Unit 4 - Notes

CSE306 9 min read

Unit 4: NETWORK LAYER: IP Header

1. IPv4 Header

The Internet Protocol version 4 (IPv4) is the dominant protocol used for transmitting data over the Internet. The IPv4 header encapsulates the transport layer data to form an IP datagram. The header size is variable, typically ranging from 20 to 60 bytes (20 bytes base header + up to 40 bytes of options).

IPv4 Header Fields:

  • Version (4 bits): Indicates the IP version being used. For IPv4, this value is 4 (binary 0100).
  • Internet Header Length / IHL (4 bits): Specifies the length of the header in 32-bit words. The minimum value is 5 (5 × 4 = 20 bytes), and the maximum is 15 (15 × 4 = 60 bytes).
  • Type of Service / Differentiated Services (8 bits): Defines how the packet should be handled by routers (e.g., priority, delay, throughput, and reliability requirements).
  • Total Length (16 bits): Indicates the total length of the IP datagram (header + payload) in bytes. Maximum size is 65,535 bytes.
  • Identification (16 bits): Used for uniquely identifying fragments of an original IP datagram.
  • Flags (3 bits): Controls fragmentation.
    • Bit 0: Reserved (must be zero).
    • Bit 1: Don't Fragment (DF). If 1, the packet must not be fragmented.
    • Bit 2: More Fragments (MF). If 1, indicates there are more fragments to follow. If 0, it is the last fragment.
  • Fragment Offset (13 bits): Specifies the position of the fragment's data relative to the beginning of the original unfragmented datagram (measured in units of 8 bytes).
  • Time to Live / TTL (8 bits): Prevents packets from looping indefinitely in the network. It is decremented by 1 at each router hop. When it reaches 0, the packet is discarded, and an ICMP Time Exceeded message is sent to the source.
  • Protocol (8 bits): Identifies the higher-layer protocol encapsulated in the payload (e.g., TCP = 6, UDP = 17, ICMP = 1).
  • Header Checksum (16 bits): Used for error-checking the header (not the payload). Recalculated at every router because the TTL changes.
  • Source IP Address (32 bits): The IP address of the sender.
  • Destination IP Address (32 bits): The IP address of the intended recipient.
  • Options (0-40 bytes): Used for network testing, debugging, and security (e.g., Record Route, Strict Source Routing). Must be padded to ensure the header ends on a 32-bit boundary.

2. IPv6 Header

IPv6 was developed to solve the IPv4 address exhaustion problem. To improve routing efficiency, the IPv6 header is streamlined and fixed at 40 bytes. Non-essential and optional fields were moved to "Extension Headers."

IPv6 Header Fields:

  • Version (4 bits): Value is 6 (binary 0110).
  • Traffic Class (8 bits): Similar to IPv4's Type of Service; used for Quality of Service (QoS) and packet prioritization.
  • Flow Label (20 bits): Used to maintain the sequential flow of packets belonging to a specific communication (e.g., real-time voice or video). It ensures all packets in a flow are routed along the same path.
  • Payload Length (16 bits): Specifies the size of the payload in bytes (including any extension headers). Unlike IPv4, it does not include the 40-byte base header.
  • Next Header (8 bits): Identifies the type of header immediately following the IPv6 header. This could be a Transport layer protocol (like TCP/UDP) or an IPv6 Extension Header.
  • Hop Limit (8 bits): Replaces the IPv4 TTL field. Decremented by 1 at each router; packet is discarded when it reaches 0.
  • Source Address (128 bits): The IPv6 address of the sender.
  • Destination Address (128 bits): The IPv6 address of the intended recipient.

Extension Headers

Instead of incorporating options into the main header, IPv6 uses optional extension headers placed between the main header and the payload. Examples include: Hop-by-Hop Options, Routing, Fragment, Encapsulating Security Payload (ESP), and Authentication Header (AH).


3. IPv6 Addressing

IPv6 addresses are 128 bits long, providing a virtually inexhaustible address space ( addresses).

Representation

  • Written in hexadecimal.
  • Divided into eight 16-bit blocks, separated by colons (:).
  • Example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334

Compression Rules

  1. Leading Zeros: Leading zeros in any 16-bit block can be omitted. (e.g., 0db8 becomes db8).
  2. Zero Compression: Consecutive blocks of all zeros can be replaced with a double colon (::). This can only be used once in an address to avoid ambiguity.
    • Example compressed: 2001:db8:85a3::8a2e:370:7334

Types of IPv6 Addresses

  • Unicast: Identifies a single interface. A packet sent to a unicast address is delivered to the interface identified by that address.
    • Global Unicast: Equivalent to IPv4 public addresses. Routable on the Internet.
    • Link-Local Unicast: Used for communication on a single local network segment (starts with fe80::/10).
    • Unique Local: Equivalent to IPv4 private addresses (starts with fc00::/7).
  • Multicast: Identifies a group of interfaces. A packet sent to a multicast address is delivered to all interfaces in the group (starts with ff00::/8).
  • Anycast: Identifies a group of interfaces, but a packet sent to an anycast address is delivered to only one of the interfaces (the nearest one, based on routing protocols).
  • Note: IPv6 does not use broadcast addresses; multicast replaces broadcasting.

