Section 9: IP and the Network Layer

1
Section 9 IP and the Network Layer

• In this section
• Introduction to the network layer
• Internet architecture
• The Internet Protocol (IP)
• Addresses
• Address resolution (ARP)
• IP packet format
• IP management (ICMP)
• Host configuration (DHCP)
• Version 6

2
The Network Layer

• Services
• Deliver packets between any two hosts, reliably
  or unreliably.
• A network-wide concern
• Transport layer (above) between two end hosts.
• Data link layer (below) between two physically
  connected hosts.
• Network layer involves each and every host,
  router, and gateway in the network.

3
Architectural Approaches

• Connectionless - similar to postal system
  endpoint puts data to send into a packet and
  hands to network for delivery
• Connection-oriented - similar to telephone
  system endpoints establish and maintain a
  connection as long as they have data to exchange

4
Connectionless (Datagram) Service

• No connection established
• Source of data adds destination information to
  data and delivers to network
• Network delivers each data item individually
• No routes set up at connection establishment time
  - each packet may follow different route to
  destination (but typically wont).
• No guarantee of reliable, or in-order delivery
  (although data link layer may still do
  link-by-link error control).
• Advantages
• Robust with respect to node / link failures.
• Recovery at end to end (transport) level.
• Examples IP

5
Connection-oriented Service

• One endpoint requests connection from network
• Other endpoint agrees to connection
• Computers exchange data through connection
• Typically uses a stream interface
• Source delivers stream of data to network
• Network breaks into packets for delivery
• Data transmission not necessarily continuous
  like telephone, connection remains in place while
  no data transmitted
• One endpoint requests network to break connection
  when transmission is complete
• Examples Asynchronous Transfer Mode (ATM), X.25

6
Connection duration and persistence

• Connections can be made on-demand or set up
  permanently
• Switched connection or switched virtual circuit
• Permanent connection or provisioned virtual
  circuit
• Permanent connections
• Originally hard-wired
• Now configured at system initialization
• Switched connections
• Computer maintains permanent connection to
  network
• Network makes connection on demand

7
Virtual circuits

• Virtual acts like a circuit, but isnt really
  one.
• Reliable delivery of packets between end hosts.
• All packets within connection follow the same
  route.

A
D
two VCs share link B-C
B
C
E
F
8
Virtual circuits (2)

• At connection establishment time
• Connection setup packet flows from sender to
  receiver.
• Routing tables updated at intermediate nodes to
  reflect new virtual circuit (VC).
• Fits well with quality of service (QoS)
  guarantees reject call on path if QoS cant be
  guaranteed.
• Potential difficulty recovery from link or
  router failure.

9
Address and Connection Identifiers

• Address is a complete, unique identifier
• Connectionless delivery requires address on each
  packet
• Connection-oriented delivery can use a shorthand
  that identifies the connection rather than the
  destination

• Asynchronous Transfer Mode (ATM) - 160-bit
  address, 28-bit connection identifier
• Connection identifier includes
• 12-bit virtual path identifier (VPI)
• 16-bit virtual circuit identifier (VCI)
• Connection identifier local to each computer
• May be different in different parts of the ATM
  switch

10
Internetworking

• In the real world, computers are connected by
  many different technologies
• Internetworking is a scheme for interconnecting
  multiple networks of dissimilar technologies
• Uses both hardware and software
• Extra hardware positioned between networks
• Software on each attached computer
• System of interconnected networks is called an
  internetwork or an internet

11
Routers

• A router is a hardware component used to
  interconnect networks
• The router is the main layer 3 building block for
  large internets.
• A router has interfaces on multiple networks
• Networks can use different technologies
• Router forwards packets between networks
• Transforms packets as necessary to meet standards
  for each network

12
Internet Architecture

• An internetwork is composed of arbitrarily many
  networks interconnected by routers
• Routers can have more than two interfaces

13
A virtual network

• Internetworking software builds a single,
  seamless virtual network out of multiple physical
  networks
• Universal addressing scheme
• Universal service
• All details of physical networks hidden from
  users and application programs

