1. An overview of the

Because the network layer is the core of the entire Internet, the network layer should be made as simple as the network layer. The network layer provides only simple, flexible, connectionless, and best interactive datagram services

Using THE IP protocol, heterogeneous physical networks can be linked together, making the network layer appear to be a single network

Three other protocols are used with the IP protocol

  • Address Resolution Protocol (ARP)
  • Internet Control Message Protocol (ICMP)
  • Internet Group Management Protocol (IGMP)

2.IP datagram format

  • Version: IPv4 and IPv6.
  • Head length: 4 bits, so the maximum is 15. A value of 1 indicates the length of a 32-bit word, which is 4 bytes. Because the fixed part length bit is 20 bytes, the minimum value is 5. If the length of the optional field is not an integer multiple of 4 bytes, it is filled with the padding portion of the tail
  • Service differentiation: used to get better service, generally not applicable
  • Total length: including header length and data part length
  • TTL, which exists to prevent undeliverable packets from traveling in circles over the Internet. In the unit of router hops, the datagram is discarded when TTL is 0
  • Protocol: Indicates the protocol to which the carried data should be processed, such as ICMP,TCP, and UDP
  • Header checksum: since datagrams do not pass through a router, they need to be computed and checked, so the checksum does not contain the data part to reduce the computational workload
  • Identification: In the case that a datagram is too long to be sharded, different shards of the same datagram have the same identifier
  • Slice offset: Used in conjunction with the identifier when sharding occurs. The unit of slice offset is 8 bytes

3. Address offset mode

The addressing of IP addresses has gone through three historical stages:

  • classification
  • subnetting
  • No classification

3.1 classification

It consists of two parts, network number and host number. Different categories have different network number lengths and are fixed

  • IP address ::={< network number >,< host number >}

3.2 Subnets

The two IP addresses are divided into three IP addresses by taking part of the host NUMBER field as the subnet number

  • IP address ::= {< network number >,< subnet number >,< host number >}

  • To use a subnet, you must configure a subnet mask

    • The default subnet mask of a Class B address is 255.255.0.0. If the subnet of a Class B address has two bits, the subnet mask is 1111111111 11000000 00000000, that is, 255.255.192.0
  • Note that the external network does not see the subnet

3.3 no classification

Classless CIDR eliminates the traditional concept of class A,B, and C addresses and subnets. IP addresses are encoded using network prefixes and host numbers, which can vary in length as needed

  • IP address ::= {< network prefix number >,< host number >}
  • CIDR is denoted by adding the network prefix length after the IP address
    • For example, 128.14.35.7/20 indicates that the first 20 digits are network prefixes
  • The CIDR address mask can continue to be called a subnet mask. The first length of the subnet mask is the length of the network prefix
  • A CIDR address block contains many addresses. A CIDR network can represent many original networks, and only one route can replace multiple routes in the routing table, reducing the number of routing entries. This method of reducing routing entries by using network prefixes is called route aggregation, also known as the construction of a hypernet
  • Items in the routing table are composed of “network prefix” and “next-hop address”. When searching, more than one match may be obtained. The most prefix match should be used to determine which one should be matched

4. Address resolution protocol ARP

The network layer implements communication between hosts, while the link layer implements communication between specific links. Therefore, during communication, the source and destination addresses of IP datagrams remain the same, while the MAC address changes with the link

  • ARP obtains MAC addresses from IP addresses

  • Each host has an ARP cache, which contains the MAPPING table from IP addresses to MAC addresses of hosts and routers on the local LAN

If host A know the IP address of the host B, but not in the ARP cache the IP addresses to MAC address mapping, the host A send ARP request packet, by means of radio host B after receiving the request will send ARP packet to host A corresponding told its MAC address, then the host to tell A cache writes the IP address of the host B MAC address mapping

5. Internet Control Message Protocol, ICMP

ICMP is intended to forward IP datagrams more efficiently and improve the chances of successful delivery. It is encapsulated in IP datagrams, but is not part of the high-level protocol

  • ICMP packets are classified into error report packets and query packets

5.1 the Ping

Ping is an important application of ICMP to test the connectivity between two hosts

  • Ping sends an ICMP Echo request packet to the destination host. After receiving it, the destination host sends an Echo reply packet
  • Ping calculates the round trip time and packet loss rate based on the time and number of successful packets

5.2 Traceroute

Traceroute is another application of ICMP to trace the path of a packet from source to destination

The IP packets sent by Traceroute encapsulate UDP user packets that cannot be delivered, and the destination host sends unreachable error packets

  • The source host sends a stream of IP datagrams to the destination host. The TTL of the first datagram P1 is set to 1. When P1 reaches the first router R1 on the path,R1 takes it and reduces the TTL by one. At this point, THE TTL equals 0,R1 discards P1 and sends an ICMP timeout report packet to the source host
  • The source host then sends a second datagram, P2, with a TTL set to 2. P2 reaches R1 first, and R1 receives the TTL minus and forwards it to R2, which also receives the TTL minus one. Since the TTL is 0,R2 discards P2 and sends an ICMP time supermarket error message to the source host
  • This step is repeated until the last datagram has just arrived at the destination host, which does not forward the datagram or decrease the TTL value by one. However, because datagrams encapsulate UDP packets that cannot be delivered, the destination host sends an ICMP destination unreachable error message to the source host
  • Then the source host knows the IP address of the router that reaches the destination host and the round-trip time of each router

6. Virtual private network VPN

Due to the shortage of IP addresses, the number of IP addresses that can be applied for by an organization is usually smaller than the number of hosts in the organization. And an organization does not need to connect all its hosts to the external Internet. The computers in the organization can use IP addresses (private addresses) that are valid only in the organization.

