubleshoot these errors.

What is ICMP?

ICMP is used for reporting errors and management queries. It is a supporting protocol and is used by
network devices like routers for sending error messages and operations information. For example, the
requested service is not available or a host or router could not be reached.

Since the IP protocol lacks an error-reporting or error-correcting mechanism, information is

communicated via a message. For instance, when a message is sent to its intended recipient, it may be
intercepted along the route from the sender. The sender may believe that the communication has
reached its destination if no one reports the problem. If a middleman reports the mistake,

Uses of ICMP
ICMP is used for error reporting if two devices connect over the internet and some error occurs, So,
the router sends an ICMP error message to the source informing about the error. For Example,
whenever a device sends any message which is large enough for the receiver, in that case, the receiver
will drop the message and reply to the ICMP message to the source.

Another important use of ICMP protocol is used to perform network diagnosis by making use of
traceroute and ping utility.

Traceroute: Traceroute utility is used to know the route between two devices connected over the
internet. It routes the journey from one router to another, and a traceroute is performed to check
network issues before data transfer.

Ping: Ping is a simple kind of traceroute known as the echo-request message, it is used to measure the
time taken by data to reach the destination and return to the source, these replies are known as
echo-replies messages.

How Does ICMP Work?

ICMP is the primary and important protocol of the IP suite, but ICMP isn’t associated with any
transport layer protocol (TCP or UDP) as it doesn’t need to establish a connection with the destination
device before sending any message as it is a connectionless protocol.

The working of ICMP is just contrasting with TCP, as TCP is a connection-oriented protocol whereas
ICMP is a connectionless protocol. Whenever a connection is established before the message sending,
both devices must be ready through a TCP Handshake.

ICMP packets are transmitted in the form of datagrams that contain an IP header with ICMP data.
ICMP datagram is similar to a packet, which is an independent data entity.

ICMP Packet Format

ICMP header comes after IPv4 and IPv6 packet header.

 ICMPv4 Packet Format

In the ICMP packet format, the first 32 bits of the packet contain three fields:

Type (8-bit): The initial 8-bit of the packet is for message type, it provides a brief description of the
message so that receiving network would know what kind of message it is receiving and how to
respond to it. Some common message types are as follows:

● Type 0 – Echo reply

● Type 3 – Destination unreachable
● Type 5 – Redirect Message
● Type 8 – Echo Request
● Type 11 – Time Exceeded
● Type 12 – Parameter problem

Code (8-bit): Code is the next 8 bits of the ICMP packet format, this field carries some additional
information about the error message and type.

Checksum (16-bit): Last 16 bits are for the checksum field in the ICMP packet header. The
checksum is used to check the number of bits of the complete message and enable the ICMP tool to
ensure that complete data is delivered.

The next 32 bits of the ICMP Header are Extended Header which has the work of pointing out the
problem in IP Message. Byte locations are identified by the pointer which causes the problem
message and receiving device looks here for pointing to the problem.

The last part of the ICMP packet is Data or Payload of variable length. The bytes included in IPv4 are
576 bytes and in IPv6, 1280 bytes.

Introduction To Subnetting
When a bigger network is divided into smaller networks, to maintain security, then that is known as
Subnetting. So, maintenance is easier for smaller networks. For example, if we consider a class A
address, the possible number of hosts is 224 for each network, it is obvious that it is difficult to
maintain such a huge number of hosts, but it would be quite easier to maintain if we divide the
network into small parts.

Uses of Subnetting

1. Subnetting helps in organizing the network in an efficient way which helps in expanding
the technology for large firms and companies.
2. Subnetting is used for specific staffing structures to reduce traffic and maintain order and
efficiency.
3. Subnetting divides domains of the broadcast so that traffic is routed efficiently, which
helps in improving network performance.
4. Subnetting is used in increasing network security.

The network can be divided into two parts: To divide a network into two parts, you need to choose
one bit for each Subnet from the host ID part.

In the above diagram, there are two Subnets.

Note: It is a class C IP so, there are 24 bits in the network id part and 8 bits in the host id part.

How Does Subnetting Work?

The working of subnets starts in such a way that firstly it divides the subnets into smaller subnets. For
communicating between subnets, routers are used. Each subnet allows its linked devices to
communicate with each other. Subnetting for a network should be done in such a way that it does not
affect the network bits.

In class C the first 3 octets are network bits so it remains as it is.

● For Subnet-1: The first bit which is chosen from the host id part is zero and the range
will be from (193.1.2.00000000 till you get all 1’s in the host ID part i.e,
193.1.2.01111111) except for the first bit which is chosen zero for subnet id part.

