IPv4

ThenetworklayerorOpenSystemsInterconnection(OSI)Layer3providesservicestoexchangethe
individualpiecesofdataoverthenetworkbetweenidentifiedenddevices.Layer3usesthe
processesoutlinedinthefollowingsectionstoaddressthepackettotheproperdestination,
encapsulatethepacketwithnecessarydatafordelivery,routethepacketthroughthewebof
connectednetworksthatwilldeliverthepackettothedestinationnetworkfordelivery,andfinally
havethedestinationhostdecapsulatethedataforprocessing.
NetworkLayer:CommunicationfromHosttoHost
Thenetworklayerreceivessegmentsofdata,orPDUsfromthetransportlayer.Thenetworklayer
useprotocolstoaddaddressingandotherinformationtothePDUandsendittothenextrouter
alongthebestpathorroutetothedestinationnetwork.
Networklayerprotocols,(IP)arerulesandinstructionsthatdevicesusetoenablesharingofupper
layerinformationbetweenhosts.Theseprotocolsspecifytheaddressingandpackagingofa
transportlayerPDUanddescribehowthePDUistobecarriedwithminimumoverhead.
Thenetworklayerdescribes4tasks:addressing,encapsulation,routing,anddecapsulation.
Addressing
EachdevicehasauniqueIPaddress.DevicesinIPnetworksthathaveIPaddressesarecalledhosts.
SourceIPaddress=theIPaddressofthesendinghost
DestinationIPaddress=theIPaddressofthereceivinghost
Encapsulation
EachPDUsentbetweennetworksneedstobeidentifiedwithsourceanddestinationIPaddressesin
anIPheader.Encapsulationisaprocessofaddinginformation.(Figure51)
Routing
Routersaredevicesthatconnectnetworks,andcalculatethebestpathforthepackets.Routingis
theprocessroutersperformwhenreceivingpackets,analyzingthedestinationaddressinformation,
usingtheaddressinformationtoselectapathforthepacket,andthenforwardingthepacketonto
thenextrouterontheselectednetwork.Eachroutethatapackettakestoreachthenextdeviceis
calledahop.(Figure52)
Atthenetworklayer,therouteropensthepacketandlooksinthepacketheaderforIPaddress
information.Therouterwillchoosethebestnetworktodeliverthepacket.Therouterforwardsthe
packet.Thelastrouterwillrealizethatthepacketbelongstoadirectlyconnectednetworkandwill
forwarditoutthecorrectnetworkinterfaceforfinaldeliveryonthelocalnetwork.
Framing=encapsulationonlayer2orthedatalinklayer.
Decapsulation
Theroutersnetworkinterfacecard(NIC)acceptsthepacket,removesthelayer2encapsulation
data,andsendsthepacketuptothenetworklayer.Decapsulationistheprocessofremoving
encapsulationdataofdifferentlayers.
EncapsulationanddecapsulationoccuratalllayersoftheOSImodel.Thenetworklayeronly
decapsulatestheIPpacketatthefinaldestinationafterexaminingthedestinationaddressand
determiningthatthejourneyisover.
NetworkLayerProtocols
InternetProtocolversion4(IPv4)isanopensourceandallowsdevicesfromvariousmanufacturers
tocommunicatewitheachother.IPv4protocoldescribesservicesandpacketstructurethatareused
toencapsulateUserDatagramProtocol(UDP)datagramsorTCPsegmentshandeddownfromthe
transportlayeroftheOSImodel.(Table51)
IPv4:ExampleNetworkLayerProtocol
IPv4isusedtocarryuserdataovertheInternetandisthefocusoftheCCNA.
IPwasdesignedasaprotocolwithlowoverhead.Itprovidesonlythefunctionsthatarenecessaryto
deliverapacketfromasourcetoadestinationoveraninterconnectedsystemofnetworks.
Basiccharacteristics:connectionless,besteffortandmediaindependent
Connectionless
TCPsreliabilitycomesfrombeingconnectionoriented.IPisconnectionless,meaningthatthereis
noestablishedconnectionbetweenthesenderandthereceiver.TCP/IPstack:ifapacketislostor
late,TCPwillconnecttheproblematlayer4,andIPcanworkmoreefficientlyatlayer3.IPdoesnot
needasmuchinformationintheheaderasaTCPsegmentdoes.Itusesmuchlessprocessingpower
andbandwidth,calledoverhead,thanTCP.
