Network Layer

Module 4
IPV4 ADDRESSES
• The identifier used in the IP layer of the TCP/IP protocol suite to identify the
connection of each device to the Internet is called the Internet address or IP
address.
• An IPv4 address is a 32-bit address that uniquely and universally defines the
connection of a host or a router to the Internet.
• The IP address is the address of the connection, not the host or the router,
because if the device is moved to another network, the IP address may be
changed.
• IPv4 addresses are unique in the sense that each address defines one, and only
one, connection to the Internet.
• If a device has two connections to the Internet, via two networks, it has two IPv4
addresses.
• IPv4 addresses are universal in the sense that the addressing system must be
accepted by any host that wants to be connected to the Internet.
Address Space
• A protocol like IPv4 that defines addresses has an address space.
• An address space is the total number of addresses used by the
protocol.
• If a protocol uses b bits to define an address, the address space is 2b
because each bit can have two different values (0 or 1).
• IPv4 uses 32-bit addresses, which means that the address space is 232
or 4,294,967,296 (more than four billion).
Notation
• There are three common notations to show an IPv4 address
• Binary notation (base 2), dotted-decimal notation (base 256), and hexadecimal notation (base 16).
• In binary notation, an IPv4 address is displayed as 32 bits.
• To make the address more readable, one or more spaces are usually inserted between each octet (8
bits).
• To make the IPv4 address more compact and easier to read, it is usually written in decimal form with a
decimal point (dot) separating the bytes.
• This format is referred to as dotted-decimal notation.
• Note that because each byte (octet) is only 8 bits, each number in the dotted-decimal notation is
between 0 and 255.
• We sometimes see an IPv4 address in hexadecimal notation. Each hexadecimal digit is equivalent to
four bits.
• This means that a 32-bit address has 8 hexadecimal digits. This notation is often used in network
programming
Notation
• A 32-bit IPv4 address is divided into two parts.
• The first part of the address, called the prefix, defines
the network;
• the second part of the address, called the suffix, defines
the node
• A prefix can be fixed length or variable length.
• The network identifier in the IPv4 was first designed as
a fixed-length prefix.
• This scheme, which is now obsolete, is referred to as
classful addressing.
• The new scheme, which is referred to as classless
addressing, uses a variable-length network prefix
Classful Addressing
• When the Internet started, an IPv4 address was designed with a fixed-
length prefix, but to accommodate both small and large networks,
three fixed-length prefixes were designed instead of one (n = 8, n =
16, and n = 24).
• The whole address space was divided into five classes (class A, B, C, D,
and E)
Classful Addressing
Classful Addressing
Address Depletion
• The reason that classful addressing has become obsolete is address depletion.
• Since the addresses were not distributed properly, the Internet was faced with the problem of the addresses
being rapidly used up, resulting in no more addresses available for organizations and individuals that needed to
be connected to the Internet.
• To understand the problem, let us think about class A. This class can be assigned to only 128 organizations in the
world, but each organization needs to have a single network (seen by the rest of the world) with 16,777,216
nodes (computers in this single network).
• Since there may be only a few organizations that are this large, most of the addresses in this class were wasted
(unused).
• Class B addresses were designed for midsize organizations, but many of the addresses in this class also remained
unused.
• Class C addresses have a completely different flaw in design.
• The number of addresses that can be used in each network (256) was so small that most companies were not
comfortable using a block in this address class.
• Class E addresses were almost never used, wasting the whole class.
Subnetting and Super-netting
• To alleviate address depletion, two strategies were proposed and, to some
extent, implemented: subnetting and super-netting.
• In subnetting, a class A or class B block is divided into several subnets.
• Each subnet has a larger prefix length than the original network.
• For example, if a network in class A is divided into four subnets, each subnet
has a prefix of nsub = 10.
• At the same time, if all of the addresses in a network are not used, subnetting
allows the addresses to be divided among several organizations.
• This idea did not work because most large organizations were not happy
about dividing the block and giving some of the unused addresses to smaller
organizations.
Subnetting
Subnetting and Super-netting
• While subnetting was devised to divide a large block into smaller ones,
super-netting was devised to combine several class C blocks into a larger
block to be attractive to organizations that need more than the 256
addresses available in a class C block.
• This idea did not work either because it makes the routing of packets more
difficult.
Classless Addressing
• Class privilege was removed from the distribution to compensate for the address
depletion.
• In 1996, the Internet authorities announced a new architecture called classless
addressing.
• In classless addressing, variable-length blocks are used that belong to no classes.
• We can have a block of 1 address, 2 addresses, 4 addresses, 128 addresses, and
so on.
• In classless addressing, the whole address space is divided into variable length
blocks.
• The prefix in an address defines the block (network); the suffix defines the node
(device).
Classless Addressing
• Unlike classful addressing, the prefix length in classless addressing is variable.
• We can have a prefix length that ranges from 0 to 32.
• The size of the network is inversely proportional to the length of the prefix.
• A small prefix means a larger network; a large prefix means a smaller network.
• We need to emphasize that the idea of classless addressing can be easily
applied to classful addressing.
• An address in class A can be thought of as a classless address in which the
prefix length is 8.
• An address in class B can be thought of as a classless address in which the
prefix is 16, and so on
Classless Addressing
• Prefix Length: Slash Notation
• Since the prefix length is not inherent in the address, we need to
separately give the length of the prefix.
• In this case, the prefix length, n, is added to the address, separated by
a slash.
• The notation is informally referred to as slash notation and formally as
Classless Inter-Domain Routing or CIDR
Classless Addressing
A classless address is given as 167.199.170.82/27. We can find the above three pieces of information as follows.
The number of addresses in the network is 232 − n = 25 = 32 addresses.
Classless Addressing

