Network Layer Protocols

Common Protocols
• ICMP
• IGMP
• IPSec
• Protocol Independent Multicast (PIM)
• Connectionless-mode Network Service (CLNS)
• Routing Protocols
Internet Control Message Protocol (ICMP)
• Since IP does not have a inbuilt mechanism for sending error and
control messages. It depends on Internet Control Message
Protocol(ICMP) to provide an error control. It is used for reporting
errors and management queries. It is a supporting protocol and used
by networks devices like routers for sending the error messages and
operations information. e.g. the requested service is not available or
that a host or router could not be reached.
ICMP Echo Request/Reply
ICMP Destination Unreachable
• Code 0 - Network unreachable - Tells you if a specific network is currently unreachable.
• Code 1 - Host unreachable - Tells you if a specific host is currently unreachable.
• Code 2 - Protocol unreachable - This code tells you if a specific protocol (tcp, udp, etc) can not be reached at the moment.
• Code 3 - Port unreachable - If a port (ssh, http, ftp-data, etc) is not reachable, you will get this message.
• Code 4 - Fragmentation needed and DF set - If a packet needs to be fragmented to be delivered, but the Do not fragment bit is set in the packet, the gateway will return this
message.
• Code 5 - Source route failed - If a source route failed for some reason, this message is returned.
• Code 6 - Destination network unknown - If there is no route to a specific network, this message is returned.
• Code 7 - Destination host unknown - If there is no route to a specific host, this message is returned.
• Code 8 - Source host isolated (obsolete) - If a host is isolated, this message should be returned. This code is obsoleted today.
• Code 9 - Destination network administratively prohibited - If a network was blocked at a gateway and your packet was unable to reach it because of this, you should get this ICMP
code back.
• Code 10 - Destination host administratively prohibited - If you where unable to reach a host because it was administratively prohibited (e.g., routing administration), youwill get
this message back.
• Code 11 - Network unreachable for TOS - If a network was unreachable because of a "bad" TOS setting in your packet, this code will be generated as a return packet.
• Code 12 - Host unreachable for TOS - If your packet was unable to reach a host because of the TOS of the packet, this is the message you get back.
• Code 13 - Communication administratively prohibited by filtering - If the packet was prohibited by some kind of filtering (e.g., firewalling), we get a code 13 back.
• Code 14 - Host precedence violation - This is sent by the first hop router to notify a connected host, to notify the host that the used precedence is not permitted for a specific
destination/source combination.
• Code 15 - Precedence cutoff in effect - The first hop router may send this message to a host if the datagram it received had a too low precedence level set in it.
ICMP Redirect
 ICMP-Source Quench Message
Source quench message is request to decrease traffic rate for messages sending to the
host(destination). Or we can say, when receiving host detects that rate of sending packets (traffic rate)
to it is too fast it sends the source quench message to the source to slow the pace down so that no
packet can be lost.

ICMP will take source IP from the discarded packet and informs to
source by sending source quench message. Then source will reduce
the speed of transmission so that router will free for congestion.
 ICMP-Source Quench Message

When the congestion router is far away from the source the ICMP
will send hop by hop source quench message so that every router
will reduce the speed of transmission.
 ICMP-Parameter problem
Whenever packets come to the router then calculated
header checksum should be equal to received header
checksum then only packet is accepted by the router.

If there is mismatch packet will be dropped by the router.