There are three dedicated address blocks:

  • 10.0.0.0 – those
  • Along ~ 172.31.255.255
  • 192.168.0.0-192.168.255.255

A VPN uses the public Internet as the communication carrier between private networks in an organization. Special means that the host in the organization only communicates with other hosts in the organization; Virtual means as if it were, but it isn’t, it’s over the public Internet

In the following figure, the communication between site A and site B goes through the Internet. If host X of site A wants to communicate with host Y of site B, the source address of the IP packet is 10.1.0.1 and the destination address is 10.2.0.3. The datagram is first sent to router R1 of the Internet necklace, which encrypts the internal data and then rewrites the header of the datagram with router R1’s global address 125.1.2.3 as the source and ROUTER R2’s global address 194.4.5.6 as the destination. After receiving the datagram, Router R2 decrypts the data part and restores the original datagram. At this time, the destination address is 10.2.0.3, which is delivered to Y

7. Network address translation NAT

If a host on a private network uses a local IP address and wants to communicate with a host on the Internet, NAT can translate the local IP address into a global IP address

Previously,NAT mapped the local IP address to the global IP address. In this mode, a private network with N global IP addresses can access the Internet at most N hosts at the same time. To make more efficient use of global IP addresses, the commonly used NAT table also uses the port numbers of the transport layer, so that hosts on multiple private networks share a global IP address. NAT using port numbers is also called NAPT

8. The router

8.1 Router Structure

Routers are divided into routing and packet forwarding functions

Packet forwarding architecture consists of three parts: switching architecture, a set of input ports and a set of output ports

8.2 Packet forwarding process of routers

  • The IP address D of the destination host is extracted from the header of the data packet to obtain the destination network address N
  • If N is a network address directly connected to the router, direct delivery is performed
  • If there is a specific host route with destination ADDRESS D in the routing table, the datagram is forwarded to the next-hop router specified in the table
  • If there is a route to network N in the routing table, the datagram is forwarded to the next-hop router specified in the routing table
  • If there is a default route in the routing table, the datagram is passed to the default router specified in the routing table
  • Forwarding packet error reported

8.3 Routing Protocol

Routing protocols are adaptive and can be adjusted adaptively with the changes of network traffic and topology

  • The Internet can be divided into a number of smaller autonomous systems (AS), one of which can use a different routing protocol than the others
  • Routing protocols can be divided into two broad categories
    • Route selection within an AS: RIP and OSPF
    • Routing between autonomous systems :BGP

8.3.1 Internal Gateway PROTOCOL RIP

RIP is a routing protocol based on distance vector. The distance refers to the hop count. The hop count of the directly connected router is 1. The maximum number of hops is 15. If the number exceeds 15, the number is unreachable

RIP exchanges routing tables with neighboring routers only at fixed intervals. After several exchanges, all routers finally know the shortest distance to any network in the local AS and the next-hop router address

Distance vector algorithm:

  • In a RIP packet sent from a neighboring router whose ADDRESS is X, all items in the packet are modified, the address in the next hop field is changed to X, and all distance fields are added by 1
  • Perform the following steps for each item in the modified RIP packet
  • If the destination network N does not exist in the original routing table, add the item to the routing table
  • Otherwise: If the next-hop router address is X, the received item is replaced with the item in the original routing table. Otherwise: If the distance D in the received item is smaller than the distance in the routing table, it is updated (for example, if the original routing entry is Net2, 5, P and the new entry is Net2, 4, X, it is updated). Otherwise, do nothing.
  • If the updated routing table of the neighboring router is not received within three minutes, the neighboring router is marked as unreachable, that is, the distance is set to 16

RIP is simple to implement and cost little. However, the maximum distance that RIP can use is 15, which limits the network scale. In addition, when a network fault occurs, it takes a long time to send the message to all routers

8.3.2 OSPF of the Internal Gateway

Open shortest Path First (OSPF) is developed to overcome the disadvantages of RIP

Open indicates that OSPF is not controlled by a vendor and is published publicly. Shortest path first: The shortest path algorithm SPF proposed by Dijkstra is used

OSPF has the following characteristics:

  • To send messages to all routers in the autonomous system, this method is the flood method
  • The information sent is the link status of neighboring routers, which includes which routers are connected to and the measurement of the link, which is represented by cost, distance, delay, bandwidth, etc.
  • The router sends messages only when the link status changes

All routers have a consistent topology of the entire network. Compared with RIP, the OSPF update process converges quickly.

8.3.3 External Gateway BGP

Border GateWay Protocol

Routing between ass is difficult due to:

  • The Internet is huge
  • Each AS uses different routing protocols. Therefore, path metrics cannot be defined
  • For example, some ass do not want to allow other ass to pass through

BGP can only search for a good route

BGP spokesmen must be configured for each AS. TCP connections are established between two adjacent BGP spokesmen to exchange routing information