2. 21.2
21-1 ADDRESS MAPPING
21-1 ADDRESS MAPPING
The delivery of a packet to a host or a router requires
The delivery of a packet to a host or a router requires
two levels of addressing:
two levels of addressing: logical
logical and
and physical
physical. We need
. We need
to be able to map a logical address to its corresponding
to be able to map a logical address to its corresponding
physical address and vice versa. This can be done by
physical address and vice versa. This can be done by
using either static or dynamic mapping.
using either static or dynamic mapping.
Mapping Logical to Physical Address
Mapping Physical to Logical Address
Topics discussed in this section:
Topics discussed in this section:
5. ARP Packet Fields
Hardware Type: 16 bit field defining the type of
network in which ARP is running. Ethernet is given
type 1.
Protocol type: 16 bit field defining the protocol
with which ARP is running.
Hardware Length: 8 bit field defining the length of
the physical address. For ethernet the value is 6.
Protocol Length: 8 bit field defining the length
of the logical address. For IPv4 the value is
4.
21.5
6. ARP Packet Fields (Contd)
Operation: 16 bit field defining the type of packet.
ARP request or ARP reply.
Sender Hardware Address: variable length field,
physical address of the sender.
Sender Protocol Address: variable length field,
Logical address of the sender.
Target Hardware Address: variable length field,
physical address of the target. Contains 0 in request
packet.
target Protocol Address: variable length field,
Logical address of the target.
21.6
8. How ARP works?
1- The sender knows the IP address of the target.
2- IP asks ARP to create an ARP request message.
(Discussed in previous slide)
3- The message is passed to the data link layer where
it is encapsulated in a frame by using the physical
address of the sender as the source address and
the physical broadcast address as the destination
address.
4- All Stations remove the message and pass it to ARP.
All machines except the targeted one drop the
packet.
21.8
9. How ARP works? (Contd)
5- The target machine replies with an ARP reply
message that contains its physical address.
Unicast message.
6- Sender receives the reply message. It now
knows the physical address of the target
machine.
7- The IP datagram, which carries data for the
target machine , is now encapsulated in a
frame and is unicast to the destination.
21.9
11. Case 1:
The sender is a host and wants to send
a packet to another host on the same
network.
Now, the logical address that must be
mapped to a physical address is the
destination IP address in the datagram
header.
21.11
12. Case 2:
The sender is a host and wants to send a packet
to another host on the another network.
Now, the hosts looks at its routing table and
finds the IP address for the next router for this
destination. If does not have a routing table,
looks for the IP address of the default router.
The IP address of the router becomes the logical
address that must be mapped to a physical
address.
21.12
13. Case 3:
The sender is a router that has received the
datagram destined for a host on another
network.
Now, it checks its routing table.
The IP address of the next router becomes
the logical address that must be mapped to a
physical address.
21.13
14. Case 4:
The sender is a router that has received the
datagram destined for a host on the same
network.
The destination IP address of the datagram
becomes the logical address that must be
mapped to a physical address.
21.14
16. 21.16
A host with IP address 130.23.43.20 and physical address
B2:34:55:10:22:10 has a packet to send to another host
with IP address 130.23.43.25 and physical address
A4:6E:F4:59:83:AB. The two hosts are on the same
Ethernet network. Show the ARP request and reply
packets encapsulated in Ethernet frames.
Solution
Figure 21.5 shows the ARP request and reply packets.
Note that the ARP data field in this case is 28 bytes, and
that the individual addresses do not fit in the 4-byte
boundary. That is why we do not show the regular 4-byte
boundaries for these addresses.
Example 21.1
19. Mapping Physical to Logical
There are occasions in which a host
knows its physical address, but needs to
know its logical address.
RARP
BOOTP
DHCP
21.19
20. RARP (Reverse Address
Resolution Protocol)
RARP finds the logical address of the machine that knows
only its physical address.
An RARP request is created and broadcast on the local
network.
Another machine on the local network that knows all the
IP addresses will respond with RARP reply.
Requesting machine should run RARP client program and
the answering side should be using RARP server program.
Serious problem: Broadcasting is done at the data link
layer that cannot pass the boundaries of network. So
administrator needs to run RARP servers if having several
networks.
21.20
21. BOOTP (Bootstrap Protocol)
Its is a client/server protocol.
Runs on the application layer.
Administrator having different networks can
easily use this protocol.
BOOTP request is broadcasted. Broadcasted IP
datagram cannot pass through any router. So
intermediary host is introduced called Relay
Agent.
Relay Agent unicast the request to the BOOTP
server.