Thus, the range of subnet 1 is: 193.1.2.0 to 193.1.2.127

Subnet id of Subnet-1 is : 193.1.2.0

The direct Broadcast id of Subnet-1 is: 193.1.2.127

The total number of hosts possible is: 126 (Out of 128,

2 id's are used for Subnet id & Direct Broadcast id)

The subnet mask of Subnet- 1 is: 255.255.255.128

● For Subnet-2: The first bit chosen from the host id part is one and the range will be from
(193.1.2.100000000 till you get all 1’s in the host ID part i.e, 193.1.2.11111111).

Thus, the range of subnet-2 is: 193.1.2.128 to 193.1.2.255

Subnet id of Subnet-2 is : 193.1.2.128

The direct Broadcast id of Subnet-2 is: 193.1.2.255

The total number of hosts possible is: 126 (Out of 128,

2 id's are used for Subnet id & Direct Broadcast id)

The subnet mask of Subnet- 2 is: 255.255.255.128

The best way to find out the subnet mask of a subnet

is to set the fixed bit of host-id to 1 and the rest to 0.

Finally, after using the subnetting the total number of usable hosts is reduced from 254 to 252.

Note:

1. To divide a network into four (22) parts you need to choose two bits from the host id part
for each subnet i.e, (00, 01, 10, 11).
 2. To divide a network into eight (23) parts you need to choose three bits from the host id
part for each subnet i.e, (000, 001, 010, 011, 100, 101, 110, 111) and so on.
3. We can say that if the total number of subnets in a network increases the total number of
usable hosts decreases.

Along with the advantage, there is a small disadvantage to subnetting that is, before subnetting to find
the IP address first the network id is found then the host id followed by the process id, but after
subnetting first network id is found then the subnet id then host id and finally process id by this the
computation increases.

Example 1: An organization is assigned a class C network address of 201.35.2.0. It uses a netmask of

255.255.255.192 to divide this into sub-networks. Which of the following is/are valid host IP
addresses?

1. 201.35.2.129
2. 201.35.2.191
3. 201.35.2.255
4. Both (A) and (C)

Solution:

Converting the last octet of the

netmask into the binary form: 255.255.255.11000000

Converting the last octet of option 1

into the binary form: 201.35.2.10000001

Converting the last octet of option 2

into the binary form: 201.35.2.10111111

Converting the last octet of option 3

into the binary form: 201.35.2.11111111

From the above, we see that Options 2 and 3 are not valid host IP addresses (as they are broadcast
addresses of a subnetwork), and OPTION 1 is not a broadcast address and it can be assigned to a host
IP.
Example 2: An organization has a class C network address of 201.32.64.0. It uses a subnet mask of
255.255.255.248. Which of the following is NOT a valid broadcast address for any subnetworks?

1. 201.32.64.135
2. 201.32.64.240
3. 201.32.64.207
4. 201.32.64.231

Solution:

Converting the last octet of the netmask

into the binary form: 255.255.255.11111000

Converting the last octet of option 1

into the binary form: 201.32.64.10000111

Converting the last octet of option 2

into the binary form: 201.32.64.11110000

Converting the last octet of option 3

into the binary form: 201.32.64.11001111

Converting the last octet of option 4

into the binary form: 201.32.64.11100111

From the above, we can see that in OPTION 1, 3, and 4, all the host bits are 1 and give the valid
broadcast address of subnetworks.

and OPTION 2, the last three bits of the Host address are not 1 therefore it’s not a valid broadcast
address.

Advantages of Subnetting

The advantages of Subnetting are mentioned below:

1. It provides security to one network from another network. eg) In an Organisation, the
code of the Developer department must not be accessed by another department.
2. It may be possible that a particular subnet might need higher network priority than others.
For example, a Sales department needs to host webcasts or video conferences.
 3. In the case of Small networks, maintenance is easy.

Disadvantages of Subnetting

The disadvantages of Subnetting are mentioned below:

1. In the case of a single network, only three steps are required to reach a Process i.e Source
Host to Destination Network, Destination Network to Destination Host, and then
Destination Host to Process.
2. In the case of a Single Network only two IP addresses are wasted to represent Network Id
and Broadcast address but in the case of Subnetting two IP addresses are wasted for each
Subnet.
3. The cost of the overall Network also increases. Subnetting requires internal routers,
Switches, Hubs, Bridges, etc. which are very costly.

Supernetting is the opposite of Subnetting. In subnetting, a single big network is divided into
multiple smaller subnetworks. In Supernetting, multiple networks are combined into a bigger network
termed a Supernetwork or Supernet. In this article, we’ll explore the purpose and advantages of
supernetting, along with essential considerations for its implementation.

