CN3nd4

Network layer
• Source to Destination Delivery: Delivers packets from source to destination, possibly over
multiple networks.
• Logical Addressing: Uses logical addresses to identify the sender and receiver.
• Routing: Responsible for finding the best route to send packets using routing protocols.
• Packetizing: Involves encapsulating payload at the source, adding a header with essential
details, and preserving payload integrity during transit, barring fragmentation cases.
• Error and Flow Control: Encompasses adding a checksum in the datagram header for
detecting corruption (not covering the entire datagram), with limited direct involvement in
flow control, and using ICMP for some error control activities.
• Congestion Control: Manages network congestion, handling situations when too many
datagrams crowd a network segment and addressing capacity exceedance issues in networks
or routers.
www.knowledgegate.in
IPv4
IPv4
• IPv4 operates as an unreliable connectionless datagram protocol, offering a best-effort
delivery service which doesn't guarantee packet safety or order.
• The "best-effort" notion implies that IPv4 packets might experience corruption, loss, delays, or
out-of-order arrival, potentially causing network congestion.
• Employing a datagram approach, IPv4 treats each datagram independently, allowing them to
traverse different routes to their destination.
• To enhance reliability, IPv4 should be coupled with a reliable protocol like TCP, forming the
TCP/IP protocol stack for secured data delivery.
Datagram Format
• Packets used by the IP are called datagrams.
• A datagram is a variable-length packet consisting of two parts: header and payload (data).
• The header is 20 to 60 bytes in length and contains information essential to routing and delivery.
• Version Number: The 4-bit version number (VER) field defines the version of the
IPv4 protocol, which, has the value of 4.
• Header Length: The 4-bit header length (HLEN) field defines the total length of the datagram header in 4-byte
words. The IPv4 datagram has a variable-length header.
• Scaling Factor:
• To make the value of the header length (number of bytes) fit in a 4-bit header length, the total length of the
header is calculated as 4-byte words.
• The total length is divided by 4 and the value is inserted in the field.
• The receiver needs to multiply the value of this field by 4 to find the total length.
• Example: If header length field contains decimal value 5 (represented as 0101), then Header length = 5 x 4 =
20 bytes
• Point to Note
• The length of IP header always lies in the range of [20 bytes, 60 bytes]
• The initial 5 rows of the IP header are always used. So, minimum length of IP header = 5 x 4 bytes =
20 bytes.
• The size of Options field can go up to 40 bytes. So, maximum length of IP header = 20 bytes + 40
bytes = 60 bytes.
• The range of header length field value is always [5, 15] as [20/4 = 5, 60/4 = 15]
• The range of header length is always [20, 60].
• Services: - IETF has changed the interpretation and name of this 8-bit field. This field, previously
called service type, is now called differentiated services.
• Precedence is a 3-bit subfield ranging from 0 (000 in binary) to 7 (111 in binary). The precedence
defines the priority of the datagram in issues such as congestion. If a router is congested and
needs to discard some datagrams, those datagrams with lowest precedence are discarded first.
• Service Type: It defines how the datagram should be handled. Service type is an 8-bit field
that is used for Quality of Service (QoS).
• TOS bits is a 4-bit subfield with each bit having a special meaning. Although a bit can be
either 0 or 1, one and only one of the bits can have the value of 1 in each datagram
• Total Length: It defines the total length (header plus data) of the IP datagram in bytes. This
field helps the receiving device to know when the packet has completely arrived.
• Minimum total length of datagram = 20 bytes (20 bytes header + 0 bytes data)
• Maximum total length of datagram = Maximum value of 16-bit word = 65535 bytes
• To find the length of the data coming from the upper layer, subtract the header length from
the total length.
• Length of data = total length − (HLEN) × 4
Maximum Transfer Unit (MTU)
• Each link-layer protocol has its own frame format. One of the features of each format is the maximum
size of the payload that can be encapsulated. In other words, when a datagram is encapsulated in a
frame, the total size of the datagram must be less than this maximum size.
• The value of the MTU differs from one physical network protocol to another. For example, the value for a LAN is
normally 1500 bytes, but for a WAN it can be larger or smaller.
• When a datagram is fragmented it means that the payload of the IP datagram is fragmented and each fragment
has its own header with most of the fields repeated, but some have been changed such as flags, fragmentation
offset, and total length and checksum is recalculated at each point.
• A fragmented datagram may itself be fragmented if it encounters a network with an even smaller MTU. Thus,
datagram may be fragmented several times before it reaches the final destination.
• Identification: 16-bit identification field identifies a datagram originating from the source host.
To guarantee uniqueness, IP protocol uses a counter to label the datagrams.
• The counter is initialized to a positive number. When the IP protocol sends a datagram, it copies
the current value of the counter to the identification field and increments the counter by one.
• When a datagram is fragmented, the value in the identification field is copied into all
fragments, used for the identification of the fragments of an original IP datagram. The
identification number helps the destination in reassembling the datagram.
Fragmentation
• Fragmentation is a process of dividing the datagram into fragments during its transmission.
• Datagram can be fragmented by the source host or any router in the path.
• The reassembly of the datagram, is done only by the destination host, because each fragment
becomes an independent datagram.
• The fragmented datagram can travel through different routes.
• Flag Field: The 3-bit flags field defines three flags.
• The leftmost bit is reserved (not used).
• The second bit (D bit) is called the do not fragment bit.
• If its value is 1, the machine must not fragment the datagram.
• If its value is 0, the datagram can be fragmented if necessary.
• The third bit (M bit) is called the more fragment bit.
• If its value is 1, it means the datagram is not the last fragment; there are more
fragments after this one.
• If its value is 0, it means this is the last or only fragment.
• Fragmentation Offset: The 13-bit fragmentation offset field shows the relative position of this fragment with
respect to the whole datagram.
• It is the offset of the data in the original datagram measured in units of 8 bytes.
• The bytes in the original datagram are numbered 0 to 3999.
• The first fragment carries bytes 0 to 1399. The offset value => 0/8 = 0.
• The second fragment carries bytes 1400 to 2799; the offset value => 1400/8 = 175.
• The third fragment carries bytes 2800 to 3999. The offset value => 2800/8 = 350.
• Time-to-Live (TTL): field in a datagram dictates the maximum number of hops (via routers) it
can take, generally set to twice the highest number of routers between any two hosts.
• Every router the datagram passes through decreases the TTL value by one; the datagram is
discarded if the TTL reaches zero, preventing it from circulating indefinitely due to potential
routing table errors.
• Besides limiting a datagram's lifespan, the TTL field can be used to restrict a packet's journey
deliberately, like confining it to a local network by setting the TTL value to 1, causing its discard
at the first router.
• Protocol: In TCP/IP, the data section of a packet, called the payload, carries the whole packet from
another protocol. A datagram, for example, can carry a packet belonging to any transport-layer
protocol such as UDP or TCP.
• When the datagram arrives at the destination, the value of this field helps to define to which
protocol the payload should be delivered.
Header checksum: The IP header checksum field only verifies the header, not the payload, indicating that
IP is not entirely reliable as it doesn't affirm the payload remains unaltered during transmission.
• Due to alterations in fields such as TTL at every router, the checksum needs frequent recalculations.
• Upper-level protocols encapsulating data in the IPv4 datagram maintain separate checksums that cover
the complete packet, thus the IPv4 datagram checksum doesn't validate the contained data.
• The IPv4 packet's header, which changes at each visited router (but not the data), is the only section
included in the checksum, preventing unnecessary increases in processing time from recalculating the
entire packet's checksum at every router.
• Source and Destination Addresses: These 32-bit source and destination address
fields define the IP address of the source and destination respectively.
Variable part
• The variable part comprises the options that can be a maximum of 40 bytes. Options, as the
name implies, are not required for a datagram. They can be used for network testing and
debugging.
• End of Option
• An end-of-option option is a 1-byte option used for padding at the end of the option field.
It, however, can only be used as the last option.
• Record Route
• A record route option is used to record the Internet routers that handle the datagram. It
can list up to nine router addresses. It can be used for debugging and management
purposes.
• Strict Source Route
• A strict source route option is used by the source to predetermine a route for the datagram as it travels
through the Internet. Dictation of a route by the source can be useful for several purposes.
• The sender can choose a route with a specific type of service, such as minimum delay or maximum
throughput.
• Alternatively, it may choose a route that is safer or more reliable for the sender's purpose. For example, a
sender can choose a route so that its datagram does not travel through a competitor's network.
• If a datagram specifies a strict source route, all the routers defined in the option must be visited by the
datagram. A router must not be visited if its IPv4 address is not listed in the datagram. If the datagram visits a
router that is not on the list, the datagram is discarded and an error message is issued.
• If the datagram arrives at the destination and some of the entries were not visited, it will also be discarded
and an error message issued.
• Loose Source Route

• A loose source route option is similar to the strict source route, but it is less rigid. Each router in the list must
be visited, but the datagram can visit other routers as well.
• Timestamp
• A timestamp option is used to record the time of datagram processing by a router. The
time is expressed in milliseconds from midnight, Universal time or Greenwich mean time.
• Knowing the time, a datagram is processed can help users and managers track the
behaviour of the routers in the Internet. We can estimate the time it takes for a datagram
to go from one router to another. We say estimate because, although all routers may use
Universal time, their local clocks may not be synchronized.
IPv6
• Each packet can be divided into two parts :
• Base header
• Payload
• The payload is made up of two parts :

