COMPUTER NETWORK

(BCSC 0008)
MODULE-2
NOTES
BY: ROHIT AGARWAL
(Teaching Associate)
(CSE Dept)
MODULE-2
NETWORK LAYER
TRANSPORT LAYER
APPLICATION LAYER
IPv4 VS IPv6
NETWORK
LAYER
DOTTED DECIMAL NOTATION OF
IP ADDRESS
HEXADECIMAL NOTATION OF IP
ADDRESS
IP ADDRESS CLASSES
IP ADDRESS CLASSES
IP ADDRESS DISTRIBUTION
WITHIN A NETWORK
 Subnetting
• What is subnetting
– Process of subdividing a single class of network
into multiple subnetworks.
– A subnetted network address contains a network
address, subnet address and host address.
 Subnetting
• What is subnetting
– Process of subdividing a single class of network
into multiple subnetworks.
– A subnetted network address contains a network
address, subnet address and host address.
 Subnet Masks

• Tells the device which bits are host address

and network address.
Class Subnet Binary
Mask
255.0.0.0 11111111.00000000.00000000.00000000
A
255.255.0.0 11111111. 11111111. 00000000.00000000
B
255.255.255.0 11111111. 11111111. 1111111.00000000
C
 Subnet Masks

• Tells the device which bits are host address

and network address.
Class Subnet Binary
Mask
255.0.0.0 11111111.00000000.00000000.00000000
A
255.255.0.0 11111111. 11111111. 00000000.00000000
B
255.255.255.0 11111111. 11111111. 1111111.00000000
C
 32 BITS

BLOCK ID HOST ID

Notation Used
x.y.z.w/n
Here n shows number of network bits

For eg. 200.10.20.40/28 is a CIDR address

Subnet Mask: 11111111.11111111.11111111.11110000
For Eg. Using CIDR, Find out total no. of
a) Network bits
b) Host bits
c) Possible Hosts
d) Network/Block ID

Of following IP 200.10.20.40/28
On comparing given IP 200.10.20.40/28
with Notation x.y.z.w/n

Here n=28
So total network bits=28 out of 32
So host bits=32 – 28 = 4
Total no. of Possible Hosts= 24 = 16

32 BITS

BLOCK ID HOST ID
28 Bits 4 Bits
 As network is 28 bits and host is 4 bits
So subnet mask is
11111111.11111111.11111111.11110000
255 . 255 . 255 . 240
Given IP is 200.10.20.40
On doing AND operation over binary of Last Octet
of given IP with Subnet Mask we get network ID

240 11110000
40 00101000
------------------------
32 00100000
So Network id/Block id is 200.110.200.32/28
 Rules for CIDR Addressing
• Address should be contiguous.
• Number of addresses in a block must be
in power of 2

• First address of every block must be

evenly divisible with size of blocks/total
hosts.
 SUBNETTING IN CIDR
Subnetting in CIDR is same as Classful IP
addressing
Bits in host will be used as subnet purpose
and to be fixed for a particular network
So number of subnetworks = 2m
where m= no. of subnet bits
For eg. Network S divides into two subnetworks S1 and S2

195.10.20.128/27 –
195.10.20.159/27

Subnetwork
Network Divide S1
S
Subnetwork
S2

195.10.20.128/26 195.10.20.160/27 –
195.10.20.191/27
Variable Length Subnet Masking(VLSM)
Technique to make subnetworks of different
different sizes
Network allow of different size
subnetworks are known as Flexibility

VLSM applied in both Classful and

Classless Addressing
Always Remember: Only host bits used for
subnetting
 VLSM in Classful Addressing
For eg. Network S divides into three subnetworks
S1(50%), S2(25%) and S3(25%) of different sizes

Subnetwork
Network Divide S1 Subnetwork
S S2

Subnetwork
S3

200.10.20.0
 200.10.20.00000000

200.10.20.00000000 200.10.20.10000000
S1
200.10.20.10000000 200.10.20.11000000
S2 S3

Subnetwork
Network Divide S1
Subnetwork
S2
S

Subnetwork
S3
 Subnet Mask S1
255.255.255.128
Availlable Subnet Mask S2
Subnetwork 255.255.255.192
hosts
S1
128-2=126 Availlable
Subnetwork hosts
200.10.20.00000000 – S2
200.10.20.01111111 64-2=62
200.10.20.10000000 –
200.10.20.0 - 200.10.20.127 200.10.20.101111111
200.10.20.128 –
Subnetwork 200.10.20.191
S3
200.10.20.11000000 –
200.10.20.111111111
Total Availlable
200.10.20.192 - 200.10.20.255
hosts
256-6=250
Availlable
Subnet Mask S3 hosts
255.255.255.192 64-2=62
Variable Length Subnet Masking(VLSM)
If n=number of Subnets

Total Usuable Hosts=Total Hosts – 2n

 VLSM in CIDR
For eg. Network S divides into three subnetworks
S1(50%), S2(25%) and S3(25%) of different sizes

Subnetwork
Network Divide S1 Subnetwork
S S2

Subnetwork
S3

245.248.128.0/20
 245.248.10000000.00000000

245.248.10000000.00000000 245.248.10001000.00000000
S1
245.248.10001000.00000000 245.248.10001100.00000000
S2 S3

Subnetwork
Network Divide S1
Subnetwork
S2
S

Subnetwork
S3
 Subnetwork
S1
245.248.10000000.00000000 – Subnetwork
245.248.10000111.11111111 S2
245.248.10001000.00000000 –
245.248.128.0/21 – 245.248.10001011.11111111
245.248.135.255/21 245.248.136.0/22 –
Subnetwork 245.248.139.255/22
S3

245.248.10001100.00000000 –
245.248.10001111.11111111
245.248.140.0/22 –
245.248.143.255/22
INTERNETWORKING
&
CONNECTING
DEVICES
ADDRESS
MAPPING
 IP Address
Physical IP Logical IP
(MAC) (IP)
(Private) (Publically Shared)
48 Bit or 6 Byte 32 Bit or 4 Byte

Mapping
Logical IP Physical IP

BroadCasting to establish connection

for data transfer
HANDSHAKING
C F

X X
B E

A A A C D
(MAC) (IP) FFFFFFFF
(IP)

Sender info Receiver info

 A A C FFFFFFFF
(IP) (MAC) (IP)

C Sender info Receiver info F

X X
B E

A D
 C C A A
(IP) (MAC) (IP) (MAC)

Sender info Receiver info

C F

X X
B E

A D
Address Mapping
Host to Host
(H to H)

Host to Router
(H to R)

Router to Host
(R to H)

Router to Router
(R to R)
FORWARDING
&
DELIVERY
 DELIVERY
The network layer supervises the handling of the
packets by the underlying physical networks. We define
this handling as the delivery of a packet.

