Chapter 5 Network Layer CIS 81 Networking Fundamentals Rick Graziani Cabrillo College [email protected] Last Updated: 3/9/2008

Chapter 5Network Layer

CIS 81 Networking Fundamentals

Rick Graziani

Cabrillo College

[email protected]

Last Updated: 3/9/2008

2

This Presentation

For a copy of this presentation and access to my web site for other CCNA, CCNP, and Wireless resources please email me for a username and password. Email: [email protected] Web Site: www.cabrillo.edu/~rgraziani

3

Note

This presentation is not in the order of the book or online curriculum. This presentation also contains information beyond the curriculum.

Network Layer Overview

5

Network Layer

IPv4

6

Application Header + data

IP Header

0 15 16 31 4-bit

Version 4-bit

Header Length

8-bit Type Of Service (TOS)

16-bit Total Length (in bytes)

16-bit Identification

3-bit Flags

13-bit Fragment Offset

8 bit Time To Live

TTL

8-bit Protocol

16-bit Header Checksum

32-bit Source IP Address

32-bit Destination IP Address

Options (if any)

Data

7

IP

IP

IP IP

8

Focus on Transport LayerIP

IP

9

Network Layer

The Network layer (Layer 3) provides services to exchange the data over the network between identified end devices.

Layer 3 uses four basic processes: Addressing Encapsulation Routing Decapsulation

0 15 16 31 4-bit

Version 4-bit

Header Length




3-bit Flags


8 bit Time To Live

TTL

8-bit Protocol




Options (if any)

Data

10

Addressing

0 15 16 31 4-bit

Version 4-bit

Header Length




3-bit Flags


8 bit Time To Live

TTL

8-bit Protocol




Options (if any)

Data

172.16.3.10192.168.100.99 Source IP = 192.168.100.99

Destination IP = 172.16.3.10


Source IP = 172.16.3.10

Source IP Address Destination IP Address

More later!

11

DataHTTP Header

TCP Header

IP Header

Data Link Header

Data Link Trailer

IP PacketData Link Header

Data Link Trailer


Data Link Trailer


Data Link Trailer


Data Link Trailer


Data Link Trailer


Data Link Trailer

DataHTTP Header

TCP Header

IP Header

Data Link Header

Data Link Trailer

Encapsulation and Decapsulation

12

Decapsulation

When the packet arrives at the destination host and is processed at Layer 3.

The host examines the destination address to verify that the packet was addressed to this device.

If the address is correct, the packet is decapsulated by the Network layer and the Layer 4 PDU contained in the packet is passed up to the appropriate service at Transport layer.

Application Header + data

13

Routing

Routers examine Layer 3 Destination IP addresses to forward packets. Search their routing tables for a match with a network address. Send the packet on to the next-hop router. Last router in path forwards the router to the host matching the

Destination IP address of the packet.

0 15 16 31 4-bit

Version 4-bit

Header Length




3-bit Flags


8 bit Time To Live

TTL

8-bit Protocol




Options (if any)

Data

172.16.3.10192.168.100.99

Source IP = 192.168.100.99


14

Network Layer Protocols

The Internet Protocol (IPv4 and IPv6) is the most widely-used Layer 3 data carrying protocol and will be the focus of this course.

15

IPv4 basic characteristics:

16

Connectionless

IP packets are sent without notifying the end host that they are coming. TCP: A connection-oriented protocol does requires a connection to be

established prior to sending TCP segments. UDP: A connectionless protocol does not require a session to be

established.

17

Best Effort Service (unreliable)

The mission of Layer 3 is to transport the packets between the hosts while placing as little burden on the network as possible. Speed over reliability

Layer 3 is not concerned with or even aware of the type of data contained inside of a packet. This responsibility is the role of the upper layers as required.

Unreliable: IP does not have the capability or responsibility to manage, and recover from, undelivered or corrupt packets. TCP’s responsibility at the end-to-end hosts

18

Responsibility of the OSI Data Link layer to take an IP packet and prepare it for transmission over the communications medium.

Transport of IP packets is not limited to any particular medium. In some cases a router will need to split up a packet when

forwarding it from one media to a media with a smaller MTU. fragmenting the packet or fragmentation.

Media Independent

19

TCP MSS = 1460

Data = 1460 octets

20 octets 20 octets 1460 octets

1500 octets

Determining TCP MTU Typically, an end system uses the "outgoing interface MTU" minus 40 as its

reported MSS. For example, an TCP over IP over Ethernet MSS value is 1460 (1500 - 40 =

1460). When a host (usually a PC) initiates a TCP session with a server, it negotiates

the TCP segment size by using the maximum segment size (MSS) option field in the TCP SYN packet. (curriculum say IP segment).

The value of the MSS field is determined by the maximum transmission unit (MTU) configuration on the host.

The default Ethernet MTU value for a PC is 1500 bytes. (curriculum says MSS)

TCP MSS defines the maximum size of the data in the TCP segment.

Ethernet MTU defines the maximum size of the data in the Ethernet frame.