• An optional extension header
• The upper layer data
• Base header has eight fields
i. Version: This is 4-bit field which defines the
version number of IP. For IPv6, the value is 6.
ii. Priority: The 4-bit priority field defines the
priority of the packet with respect to traffic
congestion.
iii. Flow label: The flow label is a 3-byte field
that is designed to provide special handling
for a particular flow of data.
iv. Payload length: The 2-byte payload length
field defines the total length of IP datagram
excluding the base header.
v. Next header: The next header is an 8-bit
field defines the header that follows the base
header in the datagram.
vi. Hop limit: This 8-bit hop limit field serves the same purpose as TTL field in IPv4.
vii. Source address: The source address field is a 16-bytes internet address that identifies the original source of
datagram.
viii. Destination address: The destination address field is a 16-byte internet address that usually identifies the final
destination of the datagram.
іх. Extension header: Extension header field help in processing of data packets by appending different extension
header. Each extension header has a length equal to multiple of 64-bits.
1.Address Length
1. IPv4: 32-bit (4 bytes)
2. IPv6: 128-bit (16 bytes)
2.Address Notation
1. IPv4: Decimal (e.g., 192.168.1.1)
2. IPv6: Hexadecimal (e.g., 2001:0db8:85a3:0000)
3.Number of Addresses
1. IPv4: Approximately 4.3 billion
2. IPv6: Approximately 340 undecillion
4.Configuration
1. IPv4: Manual or DHCP
2. IPv6: Stateless address autoconfiguration (SLAAC) or DHCPv6
5.Security
1. IPv4: Initially lacked, added later as extensions
2. IPv6: Inbuilt support for IPsec, providing network security at the IP layer
Advancements in IPv6:
• Larger Address Space: Can accommodate a virtually unlimited number of unique addresses,
facilitating the growth of the internet.
• Simplified Header: IPv6 has a simpler header structure, which improves the speed of routing
by allowing routers to process packets more efficiently.
• Improved Multicast: IPv6 utilizes multicast addressing to send data packets to multiple
destinations in a single transmission, which conserves bandwidth compared to IPv4.
• No NAT Required: IPv6 was designed to eliminate the need for NAT, making end-to-end
connection more straightforward and reducing latency and complexity.
• Mobility and Security: IPv6 was built considering modern requirements, offering better
support for mobile devices and higher levels of security.
Need of Additional protocols
• IP packets, however, need to be encapsulated in a frame, which needs physical addresses (node-to-node). We
will see that a protocol called ARP, the Address Resolution Protocol.
• We sometimes need reverse mapping-mapping a physical address to a logical address. For example, when
booting a diskless network or leasing an IP address to a host, RARP is used.
• Lack of flow and error control in the Internet Protocol has resulted in another protocol, ICMP, that provides
alerts. It reports congestion and some types of errors in the network or destination host
• IP was originally designed for unicast delivery, one source to one destination. As the Internet has evolved, the
need for multicast delivery, one source to many destinations, has increased tremendously. IGMP gives IP a
multicast capability.
Address Resolution Protocol (ARP)
• The IP address of the next node alone is not helpful in moving a frame through a link; we need
the link-layer address of the next node.
• ARP maps an IP address to a logical-link address. ARP accepts an IP address from the IP
protocol, maps the address to the corresponding link-layer address, and passes it to the data-
link layer.
• The ARP protocol is one of the auxiliary protocols defined in the network layer.
1. Anytime a host or a router needs to find the
link-layer address of another host or router in
its network, it sends an ARP request packet.
The packet includes the link-layer and IP
addresses of the sender and the IP address of
the receiver.
2. Because the sender does not know the link-
layer address of the receiver, the query is
broadcast over the link.
3. Every host or router on the network receives
and processes the ARP request packet, but
only the intended recipient recognizes its IP
address and sends back an ARP response
packet.
4. The response packet contains the recipient’s IP
and link-layer addresses. The packet is unicast
directly to the node that sent the request
packet.
RARP
• Reverse Address Resolution Protocol (RARP) finds the logical address for a machine that knows only its
physical address. Each host or router is assigned one or more logical (IP) addresses, which are unique
and independent of the physical (hardware) address of the machine. To create an IP datagram, a host
or a router needs to know its own IP address.
• The IP address of a machine is usually read from its configuration file stored on a disk file. However, a
diskless machine is usually booted from ROM, which has minimum booting information. The ROM is
installed by the manufacturer. It cannot include the IP address because the IP addresses on a network
are assigned by the network administrator.
• The machine can get its physical address (by reading its NIC, for example), which is unique locally. It can
then use the physical address to get the logical address by using the RARP protocol.
• A RARP request is created
and broadcast on the local
network. Another machine
on the local network that
knows all the IP addresses
will respond with a RARP
reply.
• The requesting machine

must be running a RARP
client program; the
responding machine must
be running a RARP server
program.
ICMP
• IP has two deficiencies: lack of error control and lack of assistance mechanisms.
The IP protocol has no error-reporting or error-correcting mechanism.
• What happens if something goes wrong?
• What happens if a router must discard a datagram because it cannot find a
router to the final destination,
• or because the time-to-live field has a zero value?
• What happens if the final destination host must discard all fragments of a
datagram because it has not received all fragments within a predetermined
time limit?
• These are examples of situations where an error has occurred and the IP protocol
has no built-in mechanism to notify the original host. The IP protocol also lacks a
mechanism for host and management queries. A host sometimes needs to
determine if a router or another host is alive. And sometimes a network
administrator needs information from another host or router.
• The Internet Control Message Protocol (ICMP) has been designed to compensate
for the above two deficiencies. It is a companion to the IP protocol.
Types of Messages
• ICMP messages are divided into two broad categories: Error-Reporting messages and
query(request & reply) messages.
ICMP
messages
The error-reporting The query messages,

messages report problems Query(Request which occur in pairs, help
Error-
that a router or a host & Reply) a host or a network
Reporting
messages
(destination) may encounter manager get specific
when it processes an IP information from a router
packet. or another host.
Error Reporting
• ICMP does not correct errors-it simply reports them. Error correction is left to the higher-level
protocols. Error messages are always sent to the original source because the only information
available in the datagram about the route is the source and destination IP addresses. ICMP
uses the source IP address to send the error message to the source (originator) of the
datagram.
Time exceeded message
• ICMP will take source IP from discarded packet and informs to the source, of discarded
datagram due to time to live field reaches to zero, by sending time exceeded message.
Parameter problem
• Whenever packets come to the router then calculated header checksum should be equal to
received header checksum then only packet is accepted by the router.
• If there is mismatch packet will be dropped by the router. ICMP will take the source IP from the
discarded packet and informs to source by sending parameter problem message.
Destination Un-reachable
• Destination unreachable is generated by the host or its inbound gateway to inform the client
that the destination is unreachable for some reason.
• There is no necessary condition that only router give the ICMP error message some time
destination host send ICMP error message when any type of failure (link failure, hardware
failure, port failure etc.) happen in the network.
Redirection message
• Redirect requests data packets be sent on an alternate route. The message
informs to a host to update its routing information (to send packets on an
alternate route).
Query
• In addition to error reporting, ICMP can diagnose some network problems. This is accomplished
through the query messages, a group of four different pairs of messages.
• In this type of ICMP message, a node sends a message that is answered in a specific format by the
destination node. A query message is encapsulated in an IP packet, which in turn is encapsulated in a
data link layer frame.
Echo Request and Reply
• Echo-request and echo-reply messages, encapsulated within IP datagrams, are
essential diagnostic tools enabling network managers and users to pinpoint
network issues and confirm that IP protocols in sender and receiver systems are
in sync.
• Modern systems offer an advanced version of the ping command, capable of
generating a series of these messages, facilitating comprehensive network
analysis through the collection of vital statistical data.
Router Solicitation and Advertisement
• As we discussed in the redirection message section, a host that wants to send data to a host on
another network needs to know the address of routers connected to its own network. Also, the host
must know if the routers are alive and functioning. The router-solicitation and router-advertisement
messages can help in this situation.
• A host can broadcast (or multicast) a router-solicitation message. The router or routers that receive the
solicitation message broadcast their routing information using the router-advertisement message.
• A router can also periodically send router-advertisement messages even if no host has solicited. Note
that when a router sends out an advertisement, it announces not only its own presence but also the
presence of all routers on the network of which it is aware.
Address-Mask Request and Reply
• A host may know its IP address, but it may not know the corresponding mask. For example, a host may
know its IP address as 159.31.17.24, but it may not know that the corresponding mask is /24.
• To obtain its mask, a host sends an address-mask-request message to a router on the LAN. If the host
knows the address of the router, it sends the request directly to the router. If it does not know, it
broadcasts the message.
• The router receiving the address-mask-request message responds with an address-mask-reply
message, providing the necessary mask for the host. This can be applied to its full IP address to get its
subnet address.
Timestamp Request and Reply
• Two machines (hosts or routers) can use the timestamp request and timestamp reply
messages to determine the round-trip time needed for an IP datagram to travel between
them. It can also be used to synchronize the clocks in two machines.
IGMP
• The IP protocol can be involved in two types of communication: unicasting and multicasting. Unicasting
is the communication between one sender and one receiver. It is a one-to-one communication.
• However, some processes sometimes need to send the same message to a large number of receivers
simultaneously. This is called multicasting, which is a one-to-many communication.
• Multicasting has many applications. For example, multiple stockbrokers can simultaneously be
informed of changes in a stock price, or travel agents can be informed of a plane cancellation.
Video-on-Demand
Distance Learning
Congestion
• Congestion is a situation which may occur if users send data into the network at a rate greater than that
allowed by network resources.
• Congestion control : Congestion control refers to techniques and mechanisms that can either prevent
congestion, before it happens, or remove congestion, after it has happened. Techniques to prevent
congestion :
• Open-loop congestion control : In open-loop congestion control, policies are applied to prevent congestion
before it happens. In these mechanisms, congestion control is handled by either the source or the
destination. Following are the policies that can prevent congestion :
• i. Retransmission policy : The retransmission policy is designed to optimize efficiency and at the same
time prevent congestion.
• ii. Window policy : The type of window at the sender may also affect congestion. The selective repeat
window is better than the Go-Back-N window for congestion control.
• iii. Acknowledgement policy : The acknowledgement policy imposed by the receiver may also affect
congestion. If the receiver does not acknowledge every packet it receives, it may slow down the sender
and help to prevent congestion.
• Closed-loop congestion control : Closed-loop congestion control mechanisms try to reduce congestion
after it happens. Several mechanisms have been used by different protocols which are as follows :
• i. Backpressure : The technique of backpressure refers to mechanism in which a congested node
stops congestion control m )receiving data from the immediate upstream node or nodes.
• ii. Choke packet : A choke packet is a packet sent by a node to the source to inform about
congestion. In the choke packet method ,the warning is from the router, which has encountered
congestion to the source station directly.
• iii. Implicit signaling : In implicit signaling, there is no communication between the congested node
or nodes and the source.
• iv. Explicit signaling : The node that experiences congestion can explicitly send a signal to the
source or destination.
Leaky bucket algorithm
• If a bucket has a small hole at the bottom, the water leaks from the bucket at a constant rate as long as there is
water in the bucket. The rate at which the water leaks does not depend on the rate at which the water is input to
the bucket unless the bucket is empty. The input rate can vary, but the output rate remains constant.
• Similarly, in networking, a technique called leaky bucket which can smooth out bursty traffic. A simple leaky
bucket implementation a FIFO queue holds the packets. If the traffic consists of fixed size packets the process
removes a fixed number of packets from the queue at each tick of the clock. If the traffic consists of variable
length packets, the fixed output rate must be based on the number of bytes or bits.
• The following is an algorithm for variable length packets:
• Initialize a counter to n at the tick of the clock.
• If n is greater then the size of the packet, send the packet and decrement the counter by
the packet size. Repeat this step until n is smaller than the packet size.
• Reset the counter and go to step(i).
Token Bucket Algorithm:
1.Concept: It is another algorithm used to control data rate in networks.
2.Working: Tokens are added to the bucket at a fixed rate. Data packets can be transmitted if sufficient tokens are
available.
3.Solution: It allows data to be sent at varying speeds, permitting bursts of data until the bucket is empty of tokens.
Advantage: Offers more flexibility than the leaky bucket as it accommodates bursts of high-speed data without data loss.
How Token Bucket Solves the Problem of Leaky Bucket:
1.Flexibility: It allows for bursts of data, adapting better to varying network speeds.
2.Prevents Data Loss: Data is not discarded suddenly as in the leaky bucket algorithm, reducing the chances of data loss.
3.Better Utilization of Bandwidth: By allowing data bursts, it utilizes available bandwidth more efficiently.
IPV4 ADDRESSES
• The Internet Protocol addresses are 32 bits in length; this gives us a maximum of 232 addresses. These
addresses are referred to as IPv4.
• This means that, theoretically, if there were no restrictions, more than 4 billion (4,29,49,67,296) devices
could be connected to the Internet. The actual number is much less because of the restrictions imposed
on the addresses.
• World population is often used to refer to the total number of humans currently living, and was
estimated to have exceeded 8.0 billion as of Sept 2023
• The need for more addresses, in addition to other concerns about the IP layer, motivated a
new design of the IP layer called the new generation of IP or IPv6 (lP version 6). In this version,
the Internet uses 128-bit addresses that give much greater flexibility in address allocation
(3.4 *1038). These addresses are referred to as IPv6 (IP version 6) addresses.
Unique and Universal
• An IP address is uniquely and universally defining the connection of a host or a router to the
Internet.
• They are unique in the sense that each address defines one, and only one, connection to the
Internet. Two devices on the Internet can never have the same address at the same time.
• The IPv4 addresses are universal in the sense that the addressing system must be accepted by any
host that wants to be connected to the Internet.
• The IP address is the address of the connection, not the host or the router, because if the device is
moved to another network, the IP address may be changed.
Notations
• There are two prevalent notations to show an IPv4
address: binary notation and dotted decimal notation.
• Binary Notation - In binary notation, the IPv4 address

