Module #3

Network Layer

Dr Suriya Prakash J
Static and Dynamic IP Addressing
• The connectivity of devices to the internet, or communication within a
network, an IP address is taken as a basic understanding. There are two main
types of IP addresses: Static and Dynamic. The purpose of this article is to
describe what IP addresses are and the difference between static and
dynamic IPs.
• IP stands for Internet Protocol. An IP address is a unique identifier assigned
to every device on a network. The difference between a Static and Dynamic
IP address lies in how long the assigned address remains the same. A Static
IP address is a fixed address that is manually assigned to a device for a long
period of time, where as a Dynamic IP address changes frequently, usually
each time the device is restarted, and is automatically assigned.
Static and Dynamic IP address

DHCP means Dynamic Host Configuration

Protocol.

A Static IP address is an IP address that does

not changed frequently or constantly it is
reserved for a specific computer or device. This
type of IP address does not dynamically change
with time, but will only change through an
action done by the user or the network
administrator. Assigning Static IP address is
common in servers, network devices or any
device that has to have a fixed address that can
be accessed from a distance.
In order to obtain a Static IP address there is a possibility of applying for it from
the Internet Service Provider (ISP). This may be accompanied with the extra expense
of getting the ISPs to provide static IP addresses since these often come with an
added cost. For those who have their own physical infrastructure of the network,
static IP addresses can be assigned in the settings through the device.
• Static IP addresses are especially important in cases where a device has to be
quickly found over the internet on a permanent basis.
• Web Servers: A website must have one or more static IP addresses to be assigned
to the domain always point to the correct server.
• Remote Access: Some of the devices that require a remote connection like the
CCTV cameras or a VPN are preferable to be as static as possible.
• Hosting Servers: Game or email servers that are in constant use also need a static
IP so that the services running in the background remain undisturbed.
• Secure Communications: Some devices that participate in secure communications
might require static IPs to make the link stable and reliable.
Dynamic IP Address
• A Dynamic IP address is an IP address which is changed from time to
time. In contrast to the static IP, an IPv6 address is obtained by DHCP
server – (Dynamic Host Configuration Protocol) automatically. In
the DHCP, a host receives an available IP address from the DHCP
server for some period of time referred to as the lease time and the IP
address given to the host may change. Dynamic IPs are more common
for home and commercial appliances and other electronic devices for
which it is not necessary to have a constantly changing IP address.
Get a Dynamic IP Address
• Dynamic IP addresses are those that are assigned to you by the ISP on
a random and on a connecting basis. Dynamic IPs can be obtained
without any specific request or change as most of the ISP’s offer them
by default. Whenever one launches a connection to some web,
automatically the DHCP server doles out an IP address from a series
of IP addresses.
Public and Private Network.
• IP Address or Internet Protocol Address is a type of address that is required
to communicate one computer with another computer for exchanging
information, file, webpage, etc. In this article, we will see the classification
of IP Addresses and the differences between Public and Private IP
Addresses. Before proceeding with that, let’s see what is an IP Address
with an example.
• If someone wants to send a particular file or a mail to you from his/her
computer, then an address is required to communicate with you without the
confusion of delivering that information to any other computer, that’s why
an address is required and that address is called an IP Address. IP Address
is unique for each computer.
Classification of IP Address

• An IP Address is basically classified into two types:

• Private IP Address
• Public IP Address
The Private IP Address of a system is the IP address that is used to
communicate within the same network. Using private IP data or
information can be sent or received within the same network. The router
basically assigns these types of addresses to the device. Unique private
IP Addresses are provided to each and every device that is present on
the network. These things make Private IP Addresses more secure than
Public IP Addresses.
• we can trace Private IP Addresses, but this happens only by using other
devices on the local network. Devices that are connected to the local
network has private IP Address and this can only be visible to the devices
that are connected within that network. But it can’t be seen online as it
happens in public IP Addresses.
• The Public IP Address of a system is the IP address that is used to
communicate outside the network. A public IP address is basically assigned
by the ISP (Internet Service Provider).
• Public IP Address is basically of two types:
• Dynamic IP Address: Dynamic IP Addresses are addresses that change over
time. After establishing a connection of a smartphone or computer with the
Internet, ISP provides an IP Address to the device, these random addresses
are called Dynamic IP Address.
• Static IP Address: Static Addresses are those addresses that do not change
with time. These are stated as permanent internet addresses. Mostly these
are used by the DNS (Domain Name System) Servers.
• Public IP Addresses can be traced back to the Internet Service
Provider that can easily trace the geographical location. This might
reveal the location very easily to advertisers, hackers, etc. For using
the Internet anonymously, you can easily hide your IP Address by
using different ways like VPN, Tor Browser, etc. But among different
ways, VPN is the fastest and most secure way of using the Internet.
IPV4
• IP stands for Internet Protocol version v4 stands for Version
Four (IPv4), is the most widely used system for identifying devices on
a network. It uses a set of four numbers, separated by periods (like
192.168.0.1), to give each device a unique address. This address helps
data find its way from one device to another over the internet.
• IPv4 was the primary version brought into action for production within
the ARPANET in 1983. IP version four addresses are 32-bit integers
which will be expressed in decimal notation. Example- 192.0.2.126
could be an IPv4 address.
IPv4 addresses consist of three parts:

• Network Part: The network part indicates the distinctive variety that’s
appointed to the network. The network part conjointly identifies the
category of the network that’s assigned.
• Host Part: The host part uniquely identifies the machine on your network.
This part of the IPv4 address is assigned to every host.
For each host on the network, the network part is the same, however, the
host half must vary.
• Subnet Number: This is the nonobligatory part of IPv4. Local networks
that have massive numbers of hosts are divided into subnets
and subnet numbers are appointed to that
Limitations of IPv4

• IP relies on network layer addresses to identify end-points on the network,

and each network has a unique IP address.
• The world’s supply of unique IP addresses is dwindling, and they might
eventually run out theoretically.
• If there are multiple hosts, we need the IP addresses of the next class.
• Complex host and routing configuration, non-hierarchical addressing,
difficult to re-numbering addresses, large routing tables, non-trivial
implementations in providing security, QoS (Quality of Service), mobility,
and multi-homing, multicasting, etc. are the big limitations of IPv4 so that’s
why IPv6 came into the picture.
IPV6 Feature
Header format simplification
IPv6 removes several IPv4 header fields or moves them to the IPv6
extension headers to reduce the length of the basic IPv6 packet
header. The basic IPv6 packet header has a fixed length of 40 bytes to
simplify IPv6 packet handling and to improve the forwarding efficiency.
Although an IPv6 address size is four times larger than an IPv4 address,
the basic IPv6 packet header size is only twice the size of the
option-less IPv4 packet header.
IPv4 packet header format and basic IPv6 packet header format
• Larger address space
• The 38
source and destination IPv6 addresses are 128 bits (or 16 bytes) long. IPv6 can provide 3.4
x 10 addresses to meet the requirements of hierarchical address division and the allocation of
public and private addresses.
• Hierarchical address structure
• IPv6 uses the hierarchical address structure to quicken route searches faster and reduce the
system sources occupied by the IPv6 routing table by route aggregation.
• Address autoconfiguration
• To simplify host configuration, IPv6 supports stateful and stateless address autoconfiguration.
• Stateful address autoconfiguration enables a host to acquire an IPv6 address and other
configuration information from a server (for example, a DHCP server).
• Stateless address autoconfiguration enables a host to automatically generate an IPv6 address
and other configuration information by using its link-layer address and the prefix information
advertised by a router.
• To communicate with other hosts on the same link, a host automatically generates a link-local
address based on its link-layer address and the link-local address prefix (FE80::/10).
• Built-in security
• IPv6 defines extension headers to support IPsec. IPsec provides end-to-end security for
network security solutions and enhances interoperability among different IPv6 applications.
• QoS support
• The Flow Label field in the IPv6 header allows the switch to label the packets and facilitates
the special handling of a flow.
• Enhanced neighbor discovery mechanism
• The IPv6 neighbor discovery protocol is implemented through a group of Internet Control
Message Protocol version 6 (ICMPv6) messages to manage the information exchange
among neighboring nodes on the same link. The group of ICMPv6 messages replaces
Address Resolution Protocol (ARP) messages, Internet Control Message Protocol version 4
(ICMPv4) Router Discovery messages, and ICMPv4 Redirect messages and provides a
series of other functions.
• Flexible extension headers
• IPv6 cancels the Options field in the header and introduces optional extension headers to
provide scalability and improve efficiency. The Options field in the IPv4 packet header
contains 40 bytes at most, whereas the IPv6 extension headers are restricted to the
maximum size of IPv6 packets only.
 Dynamic Host Configuration Protocol (DHCP)
• Dynamic Host Configuration Protocol is a network protocol used to automate
the process of assigning IP addresses and other network configuration
parameters to devices (such as computers, smartphones, and printers) on a
network. Instead of manually configuring each device with an IP address, DHCP
allows devices to connect to a network and receive all necessary network
information, like IP address, subnet mask, default gateway, and DNS server
addresses, automatically from a DHCP server.
• This makes it easier to manage and maintain large networks, ensuring devices
can communicate effectively without conflicts in their network settings. DHCP
plays a crucial role in modern networks by simplifying the process of connecting
devices and managing network resources efficiently.
• DHCP stands for Dynamic Host Configuration Protocol. It is the critical
feature on which the users of an enterprise network communicate. DHCP
helps enterprises to smoothly manage the allocation of IP addresses to the
end-user clients’ devices such as desktops, laptops, cellphones, etc. is an
application layer protocol that is used to provide:
Subnet Mask (Option 1 - e.g., 255.255.255.0)
Router Address (Option 3 - e.g., 192.168.1.1)
DNS Address (Option 6 - e.g., 8.8.8.8)
Vendor Class Identifier (Option 43 - e.g.,
'unifi' = 192.168.1.9 ##where unifi = controller)

