IP

IP Header

1. Version (4 bits):

• Specifies the IP version. For IPv4, this value is 4.

2. HLEN (Header Length, 4 bits):

• Indicates the length of the header in 32-bit words. The minimum value is 5 (20 bytes), and the maximum is 15 (60 bytes).

3. TOS (Type of Service, 8 bits):

• Used to specify the priority of the packet and request specific types of service (e.g., low delay, high throughput).

4. Length (16 bits):

• Total length of the IP packet (header + data) in bytes. The maximum length is 65,535 bytes.

5. Ident (Identification, 16 bits):

• Used for uniquely identifying fragments of an original IP packet.

6. Flags (3 bits): Control or identify fragments. The three bits are:

• Reserved bit: Must be zero.
• Don't Fragment (DF): If set, the packet should not be fragmented.
• More Fragments (MF): If set, there are more fragments following this one.

7. Offset (Fragment Offset, 13 bits):

• Specifies the offset of a fragment relative to the beginning of the original unfragmented packet. Measured in 8-byte units.

8. TTL (Time to Live, 8 bits):

• Indicates the maximum number of hops the packet can take before being discarded. Helps prevent infinite looping in the network.

9. Protocol (8 bits):

• Specifies the protocol used in the data portion of the IP datagram (e.g., TCP, UDP, ICMP).

10. Checksum (Header Checksum, 16 bits):

• Used for error-checking the header. It ensures the integrity of the header data.
• The Checksum is calculated by considering the entire IP header as a sequence of 16-bit words, adding them up using ones’ complement arithmetic, and taking the ones’ complement of the result.

11. SourceAddr (Source Address, 32 bits):

• The IP address of the sender.

12. DestinationAddr (Destination Address, 32 bits):

• The IP address of the intended recipient.

13. Options (Variable length):

• Optional field that can be used for various purposes, such as security, routing, and network management. If not used, the header ends after the destination address.

14. Pad (Variable length):

• Used to ensure that the header length is a multiple of 32 bits.

15. Data:

• The actual payload being transported by the IP packet. This can be of variable length and contains the higher-level protocol data, such as TCP or UDP segments.

IP Address

• Network Part Identification: An IP address is typically divided into two parts: the network part and the host part. The division of these parts is determined by the subnet mask associated with the IP address. IP addresses that share the same network part, when masked with the subnet mask, belong to the same IP network or subnet.

• Same IP Network: If two devices have IP addresses with the same network part (and therefore are on the same subnet), they are generally considered to be on the same logical network. This means that they can potentially communicate directly with each other without the need for routing through an intermediate device.

Exceptions

• Subnetting and VLANs: Modern network configurations often involve advanced subnetting and virtual LANs (VLANs). Even if two IP addresses appear to be on the same subnet based on their network address, network policies or configurations like VLAN segmentation might prevent them from communicating directly. In such cases, even though they share the network part of the IP address, they could be isolated at the Data Link layer.

Datagram Forwarding in IP

• Every IP datagram contains the IP address of the destination host.

• The network part of an IP address uniquely identifies a single physical network that is part of the larger Internet.

• All hosts and routers that share the same network part of their address are connected to the same physical network and can thus communicate with each other by sending frames over that network.

• Every physical network that is part of the Internet has at least one router that, by definition, is also connected to at least one other physical network; this router can exchange packets with hosts or routers on either network.

A datagram is sent from a source host to a destination host, possibly passing through several routers along the way. Any node, whether it is a host or a router, first tries to establish whether it is connected to the same physical network as the destination. To do this, it compares the network part of the destination address with the network part of the address of each of its network interfaces. (Hosts normally have only one interface, while routers normally have two or more, since they are typically connected to two or more networks.) If a match occurs, then that means that the destination lies on the same physical network as the interface, and the packet can be directly delivered over that network.

if (NetworkNum of destination = NetworkNum of one of my interfaces) then
    deliver packet to destination over that interface
else
    if (NetworkNum of destination is in my forwarding table) then
        deliver packet to NextHop router
    else
        deliver packet to default router

Complete Forwarding table for Router R2

Routers now contain forwarding tables that list only a set of network numbers(e.g. 128.96) rather than all the nodes in the network.

Subnetting and Classless Addressing

The original intent of IP addresses was that the network part would uniquely identify exactly one physical network.

Subnetting provides a first step to reducing total number of network numbers that are assigned. The idea is to take a single IP network number and allocate the IP addresses with that network number to several physical networks, which are now referred to as subnets.

Subnet Mask

The mechanism by which a single network number can be shared among multiple networks involves configuring all the nodes on each subnet with a subnet mask. With simple IP addresses, all hosts on the same network must have the same network number. The subnet mask enables us to introduce a subnet number; all hosts on the same physical network will have the same subnet number, which means that hosts may be on different physical networks but share a single network number.

• All hosts on a given subnet are configured with the same mask; that is, there is exactly one subnet mask per subnet.

New Route Table

The forwarding table of a router also changes slightly when we introduce subnetting. Recall that we previously had a forwarding table that consisted of entries of the form (NetworkNum, NextHop). To support subnetting, the table must now hold entries of the form (SubnetNumber, SubnetMask, NextHop). To find the right entry in the table, the router ANDs the packet’s destination address with the SubnetMaskfor each entry in turn; if the result matches the SubnetNumber of the entry, then this is the right entry to use, and it forwards the packet to the next hop router indicated.