DELIVERY

DIRECT INDIRECT
Figure 22.1 Direct and indirect delivery

22.58
 FORWARDING

Forwarding means to place the packet in its route to its

destination. Forwarding requires a host or a router to
have a routing table.

When a host has a packet to send or when a router has

received a packet to be forwarded, it looks at this table
to find the route to the final destination.
Figure 22.2 Route method versus next-hop method

22.60
Figure 22.3 Host-specific versus network-specific method

22.61
Figure 22.4 Default method

22.62
Figure 22.5 Simplified forwarding module in classless address

22.63
 Example 22.1

Make a routing table for router R1, using the configuration

in Figure 22.6.

Solution
Table 22.1 shows the corresponding table.

22.64
Figure 22.6 Configuration for Example 22.1

22.65
 Table 22.1 Routing table for router R1 in Figure 22.6

22.66
Figure 20.5 IPv4 datagram format

20.67
Figure 20.6 Service type or differentiated services

20.68
 Note

The precedence subfield was part of

version 4, but never used.

20.69
 Table 20.1 Types of service

20.70
 Table 20.2 Default types of service

20.71
 Table 20.3 Values for codepoints

20.72
 Note

The total length field defines the total

length of the datagram including the
header.

20.73
Figure 20.7 Encapsulation of a small datagram in an Ethernet frame

20.74
Figure 20.8 Protocol field and encapsulated data

20.75
 Table 20.4 Protocol values

20.76
 Example 20.1

An IPv4 packet has arrived with the first 8 bits as shown:

01000010
The receiver discards the packet. Why?

Solution
There is an error in this packet. The 4 leftmost bits (0100)
show the version, which is correct. The next 4 bits (0010)
show an invalid header length (2 × 4 = 8). The minimum
number of bytes in the header must be 20. The packet has
been corrupted in transmission.

20.77
 Example 20.2

In an IPv4 packet, the value of HLEN is 1000 in binary.

How many bytes of options are being carried by this
packet?

Solution
The HLEN value is 8, which means the total number of
bytes in the header is 8 × 4, or 32 bytes. The first 20 bytes
are the base header, the next 12 bytes are the options.

20.78
 Example 20.3

In an IPv4 packet, the value of HLEN is 5, and the value

of the total length field is 0x0028. How many bytes of
data are being carried by this packet?

Solution
The HLEN value is 5, which means the total number of
bytes in the header is 5 × 4, or 20 bytes (no options). The
total length is 40 bytes, which means the packet is
carrying 20 bytes of data (40 − 20).

20.79
 Example 20.4

An IPv4 packet has arrived with the first few hexadecimal

digits as shown.
0x45000028000100000102 . . .
How many hops can this packet travel before being
dropped? The data belong to what upper-layer protocol?

Solution
To find the time-to-live field, we skip 8 bytes. The time-to-
live field is the ninth byte, which is 01. This means the
packet can travel only one hop. The protocol field is the
next byte (02), which means that the upper-layer protocol
is IGMP.
20.80
Figure 20.9 Maximum transfer unit (MTU)

20.81
 Table 20.5 MTUs for some networks

20.82
ROUTING
 With in Between
Autonomous System Autonomous System
Figure 14.1 Autonomous systems

An autonomous system is a set of networks and routers under

the control of a single administrative authority.
Routing within an autonomous system is intradomain routing.
Routing between autonomous systems is interdomain routing.

86
Figure 14.2 Popular routing protocols

87
14.2 DISTANCE VECTOR ROUTING

In distance vector routing, the least cost

route between any two nodes is the route
with minimum distance.

In this protocol each node maintains a

vector (table) of minimum distances to
every node
Figure 14.3 Distance vector routing tables

89
 Figure 14.4 Initialization of tables in distance vector routing

In distance vector routing, each node shares its table with its
immediate neighbor periodically (eg every 30s) and when
there is a change.
90
 Figure 14.5 Updating in distance vector routing

Step 1: Add cost (2) to table received from neighbor (C).

Step 2: Compare Modified Table with Old Table (row by row).
If Next node entry is different, select the row with the smaller
cost. If tie, keep the old one.
If Next node entry the same, select the new row value (regard-
less of whether new value is smaller or not).

91
Figure 14.6 Two-node instability – what can happen with distance vector routing
Count to Infinity Problem
Both A and B know
where X is.

Link between A and X

fails. A updates its
table immediately.
But before A can tell B,
B sends its info to A!

A, using B’s info, up-

dates its table (error!).

Then A send its table

to B and B updates its
table (more error).
Both routers keep up-
dating tables, eventually
hitting infinity. In
the meantime, chaos!
92
 Figure 14.6 Two-node instability – what can happen with distance vector routing

Possible Solutions to two-node instability:

1. Define infinity to be a much smaller value, such as 100. Then it doesn’t take too
long to become stable. But now you can’t use distance vector routing in large
networks.

2. Split Horizon – instead of flooding entire table to each node, only part of its
table is sent. More precisely, if node B thinks that the optimum router to
reach X is via A, then B does not need to advertise this piece of info to A – the
info has already come from A.

3. Split Horizon and Poison Reverse – Normally, the distance vector protocol uses
a timer. If there is no news about a route, the node deletes the route from its
table. So when A never hears from B about the route to X, it deletes it.
Instead, Node B still advertises the value for X, but if the source of info is A, it
replaces the distance with infinity, saying “Do not use this value; what I know
about this route comes from you.”
93
Three-node instability – no solutions here!

94
14.3 RIP

The Routing Information Protocol (RIP)

is an intradomain routing protocol used
inside an autonomous system.

