NETWORK LA NETWORK LAYER INTERNET PROTOCOL (IP) MUKESH CHINTA ASSISTANT ASSIST ANT PROFESSOR, PROFESSOR, CSE, VRSEC VRSEC
The main protocol of the network layer, is responsible for packetizing, forwarding, and delivery of a packet at the network layer. The helps IPv4 to handle some errors that may occur in the network-layer delivery. The is used to help IPv4 in multicasting. The is used to glue the network and data-link layers in mapping
Internet
Protocol version 4 (IPv4) is the fourth version in the development of the Internet Protocol (IP) and the first version of the protocol to be widely deployed. IPv4 is described in IETF publication RFC 791 (September 1981), replacing an earlier definition (RFC 760, January 1980).
IP
is the waist of the hourglass of the Internet protocol architecture.
IPv4
is an an unreliable unreliable datagram protocol-a datagram protocol-a best-effort delivery service
IPv4
is also a connectionless protocol that uses the datagram approach. This means that each datagram is handled independently, and each datagram can follow a different route to the destination.
IP
is the hi highe ghest st lay layer er pro proto toco coll whi which ch is im impl plem ement ented ed at bo both th routers and hosts
IP supports unicast, broadcast and multicast services
IPv4 defines the format of a packet in which the data corning from the upper layer or other protocols are encapsulated. Packets used by the IP are called datagrams. datagrams.
A da data tagr gram am is a va vari riaabl blee-l -leeng ngth th pa pack ckeet consisting of two parts: header and payload (data). The header is 20 to 60 bytes in length and contains information essential to routing and delivery.
The 4-bit version number (VER) field defines the version of the IPv4 protocol, which, obviously,, has the value of 4. obviously The 4-bit header length (HLEN) field defines the total length of the datagram header in 4-byte (32-bit) words. This field is required as the IPv4 header is of variable length and the receiver needs to know where the header ends and data starts. The minimum value of this field is 5. : In the original design of the IP header, this field was previously called type of service (TOS), was redefined by IETF to provide differentiated services (DiffServ).
In
Service type interpretation, the first 3 bits are called precedence bits. The next 4 bits are called type of
service (TOS) bits, and the last bit is not used. The precedence defines the priority of the datagram in issues such as congest congestion. ion. If a router is conges congested ted and needs to discar discard d some datag datagrams, rams, those datagrams datagrams with lowest precedence are discarded first. TOS bits is a 4-bit subfield with each bit having a special meaning. In
Differentiated services interpretation, the first 6 bits make up the codepoint subfield, and the last 2 bits are
not used.
•
Precedence Values •
•
The DSCP is defin The defined ed in RFC 2474 and 2475. 2475. It is a method that classifies the way an IP packet is queued while waiting to be forwarded within a router. A ro rout uter er or en end d ho host st as assi sign gnss on one e of 64 po poss ssib ible le forwa fo rwardi rding ng beh behavi aviors ors kno known wn as Per Hop Beh Behavi avior orss (PHB (P HBs) s).. A PHB pr prov ovid ides es a pa parti rticu cular lar se servi rvice ce le leve vell (bandw (ba ndwidt idth, h, que queuin uing, g, and dro droppi pping ng dec decisi isions ons)) in accordance with network policy. Using Usin g DSCP, DSCP, a sys system tem (or router) can assi assign gn Assured Assured forwa fo rwardi rding ng (AF (AF)) co codep depoin oints, ts, us using ing one of fo four ur AF classes and one of three drop precedence values. It is also al so al allo lowe wed d to en ente terr yo your ur ow own n no nonn-ssta tand ndar ard d
This 16-bit field defines the total length (header plus data) of the IP datagram in bytes. This field allows the length of a datagram to be up to 65,535 octets. This field helps the receiving device to know when the packet has completely arrived. Length of data = total length - (HLEN) X 4 If IP pa packe ckett is fr frag agme ment nted ed du duri ring ng th the e tr tran ansm smis issi sion on,, al alll th the e fr fragm agmen ents ts co cont ntai ain n sam same e identification number to identify original IP packet they belong to. As required by the network resources, if IP Packet is too large to handle, these ‘flags’ ‘flags’ tells tells if they can be fragmented or not. In this 3-bit flag, the MSB is always set to to ‘ ‘0 0’. This field tells the exact position of the th e fr frag agme ment nt in th the e or orig igin inal al IP Pa Pack cket et.. The fr frag agme ment nt of offs fset et is measured in units of 8 octets (64 bits). The first fragment has offset zero. To avoid looping in the network, every packet is sent with some TTL value set, which tells the network how many routers (hops) this packet can cross. At each hop, its value is decremented by one and when the value reaches zero, the packet is discarded. Tells the Network layer at the destination host, to which Protocol this packet belongs to, i.e. the next level Protocol.
