20.

1 INTERNETWORKING
The physical and data link layers of a network
operate locally. These two layers are
jointly responsible for data delivery on the
network from one node to the next, as shown
in Figure 20.1.
This internetwork is made of five networks: four
LANs and one WAN. If host A
needs to send a data packet to host D, the packet
needs to go first from A to Rl (a switch
or router), then from Rl to R3, and finally from R3
to host D. We say that the data packet
passes through three links. In each link, two
physical and two data link layers are involved.
However, there is a big problem here. When data
arrive at interface fl of Rl, how
does RI know that interface f3 is the outgoing
interface? There is no provision in the
data link (or physical) layer to help Rl make the
right decision. The frame does not
carry any routing information either. The frame
contains the MAC address ofA as the
source and the MAC address of Rl as the
destination. For a LAN or a WAN, delivery
means carrying the frame through one link, and
not beyond.
Need for Network Layer
To solve the problem of delivery through several
links, the network layer (or the internetwork
layer, as it is sometimes called) was designed. The
network layer is responsible
for host-to-host delivery and for routing the
packets through the routers or switches.
Figure 20.2 shows the same internetwork with a
network layer added.

1
 In conneetionless service, the network layer
protocol treats each packet independently,
Internet as a Datagram Network with each packet having no relationship to any
other packet. The packets in a
The Internet, at the network layer, is a packet- message mayor may not travel the same path to
switched network. We discussed switching their destination. This type of service
in Chapter 8. We said that, in general, switching is used in the datagram approach to packet
can be divided into three broad categories: switching. The Internet has chosen this type
circuit switching, packet switching, and message of service at the network layer.
switching. Packet switching uses The reason for this decision is that the Internet is
either the virtual circuit approach or the datagram made of so many heterogeneous
approach. networks that it is almost impossible to create a
The Internet has chosen the datagram approach to connection from the source to the
switching in the network layer. destination without knowing the nature of the
It uses the universal addresses defined in the networks in advance.
network layer to route packets from the
source to the destination.

Internet as a Connectionless Network

Delivery of a packet can be accomplished by using
either a connection-oriented or a
connectionless network service. In a connection-
oriented service, the source first
makes a connection with the destination before
sending a packet. When the connection
is established, a sequence of packets from the
same source to the same destination can
be sent one after another. In this case, there is a
relationship between packets. They are
sent on the same path in sequential order. A packet
is logically connected to the packet
traveling before it and to the packet traveling after
it. When all packets of a message
have been delivered, the connection is terminated.
In a connection-oriented protocol, the decision
about the route of a sequence of
packets with the same source and destination
addresses can be made only once, when
the connection is established. Switches do not
recalculate the route for each individual
packet. This type of service is used in a virtual-
circuit approacH. to packet switching
such as in Frame Relay and ATM.

2
 order. Also, some could be lost or corrupted
during transmission. Again, IPv4 relies on
20.2 IPv4 a higher-level protocol to take care of all these
The Internet Protocol version 4 (IPv4) is the problems.
delivery mechanism used by the TCP/IP
protocols. Figure 20.4 shows the position of IPv4
in the suite.

Datagram
Packets in the IPv4 layer are called datagrams.
Figure 20.5 shows the

IPv4 datagram format

IPv4 is an unreliable and connectionless datagram

protocol-a best-effort delivery
service. The term best-effort means that IPv4
provides no error control or flow control
(except for error detection on the header). IPv4
assumes the unreliability of the underlying
layers and does its best to get a transmission
through to its destination, but with
no guarantees.
If reliability is important, IPv4 must be paired with
a reliable protocol such as TCP.
An example of a more commonly understood best-
effort delivery service is the post
office. The post office does its best to deliver the
mail but does not always succeed. If
an unregistered letter is lost, it is up to the sender
or would-be recipient to discover the
loss and rectify the problem. The post office itself Version (VER). This 4-bit field defines the
does not keep track of every letter version of the IPv4 protocol. Currently
and cannot notify a sender of loss or damage. the version is 4. However, version 6 (or IPng) may
IPv4 is also a connectionless protocol for a packet- totally replace version 4 in the
switching network that uses the future. This field tells the IPv4 software running in
datagram approach (see Chapter 8). This means the processing machine that the
that each datagram is handled independently, datagram has the format of version 4. All fields
and each datagram can follow a different route to must be interpreted as specified
the destination. This implies in the fourth version of the protocol. If the
that datagrams sent by the same source to the same machine is using some other version of
destination could arrive out of IPv4, the datagram is discarded rather than
interpreted incorrectly.