Ex: Consider previous example. Let the address Mask is 255.255.255.224

N=NOT(Mask) + 1 = 0.0.0.31 + 1 = 32 addresses
First address = (Any address in block) AND (Mask) =167.199.170.82 AND 255.255.255.224 = 167.199.170.64
Last Address = 167.199.170.82 OR [NOT 255.255.255.224] = 167.199.170.95
Classless Addressing
• Network Address – For Routing
• When a packet arrives at the router
from any source host, the router
needs to know to which network the
packet should be sent;
• Also from which interface the packet
should be sent out
Subnetting
• More levels of hierarchy can be created using subnetting.
• An organization (or an ISP) that is granted a range of addresses may
divide the range into several subranges and assign each subrange to a
subnetwork (or subnet).
• A subnetwork can be divided into several sub-subnetworks.
• A sub-subnetwork can be divided into several sub-sub-subnetworks,
and so on.
• The subnet number is the numerically smallest number in
the subnet
Subnetting
Designing Subnets
• We assume the total number of addresses granted to the organization is N,
the prefix length is n, the assigned number of addresses to each subnetwork is
Nsub, and the prefix length for each subnetwork is nsub.
Rules:
• The number of addresses in each subnetwork should be a power of 2.
• The prefix length for each subnetwork should be found using the following
formula: nsub = 32 − log2Nsub
• The starting address in each subnetwork should be divisible by the number of
addresses in that subnetwork. This can be achieved if we first assign addresses
to larger subnetworks.
Problem 1
Problem 1
Problem 2
• Find the class of the following classful IP addresses:
• a. 130.34.54.12
• b. 200.34.2.1
• c. 245.34.2.8
Problem 2
• Find the class of the following classful IP addresses:
• a. 130.34.54.12 - Class B (first byte is between 128 and 191)
• b. 200.34.2.1 - Class C (first byte is between 192 and 223)
• c. 245.34.2.8 – Class E (first byte is between 240 and 255)
Problem 3
• Change each of the following prefix lengths to a mask in dotted-
decimal notation:
• a. n = 0
• b. n = 14
• c. n = 30
Problem 3
• Change each of the following prefix lengths to a mask in dotted-
decimal notation:
a. n = 0
b. n = 14
c. n = 30
• Sol:
a.) 00000000 00000000 00000000 00000000 = 0.0.0.0
b.) 11111111 11111100 00000000 00000000 = 255.252.0.0
c.) 11111111 11111111 11111111 11111100 = 255.255.255.252
Problem 4
Consider a Class C address with network ID as 222.250.8. Divide the above network into 4 equal size sub-nets. Present
the sub-net mask before and after subnetting. In addition, calculate the sub-net number & broadcast address of each
sub-net.
Solution:
Originally, a network in Class C will contain 256 addresses from 222.250.8.0 to 222.250.8.255
Original sub-net mask: 255.255.255.0
4 sub-nets, so 256/4 = 64 addresses in each sub-net
To divide the network into 4, 2 (2^2 = 4) bits are used as sub-network id
After subnetting, sub-net mask for all the four sub-nets: 255.255.255.192

Sub-net 1: Leading bits (Sub-net ID) in last field – 00

222.250.8.00000000 to 222.250.8.00111111 = 222.250.8.0 to 222.250.8.63
Sub-net 2: Leading bits in last field – 01
222.250.8.01000000 to 222.250.8.01111111 = 222.250.8.64 to 222.250.8.127
Problem 4
Sub-net 3: Leading bits in last field – 10
222.250.8.10000000 to 222.250.8.10111111 = 222.250.8.128 to 222.250.8.191
Sub-net 4: Leading bits in last field – 11
222.250.8.11000000 to 222.250.8.11111111 = 222.250.8.192 to 222.250.8.255