What is Supernetting?
Supernetting is the process of aggregating routes to multiple smaller networks. Thus saving storage
space in the routing table, simplifying routing decisions, and reducing route advertisements to
neighboring gateways. Supernetting has helped address the increasing size of routing tables as the
Internet has expanded. Supernetting is mainly used in Route Summarization, where routes to multiple
networks with similar network prefixes are combined into a single routing entry, with the routing
entry pointing to a Super network, encompassing all the networks. This in turn significantly reduces
the size of routing tables and also the size of routing updates exchanged by routing protocols.

More specifically,

● When multiple networks are combined to form a bigger network, it is termed

super-netting
● Super netting is used in route aggregation to reduce the size of routing tables and routing
table updates

Important Points for Supernetting

● All the Networks should be contiguous.
 ● The block size of every network should be equal and must be in form of 2n.
● First Network id should be exactly divisible by whole size of supernet.

Example: Suppose 4 small networks of class C:

200.1.0.0,

200.1.1.0,

200.1.2.0,

200.1.3.0

Build a bigger network that has a single Network Id.

Explanation: Before Supernetting routing table will look like as:

Network Id Subnet Mask Interface

200.1.0.0 255.255.255.0 A

200.1.1.0 255.255.255.0 B

200.1.2.0 255.255.255.0 C
 200.1.3.0 255.255.255.0 D

First, let’s check whether three conditions are satisfied or not:

● Contiguous: You can easily see that all networks are contiguous all having size 256 IP
Addresses( or 254 Hosts )..
Range of first Network from 200.1.0.0 to 200.1.0.255. If you add 1 in last IP address of
first network that is 200.1.0.255 + 0.0.0.1, you will get the next network id which is
200.1.1.0. Similarly, check that all network are contiguous.
● Equal size of all network: As all networks are of class C, so all of them have a size of
256 which is in turn equal to 28.
● First IP address exactly divisible by total size: When a binary number is divided by 2n
then last n bits are the remainder. Hence in order to prove that first IP address is exactly
divisible by while size of Supernet Network. You can check that if last n (n here refers to
the number of bits required to represent the Total Size of the Supernet) bits are 0 or not.

In the given example first IP is 200.1.0.0 and whole size of supernet is 4*28 = 210. If last 10 bits of
first IP address are zero then IP will be divisible.

Last 10 bits of first IP address are zero (highlighted by green color). So 3rd condition is also satisfied.

Advantages of Supernetting
● Control and reduce network traffic
● Helpful to solve the problem of lacking IP addresses
● Minimizes the routing table i.e, it cannot cover a different area of the network when
combined and all the networks should be in the same class and all IP should be
contiguous
Classless Inter Domain Routing (CIDR)

Classless Inter-Domain Routing (CIDR) is a method of IP address allocation and IP routing that
allows for more efficient use of IP addresses. CIDR is based on the idea that IP addresses can be
allocated and routed based on their network prefix rather than their class, which was the traditional
way of IP address allocation.

CIDR addresses are represented using a slash notation, which specifies the number of bits in the
network prefix. For example, an IP address of 192.168.1.0 with a prefix length of 24 would be
represented as 192.168.1.0/24. This notation indicates that the first 24 bits of the IP address are the
network prefix and the remaining 8 bits are the host identifier.

Several Advantages of the Traditional Class-Based Addressing System of CIDR

● Efficient use of IP addresses: CIDR allows for more efficient use of IP addresses by
allowing the allocation of IP addresses based on their network prefix rather than their
class.
● Flexibility: CIDR allows for more flexible IP address allocation, as it allows for the
allocation of arbitrary-sized blocks of IP addresses.
Better routing: CIDR allows for better routing of IP traffic, as it allows routers to
aggregate IP addresses based on their network prefix, reducing the size of routing tables.
● Reduced administrative overhead: CIDR reduces administrative overhead by allowing for
the allocation and routing of IP addresses in a more efficient and flexible way.
● In summary, CIDR is a method of IP address allocation and routing that allows for more
efficient use of IP addresses and better routing of IP traffic. It has several advantages over
the traditional class-based addressing system, including greater flexibility, better routing,
and reduced administrative overhead.

