Network Layer

Address Mapping, Error Reporting, and

Multicasting

Address Mapping
The delivery of a packet to a host or a router requires two
levels of addressing: logical and physical.
We need to be able to map a logical address to its
corresponding physical address and vice versa.
This can be done by using either static or dynamic mapping.
Static mapping: creating of a table that associates a logical
address with a physical address.
Dynamic mapping: uses a protocol.

Address Resolution Protocol (ARP)

Anytime a host or a router has an IP datagram to send to another host
or router, it has the logical (IP) address of the receiver.
An IP datagram must be encapsulated in a frame to be able to pass
through the physical network.
This means that the sender needs the physical address of the receiver.
Address Resolution Protocol (ARP)
The host or the router sends a Address Resolution Protocol (ARP) query
request, containing the physical and IP address of the sender and IP
address of the destination.
The query is broadcast over the network.
The intended recipient recognizes its IP address and sends back the ARP
response containing its physical address by unicasting.

Mapping Logical to Physical Address: ARP

Cache Memory: ARP reply can be cached (kept in cache memory for a
while) to improve efficiency.

ARP packet

Type of the network on which the ARP

is running. E.g., Ethernet: 1, ATM: 16
The length of the physical address in
bytes. E.g., for Ethernet the value is 6

The type of the ARP

message being sent.
ARP request (1) &
ARP reply (2).

The type of layer three addresses used

in the message. For IPv4 addresses, this
value is 0800 hex.
The length of the logical address in
bytes. E.g., for IPv4 the value is 4

Encapsulation of ARP packet

0806 for ARP (on an Ethernet)

Preamble: 56 bits of alternating
1s and 0s
SFD: start frame delimiter flag
10101011

Physical address of the sender

Physical broadcast address as

the destination

ARP Request and Reply (Example)

A host with IP address 130.23.43.20 and physical address B2:34:55:10:22:10
has a packet to send to another host with IP address 130.23.43.25 and
physical address A4:6E:F4:59:83:AB. The two hosts are on the same Ethernet
network. Show the ARP request and reply packets encapsulated in Ethernet
frames.

Reverse Address Resolution Protocol (RARP)

Finds the logical address for a machine that knows only its physical address.
A RARP request is created and broadcast on the local network. Another
machine that knows all the IP addresses with respond with an RARP reply.
The requesting machine must run an RARP client and responding machine
must run an RARP server.
Problem with RARP: broadcasting is done at the data link layer, and it does
not pass the boundaries of a network. This means that if an administrator
has several networks or subnets, it needs to assign a RARP server for each
network or subnet.
This is the reason that RARP is almost obsolete.
Two protocols, BOOTP and DHCP, are replacing RARP.

Bootstrap Protocol (BOOTP)

BOOTP is an application layer, client/server protocol designed to provide
physical to logical address mapping.
The administrator can put the client and the server on the same network or on
different networks.
BOOTP messages are encapsulated in a UDP packet, which is again encapsulated
in an IP packet.
The client uses all 0s as the source address and all 1s as the destination address.
A broadcast IP datagram cannot pass through any router. Since a BOOTP request
is a broadcast message and it cannot pass through any router. For this we use a
relay agent. The relay agent knows the unicast address of a BOOTP server. When
it receives a BOOTP request it encapsulates the message in a unicast datagram
and send the request to the BOOTP server.

BOOTP client and server on the same and

different networks

BOOTP is not a dynamic configuration protocol.

If a client requests its IP address, the BOOTP server consults a table that
matches the physical address of a client with its IP address.
This binding is predetermined.

Dynamic Host Configuration Protocol (DHCP)

Provides static and dynamic address allocation.
Static address allocation:
Statically binds physical addresses to IP addresses.
In this capacity DHCP acts as BOOTP.
It is backward compatible with BOOTP, which means that
BOOTP client can request a static address from DHCP server.

Dynamic Address Allocation:

DHCP also maintains a pool of available IP addresses.
When a DHCP clients request for a temporary address the
DHCP server goes to the pool of unused IP addresses and
assigns an IP address for a negotiable period of time.
After the time period expires, the client must either stop
using the IP address or renew the lease.
The server can either agree or disagree with the renewal.