A checksum on the header only only.. Since some header fields change (e.g., time to live), this is recomputed and verified at each point that the internet header is processed. checksum in the Internet normally uses a 16-bit field, which is the complement of the sum of other fields calculated using 1 ’s complement arithmetic. : 32-bit address of the Sender (or source) of the packet. : 32-bit address of the Receiver (or destination) of the packet. : A datagram header can have up to 40 bytes of options. These options may contain values for options such as Security Security,, Record Route, Time Stamp, etc. used for network testing and debugging. Though options are not a required part of the IP header, option processing is required of the IP software. One-byte and multi-byte options are present. Payload, or data, is the main reason for creating a datagram. Payload is the packet coming from other protocols that use the service of IP. IP.
Here is a IP header from an IP packet received at destination 4500 003c 1c46 4000 4006 b1e6 ac10 0a63 ac10 0a0c
Identify the components of the header and find which is the checksum
In
order to send messages using IP we encapsulate the higher-layer data into IP datagrams. These
datagrams datagram s must then be sent down to the data link layer, layer, where they are further encapsulated encapsulated into the frames of whatever technology technology is going to be used to physically convey them, either directly directly to thei th eirr de dest stin inat atio ion, n, or in indi direc rectl tly y to th the e ne next xt in inte term rmedi ediate ate ste step p in th their eir jou journe rney y to the their ir in inte tend nded ed recipient. The
data link layer implementation puts the entire IP datagram into the data portion (the payload) of
its frame format, just as IP puts transport layer messages, transport headers and all, into its IP IP Data Data field. Maximum
size of IP datagram is 65535 , but the data link layer protocol generally imposes a limit
that is much smaller. For example, example, Ethernet frames have a maximum payload of 1500 bytes - IP datagrams encapsulated in Ethernet frame cannot be longer than 1500 bytes. The
limit on the maximum IP datagram datagram size, imposed by the data link protocol is called called maximum maximum
transmission tra nsmission unit (MTU) U).. The value of the MTU differs from one physical network protocol to another. IP
datagram is fragmented is fragmented into into smaller units if the size of an IP datagram exceeds the MTU
A datagram
can be fragmented by the source host or any router in the path. The reassembly
of the datagram, however, is done only by the destination host, because each fragment becomes an independent datagram.
The 16-bit identification field identifies a datagram originating from the source host. The combination of the identification and source IP address must uniquely define a datagram as it leaves the source host. The identification number helps the destination in reassembling the datagram. It knows that all fragments having the same identification value should be assembled into one datagram.
The 3-bitflags field defines three flags.
The leftmost bit is reserved (not used).
The second bit (D bit) is called the do not fragment bit. If its value is 1, the machine must not fragment the datagram. If it cannot pass the datagram through any available physical network, it discards the datagram and sends an ICMP error message to the source host. If its value is 0, the datagram can be fragmented if necessary.
The third bit (M bit) is called the more fragment bit. If its value is I, it means the datagram is not the last fragment; there are more fragments after this one. If its value is 0, it means this is the last or only fragment.
Mukesh Chinta, Asst Prof, CSE
11
The
13-bit fragmentation offset field shows the relative position of this fragment with respect to the whole datagram. It is the offset of the data in the original datagram measured in units of 8 bytes.
The
example shows a datagram with a data size of 4000 bytes fragmented into three fragments. The bytes in the original datagram are numbered 0 to 3999. The
first fragment carries bytes 0 to 1399. The offset for this datagram is 0/8 = O. The second fragment carries bytes 1400 to 2799; the offset value for this fragment is 1400/8 = 175. Finally, the third fragment carries bytes 2800 to 3999. The offset value for this fragment is 2800/8 = 350.
An ex examp ample le of det detail ailed ed fr fragm agment entati ation on is giv given en belo below w. The val value ue of the identific identificati ation on fiel field d is the same in all fragments, as is the value of the flags field with the more bit set for all fragments except the last. Also, the value of the offset field for each fragment is shown. Note that although the fragments arrive out of order at the destination, they can be correctly reassembled.
It is obvious that even if each fragment fragment follows a different path and arrives out of order, the final dest de stina inatio tion n hos hostt ca can n re reas asse semb mble le th thee or origi igina nall datagram from the fragments received (if none of them is lost) using the following strategy: a) The first fragme fragment nt has an offset offset field field value of zero. b) Divide the length of the first fragment by 8. Thee se Th seco cond nd fr frag agme ment nt ha hass an of offs fset et va value lue equal to that result. c) Divide the total length length of the first first and second second
fragm fra gment ent by 8. The third third fra fragm gment ent has an offset value equal to that result. d) Cont Continue inue the process. process. The last fragment fragment has its M bit set to o.
