Professional Documents
Culture Documents
INTERNET PROTOCOL
(IP)
MUKESH CHINTA
ASSISTANT PROFESSOR, CSE, VRSEC
The main protocol of the network layer, is responsible for
packetizing, forwarding, and delivery of a packet at the network layer.
The helps IPv4 to handle some errors that
may occur in the network-layer delivery.
The is used to help IPv4 in multicasting.
The is used to glue the network and data-link layers in mapping
network-layer addresses to link-layer addresses. Mukesh Chinta, Asst Prof, CSE
2
Internet Protocol version 4 (IPv4) is the fourth version in the development of the Internet Protocol
(IP) and the first version of the protocol to be widely deployed. IPv4 is described in IETF publication
RFC 791 (September 1981), replacing an earlier definition (RFC 760, January 1980).
IP is the waist of the hourglass of the Internet protocol architecture.
IPv4 is an unreliable datagram protocol-a best-effort delivery service
In Service type interpretation, the first 3 bits are called precedence bits. The next 4 bits are called type of
service (TOS) bits, and the last bit is not used. The precedence defines the priority of the datagram in issues
such as congestion. If a router is congested and needs to discard some datagrams, those datagrams with
lowest precedence are discarded first. TOS bits is a 4-bit subfield with each bit having a special meaning.
In Differentiated services interpretation, the first 6 bits make up the codepoint subfield, and the last 2 bits are
not used.
Mukesh Chinta, Asst Prof, CSE 5
The DSCP is defined in RFC 2474 and 2475. It is a
method that classifies the way an IP packet is queued
Precedence Values while waiting to be forwarded within a router.
A router or end host assigns one of 64 possible
forwarding behaviors known as Per Hop Behaviors
(PHBs). A PHB provides a particular service level
(bandwidth, queuing, and dropping decisions) in
accordance with network policy.
Using DSCP, a system (or router) can assign Assured
forwarding (AF) codepoints, using one of four AF
classes and one of three drop precedence values. It is
also allowed to enter your own non-standard
codepoints. 6
This 16-bit field defines the total length (header plus data) of the IP datagram in bytes. This
field allows the length of a datagram to be up to 65,535 octets. This field helps the receiving device to know
when the packet has completely arrived.
Length of data = total length - (HLEN) X 4
If IP packet is fragmented during the transmission, all the fragments contain same
identification number to identify original IP packet they belong to.
As required by the network resources, if IP Packet is too large to handle, these flags tells if they can
be fragmented or not. In this 3-bit flag, the MSB is always set to 0.
This field tells the exact position of
the fragment in the original IP Packet. The fragment offset is
measured in units of 8 octets (64 bits). The first fragment has offset
zero.
The data link layer implementation puts the entire IP datagram into the data portion (the payload) of
its frame format, just as IP puts transport layer messages, transport headers and all, into its IP Data
field.
Maximum size of IP datagram is 65535, but the data link layer protocol generally imposes a limit
that is much smaller. For example, Ethernet frames have a maximum payload of 1500 bytes - IP
datagrams encapsulated in Ethernet frame cannot be longer than 1500 bytes.
The limit on the maximum IP datagram size, imposed by the data link protocol is called maximum
transmission unit (MTU). The value of the MTU differs from one physical network protocol to
another.
IP datagram is fragmented into smaller units if the size of an IP datagram exceeds the MTU
Mukesh Chinta, Asst Prof, CSE 10
A datagram can be fragmented by the source host or any router in the path. The reassembly
of the datagram, however, is done only by the destination host, because each fragment
becomes an independent datagram.
The 16-bit identification field identifies a datagram originating from the source host. The
combination of the identification and source IP address must uniquely define a datagram as it
leaves the source host. The identification number helps the destination in reassembling the
datagram. It knows that all fragments having the same identification value should be
assembled into one datagram.
The 3-bitflags field defines three flags.
The leftmost bit is reserved (not used).
The second bit (D bit) is called the do not fragment bit. If its value is 1, the machine must not
fragment the datagram. If it cannot pass the datagram through any available physical network, it
discards the datagram and sends an ICMP error message to the source host. If its value is 0, the
datagram can be fragmented if necessary.
The third bit (M bit) is called the more fragment bit. If its value is I, it means the datagram is not
the last fragment; there are more fragments after this one. If its value is 0, it means this is the last
or only fragment. Mukesh Chinta, Asst Prof, CSE 11
The 13-bit fragmentation offset field shows the relative position of this fragment with
respect to the whole datagram. It is the offset of the data in the original datagram
measured in units of 8 bytes.
