CS6551 COMPUTER NETWORKS - Vidyarthiplus

1

CS6551 COMPUTER NETWORKSOBJECTIVES:

Understand the division of network functionalities into layers.

Be familiar with the components required to build different types of networks.

Be exposed to the required functionality at each layer.

Learn the flow control and congestion control algorithms.

UNIT I FUNDAMENTALS & LINK LAYER

Building a network – Requirements - Layering and protocols -Internet Architecture – Network software – Performance ; Link layer Services - Framing - Error Detection - Flow control.

1.1 Building a network

The first task in understanding how to build a computer network is defining what a network is and understanding how it is used to help a business meet its objectives.

A network is a connected collection of devices and end systems, such as computers and servers, that can communicate with each other.

Networks carry data in many types of environments, including homes, small businesses, and large enterprises.

www.Vidyarthiplus.com

www.vidyarthiplus.com

2

In a large enterprise, a number of locations might need to communicate with each other, and you can describe those locations as follows:

Main office: A main office is a site where everyone is connected via a network and where the bulk of corporate information is located. A main office can have hundreds or even thousands of people who depend on network access to do their jobs. A main office might use several connected networks, which can span many floors in an office building or cover a campus that contains several buildings.

Remote locations: A variety of remote access locations use networks to connect to the main office or to each other.

Branch offices: In branch offices, smaller groups of people work and communicate with each other via a network. Although some corporate information might be stored at a branch office, it is more likely that branch offices have local network resources, such as printers, but must access information directly from the main office.

Home offices: When individuals work from home, the location is called a home office. Home office workers often require on-demand connections to the main or branch offices to access information or to use network resources such as file servers.

Mobile users: Mobile users connect to the main office network while at the main office, at the branch office, or traveling. The network access needs of mobile users are based on where the mobile users are located.

1.1.1 Network Topologies



3

Physical Topology refers to the way in which network is laid out physically. Two or more links form a topology. The topology of a network is the geometric representation of the relationship of all the links and the linking devices to one another.

Four basic Network topologies.

a.Star

b.Ring

c.Mesh

d.Bus

Star topology

Each device has a dedicated point to point link only to a central controller usually called a hub. If one device has to send data to another it sends the data to the controller, which then relays the data to the other connected device.

Star topology

Merits



4

Less expensive than a mesh topology. Each device needs only one link and I/O port to connect it to any number of others.

Installation and reconfigure is easy.

Robustness. If one link fails only that link is affected.

Requires less cable than a mesh.

Demerits

Require more cable compared to bus and ring topologies.

Ring

Each device has a dedicated point to point connection only with the two devices on either side of it.

A signal is passed along the ring in one direction from device to device until it reaches the destination.

Each device in the ring incorporates a repeater. It regenerates the bits and passes them along, when it receives the signal intended for another device.

Ring topology

Merits:



5

Easy to install and reconfigure.

To add or delete a device requires changing only two connections.

The constraints are maximum ring length and the number of devices.

If one device does not receive the signal within a specified period, it issue an alarm that alerts the network operator to the problem and its location.

Demerits

A break in the ring disables the entire network. It can be solved by using a dual ring or a switch capable of closing off the break.

Mesh

In a mesh topology each device has a dedicated point to point link to every other device. The term dedicated means that the link carries traffic only between the two devices it connects.

A fully connected mash network therefore has n(n-1)/2 physical channels to link n devices. To accommodate that many links every device on the network has (n-1) I/O ports.



6

Mesh topology

Merits

Dedicated link guarantees that each connection can carry its own data load. This eliminates the traffic problems that occur when links shared by multiple devices.

If one link becomes unusable, it does not incapacitate the entire system.

Privacy or security: When every message travels along a dedicated line only the intended recipient.

Demerits

The amount of cabling and the I/O ports required.

Installation and reconnection are difficult.

The sheer bulk of the wires accommodate more space than available.

Bus

It uses a long cable, which acts as a backbone to link all the devices in a network .Nodes are connected to the bus cable by drop lines and taps. A drop line is a connection running between the device and the main cable. A tap is a connector that either splices into the main cable or punctures the sheathing of a cable to create a contact with a metallic core.

As the signal travels farther and farther, it becomes weaker. So there is limitation in the number of taps a bus can support and on the distance between those taps.



7

Bus topology

Merits

Ease of installation.

Bus uses less cabling than mesh or star topologies.

Demerits

Difficult reconnection and isolation.

Signal reflection at the taps can cause degradation in quality.

A fault or break in the bus cable stops all transmission. It also reflects signals back in the direction of origin creating noise in both directions.

1.1.2 Requirements

The first step is to identify the set of constraints and requirements that influence network design. Before gettingstarted, however, it is important to understand that the expectations you have of a network depend on your perspective:

An application programmer would list the services that his application needs, for example, a guarantee that each message the application sends will be delivered without error within a certain amount of time.



8

A network designer would list the properties of a cost-effective design, for example, that network resources are efficiently utilized and fairly allocated to different users.

A network provider would list the characteristics of a system that is easy to administer and manage, for example, in which faults can be easily isolated and where it is easy to account for usage. This section attempts to distill these different perspectives into ahigh-level to the major considerations that drive network design, and in doing so, identifies thechallenges addressed throughout the rest of this book.

1.2 Layering and protocols

Layering Technique for organizing protocols into an ordered series of distinct abstractions. The services provided by a layer depend only on the services provided by the previous less abstract layer.

Benefits of layering:

Encapsulation

Functionality inside a layer is self-contained.

One layer doesn’t need to reason about other layers.

Decomposes problem of building network into more manageable components.

Modularity

Can replace a layer without impacting other layers.

Lower layers can be reused by higher layers. e.g. TCP and UDP both are layered upon IP.



9

One obvious drawback

Information hiding can produce inefficient implementations

Layering

Layering in context with networking is Modular approach to network functionality.

Use abstractions to hide complexity.

Abstraction naturally leads to layering.

Consider the below figure. The layer immediately above the hardware provides host-to-host connectivity, abstracting away the fact that there may be an arbitrarily complex network topology between any two hosts.

The next layer up builds on the available host-to-host communication service and provides support for process-to-process channels, abstracting away the fact that the network occasionally loses messages.

Application programsProcess-to-process channels

Host-to-host connectivityHardware

Protocols

A protocol is a set of rules that govern data communications. It represents an agreement between the communicating devices.

Building blocks of a network architecture



10

A protocol is an agreement between the communicating parties on how communication is to proceed. Each protocol object has two different interfaces.

Service Interface: The service interface is the specification of how to perform service requests to the other objects on the same computer.

Peer-to-Peer Interface: The form and meaning of messages exchanged between protocol peers to implement the communication service.

The figure shows the interaction of service interface and peer to peer interface.

Peer-to-peer communication

Encapsulation

Consider what happens in Figure.



11

Encapsulation of hosts

RRP → Request Reply protocol

MSP → Message Stream Protocol

HHP → Host to Host Protocol

When one of the application program sends a message to its peer by passing the message to protocol RRP.(Request Reply Protocol).

RRP must communicate control information to its peer, instructing it how to handle the message when it is received.

RRP does this by attaching a header to the message.

Generally speaking, a header is a small data structure — on the order of a few bytes, which is used among peers to communicate with each other.

In some cases, this peer-to-peer control information is sent at the end of the message, in which case it is called a trailer.



12

The exact format for the header attached by RRP is defined by its protocol specification.

The rest of the data being transmitted on behalf of the application is called the message’s body.

The application’s data is encapsulated in the new message created by protocol RRP.

Therefore the process of adding header or trailer to the data from the upper layer is known as encapsulation.

OSI Model

International Standard Organization (ISO) is a multinational body dedicated to world wide agreement on international standards. Open System Interconnection (OSI) is a model for understanding and designing a network architecture that is flexible, robust and interoperable.

OSI Layers:

OSI is built of seven layers:



13

Layers of OSI Reference Model

OSI Layers

When ‘A’ sends data to ‘B’ the data is passed downward from application layer to physical layer of ‘A’ and stream of bits are passed through the medium. When it reaches physical layer of ‘B’ the data is passed upward to reach B’s application layer. In each layer the headers are added with data in sender side. At receiver side the message is unwrapped layer by layer.

Functions of the layers

Physical Layer

Physical layer coordinates the functions required to transmit a bit stream over a physical medium.

Physical layer is concerned with the following

1)Physical characteristics of interfaces and media is defined and also the type of transmission medium is defined.



14

2)Representation of bits

-Defines the type of encoding used to convert the O’s and l’s into signals.

-Only signals (electrical or opticals) can be transmitted through this medium.

3)Data rate

-Defines the transmission rate

4)Synchronization of bits

-The sender and the receiver must be synchronized at the bit level.

5)Line configuration

-Defines the type of link [peer to peer or multipoint configuration].

6)Physical topology

-Physical topology defines how the devices are connected to make a network (Tree or Bus etc.)

7)Transmission mode

-Defines the direction of transmission (simplex, duplex or full duplex).



15

Physical Layer

Data Link Layer

It is responsible for node to node delivery and error free data delivery to the upper layer.

Responsibilities of datalink layer includes:

1.Framing

The stream of bits from network layer is divided into manageable data units called frames.

2.Physical addressing

The address of the sender and receiver is placed in the header attached with the frame if the receiver is outside the sender’s network then the receiver address is the address of a device connecting the sender’s network to the next network. The address used is 48 bit MAC Address.

3.Flow Control

The speed at which the sender sends and receiver receives the data should be balanced. The flow of data is controlled by using several mechanisms.

4.Error Control



16

The data received is checked for errors through the trailer added to the end of the frames. Error control mechanisms detects and retransmits damaged or lost frames and also prevents duplication of frames.

5.Access Control

Data link layer protocol decide which device has control over the line at any given time.

Network Layer

Network layer is responsible for source to destination delivery of packet across multiple networks.

Responsibilities of network layer are:

1.Logical addressing

If the packet passes the network boundary then the physical address alone can’t be used. So logical address of the sender and receiver is included in the header. The address used is 32 bit IP address.

2.Routing

Routing the packet to the right destination is a task of network layer.

Transport Layer:

The transport layer is responsible for source to destination (end to end) delivery of entire message.

Responsibilities of transport layers are:

1.Service point addressing



17

Service point address (port address) is necessary for delivering the packet to the correct process in the destination. The addressing method is 16 bit port number.

2.Segmentation and reassembly

A message is divided into transmittable segments, each containing a sequence number.

The receiver reassemble the segments in order to get the entire message.

3.Connection control

Transport layer can be connection less or connection oriented.

Connection less transport layer treats each segment as independent packet and delivers it to the transport layers of destination.

In connection oriented service, the connection is established between the sender and receivers transport layer, then after the data are transmitted completely the connection is terminated.

4.Flow Control

Flow control is performed end to end rather than across a single link.

5.Error Control

Error control is performed end (source) to end (destination).

Error correction is achieved through retransmission.

Session Layer



18

Session layer is the network dialog controller. It establishes, maintains and synchronizes the interaction between communicating systems.

Responsibilities of session layer are:

1.Dialog Control

Session layer allows two systems enter into a dialog (half duplex or full duplex).

2.Synchronization

Session layer allows process to add check points (synchronization points) into a stream of data. If any crash occurs in between, the data from previous check point is retransmitted instead of the retransmitting entire message from the beginning.

Presentation Layer

Presentation layer is concerned with the syntax and semantics of the informations exchanged between two systems.

Responsibilities of presentation layer are

1.Translation

Different machines uses different encoding methods to translate data to bit streams for transmission. Presentation layer is responsible for inter operability between the different encoding methods.

2.Encryption

Encrypting the message to another form for privacy and decrypting it in the receiver side to get the original message sent are the tasks of presentation layer.



19

3.Compression

Data compression reduces the number of bits to be transmitted.

Application Layer:

Application layer enables the user, whether human or software to access the network.

Services provided by application layer are:

1.Network Virtual Terminal

Allows user to log on to a remote host.

2.File Transfer, access and management (FTAM)

Allows user to access retrieve and manage or control files in the remote system.

3.Mail Services

Provides the basis for email forwarding and storage.

4.Directory Services

Provides distributed database sources and access for global information about various objects and services.

1.2.1 OSI Layer Architecture

Physical Layer

The physical layer coordinates the functions required to carry a bit stream over a physical medium. It deals with the mechanical and electrical specifications of the interface and transmission medium. It also defines the procedures and functions that physical devices and interfaces have to perform for transmission



20

to occur. Figure shows the position of the physical layer with respect to the transmission medium and the data link layer.

Physical layer

The physical layer is also concerned with the following:

1.Physical characteristics of interfaces and medium. The physical layer defines the characteristics of the interface between the devices and the transmission medium. It also defines the type of transmission medium.

2.Representation of bits. The physical layer data consists of a stream of bits (sequence of 0s or 1 s) with no interpretation. To be transmitted, bits must be encoded into signals-electrical or optical. The physical layer defines the type of encoding (how 0s and 1 s are changed to signals).

3.Data rate. The transmission rate-the number of bits sent each second - is also defined by the physical layer.

4.Synchronization of bits. The sender and receiver not only must use the same bit rate but also must be synchronized at the bit level.

5.Line configuration. The physical layer is concerned with the connection of devices to the media. In a point-to-point configuration, two devices are connected through a dedicated link. In a multipoint configuration, a link is shared among several devices.



21

6.Physical topology. The physical topology defines how devices are connected to make a network. Devices can be connected by using a mesh topology, a star topology, a ring topology, a bus topology, or a hybrid topology.

7.Transmission mode. The physical layer also defines the direction of transmission between two devices: simplex, half-duplex, or full-duplex. In simplex mode, only one device can send; the other can only receive. The simplex mode is a one-way communication. In the half-duplex mode, two devices can send and receive, but not at the same time. In a full-duplex (or simply duplex) mode, two devices can send and receive at the same time.

Data Link Layer

The data link layer transforms the physical layer, a raw transmission facility, to a reliable link. It makes the physical layer appear error-free to the upper layer (network layer). figure shows the relationship of the data link layer to the network and physical layers.

Data link layer

Other responsibilities of the data link layer include the following:

1.Framing. The data link layer divides the stream of bits received from the network layer into manageable data units called frames.



22

2.Physical addressing. If frames are to be distributed to different systems on the network, the data link layer adds a header to the frame to define the sender and/or receiver of the frame.

3.Flow control. If the rate at which the data are absorbed by the receiver is less than the rate at which data are produced in the sender, the data link layer imposes a flow control mechanism to avoid overwhelming the receiver.

4.Error control. The data link layer adds reliability to the physical layer by adding mechanisms to detect and retransmit damaged or lost frames. It also uses a mechanism to recognize duplicate frames. Error control is normally achieved through a trailer added to the end of the frame.

5.Access control. When two or more devices are connected to the same link, data link layer protocols are necessary to determine which device has control over the link at any given time. Figure illustrates hop-to-hop (node-to-node) delivery by the data link layer.

Hop-to-hop delivery



23

As the figure shows, communication at the data link layer occurs between two adjacent nodes. To send data from A to F, three partial deliveries are made. First, the data link layer at A sends a frame to the data link layer at B (a router). Second, the data link layer at B sends a new frame to the data link layer at E. Finally, the data link layer at E sends a new frame to the data link layer at F. Note that the frames that are exchanged between the three nodes have different values in the headers. The frame from A to B has B as the destination address and A as the source address. The frame from B to E has E as the destination address and B as the source address. The frame from E to F has F as the destination address and E as the source address. The values of the trailers can also be different if error checking includes the header of the frame.

Network Layer

The network layer is responsible for the source-to-destination delivery of a packet, possibly across multiple networks (links). Whereas the data link layer oversees the delivery of the packet between two systems on the same network (links), the network layer ensures that each packet gets from its point of origin to its final destination. If two systems are connected to the same link, there is usually no need for a network layer. However, if the two systems are attached to different networks (links) with connecting devices between the networks (links), there is often a need for the network layer to accomplish source-to-destination delivery. Figure shows the relationship of the network layer to the data link and transport layers.



24

Network layer

Other responsibilities of the network layer include the following:

1.Logical addressing. If a packet passes the network boundary, we need another addressing system to help distinguish the source and destination systems. The network layer adds a

header to the packet coming from the upper layer that, among other things, includes the logical addresses of the sender and receiver.

2.Routing. When independent networks or links are connected to create internetworks (network of networks) or a large network, the connecting devices (called routers or switches) route or switch the packets to their final destination. One of the functions of the network layer is to provide this mechanism. Figure illustrates end-to-end delivery by the network layer.



25

Source-to-destination delivery

As the figure shows, now we need a source-to-destination delivery. The network layer at A sends the packet to the network layer at B. When the packet arrives at router B, the router makes a decision based on the final destination (F) of the packet. Router B uses its routing table to find that the next hop is router E. The network layer at B, therefore, sends the packet to the network layer at E. The network layer at E, in turn, sends the packet to the network layer at F.

Transport Layer

The transport layer is responsible for process-to-process delivery of the entire message. A process is an application program running on a host. The transport layer ensures that the whole message arrives whole and in order, overseeing both error control and flow control at the source-to-destination level. Figure shows the relationship of the transport layer to the network and session layers.



26

Transport layer packet transformation

Other responsibilities of the transport layer include the following:

1.Service-point addressing. Computers often run several programs at the same time. For this reason, source-to-destination delivery means delivery not only from one computer to the next but also from a specific process (running program) on one computer to a specific process (running program) on the other. The transport layer header must therefore include a type of address called a service-point address (or port address). The network layer gets each packet to the correct computer; the transport layer gets the entire message to the correct process on that computer.

2.Segmentation and reassembly. A message is divided into transmittable segments, with each segment containing a sequence number. These numbers enable the transport layer to reassemble the message correctly upon arriving at the destination and to identify and replace packets that were lost in transmission.

3.Connection control. The transport layer can be either connection less or connection oriented. A Connection less transport layer treats each segment as an independent packet and delivers it to the transport layer at the destination machine. A connection oriented transport layer makes a connection with



27

the transport layer at the destination machine first before delivering the packets. After all the data are transferred, the connection is terminated.

4.Flow control. Like the data link layer, the transport layer is responsible for flow control. However, flow control at this layer is performed end to end rather than across a single link.

5.Error control. Like the data link layer, the transport layer is responsible for error control. However, error control at this layer is performed process-to-process rather than across a single link. The sending transport layer makes sure that the entire message arrives at the receiving transport layer without error (damage, loss, or duplication). Error correction is usually achieved through retransmission. Figure illustrates process-to-process delivery by the transport layer.

Reliable process-to-process delivery of a message

Session Layer

The session layer is the network dialog controller. It establishes, maintains, and synchronizes the interaction among communicating systems.

Specific responsibilities of the session layer include the following:

1.Dialog control. The session layer allows two systems to enter into a dialog. It allows the communication between two



28

processes to take place in either halfduplex (one way at a time) or full-duplex (two ways at a time) mode.

2.Synchronization. The session layer allows a process to add checkpoints, or synchronization points, to a stream of data. figure illustrates the relationship of the session layer to the transport and presentation layers.

Session layer

Presentation Layer

The presentation layer is concerned with the syntax and semantics of the information exchanged between two systems. Figure shows the relationship between the presentation layer and the application and session layers.

Presentation layer

Specific responsibilities of the presentation layer include the following:



29

1.Translation. The processes (running programs) in two systems are usually exchanging information in the form of character strings, numbers, and so on. The information must be changed to bit streams before being transmitted. Because different computers use different encoding systems, the presentation layer is responsible for interoperability between these different encoding methods. The presentation layer at the sender changes the information from its sender-dependent format into a common format. The presentation layer at the receiving machine changes the common format into its receiver-dependent format.

2.Encryption. To carry sensitive information, a system must be able to ensure privacy. Encryption means that the sender transforms the original information to another form and sends the resulting message out over the network. Decryption reverses the original process to transform the message back to its original form.

3.Compression. Data compression reduces the number of bits contained in the information. Data compression becomes particularly important in the transmission of multimedia such as text, audio, and video.

Application Layer

The application layer enables the user, whether human or software, to access the network. It provides user interfaces and support for services such as electronic mail, remote file access and transfer, shared database management, and other types of distributed information services.

figure 0 shows the relationship of the application layer to the user and the presentation layer. Many application services available, the figure shows only three: X.400 (message-handling services), X.500 (directory services), and file transfer, access, and



30

management (FTAM). The user in this example employs X.400 to send an e-mail message.

Application layer

Specific services provided by the application layer include the following:

1.Network virtual terminal. A network virtual terminal is a software version of a physical terminal, and it allows a user to log on to a remote host. To do so, the application creates a software emulation of a terminal at the remote host. The user's computer talks to the software terminal which, in turn, talks to the host, and vice versa. The remote host believes it is communicating with one of its own terminals and allows the user to log on.

2.File transfer, access, and management. This application allows a user to access files in a remote host (to make changes or read data), to retrieve files from a remote computer for use: in the local computer, and to manage or control files in a remote computer locally.

3.Mail services. This application provides the basis for e-mail forwarding and storage.



31

4.Directory services. This application provides distributed database sources and access for global information about various objects and services.

1.3 Internet Architecture(TCP/IP)

The TCP/IP protocol suite was developed prior to the OSI model. Therefore, the layers in the TCP/IP protocol suite do not exactly match those in the OSI model. The original TCP/IP protocol suite was defined as having four layers: host-to-network, internet, transport, and application. However, when TCP/IP is compared to OSI, we can say that the host-to-network layer is equivalent to the combination of the physical and data link layers. The internet layer is equivalent to the network layer, and the application layer is roughly doing the job of the session, presentation, and application layers with the transport layer in TCP/IP taking care of part of the duties of the session layer.

The TCP/IP protocol suite is made of five layers: physical, data link, network, transport, and application. The first four layers provide physical standards, network interfaces, inter-networking, and transport functions that correspond to the first four layers of the OSI model. The three topmost layers in the OSI model, however, are represented in TCP/IP by a single layer called the application layer .



32

TCP / IP and OSI model

TCP/IP is a hierarchical protocol made up of interactive modules, each of which provides a specific functionality. Whereas the OSI model specifies which functions belong to each of its layers, the layers of the TCP/IPprotocol suite contain relatively independent protocols that can be mixed and matched depending on the needs of the system. The termhierarchical means that each upper-level protocol is supported by one or more lower-level protocols.

At the transport layer, TCP/IP defines three protocols: Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Stream Control Transmission Protocol (SCTP). At the network layer, the main protocol defined by TCP/IP is the Inter-



33

networking Protocol (IP); there are also some other protocols that support data movement in this layer.

Physical and Data Link Layers

At the physical and data link layers, TCP/IP does not define any specific protocol. It supports all the standard and proprietary protocols.

A network in a TCP/IP inter network can be a local-area network or a wide-area network.

Network Layer

At the network layer (or, more accurately, the inter-network layer, TCP/IPsupports the Inter-networking Protocol. IP, in turn, uses four supporting protocols: ARP, RARP, ICMP, and IGMP.

Inte-rnetworking Protocol (IP)

The Inter-networking Protocol (IP) is the transmission mechanism used by the TCP/IP protocols. It is an unreliable and connectionless protocol-a best-effort delivery service. The term best effort means that IP provides no error checking or tracking. IP assumes the unreliability of the underlying layers and does its best to get a transmission through to its destination, but with no guarantees. IP transports data in packets calleddatagrams, each of which is transported separately. Datagrams can travel along different routes and can arrive out of sequence or be duplicated. IP does not keep track of the routes and has no facility for reordering datagrams once they arrive at their destination.

Address Resolution Protocol



34

The Address Resolution Protocol (ARP) is used to associate a logical address with a physical address. On a typical physical network, such as a LAN, each device on a link is identified by a physical or station address, usually imprinted on the network interface card (NIC). ARP is used to find the physical address of the node when its Internet address is known.

Reverse Address Resolution Protocol

The Reverse Address Resolution Protocol (RARP) allows a host to discover its Internet address when it knows only its physical address. It is used when a computer is connected to a network for the first time or when a diskless computer is booted.

Internet Control Message Protocol

The Internet Control Message Protocol (ICMP) is a mechanism used by hosts and gateways to send notification of datagram problems back to the sender. ICMP sends query and error reporting messages.

Internet Group Message Protocol

The Internet Group Message Protocol (IGMP) is used to facilitate the simultaneous transmission of a message to a group of recipients.

Transport Layer

The transport layer was represented in TCP/IP by two protocols: TCP and UDP. IP is a host-to-host protocol, meaning that it can deliver a packet from one physical device to another, UDP and TCP are transport level protocols responsible for delivery of a message from a process (running program) to another process. A new transport layer protocol, SCTP, has been devised to meet the needs of some newer applications.



35

User Datagram Protocol

The User Datagram Protocol (UDP) is the simpler of the two standard TCP/IP transport protocols. It is a process-to-process protocol that adds only port addresses, checksum error control, and length information to the data from the upper layer.

Transmission Control Protocol

The Transmission Control Protocol (TCP) provides full transport-layer services to applications. TCP is a reliable stream transport protocol. The term stream, in this context, means connection-oriented: A connection must be established between both ends of a transmission before either can transmit data. At the sending end of each transmission, TCP divides a stream of data into smaller units called segments. Each segment includes a sequence number for reordering after receipt, together with an acknowledgment number for the segments received. Segments are carried across the internet inside of IP datagrams. At the receiving end, TCP collects each datagram as it comes in and reorders the transmission based on sequence numbers.

Stream Control Transmission Protocol

The Stream Control Transmission Protocol (SCTP) provides support for newer applications such as voice over the Internet. It is a transport layer protocol that combines the best features of UDP and TCP.

Application Layer

The application layer in TCP/IP is equivalent to the combined session, presentation, and application layers in the OSI model. Many protocols are defined at this layer.



36

1.4 Network software -Performance

A general phrase for software that is designed to help set up, manage, and/or monitor computer networks. Networking software applications are available to manage and monitor networks of all sizes, from the smallest home networks to the largest enterprise networks.

Performance:

Like any computer system, however, computer networks are also expected to perform well. This is because the effectiveness of computations distributed over the network often depends directly on the efficiency with which the network delivers the computation’s data. While the old programming adage “first get it right and then make it fast” is valid in many settings, in networking it is usually necessary to “design for performance.” It is, therefore important to understand the various factors that impact network performance.

