7 Network Layer IPv4

8/20/2019 7 Network Layer IPv4

1/33

IPv4 (Internet Protocol version 4)

Need of Network layer addressing ?

IPv4Allocation techniques

IPv4 header

1OPM


2/33

Internet Protocol (IP)

•Internet Protocol is layer three protocol used to identify host ,intermediate devices and different networks uniquely all over the

world during packet transmission.

• The internet layer facilitates internetworking, which is the concept ofconnecting multiple networks with each other through network

gateways.

2OPM


3/33

Basic functions of Network layer

•For outgoing packets, select the next-hop device (router orgateway) and transmit the packet to link layer.

• For incoming packets, capture packets and pass the packet payload

to the appropriate transport-layer protocol.

3OPM


4/33

IPv4

• IPv4 was described in RFC 791 (September 1981).

• IPv4 is a connectionless protocol for use on Packet switched

networks.

• It operates on a best effort service model, in that it does not

guarantee delivery, nor does it assure proper sequencing or

avoidance of duplicate delivery. These aspects are addressed byan transport protocol, such as TCP and UDP.

4OPM


5/33

IPv4 (cont.)

• IPv4 uses 32 bits addresses, which limits the address space

to 4294967296 (232) addresses.

•

IPv4 address exhaustion (occurred on February 3, 2011)significantly delayed by following addressing changes such as

– Classful network design,

– Classless network design (Classless Inter Domain Routing CIDR ),

– Network Address Translation (NAT).

– Dynamic Host Configuration Protocol (DHCP)

5OPM


6/33

Dotted-decimal notation and binary notation for an IPv4 address

6OPM


7/33

7

Private Network IP address

•The following three blocks of IP addresses are reserved for use in private networks.

•These IP addresses are not routable outside of private networks, and private

machines cannot directly communicate with public networks.

•They can, however, do so through network address translation (NAT).

OPM


8/33

8

Some special address blocks

Link-local addressing

special address block 169.254.0.0/16 for link-local addressing, only valid on

links connected to a host . These addresses are not routable so cannot be the source

or destination of packets traversing the internet (public network). These addressesare primarily used when a host cannot obtain an IP address from a DHCP server or

other internal configuration methods.

Loopback

The class A network 127.0.0.0 (classless network 127.0.0.0/8) is reserved forloopback. IP packets with source addresses belong to this network never appear

outside a host.

IP packets with source and destination addresses belong to the network (or

subnetwork) of the same loopback interface are returned back to that interface,

hence can be used to check network interface port of a host device.

Addresses ending in 0 or 255

Class C networks in classful networking, and networks with CIDR prefixes /24

to /32 (255.255.255.0 – 255.255.255.255) can not have an address ending in 0 or

255.

In networks except class C, the IP addresses ending with 0 and 255 can be used.OPM


9/33

Classful IP allocation Technique

9OPM


10/33

Netid and hostid

10OPM


11/33

Number of blocks and block size in classful IPv4 addressing

11OPM


12/33

In IPv4 addressing, a block of

addresses can be defined asx.y.z.t /n

in which x.y.z.t defines one of the addresses and the /n defines the mask.

Classless IP allocation Technique (CIDR)

12OPM


13/33

Each IP address contains information of Network & Host number

The leftmost n bits (prefix) define the network Number.

The total number of Networks in the block can be found by using the formula 2n.

The rightmost 32 − n bits define the host number.

The total number of host addresses in the block can be found by using the

formula 232−n.

13OPM


14/33

Configuration and addresses in a subnetted network

14OPM


15/33

Three-level hierarchy in an IPv4 address

15OPM


16/33

NAT implementation

16OPM


17/33

Addresses in a NAT

17OPM


18/33

NAT address translation

18OPM


19/33

Example: Five-column translation table

19OPM


20/33

20

• 20 bytes ≤ Header Size < 24 x 4 bytes = 60 bytes

• 20 bytes ≤ Total Length < 216 bytes = 65536 bytes

IP Datagram Format (with header)

ECNversionheader

lengthDS total length (in bytes)

Identification Fragment offset

source IP address

destination IP address

options (0 to 40 bytes)

payload

4 bytes

time-to-live (TTL) protocol header checksum

bit # 0 15 23 248 317 16

0M

F

D

F

OPM


21/33

IPv4 header fields

• Version:- 4 bits field, for IPv4 field value is 4 .

• IHL (Internet Header Field):- 4 bits field, which is the number of

32-bit word in the header . this field specifies the size of the header(this also coincides with the offset to the data). The minimum value

for this field is 5 (RFC 791), which is a length of 5×32 = 160 bits =

20 bytes. Being a 4-bit value, the maximum length is 15 words

(15×32 bits) or 480 bits = 60 bytes.

21OPM

http://tools.ietf.org/html/rfc791http://tools.ietf.org/html/rfc791


22/33

IPv4 header fields (cont.)

• Type of Service (originally defined ):- 8-bits field

– Differentiated Services (DS 6-bits defines type of services like control, data,

real-time streaming etc.

– Explicit Congestion Notification (ECN 2-bits allows end-to-end notification

of network congestion without dropping packets).

22OPM


23/33


• Total length :-

– 16-bits field defines the entire packet (fragment) size, including headerand data, in bytes (octet).

– The minimum-length packet is 20 bytes (20-byte header + 0 bytesdata) and the maximum is 65,535 bytes — the maximum value of a 16-

bit word.

