CHAPTER FOUR

Network Layer Addressing and Routing

 The network layer is
responsible for host-to-host
delivery and for routing the
packets through the router
 It provides services to the
transport layer at sender and
receives services from the
data-link layer at end side.
 The network card operates as a middleman
between a computer and a data network.
 It is responsible for handling the physical
transmission of data packets on a network.
 The NIC receives data from the network layer
(Layer 3) and prepares it for transmission over the
physical medium.
 Used in network layer to transmit data packets.
 Refers to the process of dividing data into smaller units called packets or datagrams for
transmission over a network.
 These packets typically consist of a header and a payload.
 The header contains control information,

source and destination addresses

packet sequence numbers
error detection codes
 other information for routing and delivery.
 The payload contains a portion of the original data or message.
Internet Protocol (IP):-
 is a protocol, or set of rules, for routing and
addressing packets of data so that they can
travel across networks and arrive at the correct
destination.
 Data traversing the Internet is divided into
smaller pieces, called packets.
 IP information is attached to each packet, and
this information helps routers to send packets to
the right place.
Communication at the network layer is host-
to-host (computer-to-computer);
The packet transmitted by the sending
computer may pass through several LANs or
WANs before reaching the destination
computer.
To do so, we need a global addressing
scheme;
we use the term IP address to mean a logical
address in the network layer.
 It is a system used to assign unique numerical identifiers
to devices connected to a computer network.
 It is a fundamental component of the Internet Protocol
(IP), which is responsible for routing and delivering
data packets across networks.
IP Version:
Two prevalent versions of IP are in use:
IPv4 (Internet Protocol version 4)
IPv6 (Internet Protocol version 6).
 IPv4 addresses are 32-bit binary numbers.
 IPv6 addresses are 128-bit binary numbers.
IPv4 ADDRESSES
An IPv4 address is a 32-bit address
IPv4 addresses are unique and universal.
They are unique in the sense that each address
defines one, and only one, connection to the
Internet.
Two devices on the Internet can never have the
same address at the time.
 Address Space
 An address space is the total number of addresses used by
the protocol
 If a protocol uses N bits to define an address, the address
space is 2 N because each bit can have two different values
(0 or 1) and N bits can have 2N values.
 IPv4 uses 32-bit addresses, which means that the address
space is 2 32 or 4,294,967,296 (more than 4 billion).
 This means that, theoretically, if there were no
restrictions, more than 4 billion devices could be
connected to the Internet

 Block size for class D = 228
 Block size for class E = 228
Mask
Cont…
 Subnetting is the process of dividing a single network into
multiple smaller subnetworks, or subnets.
 It involves partitioning an IP address space into smaller
segments to create more efficient and manageable network
structures.
 Subnetting provides several benefits,
Improved network performance
Enhanced security
Simplified network management.
 Classless Inter-Domain Routing (CIDR)
Drawback of Classful Addressing, is wastage of IP
address.
In order to reduce the wastage of IP addresses a new
concept of Classless Inter-Domain Routing is
introduced.
It is a method of IP address allocation and IP
routing that allows for more efficient use of IP
addresses.
CIDR is based on the idea that IP addresses can
be allocated and routed based on their network
prefix.
subnet mask in CIDR
subnet mask in CIDR, that makes the network
address larger and the possible range of host
addresses smaller.
 'borrowing' some of the bits used for the host
address, and using them for the network portion
of the address.
 The subnet mask 255.255.255.192 gives you four
networks of 62 hosts each. It works because in
binary notation, 255.255.255.192 is the same as
1111111.11111111.1111111.11000000.
 Example:- given 192.168.123.0/26
How many subnetting?
How many hosts in each subnet?
Calculate network ID for each subnetting.
Calculate host range for each subnetting.
Calculate the broadcast ID for each Sub-netting.
 Formula to calculate Sub-netting is 2n
Formula for to calculate host number 2n-2
 We take 22 =4 because we borrowing 2 bits from the host
side.
 The rest 6 bit is host. Hence 26-2 =62 hosts in each
subnetting.
 Using a subnet mask of 255.255.255.192, your
192.168.123.0 network then becomes the four
networks
 192.168.123.0, 192.168.123.64, 192.168.123.128
and 192.168.123.192. These four networks would
have as valid host addresses:
192.168.123.1-62
192.168.123.65-126
192.168.123.129-190
192.168.123.193-254
You can see how it works by looking at two
host addresses, 192.168.123.71 and
192.168.123.133. If you used the default Class
C subnet mask of 255.255.255.0, both
addresses are on the 192.168.123.0 network.
However, if you use the subnet mask of
255.255.255.192, they are on different
networks; 192.168.123.71 is on the
192.168.123.64 network, 192.168.123.133 is on
the 192.168.123.128 network.
CIDR…
 CIDR addresses are represented using a slash
notation, which specifies the number of bits in
the network prefix.
 For example, an IP address of 192.168.1.0 with
a prefix length of 24 would be represented as
192.168.1.0/24.
 This notation indicates that the first 24 bits of
the IP address are the network prefix and the
remaining 8 bits are the host identifier.
Two-Level Hierarchy: No
Subnetting
 An IP address can define only two levels of hierarchy
when not subnetted.
 The n leftmost bits of the address x.y.z.t/n define the
network (organization network);
 The two common terms are prefix and suffix.
 The part of the address that defines the network is
called the prefix; the part that defines the host is called
the suffix.
 The prefix is common to all addresses in the network;
the suffix changes from one device to another
Three-Levels of Hierarchy: Subnetting
An organization that is granted a large block of
addresses may want to create clusters of networks
(called subnets) and divide the addresses between
the different subnets.
The rest of the world still sees the organization as
one entity;
however, internally there are several subnets.
Three-Levels of Hierarchy: Subnetting
 All messages are sent to the router address that connects
the organization to the rest of the Internet;
 the router routes the message to the appropriate subnets.
 The organization, however, needs to create small
subblocks of addresses, each assigned to specific subnets.
The organization has its own mask;
 each subnet must also have its own network address.
192.168.10.224/26
What is network id?
11000000.10101000.00001010.11100000
11111111.11111111.11111111.11000000 make the AND
______________________________________________
11000000.10101000.00001010.11000000 =192.168.10.192 is
network ID
Example1.
 Suppose an organization is given the
block 17.12.14.0/26, which contains 64
addresses. The organization has three
offices and needs to divide the addresses
into three subblocks of 32, 16, and 16
addresses.
 Example2. 200.192.10.0/24 create 10 subnet.
 Public and Private IP Addresses