Bandwidth and Latency

Network performance is measured in two fundamental ways: bandwidth(also called throughput) and latency (also called delay). The bandwidth of a network is given by the number of bits that can be transmitted over the network in a certain period of time. For example, a network might have a bandwidth of 10 million bits/second (Mbps), meaning that it is able to deliver10 million bits every second. It is sometimes useful to think of bandwidth in terms of how long it takes to transmit each bit of data. On a 10-Mbps network, for example, it takes 0.1 microsecond (μs) to transmit each bit.

Characteristics of network software:



37

(i)Reliability

Reliability is a characteristic that a flow needs. Lack of reliability means losing a packet or acknowledgment, which entails retransmission. However, the sensitivity of application programs to reliability is not the same. For example, it is more important that electronic mail, file transfer, and Internet access have reliable transmissions than telephony or audio conferencing.

(ii)Delay

Source-to-destination delay is another flow characteristic. Again applications can tolerate delay in different degrees. In this case, telephony, audio conferencing, video conferencing, and remote log-in need minimum delay, while delay in file transfer or e-mail is less important.

(iii)Jitter

Jitter is the variation in delay for packets belonging to the same flow. For example, if four packets depart at times 0, 1, 2, 3 and arrive at 20, 21, 22, 23, all have the same delay, 20 units of time. On the other hand, if the above four packets arrive at 21, 23, 21, and 28, they will have different delays: 21, 22, 19, and 24.

For applications such as audio and video, the first case is completely acceptable; the second case is not. For these applications, it does not matter if the packets arrive with a short or long delay as long as the delay is the same for all packets. For this application, the second case is not acceptable.

Jitter is defined as the variation in the packet delay. High jitter means the difference between delays is large; low jitter means the variation is small. If the jitter is high, some action is needed in order to use the received data.



38

(iv)Bandwidth

Different applications need different bandwidths. In video conferencing we need to send millions of bits per second to refresh a color screen while the total number of bits in an e-mail may not reach even a million.

Network Criteria:

Performance can be measured by means of transit time, response time, number of users, type of transmission medium, and capabilities of the connected hardware and the efficiency of the software.

Transit time The amount of time required for a message to travel from one device to another.

Response time: The elapsed time between an inquiry and a response.

Reliability: Reliability is measured by the frequency of failure ,the time it takes a link to recover from a failure.

Security: Network security is protecting data from unauthorized access.

1.5 Link layer Services

Framing

Error detection

Error correction

Flow control



39

Half duplex and full duplex

1.5.1 Framing

Architecture

Frame Relay provides permanent virtual circuits and switched virtual circuits. figure show s an example of a Frame Relay network connected to the Internet. The routers are used, to connect LANs and WANs in the Internet. In the figure, the Frame Relay WAN is used as one link in the global Internet.

Frame Relay network

Virtual Circuits

Frame Relay is a virtual circuit network. A virtual circuit in Frame Relay is identified by a number called a data link connection identifier (DLCI). VCIs in Frame Relay are called DLCIs.

Permanent Versus Switched Virtual Circuits

A source and a destination may choose to have a permanent virtual circuit (PVC). In this case, the connection setup is simple. The corresponding table entry is recorded for all switches by the administrator (remotely and electronically, of course). An outgoing DLCI is given to the source, and an incoming DLCI is given to the destination. PVC connections have two drawbacks.



40

First, they are costly because two parties pay for the connection all the time even when it is not in use. Second, a connection is created from one source to one single destination. If a source needs connections with several destinations, it needs PVC for each connection. An alternate approach is the switched virtual circuit (SVC). The SVC creates a temporary, short connection that exists only when data are being transferred between source and destination.

Switches

Each switch in a Frame Relay network has a table to route frames. The table matches an incoming port-DLCI combination with an outgoing port-DLCI. The only difference is that VCIs are replaced by DLCIs.

Frame Relay Layers

Figure shows the Frame Relay layers. Frame Relay has only physical and data link layers.

Frame Relay layers

Physical Layer



41

No specific protocol is defined for the physical layer in Frame Relay. Instead, it is left to the implementer to use whatever is available. Frame Relay supports any of the protocols recognized by ANSI.

Data Link Layer

At the data link layer, Frame Relay uses a simple protocol that does not support flow or error control. It only has an error detection mechanism. Figure shows the format of a Frame Relay frame. The address field defines the DLCI as well as some bits used to control congestion.

Frame Relay frame

The descriptions of the fields are as follows:

•Address (DLCI) field. The first 6 bits of the first byte makes up the first part of the DLCI. The second part of the DLCI uses the first 4 bits of the second byte. These bits are part of the 10-bit data link connection identifier defined by the standard.

•Command/response (CIR). The command/response (C/R) bit is provided to allow upper layers to identify a frame as either a command or a response. It is not used by the Frame Relay protocol.



42

•Extended address (EA). The extended address (EA) bit indicates whether the current byte is the final byte of the address. An EA of 0 means that another address byte is to follow. An EA of 1 means that the current byte is the final one.

•Forward explicit congestion notification (FECN). The forward explicit congestion notification (FECN) bit can be set by any switch to indicate that traffic is congested. This bit informs the destination that congestion has occurred. In this way, the destination knows that it should expect delay or a loss of packets.

•Backward explicit congestion notification (BECN). The backward explicit congestion notification (BECN) bit is set (in frames that travel in the other direction) to indicate a congestion problem in the network. This bit informs the sender that congestion has occurred. In this way, the source knows it needs to slow down to prevent the loss of packets.

•Discard eligibility (DE). The discard eligibility (DE) bit indicates the priority level of the frame. In emergency situations, switches may have to discard frames to relieve bottlenecks and keep the network from collapsing due to overload. When set(DE 1), this bit tells the network to discard this frame if there is congestion. This bit can be set either by the sender of the frames (user) or by any switch in the network. Frame Relay does not provide flow or error control; they must be provided by the upper-layer protocols.

Extended Address

To increase the range of DLCIs, the Frame Relay address has been extended from the original 2-byte address to 3- or 4-byte addresses. Figure shows the different addresses. Note that the EA field defines the number of bytes; it is 1 in the last byte of the



43

address, and it is a in the other bytes. Note that in the 3- and 4-byte formats, the bit before the last bit is set to 0.

Three address formats

FRADs

To handle frames arriving from other protocols, Frame Relay uses a device called a Frame Relay assembler/disassembler (FRAD). A FRAD assembles and disassembles frames coming from other protocols to allow them to be carried by Frame Relay frames. A FRAD can be implemented as a separate device or as part of a switch. Figure shows two FRADs connected to a Frame Relay network.

FRAD

Frame Relay networks offer an option called Voice Over Frame Relay (VOFR) that sends voice through the network. Voice is digitized using PCM and then compressed. The result is sent as data frames over the network. This feature allows the inexpensive sending of voice over long distances. However, note that the quality of voice is not as good as voice over a circuit-switched network such as the telephone network. Also, the



44

varying delay mentioned earlier sometimes corrupts real-time voice.

LMI

Frame Relay was originally designed to provide PVC connections. There was not, therefore, a provision for controlling or managing interfaces. Local Management Information (LMI) is a protocol added recently to the Frame Relay protocol to provide more management features. In particular, LMI can provide

•A keep-alive mechanism to check if data are flowing.

•A multicast mechanism to allow a local end system to send frames to more than one remote end system.

•A mechanism to allow an end system to check the status of a switch (e.g., to see if the switch is congested).

Congestion Control and Quality of Service

One of the nice features of Frame Relay is that it provides congestion control and quality of service (QoS).

1.5.2 Error Detection

Error:

Data can be corrupted during transmission. For reliable communication, errors must be detected and corrected. Signals flows from one point to another. This is subjected to unpredictable interferences from heat, magnetism and other forms of electricity.

REDUNDANCY



45

One error detection mechanism is sending every data unit twice. The receiving device then would be able to do a bit for bit comparison between the two versions of the data. Any discrepancy would indicate an error, and an appropriate correction mechanism could be used.

But instead of repeating the entire data stream, a shorter group of bits may be appended to the end of each unit. This technique is called redundancy because extra bits are redundant to the information. They are discarded as soon as the accuracy of the transmission has been determined.

Data and redundancy check

TYPES

Four types of redundancy checks are used in data communications. They are,

1. Vertical redundancy check (VRC)

2. Longitudinal redundancy check (LRC)



46

3. Cyclic redundancy check (CRC)

4. Checksum

VERTICAL REDUNDANCY CHECK:

It is also known as parity check. In this technique a redundant bit called a parity bit is appended to every data unit so that the total number of 1s in the unit including the parity bit becomes even for even parity or odd for odd parity.

In even parity, the data unit is passed through the even parity generator. It counts the number of 1s in the data unit. If odd number of 1s, then it sets 1 in the parity bit to make the number of 1s as even. If the data unit having even number of 1s then it sets in the parity bit to maintain the number of 1s as even. When it reaches its destination, the receiver puts all bits through an even parity checking function. If it counts even number of 1s than there is no error. Otherwise there is some error.

EXAMPLE:

The data is : 01010110

The VRC check : 010101100

In odd parity, the data unit is passed through the odd parity generator. It counts the number of 1s in the data unit. If even number of 1s, then it sets 1 in the parity bit to make the number of 1s as odd. If the data unit having odd number of 1s then it sets in the parity bit to maintain the number of 1s as odd. When it reaches its destination, the receiver puts all bits through an odd parity checking function. If it counts odd number of 1s than there is no error. Otherwise there is some error.

EXAMPLE



47

The data is: 01010110

The VRC check: 01010111

LONGITUDINAL REDUNDANCY CHECK

In this, a block of bits is organized in a table (rows and columns). For example, instead of sending a block of 32 bits, we organize them in a table made of four roes and eight columns. We then calculate the parity bit for each column and create a new row of eight bits which are the parity bits for the whole block.

CRC is based on binary division. In this a sequence of redundant bits, called CRC remainder is appended to the end of a data unit so that the resulting data unit becomes exactly divisible by a second predetermined binary number. At its destination, the incoming data unit is divided by the same number. If at this step there is no reminder, the data unit is assumed to be intact and therefore accepted. A remainder indicates that the data unit has been changed in transit and therefore must be rejected.



48

Here, the remainder is the CRC. It must have exactly one less bit than the divisor, and appending it to the end of the data string must make the resulting bit sequence exactly divisible by the divisor.

First, a string of n-1 0s is appended to the data unit. The number of 0s is one less than the number of bits in the divisor which is n bits. Then the newly elongated data unit is divided by the divisor using a process called binary division. The remainder is CRC. The CRC is replaces the appended 0s at the end of the data unit.

The data unit arrives at the receiver first, followed by the CRC. The receiver treats whole string as the data unit and divides it by the same divisor that was used to find the CRC remainder. If the remainder is 0 then the data unit is error free. Otherwise it having some error and it must be discarded.

CHECKSUM

The error detection method used by the higher layer protocols is called checksum.

It consists of two arts. They are,

1. Checksum generator



49

2. Checksum checker

Checksum Generator:

In the sender, the checksum generator subdivides the data unit into equal segments of n bits. These segments are added with each other by using one‟s complement arithmetic in such a way that the total is also n bits long. That total is then complemented and appended to the end of the data unit.

Checksum Checker:

The receiver subdivides the data unit as above and adds allsegments together and complements the result. If the extended data unit is intact, the total value found by adding the data segments and the checksum field should be zero. Otherwise the packet contains an error and the receiver rejects it.

1.5.3 Error Control

Although the Stop-and-Wait Protocol gives us an idea of how to add flow control to its predecessor, noiseless channels are nonexistent. We discuss three protocols in this section that use error control.

Go-Back-N Automatic Repeat Request

Selective Repeat Automatic Repeat Request

Stop-and-Wait Automatic Repeat Request

*Error correction in Stop-and-Wait ARQ is done by keeping a copy of the sent frame and retransmitting of the frame when the timer expires.

*In Stop-and-Wait ARQ:



50

*we use sequence numbers to number the frames. The sequence numbers are based on modulo-2 arithmetic.

*In Stop-and-Wait ARQ, the acknowledgment number always announces in modulo-2 arithmetic the sequence number of the next frame expected

Frame 0 is sent and acknowledged. Frame 1 is lost and resent after the time-out. The resent frame 1 is acknowledged and the timer stops.

Frame 0 is sent and acknowledged, but the acknowledgment is lost. The sender has no idea if the frame or the acknowledgment is lost, so after the time-out, it resends frame 0, which is acknowledged.

Flow diagram for an example of Stop-and-Wait ARQ.



51

*The send window can slide one or more slots when a valid acknowledgment arrives.

The receive window is an abstract concept defining an imaginary box of size 1 with one single variable Rn. The window slides when a correct frame has arrived; sliding occurs one slot at a time.

Window size for Go-Back-N ARQ

Packet flow of Go-Back-N ARQ

In Go-Back-N ARQ, the size of the send window must be less than 2m; the size of the receiver window is always 1.

This is an example of a case where the forward channel is reliable, but the reverse is not. No data frames are lost, but some ACKs are delayed and one is lost.



52

Scenario showing what happens when a frame is lost.

Stop-and-Wait ARQ is a special case of Go-Back-N ARQ in which the size of the send window is 1.

Selective Repeat ARQ, window size



53

Packet flow of Selective Repeat ARQ

In Selective Repeat ARQ, the size of the sender and receiver window must be at most one-half of 2m..

Scenario showing how Selective Repeat behaves when a frame is lost.

Stop-and-Wait Automatic Repeat Request

The Stop-and-Wait Automatic Repeat Request (Stop-and-Wait ARQ), adds a simple error control mechanism to the Stop-and-Wait Protocol. To detect and correct corrupted frames, we need



54

to add redundancy bits to our data frame. When the frame arrives at the receiver site, it is checked and if it is corrupted, it is silently discarded. The detection of errors in this protocol is manifested by the silence of the receiver.

Lost frames are more difficult to handle than corrupted ones. In Stop-and-Wait Protocol, there was no way to identify a frame. The received frame could be the correct one, or a duplicate, or a frame out of order. The solution is to number the frames. When the receiver receives a data frame that is out of order, this means that frames were either lost or duplicated.

The completed and lost frames need to be resent in this protocol. If the receiver does not respond when there is an error, let us know how can the sender know which frame to resend. To remedy this problem, the sender keeps a copy of the sent frame. At the same time, it starts a timer. If the timer expires and there is no ACK for the sent frame, the frame is resent, the copy is held, and the timer is restarted. Since the protocol uses the stop-and-wait mechanism, there is only one specific frame that needs an ACK even though several copies of the same frame can be in the network.

Error correction in Stop-and-Wait ARQ is done by keeping a copy of the sent frame and retransmitting of the frame when the timer expires. Since an ACK frame can also be corrupted and lost, it too needs redundancy bits and a sequence number. The ACK frame for this protocol has a sequence number field. In this protocol, the sender simply discards a corrupted ACK frame or ignores an out-of-order one.

Sequence Numbers

The protocol specifies that frames need to be numbered. This is done by using sequence numbers. A field is added to the data



55

frame to hold the sequence number of that frame. For example, if we decide that the field is m bits long, the sequence numbers start from 0, go to 2m - 1, and then are repeated.

Acknowledgment Numbers

Since the sequence numbers must be suitable for both data frames and ACK frames, we use this convention: The acknowledgment numbers always announce the sequence number of the next frame expected by the receiver. For example, if frame 0 has arrived safe and sound, the receiver sends an ACK frame with acknowledgment 1 (meaning frame 1 is expected next). If frame 1 has arrived safe and sound, the receiver sends an ACK frame with acknowledgment 0 (meaning frame 0 is expected).

Design

Figure shows the design of the Stop-and-Wait ARQ Protocol. The sending device keeps a copy of the last frame transmitted until it receives an acknowledgment for that frame. A data frames uses a seqNo (sequence number); an ACK frame uses an ackNo (acknowledgment number). The sender has a control variable, which we call Sn (sender, next frame to send), that holds the sequence number for the next frame to be sent (0 or 1).



56

Design of the Stop-and-Wait ARQ Protocol

The receiver has a control variable, which we call Rn (receiver, next frame expected), that holds the number of the next frame expected. When a frame is sent, the value of Sn is incremented (modulo-2), which means if it is 0, it becomes 1 and vice versa. When a frame is received, the value of Rn is incremented (modulo-2), which means if it is 0, it becomes 1 and vice versa.

Three events can happen at the sender site; one event can happen at the receiver site. Variable Sn points to the slot that matches the sequence number of the frame that has been sent, but not acknowledged; Rn points to the slot that matches the sequence number of the expected frame.

Algorithms

Algorithm 1 is for the sender site.

Algorithm 1 Sender-site algorithm for Stop-and- Wait ARQ



57

Sn = 0;// Frame 0 should be sent first

canSend = true;// Allow the first request to go

while(true)// Repeat forever

{

WaitForEvent();// Sleep until an event occurs

if(Event(RequestToSend) AND canSend)

{

GetData();

MakeFrame(Sn);//The seqNo is Sn

StoreFrame(Sn);//Keep copy

SendFrame(Sn);

StartTimer();

Sn =Sn + 1;

canSend = false;

}

WaitForEvent();// Sleep

if(Event(ArrivalNotification)// An ACK has arrived

{

ReceiveFrame(ackNo); //Receive the ACK frame Sn)

if(not corrupted AND ackNo ==Sn)//Valid ACK



58

{

Stoptimer();

PurgeFrame (Sn-1);//Copy is not needed

canSend = true;

}

}

if(Event(TimeOut))// The timer expired

{

StartTimer();

ResendFrame(Sn-1|);//Resend a copy check

}

}

Analysis

We first notice the presence of Sn the sequence number of the next frame to be sent. This variable is initialized once (line 1), but it is incremented every time a frame is sent (line 13) in preparation for the next frame. However, since this is modulo-2 arithmetic, the sequence numbers are 0, 1,0, 1, and so on. Note that the processes in the first event (SendFrame, StoreFrame, and PurgeFrame) use an Sn defining the frame sent out. We need at least one buffer to hold this frame until we are sure that it is received safe and sound. Line 10 shows that before the frame is sent, it is stored.



59

The copy is used for resending a corrupt or lost frame. We are still using the can Send variable to prevent the network layer from making a request before the previous frame is received safe and sound. If the frame is not corrupted and the ackNo of the ACK frame matches the sequence number of the next frame to send, we stop the timer and purge the copy of the data frame we saved. Otherwise, we just ignore this event and wait for the next event to happen. After each frame is sent, a timer is started. When the timer expires (line 28), the frame is resent and the timer is restarted. Algorithm 2 shows the procedure at the receiver site.

Algorithm 2 Receiver-site algorithm for Stop-and-Wait ARQ Protocol

Rn= 0;// Frame 0 expected to arrive first

while (true)

{

WaitForEvent ();//Sleep until an event occurs

if (Event (ArrivalNotification))//Data frame arrives

{

ReceiveFrame ();

if (corrupted (frame));

sleep ();

if(seqNo == Rn)//Valid data frame

{



60

ExtractData();

DeliverData();//Deliverdata

Rn = Rn + 1;

}

SendFrame(Rn);//Send an ACK

}

}

Analysis

This is noticeably different from Stop-and-Wait Protocol Algorithm. First, all arrived data frames that are corrupted are ignored. If the seqNo of the frame is the one that is expected (Rn ), the frame is accepted, the data are delivered to the network layer, and the value of Rn is incremented. However, there is one subtle point here. Even if the sequence number of the data frame does not match the next frame expected, an ACK is sent to the sender. This ACK, however, just reconfirms the previous ACK instead of confirming the frame received. This is done because the receiver assumes that the previous ACK might have been lost; the receiver is sending a duplicate frame. The resent ACK may solve the problem before the time-out does it.

1.5.4 Flow control

Flow control refers to a set of procedures used to restrict the amount of data that the sender can send before waiting for acknowledgment.



61

Flow control. Like the data link layer, the transport layer is responsible for flow control. However, flow control at this layer is performed end to end rather than across a single link.

Error control. Like the data link layer, the transport layer is responsible for error control.

In computer networking, flow control is the process of managing the rate of data transmission between two nodes to prevent a fast sender from outrunning a slow receiver. Error detection and correction or error controls are techniques that enable reliable delivery of digital data over unreliable communication channels.

Flow control protocol

Flow control:

Noiseless channel

Simplest Protocol

Stop-and-Wait Protocol

The design of the simplest protocol with no flow or error control.

Flow control mechanism



62

This shows an example of communication using this protocol. It is very simple. The sender sends a sequence of frames without even thinking about the receiver. To send three frames, three events occur at the sender site and three events at the receiver site. Note that the data frames are shown by tilted boxes; the height of the box defines the transmission time difference between the first bit and the last bit in the frame.

Design of Stop-and-Wait Protocol

This shows an example of communication using this protocol. It is still very simple. The sender sends one frame and waits for feedback from the receiver. When the ACK arrives, the sender sends the next frame. Note that sending two frames in the protocol involves the sender in four events and the receiver in two events.

Working of Stop-and-Wait Protocol

Sliding Window Flow Control Protocol

The sliding window is an abstract concept that defines the range of sequence numbers that is the concern of the sender and receiver. In other words, the sender and receiver need to deal with only part of the possible sequence numbers. The range which is the concern of the sender is called the send sliding



63

window; the range that is the concern of the receiver is called the receive sliding window.

The send window is an imaginary box covering the sequence numbers of the data frames which can be in transit. In each window position, some of these sequence numbers define the frames that have been sent; others define those that can be sent. The maximum size of the window is 2m - 1. Let the size be fixed and set to the maximum value. Figure shows a sliding window of size 15 (m = 4). The window at any time divides the possible sequence numbers into four regions. The first region, from the far left to the left wall of the window, defines the sequence numbers belonging to frames that are already acknowledged.

Send window for Go-Back-NARQ

The sender does not worry about these frames and keeps no copies of them. The second region, colored in Figure , defines the range of sequence numbers belonging to the frames that are sent and have an unknown status. The sender needs to wait to



64

find out if these frames have been received or were lost. We call these outstanding frames.

The third range, white in the figure, defines the range of sequence numbers for frames that can be sent; however, the corresponding data packets have not yet been received from the network layer. Finally, the fourth region defines sequence numbers that cannot be used until the window slides, as we see next.

The window itself is an abstraction; three variables define its size and location at any time. We call these variables Sf(send window, the first outstanding frame), Sn (send window, the next frame to be sent), and Ssize (send window, size). The variable Sf defines the sequence number of the first (oldest) outstanding frame. The variable Sn holds the sequence number that will be assigned to the next frame to be sent. Finally, the variable Ssize defines the size of the window, which is fixed in our protocol.

Figure shows how a send window can slide one or more slots to the right when an acknowledgment arrives from the other end. The acknowledgments in this protocol are cumulative, meaning that more than one frame can be acknowledged by an ACK frame. In figure b, frames 0, 1, and 2 are acknowledged, so the window has slid to the right three slots. Note that the value of Sf is 3 because frame 3 is now the first outstanding frame.

The receive window makes sure that the correct data frames are received and that the correct acknowledgments are sent. The size of the receive window is always 1. The receiver is always looking for the arrival of a specific frame. Any frame arriving out of order is discarded and needs to be resent. Figure shows the receive window.



65

Receive window for Go-Back-NARQ

Note that we need only one variable Rn (receive window, next frame expected) to define this abstraction. The sequence numbers to the left of the window belong to the frames already received and acknowledged; the sequence numbers to the right of this window define the frames that cannot be received. Any received frame with a sequence number in these two regions is discarded. Only a frame with a sequence number matching the value of Rn is accepted and acknowledged. The receive window also slides, but only one slot at a time. When a correct frame is received (and a frame is received only one at a time), the window slides.

Timers

Although there can be a timer for each frame that is sent, in our protocol we use only one. The reason is that the timer for the first outstanding frame always expires first; we send all outstanding frames when this timer expires.

Acknowledgment



66

The receiver sends a positive acknowledgment if a frame has arrived safe and sound and in order. If a frame is damaged or is received out of order, the receiver is silent and will discard all subsequent frames until it receives the one it is expecting. The silence of the receiver causes the timer of the unacknowledged frame at the sender site to expire. This, in turn, causes the sender to go back and resend all frames, beginning with the one with the expired timer. The receiver does not have to acknowledge each frame received. It can send one cumulative acknowledgment for several frames.

Resending a Frame

When the timer expires, the sender resends all outstanding frames. For example, suppose the sender has already sent frame 6, but the timer for frame 3 expires. This means that frame 3 has not been acknowledged; the sender goes back and sends frames 3, 4,5, and 6 again. That is why the protocol is called Go-Back-N ARQ.

Design

Figure shows the design for this protocol. As we can see, multiple frames can be in transit in the forward direction, and multiple acknowledgments in the reverse direction. The idea is similar to Stop-and-Wait ARQ; the difference is that the send window allows us to have as many frames in transition as there are slots in the send window.

Send Window Size

We can now show why the size of the send window must be less than 2m. As an example, we choose m =2, which means the size of the window can be 2m- 1, or 3. Figure compares a window size of 3 against a window size of 4.



67

Design of Go-Back-NARQ



68

Window size for Go-Back-NARQ

If the size of the window is 3 (less than 22) and all three acknowledgments are lost, the frame 0 timer expires and all three frames are resent. The receiver is now expecting frame 3, not frame 0, so the duplicate frame is correctly discarded. On the other hand, if the size of the window is 4 (equal to 22) and all acknowledgments are lost, the sender will send a duplicate of frame 0. However, this time the window of the receiver expects to receive frame 0, so it accepts frame 0, not as a duplicate, but as the first frame in the next cycle. This is an error.

UNIT IIMEDIA ACCESS & INTERNETWORKING

Media access control - Ethernet (802.3) - Wireless LANs – 802.11 – Bluetooth - Switching and bridging – Basic Internetworking (IP, CIDR, ARP, DHCP,ICMP ).

2.1 Media access control

Media Access Control (MAC) technology provides unique identification and access control for computers on an Internet Protocol (IP) network. In wireless networking, MAC is the radio control protocol on the wireless network adapter. Media Access Control works at the lower sublayer of the data link layer (Layer 2) of the OSI model.

