The clue might be in the title, but the Network Layer is one of the more important layers in the network stack. So far we have defined high-level identities, application services and data formats. We have also established our protocols, chopped up data into smaller more manageable pieces and tagged them with a sequence number. It is at this point we need to start defining more details on where we will be sending the data and moving closer to establishing a unique address for both source and destination. We also need network components to be in place to allow us to transmit and route the data appropriately.
The two core concepts at work in this layer are addressing and routing.
Addressing: Internet Protocol (IP)
The most ubiquitous protocol used for network addressing and routing is the Internet Protocol, IP (i.e. the IP from TCP/IP). As with most protocols, there have historically been alternatives such as IPX/SPX Novell Netware’s protocol, but these have mostly disappeared as IP has become the defacto standard for data communication. Again, the clue might be in the name here, but it is this protocol that underpins the internet and fundamentally enables everything we do on the internet.
The first thing we need to consider in IP, is addressing. For each node in a network (note: nodes are sometimes referred to as Hosts), we need to provide a unique IP address. As of today, the bulk of internet communications use IP version 4 (IPv4). IPv4 defines an address as four numbers between 0 and 255, separated by periods (For example: 126.96.36.199). The format is a little strange and this is due to the underlying need for the systems to convert the more human readable IP address to/from the more computer usable binary representation of the address.
This works very much like a postal address. In a postal address we have a house number, a street name, a city, a region, a country and a post code (USA: Zip Code). An IP address is much simpler. That four part address is actually made up of a Host ID (i.e. Node ID) and a Network ID. So really all we need in IP is a house number and a Post Code. We can split the above address into two parts as follows:
Network ID: 135.168.0
Host ID: 23
For the purposes of this primer, we will keep it simple. In reality, due to the nature of the mapping between binary bits and IP address components. Splitting the address into a Host and Network ID can become much more complex and may straddle the two numbers on each side of a period. You can, for instance, have a node that sits on 188.8.131.52 and another node that sits on 184.108.40.206. One might assume that these are both on the same network (135.168.10) but they could be on different networks. For each node, we apply what’s known as a subnet mask and it is this mask that dictates which Host IDs sit in which networks. There are some moderately involved calculations that happen in the background to decide where the Host to Network split occurs in an address. If you want to do this, my best advice here is to go find a subnet mask calculator.
Networks are also defined by their size, Class A (large: up to 16,777,216 addresses), Class B (medium: up to 65,536 addresses) and Class C (small: up to 256 addresses). There is also a Class D & E but these are not related to size.
A typical subnet mask for a Class C network, looks something like this:
IP Network Scope: Private vs Public and NATing
It is worth understanding a little bit about scope here. A network’s scope may be restricted in an isolated room with no connectivity to the outside world. In which case, all the nodes in that room must have unique network addresses. Let’s call it Room 1. If we have another similar room (Room 2) of nodes all isolated from the outside world, those nodes could have the same addresses as those in Room 1. There is no requirement for uniqueness as the isolation of the two networks means there is never any confusion over which node has which address as they never communicate between rooms. This is most commonly referred to as a private network.
On the internet, all addresses must be unique but due to the exponential growth of the internet, public IPv4 addresses have become scarce as there simply aren’t enough of them to hand out. This has led to organisations implementing architectures where they can minimise the use of public IP addresses. An organisation might only have one public IP address, but many hundred’s of nodes inside their network. So how do all those nodes talk to the outside world? This is done through a process called NATing (NAT – Network Address Translation). The analogy with the postal service here, is that an office building may have a front door number (Public IP Address), but lots of room numbers inside (Private IP Addresses). Different buildings will have different front door numbers, but inside their is nothing stopping them having the same room numbers (Room 1, Room 2, etc).
The NATing process is responsible for handling the conversion of private IP addresses to public ones and back again. You can think of this as a mail manager sitting at the front door. When someone from Room 1 sends something out of the building, the mail manager logs it’s destination in a table and the fact it came from Room 1. In the destination building, the receiver doesnt necessarily know it’s from Room 1, they just know that it came from that building. If they respond, the mail manager checks his table sees that the originating communication came from Room 1 and sends the reply back up to Room 1.
In fact, even today it is very likely that your own home uses this concept of public and private IP addressing. If you have broadband at home, the router that your ISP provided will manage a pool of internal private IP addresses that are handed out to your devices (Computers, IPads, TVs, etc) and a single public IP address that the provider uses to identify you on the internet.
Note: There is a new IP protocol which has been available for some year, IPv6. This resolves the “running out of addresses” problem, but isn’t widely deployed today.
Let’s take a look at the IP configuration on your system. Note: PC/Laptop only:
- Go to your Start Menu and search for and run “Windows Powershell”. This may be in a slightly different location depending on your version of windows. At the Powershell prompt: Type “IPCONFIG” and see the results. You should see something like this:
Some of the items listed will be recognisable, such as IPv4 address and Subnet Mask. There are also some other items like Default Gateway which we’ll cover in later posts.
- Open up a terminal window and type IFCONFIG. On a Mac you will see a result that looks like this:
I’ve highlighted some of the same information that you could also see on the Windows tab. The output here is a little more complex and has much more content. We can see our IPv4 address “inet 192.168.0.2” and also our subnet mask “netmask 0xffffff00”. You’ll notice that the subnet mask is much less recognisable and this is because it’s displayed in hexadecimal format, instead of standard IP or binary. If you convert the hexidecimal to IP, you get 255.255.255.0 which is a standard Class C network subnet mask.
Linux produces a similar format to this with some slightly different details, but ultimately following the same approach. As you might expect Linux and Mac systems have many similarities due to their sibling nature and UNIX ancestry.
IP addresses are clearly an important factor in the network layer, but even though we have a unique network identity for both our source and destination nodes, they wouldn’t be of much use if we didn’t have a way to direct the data packets across the network from source to destination. That’s where routing comes in.
The Pirate Ship: Let’s use some of the similarities with the postal service in our analogy. Instead of an IP address we’ll have:
My node address as: Room 62, Building 34, Legofiend Street, Manchester.
Rich’s node address as: Room 78, Building 2, Zoo Street, London.
We’re going to assume that all addresses are public and that there’s is no NATing process occuring between public and private. To align more closely with IP Addressing, let’s split our addresses into a Node and Network ID. So, in both cases the “Room” is the node and the “Building, Street, City” part of the address makes up the network ID.
To pick up where we left our transport manager earlier in the series, we need to apply more information to our packet. It currently has a TCP label and sequence number. We’re now going to take that packet and put it inside another one, a slightly larger box. On the new package, we’re going to write the destination node address (Rich’s) and the source node address (Mine).