The Network Layer

Every network interface comes with a MAC address, which is used to address the frames at the link layer. However, this address is assigned statically and is not hierarchical, which makes it unsuitable for routing packets in a network. As a result, the network layer introduces a second form of address, called the IP (Internet Protocol) address.

Internet protocol

The IP addresses are assigned statically, either by an administrator or dynamically by the network.

IP addresses are also hierarchical, which means that each address is part of a network that can contain multiple addresses and where the network can also be part of a larger network.

The IP protocol evolved with time to address user needs, and the structure of IP addresses changed along with it. The resultant changes are:

• An IP v4 address is a 32-bit number.
• An IP v6 address is a 128-bit number.

Note: The adoption of IP v6 is an ongoing process. Therefore, we will give examples using IP v4. We will refer to it as IP for the sake of brevity.

Structure

IP addresses are represented with dot-decimal notation, consisting of four decimal numbers that represent 8 bits and a 0-255 range, which are then separated by a dot.

An example of an IP address is 172.16.254.1.

An IP address is structurally composed of two parts:

• The first part contains the higher-order bits, which are common for all addresses in the network and is known as the network prefix.
• The second part of the IP address represents the identifier of the node in the network.

Networks are connected with each other via special devices, called routers, which are capable of routing packets properly across networks so that they reach their destination successfully.

The following illustration shows an example of three different subnets connected to each other via three routers.

Note: The central protocol in the network layer is the IP protocol.

IP has the task of delivering packets, called datagrams, from a node to another node. It delivers datagrams that can potentially reside in a different network. These datagrams are encapsulated into link layer frames (for instance, Ethernet frames) in order to be sent across a link. They are also composed of a set of headers and a payload that corresponds to the packet of the next layer in the network stack. Over here, the main headers of interest are the source and destination IP address, the protocol of the higher layer, and the version of the IP protocol that is used.

Address Resolution Protocol (ARP)

Note: We will explore some protocols of the network layer a bit more to understand how a packet is delivered between different networks.

Nodes are, typically, addressed globally in the Internet via their IP addresses. However, for a packet to eventually reach a node, its neighboring node must know its MAC address to be able to craft a link-layer packet addressed to it. This mapping from an IP address to a MAC address is performed by the ARP protocol.

Note: Whether ARP is a link-layer or a network-layer protocol is a controversial debate. Some people claim that it’s a network-link layer because its packets are encapsulated in a link-layer protocol frame. Conversely, other people claim that it’s a link-layer protocol because it is not routable and is only exchanged inside the boundaries of a single network.

In the context of this chapter, the ARP protocol was presented as part of the network layer, because we believe it is easier to understand when following a bottom-up approach.

In order for a node to identify the MAC address of a node with a specific IP address, it can send an ARP request message to all the nodes on the local network (using the broadcast MAC address as the destination address), including the IP address in the request. The ARP message will be encapsulated in a link-layer frame. In the case of Ethernet, for instance, this would mean that the frame’s payload will be the ARP message and the type will correspond to the ARP type (0x0806).

Note: For the sake of brevity, we will not go into the details of the structure of an ARP message.

Each of the nodes that receive the ARP request will check if the IP address matches theirs and if that’s the case, they will reply with an ARP response message that will contain their MAC address. The nodes also store these mappings in a local ARP table, which acts as a cache to avoid repetitive requests for the same information.

We answered the question of how the network layer delivers packets inside the same network, but the question still remains on how it delivers packets across multiple networks.

Delivering packets across multiple networks

This is achieved through the use of routers. Routers maintain special routing tables, which contain information on how specific IP addresses can be reached. More specifically, the routing table maintains entries that contain the following fields:

• Network destination and network mask: Together, these fields form a network identifier.
• Gateway: A gateway is the next node to which the packet is to be sent in order for it to reach its final destination. This final destination can be a specific IP address of a router if the network is accessible via some router. It can also have the value 0.0.0.0 if the network is accessible locally, which would mean there is a direct link to the destination IP address and the packet can be sent directly to it.
• Interface: This field corresponds to the network interface through which the gateway can be reached.

Routing table

Routing tables are also maintained by regular nodes for the same purpose. Every time a node needs to send a network layer packet, it performs a lookup on its routing table with the destination IP of the packet to identify where this packet needs to be routed in order to reach this IP. Then, the packet is sent through the appropriate interface to the corresponding gateway.

We can now look back at our previous example and see how these routing tables will look and how the packets will flow across the networks. For instance, the routing table for the node with IP 240.1.1.1 may show the following form:

Destination	Network mask	Gateway	Interface
0.0.0.0	0.0.0.0	240.1.1.3	if1
240.1.1.0	255.255.255.0	0.0.0.0	if1

The next question, we may encounter, at this point is: How is this routing table populated in the first place?

Populating routing table

Routing tables are populated when routers exchange information about the IP addresses that are reachable through them. The routers then use this information to form a map of the network in the form of a routing table. Of course, this is an intentionally simplified description of the population process.

Autonomous system (AS)

In practice, multiple nodes from one or more networks can be grouped into an autonomous system (AS), which contains a group of routers that are under the same administrative control.

Intra-autonomous system routing protocol

Routers within the same AS run the same routing algorithm to share information about each other. As a result, the routing algorithm running within an autonomous system is called an intra-autonomous system routing protocol. An example of such a protocol is the open shortest path first protocol (OSPF).

Note: The layer to which OSPF belongs is also a controversial topic. It is encapsulated inside the IP, but it is placed on the link layer because OSPF packets flow only across a single link and do not traverse routers to travel more than one hop.

Inter-autonomous system routing protocol

An autonomous system needs to exchange some information with other autonomous systems in order to be able to route packets to them. This is the task of an inter-autonomous system routing protocol. An example of such a protocol is the border gateway protocol (BGP), which consists of external BGP (eBGP) and internal BGP (iBGP).

eBGP runs between two routers in different autonomous systems to exchange neighboring information between them, and iBGP runs between two routers in the same autonomous systems to propagate this information inside the autonomous system.

Note: In fact, BGP is run by most Internet service providers (ISPs) to establish routing between themselves.

Limitations of the network layer

Before we move to the next layer, it would be useful for us to reflect first on what the limitations of the network layer are.

• The network layer does not provide any guarantees that the messages sent from a node will, eventually, be delivered to the destination node. The exchange of messages is unsuccessful, either when a router fails or when a router is forced to drop the packet due to network congestion.

Routers store received packets in memory, until they transmit them on the network. If the packets arrive at a greater rate than they can be transmitted, the router may be forced to drop some packets to avoid running out of memory. The queuing algorithm used by the router governs how packets are buffered in memory and/or dropped. Some examples of a queuing algorithm include: first-in-first-out, priority queueing, and weighted fair queueing.

• The network layer does not provide any ordering guarantees either. If node A sends two messages in a sequence to the same node, this does not mean that the other node will receive them in the same order. The packets may follow different paths through the network or some routers in the network may not necessarily preserve the order of the packets. As a result, the network layer does not provide reliable nor in-order delivery.

• The network layer is also unable to provide strict throughput or timing guarantees since there is no way for applications to reserve the resources of the network for a specific period of time. Instead, they use any bandwidth that is available at the time of transmission of data. This is an important thing to keep in mind when we are building a distributed system, because we need to ensure that we do not make invalid assumptions.

This comes down to the fact that the IP protocol is a packet-switched protocol. There are other circuit-switched protocols that can provide strict throughput guarantees, but these come with their own drawbacks of course.