Unit-1: TCP/IP Model, Addressing, IPv4,

Subnetting, DHCP, NAT

1. TCP/IP Model
The TCP/IP (Transmission Control Protocol/Internet Protocol) model is a conceptual
framework that defines how data is transmitted over a network. It is the foundation of the
Internet and is simpler than the OSI model.

Layers of TCP/IP Model

1. Application Layer
o Provides services directly to end-users.
o Handles protocols for communication like HTTP (web), FTP (file transfer),
SMTP (email), DNS (domain names).
o Corresponds to OSI’s Application, Presentation, and Session layers.
o Example: When you open a website, your browser sends an HTTP request via
this layer.
2. Transport Layer
o Ensures proper delivery of data between processes.
o Two main protocols:
▪ TCP (Transmission Control Protocol): Reliable, connection-
oriented, ensures error recovery, ordered delivery.
▪ UDP (User Datagram Protocol): Connectionless, faster but
unreliable, suitable for video streaming or gaming.
o Provides port numbers to identify applications.
3. Internet Layer
o Responsible for logical addressing and routing.
o Protocols: IP (IPv4/IPv6), ICMP, IGMP.
o Defines how packets are created, addressed, and routed from source to
destination.
o Example: A packet sent from 192.168.1.2 to 142.250.183.110 (Google server).
4. Network Access Layer (Link Layer)
o Handles physical transmission of data over media like cables, Wi-Fi.
o Includes Ethernet, Wi-Fi (IEEE 802.11), ARP (Address Resolution
Protocol).
o Uses MAC addresses for delivery within the same local network.
TCP/IP vs OSI Model

Feature OSI Model (7 layers) TCP/IP Model (4 layers)

Application, Presentation, Session, Application, Transport,
Layers
Transport, Network, Data Link, Physical Internet, Network Access
DARPA (for ARPANET →
Developed By ISO
Internet)
Practical, real-world Internet
Usage Mainly theoretical
model
Protocol Same (but grouped into fewer
HTTP, FTP, TCP, IP, Ethernet
Examples layers)

2. Types of Addressing
Communication in networks needs different types of addresses at different layers:

1. Physical Address (MAC Address)

o A 48-bit unique identifier burned into the NIC (Network Interface Card).
o Written in hexadecimal (e.g., 3A:52:6C:8F:21:9B).
o Used for communication within a LAN (Local Area Network).
o Example: An ARP request maps IP → MAC.
2. Logical Address (IP Address)
o A 32-bit IPv4 or 128-bit IPv6 hierarchical address.
o Example: IPv4 → 192.168.1.10, IPv6 →
2001:0db8:85a3::8a2e:0370:7334.
o Identifies a host across different networks (for routing).
3. Port Address
o A 16-bit number used by the Transport layer to identify processes.
o Example: HTTP → Port 80, HTTPS → Port 443, FTP → Port 21.
o If a host has multiple applications running, port numbers separate their traffic.

3. IPv4 Addressing
IPv4 uses 32 bits divided into 4 octets (e.g., 192.168.1.1).
There are two schemes: Classful and Classless (CIDR).

3.1 Classful Addressing

Divides addresses into 5 classes (A–E):

 Leading # of Hosts per
Class Address Range Default Mask
Bits Networks Network
0.0.0.0 –
A 0 255.0.0.0 (/8) 128 ~16 million
127.255.255.255
128.0.0.0 –
B 10 255.255.0.0 (/16) 16K ~65K
191.255.255.255
192.0.0.0 – 255.255.255.0
C 110 2M 254
223.255.255.255 (/24)
224.0.0.0 –
D 1110 Multicast – –
239.255.255.255
240.0.0.0 –
E 1111 Experimental – –
255.255.255.255

➡ Example: 192.168.1.1 is Class C, default mask /24.

3.2 Classless Addressing (CIDR – Classless Inter-Domain Routing)

• Introduced to avoid wastage and provide flexibility.

• Uses network prefix notation (192.168.10.0/27).
• /27 → First 27 bits are network, 5 bits left for hosts → 32 addresses, 30 usable.
• More efficient than rigid Class A/B/C.

3.3 Special IPv4 Addresses

• 0.0.0.0 → Default route / “this host.”

• 255.255.255.255 → Limited broadcast.
• 127.0.0.1 → Loopback (testing TCP/IP stack).
• 169.254.x.x → APIPA (when DHCP fails).
• Private Addresses (not routable on Internet):
o Class A: 10.0.0.0 – 10.255.255.255
o Class B: 172.16.0.0 – 172.31.255.255
o Class C: 192.168.0.0 – 192.168.255.255

4. Subnetting
Subnetting is dividing a network into smaller sub-networks.

Steps for Subnetting:

1. Start with the network address (e.g., 192.168.10.0/24).

2. Decide how many subnets are required (say, 8).
 3. Formula: 2^n ≥ required subnets → n = 3.
4. New mask = /24 + 3 = /27 → 255.255.255.224.
5. Each subnet has 2^5 = 32 addresses (30 usable).

Subnet Ranges Example (/27):

• 192.168.10.0 – 192.168.10.31
• 192.168.10.32 – 192.168.10.63
• … up to 192.168.10.224 – 192.168.10.255

➡ Usable per subnet = 30 hosts.

5. Supernetting
• Opposite of subnetting → combines networks.
• Used by ISPs for route aggregation.
• Example: Four contiguous /24 networks:
o 192.168.0.0/24, 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24
→ Can be represented as 192.168.0.0/22.
• Reduces routing table entries.