Advantages of CIDR

● Efficient use of IP addresses: CIDR allows for more efficient use of IP addresses, which
is important as the pool of available IPv4 addresses continues to shrink.
● Flexibility: CIDR allows for more flexible allocation of IP addresses, which can be
important for organizations with complex network requirements.
● Better routing: CIDR allows for more efficient routing of IP traffic, which can lead to
better network performance. Reduced administrative overhead: CIDR reduces
administrative overhead by allowing for easier management of IP addresses and routing.
Disadvantages of CIDR

● Complexity: CIDR can be more complex to implement and manage than traditional
class-based addressing, which can require additional training and expertise.
● Compatibility issues: Some older network devices may not be compatible with CIDR,
which can make it difficult to transition to a CIDR-based network.
● Security concerns: CIDR can make it more difficult to implement security measures such
as firewall rules and access control lists, which can increase security risks.
● Overall, CIDR is a useful and efficient method of IP address allocation and routing, but it
may not be suitable for all organizations or networks. It is important to weigh the
advantages and disadvantages of CIDR and consider the specific needs and requirements
of your network before implementing CIDR.

Domain Name System (DNS) in Application Layer

Last Updated : 11 Jul, 2024

​
​

The Domain Name System (DNS) is like the internet’s phone book. It helps you find websites by
translating easy-to-remember names (like www.example.com) into the numerical IP addresses (like
192.0.2.1) that computers use to locate each other on the internet. Without DNS, you would have to
remember long strings of numbers to visit your favorite websites.

Domain Name System (DNS) is a hostname used for IP address translation services. DNS is a
distributed database implemented in a hierarchy of name servers. It is an application layer protocol for
message exchange between clients and servers. It is required for the functioning of the Internet.

What is the Need for DNS?

Every host is identified by the IP address but remembering numbers is very difficult for people also
the IP addresses are not static therefore a mapping is required to change the domain name to the IP
address. So DNS is used to convert the domain name of the websites to their numerical IP address.

Types of Domain

There are various kinds of domains:

 ● Generic Domains: .com(commercial), .edu(educational), .mil(military), .org(nonprofit
organization), .net(similar to commercial) all these are generic domains.
● Country Domain: .in (India) .us .uk
● Inverse Domain: if we want to know what is the domain name of the website. IP to
domain name mapping. So DNS can provide both the mapping for example to find the IP
addresses of geeksforgeeks.org then we have to type

nslookup www.geeksforgeeks.org

Types of DNS

Organization of Domain

It is very difficult to find out the IP address associated with a website because there are millions of
websites and with all those websites we should be able to generate the IP address immediately, there
should not be a lot of delays for that to happen organization of the database is very important.
 Root DNS Server

● DNS Record: Domain name, IP address what is the validity? what is the time to live? and
all the information related to that domain name. These records are stored in a tree-like
structure.
● Namespace: Set of possible names, flat or hierarchical. The naming system maintains a
collection of bindings of names to values – given a name, a resolution mechanism returns
the corresponding value.
● Name Server: It is an implementation of the resolution mechanism.

DNS = Name service in Internet – A zone is an administrative unit, and a domain is a subtree.

Name-to-Address Resolution

The host requests the DNS name server to resolve the domain name. And the name server returns the
IP address corresponding to that domain name to the host so that the host can future connect to that IP
address.
 Name-to-Address Resolution

● Hierarchy of Name Servers Root Name Servers: It is contacted by name servers that
can not resolve the name. It contacts the authoritative name server if name mapping is not
known. It then gets the mapping and returns the IP address to the host.
● Top-level Domain (TLD) Server: It is responsible for com, org, edu, etc, and all
top-level country domains like uk, fr, ca, in, etc. They have info about authoritative
domain servers and know the names and IP addresses of each authoritative name server
for the second-level domains.
● Authoritative Name Servers are the organization’s DNS servers, providing authoritative
hostnames to IP mapping for organization servers. It can be maintained by an
organization or service provider. In order to reach cse.dtu.in we have to ask the root DNS
server, then it will point out to the top-level domain server and then to the authoritative
domain name server which actually contains the IP address. So the authoritative domain
server will return the associative IP address.

Domain Name Server

The client machine sends a request to the local name server, which, if the root does not find the
address in its database, sends a request to the root name server, which in turn, will route the query to a
top-level domain (TLD) or authoritative name server. The root name server can also contain some
hostName to IP address mappings. The Top-level domain (TLD) server always knows who the
authoritative name server is. So finally the IP address is returned to the local name server which in
turn returns the IP address to the host.
 Domain Name Server

How Does DNS Work?

The working of DNS starts with converting a hostname into an IP Address. A domain name serves as
a distinctive identification for a website. It is used in place of an IP address to make it simpler for
consumers to visit websites. Domain Name System works by executing the database whose work is to
store the name of hosts which are available on the Internet. The top-level domain server stores address
information for top-level domains such as .com and .net, .org, and so on. If the Client sends the
request, then the DNS resolver sends a request to DNS Server to fetch the IP Address. In case, when it
does not contain that particular IP Address with a hostname, it forwards the request to another DNS
Server. When IP Address has arrived at the resolver, it completes the request over Internet Protocol.
Network Address Translation (NAT) is a process in which one or more local IP addresses are
translated into one or more Global IP addresses and vice versa to provide Internet access to the local
hosts. It also does the translation of port numbers, i.e., masks the port number of the host with another
port number in the packet that will be routed to the destination. It then makes the corresponding
entries of IP address and port number in the NAT table. NAT generally operates on a router or
firewall.

