Friday, September 6, 2013

THE INTERNET LAYER PROTOCOLS

In the DoD model, there are two main reasons for the Internet layer’s existence: routing and providing a single network interface to the upper layers. None of the other upper- or lower-layer protocols have any functions relating to routing that complex and important task belongs entirely to the Internet layer.

 The Internet layer’s second duty is to provide a single network interface to the upper-layer protocols. Without this layer, application programmers would need to write “hooks” into every one of their applications for each different Network Access protocol. This would not only be a pain in the neck, but it would lead to different versions of each application—one for Ethernet, another one for Token Ring, and so on. To prevent this, IP provides one single network interface for the upperlayer protocols. That accomplished, it’s then the job of IP and the various Network Access protocols to get along and work together.

All network roads don’t lead to Rome—they lead to IP. And all the other protocols at this layer, as well as all those at the upper layers, use it. Never forget that. All paths through the DoD model go through IP.
The following list describes the protocols at the Internet layer:
  • Internet Protocol (IP)
  • Internet Control Message Protocol (ICMP)
  • Address Resolution Protocol (ARP)
  • Reverse Address Resolution Protocol (RARP)
  • Proxy ARP

Internet Protocol (IP)

Internet Protocol (IP) essentially is the Internet layer. The other protocols found here merely exist
to support it. IP holds the big picture and could be said to “see all,” in that it’s aware of all the interconnected
networks. It can do this because all the machines on the network have a software, or logical, address called an IP address.
IP looks at each packet’s address. Then, using a routing table, it decides where a packet is to be sent next, choosing the best path. The protocols of the Network Access layer at the bottom of the DoD model don’t possess IP’s enlightened scope of the entire network; they deal only with physical links (local networks).

Identifying devices on networks requires answering these two questions: Which network is it on? And what is its ID on that network? The first answer is the software address, or logical address (the correct street). The second answer is the hardware address (the correct mailbox). All hosts on a network have a logical ID called an IP address. This is the software, or logical, address and contains valuable encoded information, greatly simplifying the complex task of routing.

IP receives segments from the Host-to-Host layer and fragments them into datagrams (packets) if necessary. IP then reassembles datagrams back into segments on the receiving side. Each datagram is assigned the IP address of the sender and of the recipient. Each router (layer 3 device) that receives a datagram makes routing decisions based on the packet’s destination IP address.

Internet Control Message Protocol (ICMP)

Internet Control Message Protocol (ICMP) works at the Network layer and is used by IP for many different services. ICMP is a management protocol and messaging service provider for IP. Its messages are carried as IP datagrams. RFC 1256 is an annex to ICMP, which affords host’s extended capability in discovering routes to gateways.
ICMP packets have the following characteristics:
  • They can provide hosts with information about network problems.
  • They are encapsulated within IP datagrams.
The following are some common events and messages that ICMP relates to:
Destination Unreachable If a router can’t send an IP datagram any further, it uses ICMP to send a message back to the sender, advising it of the situation.
Buffer Full If a router’s memory buffer for receiving incoming datagrams is full, it will use ICMP to send out this message until the congestion abates.
Hops Each IP datagram is allotted a certain number of routers, called hops, to pass through. If
it reaches its limit of hops before arriving at its destination, the last router to receive that datagramdeletes it. The executioner router then uses ICMP to send an obituary message, informing the sending
machine of the demise of its datagram.
Ping Packet Internet Groper (Ping) uses ICMP echo request and reply messages to check the
physical and logical connectivity of machines on an internetwork.
Traceroute Using ICMP time-outs, Traceroute is used to discover the path a packet takes as
it traverses an internetwork.

Address Resolution Protocol (ARP)

Address Resolution Protocol (ARP) finds the hardware address of a host from a known IP address. Here’s how it works: When IP has a datagram to send, it must inform a Network Access protocol, such as Ethernet or Token Ring, of the destination’s hardware address on the local network. (It has already been informed by upper-layer protocols of the destination’s IP address.) If IP doesn’t find the destination host’s hardware address in the ARP cache, it uses ARP to find this information.

As IP’s detective, ARP interrogates the local network by sending out a broadcast asking the machine with the specified IP address to reply with its hardware address. So basically, ARP translates the software (IP) address into a hardware address—for example, the destination machine’s Ethernet board address—and from it, deduces its whereabouts on the LAN by broadcasting for this address.

Reverse Address Resolution Protocol (RARP)

When an IP machine happens to be a diskless machine, it has no way of initially knowing its IP address. But it does know its MAC address. Reverse Address Resolution Protocol (RARP) discovers the identity of the IP address for diskless machines by sending out a packet that includes its MAC address and a request for the IP address assigned to that MAC address. A designated machine, called a RARP server, responds with the answer and the identity crisis is over. RARP uses the information it does know about the machine’s MAC address to learn its IP address and complete the machine’s ID portrait.

Proxy Address Resolution Protocol (Proxy ARP)

On a network, your hosts can’t have more then one default gateway configured. Think about this…What if the default gateway (router) happens to go down? The host won’t just start sending to another router automatically—you’ve got to reconfigure that host. But Proxy ARP can actually help machines on a subnet reach remote subnets without configuring routing or even a default gateway.

One advantage of using Proxy ARP is that it can be added to a single router on a network without disturbing the routing tables of all the other routers that live there too. But there’s a serious downside to using Proxy ARP. Using Proxy ARP will definitely increase the amount of traffic on your network segment, and hosts will have a larger ARP table than usual in order to handle all the IP-to-MAC-address mappings.