CHAPTER 5

NETWORK LAYER
A network layer concerned with getting packets from source to destination. This layer must
know the topology of the subnet and choose appropriate paths through it. When source
and destination are in different networks, the network layer must deal with these
differences. Whereas the data link layer oversees the delivery of the packet between two
systems on the same network, the network layer ensures that each packet gets from its
point of origin to its final destination in different networks. If two systems are connected
to the same local network, there is usually no need for a network layer.
 The network layer is responsible for the delivery of individual packets from the source
host to the destination host.

Fig. 5.1. Network layer

Other responsibilities of the network layer include the following:
 Logical addressing:- The physical addressing implemented by the data link layer
handles the addressing problem locally.
 If a packet passes the network boundary, we need another addressing system to
help distinguish the source and destination systems.
 The network layer adds a header to the packet coming from the upper layer that,
among other things, includes the logical addresses of the sender and receiver.
 Routing: When independent networks or links are connected to create internetworks
(network of networks) or a large network, the connecting devices (called routers or
switches) route or switch the packets to their final destination.

1
  One of the functions of the network layer is to provide this mechanism.
The following figure shows the delivery of the layers on network, data link and physical
layers with their corresponding layers.

Fig 5.2 Source to destination delivery of the layers

Internet Protocol (IP)

The Internet Protocol (IP) is a protocol used for communicating data across a packet-
switched internetwork using the Internet Protocol Suite, also referred to as TCP/IP. IP is
the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task
of delivering distinguished protocol datagrams (packets) from the source host to the
destination host solely based on their addresses. For this purpose the Internet Protocol
defines addressing methods and structures for datagram encapsulation.

The first major version of addressing structure, now referred to as Internet Protocol Version
4 (IPv4) is still the dominant protocol of the Internet, although the successor, Internet
Protocol Version 6 (IPv6), is being deployed actively worldwide (128 bits).

Communication at the network layer is host-to-host (computer-to-computer); a computer

somewhere in the world needs to communicate with another computer somewhere else in
the world. Usually, computers communicate through the Internet. The packet transmitted
by the sending computer may pass through several LANs or WANs before reaching the
destination computer. For this level of communication, we need a global addressing
2
scheme; we use the term IP address to mean a logical address in the network layer of the
TCP/IP protocol suite.

5.1. IP Addresses
Octets
 The 32-bit IP address is broken up into 4 octets, which are arranged into a dotted-
decimal notation scheme.
 An octet is a set of 8 bits
Example of an IP version 4: 172.64.126.52
 The largest decimal number that can be stored in an IP address octet is 255.
IP Address Classes
 IP addresses are divided into 5 classes, each of which is designated with the
alphabetic letters A to E.
 Class D addresses are used for multicasting.
 Class E addresses are reserved for testing & some mysterious future use.
 The 5 IP classes are split up based on the value in the 1st octet:

Fig. 5.3. IP address classes

5.1.1. IPv4 Addresses

An IPv4 address is a 32-bit address that uniquely and universally defines the connection of
a device (for example, a computer or a router) to the Internet. They are unique and
universal. Two devices on the Internet can never have the same address at the same time.

Address Space
 A protocol such as IPv4 that defines addresses has an address space.

3
 An address space is the total number of addresses used by the protocol.
 If a protocol uses N bits to define an address, the address space is 2N because each bit
can have two different values (0 or 1) and N bits can have 2N values.
 IPv4 uses 32-bit addresses, which means that the address space is 232 or 4,294,967,296
(more than 4 billion). This means that, theoretically, if there were no restrictions, more
than 4 billion devices could be connected to the Internet.
 We will see shortly that the actual number is much less because of the restrictions
imposed on the addresses.

Notations
 There are two prevalent notations to show an IPv4 address: binary notation and dotted-
decimal notation.
 Binary Notation
 In binary notation, the IPv4 address is displayed as 32 bits. Each octet is often referred
to as a byte. So it is common to hear an IPv4 address referred to as a 32-bit address
or a 4-byte address. The following is an example of an IPv4 address in binary notation:
01110101 10010101 00011101 00000010
 Dotted-Decimal Notation
 To make the IPv4 address more compact and easier to read, Internet addresses are
usually written in decimal form with a decimal point (dot) separating the bytes. The
following is the dotted-decimal notation of the above address: 117.149.29.2.