Working of Network Address Translation (NAT)

Generally, the border router is configured for NAT i.e. the router which has one interface in the local
(inside) network and one interface in the global (outside) network. When a packet traverse outside the
local (inside) network, then NAT converts that local (private) IP address to a global (public) IP
address. When a packet enters the local network, the global (public) IP address is converted to a local
(private) IP address.

If NAT runs out of addresses, i.e., no address is left in the pool configured then the packets will be
dropped and an Internet Control Message Protocol (ICMP) host unreachable packet to the destination
is sent.

Why Mask Port Numbers?

Suppose, in a network, two hosts A and B are connected. Now, both of them request for the same
destination, on the same port number, say 1000, on the host side, at the same time. If NAT does only
translation of IP addresses, then when their packets will arrive at the NAT, both of their IP addresses
would be masked by the public IP address of the network and sent to the destination. Destination will
send replies to the public IP address of the router. Thus, on receiving a reply, it will be unclear to NAT
as to which reply belongs to which host (because source port numbers for both A and B are the same).
Hence, to avoid such a problem, NAT masks the source port number as well and makes an entry in the
NAT table.

NAT inside and outside addresses

Inside refers to the addresses which must be translated. Outside refers to the addresses which are not
in control of an organization. These are the network Addresses in which the translation of the
addresses will be done.

● Inside local address – An IP address that is assigned to a host on the Inside (local)
network. The address is probably not an IP address assigned by the service provider i.e.,
these are private IP addresses. This is the inside host seen from the inside network.
● Inside global address – IP address that represents one or more inside local IP addresses
to the outside world. This is the inside host as seen from the outside network.
● Outside local address – This is the actual IP address of the destination host in the local
network after translation.
 ● Outside global address – This is the outside host as seen from the outside network. It is
the IP address of the outside destination host before translation.

Network Address Translation (NAT) Types

There are 3 ways to configure NAT:

Static NAT

In this, a single unregistered (Private) IP address is mapped with a legally registered (Public) IP
address i.e one-to-one mapping between local and global addresses. This is generally used for Web
hosting. These are not used in organizations as there are many devices that will need Internet access
and to provide Internet access, a public IP address is needed.

Suppose, if there are 3000 devices that need access to the Internet, the organization has to buy 3000
public addresses that will be very costly.

Dynamic NAT

In this type of NAT, an unregistered IP address is translated into a registered (Public) IP address from
a pool of public IP addresses. If the IP address of the pool is not free, then the packet will be dropped
as only a fixed number of private IP addresses can be translated to public addresses.

Suppose, if there is a pool of 2 public IP addresses then only 2 private IP addresses can be translated
at a given time. If 3rd private IP address wants to access the Internet then the packet will be dropped
therefore many private IP addresses are mapped to a pool of public IP addresses. NAT is used when
the number of users who want to access the Internet is fixed. This is also very costly as the
organization has to buy many global IP addresses to make a pool.

Port Address Translation (PAT)

This is also known as NAT overload. In this, many local (private) IP addresses can be translated to a
single registered IP address. Port numbers are used to distinguish the traffic i.e., which traffic belongs
to which IP address. This is most frequently used as it is cost-effective as thousands of users can be
connected to the Internet by using only one real global (public) IP address.

Is NAT an Additional Security Feature Found on a Router?

NAT can provide basic security measure of a router by hiding internal IPs from the rest of the
network. NAT lessen the chances of direct attacks on the internal devices since the internal network’s
IPs are camouflaged behind one public IP address. This offers a level of protection since outside
players cannot access the internal network unless the port forwarding rules are coded in a certain way.
Third, NAT also has its limitation in term of security; it should not be use as a sole security solution as
it is better to be used together with other security tools such as firewalls, and intrusion detection
system.

How Can NAT Help Transition to IPv6?

It is hard to move from IPv4 to IPv6 because of the following reasons; this is because of the
differences in the formats of the addresses as well as the networks that they use. This can be done
through the use of NAT as it makes it easy for a network that has implemented IPv6 to communicate
with a network that has not implemented the newer version of the protocol. During the transition some
intermediate solutions are used such as NAT64 and NAT46 allowing IPv4 and IPv6 addressing
schemes to inter-operate. This makes it easier for organizations to transition over to IPv6 without
affecting or rocking the IPv4 services in exchange for the new IPv6 protocol.