It is a very simple protocol based on

distance vector routing.
96
• RIP implements the same algorithm as the distance-vector
routing algorithm we discussed in the previous section.
However, some changes need to be made to the algorithm to
enable a router to update its forwarding table:
❑ Instead of sending only distance vectors, a router needs to
send the whole contents of its forwarding table in a response
message.
❑ The receiver adds one hop to each cost and changes the next
router field to the address of the sending router. We call each
route in the modified forwarding table the received route and
each route in the old forwarding table the old route.
• The received router selects the old routes as the new ones
except in the following
• three cases:
• 1. If the received route does not exist in the old
forwarding table, it should be added to the route.
• 2. If the cost of the received route is lower than the
cost of the old one, the received route should be
selected as the new one.
• 3. If the cost of the received route is higher than the
cost of the old one, but the value of the next router
is the same in both routes, the received route should
be selected as the new one.
Timers in RIP
• RIP uses three timers to support its operation. The periodic timer controls the
advertising of regular update messages. Each router has one periodic timer
that is randomly to a number between 25 and 35 seconds (to prevent all
routers sending their messages at the same time and creating excess traffic).
The timer counts down; when zero reached, the update message is sent, and
the timer is randomly set once again.
• The expiration timer governs the validity of a route. When a router receives
update information for a route, the expiration timer is set to 180 seconds for
that particular route. Every time a new update for the route is received, the
timer is reset. If there is a problem on internet and no update is received
within the allotted 180 seconds, the route is considered expired and the hop
count of the route is set to 16, which means the destination unreachable.
Every route has its own expiration timer.
• The garbage collection timer used to purge a route from the forwarding table.
When the information about a route becomes invalid, the router does not
immediately purge that route from its table. Instead, it continues to advertise
the route with a metric value of 16. At the same time, a garbage collection
timer is set to 120 seconds for that route. When the count reaches zero, the
route is purged from the table. This timer allows neighbors to become aware
of the invalidity of a route prior to purging.
 LINK STATE ROUTING

In link state routing, if each node in

the domain has the entire topology
of the domain,
the node can use Dijkstra’s
algorithm to build a routing table.

100
 Figure 14.15 Concept of link state routing

Every router has knowledge about the network, but101

from its own perspective.
Figure 14.16 Link state knowledge

Each router knows (maintains) its states of its links.

Each router floods this info (via a Link State Packet) to other
routers periodically (when there is a change in the topology,
or every 60 to 120 minutes).

Each router takes in this data and, using Dijkstra’s

algorithm, creates the shortest path tree and corresponding
routing table.

102
Figure 14.17 Dijkstra algorithm

103
Figure 14.18 Example of formation of shortest path tree

104
 Table 14.1 Routing table for node A

Now let’s try using the Dijkstra’s algorithm introduced in

TDC 361.

105
106
 OSPF
The Open Shortest Path First (OSPF)
protocol is an intradomain routing
protocol based on link state routing.

Its domain is also an autonomous

system.

Also known as Dijkistra’s Algorithm

Figure 14.19 Areas in an autonomous system

OSPF divides an autonomous system into areas. All networks

inside an area must be connected.

area border router; backbones; backbone routers;

boundary routers

The cost associated with a route is called the metric. Metric

could be min delay, max thruput, etc.

108
LSPs (Link State Packets)

109
 LSPs
1. Router Link: A router link advertises the existence of a
router as a node. In addition to giving the address of the
announcing router, this type of advertisement can define one or
more types of links that connect the advertising router to other
entities.
Figure 14.21 Point-to-point link

No hosts in between; T-1 connection common

111
 Types of link
• A transient link announces a link to a transient network,
a network that is connected to the rest of the networks
by one or more routers. This type of advertisement
should define the address of the transient network and
the cost of the link.
• A stub link advertises a link to a stub network, a
network that is not a through network. Again, the
advertisement should define the address of the network
and the cost.
• A point-to-point link should define the address of the
router at the end of the point-to-point line and the cost
to get there.
2. Network Link: A network link advertises the
network as a node. However, since a network
cannot do announcements itself (it is a passive
entity), one of the routers is assigned as the
designated router and does the advertising.
3. Summary link to network: This is done by an
area border router; it advertises the summary of
links collected by the backbone to an area or the
summary of links collected by the area to the
backbone.
 LSPs
4. Summary link to AS: This is done by an AS router
that advertises the summary links from other ASs to
the backbone area of the current AS, information
which later can be disseminated to the areas so
that they will know about the networks in other
ASs.
5. External link. This is also done by an AS router to
announce the existence of a single network outside
the AS to the backbone area to be disseminated
into the areas.
OSPF message format
14.6 PATH VECTOR ROUTING
Path vector routing is similar to distance vector routing. There is at least
one node, called the speaker node, in each AS that creates a routing table
and advertises it to other speaker nodes in the neighboring ASs..

The topics discussed in this section include:

Initialization
Sharing
Updating

TCP/IP Protocol Suite 116

 Figure 14.48 Initial routing tables in path vector routing

TCP/IP Protocol Suite 117

 Figure 14.49 Stabilized tables for four autonomous systems

TCP/IP Protocol Suite 118

14.7 BGP
Border Gateway Protocol (BGP) is an interdomain routing protocol using
path vector routing. It first appeared in 1989 and has gone through four
versions.

BGP interconnects three different types of AS:

1. Stub AS, e.g. a corporate network

2. Multihomed AS, e.g. a large corporate network with connections to

multiple ASs, but does not allow traffic to pass thru (transient)

3. Transit AS - one that allows transient traffic, such as an Internet

backbone

119
 Figure 14.50 Internal and external BGP sessions

TCP/IP Protocol Suite 121

 Figure 14.51 Types of BGP messages

TCP/IP Protocol Suite 122

 BGP Messages
Open Message. To create a neighborhood relationship, a router
running BGP opens a TCP connection with a neighbor and sends an
open message.
Update Message. The update message is the heart of the BGP
protocol. It is used by a router to withdraw destinations that have
been advertised previously, to announce a route to a new destination,
or both. Note that BGP can withdraw several destinations that were
advertised before, but it can only advertise one new destination (or
multiple destinations with the same path attributes) in a single update
message.
Keepalive Message. The BGP peers that are running exchange
keepalive messages regularly (before their hold time expires) to tell
each other that they are alive.
Notification. A notification message is sent by a router whenever an
error condition is detected or a router wants to close the session.
 Note:

BGP supports classless addressing and

CIDR.

