Lecture3-TCP/IP

The Internet Layer [Link]@[Link]

[Link]@[Link] 1
 TCP/IP Internet provides 3 layers of service

Application services
Transport Services
Connectionless packet delivery service

Internet Protocol (IP RFC-791)

•Layering allows one to replace one service without affecting others
•IP layer (basic unit of transfer in TCP/IP) provides:
•Best-effort (does not discard capriciously), unreliable (no guarantees)
•Packet may be lost, duplicated, out-of-order with no notification
•Connectionless (each packet treated independently)
•IP software provides routing

2
 Addressing and
Delivering

• This physical addressing scheme

works well on an individual LAN
segment.
• A network that consists of only a
few computers on an
uninterrupted medium can
function with nothing more than
physical addresses.
• Data can pass directly from
network adapter to network
adapter using the low-level
protocols associated with the
Network Access layer.

[Link]@[Link] 3
 Unfortunately, on a routed network, it is not possible
to deliver data by physical address.

Addressing The discovery procedures required for delivering by

physical address do not work across a router
and Delivering interface.

Even if they did work, delivery by physical address

would be cumbersome because the permanent
physical address built in to a network card does not
allow you to impose a logical structure on the address
space.
[Link]@[Link] 4
 TCP/IP therefore makes the physical address invisible
and instead organizes the network around a logical,
hierarchical addressing scheme.

Addressing This logical addressing scheme is

maintained by the IP protocol at the
and Delivering Internet layer.

The logical address is called the IP address.

Another Internet layer protocol called Address
Resolution Protocol (ARP) assembles a table that
maps IP addresses to physical addresses.
This ARP table is the link between the IP address and
the physical address burned into the network adapter
card.
[Link]@[Link] 5
 • TCP/IP software uses the following strategy for
sending data on the network:
• If the destination address is on the same
network segment as the source computer,
Addressing the source computer sends the packet
directly to the destination.
and Delivering • The IP address is resolved to a physical
address using ARP, and the data is directed
to the destination network adapter.

[Link]@[Link] 6
 • If the destination address is on a different segment
from the source computer, the following process
begins:
• The datagram is directed to a gateway. A gateway
is a device on the local network segment that is
capable of forwarding a datagram to other
network segments.
The gateway address is resolved to a physical
address using ARP, and the data is sent to the
gateway’s network adapter.
Addressing and • The datagram is routed through the gateway to a
Delivering higher-level network segment where the process is
repeated. If the destination address is on the new
segment, the data is delivered to its destination. If
not, the datagram is sent to another gateway.
• The datagram passes through the chain of
gateways to the destination segment, where the
destination IP address is mapped to a physical
address using ARP and the data is directed to the
destination network adapter.
[Link]@[Link] 8
 • To deliver data on a complex routed network,
the Internet layer protocols must therefore be
able to:
• Identify any computer on the network
• Provide a means for determining when a
message must be sent through the gateway
• Provide a hardware-independent means of
Addressing and identifying the destination network
segment so that the datagram will pass
Delivering efficiently through the routers to the
correct segment
• Provide a means for converting the logical
IP address of the destination computer to a
physical address so that the data can be
delivered to the network adapter of the
destination computer
 The Internet Protocol (IP) provides a
hierarchical, hardware-independent
addressing system and offers the
services necessary for delivering
Internet data on a complex, routed network.
Protocol

Each network adapter on a TCP/IP

network has a unique IP address.

[Link]@[Link] 10
 The Host

Descriptions of TCP/IP often talk about a computer having an IP address.

A computer is sometimes said to have an IP address because most computers

Internet
have only one network adapter.

However, computers with multiple network adapters are also common.

Protocol A computer that is acting as a router or a proxy server, for instance, must have
more than one network adapter and, therefore, has more than one IP address.

The term host is often used for a network device associated with an IP address.

Under some operating systems, it is also possible to assign more than one IP
address to a single network adapter.

[Link]@[Link] 11
 Internet Protocol

• The IP address is therefore

divided into two parts:
• The network ID
• The host ID

[Link]@[Link] 12
Internet Protocol
• The network must provide a means for determining which part of
the IP address is the network ID and which part is the host ID.

• Unfortunately, the variety and complexity of networks in the real

world precludes a simple, one-size-fits-all solution to this
problem.

• Big networks must reserve a large number of host bits for their
large number of hosts.
• Small networks do not need many bits to give each host a unique
ID; however, the vast number of small networks means that more
bits of the IP address are necessary for the network ID.

[Link]@[Link] 13
• Original solution to this problem was to divide the IP
address space into a series of address classes.
• Class A networks used the first 8 bits of the address for
the network ID;
• Class B used the first 16 bits;
• Class C networks used the first 24 bits. This system was
extended through a feature called subnetting to provide
greater control at the local level for structuring the
network.

Internet Protocol
[Link]@[Link] 14
 A more recent technique known as
classless interdomain routing
(CIDR) essentially renders the
address class system unnecessary.
Internet
Protocol CIDR, which is now quite common
on the Internet, offers a simple,
flexible, and unambiguous
notation for allocating blocks of IP
addresses.

[Link]@[Link] 15
 • Every IP datagram begins with an IP header.
• The TCP/IP software on the source computer
constructs the IP header.
• The TCP/IP software at the destination uses the
information enclosed in the IP header to
IP Header process the datagram.
Fields • The IP header contains a great deal of
information, including the IP addresses of the
source and destination computers, the length of
the datagram, the IP version number, and
special instructions to routers.

[Link]@[Link] 16
• Basic transfer unit
Datagram header Datagram data area

• Format of Internet datagram

0 4 8 16 19 24 31
Vers Hlen Type of serv. Total length
Identification Flags Fragment offset
TTL Protocol Header Checksum
Source IP address
Destination IP address
IP Options (if any) Padding
Data
…
17
IP datagram format (cont.)
• Vers (4 bits): version of IP protocol (IPv4=4)
• Hlen (4 bits): Header length in 32 bit words, without options (usual case) = 20
• Type of Service – TOS (8 bits): little used in past, now being used for QoS
• Total length (16 bits): length of datagram in bytes, includes header and data
• Time to live – TTL (8bits): specifies how long datagram is allowed to remain in
internet
• Routers decrement by 1
• When TTL = 0 router discards datagram
• Prevents infinite loops
• Protocol (8 bits): specifies the format of the data area
• Protocol numbers administered by central authority to guarantee agreement, e.g. TCP=6,
UDP=17 …