Internet Control Message Protocol

(ICMP)
The IP protocol has no error-reporting or error-correcting mechanism.
The IP protocol also lacks mechanism for host and management
queries.
The Internet Control Message Protocol (ICMP) has been designed to
compensate for the above two deficiencies. It is a companion to the IP
protocol.
ICMP messages are divided into two broad categories: error-reporting
messages and query messages.

ICMP Message Format

An ICMP message has an 8-byte header and a variable size data section.
First 4 bytes are common for all ICMP messages.
The code field specifies the reason for the particular message type.
ICMP always reports error messages to the original source because
the only information available in the datagram about the route is the
source and destination IP addresses.

ICMP Error Reporting

All error messages contain a data section that include the IP header of
the original datagram plus the first 8 bytes of data in that datagram.
The header of the original datagram provides information to the source
about the datagram itself.
The 8 byte of the data are included because it provides information
about the port numbers (UDP & TCP) and the sequence number (TCP).

ICMP forms an error packet, which is encapsulated in an IP datagram.

ICMP Error Reporting

Important points about ICMP error messages:
No ICMP error message will be generated in response to a
datagram carrying an ICMP error message.
No ICMP error message will be generated for a fragmented
datagram that is not the first fragment.
No ICMP error message will be generated for a datagram having
a multicast address.
No ICMP error message will be generated for a datagram having
a special address such as 127.0.0.0 or 0.0.0.0.

ICMP Error Reporting

When a router cannot route a

datagram or a host cannot deliver a
datagram.
The datagram is discarded and the
router or host sends a destinationunreachable message.
Codes
1 Host Unreachable
2 Protocol Unreachable
3 Port Unreachable
4 Fragmentation Needed and Don't
Fragment was Set
6 Destination Network Unknown
7 Destination Host Unknown

IP protocol lacks flow control. So,

the source host never knows if
the router or the destination
host has been overwhelmed
with datagrams.
In such cases, a router or
destination discards the
datagram and sends a sourcequench message to the source.
The source-quench message in
ICMP was designed to add a flow
control to the IP.
Codes
0 No code

ICMP Error Reporting

The time-exceeded messages are

generated in two cases:
If the TTL value of a datagram is 0.
the datagram is discarded and a
time-exceeded messages is sent to
the original source.
Not all fragments that make up a
message arrive at the destination
host within a certain time limit.

Codes
0 Time to Live exceeded in Transit
1 Fragment Reassembly Time
Exceeded

Reports ambiguity in the header

part of a datagram.
If a router or the destination host
discovers an ambiguity or missing
value in any field of the datagram,
it discards the datagram and sends
a parameter-problem message
back to the source
Codes

0 invalid IP header

ICMP Error Reporting

A host may send a datagram, destined for another network, to a

wrong router.
In this case, the route that receives the datagram will forward it to the
correct router. Also to update the routing table of the host, it sends a
redirection-message to the host.

ICMP Query

ICMP query message is encapsulated in an IP packet, which in turn is

encapsulated in a data link layer frame.
No bytes of the original IP are included in the message.

ICMP Query

Designed for diagnostic purposes.

It determines if two nodes can
communicate with each other at the
IP level.
The ping command generates a series
of echo-request and echo-reply
messages.
Codes

Used to determine the round-trip

time needed for an IP datagram
between two nodes.
It can also be used to synchronize
the clocks in two machines.
Codes
0 No code

0 No code

Used to obtain the mask of an IP address.

Codes
0 No code

ICMP Query

To send data a host needs to know the address of routers connected

to its own network. Also, if the router is alive and functioning.
For this, a host can broadcast a route-solicitation message. The
routers receiving the message can send their routing information
using route-advertisement messages.
A router can also periodically send route-advertisement messages
even if no host has solicited.

Debugging Tools - Ping

Ping is used to find if a host is alive and responding. The
source host sends ICMP echo-request messages (type:8,
code 0); the destination, if alive, responds with echo-reply
messages.
The ping program sets the identifier field in the echo-request
and echo-reply message and starts the sequence number
from 0; this is incremented by 1 for each new messages.
Ping can calculate the round-trip time (RTT)
it inserts the sending time in the data section of the message,
when the message arrives, it subtract the arrival time from the
departure time to get RTT.