21.21
24. DHCP (Dynamic Host Configuration
Protocol)
BOOTP is not a dynamic configuration
protocol. When a client requests its IP
address, the BOOTP server consults the
table.
What if a host moves one physical
address to another?
What if a host needs temporary
address?
21.24
25. DHCP (Dynamic Host
Configuration Protocol)
Static Address Allocation
Acts as BOOTP.
Dynamic Address Allocation
Have a database with available IP
addresses.
When a DHCP client sends a request to
DHCP server, its first check its static
database, if yes then assigned the client, if
not then send him any available IP address.
21.25
26. 21.26
21-2 ICMP
21-2 ICMP
The IP protocol has no error-reporting or error-
The IP protocol has no error-reporting or error-
correcting mechanism. The IP protocol also lacks a
correcting mechanism. The IP protocol also lacks a
mechanism for host and management queries. The
mechanism for host and management queries. The
Internet Control Message Protocol (ICMP)
Internet Control Message Protocol (ICMP) has been
has been
designed to compensate for the above two deficiencies.
designed to compensate for the above two deficiencies.
It is a companion to the IP protocol.
It is a companion to the IP protocol.
Types of Messages
Message Format
Error Reporting and Query
Debugging Tools
Topics discussed in this section:
Topics discussed in this section:
27. Types of Messages
ICMP messages are divided into two
broad categories.
Error Reporting Messages
They report problems that a router or host may
encounter when it processes an IP packet.
Query Messages
They help a host or a network manager to get
specific information from a router or from
another host.
21.27
31. Destination Unreachable
When a router cannot route a datagram
or a host cannot deliver a datagram, the
datagram is discarded and the router or
host sends a “Destination
Unreachable” message back to the
source host that initiated the datagram.
21.31
32. Source Quench
IP is a connectionless protocol. So it does not have any flow
control mechanism.
The router or a host has a limited size queue (Buffer) for
incoming datagrams waiting to be forwarded or to be
processed.
The “Source Quench” message in ICMP was designated to add
a kind of flow control to the IP.
When a router or hosts discards a datagram due to congestion,
it sends a “Source quench” message to the sender of the
datagram.
This message informs the source that the datagram has been discarded.
Secondly, it warns the source that there is congestion somewhere in the
path and the source should slow down the sending process.
21.32
33. Time Exceeded
This message is generated in two cases.
When the Time to Live Field (IP datagram)
reaches 0, the router discards the packet
and generate the “Time Exceeded”
message.
It is also generated when not all fragments
that make-up a message arrive at the
destination host within a certain time limit.
21.33
34. Parameter Problem
Any ambiguity in the header part of a
datagram can create serious problems
as the datagram travels through the
internet.
If the router or the destination host
discovers an ambiguity or missing value
in any field of the datagram, it discards
the datagram and sends a “Parameter
Problem” message back to source.
21.34
35. Redirection
Hosts do not take part in routing update process
because there are many more hosts than routers.
Hosts usually use static routing.
It usually knows the IP address of only one router i-e
default router.
The host may send a datagram (destined for another
network) to a wrong router.
The router that receives the datagram will forward
the datagram to the correct router.
However, to update the routing table of the host, it
send the redirection message to the host.
21.35
37. 21.37
Important points about ICMP error messages:
❏ No ICMP error message will be generated in
response to a datagram carrying an ICMP error
message.
❏ No ICMP error message will be generated for a
fragmented datagram that is not the first fragment.
❏ No ICMP error message will be generated for a
datagram having a multicast address.
❏ No ICMP error message will be generated for a
datagram having a special address such as
127.0.0.0 or 0.0.0.0.
Note
40. Echo Request and Reply
They designed for diagnostic purpose.
Network managers and users utilize this pair of
messages to identify network problems.
They can be used to determine if there is a
communication at IP level.
ICMP messages are encapsulated in IP datagrams,
the receipt of an echo reply messages by the
machine that sent the echo-request is proof that the
IP protocols in the sender and receiver are
communicating with each other using the IP
datagram.
21.40
41. Timestamp Request and Reply
To machines can use this messages to
determine the round-trip time needed
for an IP to travel between them.
21.41
42. Address-Mask Request and
Reply
A host may not know its know its IP
address but it may not know its
corresponding mask.
To obtain a mask, a host sends an
address-mask-request message to a
router on a LAN.
Router responds with an address-mask-
reply message, providing the necessary
mask for the host.
21.42
44. 21.44
Figure 21.14 shows an example of checksum calculation
for a simple echo-request message. We randomly chose
the identifier to be 1 and the sequence number to be 9.
