MODULE III

Syllabus:
Network Layer Protocols: Virtual circuits and datagrams, Principles
of routing, internet protocol Ipv4 CIDR Routing algorithms: Link-state and distance
vector routing, Routing on the internet RIP OSPF and BGP, Multicast routing.
Introduction to IPV6 and software defined networks, Open flow

NETWORK LAYER

 The network layer in the TCP/IP protocol suite is responsible for the host-to-host
delivery of datagrams.
 It provides services to the transport layer and receives services from the data link
layer. 
 The network layer translates the logical addresses into physical addresses 
 It determines the route from the source to the destination and also manages the
traffic problems such as switching, routing and controls the congestion of data
packets.
 The main role of the network layer is to move the packets from sending host to
the receiving host.

In a nutshell, the main objective of the network layer is to allow end systems,
connected to different networks, to exchange information through intermediate
systems called router. The unit of information in the network layer is called a packet.

Services (Functions) provided by Network Layer are Routing and Forwarding

Routing
 Routing  The network layer is responsible for routing the packet from its source
to the destination. 
 The network layer is responsible for finding the best one among these possible
routes. 
 The network layer needs to have some specific strategies for defining the best
route. 
 Routing is the concept of applying strategies and running routing protocols to
create the decision-making tables for each router.
 These tables are called as routing tables.

Forwarding 
 Forwarding can be defined as the action applied by each router when a packet
arrives at one of its interfaces. 
 The decision-making table, a router normally uses for applying this action is
called the forwarding table. 
 When a router receives a packet from one of its attached networks, it needs to
forward the packet to another attached network.

Routing-algorithms determine values in forwarding-tables

• The algorithms that determine the paths are referred to as routing-algorithms.

• Each router has a forwarding-table.
• As shown in the above figure, a forwarding-table contains 2 columns:
1) Header value and
2) Output link.
Forwarding is done :

1) Firstly, a router examines the header-value of an arriving packet.

 2)Then, the router uses the header-value to index into the forwarding-
table.
3) Finally, the router forwards the packet.

 A packet with a header field value of 0111 arrives to a router.

 The router indexes into its forwarding table and determines that the output link
interface for this packet is interface 2.
 The router then internally forwards the packet to interface 2.
 The routing algorithm determines the values that are inserted into the routers’
forwarding tables.
 The routing algorithm may be centralized (e.g., with an algorithm executing on a
central site and downloading routing information to each of the routers) or
decentralized (i.e., with a piece of the distributed routing algorithm running in each
router).
 In either case, a router receives routing protocol messages, which are used to
configure its forwarding table.

Forwarding is like a car enters the junction from one road and determines which road
it should take to leave the junction.
Routing is like the process of planning the trip from A to B: Before embarking on the
trip, the driver has consulted a map and chosen one of many paths possible, with each
path consisting of a series of road segments connected at junctions.

Virtual Circuit & Datagram Networks

• A network-layer provides 2 types of services:
1) Connectionless service and
2) Connection-oriented service.
 A network- layer connection service begins with handshaking between the
source and destination hosts; and a network-layer connectionless service does not
have any handshaking preliminaries.
 In the network layer, these services are host-to-host services. transport layer
these services are process to- process services.
 Computer network architectures does not provide both connectionless service or
a host-to-host connection service at same time.

• Two categories of computer-networks:

1) Virtual Circuit (VC) Networks
 This provides only a connection-oriented service at the network-layer.
2) Datagram Networks
 This provides only a connectionless service at the network-layer.
 For example: The Internet.

A simple virtual-circuit network

The network-layer connection service is implemented in the routers in the network

core as well as in the end systems.

Virtual Circuit Networks

• A VC consists of
1) A path between the source and destination.
2) VC number: This is one number for each link along the path.
3) Entries in the forwarding-table in each router.
• A packet belonging to a virtual-circuit will carry a VC number in its header.
• At intervening router, the VC number of traversing packet is replaced with a new
VC number.
• The new VC number is obtained from the forwarding-table.

A simple virtual-circuit network

 Forwarding-table in Router
• Three phases in a virtual-circuit :
1) VC Setup
Forwarding-table in R1
Forwarding-table in R1

 During the setup phase, the sending transport-layer

→ contacts the network-layer
→ specifies the receiver’s address and
→ waits for the network to set-up the VC.
 The network-layer determines the path between sender and receiver.
 The network-layer also determines the VC number for each link along the
path.
 Finally, the network-layer adds an entry in the forwarding-table in each
router.
 During VC setup, the network-layer may also reserve resources.
2) Data Transfer
 Once the VC has been established, packets can begin to flow along the VC.
3) VC Teardown
 This is initiated when the sender/receiver wants to terminate the VC.
 The network-layer
→ informs the other end-system of the call termination and
→ removes the appropriate entries in the forwarding-table in each
router.

Virtual-circuit setup
Datagram Networks
• The source attaches the packet with the address of the destination.
• The packets are injected into the network.
• The packets are routed independent of each other.
• No advance circuit setup is needed. So, routers do not maintain any connection
state information.

Datagram Network

• As a packet is transmitted from source to destination, it passes through a series of

routers.
• Each router uses the packet’s destination-address to forward the packet.

Datagram network
 Suppose the router R1 has four links, numbered 0 through 3 .
 Forwarding-table of R1 is as follows

Forwarding Table of Router

 • The router matches a prefix of the packet’s destination-address with the entries in
the table;
1) If both are equal, the router forwards the packet to an associated link. (0, 1
or 2)
2) If both are unequal, the router forwards the packet to a default link
(otherwise 3).
• When there are multiple matches, the router uses the longest prefix matching rule.

Comparison of Virtual Circuit & Datagram

Feature Virtual Circuit (VC) Switching Datagram Switching
Connection
Connection-oriented Connectionless
Type
Path Selection Pre-established path Dynamic, per-packet
Addressing Packet contains full source Packet contains short
virtual-circuit number identifier

Packet Order Always in order May arrive out of order

Routers maintain connection
Router State Routers do not maintain state
state
Routing Packets routed independently Route established at setup,
all packets follow same route

Resource
Possible (bandwidth reservation) No resource reservation
Allocation
Effect of Router Only on packets lost during crash All virtual circuits passing
Failure through failed router terminated

Larger (full address in every

Header Size Smaller (VCI used)
packet)
Less reliable (may need higher-
Reliability More reliable (consistent path)
layer reliability mechanisms)
Asynchronous Transfer Mode
Example
(ATM), Multiprotocol Label IP, UDP
Protocols
Switching (MPLS),Frame Relay

Router
 Routing is the process of directing data packets from a source to a destination
across a network.
 It ensures that information reaches its intended recipient efficiently and
accurately.
 Routers are the devices that make routing decisions.
 A router is a networking device that forwards data packets between computer
networks.
 Routers perform the traffic directing functions on the Internet.
 A packet is typically forwarded from one router to another router through the
networks that constitute an internetwork (e.g. the Internet) until it reaches its
destination node.
 A router is connected to two or more data lines from different IP networks.
 When a data packet comes in on one of the lines, the router reads the network
address information in the packet header to determine the ultimate destination.
Then, using information in its routing table or routing policy, it directs the packet
to the next network on its transmission.