3
Header length (HLEN). This 4-bit field defines each datagram. The bit patterns and their
the total length of the datagram interpretations are given in Table 20.1.
header in 4-byte words. This field is needed With only 1 bit set at a time, we can have five
because the length of the header different types of services.
is variable (between 20 and 60 bytes). When there
are no options, the header length
is 20 bytes, and the value of this field is 5 (5 x 4 =
20). When the option field is
at its maximum size, the value of this field is 15 2.Differentiated Services
(15 x 4 = 60). In this interpretation, the first 6 bits make up the
Services. IETF has changed the interpretation and codepoint subfield, and the last 2 bits
name of this 8-bit field. This are not used. The codepoint subfield can be used
field, previously called service type, is now called in two different ways.
differentiated services. We show a. When the 3 rightmost bits are Os, the 3 leftmost
both interpretations in Figure 20.6. bits are interpreted the same as the
precedence bits in the service type interpretation.
In other words, it is compatible
with the old interpretation.

When the 3 rightmost bits are not all Os, the 6 bits
define 64 services based on the
1. Service Type priority assignment by the Internet or local
In this interpretation, the first 3 bits are called authorities according to Table 20.3. The
precedence bits. The next 4 bits are first category contains 32 service types; the second
called type of service (TOS) bits, and the last bit is and the third each contain 16.
not used. The first category (numbers 0, 2,4, ... ,62) is
a. Precedence is a 3-bit subfield ranging from 0 assigned by the Internet authorities
(000 in binary) to 7 (111 in binary). (IETF). The second category (3, 7, 11, 15, , 63)
The precedence defines the priority of the can be used by local authorities
datagram in issues such as congestion. (organizations). The third category (1, 5, 9, ,61) is
If a router is congested and needs to discard some temporary and can be used
datagrams, those datagrams for experimental purposes. Note that the numbers
with lowest precedence are discarded first. Some are not contiguous. If they were,
datagrams in the Internet are the first category would range from 0 to 31, the
more important than others. For example, a second from 32 to 47, and the third
datagram used for network management from 48 to 63. This would be incompatible with
is much more urgent and important than a the TOS interpretation because
datagram containing optional XXXOOO (which includes 0, 8, 16, 24, 32, 40,
information for a group. 48, and 56) would fall into all
three categories. Instead, in this assignment
method all these services belong to
TOS bits is a 4-bit subfield with each bit having a
category 1. Note that these assignments have not
special meaning. Although a
yet been finalized.
bit can be either 0 or 1, one and only one of the
bits can have the value of 1 in

4
 helps the receiving network layer know to which
Total length. This is a In-bit field that defines the protocol the data belong (see
total length (header plus data) Figure 20.8).
of the IPv4 datagram in bytes. To find the length
of the data coming from the upper
layer, subtract the header length from the total
length. The header length can be
found by multiplying the value in the HLEN field
by 4.