18
IP Header Fields
• Version: This 4-bit field indicates which version of IP is being used.
The current version of IP is 4. The binary pattern for 4 is 0100.
• IHL (Internet Header Length): This 4-bit field gives the length of
the IP header in 32-bit words. The minimum header length is five
32-bit words. The binary pattern for 5 is 0101.
• Type of Service: The source IP can designate special routing
information. Some routers ignore the Type of Service field,
although this field recently has received more attention with the
emergence of quality of service (QoS) technologies. The primary
purpose of this 8-bit field is to provide a means of prioritizing
datagrams that are waiting to pass through a router. Most
implementations of IP today simply put all 0s in this field.
• Total Length: This 16-bit field identifies the length, in octets, of
the IP data- gram. This length includes the IP header and the data
payload.
[Link]@[Link] 19
 Identification: This 16-bit field is an incrementing sequence
number assigned to messages sent by the source IP.
When a message is sent to the IP layer and it is too large to fit
in one datagram, IP fragments the message into multiple
datagrams, giving all datagrams the same identification
number.
This number is used on the receiving end to reassemble the
original message.
IP Header
Fields Flags: The Flags field indicates fragmentation possibilities. The
first bit is unused and should always have a value of 0. The
next bit is called the DF (Don’t Fragment) flag. The DF flag
signifies whether fragmentation is allowed (value = 0) or not
(value = 1).
The next bit is the MF (More Fragments) flag, which tells the
receiver that more fragments are on the way. When MF is set
to 0, no more fragments need to be sent or the data- gram
never was fragmented.

[Link]@[Link] 20
 Fragment Offset: This 13-bit field is a numeric value
assigned to each successive fragment. IP at the destination
uses the fragment offset to reassemble the fragments into
the proper order. The offset value found here expresses
the offset as a number of 8-byte units.

Time To Live (TTL): This bit field indicates the amount of

IP Header time in seconds or router hops that the datagram can

survive before being discarded. Every router examines and
decrements this field by at least 1, or by the number of
Fields seconds the datagram is delayed inside the router. The
datagram is discarded when this field reaches 0.
A hop represents the number of routers a datagram must
cross on the way to its destination. If a datagram passes
through five routers before arriving at its destination, the
destination is said to be five hops, or five router hops,
away.

[Link]@[Link] 21
 Protocol Name Protocol Identifier

IP Header Fields ICMP 1

TCP 6

UDP 17
• Protocol: The 8-bit Protocol
field indicates the protocol
that will receive the data
payload. A datagram with
the protocol identifier 6
(binary 00000110) is passed
up the stack to the TCP
module, for example. The
following are some common
protocol values:

[Link]@[Link] 22
 Source & destination IP
address (32 bits each):
contain IP address of sender
and intended recipient
IP Datagram
format (cont.)
Options (variable length):
Mainly used to record a
route, or timestamps, or
specify routing
23
 Header Checksum: This field holds a 16-bit calculated value to verify
the validity of the header only. This field is recomputed in every
router as the TTL field decrements.

Source IP Address: This 32-bit field holds the address of the source of
the datagram.

IP Header
Fields Destination IP Address: This 32-bit field holds the destination address
of the datagram and is used by the destination IP to verify correct
delivery.

IP Options: This field supports a number of optional header settings

pri- marily used for testing, debugging, and security. Options include
Strict Source Route (a specific path router path that the datagram
should follow), Internet Timestamp (a record of timestamps at each
router), and security restrictions.

[Link]@[Link] 24
 Padding: The IP Options field may vary in
length. The Padding field provides additional
0 bits so that the total header length is an
exact multiple of 32 bits. (The header must
end after a 32-bit word because the IHL field
measures the header length in 32-bit words.)
IP Header
Fields IP Data Payload: This field typically contains
data destined for delivery to TCP or UDP (in
the Transport layer), ICMP, or IGMP. The
amount of data is variable but could include
thousands of bytes.

[Link]@[Link] 25
Dotted Decimal Notation
• IP addresses are written in a so-called dotted decimal notation
• Each byte is identified by a decimal number in the range [0..255]:

•
10000000 10001111 10001001 10010000
1st Byte 2nd Byte 3rd Byte 4th Byte
= 128 = 143 = 137 = 144

[Link]
 An IP address is a 32-bit binary address. This 32-bit address
is subdivided into four 8- bit segments called octets.

Humans do not work well with 32-bit binary addresses or

even 8-bit binary octets, so the IP address is almost always
expressed in what is called dotted-decimal format.

IP Addressing In dotted-decimal format, each octet is given as an

equivalent decimal number. The four decimal values (4 x 8
= 32 bits) are then separated with periods.

Eight binary bits can represent any whole number from 0

to 255, so the segments of a dotted-decimal address are
decimal numbers from 0 to 255.

You have probably seen examples of dotted-decimal IP

addresses on your computer. A dotted-decimal IP address
looks like this: [Link].

[Link]@[Link] 27
Network prefix and Host number
• The network prefix identifies a network and the host number
identifies a specific host (actually, interface on the network).
network prefix host number

• How do we know how long the network prefix is?

1. The network prefix is implicitly defined (see class-based addressing)
2. The network prefix is indicated by a netmask.
 • Part of the IP address is used for the network ID, and part of the
address is used for the host ID through a system of address
classes.
• Although the more recent CIDR classless addressing has reduced
the importance of the class system, address classes are still
important enough to describe here as a starting point for
understanding addressing in TCP/IP.
IP Addressing • The address class system divides the IP address space into
address classes. Most IP addresses fall into the following classes:
• Class A addresses: The first 8 bits of the IP address are used
for the network ID. The final 24 bits are used for the host ID.
• Class B addresses: The first 16 bits of the IP address are used
for the net- work ID. The final 16 bits are used for the host ID.
• Class C addresses: The first 24 bits of the IP address are used
for the net- work ID. The final 8 bits are used for the host ID.

[Link]@[Link] 29
 More bits lead to more bit combinations. As you
might guess, the Class A format provides a small
number of possible network IDs and a huge
number of possible host IDs for each network.

A Class A network can support approximately 224,

IP Addressing or 16,777,216 hosts.

A Class C network, on the other hand, can provide

host IDs for only a small number of hosts (254,
which is 28, or 256, minus the unusable all 0s and
all 1s addresses), but many more combinations of
network IDs are available in the Class C format.

[Link]@[Link] 30
IP Addressing

• The designers of TCP/IP wrote the address rules such that the class of an address
is obvious from the address itself. The first few bits of the binary address specify
whether the address should be interpreted as a Class A, Class B, or Class C
address.
• The rules for interpreting addresses are as follows:
• If the 32-bit binary address starts with a 0 bit, the address is a Class A address.
• If the 32-bit binary address starts with the bits 10, the address is a Class B
address.
• If the 32-bit binary address starts with the bits 110, the address is a Class C
address.