ICMP will take the source IP from the discarded packet
and informs to source by sending parameter problem
message.
ICMP-Time exceeded message
When some fragments are lost in a network then the holding fragment by the router will be dropped
then ICMP will take source IP from discarded packet and informs to the source, of discarded datagram
due to time to live field reaches to zero, by sending time exceeded message.
IP Unicast
IP Broadcast
IP Multicast
Multicast traffic is very
efficient. This time we only
have two hosts that are
interested in receiving the
video stream. The video
server will only send the
packets once, the switches
and routers will only forward
traffic to the hosts that want
to receive it. This reduces
the load of the video server
and network traffic in
general.
When using unicast, each
additional host will increase
the load and traffic rate.
With multicast it will remain
the same:
Internet Group Management Protocol (IGMP)
IGMP is a communications protocol used by hosts and
adjacent routers on IPv4 networks to establish multicast group
memberships. IGMP is an integral part of IP multicast.
• IGMP Version 1
• IGMP Version 2
• IGMP Version 3
IGMP Version 1
• IGMP (Internet Group Management Protocol) version 1 is the first version that hosts can
use to announce to a router that they want to receive multicast traffic from a specific
group. It’s a simple protocol that uses only two messages:
i. Membership report
ii. Membership query
• When a host wants to join a multicast group, it will send a membership report to the
group address that it wants to receive. When the multicast-enabled router receives this
message, it will start forwarding the requested multicast traffic on the interface where it
received the IGMP membership report on.
• The router will periodically send a membership query to destination 224.0.0.1 (all hosts
multicast group address). Hosts that receive this message will respond with a
membership report to tell the router that they are still interested in receiving the
multicast traffic. When the router receives the membership report, it’s expiry timer will
be refreshed. When no hosts respond, the router knows that nobody is interested
anymore in the multicast traffic and it will then remove the entry once the timer
exceeds.
IGMP Version 2
• IGMP version 2 is the “enhanced” version of IGMP version 1. One of the major reasons
for a new version was to improve the “leave” mechanism. In IGMP version 1, hosts just
stop listening to the multicast group address but they never report this to the router.
Here are the new features:
• Leave group messages: when a host no longer wants to listen to a multicast group
address then it will report to the router that it has stopped listening.
• Group specific membership query: the router is now able to send a membership query
for a specific group address. When the router receives a leave group message, it will use
this query to check if there are still any hosts interested in receiving the multicast traffic.
• MRT (Maximum Response Time) field: this is a new field in query messages. It specifies
how much time hosts have to respond to the query.
• Querier election process: when there are two routers in the same subnet then only one
of them should send query messages. The election ensures only one router becomes the
active querier. The router with the lowest IP address becomes the active querier.
IGMP Version 3
• IGMP version 3 adds support for “source filtering”. IGMP version 1 and version
2 allow hosts to join multicast groups but they don’t check the source of the
traffic. Any source is able to receive traffic to the multicast group(s) that they
joined.
• With source filtering, we can join multicast groups but only from specified source
addresses. IGMP version 3 is a requirement for SSM (Source Specific Multicast).
Protocol Independent Multicast (PIM)
• Multicast protocols are used to deliver
multicast packets from one source to
multiple receivers. They facilitate better
bandwidth utilization, and use less host
and router processing, making them
ideal for usage in applications such as
video and audio conferencing,
whiteboard tools, stock distribution
tickers, and so on. PIM is a widely used
multicast routing protocol. Protocol
Independent Multicast (PIM) is a
standard multicast routing protocol that
provides scalable inter-domain multicast
routing across the Internet, independent
of the mechanisms provided by any
particular unicast routing protocol. There
are two types of PIM:
• PIM-Dense Mode (PIM-DM)
• PIM-Sparse Mode (PIM-SM)
PIM-Sparse Mode (PIM-SM)
How is R6 supposed to know that the video server at 192.168.1.1 is sending multicast traffic for this group? With PIM
dense mode, this was simple. Multicast traffic was flooded everywhere which allowed R6 to learn the source address.
• To solve this issue, PIM sparse mode uses a RP
(Rendezvous Point) in the network.
• Each router that receives multicast traffic from
a source will forward it to the RP.
• Each router that wants to receive multicast
traffic will go to the RP.
• The RP is like a “meeting point” for multicast
traffic.
Above you can see that R5 has become the RP in our
network. R1 receives multicast traffic from the video
server and forwards it to the RP. At the bottom we have
R6 that is receiving this multicast traffic from the RP and
it is forwarded to the host.
This does introduce another problem though…how does
R6 know where to find the RP? There are a couple of
different options for this:
•We can manually configure the IP address of the RP on
each router.
•There are some protocols that can automatically
discover the RP in our network.
PIM-Sparse Mode (PIM-SM)
Our video server is forwarding multicast traffic on its
interface which is received by R1. Since we are using
PIM sparse mode, this router will have to forward the
multicast traffic to the RP. Instead of forwarding
everything, R1 will only send the first multicast
packet. This packet is encapsulated in a PIM
register message and forwarded to the RP. Once the
RP receives the PIM register message there are two
options:
•When nobody is interested in the multicast traffic
then the RP will reject the PIM register message.
•When there is at least one receiver, the
RP accepts the RP register message.
For now, let’s say that we don’t have any receivers:
PIM-Sparse Mode (PIM-SM)
When we receive the PIM register stop packet, R1 will
start a suppression timer. By default this timer is 60
seconds and when the timer is almost expired, R1 will
send another packet.
R1 will send another PIM register message but
this one doesn’t carry the encapsulated multicast
packet. It’s a simple request to ask the RP if it is
interested now. This packet is called the PIM
register null packet. When we still don’t have
any receivers, the RP will send another PIM
register stop message. When we do have
receivers, the RP will not send a PIM register
stop message and R1 will start forwarding the
multicast traffic.
Now you know what happens when a source starts sending multicast traffic without
any receivers. Let’s see what happens when we do have receivers shall we? Take a
look at the picture below:
The host that is connected to R6 would like to receive multicast traffic so it
sends an IGMP membership report for the multicast group it wants. R6 now
has to figure out how to get to the RP and request it to start forwarding the
multicast traffic. It will check its unicast routing table for the IP address of
the RP and sends a PIM join message on the interface that is used to
reach the RP. In this case, that means the PIM join is forwarded towards
R4.
When R4 receives the PIM join, it has to request the RP to start forwarding
multicast traffic so it will also send a PIM join. It will check its unicast
routing table, finds the interface that is used to reach the RP and
sends a PIM join message towards the RP.
To summarize this, PIM sparse routers will send a PIM join message when:
•The router has received an IGMP membership report from a host on a
directly connected interface.
•The router has received a PIM join from a downstream router.
When the RP receives the PIM join, it will start forwarding the multicast
traffic.
This concept of joining the RP is called the RPT (Root Path
Tree) or shared distribution tree. The RP is the root of our tree which
decides where to forward multicast traffic to. Each multicast group might
have different sources and receivers so we might have different RPTs in
our network.
The end result will look like this:
IPSec