MAC Addresses

Media Access Control assigns a unique number to each IP network adapter called the MAC address. A MAC address is 48



69

bits long. The MAC address is commonly written as a sequence of 12 hexadecimal digits as follows:

48-3F-0A-91-00-BC

MAC addresses are uniquely set by the network adapter manufacturer and are sometimes called physical addresses. The first six hexadecimal digits of the address correspond to a manufacturer's unique identifier, while the last six digits correspond to the device's serial number.

MAC addresses map to logical IP addresses through the Address Resolution Protocol (ARP).

Some Internet service providers track the MAC address of a home router for security purposes. Many routers support a process called cloning that allows the MAC address to be simulated so that it matches one the service provider in expecting. This allows households to change their router (and their real MAC address) without having to notify the provider.

CSMA

Carrier sense multiple access (CSMA) is a probabilistic media access control (MAC) protocol in which a node verifies the absence of other traffic before transmitting on a shared transmission medium, such as an electrical bus, or a band of the electromagnetic spectrum.

CSMA is a network access method used on shared network topologies such as Ethernet to control access to the network. Devices attached to the network cable listen (carrier sense) before transmitting. If the channel is in use, devices wait before transmitting. MA (multiple access) indicates that many devices can connect to and share the same network. All devices have



70

equal access to use the network when it is clear. Even though devices attempt to sense whether the network is in use, there is a good chance that two stations will attempt to access it at the same time. On large networks, the transmission time between one end of the cable and another is enough that one station may access the cable even though another has already just accessed it. There are two methods for avoiding these so-called collisions, listed here:

CSMA/CD (carrier sense multiple access/collision detection)

Carrier sense multiple access with collision detection (CSMA/CD) is a media access control method used most notably in local area networking using early Ethernet technology.

CD (collision detection) defines what happens when two devices sense a clear channel, then attempt to transmit at the same time. A collision occurs, and both devices stop transmission, wait for a random amount of time, then retransmit. This is the technique used to access the 802.3 Ethernet network channel. This method handles collisions as they occur, but if the bus is constantly busy, collisions can occur so often that performance drops drastically. It is estimated that network traffic must be less than 40 percent of the bus capacity for the network to operate efficiently. If distances are long, time lags occur that may result in inappropriate carrier sensing, and hence collisions.

CSMA/CA (carrier sense multiple access/collision avoidance)

In CA (collision avoidance), collisions are avoided because each node signals its intent to transmit before actually doing so. This method is not popular because it requires excessive overhead that reduces performance.

There Are Three Different Type of CSMA Protocols



71

(I) I-persistent CSMA

(ii) Non- Persistent CSMA

(iii) p-persistent CSMA

Types of CSMA

(i) I-persistent CSMA

In this method, station that wants to transmit data continuously senses the channel to check whether the channel is idle or busy.

If the channel is busy, the station waits until it becomes idle.

When the station detects an idle-channel, it immediately transmits the frame with probability 1. Hence it is called I-persistent CSMA.

This method has the highest chance of collision because two or more stations may find channel to be idle at the same time and transmit their frames.

When the collision occurs, the stations wait a random amount of time and start allover again.

Drawback of I-persistent

The propagation delay time greatly affects this protocol. Let us suppose, just after the station I begins its transmission, station 2 also became ready to send its data and senses the channel. If the



72

station I signal has not yet reached station 2, station 2 will sense the channel to be idle and will begin its transmission. This will result in collision.

1-persistent CSMA

Even if propagation delay time is zero, collision will still occur. If two stations became .ready in the middle of third station's transmission, both stations will wait until the transmission of first station ends and then both will begin their transmission exactly simultaneously. This will also result in collision.

(ii) Non-persistent CSMA

In this scheme, if a station wants to transmit a frame and it finds that the channel is busy (some other station is transmitting) then it will wait for fixed interval off time.

After this time, it again checks the status of the channel and if the channel is.free it will transmit.

A station that has a frame to send senses the channel.

If the channel is idle, it sends immediately.

If the channel is busy, it waits a random amount of time and then senses the channel again.



73

In non-persistent CSMA the station does not continuously sense the channel for the purpose of capturing it when it detects the end of previous transmission.

Advantage of non-persistent

It reduces the chance of collision because the stations wait a random amount of time. It is unlikely that two or more stations will wait for same amount of time and will retransmit at the same time.

Disadvantage of non-persistent

It reduces the efficiency of network because the channel remains idle when there may be stations with frames to send. This is due to the fact that the stations wait a random amount of time after the collision.

Non persistent

(iii) p-persistent CSMA



74

This method is used when channel has time slots such that the time slot duration is equal to or greater than the maximum propagation delay time.

Whenever a station becomes ready to send, it senses the channel.

If channel is busy, station waits until next slot.

If channel is idle, it transmits with a probability p.

With the probability q=l-p, the station then waits for the beginning of the next time slot.

If the next slot is also idle, it either transmits or waits again with probabilities p and q.

This process is repeated till either frame has been transmitted or another station has begun transmitting.

In case of the transmission by another station, the station acts as though a collision has occurred and it waits a random amount of time and starts again.



75

Advantage of p-persistent

It reduces the chance of collision and improves the efficiency of the network.

2.2 Ethernet (802.3)

Ethernet (802.3)

The most dominant LAN technology today is Ethernet. Traditional Ethernet, Fast Ethernet and Gigabit Ethernet are the three generations of Ethernet. The Original Ethernet was created in 1976 at Xerox’s Palo Alto Research Center.

Data Rate:

Traditional Ethernet: 10 Mbps

Fast Ethernet: 100 Mbps



76

Gigabit Ethernet: 1 Gbps

Traditional Ethernet:

Layers:

Network, Transport and application layers are common to all LANs. The data link layer is divided into the logical link control (LLC) sub layer and the medium access control (MAC) sub layers. MAC sub layers is slightly different for each Ethernet version, the physical layer is quite different.

Three generations of Ethernet:

Diagrammatic representation of generation of Ethernet

AUI: Attachment Unit InterfaceMDI: Medium Dependent Interface

MAC: Medium Access ControlMII: Medium Independent Interface

MAU: Medium Attachment UnitGMII: Gigabit Medium Independent Interface.

PHY: Physical Layer Entity

PLS: Physical layer Signaling



77

RS: Reconciliation Signaling

MAC Sub layer:

The Mac Sub layer governs the operation of the access method. It also frames data received from the upper layer and passes them to the PLS sub layer for encoding.

Access Method: CSMA / CD

Traditional Ethernet uses 1 - persistent CSMA / CD as the access method.

Frame:

The Ethernet frame contains seven fields. Preamble, SFD, DA, SA, length / type of PDU, upper layer data, and the CRC. Ethernet provides an unreliable medium (no acknowledgment).

802.3 MAC frame format

•Preamble - Contains 7 byte (56 bits) of alternating 0’S and l’s that alert the receiving system about the coming Frame and enable it to synchronize its input timing.

•Start frame delimiter (SFD) - Second field (1 byte: 10101011) tells the station that they have a last chance for synchronization. The last two bits (11) alert the receiver that the next field is the destination address.



78

•Destination address (DA) - This DA field is 6 bytes and contains the address of the destination station.

•Source Address (SA) - The SA field is 6 bytes and contains the physical address of the sender of the packet.

•Length / type - If the value of the field is less than 1518, it is the length field and defines the length of the data field that follows. If the value is greater than 1536 it defines the type of the PDU packet that is encapsulated in the frame.

•Data - This field carries data encapsulated from the upper -layer protocols. (Min: 46 bytes, Max: 1500 bytes)

•CRC - The last field contains the error detection information. (Ex: CRC 32)

Addressing:

Each station on Ethernet has its own networks interface card (NIC) which provides a 6 byte physical address to the station. The Ethernet address (6 byes = 48 bits) is written in hexadecimal notation.

Example: 05 - 02 - 01 - 01 - 3C - 5B

Hyphen is used to separate bytes from each other.

Unicast: The 8th bit is set as 0 if the address is unicast.

(Ex: Source or one destination address)

Multicast: The 8th bit of the Ethernet address is set as 1, if the address is multicast.

(Ex: group of destination)



79

Broad cast: All the 48 bits of the Ethernet address are l’s if the address is broadcast.

(Ex: All stations in the network are destinations)

Physical Layer (PLS):

•The PLS sub layer encodes and decodes data.

•Manchester encoding is used.

•Data rate: 10 Mbps

•Bandwidth: 20 Mbaud

Diagrammatic representation of PLS

AUI:

The attachment unit interface is a specification that defines the interface between the PLS and the MAU, which used thick coaxial cable.

MAU (Transceiver):

The transceiver transmits signals over the medium, receives signals, and also selects collision. Every medium needs its own type of MAU. MAU is medium dependent.

MAU (transceiver):



80

Diagrammatic representation of MAU

Types of transceiver:

1.Internal - Installed inside the station and doesn’t need an AUI cable.

2.External - Installed close to media and connected via AUI to the station.

MDI:

The MDI is a piece for hardware for connecting a transceiver to the medium.

Physical Layer Implementation:

The standard defines four different implementations for base band (digital), 10 Mbs Ethernet.



81

Flowchart representation of baseband implementation

10 Base 5: Thick Ethernet or Thicknet:

Diagrammatic representation of Thick Ethernet

External Transceiver is connected via a tap to a thick coaxial cable.

10 Base 2: Thin Ethernet or Cheaper net

Topology used: Bus (internal transceiver), Point - Point (External transceiver)



82

Diagrammatic representation of Thin Ethernet

If the station has no transceiver then an external transceiver can be used in conjunction with AUI.

10 Base - T: Twisted Pair Ethernet:

Topology used: Star

Diagrammatic representation of Twisted Pair Ethernet

The stations are connected to the hub with an transceiver. If internal transceiver is used, the interface card is directly connected to the medium connector.

If an external transceiver is used, the transceiver is connected through an AUI cable to the interface. The transceivers is then connected to the hub as shown in figure.

10 Base - FL: Fiber Link Ethernet

Topology used: Star



83

Diagrammatic representation of Fiber link Ethernet

The standard is normally implemented using an external transceiver called fiber optic MAU. The Station is connected to an external transceiver by an AUI cable. The transceiver is connected to the hub by using two paris of fiber optic cable as shown in figure.

Difference between fast ethernet and gigabit ethernet.

Fast Ethernet (100 Mbps) Gigabit Ethernet (1 Gbps)Upgrade the data rate to 100 Mbps. Upgrade the data rate to 1 Gbps.Make it compatible with Standard Ethernet.

Make it compatible with Standard or Fast Ethernet

Comparison Of Different Types Of Ethernet

Standard Ethernet implementations

Characteristics 10Base5 10Base2 10Base-T 10Base-F

MediaThick

coaxial cable

Thin

coaxial cable2 UTP 2 Fiber

Maximum length 500 m 185 m 100 m 2000 m.

Line encoding Manchester Manchester Manchester Manchester

Fast Ethernet implementations

Characteristics 100Base-TX 100Base-FX 100Base-T4Media Cat 5 UTP or STP Fiber Cat 4 UTPNumber of wires 2 2 4Maximum length 100m 100m 100mBlock encoding 4B/5B 4B/5BLine encoding MLT-3 NRZ 1 8B/6T



84

Gigabit Ethernet implementations

Characteristics 1000Base-SX 1000Base-LX 1000Base-CX 1000Base-T

MediaFiber

short-wave

Fiber

long-waveSTP Cat 5 UTP

Number of wires 2 2 2 4Maximum length 550m 5000m 25m 100mBlock encoding 8B/10B 8B/10B 8B/10BLine encoding NRZ NRZ NRZ 4D-PAM5

Ten-Gigabit Ethernet implementations

Characteristics 10GBase-5 10GBase-L 10GBase-E

Media

Short-wave

S50-mm

multimode

Long-wave 1310-mm single mode

Extended 1550-mm single mode

Maximum length 300m 10km 40km

2.3 Wireless LANs

2.3.1 802.11

IEEE 802.11 is a set of media access control (MAC) and physical layer (PHY) specifications for implementing wireless local area network (WLAN) computer communication in the 2.4, 3.6, 5, and 60 GHz frequency bands. They are created and maintained by the IEEE LAN/MAN Standards Committee (IEEE 802).

The base version of the standard was released in 1997, and has had subsequent amendments. The standard and amendments provide the basis for wireless network products using the Wi-Fi brand. While each amendment is officially revoked when it is



85

incorporated in the latest version of the standard, the corporate world tends to market to the revisions because they concisely denote capabilities of their products. As a result, in the market place, each revision tends to become its own standard.

Wi-Fi (802.11 )

802.11 is designed for use in a limited geographical area (homes, office buildings, campuses), and its primary challenge is to mediate access to a shared communication medium—in this case, signals propagating through space. 802.11 supports additional features (e.g., time-bounded services, power management,and security mechanisms), but we focus our discussion on its base functionality.

Wireless fidelity

Physical Properties



86

802.11 runs over six different physical layer protocols (so far). Five are based on spread spectrum radio, and one on diffused infrared (and is of historical interest only at this point). The fastest runs at a maximum of 54Mbps.The original 802.11 standard defined two radio-based physical layers standards,one using frequency hopping (over 79 1-MHz-wide frequency bandwidths) and the other using direct sequence (with an 11-bit chipping sequence). Both provide up to2 Mbps. Then physical layer standard 802.11b was added. Using a variant of direct sequence, 82.11b provides up to 11 Mbps. These three standards run in the licenseexempt2.4 GHz frequency band of the electromagnetic spectrum. Then came 802.11a,which delivers up to 54 Mbps using a variant of FDM called orthogonal frequency division multiplexing (OFDM). 802.11a runs in the license-exempt 5-GHz band. On one hand,this band is less used, so there is less interference.

On the other hand, there is more absorption of the signal and it is limited to almost line of sight. The most recent standard is 802.11g, which is backward compatible with 802.11b (and returns to the 2.4-GHz band). 802.11g uses OFDM and delivers up to 54 Mbps. It is common for commercial products to support all three of 802.11a, 802.11b, and 802.11g, which not only ensures compatibility with any device that supports any one of the standards, but also makes it possible for two such products to choose the highest bandwidth option for a particular environment.

Collision Avoidance

Ethernet—wait until the link becomes idle before transmitting and back off should a collision occur—and to a first approximation, this is what 802.11 does. The additional complication for wireless is that, while a node on an



87

Ethernet receives every other node’s transmissions, a node on an 802.11 network may be too far from certain other nodes to receive their transmissions.

The peculiar thing about the 802.11 frame format is that it contains four, rather than two, addresses. How these addresses are interpreted depends on the settings of the ToDS and FromDS bits in the frame’sControl field. This is to account for the possibility that the frame had to be forwarded across the distribution system, which would mean that the original sender is not necessarily the same as the most recent transmitting node. Similar reasoning applies to the destination address.

2.3.2 Bluetooth

Bluetooth is a wireless LAN technology designed to connect devices of different functions such as telephones, notebooks, computers, cameras, printers, coffee makers, and so on.



88

Photographic representation of Bluetooth Technology

A Bluetooth LAN is an adhoc network, which means that the network is formed spontaneously.

Small Bluetooth Network is called Piconets. It can have 1 to 8 stations. One station is primary, others are secondary.

Piconet:

A piconet is formed when two or more devices discover each other and begin to communicate. A piconet can have up to eight devices, with one device acting as a master and the rest acting as slaves. The first device to initiate transmission becomes the master, although the specification provides for a master and slave unit to exchange roles. A specific frequency-hopping



89

sequence is used by all devices within each piconet. Figure shows the simplest example of a piconet: A cell phone is downloading address-book and telephone-number information to the user's laptop.

Piconet consists of atleast two bluetooth-enabled devices

In this example, the laptop acts as a master. The application software running on the laptop contacts the cell phone when it is within range, and requests that it synchronize its database with the one stored on the laptop.

A piconet can have only one master and up to seven slave devices.



90

Photographic representation of seven slave devices in Piconet

Scatternet:

A device can be a master of only one piconet. The device can, at the same time, also be a slave in another piconet that is within range. A slave can also participate in two different piconets that are within its range. However, the master device determines the hopping pattern used for a piconet, a device cannot be a master of more than one piconet.



91

Photographic representation of Scatternet

Group of piconet is called scatternet.

Bluetooth layers and Protocol Stack

Bluetooth is a wireless LAN technology designed to connect devices of different functions. Bluetooth standard has many protocols that are organized into different layers. The layer structure of Bluetooth does not follow OS1 model, TCP/IP model or any other known model.

The different layers and Bluetooth protocol architecture.



92

Diagrammatic representation of Bluetooth protocol architecture

Radio Layer

The Bluetooth radio layer corresponds to the physical layer of OSI model. It deals with ratio transmission and modulation. The radio layer moves data from master to slave or vice versa. It is a low power system that uses 2.4 GHz ISM band in a range of 10 meters.

This band is divided into 79 channels of 1MHz each. Bluetooth uses the Frequency Hopping Spread Spectrum (FHSS) method in the physical layer to avoid interference from other devices or networks.

Bluetooth hops 1600 times per second, i.e. each device changes its modulation frequency 1600 times per second.

In order to change bits into a signal, it uses a version of FSK called GFSK i.e. FSK with Gaussian bandwidth filtering.

Baseband Layer



93

Baseband layer is equivalent to the MAC sublayer in LANs. Bluetooth uses a form of TDMA called TDD-TDMA (Time Division Duplex TDMA). Master and slave stations communicate witheach other using time slots. The master in each piconet defines the time slot of 625 µsec.

In TDD- TDMA, communication is half duplex in which receiver can send and receive data but not at the same time.

If the piconet has only no slave; the master uses even numbered slots (0, 2, 4, ...) and the slave uses odd-numbered slots (1, 3, 5, .... ). Both master and slave communicate in half duplex mode. In slot 0, master sends & secondary receives; in slot 1, secondary sends and primary receives.

If piconet has more than one slave, the master uses even numbered slots. The slave sends in the next odd-numbered slot if the packet in the previous slot was addressed to it.

In Baseband layer, two types of links can be created between a master and slave. These are:

1. Asynchronous Connection-less (ACL)

It is used for packet switched data that is available at irregular intervals. ACL delivers traffic on a best effort basis. Frames can be lost & may have to be retransmitted. A slave can have only one ACL link to its master.

Thus ACL link is used where correct delivery is preferred over fast delivery. The ACL can achieve a maximum data rate of 721 kbps by using one, three or more slots.

2. Synchronous Connection Oriented (SCO)



94

SCO is used for real time data such as sound. It is used where fast delivery is preferred over accurate delivery. In an SCO link, a physical link is created between the master and slave by reserving specific slots at regular intervals.

Damaged packet are not retransmitted over SCO links. A slave can have three SCO links with the master and can send data at 64 Kbps.

Logical Link, Control Adaptation Protocol Layer (L2CAP)

The logical unit link control adaptation protocol is equivalent to logical link control sublayer of LAN. The ACL link uses L2CAP for data exchange but SCO channel does not use it.

The various function of L2CAP is:

1. Segmentation and reassembly

L2CAP receives the packets of upto 64 KB from upper layers and divides them into frames for transmission. It adds extra information to define the location of frame in the original packet. The L2CAP reassembles the frame into packets again at the destination.

2. Multiplexing

L2CAP performs multiplexing at sender side and demultiplexing at receiver side. At the sender site, it accepts data from one of the upper layer protocol frames and deliver them to the Baseband layer. At the receiver site, it accepts a frame from the baseband layer, extracts the data, and delivers them to the appropriate protocol layer.

3. Quality of Service (QOS)



95

L2CAP handles quality of service requirements, both when links are established and during normal operation. It also enables the devices to negotiate the maximum payload size during connection establishment.

Bluetooth Frame Format

The various fields of blue tooth frame format are:

Frame format representation of Bluetooth

1. Access Code: It is 72 bit field that contains synchronization bits. It identifies the master.

2. Header: This is 54-bit field. It contain 18 bit pattern that is repeated for 3 time.

The header field contains following subfields:

(i) Address: This is 3 bit field and can define upto seven slaves (1 to 7). If the address is zero, it is used for broadcast communication from primary to all secondaries.



96

(ii)Type: This 4 bit field identifies the type of data coming from upper layers.

(iii) F: This flow bit is used for flow control. When set to 1, it means the device is unable to receive more frames.

(iv) A: This bit is used for acknowledgment.

(v) S: This bit contains a sequence number of the frame to detect retransmission. As stop and wait protocol is used, one bit is sufficient.

(vi) Checksum: This 8 bit field contains checksum to detect errors in header.

Data: This field can be 0 to 2744 bits long. It contains data or control information coming from upper layers.

2.4 Switching and bridging

Bridges and switches are data communications devices that operate principally at Layer 2 of the OSI reference model. As such, they are widely referred to as data link layer devices.

Bridges became commercially available in the early 1980s. At the time of their introduction, bridges connected and enabled packet forwarding between homogeneous networks. More recently, bridging between different networks has also been defined and standardized.

Several kinds of bridging have proven important as inter-networking devices. Transparent bridging is found primarily in Ethernet environments, while source-route bridging occurs primarily in Token Ring environments. Translational bridging provides translation between the formats and transit principles



97

of different media types (usually Ethernet and Token Ring). Finally, source-route transparent bridging combines the algorithms of transparent bridging and source-route bridging to enable communication in mixed Ethernet/Token Ring environments.

Today, switching technology has emerged as the evolutionary heir to bridging-based inter-networking solutions. Switching implementations now dominate applications in which bridging technologies were implemented in prior network designs. Superior throughput performance, higher port density, lower per-port cost, and greater flexibility have contributed to the emergence of switches as replacement technology for bridges and as complements to routing technology.

Switching Techniques

1. CIRCUIT-SWITCHED NETWORKS

A circuit-switched network consists of a set of switches connected by physical links. A connection between two stations is a dedicated path made of one or more links. However, each connection uses only one dedicated channel on each link. Each link is normally divided into nchannels by using FDM or TDM. Figure shows a trivial circuit-switched network with four switches and four links. Each link is divided into n (n is 3 in the figure) channels by using FDM or TDM.



98

A trivial circuit-switched network

We have explicitly shown the multiplexing symbols to emphasize the division of the link into channels even though multiplexing can be implicitly included in the switch fabric. The end systems, such as computers or telephones, are directly connected to a switch. We have shown only two end systems for simplicity.

When end system A needs to communicate with end system M, system A needs to request a connection to M that must be accepted by all switches as well as by M itself. This is called the setup phase; a circuit (channel) is reserved on each link, and the combination of circuits or channels defines the dedicated path. After the dedicated path made of connected circuits (channels) is established, data transfer can take place. After all data have been transferred, the circuits are tom down.

We need to emphasize several points here:

1.Circuit switching takes place at the physical layer.

2.Before starting communication, the stations must make a reservation for the resources to be used during the communication. These resources, such as channels (bandwidth in FDM and time slots in TDM), switch buffers, switch processing time, and switch input/output ports, must remain dedicated



99

during the entire duration of data transfer until theteardown phase.

3.Data transferred between the two stations are not packetized (physical layer transfer of the signal). The data are a continuous flow sent by the source station and received by the destination station, although there may be periods of silence.

4.There is no addressing involved during data transfer. The switches route the data based on their occupied band (FDM) or time slot (TDM). Of course, there is end-to end addressing used during the setup phase, as we will see shortly.

Three Phases

The actual communication in a circuit-switched network requires three phases: connection setup, data transfer, and connection teardown.

Setup Phase

Before the two parties can communicate, a dedicated circuit needs to be established. The end systems are normally connected through dedicated lines to the switches, so connection setup means creating dedicated channels between the switches. For example, in Figure , when system A needs to connect to system M, it sends a setup request that includes the address of system M, to switch I. Switch I finds a channel between itself and switch IV that can be dedicated for this purpose. Switch I then sends the request to switch IV, which finds a dedicated channel between itself and switch III. Switch III informs system M of system A’s intention at this time.

In the next step to making a connection, an acknowledgment from system M needs to be sent in the opposite direction to



100

system A. Only after system A receives this acknowledgment is the connection established. Note that end-to-end addressing is required for creating a connection between the two end systems. These can be, for example, the addresses of the computers assigned by the administrator in a TDM network, or telephone numbers in an FDM network.

Data Transfer Phase

After the establishment of the dedicated circuit (channels), the two parties can transfer data.

Teardown Phase

When one of the parties needs to disconnect, a signal is sent to each switch to release the resources.

Circuit-Switched Technology in Telephone Networks

The telephone companies have previously chosen the circuit switched approach to switching in the physical layer; today the tendency is moving toward other switching techniques. For example, the telephone number is used as the global address, and a signaling system (called SS7) is used for the setup and teardown phases.

2.DATAGRAM NETWORKS

In data communications, we need to send messages from one end system to another. If the message is going to pass through a packet-switched network, it needs to be divided into packets of fixed or variable size. The size of the packet is determined by the network and the governing protocol.

In packet switching, there is no resource allocation for a packet. Resources are allocated on demand. The allocation is done on a



101

first come, first-served basis. When a switch receives a packet, no matter what is the source or destination, the packet must wait if there are other packets being processed.

In a datagram network, each packet is treated independently of all others. Even if a packet is part of a multi packet transmission, the network treats it as though it existed alone. Packets in this approach are referred to as datagrams. Datagram switching is normally done at the network layer. Figure shows how the datagram approach is used to deliver four packets from station A to station X. The switches in a datagram network are traditionally referred to as routers. That is why we use a different symbol for the switches in the figure.

A datagram network with four switches (routers)

In this example, all four packets (or datagrams) belong to the same message, but may travel different paths to reach their destination. This is so because the links may be involved in carrying packets from other sources and do not have the necessary bandwidth available to carry all the packets from A to X.

This approach can cause the datagrams of a transmission to arrive at their destination out of order with different delays between the packets. Packets may also be lost or dropped because of a lack of resources. In most protocols, it is the responsibility of an upper-layer protocol to reorder the



102

datagrams or ask for lost datagrams before passing them on to the application.

The datagram networks are sometimes referred to as connectionless networks. The term connectionless here means that the switch (packet switch) does not keep information about the connection state. There are no setup or teardown phases. Each packet is treated the same by a switch regardless of its source or destination.

Routing Table

If there are no setup or teardown phases, how are the packets routed to their destinations in a datagram network? In this type of network, each switch (or packet switch) has a routing table which is based on the destination address. The routing tables are dynamic and are updated periodically. The destination addresses and the corresponding forwarding output ports are recorded in the tables. This is different from the table of a circuit switched network in which each entry is created when the setup phase is completed and deleted when the teardown phase is over. figure shows the routing table for a switch.