Principles of Routing
1. Routing Tables:
 These tables store information about network paths, including destination
networks, next-hop routers, and metrics (costs) associated with each path.
 Each router's routing table is unique and stored in the router's memory.
 When a router receives an incoming packet, it checks the destination IP address
against its routing table to determine the best path for the packet.
 The routing table is dynamic and changes as the network topology changes.
2. Routing Protocols:
 These are sets of rules that routers use to exchange routing information and build
their routing tables.
 There are various types of routing protocols, including distance-vector, link-state,
and path-vector protocols.
 Each has its own method of calculating the best path for data packets.
3. Path Determination:
 Routing algorithms (like those used in routing protocols) determine the best path
for data packets to travel across the network.
 The efficiency of a path is typically determined by factors such as the number of
hops (i.e., the number of intermediate devices such as routers through which data
must pass), the speed of the links, and the current network traffic load.
 Metrics are used to evaluate the quality of different paths, such as hop count,
bandwidth, or latency.
4. Congestion Handling:
 Routing protocols also need to handle network congestion, ensuring that data
packets are routed efficiently even when the network is busy.
 Congestion occurs when a network node or link carries so much data that it may
deteriorate network performance.
 This is often the result of too many packets present in a part of the subnet.
 Routers have mechanisms to manage congestion, such as dropping packets,
reducing the sending rate, or notifying the source device about the congestion.

Internet Protocol (IP)

• IP(Internet Protocol) is main protocol responsible for packetizing, forwarding &
delivery of a packet at network-layer.
• It is a connection-less & unreliable protocol.
i) Connection-less means there is no connection setup among the sender and
the receiver.
ii) Unreliable protocol means
→ IP does not make any guarantee about delivery of the data.
→ Packets may get dropped during transmission.
• It provides a best-effort delivery service.
• Best effort means IP does its best to get the packet to its destination, but with no
guarantees.
• If reliability is important, IP must be paired with a TCP which is reliable transport-
layer protocol.
• IP does not provide following services
→ flow control
→ error control
→ congestion control services.
 Figure: A look inside the Internet’s network-layer

• Two important components of IP:

1) Internet addressing and
2) Forwarding
• There are two versions of IP in use today.
1) IP version 4 (IPv4) and
2) IP version 6 (IPv6)
• As shown in the above Figure , the network-layer has three major components:
1) IP protocol
2) Routing component determines the path a data follows from source to
destination
3) Network-layer is a facility to report errors in datagrams and respond to
requests for certain network-layer information.

IPv4 Datagram Format

• IP uses the packets called datagrams.
• A datagram consist of 2 parts:
1) Payload (or Data)
2) Header.

Figure: IPv4 datagram format

1) Payload (or Data)

• This field contains the data to be delivered to the destination.
2) Header
• Header contains information essential to routing and delivery.
• IP header contains following fields :
1) Version
These 4 bits specify the IP protocol version of the datagram.By looking at
the version number, the router can determine how to interpret the remainder
of the IP datagram.
2) Header Length
These 4 bits are needed to determine where in the IP datagram the data
actually begins. The typical IP datagram has a 20-byte header.
3) Type of Service (TOS)
The type of service (TOS) bits were included in the IPv4 header to allow
different types of IP datagrams to be distinguished from each other.
For example, it might be useful to distinguish real-time datagrams (such as
those used by an IP telephony application) from non- real-time traffic (for
example, FTP).
4) Datagram Length
 This is the total length of the IP datagram (header plus data), measured
in bytes.
 Since this field is 16 bits long, the theoretical maximum size of the IP
datagram is 65,535 bytes.
 However, datagrams are rarely larger than 1,500 bytes.
5) Identifier, Flags, Fragmentation Offset
 These fields are used for fragmentation and reassembly.
 Fragmentation occurs when the size of the datagram is larger than the
MTU of the network.
i) Identifier: This field uniquely identifies a datagram packet.
ii) Flags: It is a 3-bit field. The first bit is not used.
The second bit D is called the
do not fragment bit. The third
bit M is called the more
fragment bit.
 iii) Fragmentation Offset: This field identifies location of a
fragment in a datagram.

6) Time-To-Live (TTL)
 The time-to-live (TTL) field is included to ensure that datagrams do not
circulate forever in the network.
 Each router decrements TTL by 1 before forwarding.
 If TTL is zero, the datagram is discarded.
7) Protocol
 This field is used only when an IP datagram reaches its final destination.
 The value of this field indicates the specific transport- layer protocol.
 For example, a value of 6 indicates that the data portion is passed to TCP,
while a value of 17 indicates that the data is passed to UDP.
8) Header Checksum
 The header checksum helps a router in detecting bit errors in a received
IP datagram.
 The header checksum is computed by treating each 2 bytes in the header
as a number and summing these numbers using 1’s complement
arithmetic.
9) Source IP Address & Destination IP Address
 These fields contain the addresses of source and destination respectively.
10) Options
 This field allows the packet to request special features such as
→ security level
→ route to be taken by packet at each router.
IP Datagram Fragmentation
Maximum Transmission Unit
• Each network imposes a restriction on maximum size of packet that can be carried.
This is called the MTU (maximum transmission unit).
• For example:
MTU Ethernet = 1500 bytes
MTU FDDI = 4464 bytes
• A router that interconnects several links, each running different link- layer
protocols with different MTUs.
• Suppose it receive an IP datagram from one link. The forwarding table determine
the outgoing link, and this outgoing link has an MTU that is smaller than the
length of the IP datagram.
• The solution is to fragment the data in the IP datagram into two or more smaller
IP datagrams, encapsulate each of these smaller IP datagrams in a separate link-
layer frame; and send these frames over the outgoing link.
• Each of these smaller datagrams is referred to as a fragment.
• Fragmentation means
“The datagram is divided into smaller fragments when size of a datagram is
larger than MTU”
• Each fragment is routed independently.
• Fragments need to be reassembled before they reach the transport layer at the
destination.
• The designers of IPv4 decided to put the job of datagram reassembly in the end
systems rather than in network routers.
• When a destination host receives a series of datagrams from the same source, it
needs to determine whether any of these datagrams are fragments of some
original, larger datagram.
• If some datagrams are fragments, it must further determine when it has received
the last fragment and how the fragments it has received should be pieced back
together to form the original datagram.
• To allow the destination host to perform these reassembly tasks, the designers of
IP (version 4) put three fields such as identification, flag, and fragmentation offset
fields in the IP datagram header.
• The figure illustrates an example where a 4,000-byte datagram (including a 20-
byte IP header and 3,980-byte payload) must be forwarded over a link with an
MTU of 1,500 bytes. This requires fragmentation into three smaller IP datagrams.
The original datagram, identified by the number 777, is split so that all but the last
fragment contain payloads in multiples of 8 bytes, with offset values specified in
8-byte chunks. The following table summarizes the fragment characteristics.
 IP fragmentation and reassembly

IP Fragment Table

1) Identification
• This field is used to identify to which datagram a particular fragment belongs to
(so that fragments for different packets do not get mixed up).
• When a datagram is created, the source attaches the datagram with an
identification-number.
• When a datagram is fragmented, the value in the identification-field is copied into
all fragments.
• The identification-number helps the destination in reassembling the datagram.
2) Flags
• This field has 3 bits.
i) The first bit is not used.
ii) DF bit (Don't Fragment):
a) If DF=1, the router should not fragment the datagram. Then, the
router discards the datagram.
 b) If DF=0, the router can fragment the datagram.
iii) MF bit (More Fragment):
a) If MF=1, there are some more fragments to come.
b) If MF=0, this is last fragment.
3) Fragmentation Offset
• This field identifies location of a fragment in a datagram.
• This field is the offset of the data in the original datagram.

 At the destination, the payload of the datagram is passed to the transport layer
only after the IP layer has fully reconstructed the original IP datagram.
 If one or more of the fragments does not arrive at the destination, the incomplete
datagram is discarded and not passed to the transport layer.