BestEffort
IPisanunreliable,besteffortprotocol.IPpacketsaresentwithoutcertaintythattheywillbe
received.TheIPprotocolmakesabestefforttodeliverpackets,butithasnowayofdetermining
whetherthepacketsaredeliveredsuccessfullyorwhethertheyarelostenroute.
MediaIndependent
IPisnotconcernedwiththephysicalmediumthatcarriesthepacket.Thearrangementofbitsinthe
IPpacketandheaderwillnotbechangedasthepackettransfersfromwirelesstofiberoranyother
media.(Figure53)
ThesizeofthePDUisimportant.Somenetworkshavemediarestrictionsandmustenforcea
maximumtransmissionunit(MTU).TheMTUisdeterminedbytheOSIdatalinklayer,andthat
requirementispassedtothenetworklayer.Thenetworklayerthenbuildsthepacketsaccordingto
specification.Shouldthepacketcomeacrossanetworkthatrequiressmallerpackets,therouter
connectedtothenetworkwillfragmentthepacketsbeforeforwardingthemonthenetworks
medium.Thisprocessiscalledfragmentation.
IPv4Packet:PackagingtheTransportLayerPDU
IPv4encapsulatesthetransportlayersegmentordatagramsothatthenetworkcandeliverittothe
destinationhost.TheIPv4encapsulationremainsinplacefromthetimethepacketleavesthe
networklayeroftheoriginatinghostuntilitarrivesatthenetworklayerofthedestinationhost.
Theprocessofencapsulationdatabylayerenablestheservicesatthedifferentlayerstodevelopand
scalewithoutaffectingotherlayers.Thetransportlayersegmentscanbereadilypackagedbyexisting
networklayerprotocols.Thedataportionofthepacket(PDU)remainsunchangedduringthe
networklayerprocesses.
IPv4PacketHeader
TheIPheaderholdsthedeliveryandhandlinginstructionsforanIPpacket.Therouterlookstoa
specificfieldintheheadertoseewhichtypeisarriving.Theheaderalsocontainsaddressing
informationandotherdateabouthowtohandlethepacketalongtheway.(Figure54)
IPSourceAddress:32bitbinaryvalue,hostthatwillsendpacket
IPDestinationAddress:32bitbinaryvalue,hostthatwillreceivepacket
TimeToLive(TTL):8bitTTL,maximumhopsthepacketcantakebeforeitisconsideredlostor
undeliverable.ThepacketwillbedroppediftheTTLvaluereaches0.
TypeofService(ToS):levelofthroughputpriorityaroutershoulduse;QoS:qualityofservice
Protocol:indicatestheupperlayerprotocolthatwillreceivepacket
FlagandFragmentOffset:toreconstructthepacketwhenitarrivesatthedestinationhost.The
fragmentoffsetfieldindicatestheorderinwhichtoplacethepacketfragmentinthereconstruction.
Version:IPv4ofIPv6
InternetHeaderLength(IHL):lengthoftheheader
PacketLength:totallengthofthedatagram,includingheader.Min20bytes;max65,535bytes.
Identification:sentbysource
HeaderChecksum:indicatethelengthoftheheaderandcheckedbyeachrouteralongtheway.
Options:canprovideseveralroutingservices
Padding:usedtofillthebitswhenheaderdatadoesnotendona32bitboundary.
Networks:DividingHostsintoGroups
Networksarecommunitiesofcomputersandotherhosts.
CreatingCommonGroups
Largecomputernetworkscanbeseparatedintointernetworks.Departmentsandgroupsthatshare
computersandserversaregoodcandidatesfordividingintogroupsfromthelargenetworkintoa
commonsubnetwork,orsubnet.
GroupingHostsGeographically
Groupingnetworkhostsgeographicallyisaneconomicalwaytoimprovecommunicationsby
reducingoverheadfortheusers.Whencommunicationleavesthesubnet,itcanbesubjectto
externalbandwidthissues.(Figure55)
GroupingHostsforaSpecificPurpose
Divideanetworkbypurposesothatpeoplesharingacommonpurposearealsosharingcommon
resources.(Figure56)
GroupingHostsbyOwnership
Inanownershipgroup,themainconcernissecurity.Dividinghostsintoseparatenetworksprovidesa
boundaryforsecurityenforcementandmanagementofeachnetwork.(Figure57)
WhySeparateHostsintoNetworks?