• Identification :-

– uniquely identifies a datagram or must be copied in fragments.

–Retransmission of a packet carries the same identification number.

– Some experimental work has suggested using the ID field for other purposes, such as for adding packet-tracing information to help tracedatagrams with spoofed source addresses

23OPM


24/33


• Flags:- 3-bits field,

– used to control or identify fragments. They are (in order, from high order tolow order).

– bit 0: Reserved; must be zero.

– bit 1: Don't Fragment (DF), set (1) for don’t fragment, clear (0) for fragment

– bit 2: More Fragments (MF), set (1) for more fragment follows, clear (0) forno fragment and last fgagment.

• Fragment Offset:- 13-bits long field,

– measured in units of eight-byte blocks,

–

specifies the offset of a particular fragment relative to the beginning of theoriginal un-fragmented IP datagram.

– The first fragment has an offset of zero. This allows a maximum offset of(213 – 1) × 8 = 65,528 bytes, which would exceed the maximum IP packetlength of 65,535 bytes with the header length included (65,528 + 20 = 65,548 bytes).

24OPM


25/33


•Time To Live (TTL):- 8-bits field

– helps prevent datagram from persisting (e.g. going in circles) on an internet.

This field limits a datagram's lifetime.

– The field has become a hop-count — when the datagram arrives at a router, the

router decrements the TTL field by one.

– When the TTL field hits zero, the router discards the packet and typically

sends a ICMP time exceeded message to the sender.

– The program traceroute uses these ICMP Time Exceeded messages to print

the routers used by packets to go from the source to the destination.

25OPM


26/33


• Protocol :- 8-bit field

– This field defines the protocol (TCP or UDP) used in the data portion of theIP datagram.

• Checksum :- 16-bit field (checksum of 16-bit blocks)

– used for error-checking of the header.

– Checksum is calculated as 1’s complement of sum of 1’s complement of all16-bit blocks of IP header.

– When a packet arrives at a router, the router calculates the checksum of theheader and compares it to the checksum field. If the values do not match, the

router discards the packet. – Errors in the data field must be handled by the encapsulated protocol.

– When a packet arrives at a router, the router decreases the TTL field. Consequently, the router must calculate a new checksum.

26OPM


27/33


• Source address:-

– This field is the IPv4 address of the sender of the packet. This address may

be changed in transit by a Network Address Translation device.

• Destination address:-

– This field is the IPv4 address of the receiver of the packet. As with the

source address, this may be changed in transit by a Network Address

Translation device.

27OPM


28/33

IPv4 header fields (cont.) • Options:-

– The options field is not often used. – The list of options may be terminated with an EOL (End Of Option list, 0x00)

option; this is only necessary if there is any option entries in header.

– The possible options that can be put in the header are as follows:

• Copy : Set to 1 if the options need to be copied into all fragments of a fragmented packet.

• Option Class : options category. 0 is for “ datagram or network control " options, and 2 is

for "debugging and measurement ". 1, and 3 are reserved.

• Option Number : value 0 for end of option list, 3 for loose source route, 7 for record

route, 9 for strict source route, 11 for MTU probe, 18 for traceroute program to find

routers along a path etc.

28

Copy (1 bit) Option class (2 bits) Option Number (5 bits)

OPM


29/33

Address spoofing

• Sender can put any source address in packets he sends:

– Can be used to send undesired return traffic to the spoofed address

– Can be used to bypass filters to send undesired traffic to the destination

• Reverse Path verification can be used by routers to broadly

catch some spoofers using option field.

29OPM


30/33

Fragmentation

• May need to fragment an IP packet if one data link along the waycannot handle the packet size – Perhaps path is a mix of different Hardwares.

– Perhaps unexpected encapsulation makes the packet larger than the sourceexpected

– Hosts try to understand Maximum Transmission Unit (MTU) to avoid theneed for fragmentation (which causes a performance hit)

• Any device along the way can fragment (in IPv4 only) – Identification field identifies all elements of the same fragment

–

Fragmentation stored in the MF (more fragments) and fragment offset fields – Devices can reassemble too

– But generally the destination does the reassembly

30OPM


31/33

Basic IPv4 Routing

• Static routing. Used by hosts and some firewalls and routers. – Routing table consists of entries of

• Networks gateways, Next hop addresses, other routers information etc.

– May have routing table per incoming interface

–

To route a packet, take the destination address and find the best matchnetwork in the table. In case of a tie look at the metric• Use the corresponding next hop address and interface to send the packet on.

• The next hop address is on the same link as this device, so you use the nexthop’s data-link address, e.g. ethernet MAC address

–

Decrement “time to live” field in IP header at each hop. Drop packet whenit reaches 0• Attempt to avoid routing loops

• TTL fields maximum value is 255.

31OPM


32/33

Source Based Routing

• In the IP Options field, can specify a source route

– Was conceived of as a way to ensure some traffic could be delivered through

predefined path irrespective of routing tables.

• Can be used by the network attacker to avoid security enforcing

devices

32OPM


33/33

Dynamic Routing Protocols

• For scaling, discover topology and routing rather than

statically constructing routing tables

– Open Shortest Path First (OSPF): Used for routing within an

administrative domain

– Traffic diversion by considering current status of a particular path

– Border Gateway Protocol (BGP): Used for routing between

administrative domains.

33OPM

Documents

7 Network Layer IPv4