IPv4 Addressing

 When IP in the host wants to send a datagram, it does so over the link.
 The boundary between the host and the physical link is called an interface.
 A router thus has multiple interfaces, one for each of its links.
 Because every host and router is capable of sending and receiving IP datagrams,
IP requires each host and router interface to have its own IP address.
 Thus, an IP address is technically associated with an interface.
 IP address is a numeric identifier assigned to each machine on the internet.
 IP address consists of two parts: network ID(NID) and host ID(HID).
1) NID identifies the network to which the host is connected. All the hosts
connected to the same network have the same NID.
2) HID is used to uniquely identify a host on that network.HID is assigned
by the network-administrator at the local site.
 NID for an organization may be assigned by the ISP (Internet Service Provider).
 Each IPV4 address is 32 bits long (equivalently, 4 bytes), and there are thus a
total of 232 possible IP addresses i.e., approximately 4 billion addresses.
 2³² = 4,294,967,296 possible IP addresses
 The IPv4 addresses are unique and universal.
IP Address Notation
There are three common notations to show an IPv4 address:
 binary notation (base 2)
 dotted-decimal notation (base 256)
 hexadecimal notation (base 16).
 The most predominant is base 256.

IP Address Notation
 Binary notation
 In binary notation, an IPv4 address is displayed as 32 bits.
 Each octet is often referred to as a byte.
 To make the address more readable, one or more spaces is usually inserted
between each octet(8 bits)
10000000 00001011 0000011 00011111
 Dotted-Decimal Notation: Base 256
 To make the IPv4 address more compact and easier to read, an IPv4 address is
usually written in decimal form with a decimal point (dot) separating the bytes.
 This format is referred to as dotted-decimal notation.

 Hexadecimal notation
 IPv4 address can be depicted in hexadecimal notation.
 Each hexadecimal digit is equivalent to four bits.
 This means that a 32-bit address has 8 hexadecimal digits.
 This notation is often used in network programming.
1000 0001 0000 1011 0000 0011 0001 1111
0X810B031F or 810B031F16
IP address can be classified as
1) Classful IP addressing &
2) Classless IP addressing (CIDR Classless Inter Domain Routing)
1. IPv4 Classful Addressing
 • In classful addressing, the address space (0.0.0.0-255.255.255.255) is divided into
five classes: A, B, C, D and E.
• IP address class is identified by MSBs in binary.
• Classes A, B and C are used for unicast addressing.
• Class D was designed for multicasting and class E is reserved.
• However, only A, B, and C are used for network hosts. Class D, which covers the
224.0.0.0-239.255.255.255 IP address range, is reserved for multicasting, and class E
(240.0.0.0-255.255.255.255) is reserved for “future use.”
The five classes of IP addresses

• We can find the class of an address when given the address in binary notation or
dotted-decimal notation.  If the address is given in binary notation, the first few
bits can immediately tell us the class of the address.  If the address is given in
decimal-dotted notation, the first byte defines the class.

Finding the classes in binary and dotted-decimal notation

Question:
Find the class of each address.
a. 00000001 00001011 00001011 11101111
b. b. 11000001 10000011 00011011 11111111
c. c. 14.23.120.8
d. d. 252.5.15.111
Solution :
a. The first bit is 0. This is a class A address.
b. The first 2 bits are 1; the third bit is 0. This is a class C address.
c. The first byte is 14 (between 0 and 127); the class is A.
d. The first byte is 252 (between 240 and 255); the class is E.

Classes and Blocks

One problem with classful addressing is that each class is divided into a fixed number
of blocks with each block having a fixed size.

 Class A addresses were designed for big networks like ISPs or large
organizations, with a large number of attached hosts or routers. 
 Class B addresses were designed for medium sized organizations with tens of
thousands of attached hosts or routers. 
 Class C addresses were designed for Small networks, like home or small office
with a small number of attached hosts or routers.

• Analysis:
 In classful addressing, a large part of the available addresses were wasted,
since Class A and B were too large for most organizations.

 Class C is suited only for small organization or homes and reserved

addresses were sparingly used.
 If you’re a big company like Google, you might get a Class A block, because you
need millions of IP addresses.
 If you're a school or college, a Class B block would be enough.
 If you're a small office or home, a Class C block works well (you just need < 256
devices).·

Limitations of Classful Addressing: 

 A block in class A address is too large for almost any organization. This means
most of the addresses in class A were wasted and were not used. 
 A block in class B is also very large, probably too large for many of the
organizations that received a class B block.

 A block in class C is probably too small for many organizations.

 Class D addresses were designed for multicasting. Each address in this class is
used to define one group of hosts on the Internet. The Internet authorities wrongly
predicted a need for 268,435,456 groups. This never happened and many
addresses were wasted here too.

 And lastly, the class E addresses were reserved for future use; only a few were
used, resulting in another waste of addresses.

Netid and Hostid 

 In classful addressing, an IP address in class A, B, or C is divided into netid and
hostid. 
 These parts are of varying lengths, depending on the class of the address. In the
 In class A, one byte defines the netid and three bytes define the hostid.
 In class B, two bytes define the netid and two bytes define the hostid. 
 In class C, three bytes define the netid and one byte defines the hostid.
Obtaining a Block of Addresses
• To obtain a block of IP addresses for use within an organization’s subnet, a
network-administrator contacts the ISP.
• IP addresses are managed under the authority of the ICANN.
 • The responsibility of the ICANN (Internet Corporation for Assigned Names and
Numbers):
→ to allocate IP addresses,
→ to manage the DNS root servers.
→ to assign domain names and resolve domain name disputes.
→ to allocate addresses to regional Internet registries.

For example, the ISP may itself have been allocated the address block 200.23.16.0/20.
The ISP, in turn, could divide its address block into eight equal-sized contiguous
address blocks and give one of these address blocks out to each of up to eight
organizations that are supported by this ISP.

Obtaining a Host Address: DHCP

• Two ways to assign an IP address to a host:
1) Manual Configuration
 Operating systems allow system-administrator to manually configure IP
address.
2) Dynamic Host Configuration Protocol (DHCP)
 DHCP enables auto-configuration of IP address to host.

Dynamic Host Configuration Protocol (DHCP)

• DHCP enables auto-configuration of IP address to host.
• A network administrator can configure DHCP.
• DHCP assigns dynamic IP addresses to devices on a network.
• Dynamic address allocation is required
→ when a host moves from one network to another or
→ when a host is connected to a network for the first time.
DHCP’s ability to automate the network-related aspects of connecting a host into a
network, it is often referred to as a plug-and- play protocol.

• Four steps in DHCP protocol

1) DHCP Server Discovery

 DHCP server contains a range of unassigned addresses to be assigned to
hosts on-demand.
 To contact DHCP server, a client broadcasts a DHCPDISCOVER
message with destination IP address 255.255.255.255.
2) DHCP Server Offer
 DHCP server broadcasts DHCPOFFER message containing
→ client's IP address
→ network mask and
→ IP address lease time (i.e. the amount of time for which the IP
address will be valid).
3) DHCP Request
 The client sends a DHCPREQUEST message, requesting the offered
address.
4) DHCP ACK

The DHCP server acknowledges with a DHCPACK message

NAT
• Network Address Translation (NAT) enables hosts to use Internet without the
need to have globally unique addresses.
• NAT enables organization to have a large set of addresses internally and one
address externally.
• The organization must have single connection to the Internet through a NAT-
enabled router.
• NAT allows a single device (such as a router) to act as an agent between
1) Internet (or "public network") and
2) Local (or "private") network.
• This means only a single, unique IP address is required to represent an entire group
of computers.
• The following figure shows the operation of a NAT-enabled router.

• The private addresses only have meaning to devices within a given network.
• The NAT-enabled router does not look like a router to the outside world.
• Instead, the NAT-enabled router behaves to the outside world as a single
device with a single IP address.
• In the above figure:
1) All traffic leaving the home-router for the Internet has a source-address of
138.76.29.7.
2) All traffic entering the home-router must have a destination-address of
138.76.29.7.
• The NAT-enabled router is hiding the details of the home-network from the outside
world.
• At the NAT router, NAT translation-table includes
1) Port numbers and
2) IP addresses.