• DHCP is based on a client-server model and based on discovery, offer,

request, and ACK.
• DHCP helps in managing the entire process automatically and centrally.
DHCP helps in maintaining a unique IP Address for a host using the
server. DHCP servers maintain information on TCP/IP configuration and
provide configuration of address to DHCP-enabled clients in the form of a
lease offer.
 Components of DHCP
• DHCP Server: DHCP Server is a server that holds IP Addresses and other information related to configuration.
• DHCP Client: It is a device that receives configuration information from the server. It can be a mobile, laptop, computer, or any other electronic
device that requires a connection.
• DHCP Relay: DHCP relays basically work as a communication channel between DHCP Client and Server.
• IP Address Pool: It is the pool or container of IP Addresses possessed by the DHCP Server. It has a range of addresses that can be allocated to
devices.
• Subnets: Subnets are smaller portions of the IP network partitioned to keep networks under control.
• Lease: It is simply the time that how long the information received from the server is valid, in case of expiration of the lease, the tenant must have
to re-assign the lease.
• DNS Servers: DHCP servers can also provide DNS (Domain Name System) server information to DHCP clients, allowing them to resolve
domain names to IP addresses.
• Default Gateway: DHCP servers can also provide information about the default gateway, which is the device that packets are sent to when the
destination is outside the local network.
• Options: DHCP servers can provide additional configuration options to clients, such as the subnet mask, domain name, and time server
information.
• Renewal: DHCP clients can request to renew their lease before it expires to ensure that they continue to have a valid IP address and configuration
information.
• Failover: DHCP servers can be configured for failover, where two servers work together to provide redundancy and ensure that clients can always
obtain an IP address and configuration information, even if one server goes down.
• Dynamic Updates: DHCP servers can also be configured to dynamically update DNS records with the IP address of DHCP clients, allowing for
easier management of network resources.
• Audit Logging: DHCP servers can keep audit logs of all DHCP transactions, providing administrators with visibility into which devices are using
which IP addresses and when leases are being assigned or renewed.
DHCP Packet Format
• Hardware Length: This is an 8-bit field defining the length of the physical address in bytes. e.g for Ethernet the value is 6.
• Hop count: This is an 8-bit field defining the maximum number of hops the packet can travel.
• Transaction ID: This is a 4-byte field carrying an integer. The transcation identification is set by the client and is used to match a reply with
the request. The server returns the same value in its reply.
• Number of Seconds: This is a 16-bit field that indicates the number of seconds elapsed since the time the client started to boot.
• Flag: This is a 16-bit field in which only the leftmost bit is used and the rest of the bit should be set to os. A leftmost bit specifies a forced
broadcast reply from the server. If the reply were to be unicast to the client, the destination. IP address of the IP packet is the address assigned
to the client.
• Client IP Address: This is a 4-byte field that contains the client IP address . If the client does not have this information this field has a value
of 0.
• Your IP Address: This is a 4-byte field that contains the client IP address. It is filled by the server at the request of the client.
• Server IP Address: This is a 4-byte field containing the server IP address. It is filled by the server in a reply message.
• Gateway IP Address: This is a 4-byte field containing the IP address of a routers. IT is filled by the server in a reply message.
• Client Hardware Address: This is the physical address of the client .Although the server can retrieve this address from the frame sent by the
client it is more efficient if the address is supplied explicity by the client in the request message.
• Server Name: This is a 64-byte field that is optionally filled by the server in a reply packet. It contains a null-terminated string consisting of
the domain name of the server. If the server does not want to fill this filed with data, the server must fill it with all 0s.
• Boot Filename: This is a 128-byte field that can be optionally filled by the server in a reply packet. It contains a null- terminated string
consisting of the full pathname of the boot file. The client can use this path to retrieve other booting information. If the server does not want to
fill this field with data, the server must fill it with all 0s.
• Options: This is a 64-byte field with a dual purpose. IT can carry either additional information or some specific vendor information. The field
is used only in a reply message. The server uses a number, called a magic cookie, in the format of an IP address with the value of
99.130.83.99. When the client finishes reading the message, it looks for this magic cookie. If present the next 60 bytes are options.
Working of DHCP
• DHCP works on the Application layer of the UDP Protocol. The main task of DHCP is to
dynamically assigns IP Addresses to the Clients and allocate information on TCP/IP configuration
to Clients. For more, you can refer to the Article Working of DHCP.
• The DHCP port number for the server is 67 and for the client is 68. It is a client-server protocol
that uses UDP services. An IP address is assigned from a pool of addresses. In DHCP, the client
and the server exchange mainly 4 DHCP messages in order to make a connection, also called
the DORA process, but there are 8 DHCP messages in the process.
The 8 DHCP Messages
• 1. DHCP Discover Message: This is the first message generated in the
communication process between the server and the client. This message is