TCP/IP Protocol Suite 124

 Note:

BGP uses the services of TCP

on port 179.
RIP uses the services of UDP on port
520.

TCP/IP Protocol Suite 125

 20-2 IPv4

The Internet Protocol version 4 (IPv4) is the delivery

mechanism used by the TCP/IP protocols.

Topics discussed in this section:

Datagram
Fragmentation
Checksum
Options

20.1
 Figure 20.4 Position of IPv4 in TCP/IP protocol suite

20.2
 Figure 20.5 IPv4 datagram format

20.3
 Header length (HLEN). This is a 4-bit field

This field is needed because the length of the

header is variable (between 20 and 60 bytes).

When there are no options, the header length is 20

bytes, and the value of this field is 5 (5 x 4 = 20).

When the option field is at its maximum size, the

value of this field is 15 (15 x 4 = 60).

20.4
 Service Type
First 3 bits are called precedence bits.
Next 4 bits are called type of service (TOS) bits.
Last bit is not used.

The precedence defines the priority of the

datagram

TOS bits is a 4-bit subfield with each bit having

a special meaning. Although a bit can be either
0 or 1,
20.5
 Table 20.1 Types of service

20.6
 Table 20.2 Default types of service

20.7
 Note

The total length field defines the total

length of the datagram including the
header.

20.8
 Identification

This 16-bit field identifies a datagram originating

from the source host. The combination of the
identification and source IPv4 address must uniquely
define a datagram as it leaves the source host.

20.9
 Figure 20.10 Flags used in fragmentation

20.10
 Flags. This is a 3-bit field.
The first bit is reserved.
The second bit is called the do Not fragment bit. If
its value is 1, the machine must not fragment the
datagram If its value is 0, the datagram can be
fragmented if necessary.
The third bit is called the more fragment bit. If its
value is 1, it means the datagram is not the last
fragment; there are more fragments after this one. If
its value is 0, it means this is the last or only
fragment

20.11
 Figure 20.8 Protocol field and encapsulated data

20.12
 Table 20.4 Protocol values

20.13
 Example 20.1

An IPv4 packet has arrived with the first 8 bits as shown:

01000010
The receiver discards the packet. Why?

Solution
There is an error in this packet. The 4 leftmost bits (0100)
show the version, which is correct. The next 4 bits (0010)
show an invalid header length (2 × 4 = 8). The minimum
number of bytes in the header must be 20. The packet has
been corrupted in transmission.

20.14
 Example 20.2

In an IPv4 packet, the value of HLEN is 1000 in binary.

How many bytes of options are being carried by this
packet?

Solution
The HLEN value is 8, which means the total number of
bytes in the header is 8 × 4, or 32 bytes. The first 20 bytes
are the base header, the next 12 bytes are the options.

20.15
 Example 20.3

In an IPv4 packet, the value of HLEN is 5, and the value

of the total length field is 0x0028. How many bytes of
data are being carried by this packet?

Solution
The HLEN value is 5, which means the total number of
bytes in the header is 5 × 4, or 20 bytes (no options). The
total length is 40 bytes, which means the packet is
carrying 20 bytes of data (40 − 20).

20.16
 Example 20.4

An IPv4 packet has arrived with the first few hexadecimal

digits as shown.
0x45000028000100000102 . . .
How many hops can this packet travel before being
dropped? The data belong to what upper-layer protocol?

Solution
To find the time-to-live field, we skip 8 bytes. The time-to-
live field is the ninth byte, which is 01. This means the
packet can travel only one hop. The protocol field is the
next byte (02), which means that the upper-layer protocol
is IGMP.
20.17
 A Datagram of 3000 B (20 B header +2980 B
Data) reached at router and must be forwarded
to a link with MTU of 500 B. how many
fragmentations will be generated and also write
MF (more fragment), offset and total length
value for all
3000 B

500 B
Router N/W
20+480

20+2980

2980/480= 7 fragment
20.18
 P7 P6 P5 P4 P3 P2 P1
100+20 480+20 480+20 480+20 480+20 480+20 480+20

0 1 1 1 1 1 1 MF
360 300 240 180 120 60 0 Offset

For P2
Offset=480/8=60
For P3
Offset=480+480/8=120
20.19
 An IP datagram of size 1000 bytes arrives at a router. The router has
to forward this packet on a link whose MTU (maximum
transmission unit) is 100 bytes. Assume that the size of the IP header
is 20 bytes. The number of fragments that the IP datagram will be
divided into for transmission is :

Note : This question was asked as Numerical Answer Type.

(A) 10
(B) 50
(C) 12
(D) 13

20.20
 MTU = 100 bytes
Size of IP header = 20 bytes
So, size of data that can be transmitted in one
fragment = 100 – 20 = 80 bytes
Size of data to be transmitted = Size of datagram –
size of header = 1000 – 20 = 980 bytes

Now, we have a datagram of size 1000 bytes.

So, we need ceil(980/80) = 13 fragments.

Thus, there will be 13 fragments of the datagram.

20.21
 An IP router with a Maximum Transmission Unit
(MTU) of 1500 bytes has received an IP packet of size
4404 bytes with an IP header of length 20 bytes. The
values of the relevant fields in the header of the third IP
fragment generated by the router for this packet are

(A) MF bit: 0, Datagram Length: 1444; Offset: 370

(B) MF bit: 1, Datagram Length: 1424; Offset: 185
(C) MF bit: 1, Datagram Length: 1500; Offset: 37
(D) MF bit: 0, Datagram Length: 1424; Offset: 2960

20.22
 Number of packet fragments = ⌈ (total size of packet)/(MTU) ⌉
= ⌈ 4384/1480 ⌉
= ⌈ 2.962 ⌉
=3

So Datagram with data 4404 byte fragmented into 3 fragments.

