Chapter Four

Network Protocol
4. Introduction to Network protocol
In the world of computer networks, protocols serve as the foundation for communication between devices and
systems. A protocol is a set of rules and conventions that govern how data is transmitted, received, and interpreted
across a network. These protocols ensure that data can be exchanged seamlessly and reliably, regardless of the
devices and platforms involved. There are numerous types of protocols, each tailored to specific networking
scenarios.

Network protocols provide a standardized way for devices to interact and collaborate within a network, regardless
of their underlying hardware or software. They encompass a wide range of functionalities, from addressing and
routing data packets to error detection and correction, security measures, and quality of service guarantees.

[Link] Protocols Suites

A protocol suite is a set of protocols that work together to provide comprehensive network communication services.
A protocol suite may be specified by a standards organization or developed by a vendor.

The protocols IP, HTTP, and DHCP are all part of the Internet protocol suite known as Transmission Control
Protocol/IP (TCP/IP). The TCP/IP protocol suite is an open standard, meaning these protocols are freely available
to the public, and any vendor is able to implement these protocols on their hardware or in their software.

A standards-based protocol is a process or protocol that has been endorsed by the networking industry and ratified,
or approved, by a standards organization. The use of standards in developing and implementing protocols ensures
that products from different manufacturers can interoperate successfully.

4.1.1. Some Network Protocols and Their Uses

[Link]. Transmission Control Protocol (TCP)
TCP is a foundational protocol that operates at the transport layer of the OSI model. It guarantees the reliable and
ordered delivery of data packets between devices. TCP is widely used for applications that require accurate and
error-free data transfer, such as web browsing, email, file transfer, and remote access.

[Link].Internet Protocol (IP)

IP, operating at the network layer of the OSI model, is responsible for routing and addressing packets of data to
ensure they reach their destination. It provides a unique IP address to each device on a network and is essential
for the proper functioning of the Internet. IP has two main versions: IPv4 and IPv6.

[Link].Hypertext Transfer Protocol (HTTP)

HTTP is a protocol used for transferring web pages and other resources on the World Wide Web. It
operates at the application layer and defines how browsers and web servers communicate. HTTPS, a
secure version of HTTP, incorporates encryption to protect data integrity and user privacy.

1
[Link].Simple Mail Transfer Protocol (SMTP)
SMTP is a protocol for sending and receiving email. It enables the transfer of email messages from a
client to a server or between servers. SMTP is essential for email communication, ensuring that messages
are delivered reliably and in the correct format.
[Link].Post Office Protocol (POP) and Internet Message Access Protocol (IMAP)
POP and IMAP are protocols used by email clients to retrieve messages from a server.

POP allows downloading messages to a local device, while IMAP maintains messages on the server,
enabling access from multiple devices. These protocols facilitate efficient email management.

[Link].File Transfer Protocol (FTP)

FTP is a protocol designed for transferring files between computers. It allows users to upload, download,
and manipulate files on remote servers. FTP is often used for website maintenance and content updates.

[Link].Simple Network Management Protocol (SNMP)

SNMP is a protocol used for managing and monitoring network devices, such as routers, switches, and
servers. It enables administrators to gather information about device performance, status, and potential
issues.

[Link].Domain Name System (DNS)

DNS is a protocol that translates human-readable domain names into IP addresses. It plays a vital role in
web browsing by helping users’ access websites using intuitive domain names rather than numerical IP
addresses.

[Link].Dynamic Host Configuration Protocol (DHCP)

DHCP is a protocol that automates the process of assigning IP addresses to devices on a network. It ensures
efficient IP address management and simplifies network configuration.

[Link]. Secure Shell (SSH)

SSH is a protocol that provides secure, encrypted communication between devices over an insecure network.
It’s commonly used for remote login and executing commands on remote servers.

[Link]. Border Gateway Protocol (BGP)

BGP is a protocol used to exchange routing information between autonomous systems on the Internet. It
plays a crucial role in ensuring efficient and optimal data routing across complex networks.

[Link]. VoIP Protocols (SIP, RTP, RTCP)

VoIP (Voice over Internet Protocol) protocols, such as SIP (Session Initiation Protocol), RTP (Real-Time
Transport Protocol), and RTCP (Real-Time Control Protocol), enable voice and video communication over
IP networks. These protocols are the backbone of modern voice and video conferencing applications.

2
 [Link]. Wireless Protocols (Wi-Fi, Bluetooth, Zigbee)
Wireless protocols like Wi-Fi, Bluetooth, and Zigbee enable wireless communication between devices. Wi-
Fi is used for high-speed Internet connectivity, Bluetooth for shortrange device connections, and Zigbee for
home automation and sensor networks.

[Link] Models
4.2.1. Layers of OSI Model
OSI stands for Open Systems Interconnection. It was developed by ISO ‘International Organization for
Standardization’, in the year 1984. It is seven-layer architecture with each layer having specific functionality to
perform. All these 7 layers work collaboratively to transmit the data from one person to another across the globe.
What is OSI Model?
The OSI model, created in 1984 by ISO, is a reference framework that explains the process of transmitting data
between computers. It is divided into seven layers that work together to carry out specialized network functions,
allowing for a more systematic approach to networking.

What are the 7 layers of the OSI Model?

The OSI model consists of seven abstraction layers arranged in a down - top order:
1. Physical Layer
2. Data Link Layer
3. Network Layer
4. Transport Layer
5. Session Layer
6. Presentation Layer
7. Application Layer
1. Physical Layer (Layer 1)

3
The lowest layer of the OSI reference model is the physical layer. It is responsible for the actual physical
connection between the devices. The physical layer contains information in the form of bits. It is responsible for
transmitting individual bits from one node to the next. When receiving data, this layer will get the signal received
and convert it into 0s and 1s and send them to the Data Link layer, which will put the frame back together.