 A public IP address is an address provided that is

provided by internet service provider (ISP) to your
network.
 The internet is accessed through your router's public IP
address.
 No one can not go online without having your public IP
address, which identifies your device on the internet.
 What is a Private IP Address?
A private IP address, also known as the local IP address, is
the IP address your network router allocates to your device.
 This address is only visible within your network, so it is
unavailable on the internet.
 Each device on the same network is assigned a unique
private IP address that allows them to communicate with
other devices.
 The device in your home can have the same private IP
address as your neighbors' device or anyone else's all over
the world, with private IP addresses.
 A private IP address is assigned to a device within a
private network, such as a local area network (LAN)
or a home network.

 Private IP addresses are not globally unique and

are used for internal communication within a
private network.
 Common private IP address ranges include:
 10.0.0.0 to 10.255.255.255 (10.0.0.0/8)
 172.16.0.0 to 172.31.255.255 (172.16.0.0/12)
 192.168.0.0 to 192.168.255.255 (192.168.0.0/16)
 A private IP address cannot be used to access the
Internet and remains only in the local network.
 Class A. Ranging from 10.0.0.0 to 10.255.255.255, it is
for large networks and has 8 bits for the network and 24
for hosts.
 Class B. Ranging from 172.16.0.0 to 172.31.255.255, it
is used for medium networks and has 16 bits for the
network and 16 for hosts.
 Class C. Ranging from 192.168.0.0 to 192.168.255.255,
it is for smaller networks and has 24 bits for the
network and 8 for hosts
When two computers within the same
network communicate over the internet,
they would typically use public IP
addresses?
Network Address Translation (NAT)
The idea of NAT is to allow multiple devices to
access the Internet through a single public address.

(NAT) is a process in which one or more local IP

address is translated into one or more Global IP
address
 and vice versa in order to provide Internet access
to the local hosts.
Network Address Translation (NAT) working?
When a packet traverse outside the local
(inside) network, then NAT converts that
local (private) IP address to a global
(public) IP address.
 When a packet enters the local network,
the global (public) IP address is converted
to a local (private) IP address.
 PAT is an extension to NAT.
 is a technique used in NAT to map multiple private IP
addresses to a single public IP address by using
different port numbers.

 PAT allows multiple devices within a private network

to share a single public IP address for internet
connectivity.
Port mapping: When a device from the local network
initiates an outbound connection to the internet, the router
performs port mapping.
 It assigns a unique port number to the connection along
with the source private IP address.