The first frame carries bytes 0 to 1479 (because MTU is 1500
bytes and HLEN is 20 byte so the total bytes in fragments is
maximum 1500-20=1480). the offset for this datagram is 0/8 = 0.

The second fragment carries byte 1480 to 2959. The offset for this
datagram is 1480/8 = 185.finally the third fragment carries byte
2960 to 4404.the offset is 370.and for all fragments except last one
the M bit is 1.so in the third bit M is 0..

20.23
 Figure 20.9 Maximum transfer unit (MTU)

20.24
 Table 20.5 MTUs for some networks

20.25
 Figure 20.11 Fragmentation example

20.26
 Figure 20.12 Detailed fragmentation example

20.27
 Example 20.5

A packet has arrived with an M bit value of 0. Is this the

first fragment, the last fragment, or a middle fragment?
Do we know if the packet was fragmented?

Solution
If the M bit is 0, it means that there are no more
fragments; the fragment is the last one. However, we
cannot say if the original packet was fragmented or not. A
non-fragmented packet is considered the last fragment.

20.28
 Example 20.6

A packet has arrived with an M bit value of 1. Is this the

first fragment, the last fragment, or a middle fragment?
Do we know if the packet was fragmented?

Solution
If the M bit is 1, it means that there is at least one more
fragment. This fragment can be the first one or a middle
one, but not the last one. We don’t know if it is the first
one or a middle one; we need more information (the value
of the fragmentation offset).

20.29
 Example 20.7

A packet has arrived with an M bit value of 1 and a

fragmentation offset value of 0. Is this the first fragment,
the last fragment, or a middle fragment?

Solution
Because the M bit is 1, it is either the first fragment or a
middle one. Because the offset value is 0, it is the first
fragment.

20.30
 Example 20.8

A packet has arrived in which the offset value is 100.

What is the number of the first byte? Do we know the
number of the last byte?

Solution
To find the number of the first byte, we multiply the offset
value by 8. This means that the first byte number is 800.
We cannot determine the number of the last byte unless
we know the length.

20.31
 Example 20.9

A packet has arrived in which the offset value is 100, the

value of HLEN is 5, and the value of the total length field
is 100. What are the numbers of the first byte and the last
byte?
Solution
The first byte number is 100 × 8 = 800. The total length is
100 bytes, and the header length is 20 bytes (5 × 4), which
means that there are 80 bytes in this datagram. If the first
byte number is 800, the last byte number must be 879.

20.32
 Example 20.10

Figure 20.13 shows an example of a checksum

calculation for an IPv4 header without options. The
header is divided into 16-bit sections. All the sections are
added and the sum is complemented. The result is
inserted in the checksum field.

20.33
 Figure 20.13 Example of checksum calculation in IPv4

20.34
20-3 IPv6

IPv6 is of 128 bits(16 byte)

The network layer protocol in the TCP/IP protocol

suite is currently IPv4. Although IPv4 is well designed,
data communication has evolved since the inception of
IPv4 in the 1970s.

IPv4 has some deficiencies that make it unsuitable for

the fast-growing Internet.
 Figure 20.15 IPv6 datagram header and payload

20.36
 Figure 20.16 Format of an IPv6 datagram

20.37
 Flow label. The flow label is a 3-byte (24-bit) field that
is designed to provide special handling for a particular
flow of data. We will discuss this field later.
o Payload length. The 2-byte payload length field
defines the length of the IP datagram
excluding the base header.
o Next header. The next header is an 8-bit field defining
the header that follows the
base header in the datagram. The next header is either
one of the optional extension
headers used by IP or the header of an encapsulated
packet such as UDP or
TCP.

20.38
 Table 20.6 Next header codes for IPv6

20.39
 Table 20.9 Comparison between IPv4 and IPv6 packet headers

20.40
 20-4 TRANSITION FROM IPv4 TO IPv6

Because of the huge number of systems on the

Internet, the transition from IPv4 to IPv6 cannot
happen suddenly. It takes a considerable amount of
time before every system in the Internet can move from
IPv4 to IPv6. The transition must be smooth to prevent
any problems between IPv4 and IPv6 systems.

Topics discussed in this section:

Dual Stack
Tunneling
Header Translation
20.41
 Figure 20.18 Three transition strategies

20.42
20.43
20.44
20.45
20.46
20.47
20.48
20.49
 Table 20.11 Header translation

20.50
TRANSPORT
LAYER
INTRODUCTION
• The transport layer is responsible for message delivery from
process running in source computer to process running
destination computer (PROCESS TO PROCESS DELIVERY))
• It provides logical communication between app processes running
on different hosts
• transport protocols run in end systems
• Send side: breaks app messages into segments, passes to
network layer
• Recieve side: reassembles segments into messages, passes to
app layer
• more than one transport protocol available to apps
• Internet: TCP and UDP
Types of data deliveries: Internet
Stack
TRANSPORT LAYER SERVICES
Connectionless Vs Connection Oriented Service

Reliable Vs Unreliable Service

Connectionless Vs Connection
Oriented Service
Connectionless Service
• Without Connection Establishent or Connection
Release
• Packets may be lost or delay
• No Acknowledgement
For Eg: UDP
Connection Oriented Service
• Connection Establishent or Connection Release
• Packets neither be lost
• Acknowledgement
For Eg: TCP
Reliable Vs Unreliable Service
Reliable
• Predefined Flow Control & Error Control
• Slow & More Complex
For Eg: TCP

Unreliable
• Own Flow & Error control mechanism as
required
• Fast & Easy to implement
For Eg: UDP
TRANSPORT LAYER DESIGN ISSUE
Connection Management
Addressing
Data Transfer
Multiplexing & Demultiplexing
Flow Control
Error Control
Congestion Control
Addressing
• Using Port address (16 bit)
• Ranges from 0 to 65,535
 IP addresses versus port numbers

23.10
 IANA ranges

23.11
 Socket address (IP address + Port Address)

What is the use of socket?