Routing table in a datagram network

Destination Address



103

Every packet in a datagram network carries a header that contains, among other information, the destination address of the packet. When the switch receives the packet, this destination address is examined; the routing table is consulted to find the corresponding port through which the packet should be forwarded.

Datagram Networks in the Internet

The Internet has chosen the datagram approach to switching at the network layer. It uses the universal addresses defined in the network layer to route packets from the source to the destination.

3.VIRTUAL-CIRCUIT NETWORKS

A virtual-circuit network is a cross between a circuit-switched network and a datagram network. It has some characteristics of both.

1.As in a circuit-switched network, there are setup and teardown phases in addition to the data transfer phase.

2.Resources can be allocated during the setup phase, as in a circuit-switched network, or on demand, as in a datagram network.

3.As in a datagram network, data are packetized and each packet carries an address in the header. However, the address in the header has local jurisdiction not end-to-end jurisdiction. The reader may ask how the intermediate switches know where to send the packet if there is no final destination address carried by a packet.

4.As in a circuit-switched network, all packets follow the same path established during the connection.



104

5.A virtual-circuit network is normally implemented in the data link layer, while a circuit-switched network is implemented in the physical layer and a datagram network in the network layer.

Figure is an example of a virtual-circuit network. The network has switches that allow traffic from sources to destinations. A source or destination can be a computer, packet switch, bridge, or any other device that connects other networks.

Virtual-circuit network

Circuit-Switched Technology in WANs

Virtual-circuit networks are used in switched WANs such as Frame Relay and ATM networks. The data link layer of these technologies is well suited to the virtual-circuit technology.

BRIDGE:

A bridge device filters data traffic at a network boundary. Bridges reduce the amount of traffic on a LAN by dividing it into two segments.

Bridges operate at the data link layer (Layer 2) of the OSI model. Bridges inspect incoming traffic and decide whether to forward or discard it. An Ethernet bridge, for example, inspects each incoming Ethernet frame - including the source and destination MAC addresses, and sometimes the frame size - in making individual forwarding decisions.



105

Bridges serve a similar function as switches, that also operate at Layer 2. Traditional bridges, though, support one network boundary, whereas switches usually offer four or more hardware ports. Switches are sometimes called “multi-port bridges” for this reason

A network bridge connects multiple network segments at the data link layer (layer 2) of the OSI model. Bridges broadcast to all ports except the port on which the broadcast was received. However, bridges do not promiscuously copy traffic to all ports, as hubs do, but learn which MAC addresses are reachable through specific ports. Once the bridge associates a port and an address, it will send traffic for that address to that port only.

Bridges learn the association of ports and addresses by examining the source address of frames that it sees on various ports. Once a frame arrives through a port, its source address is stored and the bridge assumes that MAC address is associated with that port. The first time that a previously unknown destination address is seen, the bridge will forward the frame to all ports other than the one on which the frame arrived.

To select between segments, a bridge must have a look-up that contains the physical addresses of every station connected to it. The table indicates to which segment each station belongs.

Bridges come in three basic types:

1.Simple bridge

2.Multiport bridge

3.Transparent bridge

Simple bridge:



106

These are the most primitive and least expensive type of bridge. A simple bridge links two segments and contains a table that lists the addresses of all the stations included in each of them. Before a simple can be used, an operator must sit down and enter the addresses of every station: Whenever a new station is added, the table must be modified. If a station is removed, the newly invalidaddress must be deleted. The logic included in a simple bridge, is of the pass/ no pass variety, a configuration that makes a simple bridge straightforward and inexpensive to manufacture. Installation and maintenance of simple bridges are time consuming and potentially more trouble than the cost savings are worth.

Multiport Bridge:

A multiport bridge can be used to connect more than two LANs. This type of bridge has three tables, one holding the physical addresses of stations reachable through the corresponding port.

Transparent bridge:

A transparent or learning bridge builds its table of station addresses on its own as it performs its bridge function. When the transparent bridge is first installed, its table is empty. As it encounters each packet, it looks at both the destination and the source addresses. It checks the destination to decide where to send the packet. It does not recognize the destination address, it relays the packet to all of the stations on both segments. It uses the source address to build its table. As it reads the source address, it notes which side the packet came from and associates that address with the segment to which it belongs.

2.5 Basic Inter networking (IP, CIDR, ARP, DHCP,ICMP )



107

2.5.1 IP

IP(INTERNET PROTOCOL)

An inter-network is often referred to as a network of networks because it is made up of lots of smaller networks. The nodes that interconnect the networks are called routers. They are also sometimes called gateways, but since this term has several other connotations, we restrict our usage to router. The internet protocol is the key tool used today to build scalable, heterogeneous inter-network.

IP address is short for Internet Protocol (IP) address.

IP specifies the format of packets, also called datagrams, and the addressing scheme.

An IP address is an identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages based on the IP address of the destination.

The Format of an IP Address

The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be zero to 255. For example, 1.160.10.240 could be an IP address.

Within an isolated network, you can assign IP addresses at random as long as each one is unique. However, connecting a private network to the Internet requires using registered IP addresses (called Internet addresses) to avoid duplicates.

Static Versus Dynamic IP Addresses

An IP address can be static or dynamic. A static IP address will never change and it is a permanent Internet address. A dynamic



108

IP address is a temporary address that is assigned each time a computer or device accesses the Internet.

GLOBAL ADRESSES:

Global uniqueness is the first property that should be provided in an addressing scheme. Ethernet addresses are globally unique but not sufficient to address entire network. And also they are flat that is no structure in addressing.

IP addresses are hierarchical. They made up of two parts, they are a network part and a host part.

The network part identifies the network to which the host is connected. All hosts which are connected to the same network have same network part in their IP address. The host part then identifies each host on the particular network.

The routers are host but they are connected with two networks. So they need to have an address on each network, one for each interface.

IP addresses are divided into three different classes. They are,

1. class A

2. class B

3. class C

The class of an IP address is identified in the most significant few bits. If the first bit is 0, it is a class A address. If the first bit is 1 and the second bit is 0, it is a class B address. If the first two bits are 1 and the third bit is 0, t is a class C address.



109

Class A addresses have 7 bits for network part and 24 bits for host part. So 126 class A networks each can accommodate 224-2 (about 16 million) hosts. The 0 and 127 are reserved.

Class B addresses have 14 bits for network part and 16 bits for host part. So 214-2 class B networks each can accommodate 216-2 (about 65,534) hosts.

Class C addresses have 21 bits for network part and 8 bits for host part. So 221-2 class C networks each can accommodate 28-2 (about 254) hosts. The 0 and 127 are reserved.

There are approximately 4 billion possible IP addresses, one half for class A, one quarter for class B and one-eighth for class C address. There are also class D and class E are there. But class D for multicast and class E are currently unused.

IP addresses are written as four decimal integers separated by dots. Each integer represents the decimal value contained in 1 byte of the address, starting at the most significant.

Packet Format:

Version (4): currently 4

Hlen (4): number of 32-bit words in header

TOS (8): type of service (not widely used)

Length (16): number of bytes in this datagram

Ident (16): used by fragmentation

Flags/Offset (16): used by fragmentation

TTL (8): number of hops this datagram has traveled



110

Protocol (8): demux key (TCP=6, UDP=17)

Checksum (16): of the header only

DestAddr & SrcAddr (32)

Packet format

2.5.2 CIDR

CLASSLESS INTERDOMAIN ROUTING (CIDR)

CIDR is an efficient method for specifying IP addresses to Internet routers.

Way of describing IP ranges sharing a common bit prefix,we write IP/length, where IP is the first address from the range,and length is the length of the common prefix.

Example

We want to convert the IP addresses whose binary representation starts with



111

10011100.00010001.00000100.0010

First IP address from the range:10011100.00010001.00000100.00100000=156.17.4.32

Prefix length = 28

Description =156.17.4.32/28

CIDR used mostly for describing single networks 156.17.4.32/28 denotes all the addresses between 156.17.4.32 and 156.17.4.47.

First address in the network is reserved (network address)

Last address is also reserved: broadcast address.

Remaining ones can be assigned to computers.

2.5.3 ARP

ARP(Address Resolution Protocol):

ARP is a protocol used by the Internet Protocol (IP), specifically IPv4, to map IP network addresses to the hardware addresses used by a data link protocol. This protocol acts a interface between OSI network layer and link layer.

The goal of ARP is to enable each host on a network to build up a table of mappings between IP address and link level addresses.

Since these mappings may change over time, the entries are timed out periodically and removed. This happens on the order of every 15 minutes. The set of mappings currently stored in a host is known as ARP cache orARP table.



112

ARP packet format

The above figure shows the ARP packet format for IP to Ethernet address mappings.

ARP can be used for lots of other kinds of mappings. The major difference is their address size. In addition to the IP and link level addresses of both sender and target, the packet contains:

A HardwareType field, which specifies the type of the physical network (ex., Ethernet).

A ProtocolType field, which specifies the higher layer protocol (ex., IP).

HLen (Hardware address length) and PLen (Protocol address length) fields, which specifies the length of the link layer address and higher layer protocol address, respectively.

An Operation field, which specifies whether this is a request or a response.

The source and target hardware (Ethernet) and protocol (IP) address.



113

The results of the ARP process can be added as an extra column in a forwarding table.

2.5.4 DHCP

DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP)

Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway.

Ethernet addresses are configured into the network adaptor by the manufacturer, and this process is managed in such a way that these addresses are globally unique. This is clearly a sufficient condition to ensure that any collection of hosts connected to a single Ethernet will have unique addresses. IP addresses by contrast is not only unique on a given internetwork, but also must reflect the structure of the internetwork. They contain a network part and a host part; the network part must be the same for all hosts on the same network.

Thus, it is not possible for the IP addresses to be configured once into a host when it is manufactured, since that would imply that the manufacturer knew which hosts were going to end up on which networks, and it would mean that a host, once connected to one network, could never move to another. For this reason, IP addresses need to be reconfigurable.

There are some obvious drawbacks in manual configuration by system administrator. So automated configuration methods are required. The primary method uses a protocol known as Dynamic Host Configuration Protocol (DHCP).



114

DHCP relies on the existence of a DHCP server that is responsible for providing configuration information to hosts. At the simplest level, the DHCP server can function just as a centralized repository for host configuration information. The configuration information for each host could be stored in the DHCP server and automatically retrieved by each host when it is booted or connected to the network. The configuration information for each host stored in a table that is indexed by some form of unique client identifier, typically hardware address.

To contact a DHCP server the host sends a DHCPDISCOVER message to a special IP address (255.255.255.255) that is an IP broadcast address. It will be received by all host and routers on the network. DHCP uses the concept of a relay agent. There is at least one relay agent on each network, and it is configured with just one piece of information, to DHCP server.

When a relay agent receives a DHCPDISCOVER message, it unicasts it to the DHCP server and awaits the response, which it will send back to the requesting client.



115

Packet format representation of DHCP

The packet format is shown above. The message is sent using a protocol named User Datagram Protocol (UDP). When trying to obtain the configuration information, the client puts its hardware address in the ciaddr field. The DHCP server replies by filling in the yiaddr (your IP address) field and sending to the client.

2.5.5 ICMP

ERROR REPORTING (ICMP):

The Internet Control Message Protocol (ICMP) is one of the main protocols of the Internet Protocol Suite. It is used by network devices, like routers, to send error messages indicating,



116

for example, that a requested service is not available or that a host or router could not be reached.

While IP is perfectly willing to drop data grams when the going gets tough for example.

When a router does not know how to forward the data gram or when one fragment of a datagram fails to arrive at the destination it does not necessarily fail silently. IP is always configured with a companion protocol, known as Internet Control Message Protocol (ICMP) that defines a collection of error messages that are sent back to the source host whenever a router or host is unable to process an IP data gram successfully. For example, ICMP defines error message indicating that thedestination host is unreachable, that the reassembly process failed, when the TTL had reached 0, that the IP header checksum failed and so on. ICMP defines a handful of control message that a router can send back to a source host. Ex., ICMP-redirect tells the source host that there is better route to the destination.

ICMP datagram structure:

The ICMP datagram, being an IP datagram, contains the usual IP header. This is followed by an ICMP header which varies slightly between the different types of ICMP message. The general format is shown below:



117

Frame representation of IP Datagram

Code:

The value of the 8 bit code field provides further information about the message. The exact meaning of the value contained within this field depends on the message Type. For example, with an ICMP Type 3 message ("Desination unreachable"), a Code value of 0 means "Network unreachable", which implies a router failure. A Code of 1 means "Host unreachable".

Checksum:

The checksum field is calculated in the same way as the IP header checksum.

Parameters:

Whether or not this field is used depends on the type of message. For example, Type 3 messages do not use this field, while Type 0 and 8 messages use the field to store an identifier and sequence number.

Data:

The data is the IP header and first 64 bits of the original datagram, i.e. the one that failed and prompted the ICMPmessage. Including the first 64 bits of the original datagram it allows the ICMP message to be matched to the datagram that caused it.

UNIT IIIROUTING



118

Routing (RIP, OSPF, metrics) – Switch basics – Global Internet (Areas, BGP, IPv6), Multicast –addresses – multicast routing (DVMRP, PIM)

3.1 Routing (RIP, OSPF, metrics)

ROUTING

o Distance vector routing (eg. RIP)

o Link state routing (eg.OSPF)

o Path vector (eg. BGP)

Distance-vector:

Each router exchanges information about the entire network with neighboring routers at regular intervals.

Neighboring routers = connected by a direct link (e.g. a LAN)

Regular intervals: e.g. every 30 seconds

Link-state:

Each router exchanges information about its neighborhood with all routers in the network when there is a change.

Neighborhood of a router = set of neighbor routers for this router.

Each router’s neighborhood information is flooded through the Network.



119

Link state routing

A switch or router needs to be able to look at the packet’s destination address and then to determine which of the output ports is the best choice to get the packet to that address.

The forwarding table is used when a packet is being forwarded and so must contain enough information to accomplish the forwarding function. This means that a row in the forwarding table contains the mapping from a network number to an outgoing interface and some MAC information, such as the Ethernet address of the next hop.

The routing table is the table that is built up by the routing algorithms as a precursor to building the forwarding table. It generally contains mappings from network numbers to next hops. It may also contain information about how this information was learned, so that the router will be able to decide when it should discard some information.

The forwarding table needs to be structured to optimize the process of looking up a network number when forwarding a packet, while the routing table needs to be optimized for the purpose of calculating changes in topology. The forwarding table



120

may even be implemented in specialized hardware, whereas this is rarely if ever done for the routing table.

Example rows from (a) routing and (b) forwarding tables.

Network as a Graph

Routing is, in essence, a problem of graph theory. A graph representing a network. The nodes of the graph, labeled A through F, may be hosts, switches, routers, or networks. The edges of the graph correspond to the network links. Each edge has an associated cost, which gives some indication of the desirability of sending traffic over that link. The basic problem of routing is to find the lowest-cost path between any two nodes, where the cost of a path equals the sum of the costs of all the edges that make up the path.



121

Network represented as a Graph

The router that connects the network to the global address uses one private address and one global address.

3.1.1 Routing Information Protocol (RIP)

Each node constructs a one-dimensional array (a vector) containing the “distances” (costs) to all other nodes and distributes that vector to its immediate neighbors. The starting assumption for distance-vector routing is that each node knows the cost of the link to each of its directly connected neighbors. A link that is down is assigned an infinite cost.

The cost of each link is set to 1, so that a least-cost path is simply the one with the fewest hops. (Since all edges have the same cost, we do not show the costs in the graph. Note that each node only knows the information in one row of the table (the one that bears its name in the left column). The global view that is presented here is not available at any single point in the network.

Initial distances stored at each node (global view)

Implementation



122

The code that implements this algorithm is very straightforward; we give only some of the basics here. Structure Route defines each entry in the routing table, and constant MAX_TTL specifies how long an entry is kept in the table before it is discarded. One of the most widely used routing protocols in IP networks is the Routing Information Protocol (RIP).

Its widespread use is due in no small part to the fact that it was distributed along with the popular Berkeley Software Distribution (BSD) version of UNIX, from which many commercial versions of Unix were derived. It is also extremely Simple.

#define MAX_ROUTES 128 /* maximum size of routing table */

#define MAX_TTL 120 /* time (in seconds) until route expires */

typedef struct {

NodeAddr Destination; /* address of destination */

NodeAddr NextHop; /* address of next hop */

int Cost; /* distance metric */

u_short TTL; /* time to live */

} Route;

int numRoutes = 0;

Route routingTable[MAX_ROUTES];

RIP is in fact a fairly straightforward implementation of distance-vector routing. Routers running RIP send their advertisements every 30 seconds; a router also sends an update message whenever an update from another router causes it to change its routing table.



123

One point of interest is that it supports multiple address families, not just IP. The network-address part of the advertisements is actually represented as a _family, address_ pair.

Packet Format

RIP packet format contains mostly (network address, distance) pair as shown. o RIP supports multiple address families that include IP.

Packet format

3.1.2 OSPF(Open Shortest Path First Protocol )

LINK STATE (OSPF)

Link-state routing is the second major class of intra domain routing protocol. The starting assumptions for link-state routing are rather similar to those for distance-vector routing. Each node is assumed to be capable of finding out the state of the link to its neighbors (up or down) and the cost of each link.

OSPF is one of the most widely used link-state routing protocols.



124

Authentication of routing messages Misconfigured hosts are capable of bringing down a network by advertising to reach every host with the lowest cost 0. Such disasters are averted by mandating routing updates to be authenticated.

Additional hierarchy In OSPF, a domain is partitioned into areas, i.e., a router need not know the complete network, instead only its area.

Load balancing OSPF allows multiple routes to the same place to be assigned the same cost and will cause traffic to be distributed evenly over those routes.

Reliable Flooding

Reliable flooding is the process of making sure that all the nodes participating in the routing protocol get a copy of the link-state information from all the other nodes. As the term “flooding” suggests, the basic idea is for a node to send its link-state information out on its entire directly connected links, with each node that receives this information forwarding it out on all of its links. This process continues until the information has reached all the nodes in the network.

The ID of the node that created the LSP;

A list of directly connected neighbors of that node, with the cost of the link to each one;

A sequence number;

A time to live for this packet.

One of the most widely used link-state routing protocols is OSPF. The first word, “Open,” refers to the fact that it is an open, nonproprietary standard, created under the auspices of the IETF.



125

The “SPF” part comes from an alternative name for link-state routing.

Authentication of routing messages

Additional hierarchy

Load balancing

OSPF Header Format

There are several different types of OSPF messages, but all begin with the same header The Version field is currently set to 2, and the Type field may take the values 1 through 5. The Source Address identifies the sender of the message, and the Area Id is a 32-bit identifier of the area in which the node is located.

The entire packet, except the authentication data, is protected by a 16-bit checksum using the same algorithm as the IP header (see Section 2.4). The Authentication type is 0 if no authentication is used; otherwise it may be 1, implying a simple password is used, or 2, which indicates that a cryptographic authentication checksum, of the sort described in Section 8.3, is used.

Packet header



126

In the latter cases the Authentication field carries the password or cryptographic checksum.Of the five OSPF message types, type 1 is the “hello” message, which a router sends to its peers to notify them that it is still alive and connected as described above. The remaining types are used to request, send, and acknowledge the receipt of link-state messages. The basic building block of link-state messages in OSPF is known as the link state advertisement (LSA).

Link state advertisement

One message may contain many LSAs. The LS sequence number is used exactly as described above, to detect old or duplicate LSAs.

Link-state ID 32-bit identifier that identifies the router.

Advertising router For type 1 LSA, it is same as Link-state ID LS sequence number used to detect old or duplicate packets LS checksum covers all fields except LS Age

Length :length of the LSA in bytes

Link ID: and Link Data identify a link

Metric specifies cost of the link.

Link Type: Specifies type of link (for example, point-to-point)



127

TOS allows OSPF to choose different routes based on the value in TOS field.

3.1.3 Metrics

The preceding discussion assumes that link costs, or metrics, are known when we execute the routing algorithm. We look at some ways to calculate link costs that have proven effective in practice. One example that we have seen already, which is quite reasonable and very simple, is to assign a cost of 1 to all links—the least-cost route will then be the one with the fewest hops. Such an approach has several drawbacks, however.

First, it does not distinguish between links on a latency basis. Thus, a satellite link with 250-ms latency looks just as attractive to the routing protocol as a terrestrial link with 1-ms latency. Second, it does not distinguish between routes on a capacity basis, making a 9.6-Kbps link look just as good as a 45-Mbps link. Finally, it does not distinguish between links based on their current load, making it impossible to route around overloaded links. It turns out that this last problem is the hardest because you are trying to capture the complex and dynamic characteristics of a link in a single scalar cost.

The ARPANET was the testing ground for a number of different approaches to link-cost calculation. (It was also the place where the superior stability of link-state over distance-vector routing was demonstrated; the original mechanism used distance vector while the later version used link state.) The following discussion traces the evolution of the ARPANET routing metric and, in so doing, explores the subtle aspects of the problem.

The original ARPANET routing metric measured the number of packets that were queued waiting to be transmitted on each link, meaning that a link with 10 packets queued waiting to be



128

transmitted was assigned a larger cost weight than a link with 5 packets queued for transmission.

Using queue length as a routing metric did not work well, however, since queue length is an artificial measure of load—it moves packets toward the shortest queue rather than toward the destination, a situation all too familiar to those of us who hop from line to line at the grocery store. Stated more precisely, the original ARPANET routing mechanism suffered from the fact that it did not take either the bandwidth or the latency of the link into consideration.

A second version of the ARPANET routing algorithm, sometimes called the “new routing mechanism,” took both link bandwidth and latency into consideration and used delay, rather than just queue length, as a measure of load. This was done as follows. First, each incoming packet was time stamped with its time of arrival at the router (ArrivalTime); its departure time from the router (DepartTime) was also recorded. Second, when the link-level ACK was received from the other side, the node computed the delay for that packet as

Delay = (DepartTime− ArrivalTime) +TransmissionTime +Latency

where TransmissionTime and Latency were statically defined for the link and captured the link’s bandwidth and latency, respectively. Notice that in this case,

DepartTime − ArrivalTime ,represents the amount of ?me the packet was delayed (queued) in the node due to load. If the ACK did not arrive, but instead the packet timed out, then DepartTime was reset to the time the packet was retransmitted. In this case,



129

DepartTime − ArrivalTime captures the reliability of the link—the more frequent the retransmission of packets, the less reliable the link, and the more we want to avoid it. Finally, the weight assigned to each link was derived from the average delay experienced by the packets recently sent over that link.

A highly loaded link never shows a cost of more than three times its cost when idle;

The most expensive link is only seven times the cost of the least expensive;

A high-speed satellite link is more attractive than a low-speed terrestrial link;

Cost is a function of link utilization only at moderate to high loads.

3.2 Switch basics

Switches are used to connect multiple devices on the same network within a building or campus. For example, a switch can connect your computers, printers and servers, creating a network of shared resources. The switch, one aspect of your networking basics, would serve as a controller, allowing the various devices to share information and talk to each other. Through information sharing and resource allocation, switches save you money and increase productivity.



130

Ethernet switching

There are two basic types of switches to choose from as part of your networking basics: managed and unmanaged.

An unmanaged switch works out of the box and does not allow you to make changes. Home-networking equipment typically offers unmanaged switches.

A managed switch allows you access to program it. This provides greater flexibility to your networking basics because the switch can be monitored and adjusted locally or remotely to give you control over network traffic, and who has access to your network.

3.3 Global Internet (Areas, BGP, IPv6)

Global Internet usage includes tables, charts, maps, and a list of articles with more detailed information on a wide range of usage measures.

At this point, we have seen how to connect a heterogeneous collection of networks to create an inter-network and how to use the simple hierarchy of the IP address to make routing in an internet somewhat scalable.



131

We say “somewhat” scalable because even though each router does not need to know about all the hosts connected to the internet, it does,in the model described so far, need to know about all the networks connected to the internet. Today’s Internet has tens of thousands of networks connected to it. Routing protocols such as those we have just discussed do not scale to those kinds of numbers

3.3.1 Routing Areas

As if we didn’t already have enough hierarchy, link-state intradomain routing protocols provide a means to partition a routing domain into subdomains called areas. (The terminology varies somewhat among protocols—we use the OSPF terminology here.) By adding this extra level of hierarchy, we enable single domains to grow larger without overburdening the intradomain routing protocols.

An area is a set of routers that are administratively configured to exchange link-state information with each other. There is one special area—the backbone area, also known as area 0. An example of a routing domain divided into areas. Routers R1, R2, and R3 are members of the backbone area. They are also members of at least one non-backbone area; R1 is actually a member of both area 1 and area 2. A router that is a member of both the backbone area and a nonbackbone area is an area border router (ABR).

Note that these are distinct from the routers that are at the edge of an AS,which are referred to as AS border routers for clarity. Routing within a single area is exactly as described in Section 4.2.3. All the routers in the area send link-state advertisements to each other, and thus develop a complete, consistent map of the area. However, the link-state advertisements of routers that



132

are not area border routers do not leave the area in which they originated. This has the effect of making the flooding and route calculation processes considerably more scalable. For example, router R4 in area 3 will never see a link-state advertisement from router R8 in area 1.

As a consequence, it will know nothing about the detailed topology of areas other than its own. How, then, does a router in one area determine the right next hop for a packet destined to a network in another area? The answer to this becomes clear if we imagine the path of a packet that has to travel from one nonbackbone area to another as being split into three parts.

First, it travels from its source network to the backbone area, then it crosses the backbone, then it travels from backbone to destination network. To make this work, the area border routers summarize routing information that they have learned from one area and make it available in their advertisements to other areas. For example, R1 receives link-state advertisements from all the routers in area 1 and can thus determine the cost of reaching any network in area 1. When R1 sends link-state advertisements into area 0, it advertises the costs of reaching the networks in area 1 much as if all those networks were directly connected to R1. This enables all the area 0 routers to learn the cost to reach all networks in area 1.

The area border routers then summarize this information and advertise it into the nonbackbone areas. Thus, all routers learn how to reach all networks in the domain. Note that in the case of area 2, there are two ABRs, and that routers in area 2 will thus have to make a choice as to which one they use to reach the backbone. This is easy enough, since both R1 and R2 will be advertising costs to various networks, so that it will become clear



133

which is the better choice as the routers in area 2 run their shortest-path algorithm.