The host using Ethernet, MTU of 1500 octets so I will set my MSS to 1460.

20

IP Header

IP Destination Address 32-bit binary value that represents the packet destination

Network layer host address. IP Source Address

32-bit binary value that represents the packet source Network layer host address.

21

When a packet is first generated a value is entered into the TTL field. Originally, the TTL field was the number of seconds, but this was difficult to

implement and rarely supported. Now, the TTL is now set to a specific value which is then decremented by each

router.

IP’s TTL – Time To Live field

22


If the router decrements the TTL field to 0, it will then drop the packet (unless the packet is destined specifically for the router, I.e. ping, telnet, etc.).

Common operating system TTL values are: UNIX: 255 Linux: 64 or 255 depending upon vendor and version Microsoft Windows 95: 32 Other Microsoft Windows operating systems: 128

Decrement by 1, if 0 drop the packet.

23

http://www.switch.ch/docs/ttl_default.htmlTTL Overview - Disclaimer:The following list is a best effort overview of some widely used TCP/IP stacks. The information was provided by vendors and

many helpful system administrators. We would like to thank all these contributors for their precious help ! SWITCH cannot, however, take any responsibility that the provided information is correct. Furthermore, SWITCH cannot be made liable for any damage that may arise by the use of this information.

+-------------------------------+-------+---------+---------+| OS Version |"safe" | tcp_ttl | udp_ttl |+-------------------------------+-------+---------+---------+ AIX n 60 30 DEC Pathworks V5 n 30 30 FreeBSD 2.1R y 64 64 HP/UX 9.0x n 30 30 HP/UX 10.01 y 64 64 Irix 5.3 y 60 60 Irix 6.x y 60 60 Linux y 64 64 MacOS/MacTCP 2.0.x y 60 60 OS/2 TCP/IP 3.0 y 64 64 OSF/1 V3.2A n 60 30 Solaris 2.x y 255 255 SunOS 4.1.3/4.1.4 y 60 60 Ultrix V4.1/V4.2A n 60 30 VMS/Multinet y 64 64 VMS/TCPware y 60 64 VMS/Wollongong 1.1.1.1 n 128 30 VMS/UCX (latest rel.) y 128 128 MS WfW n 32 32 MS Windows 95 n 32 32 MS Windows NT 3.51 n 32 32 MS Windows NT 4.0 y 128 128

Assigned Numbers (RFC 1700, J. Reynolds, J. Postel, October 1994):

IP TIME TO LIVE PARAMETER

The current recommended default time to live (TTL) for the Internet Protocol (IP) is 64.

Safe: TCP and UDP initial TTL values should be set to a "safe" value of at least 60 today.

24

The idea behind the TTL field is that IP packets can not travel around the Internet forever, from router to router.

Eventually, the packet’s TTL which reach 0 and be dropped by the router, even if there is a routing loop somewhere in the network.


Decrement by 1, if 0 drop the packet.

25

IP’s Protocol Field

Protocol field enables the Network layer to pass the data to the appropriate upper-layer protocol.

Example values are: 01 ICMP 06 TCP 17 UDP

26

IP’s ToS Field

Type-of-Service is used to determine the priority of each packet. Enables Quality-of-Service (QoS) mechanism for high priority traffic such

as; VoIP Streaming video

For ToS to be used: Hosts set ToS field (can be an intermediary device such as a switch) Routers must be configured to examine ToS

27

IP Fragmentation

A router may have to fragment a packet when forwarding it from one medium to another medium that has a smaller MTU. If Don’t Fragment flag set, it will not fragment packet, but discard it.

Fragment Offset field and More Fragments flag is used to reconstruct the packet at the destination host.

Data = 1480 bytesIP

Data = 500IP

Data = 480IP

IP Packet Fragments

Original IP Packet

IP Header = 20 bytes

Data = 500IP

Data = 500L2 L2

28

IP Fragmentation

When fragmentation occurs, it does not get reconstructed until it reaches the host. This takes processing time. Fragment Offset field identifies the order

IP Packet

IP Packet

IP Packet

IP Packet

IP Packet

IP Packet

IP Packet

IP Packet

IP Packet

IP PacketIP Packet

Network link with larger MTU

Network link with smaller MTU

Network link with larger MTU

29

Path MTU Discovery

Path MTU Discovery (Not discussed here, but is important) RFC 1191 (RFC1191) Path MTU Discovery and Filtering ICMP

Marc Slemko Link on CIS 81 web page

30

Other IPv4 fields

Version - Contains the IP version number (4) Header Length (IHL) - Specifies the size of the packet header. Packet Length - This field gives the entire packet size, including header and

data, in bytes. Identification - This field is primarily used for uniquely identifying fragments

of an original IP packet Header Checksum - The checksum field is used for error checking the

packet header. Options - There is provision for additional fields in the IPv4 header to

provide other services but these are rarely used.

Host and Network Addresses

32

IP Addresses – First look

Host IP addresses are IP addresses assigned to end devices such as: Client computers Server computers Printers Router interfaces

Note: the /16 refers to the subnet mask, which will be discussed later. Note: Intermediary devices such as a switch may have an IP address to allow

the network administrator to Telnet to the device for remote management.