[Link]@[Link] 31
The old way: Internet Address Classes

bit # 0 1 7 8 31

Class A 0
Network Prefix Host Number
8 bits 24 bits

bit # 0 1 2 15 16 31

Class B 10 network id host

Network Prefix Host Number

16 bits 16 bits

bit # 0 1 2 3 23 24 31

Class C 110 network id host

Network Prefix Host Number

24 bits 8 bits
The old way: Internet Address Classes
bit # 0 1 2 3 4 31

Class D 1110 multicast group id

bit # 0 1 2 3 4 5 31

Class E 11110 (reserved for future use)

IP
Adressing

[Link]@[Link] 34
 Classes D and E

The Internet specifications also define special-purpose Class D and

Class E addresses.

IP Addressing Class D addresses are used for multicasting. A multicast is a single message
sent to a subset of the network, as opposed to a broadcast, which is
processed by all nodes on the local net. The four leftmost bits of a Class D
network address always start with the binary pattern 1110, which
corresponds to decimal numbers 224 through 239.

Class E networks are considered experimental and are not normally

used in production environments. The five leftmost bits of a Class E
network always start with the binary pattern 11110, which
corresponds to decimal numbers 240 through 247.

[Link]@[Link] 35
 A few IP addresses have special meanings and are not assigned to
specific hosts. An all-0 host ID refers to the network itself.

Special IP
For instance, the IP address [Link] refers to the Class B network
with the network ID 129.152.

Addresses An all-1s host ID signifies a broadcast. A broadcast is a message sent to

all hosts on the network.

The IP address [Link] is the broadcast address for the Class B

network with the network ID 129.152. (Note that the dotted-decimal
term 255 corresponds to the all-ones binary octet 11111111.)

The address [Link] can also be used for broadcast on the

network.

[Link]@[Link] 36
 Addresses beginning with the decimal number 127 are loopback addresses.

A message addressed to a loopback address is sent by the local TCP/IP

software to itself. The loopback address is used to verify that the TCP/IP
software is functioning.

Special IP
The loopback address [Link] is commonly used.

Addresses Because the private address ranges don’t have to be synchronized with the
rest of the world, the complete address range is available for any network.

A network administrator using these private addresses has more room for
subnetting, and many more assignable addresses.

The address range [Link] to [Link] is reserved for

autoconfiguration.
 The original classful address scheme had a
number of problems

Problems with Problem 1. Too few

Classful IP
Class A and Class
network addresses for B addresses are
large networks gone

Addresses
Problem 2. Two-layer
hierarchy is not
Fix #1:
appropriate for large Subnetting
networks with Class A and
Class B addresses.
 Problem 3. The Internet is going to
Problems with outgrow the 32-bit addresses
Classful IP Addresses
• Fix #3: IP Version 6
 Problem 3. The Internet is going to
Problems with outgrow the 32-bit addresses
Classful IP Addresses
• Fix #3: IP Version 6
 • CIDR notation of a network address:
[Link]/18
• "18" says that the first 18 bits are
the network part of the address
(and 14 bits are available for
specific host addresses)
CIDR Example • The network part is called the prefix
• Assume that a site requires a network
address with 1000 addresses
• With CIDR, the network is assigned a
continuous block of 1024 addresses with a
22-bit long
prefix
 CIDR Block Prefix # of Host Addresses

/27 32 hosts

/26 64 hosts

/25 128 hosts

/24 256 hosts

/23 512 hosts

CIDR: Prefix /22 1,024 hosts

Size vs. /21

/20
2,048 hosts

4,096 hosts

Network Size /19

/18
8,192 hosts

16,384 hosts

/17 32,768 hosts

/16 65,536 hosts

/15 131,072 hosts

/14 262,144 hosts

/13 524,288 hosts

 • Example 1:
• A classless address is given as
[Link]/27
• What is the number of
addresses, the first address and
Examples the last address in the network?
• Solution: n=27
Number of addresses = 2 32 – n =
25 =32 addresses
 • First address
• Address [Link]/27
10100111 11000111 10101010
01010010
• First Address [Link]
10100111 11000111 10101010
Example 1 01000000
• Last Address [Link]
10100111 11000111 10101010
01011111
 • In classless addressing, an address
cannot per se define the block the
address belongs to.
• For example, the address [Link]
can belong to many blocks.
• Prefix length 16: block: [Link] -
Example 2 [Link]
• Prefix length 20: block: [Link] –
[Link]
• Prefix length 26: block: [Link] –
[Link]
• …….
 • Block allocation is given to a global
authority called Internet Corporation of
Assigned Names and Numbers (ICANN).
• ICANN assigns a large block of addresses to
an ISP.
• In CIDR, two restrictions need to be applied
to the allocated block.
• The number of requested addresses, N,
Block Allocation needs to be a power of 2. The reason
that N = 232-n , where N the number of
addresses and n the network prefix.
Since n = 32-Log2N, which should be
integer.
• The block addresses should be
contiguous
 • An ISP has requested a block of 1000
addresses. What is the prefix length?
• Since 1000 is not a power of 2, 1024
addresses are granted.
Example 3 • The prefix length n = 32-log21024 =
22. i.e. An available block
[Link]/22 could be granted to
the ISP.
IP Fragmentation
• How do we send a datagram of say 1400 bytes through a link that has a
Maximum Transfer Unit (MTU) of say 620 bytes?
• Answer the datagram is broken into fragments

Net 1 Net 3
MTU=1500 Net 2 MTU=1500
MTU=620

• Router fragments 1400 byte datagrams

• Into 600 bytes, 600 bytes, 200bytes (note 20 bytes for IP header)
• Routers do NOT reassemble, up to end host

48
 Identification: copied into fragment, allows destination to know
which fragments belong to which datagram

Fragment Offset (12 bits): specifies the offset in the original

datagram of the data being carried in the fragment
• Measured in units of 8 bytes starting at 0

Fragmentation Flags (3 bits): control fragmentation

Control • Reserved (0-th bit)

• Don’t Fragment – DF (1st bit):
• useful for simple (computer bootstrap) application that can’t handle
• also used for MTU discovery (see later)
• if need to fragment and can’t router discards & sends error to source
• More Fragments (least sig bit): tells receiver it has got last fragment

TCP traffic is hardly ever fragmented (due to use of MTU

discovery). About 0.5% - 0.1% of TCP packets are fragmented .

49
 composition
Fragment
series
Offset=0 Offset=1480 Offset=2960 Offset=3440
More frags More frags More frags Last frag

NB. If data segment contains its own header that is not replicated
50
Address Resolution Protocol

• The computers on a local network use an Internet layer protocol

called Address Resolution Protocol (ARP) to map IP addresses to
physical addresses.
• A host must know the physical address of the destination network
adapter to send any data to it.
• For this reason, ARP is an important protocol.
• TCP/IP is implemented in such a way that ARP and all the details of
physical address translation are almost totally invisible to the user.
• As far as the user is concerned, a network adapter is identified by its
IP address.
• The IP address must be mapped to a physical address for a message
to reach its destination
 Each host on a network segment maintains a table in
memory called the ARP table or ARP cache.