ICMP
• ICMP is a network-layer protocol. (ICMP  Internet Control Message Protocol).
• This is used to handle error and other control messages.
• Main responsibility of ICMP: To report errors that occurs during the processing of
the datagram.
• ICMP does not correct errors; ICMP simply reports the errors to the source.
• 12 types of ICMP
messages are defined as shown in the following Table.

• Each ICMP message type is encapsulated in an IP packet.

1) Destination Unreachable (Type=3)

• This message is related to problem reaching the destinations.
• This message uses different codes (0 to 15) to define type of error-message.
• Possible values for code field:
Code 0 = network unreachable
Code 1 = host unreachable
Code 2 = protocol unreachable
Code 3 = port unreachable
2) Source Quench (Type=4)
• The main purpose is to perform congestion control.
 • This message
→ informs the sender that network has encountered congestion & datagram
has been dropped.
→ informs the sender to reduce its transmission-rate.
3) Echo Request & Echo Reply (Type=8 & Type=0)
• These messages are used to determine whether a remote-host is alive.
• A source sends an echo request-message to destination;
If the destination is alive, the destination responds with an echo reply message.
• Type=8 is used for echo request; Type=0 is used for echo reply.
• These messages can be used in two debugging tools: ping and traceroute.
i) Ping
 The ping program can be used to find if a host is alive and responding.
 The source-host sends ICMP echo-request-messages.
 The destination, if alive, responds with ICMP echo-reply messages.
ii) Traceroute
 The traceroute program can be used to trace the path of a packet from
source to destination.
 It can find the IP addresses of all the routers that are visited along the path.
 The program is usually set to check for the maximum of 30 hops (routers)
to be visited.

Question :

A block of address is granted to a small organization. One of the address is

205.16.37.39/28. Find the starting and ending address given to organization

Finding Starting and Ending Address of 205.16.37.39/28

Step 1: Understand /28 Prefix

/28 prefix means that the first 28 bits are the network part, and the remaining
4 bits (32 - 28 = 4) are for the host part.

So, total number of IP addresses = 24=16addresses.

 These include:

1 network address (starting address)

1 broadcast address (ending address)

14 usable host addresses

Step 2: Convert IP to Binary

IP Address: 205.16.37.39
Binary form (each octet in 8-bit binary):

205 = 11001101
16 = 00010000
37 = 00100101
39 = 00100111

Full binary = 11001101.00010000.00100101.00100111

Step 3: Find Network Address

Mask the first 28 bits, keep last 4 bits as zeros:

Network portion (first 28 bits): 11001101.00010000.00100101.0010

Host portion (last 4 bits zero): 0000

This gives:

11001101.00010000.00100101.00100000 → 205.16.37.32

Network Address (Starting Address) = 205.16.37.32

Step 4: Find Broadcast Address

Set last 4 bits to 1 (i.e., all host bits set):

11001101.00010000.00100101.00101111 → 205.16.37.47
 Broadcast Address (Ending Address) = 205.16.37.47

Summary:

Network Address: 205.16.37.32

First Usable Address: 205.16.37.33

Last Usable Address: 205.16.37.46

Broadcast Address: 205.16.37.47

OR

To find the first and last addresses of the block, we can use the given IP address and
subnet mask to calculate the network address and the broadcast address.

First, we need to convert the given IP address and subnet mask into binary form. The
subnet mask "/28" means that the first 28 bits are network bits, and the remaining 4
bits are host bits.

The binary form of the given IP address 205.16.37.39 is:

11001101.00010000.00100101.00100111

The binary form of the subnet mask "/28" is:

11111111.11111111.11111111.11110000

By performing a bitwise AND operation between the IP address and the subnet mask,
we can find the network address:

11001101.00010000.00100101.00100000

This gives us the network address 205.16.37.32.

To find the broadcast address, we set all the host bits to 1 within the network:

11001101.00010000.00100101.00101111

This gives us the broadcast address 205.16.37.47.

Therefore, the first address of the block is 205.16.37.33, and the last address is
205.16.37.46.
Que: An ISP is granted a block of addresses starting with
190.100.0.0/16. The ISP needs to distribute these addresses to three
groups as follows:
a) First group have 64 customers, each needs 256 addresses

b) Second group have 128 customers, each needs 128 addresses

c) Third group have 128 customers, each needs 64 addresses.

Design the sub blocks and find out how many addresses are still available
after these allocations.

Ans:
Mask (Subnet Mask/net mask)
 A mask is a 32-bit number made of continuous 1s followed by continuous 0s.
 It is used to distinguish the network portion of an IP address from the host
portion,enabling efficient routing and networking.
 The masks for classes A, B, and C are shown in the below Table.
 The concept does not apply to classes D and E. 
 The mask can help us to find the netid and the hostid.
 For example, the mask for a class A address has eight 1s, which means the first 8
bits of any address in class A define the netid; the next 24 bits define the
hostid.
2. Classless IP Addressing - CIDR (Classless Inter-Domain Routing)
CIDR allows IP addresses to be written in prefix notation (e.g., /8, /16, /24) rather
than relying on traditional classes. It is a method for allocating IP addresses that
improves efficiency and reducing routing table size by summarizing IP addresses into
ranges, rather than assigning them individually, as in the older classful system.

 The above table shows the default subnet masks used in classful addressing,
which correspond to the CIDR notation when no custom subnetting is done.
 These values are known as the default subnet masks for class A, B, and C
networks. In CIDR, the same subnet masks are represented using the slash (/)
notation, indicating how many bits are used for the network portion.
 The last column of the Table shows the mask in the form /n where n can be 8, 16,
or 24 in classful addressing.

 This notation is also called slash notation or Classless Interdomain Routing

(CIDR) notation.

 CIDR allows more flexible and efficient address allocation of IP addresses by

using prefix notation, like:
192.168.0.0/24 (this means the first 24 bits are the network part).

Address Depletion Problem

 The fast growth of the Internet led to the near depletion of the available addresses
in classful addressing scheme.
 Yet the number of devices on the Internet is much less than the 232 address space.
 We have run out of class A and B addresses, and a class C block is too small for
most midsize organizations. 
 One solution that has alleviated the problem is the idea of classless addressing. 
 Classful addressing, which is almost obsolete, is replaced with classless
addressing.

Subnet Addressing
• Problem with classful addressing:
 Consider an organization has a Class B address which can support about
64,000 hosts.
 It will be a huge task for the network-administrator to manage all 64,000
hosts.
• Solution: Use subnet addressing.
• Subnetting is the process of dividing a large network into smaller networks
(subnets) for better organization, security, and efficient IP usage.
• Each adjacent physical network is referred to as subnet.
• All nodes on a subnet are configured with a subnet mask.
For example: 255.255.255.0.
• The 1's in the subnet-mask represent the positions that refer to the network or
subnet-numbers. The 0's represent the positions that refer to the host
part of the address.
• The bitwise AND of IP address and its subnet mask gives the subnet number.
• Advantage:
 The subnet-addressing scheme is unaware to the network outside the
organization.
 Inside the organization the network-administrator is free to choose
any combination of lengths for the subnet & host ID fields.
 Subnet Addressing of Class B address
 The 1's in the subnet mask identify the network/subnet portion
 The 0's identify the host portion
 When you perform a bitwise AND operation between an IP address and its subnet
mask, you get the subnet address
 Original Class B: Uses mask 255.255.0.0 (network.network.host.host)
 Subnetted: Might use 255.255.255.0 (network.network.sunet.host)

Routing Algorithms
• A routing-algorithm is used to find a “good” path from source to destination.
• Typically, a good path is one that has the least cost.
The least-cost problem: Find a path between the source and destination that has least
cost.