• The socket mechanism provides a means of inter-process communication
(IPC).
• Socket is basically an API for enabling communication between two end
points.
• A socket is one endpoint of a two way communication link between two
programs running on the network.
23.12
Socket API
P3 P1
P1 P2 P4 application
application application

transport transport transport

network network network

link link link

physical physical physical

host 1 host 2 host 3

= socket = process
 Multiplexing/demultiplexing
Demultiplexing at rcv host: Multiplexing at send host:
delivering received segments gathering data from multiple
to correct socket sockets, enveloping data with
header (later used for
= socket = process demultiplexing)

application P3 P1
P1 application P2 P4 application

transport transport transport

network network network

link link link

physical physical physical

host 2 host 3
host 1
15
Transport Layer Protocols (UDP and
TCP)
• UDP provides
• best effort delivery
• Connectionless
• Unreliable
• Out of order delivery
• TCP
• Reliable
• In-order delivery
• Congestion control
• Flow control
• Connection setup
 USER DATAGRAM PROTOCOL (UDP)

The User Datagram Protocol (UDP) is called a

connectionless, unreliable transport protocol. It does
not add anything to the services of IP except to provide
process-to-process communication instead of host-to-
host communication.

23.18
 Well-known ports used with UDP

23.19
 User datagram format

23.20
 Pseudoheader for checksum calculation

23.21
 TCP

TCP is a connection-oriented protocol; it creates a

virtual connection between two TCPs to send data. In
addition, TCP uses flow and error control mechanisms
at the transport level.

23.22
 Stream delivery

23.23
 Figure Sending and receiving buffers

23.24
 TCP segments

23.25
 Note

The bytes of data being transferred in

each connection are numbered by TCP.

The numbering starts with an arbitrarily

generated number. Uses 32 bits.

TCP/IP Protocol Suite 26

 Example 15.1
Suppose a TCP connection is transferring a file of 5,000 bytes.
The first byte is numbered 10,001. What are the sequence
numbers for each segment if data are sent in five segments,
each carrying 1,000 bytes?

Solution
The following shows the sequence number for each segment:

TCP/IP Protocol Suite 27

 Note

The value in the sequence number

field of a segment defines the number
assigned to the first data byte
contained in that segment.

TCP/IP Protocol Suite 28

 Note

The value of the acknowledgment field

in a segment defines the number of the
next byte a party expects to receive.

The acknowledgment number is

cumulative.

TCP/IP Protocol Suite 29

 15-3 SEGMENT

Before discussing TCP in more detail, let us discuss

the TCP packets themselves. A packet in TCP is
called a segment.

TCP/IP Protocol Suite 30

 TCP segment format

23.31
 Control field

23.32
 Description of flags in the control field

23.33
 15-4 A TCP CONNECTION
TCP is connection-oriented. It establishes a virtual
path between the source and destination. All of the
segments belonging to a message are then sent over
this virtual path. You may wonder how TCP, which
uses the services of IP, a connectionless protocol,
can be connection-oriented. The point is that a TCP
connection is virtual, not physical. TCP operates at a
higher level. TCP uses the services of IP to deliver
individual segments to the receiver, but it controls the
connection itself. If a segment is lost or corrupted, it is
retransmitted.
TCP/IP Protocol Suite 34
 Figure 15.9 Connection establishment using three-way handshake

seq: 8000

UAPRS F
SYN
seq: 15000
ack: 8001
nd: 5000
U A P R S F rw
SYN + ACK
seq: 8000
ack: 15001
UAPRS F
rwnd: 10000
ACK
Means “no data” !
seq: 8001 if piggybacking
TCP/IP Protocol Suite 35
 Figure 15.10 Data Transfer

Pushing data
Urgent data

Connection Termination

TCP/IP Protocol Suite 36

 Connection termination using three-way handshaking

23.37
TCP Flow Control
&
Window Size
TCP Window Management

Before discussing data transfer in TCP and the issues such as

flow, error, and congestion control, we describe the windows
used in TCP.
• TCP uses two windows (send window and receive window)
for each direction of data transfer, which means four windows
for a bidirectional communication.
• To make the discussion simple, we make an assumption that
communication is only unidirectional;
• The bidirectional communication can be inferred using two
unidirectional communications with piggybacking.

TCP/IP Protocol Suite 42

 TCP
Window
Management
 Figure 15.22 Send window in TCP

TCP/IP Protocol Suite 44

 Figure 15.23 Receive window in TCP

TCP/IP Protocol Suite 45

 Figure 23.22 Sliding window

23.46
 Note

A sliding window is used to make

transmission more efficient as well as
to control the flow of data so that the
destination does not become
overwhelmed with data.
TCP sliding windows are byte-oriented.

23.47
 Example 23.4

What is the value of the receiver window (rwnd) for host

A if the receiver, host B, has a buffer size of 5000 bytes
and 1000 bytes of received and unprocessed data?

Solution
The value of rwnd = 5000 − 1000 = 4000. Host B can
receive only 4000 bytes of data before overflowing its
buffer. Host B advertises this value in its next segment to
A.

23.48
 Example 23.5

What is the size of the window for host A if the value of

rwnd is 3000 bytes and the value of cwnd is 3500 bytes?

Solution
The size of the window is the smaller of rwnd and cwnd,
which is 3000 bytes.

23.49
 Example 23.6

Figure 23.23 shows an unrealistic example of a sliding

window. The sender has sent bytes up to 202. We assume
that cwnd is 20 (in reality this value is thousands of
bytes). The receiver has sent an acknowledgment number
of 200 with an rwnd of 9 bytes (in reality this value is
thousands of bytes). The size of the sender window is the
minimum of rwnd and cwnd, or 9 bytes. Bytes 200 to 202
are sent, but not acknowledged. Bytes 203 to 208 can be
sent without worrying about acknowledgment. Bytes 209
and above cannot be sent.

23.50
 Figure 23.23 Example 23.6

23.51
 Figure 23.24 Normal operation

23.52
 Figure 23.25 Lost segment

23.53
 Note

The receiver TCP delivers only ordered

data to the process.

23.54
 Figure 23.26 Fast retransmission

23.55
 15-9 CONGESTION CONTROL

Congestion control in TCP is based on both open loop

and closed-loop mechanisms. TCP uses a congestion
window and a congestion policy that avoid congestion
and detect and alleviate congestion after it has
occurred.

