cns

1. UNIT 2
INTERNET PROTOCOL (IP)

2. INTERNET PROTOCOL (IP)

3. INTERNET PROTOCOL (IP)
• Internet Protocol version 4 (IPv4), is responsible for packetizing,
forwarding, and delivery of a packet at the network layer.
• The Internet Control Message Protocol version 4 (ICMPv4) helps IPv4 to
handle some errors that may occur in the network-layer delivery.
• The Internet Group Management Protocol (IGMP) is used to help IPv4 in
multicasting
• The Address Resolution Protocol (ARP) is used to glue the network and
data-link layers in mapping network-layer addresses to link-layer
addresses.
Protocols at Network Layer

4. IP
• IP is a connection-less, unreliable protocol (it does not guarantee the delivery
of a datagram to its destination).
-connection-less: each datagram is handled independently, and each datagram can
follow a different route to the destination. This implies that datagrams sent by the
same source to the same destination could arrive out of order
• IP provides best effort services (does not provide full reliability) in the sense
– There is no guarantee of delivery of error-free packets
– There is no guarantee of ordered delivery of packets
– IPv4 packets can be corrupted, be lost, or be delayed, and may create
congestion for the network
• Ex: The post office does its best to deliver the regular mail but does not
always succeed. If an unregistered letter is lost or damaged, it is up to the
sender or would-be recipient to discover this.
• Opposite of best effort is dedicated service
• IP relies on upper layer transport protocols (TCP) to take care of these
problems. Hence we write TCP/IP!

6. Datagram Format
Header size: 20 (min)-60 (max)bytes
Payload (from higher layer): 0-65515 bytes
20+65515 = 65535

7. Datagram Format
• VER: the version of the IPv4 protocol, which, obviously, has the value of 4 (0100)
• HLEN:defines the total length of the datagram header (4 bits)
0000 (0)
0001 (1)
0101 (5) 5*4=20 bytes
1111(15) 15*4= 60 bytes
• Service Type: which defined how the datagram should be handled (8 bits).
Field to provide differentiated services. (8 bits)
- Used to identify which traffic should receive priority treatment
- Precedence(3) (to set priority- whether the packet is routine(normal) or
immediate)
- Type of Service(5) (Delay , Throughput, Reliability, Cost, Reserved)
Header

8. Example 19.1
Q. An IPv4 packet has arrived with the first 8 bits as
shown:01000010. The receiver discards the packet. Why?
• There is an error in this packet. The 4 leftmost bits (0100) show
the version, which is correct.
• The next 4 bits (0010) show an invalid header length (2 × 4 =
8). The minimum number of bytes in the header must be 20.
The packet has been corrupted in transmission.

9. Datagram Format
• Total Length: The total length of the datagram including the header.
-A 16-bit number can define a total length of up to 65,535
- Length of data = total length − (HLEN) × 4
- 65535 – (5*4)=65515
- Identification, Flags, and Fragmentation Offset
These three fields are related to the fragmentation of the IP datagram when the size of
the datagram is larger than the underlying network can carry.
• Time-to-live (8 bits i.e. 0 to 255)
• (TTL) field is used to control the maximum number of hops (routers) visited by the
datagram. When a source host sends the datagram, it stores a number in this field.
• Each router that processes the datagram decrements this number by one. If this value,
after being decremented, is zero, the router discards the datagram.

10. 57 is the number of hops that the packet can travel before it is dropped. After a packet
Passes through 57 routers, if it hasn’t reached its final destination yet, the packet will expire
and will be removed from the network

11. Example 19.3
In an IPv4 packet, the value of HLEN is 5, and the value of the
total length field is (0028)16. How many bytes of data are being
carried by this packet?
• The HLEN value is 5, which means the total number of bytes
in the header is 5 × 4, or 20 bytes (no options).
• The total length is (0028)16 or 40 bytes,
Length of data = total length − (HLEN) × 4
= 40 -20 =20 bytes

12. Datagram Format
• Protocol: the data section of a packet, called the payload, carries the
whole packet from another protocol.
• The Internet authority has given any protocol that uses the service of IP a
unique 8-bit number which is inserted in the protocol field.
• When the payload is encapsulated in a datagram at the source IP, the
corresponding protocol number is inserted in this field; when the datagram
arrives at the destination, the value of this field helps to define to which
protocol the payload should be delivered.

13. Datagram Format
Header checksum: IP adds a header checksum field to check the header, but
not the payload
• IP is not a reliable protocol; it does not check whether the payload carried
by a datagram is corrupted during the transmission
• Errors in the IP header can be a disaster.
– For example, if the destination IP address is corrupted, the packet can
be delivered to the wrong host.
– If the protocol field is corrupted, the payload may be delivered to the
wrong protocol.
– If the fields related to the fragmentation are corrupted.

14. Datagram Format
Source and Destination Addresses. (32-bit)
• Define the IP address of the source and destination respectively
• The source host should know its IP address. The destination IP address is either known
by the protocol that uses the service of IP or is provided by the DNS
• The value of these fields must remain unchanged during the time the IP datagram
travels from the source host to the destination host.
Options
• 40 bytes of options.
• Network testing and debugging
Payload
• Payload, or data, is the main reason for creating a datagram.
• Payload is the packet coming from other protocols that use the service of IP

15. Example 19.2
In an IPv4 packet, the value of HLEN is (1000)2. How many bytes
of options are being carried by this packet?
• The HLEN value is 8, which means the total number of bytes
in the header is 8 × 4, or 32 bytes.
• The first 20 bytes are the base header, the next 12 bytes are
the options.
20 (base header)+12 (options) =32

16. Example 19.4
An IPv4 packet has arrived with the first few hexadecimal digits as shown.
(45000028000100000102…)16
How many hops can this packet travel before being dropped? The data belong
to what upper-layer protocol?
• To find the time-to-live field, we skip 8 bytes (16 hexadecimal digits).
8*8= 64 bits/4 bits= 16
• The time-to-live field is the ninth byte, which is (01)16. This means the
packet can travel only one hop.
• The protocol field is the next byte (02)16, which means that the upper-
layer protocol is IGMP.

17. Example 19.5
Figure 19.4 shows an example of a checksum calculation for an IPv4 header without
options. The header is divided into 16-bit sections. All the sections are added and the
sum is complemented after wrapping the leftmost digit. The result is inserted in the
checksum field.

18. Fragmentation
• IP Fragmentation is a process of dividing the datagram into fragments
during its transmission.
• It is done by intermediary devices such as routers at the destination host
at network layer.

19. Fragmentation
• A datagram can travel through different networks.
• Each router decapsulates the IP datagram from the frame it receives,
processes it, and then encapsulates it in another frame.
• Format and size of the received frame depend on the protocol used by
the physical network through which the frame has just traveled.
• For Example:
– If a router connects a LAN to a WAN, it receives a frame in the LAN
format and sends a frame in the WAN format.

20. Maximum Transfer Unit (MTU)
• Each Link-layer protocol has its own frame format.
• Format is the maximum size of the payload that can be encapsulated.
– Datagram is encapsulated in a frame , should be maximum size.
MTU differs from one physical network protocol to another.
Ex: LAN, Ethernet is normally 1500 bytes, but for a WAN it can be larger or smaller
Maximum length of the IP datagram is 65,535 bytes.
.