4. Network Address Translation (NAT)

NAT is a mechanism used by routers/firewalls to translate private IP addresses (which are non-routable on the Internet) into a single or multiple public IP addresses. This conserves the limited IPv4 address space and adds a layer of security by hiding the internal network structure.

Types of NAT

  1. Static NAT: A one-to-one mapping between a specific private IP address and a specific public IP address. Used primarily for servers that need to be accessible from the outside (e.g., Web Servers).
  2. Dynamic NAT: Maps a private IP address to a public IP address drawn from a pool of available public IPs. The mapping is temporary.
  3. Port Address Translation (PAT) / NAT Overload: The most common form of NAT. It maps multiple private IP addresses to a single public IP address by utilizing different Transport Layer port numbers to distinguish between internal hosts' traffic.

5. NETWORK LAYER: Routing

Routing is the process of selecting a path for traffic in a network or between or across multiple networks. While forwarding is the local action of moving an arriving packet from an input link to the appropriate output link, routing is the network-wide process that determines end-to-end paths that packets take from source to destination.


6. Unicast Routing Protocols

Unicast routing protocols determine the best path between a single source and a single destination. The internet is divided into Autonomous Systems (AS) — logical groupings of networks managed by a single administrative domain.

Classifications

  • Interior Gateway Protocols (IGP): Used for routing within an Autonomous System.
    • Examples: RIP (Routing Information Protocol), OSPF (Open Shortest Path First), IS-IS, EIGRP.
  • Exterior Gateway Protocols (EGP): Used for routing between different Autonomous Systems.
    • Example: BGP (Border Gateway Protocol).

7. Routing Algorithms

Routing protocols rely on routing algorithms to compute the best paths. The "best" path usually means the path with the lowest cost (which could be measured in terms of hop count, delay, bandwidth, or a combination of metrics).

Types of Algorithms

  • Static Routing: Routes are manually configured by a network administrator. Does not adapt to network topology changes.
  • Dynamic Routing: Routers run algorithms to dynamically discover networks and update routing tables when topology changes occur. The two primary dynamic routing algorithm classes are Distance Vector and Link State.

8. Routing Algorithm - Shortest Path Algorithm

The goal of shortest-path routing is to find a path between two nodes (source and destination) such that the sum of the weights (costs) of its constituent edges is minimized.

Dijkstra's Algorithm

The most famous shortest-path algorithm, heavily used in Link State routing (like OSPF). It computes the shortest path from one node to all other nodes in the network.

  1. Initialization: The source node sets its own distance to 0 and all other nodes to infinity.
  2. Selection: The node with the smallest known distance is selected (initially the source).
  3. Update: The algorithm examines all neighbors of the selected node. It calculates the distance to the neighbor through the selected node. If this distance is smaller than the currently known distance to the neighbor, the neighbor's distance is updated.
  4. Iteration: The selected node is marked as "visited." The process repeats from step 2 for the unvisited node with the smallest known distance, until all nodes have been visited.

9. Distance Vector Routing

In Distance Vector (DV) routing, each router maintains a table (vector) giving the best known distance to each destination and the link to use to get there.

Key Concepts

  • Bellman-Ford Algorithm: The underlying mathematical algorithm.
  • Knowledge about the whole network: Each router shares its entire routing table.
  • Knowledge shared only with neighbors: Routers only send their routing tables to directly connected neighbors.
  • Periodic updates: Tables are shared at regular intervals (e.g., every 30 seconds in RIP).

Problems and Solutions in Distance Vector

  • Count to Infinity Problem: A routing loop occurs when routers continuously increment the metric to a failed network, believing the other router has a valid path.
  • Split Horizon: A rule preventing a router from advertising a route back onto the interface from which it was learned.
  • Poison Reverse: Instead of not advertising a route back, the router advertises it with an infinite metric (unreachable), actively breaking loops.

10. Link State Routing

In Link State (LS) routing, every router has a complete map (topology) of the entire network and calculates the shortest path independently.

Key Concepts

  • Dijkstra's Algorithm: Used to calculate the shortest path.
  • Knowledge about the neighborhood: Each router only shares information about its direct connections (link state).
  • Knowledge shared with everyone: This local connection information is flooded to all routers in the network using Link State Advertisements (LSAs).
  • Triggered updates: Updates are sent only when there is a topology change (e.g., a link goes down), not periodically.

Comparison: Link State vs. Distance Vector

Feature Distance Vector (e.g., RIP) Link State (e.g., OSPF)
Algorithm Bellman-Ford Dijkstra's
Information Shared Entire routing table Only direct link states
Shared With Neighbors only Entire network (flooding)
Updates Periodic (e.g., 30s) Triggered by topology changes
Convergence Slow (prone to routing loops) Fast
Resource Usage Low CPU/Memory High CPU/Memory