is displayed as 32 bits. Each octet is often referred to
as a byte. So, it is common to hear an IPv4 address
referred to as a 32-bit address or a 4-byte address. An
example of an IPv4 address in binary notation:
01110101 10010101 00011101 00000010
• Dotted-Decimal Notation - To make the IPv4 address

more compact and easier to read, Internet addresses
are usually written in decimal form with a decimal
point (dot) separating the bytes. The following is the
dotted decimal notation of the above address:
117.149.29.2
Classful Addressing
• IPv4 addressing, at its inception, used the concept of classes. This architecture is called classful
addressing.
• A 32-bit IPv4 address is hierarchical and divided only into two parts:
• The first part of the address, called the prefix, defines the network (NetworkID).
• The second part of the address, called the suffix, defines the node (connection of a device to the
Internet (HostID)).
• IPv4 was first designed as a fixed-length prefix and is referred to as classful addressing
• In classful addressing, the address space is divided into five classes: A, B, C, D, and E. Each
class occupies some part of the address space.
• To accommodate both small and large networks, three fixed-length prefixes were designed
(n = 8, n = 16, and n = 24).
Class A
• In Class A NetID = 8 bits and HostID = 24.
• How to identify class A address
• First bit is reserved to 0 in binary notation
• Range of 1st octet is [0, 127] in dotted decimal notation
• Total number of connections in class A is 231 (2,14,74,83,648)
• There are 27 -2 = 126 networks in Class A network.

• In Class A, total network available are 2 less, because:
• IP Address 0.0.0.0 is reserved for broadcasting requirements
• IP Address 127.0.0.1 is reserved for loopback address / self-connectivity.
• The range of 1st octet is [0, 127] but since two addresses are reserved it is: [1, 126].
• There are 224 – 2 (1,67,77,214) HostID in Class A.
• In all the classes, total number of hosts that can be configured are 2 less because:
• This is to account for the two reserved IP addresses in which all the bits for host ID are
either zero or one.
• When all Host ID bits are 0, it represents the Network ID for the network.
• When all Host ID bits are 1, it represents the Broadcast Address.
• Class A is used by organizations requiring very large size networks like Indian Railways.
Class B
• In Class B NetID = 16 bits and HostID = 16.
• How to identify class B address
• First two bits are reserved to 10 in binary notation
• Total number of connections in class B is 230 (1,07,37,41,824)
• Total number of networks available in class B is 214 (16,384)
• Total number of hosts that can be configured in every network in class B is 216 –
2 (65,534)
• Class B is used by organizations requiring medium size networks
Class C
• In Class C NetID = 24 bits and HostID = 8.
• How to identify class C address
• First three bits are reserved to 110 in binary notation
• Total number of connections in class C is 229 (53,68,70,912)
• Total number of networks available in class C is 221 (20,97,152)
• Total number of hosts that can be configured in every network in class C is 28 – 2
(254)
• Class C is used by organizations requiring small to medium size networks.
Class D
• Class D is not divided into Network ID and Host ID.
• How to identify class D address
• First four bits are reserved to 1110 in binary notation
• Total number of IP Addresses available in class D = 228 (26,84,35,456)
• Class D is reserved for multicasting, in multicasting, there is no need to
extract host address from the IP Address, this is because data is not
destined for a particular host.
Class E
• Class E is not divided into Network ID and Host ID.
• How to identify class E address
• First four bits are reserved to 1111 in binary notation
• Total number of IP Addresses available in class E = 228
(26,84,35,456)
• Class E is reserved for future or experimental purposes.
Points to note
• All the hosts in a single network always have the same network ID but different Host ID.
• Two hosts in two different networks can have the same host ID.
• Only those devices which have the network layer will have IP Address, switches, hubs and
repeaters does not have any IP Address.
Casting in Networks
Types of Casting
• Casting in a network is basically of three type: Unicast, Multicast and Broadcast.
• Unicast: Transmitting data from one source host to one destination
host is called as unicast. It is a one to one transmission.
• Broadcast: Transmitting data from one source host to all other hosts
residing in a network either same or other network is called as broadcast. It
is a one to all transmission.
• Limited Broadcast:
• Direct Broadcast:
• Limited Broadcast: Transmitting data from one source host to all other hosts
residing in the same network is called as limited broadcast. Limited Broadcast
Address for any network is All 32 bits set to 1 =
11111111.11111111.11111111.11111111 = 255.255.255.255
• Direct Broadcast: Transmitting data from one source host to all other hosts
residing in some other network is called as direct broadcast.
• Direct Broadcast Address for any network is the IP Address where, Network ID
is the IP Address of the network where all the destination hosts are present
and Host ID bits are all set to 1.
• Multicast: Transmitting data from one source host to a particular group of
hosts having interest in receiving the data is called as multicast. It is a one
to many transmissions.
Reason For Subnetting
o Maintenance of a very big network like class A and class B is very difficult for
network administrator.
o Having all the computer from different departments in a company on the same
networks is less secure from company prospective.
o So, if an organization was granted a large block in class A or B, it could divide the addresses
into several contiguous groups and assign each group to smaller networks (called subnets) or,
in rare cases, share part of the addresses with neighbours.
• Conclusion: An organization (or an ISP) that is granted a range of addresses may divide the
range into several subranges and assign each subrange to a subnetwork (or subnet). A
subnetwork can be divided into several sub-subnetworks. A sub-subnetwork can be divided
into several sub-sub-subnetworks, and so on.
Advantages
• It improves the security.
• The maintenance and administration of subnets is easy.
Disadvantages
• Identification of a station is difficult
• Not possible to directed broadcast from outside network.
Types of Subnetting
Subnets can be of two types:
1.Fixed Length Subnetting
2.Variable Length Subnetting
Fixed Length Subnetting
• Fixed length subnetting (classful subnetting) divides the network into
subnets such that:
• All the subnets are of same size.
• All the subnets have equal number of hosts.
• All the subnets have same subnet mask.
Q Consider the network having IP Address 200.1.2.0. Divide this network into two subnets.
Q Consider the network having IP Address 200.1.2.0. Divide this network into two subnets.
1st Subnet 2nd Subnet
• IP Address of the subnet / Subnet id = 200.1.2.0 • IP Address of the subnet / Subnet id = 200.1.2.128
• Direct Broadcast Address = 200.1.2.01111111 = 200.1.2.127 • Direct Broadcast Address = 200.1.2.11111111 = 200.1.2.255
• Total number of IP Addresses = 27 = 128 • Total number of IP Addresses = 27 = 128
• Range of IP Addresses = [200.1.2.0, 200.1.2.127] • Range of IP Addresses = [200.1.2.128, 200.1.2.255]
• Total number of hosts that can be configured = 128 – 2 = 126 • Total number of hosts that can be configured = 128 – 2 = 126
• Range of Allocated IP Addresses = [200.1.2.1, 200.1.2.126] • Range of Allocated IP Addresses = [200.1.2.129, 200.1.2.254]
Q Consider we have a big single network having IP Address 200.1.2.0. We want to do subnetting
and divide this network into 4 subnets.
Q Consider we have a big single network having IP Address 200.1.2.0. We want to do subnetting
and divide this network into 4 subnets.
2nd Subnet
1st Subnet
• IP Address of the subnet / Subnet id = 200.1.2.64
• Direct Broadcast Address = 200.1.2.01111111 = 200.1.2.127
• Total number of IP Addresses = 26 = 64
• Range of IP Addresses = [200.1.2.64, 200.1.2.127]
• Total number of hosts that can be configured = 64 – 2 = 62
• Range of Allocated IP Addresses = [200.1.2.65, 200.1.2.126]
3rd Subnet 4th Subnet

Variable Length Subnetting
• Variable length subnetting (classless subnetting) divides the network into
subnets such that:
• All the subnets are not of same size.
• All the subnets do not have equal number of hosts.
• All the subnets do not have same subnet mask.
Q Consider we have a big single network having IP Address 200.1.2.0. We want to do subnetting and divide this
network into 3 subnets, such that first contains 126 hosts, and other two contains 62 hosts each?
2nd Subnet
1st Subnet
• Total number of hosts that can be configured = 128 – 2 = 126 3rd Subnet
1st Subnet
3rd Subnet
• Total number of hosts that can be configured = 64 – 2 = 62 • IP Address of the subnet / Subnet id = 200.1.2.128
• Range of Allocated IP Addresses = [200.1.2.1, 200.1.2.62] • Direct Broadcast Address = 200.1.2.111111111 = 200.1.2.255
2nd Subnet
• IP Address of the subnet / Subnet id = 200.1.2.64 • Total number of hosts that can be configured = 128 – 2 = 126
• Direct Broadcast Address = 200.1.2.011111111 = 200.1.2.127 • Range of Allocated IP Addresses = [200.1.2.129, 200.1.2.254]
Point to Note:
• Subnetting increases the number of 1’s in the mask
Subnet Masks
• In case of subnetting the problem is how to identify to which subnet the incoming packet from outside the
network must be delivered. To solve this problem, we use the idea of subnet mask.
• Subnet mask is a 32-bit number which is a sequence of 1’s followed by a sequence of 0’s where:
o 1’s represents the Network ID part along with the subnet ID.
o 0’s represents the host ID part.
• Default mask for different classes of IP Address are:

o Default subnet mask of Class A = 255.0.0.0
o Default subnet mask for Class B = 255.255.0.0
o Default subnet mask for Class C = 255.255.255.0
o Networks of same size always have the same subnet mask.
Address Depletion
• The addresses were not distributed properly as class A and B are usually very large for any organization
and class C is usually very small
• Flexibility is not there is classful addressing, we cannot have the exact allocation as we want for e.g. if
some company wants 150 IP address then must go for 256, resulting into address depletion.
• Wastage of addresses, for example: Class E addresses were almost never used, wasting the whole
class.
• Conclusion: The Internet was faced with the problem of the addresses being rapidly used up, resulting
in no more addresses available for organizations and individuals that needed to be connected to the
Internet.
Classless Addressing (Blocks/Network)
• Classless Addressing is an improved IP Addressing system.
• The class privilege is removed from the distribution to compensate for the address depletion,
so no class.
• Here we can ask exact set of IP address which are required and a Variable-length blocks are
assigned which satisfy the request.
CIDR Notation
• The question is as there are no classes, how to identify block id and host id, as address in classless
addressing does not define the block or network to which the address belongs.
• To solve this problem now we have a new CIDR notation, this notation is informally referred to as
slash notation and formally as classless interdomain routing or CIDR.
• To find the prefix(net_id), n is added to the address, separated by a slash.
• n represent number of bits in net_id
Extracting Information from an Address
• The number of addresses in the block is found as N = 232−n.
• To find the first address, we keep the n leftmost bits and set the (32 − n)
rightmost bits all to 0s.
• To find the last address, we keep the n leftmost bits and set the (32 − n)
rightmost bits all to 1s.
Q Find the Number of addresses, first and last address of the
CIDR block to which Following Address belongs to
167.199.170.82/27 (10100111 11000111 10101010 01010010)
167.199.170.82/27 (10100111 11000111 10101010 01010010)
10100111 11000111 10101010 010_ _ _ _ _
No of Address = 2 5
167.199.170.82/27 (10100111 11000111 10101010 01010010)
64
10100111 11000111 10101010 0100 0 0 0 0
10100111 11000111 10101010 0101 1 1 1 1
95
Address Mask
• The address mask is a 32-bit number in which the n leftmost bits are set to 1s
and the rest of the bits (32 − n) are set to 0s.
• It is another way to find the first and last addresses in the block.
• Using the three bit-wise operations NOT, AND, and OR a computer can find:
1. The number of addresses in the block N = NOT (mask) + 1.
2. The first address in the block = (Any address in the block) AND (mask).
3. The last address in the block = (Any address in the block) OR [(NOT (mask)].
Rules for Creating CIDR Block (Network)
• All the IP Addresses in the CIDR block must be contiguous.
• The size of the block (total number of IP Addresses contained in the block) must
be presentable as power of 2, size of any CIDR block will always be in the
form 21, 22, 23, 24, 25 and so on. (calculation can be easy)
• First IP Address of the block must be divisible by the size of the block. (so that
we get the host id from all 0 to all 1)
Subnetting in CIDR
Q Consider the network having IP Address 40.30.20.10/25 Divide this

network into two subnets.
Q Consider the network having IP Address 40.30.20.10/25 Divide this network into two subnets.
1st Subnet 40.30.20.00001010 2st Subnet
• 40.30.20.00001010 • 40.30.20.01001010
• First Address of the Subnet = 40.30.20.00000000 • First Address of the Subnet = 40.30.20.01000000
• Last Address of the Subnet = 40.30.20.00111111 • Last Address of the Subnet = 40.30.20.01111111
• CIRD Representation 40.30.20. __/26 • CIRD Representation 40.30.20. __/26
0,1,2,3,4,5,-----------------------------------------------------------,63 64,65,66,67,-------------------------------------------------------,127
Q Consider we have a big single network having IP Address 200.1.2.0/24 We want to do
subnetting and divide this network into 4 subnets.
Q Consider we have a big single network having IP Address 200.1.2.0/24. We want to do
subnetting and divide this network into 4 subnets.
2nd Subnet
1st Subnet
3rd Subnet 4th Subnet

Q Consider we have a big single network having IP Address 200.1.2.0/24. We want to do subnetting and divide this
2nd Subnet
1st Subnet • Total number of IP Addresses = 26 = 64
• IP Address of the subnet / Subnet id = 200.1.2.0 • Range of IP Addresses = [200.1.2.128, 200.1.2.191]
• Direct Broadcast Address = 200.1.2.01111111 = 200.1.2.127 • Total number of hosts that can be configured = 64 – 2 = 62
• Total number of IP Addresses = 27 = 128 • Range of Allocated IP Addresses = [200.1.2.129, 200.1.2.190]
3rd Subnet
• Range of Allocated IP Addresses = [200.1.2.1, 200.1.2.126] • IP Address of the subnet / Subnet id = 200.1.2.192
1st Subnet
3rd Subnet
• Total number of hosts that can be configured = 64 – 2 = 62 • IP Address of the subnet / Subnet id = 200.1.2.128
• Range of Allocated IP Addresses = [200.1.2.1, 200.1.2.62] • Direct Broadcast Address = 200.1.2.111111111 = 200.1.2.255
2nd Subnet
• IP Address of the subnet / Subnet id = 200.1.2.64 • Total number of hosts that can be configured = 128 – 2 = 126
• Direct Broadcast Address = 200.1.2.011111111 = 200.1.2.127 • Range of Allocated IP Addresses = [200.1.2.129, 200.1.2.254]
Designing subnets for CIDR Notations
• Assume:
• The total number of addresses granted to the organization is N
• The prefix length is n
• The assigned number of addresses to each sub-network is Nsub
• The prefix length for each sub-network is nsub.
• Then, The number of addresses in each sub-network should be a power of 2.
• The prefix length for each sub-network should be found using the following formula: nsub = 32
− log2Nsub
• The starting address in each sub-network should be divisible by the number of addresses in
that sub-network. This can be achieved if we first assign addresses to larger sub-networks.
Super Netting in Classful addressing
• In super netting, an organization can combine several blocks to create a larger range of addresses. In
other words, several networks are combined to create a super network or a supernet.
• An organization can apply for a set of class C blocks instead of just one. For example, an organization
that needs 1000 addresses can be granted four contiguous class C blocks. The organization can then
use these addresses to create one super network.
• Super netting decreases the number of 1’s in the mask.
Super Netting / Aggregation with CIDR
• Rules for Super netting in CIDR
• All network should be contiguous
• first net id should be divisible by size of the block
Q Perform CIDR aggregation on the following IP Addresses-
128.56.24.0/24
128.56.25.0/24
128.56.26.0/24
128.56.27.0/24
• Rules for Super netting in CIDR

• All network should be contiguous
• first net id should be divisible by size of the block
Routing
• When a router receives an IP packet with destination address then how can it decide to which
interface the packet must be send. This decision at the router, is taken with the help of a routing table.
• Actually the process of designing a routing table is called routing. Taking a packet and sending it to
some path is actually switching.
Flooding
• One question, is it possible that a packet reaches its destination without routing table, actually
yes, the process is called flooding. That is instead of trying to identify the shortest path, we
can send it to all possible way and then we can be sure that at least one packet will reach the
destination.
• Flooding Advantage
• No Routing Algorithm is required
• Shortest Path is guaranteed
• Highly Reliable
• Flooding Disadvantage
• Duplicate packets will arrive at destination and intermediate router
• Traffic is high.
ROUTING
• A routing table contains information about the network, and it helps deciding to which interface the
incoming packet should be sent inorder to reach destination. Routing table can be either static or dynamic.
• A static table is one with manual entries, i.e. if someone has information about all the routers in the
network and can compute the shortest distance from one router to another and can upload the routing
information in a table for each router then it is called Static Routing.
o Now-a days as we know the internet is so complex that no one can have complete information about
the entire internet
o Internet keeps on changing some new routers come and some old routers may go down, means
topology and traffic keeps on changing. Conclusion Static routing is not possible.
o A dynamic table, on the other hand, is one that is updated automatically, without human intervention, when
there is a change somewhere in the internet either in topology or traffic.
UNICAST ROUTING PROTOCOLS
• Routing protocols have been created in response to the demand for dynamic routing tables. A routing
protocol is a combination of rules and procedures that lets routers in the internet inform each other of
changes.
• It allows routers to share whatever they know about the internet or their neighbourhood. The sharing
of information allows a router in Delhi to know about the failure of a network in Singapore. The routing
protocols also include procedures for combining information received from other routers. Router to
have several routing tables based on the required type of service.
Intra-domain and Interdomain Routing
• Today, an internet can be so large that one routing protocol cannot handle the task of updating the
routing tables of all routers. For this reason, an internet is divided into autonomous systems.
• An autonomous system (AS) is a group of networks and routers under the authority of a single
administration. Routing inside an autonomous system is referred to as intradomain routing.
• Routing between autonomous systems is referred to as interdomain routing.
• Each autonomous system can choose one or more intradomain routing protocols to handle routing
inside the autonomous system. However, only one interdomain routing protocol handles routing
between autonomous systems.
• Which of the available pathways is the optimum pathway? What is the definition of the term optimum? And
What is the definition of the term cost
• However, the metric assigned to each network depends on the type of protocol. Some simple protocols, such as
the Routing Information Protocol (RIP), treat all networks as equals. The cost of passing through a network is the
same; it is one hop count. So if a packet passes through 10 networks to reach the destination, the total cost is 10
hop counts.
• Other protocols, such as Open Shortest Path First (OSPF), allow the administrator to assign a cost for passing
through a network based on the type of service required. A route through a network can have different costs
(metrics).
Distance Vector Routing
• In distance vector routing, the least-cost route between any two nodes is the route with minimum distance.
• In this protocol, as the name implies, each node maintains a vector (table) of minimum distances to every node. The table at
each node also guides the packets to the desired node by showing the next stop in the route (next-hop routing).
To Cost Next
To Cost Next
A
A
B
B
C
C
D
D
E
E
To Cost Next To Cost Next

To Cost Next
A A
A
B B
B
C C
C
D D
D
E E
E
• The whole idea of distance vector routing is the sharing of information between neighbours. Although node A
does not know about node E, node C does. So, if node C shares its routing table with A, node A can also know
how to reach node E.
• On the other hand, node C does not know how to reach node D, but node A does. If node A shares its routing
table with node C, node C also knows how to reach node D. In other words, nodes A and C, as immediate
neighbours, can improve their routing tables if they help each other.
• There is only one problem. How much of the table must be shared with each neighbour? A node is not aware of
a neighbour’s table. The best solution for each node is to send its entire table to the neighbour and let the
neighbour decide what part to use and what part to discard.
• However, the third column of a table (next stop) is not useful for the neighbour. When the neighbour receives a
table, this column needs to be replaced with the sender's name. If any of the rows can be used, the next node is
the sender of the table.
• A node therefore can send only the first two columns of its table to any neighbour. In other words, sharing here
means sharing only the first two columns.
• The question now is, when does a node send its partial routing table (only two columns) to all its immediate
neighbours? The table is sent both periodically and when there is a change in the table.
• Periodic Update A node sends its routing table, normally every 30 s, in a periodic update. The period depends on
the protocol that is using distance vector routing.
• Triggered Update A node sends its two-column routing table to its neighbours anytime there is a change in its
routing table. This is called a triggered update. The change can result from the following.
o A node receives a table from a neighbour, resulting in changes in its own table after updating.
o A node detects some failure in the neighbouring links which results in a distance change to infinity.
Two-Node Loop Instability
• If a link is broken (cost becomes infinity), every other router should be aware of it immediately, but in
distance-vector routing, this takes some time as the algorithms is designed in such a way that it reports
the minimum first.
• The problem is referred to as count to infinity. It sometimes takes several updates before the cost for a
broken link is recorded as infinity by all routers.
Split Horizon
• In this strategy, instead of flooding the table through each interface, each node sends only part of
its table through each interface.
• If, according to its table, node B thinks that the optimum route to reach X is via A, it does not need
to advertise this piece of information to A; the information has come from A (A already knows).
• Taking information from node A, modifying it, and sending it back to node A creates the
confusion. In our scenario, node B eliminates the last line of its routing table before it sends it to
A.
• In this case, node A keeps the value of infinity as the distance to X. Later when node A sends its
routing table to B, node B also corrects its routing table. The system becomes stable after the first
update: both node A and B know that X is not reachable
Link State Routing
• Link state routing has a different philosophy from that of distance vector routing. In link state routing, if each
node in the domain has the entire topology of the domain the list of nodes and links, how they are connected
including the type, cost (metric), and condition of the links (up or down)-the node can use Dijkstra's algorithm to
build a routing table.
• Each node uses the same topology to create a routing table, but the routing table for each node is unique
because the calculations are based on different interpretations of the topology.
• The topology must be dynamic, representing the latest state of each node and each link. If there are changes in
any point in the network (a link is down, for example), the topology must be updated for each node.
Building Routing Tables
• In link state routing, four sets of actions are required to ensure that each node has the routing table showing the
least-cost node to every other node.
1. Creation of the states of the links by each node, called the link state packet (LSP).
2. Dissemination of LSPs to every other router, called flooding, in an efficient and reliable way.
3. Formation of a shortest path tree for each node.
4. Calculation of a routing table based on the shortest path tree
• The collection of state for all links is called the link-state database (LSDB).
• There is only one LSDB for the whole internet; each node needs to have a duplicate of it to be
able to create the least-cost tree.
• The LSDB can be represented as a two-dimensional array (matrix) in which the value of each
cell defines the cost of the corresponding link.
• When a node receives an LSP from one of its interfaces, it compares the LSP with the copy it may already have.
o If the newly arrived LSP is older than the one it has (found by checking the sequence number), it discards the
LSP.
o If it is newer or the first one received, the node discards the old LSP (if there is one) and keeps the received
one.
o It then sends a copy of it out of each interface except the one from which the packet arrived.
• The Dijkstra algorithm creates a shortest path tree from a
graph. The algorithm divides the nodes into two sets:
tentative and permanent. It finds the neighbours of a
current node, makes them tentative, examines them, and
if they pass the criteria, makes them permanent.
• To find the shortest path in each step, we need the
cumulative cost from the root to each node, which is
shown next to the node. Nodes and lists with the
cumulative costs.
Difference between DVR and LSR
• In the distance-vector routing algorithm, • In the link-state routing algorithm, each
each router tells its neighbours what it router tells the whole internet what it knows
knows about the whole internet. about its neighbours.
• Was most popularly used around 1980’s • Was most popularly used around 1990’s
• Based on the idea of Local Knowledge • Based on the idea of Global Knowledge
• Bandwidth requirement is Less • Bandwidth requirement is high
• Roughly based on the idea of Bellman-Ford • Directly based on the idea of Dijkstra’s
Algo
• Traffic is usually less • Traffic is Usually high
• Converge slowly • Converge faster
• Counts to Infinity • No Counts to infinity
• RIP • OSPF
Transport-Layer Services
• The network layer is responsible for communication at the computer level (host-to-host
communication). A network-layer protocol can deliver the message only to the destination
computer.
• However, this is an incomplete delivery, as the message still needs to be handed to the correct
process. A transport-layer protocol is responsible for delivery of the message to the
appropriate process. TL provides end to end or process to process communication.
• A transport layer protocol can be either connectionless or connection-oriented.
• A connectionless transport layer treats each segment as an independent packet and delivers it to the
transport layer at the destination machine.
• A connection-oriented transport layer makes a connection with the transport layer at the destination
machine first before delivering the packets. After all the data is transferred, the connection is terminated.
• Reliable Versus Unreliable

• If the application layer program needs reliability, we use a reliable transport layer protocol by implementing
flow and error control at the transport layer. This means a slower and more complex service.
• On the other hand, if the application program does not need reliability because it uses its own flow and
error control mechanism or it needs fast service or the nature of the service does not demand flow and
error control (real-time applications), then an unreliable protocol can be used.
• There are three common different transport layer protocols.
o UDP is connectionless and unreliable;
o TCP and SCTP are connection oriented and reliable. These three can respond to the demands of the
application layer programs.
Addressing: Port Numbers
• For communication, we must define the local host, local process, remote host, and remote
process. Local and Remote host are defined by IP Addresses. To define the processes inside a
host, we need second identifiers, called port numbers, they are 16-bits integers ranging from
(0 to 216 – 1) or (0 to 65535).
• The lANA (Internet Assigned Number Authority) has divided the port numbers into three
ranges: well known, registered, and dynamic (or private).
• Well-known ports:
• The ports ranging from 0 to 1023 are assigned and controlled
by lANA. The server process must also define itself with a
port number. This port number, however, cannot be chosen
randomly as the client has to request the data from server.
• Registered ports:
o The ports ranging from 1024 to 49,151 are not assigned or
controlled by lANA. They can only be registered with lANA to
prevent duplication.
• Dynamic/Ephemeral ports:
o The ports ranging from 49,152 to 65,535 are neither
controlled nor registered. They can be used by any process.
o The client program defines itself with a port number, chosen
randomly by the transport layer software running on the
client host.
o Ephemeral means “short-lived” and is used because the life
of a client is normally short.
Socket Addresses
• A transport-layer protocol in the TCP suite needs both the IP address and the port number, at
each end, to make a connection. To use the services of the transport layer in the Internet, we
need a pair of socket addresses: the client socket address and the server socket address.
• The combination of an IP address and a port number is called a socket address.
Encapsulation and Decapsulation
• Encapsulation happens at the sender site. When a process has a message to send, it passes the
message to the transport layer along with a pair of socket addresses. The transport layer receives the
data and adds the transport-layer header. The packets at the transport layer in the Internet are called
segments.
• Decapsulation happens at the receiver site. When the message arrives at the destination transport
layer, the header is dropped and the transport layer delivers the message to the process running at the
application layer.
TCP (Transmission Control Protocol)
• TCP creates a virtual connection between two TCPs to send data. TCP allows the sending process to deliver data
as a stream of bytes and allows the receiving process to obtain data as a stream of bytes. TCP creates an
environment in which the two processes seem to be connected by an imaginary "tube" that carries their data
across the Internet.
• Flow Control
• The receiver of the data controls the amount of data that are to be sent by the sender. This is done to prevent the
receiver from being overwhelmed with data. The numbering system allows TCP to use a byte-oriented flow control.
• Error Control
• To provide reliable service, TCP implements an error control mechanism. Although error control considers a segment as
the unit of data for error detection (loss or corrupted segments), error control is byte-oriented.
• Congestion Control
• TCP, unlike UDP, takes into account congestion in the network. The amount of data sent by a sender is not only controlled
by the receiver (flow control), but is also determined by the level of congestion in the network.
TCP Header
• The segment consists of a 20- to 60-byte header, followed by data from the application
program. The header is 20 bytes if there are no options and up to 60 bytes if it contains
options.
Source & Destination port address
• Source port address. This is a 16-bit field that defines the port number of the application program in the host
that is sending the segment.
• Destination port address. This is a 16-bit field that defines the port number of the application program in the
host that is receiving the segment.
Sequence number
• TCP is a stream transport protocol. To ensure connectivity, each byte to be transmitted is numbered. Sequence number is 32-
bit field defines the number assigned to the first byte of data contained in this segment. So, maximum number of possible
sequence numbers = 232. These sequence numbers lie in the range [0, 232 – 1].
• During connection establishment, each party uses a random number generator to create an initial sequence number (ISN),
which is usually different in each direction. Sequence number should be started at random, to remove duplication problem.
The sequence number of any other segment is the sequence number of the previous segment plus the number of bytes (real
or imaginary) carried by the previous segment.
• This does not imply that only 232 bytes = 4 GB data can be sent using TCP. The concept of wrap
around allows to send unlimited data using TCP.
• After all the 232 sequence numbers are used up and more data is to be sent, the sequence
numbers can be wrapped around and used again from the starting.
Acknowledgment Number
• If the receiver of the segment has successfully received byte number x from the other party, it defines x + 1 as the
acknowledgment number. Acknowledgment and data can be piggybacked together.
• The acknowledgment number is cumulative, which means that the party takes the number of the last byte that it
has received, safe and sound, adds 1 to it, and announces this sum as the acknowledgment number.
Header length
• Header length: This 4-bit field indicates the number of 4-byte words in the TCP header. The length of the header can be
between 20 and 60 bytes. Therefore, the value of this field can be between 5 (5 x 4 =20) and 15 (15 x 4 =60).
• Concept of Scaling Factor

• Header length = Header length field value x 4 bytes
• Reserved. This is a 6-bit field reserved for future use.
Checksum
• Checksum: This 16-bit field contains the checksum.
• While calculation of the checksum for TCP, Entire TCP segment and pseudo header (IP) is considered.
• For the TCP pseudo header, the value for the protocol field is 6.
Window Size/Advertisement window(Flow control)
• Basics idea is a sender should never send what a receiver can not receive. Window size: This field defines the size
of the window, in bytes, that the receiver have reserved for the incoming data from sender.
• Note that the length of this field is 16 bits, which means that the maximum size of the window is 65,535 bytes.
This value is normally referred to as the receiving window and is determined by the receiver. The sender must
obey the dictation of the receiver in this case.
• One problem with this idea is window size is only 16 bits long, so very small amount of data can be advertise in
todays world context.A solution is additional 14 bits can be taken from options so total size become 30 bits or
1GB.
Control Flag
• Control Flag: This field defines 6 different control bits or flags. One or more of these bits can be set at a time.
• These bits enable flow control, connection establishment and termination, connection abortion, and the mode
of data transfer in TCP.
Urgent pointer
• Urgent pointer: This 16-bit field, which is valid only if the urgent flag is set, is used when the
segment contains urgent data. It defines the number that must be added to the sequence
number to obtain the number of the last urgent byte in the data section of the segment.
PUSH Flag
• Push (PSH) – Transport layer by default waits for some time for application layer to send enough data equal to maximum
segment size so that the number of packets transmitted on network minimizes which is not desirable by some application like
interactive applications(chatting).
• This problem is solved by using PSH. Transport layer sets PSH = 1 and immediately sends the segment to network layer as soon
as it receives signal from application layer. Receiver transport layer, on seeing PSH = 1 immediately forwards the data to
application layer. In general, it tells the receiver to process these packets as they are received instead of buffering them.
RST Flag
• Reset (RST) – It is used to terminate the connection if the sender or receiver feels something is wrong with the
TCP connection or that the conversation should not exist.
• It can get send from receiver side when packet is send to particular host that was not expecting it.
A TCP Connection
• The connection establishment in TCP is called three-way handshaking.
• The client program issues a request for an active open. A client that wishes to connect to an open server tells its
TCP to connect to a particular server. TCP can now start the three-way handshaking process.
• The server sends the second segment, a SYN + ACK segment with two flag bits set as: SYN and ACK.
• It is a SYN segment for communication in the other direction.
• The server uses this segment to initialize a sequence number for numbering the bytes sent from the server
to the client.
• The server also acknowledges the receipt of the SYN segment from the client by setting the ACK flag and
displaying the next sequence number it expects to receive from the client.
• A SYN + ACK segment cannot carry data, but it does consume one sequence number.
• The client sends the third segment.
• This is just an ACK segment.
• It acknowledges the receipt of the second segment with the ACK flag and acknowledgment
number field.
• ACK segment does not consume any sequence numbers if it does not carry data.
• After connection is established, bidirectional data transfer can take place.
USER DATAGRAM PROTOCOL (UDP)
• The User Datagram Protocol (UDP) is a connectionless, unreliable transport protocol.
• It does not add anything to the services of IP except for providing process-to-process
communication instead of host-to-host communication.
• Why to use UDP

• UDP is a very simple protocol using a minimum of overhead.
• If a process wants to send a small message and does not care much about reliability, it can
use UDP.
• Sending a small message using UDP takes much less interaction between the sender and
receiver than using TCP.
User Datagram
• UDP packets, called user datagrams, have a fixed-size header of 8 bytes made of four fields, each of 2 bytes (16
bits).
• The first two fields define the source and destination port numbers.
• The third field defines the total length of the user datagram, header plus data.
• The 16 bits can define a total length of 0 to 65,535 bytes. However, the total length needs to be less because a
UDP user datagram is stored in an IP datagram with the total length of 65,535 bytes.
• The last field can carry the optional checksum
UDP Services
• Process-to-Process Communication
• UDP provides process-to-process communication using socket addresses, a combination of IP
addresses and port numbers.
• Connectionless Services
• Each user datagram sent by UDP is an independent datagram. There is no relationship between the
different user datagrams. The user datagrams are not numbered. There is no connection
establishment and no connection termination unlike TCP.
• Flow Control
• There is no flow control, and hence no window mechanism.
• Error Control
• There is no error control mechanism in UDP except for the checksum.
• Congestion Control
• It does not provide congestion control.
UDP Applications
• UDP is suitable for a process with internal flow- and error-control mechanisms. For example, the Trivial File Transfer Protocol
(TFTP) process includes flow and error control. It can easily use UDP.
• UDP is a suitable transport protocol for multicasting. Multicasting capability is embedded in the UDP software but not in the
TCP software.
• UDP is used for management processes such as SNMP
• UDP is used for some route updating protocols such as Routing Information Protocol (RIP)
• UDP is normally used for interactive real-time applications that cannot tolerate uneven delay between sections of a received
message.
• DNS,
S.No. TCP RTP
1 TCP stands for transmission RTP stand for Real Time Transport
control protocol. Protocol.
2 It is a lossless protocol. RTP is a stateless protocol.
3 It is a slow process. It is a faster than TCP.

4 It cannot tolerate packet It can tolerate packet loss.
loss.
5 TCP is not generally used for RTP is used for ‘real-time’

‘real-time’ streaming. streaming.
• Data compression :
• Data compression is the way of downloading the compressed form of text, audio and video
data using the computer.
• Data compression is essential for efficient storage and transmission of different type of
data.
• A data compression system consists of an encoder and a decoder.
• The encoder performs compression of the incoming data and decoder is used for
decompression and reconstruction.
• Types of compression :
• Lossless compression (or data compaction) :
• In lossless compression, the redundant information contained in the data is removed.
• In lossless compression, there is no loss of information.
• Lossless compression has lower compression ratio.
• Lossy compression :
• In lossy compression, there is a loss of information in a controlled manner.
• The lossy compression is not completely reversible.
• The lossy compression has higher compression ratio.
Cryptography
• Cryptography is the practice and study of techniques for secure communication in the presence of third parties
called adversaries.
• More generally, cryptography is about constructing and analysing protocols that prevent third parties or the
public from reading private messages; various aspects in information security such as data confidentiality, data
integrity, authentication, and non-repudiation are central to modern cryptography.
• Applications of cryptography include electronic commerce, chip-based payment cards, digital
currencies, computer passwords, and military communications.
• Alphabet shift ciphers are believed to have been used by Julius Caesar over 2,000 years ago.
Symmetric key
• Symmetric-key cryptography refers to encryption methods in which both the sender and receiver share
the same key (or, less commonly, in which their keys are different, but related in an easily computable
way). This was the only kind of encryption publicly known until June 1976.
• The Data Encryption Standard (DES) and the Advanced
Encryption Standard (AES) are block cipher designs that have
been designated cryptography standards by the US
government (though DES's designation was finally withdrawn
after the AES was adopted).
• Despite its deprecation as an official standard, DES (especially
its still-approved and much more secure triple-DES variant)
remains quite popular; it is used across a wide range of
applications, from ATM encryption to e-mail privacy
and secure remote access.
• The data encryption standard(DES) is a block cipher that used shared secret encryption.
• DES is based on a symmetric key algorithm that uses a 56-bit key.
• DES is basically a mono-alphabetic substitution cipher using a 64-bit character.
• Whenever the same 64-bit plaintext block goes in, the same 64-bit ciphertext block comes
out.
• Working of DES involves the following stages:
• The first stage is a key independent transposition on the 64-bit plaintext.
• The last stage is the exact inverse, before that is an exchange of the leftmost with the
rightmost 32 bits.
• The remaining 16 stages are functionally identical but are parameterized by different
functions of the key.
• The left output of an iteration stage is simply a copy of the right input. The right output is
the exclusive OR of the left input and a function of the right input and the key for this
iteration. All the complexity lies in this functions which consists of four sequential steps.
Asymmetric key (Public-key cryptography)
• Symmetric-key cryptosystems use the same key for encryption and decryption of a message, although a message
or group of messages can have a different key than others.
• A significant disadvantage of symmetric ciphers is the key management necessary to use them securely. Each
distinct pair of communicating parties must, ideally, share a different key, and perhaps for each ciphertext
exchanged as well.
• The number of keys required increases as the square of the number of network members, which very quickly
requires complex key management schemes to keep them all consistent and secret.
• In a ground breaking 1976 paper, Whitfield Diffie and Martin Hellman proposed the notion of public-key (also,
more generally, called asymmetric key) cryptography in which two different but mathematically related keys are
used—a public key and a private key.
• A public key system is so constructed that calculation of one key (the 'private key') is computationally infeasible
from the other (the 'public key'), even though they are necessarily related. Instead, both keys are generated
secretly, as an interrelated pair.
Martin Hellman
Whitfield Diffie
• Diffie and Hellman's publication sparked widespread academic efforts in finding a practical
public-key encryption system. This race was finally won in 1978 by Ronald Rivest, Adi Shamir,
and Len Adleman, whose solution has since become known as the RSA algorithm.
Confidentiality
Authentication
Authentication Confidentiality
RSA Algorithm
1. Bob chooses two large numbers, p and q, and calculates n = p × q and 0 = (p - 1) × (g - 1).
2. Bob then selects e and d such that (e x d) mod 0 = 1.
3. Bob advertises e and n to the community as the public key; Bob keeps d as the private key.
4. Anyone, including Alice, can encrypt a message and send the ciphertext to Bob, using C = (Pe)
mod n; only Bob can decrypt the message, using P = (Cd) mod n.
5. An intruder such as Eve cannot decrypt the message if p and q are very large numbers (she
does not know d).
S.No. Block Cipher Transposition Cipher
1 Block cipher A block cipher is one in Transposition cipher Transposition cipher is the
which a block of plaintext is treated as cipher in which the plaintext is written -down
a whole and used to produce a as a sequence of diagonals and then read off
ciphertext block of equal length. as a sequence of rows.
2 Errors in transmitting one block Error in one letter will affect the whole
generally do not affect other blocks. ciphertext.
3 Encryption process is slow. Encryption process is fast.

4 Security of block cipher depends on Transposition cipher can be made more secure
the design of encryption function. by performing more than one transposition.
5 Algorithm breaks the plaintext into Algorithm breaks the plaintext into letters and
blocks and operates on each block operates on each letter independently.
independently.
Application Layer
• The application layer enables the user, whether human or software, to access the network. It
provides user interfaces and responsible for providing services to the user such as
• Electronic mail
• File access and transfer
• Access to system resources
• Surfing the world wide web
• Network management.
• Communication between two application layers happens over a logical connection. This
means both layers act like they're directly connected for message exchange. To use the
Internet, you need two application programs: one on one computer and another on a
different computer. Both interact to send and receive data.
ELECTRONIC MAIL
• E-mail has evolved significantly since the early days of the Internet. Originally designed for simple text-based
communication, it was essentially a way to send digital memos between users. The creators of this system likely
couldn't have foreseen just how versatile and popular e-mail would become.
• Multimedia: Modern e-mails can include not just text, but also images, audio, and video attachments.
• Multiple Recipients: E-mails can be sent to multiple recipients at once, with features like CC (carbon copy)
and BCC (blind carbon copy) for added flexibility.
• Hyperlinks and HTML: E-mails now often include hyperlinks and even HTML content, allowing for richly
formatted messages.
• Encryption and Security: Advanced security protocols like SSL/TLS are often used to encrypt e-mails for
secure transmission.
• Filters and Folders: Advanced organizational tools let you filter and sort e-mails into various folders, helping
manage the influx of messages.
• Integration: E-mails are now often integrated with other services such as calendars, task management tools,
and even AI-based assistants to help manage appointments and reminders.
Message Transfer Agent: SMTP
• The actual mail transfer is done through message transfer agents. To send mail, a system must have the client
MTA, and to receive mail, a system must have a server MTA.
• The formal protocol that defines the MTA client and server in the Internet is called the Simple Mail Transfer
Protocol (SMTP).
• SMTP is used two times, between the sender and the sender's mail server and between the
two mail servers
• SMTP simply defines how commands and responses must be sent back and forth.
Message Access Agent: POP and IMAP
• The first and the second stages of mail delivery use SMTP. However, SMTP is not involved in the third
stage because SMTP is a push protocol; it pushes the message from the client to the server.
• On the other hand, the third stage needs a pull protocol; the client must pull messages from the server.
• The third stage uses a message access agent. Currently two message access protocols are available:
Post Office Protocol, version 3 (POP3) and Internet Mail Access Protocol, version 4 (IMAP4).
POP3
• Post Office Protocol, version 3 (POP3) is simple and limited in functionality. The client POP3 software is installed on the
recipient computer; the server POP3 software is installed on the mail server.
• Mail access starts with the client when the user needs to download e-mail from the mailbox on the mail server. The client
opens a connection to the server on TCP port 110. It then sends its user name and password to access the mailbox.
• The user can then list and retrieve the mail messages, one by one. POP3 has two modes: the delete mode and the keep mode.
In the delete mode, the mail is deleted from the mailbox after each retrieval. In the keep mode, the mail remains in the
mailbox after retrieval.
• The delete mode is normally used when the user is working at her permanent computer and can save and organize the
received mail after reading or replying.
• The keep mode is normally used when the user accesses her mail away from her primary computer (e.g., a laptop). The mail is
read but kept in the system for later retrieval and organizing.
IMAP4
• Another mail access protocol is Internet Mail Access Protocol, version 4 (IMAP4). IMAP4 is similar to POP3, but it
has more features; IMAP4 is more powerful and more complex.
• POP3 is deficient in several ways. It does not allow the user to organize her mail on the server; the user cannot
have different folders on the server. (Of course, the user can create folders on her own computer.)
• In addition, POP3 does not allow the user to partially check the contents of the mail before downloading. IMAP4
provides the following extra functions:
• A user can check the e-mail header prior to downloading.

• A user can search the contents of the e-mail for a specific string of characters prior to downloading.
• A user can partially download e-mail. This is especially useful if bandwidth is limited and the e-mail contains
multimedia with high bandwidth requirements.
• A user can create, delete, or rename mailboxes on the mail server.
• A user can create a hierarchy of mail boxes in a folder for e-mail storage.
MIME
• Electronic mail has a simple structure. Its simplicity, however, comes at a price. It can send messages only in NVT
7-bit ASCII format. In other words, it has some limitations. For example, it cannot be used for languages that are
not supported by 7-bit ASCII characters (such as Hindi, French, German, Hebrew, Russian, Chinese, and Japanese).
• Also, it cannot be used to send binary files or video or audio data.
• Multipurpose Internet Mail Extensions (MIME) is a supplementary protocol that allows non-ASCII data to be sent
through e-mail.
• MIME transforms non-ASCII data at the sender site to NVT ASCII data and delivers them to the client MTA to be
sent through the Internet. The message at the receiving side is transformed back to the original data.
Web-Based Mail
• E-mail is such a common application that some websites today provide this service to anyone who accesses the site.
Two common sites are Hotmail and Yahoo.
• The idea is very simple. Mail transfer from Alice's browser to her mail server is done through HTTP.
• The transfer of the message from the sending mail server to the receiving mail server is still through SMTP.
• Finally, the message from the receiving server (the Web server) to Bob's browser is done through HTTP.
• The last phase is very interesting. Instead of POP3 or IMAP4, HTTP is normally used. When Bob needs to retrieve his e-
mails, he sends a message to the website (Hotmail, for example).
• The website sends a form to be filled in by Bob, which includes the log-in name and the password. If the log-in name
and password match, the e-mail is transferred from the Web server to Bob's browser in HTML format.
FILE TRANSFER
• Transferring files from one computer to another is one of the most common tasks expected from a
networking or internetworking environment. As a matter of fact, the greatest volume of data exchange
in the Internet today is due to file transfer.
File Transfer Protocol (FTP)
• It is used for exchanging files over the internet and enables the users to upload and download the files from the internet.
• File Transfer Protocol (FTP) is the standard mechanism provided by TCP/IP for copying a file from one host to another.
Although transferring files from one system to another seems simple and straightforward, some problems must be dealt with
first. For example, two systems may use different file name conventions.
• Two systems may have different ways to represent text and data. Two systems may have different directory structures.
• All these problems have been solved by FTP in a very simple and elegant approach. FTP differs from other client/server
applications in that it establishes two connections between the hosts.
• One connection is used for data transfer, the other for control information (commands and responses). Separation of
commands and data transfer makes FTP more efficient. The control connection uses very simple rules of communication. We
need to transfer only a line of command or a line of response at a time. The data connection, on the other hand, needs more
complex rules due to the variety of data types transferred.
• However, the difference in complexity is at the FTP level, not TCP. For TCP, both connections are treated the same. FTP uses
two well-known TCP ports: Port 21 is used for the control connection, and port 20 is used for the data connection. The control
connection remains connected during the entire interactive FTP session. The data connection is opened and then closed for
each file transfer activity.
Security for FTP
• The FTP protocol was designed when security was not a big issue. Although FTP requires a password, the
password is sent in plaintext (unencrypted), which means it can be intercepted and used by an attacker. The
data transfer connection also transfers data in plaintext, which is insecure.
• To be secure, one can add a Secure Socket Layer between the FTP application layer and the TCP layer. In this
case FTP is called SSL-FTP.
Trivial File Transfer Protocol (TFTP)
• TFTP is a simple, UDP-based file transfer protocol that supports only basic read and write operations,
typically using port 69, and is often used for booting systems or initial configurations.
• Due to its lack of authentication and encryption, as well as minimal error handling, TFTP is not suitable for
secure or reliable long-distance file transfers.
• Although largely replaced by more secure and feature-rich protocols like FTPS and SFTP, TFTP's simplicity
and minimal resource requirements make it useful for specific, local network applications.
WWW
• The idea of the Web was first proposed by Tim Berners-Lee in 1989 CERN
(European Laboratory for Particle Physics) to create a system to handle
distributed resources necessary for scientific research.
• The World Wide Web (WWW) is a repository of information linked together

from points all over the world. It a unique combination of flexibility, portability,
and user-friendly features that distinguish it from other services provided by
the Internet.
• ARCHITECTURE
• The WWW today is a distributed client server service, in which a client using a browser can access a service
using a server. However, the service provided is distributed over many locations called sites.
• Each site holds one or more documents, referred to as Web pages. Each Web page can contain a link to other
pages in the same site or at other sites. The pages can be retrieved and viewed by using browsers.
• Client (Browser)
• A variety of vendors offer commercial browsers that interpret and display a Web document, and all use
nearly the same architecture.
• Each browser usually consists of three parts: a controller, client protocol, and interpreters.
• The controller receives input from the keyboard or the mouse and uses the client programs to access the
document. After the document has been accessed, the controller uses one of the interpreters to display the
document on the screen.
• Server
• The Web page is stored at the server. Each time a client request arrives, the corresponding
document is sent to the client.
• To improve efficiency, servers normally store requested files in a cache in memory;
memory is faster to access than disk.
• A server can also become more efficient through multithreading or multiprocessing. In this
case, a server can answer more than one request at a time.
• A client that wants to access a Web page needs the address. To facilitate the access of
documents distributed throughout the world, HTTP uses locators.
• Uniform Resource Locator (URL)
• A web page, as a file, needs to have a unique identifier to distinguish it from other web
pages.
• To define a web page, we need four identifiers in general: Protocol, host, port, and path.
• Protocol. Which client-server application we are using is called protocol. Although most of
the time the protocol is HTTP (Hyper Text Transfer Protocol), we can also use other
protocols such as FTP (File Transfer Protocol).
• Host. The host identifier can be the IP address of the server or the unique name to the
server.
• Port. The port, a 16-bit integer, is normally predefined for the client-server application.
Cookies
• Cookies enable stateful interactions on the World Wide Web, allowing websites to remember
users and their activities, such as login status or items in a shopping cart.
• Upon a client's request, the server creates a cookie containing user information and sends it
back to the client; the client's browser stores this cookie.
• During subsequent interactions, the client's browser sends the stored cookie back to the
server, allowing the server to recognize returning clients and provide a more personalized
experience.
HTTP
• The Hypertext Transfer Protocol (HTTP) is a protocol used mainly to access data on the World Wide
Web. The Hyper Text Transfer Protocol (HTTP) is used to define how the client-server programs can be
written to retrieve web pages from the Web.
• HTTP uses the services of TCP on well-known port 80, the client uses a temporary port number.
• It is a connection-oriented and reliable protocol.
• HTTP functions as a combination of FTP and SMTP.
• It is similar to FTP because it transfers files and uses the services of TCP. However, it is much simpler
than FTP because it uses only one TCP connection. There is no separate control connection; only data
are transferred between the client and the server.
• HTTP is like SMTP because the data transferred between the client and the server look like SMTP
messages. Unlike SMTP, the HTTP messages are not destined to be read by humans; they are read and
interpreted by the HTTP server and HTTP client (browser).
• SMTP messages are stored and forwarded, but HTTP messages are delivered immediately. The
commands from the client to the server are embedded in a request message. The contents of the
requested file or other information are embedded in a response message.
Nonpersistent versus Persistent Connections
• Nonpersistent Connections: - In a nonpersistent connection, one TCP connection is made for each
request/response. The following lists the steps in this strategy:
• The client opens a TCP connection and sends a request.
• The server sends the response and closes the connection.
• The client reads the data until it encounters an end-of-file marker; it then closes the connection.
• For example: If a file contains links to N different pictures in different files (all located on the same
server), the connection must be opened and closed N + 1 times.
• Disadvantage The nonpersistent strategy imposes high overhead on the server because the server
needs N + 1 different buffer each time a connection is opened.
Persistent Connections
• HTTP version 1.1 specifies a persistent connection by default.