Example 1
Change the following IPv4 addresses from binary notation to dotted-decimal notation.

Example 2
Change the following IPv4 addresses from dotted-decimal notation to binary notation.

Solution
We replace each decimal number with its binary equivalent.

4
Example 3
Find the error, if any, in the following IPv4 addresses.

Solution
a. There must be no leading zero (045).
b. There can be no more than four numbers.
c. Each number needs to be less than or equal to 255.
d. A mixture of binary notation and dotted-decimal notation is not allowed.

Classful Addressing
IPv4 addressing, at its beginning, used the concept of classes. This architecture is called
classful addressing. In classful addressing, the address space is divided into five classes: A,
B, C, D, and E. Each class occupies some part of the address space.

Example 4:
Find the class of each address.

5
a. 00000001 00001011 00001011 11101111
b. 11000001 10000011 00011011 11111111
c. 14.23.120.8
d. 252.5.15.111
Solution
a. The first bit is 0. This is a class A address.
b. The first 2 bits are 1; the third bit is 0. This is a class C address.
c. The first byte is 14; the class is A.
d. The first byte is 252; the class is E.

i. Classes and blocks

One problem with classful addressing is that each class is divided into a fixed number of
blocks with each block having a fixed size.

Number of Blocks for class A = 27 Block size for class A = 224

Number of Blocks for class B = 214 Block size for class B = 216
Number of Blocks for class C = 221 Block size for class C = 28
 Previously, when an organization requested a block of addresses, it was granted one in
class A, B, or C.
 Class A addresses were designed for large organizations with a large number of
attached hosts or routers.
 Class B addresses were designed for midsize organizations with tens of thousands of
attached hosts or routers.
 Class C addresses were designed for small organizations with a small number of
attached hosts or routers.

6
 A block in class A address is too large for almost any organization. This means most of
the addresses in class A were wasted and were not used.
 A block in class B is also very large, probably too large for many of the organizations
that received a class B block.
 A block in class C is probably too small for many organizations.

ii. Network ID and Host ID

In classful addressing, an IP address in class A, B, or C is divided into network ID and host
ID. These parts are of varying lengths, depending on the class of the address.

 In class A, one byte defines the network ID and three bytes define the host ID.
 In class B, two bytes define the network ID and two bytes define the host ID.
 In class C, three bytes define the network ID and one byte defines the host ID.

iii. Subnet Mask

 An IP address has 2 parts:
 The Network identification.
 The Host identification.

 In most cases, if you know the address class, it’s easy to separate the 2 portions. With
the rapid growth of the internet & the ever-increasing demand for new addresses, the
standard address class structure has been expanded by borrowing bits from the Host
portion to allow for more Networks. Under this addressing scheme, called Subnetting,
separating the Network & Host requires a special process called Subnet Masking.
 The function of a subnet mask is to determine whether an IP address exists on the local
network or whether it must be routed outside the local network.
 It is applied to a message’s destination address to extract the network address.
 If the extracted network address matches the local network ID, the destination is
located on the local network.
 However, if they don’t match, the message must be routed outside the local network.

Default Standard Subnet Masks

There are default standard subnet masks for Class A, B and C addresses:

7
iv. Subnetting
 There are only 3 usable IP address classes:
 C lass A
 Class B
 Class C
 Class A networks have the highest number of available hosts.
 Class C networks have the fewest number of hosts.
Subnetting Networks ID
A 3-step example of how the default Class A subnet mask is applied to a Class A address:

Classless Addressing
 To overcome address depletion and give more organizations access to the Internet,
classless addressing was designed and implemented.
 In this scheme, there are no classes, but the addresses are still granted in blocks.
 Address Blocks
 In classless addressing, when an entity, small or large, needs to be connected to the
Internet, it is granted a block (range) of addresses.

8
 The size of the block (the number of addresses) varies based on the nature and size of
the entity.

 For example, a household may be given only two addresses; a large organization may
be given thousands of addresses.