generated by the Client host in order to discover if there is any DHCP
server/servers are present in a network or not. This message is broadcasted
to all devices present in a network to find the DHCP server. This message is
342 or 576 bytes long.
• 2. DHCP Offers A Message: The server will respond to the host in this
message specifying the unleased IP address and other TCP configuration
information. This message is broadcasted by the server. The size of the
message is 342 bytes. If there is more than one DHCP server present in the
network then the client host will accept the first DHCP OFFER message it
receives. Also, a server ID is specified in the packet in order to identify the
server.
• 3. DHCP Request Message: When a client receives an offer message, it
responds by broadcasting a DHCP request message. The client will produce
a gratuitous ARP in order to find if there is any other host present in the network
with the same IP address. If there is no reply from another host, then there is no
host with the same TCP configuration in the network and the message is
broadcasted to the server showing the acceptance of the IP address. A Client ID is
also added to this message.
• 4. DHCP Acknowledgment Message: In response to the request message
received, the server will make an entry with a specified client ID and bind the IP
address offered with lease time. Now, the client will have the IP address provided
by the server.
• 5. DHCP Negative Acknowledgment Message: Whenever a DHCP server
receives a request for an IP address that is invalid according to the scopes that are
configured, it sends a DHCP Nak message to the client. Eg-when the server has
no IP address unused or the pool is empty, then this message is sent by the server
to the client.
• 6. DHCP Decline: If the DHCP client determines the offered configuration
parameters are different or invalid, it sends a DHCP decline message to the
server. When there is a reply to the gratuitous ARP by any host to the client,
the client sends a DHCP decline message to the server showing the offered
IP address is already in use.
• 7. DHCP Release: A DHCP client sends a DHCP release packet to the
server to release the IP address and cancel any remaining lease time.
• 8. DHCP Inform: If a client address has obtained an IP address manually
then the client uses DHCP information to obtain other local configuration
parameters, such as domain name. In reply to the DHCP inform message,
the DHCP server generates a DHCP ack message with a local configuration
suitable for the client without allocating a new IP address. This DHCP ack
message is unicast to the client.
 Routing and Packet Forwarding
• The process of packet forwarding simply implies the forwarding of incoming packets to their intended destination.
• Internet is made up of generally two terms- Interconnection and Network. So, it is a connection to a large collection of
networks. A packet that is to be forwarded may be associated with the same network as the source host or may belong to a
destination host in a different network. Thus, it depends on the destination how much a packet may need to travel before
arriving at its destination.
• The router is responsible for the process of packet forwarding. It accepts the packet from the origin host or another router in the
packet’s path and places it on the route leading to the target host.
• The routing table is maintained by the router which is used for deciding the packet forwarding.
• Packet Forwarding in Router:
• Routers are used on the network for forwarding a packet from the local network to the remote network. So, the process of
routing involves the packet forwarding from an entry interface out to an exit interface.
• Working:
• The following steps are included in the packet forwarding in the router-
• The router takes the arriving packet from an entry interface and then forwards that packet to another interface.
• The router needs to select the best possible interface for the packet to reach the intended destination as there exist multiple
interfaces in the router.
• The forwarding decision is made by the router based on routing table entries. The entries in the routing table comprise
destination networks and exit interfaces to which the packet is to be forwarded.
• The selection of exit interface relies on- firstly, the interface must lead to the target network to which the packet is intended to
send, and secondly, it must be the best possible path leading to the destination network.
Packet Forwarding Techniques:
• Following are the packet forwarding techniques based on the destination host:
• Next-Hop Method: By only maintaining the details of the next hop or next router in the
packet’s path, the next-hop approach reduces the size of the routing table. The routing table
maintained using this method does not have the information regarding the whole route that
the packet must take.
• Network-Specific Method: In this method, the entries are not made for all of the
destination hosts in the router’s network. Rather, the entry is made of the destination
networks that are connected to the router.
• Host-Specific Method: In this method, the routing table has the entries for all of the
destination hosts in the destination network. With the increase in the size of the routing
table, the efficiency of the routing table decreases. It finds its application in the process of
verification of route and security purposes.
• Default Method: Let’s assume- A host in network N1 is connected to two routers, one of
which (router R1) is connected to network N2 and the other router R2 to the rest of the
internet. As a result, the routing table only has one default entry for the router R2.
Static Routing
• Static Routing is also known as non-adaptive routing which doesn’t
change the routing table unless the network administrator changes or
modifies them manually. Static routing does not use complex routing
algorithms and It provides higher or more security than dynamic routing.