Functions of the Physical Layer

• Bit synchronization: The physical layer provides the synchronization of the bits by providing a clock. This
clock controls both sender and receiver thus providing synchronization at the bit level.
• Bit rate control: The Physical layer also defines the transmission rate i.e. the number of bits sent per second.
• Physical topologies: Physical layer specifies how the different, devices/nodes are arranged in a network i.e.
bus, star, or mesh topology.
• Transmission mode: Physical layer also defines how the data flows between the two connected devices. The
various transmission modes possible are Simplex, half-duplex and full-duplex.
Note:
• Hub, Repeater, Modem, and Cables are Physical Layer devices.
• Network Layer, Data Link Layer, and Physical Layer are also known as Lower Layers or Hardware Layers.
2. Data Link Layer (DLL) Layer 2
The data link layer is responsible for the node-to-node delivery of the message. The main function of this layer is
to make sure data transfer is error-free from one node to another, over the physical layer. When a packet arrives
in a network, it is the responsibility of the DLL to transmit it to the Host using its MAC address.
The Data Link Layer is divided into two sub layers:
• Logical Link Control (LLC)
• Media Access Control (MAC)
The packet received from the Network layer is further divided into frames depending on the frame size of the NIC
(Network Interface Card). DLL also encapsulates Sender and Receiver’s MAC address in the header.
The Receiver’s MAC address is obtained by placing an ARP(Address Resolution Protocol) request onto the wire
asking “Who has that IP address?” and the destination host will reply with its MAC address.

4
Functions of the Data Link Layer
• Framing: Framing is a function of the data link layer. It provides a way for a sender to transmit a set of bits
that are meaningful to the receiver. This can be accomplished by attaching special bit patterns to the
beginning and end of the frame.
• Physical addressing: After creating frames, the Data link layer adds physical addresses (MAC addresses) of
the sender and/or receiver in the header of each frame.
• Error control: The data link layer provides the mechanism of error control in which it detects and retransmits
damaged or lost frames.
• Flow Control: The data rate must be constant on both sides else the data may get corrupted thus; flow control
coordinates the amount of data that can be sent before receiving an acknowledgment.
• Access control: When a single communication channel is shared by multiple devices, the MAC sub-layer of
the data link layer helps to determine which device has control over the channel at a given time.

Note:
• Packet in the Data Link layer is referred to as Frame.
• Data Link layer is handled by the NIC (Network Interface Card) and device drivers of host machines.
• Switch & Bridge are Data Link Layer devices.

3. Network Layer – Layer 3

The network layer works for the transmission of data from one host to the other located in different networks. It
also takes care of packet routing i.e. selection of the shortest path to transmit the packet, from the number of
routes available. The sender & receiver’s IP addresses are placed in the header by the network layer.
Functions of the Network Layer
• Routing: The network layer protocols determine which route is suitable from source to destination. This
function of the network layer is known as routing.

5
• Logical Addressing: To identify each device on Internetwork uniquely, the network layer defines an
addressing scheme. The sender & receiver’s IP addresses are placed in the header by the network layer. Such
an address distinguishes each device uniquely and universally.
Note:
• Segment in the Network layer is referred to as Packet.
• Network layer is implemented by networking devices such as routers and switches.
4. Transport Layer – Layer 4
The transport layer provides services to the application layer and takes services from the network layer. The data
in the transport layer is referred to as Segments. It is responsible for the End to End Delivery of the complete
message. The transport layer also provides the acknowledgment of the successful data transmission and re-
transmits the data if an error is found.
At the sender’s side: The transport layer receives the formatted data from the upper layers, performs
Segmentation, and also implements Flow & Error control to ensure proper data transmission. It also adds Source
and Destination port numbers in its header and forwards the segmented data to the Network Layer.
Note: The sender needs to know the port number associated with the receiver’s application. Generally, this
destination port number is configured, either by default or manually. For example, when a web application requests
a web server, it typically uses port number 80, because this is the default port assigned to web applications. Many
applications have default ports assigned. At the receiver’s side: Transport Layer reads the port number from its
header and forwards the Data which it has received to the respective application. It also performs sequencing and
reassembling of the segmented data.
Functions of the Transport Layer
• Segmentation and Reassembly: This layer accepts the message from the (session) layer, and breaks the
message into smaller units. Each of the segments produced has a header associated with it. The transport layer
at the destination station reassembles the message.
• Service Point Addressing: To deliver the message to the correct process, the transport layer header includes
a type of address called service point address or port address. Thus by specifying this address, the transport
layer makes sure that the message is delivered to the correct process.
• Services Provided by Transport Layer
1. Connection-Oriented Service
2. Connectionless Service
1. Connection-Oriented Service: It is a three-phase process that includes
o Connection Establishment
o Data Transfer
o Termination/disconnection

6
 In this type of transmission, the receiving device sends an acknowledgment, back to the source after a packet
or group of packets is received. This type of transmission is reliable and secure.
2. Connectionless service: It is a one-phase process and includes Data Transfer. In this type of transmission, the
receiver does not acknowledge receipt of a packet. This approach allows for much faster communication
between devices. Connection-oriented service is more reliable than connectionless Service.
Note:
• Data in the Transport Layer is called Segments.
• Transport layer is operated by the Operating System. It is a part of the OS and communicates with the
Application Layer by making system calls.
• The transport layer is called as Heart of the OSI model.
• Device or Protocol Use : TCP, UDP NetBIOS, PPTP
5. Session Layer – Layer 5
This layer is responsible for the establishment of connection, maintenance of sessions, and authentication, and
also ensures security.
Functions of the Session Layer
• Session establishment, maintenance, and termination: The layer allows the two processes to establish,
use and terminate a connection.
• Synchronization: This layer allows a process to add checkpoints that are considered synchronization points
in the data. These synchronization points help to identify the error so that the data is re-synchronized
properly, and ends of the messages are not cut prematurely and data loss is avoided.
• Dialog Controller: The session layer allows two systems to start communication with each other in half-
duplex or full-duplex.
Note:
• All the below 3 layers (including Session Layer) are integrated as a single layer in the
TCP/IP model as the????Application Layer”.
• Implementation of these 3 layers is done by the network application itself. These are also
known as Upper Layers or Software Layers.
• Device or Protocol Use: NetBIOS, PPTP.
Example:-
Let us consider a scenario where a user wants to send a message through some Messenger application running in
his browser. The “Messenger” here acts as the application layer which provides the user with an interface to
create the data. This message or so-called Data is compressed, encrypted (if any secure data), and converted into
bits (0’s and 1’s) so that it can be transmitted.