For example, it is pretty clear that R1 is going to be a better choice than R2 for destinations in area 1. When dividing a domain into areas, the network administrator makes a trade-off between scalability and optimality of routing. The use of areas forces all packets traveling from one area to another to go via the backbone area, even if a shorter path might have been available.

For example, even if R4 and R5 were directly connected, packets would not flow between them because they are in different nonbackbone areas. It turns out that the need for scalability is often more important than the need to use the absolute shortest path.

This illustrates an important principle in network design. There is frequently a trade-off between some sort of optimality and scalability. When hierarchy is introduced, information is hidden from some nodes in the network, hindering their ability to make perfectly optimal decisions. However, information hiding is essential to scalability, since it saves all nodes from having global knowledge.

It is invariably true in large networks that scalability is a more pressing design goal than perfect optimality. Finally, we note that there is a trick by which network administrators can more flexibly decide which routers go in area 0. This trick uses the idea of a virtual link between routers. Such a virtual link is obtained by configuring a router that is not directly connected to area 0 to exchange backbone routing information with a router that is.

For example, a virtual link could be configured from R8 to R1, thus making R8 part of the backbone. R8 would now participate



134

in link-state advertisement flooding with the other routers in area 0. The cost of the virtual link from R8 to R1 is determined by the exchange of routing information that takes place in area 1. This technique can help to improve the optimality of routing

3.3.2 BGP

Border Gateway Protocol (BGP) for IPv6. BGP is an Exterior Gateway Protocol (EGP) used mainly to connect separate routing domains that contain independent routing policies (autonomous systems).

BGP is commonly used to connect to a service provider for access to the Internet. BGP can also be used within an autonomous system, and this variation is referred to as internal BGP (iBGP). Multiprotocol BGP is an enhanced BGP that carries routing information for multiple network layer protocol address families, such as, IPv6 address family and for IP multicast routes.

All BGP commands and routing policy capabilities can be used with multiprotocol BGP.

Traffic on the internet can be classified into two types:

o local traffic that starts/ends on nodes within an AS

o transit traffic that passes through an AS can be classified into three types

o Stub AS has only a single connection to one other AS. This AS can carry local traffic only, such as Small corporation.

o Multihomed AS has connections to more than one other AS but refuses to carry transit traffic, such as Large corporation.



135

o Transit AS has connections to more than one other AS and is designed to carry both transit and local traffic, such as the backbone providers

Each AS selects one of its nodes to be the BGP speaker.

Speaker node creates a routing table for that AS and advertises it to other BGP speakers in the neighboring ASs.

Network of autonomous systems Multi backbone internet

Each AS also has a border gateway through which packets enter and leave the AS.

BGP advertises complete paths as an enumerated list of ASs to reach a particular network. BGP ensures that paths are loop-free.

The attributes in a path can be well known or optional. The well known attributes are recognized by all routers.

If there are different routes to a destination, the BGP speaker chooses the best one according to local policies, and then advertises.

A BGP speaker need not advertise any route to a destination, even if it has one.



136

The important point to understand here is that, in the context of interdomain routing, a border gateway is simply an IP router that is charged with the task of forwarding packets between ASs.

Unlike link state and distance vector routing protocols BGP advertises complete paths as an enumerated list of ASs to reach a particular network.

3.3.3 IPV6

Internet Protocol version 6 (IPv6) is the latest revision of the IP and the 1stversion of the protocol to be widely deployed. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion.

Accommodate scalable routing and addressing the ip address should be: support for real-time services security support auto configuration (i.e., the ability of hosts to automatically configure themselves with such information as their own IP address and domain name) enhanced routing functionality, including support for mobile hosts.

Header format

Packet format

Addresses and Routing



137

IPv6 provides a 128-bit address space. IPv6 can address 3.4×10^38 nodes. IPv6 address space is predicted to provide over 1500 addresses per square foot of the earth’s surface

Address Space Allocation

IPv6 addresses do not have classes. address space is subdivided in based on the leading bits.

Prefix Use

00. . . 0 (128 bits) Unspecified

00. . . 1 (128 bits) Loopback

1111 1111 Multicast addresses

1111 1110 10 Link local unicast

1111 1110 11 Site local unicast

Everything else Global unicast

Within the global unicast address space are some important special types of addresses. A node may be assigned an IPv4-compatible IPv6 address by zero-extending a 32-bit IPv4 address to 128 bits.

A node that is only capable of understanding IPv4 can be assigned an IPv4-mapped IPv6 address by prefixing the 32-bit IPv4 address with 2 bytes of all 1s and then zero-extending the result to 128 bits. These two special address types have uses in the IPv4-to-IPv6 transition (see the sidebar on this topic).

Address prefix assignments for IPv6



138

Large chunks of address space have been left unassigned to allow for future growth and new features. 0000 001-NSAP(Network Service Access Point) addresses are used by the ISO protocols. 0000 010-IPX addresses are used by Novell’s network -layer protocol.

―Link local useǁ-enable a host to construct an address that will work on the network to which it is connected without being concerned about global uniqueness of the address.

―Site local useǁ-addresses are intended to allow valid addresses to be constructed on a site that is not connected to the larger Internet; again, global uniqueness need not be an issue.multicast address space- is for multicast, thereby serving the same role as class D addresses in IPv4.

3.4 Multicast

Multiaccess networks like Ethernet and token rings implement multicast in hardware. There are, however, applications that need a broader multicasting capability that is effective at the scale of inter-networks.

For example, when a radio station is broadcast over the Internet, the same data must be sent to all the hosts where a user has tuned in to that station. In that example, the communication is one-to-many. Other examples of one-to-many applications include transmitting the same news,current stock prices, or software updates to multiple hosts.

There are also applications whose communication is many-to-many, such as multimedia teleconferencing, online multiplayer gaming, or distributed simulations. In such cases, members of a group receive data from multiple senders, typically each other.



139

From any particular sender, they all receive the same data. Normal IP communication, in which each packet must be addressed and sent to a single host, is not well-suited to such applications. If an application has data to send to a group, it would have to send a separate packet with the identical data to each member of the group.

3.4.1 Multicast addresses

A multicast address is a logical identifier for a group of hosts in a computer network, that are available to process datagrams or frames intended to be multicast for a designated network service. Multicast addressing can be used in the Link Layer (Layer 2 in the OSI model), such as Ethernet multicast, and at the Internet Layer(Layer 3 for OSI) for Internet Protocol Version 4 (IPv4) or Version 6 (IPv6) multicast.

Hosts can then choose to join or leave this group at will, without synchronizing or negotiating with other members of the group.Also, a host may belong to more than one group at a time. Hosts join multicast groups using a protocol called Internet Group Management Protocol (IGMP).

Two types of multicast routing

Distance-vector Routing

Link-state Routing.

Link-State Multicast

Recall that in link-state routing, each router monitors the state of its directly connected links and sends an update message to all of the other routers whenever the state changes.



140

Since each router receives enough information to reconstruct the entire topology of the network, it is able to use Dijkstra’s algorithm to compute the shortest-path spanning tree rooted at itself and reaching all possible destinations.

The router uses this tree to determine the best next hop for each packet it forwards. The only question is how each router determines which groups have members on which links.

IGMP Message Format And IGMP Operation.

The Internet Group Management Protocol (IGMP) is one of the necessary, but not sufficient, protocols that is involved in multicasting. IGMP is a companion to the IP protocol.

Message format:

Type field:

Type ValueGeneral or special query 0 x 11 or 00010001

Membership report 0 x 16 or 00010110Leave report 0 x 17 or 00010111

IGMP Operations:

•If multiple Multicast Routers exist in one network, then their Group Lists are mutually-exclusive.

•Member routers: one or more other network receives the multicast.



141

•Host Members: one or more local process receives the multicast.

Joining a Group:

•Each host (or router ) may join a group by sending a Membership Report (MR) message.

•A Host maintain list of group ids it subscribes to. If new group id, send MR.

•Routers maintain one list of group ids per interface. If new (i.e. to the router) groupid, send MR out of all interfaces, except the one from which the new interest came from.

•In IGMP, a membership report is sent twice, one after the other.

Group address in joining group

Monitoring membership:



142

Membership monitoring

•Distributing routers periodically query each node on an interface for ALL the groups they are interested in.

•Nodes must respond in 10 seconds by sending a membership report for each such groupid.

Delayed response:

•To prevent of burst of and sometimes unnecessary, membership reports in response to a Query, the responding node (hosts or other routers) delay the response for each group by a random time.

•During the waiting period, if some other node responds to the same group id, the waiting node simply cancels its own timer for that group id.

IP Addressing

In classful addressing, the address space is divided into five classes: A, B, C, D, and E.

We can find the class of an address when given the address in binary notation or dotted-decimal notation. If the address is



143

given in binary notation, the first few bits can immediately tell us the class of the address. If the address is given in decimal-dotted notation, the first byte defines the class. Both methods are shown in Figure.

Finding the classes in binary and dotted-decimal notation

Classes and Blocks

One problem with classful addressing is that each class is divided into a fixed number of blocks with each block having a fixed size as shown in Table 1.

Number of blocks and block size in classful IPv4 addressing

Class Number of BlocksA„y Block Size Application

A 128 16,777 216 UnicastB 16,384 65,536 Unicast.C 2,097,152 256 UnicastD 1 268,435,456 MulticastE 1 268,435,456 Reserved

Class A addresses were designed for large organizations with a large number of attached hosts or routers. Class B addresses were designed for midsize organizations with tens of thousands of attached hosts or routers. Class C addresses were designed for small organizations with a small number of attached hosts or



144

routers. Class D addresses were designed for multicasting. The class E addresses were reserved for future use. In classful addressing, a large part of the available addresses were wasted.

Net_id and Host_id

In classful addressing, an IP address in class A, B, or C is divided into net_id and host_id. These parts are of varying lengths, depending on the class of the address. Figure shows some net_id and host_id bytes. The net_id is in color, the host_id is in white. Note that the concept does not apply to classes D and E. In class A, one byte defines the net_id and three bytes define the host_id. In class B, two bytes define the net_id and two bytes define the host_id. In class C, three bytes define the net_id and one byte defines the host_id.

Mask

Although the length of the net_id and host_id (in bits) is predetermined in classful addressing, we can also use a mask (also called the default mask), a 32-bit number made of contiguous Is followed by contiguous as. The masks for classes A, B, and C are shown in Table 2. The concept does not apply to classes D and E.

Default masks for classful addressing

Class BinaryDotted-Decimal CIDR

A 11111111 00000000 00000000 00000000 255.0.0.0 18B 11111111 11111111 00000000 00000000 255.255.0.0 116C 11111111 11111111 11111111 00000000 255.255.255.0 124

The mask can help us to find the net_id and the host_id. For example, the mask for a class A address has eight Is, which



145

means the first 8 bits of any address in class A define the net_id; the next 24 bits define the host_id. The last column of Table 2 shows the mask in the form In where n can be 8, 16, or 24 in classful addressing. This notation is also called slash notation or Classless Interdomain Routing (CIDR) notation. The notation is used in classless addressing.

Subnetting

If an organization was granted a large block in class A or B, it could divide the addresses into several contiguous groups and assign each group to smaller networks (called subnets). Subnetting increases the number of Is in the mask.

Supernetting

In supernetting, an organization can combine several class C blocks to create a larger range of addresses. In other words, several networks are combined to create a supernetwork or a supemet. An organization can apply for a set of class C blocks instead of just one. For example, an organization that needs 1000 addresses can be granted four contiguous class C blocks. The organization can then use these addresses to create one supernetwork. Supernetting decreases the number of Is in the mask. For example, if an organization is given four class C addresses, the mask changes from /24 to /22.

Address Depletion

The flaws in classful addressing scheme combined with the fast growth of the Internet led to the near depletion of the available addresses. Yet the number of devices on the Internet is much less than the 232 address space. We have run out of class A and B addresses, and a class C block is too small for most midsize



146

organizations. One solution that has alleviated the problem is the idea of classless addressing.

Classfull addressing, which is almost obsolete, is replaced with classless addressing. Classless Addressing To overcome address depletion and give more organizations access to the Internet, classless addressing was designed and implemented. In this scheme, there are no classes, but the addresses are still granted in blocks.

Address Blocks

In classless addressing, when an entity, small or large, needs to be connected to the Internet, it is granted a block (range) of addresses. The size of the block (the number of addresses) varies based on the nature and size of the entity. For example, a household may be given only two addresses; a large organization may be given thousands of addresses. An ISP, as the Internet service provider, may be given thousands or hundreds of thousands based on the number of customers it may serve.

Restriction To simplify the handling of addresses, the Internet authorities impose three restrictions on classless address blocks:

1.The addresses in a block must be contiguous, one after another.

2.The number of addresses in a block must be a power of 2 (1, 2, 4, 8, ... ).

3.The first address must be evenly divisible by the number of addresses.

Why we migrate from IPV4 to IPV6?



147

•Despite all short-term solutions, such as subnetting, classless addressing, and NAT, address depletion is still a long-term problem in the Internet.

•The Internet must accommodate real-time audio and video transmission. This type of transmission requires minimum delay strategies and reservation of resources not provided in the IPv4 design.

•The Internet must accommodate encryption and authentication of data for some applications. No encryption or authentication is provided by IPv4.

To overcome these deficiencies, IPv6 (Inter-networking Protocol, version 6), also known as IPng (Inter-networking Protocol, next generation), was proposed and is now a standard.

Classes of IPV4 And IPV6 Addressing

Features of IPv6:

•Larger Address Space

•Aggregation-based address hierarchy - Efficient backbone routing

•Efficient and Extensible IP datagram

•Stateless Address Auto configuration

•Security (IPsec mandatory)

•Mobility

128-bit IPv6 Address:

8 groups of 16-bit hexadecimal numbers separated by “:”



148

Ex: 3FFE:085B:1F1F:0000:0000:0000:00A9:1234

Leading zeros can be removed and the above address can be represented as

3FFE:85B:1F1F::A9:1234

:: = all zeros in one or more group of 16-bit hexadecimal numbers.

Header comparison IPV6 and IPV4:

Removed (6)

•ID, flags, flag offset

•TOS, hlen

•header checksum

Changed (3)

•total length ⇒ payload

•protocol ⇒ next header

•TTL ⇒ hop limit

Added (2)

•traffic class



149

•flow label

Expanded

•address 32 to 128 bits

Major Improvements of IPv6 Header:

•No option field: Replaced by extension header. Result in a fixed length, 40-byte IP header.

•No header checksum: Result in fast processing.

•No fragmentation at intermediate nodes: Result in fast IP forwarding.

IPV6 Addressing

Lack of accommodation for real-time audio and video transmission, and encryption and authentication of data for some applications, have been the motivation for IPv6,

Structure

An IPv6 address consists of 16 bytes (octets); it is 128 bits long. An IPv6 address is 128 bits long.

Hexadecimal Colon Notation



150

To make addresses more readable, IPv6 specifies hexadecimal colon notation. In this notation, 128 bits is divided into eight sections, each 2 bytes in length. Two bytes in hexadecimal notation requires four hexadecimal digits. Therefore, the address consists of 32 hexadecimal digits, with every four digits separated by a colon, as shown in figure .

IPv6 address in binary and hexadecimal colon notation

Abbreviation

Although the IP address, even in hexadecimal format, is very long, many of the digits are zeros. In this case, we can abbreviate the address. The leading zeros of a section (four digits between two colons) can be omitted. Only the leading zeros can be dropped, not the trailing zeros .

Abbreviated IPv6 addresses

Using this form of abbreviation, 0074 can be written as 74, 000F as F, and 0000 as 0. Note that 3210 cannot be abbreviated.



151

Further abbreviations are possible if there are consecutive sections consisting of zeros only.

We can remove the zeros altogether and replace them with a double semicolon. Note that this type of abbreviation is allowed only once per address. If there are two runs of zero sections, only one of them can be abbreviated. Reexpansion of the abbreviated address is very simple: Align the unabbreviated portions and insert zeros to get the original expanded address.

Example 1

Expand the address 0:15::1:12:1213 to its original.

Solution

We first need to align the left side of the double colon to the left of the original pattern and the right side of the double colon to the right of the original pattern to find now many 0s we need to replace the double colon.

xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx

0:15:1:12:1213

This means that the original address is

0000:0015:0000:0000:0000:0001:0012:1213

Address Space

IPv6 has a much larger address space; 2128 addresses are available. The designers of IPv6 divided the address into several categories. A few leftmost bits, called the type prefix, in each address define its category. The type prefix is variable in length, but it is designed such that no code is identical to the first part of



152

any other code. In this way, there is no ambiguity; when an address is given, the type prefix can easily be determined.see

Unicast Addresses

A unicast address defines a single computer. The packet sent to a unicast address must be delivered to that specific computer. IPv6 defines two types of unicast addresses: geographically based and provider-based. The provider-based address is generally used by a normal host as a unicast address. The address format is shown in Figure .

Prefixes for provider-based unicast address

Fields for the provider-based address are as follows:

❖Type identifier. This 3-bit field defines the address as a provider-based address.

❖Registry identifier. This 5-bit field indicates the agency that has registered the address. Currently three registry centers have been defined. INTERNIC (code 11000) is the center for North America; RIPNIC (code 01000) is the center for European registration; and APNIC (code 10100) is for Asian and Pacific countries.



153

❖Provider identifier. This variable-length field identifies the provider for Internet access (such as an ISP). A 16-bit length is recommended for this field.

❖Subscriber identifier. When an organization subscribes to the Internet through a provider, it is assigned a subscriber identification. A 24-bit length is recommended for this field.

❖Subnet identifier. Each subscriber can have many different subnetworks, and each subnetwork can have an identifier. The subnet identifier defines a specific subnetwork under the territory of the subscriber. A 32-bit length is recommended for this field.

❖Node identifier. The last field defines the identity of the node connected to a subnet. A length of 48 bits is recommended for this field to make it compatible with the 48-bit link (physical) address used by Ethernet. In the future, this link address will probably be the same as the node physical address.

Multicast Addresses

Multicast addresses are used to define a group of hosts instead of just one. A packet sent to a multicast address must be delivered to each member of the group. figure shows the format of a multicast address.

Multicast address in IPv6



154

The second field is a flag that defines the group address as either permanent or transient. A permanent group address is defined by the Internet authorities and can be accessed at all times. A transient group address, on the other hand, is used only temporarily. Systems engaged in a teleconference, for example, can use a transient group address. The third field defines the scope of the group address.

Anycast Addresses

IPv6 also defines anycast addresses. An anycast address, like a multicast address, also defines a group of nodes. However, a packet destined for an anycast address is delivered to only one of the members of the anycast group, the nearest one (the one with the shortest route). Although the definition of an anycast address is still debatable, one possible use is to assign an anycast address to all routers of an ISP that covers a large logical area in the Internet. The routers outside the ISP deliver a packet destined for the ISP to the nearest ISP router. No block is assigned for anycast addresses.

Reserved Addresses

Another category in the address space is the reserved address. These addresses start with eight 0s (type prefix is 00000000). A few subcategories are defined in this category, as shown in Figure .



155

Reserved addresses in IPv6

An unspecified address is used when a host does not know its own address and sends an inquiry to find its address. A loop back address is used by a host to test itself without going into the network. A compatible address is used during the transition from IPv4 to IPv6. It is used when a computer using IPv6 wants to send a message to another computer using IPv6, but the message needs to pass through a part of the network that still operates in IPv4. A mapped address is also used during transition. However, it is used when a computer that has migrated to IPv6 wants to send a packet to a computer still using IPv4.

Local Addresses

These addresses are used when an organization wants to use IPv6 protocol without being connected to the global Internet. In other words, they provide addressing for private networks. Nobody outside the organization can send a message to the nodes using these addresses. Two types of addresses are defined for this purpose, as shown in figure .



156

Local addresses in IPv6

A link local address is used in an isolated subnet; a site local address is used in an isolated site with several subnets.

3.5 Multicast routing (DVMRP, PIM)

IP multi-casting is a communication mechanism in which data is communicated from server to a set of clients who are interested in receiving that data. Any client can dynamically enter or leave the communication.

PIM(Protocol Independent Multicast)

Scalability.(problem of previous protocols)

This situation is sufficiently common that PIM divides the problem space into

―sparse model and ―dense mode.

In PIM sparse mode (PIM-SM), routers explicitly join and leave the multicast group using PIM protocol messages known as Join and Prune messages.

The question that arises is where to send those messages. To address this, PIM assigns a rendezvous point (RP) to each group. In general, a number of routers in a domain are configured to be candidate RPs, and PIM defines a set of procedures by which all the routers in a domain can agree on the router to use as the RP for a given group.

These procedures are rather complex, as they must deal with a wide variety of scenarios, such as the failure of a candidate RP



157

and the partitioning of a domain into two separate networks due to a number of link or node failures.

For the rest of this discussion, we assume that all routers in a domain know the unicast IP address of the RP for a given group.

A multicast forwarding tree is built as a result of routers sending Join messages to the RP. PIM-SM allows two types of trees to be constructed:a shared tree, which may be used by all senders, and a source-specific tree, which may be used only by a specific sending host.

The normal mode of operation creates the shared tree first, followed by one or more source-specific trees if there is enough traffic to warrant it.

Because building trees installs state in the routers along the tree, it is important that the default is to have only one tree for a group, not one for every sender to a group.

PIM operation:

(a) R4 sends Join to RP and joins shared tree.

(b) R5 joins shared tree.

(c) RP builds source-specific tree to R1 by sending Join to R1.

(d) R4 and R5 build source-specific tree to R1 by sending Joins to R1.



158

Operation of PIM

When a router sends a Join message toward the RP for a group G, it is sent using normal IP unicast transmission. This is illustrated in Figure, in which router R4 is sending a Join to the rendezvous point for some group.

The ini?al Join message is ―wildcarded; that is, it applies to all senders. A Join message clearly must pass through some sequence of routers before reaching the RP (e.g., R2). Each router along the path looks at the Join and creates a forwarding table entry for the shared tree, called a

(*, G) entry (* meaning ―all senders).

As more routers send Joins toward the RP, they cause new branches to be added to the

tree, as illustrated in figure . Note that in this case, the Join only needs totravel to R2, which can add the new branch to the tree simply by adding a new outgoing interface to the forwarding table entry created for this group. R2 need not forward the Join on to the RP. Note also that the end result of this process is to build a tree whose root is the RP.



159

At this point, suppose a host wishes to send a message to the group. To do so, it constructs a packet with the appropriate multicast group address as its destination and sends it to a router on its local network known as the designated router (DR).

Thus, in figure , we see a source-specific route from R1 to the RP (indicated by the dashed line) and a tree that is valid for all senders from the RP to the receivers (indicated by the colored line).

PIM routing

Delivery of a packet along a shared tree. R1 tunnels the packet to the RP, which forwards it along the shared tree to R4 and R5.

Optimal Routing: Shortest Path Trees

The process of optimal inter domain routing eventually results in the finding of the shortest path tree. The root of the tree is the source, and the leaves are the potential destinations. The path from the root to each destination is the shortest path. However, the number of trees and the formation of the trees in unicast and multicast routing are different. Let us discuss each separately.



160

Unicast Routing In unicast routing, when a router receives a packet to forward, it needs to find the shortest path to the destination of the packet. The router consults its routing table for that particular destination. The next-hop entry corresponding to the destination is the start of the shortest path. The router knows the shortest path for each destination, which means that the router has a shortest path tree to optimally reach all destinations. In other words, each line of the routing table is a shortest path; the whole routing table is a shortest path tree. In unicast routing, each router needs only one shortest path tree to forward a packet; however, each router has its own shortest path tree. figure shows the situation.

The figure shows the details of the routing table and the shortest path tree for router R1. Each line in the routing table corresponds to one path from the root to the corresponding network. The whole table represents the shortest path tree. In unicast routing, each router in the domain has a table that defines a shortest path tree to possible destinations.

Multicast Routing When a router receives a multicast packet, the situation is different from when it receives a unicast packet. A multicast packet may have destinations in more than one network. Forwarding of a single packet to members of a group requires a shortest path tree. If we have n groups, we may need n shortest path trees. We can imagine the complexity of multicast routing. Two approaches have been used to solve the problem: source-based trees and group-shared trees.



161

Shortest path tree in unicast routing

❖Source-Based Tree. In the source-based tree approach, each router needs to have one shortest path tree for each group. The shortest path tree for a group defines the next hop for each network that has loyal member(s) for that group. In figure , we assume that we have only five groups in the domain: G1, G2, G3, G4, and G5. At the moment G1 has loyal members in four networks, G2 in three, G3 in two, G4 in two, and G5 in two. We have shown the names of the groups with loyal members on each network. figure also shows the multicast routing table for router R1. There is one shortest path tree for each group; therefore there are five shortest path trees for five groups. If router R1 receives a packet with destination address G1, it needs to send a copy of the packet to the attached network, a copy to router R2, and a copy to router R4 so that all members of G1 can receive a copy. In this approach, if the number of groups is m, each router needs to have m shortest path trees, one for each group. In the source-based tree approach, each router needs to have one shortest path tree for each group.



162

Source-based tree approach

❖Group-Shared Tree. In the group-shared tree approach, instead of each router having m shortest path trees, only one designated router, called the center core, or rendezvous router, takes the responsibility of distributing multicast traffic. The core has m shortest path trees in its routing table. The rest of the routers in the domain have none. If a router receives a multicast packet, it encapsulates the packet in a unicast packet and sends it to the core router. The core router removes the multicast packet from its capsule, and consults its routing table to route the packet. Figure shows the idea.

Group-shared tree approach

DVMRP

Distance-vector routing, which we discussed in Section 4.2.2 for unicast, can be extended to support multicast. The resulting protocol is called Distance Vector Multicast Routing Protocol, or



163

DVMRP. DVMRP was the first multicast routing protocol to see widespread use.

Recall that, in the distance vector algorithm, each router maintains a table of _Destination, Cost, NextHop_ tuples, and exchanges a list of _Destination, Cost_ pairs with its directly connected neighbors. Extending this algorithm to support multicast is a two-stage process.

First, we create a broadcast mechanism that allows a packet to be forwarded to all the networks on the internet. Second, we need to refine this mechanism so that it prunes back networks that do not have hosts that belong to the multicast group. Consequently, DVMRP is one of several multicast routing protocols described as flood-and-prune protocols.