Ping

56 byte ICMP data + 8 bytes ICMP

header + 20 bytes IP header = 84 bytes

56 byte ICMP data + 8 bytes

ICMP header = 64 bytes in the
ICMP packet

Internet Group Management Protocol

(IGMP)
IGMP is a protocol that manages group membership.
The IGMP protocol gives the multicast routers information about
the membership status of hosts (routers) connected to the
network.
IGMP is a group management protocol. It helps a multicast router
create and update a list of loyal members related to each router
interface.

IGMP Messages
IGMP has three types of messages: the query, the
membership report, and the leave report.
There are two types of query messages, general and special.

IGMP message format

1/10 sec
The value is non-zero
for query messages
and zero for other two

Covers the entire IGMP message

IGMP Operation
A multicast router connected to a
network has a list of multicast
addresses of the group with at
least one loyal member in the
network.
For each group there is one
router with duty of distributing
multicast packets for that group.
Lists of groups for each router
are mutually exclusive (i.e. only
one multicast router is
responsible for each group). A
router can also be a member of a
group.
Routers R1 and R2 can be distributors for one or several groups from the
list of router R, but for other networks, not for the network above.

Membership report

Host or a router can join a group.

A host maintains a list of processes that have membership in a group.
When a process wants to join a new group, it sends its request to the
host.
The host then adds the name of the process and the name of the
requested group to its list, and sends the membership report to the
router.
The report is send twice (in case the first report get lost or damaged)

Leave Report
When a host sees that no process is interested in a specific group G, it sends a
leave report.
If router receives a leave report it wont purge the list if there are still other
hosts interested in that group.
For that purpose the router sends a special query message with a specified
response time for the group in question to see if there is anyone interested in
that group.
If there is no response a membership report, it purges the list.

General Query Message

Membership report and leave report are not enough to maintain the
membership information.
Example: a host that is a member of a group can shut down and the
multicast router would never receive the leave report.
Therefore the multicast router monitors the hosts and routers in LAN by
periodically sending (by default every 125 sec) general query message.
Hosts/routers respond by membership report if there is still interest in
groups.

No group specified

Delayed response
In order to keep the traffic low the response to general query message
must be done by only one host for a given group. This is achieved with
delayed response:
When a host receives general query message it delays the response: it
sets a timer for each group to a different random value between 0 and
10 seconds, then broadcasts the response(s) according to the timers.
If the host receives a response from another host, whose timer for
that group has expired earlier, the host cancels the corresponding
timer and doesnt send the duplicate response for the group.
Only one router on the LAN is designated for sending the query
messages the query router. This further reduces the traffic.

Delayed response - Example

Imagine there are three hosts in a network, as shown in Figure. A query
message was received at time 0; the random delay time (in tenths of
seconds) for each group is shown next to the group address. Show the
sequence of report messages.

Solution
Four messages are sent
instead of 7 messages

Encapsulation of IGMP Messages

IGMP messages are encapsulated in IP datagrams

Encapsulation of IGMP Messages

The IP packet that carries an IGMP packet has a value of 1 in its
TTL field.

Mapping class D to Ethernet physical

address

An Ethernet multicast physical address is in the range

01:00:5E:00:00:00 01:00:5E:7F:FF:FF

Mapping Class D to Ethernet Physical

Address (Example-1)
Change the multicast IP address 230.43.14.7 to an Ethernet
multicast physical address.
We can do this in two steps:
We write the rightmost 23 bits of the IP address in hexadecimal.
This can be done by changing the rightmost 3 bytes to
hexadecimal and then subtracting 8 from the leftmost digit if it
is greater than or equal to 8. In our example, the result is
2B:0E:07.
We add the result of part a to the starting Ethernet multicast
address, which is 01:00:5E:00:00:00. The result is

Mapping Class D to Ethernet Physical

Address (Example-2)
Change the multicast IP address 238.212.24.9 to an
Ethernet multicast address.
We can do this in two steps:
The rightmost 3 bytes in hexadecimal is D4:18:09. We need
to subtract 8 from the leftmost digit, resulting in 54:18:09
We add the result of part a to the Ethernet multicast
starting address. The result is: