CCNA Certification/Network Layer

From Wikibooks, open books for an open world
Jump to: navigation, search

Network Layer[edit]

The network layer is the third layer out of seven in the OSI model and the third layer out of five in the TCP/IP model. In the TCP/IP reference model it is called the Internet layer. In all of the models, the network layer responds to service requests from the transport layer and issues service requests to the data link layer.

In essence, the network layer is responsible for end to end (source to destination) packet delivery, whereas the data link layer is responsible for node to node (hop to hop) frame delivery.

The network layer provides the functional and procedural means of transferring variable length data sequences from a source to a destination via one or more networks while maintaining the quality of service, and error control functions.

The network layer deals with transmitting information all the way from its source to its destination - transmitting from anywhere, to anywhere. Here are some things that the network layer needs to address:

For example, snail mail is connectionless, in that a letter can travel from a sender to a recipient without the recipient having to do anything. On the other hand, the telephone system is connection-oriented, because the other party is required to pick up the phone before communication can be established. The OSI Network Layer protocol can be either connection-oriented, or connectionless. The IP Internet Layer (equivalent to OSI's Network Layer) supports only the connectionless Internet Protocol (IP); however, connection-oriented protocols, such as TCP, exist higher in the stack by enforcing reliability constraints through timeouts and resending packets.
  • What are the Global Addresses?
Everybody in the network needs to have a unique address which determines who he is. This address will normally be hierarchical, so you can be "Fred Murphy" to Dubliners, or "Fred Murphy, Dublin" to people in Ireland, or "Fred Murphy, Dublin, Ireland" to people anywhere in the world. On the internet, these addresses are known as IP Addresses.
  • How do you forward a message?
This is of particular interest to mobile applications, where a user may rapidly move from place to place, and it must be arranged that his messages follow him. Version 4 of the Internet Protocol (IPv4) doesn't really allow for this, though it has been hacked somewhat since its inception. Fortunately, the forthcoming IPv6 has a much better designed solution, which should make this type of application much smoother.

Internet protocol[edit]

Internet Protocol (IP) works in the network layer of the TCP/IP model. It is a connectionless protocol and does not guarantee the packet will reach the given destination. IP protocol has 2 versions 1)IPv4 2)IPv6.

The Internet Protocol is a data-oriented protocol used for communicating data across a packet-switched internetwork.

IP is a network layer protocol in the internet protocol suite and is encapsulated in a data link layer protocol (e.g., Ethernet). As a lower layer protocol, IP provides the service of communicable unique global addressing amongst computers. This implies that the data link layer need not provide this service. Ethernet provides globally unique addresses except it is not globally communicable (i.e., two arbitrarily chosen Ethernet devices will only be able to communicate if they are on the same bus).

Services provided by IP[edit]

Because of the abstraction provided by encapsulation, IP can be used over a heterogenous network (i.e., a network connecting two computers can be any mix of Ethernet, ATM, FDDI, Wi-fi, Token ring, etc.) and it makes no difference to the upper layer protocols.

All the data link layers can (and do) have their own set of addressing (or possibly the complete lack of it) and the need to resolve IP addresses to data link addresses is needed. This resolving is addressed by the Address Resolution Protocol (ARP).


IP provides an unreliable service (i.e., best effort delivery). This means that the network makes no guarantees about the packet and none, some, or all of the following may apply:

data corruption out of order (packet A may be sent before packet B, but B can arrive before A) duplicate arrival lost or dropped/discarded In terms of reliability the only thing IP does is ensure the IP packet's header is error-free through the use of a checksum. This has the side-effect of discarding packets with bad headers on the spot, and with no required notification to either end (though an ICMP message may be sent).

To address any of these reliability issues, an upper layer protocol must handle it. For example, to ensure in-order delivery the upper layer may have to cache data until it can be passed up in order.

The primary reason for the lack of reliability is to reduce the complexity of routers. While this does give routers carte blanche to do as they please with packets, anything less than best effort yields a poorer experience for the user. So, even though no guarantees are made, the better the effort made by the network, the better the experience for the user.

IP addressing and routing[edit]

Perhaps the most complex aspects of IP are IP addressing and routing. Addressing refers to how end hosts become assigned IP addresses and how subnetworks of IP host addresses are divided and grouped together. IP routing is performed by all hosts, but most importantly by internetwork routers, which typically use either interior gateway protocols (IGPs) or external gateway protocols (EGPs) to help make IP datagram forwarding decisions across IP connected networks

Version history[edit]

IP is the common element found in today's public Internet. The current and most popular network layer protocol in use today is IPv4; this version of the protocol is assigned version 4. IPv4 was adopted by the United States Department of Defense as MIL-STD-1778.

IPv6 is the proposed successor to IPv4 whose most prominent change is the addressing. IPv4 uses 32-bit addresses (~4 billion addresses) while IPv6 uses 128-bit addresses (~3.4×1038 addresses). Although adoption of IPv6 has been slow, as of 2008, all United States government systems must support IPv6.[1]

Versions 0 through 3 were either reserved or unused; version 5 was used for an experimental stream protocol. Other version numbers have been assigned, usually for experimental protocols, but have not been widely used.


The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet protocol suite. It is chiefly used by networked computers' operating systems to send error messages—indicating, for instance, that a requested service is not available or that a host or router could not be reached.

ICMP differs in purpose from TCP and UDP in that it is usually not used directly by user network applications. One exception is the ping tool, which sends ICMP Echo Request messages (and receives Echo Reply messages) to determine whether a host is reachable and how long packets take to get to and from that host.


In computer networking, the Address Resolution Protocol (ARP) is the standard method for finding a host's hardware address when only its network layer address is known.

ARP is not an IP-only or Ethernet-only protocol; it can be used to resolve many different network-layer protocol addresses to hardware addresses, although, due to the overwhelming prevalence of IPv4 and Ethernet, ARP is primarily used to translate IP addresses to Ethernet MAC addresses. It is also used for IP over other LAN technologies, such as Token Ring, FDDI, or IEEE 802.11, and for IP over ATM.

ARP is used in four cases of two hosts communicating:

  1. When two hosts are on the same network and one desires to send a packet to the other
  2. When two hosts are on different networks and must use a gateway/router to reach the other host
  3. When a router needs to forward a packet for one host through another router
  4. When a router needs to forward a packet from one host to the destination host on the same network

The first case is used when two hosts are on the same physical network (that is, they can directly communicate without going through a router). The last three cases are the most used over the Internet as two computers on the internet are typically separated by more than 3 hops.

Imagine computer A sends a packet to computer D and there are two routers, B & C, between them. Case 2 covers A sending to B; case 3 covers B sending to C; and case 4 covers C sending to D.

ARP is defined in RFC 826. It is a current Internet Standard, STD 37.


Reverse Address Resolution Protocol (RARP) is a network layer protocol used to obtain an IP address for a given hardware address (such as an Ethernet address). It has been rendered obsolete by BOOTP and the more modern DHCP, which both support a much greater feature set than RARP.

The primary limitations of RARP are that each MAC must be manually configured on a central server, and that the protocol only conveys an IP address. This leaves configuration of subnetting, gateways, and other information to other protocols or the user.

Another limitation of RARP compared to BOOTP or DHCP is that it is a non-IP protocol. This means that like ARP it can't be handled by the TCP/IP stack on the client, but is instead implemented separately.

RARP is the complement of ARP.

RARP differs from Inverse Address Resolution Protocol (InARP), which is designed to locate the IP address associated with another station's MAC address.

RARP is described in RFC 903.