Finding sub-net number

Sub-net 1: Least number : 222.250.8.0
Sub-net 2: Least number : 222.250.8.64
Sub-net 3: Least number : 222.250.8.128
Sub-net 4: Least number : 222.250.8.192
Finding Broadcast address
A broadcast address is a network address used to transmit to all devices connected to a multiple-access communications
network.
A message sent to a broadcast address may be received by all network-attached hosts.
Sub-net 1: Highest number : 222.250.8.63
Sub-net 2: Highest number : 222.250.8.127
Sub-net 3: Highest t number : 222.250.8.191
Sub-net 4: Highest number : 222.250.8.255
Problem 4
• Finding sub-net number (Another approach)
Any address in that block (sub-net) – 222.250. 8 .00000010
Sub-net mask - 255.255.255.11000000
Result of AND operation - 222.250.8 .00000000

Sub-net number for sub-net 1 : 222.250.8.0

Problem 5
Consider a Class C address with network ID as 192.168.10. Divide the above network into 2 equal size
sub-nets and then divide the resultant second sub-net into two and again divide the resultant second
sub-net into two. Present the sub-net mask before and after subnetting.
Solution:
First level Division:
Originally, a network in Class C will contain 256 addresses from 192.168.10.0 to 192.168.10.255
Original sub-net mask: 255.255.255.0
2 sub-nets, so 256/2 = 128 addresses in each sub-net
To divide the network into 2, one (2^1 = 2) bit is used as sub-network id
After subnetting, sub-net mask for both sub-nets: 255.255.255.128

Sub-net 1: Leading bits in last field – 0

192.168.10.00000000 to 192.168.10.01111111 = 192.168.10.0 to 192.168.10.127
Sub-net 2: Leading bits in last field – 1
192.168.10.10000000 to 192.168.10.11111111 = 192.168.10.127 to 192.168.10.255
 Problem 5
Second level Division:
Originally, a Sub-net 2 (SN2) will contain 128 addresses from 192.168.10.128 to 192.168.10.255
Original sub-net mask: 255.255.255.128
2 sub-nets, so 128/2 = 64 addresses in each sub-net
To divide the network into 2, one (2^1 = 2) more bit is used as sub-network id
After subnetting, sub-net mask for both sub-nets: 255.255.255.192

Sub-net 2 A: Leading bits in last field – 10

192.168.10.10000000 to 192.168.10.10111111 = 192.168.10.128 to 192.168.10.191
Sub-net 2 B: Leading bits in last field – 11
192.168.10.11000000 to 192.168.10.11111111 = 192.168.10.192 to 192.168.10.255
Problem 5
Third level Division:
Originally, a Sub-net 2 B(SN2-B) will contain 64 addresses from 192.168.10.192 to
192.168.10.255
Original sub-net mask: 255.255.255.192
2 sub-nets, so 64/2 = 32 addresses in each sub-net
To divide the network into 2, one (2^1 = 2) more bit is used as sub-network id
After subnetting, sub-net mask for both sub-nets: 255.255.255.224

Sub-net 2 A: Leading bits in last field – 110

192.168.10.11000000 to 192.168.10.11011111 = 192.168.10.192 to 192.168.10.223
Sub-net 2 B: Leading bits in last field – 111
192.168.10.11100000 to 192.168.10.11111111 = 192.168.10.224 to 192.168.10.255
Problem 5
Consider a Class C address with network ID as 192.168.10. Divide the above network into
2 equal size sub-nets and then divide the resultant second sub-net into two and again
divide the resultant second sub-net into two. Present the sub-net mask before and after
subnetting.
(Or)
Consider a Class C address with network ID as 192.168.10. Divide the above network into
4 sub-nets:
A: 75 hosts
B: 40 hosts
C: 27 hosts
D: 25 hosts
Present the sub-net mask before and after subnetting.
IPv4
• The Internet Protocol version 4 (IPv4) is the delivery
mechanism used by the TCP/IP protocols.
• IPv4 is unreliable and does not provide error control
or flow control.
• The data will be out of order
• TCP will take care of these issues
Topics discussed in this section:
Datagram
Fragmentation
Checksum
Options
20.34
Position of IPv4 in TCP/IP protocol suite