Advantages of NAT

● NAT conserves legally registered IP addresses.

● It provides privacy as the device’s IP address, sending and receiving the traffic, will be
hidden.
● Eliminates address renumbering when a network evolves.

Disadvantage of NAT

● Translation results in switching path delays.

● Certain applications will not function while NAT is enabled.
● Complicates tunneling protocols such as IPsec.
● Also, the router being a network layer device, should not tamper with port
numbers(transport layer) but it has to do so because of NAT.

Virtual LAN (VLAN)

Last Updated : 24 Mar, 2023
 ​
​

Virtual LAN (VLAN) is a concept in which we can divide the devices logically on layer 2 (data link
layer). Generally, layer 3 devices divide the broadcast domain but the broadcast domain can be
divided by switches using the concept of VLAN.

A broadcast domain is a network segment in which if a device broadcast a packet then all the devices
in the same broadcast domain will receive it. The devices in the same broadcast domain will receive
all the broadcast packets but it is limited to switches only as routers don’t forward out the broadcast
packet. To forward out the packets to different VLAN (from one VLAN to another) or broadcast
domains, inter Vlan routing is needed. Through VLAN, different small-size sub-networks are created
which are comparatively easy to handle.

VLAN ranges:

● VLAN 0, 4095: These are reserved VLAN which cannot be seen or used.
● VLAN 1: It is the default VLAN of switches. By default, all switch ports are in VLAN.
This VLAN can’t be deleted or edit but can be used.
● VLAN 2-1001: This is a normal VLAN range. We can create, edit and delete these
VLAN.
● VLAN 1002-1005: These are CISCO defaults for fddi and token rings. These VLAN
can’t be deleted.
● Vlan 1006-4094: This is the extended range of Vlan.

Configuration –
We can simply create VLANs by simply assigning the vlan-id and Vlan name.

#switch1(config)#vlan 2

#switch1(config-vlan)#vlan accounts

Here, 2 is the Vlan I’d and accounts is the Vlan name. Now, we assign Vlan to the switch ports.e.g-

Switch(config)#int fa0/0

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access Vlan 2

Also, switchport range can be assigned to required vlans.

Switch(config)#int range fa0/0-2

Switch(config-if)#switchport mode access

Switch(config-if) #switchport access Vlan 2

By this, switchport fa0/0, fa0/1, fa0-2 will be assigned Vlan 2.

Example –

Assigning IP address 192.168.1.1/24, 192.168.1.2/24 and 192.168.2.1/24 to the PC’s. Now, we will
create Vlan 2 and 3 on switch.

Switch(config)#vlan 2

Switch(config)#vlan 3

We have made VLANs but the most important part is to assign switch ports to the VLANs.

Switch(config)#int fa0/0

Switch(config-if)#switchport mode access

Switch(config-if) #switchport access Vlan 2

Switch(config)#int fa0/1

Switch(config-if)#switchport mode access

Switch(config-if) #switchport access Vlan 3

Switch(config)#int fa0/2

Switch(config-if)#switchport mode access

Switch(config-if) #switchport access Vlan 2

As seen, we have assigned Vlan 2 to fa0/0, fa0/2, and Vlan 3 to fa0/1.

VLANs offer several features and benefits, including:

● Improved network security: VLANs can be used to separate network traffic and limit
access to specific network resources. This improves security by preventing unauthorized
access to sensitive data and network resources.
● Better network performance: By segregating network traffic into smaller logical
networks, VLANs can reduce the amount of broadcast traffic and improve network
performance.
● Simplified network management: VLANs allow network administrators to group
devices together logically, rather than physically, which can simplify network
management tasks such as configuration, troubleshooting, and maintenance.
● Flexibility: VLANs can be configured dynamically, allowing network administrators to
quickly and easily adjust network configurations as needed.
● Cost savings: VLANs can help reduce hardware costs by allowing multiple virtual
networks to share a single physical network infrastructure.
● Scalability: VLANs can be used to segment a network into smaller, more manageable
groups as the network grows in size and complexity.

Some of the key features of VLANs include:

● VLAN tagging: VLAN tagging is a way to identify and distinguish VLAN traffic from
other network traffic. This is typically done by adding a VLAN tag to the Ethernet frame
header.
 ● VLAN membership: VLAN membership determines which devices are assigned to
which VLANs. Devices can be assigned to VLANs based on port, MAC address, or other
criteria.
● VLAN trunking: VLAN trunking allows multiple VLANs to be carried over a single
physical link. This is typically done using a protocol such as IEEE 802.1Q.
● VLAN management: VLAN management involves configuring and managing VLANs,
including assigning devices to VLANs, configuring VLAN tags, and configuring VLAN
trunking.

