2.3 Internet Protocols and Addressing
The third layer of communication protocol hierarchy is the network layer, which specifies the networking aspects of a communication transaction. This Internet Protocol (IP) layer handles networking aspects and establishes routes for packets. The network layer, in fact, handles the method of assigning addresses to packets and determines how they should be forwarded from one end point to another.
The Internet Protocol produces a header for packets. An IP header contains the IP addresses of a source node and a destination node, respectively. An IP packet can be encapsulated in the layer 2 frames when the packet enters a LAN. The IP layer normally offers no QoS guarantees and provides a best-effort service. IP is inherently unreliable, relying on the higher layers, such as the transport protocol, to handle issues relating to system reliability.
IP provides seamless Internet connectivity and scalability. This layer is based on the connectionless, or so-called datagram switching, approach. The advantages of this kind of service are (1) flexibility to allow interconnection between diverse network topologies, and (2) robustness to node failure. Apart from the ability to connect diverse networks, the IP layer also fragments packets to the maximum transmission unit (MTU) and performs reassembly of packet fragments at destinations.
2.3.1 IP Packet
The packet format of IP version 4 (IPv4) is shown in Figure 2.3. Each packet comprises the header and data. The size of the header is variable, with 20 bytes of fixed-length header and an options field whose size is variable up to 40 bytes. A brief description of the fields follows.
- Version specifies the IP version.
- Header length (HL) specifies the length of the header.
- Type of service specifies the quality-of-service (QoS) requirements of the packet, such as priority level, delay, reliability, throughput, and cost.
- Total length specifies the total length of the packet in bytes, including the header and data. A total of 16 bits are assigned to this field.
- Identification, flags, and fragment offset are used for packet fragmentation and reassembly.
- Time to live specifies the maximum number of hops after which a packet must be discarded.
- Protocol specifies the protocol used at the destination.
- Header checksum is a method of error detection and is described in Chapter 4.
- Source address and destination address are 32-bit fields specifying the source address and the destination address, respectively.
- Options is a rarely used variable-length field to specify security level, timestamp, and type of route.
- Padding is used to ensure that the header is a multiple of 32 bits.
Figure 2.3 IP packet format
Recall that the 16 bits in the total length field express the total length of a packet. Hence, the total length of the packet is limited to 216 bytes. However, the maximum packet size of 216 bytes is rarely used, since the packet size is limited by the physical network capacity. The real physical network capacity per packet is normally less than 10K and even gets smaller, to 1.5K when the packet reaches a LAN. To accomplish packet partitioning, the identification, flags, and fragment offset fields perform and keep track of the packet-fragmentation process when needed.
2.3.2 IP Addressing Scheme
The IP header has 32 bits assigned for addressing a desired device in the network. An IP address is a unique identifier used to locate a device on the IP network. To make the system scalable, the address structure is subdivided into the network ID and the host ID. The network ID identifies the network the device belongs to; the host ID identifies the device. This implies that all devices belonging to the same network have a single network ID. Based on the bit positioning assigned to the network ID and the host ID, the IP address is further subdivided into classes A, B, C, D (multicast), and E (reserved), as shown in Figure 2.4.
Figure 2.4 Classes of IP addresses
Consider the lengths of corresponding fields shown in this figure. Class A starts with a 0 and supports 126 networks and 16 million hosts per network. Class B addressing always starts with 10 and supports 16,382 networks and 65,534 hosts per network. Class C addressing starts with 110 and supports 2 million networks and 254 hosts per network. Class D addressing starts with 1110 and is specifically designed for multicasting and broadcasting. Class E always starts with 1111 reserved for network experiments. For ease of use, the IP address is represented in dot-decimal notation. The address is grouped into 4 dot-separated bytes.
Example. A host with an IP address of 10001000 11100101 11001001 00010000 belongs to class B, since it starts with 10, and its decimal equivalent is 220.127.116.11.
2.3.3 Subnet Addressing and Masking
The concept of subnetting was introduced to overcome the shortcomings of IP addressing. Managing the large number of hosts is an enormous task. For example, a company that uses a class B addressing scheme supports 65,534 hosts on one network. If the company has more than one network, a multiple-network address scheme, or subnet scheme, is used. In this scheme, the host ID of the original IP address is subdivided into subnet ID and host ID, as shown in Figure 2.5.
Figure 2.5 A subnet ID and host ID in class B addressing
Depending on the network size, different values of subnet ID and host ID can be chosen. Doing so would prevent the outside world from being burdened by a shortage of new network addresses. To determine the subnetting number, a subnet mask—logic AND function—is used. The subnet mask has a field of all 0s for the host ID and a field of all 1s for the remaining field.
Example. Given an IP address of 18.104.22.168 and a subnet mask of 255.255 .255.128, determine the maximum number of hosts per subnet.
Solution. Figure 2.6 shows the details of the solution. Masking 255.255.255.128 on the IP address results in 22.214.171.124. Clearly, the IP address 126.96.36.199 is a class B address. In a class B address, the lower 16 bits are assigned to the subnet and host fields. Applying the mask, we see that the maximum number of hosts is 27 = 128.