 An ISP, as the Internet service provider, may be given thousands or hundreds of

thousands based on the number of customers it may serve.

i. Restriction

 To simplify the handling of addresses, the Internet authorities impose three

restrictions on classless address blocks:
1. The addresses in a block must be contiguous, one after another.
2. The number of addresses in a block must be a power of 2 (1, 2, 4, 8 ....).
3. The first address must be evenly divisible by the number of addresses.

 The above figure shows a block of addresses, in both binary and dotted-decimal
notation, granted to a small business that needs 16 addresses.
 We can see that the restrictions are applied to this block. The addresses are contiguous.
The number of addresses is a power of 2 (16 = 24), and the first address is divisible by 16.

ii. Classless addressing Mask

A better way to define a block of addresses is to select any address in the block and the
mask. As we discussed before, a mask is a 32-bit number in which the n leftmost bits are 1s
and the 32 - n rightmost bits are 0s. However, in classless addressing the mask for a block
can take any value from 0 to 32. It is very convenient to give just the value of n preceded by
a slash (CIDR – Classless Inter Domain Routing notation). The address and the /n notation
completely define the whole block (the first address, the last address, and the number of
addresses).

9
First Address
 The first address in the block can be found by setting the 32 - n rightmost bits in the
binary notation of the address to 0s.
Example 5
A block of addresses is granted to a small organization. We know that one of the addresses
is 205.16.37.39/28. What is the first address in the block?
Solution
The binary representation of the given address is: 11001101 00010000 00100101 00100111
If we set 32−28 rightmost bits to 0, we get 11001101 00010000 00100101 00100000 or
205.16.37.32.
Last Address
The last address in the block can be found by setting the 32 - n rightmost bits in the binary
notation of the address to 1s.
Example 6: Find the last address for the block in Example 5.
Solution
The binary representation of the given address is 11001101 00010000 00100101 00100111
If we set 32 − 28 rightmost bits to 1, we get 11001101 00010000 00100101 00101111 or 205.16.37.47

Number of Addresses
The number of addresses in the block is the difference between the last and first address.
It can easily be found using the formula 232-n.
Example 7
Find the number of addresses in Example 5.
Solution
The value of n is 28, which means that number of addresses is 2 32−28 or 16.
Another way to find the first address, the last address, and the number of addresses is to
represent the mask as a 32-bit binary (or 8-digit hexadecimal) number. This is particularly
useful when we are writing a program to find these pieces of information. In the above
example the /28 can be represented as
 11111111 11111111 11111111 11110000
 (twenty-eight 1s and four 0s).

10
Find
a. The first address b. The last address c. The number of addresses.
Solution
a. The first address can be found by ANDing the given addresses with the mask. ANDing
here is done bit by bit. The result of ANDing 2 bits is 1 if both bits are 1s; the result is 0
otherwise.

b. The last address can be found by ORing the given addresses with the complement of the
mask. ORing here is done bit by bit. The result of ORing 2 bits is 0 if both bits are 0s; the
result is 1 otherwise. The complement of a number is found by changing each 1 to 0 and
each 0 to 1.

c. The number of addresses can be found by complementing the mask, interpreting it as a

decimal number, and adding 1 to it.

Network Addresses
 A very important concept in IP addressing is the network address.
 When an organization is given a block of addresses, the organization is free to allocate
the addresses to the devices that need to be connected to the Internet.
 The first address in the class, however, is normally (not always) treated as a special
address.
 The first address is called the network address and defines the organization network.
 It defines the organization itself to the rest of the world.
 The first address is the one that is used by routers to direct the message sent to the
organization from the outside.

11
Hierarchy
 IP addresses, like other addresses or identifiers we encounter these days, have levels of
hierarchy.
 For example, a telephone network in Ethiopia has three levels of hierarchy.
 The leftmost three digits (251) define the country code, the next three digits (011, for
example) define the area, the last seven digits (1112343, for example) define the
subscriber number.

Two-Level Hierarchy: No Subnetting

 An IP address can define only two levels of hierarchy when not subnetted.
 The n leftmost bits of the address x.y.z.t/n define the network (organization network);
the 32 – n rightmost bits define the particular host (computer or router) to the network.
 The two common terms are prefix and suffix.
 The part of the address that defines the network is called the prefix; the part that defines
the host is called the suffix.
 The prefix is common to all addresses in the network; the suffix changes from one device
to another.

Three-Levels of Hierarchy: Subnetting

 An organization that is granted a large block of addresses may want to create clusters
of networks (called subnets) and divide the addresses between the different subnets.
 The rest of the world still sees the organization as one entity; however, internally there
are several subnets.
 All messages are sent to the router address that connects the organization to the rest of
the Internet; the router routes the message to the appropriate subnets.
 The organization, however, needs to create small sub blocks of addresses, each assigned
to specific subnets. The organization has its own mask; each subnet must also have its
own.

Example 7

 Suppose an organization is given the block 17.12.14.0/26, which contains 64 addresses.

The organization has three offices and needs to divide the addresses into three sub
blocks of 32, 16, and 16 addresses.

 We can find the new masks by using the following arguments:

12
 1. Suppose the mask for the first subnet is n1, then 232-n1 must be 32, which means
that n1 = 27.
2. Suppose the mask for the second subnet is n2, then 232-n2 must be 16, which
means that n2 = 28.
3. Suppose the mask for the third subnet is n3, then 232-n3 must be 16, which means
that n3 = 28.
 This means that we have the masks 27, 28, 28 with the organization mask being 26.

Address Allocation
 The next issue in classless addressing is address allocation. How are the blocks
allocated?
The ultimate responsibility of address allocation is given to a global authority called the
Internet Corporation for Assigned Names and Addresses (ICANN). However, ICANN

13
does not normally allocate addresses to individual organizations. It assigns a large block of
addresses to an ISP. Each ISP, in turn, divides its assigned block into smaller sub blocks
and grants the sub blocks to its customers. In other words, an ISP receives one large block
to be distributed to its Internet users. This is called address aggregation: many blocks of
addresses are aggregated in one block and granted to one ISP.

Example 8
An ISP is granted a block of addresses starting with 190.100.0.0/16 (65,536 addresses). The
ISP needs to distribute these addresses to three groups of customers as follows:
a. The first group has 64 customers; each needs 256 addresses.
b. The second group has 128 customers; each needs 128 addresses.
c. The third group has 128 customers; each needs 64 addresses.
Design the sub blocks and find out how many addresses are still available after these
allocations.

solution
Group 1
For this group, each customer needs 256 addresses. This means that 8 bits are needed to
define each host. The prefix length is then 32 − 8 = 24. The addresses are

Group 2
For this group, each customer needs 128 addresses. This means that 7 bits are needed to define
each host. The prefix length is then 32 − 7 = 25. The addresses are

14
Group 3
For this group, each customer needs 64 addresses. This means that 6 bits are needed to each
host. The prefix length is then 32 − 6 = 26. The addresses are

Number of granted addresses to the ISP: 65,536

Number of allocated addresses by the ISP: 40,960
Number of available addresses: 24,576

5.1.2. IPv6 addresses

Despite all short-term solutions, address depletion is still a long-term problem for the
Internet. This and other problems in the IP protocol itself have been the motivation for
IPv6.
 An IPv6 address is 128 bits or 32 hexadecimal digits long.

15
Abbreviated IPv6 addresses

Example 9
Expand the address 0:15::1:12:1213 to its original.
Solution

We first need to align the left side of the double colon to the left of the original pattern and
the right side of the double colon to the right of the original pattern to find how many 0s we
need to replace the double colon.

This means that the original address is.

ADDRESS MAPPING ( reading Assignment)

The delivery of a packet to a host or a router requires two levels of addressing: logical and
physical. We need to be able to map a logical address to its corresponding physical address
and vice versa. This can be done by using either static or dynamic mapping. IP is used for
logical addressing. MAC is used for physical addressing in a local network such as Ethernet.

16
Mapping Logical to Physical Address: ARP
Anytime a host or a router has an IP datagram to send to another host or router, it has the
logical (IP) address of the receiver. The logical (IP) address is obtained from the DNS if the
sender is the host or it is found in a routing table if the sender is a router. But the IP
datagram must be encapsulated in a frame to be able to pass through the physical network.
This means that the sender needs the physical address of the receiver. The host or the
router sends an ARP query packet. The packet includes the physical and IP addresses of the
sender and the IP address of the receiver. Because the sender does not know the physical
address of the receiver, the query is broadcast over the network.