Performance
Abroadcastisamessagesentfromonehosttoallotherhostsonthenetwork,andthepurpose
usuallytoshareitsowninformationandtorequestinformationaboutotherhosts.Broadcastsarea
necessaryandusefultoolusedbyprotocolsaspartofthecommunicationprocess.Asusersare
added,performancequalitydecreasesbecausethebroadcasttraffictakesupvaluablebandwidth.
Becausebroadcastsdonottravelbeyondthenetworkboundary,thenetworkisknownasa
broadcastdomain.
Security
Companiesandorganizationscanbetterprotectthemselvesfromspiesandthieves.
Internetworkaccesswithinacompanyororganizationcanbesimilarlysecured.Dividinganetwork
basedonuseraccessisaneffectivewaytoprotecttheorganizationsinterestsandemployeeprivacy.
Suchaccessrestrictionscanprotectanorganizationfrombothunauthorizedinternalaccessand
maliciousexternalattacks.
Securitybetweennetworksiscontrolledinanintermediarydevice(routerorfirewall)atthe
perimeterofthenetwork.Thefirewallfunctioncanbeconfiguredtoallowonlyknown,trusteddata
userstoaccessthenetwork.(Figure58)
AddressManagementandHierarchicalAddressing
Anetworkhasanetworkaddressthatidentifiesthelogicallocationofthenetworkonarouter.An
IPv4addresscontainsbothnetworkbitsthatidentifyalogicalnetworkaddressandhostbitsthat
containalocaladdressoftheenddevice.
Routerstakecareofmessagesgoingoutandservingasageneraldestinationandsortingstationfor
messagescomingin.Therouteranetworkusestosendandreceivemessagesbeyondthenetworkis
calledagatewayrouter.(Figure59)
Theaddressisdividedintotwoparts:thenetworkaddressandthehostaddress.
Thenetworkportion:tellsrouterswheretofindthegeneralnetwork
Thehostportion:isusedbythelastrouterfordeliveryinsidethenetwork.
Thetypeofaddressingintheanalogyisconsideredhierarchical.Hierarchicaladdressingisreadfrom
themostgeneralinformationtothemostspecific.
DividingNetworksfromNetworks
TheIPv4addressingsystemisflexible.Alargenetworkneedstobedividedintosmallersubnets,
calledsubnetting.
Inthisaddress(Figure511),thefirstthreeoctetsarethegeneralnetworkaddress,andthelastoctet
isusedbythedestinationroutertoidentifythelocalhost.Theportionoftheaddressthatisnetwork
andtheportionthatishostcanvary.
Routing:HowDataPacketsAreHandled
Communicationwithinanetwork,orsubnet,happenswithoutanetworklayerdevice.
DeviceParameters:SupportingCommunicationoutsidetheNetwork
Ahosthasadefaultgatewayaddressdefined.Thisgatewayaddressistheaddressofarouter
interfacethatisconnectedtothesamenetworkasthehost.Therouterinterfaceisactuallyahoston
thelocalnetwork,sothehostIPaddressandthedefaultgatewayaddressmustbeonthesame
network.(Figure512)
Thedefaultgatewayisconfiguredonahost.OnaWindowscomputer,theInternetProtocol(TCP/IP)
PropertiestoolsareusedtoenterthedefaultgatewayIPv4address.
IPPackets:CarryingDataEndtoEnd
Theroleofthenetworklayeristotransferdatafromthehostthatoriginatesthedatatothehost
thatusesit.Duringencapsulationatthesourcehost,anIPpacketisconstructedatLayer3to
transportthelayer4PDU.Ifthedestinationhostisinthesamenetworkasthesourcehost,the
packetisdeliveredbetweenthetwohostsonthelocalmediawithouttheneedforarouter.
Ifthedestinationhostandsourcehostarenotinthesamenetwork,thepacketcanbecarryinga
transportlayerPDUacrossmanynetworksandthroughmanyrouters.
Ateachhop,theforwardingdecisionsarebasedontheinformationintheIPpacketheader.The
packetwithitsnetworklayerencapsulationalsoisbasicallyintactthroughoutthecompleteprocess,
fromthesourcehosttothedestinationhost.Ifcommunicationisbetweenhostsindifferent
networks,thelocalnetworkdeliversthepacketfromthesourcetoitsgatewayrouter.