Given a unicast routing table, each router knows that the current shortest path to a given destination goes through NextHop. Thus, whenever it receives a multicast packet from source S, the router forwards the packet on all outgoing links (except the one on which the packet arrived) if and only if the packet arrived over the link that is on the shortest path to S (i.e., the packet came from the NextHop associated with S in the routing table). This strategy effectively floods packets outward from S, but does not loop packets back toward S.

There are two major shortcomings to this approach. The first is that it truly floods the network; it has no provision for avoiding LANs that have no members in the multicast group. We address this problem below. The second limitation is that a given packet will be forwarded over a LAN by each of the routers connected to that LAN.

This is due to the forwarding strategy of flooding packets on all links other than the one on which the packet arrived, without



164

regard to whether or not those links are part of the shortest-path tree rooted at the source. The solution to this second limitation is to eliminate the duplicate broadcast packets that are generated when more than one router is connected to a given LAN.

One way to do this is to designate one router as the “parent” router for each link, relative to the source, where only the parent router is allowed to forward multicast packets from that source over the LAN. The router that has the shortest path to source S is selected as the parent; a tie between two routers would be broken according to which router has the smallest address.

A given router can learn if it is the parent for the LAN (again relative to each possible source) based upon the distance-vector messages it exchanges with its neighbors. Notice that this refinement requires that each router keep, for each source, a bit for each of its incident links indicating whether or not it is the parent for that source/link pair. Keep in mind that in an internet setting, a “source” is a network, not a host, since an internet router is only interested in forwarding packets between networks.

The resulting mechanism is sometimes called reverse path broadcast (RPB) or reverse path forwarding (RPF). The path is “reverse” because we are considering the shortest path toward the source when making our forwarding decisions, as compared to unicast routing, which looks for the shortest path to a given destination. The RPB mechanism just described implements shortest-path broadcast. We now want to prune the set of networks that receives each packet addressed to group G to exclude those that have no hosts that are members of G.



165

This can be accomplished in two stages. First, we need to recognize when a leaf network has no group members. Determining that a network is a leaf is easy—if the parent router as described above is the only router on the network, then the network is a leaf.

Determining if any group members reside on the network is accomplished by having each host that is a member of group G periodically announce this fact over the network, as described in our earlier description of link-state multicast. The router then uses this information to decide whether or not to forward a multicast packet addressed to G over this LAN.

The second stage is to propagate this “no members of G here” information up the shortest-path tree. This is done by having the router augment the _ Destination, Cost _ pairs it sends to its neighbors with the set of groups for which the leaf network is interested in receiving multicast packets.

This information can then be propagated from router to router, so that for each of its links, a given router knows for what groups it should forward multicast packets. Note that including all of this information in the routing update is a fairly expensive thing to do. In practice, therefore, this information is exchanged only when some source starts sending packets to that group.

In other words, the strategy is to use RPB, which adds a small amount of overhead to the basic distance-vector algorithm, until a particular multicast address becomes active. At that time, routers that are not interested in receiving packets addressed to that group speak up, and that information is propagated to the other routers.



166

UNIT IVTRANSPORT LAYER

Overview of Transport layer - UDP - Reliable byte stream (TCP) -Connection management - Flow control - Retransmission – TCP Congestion control - Congestion avoidance (DECbit, RED) – QoS –Application requirements

4.1 Overview of Transport layer

The Transport Layer is responsible for end-to-end data transport

Primary functions include:

Provision of connection oriented or connection less service.

Disassembling and reassembling data.

Setup and release of connections across the network.

Services provided by Internet transport protocols

Differentiate connection oriented and connectionless protocols.

In a connection-oriented protocol, the decision about the route of a sequence of packets with the same source and destination addresses can be made only once, when the connection is established. Switches do not recalculate the route for each individual packet.

In connectionless service, the network layer protocol treats each packet independently, with each packet having no relationship



167

to any other packet. The packets in a message mayor may not travel the same path to their destination.

TCP service:

• Connection- oriented: setup required between client, server

• Reliable transport between sending and receiving process

• Flow control: sender won’t overwhelm receiver

• Congestion control: throttle sender when network overloaded

• Does not provide: timing, minimum bandwidth

UDP service:

• Unreliable data transfer between sending and receiving process.

• Does not provide: connection setup, reliability, flow control, congestion control, timing, or bandwidth guarantee guarantees.

4.2 UDP

User Data gram Protocol (UDP) is a connectionless, unreliable transport protocol.

It does not add anything to the services of IP except process-to-process communication.

UDP is a simple multiplexer/demultiplexer that allow multiple processes on each host to share the network.

UDP does not implement flow control or reliable/ordered delivery.



168

UDP ensures delivering of message to the intended recipient by the use of checksum. If a process wants to send a small message and does not require reliability, UDP is used.

Port Number

Each process is assigned a unique 16-bit port number on that host. Processes are identified by (host, port) pair.

Processes can be classified as either as client / server.

Client process usually initiates exchange of information with the server

Server process is identified by a well-known port number (0 –1023).

Client process is assigned an ephemeral port number (49152 –65,535) by operating system.

Some well known UDP ports are:

Port Protocol

7 Echo

13Daytime

53DNS

111 RPC

161 SNMP

Ports are usually implemented as a message queue.

o When a message arrives, UDP appends the message to the end of the queue.



169

o When queue is full, the message is discarded.

o When a message is read, it is removed from the queue.

o When queue is empty the process is blocked.

Working of UDP

User Data gram

UDP packets, called user data grams, have a fixed-size header of 8 bytes. figure shows the format of a user data gram.

The fields are as follows:

•Source port number. This is the port number used by the process running on the source host. It is 16 bits long, which means that the port number can range from 0 to 65,535. If the source host is the client (a client sending a request), the port number, in most cases, is an ephemeral port number requested by the process and chosen by the UDP software running on the source host. If the source host is the server (a server sending a



170

response), the port number, in most cases, is a well-known port number.

User datagram format

•Destination port number. This is the port number used by the process running on the destination host. It is also 16 bits long. If the destination host is the server (a client sending a request), the port number, in most cases, is a well-known port number. If the destination host is the client (a server sending a response), the port number, in most cases, is an ephemeral port number. In this case, the server copies the ephemeral port number it has received in the request packet.

•Length. This is a 16-bit field that defines the total length of the user datagram, header plus data. The 16 bits can define a total length of 0 to 65,535 bytes. However, the total length needs to be much less because a UDP user datagram is stored in an IP datagram with a total length of 65,535 bytes.

The length field in a UDP user datagram is actually not necessary. A user datagram is encapsulated in an IP datagram. There is a field in the IP datagram that defines the total length. There is another field in the IP datagram that defines the length of the header. So if we subtract the value of the second field from the first, we can deduce the length of a UDP datagram that is encapsulated in an IP datagram.

UDP length = IP length − IP header’s length



171

However, the designers of the UDP protocol felt that it was more efficient for the destination UDP to calculate the length of the data from the information provided in the UDP user datagram rather than ask the IP software to supply this information. We should remember that when the IP software delivers the UDP user datagram to the UDP layer, it has already dropped the IP header.

•Checksum. This field is used to detect errors over the entire user datagram (header plus data).

Applications

UDP is used for management processes such as SNMP.

UDP is used for some route updating protocols such as RIP. UDP is a suitable transport protocol for multicasting.

UDP is suitable for a process with internal flow and error control mechanisms such as Trivial File Transfer Protocol (TFTP).

Bring out the classification of port numbers.

Well-known ports range from 0 to 1023 are assigned and controlled by IANA.

Registered ports range from 1024 to 49,151 are not assigned or controlled by IANA. They can only be registered with IANA to prevent duplication.

Ephemeral (dynamic) ports range from 49,152 to 65,535 is neither controlled nor registered. It is usually assigned to a client process by the operating system.

4.3 Reliable byte stream (TCP)



172

TCP is a reliable, point-to-point, connection-oriented, full-duplex protocol.

TCP supports demultiplexing mechanism for process-to-process communication.

TCP has built-in congestion-control mechanism, i.e., sender is prevented from overloading the network.

Process-to-Process Communication

Like UDP, TCP provides process-to-process communication. A TCP connection is identified a 4-tuple (SrcPort, SrcIPAddr, DstPort, DstIPAddr).

Some well-known port numbers used by TCP are

Port Protocol

23 TELNET

25 SMTP

80 HTTP

TCP Services:

Services offered by TCP are:

1.Stream delivery Service

2.Full duplex service

3.Connection - Oriented services

4.Reliable Service

5.Flow Control



173

6.Error Control

7.Congestion control

1.Stream delivery Service:

The establishes a connection between the sender and the receiver (Imagine it as a bridge that connects only the sender and the receiver)

The sender process sends data as a stream of bytes and the receiver process receives it in the same order as stream of bytes.

Buffers:

The sending process and receiving process vary in their speed of producing and consuming. So a circular array of 1 byte locations (buffer) is used in the sender side and also in receiver side for storage.

Sending buffer:

Sending buffer has three locations.

1.Bytes to be sent.

2.Bytes sent but not acknowledged.

3.Empty location.

Receiving buffer:



174

Receiving buffer has two locations.

1.Bytes to be processed by the receiver.

2.Empty locations.

Sending Buffer:

Empty locations are used by the sending process to store the next byte to be sent to the receiver.

TCP Buffer

Receiver Buffer:

Empty locations are used to store the next byte received from sender.

Segments:

IP layer is the service provider for TCP. It sends data as packets, not as stream of bytes so TCP encapsulates group of bytes into segments and deliver the segments to IP. The segments are encapsulated in IP data gram and then transmitted.

The unit of data transfer using TCP is called segment.

TCP Segments

Segment



175

A packet in TCP is called a segment.

Format

The format of a segment is shown in figure .

TCP segment format

The segment consists of a 20- to 60-byte header, followed by data from the application program. The header is 20 bytes if there are no options and up to 60 bytes if it contains options.

Source port address. This is a 16-bit field that defines the port number of the application program in the host that is sending the segment. This serves the same purpose as the source port address in the UDP header.

Destination port address. This is a 16-bit field that defines the port number of the application program in the host that is receiving the segment. This serves the same purpose as the destination port address in the UDP header.

Sequence number. This 32-bit field defines the number assigned to the first byte of data contained in this segment. As we said before, TCP is a stream transport protocol. To ensure connectivity, each byte to be transmitted is numbered. The



176

sequence number tells the destination which byte in this sequence comprises the first byte in the segment. During connection establishment, each party uses a random number generator to create an initial sequence number (ISN), which is usually different in each direction.

Acknowledgment number. This 32-bit field defines the byte number that the receiver of the segment is expecting to receive from the other party. If the receiver of the segment has successfully received byte number xfrom the other party, it defines x + 1 as the acknowledgment number. Acknowledgment and data can be piggybacked together.

Header length. This 4-bit field indicates the number of 4-byte words in the TCP header. The length of the header can be between 20 and 60 bytes. Therefore, the value of this field can be between 5 (5 × 4 = 20) and 15 (15× 4 = 60).

Reserved. This is a 6-bit field reserved for future use.

Control. This field defines 6 different control bits or flags as shown in figure . One or more of these bits can be set at a time.

Control field

These bits enable flow control, connection establishment and termination, connection abortion, and the mode of data transfer in TCP. A brief description of each bit is shown in Table.

Description of flags in the control field

Flag Description



177

URG The value of the urgent pointer field is valid.ACK The value of the acknowledgment field is valid.PSH Push the data.RST Reset the connection.SYN Synchronize sequence numbers during connection.FIN Terminate the connection.

•Window size. This field defines the size of the window, in bytes, that the other party must maintain. Note that the length of this field is 16 bits, which means that the maximum size of the window is 65,535 bytes. This value is normally referred to as the receiving window (rwnd) and is determined by the receiver. The sender must obey the dictation of the receiver in this case.

•Checksum. This 16-bit field contains the checksum. The calculation of the checksum for TCP follows the same procedure as the one described for UDP. However, the inclusion of the checksum in the UDP datagram is optional, whereas the inclusion of the checksum for TCP is mandatory. The same pseudo header, serving the same purpose, is added to the segment. For the TCP pseudo header, the value for the protocol field is 6.

•Urgent pointer. This 16-bit field, which is valid only if the urgent flag is set, is used when the segment contains urgent data. It defines the number that must be added to the sequence number to obtain the number of the last urgent byte in the data section of the segment.

•Options. There can be up to 40 bytes of optional information in the TCP header.

Problem:



178

Suppose a TCP connection is transferring a file of 5000 bytes. The first byte is numbered 10,001. What are the sequence numbers for each segment if data are sent in five segments, each carrying 1000 bytes?

Segment 1 → Sequence Number: 10,001 (range: 10,001 to 11,000)





4.4 Connection management

Connection Establishment

The connection establishment in TCP is called three-way handshaking

1. The client (active participant) sends a segment to the server (passive participant) stating the initial sequence number it is to use (Flags = SYN, SequenceNum = x).

2. The server responds with a single segment that both acknowledges the client’s sequence number (Flags = ACK, Ack = x + 1) and states its own beginning sequence number (Flags = SYN, SequenceNum = y).



179

TCP connection establishment

State Transition Diagram

The states involved in opening and closing a connection is shown above and below ESTABLISHED state respectively.

The operation of sliding window (i.e., retransmission) is not shown. The two events that trigger a state transition is:

o A segment arrives from its peer.

o The local application process invokes an operation on TCP.

TCP’s state transition diagram defines the semantics of both its peer-to-peer interface and its service interface.



180

State transition diagram

Opening

1. The server first invokes a passive open on TCP, which causes TCP to move to LISTEN state

2. Later, the client does an active open, which causes its end of the connection to send a SYN segment to the server and to move to the SYN_SENT state.

3. When the SYN segment arrives at the server, it moves to SYN_RCVD state and responds with a SYN + ACK segment.

4. The arrival of this segment causes the client to move to the ESTABLISHED state and to send an ACK back to the server.

5. When this ACK arrives, the server finally moves to the ESTABLISHED state.



181

a. Even if the client's ACK gets lost, sever will move to ESTABLISHED state when the first data segment from client arrives.

Closing

In TCP, the application process on both sides of the connection can independently close its half of the connection or simultaneously.

Three combinations of transitions from ESTABLISHED to CLOSED state are possible.

3-way Hand shake:

Connection - Oriented Service:

TCP provides connection oriented service between the sender(s) and Receiver(R).

Steps in Connection - Oriented Service:

1.S’s TCP and R’s TCP communicates and R’s approval is got (connection Establishment).

2.After connection is established between S & R the data can be sent and received between S & R.

3.After all data are completely sent by both the process in sender (S) & receiver (R) the buffers are cleared. (Connection termination)

Connection Establishment:

Connection can be established as three steps called three way handshake.



182

Connection establishment in 3-way hand shaking

Step - 1: Segment 1

The client sends a first SYN segment which contains: - source & destination port numbers and Initialization sequence numbers (ISN).

Destination port no. - defines the server to which the client wants to get connected.

Initialization sequences no. - used for assigning no. to the bytes sent from client to server.

Step 2: Segment 2

The server sends a SYN and ACK together.

SYN is sent to define the client window size and to define the ISN used in the server side.

ACK - is sent for the successful receipt of the SYN segment, sent in step 1.

Step 3: Segment 3



183

The client sends the ack for the segment 2 sent in step 2.

Connection Termination:

After Sending the data in both directions the connection can be terminated by both client and the server.

The connection is terminated in both the directions in four steps. They are

Step 1:

The Client sends a FIN segment.

Step 2:

Server sends an ACK for the FIN segment sent in Step 1.

Step 3:

The server sends a FIN segment if it has no more data to send to the client.

Step 4:

The client acknowledges the FIN sent in Step 2 by sending an ACK segment.



184

Connection termination

Connection Resetting:

The established connection can be destroyed in three situations.

1.The TCP from client / server has requested a connection to an port that is not existing.

2.One TCP can abort the connection because of some abnormal Situation.

3.The TCP on one side identifies that the other side TCP is idle for a long time.

4.In all the cases RST segment is used to destroy the current connection

Four-way Half-Close

In TCP, one end can stop sending data while still receiving data, known as half-close. For instance, submit its data to the server initially for processing and close its connection.



185

At a later time, the client receives the processed data from the server.

1. The client TCP half-closes the connection by sending a FIN segment.

2. The server TCP accepts the half-close by sending the ACK segment. The data transfer from the client to the server stops.

3. The server can send data to the client and acknowledgement can come from the client.

4. When the server has sent all the processed data, it sends a FIN segment to the client.

5. The FIN segment is acknowledged by the client.

Sending and receiving pockets using Four-way Half-Close

4.5 Flow control

Flow control coordinates that amount of data that can be sent before receiving ACK It is one of the most important duties of the data link layer.

Error control



186

Error control in the data link layer is based on ARQ (automatic repeat request), which is the retransmission of data.

The term error control refers to methods of error detection and retransmission.

Anytime an error is detected in an exchange, specified frames are retransmitted. This process is called ARQ.

Control

The capacity of send and receiver buffer is MaxSendBuffer and MaxRcvBuffer respectively.

The sending TCP prevents overflowing of its buffer by maintaining

LastByteWritten LastByteAcked MaxSendBuffer

The receiving TCP avoids overflowing its receive buffer by maintaining

LastByteRcvd LastByteRead MaxRcvBuffer

The receiver throttles the sender by advertising a window that is no larger than the amount of free space that it can buffer as

AdvertisedWindow = MaxRcvBuffer ((NextByteExpected 1) LastByteRead)

When data arrives, the receiver acknowledges it as long as preceding bytes have arrived.

o LastByteRcvd moves to its right (incremented), and the advertised window shrinks



187

The advertised window expands when the data is read by the application

o It data is read as fast as it arrives then AdvertisedWindow = MaxRcvBuffer

o If it is read slow, it eventually leads to a AdvertisedWindow of size 0.

The sending TCP adheres to the advertised window by computing effective window, that limits how much data it should send as

EffectiveWindow = AdvertisedWindow (LastByteSent LastByteAcked)

When a acknowledgement arrives for x bytes, LastByteAcked is incremented by x and the buffer space is freed accordingly.

Fast Sender vs. Slow Receiver

A slow receiver prevents being swamped with data from a fast receiver by using AdvertisedWindow field.

Initially the fast sender transmits at a higher rate.

The receiver's buffer gets filled up. Hence, Advertised Window shrinks, eventually to 0.

When the receiver advertises window of size 0, sender cannot transmit any further data. Therefore, the TCP at the sender blocks the sending process.

When the receiving process reads some data, those bytes are acknowledged. Thus the Advertised Window expands.



188

The LastByteAcked is incremented and buffer space is freed to that extent, The sending process becomes unblocked and is allowed to fill up the free space.

Checking Advertised Window status

TCP always sends a segment in response that contains the latest values for the

Acknowledge and Advertised Window fields, even if these values have not changed.

Thus the sender can come to know the status of Advertised Window even after the receiver advertises a window of size 0.

Advertised Window

The TCP's Advertised Window field is 16 bits long, half the size of SequenceNum The length of 16-bits ensures that it does not wrap around.

The length of Advertised Window is designed such that it allows the sender to keep the pipe full.

The 16-bit length also accounts for product of delay × bandwidth.

4.6 Retransmission

Retransmission

The heart of the error control mechanism is the retransmission of segments. When a segment is corrupted, lost, or delayed, it is retransmitted. In modern implementations, a segment is retransmitted.



189

It occurs, when a retransmission timer expires or when the sender receives three duplicate ACKs. In modern implementations, a retransmission occurs if the retransmission timer expires or three duplicate ACK segments have arrived. Note that no retransmission occurs for segments that do not consume sequence numbers. In particular, there is no transmission for an ACK segment. No retransmission timer is set for an ACK segment.

Retransmission After RTO A recent implementation of TCP maintains one retransmission time-out (RTO) timer for all outstanding (sent, but not acknowledged) segments. When the timer matures, the earliest outstanding segment is retransmitted even though lack of a received ACK can be due to a delayed segment, a delayed ACK, or a lost acknowledgment. Note that no time-out timer is set for a segment that carries only an acknowledgment, which means that no such segment is resent. The value of RTO is dynamic in TCP and is updated based on the round-trip time (RTT) of segments. An RTI is the time needed for a segment to reach a destination and for an acknowledgment to be received.

Retransmission After Three Duplicate ACK Segments The previous rule about retransmission of a segment is sufficient if the value of RTO is not very large. Sometimes, however, one segment is lost and the receiver receives so many out-of-order segments that they cannot be saved (limited buffer size). To alleviate this situation, most implementations today follow the three-duplicate-ACKs rule and retransmit the missing segment immediately.

Original Algorithm



190

TCP estimates SampleRTT by computing the duration between sending of a packet and arrival of its ACK.

TCP then computes EstimatedRTT as a weighted average between the previous and current estimate as

EstimatedRTT = × EstimatedRTT + (1 ) × SampleRTT

where is the smoothening factor and its value is in the range

0.8–0.9 Timeout is twice the EstimatedRTT

TimeOut = 2 × EstimatedRTT

Karn/Partridge Algorithm

The flaw discovered in original algorithm after years of use is

o whether ACK should be associated with the original or retransmission segment .

o If ACK is associated with original one, then SampleRTT becomes too large.

o If ACK is associated with retransmission, then SampleRTT becomes too small.

Karn algorithm packet flow

Karn/Partridge proposed a solution to the above by making changes to the timeout mechanism.



191

Each time TCP retransmits, it sets the next timeout to be twice the last timeout.

o Loss of segments is mostly due to congestion and hence TCP source does not react aggressively to a timeout.

Jacobson/Karels Algorithm

The main problem with original algorithm is that variance of the sample RTTs is not taken into account

o if variation among samples is small, then EstimatedRTT can be trusted.

o Otherwise timeout should not be tightly coupled with the EstimatedRTT.

In this new approach, the sender measures a new SampleRTT as before. The Deviation amongst RTTs is computed as follows:

Difference = SampleRTT EstimatedRTT

EstimatedRTT = EstimatedRTT + ( × Difference)

Deviation = Deviation + ( |Difference| Deviation)

where is a fraction between 0 and 1

TCP now computes TimeOut as a function of both EstimatedRTT and Deviation as listed:

TimeOut = × EstimatedRTT + × Deviation

where = 1 and = 4 usually

When variance is small, difference between TimeOut and EstimatedRTT is negligible.



192

When variance is larger, Deviation plays a greater role in deciding TimeOut.

4.7 TCP Congestion control

Congestion Control:

To avoid congestion sender TCP has two strategies

1.Slow start and additive increase.

2.Multiplicative decrease.

Congestion

If number of packets sent to the network is greater than the capacity of the network then congestion access in the network.

So to avoid and prevent congestion several congestion control techniques and mechanisms are adopted.

The congestion control mechanisms are divided into open loop and closed loop mechanisms.

Open loop mechanisms prevent congestion before congestion occurs.

Closed loop mechanisms removes the congestion after it had happened.

Open loop congestion control:

Congestion control is implemented in source or destination.

The policies that can prevent congestion are:

1.Retransmission policy



193

2.Window policy

3.Acknowledgement policy

4.Discarding policy

5.Admission policy

1.Retransmission Policy:

If a packet is lost or corrupted, the same packet is retransmitted. This retransmission generally increases congestion. So the retransmission policy should be designed in such a way that it prevents congestion.

Example: TCP’s retransmission policy prevents congestion.

2.Window Policy:

The window in go back N is worser than selective Repeat ARQ’s window.

In go back N all the frames in the window are resent. Where as in selective repeat only the damaged frame is alone reset.

So the type of window in the sender side affects congestion.

3.Acknowledgment Policy:

If every packet is acknowledged then the network is congested.

Instead the receiver can acknowledge N packets at a time to avoid congestion.

Example: The receiver can send only one ack (ack 7) after receiving the packets 0, 1 to 6. So for 7 packets only one ack is sent by the receiver which reduces congestion.



194

4.Discarding Policy:

The route can discard packets, but integrity of transmission is preserved.

Example: In audio transmission less sensitive packets are discarded by the routers if congestion is likely to occur.

5.Admission Policy:

A route can prevent establishing a new connection if there is congestion or possibility of congestion.

Closed Loop Congestion control

- Used to alleviate congestion after it happens.

Back Pressure(router con):

-Inform the previous upstream router.

Choke point:

-Packet sent by router to Source.

Implicit Signaling:

-Source can detect

Explicit Signaling:

-Routers inform sender

Backward Signaling:

-Warn the Source (opp dir)

Forward Signaling:



195

-Warn the Destination

TCP in congestion Control:

TCP uses the slow start algorithm for congestion control, additive increase algorithm for congestion avoidance, multiplicative decrease for congestion detection.

Slow start algorithm (congestion control):

The sender window size which has more impact over congestion is set from the minimum of congestion window (cw) and receiver window (rw).

First one segment is sent and if its ack is received correctly then the window size (cw) grows exponentially, so after receiving ack for segment 1 the cw = 21 = 2 then after sending segment 2, 3 ack for segment 2 and 3 are received. Now cw increased to 22 = 4 (segment 4, 5, 6, 7 can be sent). This exponential growth of window size stops when it reaches a threshold value in order to avoid congestion.

Additive Increase (Congestion Avoidance):

When cw value reaches the slow start threshold, the cw value starts to increase using additive algorithm.

When the segments in the whole window is acknowledged the cw value is increased by 1.

Slow Start Additive Increase



196

Additive Increase

Multiplicative decrease (Congestion detection)

If any ack doesn’t reach within specified time or only some ack was received, the sender assumes that the congestion has occurred. So the threshold is set to half of the current window size and then either slow start phase is started or congestion avoidance phase is started.

Traffic Shaping

• Traffic shaping controls the rate at which packets are sent (not just how many)

• At connection set-up time, the sender and carrier negotiate a traffic pattern

• Two traffic shaping algorithms are:

– Leaky Bucket

– Token Bucket

The Leaky Bucket Algorithm



197

• The Leaky Bucket Algorithm used to control rate in a network. It is implemented as a single-server queue with constant service time. If the bucket (buffer) overflows then packets are discarded.

• The leaky bucket enforces a constant output rate regardless of the burstiness of the input. Does nothing when input is idle.