Mapping Physical to Logical Address: RARP

There are occasions in which a host knows its physical address, but needs to know its logical
address. This may happen in two cases:

17
1. A diskless station is just booted. The station can find its physical address by checking
its interface, but it does not know its IP address.
2. An organization does not have enough IP addresses to assign to each station; it needs
to assign IP addresses on demand. The station can send its physical address and ask for
a short time lease.

A Reverse address Resolution Protocol (RARP) finds the logical address for a machine that
knows only its physical address. Each host or router is assigned one or more logical (IP)
addresses, which are unique and independent of the physical (hardware) address of the
machine. To create an IP datagram, a host or a router needs to know its own IP address or
addresses. The IP address of a machine is usually read from its configuration file stored on
a disk file. The machine can get its physical address (by reading its NIC, for example), which
is unique locally. It can then use the physical address to get the logical address by using the
RARP protocol. A RARP request is created and broadcast on the local network. Another
machine on the local network that knows all the IP addresses will respond with a RARP
reply.

Internet Control Message Protocol (ICMP)

The IP protocol has no error-reporting or error-correcting mechanism. The IP protocol also
lacks a mechanism for host and management queries. The Internet Control Message
Protocol (ICMP) has been designed to compensate for the above two deficiencies. It is a
companion to the IP protocol. PING and TRACEROUTE are two tools for ICMP.

5.2. Routing Algorithms

The main function of NL (Network Layer) is routing packets from the source machine to
the destination machine. There are two processes inside router:
a) One of them handles each packet as it arrives, looking up the outgoing line to use for it
in the routing table. This process is forwarding.
b) The other process is responsible for filling in and updating the routing tables. That is
where the routing algorithm comes into play. This process is routing. Regardless of whether
routes are chosen independently for each packet or only when new connections are
established, certain properties are desirable in a routing algorithm correctness,
simplicity, robustness, stability, fairness, optimality.
Routing algorithms can be grouped into two major classes:
1) nonadaptive (Static Routing)
2) adaptive. (Dynamic Routing)

18
Nonadaptive algorithm do not base their routing decisions on measurements or estimates
of the current traffic and topology. Instead, the choice of the route to use to get from I to J
is computed in advance, off line, and downloaded to the routers when the network is
booted. This procedure is sometimes called static routing.
Adaptive algorithm, in contrast, change their routing decisions to reflect changes in the
topology, and usually the traffic as well. Adaptive algorithms differ in
1) Where they get their information (e.g., locally, from adjacent routers, or from all routers),
2) When they change the routes (e.g., every ∆T sec, when the load changes or when the
topology changes), and
3) What metric is used for optimization (e.g., distance, number of hops, or estimated transit
time). This procedure is called dynamic routing.

Different Routing Algorithms

• Optimality principle
• Shortest path algorithm
• Flooding
• Distance vector routing
• Link state routing
• Hierarchical Routing (reading assignment)
i. Optimality principle
One can make a general statement about optimal routes without regard to network
topology or traffic. This statement is known as the optimality principle.
It states that if router J is on the optimal path from router I to router K, then the optimal
path from J to K also falls along the same As a direct consequence of the optimality
principle, we can see that the set of optimal routes from all sources to a given destination
form a tree rooted at the destination. Such a tree is called a sink tree. The goal of all routing
algorithms is to discover and use the sink trees for all routers.

19
 (a) A network. (b) A sink tree for router B.
ii. Shortest Path Routing (Dijkstra’s)
The idea is to build a graph of the subnet, with each node of the graph representing a router
and each arc of the graph representing a communication line or link. To choose a route
between a given pair of routers, the algorithm just finds the shortest path
between them on the graph
1. Start with the local node (router) as the root of the tree. Assign a cost of 0 to this node
and make it the first permanent node.
2. Examine each neighbor of the node that was the last permanent node.
3. Assign a cumulative cost to each node and make it tentative
4. Among the list of tentative nodes
a. Find the node with the smallest cost and make it Permanent
b. If a node can be reached from more than one route then select the route with the
shortest cumulative cost.
5. Repeat steps 2 to 4 until every node becomes permanent

20
21