Communication in Session Layer

7
 6. Presentation Layer (Layer 6)
The presentation layer is also called the Translation layer. The data from the application layer is extracted here
and manipulated as per the required format to transmit over the network.
Functions of the Presentation Layer
• Translation: For example, ASCII to EBCDIC.
• Encryption/ Decryption: Data encryption translates the data into another form or code. The encrypted data
is known as the cipher text and the decrypted data is known as plain text. A key value is used for encrypting
as well as decrypting data.
• Compression: Reduces the number of bits that need to be transmitted on the network.
Note: Device or Protocol Use: JPEG, MPEG, GIF
7. Application Layer (Layer 7)
At the very top of the OSI Reference Model stack of layers, we find the Application layer which is implemented
by the network applications. These applications produce the data, which has to be transferred over the network.
This layer also serves as a window for the application services to access the network and for displaying the
received information to the user.
Example: Application – Browsers, Skype Messenger, etc.
Note: 1. the application Layer is also called Desktop Layer.
2. Device or Protocol Use: SMTP
Functions of the Application Layer
The main functions of application layer are given below.
• Network Virtual Terminal: It allows a user to log on to a remote host.
• FTAM- File transfer access and management: This application allows a user to access file in a remote host,
retrieve files in remote host and manage or control files from a remote computer.
• Mail Services: Provide email service.
• Directory Services: This application provides distributed database sources and access for global information
about various objects and services.
Note: OSI model acts as a reference model and is not implemented on the Internet because of its late invention.
The current model being used is the TCP/IP model.

8
 OSI Model in a Nutshell
Layer Information
Layer Name Responsibility Device or Protocol
No Form(Data Unit)
Helps in identifying the client and
7 Application Layer Message SMTP
synchronizing communication.
Data from the application layer is
Presentation
6 extracted and manipulated in the Message JPEG, MPEG, GIF
Layer
required format for transmission.
Establishes Connection,
Maintenance, Ensures
5 Session Layer Message Gateway
Authentication, and Ensures
security.
Take Service from Network Layer
4 Transport Layer and provide it to the Application Segment Firewall
Layer.
Transmission of data from one
3 Network Layer host to another, located in different Packet Router
networks.
Node to Node Delivery of
2 Data Link Layer Frame Switch, Bridge
Message.
Establishing Physical Connections Hub, Repeater, Modem,
1 Physical Layer Bits
between Devices. Cables

4.3. TCP/IP Model

The OSI Model we just looked at is just a reference/logical model. It was designed to describe the functions of the
communication system by dividing the communication procedure into smaller and simpler components.
TCP/IP was designed and developed by the Department of Defense (DoD) in the 1960s and is based on standard
protocols. It stands for Transmission Control Protocol/Internet Protocol. The TCP/IP model is a concise version of
the OSI model. It contains four layers, unlike the seven layers in the OSI model.
What Does TCP/IP Do?
The main work of TCP/IP is to transfer the data of a computer from one device to another. The main condition of
this process is to make data reliable and accurate so that the receiver will receive the same information which is
sent by the sender. To ensure that, each message reaches its final destination accurately, the TCP/IP model divides
its data into packets and combines them at the other end, which helps in maintaining the accuracy of the data while
transferring from one end to another end.
What is the Difference between TCP and IP?
TCP and IP are different protocols of Computer Networks. The basic difference between TCP (Transmission
Control Protocol) and IP (Internet Protocol) is in the transmission of data. In simple words, IP finds the
destination of the mail and TCP has the work to send and receive the mail. UDP is another protocol, which does
not require IP to communicate with another computer. IP is required by only TCP. This is the basic difference
between TCP and IP.

9
How Does the TCP/IP Model Work?
Whenever we want to send something over the internet using the TCP/IP Model, the TCP/IP Model divides the
data into packets at the sender’s end and the same packets have to be recombined at the receiver’s end to form the
same data, and this thing happens to maintain the accuracy of the data. TCP/IP model divides the data into a 4-
layer procedure, where the data first go into this layer in one order and again in reverse order to get organized in
the same way at the receiver’s end.
Layers of TCP/IP Model
• Application Layer
• Transport Layer(TCP/UDP)
• Network/Internet Layer(IP)
• Network Interface Layer (Layer 1)
1. Network Interface Layer (Layer 1)
In the TCP/IP model, the Network Interface Layer (often referred to as Layer 1) is responsible for the physical
transmission of data over the network and the interaction between the network hardware and the operating
system. It encompasses both the Physical Layer and the Data Link Layer, which are two separate layers in the
OSI (Open Systems Interconnection) model.

a. Physical Layer Functions:

• Transmission Medium: The physical layer is responsible for the actual hardware mechanisms that enable
data transfer, such as cables (Ethernet cables, fiber optics) or wireless signals (Wi-Fi, Bluetooth).
• Signal Transmission: Converts the digital data into physical signals (electrical signals, light pulses, or
radio waves) that can travel across the transmission medium.
• Bit Representation: Defines how bits are represented physically. For example, in an Ethernet connection,
bits are represented as electrical signals that travel through copper cables.
• Data Rate: Determines the speed of transmission (e.g., 10 Mbps, 100 Mbps, 1 Gbps, etc.) and how much
data can be sent per second.

b. Data Link Layer Functions:

The Data Link Layer is responsible for creating a reliable link between two directly connected nodes on the
network. It also ensures that the data is properly formatted and transmitted across the physical medium.
• Framing: It breaks down the data into manageable packets, called frames, that can be transmitted over
the network.
• Error Detection and Correction: It handles errors in data transmission using mechanisms like checksums
or cyclic redundancy checks (CRC). It ensures the integrity of data sent across the physical medium.

