Chapter4

NetworkLayerAnoteontheuseofthesepptslides:We’remakingtheseslidesfreelyavailabletoall(faculty,students,readers).They’reinPowerPointformsoyoucanadd,modify,anddeleteslides(includingthisone)andslidecontenttosuityourneeds.Theyobviouslyrepresentalotofworkonourpart.Inreturnforuse,weonlyaskthefollowing:Ifyouusetheseslides(e.g.,inaclass)insubstantiallyunalteredform,thatyoumentiontheirsource(afterall,we’dlikepeopletouseourbook!)Ifyoupostanyslidesinsubstantiallyunalteredformonawwwsite,thatyounotethattheyareadaptedfrom(orperhapsidenticalto)ourslides,andnoteourcopyrightofthismaterial.Thanksandenjoy!JFK/KWRAllmaterialcopyright1996-2007J.FKuroseandK.W.Ross,AllRightsReservedComputerNetworking:ATopDownApproach

4thedition.

JimKurose,KeithRoss

Addison-Wesley,July2007.

1NetworkLayerChapter4:NetworkLayerChaptergoals:

understandprinciplesbehindnetworklayerservices:IPaddressing(尋址)forwardingversusrouting(轉(zhuǎn)發(fā)vs

路由)routing(pathselection)advancedtopics:IPv6,mobilityinstantiation,implementationintheInternet2NetworkLayerChapter4:NetworkLayer4.1Introduction4.2Virtualcircuitanddatagramnetworks4.3What’sinsidearouter4.4IP:InternetProtocolDatagramformatIPv4addressingICMPIPv64.5RoutingalgorithmsLinkstateDistanceVectorHierarchicalrouting4.6RoutingintheInternetRIPOSPFBGP4.7Broadcastandmulticastrouting3NetworkLayerVocabularyandTermVirtualCircuit(VC)/Datagram虛電路/數(shù)據(jù)報(bào)Router/Switch/Hub/Repeater路由器/交換機(jī)/集線器/中繼器Input/OutputPort輸入/輸出端口SwitchFabric、Crossbar交換結(jié)構(gòu)、交叉開關(guān)Forwarding/Routing轉(zhuǎn)發(fā)/路由FIB(ForwardingInformationBase)/RouteTable轉(zhuǎn)發(fā)表/路由表4NetworkLayerChapter4:NetworkLayer4.1Introduction4.2Virtualcircuitanddatagramnetworks4.3What’sinsidearouter4.4IP:InternetProtocolDatagramformatIPv4addressingICMPIPv64.5RoutingalgorithmsLinkstateDistanceVectorHierarchicalrouting4.6RoutingintheInternetRIPOSPFBGP4.7Broadcastandmulticastrouting5NetworkLayerApp.LayerApp.LayerHost1L2L1L4L3Host2L2

L1

L4

L3

MediaL1ProtocolL2ProtocolL3ProtocolL4ProtocolInterfaceProtocol：commrulesSegment332132Header132323DataApp.Protocol44444444AssembleData6NetworkLayerNetworklayertransportsegmentfromsendingtoreceivinghostonsendingsideencapsulatessegmentsintodatagramsonreceivingside,deliverssegmentstotransportlayernetworklayerprotocolsineveryhost,routerrouterexaminesheaderfieldsinallIPdatagramspassingthroughitapplicationtransportnetworkdatalinkphysicalapplicationtransportnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysicalnetworkdatalinkphysical7NetworkLayerJourneyofaPacketL1L2L1L2

L1L3

132323321325432154321HubSwitchRouterHostHost8NetworkLayerTwoKeyNetwork-LayerFunctionsforwarding:movepacketsfromrouter’sinputtoappropriaterouteroutputrouting:determineroutetakenbypacketsfromsourcetodestinationroutingalgorithmsanalogy:routing:processofplanningtripfromsourcetodestinationforwarding:processofgettingthroughsingleinterchange9NetworkLayerRouterFunctionsSelectBestRouteForwarding（Interfaceij）Control（Congest,Security）DestNext-Hop------------------------DestPort/NHNext-hopCal.Packet10NetworkLayerRouterStartupPower-OnSelfTest