Routing Algorithm Classification

• A routing-algorithm can be classified as follows:
1) Global or decentralized
2) Static or dynamic
3) Load-sensitive or Load-insensitive

1. Global or Decentralized
1.a. Global Routing Algorithm
• The calculation of the least-cost path is carried out at one centralized site.
• This algorithm has complete, global knowledge about the network.
• Algorithms with global state information are referred to as link-state (LS)
algorithms.
1.b. Decentralized Routing Algorithm
 • The calculation of the least-cost path is carried out in an iterative, distributed
manner.
• No node has complete information about the costs of all network links.
• Each node has only the knowledge of the costs of its own directly attached links.
• Each node performs calculation by exchanging information with its neighboring
nodes.
2. Static or Dynamic
2.a. Static Routing Algorithms
• Routes change very slowly over time, as a result of human intervention.
• For example: a human manually editing a router’s forwarding-table.
2.b. Dynamic Routing Algorithms
• The routing paths change, as the network-topology or traffic-loads change.
• The algorithm can be run either
→ periodically or
→ in response to topology or link cost changes.
• Advantage: More responsive to network changes.
• Disadvantage: More susceptible to routing loop problem.

3. Load Sensitive or Load Insensitive

3.a. Load Sensitive Algorithm

• Link costs vary dynamically to reflect the current level of congestion in the
underlying link.
• If high cost is associated with congested-link, the algorithm chooses routes around
congested-link.
3.b. Load Insensitive Algorithm
• Link costs do not explicitly reflect the current level of congestion in the underlying
link.
• Today’s Internet routing-algorithms are load-insensitive. For example: RIP, OSPF,
and BGP
The Link-State (LS) Routing Algorithm
 In a link-state algorithm, the network topology and all link costs are known, that is,
available as input to the LS algorithm.
 Objective-to find the least cost path from source router to destination router
 In practice this is accomplished by having each node broadcast link- state packets
to all other nodes in the network, with each link-state packet containing the
identities and costs of its attached links.
 All nodes have an identical and complete view of the network.
 Link state routing protocol rely on two mechanisms:
 Reliable dissemination of link state information i.e Flooding
 Calculation of route from the sum of all accumulated link state knowledge

Link-State Database (LSDB)

To create a least-cost tree with this method, each node needs to have a complete map
of the network, which means it needs to know the state of each link. The collection of
states for all links is called the link-state database (LSDB)

 Each and every node can create the LSDB that contains information about the
whole internet by a process called flooding.
 Each node can send some greeting messages to all its immediate neighbors (those
nodes to which it is connected directly) to collect two pieces of information for
each neighboring node:
The identity of the node
The cost of the link.
 The combination of these two pieces of information is called the LS packet (LSP);
 This LSP is sent out of each interface. When a node receives an LSP from one of
its interfaces, it compares the LSP with the copy it may already have.
 If the newly arrived LSP is older than the one it has (found by checking the
sequence number), it discards the LSP.
 If it is newer or the first one received, the node discards the old LSP (if there is
one) and keeps the received one.
 It then sends a copy of it out of each interface except the one from which the
packet arrived.
 This guarantees that flooding stops somewhere in the network (where a node has
only one interface).
 After receiving all new LSPs, each node creates the comprehensive LSDB as
shown in the following figure.
 This LSDB is the same for each node and shows the whole map of the internet.
 A node can make the whole map if it needs to, using this LSDB.

Formation of Least-Cost Trees

To create a least-cost tree for itself, using the shared LSDB, each node needs to run
the famous Dijkstra Algorithm. This algorithm uses the following steps:
1. The node chooses itself as the root of the tree, creating a tree with a single node,
and sets the total cost of each node based on the information in the LSDB.
2. The node selects one node, among all nodes not in the tree, which is closest to the
root, and adds this to the tree. After this node is added to the tree, the cost of all
other nodes not in the tree needs to be updated because the paths may have been
changed.
3. The node repeats step 2 until all nodes are added to the tree.
DV Routing Algorithm
Bellman Ford Algorithm
• Distance vector (DV) algorithm is 1) iterative, 2) asynchronous, and 3) distributed.
1) It is distributed. This is because each node
→ receives some information from one or more of its directly
attached neighbours
→ performs the calculation and
→ distributes then the results of the calculation back to the
neighbours.
2) It is iterative. This is because
→ the process continues on until no more info is exchanged between
neighbours.
3) It is asynchronous. This is because
→ the process does not require all of the nodes to operate.

• The basic idea is as follows:

1) Let us define the following notation:
Dx(y) = cost of the least-cost path from node x to node y, for all nodes
in N.
 Dx = [Dx(y): y in N] be node x’s distance vector of cost estimates
from x to all other nodes y in N.
2) Each node x maintains the following routing information:
i) For each neighbor v, the cost c(x,v) from node x to directly attached
neighbor v
ii) Node x’s distance vector, that is, Dx = [Dx(y): y in N],
containing x’s estimate of its cost to all destinations y in N.
iii) The distance vectors of each of its neighbors, that is, Dv =
[Dv(y): y in N] for each neighbor v of x.
3) From time to time, each node sends a copy of its distance vector to each of
its neighbors.
4) The least costs are computed by the Bellman-Ford equation: Dx(y)
= minv{c(x,v) + Dv(y)} for each node y in N
· Dx(y) is the cost of the shortest path from node x to node y
· c(x,v) is the cost of the direct link from node x to node v
· Dv(y) is the cost of the shortest path from node v to node y
· The minimum is taken over all neighboring nodes v that x can reach directly

5) If node x’s distance vector has changed as a result of this update step,
node x will then send its updated distance vector to each of its neighbors.
 The following figure illustrates the operation of the DV algorithm for the simple
three node network.

Distance-vector (DV) algorithm

• The operation of the algorithm is illustrated in a synchronous manner.
Here, all nodes simultaneously
→ receive distance vectors from their neighbours
→ compute their new distance vectors, and
→ inform their neighbours if their distance vectors have changed.
• The table in the upper-left corner is node x’s initial routing-table.
• In this routing-table, each row is a distance vector.
• The first row in node x’s routing-table is Dx = [Dx(x), Dx(y), Dx(z)] = [0, 2,7].
• After initialization, each node sends its distance vector to each of its two neighbours.
• This is illustrated in the above Figure by the arrows from the first column of
tables to the second column of tables.
 • For example, node x sends its distance vector Dx = [0, 2, 7] to both nodes y and z.
After receiving the updates, each node recomputes its own distance vector.
• For example, node x computes Dx(x) = 0
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)} = min{2 + 0, 7 + 1} = 2
Dx(z) = min{c(x,y) + Dy(z), c(x,z) + Dz(z)} = min{2 + 1, 7 + 0} = 3
• The second column therefore displays, for each node, the node’s new distance
vector along with distance vectors just received from its neighbours.
• Note, that node x’s estimate for the least cost to node z, Dx(z), has changed from 7
to 3.
• The process of receiving updated distance vectors from neighbours, recomputing
routing-table entries, and informing neighbours of changed costs of the least-cost
path to a destination continues until no update messages are sent.
• The algorithm remains in the quiescent state until a link cost changes.

A Comparison of LS and DV Routing-algorithms

Distance Vector Protocol Link State Protocol
Entire routing-table is sent as an update Updates are incremental & entire routing-
table is not sent as update
Distance vector protocol send periodicUpdates are triggered not periodic

Updates are broadcasted Updates are multicasted

Updates are sent to directly Update are sent to entire network &
connected neighbour only to just directly connected neighbour
Routers don’t have end to end visibility of Routers have visibility of entire network
entire network. of that area only.
Prone to routing loops No routing loops
Each node talks to only its directly
Each node talks with all other nodes (via
broadcast)

Hierarchical Routing

Routing in the Internet

• Purpose of Routing protocols:
To determine the path taken by a datagram between source and destination.

Problems with simple routing algorithms:

Scalability – As router count grows, computing and storing routing info becomes
complex.
Administrative Autonomy – Organizations need control over internal routing while
still connecting to the internet.