21. Fragmentation
• We must divide the datagram to make it possible for it to pass through
these networks is called fragmentation
• This fragmentation process takes place at the IP layer (OSI layer 3) and
marks the packets it fragments as such, so that the IP layer of the
destination host knows it should reassemble the packets into the original
datagram.

22. Reassembly
• A datagram can be fragmented by the source host or any router in the
path.
• The reassembly of the datagram, however, is done only by the destination
host because each fragment becomes an independent datagram.
• Fragmented datagram can travel through different routes, and we can
never control or guarantee which route a fragmented datagram may take,
all of the fragments belonging to the same datagram should finally arrive
at the destination host

23. Fields Related to Fragmentation
• Three fields in an IP datagram are related to fragmentation:
– Identification.
– Flags.
– Fragmentation offset.

24. Identification (16 bits) Flags (3) Offset (13)
Packet
Divided one packet into 3 datagrams
(which may take different routes)
To identify all the three datagrams belongs
to one packet, identification field is used.
2^16 possible values
Reserved
0
DF
(Do not fragment)
MF
(More fragment)
0 – There is a fragment
1 – There is no fragment
0 or 1
It is a first packet
or middle or last packet
Number of bytes ahead of it

25. Identification
• The 16-bit identification field identifies a datagram originating from the
source host.
• The combination of the identification and source IP address must
uniquely define a datagram as it leaves the source host.
• When a datagram is fragmented, the value in the identification field is
copied into all fragments

26. Flags
• 3-bit flags field defines three flags.
• The leftmost bit is reserved (not used).
• The second bit (D bit) is called the do not fragment bit.
– If its value is 1, the machine must not fragment the datagram.
– If its value is 0, the datagram can be fragmented if necessary.
• The third bit (M bit) is called the more fragment bit
– If its value is 1, it means the datagram is not the last fragment; there
are more fragments after this one. If its value is 0, it means this is
the last or only fragment.

27. offset field
• 13-bit fragmentation offset field.
• Shows the relative position of this fragment with respect to the whole
datagram.
• Number of bytes ahead of it
• First part of the original datagram - It sets the Offset to 0/8=0
• The second fragment – 200/8 =25
• Third fragment – 200+200 /8 =50
– (Scaling factor: 8. It is the offset of the data in the original datagram
measured in units of 8 bytes)
P3
200 bytes
P2
200 bytes
P1
200 bytes

28. A datagram of 3000 B (20 B of IP header +2980 B of IP payload) reached at
router and must be forward to link with MTU of 500 B. How many fragments
will be generated and also write MF, offset, total length value for all
20 2980
Router
3000B
MTU:500B
20 480
Total Data : 2980 B
2980/480 = 7
P2
P3
P4
P5
P6 P1
P7
480+20
480+20
480+20
480+20
480+20
480+20
100+20
0 1 1 1 1 1 1 MF
(Last packet is not followed by any
other packet)
360 300 240 180 480+480/8=120 480/8=60 0/8=0 Offset
Number of bytes ahead of it

29. Unfragmented packet

30. Fragmentation Example
• Shows a datagram with a data size of 4000 bytes.
• Fragmented into three fragments.
• Original datagram are numbered 0 to 3999.
P1
P2
P3
0 1 1 MF
0 Offset

31. Fragmentation Example
• Shows a datagram with a data size of 4000 bytes.
• Fragmented into three fragments.
• Original datagram are numbered 0 to 3999.
P1
P2
P3
1400+1400/8=350 1400/8=175 0 Offset

32. Fragmentation Example
Packet
1400 B
(512+512+376)
0/8=0
512/8=64
512+512/8=128

33. Detailed fragmentation example
8/0=000
1400/8=175
1400+800/8=275
1400+800+600/8=350

34. LABProgram
2. Write a program to divide the message into variable length
frames and sort them and display the message at the receiving
side. */
Step 1: Enter a Message (Hello good afternoon)
Step 2: Display the shuffled frames along with their frame IDs (Using random function)
• frame_id frame_data
• ----------------------------
• 1 lo go
• 0 hel
• 2 od af
• 5 on
• 3 ter
• 4 nn
• Step 3: Display the Sorted frames: (Using sorting techniques : Bubble/selection/insertion……)
• frame_id frame_data
• ----------------------------
• 0 hel
• 1 lo go
• 2 od af
• 3 ter
• 4 nn
• 5 on
Step 4: Display the final message
https://www.quora.com/What-is-frame-sorting-in-networks

35. Example 19.6
A packet has arrived with an M bit value of 0. Is this the first fragment, the
last fragment, or a middle fragment? Do we know if the packet was
fragmented?
Solution
• If the M bit is 0, it means that there are no more fragments; the fragment
is the last one.
• However, we cannot say if the original packet was fragmented or not. A
nonfragmented packet is considered the last fragment.

36. Example 19.7
A packet has arrived with an M bit value of 1. Is this the first
fragment, the last fragment, or a middle fragment? Do we know
if the packet was fragmented?
• If the M bit is 1, it means that there is at least one more fragment. This
fragment can be the first one or a middle one, but not the last one.
• We don’t know if it is the first one or a middle one; we need more
information (the value of the fragmentation offset).

37. Example 19.8
A packet has arrived with an M bit value of 1 and a
fragmentation offset value of 0. Is this the first fragment, the last
fragment, or a middle fragment?
Solution
• Because the M bit is 1, it is either the first fragment or a
middle one. Because the offset value is 0, it is the first
fragment.

38. Example 19.9
A packet has arrived in which the offset value is 100. What is the
number of the first byte? Do we know the number of the last
byte?
Solution
• To find the number of the first byte, we multiply the offset value by 8. This
means that the first byte number is 800.
• We cannot determine the number of the last byte unless we know the
length of the data.
First packet
Offset:0
packet
Offset:100
800 bytes

39. Example 19.10
A packet has arrived in which the offset value is 100, the value of
HLEN is 10, and the value of the total length field is 100. What
are the numbers of the first byte and the last byte?
Solution
• The first byte number is 100 × 8 = 800.
• The total length is 100 bytes, and the header length is 40 bytes (10 × 4),
which means that there are 60 bytes in this datagram.
Hlen (10*4=40) Total length: 100-40 = 60
• If the first byte number is 800, the last byte number must be 859.
Packet
Offset:0
Offset:100
HLEN:10 Tlegth:100
Packet
Offset:0
0 799
Offset:100
800 859
800 bytes

40. Options
• IPv4 datagram is made of two parts:
– Fixed part (20 bytes)
– Variable part
• Variable part comprises the options that can be a maximum of
40 bytes.
• Options, as the name implies, are not required for a datagram.
• Network testing and debugging.

41. Options
• Options are divided into two broad categories:
– Single-byte options
– Multiple-byte options
• Single-byte options: No Operation and End of options.
• Multiple-byte options: There are four multiple-byte options.
– Record Route
– Strict Source Route
– Loose Source Route
– Timestamp
• A record route option is used to record the Internet routers that handle the datagram.
• A strict source route option is used by the source to predetermine a route for the
datagram as it travels through the Internet.
• A loose source route option is similar to the strict source route. Each router in
the list must be visited, but the datagram can visit other routers as well.
• A timestamp option is used to record the time of datagram processing by a router.