(POST)BootROM

LoadingOSIOSinFlashLoadingConfigureInformationConfigfileinNVRAMRunapplications11NetworkLayer1230111valueinarrivingpacket’sheaderroutingalgorithmlocalforwardingtableheadervalueoutputlink01000101011110013221Interplaybetweenroutingandforwarding12NetworkLayerConnectionsetup3rdimportantfunctioninsomenetworkarchitectures:ATM,framerelay(幀中繼),X.25beforedatagramsflow,twoendhostsandinterveningroutersestablishvirtualconnectionroutersgetinvolvednetworkvs.transportlayerconnectionservice:network:betweentwohosts(mayalsoinvolveinerveningroutersincaseofVirtualCircuits)transport:betweentwoprocesses13NetworkLayerNetworkservicemodelQ:Whatnetworkservicemodelfor“channel”transportingdatagramsfromsendertoreceiver?Exampleservicesforindividualdatagrams:guaranteeddeliveryguaranteeddeliverywithlessthan40msecdelayExampleservicesforaflowofdatagrams:in-orderdatagramdeliveryguaranteedminimumbandwidthtoflowrestrictionsonchangesininter-packetspacing14NetworkLayerNetworklayerservicemodels:NetworkArchitectureInternetATMATMATMATMServiceModelbesteffortCBRVBRABRUBRBandwidthnoneconstantrateguaranteedrateguaranteedminimumnoneLossnoyesyesnonoOrdernoyesyesyesyesTimingnoyesyesnonoCongestionfeedbackno(inferredvialoss)nocongestionnocongestionyesnoGuarantees?15NetworkLayerChapter4:NetworkLayer4.1Introduction4.2Virtualcircuitanddatagramnetworks4.3What’sinsidearouter4.4IP:InternetProtocolDatagramformatIPv4addressingICMPIPv64.5RoutingalgorithmsLinkstateDistanceVectorHierarchicalrouting4.6RoutingintheInternetRIPOSPFBGP4.7Broadcastandmulticastrouting16NetworkLayerNetworklayerconnectionandconnection-lessservicedatagramnetworkprovidesnetwork-layerconnectionlessserviceVCnetworkprovidesnetwork-layerconnectionserviceanalogoustothetransport-layerservices,but:service:host-to-hostnochoice:networkprovidesoneortheotherimplementation:innetworkcore17NetworkLayerVirtualcircuitscallsetup,teardownforeachcallbeforedatacanfloweachpacketcarriesVCidentifier(notdestinationhostaddress)everyrouteronsource-destinationpathmaintains“state”foreachpassingconnectionlink,routerresources(bandwidth,buffers)maybeallocatedtoVC(dedicatedresources=predictableservice)“source-to-destinationpathbehavesmuchliketelephonecircuit”performance-wisenetworkactionsalongsource-to-destpath18NetworkLayerCircuitSwitchingdedicatedresources:nosharingguaranteedperformanceRecall19NetworkLayerVCimplementationaVCconsistsof:pathfromsourcetodestinationVCnumbers,onenumberforeachlinkalongpathentriesinforwardingtablesinroutersalongpathpacketbelongingtoVCcarriesVCnumber(ratherthandestinationaddress)VCnumbercanbechangedoneachlink.NewVCnumbercomesfromforwardingtable20NetworkLayerForwardingtable122232123VCnumberinterfacenumberIncominginterfaceIncomingVC#OutgoinginterfaceOutgoingVC#11232226311837217197387…………Forwardingtableinnorthwestrouter:Routersmaintainconnectionstateinformation!21NetworkLayerVirtualcircuits:signalingprotocolsusedtosetup,maintainteardownVCusedinATM,frame-relay,X.25notusedintoday’sInternetapplicationtransportnetworkdatalinkphysicalapplicationtransportnetworkdatalinkphysical1.Initiatecall2.incomingcall3.Acceptcall4.Callconnected5.Dataflowbegins6.Receivedata22NetworkLayerDatagramnetworksnocallsetupatnetworklayerrouters:nostateaboutend-to-endconnectionsnonetwork-levelconceptof“connection”packetsforwardedusingdestinationhostaddresspacketsbetweensamesource-destpairmaytakedifferentpathsapplicationtransportnetworkdatalinkphysicalapplicationtransportnetworkdatalinkphysical1.Senddata2.Receivedata23NetworkLayerSummaryExchangeTechnologyMessageSwitchingStore&ForwardingCircuitExchangeVirtualCircuitDatagramPacketSwitching24NetworkLayerForwardingtable

DestinationAddressRange

LinkInterface11001000000101110001000000000000through01100100000010111000101111111111111001000000101110001100000000000through11100100000010111000110001111111111001000000101110001100100000000through211001000000101110001111111111111otherwise34billionpossibleentries?25NetworkLayerLongestprefixmatching