Address The ARP cache associates the IP addresses of other hosts on

the network segment with physical addresses.

Resolution When a host needs to send data to another host on the

Protocol segment, the host checks the ARP cache to determine the
physical address of the recipient.

The ARP cache is assembled dynamically. If the address that

is to receive the data is not currently listed in the ARP cache,
the host sends a broadcast called an ARP request frame.

[Link]@[Link] 52
[Link]@[Link] 53
 The ARP request frame contains the unresolved IP
address.

The ARP request frame also contains the IP address and

physical address of the host that sent the request.
Address
Resolution The other hosts on the network segment receive the
Protocol ARP request, and the host that owns the unresolved IP
address responds by sending its physical address to the
host that sent the request.
The newly resolved IP address-to-physical address
mapping is then added to the ARP cache of the
requesting host

[Link]@[Link] 54
 RARP stands for Reverse ARP. RARP is the opposite of ARP. ARP is used
when the IP address is known but the physical address is not known.
RARP is used when the physical address is known but the IP address is
not known.
RARP is often used in conjunction with the BOOTP protocol to boot
diskless workstations.

Reverse ARP Many network adapters contain an empty socket for insertion of an
integrated circuit known as a boot PROM.

The boot PROM firmware starts as soon as the computer is powered

on. It loads an operating system into the computer by reading it from
a network server instead of a local disk drive.

The operating system downloaded to the BOOTP device is

preconfigured for a specific IP address.

[Link]@[Link] 55
 Data sent to a remote computer often travels
through one or more routers; these routers can
encounter a number of problems in sending the
message to its ultimate destination.
Internet
Control Routers use Internet Control Message Protocol
(ICMP) messages to notify the source IP of these
Message problems.

Protocol
ICMP is also used for other diagnosis and
troubleshooting functions.

[Link]@[Link] 56
Internet Control Message Protocol
• Echo Request and Echo Reply: ICMP is often used during testing.
• A technician who uses the ping command to check connectivity with another host is
using ICMP.
• The ping command sends a datagram to an IP address and requests the destination
computer to return the data sent in a response datagram.
• The commands actually used by ping are the ICMP Echo Request and Echo Reply.
• Source Quench: If a fast computer is sending large amounts of data to a remote
computer, the volume can overwhelm the router.
• The router might use ICMP to send a Source Quench message to the source IP to ask
it to slow down the rate at which it is shipping data.
• If necessary, additional source quenches can be sent to the source IP.

[Link]@[Link] 57
Internet Control Message Protocol
• Destination Unreachable: If a router receives a datagram that cannot be
delivered, ICMP returns a Destination Unreachable message to the source IP.
• One reason that a router cannot deliver a message is a network that is down
because of equipment failure or maintenance.
• Time Exceeded: ICMP sends this message to the source IP if a datagram is
discarded because TTL reaches 0.
• This indicates that the destination is too many router hops away to reach with
the current TTL value, or it indicates router table problems that cause the
datagram to loop through the same routers continuously

[Link]@[Link] 58
 • A routing loop occurs when a datagram circulates
endlessly and never reaches its destination.
• Suppose three routers are located in Los Angeles,
San Francisco, and Denver. The Los Angeles router
sends datagrams to San Francisco, which sends them
Internet to Denver, which sends them back to Los Angeles
again. The data- gram becomes trapped and will
Control circulate continuously through these three routers
until the TTL reaches 0. A routing loop should not
Message occur, but occasionally it does. Routing loops
sometimes occur when a network administrator

Protocol places static routing entries in a routing table.

• Fragmentation Needed: ICMP sends this message if it
receives a datagram with the Don’t Fragment bit set and
if the router needs to fragment the datagram to forward
it to the next router or the destination.

[Link]@[Link] 59
 • A number of other protocols also inhabit the
Internet layer. Some of these other protocols, such
as Border Gateway Protocol (BGP) and Routing
Information Protocol (RIP), facilitate the routing
Other Internet process.
• The IPsec protocols, which are optional in IPv4 but
Layer are an integral part of IPv6, operate at the Internet
layer to provide secure encrypted communication.
Protocols • Other Internet layer protocols assist with tasks such
as multicasting. As mentioned earlier, the Internet
protocol layer is known in OSI shorthand as Layer 3.
• Any protocol referred to as a Layer 3 protocol is
operating at the Internet layer.

[Link]@[Link] 60
 Q. What common address notation is used to simplify a 32-bit
binary address?
A. Dotted-decimal notation.

Q. ARP returns what type of information when given an IP

address?
A. The corresponding physical (or MAC) address.
Q&A
Q. If a router is unable to keep up with the volume of traffic,
what type of ICMP message is sent to the source IP?
A. A Source Quench message.

Q. What class does an IP address belong to that starts with the

binary pattern 110 as the 3 leftmost bits?
A Class C network.

[Link]@[Link] 61
 • What is the purpose of the TTL field in the IP
header?
• How big are the network and host ID fields
for a Class A address?
Quiz • What is an octet?
• What is the IP address an address of?
• What is the difference between ARP and
RARP?

[Link]@[Link] 62
Exercises

• Convert the following 32-bit IP addresses into dotted-decimal notation:

[Link]@[Link] 63
 • Address Class: A classification system for IP
addresses. The network class determines how the
address is subdivided into a network ID and host
ID.
• Address Resolution Protocol (ARP): A key Internet
layer protocol used to obtain the physical address
associated with an IP address. ARP maintains a
cache of recently resolved physical address-to-IP
Key Terms address pairs.
• BOOTP: A protocol used to boot a computer or
other network device from a remote location.
• Dotted Decimal: Base 10 representation of a
binary IP address using 4 numerals representing
the 4 octets of the original address, separated by
periods ([Link]).
• Host ID: A portion of the IP address that refers to a
node on the network. Each node within a network
should have an IP address that contains a unique
host ID.
[Link]@[Link] 64
 • Internet Control Message Protocol (ICMP): A key
Internet layer protocol used by routers to send messages
that inform the source IP of routing problems. ICMP is
also used by the ping command to determine the status
of other hosts on the network.
• Internet Protocol (IP): A key Internet layer protocol used
for addressing, delivering, and routing datagrams.
• Multicast: A technique that allows datagrams to be
delivered to a group of hosts simultaneously.
Key Terms • Network ID: A portion of the IP address that identifies
the network.
• Octet: An eight-digit binary number.
• Reverse Address Resolution Protocol (RARP): A TCP/IP
protocol that returns an IP address if given a physical
address. This protocol is typically used by a diskless
workstation that has a remote boot PROM installed in its
network adapter.
• Subnet: A logical division of a TCP/IP address space.
[Link]@[Link] 65
IP Addressing &
Subnetting
IP Addressing
Subnetting
VLSM
CIDR
Subnetting
• Problem: Organizations
have multiple networks
which are independently University Network
managed
• Solution 1: Allocate one or more Engineering Medical
addresses for each network School School
• Difficult to manage
• From the outside of the
organization, each network Library
must be addressable.
• Solution 2: Add another level
of hierarchy to the IP
addressing structure