TCP/IP Protocol Suite 56

Congestion Control Introduction:
• When too many packets are present in (a part of) the
subnet, performance degrades. This situation is called
congestion.
• As traffic increases too far, the routers are no longer able
to cope and they begin losing packets.
• At very high traffic, performance collapses completely and
almost no packets are delivered.
• Reasons of Congestion:
• Slow Processors.
• High stream of packets sent from one of the sender.
• Insufficient memory.
• High memory of Routers also add to congestion as becomes un
manageable and un accessible. (Nagle, 1987).
• Low bandwidth lines.
 Figure 24.5 Congestion control categories

24.58
Congestion Control in TCP
• Slow Start
• Additive Increase (Congestion Avoidance)
• Multiplicative decrease
 Slow start, exponential increase

TCP/IP Protocol Suite 62

 Note

In the slow start algorithm, the size of

the congestion window increases
exponentially until it reaches a threshold
(ssthresh).

TCP/IP Protocol Suite 63

What will happen reaches to threshold
• ssthresh=window/2
• Cwnd=ssthresh
 Figure Congestion avoidance, additive increase
multiplicative decreaase (AIMD)

TCP/IP Protocol Suite 65

 Note

In the congestion avoidance algorithm

the size of the congestion window
increases additively until
congestion is detected.

TCP/IP Protocol Suite 66

What will happen reaches to threshold
• Congestion is detected by timeout
• ssthresh=window/2
• cwnd=1
Multiplicative Decrease
• Congestion is detected by 3 dup Acks
• ssthresh=window/2
• cwnd=ssthresh
Multiplicative Decrease
• Congestion is detected by 3 dup Acks
• ssthresh=window/2
• cwnd=ssthresh
 Figure 15.37 Congestion example

TCP/IP Protocol Suite 74

APPLICATION
LAYER
 Application Layer
• Topmost layer in OSI model that deals different application running
over the system using different application layer protocols such as HTTP,
FTP, TELNET etc.
• It ensures an application can effectively communicate with other
applications on different computer systems and networks.
 Data Encryption
• Conversion of our Readable form data (Plain Text) into non
Readable form(Cipher Text) are known as Data Encryption
• Data Encryption can be performed by using keys and
a suitable algorIthm
KEY
PLAIN CIPHER
TEXT ENCRYPTION TEXT
ALGORITHM
SENDER

INTERNET

KEY
PLAIN CIPHER
TEXT TEXT
DECRYPTION
ALGORITHM
RECEIVER
 Data Encryption Keys
Data Encryption keys are value or property by which
we can perform encryption and decryption.

Types of Encryption Keys

PUBLIC KEY PRIVATE KEY

Shared with NOT SHARED

others WITH ANYONE
(BROADCAST) (SECRET)
Types of Data Encryption

SYMMETRIC ASYMMETRIC
For Eg. DES For Eg. RSA
 Symmetric Data Encryption
When Encryption and Decryption can be performed
by using only same type of key

KEY-1
PLAIN CIPHER
TEXT ENCRYPTION TEXT
ALGORITHM
SENDER

INTERNET

KEY-1
PLAIN CIPHER
TEXT TEXT
DECRYPTION
ALGORITHM
RECEIVER
DES Data Encryption
 Asymmetric Data Encryption
When Encryption and Decryption can be performed
by using two different type of key(Public or Private)

RECEIVER
PLAIN PUBLIC KEY CIPHER
TEXT ENCRYPTION TEXT
ALGORITHM
SENDER

INTERNET

RECEIVER
PLAIN PRIVATE KEY CIPHER
TEXT TEXT
DECRYPTION
ALGORITHM
RECEIVER
Q. Let p=3 and q=11 and plain text message length
M=31. Encrypt and Decrypt it using RSA and also
calculate its Public Key ‘e’ and Private Key ‘d’.

1. Calculate n=p x q So, n= 3 x 11= 33

2. Calculate φ(n) = (p-1)x(q-1) . So, φ(n)=2x10=20
3. Calculate ‘e’, Let e=7 As gcd(7,20)=1 & 1<7<20.
4. Calculate ‘d’. As dxe mod φ(n)=1
d x 7 mod 20=1
3 x 7 mod 20=1
So, d=3
5. Encrypt Cipher C= Memod n, C=317mod 33=4
6. Decrypt Plain M= Cdmod n, M=43mod 33=31
 Data Compression
• Data compression means conversion of Large Data
into Small reduced form (Reduction in the number of
bits needed to represent data)
• Compressing data can save storage capacity, speed
up file transfer, and decrease costs for storage
hardware and network bandwidth.
 Lossless Data Compression
• Lossless compression is a class of data compression
that allows the original data to be perfectly
reconstructed from the compressed data with no loss
of information.
Let M= Original Data (Before
Compression)
M’=Data Recovered (After
Compression)
m=M-M’
where m=data lost
Here m=0
 Lossy Data Compression
• In such type of compression, some data is lost during
recovery. Original data may not be recovered as it is.

Let M= Original Data (Before

Compression)
M’=Data Recovered (After
Compression)
m=M-M’
where m=data lost
Here m>0
 Data Compression Terms
Compression Ratio= Compressed Data
_______________
Original Data

Compression Factor= 1
_________________
Compression Ratio
Compression Time: Total Time Taken by Encoder to
compress the data.
Decompression Time: Total Time Taken by Decoder to
uncompress the data.
 RUN LENGTH ENCODING
• Pick the first character from the source string.
• Append the picked character to the
destination string.
• Count the number of subsequent occurrences
of the picked character and append the count
to the destination string.
• Pick the next character and repeat steps 2, 3
and 4 if the end of the string is NOT reached.
RUN LENGTH ENCODING
 Huffman Encoding
• Calculate the frequency of each character in
the string.