•
• Advantages of Static Routing
• No routing overhead for the router CPU which means a cheaper router
can be used to do routing.
• It adds security because only an only administrator can allow routing
to particular networks only.
• No bandwidth usage between routers.
Introduction to Dynamic Routing Protocols
• Distance Vector Routing Protocol:
• Distance Vector Routing (DVR) Protocol is a method used by routers
to find the best path for data to travel across a network. Each router
keeps a table that shows the shortest distance to every other router,
based on the number of hops (or steps) needed to reach them. Routers
share this information with their neighbors, allowing them to update
their tables and find the most efficient routes. This protocol helps
ensure that data moves quickly and smoothly through the network.
How Distance Vector Algorithm works?
• A router transmits its distance vector to each of its neighbors in a
routing packet.
• Each router receives and saves the most recently received distance
vector from each of its neighbors.
• A router recalculates its distance vector when:
• It receives a distance vector from a neighbor containing different
information than before.
• It discovers that a link to a neighbor has gone down.
• The DV calculation is based on minimizing the cost to each
destination
Dx(y) = Estimate of least cost from x to y
C(x,v) = Node x knows cost to each neighbor v
Dx = [Dx(y): y ? N ] = Node x maintains distance vector
Node x also maintains its neighbors' distance vectors
– For each neighbor v, x maintains Dv = [Dv(y): y ? N ]
RIPv1:
• RIPv1 uses classful routing. The periodic routing updates do not carry
subnet information, lacking support for variable length subnet masks
(VLSM). This limitation makes it impossible to have different-sized subnets
inside of the same network class. In other words, all subnets in a network
class must have the same size. There is also no support for router
authentication, making RIP vulnerable to various attacks.
• RIPv1 is a Distance-Vector Routing protocol. The standard used RFC 1058.
It can supports class full network only. It does not support for
authentications. It hop count limit is 15. It does not support for VLSM and
discontinuous networks. It is less secure. RIPv1 uses Broadcast traffic for
updates. The routing update address used for Broadcast is 255.255.255.255.
RIPV1 does not provide trigger updates.
Variable length sub-netmask
• Variable Length Subnet Mask (VLSM) is a technique used in IP network design to create subnets with different subnet masks.
VLSM allows network administrators to allocate IP addresses more efficiently and effectively, by using smaller subnet masks
for subnets with fewer hosts and larger subnet masks for subnets with more hosts.
• In a traditional subnetting scheme, a fixed subnet mask is applied to all subnets in the network, which can lead to inefficient use
of IP addresses. For example, if a network has two subnets, one with 10 hosts and another with 50 hosts, a traditional subnet
mask of 255.255.255.0 would be used for both subnets, which means that each subnet would have 254 available IP addresses.
This would result in wasted IP addresses for the smaller subnet.
• VLSM allows network administrators to create subnets with different subnet masks to more effectively utilize IP addresses.
Using the example above, VLSM could be used to assign a subnet mask of 255.255.255.128 to the smaller subnet with 10 hosts,
which would provide 126 available IP addresses, and a subnet mask of 255.255.255.192 to the larger subnet with 50 hosts,
which would provide 62 available IP addresses.
• VLSM is widely used in modern networks to create subnets of different sizes and to optimize the use of IP addresses.
• VLSM stands for Variable Length Subnet Mask where the subnet design uses more than one mask in the same network which
means more than one mask is used for different subnets of a single class A, B, C or a network. It is used to increase the usability
of subnets as they can be of variable size. It is also defined as the process of subnetting of a subnet. Procedure of implementing
VLSM – In VLSM, subnets use block size based on requirement so subnetting is required multiple times. Suppose there is an
administrator that has four departments to manage. These are sales and purchase department with 120 computers, development
department with 50 computers, accounts department with 26 computers and management department with 5 computers.
Classless Inter Domain Routing (CIDR)