42. Security of IPv4 Datagrams
• There are three security issues that are particularly applicable to the IP protocol:
– Packet sniffing
– Packet modification
– IP spoofing.

43. Packet Sniffing
– An intruder may intercept an IP packet and make a copy of it.
– Packet sniffing is a passive attack.
– Packet sniffing cannot be stopped.
– Encryption of the packet can make the attacker’s effort useless.
– May still sniff the packet, but the content is not detectable.
Packet Modification
– The attacker intercepts the packet, changes its contents, and sends
the new packet to the receiver.
– Type of attack can be detected using a data integrity mechanism.

44. IP Spoofing
• IP Spoofing is a technique used to gain unauthorized access to
machines.
– Ex. An attacker can send an IP packet to a bank pretending that it is
coming from one of the customers
IP Spoofing involves modifying the packet header with a forged (spoofed)
source IP address, a checksum, and the order value.

45. IPSec
• IP packets today can be protected using a protocol called IPSec (IP Security).
• This protocol, which is used in conjunction with the IP protocol, which
provides secure exchange of packets at the IP layer.
• IPSec provides the following four services:
– Defining Algorithms and Keys: The two entities that want to create a
secure channel
– Packet Encryption: The packets exchanged between two parties can be
encrypted
– Data Integrity: Data integrity guarantees that the packet is not modified
during the
– Origin Authentication : IPSec can authenticate the origin of the packet

46. Example of IPSec
SSL, TLS, HTTPS, SMIME, Encryption etc.
As soon as packets through the routers

47. Unicast Routing

48. Introduction
• In an internet, the goal of the network layer is to deliver a datagram from
its source to its destination or destinations.
• If a datagram is destined for only one destination (one-to-one delivery),
we have unicast routing.
• If the datagram is destined for several destinations (one-to-many
delivery), we have multicast routing.
• The routing can be possible if a router has a forwarding table (to forward a
packet to the appropriate next node)
• To make the forwarding tables of the router, the Internet needs routing
protocols that will be active all the time in the background and update the
forwarding tables.
A routing protocol is a combination of rules and procedures that lets routers in the Internet
inform each other of changes.

49. General Idea
• In unicast routing, a packet is routed, hop by hop, from its source to its
destination by the help of forwarding tables
• The source host needs no forwarding table because it delivers its packet to
the default router in its local network.
• The destination host needs no forwarding table either because it receives
the packet from its default router in its local network.
• This means that only the routers that glue together the networks in the
internet need forwarding tables
• There are several routes that a packet can travel from the source to the
destination; what must be determined is which route the packet should
take.

50. An Internet as a Graph
• To find the best route, an internet can be modeled as a graph.
• Set of nodes (routers) and edges (each network between a pair of routers)
• A weighted graph, in which each edge is associated with a cost.
• In routing, however, the cost of an edge has a different interpretation in
different routing protocols (bandwidth, delay, time, cost, number of hops
etc)
• If there is no edge between the nodes, the cost is infinity.

51. Least-Cost Routing
• The best route from the source router to the destination router is to find
the least cost between the two.
• In Figure, the best route between A and E is A-B-E, with the cost of 6.
• This means that each router needs to find the least-cost route between
itself and all the other routers to be able to route a packet using this
criteria.

52. Least-Cost Trees
• If there are N routers in an internet, there are (N − 1) least-cost paths from each
router to any other router. This means we need N × (N − 1) least-cost paths for the
whole internet
• A least-cost tree is a tree with the source router as the root that spans the whole
graph (visits all other nodes) and in which the path between the root and any
other node is the shortest.
• In this way, we can have only one shortest-path tree for each node; we have N
least-cost trees for the whole internet

53. Least-Cost Trees
The least-cost trees for a weighted graph can have several properties if they are
created using consistent criteria.
1. The least-cost route from X to Y in X’s tree is the inverse of the least-cost route
from Y to X in Y’s tree; the cost in both directions is the same
The route from A to F in A’s tree is (A → B → E → F),
The route from F to A in F’s tree is (F → E → B → A)
The cost is 8 in each case

54. Least-Cost Trees
2. Instead of travelling from X to Z using X’s tree, we can travel from X to Y
using X’s tree and continue from Y to Z using Y’s tree.
• From A to G in A’s tree using the route (A → B → E → F → G)
• A to E in A’s tree (A → B → E)
• E’s tree using the route (E → F → G).
• The cost in the first case is 9; the cost in the second case is also 9 (6 + 3).

55. ROUTING ALGORITHMS
• Several routing algorithms have been designed in the past.
• The differences between these methods are in the way they interpret the
least cost and the way they create the least-cost tree for each node
• Here, we discuss the common algorithms; later we show how a routing
protocol in the Internet implements one of these algorithms.

56. Distance Vector/ Bellman-ford routing
• Goal: To find the best route (least cost path).
Operation:
• Each Node creates is its own least-cost tree with the basic information it
has about its immediate neighbors.
• The incomplete trees are exchanged between immediate neighbors to
make the trees more and more complete and to represent the whole
internet.
• In distance-vector routing, a router continuously tells all of its neighbors
what it knows about the whole internet
• Distance vector uses:
– Bellman-Ford Equation
– Distance Vectors

57. Bellman-Ford equation
• The heart of distance-vector routing is the famous Bellman-Ford equation
• This equation is used to find the least cost (shortest distance) between a
source node, x, and a destination node, y, through some intermediary
nodes (a, b, c, . . .)
• In distance-vector routing, normally we want to update an existing least
cost with a east cost through an intermediary node,

58. Distance Vector
• Distance vector is the rationale for the name distance-vector routing.
• Each node constructs a one-dimensional array containing the
"distances"(costs) to all other nodes and distributes that vector to its
immediate neighbors

59. Distance Vector Algorithm Steps
• Each node constructs a one-dimensional array containing the
"distances"(costs) to all other.
• After each node has created its vector, it sends a copy of the vector to all
its immediate neighbors
• After a node receives a distance vector from a neighbor, it updates its
distance vector using the Bellman-Ford equation

60. Distance Vector Routing (Bellman-Ford routing algorithm)
Each node knows the cost of the link to each of its directly connected neighbors
Basic vectors cannot help the internet to effectively forward a packet.