• The host injects one packet per clock tick onto the network. This results in a uniform flow of packets, smoothing out bursts and reducing congestion.

• When packets are the same size (as in ATM cells), the one packet per tick is okay.

For variable length packets though, it is better to allow a fixed number of bytes per tick.

Token Bucket Algorithm

• In contrast to the LB, the Token Bucket (TB) algorithm, allows the output rate to vary, depending on the size of the burst.

• In the TB algorithm, the bucket holds tokens. To transmit a packet, the host must capture and destroy one token.

• Tokens are generated by a clock at the rate of one token every t sec.

• Idle hosts can capture and save up tokens (up to the max. size of the bucket) in order to send larger bursts later.

Token bucket operation

• TB accumulates fixed size tokens in a token bucket



198

• Transmits a packet (from data buffer, if any are there) or arriving packet if the sum of the token sizes in the bucket add up to packet size

• More tokens are periodically added to the bucket (at rate t). If tokens are to be added when the bucket is full, they are discarded.

4.8 Congestion avoidance (DEC bit, RED)

Congestion avoidance mechanisms prevent congestion before it actually occurs.

When congestion is likely to occur, TCP decreases load on the network.

TCP creates loss of packets in order to determine bandwidth of the connection The three congestion-avoidance mechanisms are:

1. DECbit

2. Random Early Detection (RED)

3. Source-based congestion avoidance

DECbit

It was developed for use on Digital Network Architecture

In DEC bit, each router monitors the load it is experiencing and explicitly notifies the end node when congestion is about to occur by setting a binary congestion bit called DECbit in packets that flow through it.

The destination host copies the DECbit onto the ACK and sends back to the source.



199

Eventually the source reduces its transmission rate and congestion is avoided.

Algorithm

A single congestion bit is added to the packet header.

A router sets this bit in a packet if its average queue length is 1.

The average queue length is measured over a time interval that spans the last busy + last idle cycle + current busy cycle.

Router calculates average queue length by dividing the curve area by time interval.

DECbit congesion avoidance graph

The source computes how many ACK has DEC bit set for the previous window packets it has sent.

1. If it is less than 50% then source increases its congestion window by 1 packet.

2. Otherwise, source decrease the congestion window by 87.5%.

Random Early Detection (RED)

This technique Proposed by Floyd and Jackson.



200

In RED, router implicitly notifies the source that congestion is likely to occur by dropping one of its packets.

The source is notified by timeout or duplicate ACK.

The router drops a few packets earlier before it runs out of space, so that it need not drop more packets later.

Each incoming packet is dropped with a probability known as drop probability when the queue length exceeds drop level.

Algorithm

RED computes average queue length using a weighted running average as follows:

AvgLen = (1 Weight) × AvgLen + Weight × SampleLen

o where 0 < Weight < 1 and SampleLen is length of the queue when a sample measurement is made.

o The weighted running average detects long-lived congestion.

RED has two queue length thresholds MinThreshold and MaxThreshold. When a packet arrives at the gateway, RED compares the current AvgLen with these thresholds and decides whether to queue or drop the packet as follows:

if AvgLen MinThreshold

queue the packet

if MinThreshold < AvgLen < MaxThreshold

calculate probability P

drop the arriving packet with probability



201

P if MaxThreshold AvgLen

drop the arriving packet

P is a function of both AvgLen and how long it has been since the last packet was dropped. It is computed as

TempP = MaxP × (AvgLen MinThreshold)/(MaxThreshold MinThreshold) P

= TempP/(1 count × TempP)

The probability of drop increases slowly when AvgLen is between the two thresholds, reaching MaxP at the upper threshold, at which point it jumps to unity.

MaxThreshold is set to twice of MinThreshold as it works well for the Internet traffic.

Because RED drops packets randomly, the probability that RED decides to drop a flow’s packet(s) is roughly proportional to share of the bandwidth for that flow.

RED thresholds Drop probability function

Source-Based Congestion Avoidance



202

The source looks for signs of congestion on the network, for example, a considerable increase in the RTT, indicate queuing at a router.

Some mechanisms

1. Every two round-trip delays, it checks to see if the current RTT is greater than the average of the minimum and maximum RTTs.

a. If it is, then the algorithm decreases the congestion window by one-eighth.

b. Otherwise the normal increase as in TCP.

2. Every RTT, it increases the window size by one packet and compares the throughput achieved to the throughput when the window was one packet smaller.

a. If the difference is less than one-half the throughput achieved when only one packet was in transit, it decreases the window by one packet.

TCP Vegas

In standard TCP, it was observed that throughput increases as congestion window increases, but not beyond the available bandwidth.

Any further increase in the window size only results in packets taking up buffer space at the bottleneck router

TCP Vegas uses this idea to measure and control the right amount of extra data in transit.

If a source is sending too much extra data, it will cause long delays and possibly lead to congestion.



203

TCP Vegas’s congestion-avoidance actions are based on changes in the estimated amount of extra data in the network.

A flow’s BaseRTT is set to the minimum of all RTTs and is mostly the first packet sent.

The expected throughput is given by ExpectedRate = CongestionWindow/BaseRTT

The sending rate, ActualRate is computed by dividing number of bytes transmitted during a RTT by that RTT.

The difference between two rates is computed, say Diff = ExpectedRate –ActualRate Two thresholds and are defined such that

o When Diff < , congestion window is linearly increased during the next RTT

o When Diff > , congestion window is linearly decreased during the next RTT

o When < Diff < , the congestion window is unchanged.

When actual and expected output varies significantly, the congestion window is reduced as it indicates congestion in the network.

When actual and expected output is almost the same, the congestion window is increased to utilize the available bandwidth.

The overall goal is to keep between and extra bytes in the network.



204

TCP Vegas throughput-threshold

The expected & actual throughput with thresholds and (shaded region) is shown above.

4.9 QOS – Applications & requirements

Quality of service

QoS (Quality of Service) refers to a broad collection of networking technologies and techniques. The goal of QoS is to provide guarantees on the ability of a network to deliver predictable results. Elements of network performance within the scope of QoS often include availability (uptime), bandwidth (throughput), latency (delay), and error rate.

QOS Requirements

Reliability, Delay, Jitter, and Bandwidth

QOS techniques

SCHEDULING

TRAFFIC SHAPING

ADMISSION CONTROL

RESOURCE RESERVATION



205

Quality of Service is the measure of performance for a transmission system that reflects its transmission quality and service availability.

A transmission system is said to have good quality for its service if

(i) It is reliable,

(ii) Has low error rates

(iii) Less delay and jitter.

Methods to Improve Qos

1.Scheduling:

Data reach the switch from different flows. Switch treats them in a fair manner. Several scheduling techniques like FIFO, Priority and weighted fair queuing are used to improve the QoS.

(a)FIFO Queue: (First in First Out)

The packets wait in the buffer (queue) till the switch (or router) is ready to process those packets. If the packets arrive in faster rate than the switch process those packets, then the queue gets filled and new packets are discarded. The packet comes first is processed first.



206

FIFO

(b)Priority Queue: Packets are processed priority wise.

•Packets are assigned to a priority class.

•Each priority class has a separate queue.

•The packets in high priority queue are processed first. If the queue with higher priority is empty the next lower priory queue is processed.

Priority queuing

Advantage:

•Multimedia data can be given high priority so it can reach the destination with less delay.

Disadvantage:

•If high priority data arrives continuously the low priority queen will not get a chance to be processed. So starvation occurs.

(c)Weighted Fair Queuing: Fair queuing with priority is done.



207

To avoid starvation each queue is given some weights like 3, 2 etc. So 3 packets from a queue is processed and then processor skips to next queue and process 2 packets and so on.

Weighted fair queuing

Advantage:

As the queues follow round robin scheduling starvation does not occur.

2.Traffic Shaping:

Traffic shaping is a mechanism to restrict the amount and rate of traffic sent to the network.

Techniques for traffic shaping.

1.leaky bucket.

2.Token bucket.

a.Leaky bucket:

Leaky bucket algorithm controls bursty traffic to fixed rate traffic.

A bucket has a small hole at the bottom. The water leaks from the bucket at constant rate till the bucket has water. If the bucket is full the incoming water fills out. The input rate can vary but the output rate is constant. This is the concept of leaky bucket algorithm Implementation.



208

A FIFO queue is used for bucket.

If the packets arriving are fixed size at each ticks some ‘n’ packets are removed from the queue for processing.

Leakey bucket implementation (fixed size packets)

Algorithm for variable length packets:

Step 1:

Initially set counter value to n at a tick of a clock.

Step 2:

In n > packet size, send the packet & n = n - packet size

Step 3:

Repeat step 2 till n < packet size.

Step 4:

Reset the counter and go to step 1.

b)Token Bucket:

Token bucket allows bursty traffic at a regulated maximum rate traffic.

Leaky bucket does not credit an idle host. Token bucket considers an ideal host. An idle host reserves credit for the future in form of tokens. If a host is idle it sends ‘n’ token for every tick.



209

Leaky bucky does not credit an idle host. Token bucket considers an idle host. An idle host reserves credit for the future in from of tokens. If a host is idle it sends ‘n’ token for every tick.

If the host sends some data in future, for every call sent a token is removed from the bucket.

Example:

Host is idle for 10 ticks.

•At each tick it sends 10 tokens.

•So bucket has 100 tokens.

•Now the host can send 100 cells ata time or it an send 10 cells (or any number of cells) per tick.

•The host is allowed to send bursty data till thebucket is not empty (till bucket has tokens).

Token bucket

Implementation:

Initially token count = 0 (No token in bucket)

When token is added

Token count + +;



210

When one unit of data is sent

Token count - -;

When (token count = =0)

Data can’t be sent;

3.Resource Reservation:

The flow of data requires some resources like buffer, bandwidth, cpu time etc. If these resources are reserved in advance the quality of service can be improved. Reservation protocol (RSPV) is used for the reservation of resources.

4.Admission Control:

The router adopts mechanism to accept or reject a flow based on flow specifications. These mechanism are called admission control.

The router checks the flow specifications like bandwidth, buffer size, cpu speed etc. and its commitment to other previous flows and then it decides whether the new flow is accepted or rejected.

Reservation Protocol (RSVP)

The Resource Reservation Protocol (RSVP) is a signaling protocol to help IP create a flow and make a resource reservation.

RSVP provides resource reservations for all kinds of traffic including multimedia which uses multicasting. RSVP supports both unicast and multicast flows.

RSVP is a robust protocol that relies on soft state in the routers.



211

o Soft state unlike hard state (as in ATM, VC), times out after a short period if it is not refreshed. It does not require to be deleted.

o The default interval is 30 ms.

Since multicasting involves large number of receivers than senders, RSVP follows receiver oriented approach that makes receivers to keep track of their requirements.

RSVP Messages

To make a reservation, the receiver needs to know:

o What traffic the sender is likely to send so as to make an appropriate reservation, i.e., TSpec.

o Secondly, what path the packets will travel.

The sender sends a PATH message to all receivers (downstream) containing TSpec.

A PATH message stores necessary information for the receivers on the way.

PATH messages are sent about every 30 seconds.

The receiver sends a reservation request as a RESV message back to the sender (upstream), containing sender's TSpec and receiver requirement RSpec.

Each router on the path looks at the RESV request and tries to allocate necessary resources to satisfy and passes the request onto the next router.

o If allocation is not feasible, the router sends an error message to the receiver.



212

If there is any failure in the link a new path is discovered between sender and the receiver. The RESV message follows the new path thereafter.

A router reserves resources as long as it receives RESV message, otherwise released. If a router does not support RSVP, then best-effort delivery is followed.

Reservation Merging

In RSVP, the resources are not reserved for each receiver in a flow, but merged.

When a RESV message travels from receiver up the multicast tree, it is likely to come across a router where reservations have already been made for some other flow.

If new resource requirements can be met using existing allocations, then new allocation is not done.

o For example, receiver B has already made a request for 3 Mbps. If A comes with a new request for 2 Mbps, then no new reservations are made.

A router that handles multiple requests with one reservation is known as merge point. This is because, different receivers require different quality.

Reservation merging meets the needs of all receivers downstream of the merge point.



213

Merging reservation

Packet classification is done by examining the fields source address, destination address, protocol number, source port and destination port in the packet header. Weighted fair queuing or a combination of queuing disciplines is used.

UNIT VAPPLICATION LAYER

Traditional applications -Electronic Mail (SMTP, POP3, IMAP, MIME) – HTTP – Web Services – DNS- SNMP.

5.1 Traditional applications

INTRODUCTION



214

the position of the application layer in the Internet model. For the typical end user, this is the only layer of interest. This user only needs to know how to use the application programs available in this layer. They need to know how to send and receive email; they need to know how to use a browser to surf the World Wide Web. Some may need to use file transfer programs to send and receive bulky files.

Internet Model

A business manager, however, needs to be aware of the technologies available in each layer and how they can best be used. This knowledge enables a manager to make wise decisions concerning data communications and networking

Traditional applications in Computer Networks(1970-1990)

E-mail

Remote Login

News

File Transfer

5.2 Electronic Mail (SMTP, POP3, IMAP, MIME)



215

Electronic Mail

The first e-mail systems simply consisted of file transfer protocols, with the convention that the first line of each message (i.e., file) contained the recipient’s address. As time went on, the limitations of this approach became more obvious. Some of the complaints were as follows:

1.Sending a message to a group of people was inconvenient. Managers often need this facility to send memos to all their subordinates.

2.Messages had no internal structure, making computer processing difficult. For example, if a forwarded message was included in the body of another message, extracting the forwarded part from the received message was difficult.

3.The originator (sender) never knew if a message arrived or not.

4.If someone was planning to be away on business for several weeks and wanted all incoming e-mail to be handled by his secretary, this was not easy to arrange.

5.The user interface was poorly integrated with the transmission system requiring users first to edit a file, then leave the editor and invoke the file transfer program.

6.It was not possible to create and send messages containing a mixture of text, drawings, facsimile, and voice.

As experience was gained, more elaborate e-mail systems were proposed. In 1982, the ARPANET e-mail proposals were published as RFC 821 (transmission protocol) and RFC 822 (message format). Minor revisions, RFC 2821 and RFC 2822, have become Internet standards, but everyone still refers to Internet e-mail as RFC 822.



216

In 1984, CCITT drafted its X.400 recommendation. After two decades of competition, e-mail systems based on RFC 822 are widely used, whereas those based on X.400 have disappeared. How a system hacked together by a handful of computer science graduate students beat an official international standard strongly backed by all the PTTs in the world, many governments, and a substantial part of the computer industry brings to mind the Biblical story of David and Goliath.

The reason for RFC 822's success is not that it is so good, but that X.400 was so poorly designed and so complex that nobody could implement it well. Given a choice between a simple-minded, but working, RFC 822-based e-mail system and a supposedly truly wonderful, but nonworking, X.400 e-mail system, most organizations chose the former.

1.Architecture and Services

It consists of two subsystems: the user agents, which allow people to read and send e-mail, and the message transfer agents, which move the messages from the source to the destination. The user agents are local programs that provide a command-based, menu-based, or graphical method for interacting with the e-mail system. The message transfer agents are typically system daemons, that is, processes that run in the background. Their job is to move e-mail through the system.

Typically, e-mail systems support five basic functions. Let us take a look at them.

Composition refers to the process of creating messages and answers. Although any text editor can be used for the body of the message, the system itself can provide assistance with addressing and the numerous header fields attached to each message. For example, when answering a message, the e-mail



217

system can extract the originator's address from the incoming e-mail and automatically insert it into the proper place in the reply.

Transfer refers to moving messages from the originator to the recipient. In large part, this requires establishing a connection to the destination or some intermediate machine, outputting the message, and releasing the connection. The e-mail system should do this automatically, without bothering the user.

Reporting has to do with telling the originator what happened to the message. Was it delivered? Was it rejected? Was it lost? Numerous applications exist in which confirmation of delivery is important and may even have legal significance.

Displaying incoming messages is needed so people can read their e-mail. Sometimes conversion is required or a special viewer must be invoked, for example, if the message is a Post Script file or digitized voice. Simple conversions and formatting are sometimes attempted as well.

Disposition is the final step and concerns what the recipient does with the message after receiving it. Possibilities include throwing it away before reading, throwing it away after reading, saving it, and so on. It should also be possible to retrieve and reread saved messages, forward them, or process them in other ways.

In addition to these basic services, some e-mail systems, especially internal corporate ones, provide a variety of advanced features. When people move or when they are away for some period of time, they may want their e-mail forwarded, so the system should be able to do this automatically.

Most systems allow users to create mailboxes to store incoming e-mail. Commands are needed to create and destroy mailboxes,



218

inspect the contents of mailboxes, insert and delete messages from mailboxes, and so on.

Corporate managers often need to send a message to each of their subordinates, customers, or suppliers. This gives rise to the idea of a mailing list, which is a list of e-mail addresses. When a message is sent to the mailing list, identical copies are delivered to everyone on the list.

Email architecture

Other advanced features are carbon copies, blind carbon copies, high-priority e-mail, secret (i.e., encrypted) e-mail, alternative recipients if the primary one is not currently available, and the ability for secretaries to read and answer their bosses' e-mail.



219

E-mail is now widely used within industry for intracompany communication. It allows far-flung employees to cooperate on complex projects, even over many time zones. By eliminating most cues associated with rank, age, and gender, e-mail debates tend to focus on ideas, not on corporate status. With e-mail; a brilliant idea from a summer student can have more impact than a dumb one from an executive vice president.

A key idea in e-mail systems is the distinction between the envelope and its contents. The envelope encapsulates the message. It contains all the information needed for transporting the message, such as the destination address, priority, and security level, all of which are distinct from the message itself. The message transport agents use the envelope for routing, just as the post office does.

The message inside the envelope consists of two parts: the header and the body. The header contains control information for the user agents. The body is entirely for the human recipient. Envelopes and messages are illustrated in below Fig.

Envelopes and messages, (a) Paper mail, (b) Electronic mail.



220

2.The User Agent

A user agent is normally a program (sometimes called a mail reader) that accepts a variety of commands for composing, receiving, and replying to messages, as well as for manipulating mailboxes. Some user agents have a fancy menu- or icon-driven interface that requires a mouse, whereas others expect 1 -character commands from the keyboard. Functionally, these are the same. Some systems are menu- or icon-driven but also have keyboard shortcuts.

Sending E-mail

To send an e-mail message, a user must provide the message, the destination address, and possibly some other parameters. The message can be produced with a free-standing text editor, a word processing program, or possibly with a specialized text editor built into the user agent. The destination address must be in a format that the user agent can deal with. Many user agents expect addresses of the form user@dns-address. However, it is worth noting that other forms of addressing exist. In particular, X.400 addresses look radically different from DNS addresses. They are composed of attribute = value pairs separated by slashes,

for example,

/C=US/ ST=MASSACHUSETTS/L=CAMBRIDGE/PA=360 MEMORIAL DR./CN=KEN SMITH/

This address specifies a country, state, locality, personal address and a common name (Ken Smith). Many other attributes are possible, so you can send e-mail to someone whose exact e-mail address you do not know, provided you know enough other attributes (e.g., company and job title). Although X.400 names



221

are considerably less convenient than DNS names, most e- mail systems have aliases (sometimes called nicknames) that allow users to enter or select a person's name and get the correct e-mail address. Consequently, even with X.400 addresses, it is usually not necessary to actually type in these strange strings.

Most e-mail systems support mailing lists, so that a user can send the same message to a list of people with a single command. If the mailing list is maintained locally, the user agent can just send a separate message to each intended recipient. However, if the list is maintained remotely, then messages will be expanded there. For example, if a group of bird watchers has a mailing list called birders installed on meadowlark.arizona.edu, then any message sent to [email protected] will be routed to the University of Arizona and expanded there into individual messages to all the mailing list members, wherever in the world they may be. Users of this mailing list cannot tell that it is a mailing list. It could just as well be the personal mailbox ofProf. Gabriel O. Birders.

Electronic Mail Applications (SMTP, POP3, IMAP, MIME)

SMTP protocol in e-mail applications:

Simple Mail Transfer Protocol (SMTP) is an internet standard protocol used for transferring electronic mail messages from one computer to another.

SMTP specifies how two mail systems interact and the format of control messages they exchange to transfer mail.

Message Transfer Agent (MTA) is a mail daemon that helps to transmit/receive message over the network.



222

To send mail a system must have the client MTA, and to receive mail a system must have a server MTA.

Simple Mail Transfer Protocol (SMTP) defines communication between client/server MTA.

SMTP uses TCP connection on port 25 to forward the entire message and store at intermediate mail servers/mail gateways until it reaches the recipient mail server.

SMTP uses TCP connection

Common responses sent from server MTA are:



223

Example

HELO cs.princeton.edu

250 Hello [email protected]

[128.12.169.24] MAIL FROM:<[email protected]>

250 OK

RCPT TO:<[email protected]>

250 OK

DATA

354 Start mail input; end with <CRLF>.<CRLF>

... ... ....

...etc. etc. etc.

<CRLF>.<CRLF>

250 OK

QUIT

221 Closing connection

In each exchange, the client posts a command and the server responds with a

code. and a human-readable explanation for the code.

After the commands and responses, client sends the message which is ended by

a period (.) and terminates the connection.



224

User Agent (UA):

User agent is a program that handles mail boxes, composes, reads, reply and forwarded messages.

Task of user Agent:

1.Compose messages

2.Read messages

3.Reply to messages

4.Forward messages

5.Handles mail boxes

Compose messages:

User agent provides a template (Editor) on screen. User fills the template and edits its with options like spell check, change front etc.,

Read Messages:

User agent displays a one line summary of each received mail.

The summary contains

1.Number field

2.Flag field (Msg is new or checked already)

3.Size of the message

4.Sender

5.Subject field



225

Reply to messages:

After reading the messages reply can be sent to the (i) sender or to (ii) all recipients.

The reply has original message and the new message.

Forward Messages:

The received messages can be forwarded to some other person(s) with or without adding extra comments.

Handling Mail Boxes:

Two mailboxes created by user Agent are

1.Inbox

2.Outbox

Inbox - has all received mails till user deletes it.

Outbox - has all sent mails till user deletes it.

Types of User Agent:

Two types of user agents are:

1.Command Driven

2.GUI Based

Command Driven:

Command driver user Agent accepts a one character command from keyboard and performs its specific task.

Ex: r to reply to sender



226

R to reply to all receipts.

GUI Based:

GUI based user Agent has graphical components like icons, menu bars and windows. Users interact through the components to perform a specific task.

Multipurpose Internet Mail Extensions (MIME):

MIME is a supplementary protocol (extension to SMTP) that allows non ASCII data to be sent through SMTP.

MIME converts non ASCII data at sender side to ASCII data and delivers it to client SMTP.

Client SMTP sends it to the server SMTP through Internet. Server SMTP sends the ASCII data to the MIME.

MIME converts the ASCII to original data.

MIME

MIME sender-Receiver

Transformation parameters are defined by adding headers to the original SMTP header.

MIME header:



227

MIME header Structure

MIME headers:

1.MIME Version

2.Content Type

3.Content - Transfer Encoding

4.Content - id

5.Content Description

MIME Version:

-defines the version of MIME current verso in: 1.1

Control Type:

-defines the type of data used in the body of the message.

Content - type: <type / subtype: parameters>

Message Access Agent (MAA)/Mail Reader: POP and IMAP

MAA or mail reader allows user to retrieve messages from the mailbox, so that user can perform actions such as reply, forwarding, etc.

The two message access protocols are:



228

o Post Office Protocol, version 3 (POP3)

o Internet Mail Access Protocol, version 4 (IMAP4)

SMTP is a push type protocol whereas POP3 and IMAP4 are pop type protocol.

POP3

POP3 is simple and limited in functionality

POP3 works in two modes namely, delete and keep mode.

o In delete mode, mail is deleted from the mailbox after retrieval

o In keep mode, mail after reading is kept in mailbox for later retrieval.

POP3 client is installed on the recipient computer and POP3 server on the mail server. The client opens a connection to the server on TCP port 110.

The client sends username and password to access the mailbox and retrieve the messages.



229

POP3 protocol working

IMAP4

IMAP is a client/server protocol running over TCP. The client issues commands and the mail server responds.

The exchange begins with the client authenticating itself to access the mailbox.

This is represented as a state transition diagram.



230

IMAP architecture

Connection without pre authentication (OK greeting)

Pre authenticated connection (I'REAUTH greeting)

Rejected connection (BYE greeting)

Successful LOGIN or AUTHENTICATE command

Successful SELECT or EXAMINE command

CLOSE command, or failed SELECT or EXAMINE command



231

(7) LOGOUT command, server shutdown, or connection closed.

When the user asks to FETCH a message, server returns it in MIME format and the mail reader decodes it.

IMAP also defines message attributes such as size and flags such as Seen, Answered, Deleted and Recent.

Need for POP3 and IMAP4:

IMAP is a standard protocol for checking e-mail. POP3 is also a standard protocol for receiving e-mail. IMAP can be thought of as “remote” e-mail storage, while POP3 can be thought of as a “store-and-forward” service. Ultimately they both accomplish similar tasks but often one will suit your needs better than the other.

5.3 HTTP

The Hypertext Transfer Protocol(HTTP) is a file transfer protocol used in world wide web. That transfers data in the form of plain text, hyper text, audio and video, etc. the name hypertext comes because it jumps rapidly from one document to another. HTTP functions like a combination of FTP and SMTP

HTTP Transaction

Although HTTP uses the services of TCP, HTTP, itself is a stateless protocol. The client initializes the transaction by sending a request message. The server replies with a response.



232

Request- Response

Request message:

It consists of a request line, header and sometimes a body.

Request line:

It defines the request type, resource (URL) and HTTP version.

HTTP version:

Current version is 1.1 HTTP version 1.0 and 0.9 are still in use. Request type or methods:

OPTIONSrequest information about available options.

GETretrieve document identified in URL.

HEADretrieve meta information about document identified in URL.

POSTgive information to server.

PUTStore document under specified URL.

DELETEdelete specified URL.

TRACElook back request message.

CONNECTfor use of proxies.



233

URL:

A client that wants to access a web page needs an address for which HTTP uses the concept of uniform resource locators.

Response message:

It consists of status line, a header and sometimes a body.

Status line:

It defines the status of the response message consists a HTTP version, a status code and a status phrase.

Header:

The header is there for both request and response message.