• Classless Inter-Domain Routing (CIDR) is a method of IP address

allocation and IP routing that allows for more efficient use of IP
addresses. CIDR is based on the idea that IP addresses can be
allocated and routed based on their network prefix rather than their
class, which was the traditional way of IP address allocation.
• CIDR addresses are represented using a slash notation, which specifies
the number of bits in the network prefix. For example, an IP address of
192.168.1.0 with a prefix length of 24 would be represented as
192.168.1.0/24. This notation indicates that the first 24 bits of the IP
address are the network prefix and the remaining 8 bits are the host
identifier.
Several Advantages of the Traditional
Class-Based Addressing System of CIDR
• Efficient use of IP addresses: CIDR allows for more efficient use of IP addresses
by allowing the allocation of IP addresses based on their network prefix rather than
their class.
• Flexibility: CIDR allows for more flexible IP address allocation, as it allows for the
allocation of arbitrary-sized blocks of IP addresses.
Better routing: CIDR allows for better routing of IP traffic, as it allows routers to
aggregate IP addresses based on their network prefix, reducing the size of routing
tables.
• Reduced administrative overhead: CIDR reduces administrative overhead by
allowing for the allocation and routing of IP addresses in a more efficient and
flexible way.
• In summary, CIDR is a method of IP address allocation and routing that allows for
more efficient use of IP addresses and better routing of IP traffic. It has several
advantages over the traditional class-based addressing system, including greater
flexibility, better routing, and reduced administrative overhead.
Routing Tables