Figure 2.6 An example of subnet and masking
Example. A router attached to a network receives a packet with the destination IP address 188.8.131.52. The network is assigned an address of 184.108.40.206. Assume that the network has two subnets with addresses 220.127.116.11 and 18.104.22.168 and that both subnet ID fields have 8 bits. Explain the details of routing the packet.
Solution. When it receives the packet, the router determines to which subnet the packet needs to be routed, as follows: The destination IP address is 22.214.171.124, the subnet mask used in the router is 255.255.255.0, and the result is 126.96.36.199. The router looks up its routing table for the next subnet corresponding to the subnet 188.8.131.52, which is subnet 2. When the packet arrives at subnet 2, the router determines that the destination is on its own subnet and routes the packet to its destination.
2.3.4 Classless Interdomain Routing (CIDR)
The preceding section described an addressing scheme requiring that the address space be subdivided into five classes. However, giving a certain class C address space to a certain university campus does not guarantee that all addresses within the space can be used and therefore might waste some addresses. This kind of situation is inflexible and would exhaust the IP address space. Thus, the classful addressing scheme consisting of classes A, B, C, D, and E results in an inefficient use of the address space.
A new scheme, with no restriction on the classes, emerged. Classless interdomain routing (CIDR) is extremely flexible, allowing a variable-length prefix to represent the network ID and the remaining bits of the 32-field address to represent the hosts within the network. For example, one organization may choose a 20-bit network ID, whereas another organization may choose a 21-bit network ID, with the first 20 bits of these two network IDs being identical. This means that the address space of one organization contains that of another one.
CIDR results in a significant increase in the speed of routers and has greatly reduced the size of routing tables. A routing table of a router using the CIDR address space has entries that include a pair of network IP addresses and the mask. Supernetting is a CIDR technique whereby a single routing entry is sufficient to represent a group of adjacent addresses. Because of the use of a variable-length prefix, the routing table may have two entries with the same prefix. To route a packet that matches both of these entries, the router chooses between the two entries, using the longest-prefix-match technique.
Example. Assume that a packet with destination IP address 184.108.40.206 is received by router R1, as shown in Figure 2.7. In the entries of this router, two routes, L1 and L2, belonging to 220.127.116.11/20 and 18.104.22.168/21, respectively, are matched. CIDR dictates that the longer prefix be the eligible match. As indicated at the bottom of this figure, link L1, with its 21-bit prefix, is selected, owing to a longer match. This link eventually routes the packet to the destination network, N3.
Figure 2.7 CIDR routing
CIDR allows us to reduce the number of entries in a router's table by using an aggregate technique, whereby all entries that have some common partial prefix can be combined into one entry. For example, in Figure 2.7, the two entries 22.214.171.124/20 and 126.96.36.199/21 can be combined into 188.8.131.52/19, saving one entry on the table. Combining entries in routing tables not only saves space but also enhances the speed of the routers, as each time, routers need to search among fewer addresses.
2.3.5 Packet Fragmentation and Reassembly
The physical capacity of networks enforces an upper bound on the size of packets. The maximum transmission unit (MTU) represents this restriction. For example, as a LAN standard, Ethernet limits the size of flowing frames to be 1,500 bytes. The objective of inducing this method is that we need a mechanism that avoids requiring large buffers at intermediate routers to store the fragments. This restriction necessitates the Internet Protocol to break up large messages into fragments. The fragment sizes are limited to the MTU of the underlying physical network. The fragments could in turn be split into smaller fragments, depending on the physical network being used. Each fragment is routed independently through the network. Once all the fragments are received, they are reassembled at the final destination to form the original packet.
The identification, flag, and offset fields of the IP header help with the fragmentation and reassembly process. The identification field is used to distinguish between various fragments of different packets. The flag field has a more-fragment (MF) bit. When the MF bit is set, it implies that more fragments are on their way. The offset field indicates the position of a fragment in the sequence of fragments making up the packet. The lengths of all the fragments, with the exception of the last one, must be divisible by 8.
To be successfully reassembled, all fragments making up a packet must arrive at the destination. In the case of a missing fragment, the rest of the fragments have to be discarded, and thus the packet needs to be retransmitted. In such cases, the retransmission of packets results in an inefficient use of the network bandwidth.
Example. Suppose that a host application needs to transmit a packet of 3,500 bytes. The physical layer has an MTU of 1,500 bytes. The packet has an IP header of 20 bytes plus another attached header of 20 bytes. Fragment the packet, and specify the ID, MF, and offset fields of all fragments.
Solution. The allowable data length = 1,500 - 20 - 20 = 1,460 bytes. Because 1,460 is not divisible by 8, the allowable data length is limited to 1,456 bytes. Including the headers, the data to be transmitted is then 3,540 bytes to be split into fragments of 1,456, 1,456 and 628 bytes. Here, fragment 1 = total length 1,456, MF 1, offset 0; fragment 2 = total length 1,456, MF 1, offset 182; and fragment 3 = total length 628, MF 0, and offset 364.