Translation table:- The router maintains a translation table

that keeps track of the mapping between the private IP
addresses and the assigned port numbers.
 Outgoing traffic: When the device sends data to internet, the
router modifies the source IP to its own public IP.
 and replaces the source port number with the assigned port
number from the translation table.
 This allows multiple devices within the local network to share
the same public IP address.

 Incoming traffic: When a response comes back from the

internet, the router examines the destination port number.
 It refers to the translation table to determine the
corresponding private IP address and port number.
 The router then forwards the incoming data packet to the
appropriate device within the local network based on the
mapping.
Class activity

 1. What is NAT and how NAT works?

 2.Investigate the global IP address scheme of Dilla
University and how they used it in NAT.
 How PAT is Working , discuss in our University
case.
 Address Mapping
 The delivery of a packet to a host or a router requires two
levels of addressing: logical and physical.
 We need to be able to map a logical address to its
corresponding physical address and vice versa.
 This can be done by using either static or dynamic mapping.
 IP is used for logical addressing
 MAC is used for physical addressing in a local network such
as Ethernet
 Mapping Logical to Physical Address: ARP
 Address Resolution Protocol (ARP):- is a protocol used to map
logical addresses (IP addresses) to physical addresses (MAC
addresses) within a local network.
 It is enables communication between devices on the same network.
 When a device wants to send data to another device within the same network,
it needs to know the MAC address of the destination device.
 The MAC address is a unique identifier assigned to each network interface
card (NIC).
ARP …
 Function: ARP is used to resolve or map an IP
address to a MAC address within a local network.
 Direction: ARP resolves logical (IP) addresses to
physical (MAC) addresses.
 Operation: When a device wants to send data to
another device on the same network, it uses ARP
to determine the MAC address associated with the
IP address of the destination device.
 Mapping Physical to Logical Address:
RARP
 Reverse Address Resolution Protocol (RARP) :-
 Function: RARP performs the reverse operation of ARP. It
resolves or maps a MAC address to an IP address.
 Direction: RARP resolves physical (MAC) addresses to
logical (IP) addresses.
 Operation: RARP is typically used by diskless workstations
or thin clients to obtain their IP address from a server. The
diskless workstation broadcasts its MAC address and
requests an IP address assignment from the RARP server.
The RARP server then responds with the corresponding IP
address.
 RARP is used when:-
 1.A diskless station is just booted. The station can
find its physical address by checking its interface,
but it does not know its IP address.
 2.An organization does not have enough IP
addresses to assign to each station; it needs to
assign IP addresses on demand. The station can
send its physical address and ask for a short time
lease.
 ICMP: Internet Control Message Protocol

 The IP protocol has no error-reporting or error-correcting

mechanism.
 The IP protocol also lacks a mechanism for host and
management queries.
 The Internet Control Message Protocol (ICMP) has been
designed to compensate for the above two deficiencies.
 It is a companion to the IP protocol.
 PING and TRACEROUTE are two tools for ICMP
ICMP: Internet Control Message Protocol…
ICMP is a network layer protocol used by
network devices to diagnose network
communication issues.
 ICMP is mainly used to determine whether or not data is
reaching its intended destination in a timely manner.
 Commonly, the ICMP protocol is used on network
devices, such as routers .
 ICMP is crucial for error reporting and testing network
communication issues.
 ICMP…
Types of Messages:-
 ICMP messages are encapsulated within IP packets and are used
to communicate information about network conditions, errors, and
other troubleshooting information.
 ICMP Echo Request (Type 8)
 ICMP Echo Reply (Type 0)
 ICMP Destination Unreachable (Type 3)
 ICMP Time Exceeded (Type 11)
 ICMP Redirect (Type 5)
 ICMP Router Advertisement (Type 9)
ICMP Message Format
 message includes an 8-byte header and a variable size data format.
ICMP Message Format…
 Type: It is an 8-bit field. It represents the ICMP
message type. The values area from 0 to 127 are
described for ICMPv6, and the values from 128 to 255
are the data messages.
 Code: It is an 8-bit field that represents the subtype
of the ICMP message.
 Checksum: It is a 16-bit field to recognize whether
the error exists in the message or not
ICMP Error Reporting and Query
 ICMPv6
 It serves similar purposes as ICMP in IPv4 networks,
providing error reporting, diagnostic, and management
capabilities.
 ICMPv6 introduces new message types and functionalities to
address the features and requirements of IPv6.
Here are some key features and uses of ICMPv6:
1. Neighbor Discovery(ND):
 ICMPv6 includes Neighbor Discovery messages that replace
the Address Resolution Protocol (ARP) in IPv4.
 ICMPv6…
2. Multicast Listener Discovery:
ICMPv6 Multicast Listener Discovery messages
facilitate the management of IPv6 multicast group
membership by hosts and routers.
3. CMPv6 Error Message Filtering:
ICMPv6 allows for more flexible and fine-grained
filtering of error messages compared to ICMP in
IPv4.
4. Redirect: ICMPv6 :-
Redirect messages inform hosts about a better next-hop
router for a specific destination.
 (Internet Group Management Protocol)
IGMP:

 IGMP is a communication protocol used by hosts

and adjacent routers for multicasting
communication with IP networks
its uses the resources efficiently to transmit the
message/data packets.
Multicast communication can have single or
multiple senders and receivers
 IGMP can be used in streaming videos, gaming or
web conferencing tools.
IGMP Messages
 IGMP Operation
 It enables hosts to join or leave multicast groups and allows
routers to learn which hosts belong to specific multicast
groups.
 IGMP operates at the network layer (Layer 3) of the OSI
model.
Host Group Joining:
When a host wants to receive multicast traffic for a specific
group, it sends an IGMP Membership Report message to its
local router.
 This message indicates the host's interest in joining the
multicast group. The router records the host's membership
for that group.
 IGMP Operation…
Membership Reports:
Hosts respond to IGMP Queries by sending IGMP Membership Report
messages.
These messages indicate the multicast groups to which the hosts
belong..
Leave Group:
 When a host no longer wishes to receive multicast traffic for
a specific group, it sends an IGMP Leave Group message to
its local router.
 The router checks if there are any other members in the
group.
 Encapsulation in IGMP
 Encapsulation refers to the process of including IGMP
messages within IP packets for transmission over an IP
network.
 IGMP messages are encapsulated within IP packets to
ensure their proper delivery and interpretation by routers
and hosts.
 When an IGMP message is encapsulated, it becomes the
payload of an IP packet.
 Netstat
The netstat command is a utility used to display network-
related information on a system.
It provides information about connections, routing tables, network
interfaces
netstat -a: This option displays all active network connections,
including the local IP address and port numbers associated
with each connection.
netstat -n: By default, netstat attempts to resolve IP addresses
to hostnames. The -n option prevents hostname resolution and
displays IP addresses as numerical values.
netstat -r: This option shows the routing table, which contains
information about network destinations and the associated IP
addresses.
 Routing and forwarding
Routing
 The network layer is responsible for routing the packet
from its source to the destination.
 A physical network is a combination of networks (LANs
and WANs) and routers that connect them.
 This means that there is more than one route from the
source to the destination.
 The network layer is responsible for finding the best one
among these possible routes. The network layer needs to
have some specific strategies for defining the best route.
 Forwarding
 If routing is applying strategies and running some routing
protocols to create the decision-making tables for each router,
forwarding can be defined as the action applied by each router
when a packet arrives at one of its interfaces.
 The decision-making table a router normally uses for applying
this action is sometimes called the forwarding table and
sometimes the routing table.
 When a router receives a packet from one of its attached
networks, it needs to forward the packet to another attached
network (in unicast routing) or to some attached networks (in
multicast routing).
 Routing algorithms
 A routing algorithm is a routing protocol determined by the
network layer for transmitting data packets from source to
destination.
 This algorithm determines the best or least-cost path for
data transmission from sender/source to receiver/destination
Types of routing Algorithms
1. static routing. In such a category, routing tables (tables with
all available routes in a router) are manually defined.
 In practice, it means that the network operators set up all the
routing table entries of a static router.
 We commonly use static routers with networks in which
connections and data transmission parameters are known and do
not vary much.
 A sub-category of static routing consists of default
routing. Routers adopt a default route when it does not have any
precise routing entry that fits a data transmission.
 However, some routers can use the strategy of only having a
default route: the default routing.
 We can use it, for example, when a router is directly connected to
an Internet Service Provider.
2. dynamic routing. In this case, the routers create and update
routing tables in runtime and based on the network conditions.
 For instance, dynamic routers can adapt their routers if a link
goes down or gets overloaded.
There exist two classes of dynamic routing:
Distance vector-based and link state-based.
 Distance vector-based dynamic routing
 Distance vector-based dynamic routing considers that the best path between
two entities communicating with each other is the shortest one.
 In this case, distance does not represent physical distance but hops,
typically.
 A hop is, in short, a device that processes the network traffic before it
reaches its destination.
 However, it is relevant to highlight that we can use other metrics to measure
distance and determine the shortest routing path, such as delay.
 A distance vector-based router communicates and evaluates paths only
between them and their immediate neighbors.
 So, routers share their information about the network with their neighbors,
enabling them to calculate the distance between them and a particular
destination.
 Let’s consider that the distance metric is hops, and there is a packet in router R1
that must reach server S, as depicted next:

73
 With a hop-based routing strategy, R1 will choose the path
through the router R4 since it will result in two hops until the
packet reaches the destination.
 On the other hand, if router R1 selected router R2, it would
result in three hops until the packet reaches its destination,
which is not the best option in such a scenario.
 A problem related to distance vector-based routing is that
updating routing tables is a slow process.
 So, bad news typically takes a long time to reach some routers,
and the convergence time (time to a router producing an
updated routing table) is long. Furthermore, there are loop-
sensitive protocols.
74
 The most popular distance vector-based routing protocol is
the Routing Information Protocol (RIP).
 In summary, it defines a periodic update time for a router
to update its table, broadcasting (V1) or multicasting (V2)
the updated to its neighbors.
 The RIP protocol defines a series of timers to control a
router’s lifecycle: update, invalidation, hold down, and
flush.
 These timer helps the routers to keep their tables valid and
with recent information.

75
 Link state routing protocols have a broad perspective of the network instead of
working with the state of the neighbors’ routers, like distance vector routing
protocols. To keep track of the state of the entire network, the routers using link
state-based protocols have three tables:
 Route Table: sometimes called Forwarding Database, the routing table defines the
network traffic forwarding rules of a given router
 Topology Map: also called Link State Database, this table holds topological
information about the working network
 Neighbors Table: sometimes referred to as Adjacency Database, it keeps data and
routing details about directly connected neighbors of a given router.

76
 For building these tables, we can summarize the operation
of link state-based routers in four simple steps:
 Discover the neighbor routers by sending and receiving hello
messages. It will enable a particular router to build its neighbor
table
 Measure the costs to communicate with an adjacent router, thus
flooding the information to the network domain; routers repeat
such a process (fully or partially) every time the network changes,
flooding update messages
 Receive route updates from other routers. So, the routers can build
and maintain the topology map of the network
 Build a logical tree with the current router as the root. Thus, the
router can execute shortest-path first algorithms (typically
Dijkstra) to allocate the paths with the lowest cost for all the
possible destinations in its routing table
77
 Link state-based routers can employ different metrics to
determine the shortest path to a destination.
 For example, they can adopt bandwidth, delay, or jitter as the
optimization criteria.
 Let’s consider the same example of the previous section, where
there is a packet in router R1 that must reach server S.
 However, now we have the information about the transmission
delay between the connected entities:

78
With a minimum delay-based routing strategy and knowing the state of the
entire network, R1 will choose to send the network traffic to R2, which in turn
will send it to R3, then to R5, and finally reach the destination.
The described path results in a total delay of 150ms. The alternative path,
from R1 to R4 and then R5, results in a total delay of 240ms, making it a worse
option.
The major problem with link state-based routing protocols is that it generates
heavy control traffic due to the routers flooding updates in the network.
Furthermore, these flooding events can create transmission loopings, which
make the overloading problem even worse. However, we can mitigate these 79
looping problems by properly configuring the packets’ Time To Live (TTL)
 The most known link state-based protocols are called Open Shortest Path First
(OSPF) and Intermediate System to Intermediate System (IS-IS).
 Both protocols implement the basics of link state-based routing, as previously
described in this section.
 Moreover, they have other relevant similarities, such as being interior gateway
protocols (exchange data between gateways of a single autonomous system, such
as between local networks of a corporation), providing authentication methods,
and supporting an unlimited number of hops count to route a packet.
 However, these protocols also present some differences. Examples are that OSPF
runs on the network layer and IS-IS runs on the data link layer; OSPF supports
working with virtual links and IS-IS does not; and OSPF identifies routers
through the Router ID while IS-IS uses a System ID.

80
Unicasting, Multicasting and Broadcasting
IPv6 supports three address types:
 Unicast: Provides one-to-one transmission service to
individual interfaces, including server farms sharing a single
address. IPv6 supports several types of unicast addresses,
including global, link-local, and unique local.
 Multicast: Provides one-to-many transmission service to
groups of interfaces identified by a single multicast address.
 Anycast: Provides one-to-one-of-many transmission service to
groups of interfaces, only the nearest of which (measured by
the number of intermediate routers) receives the
transmission.

IPv6 ADDRESSES
 Despite all short-term solutions, address
depletion is still a long-term problem for the
Internet. This and other problems in the IP
protocol itself have been the motivation for IPv6.
 An IPv6 address is 128 bits or 32 hexadecimal
digits long
Abbreviated IPv6 addresses
THANKS
!!!