• Sort the characters in increasing order of the

frequency. These are stored in a priority
queue Q.
 Huffman Encoding
• Make each unique character as a leaf node.
• Create an empty node z. Assign the minimum
frequency to the left child of z
and assign the second minimum
frequency to the right child of z.
Set the value of the z as the sum
of the above two minimum
frequencies.
Getting the sum of the
least numbers
 Huffman Encoding
• Remove these two minimum frequencies
from Q and add the sum into the list of
frequencies (* denote the internal nodes in
the figure above).
• Insert node z
into the tree.
 Huffman Encoding
• For each non-leaf node, assign 0 to the left
edge and 1 to the right edge.
• Assign 0 to the left edge
and 1 to the right edge
Here, Average bits
M=1,P=1,R=1, N=1, L=1 Required=63/19
E=1,C=2, _=2, I=2, S=3,O=4,
Total Characters=19 0 =3.32
19x7=133bits
1
Here,
C=0001=4 4x2=8 0
O=01=2 2x4=8 0 1 1
M=1010=4 4x1=4
P=1011=4 4x1=4
R=1000=4 4x1=4
E=1001=4 4x1=4 0
S=001=3 3x3=9 0 1 1 0 1
I=110=3 3x2=6
N=1110=4 4x1=4
_=0000=4 4x2=8
L=1111=4 4x1=4 1 0 1 0 1
______ 0 0 1
Total Bits 63 bits
Reuired
 Lampel ZIV(LZ) Algorithm
Let we have data
101011011010101010
1,0,10,11,01,101,010,1010
Dictionary Location Content Code word

_
______________________
_
______________________
_____________________________________
001 1 0001
_____________________________________
010 0 0000
_____________________________________
011 10 0010
_____________________________________
100 11 0011
_____________________________________
101 01
_____________________________________
0101
110 101 0111
_____________________________________
111 010 1010
_____________________________________
1010 1100
_____________________________________
Required Digital Code:
00010000001000110101011110101100
 File Transfer
Transfer of data from Sender to
Receiver in OSI Model is possible
using FTP Protocol
 FILE TRANSFER
PROTOCOL (FTP)

File Transfer Protocol (FTP)

is the standard mechanism
provided by TCP/IP for
copying a file from one host to
another.

50
FTP

51
FTP uses the services of TCP.
It needs two TCP
connections.
The well-known port 21 is
used for the control
connection and the well-
known port 20 for the data
52
connection.
Opening the control connection

53
Creating the data connection

54
Using the control connection

55
Using the data connection

56
Command processing

57
Access commands

58
File management commands

59
Data formatting commands

60
Port defining commands

61
File transfer commands

62
File transfer commands (continued)

63
Miscellaneous commands

64
Responses

65
Responses (continued)

66
Responses (continued)

67
Responses (continued)

Table 19.7 Responses (continued)

68
Responses (continued)

Table 19.7 Responses (continued)

69
File transfer

70
 Example
1
Next Figure shows an example of using FTP for
retrieving a list of items in a directory.
1. After the control connection to port 21 is
created, the FTP
server sends the 220 (service ready) response
on the control
connection.
2. The client sends the USER command.
3. The server responds with 331 (user name is
OK, password is
required).
4. The client sends the PASS command.
5. The server responds with 230 (user login is
71
OK)
 Example 1 (cONTINUED)

6. The client issues a passive open on an

ephemeral port for the
data connection and sends the PORT
command (over the
control connection) to give this port number
to the server.
7. The server does not open the connection at
this time, but it
prepares itself for issuing an active open on
the data
connection between port 20 (server side) and
the ephemeral
port received from the client. It sends response
72
150 (data
 Example 1 (cONTINUED)

10. The server then sends the list of the files or

directories (as a
file) on the data connection. When the whole
list (file) is
sent, the server responds with 226 (closing
data connection)
over the control connection.
11. The client now has two choices. It can use
the QUIT
command to request the closing of the
control connection or it can send another
command to
start another activity (and eventually open
another data
connection). In our example, the client 73
Figure 19.8 Example 1

74
 Example
2
The following shows an actual FTP session that
parallels Example 1. The colored lines show the
responses from the server control connection;
the black lines show the commands sent by the
client. The lines in white with black background
shows data transfer.
$ ftp voyager.deanza.fhda.edu
Connected to voyager.deanza.fhda.edu.
220 (vsFTPd 1.2.1)
530 Please login with USER and PASS.
Name (voyager.deanza.fhda.edu:forouzan): forouzan
331 Please specify the password.

75
 Example
2
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls reports
227 Entering Passive Mode (153,18,17,11,238,169)
150 Here comes the directory listing.

drwxr-xr-x 2 3027 411 4096 Sep 24 2002 business

drwxr-xr-x 2 3027 411 4096 Sep 24 2002 personal
drwxr-xr-x 2 3027 411 4096 Sep 24 2002 school

226 Directory send OK.

ftp> quit
221 Goodbye.

76
 Example
3
Next Figure shows an example of how an image
(binary) file is stored.
1. After the control connection to port 21 is created,
the FTP
server sends the 220 (service
ready) response on the control connection.
2. The client sends the USER command.
3. The server responds with 331 (user name is OK, a
password
is required).
4. The client sends the PASS command.
5. The server responds with 230 (user login is OK).
6. The client issues a passive open on an ephemeral
port for
the data connection and sends the PORT 77
 Example 3 (cONTINUED)

7. The server does not open the connection at this

time, but
prepares itself for issuing an active
open on the data connection between port 20
(server side)
and the ephemeral port received
from the client. It sends the response 150
(data connection
will open shortly).
8. The client sends the TYPE command.
9. The server responds with the response 200
(command OK).
10. The client sends the STRU command.
11. The server responds with 200 (command OK).
12. The client sends the STOR command. 78
 Example 3 (cONTINUED)

14. The client sends the file on the data

connection. After the
entire file is sent, the data connection is
closed. Closing the
data connection means end-of-file.
15. The server sends the response 226 on the
control
connection.
16. The client sends the QUIT command or uses
other
commands to open another data connection
for transferring another file. In our example,
the QUIT
79
command is sent.
Figure 19.9 Example 3

80
 Example
4
We show an example of anonymous FTP. We
assume that
some public data are available at internic.net.
$ ftp internic.net
Connected to internic.net
220 Server ready
Name: anonymous
331 Guest login OK, send “guest” as password
Password: guest
ftp > pwd
257 ’/’ is current directory

81
 Example
4
bin
...
...
...
ftp > close
221 Goodbye
ftp > quit

82
Figure 17.19 Resource record format

TCP/IP Protocol Suite 83