Solution:
Group routers into Autonomous Systems (AS) – a set of routers under one
administrative authority (e.g., same ISP or company).

• In AS, all routers run the same routing protocol among themselves.

Types of Routing Protocols:

Intra-AS Routing(Interior Routing): Within a single AS.

Inter-AS Routing(Expterior Routing): Between different ASes

An example of interconnected autonomous-systems

Intra-AS Routing Protocol

 Intra-AS routing protocols are also known as interior gateway protocols.
 Runs within an autonomous system (AS).
 It is used to determine how routing is performed within an AS.

 All routers in an AS use the same protocol (e.g., RIP, OSPF).

 Each router computes the optimal path to any destination inside the AS.
 Example: AS1 has routers 1a, 1b, 1c, 1d running an intra-AS protocol.

Inter-AS Routing Protocol

 Runs between autonomous systems.

 Gateway routers connect ASs and handle traffic between ASs.
 Main functions:
  Get reachability info from neighboring ASs.
 Share this info with internal routers.
 Both ASs must use the same protocol (e.g., BGP).

Intra-AS Routing in the Internet: RIP(Routing Information Protocol)

• RIP is widely used for intra-AS routing in the Internet.
• RIP is a distance-vector protocol.
• Use the Bellman-Ford algorithm for calculating the routing tables

RIP measures the distance between two networks using a value called hop count.

A hop means passing through one router.

• Each link has a cost of 1.

• The maximum cost of a path is limited to 15.
• The distance vector is the current estimate of shortest path distances from router to
subnets in AS.
• The below figure shows the number of hops from source router A to various
subnets.

Consider an AS shown in following figure

 • Each router maintains a RIP table known as a routing-table.
• Following figure shows the routing-table for router D.

• Routers can send types of messages:

1) Response-message
2) Request-message
1) Response Message
 Using this message, the routers exchange routing updates with their
neighbors every 30 secs.
 If a router doesn’t hear from its neighbor every 180 secs, then that neighbor
is not reachable.
 When this happens, RIP
→ modifies the local routing-table and
→ propagates this information by sending advertisements to its
neighbors.
 The response-message contains
→ list of up to 25 destination subnets within the AS and
→ sender’s distance to each of those subnets.
 After 240 seconds, the route is removed from the table.

 Response-messages are also known as advertisements.

2) Request Message
 Using this message, router requests information about its neighbor’s cost to
a given destination.
• Both types of messages are sent over UDP using port# 520.
• The UDP segment is carried between routers in an IP datagram.

RIP Message Format

 Command: 8-bit  The type of message: request (1) or response (2)

 Version: 8-bit  Define the RIP version 
 Reserved: Since this is a restricted field, it is entirely filled with zeros.
 Family: 16-bit  Define the family of the protocol used .We enter the value 2 in
this section because we are using the TCP/IP family.
 Address: 14 bytes  Defines the address of the destination network  14 bytes
for this field to be applicable to any protocol  When using IPv4, only 4 bytes
are used; the remaining 10 bytes are all zeros.
 Distance: 32-bit  The hop count from the advertising router to the destination
network
RIP Timers
Periodic Timer:
 Controls how often a router sends regular updates.
 Although protocol specifies 30 s, set randomly between 25–35 seconds to avoid
traffic bursts.
 After each update, the timer is reset.
Expiration Timer:
 Tracks the validity of a route.
 Set to 180 seconds when a route update is received.
 Resets with each new update.
 If no update is received within 180 seconds, the route is marked as expired (hop
count set to 16 = unreachable).
Garbage Collection Timer:

 When a route becomes invalid, the router does not immediately purge that route
from its table. 
 It continues advertise the route with a metric value of 16. 
 A garbage collection timer is set to 120 s for that route. 
 When the count reaches zero, the route is purged from the table. 
 Allow neighbors to become aware of the invalidity of a route prior to purging.

Intra-AS Routing in the Internet: OSPF

• Open Shortest Path First (OSPF) is widely used for intra-AS routing in the Internet.
• OSPF is a link-state protocol that uses
→ flooding of link-state information and
→ Dijkstra least-cost path algorithm.
• it works:
1) A router constructs a complete topological map (a graph) of the entire
autonomous-system.
2) Then, the router runs Dijkstra’s algorithm to determine a shortest-path tree
to all subnets.
3) Finally, the router broadcasts link state information to all other routers
in the autonomous-system. Specifically, the router broadcasts link
state information
→ periodically at least once every 30 minutes and
→ whenever there is a change in a link’s state. For example: a
change in up/down status.
• Individual link costs are configured by the network-administrator.
• OSPF advertisements (a message used to share routing information between
routers in an OSPF domain)are contained in OSPF messages that are carried
directly by IP.
• HELLO message can be used to check whether the links are operational.
• The router can also obtain a neighboring router’s database of network-wide link
state.
• Some of the advanced features include:
1) Security
 Exchanges between OSPF routers can be authenticated.
 With authentication, only trusted routers can participate within an AS.
 By default, OSPF packets between routers are not authenticated.
 Two types of authentication can be configured: 1) Simple and 2) MD5.
i) Simple Authentication
¤ The same password is configured on each router.
¤ Clearly, simple authentication is not very secure.
ii) MD5 Authentication
(MD5 (Message-Digest Algorithm 5) is a cryptographic hash
function that takes any length of data as input and produces a fixed-
size 128-bit (16-byte) hash value. )
¤ This is based on shared secret keys that are configured in all the
routers.
¤ Here is how it works:
1) The sending router
→ computes a MD5 hash on the content of packet
→ includes the resulting hash value in the packet and
→ sends the packet
2) The receiving router
→ computes an MD5 hash of the packet
→ compares computed-hash value with the hash value carried
in packet and
→ verifies the packet’s authenticity
2) Multiple Same Cost Paths
  When multiple paths to a destination have same cost, OSPF allows
multiple paths to be used.
3) Integrated Support for Unicast & Multicast Routing
 Multicast OSPF (MOSPF) provides simple extensions to OSPF to provide
for multicast-routing.
 MOSPF
→ uses the existing OSPF link database and
→ adds a new type of link-state advertisement to the existing
broadcast mechanism.
Five types of link-state advertisements:
 router link,
 network link,
 summary link to network
 summary link to AS border router
 external link.

4) Support for Hierarchy within a Single Routing Domain

 An autonomous-system can be configured hierarchically into areas.
 Areas in OSPF are collections of routers grouped together.
 In area, an area-border-router is responsible for routing packets outside the
area.
 Exactly one OSPF area in the AS is configured to be the backbone-area.
 The primary role of the backbone-area is to route traffic between the other
areas in the AS.
Inter-AS Routing: Border Gateway Protocol(BGP)
• BGP is widely used for inter-AS routing in the Internet.
• Using BGP, each AS can
1) Obtain subnet reachability-information from neighboring ASs.
2) Propagate the reachability-information to all routers internal to the AS.
3) Determine good routes to subnets based on
i) reachability-information and
ii) AS policy.
• Using BGP, each subnet can advertise its existence to the rest of the Internet.
 Basics
• Pairs of routers exchange routing-information over semi-permanent TCP
connections using port-179.
• One TCP connection is used to connect 2 routers in 2 different autonomous-
systems. Semipermanent TCP connection is used to connect among routers
within an autonomous-system.
• Two routers at the end of each connection are called peers.
The messages sent over the connection is called a session.
• Two types of session:
1) External BGP (eBGP) session
 This refers to a session that spans 2 autonomous-systems.
2) Internal BGP (iBGP) session
 This refers to a session between routers in the same AS.