10
 • MAC Addressing: Defines the Media Access Control (MAC) addresses used to identify devices on the
network. Each network device has a unique MAC address.
• Flow Control: Manages the pace at which data is sent to ensure that the receiving device can process the
incoming data at an appropriate speed.
• Access Control: Manages access to the shared transmission medium to avoid collisions, especially in
network types like Ethernet.

2. Internet Layer
This layer parallels the functions of OSI’s Network layer. It defines the protocols which are responsible for the
logical transmission of data over the entire network. The main protocols residing at this layer are as follows:
• IP: IP stands for Internet Protocol and it is responsible for delivering packets from the source host to the
destination host by looking at the IP addresses in the packet headers. IP has 2 versions: IPv4 and IPv6. IPv4
is the one that most websites are using currently. But IPv6 is growing as the number of IPv4 addresses is
limited in number when compared to the number of users.
• ICMP: ICMP stands for Internet Control Message Protocol. It is encapsulated within IP datagrams and is
responsible for providing hosts with information about network problems.
• ARP: ARP stands for Address Resolution Protocol. Its job is to find the hardware address of a host from a
known IP address. ARP has several types: Reverse ARP, Proxy ARP, Gratuitous ARP, and Inverse ARP. The
Internet Layer is a layer in the Internet Protocol (IP) suite, which is the set of protocols that define the Internet.
The Internet Layer is responsible for routing packets of data from one device to another across a network. It
does this by assigning each device a unique IP address, which is used to identify the device and determine the
route that packets should take to reach it. Example: Imagine that you are using a computer to send an email
to a friend. When you click “send,” the email is broken down into smaller packets of data, which are then sent
to the Internet Layer for routing. The Internet Layer assigns an IP address to each packet and uses routing
tables to determine the best route for the packet to take to reach its destination. The packet is then forwarded
to the next hop on its route until it reaches its destination. When all of the packets have been delivered, your
friend’s computer can reassemble them into the original email message. In this example, the Internet Layer
plays a crucial role in delivering the email from your computer to your friend’s computer. It uses IP addresses
and routing tables to determine the best route for the packets to take, and it ensures that the packets are
delivered to the correct destination. Without the Internet Layer, it would not be possible to send data across
the Internet.
3. Transport Layer
The TCP/IP transport layer protocols exchange data receipt acknowledgments and retransmit missing packets to
ensure that packets arrive in order and without error. End-to-end communication is referred to as such.

11
Transmission Control Protocol (TCP) and User Datagram Protocol are transport layer protocols at this level
(UDP).
• TCP: Applications can interact with one another using TCP as though they were physically connected by a
circuit. TCP transmits data in a way that resembles character-by-character transmission rather than separate
packets. A starting point that establishes the connection, the whole transmission in byte order, and an ending
point that closes the connection make up this transmission.
• UDP: The datagram delivery service is provided by UDP, the other transport layer protocol. Connections
between receiving and sending hosts are not verified by UDP. Applications that transport little amounts of
data use UDP rather than TCP because it eliminates the processes of establishing and validating
connections.
4. Application Layer
This layer is analogous to the transport layer of the OSI model. It is responsible for end-to-end communication
and error-free delivery of data. It shields the upper-layer applications from the complexities of data. The three
main protocols present in this layer are:
• HTTP and HTTPS: HTTP stands for Hypertext transfer protocol. It is used by the World Wide Web to
manage communications between web browsers and servers. HTTPS stands for HTTP-Secure. It is a
combination of HTTP with SSL (Secure Socket Layer). It is efficient in cases where the browser needs to
fill out forms, sign in, authenticate, and carry out bank transactions.
• SSH: SSH stands for Secure Shell. It is a terminal emulations software similar to Telnet. The reason SSH is
preferred is because of its ability to maintain the encrypted connection. It sets up a secure session over a
TCP/IP connection.
• NTP: NTP stands for Network Time Protocol. It is used to synchronize the clocks on our computer to one
standard time source. It is very useful in situations like bank transactions.
Assume the following situation without the presence of NTP. Suppose you carry out a transaction, where
your computer reads the time at 2:30 PM while the server records it at
2:28 PM. The server can crash very badly if it’s out of sync. The host-to-host layer is a layer in the OSI
(Open Systems Interconnection) model that is responsible for providing communication between hosts
(computers or other devices) on a network. It is also known as the transport layer.
Some common use cases for the host-to-host layer include:
• Reliable Data Transfer: The host-to-host layer ensures that data is transferred reliably between hosts by
using techniques like error correction and flow control. For example, if a packet of data is lost during
transmission, the host-to-host layer can request that the packet be retransmitted to ensure that all data is
received correctly.

12
 • Segmentation and Reassembly: The host-to-host layer is responsible for breaking up large blocks of data
into smaller segments that can be transmitted over the network, and then reassembling the data at the
destination. This allows data to be transmitted more efficiently and helps to avoid overloading the network.
• Multiplexing and De-multiplexing: The host-to-host layer is responsible for multiplexing data from multiple
sources onto a single network connection, and then demultiplexing the data at the destination. This allows
multiple devices to share the same network connection and helps to improve the utilization of the network.
• End-to-End Communication: The host-to-host layer provides a connection-oriented service that allows
hosts to communicate with each other end-to-end, without the need for intermediate devices to be involved
in the communication.
Example: Consider a network with two hosts, A and B. Host A wants to send a file to host B. The host-to-
host layer in host A will break the file into smaller segments, add error correction and flow control
information, and then transmit the segments over the network to host B. The host-to-host layer in host B will
receive the segments, check for errors, and reassemble the file. Once the file has been transferred successfully,
the host-to-host layer in host B will acknowledge receipt of the file to host A.
In this example, the host-to-host layer is responsible for providing a reliable connection between host A and
host B, breaking the file into smaller segments, and reassembling the segments at the destination. It is also
responsible for multiplexing and demultiplexing the data and providing end-to-end communication between
the two hosts.