Checksum. The checksum concept and its

calculation are discussed later in this
chapter.
o Source address. This 32-bit field defines the
IPv4 address of the source. This field
must remain unchanged during the time the IPv4
datagram travels from the source
host to the destination host.
o Destination address. This 32-bit field defines
the IPv4 address of the destination.
This field must remain unchanged during the time
the IPv4 datagram travels from
Identification. This field is used in fragmentation the source host to the destination host.
(discussed in the next section).
o Flags. This field is used in fragmentation
(discussed in the next section).
o Fragmentation offset. This field is used in
fragmentation (discussed in the next
section). Fragmentation
o Time to live. A datagram has a limited lifetime A datagram can travel through different networks.
in its travel through an internet. Each router decapsulates the IPv4
o Protocol. This 8-bit field defines the higher-level datagram from the frame it receives, processes it,
protocol that uses the services of and then encapsulates it in another
the IPv4 layer. An IPv4 datagram can encapsulate frame. The format and size of the received frame
data from several higher-level depend on the protocol used by the
protocols such as TCP, UDP, ICMP, and IGMP. physical network through which the frame has just
This field specifies the final destination traveled. The format and size of
protocol to which the IPv4 datagram is delivered. the sent frame depend on the protocol used by the
In other words, since the physical network through which the
IPv4 protocol carries data from different other frame is going to travel. For example, if a router
protocols, the value of this field. connects a LAN to a WAN, it receives
a frame in the LAN format and sends a frame in
the WAN format.

5
 In other words, all fragments have the same
identification number, the same as the
Maximum Transfer Unit (MTU) original datagram. The identification number helps
Each data link layer protocol has its own frame the destination in reassembling
format in most protocols. One of the the datagram. It knows that all fragments having
fields defined in the format is the maximum size the same identification value must
of the data field. In other words, when be assembled into one datagram.
a datagram is encapsulated in a frame, the total o Flags. This is a 3-bit field. The first bit is
size of the datagram must be less than reserved. The second bit is called the do
this maximum size, which is defined by the notfragment bit. If its value is 1, the machine must
restrictions imposed by the hardware and not fragment the datagram. If it
software used in the network (see Figure 20.9). cannot pass the datagram through any available
The value of the MTU depends on the physical physical network, it discards the
network protocol. Table 20.5 shows datagram and sends an ICMP error message to the
the values for some protocols. source host (see Chapter 21). If
its value is 0, the datagram can be fragmented if
necessary. The third bit is called
the more fragment bit. If its value is 1, it means
the datagram is not the last fragment;
there are more fragments after this one. If its value
is 0, it means this is the
last or only fragment (see Figure 20.10).

Fields Related to Fragmentation Fragmentation offset.

The fields that are related to fragmentation and
reassembly of an IPv4 datagram are the This 13-bit field shows the relative position of this
identification, flags, and fragmentation offset fragment
fields. with respect to the whole datagram. It is the offset
o Identification. This 16-bit field identifies a of the data in the original
datagram originating from the source datagram measured in units of 8 bytes. Figure
host. The combination of the identification and 20.11 shows a datagram with a data
source IPv4 address must uniquely size of 4000 bytes fragmented into three
define a datagram as it leaves the source host. To fragments.
guarantee uniqueness, the IPv4 The bytes in the original datagram are numbered 0
protocol uses a counter to label the datagrams. The to 3999. The first fragment
counter is initialized to a positive carries bytes 0 to 1399. The offset for this
number. When the IPv4 protocol sends a datagram is 0/8 =O. The second fragment
datagram, it copies the current value carries bytes 1400 to 2799; the offset value for this
of the counter to the identification field and fragment is 1400/8 = 175.
increments the counter by'~ 1. As long as Finally, the third fragment carries bytes 2800 to
the counter is kept in the main memory, 3999. The offset value for this
uniqueness is guaranteed. When a datagram fragment is 2800/8 =350.
is fragmented, the value in the identification field Remember that the value of the offset is measured
is copied to all fragments. in units of 8 bytes. This is
done because the length of the offset field is only
13 bits and cannot represent a sequence of bytes

6
greater than 8191. This forces hosts or routers that Options
fragment datagrams The header of the IPv4 datagram is made of two
to choose a fragment size so that the first byte parts: a fixed palt and a variable part.
number is divisible by 8. The fixed part is 20 bytes long and was discussed
in the previous section. The variable
part comprises the options that can be a maximum
of 40 bytes.
Options, as the name implies, are not required for
a datagram. They can be used for
network testing and debugging. Although options
are not a required part of the IPv4
header, option processing is required of the IPv4
software. This means that all implementations
must be able to handle options if they are present
in the header.
The detailed discussion of each option is beyond
the scope of this book. We give
the taxonomy of options in Figure 20.14 and
Checksum briefly explain the purpose of each.