Net 2
Net 3
Net 1
14
A virtual network

• Internetworking software builds a single,
  seamless virtual network out of multiple physical
  networks
• Universal addressing scheme
• Universal service
• All details of physical networks hidden from
  users and application programs

Net 2
router
Net 3
Net 1
Physical network
15
Internetworking Protocols

• TCP/IP is the mostly widely used internetworking
  protocol suite
• First internetworking protocol suite
• Initially funded through ARPA
• Picked up by NSF
• Others include IPX, VINES, AppleTalk
• TCP/IP is by far the most widely used
• Vendor and platform independent

16
Internet addresses

• One key aspect of virtual network is single,
  uniform address format
• Cannot use hardware addresses because different
  technologies have different address formats
• Address format must be independent of any
  particular hardware address format
• Sending host puts destination internet address in
  packet
• Destination address can be interpreted by any
  intermediate router
• Routers examine address and forward packet on to
  the destination

17
IP addresses

• Addressing in TCP/IP is specified by the Internet
  Protocol (IP)
• Each host is assigned a 32-bit number
• Called the IP address or Internet address
• Unique across entire Internet
• Each IP address is divided into a prefix and a
  suffix
• Prefix identifies network to which computer is
  attached
• Suffix identifies computer within that network
• Address format makes routing efficient

18
Network and Host Numbers

• Every network in a TCP/IP internet is assigned a
  network number.
• Each host on a specific network is assigned a
  host number or host address that is unique within
  that network.
• Host's IP address is the combination of the
  network number (prefix) and host address (suffix)
  
• Network numbers must be unique.
• Host addresses may be reused on different
  networks combination of network number prefix
  and host address suffix will be unique.
• Assignment of network numbers must be coordinated
  globally assignment of host addresses can be
  managed locally.

19
IP address format

• IP designers chose 32-bit addresses (see RFC
  790, RFC 1166)
• Allocate some bits for prefix, some for suffix
• Large prefix, small suffix - many networks, few
  hosts per network
• Small prefix, large suffix - few networks, many
  hosts per network
• Because of variety of technologies, need to allow
  for both large and small networks
• Designers chose a compromise - multiple address
  formats that allow both large and small prefixes
• Each format is called an address class.
• Class of an address is identified by first four
  bits

20
Dotted Decimal Notation

• 32 bits divided into 4 octets
• Each octet is converted to decimal value
• Dots used to separate the 4 decimal values
• Examples

21
IP addresses in C/C

• From /usr/include/netinet/in.h
• / Internet address
• This definition contains obsolete fields for
• compatibility with SunOS 3.x and 4.2bsd. The
• presence of subnets renders divisions into
  fixed
• fields misleading at best. New code should
  use
• only the s_addr field.
• /
• struct in_addr
• union
• struct u_char s_b1,s_b2,s_b3,s_b4
  S_un_b
• struct u_short s_w1,s_w2 S_un_w
• u_long S_addr
• S_un
• define s_addr S_un.S_addr / should be used for
  all code /

22
Useful function calls

• unsigned long inet_addr( char cp )
• Converts string with dotted address to 32 bit
  value
• Example inet_addr(129.0.0.1)
• socketAddress.sin_addr.s_addr inet_addr(
  charIPAddress )
• char inet_ntoa(struct in_addr in)
• Converts 32 bit value of IP address to a string
  in dotted decimal format.

23
IP Addresses in Java

• Class java.net.InetAddress
• static InetAddress getByName(String host)
• Creates new instance of InetAddress based on a
  string address
• String can either be a dotted decimal IP address
  (e.g. 129.0.0.1), or a host name
• static InetAddress getByAddress(byte address)
• Creates new instance of InetAddress based on
  bytes containing the 4 values for the IP address
• String getHostAddress( )
• Returns the IP address as a dotted decimal string
  
• byte getAddress( )
• Returns the raw IP address as an array of bytes

24
IP Address Classes
Octet 1
Octet 2
Octet 3
Octet 4
Class
1.0.0.1 to 126.255.255.254
0 prefix
suffix
A
128.0.0.1 to 191.255.255.254
10 prefix
suffix
B
192.0.0.1 to 223.255.255.254
110 prefix
suffix
C
224.0.0.0 to 239.255.255.255
1110 multicast
D
240.0.0.0 to 254.255.255.255
1111 reserved for future use
E
25
Special IP addresses
26
Allocation of IP address classes
27
CIDR addresses

• CIDR Classless Internet Domain Routing
• Created to allow more flexibility in subnet
  sizes in particular, different values between
  256 and 65536
• Obsoletes previous IP address classes
• Notation IP address / bits in prefix
• Usage
• Set up 32 bit mask with indicated number of 1
  bits followed by 0 bits
• Logical AND with mask and IP address to get
  network prefix

28
CIDR Example

• Example allocate 2 sub-networks that can hold
  14 hosts each
• Prefix calculated by logical AND
• Network 1 128.211.0.16 / 28 ? 28 bits in
  prefix
• Network 2 128.211.0.32 / 28
• Mask is 11111111 11111111 11111111 11110000
• Net 1 10000000 11010011 00000000 0001
• Allows IP addresses 128.211.0.17 through
  128.211.0.30, since suffix cannot be all 0s or
  all 1s.
• Net 2 10000000 11010011 00000000 0010

29
Mapping IP addresses

• Problem How to map IP addresses onto hardware?
• Address resolution
• Where this takes place router attached to
  physical network.
• Three methods used to resolve addresses
• Table lookup
• Computation
• Message exchange

30
Resolution using Table Lookup

• Router keeps table.
• The following could be a table for network
  197.15.3.0 / 24
• To save space and time, only the host value of
  the IP address would be stored.

31
Resolution using Computation

• If hardware addresses are configurable, they can
  be assigned to correspond with the host part of
  their IP address
• Example
• host with IP address 229.123.1.1 is assigned
  hardware address 1
• host with IP address 229.123.1.2 is assigned
  hardware address 2
• and so on.
• Computation logical AND with value 000000FF.
• hardware_address ip_address 0xff

32
Resolution using Message Exchange

• Example Ethernet Address Resolution Protocol
  (ARP)
• See RFC 826
• Router sends broadcast ARP message to LAN to
  query hosts as to who matches the IP address
• Only the host with the matching IP address
  replies directly to router
• Router then has hardware address

33
ARP message format

• There is a generic format in RFC 826
• The following is specific for Ethernet 32 bit
  protocol (P) addresses and 48 bit hardware (H)
  addresses

0
8
16
31
Bits
Protocol address type 0800
Hardware address type 0001
H. addr. length
P. addr. length
Operation
Senders hardware address, part 1
Senders H. address pt. 2
Senders P. address pt. 1
Senders P. address pt. 2
Target H. address pt. 1
Target hardware address, part 2
Target protocol address
34
Transmission of ARP messages

• Ethernet frame
• ARP packet

Frame type
Preamble
data
CRC
Dest. Addr.
Source Addr.
SFD
0806
7
46 1500
4
6
6
2
1
octets
octets
Padding
ARP
18
28
octets
35
IP Internet Protocol
0
4
8
16
19
31
Bits
Version
IHL
Service type
Total length
Identification
Flags
Fragment offset
Time to live
Protocol
Header Checksum
Source address
Destination address
Options
Data up to 65,515 octets
Maximum packet size 65,535 octets
36
IP protocol fields

• Definition RFC 791, plus subsequent additions
• Version version number of protocol (currently
  4 version 6 also standardized)
• Internet Header Length (IHL) number of 32-bit
  words in header
• Minimum value 5 (which indicates no options)
• Larger values used when options are present.

37
IP Protocol Fields

• Type of service
• Specifies, precedence (bits 0-2), delay (bit 3),
  throughput (bit 4), reliability (bit 5)
  parameters
• 0 bit normal, 1 bit exceptional
• Total length length of packet in octets
• Identification sequence number
• Flags (3)
• More indicates packet is a fragment, with more
  to come
• Dont fragment prohibits fragmentation
• (Reserved for future use)

38
IP Protocol Fields

• Fragment offset Indicates where in original
  datagram, measured in 64-bit units
• Note that this requires fragmentation happen at
  64-bit boundaries (except for last fragment)
• Time to live specifies, in seconds, time
  remaining before this packet expires
• Every router must decrease this value by at least
  one.
• Protocol indicates protocol at next higher
  level
• Current listhttp//www.iana.org/assignments/prot
  ocol-numbers
• Examples
• 1 ICMP Internet Control Message Protocol
• 6 TCP Transmission Control Protocol
• 17 UDP User Datagram Protocol

39
IP Protocol Fields

• Header checksum
• 16 bit ones-complement addition of all 16 bit
  words in the header
• Set to zero before computation
• Re-computed at each router
• Some fields, such as time-to-live will change as
  message travels through network
• Source address 32 bit IP address
• Destination address 32 bit IP address

40
IP options

• Defined in RFC 791 and others
• Examples
• Secure packet
• Routing information provided
• Record route
• Record time stamps
• Stream identifier

41
IP upper level interface

• Two service primitives send and receive
  (recv)
• Result SEND(src,dst,prot,TOS,TTL,BufPTR,len,Id,D
  F,opt)
• Result RECV(BufPTR,prot,src,dst,TOS,len,opt
  )

• where
• src source address
• dst destination address
• prot protocol
• TOS type of service
• TTL time to live

• BufPTR buffer pointer
• len length of buffer
• Id Identifier
• DF Don't Fragment
• opt option data

42
IP Fragmentation and Reassembly

• Construction of an IP packet requires obeying
  maximum frame sizes at each data link layer
• MTU maximum transmission unit
• Example IP packet carried inside an Ethernet
  frame (see slide 303) can have, at most, 1480
  octets of user data 20 octets of IP header
  1500
• RFC 791 says any part of the internet must have
  an MTU ? 68 octets
• Any host must be able to receive 576 octets
  (possibly in fragments)

43
IP Fragmentation and Reassembly

• If the IP dont fragment flag is set, and there
  is more data than the MTU allows, a router will
  trash the IP packet and send an ICMP message.
• Otherwise, router has to separate user data into
  fragments of allowable size.
• Fragmentation can be done at any router
  reassembly is only done at final destination.

44
Example of MTU Ethernet frames

• Ethernet frame
• IP Packet

Frame type
Preamble
data
CRC
Dest. Addr.
Source Addr.
SFD
0800
7
46 1500
4
6
6
2
1
octets
1500 ( MTU)
octets
Layer 4 data
Source Addr.
Dest. Addr.
IP
24 1480
4
4
12
octets
45
Example of Fragmented Data
User data 2276 octets
With an MTU of 1500, this could be sent as
TL816, FO185, more0
User data 796 octets
20
TL total length, FO frame offset (in
8-octet/64-bit units)
46
IP Fragmentation

• The frame offset is used instead of a fragment
  sequence number because this allows for further
  fragmentation at a subsequent router

TL816, FO185, more0
796
MTU 820
47
Reassembly

• Reassembly is only done at the destination
• i.e. host with IP address in destination field
• Fragments are reassembled based on matching
  source address, destination address,
  identification field (sequence number), and
  protocol
• A reassembly timer is often used as the holding
  time for resources while waiting for all
  fragments
• Timer started when first fragment arrives.
• Timer cancelled when contiguous data from frame
  offset 0, to a fragment where the more flag is
  0 has arrived.
• If timer expires, buffer is released and
  fragments are trashed (and ICMP time exceeded
  message returned).
• Alternative use Time to live field of first
  fragment

48
Internet Control Message Protocol (ICMP)

• Defined in RFC 792, plus updates
• Required for internet compliance
• Carried in IP packets
• ICMP messages often sent as a reply to IP packet

Bits
0
4
8
16
31
Type
Code
Checksum
Parameters
Message content variable length
49
ICMP message types

• 8 Echo
• 0 Echo reply
• Asks for return of this message for testing
• Parameters identifier, sequence number
• 3 Destination unreachable
• Code indicates particular condition
• 0 net unreachable
• 1 host unreachable
• 2 protocol unreachable
• 3 port unreachable
• 4 fragmentation required dont fragment flag
  set
• 5 source route failure
• Data original IP header, plus first 64 bits of
  data

50
ICMP message types

• 4 Source quench
• Request to slow sending rate of IP packets
• Data as in destination unreachable (type 3)
• 5 Redirect
• Used to indicate a shorter routing path
• Parameters IP address of suggested router
• 11 Time exceeded
• Time to live counter of IP packet reached zero
• Reassembly of fragmented data has timed out.
• Data as in destination unreachable (type 3)
• 12 Parameter problem
• Indicates problems with an IP message (usually
  bad option format)
• Data as in destination unreachable (type 3)

51
ICMP message types

• 13 Timestamp
• Sends message that records sending time, and asks
  for reply
• Data sending time, reception time (to be filled
  in), reply sending time (to be filled in)
• 14 Timestamp reply
• Reply to timestamp request
• Data values filled in from ICMP 13 message
• 17 Address mask request
• Host asks router on LAN for CIDR address mask
  (usually at reboot)
• 18 Address mask reply
• Reply to address mask request
• Data the address mask

52
Network administration functionsthat use ICMP

• Ping test if a host will respond
• Sends an ICMP echo message to designated host
• Host sends ICMP echo reply
• Used to test connectivity
• Many organizations have disabled ping to prevent
  denial-of-service attacks
• Traceroute find route from source to
  destination
• Sends IP packet with time-to-live of 1
• First router will discard packet and send ICMP
  time exceeded message
• Next message sent has time-to-live of 2, and so
  on until destination is reached
• Each router en route will have sent an ICMP
  message

53
Protocol Configuration

• A software vendor wants to sell identical copy of
  protocol software to all customers.
• Each system running a protocol will have
  different parameters
• IP address
• Hardware address
• Location of local router
• Location of local servers for Domain Name
  Service, printing, time of day,
• The problem
• How to discover the local custom values when
  system is initialized?

54
Protocol Configuration Initialization

• Example joining the campus wireless network.
• You do not want to have to configure your system
  you want to start using the Internet right away
• Problem
• What address do you use to find an address?

55
Types of Address Discovery

• Fixed
• Host is assigned a permanent set of addresses for
  IP, hardware, etc.
• Protocol software needs to find these parameters
  during initialization, either locally or from a
  server.
• Required for well-known locations (e.g. web
  server)
• Dynamic
• Host uses a temporary IP address obtained from a
  server for a specified period of time.
• Addresses are allocated from an available pool
• Examples ISP dial-up connection, wireless network

56
Protocol Initialization

• Local, fixed option manual configuration of IP
  address.
• Reverse Address Resolution Protocol (RARP)
• ARP Given IP address, find hardware address
• RARP Given hardware address, obtain IP address
• Needs fixed hardware address in network interface
  card (e.g. Ethernet)
• RARP request for IP address is broadcast over
  network.
• After obtaining an IP address, the next step is
  to find a router.
• To do this, we need the subnet mask of the
  network, so that we can find a router on the same
  network.
• Broadcast ICMP Address Mask Request message
• Reply contains IP mask
• Broadcast ICMP Gateway discovery message

57
Dynamic Address Allocation

• Each host obtains a lease for an IP address
  assigned from a pool.
• Provisioning challenge how large should the
  pool of IP addresses be for customer base?
• Lease has expiry time
• Lease can be renewed before expiry
• On expiry, IP address is returned to the
  available pool.

58
DHCP Dynamic Host Configuration Protocol

• Defined in RFC 2131
• Protocol to automatically
• Assign an IP address from a pool of available
  addresses
• Assignment can be permanent or temporary
• Temporary assignment (a lease) will have an
  expiry time.
• Locate a server
• Locate a router
• Get the name of a server
• Relies on special IP addresses
• IP address 0.0.0.0 used to send messages while
  obtaining IP address
• IP address 255.255.255.255 local network
  broadcast

59
DHCP Message Format
0
8
16
24
31
Bits
Message type
HW addr. type
Header length
Hops to server
Transaction ID
Seconds elapsed
Broadcast flag and 15 zeros
Client IP address (if renewing)
Your new IP address
Reboot Server IP address
Router IP address
Client Hardware address (16 octets)
Server host name (64 octets)
Reboot file name (128 octets)
Options (variable)
60
DHCP Message Types

• (not a complete list)
• Discover request from client to find servers
  (broadcast)
• Offer server reply to discover, with offer of
  configuration parameters (broadcast, possibly by
  more than one server)
• Request confirmation of offer, sent from client
  to specific server
• Acknowledgement configuration parameters issued
  by server to client
• Release client returns allocations to server
  and cancels lease

61
Network Address Translation (NAT)

• Problem increased number of private / home
  networks
• Solution reserve some IP addresses as private
  addresses
• The following IP addresses can be used locally
• 10.0.0.0 to 10.255.255.255
• 172.16.0.0 to 172.31.255.255
• 192.168.0.0 to 192.168.255.255
• No standard router will forward packets with
  these addresses

62
NAT Routers

• To set up a home network, obtain a regular IP
  address such as 200.24.5.8, and an NAT router
• Configure the NAT router so that it is connected
  to the Internet with the regular IP address.
• Internally, to set up 3 computers on the private
  network, configure them as (for example)
• 10.0.0.1 internal address of NAT router
• 10.0.0.2, 10.0.0.3, 10.0.0.4 addresses of the
  computers

63
Address Translation

• Within the private network, a computer sending an
  IP packet uses
• Source IP address the private IP address (e.g.
  10.0.0.2)
• Destination IP address the actual destination
• At the NAT router, the router will replace the
  source IP address with its own global IP address
  (e.g. 200.24.5.8)
• Return packets will have the destination as the
  global IP address of the router.
• The NAT router will then replace the destination
  address with the local address of the computer
• The NAT router needs to monitor outgoing packets,
  so that incoming packets can be forwarded
  correctly.

64
NAT Routing Table

• The NAT router will keep a table that matches the
  internal IP addresses with the destination IP
  addresses.
• Example 10.0.0.2 sends an IP packet to
  25.8.2.10 via NAT router with external address
  200.24.5.8.
• The NAT router creates a table entry associating
  the destination 25.8.2.10 with 10.0.0.2
• The NAT router replaces the source address with
  its external address
• External IP packet Source 200.24.5.8,
  Destination 25.8.2.10.
• When an IP packet arrives from 25.8.2.10 with
  destination 200.24.5.8, the NAT router looks up
  the source in the routing table, replaces the
  destination with the routing table entry
  10.0.0.2, and then forwards the packet.

65
Limitations

• Since the NAT router forwards incoming packets,
  based on remembered destinations of outgoing
  packets, communication must always be initiated
  from inside the private network.
• This means that hosts connected to an NAT router
  cannot run server programs, as they cannot be
  contacted directly.
• Two computers inside the private network cannot
  access the same global destination concurrently,
  unless sending port numbers (transport layer
  addresses used by TCP/UDP) are
• stored by the NAT router
• distinguishable (probable, but not certain)

66
IP Version 6 (IPv6)

• Defined in RFC 2460 and others
• Enhancements
• 128 bit addresses
• Revised (incompatible) base header format
• Extension headers used for additional information
• Support for Quality of Service specification
• Extensibility
• Modifications to accommodate faster routing

67
IPv6 addresses

• IPv4 addresses have first 96 bits as 0 in IPv6
• New shorthand notation colon hexadecimal
• 105.220.136.100.255.255.255.255.0.0.18.128.140.10.
  255.255
• becomes
• 69DC8864FFFFFFFF012808C0AFFFF
• FFOC0000000B1
• becomes
• FFOC B1
• In IPv6, an IP address is assigned to an
  interface, not a node
• One device can have 2 or more IPv6 addresses on
  the same network
• Intended to speed routing of packets
• Example one address could be the higher
  priority interface.