Gateway:TheWayOutoftheNetwork
Thegateway,alsoknownasthedefaultgateway,isneededtosendapacketoutofthelocal
network.Thisgatewayisarouterinterfaceconnectedtothelocalnetwork.Thegatewayinterface
hasanetworklayeraddressthatmatchesthenetworkaddressofthehosts.
DefaultGateway
Thedefaultgatewayisconfiguredonahost.(Figure513)
Nopacketcanbeforwardedwithoutaroute.Thedevicemusthavearoutetoidentifywhereto
forwardthepacket.Ahostmusteitherforwardapackettothehostonthelocalnetworkortothe
gateway.Toforwardthepackets,thehostmusthaveroutesthatrepresentthesedestinations.
Aroutermakesaforwardingdecisionforeachpacketthatarrivesatthegatewayinterface.This
forwardingprocessisreferredtoasrouting.Thedestinationnetworkcanbeanumberofroutersor
hopsawayfromthegateway.Theroutingprocessusesaroutetomapthedestinationnetwork
addresstothenexthopandthenforwardsthepackettothisnexthopaddress.
ConfirmingtheGatewayandRoute
TocheckthehostIPaddressanddefaultgatewayisbyissuingtheipconfigcommand.TheWindows
IPconfigurationwilldisplaywiththeIPaddress,subnetmaskanddefaultgatewayaddress.
Route:APathtoaNetwork
Arouteforpacketsforremotedestinationsisaddedusingthedefaultgatewayaddressasthenext
hop.Ahostcanalsohaveroutesmanuallyaddedthroughconfigurations.
Enddevices,routersalsoaddroutesfortheconnectednetworkstotheirroutingtables.Whena
routinginterfaceisconfiguredwithanIPaddressandsubnetmask,theinterfacebecomespartof
thatnetwork.Theroutingtablenowincludesthatnetwork.
Toforwardapacket,theroutermustknowwheretosendit.Thisinformationisavailableasroutesin
aroutingtable.
Theroutingtablestoresinformationaboutconnectedandremotenetworks.Routerinterfacesare
thegatewaysforthehostsondifferentlocalnetworks.Remotenetworksarenetworksthatarenot
directlyconnectedtotherouter.
Routesinaroutingtablehavethreemainfeatures:destinationnetwork,nexthopandmetric.
Theroutermatchesthedestinationaddressinthepacketheaderwiththedestinationnetworkofa
routeintheroutingtableandforwardsthepackettothenexthoprouterspecifiedbythatroute.If
therearetwoormorepossibleroutestothesamedestination,themetricisusedtodecidewhich
routeappearsontheroutingtable.(Figure514)
Ifarouterepresentingthedestinationnetworkisnotontheroutingtable,thepacketwillbe
dropped.Thedefaultrouteisusedwhenthedestinationnetworkisnotrepresentedbyanyother
routeintheroutingtable.
HostRoutingTable
Hostsrequirealocalroutingtableoensurethatnetworklayerpacketsaredirectedtothecorrect
destinationnetwork.Thelocaltableofthehosttypicallycontainsitsdirectconnectionor
connectionsanditsowndefaultroutetothegateway.Withoutadefaultgatewayorrout,packets
destinedoutsidethenetworkwillbedropped.(Figure515)
Whenahostcreatespackets,itusestheroutesitknowstoforwardthemtothelocallyconnected
destination.Whetherthepacketisoriginatinginahostorbeingforwardedbyanintermediary
router,thedevicemusthavearoutetoidentifywhichinterfacewillbeusedtoforwardthepacket.
Routing
Routingistheprocessarouterperformswhenmakingforwardingdecisionsforeachpacketarriving
atthegatewayinterface.Ifaroutetoadestinationnetworkdoesnotexistontherouter,thepacket
willbeforwardedtoadefaultgateway.Ifnodefaultgatewayisconfigured,thepacketcannotbe
forwarded.Theroutingprocessusesaroutingtabletomapthedestinationnetworkaddresstothe
nexthopandthenforwardsthepackettothisnexthop.(Figure516)
DestinationNetwork
RoutingTableEntries
Theroute,ordestinationnetwork,inaroutingtableentryrepresentsarangeofhostaddressesand
sometimesarangeofnetworkandhostaddresses.