We discussed the general idea behind the

checksum and how it is calculated in Chapter 10.
The implementation of the checksum in the IPv4
packet follows the same principles. First,
the value of the checksum field is set to O. Then
the entire header is divided into 16-bit
sections and added together. The result (sum) is
complemented and inserted into the
checksum field.
The checksum in the IPv4 packet covers only the
header, not the data. There are two
good reasons for this. First, all higher-level
protocols that encapsulate data in the IPv4
datagram have a checksum field that covers the
whole packet. Therefore, the checksum
for the IPv4 datagram does not have to check the
encapsulated data. Second, the header No Operation
of the IPv4 packet changes with each visited A no-operation option is a I-byte option used as a
router, but the data do not. So the checksum filler between options.
includes only the part that has changed. If the data
were included, each router must recalculate
the checksum for the whole packet, which means End of Option
an increase in processing time. An end-of-option option is a I-byte option used for
padding at the end of the option
field. It, however, can only be used as the last
option.

7
Record Route to go from one ~outer to another. We say estimate
A record route option is used to record the Internet because, although all routers may use
routers that handle the datagram. Universal time, their local clocks may not be
It can list up to nine router addresses. It can be synchronized.
used for debugging and management
purposes.
Strict Source Route
A strict source route option is used by the source
to predetermine a route for the datagram
as it travels through the Internet. Dictation of a
route by the source can be useful for several
purposes. The sender can choose a route with a
specific type of service, such
as minimum delay or maximum throughput.
Alternatively, it may choose a route that is
safer or more reliable for the sender's purpose. For
example, a sender can choose a route
so that its datagram does not travel through a
competitor's network.
If a datagram specifies a strict source route, all the
routers defined in the option
must be visited by the datagram. A router must not
be visited if its IPv4 address is not
listed in the datagram. If the datagram visits a
router that is not on the list, the datagram
is discarded and an error message is issued. If the
datagram arrives at the destination
and some of the entries were not visited, it will
also be discarded and an error message
issued.

Loose Source Route

A loose source route option is similar to the strict
source route, but it is less rigid. Each
router in the list must be visited, but the datagram
can visit other routers as well.
Timestamp
A timestamp option is used to record the time of
datagram processing by a router. The
time is expressed in milliseconds from midnight,
Universal time or Greenwich mean
time. Knowing the time a datagram is processed
can help users and managers track the
behavior of the routers in the Internet. We can
estimate the time it takes for a datagram

8
20.3 IPv6
The network layer protocol in the TCP/IP protocol
suite is currently IPv4 (Internetworking
Protocol, version 4). IPv4 provides the host-to-
host communication between systems in the
Internet.
Although IPv4 is well designed, data
communication has evolved since the inception of
IPv4 in the 1970s.

IPv4 has some deficiencies (listed

below) that make it unsuitable for the fast-growing
Internet.
Advantages
o Despite all short-term solutions, such as The next-generation IP, or IPv6, has some
subnetting, classless addressing, and NAT, advantages over IPv4 that can be summarized
address depletion is still a long-term problem in as follows:
the Internet.
o Larger address space. An IPv6 address is 128
o The Internet must accommodate real-time bits long, as we discussed in Chapter
audio and video transmission. This type 19. Compared with the 32-bit address of IPv4, this
of transmission requires minimum delay strategies is a huge (296) increase in
and reservation of resources not the address space.
provided in the IPv4 design.
o Better header format. IPv6 uses a new header
o The Internet must accommodate encryption format in which options are separated
and authentication of data for some from the base header and inserted, when needed,
applications. No encryption or authentication is between the base header
provided by IPv4. and the upper-layer data. This simplifies and
speeds up the routing process because
most of the options do not need to be checked by
routers.
o New options. IPv6 has new options to allow
To overcome these deficiencies: for additional functionalities.
IPv6 (Internetworking Protocol, version 6), also o Allowance for extension. IPv6 is designed to
known as IPng (Internetworking Protocol, next allow the extension of the protocol if
generation), was proposed and is required by new technologies or applications.
now a standard. In IPv6, the Internet protocol was
extensively modified to accommodate
o Support for resource allocation. In IPv6, the
the unforeseen growth of the Internet. The format type-of-service field has been
and the length of the IP address removed, but a mechanism (called low label) has
were changed along with the packet format. been added to enable the source
to request special handling of the packet. This
mechanism can be used to support
traffic such as real-time audio and video.