The message is divided into 16-bit (2-byte) words. The
words are added and the sum is complemented. Now the
sender can put this value in the checksum field.
Example 21.2
45. Router Solicitation and
Advertisement
As host needs to know the IP address of the router
to send data on another network.
The host must know of the routers are alive and
working.
Router Solicitation and Advertisement messages
helps in this situation.
A host can broadcast a router-solicitation message.
The router or routers that receive the solicitation
message broadcast their routing information using
the router-advertisement-message.
21.45
47. 21.47
We use the ping program to test the server fhda.edu. The
result is shown on the next slide. The ping program sends
messages with sequence numbers starting from 0. For
each probe it gives us the RTT time. The TTL (time to
live) field in the IP datagram that encapsulates an ICMP
message has been set to 62. At the beginning, ping defines
the number of data bytes as 56 and the total number of
bytes as 84. It is obvious that if we add 8 bytes of ICMP
header and 20 bytes of IP header to 56, the result is 84.
However, note that in each probe ping defines the
number of bytes as 64. This is the total number of bytes in
the ICMP packet (56 + 8).
Example 21.3
50. 21.50
We use the traceroute program to find the route from the
computer voyager.deanza.edu to the server fhda.edu. The
following shows the result:
Example 21.4
The unnumbered line after the command shows that the
destination is 153.18.8.1. The packet contains 38 bytes: 20
bytes of IP header, 8 bytes of UDP header, and 10 bytes of
application data. The application data are used by
traceroute to keep track of the packets.
51. 21.51
The first line shows the first router visited. The router is
named Dcore.fhda.edu with IP address 153.18.31.254.
The first round-trip time was 0.995 ms, the second was
0.899 ms, and the third was 0.878 ms. The second line
shows the second router visited. The router is named
Dbackup.fhda.edu with IP address 153.18.251.4. The
three round-trip times are also shown. The third line
shows the destination host. We know that this is the
destination host because there are no more lines. The
destination host is the server fhda.edu, but it is named
tiptoe.fhda.edu with the IP address 153.18.8.1. The three
round-trip times are also shown.
Example 21.4 (continued)
52. 21.52
21-3 IGMP
21-3 IGMP
The IP protocol can be involved in two types of
The IP protocol can be involved in two types of
communication: unicasting and multicasting. The
communication: unicasting and multicasting. The
Internet Group Management Protocol (IGMP) is one
Internet Group Management Protocol (IGMP) is one
of the necessary, but not sufficient, protocols that is
of the necessary, but not sufficient, protocols that is
involved in multicasting. IGMP is a companion to the
involved in multicasting. IGMP is a companion to the
IP protocol.
IP protocol.
Group Management
IGMP Messages and IGMP Operation
Encapsulation
Netstat Utility
Topics discussed in this section:
Topics discussed in this section:
53. IGMP
IGMP is not a multicasting routing
protocol; it is a protocol that manages the
group membership.
The IGMP protocol gives the multicast
routers information about the
membership status of the hosts
connected to the network.
IGMP helps the multicast router create
and update the list.
21.53
58. Joining a group
When a process wants to join a group, it
sends its request to the host.
The host adds the name of the process
and the name of the requested group
to its list.
If this is the first entry for this particular
group, the host sends a membership
report message.
21.58
59. 21.59
In IGMP, a membership report is sent
twice, one after the other.
Note
60. Leaving a group
When a host sees that no process is interested in a specific
group, it sends a leave report.
Similarly, when a router sees that none of its connected
networks are interested, it sends a leave report message.
When a multicast router receives a leave report, it cannot
immediately purge that group from its list because the report
comes from just one host or router. There may be other hosts
or routers that are still interested in the group.
To make sure, router sends a special query message with
multicast address/ groupid to that group.
Router allows specific time to respond, if no response then it
assumes that there is no loyal member and it purges the
group from the list.
21.60
61. Monitoring Membership
Considering the situation that there is one host
interested in a group but the host is shutdown or
removed from system.
Multicast router will never receive a leave report.
For this purpose, the router periodically sends a
general query message.
The router expects an answer for each groups in its
group list.
When a host or router receives a general query
message it responds with a membership report.
21.61
63. Delayed response
To prevent unnecessary traffic , IGMP
uses a delayed response strategy.
When a host/ router receives a query
message, it does not respond
immediately; it delays the response.
Each host or router uses a random
number to create a timier.
21.63
64. 21.64
Imagine there are three hosts in a network, as shown in
Figure 21.19. A query message was received at time 0; the
random delay time (in tenths of seconds) for each group
is shown next to the group address. Show the sequence of
report messages.