ThehierarchicalnatureofLayer3addressingmeansthatonerouteentrycanrefertoalargegeneral
networkandanotherentrycanrefertoasubnetofthatsamenetwork.Whenforwardingapacket,
therouterwillselectthemostspecificroutethatitknows.Ifaspecificsubnetisnotintherouting
tablebutthelargernetworkthatholdsthesubnetisknown,therouterwillsendittothelarger
network,trustingthatanotherrouterwillfindthesubnet.
DefaultRoute
Adefaultrouteistherouteusedifnospecificrouteisavailabletobeselectedfordelivery.InIPv4
networks,theaddress0.0.0.0isusedforthispurpose.Thedefaultrouteisalsoknownasthe
gatewayoflastresort.
NextHop:WherethePacketGoesNext
Thenexthopistheaddressofthedevicethatwillprocessthepacketnext.Forahostonanetwork,
theaddressofthedefaultgatewayisthenexthopforallpacketsdestinedforanothernetwork.
Someroutescanhavemultiplenexthops.
PacketForwarding:MovingthePackettowardItsDestination
Routingisperformedpacketbypacketandhopbyhop.Eachpacketistreatedindependentlybyeach
routeralongthepath.Ateachhop,therouterexaminesthedestinationIPaddressforeachpacket
andthencheckstheroutingtableforforwardinginformation.
Aroutertakesthefollowingstepstodeterminetheappropriateaction:
1. arouterprocessesthepacketatthenetworklayer
2. therouterexaminestheIPaddress
3. theroutercheckstheroutingtableformatch
4. therouterselectsthenexthop
5. therouterthendoesoneofthefollowing
a. therouterforwardsthepacket:iftheroutematchingthedestinationnetworkofthe
packetisaremotenetwork,thepacketisforwarded
b. therouterusesthedefaultroute:iftheroutingtabledoesnotcontainamore
specificrouteentryforanarrivingpacket
c. therouterdropsthepacket:ifapacketisdropped,IP,bydesign,hasnoprovisionto
returnapackettothesenderorpreviousrouter.
RoutingProcesses:HowRoutesareLearned
Routersneedinformationaboutothernetworkstobuildareliableroutingtable.Itisvitalthat
routershavecurrentinformationaboutneighboringrouterstoreliablyforwardpackets.
StaticRouting
Therouteinformationcanbemanuallyconfiguredontherouter,creatingwhatisknownasastatic
route(defaultroute).Staticroutingrequiresanetworkadministratorforinitialsetupandforany
changestoroutes.Theyareveryreliable,andtherouterdoesnotusemuchoverheadtoprocess
packets.Staticroutesdonotupdateautomaticallyandhavehighercontinuingadministrativecosts.
Becausepacketsareforwardateveryhop,everyroutermustbeconfiguredwithstaticroutestonext
hopsthatreflectitslocationintheinternetwork.
Furthermore,iftheinternetworkstructurechangesorifnewprotocolsbecomeavailablethese
changeshavetobemanuallyupdatedoneveryrouter.
DynamicRouting
Routerscanalsolearnaboutroutesautomaticallyfromotherroutersinthesameinternetwork,
whichisknownasdynamicrouting.Updatesarrivefromotherroutersandareusedbythereceiving
routerwithoutadministrativeconfigurations.Theyhavehigherrouterprocessoverheadbutlittle
administrativecost.
Ifdynamicroutingisnotenabledandconfiguredonarouter,staticroutestothenexthops.
RoutingProtocols
Routingprotocolsarethesetofrulesbywhichroutersdynamicallysharetheirroutinginformation.
Whenarouterreceivesinformationaboutneworchangedroutes,itupdatesitsownroutingtable
and,inturn,passestheinformationtootherrouters.(Figure517)
Mostcommonroutingprotocols:RoutingInformationProtocol(RIP),EnhancedInteriorGateway
Protocol(EIGRP),OpenShortestPathFirst(OSPF).
Theadvantageofroutingprotocolsprovidingrouterswithuptodateroutingtablesistemperedby
addedoverheadcosts.Thisoverheadcanbeanissuewithlowbandwidthlinksbetweenrouters.
Updatesfromroutingprotocolsalsorequirecomplicatedalgorithmiccalculationsbeforetheroute
informationcanbeusedinaroutingtable.