9
o Support for more security. The encryption and o Priority. The 4-bit priority field defines the
authentication options in IPv6 priority of the packet with respect to
provide confidentiality and integrity of the packet. traffic congestion. We will discuss this field later.
Packet Format
The IPv6 packet is shown in Figure 20.15. Each
packet is composed of a mandatory base
header followed by the payload. The payload
consists of two parts: optional extension
headers and data from an upper layer. The base
header occupies 40 bytes, whereas the
extension headers and data from the upper layer
contain up to 65,535 bytes ofinformation.
Base Header
Figure 20.16 shows the base header with its eight
fields.
These fields are as follows:
o Version. This 4-bit field defines the version
number of the IP. For IPv6, the value is 6.
o Priority. The 4-bit priority field defines the
priority of the packet with respect to
traffic congestion. We will discuss this field later.

Packet Format
The IPv6 packet is shown in Figure 20.15. Each
packet is composed of a mandatory base
header followed by the payload. The payload
consists of two parts: optional extension
headers and data from an upper layer. The base
header occupies 40 bytes, whereas the
extension headers and data from the upper layer Flow label. The flow label is a 3-byte (24-bit) field
contain up to 65,535 bytes ofinformation. that is designed to provide
Base Header special handling for a particular flow of data. We
Figure 20.16 shows the base header with its eight will discuss this field later.
fields.
These fields are as follows:
o Payload length. The 2-byte payload length field
defines the length of the IP datagram
o Version. This 4-bit field defines the version excluding the base header.
number of the IP. For IPv6, the value is 6.

10
 out of order. Congestion-controlled data are
o Next header. The next header is an 8-bit field assigned priorities from 0 to 7, as listed in
defining the header that follows the Table 20.7. A priority of 0 is the lowest; a priority
base header in the datagram. The next header is of 7 is the highest.
either one of the optional extension
headers used by IP or the header of an
encapsulated packet such as UDP or
TCP. Each extension header also contains this
field. Table 20.6 shows the values of
next headers. Note that this field in version 4 is
called the protocol.
o Hop limit. This 8-bit hop limit field serves the
same purpose as the TIL field in IPv4.
o Source address. The source address field is a
16-byte (128-bit) Internet address
that identifies the original source of the datagram.
o Destination address. The destination address
field is a 16-byte (128-bit) Internet
address that usually identifies the final destination
of the datagram. However, if
source routing is used, this field contains the
address of the next router.

The priority descriptions are as follows:

Priority o No specific traffic. A priority of 0 is assigned

The priority field of the IPv6 packet defines the to a packet when the process does
priority of each packet with respect to not define a priority.
other packets from the same source. For example,
if one of two consecutive datagrams
o Background data. This group (priority 1)
defines data that are usually delivered
must be discarded due to congestion, the datagram
in the background. Delivery of the news is a good
with the lower packet priority will
example.
be discarded. IPv6 divides traffic into two broad
categories: congestion-controlled and o Unattended data traffic. If the user is not
noncongestion-controlled. waiting (attending) for the data to be
Congestion-Controlled Traffic If a source adapts received, the packet will be given a priority of 2.
itself to traffic slowdown when E-mail belongs to this group. The
there is congestion, the traffic is referred to as recipient of an e-mail does not know when a
congestion-controlled traffic. For message has arrived. In addition, an
example, TCP, which uses the sliding window e-mail is usually stored before it is forwarded. A
protocol, can easily respond to traffic. In little bit of delay is of little
congestion-controlled traffic, it is understood that consequence.
packets may arrive delayed, lost, or