D = destination IP address
for each forwarding table entry (SubnetNumber, SubnetMask, NextHop)
    D1 = SubnetMask & D
    if D1 = SubnetNumber
        if NextHop is an interface
            deliver datagram directly to destination
        else
            deliver datagram to NextHop (a router)

CIDR(Classless Interdomain Routing)

CIDR, tries to balance the desire to minimize the number of routes that a router needs to know against the need to hand out addresses efficiently. To do this, CIDR helps us to aggregate routes.(e.g. 16 * ClassC record VS 1 * ClassB record)

CIDR requires a new type of notation to represent network numbers, or prefixes as they are known, because the prefixes can be of any length. The convention is to place a /X after the prefix, where X is the prefix length in bits. So, for the example above, the 20-bit prefix for all the networks 192.4.16 through 192.4.31 is represented as 192.4.16/20. By contrast, if we wanted to represent a single class C network number, which is 24 bits long, we would write it 192.4.16/24.

CIDR means that prefixes may be of any length, from 2 to 32 bits. Furthermore, it is sometimes possible to have prefixes in the forwarding table that “overlap,” in the sense that some addresses may match more than one prefix. For example, we might find both 171.69 (a 16-bit prefix) and 171.69.10 (a 24-bit prefix) in the forwarding table of a single router. In this case, a packet destined to, say, 171.69.10.5 clearly matches both prefixes. The rule in this case is based on the principle of “longest match”; that is, the packet matches the longest prefix, which would be 171.69.10 in this example.

ARP(Address Translation)

A more general solution would be for each host to maintain a table of address pairs; that is, the table would map IP addresses into physical addresses.

If a host wants to send an IP datagram to a host (or router) that it knows to be on the same network(i.e., the sending and receiving nodes have the same IP network number), it first checks for a mapping in the cache. If no mapping is found, it needs to invoke the Address Resolution Protocol over the network. It does this by broadcasting an ARP query onto the network. This query contains the IP address in question (the target IP address). Each host receives the query and checks to see if it matches its IP address. If it does match, the host sends a response message that contains its link-layer address back to the originator of the query. The originator adds the information contained in this response to its ARP table.

The query message also includes the IP address and link-layer address of the sending host. Thus, when a host broadcasts a query message, each host on the network can learn the sender’s link-level and IP addresses and place that information in its ARP table. However, not every host adds this information to its ARP table. If the host already has an entry for that host in its table, it “refreshes” this entry; that is, it resets the length of time until it discards the entry. If that host is the target of the query, then it adds the information about the sender to its table, even if it did not already have an entry for that host. This is because there is a good chance that the source host is about to send it an application-level message, and it may eventually have to send a response or ACK back to the source; it will need the source’s physical address to do this. If a host is not the target and does not already have an entry for the source in its ARP table, then it does not add an entry for the source. This is because there is no reason to believe that this host will ever need the source’s link-level address; there is no need to clutter its ARP table with this information.

DHCP(Dynamic Host Configuration Protocol)

Broadcast Address

Special IP address (255.255.255.255) that is an IP broadcast address. This means it will be received by all hosts and routers on that network. (Routers do not forward such packets onto other networks, preventing broadcast to the entire Internet.)

DHCP Process

The DHCP operates based on a client-server model and involves four key steps, often referred to as DORA (Discover, Offer, Request, Acknowledge):

1. DHCP Discover:

   • The client sends a DHCP Discover message, a broadcast packet (to all devices) on the network, to find available DHCP servers. This message is sent because the client needs to obtain the necessary network configuration parameters to operate in the network.

2. DHCP Offer:

   • Any DHCP server that receives the Discover message responds to the client with a DHCP Offer message. This message is also a broadcast and contains the IP address that the server is offering, the subnet mask, the duration of the lease (how long the client can use the IP address), and possibly other configuration details like the DNS server address and default gateway.

3. DHCP Request:

   • Once the client receives one or more offers, it selects one and responds with a DHCP Request message. This message is sent back to the selected DHCP server to indicate acceptance of the offered settings and to inform the other DHCP servers that their offers are declined. This message includes the IP address it has chosen from the offers it received.

4. DHCP Acknowledge:

   • Upon receiving the DHCP Request message from the client, the DHCP server sends a DHCP Acknowledge message to the client. This message confirms that the IP address has been officially leased to the client. The server also configures its own data to mark the IP address as assigned.

Additional Details

• Lease Time: The DHCP server assigns a lease time for each IP address, which is the time period that the client can use the IP address without renewing it. Once the lease time expires, the client must request a new IP address or renew its current address.
• Renewal: Before the lease expires, the client typically begins the renewal process using a DHCP Request message directed specifically to the server that originally granted the IP address. If renewed successfully, the server responds with a DHCP Acknowledge.
• IP Address Reuse: DHCP allows for efficient use of IP addresses by reassigning them once they are no longer in use or when the lease has expired.
• Configuration Options: Besides IP addresses, DHCP can also configure clients with the necessary routing and DNS information required for fully functional network connectivity.

DHCP is widely used in all types of networks because it reduces the administrative burden of assigning IP addresses manually and ensures that each device has all the necessary configuration details to communicate on the network effectively.

Error Reporting (ICMP)

When a router does not know how to forward the datagram or when one fragment of a datagram fails to arrive at the destination—it does not necessarily fail silently. IP is always configured with a companion protocol, known as the Internet Control Message Protocol (ICMP), that defines a collection of error messages that are sent back to the source host whenever a router or host is unable to process an IP datagram successfully.

ICMP also provides the basis for two widely used debugging tools, ping and traceroute. ping uses ICMP echo messages to determine if a node is reachable and alive. traceroute uses a slightly non-intuitive technique to determine the set of routers along the path to a destination.

Virtual Networks and Tunnels