61. Distance Vector Routing (Bellman-Ford routing algorithm)
A 2
B 0
C 5
D 5
E 4
F 6
G Infi
A infi
B 5
C 0
D infi
E infi
F 4
G 3
= Min (B [ ], 5 + C[ ]) A 2
B 0
C 5
D 5
E 4
F 6
G 8
B Distance vector

62. Distance Vector Routing
-
B
B
D
B
B,E
B,E,F,

63. Distance Vector Routing Algorithm

64. Consider a network with 5 nodes (A-D). The network uses Distance Vector Routing
Protocol. Initially, each node generated its own distance vector and exchanges their
distance vector with their respective neighbours. After this exchange, build the routing
table at the node A for the same.
0
2
∞
1
A
B
C
D
A Initial Table
A’s Neighbours – B and D
B Initial Table
2
0
3
∞
A
B
C
D
D Initial Table
1
7
11
0
A
B
C
D
0
2
5 B
1
A[ ] = min(A[] , 2+B[ ])
A[ ] = min(A[] , 1+D[ ])
Updated A’S Table
A
B
C
D

65. Consider a network with 5 nodes (A-D). The network uses Distance Vector Routing
Protocol. Initially, each node generated its own distance vector and exchanges their
distance vector with their respective neighbours. After this exchange, build the routing
table at the node A for the same.
0
2
∞
1
A
B
C
D
A Initial Table
A’s Neighbours – B and D
B Initial Table
2
0
3
∞
A
B
C
D
D Initial Table
1
7
11
0
A
B
C
D
5 B,A
3
0
6
C[ ] = min(C[] , 11+D[ ])
A[ ] = min(A[] , 1+D[ ])
Updated A’S Table
A
B
C
D
Updated D’S Table

66. Distance Vector
Initial distances stored at each node
final distances stored at each node

67. Count to Infinity Problem
• It is an issue in Distance Vector Routing
• Counting to infinity is just another name for a routingloop
• A problem with distance-vector routing is that any decrease in cost (good
news) propagates quickly, but any increase in cost (bad news) will
propagate slowly.
• For a routing protocol to work properly, if a link is broken (cost becomes
infinity), every other router should be aware of it immediately, but in
distance-vector routing, this takes some time. The problem is referred to as
count to infinity.

68. Count to Infinity Problem
A ∞
B 0
C 1
D 2
B Routing Table
(When A to B link is cut)
A 2
B 1
C 0
D 1
C Routing Table
A 3
B 0
C 1
D 2
B Routing Table
(After receiving from C)
C Routing Table
(After receiving
from B)
A 4
B 1
C 0
D 1

69. Count to Infinity
Problem
• There is only one link between A and the other parts of thenetwork.
• Now imagine that the link between A and B iscut.
• At this time, B corrects its table.
• After a specific amount of time, routers exchange their tables, and so B receives C's
routing table.
• Since C doesn't know what has happened to the link between A and B, it says that it
has a link to A with the weight of 2 (1 for C to B, and 1 for B to A -- it doesn't know
B has no link toA).
• B receives this table and thinks there is a separate link between C and A, so it
corrects its table and changes infinity to 3 (1 for B to C, and 2 for C to A, asC
said).
• Once again, routers exchange their tables.
• When C receives B's routing table, it sees that B has changed the weight of its link
to A from 1 to 3, so C updates its table and changes the weight of the link to A to 4
(1 for C to B, and 3 for B to A, as B said).
• This process loops until all nodes find out that the weight of link to A isinfinity.

70. Count to Infinity Problem
• One way to solve this problem is for routers to send information only tothe
neighbors that are not exclusive links to the destination.
• For example, in this case, C shouldn't send any information to B aboutA,
because B is the only way toA

71. Split horizon
• A method used by distance vector routing protocols to prevent arouting
loop in a network.
• The principle is simple – a router will not advertise a route back onto the
interface from which it was learned.
without the split horizon mechanism
We have a network of three routers. All routers are running RIP, a distance
vector protocol. R3 is directly connected to the 10.0.0.0/24 network and
advertises that network using RIP to R2. R2 receives the routing update, places
the route in its routing table and informs R1 about the 10.0.0.0/24.
Because the split horizon mechanism is enabled by default on all interfaces, R1
will not advertise to R2 that it has the route to 10.0.0.0/24

72. Split horizon
R1 will not advertise to R2 that it has the route to 10.0.0.0/24
Using the split-horizon strategy has one drawback. Normally, the corresponding
protocol uses a timer (30 s), and if there is no news about a route, the node deletes
the route from its table.
When node R1 in the previous scenario eliminates the route to R3 from its
advertisement to R2, node R2 cannot guess whether this is due to the split-horizon
strategy (the source of information was R2) or because R1 has not received any news
about R3 recently.

73. Split horizon
R1 will not advertise to R2 that it has the route to 10.0.0.0/24
Using the split-horizon strategy has one drawback. Normally, the corresponding
protocol uses a timer (30 s), and if there is no news about a route, the node deletes
the route from its table.
When node R1 in the previous scenario eliminates the route to R3 from its
advertisement to R2, node R2 cannot guess whether this is due to the split-horizon
strategy (the source of information was R2) or because R1 has not received any news
about R3 recently.

74. Poison Reverse
• A method to prevent routing loops within computernetworks
• Distance-vector routing protocols in computer networks use route
poisoning to indicate to other routers that a route is no longer
reachable and should be removed from their routingtables.
• When the protocol detects an invalid route, all of the routers in the network
are informed that the bad route has an infinite (∞) routemetric.
• In the poison reverse strategy R1 can still advertise the value for R3, but if
the source of information is R2, it can replace the distance with infinity as a
warning: “Do not use this value; what I know about this route comes from
you.”

76. Assume that the network in Figure (previous problem) uses distancevector routing
with the forwarding table as shown for each node. If each node periodically
announces their vectors to the neighbor using the split-horizon strategy, what is the
distance vector advertised in the appropriate period:
a. from A to B? b. from C to D? c. from D to B? d. from C to A?
A 0
B 5
C 4
A 4
B
C 0
D 6
A
B 2
C 6
D 0
A 4
B 8
C 0
D 6

77. Assume that the network in Figure 20.34 uses distance-vector routing with the
forwarding table as shown for each node. If each node periodically announces their
vectors to the neighbor using the poison-reverse strategy, what is the distance vector
advertised in the appropriate
period: a. from A to B? b. from C to D? c. from D to B? d. from C to A?
0
5
4
∞
4
∞
0
6
If A has not received any
updates from B
∞
2
6
0
4
8
0
6

78. Link-State Routing
• link-state to define the characteristic of a link (an edge)
• The cost associated with an edge defines the state of the link
Steps:
• Discover its neighbors and build its neighbor table - Each Link State enabled
router periodically sends a HELLO message on each of its links.
• Measure the cost (delay, bandwidth, etc) to each of its neighbors
• Construct and send a routing update telling all it has learned to all routers in
the network
• Apply the Dijkstra algorithm to construct the shortest path to all possible
destinations

79. Link-State Database (LSDB)
• Each node needs to have a complete map of the network, which means it
needs to know the state of each link.
• The collection of states for all links is called the link-state database
(LSDB).
• There is only one LSDB for the whole internet

80. How each node can create this LSDB ?
• Two phases
– Reliable flooding :Tell all routers what you know about your local
topology.
• Flooding: The technique in which every incoming packet is sent on
every outgoing line except from which it arrived.
• Flooding stops somewhere in the network. (with the help of sequence
number/Hop counter)
– Path calculation (Dijkstra’s algorithm): Each router computes best
path over complete network

81. To Built LSDB

82. Formation of Least-Cost Trees
• Path calculation (Dijkstra’s algorithm): Each router computes best path
over complete network .
• Each node needs to run the famous Dijkstra Algorithm.
• This iterative algorithm uses the following steps:
– Node chooses itself as the root, creating a tree with a single node,
and sets total cost of each node based on the information in the LSDB.
– Node selects one node, among all nodes not in the tree, which is
closest to the root, and adds this to the tree. After this node is added
to the tree, the cost of all other nodes not in the tree needs to be
updated because the paths may have been changed.
– The node repeats step 2 until all nodes are added to the tree.