6. DHCP (Dynamic Host Configuration Protocol)

• DHCP automates IP assignment.
• Works in Client–Server model.

Message Exchange (DORA Process):

1. Discover: Client broadcasts DHCPDISCOVER.

2. Offer: Server replies with DHCPOFFER (IP, mask, gateway, DNS).
3. Request: Client broadcasts DHCPREQUEST.
4. Acknowledge: Server confirms with DHCPACK.

➡ Without DHCP, admins must assign IPs manually.

7. NAT (Network Address Translation)

• NAT translates private IPs to public IPs.
• Useful since IPv4 addresses are limited.

Types of NAT:
 1. Static NAT: One private ↔ One public (permanent).
2. Dynamic NAT: Private IPs mapped to a pool of public IPs.
3. PAT (Port Address Translation): Many private IPs share one public IP using ports
(most common in homes).

Example NAT Table:

Private IP:Port Public IP Translated Port Destination

10.0.0.2:50000 203.0.113.50 40001 142.250.183.110:80
10.0.0.3:50123 203.0.113.50 40002 151.101.1.69:443
Unit-2: IP Datagram, Fragmentation, ARP,
RARP, ICMP

1. IP Datagram
The IP datagram is the packet format used in IPv4. It contains two parts: Header (20–60
bytes) and Data (payload).

IPv4 Datagram Header Fields

Field Size Description

Version 4 bits IPv4 = 4
IHL (Header Length) 4 bits Min 5 (20 bytes), Max 15 (60 bytes)
Type of Service
8 bits QoS control (priority)
(TOS/DSCP)
Total Length 16 bits Entire datagram size (max 65,535 bytes)
Identification 16 bits Used for fragmentation/reassembly
Flags 3 bits Don’t Fragment (DF), More Fragments (MF)
Fragment Offset 13 bits Position of fragment in original datagram
TTL (Time to Live) 8 bits Prevents infinite looping
Upper-layer protocol (TCP=6, UDP=17,
Protocol 8 bits
ICMP=1)
Header Checksum 16 bits Error detection in header
Source IP 32 bits Sender’s IP address
Destination IP 32 bits Receiver’s IP address
Options Variable Security, routing, timestamp

2. Fragmentation
When a datagram is larger than the MTU (Maximum Transmission Unit), it is fragmented
into smaller packets.

Fragmentation Rules

1. MTU = 1500 bytes (Ethernet).

2. IP header = 20 bytes → max data per fragment = 1480 bytes.
3. Fragment Offset = (starting byte of fragment ÷ 8).
4. MF flag = 1 if more fragments follow.

Example Numerical

A datagram of 4000 bytes (20-byte header + 3980 data) over Ethernet (MTU=1500).

• Max data per fragment = 1480.

• Fragment 1: Data=1480, Offset=0, MF=1
• Fragment 2: Data=1480, Offset=185, MF=1
• Fragment 3: Data=1020, Offset=370, MF=0

3. Header Checksum
Checksum ensures integrity of header only.

• Sender calculates checksum using 1’s complement sum.

• Receiver recalculates and compares.

Example Numerical

Header words:

0x4500 0x0034 0x0000 0x4000 0x4006

0x0000 0xC0A8 0x0001 0xC0A8 0x00C7

Steps:

1. Add all 16-bit words = 0x44754.

2. Add carry = 0x4755.
3. 1’s complement → Checksum = 0xB8AB.

4. IPsec (Internet Protocol Security)

Provides confidentiality, integrity, authentication at network layer.

Modes
 • Transport Mode: Encrypts only payload, header unchanged (used in host-to-host).
• Tunnel Mode: Encrypts entire packet and adds new header (used in VPNs).

Protocols

• AH (Authentication Header): Integrity + authentication, no encryption.

• ESP (Encapsulating Security Payload): Encryption + integrity.

5. ARP (Address Resolution Protocol)

Maps IP address → MAC address within LAN.

Working

1. Host wants to send to 192.168.1.10.

2. Checks ARP cache; if missing, sends ARP Request (broadcast).
3. Target replies with ARP Reply (unicast) containing MAC.
4. Entry stored in ARP table.

Example

IP Address MAC Address

192.168.1.1 3A:52:6C:8F:21:9B
192.168.1.10 4C:72:B9:11:AC:55

6. RARP (Reverse ARP)

• Reverse ARP maps MAC → IP.
• Used by diskless workstations at boot.
• Replaced by BOOTP/DHCP because RARP only provided IP, not mask or gateway.

7. ICMP (Internet Control Message Protocol)

Used for error reporting and diagnostics.

Types of Messages

• Echo Request/Echo Reply → ping command.

• Destination Unreachable → Router can’t reach host.
• Time Exceeded → TTL expired (used in traceroute).
Example ICMP Checksum

Data:

0x0800 0x0000 0x1234 0x0001 0x6162 0x6364

1. Sum = 0xDEFB.
2. 1’s complement = 0x2104 (checksum).

Traceroute Example

• Sends packets with TTL=1, TTL=2, …

• Each router replies Time Exceeded → reveals route path.

8. TCP Checksum
Covers:

• TCP header + data

• Pseudo-header (Source IP, Destination IP, Protocol, TCP Length)

Ensures end-to-end reliability.

➡ Example: With short data “AB”, checksum = 0x5A97.