20.35
IPv4 datagram format

20.36
Version Number.
• The 4-bit version number (VER) field defines the version of the IPv4 protocol, which, obviously, has the
value of 4.
Header Length.
• The 4-bit header length (HLEN) field defines the total length of the datagram header in 4-byte words.
• The IPv4 datagram has a variable-length header.
• When a device receives a datagram, it needs to know when the header stops and the data, which is
encapsulated in the packet, starts.
• However, to make the value of the header length (number of bytes) fit in a 4-bit header length, the total
length of the header is calculated as 4-byte words. The total length is divided by 4 and the value is inserted
in the field. The receiver needs to multiply the value of this field by 4 to find the total length.
Service type or differentiated services

20.38
Types of service

20.39
Default types of service

20.40
 Differentiated services

Values for code points

20.41
Total length
• field defines the total length of the datagram including the header.

Identification, Flags, and Fragmentation Offset

• These three fields are related to the fragmentation of the IP datagram when the size of the datagram is larger than
the underlying network can carry.

Time-to-live
• Due to some malfunctioning of routing protocols a datagram may be circulating in the Internet, visiting some
networks over and over without reaching the destination.
• This may create extra traffic in the Internet.
• The time-to-live (TTL) field is used to control the maximum number of hops (routers) visited by the datagram.
• When a source host sends the datagram, it stores a number in this field.
• This value is approximately two times the maximum number of routers between any two hosts.
• Each router that processes the datagram decrements this number by one.
• If this value, after being decremented, is zero, the router discards the datagram.
Protocol field and encapsulated data

Protocol values

20.43
Header checksum
• IP is not a reliable protocol
• it does not check whether the payload carried by a datagram is corrupted during the
transmission.
• IP puts the burden of error checking of the payload on the protocol that owns the payload,
such as UDP or TCP.
• The datagram header, however, is added by IP, and its error-checking is the responsibility of
IP.
• Errors in the IP header can be a disaster.
• For example, if the destination IP address is corrupted, the packet can be delivered to the
wrong host.
Example of checksum calculation in IPv4

20.45
 Example 1

An IPv4 packet has arrived with the first 8 bits as shown:

01000010
The receiver discards the packet. Why?

Solution
There is an error in this packet. The 4 leftmost bits (0100)
show the version, which is correct. The next 4 bits (0010)
show an invalid header length (2 × 4 = 8). The minimum
number of bytes in the header must be 20. The packet has
been corrupted in transmission.

20.46
 Example 2

In an IPv4 packet, the value of HLEN is 1000 in binary.

How many bytes of options are being carried by this
packet?

Solution
The HLEN value is 8, which means the total number of
bytes in the header is 8 × 4, or 32 bytes. The first 20 bytes
are the base header, the next 12 bytes are the options.

20.47
 Example 3

In an IPv4 packet, the value of HLEN is 5, and the value

of the total length field is 0x0028. How many bytes of
data are being carried by this packet?

Solution
The HLEN value is 5, which means the total number of
bytes in the header is 5 × 4, or 20 bytes (no options). The
total length is 40 bytes, which means the packet is
carrying 20 bytes of data (40 − 20).

20.48
 Example 4

An IPv4 packet has arrived with the first few hexadecimal

digits as shown.
0x45000028000100000102 . . .
How many hops can this packet travel before being
dropped? The data belong to what upper-layer protocol?

Solution
To find the time-to-live field, we skip 8 bytes. The time-to-
live field is the ninth byte, which is 01. This means the
packet can travel only one hop. The protocol field is the
next byte (02), which means that the upper-layer protocol
is IGMP.
20.49
 Identification, Flags, and Fragmentation Offset

• Each link-layer protocol has its own frame format.

• One of the features of each format is the maximum size of the payload that can be encapsulated.
• In other words, when a datagram is encapsulated in a frame, the total size of the datagram must be less than
this maximum size, which is defined by the restrictions imposed by the hardware and software used in the
network
• The value of the MTU differs from one physical network protocol to another.
• For example, the value for a LAN is normally 1500 bytes, but for a WAN it can be larger or smaller.
• A datagram can be fragmented by the source host or any router in the path.
• The reassembly of the datagram, however, is done only by the destination host, because each fragment
becomes an independent datagram
• The host or router that fragments a datagram must change the values of three fields: flags, fragmentation
offset, and total length.
Identification, Flags, and Fragmentation Offset

MTUs for some networks

Flags used in fragmentation

 Identification, Flags, and Fragmentation Offset

• When a datagram is fragmented, the value in the identification field is copied into all fragments.
• In other words, all fragments have the same identification number, which is also the same as the original
datagram.
• The identification number helps the destination in reassembling the datagram.
• It knows that all fragments having the same identification value should be assembled into one datagram.

