Network layer

The network layer is responsible for delivering packets from the source host to the destination host across multiple networks. Its main functions include logical addressing, routing, forwarding, and error handling. It also supports different service models such as virtual circuit and datagram service.

Network Services

Virtual Circuit vs Datagram Service

  • Virtual Circuit: A pre-established path between source and destination. It provides reliability and order but requires setup overhead.
  • Datagram Service: Each packet is routed independently, without setup. It is flexible and scalable but may cause out-of-order delivery.

Virtual Network

A virtual network abstracts the underlying physical network into a logical topology. Technologies like VLAN, VPN, and overlay networks enable segmentation, isolation, and flexible resource allocation.

IP Addressing

IP Address

An IP address uniquely identifies a host in a network. IPv4 addresses are 32-bit, typically written in dotted-decimal notation.

Classes of IPv4

  • Class A: 1.0.0.0 – 126.255.255.255 (Default mask: 255.0.0.0)
  • Class B: 128.0.0.0 – 191.255.255.255 (Default mask: 255.255.0.0)
  • Class C: 192.0.0.0 – 223.255.255.255 (Default mask: 255.255.255.0)
  • Class D: 224.0.0.0 – 239.255.255.255 (Multicast)
  • Class E: 240.0.0.0 – 255.255.255.255 (Reserved for research)

Subnetting

Subnetting divides a network into smaller networks by borrowing bits from the host portion. It improves address utilization and enables better network management.

Supernetting

Supernetting (CIDR aggregation) combines multiple contiguous subnets into a larger block, reducing routing table entries.

Packet Handling

Packet Forwarding

Routers use destination IP addresses and routing tables to forward packets. This involves:

  1. Checking the routing table
  2. Determining the next hop
  3. Updating headers and sending the packet

ARP (Address Resolution Protocol)

  • Working: ARP maps IP addresses to MAC addresses within a local network.
  • ARP Spoofing: An attacker forges ARP messages to intercept or redirect traffic.

Packet Analysis

Packets consist of headers and payloads. The IP header includes source/destination IP, TTL, protocol type, and checksum for error detection.

Routing

Static Routing

Manually configured routes. Simple but lacks scalability.

Gateways

Gateways connect networks with different protocols or architectures, enabling interoperability.

Dynamic Routing

  • RIP (Routing Information Protocol): Distance-vector protocol, uses hop count as metric.
  • OSPF (Open Shortest Path First): Link-state protocol, uses Dijkstra’s algorithm.
  • BGP (Border Gateway Protocol): Path-vector protocol, used for inter-domain routing across the Internet.

Network Functions

Load Balancing

Distributes network traffic across multiple servers or links to improve reliability and performance.

ICMP

The Internet Control Message Protocol supports error reporting and diagnostics.

  • Ping: Tests connectivity by sending ICMP Echo requests.
  • Pathping / Traceroute: Tracks the path and delay of packets across routers.

Proxy Control via MAC

Access control can be enforced at the proxy server by binding MAC addresses, preventing unauthorized clients.

Network Address Translation

  • NAT (Network Address Translation): Translates private IP addresses to public ones.
  • PAT (Port Address Translation): Maps multiple private addresses to a single public IP using different port numbers.

VPN (Virtual Private Network)

A VPN establishes an encrypted tunnel over the Internet, ensuring confidentiality and secure access to private networks.