• In a persistent connection, the server leaves the connection open for more requests after sending a
response.
• The server can close the connection at the request of a client or if a time-out has been reached.
• Advantages
• Time and resources are saved using persistent connections.
• Only one set of buffers and variables needs to be set for the connection at each site.
• The round-trip time for connection establishment and connection termination is saved.
• It is important to know that HTTP is a stateless protocol as:
• HTTP server does not maintain any state. It forgets about the client after sending the
response.
• It treats every new request independently.
• HTTP Security
• HTTP per se does not provide security.
• HTTP can be run over the Secure Socket Layer (SSL). In this case, HTTP is referred to as
HTTPS.
• HTTPS provides confidentiality, client and server authentication, and data integrity.
DNS
• As we know human beings are not comfortable in remembering numbers so to remember IP
address of a website or mail account in internet is difficult. Secondly IP addresses of mail or
websites keeps on changing, so we have to come up with one more level of addressing which
is easy to remember and do not change with time.
• Solution is Name addressing, i.e. we give some names to websites and mail account like we do
to humans in real world. But then if someone write a name of the website in the browser we
need some mechanism to convert it back into IP address.
• Domain Name System solve this problem.
• This diagram perfectly represent how DNS works, A user of a website may know the name of
the website; however, the IP protocol needs the IP address.
• The DNS client program sends a request to a DNS server to map the Web-site address to the
corresponding IP address.
• Today we divide this huge amount of information into smaller parts and store each part on a different
computer. In this method, the host that needs mapping can contact the closest computer holding the
needed information.
• It is Very difficult to find out the ip address associated to a website because there are millions of
websites and with all those websites, we should be able to generate the ip address immediately, there
should not be a lot of delay for that to happen organization of database is very important.
• Hierarchy of Name Servers
• Root name servers – It is contacted by name servers that
cannot resolve the name. It contacts authoritative name
server if name mapping is not known. It then gets the
mapping and return the IP address to the host.
• Top level server – It is responsible for com, org, edu etc and
all top-level country domains like uk, fr, ca, in etc. They have
info about authoritative domain servers and know names
and IP addresses of each authoritative name server for the
second level domains.
• Authoritative name servers This is organization’s DNS

server, providing authoritative hostName to IP mapping for
organization servers. It can be maintained by organization
or service provider. In order to reach cse.dtu.in we have to
ask the root DNS server, then it will point out to the top-
level domain server and then to authoritative domain name
server which actually contains the IP address. So, the
authoritative domain server will return the associative ip
address.
NAME SPACE
• To be unambiguous, the names must be unique because the addresses are unique. A name
space that maps each address to a unique name can be organized in two ways: flat or
hierarchical.
• Flat Name Space

• In a flat name space, a name is assigned to an address. A name in this space is a sequence
of characters without structure.
• The main disadvantage of a flat name space is that it cannot be used in a large system such
as the Internet because it must be centrally controlled to avoid ambiguity and duplication.
• So, Solution is Hierarchical Name Space
Hierarchical Name Space
• In a hierarchical name space, each name is made of several parts. The first part can define the nature of the
organization
• the second part can define the name of an organization, the third part can define departments in the
organization, and so on.
• In this case, the authority to assign and control the name spaces can be decentralized. A central authority can
assign the part of the name that defines the nature of the organization and the name of the organization.
• The responsibility of the rest of the name can be given to the organization itself.
• The management of the organization need not worry that the prefix chosen for a host is taken by another
organization because, even if part of an address is the same, the whole address is different
• Generic domain: .com(commercial) .edu(educational) .mil(military) .org (non-profit organization) .net (similar to
commercial) all these are generic domain.
• Country domain .in (india) .us .uk
• Inverse domain if we want to know what is the domain name of the website. Ip to domain name mapping. So,
DNS can provide both the mapping for example to find the ip addresses of www.unacademy.com then we have to
type nslookup www.unacademy.com
DOMAIN NAME SPACE
• To have a hierarchical name space, a domain name space was designed. In this design the names are defined in
an inverted-tree structure with the root at the top. The tree can have only 128 levels: level 0 (root) to level 127
• Label
• Each node in the tree has a label, which is a string
with a maximum of 63 characters.
• The root label is a null string (empty string).
• DNS requires that children of a node (nodes that
branch from the same node) have different labels,
which guarantees the uniqueness of the domain
names.
• Domain Name
• Each node in the tree has a domain name. A full
domain name is a sequence of labels separated
by dots (.).
• The domain names are always read from the
node up to the root. The last label is the label of
the root (null). This means that a full domain
name always ends in a null label, which means
the last character is a dot because the null string
is nothing.
Telnet (Telecommunication Network)
• Telnet is a text-based protocol used for remote access to servers, operating on TCP port 23 and
following a client-server model, but lacks data encryption.
• Although useful for debugging and interactive sessions, its lack of security measures makes it
susceptible to eavesdropping and unsuitable for transmitting sensitive information.
• Largely replaced by more secure alternatives like SSH, Telnet still finds use in legacy systems
and specialized applications where high security is not crucial.
ARPANET (Advanced Research Projects Agency Network)
• ARPANET was the first wide-area network using packet switching, created in the late 1960s by
the U.S. Department of Defense, and it laid the groundwork for today's internet.
• It introduced early networking protocols like NCP, gave rise to applications like email, and was
designed for research and resource sharing, expanding to connect hundreds of institutions
over time.
• Though decommissioned in 1990, its technologies and concepts had a lasting impact, inspiring
subsequent networks and internet protocols, but initially lacked strong security measures.
X.25
• X.25 is an old protocol for wide area networks that includes features for error checking, virtual
circuit setup, and usage-based billing, operating across three layers of the OSI model.
• It was widely used in the past for applications like credit card processing and ATMs, supporting
slower data rates initially but evolving over time.
• Although its usage has declined due to faster protocols like IP, it inspired newer technologies
like Frame Relay and ATM and was a backbone for international data services before the
Internet.
Simple Network Management Protocol (SNMP)
• SNMP is a common tool for managing and monitoring network devices; it operates over UDP
and interacts with databases known as MIBs to control device properties.
• It works on a client-server model with an SNMP manager and agents, supports various
operations like GET, SET, and TRAP, and comes in different versions with varying security
features.
• It's scalable and used for real-time monitoring, collecting data either by polling from the
manager to the agent or trapping where the agent notifies the manager about specific events.
Voice over IP
• VoIP allows for versatile communication, including voice calls and multimedia, over IP
networks, offering cost savings and network efficiency.
• Relies on a stable internet connection and computer hardware; any disruption can affect the
telephone service.
• Susceptible to delays, security risks, and challenges in routing emergency calls due to the
nature of IP networks.
Remote Procedure Call
• Remote Procedure Call (RPC) allows
programs to execute procedures (functions)
on a remote server, as if they were local,
facilitating distributed computing.
• Operates over various transport protocols
such as TCP or HTTP and may include
authentication and encryption features for
secure communication.
• Often used in client-server architectures and
distributed systems, but can introduce
complexities like network latency and failure
handling.
firewall
• Firewalls act as security guards for network traffic, checking data packets and allowing or
blocking them based on set rules like IP addresses and port numbers.
• They offer different features like Stateful Inspection, Proxy Services, and VPN Support to
enhance security measures, some even include intrusion detection systems.
• Types of firewalls range from hardware versions that are separate devices to software ones
installed on individual computers, and they often come with logging and reporting features for
network monitoring.
Repeater
• Repeaters boost the strength of a signal as it travels through a communication channel, like a
telephone line or a radio frequency, to help it cover longer distances.
• In situations where signals lose power due to resistance or distance, a repeater amplifies the
signal before sending it further.
• In computer networking, repeaters operate on the physical layer of the OSI model, as they only
work with the actual signal and don't interpret data.
• Repeaters are used to extend transmissions so that the signal can cover longer distances or be received on the other side of
an obstruction.
• In computer networking, because repeaters work with the actual physical signal, and do not attempt to interpret the data
being transmitted, they operate on the physical layer, the first layer of the OSI model.
Hub
• Hubs are multiport repeater. An Ethernet hub, active hub, network hub, repeater hub, multiport repeater, or
simply hub is a network hardware device for connecting multiple Ethernet devices together and making them act
as a single network segment.
• It has multiple input/output (I/O) ports, in which a signal introduced at the input of any port appears at the
output of every port except the original incoming. A hub works at the physical layer (layer 1) of the OSI model.
Hubs are now largely obsolete, having been replaced by network switches except in very old installations
Bridge
• Bridge is used to connect two different lan. A network bridge is a computer networking device that
creates a single, aggregate network from multiple communication networks or network
segments. Bridging connects two separate networks as if they were a single network.
• In the OSI model, bridging is performed in the data link layer (layer 2).
Switch
• A network switch connects multiple devices on a network and uses MAC addresses to send
data directly to the right device.
• Unlike simpler devices like repeater hubs that send data to all ports, a switch is smarter and
only sends data to the specific device it's meant for.
• The most common type of switch is for Ethernet networks, and the first one was made by
Kalpana in 1990.
Router
• A router moves data between different computer networks, directing it based on
destination information.
• It checks a data packet's header to know where to send it next, using its own set
of rules or a "routing table."
• Simple routers are used in homes, while more advanced ones are for big
businesses and internet service providers.
Gateway
• A gateway is a piece of networking hardware or software used in telecommunications for
telecommunications networks that allows data to flow from one discrete network to another.
• Gateways are distinct from routers or switches in that they communicate using more than one
protocol to connect multiple networks and can operate at any of the seven layers of the open
systems interconnection model (OSI).
• The term gateway can also loosely refer to a computer or computer program configured to
perform the tasks of a gateway, such as a default gateway or router.

CN3nd4

Uploaded by

Document Informationclick to expand document information

Copyright:

Available Formats

CN3nd4

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CN3nd4

Uploaded by

Copyright:

Available Formats

Network layer

• Loose Source Route

• The payload is made up of two parts :

• Base header has eight fields

• The requesting machine

The error-reporting The query messages,

• Binary Notation - In binary notation, the IPv4 address

• Dotted-Decimal Notation - To make the IPv4 address

• There are 27 -2 = 126 networks in Class A network.

3rd Subnet 4th Subnet

• Default mask for different classes of IP Address are:

o Networks of same size always have the same subnet mask.

10100111 11000111 10101010 010_ _ _ _ _

Q Consider the network having IP Address 40.30.20.10/25 Divide this

3rd Subnet 4th Subnet

• Super netting decreases the number of 1’s in the mask.

• Rules for Super netting in CIDR

To Cost Next To Cost Next

• Reliable Versus Unreliable

• The combination of an IP address and a port number is called a socket address.

• Concept of Scaling Factor

• Reserved. This is a 6-bit field reserved for future use.

• Why to use UDP

2 It is a lossless protocol. RTP is a stateless protocol.

3 It is a slow process. It is a faster than TCP.

5 TCP is not generally used for RTP is used for ‘real-time’

3 Encryption process is slow. Encryption process is fast.

• A user can check the e-mail header prior to downloading.

• The World Wide Web (WWW) is a repository of information linked together

• HTTP version 1.1 specifies a persistent connection by default.

• Authoritative name servers This is organization’s DNS

• Flat Name Space

You might also like