Difference between TCP/IP and OSI Model

TCP/IP OSI
TCP refers to Transmission Control Protocol. OSI refers to Open Systems Interconnection.
TCP/IP uses both the session and presentation layer in
OSI uses different session and presentation layers.
the application layer itself.
TCP/IP follows connectionless a horizontal approach. OSI follows a vertical approach.
The Transport layer in TCP/IP does not provide In the OSI model, the transport layer provides
assurance delivery of packets. assurance delivery of packets.
While in the OSI model, Protocols are better covered
Protocols cannot be replaced easily in TCP/IP model.
and are easy to replace with the technology change.
TCP/IP model network layer only provides
Connectionless and connection-oriented services are
connectionless (IP) services. The transport layer
provided by the network layer in the OSI model.
(TCP) provides connections.

TCP/IP vs ISO models

13
 OSI Ref. Layer No. OSI Layer Equivalent TCP/IP Layer TCP/IP Protocol Examples
Application, Session, DNS, telnet, ftp, rlogin, rsh, rcp,
5,6,7 Application
Presentation RIP, RDISC, SNMP, and others
4 Transport Transport TCP, UDP
3 Network Internet IP, ARP, ICMP
2 Data Link Data Link PPP, IEEE 802.2

5. IP Address and Subnet mask

A host needs an IP address to participate on the Internet. The IP address is a logical network address that identifies
a particular host.
Every packet sent across the Internet has a source and destination IP address. This information is required by
networking devices to insure the information gets to the destination and any replies are returned to the source.

An IP address (Internet Protocol address) is a unique identifier assigned to each device connected to a network
that uses the Internet Protocol for communication. There are two versions of IP addresses in use today: IPv4 and
IPv6. Each has a different structure.

5.1. IPv4 Address Structure

An IP address is simply a series of 32 binary bits (ones and zeros). It is very difficult for humans to read a binary
IP address. For this reason, the 32 bits are grouped into four 8-bit bytes called octets. An IP address in this format
is hard for humans to read, write and remember. To make the IP address easier to understand, each octet is presented
as its decimal value, separated by a decimal point or period. This is referred to as dotted-decimal notation.

14
When a host is configured with an IP address, it is entered as a dotted decimal number such as [Link]. Imagine
if you had to enter the 32-bit binary equivalent of this- 11000000101010000000000100000101. If just one bit was
mistyped, the address would be different and the host may not be able to communicate on the network.
The 32-bit IP address is defined with IP version 4 (IPv4) and is currently the most common form of IP address on
the Internet. There are over 4 billion possible IP addresses using a 32- bit addressing scheme.

When a host receives an IP address, it looks at all 32 bits as they are received by the NIC. Humans, on the other
hand, need to convert those 32 bits into their four octet decimal equivalent. Each octet is made up of 8 bits and each
bit has a value. The four groups of 8 bits have the same set of values. The rightmost bit in an octet has a value of 1
and the values of the remaining bits, from right to left, are 2, 4, 8, 16, 32, 64 and 128.

Determine the value of the octet by adding the values of positions wherever there is a binary 1 present.
• If there is a 0 in a position, do not add the value.
• If all 8 bits are 0s. 00000000 the value of the octet is 0.
• If all 8 bits are 1s, 11111111 the value of the octet is 255 (128+64+32+16+8+4+2+1).
• If the 8 bits are mixed, such as the example 00100111, the value of the octet is 39 (32+4+2+1).
So the value of each of the four octets can range from 0 to a maximum of 255.

5.1.1. Part of an IP address

The logical 32-bit IP address is hierarchical and is made up of two parts.

15
 • The first part identifies the network and
• The second part identifies a host on that network. Both parts are required in an IP address.

As an example, if a host has IP address [Link] the first three octets, (192.168.18), identify the network
portion of the address, and the last octet, (57) identifies the host. This is known as hierarchical addressing because
the network portion indicates the network on which each unique host address is located. Routers only need to know
how to reach each network, rather than needing to know the location of each individual host.

Another example of a hierarchical network is the telephone system. With a telephone number, the country code,
area code and exchange represent the network address and the remaining digits represent a local phone number.

5.1.2. How IP address and Subnet mask Interact

How do hosts know which portion is the network and which is the host? This is the job of the subnet mask.
When an IP host is configured, a subnet mask is assigned along with an IP address. Like the IP address, the
subnet mask is 32 bits long. The subnet mask signifies which part of the IP address is network and which part is
host.
The subnet mask is compared to the IP address from left to right, bit for bit. The 1s in the subnet mask represent
the network portion; the 0s represent the host portion.
When a host sends a packet, it compares its subnet mask to its own IP address and the destination IP address. If the
network bits match, both the source and destination host are on the same network and the packet can be delivered
locally. If they do not match, the sending host forwards the packet to the local router interface to be sent on to the
other network.

The subnet masks we see most often are:

16
 • [Link] (8-bits),
• [Link] (16 bits) and
• [Link] (24 bits).
A subnet mask of [Link] (decimal) or 11111111.11111111.1111111.00000000 (binary)
uses 24 bits to identify the network number which leaves 8 bits to number the hosts on that network.

To calculate the number of hosts that can be on that network, take the number 2 to the power of the number of
host bits (2 ^ 8 = 256). From this number, we must subtract 2 (256-2). The reason we subtract 2 is because all 1s
within the host portion of an IP address is a broadcast address for that network and cannot be assigned to a
specific host. All 0s within the host portion indicates the network ID and again, cannot be assigned to a
specific host.
Another way to determine the number of hosts available is to add up the values of the available host bits
(128+64+32+16+8+4+2+1 = 255). From this number, subtract 1 (255-1 =254), because the host bits cannot be all
1s. It is not necessary to subtract 2 because the value of all 0s is 0 and is not included in the addition.