2.3.6 Internet Control Message Protocol (ICMP)
In connectionless routing, routers operate autonomously. They forward and deliver packets without requiring any coordination with the source. In large communication networks, IP may not be able to deliver a packet to its destination, owing to possible failures in the connectivity of a destination. Besides the hardware failure, other factors may be present to create this problem. For example, as noted in Section 2.3.1, the time-to-live field in an IP packet specifies the maximum number of hops after which a packet must be discarded. If the counter of this field expires, packet delivery too can become impossible.
Another issue—related and equally important—is that a sender cannot know whether a delivery failure is a result of a local or a remote technical difficulty. With TCP/IP, routers in a network can report errors through the Internet Control Message Protocol (ICMP). An ICMP message is encapsulated in the data portion of an IP datagram (packet). When an error occurs, ICMP reports it to the originating source of the connection. This is compatible with the fact that an IP datagram header itself specifies only the original source and not any routers. The source must interpret the error.
One of the important ICMP messages is the redirect message. In Figure 2.8, a source tries to send a message to a destination. But R1 incorrectly sends the message to a wrong path (R1-R3-R4-R5-R6) instead of to the short one (R1-R2-R6). In this case, if in the middle of routing, R5 or R6 finds out about this error, it cannot issue an ICMP message to R1 to correct the routing, as they do not know the address of R1. Instead, they issue a redirect ICMP message to the source.
Figure 2.8 With ICMP, a redirect message cannot be sent to R1, since R6 does not know the address of R1.
2.3.7 IP Version 6 (IPv6)
The use of IPv4 has resulted in the exhaustion of the 32-bit address space to the extent that IPv4 has run out of addressing spaces. Therefore, 128-bit address spacing was introduced with Internet Protocol version 6 (IPv6). It enjoys tremendous popularity because of its simplicity and flexibility in adapting to diverse network technologies. Compatible with IPv4, IPv6 also supports real-time applications, including those that require guaranteed QoS. Figure 2.9 shows the IPv6 header. A brief description of the fields in the header follows.
- Version is the same as in IPv4, indicating the version number of the protocol.
- Traffic class specifies the priority level assigned to a packet.
- Flow label indicates the delay period within which application packets, such as real-time video, must be delivered.
- Payload length is the 16-bit specification of the length of the data, excluding the header.
- Next header specifies the type of extension header used. The functionality of the option field in IPv4 is specified in the extension header. In addition, the extension header is more flexible than the options field.
- Hop limit is the same as the time-to-live field in IPv4.
- Source address and destination address are each identified by a 128-bit field address.
Figure 2.9 An IPv6 packet format
The IPv4 and IPv6 header formats have some notable differences. First, IPv6 uses a 128-bit address field rather than the 32-bit field in IPv4. The 128-bit field can support a maximum of 3.4 x 1038 IP addresses. IPv6 has a simpler header format, eliminating the fragmentation, the checksum, and header length fields. The removal of the checksum field in IPv6 allows for faster processing at the routers without sacrificing functionality. In IPv6, error detection and correction are handled at the data link and the TCP layers. Note also that IPv6 can accommodate the QoS requirements for some applications. Besides all these significant advantages, IPv6 can provide built-in security features such as confidentiality and authentication. These features are discussed in Chapter 10.
IPv6 Addressing Format
With its large address spacing, IPv6 network addressing is very flexible. To efficiently represent the 128-bit address of IPv6 in a compact form, hexadecimal digits are used. A colon separates each of the four hexadecimal digits. For example, [2FB4 : 10AB : 4123 : CEBF : 54CD : 3912 : AE7B : 0932] can be a source address. In practice, IPv6 addresses contain a lot of bits that are zero. The address is commonly denoted in a more compact form. For example, an address denoted by [2FB4 : 0000 : 0000 : 0000 : 54CD : 3912 : 000B : 0932] can be compressed to [2FB4:::: 54CD:3912:B: 932].
The network address space is classified into various types, each of which is assigned a binary prefix. Currently, only a small portion of the address space has been assigned, with the remaining reserved for future use. One of the address types with a leading byte of 1s is assigned for multicast; the rest of the currently assigned types are used for unicast applications. Apart from the unicast and multicast addresses, IPv6 introduces anycast addresses. An anycast address is similar to a multicast address and identifies a group of network devices for making connections. However, unlike with multicast addressing, a packet needs to be forwarded to any one device in the group. Anycast addresses share the address space with unicast address types. IPv6 reserves some addresses for special purposes.
Extension headers are positioned between the header and the payload. If multiple extension headers are used, they are concatenated, as shown in Figure 2.10, making it mandatory for them to be processed in the sequence in which they are listed. Figure 2.10 specifies the sequence in which the extension headers are to be listed.
Figure 2.10 Concatenated IPv6 extension header
In IPv6, framentation is permitted only at the source. The result of this restriction is faster processing of packets at routers. Before transmitting a packet, a host performs a maximum transmission unit (MTU) discovery in the route of the packet. The minimum MTU obtained determines the packet size and thus requires the route from the host to the destination to remain steady. If this minimum value of the physical network is less than the packet size to be transmitted, the intermediate router discards the packet and sends an error message back to the source. In rare cases, the packet needs to be fragmented, and the extension header contains the fragmentation information.