Example 21.6
Solution
The events occur in this sequence:
a. Time 12: The timer for 228.42.0.0 in host A expires,
and a membership report is sent, which is received by
the router and every host including host B which
cancels its timer for 228.42.0.0.
65. 21.65
Example 21.6 (continued)
b. Time 30: The timer for 225.14.0.0 in host A expires, and
a membership report is sent which is received by the
router and every host including host C which cancels its
timer for 225.14.0.0.
c. Time 50: The timer for 238.71.0.0 in host B expires,
and a membership report is sent, which is received by
the router and every host.
d. Time 70: The timer for 230.43.0.0 in host C expires,
and a membership report is sent, which is received by
the router and every host including host A which
cancels its timer for 230.43.0.0.
67. Query Router
Query messages may create a lot of
responses.
To prevent unnecessary traffic IGMP
designates one router as the query
router for each network.
Only this designated router can send
the query messages.
21.67
69. 21.69
The IP packet that carries an IGMP
packet has a value of 1 in its TTL field.
Note
Editor's Notes
#3:Address Resolution Protocol (ARP)
ARP Request: Broadcast to ask, "Who owns this IP address?“
ARP Reply: Unicast response with the physical address of the requested device.
#7:1. Preamble and Start Frame Delimiter (SFD) (8 bytes)
Purpose:
The preamble (7 bytes) consists of a pattern of alternating 1s and 0s (101010...) that helps the receiving device synchronize with the sender's clock.
The SFD (1 byte) is a fixed sequence (10101011) indicating the start of the actual Ethernet frame.
2. Destination Address (6 bytes)
Purpose:
Contains the MAC address of the device to which this frame is intended.
If it is a broadcast, the destination MAC address will be FF:FF:FF:FF:FF:FF, meaning all devices on the network will process the frame.
3. Source Address (6 bytes)
Purpose:
Contains the MAC address of the device that sent this frame.
This allows the recipient to know the sender's MAC address, which is critical for ARP replies.
4. Type (2 bytes)
Purpose:
Identifies the protocol being carried in the Data section.
For ARP packets, this field is set to 0x0806, which specifies that the payload is an ARP message.
Other common values:
0x0800: IPv4
0x86DD: IPv6
5. Data (Variable Size)
Purpose:
This section contains the actual ARP packet, which could be an ARP Request or an ARP Reply.
The ARP packet structure includes:
Hardware type (2 bytes): Indicates Ethernet (value: 1).
Protocol type (2 bytes): Indicates IPv4 (value: 0x0800).
Hardware size (1 byte): Length of a MAC address (value: 6).
Protocol size (1 byte): Length of an IP address (value: 4).
Operation (2 bytes): Specifies the type of ARP message:
1 = ARP Request
2 = ARP Reply
Sender MAC address (6 bytes): The MAC address of the sender.
Sender IP address (4 bytes): The IP address of the sender.
Target MAC address (6 bytes): Set to all 0s in an ARP Request.
Target IP address (4 bytes): The IP address being resolved.
6. CRC (Cyclic Redundancy Check) (4 bytes)
Purpose:
A checksum used to detect errors in the transmitted frame.
If the CRC value calculated by the receiver does not match the value in the frame, the frame is discarded.
#17:Hardware type 1 ethernet
Protocol Type 0x800 for ipv4
Hardware size 6 for ethernet
Protocol size 6 for ipv4
Operation type 1 for request, 2 for reply
Sender hardware add
Sender ip addr\
Receiver hardware add (request k time py usy ni pta tha)
Receiver ip address
#18:A technique called proxy ARP is used to create a subnetting effect. A proxy ARP is an ARP that acts on behalf of a set of hosts. Whenever a router running a proxy ARP receives an ARP request looking for the IP address of one of these hosts, the router sends an ARP reply announcing its own hardware (physical) address. After the router receives the actual IP packet, it sends the packet to the appropriate host or router.
#25:Steps in the DHCP ProcessDiscovery (DHCPDISCOVER):The client broadcasts a message asking for an IP address.Offer (DHCPOFFER):The DHCP server responds with an IP offer.If the client has a static mapping in the database, this offer contains the corresponding IP. Otherwise, it contains a dynamic IP from the pool.Request (DHCPREQUEST):The client selects one of the offers and sends a request to the DHCP server, indicating which IP it prefers.Acknowledge (DHCPACK):The DHCP server confirms the assignment, updating its database to reflect the lease of the IP address.