83. Example

85. For the network given in Figure 3.53, show how the link-state
algorithm builds the routing table for node D.
A B C D E F
A 0 ∞ 3 8 ∞ ∞
B ∞ 0 ∞ ∞ 2 ∞
C
D
E
F
C 3
D 8
A 8
E 2 Design the LSDB

86. For the network given in Figure 3.53, show how the link-state
algorithm builds the routing table for node D.
A B C D E F
{D} 8 ∞ ∞ 0 2 ∞
{D,E} 8 4 3 0 - ∞
{D,E,C} 6 4 - 0 - 9
{D,E,C,B} 6 - - 0 - 9
{D,E,C,B,A} - - - - - 9
{D,E,C,B,A,F} - - - - - -
C 3
D 8
A 8
E 2
Dijkstra’s
D
A 6
B 4
C 3
D 0
E 2
F 9
D E
C
B
A
F
2
4
3
6
9

87. • Use Dijkstra’s algorithm, for given Figure 20.35.
– Design the LSDB.
– Design LSP for Each router.
– Find the shortest path tree and the forwarding table for
node A

88. Comparison
• In the distance-vector routing algorithm, each router tells its
neighbors what it knows about the whole internet;
• Vector will be sent to its neighboring nodes
• Bellmen ford
• In the link-state routing algorithm, each router tells the whole
internet what it knows about its neighbors.
• Flooding is used
• Dijkstra’s with Bellmen ford

89. Comparison of LS and DV Routing

90. Path-Vector Routing
• Distance-vector and link-state routing are based on the least-cost goal. It
always prefer least cost path. There is no option to prioritize the path.
• For example, assume that there are some routers in the internet that a
sender wants to prevent its packets from going through.
• In other words, the least-cost goal, applied by LS or DV routing, does not
allow a sender to apply specific policies to the route a packet may take.

91. Path-Vector (PV) routing
• The best route is determined by the source using the policy it imposes on the route.
• The source can control the path
• Designed to route a packet between ISPs
• Policy could be
– Secure path
– Less delay
– to avoid some nodes as the middle node in a route
– minimum number of nodes to be visited

92. Spanning Trees
• In path-vector routing, the path from a source to all destinations is also
determined by the best spanning tree.
• best spanning tree - is not the least-cost tree; it is the tree determined by the
source when it imposes its own policy
• Each source has created its own spanning tree that meets its policy.
Policy:
• Use the minimum number of nodes to reach a destination
• The spanning tree selected by A and E is such that the communication does
not pass through D as a middle node

93. Creation of Spanning Trees
• Path-vector routing, like distance-vector routing, is an asynchronous and
distributed routing algorithm - gradually and asynchronously
• When a node is booted, it creates a path vector based on the information it can
obtain about its immediate neighbor -greeting messages to its immediate
neighbors
we do not mean that all of these tables are created simultaneously. They are created when
each node is booted

94. Creation of Spanning Trees
• Each node, after the creation of the initial path vector, sends it to all its
immediate neighbors.
• Each node, when it receives a path vector from a neighbor, updates its
path vector using an equation similar to the Bellman-Ford, but applying its
own policy instead of looking for the least cost.
Policy
By selecting the best of multiple paths
x does not want to visit itself when it selects a path to y. - to avoid a loop in the path

95. Creation of Spanning Trees
The path vector of node C after two events
• In the first event, node C receives a copy of B’s vector, which improves its vector
• In the second event, node C receives a copy of D’s vector, which does not
• change its vector.

97. UNICAST ROUTING PROTOCOLS
Common protocols used in the Internet:
• Routing Information Protocol (RIP), based on the distance-vector algorithm.
• Open Shortest Path First (OSPF), based on the link-state algorithm
• Border Gateway Protocol (BGP), based on the path-vector algorithm

98. Internet Structure
• The Internet has changed from a tree-like structure, with a single backbone, to a multi-backbone
structure run by different private corporations today.
• There are several backbones run by private communication companies that provide global connectivity.
These backbones are connected by some peering points that allow connectivity between backbones
• provider networks that use the backbones for global connectivity but provide services to Internet
customers
• Any of these three entities (backbone, provider network, or customer network) can be called an Internet
Service Provider or ISP.

99. Hierarchical Routing
• Routing in the Internet cannot be done using a single protocol for two
reasons:
Scalability problem :
• Means that the size of the forwarding tables becomes huge, searching for
a destination in a forwarding table becomes time-consuming, and
updating creates a huge amount of traffic.
Administrative issue:
• The administrator needs to have control in its system. The organization
must be able to use as many subnets and routers as it needs, may desire
that the routers be from a particular manufacturer, may wish to run a
specific routing algorithm to meet the needs of the organization, and may
want to impose some policy on the traffic passing through its ISP.

100. Hierarchical Routing
• Hierarchical routing means considering each ISP as an autonomous system (AS).
Each AS can run a routing protocol that meets its needs.
• But the global Internet runs a global protocol to glue all ASs together
• The routing protocol run in each AS is referred to as intra-AS routing protocol,
intradomain routing protocol, or interior gateway protocol (IGP);
- Popular protocols are RIP and OSPF
• The global routing protocol is referred to as inter-AS routing protocol,
interdomain routing protocol, or exterior gateway protocol (EGP).
- Routing protocols are BGP.

101. Autonomous Systems
• An autonomous system - managing
networks and routers under its control
• We may have small, medium-size, and large
AS
• Each AS is given an autonomous number
(ASN - 16-bit unsigned integer ) by the
ICANN
• They are categorized according to the way
they are connected to other AS are
 Stub AS
 Multihomed AS
 Transient AS

102. Autonomous Systems
• Stub AS. A stub AS has only one connection to another AS. The data traffic
can be either initiated or terminated in a stub AS; the data cannot pass
through it.
• A good example of a stub AS is the customer network, which is either the
source or the sink of data.
• Multihomed AS. A multihomed AS can have more than one connection to
other ASs, but it does not allow data traffic to pass through it.
• A good example of such an AS is some of the customer ASs that may use the
services of more than one provider network, but their policy does not allow
data to be passed through them.
• Transient AS. A transient AS is connected to more than one other AS and also
allows the traffic to pass through. The provider networks and the backbone
are good examples of transient

103. Routing Information Protocol (RIP)
Introduction
• Intradomain routing protocol
• Based on the distance-vector routing algorithm
• Metric – uses hop count as a routing metric to find the best path between
the source and the destination network
• In RIP, infinity is defined as 16. Maximum 16 routers can be configured in
RIP not more than that.
• RIP is used in small networks. The maximum number of hops that RIP can
contain is 15 hops, i.e., it should not have more than 15 hops as 16 is
infinity. For this reason, RIP can be used only in autonomous systems in
which the diameter of the AS is not more than 15 hops.
• Devices that use RIP will periodically (approximately every 30 s) broadcast
routing information to neighboring hosts. The information sent by a host
describes the devices they are directly connected to and the cost.
• RIP – application layer protocol. Uses UDP to broadcast messages; port
520 is used

104. Hop Count
1. since a router in an AS needs to know how to forward a packet to different
networks in an AS, RIP routers advertise the cost of reaching different
networks instead of reaching other nodes in a theoretical graph.
– The cost is defined between a router and the network in which the
destination host is located.
2. The cost is defined as the number of hops, which means the number of
networks a packet needs to travel through from the source router to the final
destination host.