With a 16-bit mask, there are 16 bits (two octets) for host addresses and a host address could have all 1s (255) in
one of the octets. This might appear to be a broadcast but as long as the other octet is not all 1s, it is a valid host
address. Remember that the host looks at all host bits together, not at octet values.

17
5.1.3. Types of IP Address
[Link].IP Address Classes and Default Subnet Mask
The IP address and subnet mask work together to determine which portion of the IP address represents the
network address and which portion represents the host address. IP addresses are grouped into 5 classes.
Classes A, B and C are commercial addresses and are assigned to hosts. Class D is reserved for
multicast use and Class E is for experimental use.
Class C addresses: - have three octets for the network portion and one for the hosts. The default
subnet mask is 24 bits ([Link]). Class C addresses are usually assigned to small networks.
Class B addresses: - have two octets to represent the network portion and two for the hosts. The
default subnet mask is 16 bits ([Link]). These addresses are typically used for medium-sized
networks.
Class A addresses: - have only one octet to represent the network portion and three to represent
the hosts. The default subnet mask is 8 bits ([Link]). These addresses are typically assigned to
large organizations.

18
The class of an address can be determined by the value of the first octet. For instance, if the first
octet of an IP address has a value in the range 192-223, it is classified as a Class C address. As an
example, [Link] is a Class C address.

5.1.4. Public and Private IP Addresses

All hosts that connect directly to the Internet require a unique public IP address. Because of the finite number of
32-bit addresses available, there is a risk of running out of IP addresses. One solution to this problem was to reserve
some private addresses for use exclusively inside an organization. This allows hosts within an organization to
communicate with one another without the need of a unique public IP address.
RFC 1918 is a standard that reserves several ranges of addresses within each of the classes A, B and C. As shown
in the table, these private address ranges consist of a single Class A network, 16 Class B networks and 256 Class C
networks. This gives a network administrator considerable flexibility in assigning internal addresses.
A very large network can use the Class A private network, which allows for over 16 million private addresses.
On medium size networks, a Class B private network could be used, which provides over 65,000 addresses.
Home and small business networks typically use a single class C private address, which allows up to 254 hosts.

The Class A network, the 16 Class B networks, or the 256 Class C networks can be used within any size
organization. Typically many organizations use the Class A private network.

19
Private addresses can be used internally by hosts in an organization as long as the hosts do not connect directly to
the Internet. Therefore, the same set of private addresses can be used by multiple organizations. Private addresses
are not routed on the Internet and will be quickly blocked by an ISP router.
The use of private addresses can provide a measure of security since they are only visible on the local network, and
outsiders cannot gain direct access to the private IP addresses.
There are also private addresses that can be used for the diagnostic testing of devices. This type of private address
is known as a loopback address. The class A, [Link] network, is reserved for loopback addresses.

2.3 UniCast, Broadcast and multicast Addresses

In addition to address classes, we also categorize IP addresses as unicast, broadcast, or multicast.
Hosts can use IP addresses to communicate one-to-one (unicast), one-to-many (multicast) or one-
to-all (broadcast).

20
Unicast
A unicast address is the most common type on an IP network. A packet with a unicast destination
address is intended for a specific host. An example is a host with IP address [Link] (source)
requesting a web page from a server at IP address [Link] (destination).
For a unicast packet to be sent and received, a destination IP address must be in the IP packet
header. A corresponding destination MAC address must also be present in the Ethernet frame
header. The IP address and MAC address combine to deliver data to one specific destination host.

Broadcast
With a broadcast, the packet contains a destination IP address with all ones (1s) in the host portion.
This means that all hosts on that local network (broadcast domain) will receive and look at the
packet. Many network protocols, such as ARP and DHCP use broadcasts.
A Class C network [Link] with a default subnet mask of [Link] has a broadcast
address of [Link]. The host portion is decimal 255 or binary 11111111 (all 1s).
A Class B network of [Link], with a default mask of [Link], has a broadcast of
[Link].
A Class A network of [Link], with a default mask of [Link], has a broadcast of [Link].
A broadcast IP address for a network needs a corresponding broadcast MAC address in the Ethernet
frame. On Ethernet networks, the broadcast MAC address is 48 ones displayed as Hexadecimal
FF-FF-FF-FF-FF-FF.

21
Multicast
Multicast addresses allow a source device to send a packet to a group of devices.
Devices that belong to a multicast group are assigned a multicast group IP address. The range of multicast addresses
is from [Link] to [Link]. Since multicast addresses represent a group of addresses (sometimes called
a host group), they can only be used as the destination of a packet. The source will always have a unicast address.
Examples of where multicast addresses would be used are in remote gaming, where many players are connected
remotely but playing the same game. Another example would be distance learning through video conferencing,
where many students are connected to the same class.
As with a unicast or broadcast address, multicast IP addresses need a corresponding multicast MAC address to
actually deliver frames on a local network. The multicast MAC address is a special value that begins with 01-00-
5E in hexadecimal. The value ends by converting the lower 23 bits of the IP multicast group address into the
remaining 6 hexadecimal characters of the Ethernet address. An example, as shown in the graphic, is hexadecimal
01-00-5E-0F-64-C5. Each hexadecimal character is 4 binary bits.

[Link] IP Address are Obtained

5.2.1. Static and Dynamic Address Assignment
IP addresses can be assigned either statically or dynamically.
Static
With a static assignment, the network administrator must manually configure the network information for a host.
At a minimum, this includes the host IP address, subnet mask and default gateway.

22
Static addresses have some advantages. For instance, they are useful for printers, servers and other networking
devices that need to be accessible to clients on the network. If hosts normally access a server at a particular IP
address, it would not be good if that address changed.

Static assignment of addressing information can provide increased control of network resources, but it can be time
consuming to enter the information on each host. When entering IP addresses statically, the host only performs
basic error checks on the IP address. Therefore, errors are more likely to occur.
When using static IP addressing, it is important to maintain an accurate list of which IP addresses are assigned to
which devices. Additionally, these are permanent addresses and are not normally reused

Dynamic
On local networks it is often the case that the user population changes frequently. New users arrive with laptops
and need a connection. Others have new workstations that need to be connected. Rather than have the network
administrator assign IP addresses for each workstation, it is easier to have IP addresses assigned automatically. This
is done using a protocol known as Dynamic Host Configuration Protocol (DHCP).
DHCP provides a mechanism for the automatic assignment of addressing information such as IP address, subnet
mask, default gateway, and other configuration information.
DHCP is generally the preferred method of assigning IP addresses to hosts on large networks since it reduces the
burden on network support staff and virtually eliminates entry errors.
Another benefit of DHCP is that an address is not permanently assigned to a host but is only leased for a period of
time. If the host is powered down or taken off the network, the address is returned to the pool for reuse. This is
especially helpful with mobile users that come and go on a network.

23
5.2.2. DHCP Server
If you enter a wireless hotspot at an airport or coffee shop, DHCP makes it possible for you to access the Internet.
As you enter the area, your laptop DHCP client contacts the local DHCP server via a wireless connection. The
DHCP server assigns an IP address to your laptop.

Various types of devices can be DHCP servers as long as they are running DHCP service software. With most
medium to large networks, the DHCP server is usually a local dedicated PC-based server.

With home networks the DHCP server is usually located at the ISP and a host on the home network receives its IP
configuration directly from the ISP.

Many home networks and small businesses use an integrated router to connect to the ISP modem. In this case, the
integrated router is both a DHCP client and a server. The integrated router acts as a client to receive its IP
configuration from the ISP and then acts a DHCP server for internal hosts on the local network.

In addition to PC-based servers and integrated routers, other types of networking devices such as dedicated routers
can provide DHCP services to clients, although this
is not as common.

24
5.2.3. Configuring DHCP
When a host is first configured as a DHCP client, it does not have an IP address, subnet mask or default gateway.
It obtains this information from a DHCP server, either on the local network or one located at the ISP. The DHCP
server is configured with a range, or pool, of IP addresses that can be assigned to DHCP clients.
A client that needs an IP address will send a DHCP Discover message which is a broadcast with a destination IP
address of [Link] (32 ones) and a destination MAC address of FF-FF-FF-FF-FF-FF (48 ones). All hosts
on the network will receive this broadcast DHCP frame, but only a DHCP server will reply. The server will respond
with a DHCP Offer, suggesting an IP address for the client. The host then sends a DHCP Request to that server
asking to use the suggested IP address. The server responds with a DHCP Acknowledgment.

For most home and small business networks, a multi-function device provides DHCP services to
the local network clients. To configure a Linksys wireless router, access its graphical web interface
by opening the browser and entering the in the Address area the router default IP address:
[Link]. Navigate to the screen that shows the DHCP configuration.

The IP address of [Link] and subnet mask of [Link] is the default for the internal router interface.
This is the default gateway for all hosts on the local network and also the internal DHCP server IP address. Most
Linksys wireless routers and other home integrated routers have DHCP Server enabled by default.
On the DHCP configuration screen a default DHCP range is available or you can specify a starting address for the
DHCP range (do not use [Link]) and the number of addresses to be assigned. The lease time can also be
modified (default is 24 hours). The DHCP configuration feature on most ISRs gives information about connected
hosts and IP addresses, their associated MAC address, and lease times.

25
The DHCP Client Table also shows the client name and whether it is connected via the Ethernet LAN or wireless
(Interface).

5.3. Addressing Management

5.3.1. Network Boundaries and Address Space
The router provides a gateway through which hosts on one network can communicate with hosts on different
networks. Each interface on a router is connected to a separate network.
The IP address assigned to the interface identifies which local network is connected directly to it.

Every host on a network must use the router as a gateway to other networks. Therefore, each host must know the
IP address of the router interface connected to the network where the host is attached. This address is known as the
default gateway address. It can be either statically configured on the host, or received dynamically by DHCP.
When an integrated router is configured to be a DHCP server for the local network, it automatically sends the
correct interface IP address to the hosts as the default gateway address. In this manner, all hosts on the network can
use that IP address to forward messages to hosts located at the ISP and get access to hosts on the Internet. Integrated
routers are usually set to be DHCP servers by default.
The IP address of that local router interface becomes the default gateway address for the host configuration. The
default gateway is provided, either statically or by DHCP.

When an integrated router is configured as a DHCP server, it provides its own internal IP address as the default
gateway to DHCP clients. It also provides them with their respective IP address and subnet mask.

26
5.3.2. Address Assignment
There are several ways hosts can be connected to an ISP and the Internet. Whether or not an individual host is
assigned a public or private address depends on how it is connected.
Direct Connection
Some customers have just a single computer with a direct connection from the ISP through a modem. In this case,
the public address from the ISP DHCP server is assigned to the single host.

Connection through an Integrated Router

When there is more than one host that needs access to the Internet, the ISP modem can be attached directly to an
integrated router instead of directly to a single computer. This enables the creation of a home or small business
network. The integrated router receives the public address from the ISP. Internal hosts receive private addresses
from the integrated router.
Connection through a Gateway Device
Gateway devices combine an integrated router and a modem in one unit, and connect directly to the ISP service.
As with integrated routers, the gateway device receives a public address from the ISP and internal PCs will
receive private addresses from the gateway device.

27
5.3.3. Network Address Translation
The integrated router receives a public address from the ISP, which allows it to send and receive packets on the
Internet. It, in turn, provides private addresses to local network clients. Since private addresses are not allowed on
the Internet, a process is needed for translating private addresses into unique public addresses to allow local clients
to communicate on the Internet.
The process used to convert private addresses to Internet-routable addresses is called Network Address Translation
(NAT). With NAT, a private (local) source IP address is translated to a public (global) address. The process is
reversed for incoming packets. The integrated router is able to translate many internal IP addresses to the same
public address, by using NAT.
Only packets destined for other networks need to be translated. These packets must pass through the gateway, where
the integrated router replaces the source host's private IP address with its own public IP address.
Although each host on the internal network has a unique private IP address assigned to it, the hosts must share the
single Internet routable addressed assigned to the integrated router.