TCP connection:

This can either be persistent or non persistent. HTTP version 1.0 specifies a non persistent in which one TCP connection is made for each request/response.

FTP:

File Transfer Protocol is the standard mechanism provided by the internet for copying a file from one host to another. When two systems use different file name conventions, two systems have different ways to represent text and data or two systems have different directory structures, transferring of files between them will be a problem.

FTP Connections:

FTP establishes two types of connections:

1.Control connection



234

2.Data connection

Control connection:

It uses very simple rules for commands and responses. At a time one line of command or response can be sent. FTP uses TCP port 21 for the control connection. This control connection is maintained during the entire interactive FTP session.

Data Connection:

The data connection needs more complex rules due to the variety of data types transferred. Port number 20 of TCP is used for data connection. The data connection is opened or closed for each file transferred.

File transfer:

It occurs over the data connection under the control of commands sent over the control connections. Following operations can be performed using FTP.

1.Retrieving a file - copying a file from server to client.

2.Storing a file - copying a file from client to the server.

3.Retrieving a list - sending a list of directory or file names from the server to the client.

5.4 Web Services

A web service is any piece of software that makes itself available over the internet and uses a standardized XML messaging system. XML is used to encode all communications to a webservice. For example, a client invokes a web service by sending an XML message, then waits for a corresponding XML response.



235

As all communication is in XML, web services are not tied to any one operating system or programming language--Java can talk with Perl; Windows applications can talk with Unix applications.

Components :

The basic web services platform is the combination of XML + HTTP. All the standard web services work using the following components

UDDI (Universal Description, Discovery and Integration)

SOAP (Simple Object Access Protocol)

WSDL (Web Services Description Language)

A web service enables communication among various applications by using open standards such as HTML, XML, WSDL, and SOAP. A web service takes the help of:

XML to tag the data

WSDL to describe the availability of service.

SOAP to transfer a message

There are two ways to view the web service architecture:

The first is to examine the individual roles of each web service actor.

The second is to examine the emerging web service protocol stack.

Web Service Roles

There are 3 major roles within the web service architecture:



236

Service Provider

This is the provider of the web service. The service provider implements the service and makes it available on the Internet.

Service Requestor

This is any consumer of the web service. The requestor utilizes an existing web service by opening a network connection and sending an XML request.

Service Registry

This is a logically centralized directory of services. The registry provides a central place where developers can publish new services or find existing ones. It therefore serves as a centralized clearing house for companies and their services.

Web Service Protocol Stack

A second option for viewing the web service architecture is to examine the emerging web service protocol stack. The stack is still evolving, but currently has four main layers.

Service Transport

This layer is responsible for transporting messages between applications. Currently, this layer includes Hyper Text Transport Protocol (HTTP), Simple Mail Transfer Protocol (SMTP), File Transfer Protocol (FTP), and newer protocols such as Blocks Extensible Exchange Protocol (BEEP).

XML Messaging

This layer is responsible for encoding messages in a common XML format so that messages can be understood at either end. Currently, this layer includes XML-RPC and SOAP.



237

Service Description

This layer is responsible for describing the public interface to a specific web service. Currently, service description is handled via the Web Service Description Language (WSDL).

Service Discovery

This layer is responsible for centralizing services into a common registry and providing easy publish/find functionality. Currently, service discovery is handled via Universal Description, Discovery, and Integration (UDDI).

As web services evolve, additional layers may be added and additional technologies may be added to each layer.

The next chapter explains the components of web services.

Few Words about Service Transport

The bottom of the web service protocol stack is service transport. This layer is responsible for actually transporting XML messages between two computers.

Hyper Text Transfer Protocol (HTTP)

Currently, HTTP is the most popular option for service transport. HTTP is simple, stable, and widely deployed. Furthermore, most firewalls allow HTTP traffic. This allows XML-RPC or SOAP messages to masquerade as HTTP messages. This is good if you want to integrate remote applications, but it does raise a number of security concerns.

Blocks Extensible Exchange Protocol (BEEP)

This is a promising alternative to HTTP. BEEP is a new Internet Engineering Task Force (IETF) framework for building new



238

protocols. BEEP is layered directly on TCP and includes a number of built-in features, including an initial handshake protocol, authentication, security, and error handling. Using BEEP, one can create new protocols for a variety of applications, including instant messaging, file transfer, content syndication, and network management.

SOAP is not tied to any specific transport protocol. In fact, you can use SOAP via HTTP, SMTP, or FTP. One promising idea is therefore to use SOAP over BEEP.

Web Services - Components

XML-RPC

This is the simplest XML-based protocol for exchanging information between computers.

XML-RPC is a simple protocol that uses XML messages to perform RPCs.

Requests are encoded in XML and sent via HTTP POST.

XML responses are embedded in the body of the HTTP response.

XML-RPC is platform-independent.

XML-RPC allows diverse applications to communicate.

A Java client can speak XML-RPC to a Perl server.

XML-RPC is the easiest way to get started with web services.

To learn more about XML-RPC, visit our XML-RPC Tutorial .

SOAP



239

SOAP is an XML-based protocol for exchanging information between computers.

SOAP is a communication protocol.

SOAP is for communication between applications.

SOAP is a format for sending messages.

SOAP is designed to communicate via Internet.

SOAP is platform independent.

SOAP is language independent.

SOAP is simple and extensible.

SOAP allows you to get around firewalls.

SOAP will be developed as a W3C standard.

To learn more about SOAP, visit our SOAP Tutorial.

WSDL

WSDL is an XML-based language for describing web services and how to access them.

WSDL stands for Web Services Description Language.

WSDL was developed jointly by Microsoft and IBM.

WSDL is an XML based protocol for information exchange in decentralized and distributed environments.

WSDL is the standard format for describing a web service.

WSDL definition describes how to access a web service and what operations it will perform.



240

WSDL is a language for describing how to interface with XML-based services.

WSDL is an integral part of UDDI, an XML-based worldwide business registry.

WSDL is the language that UDDI uses.

WSDL is pronounced as 'wiz-dull' and spelled out as 'W-S-D-L'.

To learn more about WSDL, visit our WSDL Tutorial.

UDDI

UDDI is an XML-based standard for describing, publishing, and finding web services.

UDDI stands for Universal Description, Discovery, and Integration.

UDDI is a specification for a distributed registry of web services.

UDDI is platform independent, open framework.

UDDI can communicate via SOAP, CORBA, and Java RMI Protocol.

UDDI uses WSDL to describe interfaces to web services.

UDDI is seen with SOAP and WSDL as one of the three foundation standards of web services.

UDDI is an open industry initiative enabling businesses to discover each other and define how they interact over the Internet

Service Provider or Publisher



241

This is the provider of the web service. The service provider implements the service and makes it available on the Internet or intranet.

We will write and publish a simple web service using .NET SDK.

Service Requestor or Consumer

This is any consumer of the web service. The requestor utilizes an existing web service by opening a network connection and sending an XML request.

We will also write two web service requestors: one web-based consumer (ASP.NET application) and another Windows application-based consumer

Web Services - Security

Security is critical to web services. However, neither XML-RPC nor SOAP specifications make any explicit security or authentication requirements.

There are three specific security issues with web services:

Confidentiality

Authentication

Network Security

Web Services - Standards

Transports

BEEP, the Blocks Extensible Exchange Protocol (formerly referred to as BXXP), is a framework for building application protocols. It



242

has been standardized by IETF and it does for Internet protocols what XML has done for data.

Messaging

These messaging standards and specifications are intended to give a framework for exchanging information in a decentralized, distributed environment.

SOAP 1.1 (Note)

SOAP 1.2 (Specification)

Web Services Attachments Profile 1.0

SOAP Message Transmission Optimization Mechanism

Description and discovery

Web services are meaningful only if potential users may find information sufficient to permit their execution. The focus of these specifications and standards is the definition of a set of services supporting the description and discovery of businesses, organizations, and other web services providers; the web services they make available; and the technical interfaces which may be used to access those services.

UDDI 3.0

WSDL 1.1 (Note)

WSDL 1.2 (Working draft)

WSDL 2.0

Security



243

Using these security specifications, applications can engage in secure communication designed to work with the general web services framework.

Web Services Security 1.0

Security Assertion Markup Language (SAML).

5.5 DNS

Role of DNS

While DNS is extremely important to the correct functioning of the Internet, all it really does is map symbolic names for machines onto their IP addresses.

Three main divisions of the DNS.

•Generic domains

•Country domains

•Inverse domains

The Domain Name System

DNS is used to map a name onto an IP address, an application program calls a library procedure called the resolver, passing it the name as a parameter. The resolver sends a UDP packet to a local DNS server, which then looks up the name and returns the IP address to the resolver, which then returns it to the caller. Armed with the IP address, the program can then establish a TCP connection with the destination or send it UDP packets.

1.The DNS Name Space



244

The Internet is divided into over 200 top-level domains, where each domain covers many hosts. Each domain is partitioned into sub domains, and these are further partitioned, and so on. All these domains can be represented by a tree, as shown in the below Fig. The leaves of the tree represent domains that have no sub domains (but do contain machines, of course). A leaf domain may contain a single host, or it may represent a company and contain thousands of hosts.

A portion of the Internet domain name space.

The top-level domains come in two flavors: generic and countries. The original generic domains were com (commercial), edu (educational institutions), gov (the U.S. Federal Government), int (certain international organizations), mil (the U.S. armed forces), net (network providers), and org (nonprofit organizations). The country domains include one entry for every country, as defined in ISO 3166.

In November 2000, ICANN approved four new, general-purpose, top-level domains, namely, biz (businesses), info (information), name (people's names), and pro (professions, such as doctors and lawyers). In addition, three more specialized top-level domains were introduced at the request of certain industries. These are aero (aerospace industry), coop (co-operatives), and museum (museums). Other top-level domains will be added in the future.



245

In general, getting a second-level domain, such as name-of-company.com, is easy. It merely requires going to a registrar for the corresponding top-level domain (com in this case) to check if the desired name is available and not somebody else’s trademark. If there are no problems, the requester pays a small annual fee and gets the name. By now, virtually every common (English) word has been taken in the com domain. Try household articles, animals, plants, body parts, etc. Nearly all are taken.

Each domain is named by the path upward from it to the (unnamed) root. The components are separated by periods (pronounced "dot"). Thus, the engineering department at Sun Microsystems might be eng.sun.com., rather than a UNIX-style name such as /com/sun/eng. Notice that this hierarchical naming means that eng.sun.com. does not conflict with a potential use of eng in eng.yale.edu., which might be used by the Yale English department.

Domain names can be either absolute or relative. An absolute domain name always ends with a period (e.g., eng.sun.com.), whereas a relative one does not. Relative names have to be interpreted in some context to uniquely determine their true meaning. In both cases, a named domain refers to a specific node in the tree and all the nodes under it.

Domain names are case insensitive, so edu, Edu, and EDU mean the same thing. Component names can be up to 63 characters long, and full path names must not exceed 255 characters.

In principle, domains can be inserted into the tree in two different ways. For example, cs.yale.edu could equally well be listed under the us country domain as cs.yale.ct.us. In practice, however, most organizations in the United States are under a generic domain, and most outside the United States are under



246

the domain of their country. There is no rule against registering under two top-level domains, but few organizations except multinationals do it (e.g., sony.com and sony.nl).

Each domain controls how it allocates the domains under it. For example, Japan has domains ac jp and co.jp that mirror edu and com. The Netherlands does not make this distinction and puts all organizations directly under nl. Thus, all three of the following are university computer science departments:

1.cs.yale.edu (Yale University, in the United States)

2.cs.vu.nl (Vrije Universiteit, in The Netherlands)

3.cs.keio.ac.jp (Keio University, in Japan)

To create a new domain, permission is required of the domain in which it will be included. For example, if a VLSI group is started at Yale and wants to be known as vlsi.cs.yale.edu, it has to get permission from whoever manages cs.yale.edu. Similarly, if a new university is chartered, say, the University of Northern South Dakota, it must ask the manager of the edu domain to assign it unsd.edu. In this way, name conflicts are avoided and each domain can keep track of all its subdomains. Once a new domain has been created and registered, it can create subdomains, such as cs.unsd.edu, without getting permission from anybody higher up the tree.

Naming follows organizational boundaries, not physical networks. For example, if the computer science and electrical engineering departments are located in the same building and share the same LAN, they can nevertheless have distinct domains. Similarly, even if computer science is split over Babbage Hall and Turing Hall, the hosts in both buildings will normally belong to the same domain.



247

2.Resource Records

Every domain, whether it is a single host or a top-level domain, can have a set of resource records associated with it. For a single host, the most common resource record is just its IP address, but many other kinds of resource records also exist. When a resolver gives a domain name to DNS, what it gets back are the resource records associated with that name. Thus, the primary function of DNS is to map domain names onto resource records.

A resource record is a five-tuple. Although they are encoded in binary for efficiency, in most expositions, resource records are presented as ASCII text, one line per resource record. The format we will use is as follows:

Domain_name Time_to_live Class Type Value

The Domain_name tells the domain to which this record applies. Normally, many records exist for each domain and each copy of the database holds information about multiple domains. This field is thus the primary search key used to satisfy queries. The order of the records in the database is not significant.

The Time_to_live field gives an indication of how stable the record is. Information that is highly stable is assigned a large value, such as 86400 (the number of seconds in 1 day). Information that is highly volatile is assigned a small value, such as 60 (1 minute).

The third field of every resource record is the Class. For Internet information, it is always IN. For non-Internet information, other codes can be used, but in practice, these are rarely seen. The Type field tells what kind of record this is. The most important types are listed in Fig.



248

Type Meaning ValueSOA Start of Authority Parameters for this zone

A IP address of a host 32-Bit integer

MX Mail exchange Priority, domain willing to accept e-mail

NS Name Server Name of a server for this domainCNAME Canonical name Domain name

PTR Pointer Alias for an IP addressHINFO Host description CPU and OS in ASCII

TXT Text Uninterpreted ASCII text

The principal DNS resource record types for IPv4.

An SOA record provides the name of the primary source of information about the name server's zone (described below), the e-mail address of its administrator, a unique serial number, and various flags and timeouts.

The most important record type is the A (Address) record. It holds a 32-bit IP address for some host. Every Internet host must have at least one IP address so that other machines can communicate with it. Some hosts have two or more network connections, in which case they will have one type A resource record per network connection (and thus per IP address). DNS can be configured to cycle through these, returning the first record on the first request, the second record on the second request, and so on.

The next most important record type is the MX record. It specifies the name of the host prepared to accept e-mail for the specified domain. It is used because not every machine is prepared to accept e-mail. If someone wants to send e-mail to, for example, [email protected], the sending host needs to find



249

a mail server at Microsoft.com that is willing to accept e-mail. The MX record can provide this information.

The NS records specify name servers. For example, every DNS database normally has an NS record for each of the top-level domains, so, for example, e-mail can be sent to distant parts of the naming tree.

CNAME records allow aliases to be created. For example, a person familiar with Internet naming in general and wanting to send a message to someone whose login name is paul in the computer science department at M.I.T. might guess that [email protected] will work. Actually, this address will not work, because the domain for M.I.T.’s computer science department is lcs.mit.edu. However, as a service to people who do not know this, M.I.T. could create a CNAME entry to point people and programs in the right direction. An entry like this one might do the job: cs.mit.edu 86400 IN CNAME lcs.mit.edu

Like CNAME, PTR points to another name. However, unlike CNAME, which is really just a macro definition, PTR is a regular DNS data type whose interpretation depends on the context in which it is found. In practice, it is nearly always used to associate a name with an IP address to allow lookups of the IP address and return the name of the corresponding machine. These are called reverse lookups.

HINFO records allow people to find out what kind of machine and operating system a domain corresponds to. Finally, TXT records allow domains to identify themselves in arbitrary ways. Both of these record types are for user convenience. Neither is required, so programs cannot count on getting them (and probably cannot deal with them if they do get them).



250

Finally, we have the Value field. This field can be a number, a domain name, or an ASCII string. The semantics depend on the record type. A short description of the Value fields for each of the principal record types is given in Fig.

For an example of the kind of information one might find in the DNS database of a domain, see Fig. This figure depicts part of a (semihypothetical) database for the cs.vu.nl domain shown in Fig. The database contains seven types of resource records.

Authoritative data for cs.vu.nl

cs.vu.nl. 86400 IN SOA star boss (9527, 7200, 7200, 241920, 86400)

cs.vu.nl. 86400 IN TXT "Divisie Wiskunde en Informatica."cs.vu.nl. 86400 IN TXT “Vrije Unsversiteit Amsterdam.”cs.vu.nl. 86400 IN MX 1 zephyr.cs.vu.nl.cs.vu.nl. 86400 IN MX 2 top.CS.vu.nl.

flits.cs.vu.nl. 86400 IN HINFO Sun Unixflits.cs.vu.nl. 86400 IN A 130.37.16.112flits.cs.vu.nl. 86400 IN A 192.31.231.165flits.cs.vu.nl. 86400 IN MX 1 flits.cs.vu.nl.flits.cs.vu.nl. 86400 IN MX 2 zephyr.cs.vu.nl.flits.cs.vu.nl. 86400 IN MX 3 top.cs.vu.nl.

www.cs.vu.nl. 86400 IN CNAME star.cs.vu.nlflits.cs.vu.nl. 86400 IN CNAME zephyr.cs.vu.nl

rowboat IN A 130.37.56.201IN MX 1 rowboatIN MX 2 zephyrIN HINFO Sun Unix

little-sister IN A 130.37.62.23IN HINFO Mac MacOS



251

laserjet IN A 192.31.231.216IN HINFO “HP Laserjet IIISi" Proprietary

A portion of a possible DNS database for cs.vu.nl

The first non comment line of Fig. gives some basic information about the domain, which will not concern us further. The next two lines give textual information about where the domain is located. Then come two entries giving the first and second places to try to deliver e-mail sent to [email protected]. The zephyr (a specific machine) should be tried first. If that fails, the top should be tried as the next choice.

After the blank line, added for readability, come lines telling that the flits is a Sun workstation running UNIX and giving both of its IP addresses. Then three choices are given for handling e-mail sent to flits.cs.vu.nl. First choice is naturally the flits itself, but if it is down, the zephyr and top are the second and third choices. Next comes an alias, www.cs.vu.nl, so that this address can be used without designating a specific machine. Creating this alias allows cs.vu.nl to change its World Wide Web server without invalidating the address people use to get to it. A similar argument holds for ftp.cs.vu.nl.

The next four lines contain a typical entry for a workstation, in this case, rowboat.cs.vu.nl. The information provided containsthe IP address, the primary and secondary mail drops, and information about the machine. Then comes an entry for a non-UNIX system that is not capable of receiving mail itself, followed by an entry for a laser printer that is connected to the Internet.

What are not shown (and are not in this file) are the IP addresses used to look up the top-level domains. These are needed to look up distant hosts, but since they are not part of the cs.vu.nl domain, they are not in this file. They are supplied by the root



252

servers, whose IP addresses are present in a system configuration file and loaded into the DNS cache when the DNS server is booted. There are about a dozen root servers spread around the world, and each one knows the IP addresses of all the top-level domain servers. Thus, if a machine knows the IP address of at least one root server, it can look up any DNS name.

3.Name Servers

In theory at least, a single name server could contain the entire DNS database and respond to all queries about it. In practice, this server would be so overloaded as to be useless. Furthermore, if it ever went down, the entire Internet would be crippled.

To avoid the problems associated with having only a single source of information, the DNS name space is divided into nonoverlapping zones. One possible way to divide the name space of Fig. is shown in Fig. Each zone contains some part of the tree and also contains name servers holding the information about that zone. Normally, a zone will have one primary name server, which gets its information from a file on its disk, and one or more secondary name servers, which get their information from the primary name server. To improve reliability, some servers for a zone can be located outside the zone.



253

Part of the DNS name space showing the division into zones.

Where the.zone boundaries are placed within a zone is up to that zone’s administrator. This decision is made in large part based on how many name servers are desired, and where. For example, in Fig. Yale has a server for yale.edu that handles eng.yale.edu but not cs.yale.edu, which is a separate zone with its own name servers. Such a decision might be made when a department such as English does not wish to run its own name server, but a department such as computer science does. Consequently, cs.yale.edu is a separate zone but eng.yale.edu is not.

When a resolver has a query about a domain name, it passes the query to one of the local name servers. If the domain being sought falls under the jurisdiction of the name server, such as ai.cs.yale.edu falling under cs.yale.edu, it returns the authoritative resource records. An authoritative record is one that comes from the authority that manages the record and is thus always correct. Authoritative records are in contrast to cached records, which may be out of date.

If, however, the domain is remote and no information about the requested domain is available locally, the name server sends a



254

query message to the top-level name server for the domain requested. To make this process clearer, consider the example of Fig. Here, a resolver on flits.cs.vu.nl wants to know the IP address of the host linda.cs.yale.edu. In step 1, it sends a query to the local name server, cs.vu.nl. This query contains the domain name sought, the type (A) and the class (IN).

Root name server

The root name server contains an NS record for each second-level server.

It also has an A record that translates this name into corresponding IP address. The following shows part of .edu root name server

(princeton.edu, cit.princeton.edu, NS, IN)

(cit.princeton.edu, 128.196.128.233, A, IN)

…

Zone name server

The zone name server princeton.edu has a name server available on host cit.princeton.edu that contains the following records.

Some records contain A records, whereas others point to next level name servers.

(cs.princeton.edu, gnat.cs.princeton.edu, NS, IN) (gnat.cs.princeton.edu, 192.12.69.5, A, IN)

…

Eventually, third-level name server, such as the domain cs.princeton.edu, contains A records for all of its hosts.



255

(cs.princeton.edu, gnat.cs.princeton.edu, MX, IN)

(cicada.cs.princeton.edu, 192.12.69.60, A, IN)

(cic.cs.princeton.edu, cicada.cs.princeton.edu, CNAME,

IN) (gnat.cs.princeton.edu, 192.12.69.5, A, IN)

Name Resolution for cicada.cs.princeton.edu

1. The client first sends a query containing cicada.cs.princeton.edu to the root server.

2. The root server, does not finds an exact match, but locates the NS record for

princeton.edu

Difference between fully qualified and Partially qualified Domain name

Fully qualified Partially qualifiedIt gives the full location of the specific domain that bears its name within the whole DNS name space

It doesn’t give the full path to the domain.

Fully-qualified domain names are sometimes called absolute domain names.

Partially qualified domain names are sometimes called relative domain names

5.6 SNMP

Simple Network Management Protocol (SNMP) is a framework for managing devices in an internet using TCP/IP.



256

It provides a set of fundamental operations for monitoring and maintaining an internet SNMP uses the concept of manager and agent.

o A manager is a host that runs the SNMP client program.

Working of SNMP

o A managed station called an agent, is a router that runs the SNMP server program SNMP is an application layer protocol, therefore it can monitor devices of different manufacturers installed on different physical networks.

SNMP management includes:

o A manager that checks an agent by requests information on behavior of the agent.

o A manager forces an agent to perform a task by setting/resetting values in the agent database.

o An agent warns the manager of an unusual situation.

SNMP uses services of UDP on two well-known ports, 161 (agent) and 162 (manager).



257

SNMP is supported by two other protocols in Internet Network management. They are:

o Structure of Management Information (SMI)

o Management Information Base

(MIB) The role of SNMP is to

o Define format of the packet to be sent from a manager to an agent and vice versa.

o Interprets the result and creates statistics

o Responsible for reading and setting object values

The role of SMI is to,

o Define rules for naming objects and object types.

o Uses Basic Encoding Rules to encode data to be transmitted over the network.

The role of MIB is to,

o creates a collection of named objects, their types, and their relationships to each other in an entity to be managed.

Object Identifier

SMI uses an object identifier, which is a hierarchical identifier based on a tree structure The tree structure starts with an unnamed root.

Each object can be defined by using a sequence of integers separated by dots.



258

Object Identifier

The objects that are used in SNMP are located under the mib-2 object, so their identifiers always start with 1.3.6.1.2.1

Object identifiers follow lexographic ordering.

MIB Groups

Each agent has its own MIB2 (version 2), which is a collection of all the objects that the manager can manage.

The objects in MIB2 are categorized under 10 different groups namely system, interface, address translation, ip, icmp, tcp, udp, egp, transmission, and snmp.



259

o sys (system defines general information about the node such as the name, location, and lifetime.)

o if (interface defines information about all the interfaces of the node such as physical address and IP address, packets sent and received on each interface, etc.)

o at (address translation defines information about the ARP table)

o ip defines information related to IP such as the routing table, statistics on datagram forwarding, reassembling and drop, etc.

o tcp defines general information related to TCP, such as the connection table, time-out value, number of ports, and number of packets sent and received.

o udp information on UDP traffic such as total number of UDP packets sent and received.

MIB protocols

MIB variables

MIB variables are of two types namely simple and table.

To access any of the simple variable content, use id of the group (1.3.6.1.2.1.7) followed by the id of the variable and an instance suffix, which is 0.



260

o For example, variable udpIn Datagrams is accessed as 1.3.6.1.2.1.7.1.0

MIB variables

In case of table, only leaf elements are accessible.

o In this case, the group id is followed by table id and so on up to the leaf element.

o To access a specific instance (row) of the table, add the index to the above ids.

o The indexes are based on the value of one or more fields in the entries.

o Tables are ordered according to column-row rules, i.e one should go column by column from top to bottom.

SNMPv3 PDU

SNMP is request/reply protocol that defines PDUs GetRequest, GetNextRequest, GetBulkRequest, SetRequest, Response and Trap.



261

SNMP client-server

o GetRequest used by manager to retrieve value of agent's variable(s).

o GetNextRequest used by manager to retrieve next entries in a agent's table .

o SetRequest used by manager to set value of an agent's variable.

o Response sent from an agent to manager in response to GetRequest/GetNextRequest that contains value of variables.

o Trap sent from an agent to the manager to report an event such as reboot.

PDU Format



262

PDU packet format

The SNMP client puts the identifier for the MIB variable it wants to get into the request message, and sends this message to the server.

The server then maps this identifier into a local variable, retrieves the current value held in this variable, and uses BER to encode the value it sends back to the client.



Date post:	08-Feb-2022
Category:	Documents
Upload:	others
View:	4 times
Download:	0 times

CS6551 COMPUTER NETWORKS - Vidyarthiplus

Documents