Subnetting
CIDR and Routing Information
Company X :

ISP X owns: [Link]/22

[Link]/18
[Link]/15
[Link]/21
Internet Backbone

ISP y :
[Link]/24

Organization z1 : Organization z2 :
[Link]/26 [Link]/26
CIDR and Routing Information
Backbone routers do not know
anything about Company X, ISP
Y, or Organizations z1, z2.
Company X :

ISPISP X owns:
y sends [Link]/22
everything which matches
ISP X does not know about
Organizations z1, z2. the prefix:
[Link]/18
[Link]/26 to Organizations z1
[Link]/15
[Link]/26 to Organizations z2
[Link]/21
Internet Backbone
ISP X sends everything which
matches the prefix: ISP y :
[Link]/22 to Company X,
[Link]/24 to ISP y [Link]/24

Backbone sends everything

which matches the prefixes
Organization z1 : Organization z2 :
[Link]/18, [Link]/15,
[Link]/21 to ISP X. [Link]/26 [Link]/26
 Subnetting evolved as a means for using IP
addressing to break up a physical network into
smaller logical entities called subnets.

What is it ?
Later developments, such as classless
interdomain routing and IPv6 have reduced the
need for the classical approach to subnetting,
but these later techniques borrow from the
basic subnetting principles, and no discussion of
TCP/IP is complete without a description of
subnetting.

[Link]@[Link] 70
 Datagrams arrive efficiently
Dividing the Network at the gateway and pass into
the [Link] address space.
However, the picture gets
more complicated when you
consider how to deliver the
datagram after it passes into
the [Link] address space.
A Class A network has room
for over 16 million host IDs.

[Link]@[Link] 71
 • With subnetting, IP addresses use a 3-
layer hierarchy:
• Network
• Subnet
Advantages of • Host
Subnetting • Reduces router complexity. Since
external routers do not know about
subnetting, the complexity of routing
tables at external routers is reduced.
 An organization of ISP that is granted a range
of addresses may divide the range into
several subranges and assign each subrange
to a subnetwork(or subnet).

Designing A subnetwork can be divided into several

Subnets sub-subnetworks.

The subnetwork in a network should be

carefully designed to enable the routing of
packets.
• The routers can deliver a
datagram to a subnet
address within the network
(generally corresponding to
a network segment),
• and when the datagram
reaches the subnet, it can
be resolved to a physical
address using ARP
Organizing the
network for
efficient delivery.

• A parameter called
the subnet mask
tells how much of
the address should
be used for the
subnet ID and how
much is left for the
actual host ID.
 Subnet Mask

• The subnet mask uses a 1

for every bit in the IP
address that is part of the
network ID or subnet ID.
• The subnet mask uses a 0 to
designate any bit in the IP
address that is part of the
host ID.
 An IP address is an address used to uniquely
identify a device on an IP network.

The address is made up of 32 binary bits which

can be divisible into a network portion and host
portion with the help of a subnet mask.
IP Addresses
32 binary bits are broken into four octets (1
octet = 8 bits)

Dotted decimal format (for example,

[Link])
IP Address
Classes
 Class A: The first octet is the
network portion. Octets 2, 3,
and 4 are for subnets/hosts

IP Address Class B: The first two octets are

the network portion. Octets 3
Classes and 4 are for subnets/hosts

Class C: The first three octets are

the network portion. Octet 4 is
for subnets/hosts
 Private Address Range

Address Class Reserved Address Space

Class A [Link] - [Link]
Class B [Link] - [Link]

Class C [Link] -
[Link]
The number of addresses in each
subnetwork should be a power of 2.

The prefix length for each subnetwork

should be found using the following
formula:

nsub = 32-log2 Nsub

Assign addresses to larger subnetworks

first.
 Distinguishes which portion of the
address identifies the network and
which portion of the address
identifies the node.

Network
Masks Default masks:

• Class A: [Link]
• Class B: [Link]
• Class C: [Link]
 Creates multiple logical networks
that exist within a single Class A, B,
or C network.

If you do not subnet, you will only

be able to use one network from
Subnetting your Class A, B, or C network, which
is unrealistic

Each data link on a network must

have a unique network ID, with
every node on that link being a
member of the same network
 Reduced network traffic

Optimized network performance

Benefits of
Subnetting
Simplified management

Facilitated spanning of large

geographical distances
 This command allows you to use
the first and last subnet in your
network design.

IP Subnet-Zero
For example, the Class C mask of
192 provides subnets 64 and 128,
but with the IP subnet-zero
command, you now get to use
subnets 0, 64, 128, and 192
 Determine the
• One for each subnet
number of
• One for each wide area network
required connection
network IDs:

How to Determine the

number of
create
• One for each TCP/IP host
required host • One for each router interface
IDs per subnet:
subnets
Based on the
above • One subnet mask for your entire network
• A unique subnet ID for each physical
requirements, segment
create the • A range of host IDs for each subnet
following:
 How many subnets does the chosen
subnet mask produce?

How many valid hosts per subnet are

available?
Subnetting a
Class A/B/C What are the valid subnets?

Address What’s the broadcast address of each

subnet?

What are the valid hosts in each subnet?

 How many subnets? Since 128 is 1 bit on (10000000), the answer
would be 21= 2.

How many hosts per subnet? We have 7 host bits

off (10000000), so the equation would be 27– 2 =
126 hosts.

Practice Example #1C:

[Link] (/25)
What are the valid subnets? 256 – 128 = 128. Remember, we’ll
start at zero and count in our block size, so our subnets are 0, 128.

Network [Link] What’s the broadcast address for each subnet? The number right
before the value of the next subnet is all host bits turned on and
equals the broadcast address. For the zero subnet, the next subnet
is 128, so the broadcast of the 0 subnet is 127.

What are the valid hosts? These are the numbers between the
subnet and broadcast address
Logical Network Implementation
.2 .3 .130 .131

[Link] .1 .129 [Link]

 • An organization is granted a block of
addresses with the beginning address
[Link]/24. The organization needs
to have 3 subblocks to use in three
Example subnets:
• One subblock of 10 addresses
• One subblock of 60 addresses,
• One subblock of 120 addresses.
 There are 232 – 24 = 256 addresses.