28
29
5.4. Subnetting
Subnetting allows for creating multiple logical networks from a single address block. Since we use a router to
connect these networks together, each interface on a router must have a unique network ID. Every node on that
link is on the same network.
We create the subnets by using one or more of the host bits as network bits. This is done by extending the mask to
borrow some of the bits from the host portion of the address to create additional network bits. The more host bits
used, the more subnets that can be defined. For each bit borrowed, we double the number of subnet works
available. For example, if we borrow 1 bit, we can define 2 subnets. If we borrow 2 bits, we can have 4 subnets.
However, with each bit we borrow, fewer host addresses are available per subnet.
Router in the following figure has two interfaces to interconnect two networks. Given an address block of
[Link] /24, we will create two subnets. We borrow one bit from the host portion by using a subnet mask of
[Link], instead of the original [Link] mask. The most significant bit in the last octet is used to
distinguish between the two subnets. For one of the subnets, this bit is a "0" and for the other subnet this bit is a
"1".
Formula for calculating subnets

Use this formula to calculate the number of subnets:

2n where, n = the number of bits borrowed

30
In this example, the calculation looks like this:
21 = 2 subnets
The number of hosts
To calculate the number of hosts per network, we use the formula of 2n - 2 where, n = the number of bits left for
hosts.
Applying this formula, (27 - 2 = 126) shows that each of these subnets can have 126 hosts. For each subnet,
examine the last octet in binary. The values in these octets for the two networks are:
Subnet 1: 00000000 = 0
Subnet 2: 10000000 = 128

31
Example with 3 subnets
Consider an entire network that requires three subnets.
Again we start with the same [Link] /24 address block. Borrowing a single bit would only provide two
subnets. To provide more networks, we change the subnet mask to [Link] and borrow two bits. This
will provide four subnets.

Calculate the subnet with this formula:

22 = 4 subnets
The number of hosts
To calculate the number of hosts, begin by examining the last octet. Notice these subnets.
Subnet 0: 0 = 00000000 Subnet 1: 64 = 01000000 Subnet 2: 128 = 10000000
Subnet 3: 192 = 11000000 Apply the host calculation formula.
26 - 2 = 62 hosts per subnet
See the figure for the addressing scheme for these networks.

32
Example with 6 subnets
Consider this example with five LANs and a WAN for a total of 6 networks.
To accommodate 6 networks, subnet [Link] /24 into address blocks using the formula: 23 = 8
To get at least 6 subnets, borrow three host bits. A subnet mask of [Link] provides the three additional
network bits.
The number of hosts
To calculate the number of hosts, begin by examining the last octet. Notice these subnets.
0 = 00000000 128 = 10000000
32 = 00100000 160 = 10100000
64 = 01000000 192 = 11000000
96 = 01100000 224 = 11100000

Apply the host calculation formula:

25 - 2 = 30 hosts per subnet.
See the figure for the addressing scheme for these networks.

33
Subnetting and Dividing Networks In To Right Size
Every network within the entire network of a corporation or organization is designed to accommodate a finite
number of hosts.

5.4.1. Determine the Total Number of Hosts

First, consider the total number of hosts required by the entire corporate entire network. We must use a block of
addresses that is large enough to accommodate all devices in all the corporate networks. This includes end user
devices, servers, intermediate devices, and router interfaces.
Consider the example of a corporate entire network that needs to accommodate 800 hosts in its four locations.
5.4.2. Determine the Number and Size of the Networks
Next, consider the number of networks and the size of each required based on common groupings of hosts.
We subnet our network to overcome issues with location, size, and control. In designing the addressing, we
consider the factors for grouping the hosts that we discussed previously:
• Grouping based on common geographic location
• Grouping hosts used for specific purposes
• Grouping based on ownership
Although hosts in a common geographic location typically comprise a single block of addresses, we may need to
subnet this block to form additional networks at each location. We need to create subnet works at the different
locations that have hosts for common user needs. We may also have other groups of users that require many
network resources, or we may have many users that require their own subnet work. Additionally, we may have
subnet works for special hosts such as servers. Each of these factors needs to be considered in the network count.
We also have to consider any special security or administrative ownership needs that require additional networks.

34
One useful tool in this address planning process is a network diagram. A diagram allows us to see the
networks and make a more accurate count.
To accommodate 800 hosts in the company's four locations, we use binary arithmetic to allocate a /22 block (210-
2=1022).
5.4.3. Allocating Addresses
Now that we have a count of the networks and the number of hosts for each network, we need to start allocating
addresses from our overall block of addresses. When making the divisions and assignment of available subnets,
make sure that there are adequately-sized address blocks available for the larger demands. Also, plan carefully to
ensure that the address blocks assigned to the subnet do not overlap.
The further division of the addresses is often called subnetting the subnets. The creation of new, smaller
networks from a given address block is done by extending the length of the prefix; that is, adding 1s to the subnet
mask. Doing this allocates more bits to the network portion of the address to provide more patterns for the new
subnet. For each bit we borrow, we double the number of networks we have. For example, if we use 1 bit, we have
the potential to divide that block into two smaller networks. With a single bit pattern, we can produce two unique
bit patterns, 1 and 0. If we borrow 2 bits, we can provide for 4 unique patterns to represent networks 00, 01, 10, and
11. , 3 bits would allow 8 blocks,

5.4.4. The total Number of Usable Hosts

Recall from the previous section that as we divide the address range into subnets, we lose two host addresses for
each new network. These are the network address and broadcast address.
The formula for calculating the number of hosts in a network is:
Usable hosts = 2 n – 2 Where n is the number of bits remaining to be used for hosts.

35