Softpanorama (slightly skeptical) Open Source Software Educational Society

May the source be with you, but remember the KISS principle ;-)

Internet Layer of TCP/IP Protocol

(Adapted from Lecture notes for FDU students by Professor Nikolai Bezroukov)

Contents

Introduction

• Internet Protocol (IP)
• ICMP

IP Datagram Header

IP Address Types

• Unicast Addresses
• Broadcast Addresses
• Multicast Addresses

Receiving packets

Introduction

Internet protocol (IP) is implemented in most OSes like Solaris or windows in kernel. It is documented in RFC 791.  The Internet layer attempts to ensure that messages reach their destination system using the most efficient route. The Internet layer includes the Internet Protocol (IP) and Internet Control Message Protocol (ICMP).

Using a routing table, the Internet layer determines the next directly accessible node in route to the packet’s destination. This node is either the destination itself or the most immediate gateway to the destination.  In essence, the Internet layer is responsible for end to end (source to destination) packet delivery, whereas the data link layer is responsible for node to node (hop to hop) packet delivery.

The IP protocol  is responsible for fragmenting and routing data, while ICMP assists routing, and performs error detection and other network management tasks.

Internet Protocol (IP)

IP encapsulates data into IP datagrams, which in turn are encapsulated inside Network Interface layer frames.

IP datagrams are the basic units of information that are passed across a Transmission Control Protocol/Internet Protocol (TCP/IP) network. The datagram header contains information, such as the source IP address and the destination IP address. The header also contains information about which protocol will receive data from IP. These protocols are the User Datagram Protocol (UDP), the Transmission Control Protocol (TCP), and ICMP.

The IP implements two basic functions addressing (routing) of packets and  fragmentation of packets:

• Routing datagrams. The IP layer use the addresses carried in the internet header   to transmit internet datagrams toward their destinations.  The  selection of a path for transmission is called routing.
   
• Fragmenting and reassembly of datagrams. The IP layer use fields in the internet header to fragment an
    reassemble datagrams when necessary for transmission through "small packet" networks.

For the IP layer each internet datagram as an independent   entity unrelated to any other internet datagram.  There are no concepts of connections or logical circuits (virtual or otherwise) on this layer.  It uses  The uses four fields in the IP header to perform its functions:  Type of Service, Time to Live, Options, and Header Checksum. A time-to-live (TTL) field determines how many routers or hosts can process a datagram before the datagram must be discarded.

Application data must fit in the data portion of Ethernet frame (or other Network interface layer protocol) as defined by MTU.  If packet is larger it should be fragmented at the router.  On Solaris MTU of network interface can be seen by using  command ifconfig -a as a root.

ICMP

ICMP is a companion protocol to IP.  It enables systems to send control or error messages to other systems. Essentially ICMP is a communication protocol between IP protocol implementations on two connected systems.

Message types that are send include:

• Time exceeded message (produced each time TTL is decremented to zero when datagram processed by the router). It often signals presence of routing loops.
• Echo messages. Messages that determine status of the other systems (echo request, echo reply),
• Routing related messages (destination unreachable, router advertisement, redirect, router solicitation).

Additional details of ICMP protocol are provided on a separate page.

IP Datagram Header

• Version. The version of the protocol, for example, 4 or 6
• Header Length. The length of a datagram header must be at least 20 bytes
• Type of Service. The specified quality of service
• Datagram Length. The length of the entire datagram, measured in bytes
• Datagram Identifier. The value assigned by the sender to make reassembly of fragments possible for receiving system
• Flags. Information related to fragmentation
• Fragment Offset. The location of the fragment in the datagram
• Time to Live. The maximum number of routers through which the datagram may pass
• Protocol. The Transport layer protocol to which the data in this datagram is delivered
• Checksum. The header checksum that verifies that the header is not damaged
• Source IP. Address The source system
• Destination IP. Address The destination system
• IP Options and Padding. Optional information and padding, if required

Refer to RFC 791 for detailed information about the header fields.

IP Datagram Payload

IP Address Types

IPv4 addresses are 32 bits in length. Each 8-bit field, or octet, is represented by a decimal number between 0 and 255 (for example, 129.150.182.31).