68
IPv6 multiple headers
optional
IPv6 base
data
Extension 1
Extension N

40
octets

• Each extension header will identify its own
  length, as well as the type of extension header
  (next header) or data that follows.

69
IPv6 Base Header
0
4
12
16
24
31
Bits
Version
Traffic class
Flow label
Payload length
Next header
Hop limit
Source address
Destination address
70
IPv6 base header fields (1)

• Version 6
• Traffic class
• Available for establishing classes or priorities
  for packet handling
• First 6 bits differentiated services field
• Last 2 bits reserved for congestion
  notification (not yet standardized)
• Flow label identifier for a sequence of packets
  from a single source, and with similar
  transmission requirements
• Example one flow could identify a specific video
  transmission

71
IPv6 base header fields (2)

• Payload length (in octets)
• Length of all extension headers plus upper layer
  data
• Does not include the fixed header.
• Next header identifies type of header following
  this header
• Could indicate upper level protocol, or IPv6
  extension header
• Values are the protocol numbers defined in
  http//www.iana.org/assignments/protocol-numbers

72
IPv6 base header fields (3)

• Hop limit after visiting this many routers,
  packet will be discarded.
• Source, destination addresses
• Destination address may not be packets ultimate
  destination
• Available modes
• Unicast single destination
• Anycast choose one destination from a list
• Multicast specific group of destinations
• Broadcast to everyone

73
Extension headers

• Recommended order of appearance
• IPv6 base (required)
• Hop-by-hop options (next header 0)
• Destination options (next header 60)
• To be processed by first destination in IPv6
  header, plus destinations in routing header.
• Routing header (next header 43)
• Fragmentation header (next 44)
• Authentication (next header 51)
• Security / Encapsulation (next header 50)
• Destination options (next header 60)
• For packets final destination
• Upper layer protocol (next header 6 for TCP, 17
  for UDP,58 for ICMPv6, 41 for IPv6 inside IPv6)

74
Hop-by-Hop Options

• Jumbo payload packet is larger than 65,535
  octets
• Payload length in fixed header must be zero
• No fragment header
• Router alert information should be examined
  by each router along the way
• Example using a protocol such as the Resource
  reSerVation Protocol (RSVP) to set up quality of
  service parameters.

75
Fragmentation in IPv6

• An extension header, the fragment header
  contains the fragmentation information not
  contained in the base header
• All fragmentation in IPv6 must be done by
  original sender
• This means that the sender has to discover the
  minimum MTU for the entire transmission.
• Find MTU by sending decreasingly larger ICMP
  echo messages with dont fragment set, until
  an ICMP echo reply is returned instead of
  destination unreachable
• IPv6 has the rule that networks must have an MTU
  ? 1280 octets

76
Authentication Codes

• Message Authentication Code (MAC)
• carried in authentication header.
• Assume that sender A and receiver B have a shared
  secret key, KAB.
• MAC f(KAB, M), where f is a mutually-agreed
  encryption function
• Receiving the correct MAC means
• receiver knows that message is not altered.
• message is from correct sender
• sequence of message is correct

77
Transition from IPv4 to IPv6

• During the transition period from IPv4 to IPv6,
  if an IPv6, if an IPv6 packet has to cross an
  IPv4 network, an approach called tunneling is
  used.
• When the IPv6 packet reaches an IPv4 network, an
  IPv4 packet is created and the IPv6 is put inside
  with protocol number 41.
• The destination IPv4 address is the next router
  that can forward the packet using IPv6.

version
IPv4 data
4
41
next IPv6 router
IPv4 destination
upper layer data
6
17
IPv6 dest
protocol (IPv6)
next header
version
78
IP tunneling
X
IPv6
IPv6
IPv4
C
X
C
C
C