Kiwi Airliners - Network Address 172.16.0.0/16

172.16.10.100/16

172.16.10.55/16

172.16.10.3/16

172.16.20.77/16

172.16.20.96/16

172.16.20.103/16

172.16.30.39/16

172.16.30.10/16

172.16.30.111/16

172.16.40.123/16

172.16.40.51/16

172.16.40.29/16

172.16.1.1/16

33


Host IP addresses are members of a group of addresses call the Network Address

IANA (Internet Assigned Numbers Authority) have the responsibility to allocate network addresses.

A company or individual needing a network addresses typically goes to their ISP

ISPs then allocate network addresses to their customers. More detail in the next chapter.


172.16.10.100/16

172.16.10.55/16

172.16.10.3/16

172.16.20.77/16

172.16.20.96/16

172.16.20.103/16

172.16.30.39/16

172.16.30.10/16

172.16.30.111/16

172.16.40.123/16

172.16.40.51/16

172.16.40.29/16

172.16.1.1/16

34


Default Gateway A router which is used to forward packets out of the network. This is a host IP address on the router.

The default gateway IP address is typically a host IP address which is on the same network as the host itself.

The host only has to be aware of: Its own network address Default gateway IP address to reach all devices outside its own network

Network Address 172.16.0.0

172.16.10.100/16

172.16.10.55/16

172.16.10.3/16172.16.1.1/16

ISP

Internet

Network Address 192.168.1.0/30

192.168.1.2/30

192.168.1.1/30

35


All hosts in the same network will typically have the same default gateway IP address.

Network Address 172.16.0.0

172.16.10.100/16

172.16.10.55/16

172.16.10.3/16172.16.1.1/16

ISP

Internet

Network Address 192.168.1.0/30

Gateway: 172.16.1.1

Gateway: 172.16.1.1

Gateway: 172.16.1.1

192.168.1.2/30

192.168.1.1/30

36

Confirming IP Address, Default GatewayC:\> ipconfig

Windows IP ConfigurationEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 172.16.10.100 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 172.16.1.1

Root# ifconfigeth0 Link encap:Ethernet HWaddr 00:0F:20:CF:8B:42 inet addr:172.16.1.100 Bcast:172.16.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2472694671 errors:1 dropped:0 overruns:0 frame:0 TX packets:44641779 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1761467179 (1679.8 Mb) TX bytes:2870928587 (2737.9 Mb) Interrupt:28

Linux: netstat –rn for default gateway information.

37

Subnets

Networks can be subdivided into subnets. This provides for several benefits which we will discuss later. Networks can be grouped based on factors that include:

Geographic location, Purpose, Ownership


172.16.10.100/24

172.16.10.55/24

172.16.10.3/24

172.16.20.77/24

172.16.20.96/24

172.16.20.103/24

172.16.30.39/24

172.16.30.10/24

172.16.30.111/24

172.16.40.123/24

172.16.40.51/24

172.16.40.29/24172.16.1.1/24

172.16.10.1/24 172.16.20.1/24 172.16.30.1/24 172.16.40.1/24

172.16.10.0/24 172.16.20.0/24 172.16.30.0/24 172.16.40.0/24

A Quick Look at Routing

39

Routing – First Look

Routers know about: Directly connected networks (C):

Network addresses of its interfaces Remote networks

Static routes Dynamic Routing Protocol (R = RIP)

192.168.1.254/24

C 192.168.2.0/24 is direction connected, FastEthernet0/1

Network 192.168.2.0/24

Network 192.168.1.0/24

40

Routers know about: Directly connected networks (C):

Network addresses of its interfaces When a router is configured with the IP address/mask on an interface the

router knows that it has an interface which is part of that network. This is just like a host that is configured with an IP address/mask. (coming)

192.168.1.254/24


Network 192.168.2.0/24

Network 192.168.1.0/24


41

Routers learn about remote networks using: Static routes Dynamic Routing Protocol (R = RIP)

Routes in a routing table have three main features: Destination network Next-hop Metric

192.168.1.254/24


Network 192.168.2.0/24

Network 192.168.1.0/24


42

Static routes Manually entered by the administrator

Dynamic Routing protocols Routers automatically learn about remote networks Ex: RIP, EIGRP, OSPF, IS-IS, BGP

192.168.1.254/24


Network 192.168.2.0/24

Network 192.168.1.0/24


43

Host Routing Table

Hosts also have a local routing table. Usually only contains:

Its own network address (directly connected network) Default gateway IP address

Hosts usually do not have remote networks in their routing tables

netstat –r

or

route print

Chapter 5Network Layer

CIS 81 Networking Fundamentals

Rick Graziani

Cabrillo College

[email protected]

Last Updated: 3/9/2008

Documents

Chapter 5 Network Layer CIS 81 Networking Fundamentals Rick Graziani Cabrillo College [email protected] Last Updated: 3/9/2008