Types of connections in VLAN –

There are three ways to connect devices on a VLAN, the type of connections are based on the
connected devices i.e. whether they are VLAN-aware(A device that understands VLAN formats and
VLAN membership) or VLAN-unaware(A device that doesn’t understand VLAN format and VLAN
membership).

1. Trunk Link –

All connected devices to a trunk link must be VLAN-aware. All frames on this should
have a special header attached to it called tagged frames.
2. Access link –

It connects VLAN-unaware devices to a VLAN-aware bridge. All frames on the access

link must be untagged.
3. Hybrid link –

It is a combination of the Trunk link and Access link. Here both VLAN-unaware and
VLAN-aware devices are attached and it can have both tagged and untagged frames.

Advantages –

● Performance –
The network traffic is full of broadcast and multicast. VLAN reduces the need to send
such traffic to unnecessary destinations. e.g.-If the traffic is intended for 2 users but as 10
devices are present in the same broadcast domain, therefore, all will receive the traffic i.e.
wastage of bandwidth but if we make VLANs, then the broadcast or multicast packet will
go to the intended users only.
● Formation of virtual groups –
As there are different departments in every organization namely sales, finance etc.,
 VLANs can be very useful in order to group the devices logically according to their
departments.
● Security –
In the same network, sensitive data can be broadcast which can be accessed by the
outsider but by creating VLAN, we can control broadcast domains, set up firewalls,
restrict access. Also, VLANs can be used to inform the network manager of an intrusion.
Hence, VLANs greatly enhance network security.
● Flexibility –
VLAN provide flexibility to add, remove the number of host we want.
● Cost reduction –
VLANs can be used to create broadcast domains which eliminate the need for expensive
routers.
By using Vlan, the number of small size broadcast domain can be increased which are
easy to handle as compared to a bigger broadcast domain.

Disadvantages of VLAN

1. Complexity: VLANs can be complex to configure and manage, particularly in large or

dynamic cloud computing environments.

2. Limited scalability: VLANs are limited by the number of available VLAN IDs, which

can be a constraint in larger cloud computing environments.

3. Limited security: VLANs do not provide complete security and can be compromised by

malicious actors who are able to gain access to the network.

4. Limited interoperability: VLANs may not be fully compatible with all types of network

devices and protocols, which can limit their usefulness in cloud computing environments.
5. Limited mobility: VLANs may not support the movement of devices or users between

different network segments, which can limit their usefulness in mobile or remote cloud
computing environments.
6. Cost: Implementing and maintaining VLANs can be costly, especially if specialized

hardware or software is required.

7. Limited visibility: VLANs can make it more difficult to monitor and troubleshoot

network issues, as traffic is isolated in different segments.

Real-Time Applications of VLAN

Virtual LANs (VLANs) are widely used in cloud computing environments to improve network
performance and security. Here are a few examples of real-time applications of VLANs:

1. Voice over IP (VoIP) : VLANs can be used to isolate voice traffic from data traffic,

which improves the quality of VoIP calls and reduces the risk of network congestion.
2. Video Conferencing : VLANs can be used to prioritize video traffic and ensure that it

receives the bandwidth and resources it needs for high-quality video conferencing.
3. Remote Access : VLANs can be used to provide secure remote access to cloud-based

applications and resources, by isolating remote users from the rest of the network.
4. Cloud Backup and Recovery : VLANs can be used to isolate backup and recovery

traffic, which reduces the risk of network congestion and improves the performance of
backup and recovery operations.
5. Gaming : VLANs can be used to prioritize gaming traffic, which ensures that gamers

receive the bandwidth and resources they need for a smooth gaming experience.
6. IoT : VLANs can be used to isolate Internet of Things (IoT) devices from the rest of the

network, which improves security and reduces the risk of network congestion.

What is IPv6?
The next generation Internet Protocol (IP) address standard, known as IPv6, is meant to work in
tandem with IPv4, which is still in widespread use today, and eventually replace it. To communicate
with other devices, a computer, smartphone, home automation component, Internet of Things sensor,
or any other Internet-connected device needs a numerical IP address. Because so many connected
devices are being used, the original IP address scheme, known as IPv4, is running out of addresses.