105. Hop Count example

106. Forwarding Tables - the routers in an autonomous system need to keep
forwarding tables to forward packets to their destination networks
A forwarding table in RIP is a three-column table in which
• the first column is the address of the destination network,
• the second column is the address of the next router to which the packet
should be forwarded, and
• the third column is the cost (the number of hops) to reach the destination
network

107. Forwarding Tables
For example, R1 defines that the next router for the path to N4 is R2; R2 defines
that the next router to N4 is R3; R3 defines that there is no next router for this
path. The tree is then R1 → R2 → R3 → N4.
The third column is not needed for forwarding the packet, but it is needed for
updating the forwarding table when there is a change in the route

108. RIP Implementation
A router running RIP sends the contents of its routing table to each of its adjacent
routers every 30 seconds.
RIP runs at the application layer, but creates forwarding tables for IP at the network
later. RIP is implemented as a process that uses the service of UDP on the
well-known port number 520.
– At application layer - RIP data: is the contents of a router's routing table.
– At the Transport layer - in order to deliver the RIP data, it will rely upon UDP, with
port number 520 which is used the RIP routing process
– As for the Network layer, a standard IPv4 or IPv6 header is used.
• RIP is a routing protocol to help IP route its datagrams through the AS, the
RIP messages are encapsulated inside UDP user datagrams, which in turn
are encapsulated inside IP datagrams.
• RIP has gone through two versions: RIP-1 and RIP-2.

109. RIP Messages
• Two RIP processes, a client and a server, like any other processes, need to exchange
messages.
• RIP-2 defines the format of the message
• Part of the message, which we call entry, can be repeated as needed in a message. Each
entry carries the information related to one line in the forwarding table of the router
that sends the message.

110. RIP Messages
• A request message is sent by a router that has just come up or by a router
that has some time-out entries.
• A response (or update) message can be either solicited or unsolicited

111. Note
Both switches and routers understand protocols above their respective transport layers.
As an example, you can SSH to theses devices. Does that make them work at layer 7? No,
because in that case, they don't transport packet but are the source or destination. This
is the same with BGP, RIP, etc. Theses protocols are can be used by a router to do his task
(forwarding packets)
routing is layer 3. switching is layer 2....but that doesn't mean that the devices cant have
other applications running on their operating system.
routers and switches can have telnet, or ssh. telnet and ssh is not routing or
switching...they are just programs that can run on the routers operating system ios. and
they are both layer 7 ( application protocols

112. RIP Algorithm
RIP implements the same algorithm as the distance-vector routing algorithm. However,
some changes need to be made to the algorithm to enable a router to update its
forwarding table:
• Instead of sending only distance vectors, a router needs to send the whole contents
of its forwarding table in a response message.
• The receiver adds one hop to each cost and changes the next router field to the
address of the sending router.
• The received router selects the old routes as the new ones except in the following
three cases:
• If the received route does not exist in the old forwarding table, it should be
added to the route.
• If the cost of the received route is lower than the cost of the old one, the
received route should be selected as the new one.

113. • If the cost of the received route is higher than the cost of the old one, but the value
of the next router is the same in both routes, the received route should be selected
as the new one.
Example:
• suppose a neighbor has previously advertised a route to a destination with
cost 3, but now there is no path between this neighbor and that
destination. The neighbor advertises this destination with cost value
infinity (16 in RIP). The receiving router must not ignore this value even
though its old route has a lower cost to the same destination.

114. • Objective: find the shortest path from S to D
• Metric :Hop Count
Example

117. Timers in RIP

118. Performance
• Update Messages. The update messages in RIP have a very simple format and
are sent only to neighbors; they are local. They do not normally create traffic
because the routers try to avoid sending them at the same time
• Robustness. As we said before, distance-vector routing is based on the concept
that each router sends what it knows about the whole domain to its neighbors.
This means that the calculation of the forwarding table depends on information
received from immediate neighbors, which in turn receive their information
from their own neighbors. If there is a failure or corruption in one router, the
problem will be propagated to all routers and the forwarding in each router will
be affected.
• Convergence of Forwarding Tables. RIP uses the distance-vector algorithm,
which can converge slowly if the domain is large, but, since RIP allows only 15
hops in a domain (16 is considered as infinity), there is normally no problem in
convergence. The only problems that may slow down convergence are count-to-
infinity and loops created in the domain. We can use poison-reverse and split-
horizon strategies added to the RIP extension may alleviate the situation

120. Open Shortest Path First (OSPF)
• Intradomain routing protocol
• Based on the link-state routing protocol
• Metric: cost of reaching a destination from the host is calculated from
the source router to the destination network.
• Unlimited hop counts

121. Forwarding Tables
Each OSPF router can create a forwarding table after finding the shortest-path tree
between itself and the destination using Dijkstra’s algorithm
Comparing the forwarding tables for the OSPF and RIP in the same AS, we find that
the only difference is the cost values

122. Areas
• OSPF was designed to be able to handle routing in a small or large autonomous
system
• The formation of shortest-path trees in OSPF requires that all routers flood the
whole AS with their LSPs to create the global LSDB.
– Problem : This may not create a problem in a small AS, it may have created a
huge volume of traffic in a large AS.
– Solution: the AS needs to be divided into small sections called areas. Each area
acts as a small independent domain for flooding LSPs.

123. Areas
• Each router in an area needs to know the information about the link states
not only in its area but also in other areas
• one of the areas in the AS is designated as the backbone area, responsible
for gluing the areas together
– The routers in the backbone area are responsible for passing the
information collected by each area to all other areas.
• In this way, a router in an area can receive all LSPs generated in other
areas.

124. Link-State Advertisement
• Formation of the LSDB – when the system started, a router collects data
about adjacent nodes and advertise (flood) the state of each link to all
neighbors for the formation of the LSDB.
• The situation is different in the real world, in which we need to advertise
the existence of different entities as nodes (routers/networks), the
different types of links that connect each node to its neighbors, and the
different types of cost associated with each link
• We need different types of advertisements, each capable of advertising
different situations. We can have five types of link-state advertisements:
– router link,
– network link,
– summary link to network,
– summary link to AS border router, and
– external link.

125. Subnet, router id, network information
OSPF

126. • These
These links are used to advertise the network information.
In OSPF

127. A router link – link advertises the existence of a
router as a node.
• A point-to-point link should define the
address of the router at the end of the
point-to-point line and the cost to get
there.
• A stub link advertises a link to a stub
network, a network that is not a through
network.
• A transient link announces a link to a
transient network, a network that is
connected to the rest of the networks by
one or more routers.
These links defining the address of routers to neighbours
Used to advertise connected link information of one router to another router

128. • A network link advertises the network as a node
• Network cannot do announcements itself (it is a
passive entity), one of the routers is assigned as
the designated router and does the advertising to
other nodes
.
• This is done by an area border router
• It advertises the summary of links collected by the
backbone to an area or the summary of links collected
by the area to the backbone.
• Advertise the summary information of all the routers
belongs to it

129. • This is done by an AS router that advertises
the summary links from other ASs to the
backbone area of the current AS,
information which later can be disseminated
to the areas so that they will know about the
networks in other ASs.
This is also done by an AS router to announce
the existence of a single network outside the
AS to the backbone area to be disseminated
into the areas

130. OSPF Implementation
• OSPF - network layer protocol
• OSPF messages ride directly inside of IP packets as IP protocol number 89.
• OSPF does not use UDP or TCP to move OSPF messages between routers
• OSPF has gone through two versions: version 1 and version 2

131. OSPF common header: (which is used in all messages)
The link-state general header : (which is used in some messages –link state update,
database description, link state ack).
This header contains enough information to uniquely identify the advertisement (LS
type, Link State ID, and Advertising Router)
OSPF Header
https://www.freesoft.org/CIE/RFC/1583/110.htm

132. OSPF Common Header
• The OSPF version number.
• Type
• Packet length :The length of the protocol packet in bytes. This length includes
the standard OSPF header.
• Router ID:The Router ID of the packet's source.
• Area ID:A 32 bit number identifying the area that this packet belongs to.
• Checksum – error detection
• AuType-Identifies the authentication scheme to be used for the packet.
• Authentication-

133. Link State General Header

134. OSPF Messages
It uses five different types of messages
• hello message (type 1) - used by a router to introduce itself to the neighbors and
announce all neighbors that it already knows.
• database description message (type 2) -normally sent in response to the hello
message to allow a newly joined router to acquire the full LSDB
• Linkstate request message (type 3) - sent by a router that needs information about a
specific LS
• link-state update message (type 4) - is the main OSPF message used for building the
LSDB
• link-state acknowledgment message (type 5) -is used to create reliability in OSPF;
each router that receives a link-state update message needs to acknowledge it.

135. https://www.freesoft.org/CIE/RFC/1583/101.htm

136. Hello Message
• The Hello message contains a list of information needed to form an OSPF neighbor
relation between two neighboring routers
OSPF common header
https://www.freesoft.org/CIE/RFC/1583/104.htm

137. Hello Message
• Network mask: The network mask associated with this interface
• Hello Interval Timer. Frequency upon which Hello packets are sent.
• Dead Interval Timer. Defines how long we should wait for hello packets before
we declare the neighbor dead
• Options: The optional capabilities supported by the router
• Router Priority. Used to help determine the Designated Router (DR). Set to
0.0.0.0 if there is no Designated Router.
• Designated Router The identity of the Designated Router for this network, in
the view of the advertising router.
• Neighbor The Router IDs of each router from whom valid Hello packets have
been seen recently on the network.
Once a neighbor router (R2) running OSPF receives the Hello message, it runs a
check on the above list.
• They must have the same IP network/subnet
• The Hello and Dead Interval timers must be identical
• Router interfaces connecting two routers must have the same Area ID
• Type of area must be identical (normal or stub area)

139. OSPF Algorithm
OSPF implements the link-state routing algorithm. However, some changes and
augmentations need to be added to the algorithm:
• After each router has created the shortest-path tree, the algorithm needs to use it
to create the corresponding routing algorithm.
• The algorithm needs to be augmented to handle sending and receiving all five
types of messages.

140. Performance
• Update Messages. The link-state messages in OSPF have a somewhat
complex format. They also are flooded to the whole area. If the area is
large, these messages may create heavy traffic and use a lot of bandwidth.
• Convergence of Forwarding Tables. When the flooding of LSPs is
completed, each router can create its own shortest-path tree and
forwarding table; convergence is fairly quick. However, each router needs
to run Dijkstra’s algorithm, which may take some time.
• Robustness. The OSPF protocol is more robust than RIP because, after
receiving the completed LSDB, each router is independent and does not
depend on other routers in the area. Corruption or failure in one router
does not affect other routers as seriously as in RIP.
– Every router has the same information about the network.

141. Comparison of Protocols

143. Border Gateway Protocol Version 4 (BGP4)
• Interdomain routing protocol used in the Internet today
• BGP4 is based on the path-vector algorithm
• Example: An internet with four autonomous systems (AS1, AS2, AS3, AS4)
• AS2, AS3, and AS4 are stub autonomous systems; AS1 is a transient one.
• In our example, data exchange between AS2, AS3, and AS4 should pass
through AS1.
Note:
• A stub AS has only one connection to another AS
• A transient AS is connected to more than one other AS and also allows the traffic to pass through

144. • Each autonomous system in this figure uses one of the two common intra domain
protocols, RIP or OSPF
• Each router in each AS knows how to reach a network that is in its own AS, but it
does not know how to reach a network in another AS.
Variations of BGP
• external BGP (eBGP) - on each border router (the one at the edge of each AS which
is connected to a router at another AS).
• internal BGP (iBGP) - on all routers
Border routers will be running
(intradomain (RIP/OSPF),
eBGP, and iBGP)
intradomain and iBGP

145. Operation of External BGP (eBGP)
• BGP is a kind of point-to-point protocol (communication between two
routers directly)
• When the software is installed on two routers, they try to create a TCP
connection using the well-known port 179
• A pair of client and server processes continuously communicate with each
other to exchange messages.
• The two routers that run the BGP processes are called BGP peers or BGP
speakers.
• Types of messages exchanged between two peers:
– Open Messages
– Update message
– Keepalive message
– Notification message

146. Messages
• BGP uses four types of messages for communication between the BGP
speakers across the ASs and inside an AS

147. • The eBGP allows two physically connected border routers in two different ASs to form pairs of
eBGP speakers and exchange messages
• Routers in the example: R1-R5, R2-R6, and R4-R9. The connection between these pairs is
established over three physical WANs (N5, N6, and N7).
• Logical TCP connection to be created over the physical connection to make the exchange of
information possible.
• Each logical connection in BGP parlance is referred to as a session (we have 3 sessions in
example)

148. • The circled number defines the sending router in each case
• For example, message number 1 is sent by router R1 and tells router R5 that N1,
N2, N3, and N4 can be reached through router R1
• Router R5 can now add these pieces of information at the end of its forwarding
table.
• When R5 receives any packet destined for these four networks, it can use its
forwarding table and find that the next router is R1.

149. • The messages exchanged during three eBGP sessions help some routers
know how to route packets to some networks in the internet, but the
reachability information is not complete. There are two problems that
need to be addressed:
1. Some border routers do not know how to route a packet destined for
nonneighbor ASs. For example, R5 does not know how to route packets
destined for networks in AS3 and AS4. Routers R6 and R9 are in the same
situation as R5: R6 does not know about networks in AS2 and AS4; R9
does not know about networks in AS2 and AS3.
2. None of the nonborder routers know how to route a packet destined for
any networks in other ASs.
To address the above two problems, we need to allow all pairs of routers (border or
nonborder) to run the second variation of the BGP protocol, iBGP.
Problem with eBGP

150. Operation of Internal BGP (iBGP)
• It uses the service of TCP on the well-known port 179
• It creates a session between any possible pair of routers inside an
autonomous system.
Rules
• If an AS has only one router, there cannot be an iBGP session (AS2 or AS4)
• if there are n routers in an autonomous system, there should be [n × (n − 1) / 2]
iBGP sessions in that autonomous system

151. Operation of Internal BGP (iBGP)
• The first message (numbered 1) is sent by R1 announcing that networks
N8 and N9 are reachable path AS1-AS2, but next Routers is R1
• So, router R1 send Separates session to R2,R3, and R4.
• Routers R2, R4, and R6 do the same thing but send different messages to
different destinations.
• Interesting point is R3,R7 and R8 create session with their peers but no
message to send.
N10, N11,N12-R2-AS1,AS3

152. Operation of Internal BGP (iBGP)
• The Updating process does not stop here.
• Example: after R1 receives the update message from R2 it
combines the reachability information about AS3 with the
reachability information it already knows about AS1 and sends a
new update message to R5.
• Now R5 knows how to reach networks in AS1 and AS3. The process
continues when R1 receives the update message from R4.
• At this time, each router combines the information received from
eBGP and iBGP and creates what we may call a path table

153. N1,N2,N3,N4 R1 AS1
At R5
N10,N11,N12 R1
When R1 receives updates from R2
R1 sends to R5
AS2,AS1,AS3
When R1 receives updates from R4
R1 sends to R5
N13,N14,N15 R1 AS2,AS1,AS4
Updating process

154. each router combines the information received from eBGP and iBGP

155. Injection of Information into Intradomain Routing
• The role of an interdomain routing protocol such as BGP is to help
the routers inside the AS to augment their routing information
• The path tables collected and organized by BPG are not used, per se,
for routing packets; they are injected into intradomain forwarding
tables (RIP or OSPF) for routing packets.
• This can be done in several ways depending on the type of AS.

156. Case of a stub AS
• The only area border router (R1, R5, R2,
R6, R4) adds a default entry at the end of
its forwarding table and defines the next
router to be the speaker router at the end
of the eBGP connection.
• R5 in AS2 defines R1 as the default router
for all networks other than N8 and N9.
• R9 in AS4 with the default router to be R4.
• In AS3, R6 set its default router to be R2,
but R7 and R8 set their default router to be
R6.

157. case of a transient AS
• R1 in AS1 needs to inject the whole contents of the path table for R1 in
Figure 20.27 into its intradomain forwarding table.
• The situation is the same for R2, R3, and R4.

158. • One issue to be resolved is the cost value.
• RIP and OSPF use different metrics.
• Solution: set the cost to the foreign networks at the same cost value as to
reach the first AS in the path
• For example, the cost for R5 to reach all networks in other ASs is the cost
to reach N5. The cost for R1 to reach networks N10 to N12 is the cost to
reach N6, and so on.

159. • Figure 20.28 shows the interdomain forwarding tables.
• For simplicity, we assume that all ASs are using RIP as the intradomain routing protocol.
• The shaded areas are the augmentation injected by the BGP protocol; the default
destinations are indicated as zero.

160. Address Aggregation
• Intradomain forwarding tables obtained with the help of the BGP4
protocols may become huge in the case of the global Internet because
many destination networks may be included in a forwarding table.
• Fortunately, BGP4 uses the prefixes as destination identifiers and allows
the aggregation of these prefixes
• For example, prefixes 14.18.20.0/26, 14.18.20.64/26, 14.18.20.128/26,
and 14.18.20.192/26, can be combined into 14.18.20.0/24 if all four
subnets can be reached through one path.

161. Path Attributes
• Attributes is apiece of information attached in the BGP update message by
the BGP router to select the best path
• In both Intradomain routing protocols (RIP or OSPF) will choose the best path
based on the metrics (hop count, cost).
• In BGP, instead of metrics it uses attributes to select the best path

162. Path Attributes
BGP has four categories of attributes:
Optional Transitive

164. Path Attributes
• The first byte in each attribute defines the four attribute flags.
• The next byte defines the type of attributes assigned by ICANN
• The attribute value length defines the length of the attribute value field
Attribute types
ORIGIN (type 1) : Routing Information (1,2, and 3)
AS-PATH (type 2): Reaching Dest.
NEXT-HOP (type 3): Next Router
MULT-EXIT-DISC (type 4) : Assigned 4 Byte
LOCAL-PREF (type 5): Set by Admin
ATOMIC-AGGREGATE (type 6): Discretionary attribute
AGGREGATOR (type 7): Destination prefix is an aggregate.

165. • ORIGIN (type 1) :
– mandatory attribute, which defines the source of the routing information
– can be defined by one of the three values: 1, 2, and 3
– Value 1 means information about the path has been taken from RIP or OSPF
– Value 2 means that the information comes from BGP
– Value 3 means that it comes from an unknown source.
• AS-PATH (type 2):
- well-known mandatory attribute, which defines the list of autonomous systems
through which the destination can be reached
- used in route selection
• NEXT-HOP (type 3):
- well-known mandatory attribute, which defines the next router to which the
data packet should be forwarded
- This attribute helps to inject path information collected through the operations
of eBGP and iBGP into the intradomain routing protocols such as RIP or OSPF.L.

166. Path Attributes
MULT-EXIT-DISC (type 4)
• an optional intransitive attribute (not propagated from one AS to another),
which discriminates among multiple exit paths to a destination
LOCAL-PREF (type 5)
• well-known discretionary attribute
• It is normally set by the administrator, based on the organization policy.
ATOMIC-AGGREGATE (type 6).
• well-known discretionary attribute
• which defines the destination prefix as not aggregate; it only defines a
single destination network.
AGGREGATOR (type 7).
• This is an optional transitive attribute, which emphasizes that the
destination prefix is an aggregate.

167. Local Preference
For example, in an internet with five ASs,
The administrator of AS1 can set the
local preference value of 400 to the path AS1 → AS2 → AS5,
The value of 300 to AS1 → AS3 → AS5, and
The value of 50 to AS1 → AS4 → AS5.
This means that the administrator prefers the first path to the second one and prefers
the second one to the third one. This may be a case where AS2 is the most secured and
AS4 is the least secured AS for the administration of AS1. The last route should be
selected if the other two are not available.
AS5
Local Preference: 400

168. AS-PATH
MULT-EXIT-DISC
For example, if a router has multiple paths to the destination with different values
related to these attributes, the one with the lowest value is selected.

169. NEXT-HOP

170. Route Selection: Flow diagram for route selection
• In the case where multiple routes are received to a destination, BGP needs to select one
among them
• The router extracts the routes which meet the criteria in each step. If only one route is
extracted, it is selected and the process stops; otherwise, the process continues with the
next step.

171. Messages
• BGP uses four types of messages for communication between the BGP
speakers across the ASs and inside an AS

173. BGP : Performance
• BGP performance can be compared with RIP.
• BGP speakers exchange a lot of messages to create forwarding tables, but
BGP is free from loops and count-to-infinity.
• The same weakness we mention for RIP about propagation of failure and
corruption also exists in BGP

174. Difference between EBGP and IBGP
R.NO EBGP IBGP
1
EBGP stands for External Border Gateway
Protocol.
IBGP stands for Internal Border Gateway Protocol.
2
It runs between two BGP routers in
different autonomous system.
It runs between two BGP routers in the same
autonomous system.
3 It does not require full mesh topology. It require full mesh topology.
4
It is used between organization or
between organization and Internet
Service provider.
It is used within the same organization.
5 It uses as path for loop prevention. It uses BGP Split horizon for loop prevention.
6
In EBGP peers, attributes like local
preference are not sent.
In IBGP peers, attributes like local preference are
sent.
7
When route is advertised to EBGP peer,
next hop is changed to local router .
When route is advertised to IBGP peer, next hop
remains unchanged.