• A routing table is a set of rules, often viewed in table format, that is

used to determine where data packets traveling over an Internet
Protocol (IP) network will be directed. All IP-enabled devices,
including routers and switches, use routing tables. See below a
Routing Table:
A Closer Look- Entries of an IP Routing
Table:
• A routing table contains the information necessary to forward a packet along the best path toward its
destination. Each packet contains information about its origin and destination. Routing Table
provides the device with instructions for sending the packet to the next hop on its route across the
network.
• Each entry in the routing table consists of the following entries:
1. Network ID:
The network ID or destination corresponding to the route.
2. Subnet Mask:
The mask that is used to match a destination IP address to the network ID.
3. Next Hop:
The IP address to which the packet is forwarded
4. Outgoing Interface:
Outgoing interface the packet should go out to reach the destination network.
5. Metric:
A common use of the metric is to indicate the minimum number of hops (routers crossed) to the
network ID.
EIGRP
Enhanced Interior Gateway Routing Protocol (EIGRP) is a dynamic
routing protocol that is used to find the best path between any two-layer
3 devices to deliver the packet. EIGRP works on network layer Protocol
of OSI model and uses protocol number 88. It uses metrics to find out
the best path between two layer 3 devices (router or layer 3 switches)
operating EIGRP. Administrative Distance for EIGRP are:-
 • It uses some messages to communicate with the neighbour devices that operate EIGRP. These are:-