The example shows a datagram with a data size of 4000 bytes fragmented into three
fragments. The bytes in the original datagram are numbered 0 to 3999.
The first fragment carries bytes 0 to 1399. The offset for this datagram is 0/8 = O.
The second fragment carries bytes 1400 to 2799; the offset value for this fragment is 1400/8 = 175.
Finally, the third fragment carries bytes 2800 to 3999. The offset value for this fragment is 2800/8 = 350.
End of Option Used for padding at the end of the option field. Can only be used as the last option
Record Route Used to record the Internet routers that handle the datagram. It can list upto nine router
addresses. Useful for debugging and management purposes.
Strict Source Route Used by the source to predetermine a route for the datagram as it travels through the
internet. This serves several purposes such as selecting a route which provides specific service or even safer or
reliable. With this option, all the routers defined must be visited by the datagram. No other listed router should be
visited and if it happens, the datagram must be discarded and error message is issued.
Loose Source Route Similar to the above option, but is less rigid. Every router on the list must be visited, but
other routers can also be visited.
Timestamp Used to record the time of datagram processing by a router expressed in milliseconds. Useful for
tracking the behavior of the routers in the internet.
14
Three Main Security Issues applicable to the IP protocol:
: It involves interception of the packet by an intruder. It is an passive attack and very difficult to
detect. Can be over overcome by encrypting the packet making the content unintelligible.
Attacker intercepts the packet, changes its contents and sends the new packet to the
receiver. The receiver believes that the packet is coming from the original sender. Data integrity mechanisms can
be used to thwart this attack
An attacker can masquerade as someone else and create an IP packet that carries the source address
of another computer. It can be prevented using an origin authentication mechanism.
IPSec is a protocol, used in conjunction with IP creates a connection-oriented service between the two entities in
which they can exchange IP packets without being subjected to any of the above three attacks. IPSec provides the
following four services
Defining algorithms and keys
Packet encryption
Data Integrity
Origin Authentication
Mukesh Chinta, Asst Prof, CSE 15
Examples
Q) An IPv4 packet has arrived with the first few hexadecimal digits as shown.
(45000028000100000102 ... )16.
How many hops can this packet travel before being dropped? To which upper-layer
protocol does the data belong to?
A) To find the time-to-live field, we skip 8 bytes (16 hexadecimal digits). The time-to-live field is
the ninth byte, which is (01)16. This means the packet can travel only one hop. The protocol
field is the next byte (02)16, which means that the upper-layer protocol is IGMP.
Q) In an IPv4 packet, the value of HLEN is 5, and the value of the total length
field is (0028)16. How many bytes of data are being carried by this packet?
A. The HLEN value is 5, which means the total number of bytes in the header is 5 x 4, or 20
bytes (no options). The total length is (0028)16 or 40 bytes, which means the packet is
carrying 20 bytes of data (40 - 20).
Mukesh Chinta, Asst Prof, CSE 16
Examples
A) Because the M bit is 1, it is either the first fragment or a middle one. Because the offset value
is 0, it is the first fragment.
Q) A packet has arrived in which the offset value is 100, the value of HLEN is
5, and the value of the total length field is 100. What are the numbers of the
first byte and the last byte?
A) The first byte number is 100 x 8 = 800. The total length is 100 bytes, and the header length is
20 bytes (5 x 4), which means that there are 80 bytes in this datagram. If the first byte number
is 800, the last byte number must be 879.
Protocol Data Unit (PDU): A PDU is a message exchanged between two instances of a layer to coordinate their behavior.
It represents the basic element of horizontal communication. A PDU consists of the following two elements:
The Protocol Control Information (PCI) contains control information used to coordinate the two protocol instances
and is also called the packet header. A PCI carries protocol-specific data and is created by the sending instance,
depending on its state. The information is then evaluated and removed from the PDU in the receiver instance.
The Service Data Unit (SDU) contains the payload to be transmitted at the order of the higher-level layer. The SDU
of layer N normally consists of the PCI of layer (N + 1) and an SDU of layer (N + 1) (i.e., of the (N + 1) PDU).
Mukesh Chinta, Asst Prof, CSE 18
Home Work RFC (Requests for Comments)
https://www.ietf.org/rfc.html
A Request for Comments (RFC) is a type of publication from the Internet Engineering Task Force (IETF) and the
Internet Society (ISOC), the principal technical development and standards-setting bodies for the Internet.
An Internet Document can be submitted to the IETF by anyone, but the IETF decides if the document becomes an
RFC. Eventually, if it gains enough interest, it may evolve into an Internet standard.
Each RFC is designated by an RFC number. Once published, an RFC never changes. Modifications to an original
RFC are assigned a new RFC number
19