• The 3-bit flags field defines three flags.

• The leftmost bit is reserved (not used).
• The second bit (D bit) is called the do not fragment bit.
• If its value is 1, the machine must not fragment the datagram.
• If it cannot pass the datagram through any available physical network, it discards the datagram and sends an
ICMP error message to the source host.
• If its value is 0, the datagram can be fragmented if necessary.
• The third bit (M bit) is called the more fragment bit.
• If its value is 1, it means the datagram is not the last fragment; there are more fragments after this one. If its
value is 0, it means this is the last or only fragment.

• The 13-bit fragmentation offset field shows the relative position of this fragment with respect to the whole
datagram.
• It is the offset of the data in the original datagram measured in units of 8 bytes.
Fragmentation example

20.53
Detailed fragmentation example

20.54
 Example 5

A packet has arrived with an M bit value of 0. Is this the

first fragment, the last fragment, or a middle fragment?
Do we know if the packet was fragmented?

Solution
If the M bit is 0, it means that there are no more
fragments; the fragment is the last one. However, we
cannot say if the original packet was fragmented or not. A
non-fragmented packet is considered the last fragment.

20.55
 Example 6

A packet has arrived with an M bit value of 1. Is this the

first fragment, the last fragment, or a middle fragment?
Do we know if the packet was fragmented?

Solution
If the M bit is 1, it means that there is at least one more
fragment. This fragment can be the first one or a middle
one, but not the last one. We don’t know if it is the first
one or a middle one; we need more information (the
value of the fragmentation offset).

20.56
 Example 7

A packet has arrived with an M bit value of 1 and a

fragmentation offset value of 0. Is this the first fragment,
the last fragment, or a middle fragment?

Solution
Because the M bit is 1, it is either the first fragment or a
middle one. Because the offset value is 0, it is the first
fragment.

20.57
Taxonomy of options in IPv4

20.58
IPv6
• The network layer protocol in the TCP/IP protocol suite
is currently IPv4.
• Although IPv4 is well designed, data communication has
evolved since the inception of IPv4 in the 1970s.
• The main reason for migration from IPv4 to IPv6 is the
small size of the address space in IPv4.
• An IPv6 address is 128 bits or 16 bytes (octets) long,
four times the address length in IPv4.
• The address space of IPv6 contains 2128 addresses

20.59
IPv6 datagram header and payload

20.60
Format of an IPv6 datagram

20.61
 ❑ Version.
The 4-bit version field defines the version number of the IP. For IPv6, the value is 6.
❑ Traffic class.
The 8-bit traffic class field is used to distinguish different payloads with different delivery
requirements. It replaces the type-of-service field in IPv4.
❑ Flow label.
The flow label is a 20-bit field that is designed to provide special handling for a particular flow of
data. A flow label can be used to speed up the processing of a packet by a router. When a router
receives a packet, instead of consulting the forwarding table and going through a routing algorithm
to define the address of the next hop, it can easily look in a flow label table for the next hop.
❑ Payload length.
The 2-byte payload length field defines the length of the IP datagram excluding the header. Note
that IPv4 defines two fields related to the length: header length and total length. In IPv6, the length
of the base header is fixed (40 bytes); only the length of the payload needs to be defined.
❑ Next header.
The next header is an 8-bit field defining the type of the first extension header (if present) or the
type of the data that follows the base header in the datagram. This field is similar to the protocol
field in IPv4
❑ Hop limit.
The 8-bit hop limit field serves the same purpose as the TTL field in IPv4.
Next header codes for IPv6 Priorities for congestion-controlled traffic

20.63
Network Address Resolution (NAT)

• The distribution of addresses through ISPs has created a new problem.

• Assume that an ISP has granted a small range of addresses to a small business or a household.
• If the business grows or the household needs a larger range, the ISP may not be able to grant the demand
because the addresses before and after the range may have already been allocated to other networks.
• In most situations, however, only a portion of computers in a small network need access to the Internet
simultaneously.
• This means that the number of allocated addresses does not have to match the number of computers in the
network.
• For example, assume that in a small business with 20 computers the maximum number of computers that
access the Internet simultaneously is only 4.
• Most of the computers are either doing some task that does not need Internet access or communicating
with each other.
• This small business can use the TCP/IP protocol for both internal and universal communication.
Network Address Resolution (NAT)

• A technology that can provide the mapping between the private and universal addresses is Network Address
Translation (NAT).
• The technology allows a site to use a set of private addresses for internal communication and a set of global
Internet addresses (at least one) for communication with the rest of the world.
• The site must have only one connection to the global Internet through a NAT-capable router that runs NAT
software