1. Hello message-These messages are kept alive messages which are exchanged between two devices operating EIGRP.
These messages are used for neighbour discovery/recovery, if there is any device operating EIGRP or if any
device(operating EIGRP) coming up again.
These messages are used for neighbor discovery if multicast at 224.0.0.10. It contains values like AS number, k
values, etc.
These messages are used as acknowledgement when unicast. A hello with no data is used as the acknowledgement.
2. NULL update-It is used to calculate SRTT(Smooth Round Trip Timer) and RTO(Retransmission Time Out).
SRTT: The time is taken by a packet to reach the neighboring router and the acknowledgement of the packet to reach
the local router. RTO: If a multicast fails then unicast is being sent to that router. RTO is the time for which the local
router waits for an acknowledgement of the packet.
3. Full Update – After exchanging hello messages or after the neighbourship is formed, these messages are exchanged.
This message contains all the best routes.
4. Partial update-These messages are exchanged when there is a topology change and new links are added. It contains
only the new routes, not all the routes. These messages are multicast.
5. Query message-These messages are multicast when the device is declared dead and it has no routes to it in its
topology table.
6. Reply message – These messages are the acknowledgment of the query message sent to the originator of the query
message stating the route to the network which has been asked in the query message.
7. Acknowledgement message
It is used to acknowledge EIGRP updates, queries, and replies. Acks are hello packets that contain no
data. Note:-Hello and acknowledgment packets do not require any acknowledgment.
Reply, query, update messages are reliable messages i.e require acknowledgement.
Link State Routing
Link state routing is the second family of routing protocols. While
distance-vector routers use a distributed algorithm to compute their
routing tables, link-state routing uses link-state routers to exchange
messages that allow each router to learn the entire network topology.
Based on this learned topology, each router is then able to compute its
routing table by using the shortest path computation.
Link state routing is a popular algorithm used in unicast routing to
determine the shortest path in a network. Understanding how link state
protocols work is key to mastering routing algorithms.
 • Link state routing is a technique in which each router shares the knowledge
of its neighborhood with every other router i.e. the internet work. The three
keys to understand the link state routing algorithm.
1. Knowledge about the neighborhood : Instead of sending its routing table,
a router sends the information about its neighborhood only. A router
broadcast its identities and cost of the directly attached links to other routers.
2. Flooding: Each router sends the information to every other router on the
internetwork except its neighbors. This process is known as flooding. Every
router that receives the packet sends the copies to all the neighbors. Finally
each and every router receives a copy of the same information.
3. Information Sharing : A router send the information to every other router
only when the change occurs in the information.
OSPF
• Open Shortest Path First (OSPF) is a link-state routing protocol that is
used to find the best path between the source and the destination
router using its own Shortest Path First). OSPF is developed by
Internet Engineering Task Force (IETF) as one of the Interior Gateway
Protocol (IGP), i.e, the protocol which aims at moving the packet
within a large autonomous system or routing domain. It is a network
layer protocol which works on protocol number 89 and uses AD value
110. OSPF uses multicast address 224.0.0.5 for normal
communication and 224.0.0.6 for update to designated
router(DR)/Backup Designated Router (BDR).
1. Router Id – It is the highest active IP address present on the router. First, the highest
loopback address is considered. If no loopback is configured then the highest active IP
address on the interface of the router is considered.
2. Router priority – It is an 8-bit value assigned to a router operating OSPF, used to elect DR
and BDR in a broadcast network.
3. Designated Router (DR) – It is elected to minimize the number of adjacencies formed.
DR distributes the LSAs to all the other routers. DR is elected in a broadcast network to
which all the other routers share their DBD. In a broadcast network, the router requests for
an update to DR, and DR will respond to that request with an update.
4. Backup Designated Router (BDR) – BDR is a backup to DR in a broadcast network.
When DR goes down, BDR becomes DR and performs its functions.
5. DR and BDR election – DR and BDR election takes place in the broadcast network or
multi-access network. Here are the criteria for the election:
5. The router having the highest router priority will be declared as DR.
6. If there is a tie in router priority then the highest router I’d be considered. First, the highest loopback
address is considered. If no loopback is configured then the highest active IP address on the interface
of the router is considered.
Overview of BGP
• The protocol can connect any internetwork of the autonomous system
using an arbitrary topology. The only requirement is that each AS have
at least one router that can run BGP and that is the router connected to
at least one other AS’s BGP router. BGP’s main function is to
exchange network reachability information with other BGP systems.
Border Gateway Protocol constructs an autonomous systems graph
based on the information exchanged between BGP routers.
Characteristics of Border Gateway Protocol
(BGP)
• Inter-Autonomous System Configuration: The main role of BGP is to provide communication
between two autonomous systems.
• BGP supports the Next-Hop Paradigm.
• Coordination among multiple BGP speakers within the AS (Autonomous System).
• Path Information: BGP advertisements also include path information, along with the reachable
destination and next destination pair.
• Policy Support: BGP can implement policies that can be configured by the administrator. For ex:- a
router running BGP can be configured to distinguish between the routes that are known within the
AS and that which are known from outside the AS.
• Runs Over TCP.
• BGP conserves network Bandwidth.
• BGP supports CIDR.
• BGP also supports Security.
Functionality of Border Gateway Protocol
(BGP)
• BGP peers perform 3 functions, which are given below.
• The first function consists of initial peer acquisition and
authentication. both the peers established a TCP connection and
performed message exchange that guarantees both sides have agreed
to communicate.
• The second function mainly focuses on sending negative or positive
reach-ability information.
• The third function verifies that the peers and the network connection
between them are functioning correctly.
Types of Border Gateway Protocol
External BGP: It is used to interchange routing information between
the routers in different autonomous systems, it is also known as
eBGP(External Border Gateway Protocol). The below image shows how
eBGP interchange routing information.
• Internal BGP: It is used to interchange routing information between
the routers in the same autonomous system, it is also known as
iBGP(Internal Border Gateway Protocol). Internal routers also ensure
consistency among routers for sharing routing information. The below
image shows how iBGP interchange routing information.
Elements of BGP

• Some elements of BGP are assigned to each path and these elements help routers to
select a path from multiple paths. Here below are some elements of BGP:
• Weight: Weight is defined as a Cisco-specific attribute that tells a router which
path is preferred. The weight having a higher value is preferred.
• Originate: This tells how a router choose routes and adds to BGP itself.
• Local Preference: Local Preference is an element used to select the outbound
routing path. Greater local preference is preferred.
• Autonomous System Path: This element tells the router to select a path having a
shorter length.
• Next Hop: To reach the destination the next hop elements specify the IP address
that should be used as the next hop.