Operation of External BGP (eBGP)

 BGP is a point-to-point protocol.
 When the software is installed on two routers, they try to create a TCP connection
using the well-known port 179.
 The two routers that run the BGP processes are called BGP peers or BGP
speakers.
 The eBGP variation of BGP allows two physically connected border routers in
twodifferent ASs to form pairs of eBGP speakers and exchange messages
 The routers that we use in following figure has three pairs: R1-R5, R2-R6, and
R4-R9.
 The connection between these pairs is established over three physical WANs
(N5,N6, and N7).
 There is a need for a logical TCP connection to be created over the physical
connection to make the exchange of information possible. Each logical
connection in BGP is referred to as a session.
 This means that we need three sessions, as shown in Figure (below).

 The circled number defines the sending router in each case.

 For example, message number 1 is sent by router R1 and tells router R5 that N1,
N2, N3,and N4 can be reached through router R1 (R1 gets this information from
the corresponding intradomain forwarding table). Router R5 can now add these
pieces of information at the end of its forwarding table. When R5 receives any
packet destined for these four networks, it can use its forwarding table and find
that the next router is R1.

Messages
BGP four types of messages for communication between the BGP speakers across the
ASs and inside an AS:
Four messages are
open, update, keepalive, and notification .
All BGP packets share the same common header.
Open Message. To create a neighborhood relationship, a router running BGP opens a
TCP connection with a neighbor and sends an open message.
Update Message. The update message is used by a router to withdraw destinations
that have been advertised previously, to announce a route to a new destination, or both.
Keepalive Message. The BGP peers that are running exchange keepalive messages
regularly (before their hold time expires) to tell each other that they are alive.
Notification. A notification message is sent by a router whenever an error condition is
detected or a router wants to close the session.
Path Attributes & Routes
• An autonomous-system is identified by its globally unique ASN (Autonomous-
System Number).
• A router advertises a prefix across a session.
• The router includes a number of attributes with the prefix.
• Two important attributes: 1) AS-PATH and 2) NEXT-HOP
1) AS-PATH
 This attribute contains the ASs through which the advertisement for the
prefix has passed.

Note: A prefix represents a network or subnet that is being advertised between

routers.Example: If a router advertises 192.168.1.0/24, it means that the router is
responsible for routing all IP addresses from 192.168.1.0 to 192.168.1.255.

 When a prefix is passed into an AS, the AS adds its ASN to the AS-PATH
attribute.
 Routers use the AS-PATH attribute to detect and prevent looping
advertisements.
2) NEXT-HOP
 This attribute provides the critical link between the inter-AS and intra-AS
routing protocols.

Multicast
• In multicasting, a multicast router may have to send out copies of the same
datagram through more than one interface.
• A number of emerging network applications requires multicasting. These
applications include
1) Bulk data transfer (for ex: the transfer of a software upgrade)
2) Streaming continuous media (for ex: the transfer of the audio/video)
 3) Shared data applications (for ex: a teleconferencing application)
4) Web cache updating
5) Interactive gaming (for ex: multiplayer games).
• Two problems in multicast communication:
1) How to identify the receivers of a multicast-packet.
2) How to address a packet sent to these receivers.
• A multicast-packet is addressed using address indirection.
• A single identifier is used for the group of receivers.
• Using this single identifier, a copy of the packet is delivered to all multicast
receivers.
• Class D addresses are made of one block, used for multicasting.
• The multicast-group abstraction is illustrated in the following figure :

Figure: The multicast group: A datagram addressed to the group is delivered to all
members of the multicast group

IGMP
• In the Internet, the multicast consists of 2 components:
1) IGMP (Internet Group Management Protocol)
 IGMP is a protocol that manages group membership.
 It provides multicast-routers info about the membership-status of hosts
connected to the network
  The operations are i) Joining/Leaving a group and ii) monitoring
membership
2) Multicast Routing Protocols
 These protocols are used to coordinate the multicast-routers throughout the
Internet.
 A host places a multicast address in the destination address field to send
packets to a set of hosts belonging to a group.

The IGMP protocol operates between a host and its attached-router.

The below figure shows three first-hop multicast-routers.

Figure : The two components of network-layer multicast in the Internet: IGMP and
multicast- routing protocols

• IGMP messages are encapsulated within an IP datagram.

• Three types of message: 1) membership_query 2) membership_report 3)
leave_group
1) membership_query
 A host sends a membership-query message to find active group-members
in the network.
2) membership_report
 A host sends membership_report message when an application first joins a
multicast-group.
 The host sends this message without waiting for a membership_query
message from the router.
 3) leave_group
 This message is optional.
 The host sends this message to leave the multicast-group.

Multicast Routing Algorithms

• Two methods used for building a multicast-routing tree:
1) Single group-shared tree.
2) Source-specific routing tree.
1) Multicast Routing using a Group Shared Tree
• A single group-shared tree is used to distribute the traffic for all senders in the
group.
• This is based on
Building a tree that includes all edge-routers & attached-hosts belonging to
the multicast-group.
• In practice, a center-based approach is used to construct the multicast-routing tree.
• Edge-routers send join messages addressed to the center-node.
• Here is how it works:
1) A center-node is defined.
2) Then, the edge-routers send unicast tree-join messages to the center-node.
3) Finally, a tree-join message is forwarded toward the center until it either
→ arrives at a node that already belongs to the multicast tree or
→ arrives at the center.
2) Multicast Routing using a Source Based Tree
• A source-specific routing tree is constructed for each individual sender in the group.
• In practice, an RPF algorithm is used to construct a multicast forwarding tree.
• The solution to the problem of receiving unwanted multicast-packets under RPF is
known as pruning.
• A multicast-router that has no attached-hosts will send a prune message to its
upstream router.
Multicast hosts, their attached routers, and other routers

Multicast Routing in the Internet

• Three multicast routing protocols are:
1) Distance Vector Multicast Routing Protocol (DVMRP)

2) Protocol Independent Multicast (PIM) and

3) Source Specific Multicast (SSM)
1) DVMRP
• DVMRP was the first multicast-routing protocol used in the Internet.
• DVMRP uses an RPF algorithm with pruning.
2) PIM
• PIM is the most widely used multicast-routing protocol in the Internet.
• PIM divides multicast routing into sparse and dense mode.
3) SSM
• Only a single sender is allowed to send traffic into the multicast tree. This
simplifies tree construction & maintenance.

IPv6
• CIDR, subnetting and NAT could not solve address-space exhaustion faced by IPv4.
• IPv6 was evolved to solve this problem.
Changes from IPv4 to IPv6 (Advantages of IPv6)
1) Expanded Addressing Capabilities
 IPv6 increases the size of the IP address from 32 to 128 bits (Supports upto
3.4×1038 nodes).
 In addition to unicast & multicast addresses, IPv6 has an anycast address.
  Anycast address allows a datagram to be delivered to only one member of
the group.
2) A Streamlined 40-byte Header
 A number of IPv4 fields have been dropped or made optional in IPv6
header.
 The resulting 40-byte fixed-length header allows for faster processing of
the IP datagram.
 A new encoding of options field allows for more flexible options
processing.
3) Flow Labeling & Priority
 A flow can be defined as
“Labeling of packets belonging to particular flows for which the
sender requests special handling”.
 For example:
Audio and video transmission may be treated as a flow.

IPv6 Datagram Format

• The format of the IPv6 datagram is shown in the following Figure

IPv6 datagram format

• The following fields are defined in IPv6:

1) Version
 This field specifies the IP version, i.e., 6.
2) Traffic Class
 This field is similar to the TOS(Type of Service) field in IPv4.
 This field indicates the priority of the packet.
 3) Flow Label
 This field is used to provide special handling for a particular flow of data.
4) Payload Length
 This field shows the length of the IPv6 payload.
5) Next Header
 This field is similar to the options field in IPv4.
 This field identifies type of extension header that follows the basic header.
6) Hop Limit
 This field is similar to TTL (Time to Live) field in IPv4.
 This field shows the maximum number of routers the packet can travel.
 The contents of this field are decremented by 1 by each router that
forwards the datagram.
 If the hop limit count reaches 0, the datagram is discarded.
7) Source & Destination Addresses
 These fields show the addresses of the source & destination of the packet.
8) Data
 This field is the payload portion of the datagram.
 When the datagram reaches the destination, the payload will be
→ removed from the IP datagram and
→ passed on to the upper layer protocol (TCP or UDP).