Each IPv4 address identifies a network and a unique interface on that network. The value of the high-order bits (first three bits) determine which portion of the IPv4 address is the network number and which portion is the host number. The network numbers are divided into three classes: Class A, Class B, and Class C. This addressing scheme is called classful IPv4 addressing.

Unicast Addresses

A system uses unicast addresses when it needs to communicate with another system. There are three classes of unicast addresses: Class A,  Class B, and Class C.

• Class A addresses are for very large networks and provide 16,777,214 host addresses. For example 10.10.10.10 is class A unicast address. If the first bit is 0, that bit and the next seven bits define the network number, and the remaining 24 bits define the host number. This allows for up to 128 Class A networks.
  • The Internet Assigned Numbers Authority (IANA) has reserved two class A network for special purposes: 
    • 10.0.0.0 –10.255.255.255 for private networks. These addresses are not routed in the Internet. Refer to RFC 1918 for additional details.
    • 127.0.0.1 is reserved for the loopback interface.
• Class B addresses are for large networks and provide 65,534 host addresses. Figure 5-7 shows the beginning of the address in binary format. If the first two bits are 10, those two bits and the next 14 bits define the  network number, and the remaining 16 bits define the host number. This allows for 16,384 Class B networks.
  •  The IANA has reserved 172.16.0.0–172.31.255.255for private networks. These addresses are not routed in the Internet. Refer to RFC 1918 for additional details.
• Class C addresses are for small-sized and mid-sized networks and provide 254 host addresses. If the first three bits are 110, those three and the next 21 bits define the network number, and the remaining eight bits define the host number. This allows for up to 2,097,152 Class C networks.
  • The IANA has reserved 192.168.0.0–192.168.255.255 for private networks. These addresses are not routed in the Internet. Refer to RFC 1918 for additional details.

Broadcast Addresses

A broadcast address is the address that reaches all systems on the network. A broadcast means that data is simultaneously sent to all of the hosts on the local area network (LAN). The default broadcast address is an address that has a host number of all ones when represented in binary. An example of a broadcast address is 128.50.255.255. You use the ifconfig utility to configure an interface’s broadcast address.

This is similar to MAC broadcasts, in which a special address with all 1s is used for broadcast purposes (FF:FF:FF:FF:FF). In a similar manner, if all bits in the host part of the IP address are 1, it is considered a broadcast address. If you use the rightmost octet for host addressing and the remaining three octets for the network part, for example, all 1s in the rightmost octet will make this address a broadcast address. In network 192.168.2.0, the broadcast address is 192.168.2.255. If you use the two rightmost octets for the host part of the IP address, the netmask will be 255.255.0.0. If a host has an IP address 172.16.20.100 with a netmask 255.255.0.0, the network address will be 172.16.0.0 and the broadcast address will be 172.16.255.255.

Address 255.255.255.255 is a special type of broadcast, and any packet sent to this address is received by all hosts on a network. However, routers usually don't forward broadcast IP packets to avoid flooding the Internet (commonly known as a denial of service, DoS, attack).

Multicast Addresses

Multicasting is a very efficient way to send large amounts of data to many systems at the same time. A multicast address identifies interfaces that belong to a specific multicast group. Packets that are sent to a multicast address are received by all interfaces that are associated with the multicast address.

If the first four bits are 1110, which makes the first field an integer value between 224 and 239, the address is a multicast address. The remaining 28 bits comprise a group identification number for a specific multicast group. An IPv4 multicast address is a destination address for one or more hosts, while a Class A, B, or C address is an address for an individual host. The IPv4 multicast address maps to an Ethernet multicast address so that the network interface listens for a multicast traffic. The low-order 23 bits of the IPv4 multicast address are placed into the low-order 23 bits of the Ethernet multicast address. Therefore, an IPv4 multicast address of

224.0.0.1 maps to 01:00:5e:00:00:01.

Receiving packets

When the Internet  layer of any host receives an IP packet,  it compares the destination IP address with its own IP address. If the destination address is not the host's own IP address or a broadcast address, the IP layer discards it.

Recommended Links

Network layer - Wikipedia, the free encyclopedia

Examples

From Wikipedia

Last Modified: June 02, 2008