11
 table; the information is provided by other means
o Attended bulk data traffic. A protocol that such as the hop-by-hop options or
transfers data while the user is waiting other protocols.
(attending) to receive the data (possibly with In its simplest form, a flow label can be used to
delay) is given a priority of 4. FTP speed up the processing of a packet
and HTTP belong to this group. by a router. When a router receives a packet,
o Interactive traffic. Protocols such as TELNET instead of consulting the routing table and
that need user interaction are going through a routing algorithm to define the
assigned the second-highest priority (6) in this address of the next hop, it can easily
group. look in a flow label table for the next hop.
In its more sophisticated form, a flow label can be
o Control traffic. Control traffic is given the used to support the transmission of
highest priority (7). Routing protocols real-time audio and video. Real-time audio or
such as OSPF and RIP and management protocols video, particularly in digital form, requires
such as SNMP have this priority. resources such as high bandwidth, large buffers,
long processing time, and so on. A
process can make a reservation for these resources
beforehand to guarantee that real-time
data will not be delayed due to a lack of resources.
Flow Label
The use of real-time data and the
A sequence of packets, sent from a particular
reservation of these resources require other
source to a particular destination, that needs
protocols such as Real-Time Protocol (RTP)
special handling by routers is called a flow of
and Resource Reservation Protocol (RSVP) in
packets. The combination of the source
addition to IPv6.
address and the value of the flow label uniquely
To allow the effective use of flow labels, three
defines a flow of packets.
rules have been defined:
To a router, a flow is a sequence of packets that
1. The flow label is assigned to a packet by the
share the same characteristics, such
source host. The label is a random
as traveling the same path, using the same
number between 1 and 224 - 1. A source must not
resources, having the same kind of security,
reuse a flow label for a new flow
and so on. A router that supports the handling of
while the existing flow is still active.
flow labels has a flow label table. The
2. If a host does not support the flow label, it sets
table has an entry for each active flow label; each
this field to zero. If a router does not
entry defines the services required by
support the flow label, it simply ignores it.
3. All packets belonging to the sam

the corresponding flow label. When the router

receives a packet, it consults its flow
label table to find the corresponding entry for the Extension Headers
flow label value defined in the packet. The length of the base header is fixed at 40 bytes.
It then provides the packet with the services However, to give greater functionality
mentioned in the entry. However, note that to the IP datagram, the base header can be
the flow label itself does not provide the followed by up to six extension headers.
information for the entries of the flow label Many of these headers are options in IPv4. Six
types of extension headers have been

12
defined, as shown in Figure 20.17. the size of the datagram is larger than the MTU of
the network over which the datagram
travels. In IPv6, only the original source can
fragment. A source must use a path MTU
discovery technique to find the smallest MTU
supported by any network on the path.
The source then fragments using this knowledge.
Authentication
The authentication extension header has a dual
purpose: it validates the message sender
and ensures the integrity of data. We discuss this
extension header when we discuss network
security in Chapter 31.

Encrypted Security Payload

The encrypted security payload (ESP) is an
extension that provides confidentiality
and guards against eavesdropping. We discuss this
extension header in Chapter 31.

Destination Option

The destination option is used when the source

Hop-by-Hop Option needs to pass
The hop-by-hop option is used when the source information to the destination only. Intermediate
needs to pass information to all routers routers are not permitted access to this
visited by the datagram. So far, only three options information.
have been defined: Padl, PadN, and
jumbo payload. The Padl option is 1 byte long and
is designed for alignment purposes.
PadN is similar in concept to Padi. The difference
is that PadN is used when 2 or
more bytes is needed for alignment. The jumbo
payload option is used to define a payload
longer than 65,535 bytes.
Source Routing The source routing extension
header combines the concepts of the
strict source route and the loose source route
options of IPv4.
Fragmentation
The concept of fragmentation is the same as that in
IPv4. However, the place where
fragmentation occurs differs. In IPv4, the source
or a router is required to fragment if

13