The
variable part of the IPv4 datagram comprises the options that can be a maximum of 40 bytes. Options, as the name implies, are not required for a datagram
Options
are divided into two broad categories:
single-byte options No
and multiple-byte options. options.
Operation – It is used as a filler between options
End
of Option – Used for padding at the end of the option field. Can only be used as the last option
Record Record
Route – Used Used to re reco cord rd th the e In Inte tern rnet et rou route ters rs th that at ha hand ndle le th the e da data tagr gram am.. It ca can n li list st up upto to ni nine ne rou route ter r addresses. Useful for debugging and management purposes.
Strict
Source Route – Used by the source to predetermine a route for the datagram as it travels through the internet. This serves several purposes such as selecting a route which provides specific service or even safer or reliable. With this option, all the routers defined must be visited by the datagram. No other listed router should be visited and if it happens, the datagram must be discarded and error message is issued.
Loose
Source Route – Similar to the above option, but is less rigid. Every router on the list must be visited, but other routers can also be visited.
Timestamp
– Used to record the time of datagram processing by a router expressed in milliseconds. Useful for
tracking the behavior of the routers in the internet.
Three Main Security Issues applicable to the IP protocol: : It involves interception of the packet by an intruder. It is an passive attack and very difficult to detect. Can be over overcome by encrypting the t he packet making the content unintelligible. Attacker intercepts the packet, changes its contents and sends the new packet to the receiver. The receiver believes that the packet is coming from the original sender. Data integrity mechanisms can be used to thwart this attack attack An attacker can masquerade as someone else and create an IP packet that carries the source address of another computer. It can be prevented using an origin authentication mechanism.
IPSec
is a protocol, used in conjunction with IP creates a connection-oriented service between the two entities in which they can exchange IP packets without being subjected to any of the above three attacks. IPSec provides the following four services Defining Packet Data
algorithms and keys
encryption
Integrity
Origin
Authentication
Examples Q) An IPv4 packet has ar rived with the first few hexadecimal hexadecimal digits as shown. (45000028000100000102 (4500002800010 0000102 ... )16. How many hops can this packet travel before being dropped? To which upper-layer protocol does the data belong to?
A) To find the time-to-live field, we skip 8 bytes (16 hexadecimal digits). The time-to-live field is the ninth byte, which is (01)16. This means the packet can travel only one hop. The protocol field is the next byte (02)16, which means that th at the upper-layer upper -layer protocol is IGMP IGMP.. Q) In an IPv4 packet, the value of HLEN is 5, and the value of the total length field is (0028) 16. How many bytes of data are being carried car ried by this packet? A. The HLEN value is 5, which means the total number of bytes in the header is 5 x 4, or 20 bytes (no options). The total length is (0028)16 or 40 bytes, which means the packet is carrying 20 bytes of data (40 - 20).
Examples Q) A pa pac cket has arri arriv ved with with an M bit val alue ue of 1 and a fr frag agm men enta tati tio on offset offs et val value ue of 0. Is this this the first fragment, fragment, the las lastt frag fragmen ment, t, or a mi middl ddle e fragment? A) Because the M bit is 1, it is either the first fragment or a middle one. o ne. Because the offset value is 0, it is the first fragment. Q) A packet packet has arriv ar rived ed in which the offset value is 100, the value of HLEN is 5, and the value of the total length field is 100. What are the numbers of the first byte and the last byte? A) The first byte number is 100 x 8 = 800. The total length is 100 10 0 bytes, and the header length is 20 bytes (5 x 4), which means that there are 80 bytes in this datagram. If the first byte number is 800, the last byte number must be 879.
Homework
• Protocol Data Unit (PDU): A PDU is a message exchanged between two instances instances of a layer to coordinate their behavior. behavior. It represents the basic element ele ment of horizontal communication. communication. A PDU consists of the following two elements: • The Protocol Control Control Information (PCI) contains contains control information information used to coordinate the two protocol protocol instances and is also called the packet header. A PCI carries protocol-specific data and is created by the sending instance, depending on its state. The information is then evaluated and removed from the PDU in the receiver instance. layer. The SDU • The Service Data Unit (SDU) contains the payload to be transmitted at the order of the higher-level layer. of layer N normally consists of the PCI of layer (N + 1) and an SDU of layer (N + 1) (i.e., (i.e. , of the (N + 1) PDU).
Home Work –RFC (Requests for Comments) https://www.ietf.org/rfc.html A
Request for Comments (RFC) is a type of publication from the Internet Engineering Task Force (IETF) and the Internet Society (ISOC), the principal technical development and standards-setting bodies for the Internet.
An
Internet Document can be submitted to the IETF by anyone, but the IETF decides if the document becomes an RFC. Eventually, if it gains enough interest, it may evolve into an Internet standard.
Each RFC is designated by an RFC number. Once published, an RFC never changes. Modifications to an original RFC are assigned a new RFC number