First address is [Link]

Last address is [Link]

To assign subnets, start with the larger block.

Cont. 120 is not a power of 2, we allocate 128 addresses.

(subnet mask) n1 = 32-log2128 = 25,

• the first address in this block is [Link]/25
• The last address is [Link]/25
 Number of addresses in the second block,
which requires 60 addresses, is 64 since 60 is
not a power of 2.

n2 =32- log2 64 = 26

Cont.
The first address is [Link]/26

The last address is [Link]/26

 The number of
addresses in the
The subnet mask
smallest block is
n3 = 32-log216
10, we allocate
=28.
16 since 10 is not
a power of 2.

Cont.
The first address The last address
is is
[Link]/28 [Link]/28
The sum of addresses in the subnets
is 208 addresses, which means 48
addresses are left in reserve. The first
address in the range is [Link]
and the last address is [Link].

We don’t know about the prefix

length yet.
Practice Example #2C: [Link] (/27)
Network [Link]

 How many subnets? 224 is 11100000, so our equation would be 23 = 8.

 How many hosts? 25– 2 = 30.
 What are the valid subnets? 256 – 224 = 32. We just start at zero and count to the subnet mask
value in blocks (increments) of 32: 0, 32, 64, 96, 128, 160, 192, and 224.
 What’s the broadcast address for each subnet (always the number right before the next
subnet)?
 What are the valid hosts (the numbers between the subnet number and the broadcast address)?
 Subnet 0 32 …………. 192 224
Address

First Host 1 33 193 225

Last Host 30 62 222 254

Broadcast 31 63 223 255

Address

Practice Example #2C: [Link] (/27)

Network [Link]
Practice Example #1B: [Link] (/17)
Network [Link]

 Subnets? 21 = 2
 Hosts? 215– 2 = 32,766 (7 bits in the third octet, and 8 in the fourth)
 Valid subnets? 256 – 128 = 128. 0, 128. Remember that subnetting is performed in the third
octet, so the subnet numbers are really 0.0 and 128.0, as shown in the next table
 Broadcast address for each subnet?
 Valid hosts?
Practice Example #1B: [Link] (/17)
Network [Link]

Subnet 0.0 128.0

First Host 0.1 128.1
Last Host 127.254 255.254
Broadcast 127.255 255.255
 Subnets? 24= 16.

Practice Hosts? 212 – 2 = 4094.

Example #2B:
[Link] Valid subnets? 256 – 240 = 0, 16, 32, 48,
(/20) etc., up to 240.

Network Broadcast address for each subnet?

[Link]
Valid hosts?
Practice Example #2B: [Link] (/20)
Network [Link]

Subnet 0.0 16.0 ……….. 240.0

First Host 0.1 16.1 240.1
Last Host 15.254 31.254 255.254
Broadcast 15.255 31.255 255.255
Variable Length
Subnet
Mask(VLSM)
Subnet with
requirements
shown?
 5 subnets needed
Variable Can be assigned as follows:
Length • netA: [Link]/27 host address range 1
Subnet to 30
• netB: [Link]/27 host address range
Mask(VLSM) 33 to 62
Subnet with • netC: [Link]/27 host address range
65 to 94
requirements • netD: [Link]/27 host address range
shown? 97 to 126
• netE: [Link]/27 host address range
129 to 158
Variable Length Subnet Mask(VLSM)
Subnet with requirements shown?
 Given the same network and requirements as in
Sample Exercise 1 develop a subnetting scheme using
Variable VLSM, given:

Length • netA: must support 14 hosts

• netB: must support 28 hosts

Subnet • netC: must support 2 hosts

• netD: must support 7 hosts

Mask(VLSM) • netE: must support 28 host

Subnet with Determine what mask allows the required number of

hosts.
requirements • netA: requires a /28 ([Link]) mask to support 14 hosts

shown? • netB: requires a /27 ([Link]) mask to support 28 hosts

• netC: requires a /30 ([Link]) mask to support 2 hosts
• netD: requires a /28 ([Link]) mask to support 7 hosts
• netE: requires a /27 ([Link]) mask to support 28 hosts
Variable Length Subnet Mask(VLSM)
Subnet with requirements shown?

 The easiest way to assign the subnets is to assign the largest first. For example, you can assign in
this manner:
◦ netB: [Link]/27 host address range 1 to 30
◦ netE: [Link]/27 host address range 33 to 62
◦ netA: [Link]/28 host address range 65 to 78
◦ netD: [Link]/28 host address range 81 to 94
◦ netC: [Link]/30 host address range 97 to 98
Variable Length
Subnet
Mask(VLSM)
Subnet with
requirements
shown?
 Classless Interdomain Routing

Improve address space utilization

CIDR
Routing scalability in the Internet

For example, if an ISP owns network [Link]/16, then

the ISP can offer [Link]/24, [Link]/24,and so on to
customers. Yet, when advertising to other providers, the ISP
only needs to advertise [Link]/16
The Address Resolution
Protocol (ARP)
 • MAC addresses 109

• Hard-coded in read-only memory when adaptor is built

• Like a social security number
• Flat name space of 48 bits (e.g., 00-0E-9B-6E-49-76)
• Portable, and can stay the same as the host moves
• Used to get packet between interfaces on same network
[To guide delivery between two hosts, two routers, and a
host and router within a single subnet]
MAC Address • IP addresses
vs. IP Address • Configured, or learned dynamically
• Like a postal mailing address
• Hierarchical name space of 32 bits (e.g., [Link])
• Not portable, and depends on where the host is attached
• Used to get a packet to destination IP subnet [To guide
delivery to destination host across the Internet (across
multiple networks)]
Address Resolution
• Problem
• Router knows that destination host is on its subnet
based on the IP address of an arriving packet
• Does not know the destination host’s subnet
address, so cannot deliver the packet across the
subnet

Destination Host
[Link]
Subnet
subnet address?
Address Resolution Protocol (ARP)
• Router creates an ARP Request message to be
sent to all hosts on the subnet.
• Address resolution protocol message asks “Who has
IP address [Link]?”
• Passes ARP request to data link layer process for
delivery

Subnet
ARP Request
Address Resolution Protocol (ARP)
• Data link process of router broadcasts the ARP
Request message to all hosts on the subnet.
• On a LAN, MAC address of 48 ones tells all stations
to pay attention to the frame

Subnet
ARP Request
Address Resolution Protocol (ARP)
• Host with IP address [Link] responds
• Internet process creates an ARP response message
• Contains the destination host’s subnet address (48-
bit MAC address on a LAN)

ARP Response

Subnet
Address Resolution Protocol (ARP)
• Router delivers the IP packet to the destination
host
• Places the IP packet in the subnet frame
• Puts the destination host’s subnet address in the
destination address field of the frame

Deliver IP Packet
within a subnet frame

Subnet
Address Resolution Protocol
• ARP Requests and Responses are sent between the internet layer
processes on the router and the destination host

ARP
Router Destination Host
Request
Internet Internet
Process Process
ARP
Response
Address Resolution Protocol
• However, the data link processes deliver these
ARP packets
• Router broadcasts the ARP Request
• Destination host sends ARP response to the subnet
source address found in the broadcast frame

Router Destination Host

Internet Internet
Process Broadcast ARP Request Process
Data Link Data Link
Process Process
Direct ARP Response
Example: A Sending a Packet to B
How does host A send an IP packet to host B?

R
B

A sends packet to R, and R sends packet to B. 117

Host A Decides to Send Through R
• Host A constructs an IP packet to send to B
• Source [Link], destination [Link]
• Host A has a gateway router R
• Used to reach destinations outside of [Link]/24
• Address [Link] for R learned via DHCP

R
118 B
 A
Host A Sends Packet • Host A learns the MAC address of R’s interface
• ARP request: broadcast request for [Link]

Through R
• ARP response: R responds with E6-E9-00-17-BB-4B
• Host A encapsulates the packet and sends to R

R
B 119
 • Router R’s adaptor receives the packet
A
R Decides how to • R extracts the IP packet from the Ethernet frame
• R sees the IP packet is destined to [Link]

Forward Packet • Router R consults its forwarding table

• Packet matches [Link]/24 via other adaptor
R
B 120
R Sends Packet to B
• Router R’s learns the MAC address of host B
• ARP request: broadcast request for [Link]
• ARP response: B responds with 49-BD-D2-C7-56-2A
• Router R encapsulates the packet and sends to B

R
121 B
The Transmission Control
Protocol (TCP)
TCP Segment and UDP Datagram
Bit 0 TCP Segment Bit 31

Source Port Number (16 bits) Destination Port Number (16 bits)

Sequence Number (32 bits)

Acknowledgment Number (32 bits)

Header Reserved Flag Fields Window Size

Length The(6source
bits) and destination
(6 bits) port(16 bits)
numbers
(4 bits) specify a particular application on the
source and destination multitasking computers
TCP Checksum (16 bits)
(Discussed later) Urgent Pointer (16 bits)

Flag fields are one-bit fields. They include SYN, ACK, FIN,
Sequence numbers are 32 bits long.
and RST.
So are acknowledgment numbers.
TCP Segment and UDP Datagram

Bit 0 Flags are one-bit TCP Segment

fields. Bit 31
If a flag’s value is 1, it is “set”.
Source Port Number (16 bits) Destination Port Number (16 bits)
If a flag’s value is 0, it is “not set.”
TCP has six flags
Sequence Number (32 bits)
If the TCP Checksum field’s value is correct,
TheNumber
Acknowledgment receiving(32
process
bits) sends back an acknowledgment.

Header Reserved Flag Fields Window Size

Length (6 bits) (6 bits) (16 bits)
(4 bits)

TCP Checksum (16 bits) Urgent Pointer (16 bits)

Bit 0 TCP Segment Bit 31

Source Port Number (16 bits) Destination Port Number (16 bits)

Sequence Number (32 bits)

Acknowledgment Number (32 bits)

Header Reserved Flag Fields Window Size

Length (6 bits) (6 bits) (16 bits)
(4 bits)

TCP Checksum (16 bits) Urgent Pointer (16 bits)

For flow control (to tell the other party to slow down),
The sender places a small value in the Window Size field.
8-125
TCP Segment and UDP Datagram
Bit 0 TCP Segment Bit 31

Options (if any) Padding

Data Field

TCP segment headers can end with options.

Unlike IPv4 options,
TCP options are very common.

If an option does not end at a 32-bit boundary,

padding must be added.
 TCP Session Openings and Closings

Normal Three-Way Opening

SYN

SYN/ACK

ACK

A SYN segment is a segment in which the SYN bit is set.

One side sends a SYN segment requesting an opening.
The other side sends a SYN/acknowledgment segment.
Originating side acknowledges the SYN/ACK.
 TCP Session Openings and Closings

Normal Four-Way Close

FIN

ACK

FIN

ACK

A FIN segment is a segment in which the FIN bit is set.

Like both sides saying “good bye” to end a conversation.
 TCP Session Openings and Closings

Abrupt Reset

RST

An RST segment is a segment in which the RST bit is set.

A single RST segment breaks a connection.
Like hanging up during a phone call.
There is no acknowledgment.
The User Datagram Protocol
(UDP)
TCP Segment and UDP Datagram
Bit 0 UDP Datagram Bit 31

Source Port Number (16 bits) Destination Port Number (16 bits)

UDP Length (16 bits) UDP Checksum (16 bits)

Data Field

UDP messages (datagrams) are very simple.

Like TCP, UDP has 16-bit port numbers.
The UDP length field allows variable-length application messages.
If the UDP checksum is correct, there is no acknowledgment.
If the UDP checksum is incorrect, the UDP datagram is dropped.

8-131
Port Numbers and Sockets in
TCP and UDP
TCP and UDP Port Numbers
• Computers are multitasking devices
• They run multiple applications at the same time
• On a server, a port number designates a specific application

HTTP Webserver SMTP E-Mail

Application Applications

Port 80 Port 25

Server
TCP and UDP Port Numbers
• Major Applications Have Well-Known Port Numbers
between 0 to 1023, i.e.
• HTTP is TCP Port 80
• SMTP is TCP Port 25

SMTP E-Mail
HTTP Webserver
Application
Application
Port 80 Port 25

Server
TCP and UDP Port Numbers
• Clients Use Ephemeral Port Numbers
• 1024 to 4999 for Windows Client PCs
• A client has a separate port number for each connection to a
program on a server

E-Mail
Webserver Application
Application on Mail
on Webserver Server

Port 4400 Port 3270

Client
 TCP and UDP Port Numbers

A socket is an Client [Link]

IP address, a colon, and a port number.

[Link]:80
[Link]:25
[Link]:2849

It represents a specific application (Port number) Webserver

on a specific server (IP address) [Link]
Port 80
Or a specific connection on a client.

SMTP Server
Client PC [Link]
[Link] Port 25
Port 2849
Use of TCP (and UDP) Port Numbers
Client
[Link]
Source: [Link]:2707
Destination: [Link]:80

This shows sockets for a client Webserver

packet sent to a webserver application [Link]
on a webserver Port 80

SMTP Server
[Link]
Port 25
\Use of TCP (and UDP) Port Numbers
Client
[Link]
Source: [Link]:2707
Destination: [Link]:80

Source: [Link]:80
Destination: [Link]:2707
Webserver
[Link]
Port 80
Sockets in
two-way
transmission SMTP Server
[Link]
Port 25
Use of TCP (and UDP) Port Numbers
Client
[Link]
Source: [Link]:2707
Destination: [Link]:80

Source: [Link]:80
Destination: [Link]:2707
Webserver
[Link]
Port 80
Source: [Link]:4400
Destination: [Link]:25

SMTP Server
[Link]
Clients use a different ephemeral Port 25
port number for different connections
Dynamic Routing Protocols

Dynamic Routing Protocol

Routing Table Information

 1
Dynamic Routing Protocols

Here is an simple Here, the metric is

example of how a the number of hops
dynamic routing to the destination IP
protocol works. addresses, 128.171.x.x
Dynamic Routing Protocols: Interior and Exterior
1

When they talk to other Large organizations and

Autonomous systems, they ISPs are autonomous systems.
Must negotiate which Autonomous systems can
Exterior DRP they will use. Select their interior
Dynamic routing protocols.
 Dynamic Routing Protocols
Dynamic Routing Interior or Exterior Remarks
Protocol Routing Protocol?
RIP (Routing Interior Only for small autonomous
Information Protocol) TCP/IP systems with low
needs for security
OSPF (Open Shortest Interior For large autonomous
Path First) systems that only use
TCP/IP
EIGRP (Enhanced Interior Proprietary Cisco Systems
Interior Gateway protocol. Not limited to
Routing Protocol) TCP/IP routing. Also handles
IPX/SPX, SNA, and so forth
BGP (Border Gateway Exterior Organization cannot choose
Protocol) what exterior routing
protocol it will use. TCP/IP
protocol
8-143
The Internet Control Message
Protocol (ICMP)
 Internet Control Message Protocol (ICMP) for
Supervisory Messages

ICMP is the internet layer

supervisory protocol.
ICMP messages are encapsulated
in the data field of IP packets.
These packets have no
higher-layer contents
Internet Control Message Protocol (ICMP) for Supervisory
Messages 1

Pinging a host sends it

an ICMP echo message.
When the host receives
this ping, it sends back
An echo reply message.
At the Windows command line, pinging is a quick way to
Type “ping <IPaddress>[Enter]” learn if a host is available.
 8-16: Internet Control Message Protocol (ICMP) for
Supervisory Messages

If a router cannot deliver a packet,

it may send an ICMP error
message to the source host.
There are several types of
ICMP messages, for
different types of error
Dynamic Host Configuration
Protocol (DHCP)
From Chapter 1
Dynamic Host Configuration Protocol

Every Host Must Have a Unique IP Server hosts are given static IP addresses (unchanging)
Clients get dynamic (temporary) IP addresses that may
address be different each time they use an internet

Dynamic Host Configuration Clients get these dynamic IP addresses from Dynamic
Protocol (DHCP) Host Configuration Protocol (DHCP) servers

149
Dynamic Host Configuration Protocol (DHCP)
Pool of
IP Addresses

Client PC DHCP
A3-4E-CD-59-28-7F Server

DHCP Request Message:

“My 48-bit Ethernet address is A3-4E-CD-59-28-7F”.
Please give me a 32-bit IP address.”

150
Dynamic Host Configuration Protocol (DHCP)
Pool of
IP Addresses

Client PC DHCP
A3-4E-CD-59-28-7F Server

DHCP Response Message:

“Computer at A3-4E-CD-59-28-7F,
your 32-bit IP address is 11010000101111101010101100000010”.
(Usually other configuration parameters as well.)

151
Why DHCP?

• If You Give PCs Static Information,

• The cost of manual entry of configuration
information (subnet mask, default router,
DNS servers, etc.) is high

• If something changes, such as the IP

address of your DNS server, the cost of
manually reconfiguring each PC is high

• If something changes, your PCs may be

inoperable until you make the manual
changes

• With DHCP, users get hot fresh configuration

data automatically
The Internet Protocol (IP)

Versions 4 and 6
IPv4 and IPv6 Packets
Bit 0 IP Version 4 Packet Bit 31
Version Header Diff-Serv Total Length
(4 bits) Length (8 bits) (16 bits)
Value (4 bits) Length in octets
is 4
(0100)

Identification (16 bits) Flags Fragment Offset (13 bits)

IPv4 is thevalue
Unique dominant
in eachversion of IP today.
original (3 bits) Octets from start of
The version number in its header is 4 (0100).
IP packet original IP fragment’s
data field
The header length and total length field tell the size of the packet.
Time to Live Protocol (8 bits) Header Checksum
(8 bits)
The 1=ICMP,
Diff-Serv field can be 6=TCP,
used for quality of(16 bits)labeling.
service
(But MPLS is being used 17=UDP
instead by most carriers)
IPv4 and IPv6 Packets
Bit 0 IP Version 4 Packet Bit 31

Source IP Address (32 bits)

Destination IP Address (32 bits)

Options (if any) Padding

Data The
Fieldsource and destination IP addresses
Are 32 bits long, as you would expect.

Options can be added, but these are rare.

 IP Version 6 is the emerging
version of the Internet protocol.
IPv4 and IPv6 Packets
Has 128 bit addresses for
Bit 0 IPanVersion
almost 6unlimited
Packet number of IP addresses. Bit 31
Version Diff-Serv Flow Label
Needed (20 of
because bits)
rapid growth in Asia.
(4 bits) (8 bits) Marks a packet as part of a specific flow
Value Also needed because of the exploding
is 6 number of mobile devices
(0110)

Payload Length Next Header Hop Limit

(16 bits) (8 bits) Name (8 bits)
of next header
Source IP Address (128 bits)
Destination IP Address (128 bits)

Next Header or Payload (Data Field)

Layer 3 Switches
 Traditionally, switches were fast and
inexpensive while routers were slow and
expensive

Using special-purpose hardware called

Layer 3 application-specific integrated circuits (ASICs)
Switches allowed the creation of limited but fast and
inexpensive routers

Marketing called these limited routers “Layer

3 switches” to indicate their speed, despite
the fact that they are routers and operate at
Layer 3, while switches operate at Layer 2
 Layer 3 Switches and Routers in Site Internets

Again, Layer 3 switches are true routers,

Not switches.
However, they are faster and cheaper
than traditional routers, at least to purchase.
 Layer 3 Switches and Routers in Site Internets

However, they have limited functionality

that typically makes them unsuitable to being
border routers to connect to different sites.
 Layer 3 Switches and Routers in Site Internets

As routers, however, they are expensive to

manage (as we will see in Chapter 10).
After all, they really are routers, not switches.
 Layer 3 Switches and Routers in Site Internets

Too limited to be border routers and

too expensive to manage to replace,
Ethernet workgroup switches, L3 switches
typically are used between the two.