IPv4 Fields not present in IPv6

1) Fragmentation/Reassembly
• Fragmentation of the packet is done only by the source, but
not by the routers. The reassembling is done by the
destination.
• Fragmentation & reassembly is a time-consuming operation.
• At routers, the fragmentation is not allowed to speed up the processing in the router.
• If packet-size is greater than the MTU (Maximum Trnasmission Unit) of the network,
the router
→ drops the packet.
→ sends an error message to inform the source.
2) Header Checksum
 • In the Internet layers, the transport-layer and link-layer protocols perform check
summing.
• This functionality was redundant in the network-layer.
• So, this functionality was removed to speed up the processing in the router.
3) Options
• In, IPv6, next-header field is similar to the options field in IPv4.
• This field identifies type of extension header that follows the basic header.
• To support extra functionalities, extension headers can be placed between base
header and payload.

Difference between IPv4 & IPv6

IPv4 IPv6
1 IPv4 addresses are 32 bit length IPv6 addresses are 128 bit length
2 Fragmentation is done by sender and Fragmentation is done only by sender
forwarding routers
3 Does not identify packet flow for QoS Contains Flow Label field that specifies packet
handling flow for QoS handling
4 Includes Options up to 40 bytes Extension headers used for optional data
5 Includes a checksum Does not includes a checksum
6 Address Resolution Protocol (ARP) is Address Resolution Protocol (ARP) is replaced
available to map IPv4 addresses to MAC with Neighbor Discovery Protocol (NDP)
addresses
7 Broadcast messages are available Broadcast messages are not available
8 Manual configuration (Static) of IP addresses or Auto-configuration of addresses is available
DHCP (Dynamic configuration) is required
to configure IP addresses
9 IPSec is optional, external IPSec is required

Transitioning from IPv4 to IPv6

• IPv4-capable systems are not capable of handling IPv6 datagrams.
• Two strategies have been devised for transition from IPv4 to IPv6:
1) Dual stack and
 2) Tunneling.

Dual Stack Approach

• IPv6-capable nodes also have a complete IPv4 implementation. Such nodes
are referred to as IPv6/IPv4 nodes.
• IPv6/IPv4 node has the ability to send and receive both IPv4 and IPv6 datagrams.
• When interoperating with an IPv4 node, an IPv6/IPv4 node can use
IPv4 datagrams. When interoperating with an IPv6 node, an
IPv6/IPv4 node can use IPv6 datagrams.
• IPv6/IPv4 nodes must have both IPv6 and IPv4 addresses.
• IPv6/IPv4 nodes must be able to determine whether another node is IPv6-capable
or IPv4-only.
• This problem can be solved using the DNS.
If the node name is resolved to IPv6-capable, then the DNS returns an IPv6
address Otherwise, the DNS return an IPv4 address.
• If either the sender or the receiver is only IPv4-capable, an IPv4 datagram must be
used.
• Two IPv6-capable nodes can send IPv4 datagrams to each other.

A dual-stack approach

• Here is how it works:

1) Suppose IPv6-capable Node-A wants to send a datagram to IPv6-capable
Node-F.
2) IPv6-capable Node-B creates an IPv4 datagram to send to IPv4-capable
Node-C.
 3) At IPv6-capable Node-B, the IPv6 datagram is copied into the data field
of the IPv4 datagram and appropriate address mapping can be done.
4) At IPv6-capable Node-E, the IPv6 datagram is extracted from the
data field of the IPv4 datagram.
5) Finally, IPv6-capable Node-E forwards an IPv6 datagram to IPv6-capable
Node-F.
• Disadvantage: During transition from IPv6 to IPv4, few IPv6-specific fields will be
lost.

Tunneling
• Tunneling is illustrated in the following figure.
• Suppose two IPv6-nodes B and E
→ want to interoperate using IPv6 datagrams and
→ are connected by intervening IPv4 routers.
• The intervening-set of IPv4 routers between two IPv6 routers are referred as a
tunnel.
• Here is how it works:
 On the sending side of the tunnel:
→ IPv6-node B takes & puts the IPv6 datagram in the data field of an
IPv4 datagram.
→ The IPv4 datagram is addressed to the IPv6-node E.
 On the receiving side of the tunnel: The IPv6-node E
→ receives the IPv4 datagram
→ extracts the IPv6 datagram from the data field of the IPv4
datagram and
→ routes the IPv6 datagram to IPv6-node F
 Tunneling

Software Defined Networking (SDN)

Software Defined Networking (SDN) is a new approach to networking that separates

the control plane from the data plane, allowing for more programmable, flexible,
and centralized management of network resources.

Traditional Networking:

Control and data planes are tightly coupled.

Each network device makes independent forwarding decisions.

SDN Approach:

Control plane is centralized in an SDN controller.

Data plane remains in the network devices (switches/routers) which

forward packets based on the controller’s instructions.
Key Components of SDN

Data Plane (Infrastructure Layer):

Handles packet forwarding.

Consists of switches/routers.

Control Plane (SDN Controller):

Centralized logic that controls the network.

Decides how packets should be forwarded.

Application Plane (Application Layer):

Contains network applications that communicate with the SDN

controller (e.g., routing apps, load balancers).

Uses Northbound APIs to interface with the controller.

Figure : A three-layer Software-Defined Networking (SDN) architecture.

Advantages of SDN

Centralized control and management.

Programmability of network behavior via software.

Enhanced flexibility and automation.

Easier implementation of policies and security mechanisms.

 Better network visibility and monitoring.

Southbound and Northbound APIs

Southbound APIs:

Interface between the SDN controller and the data plane devices.

Example: OpenFlow.

Northbound APIs:

Interface between the SDN controller and network applications.

Usually RESTful APIs or vendor-specific APIs.

OpenFlow – The Standard Southbound API

OpenFlow is the first standard communication interface defined between the
control and forwarding layers of an SDN architecture.

What is OpenFlow?

OpenFlow allows an SDN controller to communicate with OpenFlow-enabled

switches to control their packet forwarding tables.

OpenFlow Architecture

An OpenFlow switch consists of:

Flow Table:

Contains flow entries.

Each entry has:

Match fields: e.g., IP address, MAC address, port number.

Counters: Track packet and byte statistics.

Actions: Forward, drop, send to controller, etc.

Secure Channel:

Communication link between the switch and the controller.

OpenFlow Protocol:

Used to install flow entries, receive stats, handle events, etc.

How OpenFlow Works?

A packet arrives at a switch.

The switch checks its flow table.

If a match is found, the action is executed.

If no match is found, the packet is sent to the controller (via Packet-In

message).

The controller decides what to do and sends back instructions (Flow-Mod

message).

The switch updates its flow table accordingly.

OpenFlow Messages

Some commonly used OpenFlow messages:

Packet-In: Sent by switch to controller when it doesn’t know what to do with

a packet.

Flow-Mod: Sent by controller to switch to modify its flow table.

Packet-Out: Tells the switch to send a specific packet out a particular port.

Stats Request/Reply: For monitoring flow stats.

Security in SDN and OpenFlow

Secure communication between controller and switches using TLS.

Potential threats include:

Controller becoming a single point of failure.

Malicious apps misusing control over flows.

Unauthorized access to flow tables.

SDN Use Cases

Data center network virtualization

Traffic engineering

QoS and bandwidth management

Intrusion detection/ systems

5G and IoT network slicing