What is IPv4?
The common type of IP address (is known as IPv4, for “version 4”). Here’s an example of what an IP
address might look like:

25.59.209.224

An IPv4 address consists of four numbers, each of which contains one to three digits, with a single dot
(.) separating each number or set of digits. This group of separated numbers creates the addresses that
let you and everyone around the globe to send and retrieve data over our Internet connections. The
IPv4 uses a 32-bit address scheme allowing to store 2^32 addresses which is more than 4 billion
addresses. To date, it is considered the primary Internet Protocol and carries 94% of Internet traffic.
Initially, it was assumed it would never run out of addresses but the present situation paves a new way
to IPv6, let’s see why? An IPv6 address consists of eight groups of four hexadecimal digits. Here’s an
example IPv6 address:

3001:0da8:75a3:0000:0000:8a2e:0370:7334

IPv6 vs IPv4
This new IP address version is being deployed to fulfil the need for more Internet addresses. With
128-bit address space, it allows 340 undecillion unique address space.

IPv6 support a theoretical maximum of 340, 282, 366, 920, 938, 463, 463, 374, 607, 431, 768, 211,
456. To keep it straightforward, we will never run out of IP addresses again.

The next iteration of the IP standard is known as Internet Protocol version 6 (IPv6). Although IPv4
and IPv6 will coexist for a while, IPv6 is meant to work in tandem with IPv4 before eventually taking
its place. We need to implement IPv6 in order to proceed and keep bringing new gadgets and services
to the Internet. We can only move forward with an innovative and open Internet if we implement it,
which was created with the needs of a global commercial Internet in mind.

IPv6 IPv4

IPv6 has a 128-bit address length IPv4 has a 32-bit address length

It supports Auto and renumbering address It Supports Manual and DHCP address

configuration configuration
 The address space of IPv6 is quite large it
It can generate 4.29×109 address space
can produce 3.4×1038 address space

Address Representation of IPv6 is in

Address representation of IPv4 is in decimal
hexadecimal

In IPv6 checksum field is not available In IPv4 checksum field is available

IPv6 has a header of 40 bytes fixed IPv4 has a header of 20-60 bytes.

IPv4 supports VLSM(Variable Length

IPv6 does not support VLSM.
subnet mask).

Representation of IPv6
An IPv6 address consists of eight groups of four hexadecimal digits separated by ‘ . ‘ and each Hex
digit representing four bits so the total length of IPv6 is 128 bits. Structure given below.
 IPV6-Representation

gggg.gggg.gggg.ssss.xxxx.xxxx.xxxx.xxxx

The first 48 bits represent Global Routing Prefix. The next 16 bits represent the student ID and the last
64 bits represent the host ID. The first 64 bits represent the network portion and the last 64 bits
represent the interface id.

Global Routing Prefix: The Global Routing Prefix is the portion of an IPv6 address that is used to
identify a specific network or subnet within the larger IPv6 internet. It is assigned by an ISP or a
regional internet registry (RIR).

Student Id: The portion of the address used within an organization to identify subnets. This usually
follows the Global Routing Prefix.

Host Id: The last part of the address, is used to identify a specific host on a network.

Example: 3001:0da8:75a3:0000:0000:8a2e:0370:7334

Types of IPv6 Address

Now that we know about what is IPv6 address let’s take a look at its different types.

● Unicast Addresses : Only one interface is specified by the unicast address. A packet
moves from one host to the destination host when it is sent to a unicast address
destination.
● Multicast Addresses: It represents a group of IP devices and can only be used as the
destination of a datagram.
 ● Anycast Addresses: The multicast address and the anycast address are the same. The
way the anycast address varies from other addresses is that it can deliver the same IP
address to several servers or devices. Keep in mind that the hosts do not receive the IP
address. Stated differently, multiple interfaces or a collection of interfaces are assigned an
anycast address.

Advantages
● Faster Speeds: IPv6 supports multicast rather than broadcast in IPv4.This feature allows
bandwidth-intensive packet flows (like multimedia streams) to be sent to multiple
destinations all at once.
● Stronger Security: IPSecurity, which provides confidentiality, and data integrity, is
embedded into IPv6.
● Routing efficiency
● Reliability
● Most importantly it’s the final solution for growing nodes in Global-network.
● The device allocates addresses on its own.
● Internet protocol security is used to support security.
● Enable simple aggregation of prefixes allocated to IP networks; this saves bandwidth by
enabling the simultaneous transmission of large data packages.

Disadvantages
● Conversion: Due to widespread present usage of IPv4 it will take a long period to
completely shift to IPv6.
● Communication: IPv4 and IPv6 machines cannot communicate directly with each other.
● Not Going Backward Compatibility: IPv6 cannot be executed on IPv4-capable
computers because it is not available on IPv4 systems.
● Conversion Time: One significant drawback of IPv6 is its inability to uniquely identify
each device on the network, which makes the conversion to IPV4 extremely
time-consuming.
● Cross-protocol communication is forbidden since there is no way for IPv4 and IPv6 to
communicate with each other.