PrefixMatch

LinkInterface110010000001011100010011001000000101110001100011100100000010111000112otherwise3DA:11001000000101110001100010101010ExamplesDA:11001000000101110001011010100001Whichinterface?Whichinterface?26NetworkLayerDatagramorVCnetwork:why?Internet(datagram)dataexchangeamongcomputers“elastic”service,nostricttimingreq.“smart”endsystems(computers)canadapt,performcontrol,errorrecoverysimpleinsidenetwork,complexityat“edge”manylinktypesdifferentcharacteristicsuniformservicedifficultATM(VC)evolvedfromtelephonyhumanconversation:stricttiming,reliabilityrequirementsneedforguaranteedservice“dumb”endsystemstelephonescomplexityinsidenetwork27NetworkLayerChapter4:NetworkLayer4.1Introduction4.2Virtualcircuitanddatagramnetworks4.3What’sinsidearouter4.4IP:InternetProtocolDatagramformatIPv4addressingICMPIPv64.5RoutingalgorithmsLinkstateDistanceVectorHierarchicalrouting4.6RoutingintheInternetRIPOSPFBGP4.7Broadcastandmulticastrouting28NetworkLayerCISCORoutersCisco1600Cisco2500Cisco2600Cisco3600Cisco4000As5200/5300As5800Cisco7200Cisco7500Cisco1200029NetworkLayerRouters:Low/MiddlePerformance30NetworkLayerRouter:High-PerformanceLucentNX64000JuniperT640CISCO1200031NetworkLayerRouterInsideCisco

2600FrontendBackend32NetworkLayerCOMPort33NetworkLayerRouterOrganization34NetworkLayer35NetworkLayerRouterArchitectureOverviewTwokeyrouterfunctions:

runroutingalgorithms/protocol(RIP,OSPF,BGP)forwardingdatagramsfromincomingtooutgoinglink36NetworkLayerInputPortFunctionsDecentralizedswitching:

givendatagramdestination,lookupoutputportusingforwardingtableininputportmemorygoal:completeinputportprocessingat‘linespeed’queuing:ifdatagramsarrivefasterthanforwardingrateintoswitchfabricPhysicallayer:bit-levelreceptionDatalinklayer:e.g.,Ethernetseechapter537NetworkLayerThreetypesofswitchingfabrics38NetworkLayerSwitchingViaMemoryFirstgenerationrouters:traditionalcomputerswithswitchingunderdirectcontrolofCPUpacketcopiedtosystem’smemoryspeedlimitedbymemorybandwidth(2buscrossingsperdatagram)InputPortOutputPortMemorySystemBus39NetworkLayerSwitchingViaaBusdatagramfrominputportmemorytooutputportmemoryviaasharedbusbuscontention:switchingspeedlimitedbybusbandwidth32Gbpsbus,Cisco5600:sufficientspeedforaccessandenterpriserouters40NetworkLayerSwitchingViaAnInterconnectionNetworkovercomebusbandwidthlimitationsBanyannetworks,otherinterconnectionnetsinitiallydevelopedtoconnectprocessorsinmultiprocessoradvanceddesign:fragmentingdatagramintofixedlengthcells,switchcellsthroughthefabric.Cisco12000:switches60Gbpsthroughtheinterconnectionnetwork41NetworkLayerOutputPortsBufferingrequiredwhendatagramsarrivefromfabricfasterthanthetransmissionrateSchedulingdisciplinechoosesamongqueueddatagramsfortransmission42NetworkLayerOutputportqueueingbufferingwhenarrivalrateviaswitchexceedsoutputlinespeedqueueing(delay)andlossduetooutputportbufferoverflow!43NetworkLayerHowmuchbuffering?RFC3439ruleofthumb:averagebufferingequalto“typical”RTT(say250msec)timeslinkcapacityCe.g.,C=10Gbpslink:2.5GbbufferRecentrecommendation:withNflows,bufferingequaltoRTTC.N44NetworkLayerInputPortQueuingFabricslowerthaninputportscombined->queueingmayoccuratinputqueuesHead-of-the-Line(HOL)blocking:queueddatagramatfrontofqueuepreventsothersinqueuefrommovingforwardqueueingdelayandlossduetoinputbufferoverflow!45NetworkLayerFourthGenerationRoutersSwitchCoreLinecardsOpticallinks100sofmetres160Gb/s-20Tb/sroutersindevelopment46NetworkLayerHomeworkReviews：2，3，7，1047NetworkLayerChapter4:NetworkLayer4.1Introduction4.2Virtualcircuitanddatagramnetworks4.3What’sinsidearouter4.4IP:InternetProtocolDatagramformatIPv4addressingICMPIPv64.5RoutingalgorithmsLinkstateDistanceVectorHierarchicalrouting4.6RoutingintheInternetRIPOSPFBGP4.7Broadcastandmulticastrouting48NetworkLayer49NetworkLayer50NetworkLayer51NetworkLayerEthernetHeaderPacketIPHeaderTCPHeaderHTTPHeadere.g.,HTTPBody52NetworkLayerTheInternetNetworkLayerforwardingtableHost,routernetworklayerfunctions:RoutingprotocolspathselectionRIP,OSPF,BGPIPprotocoladdressingconventionsdatagramformatpackethandlingconventionsICMPprotocolerrorreportingrouter“signaling”Transportlayer:TCP,UDPLinklayerphysicallayerNetworklayer53NetworkLayerIPdatagramformatverlength32bitsdata(variablelength,typicallyaTCPorUDPsegment)16-bitidentifierheaderchecksumtimetolive32bitsourceIPaddressIPprotocolversionnumberheaderlength(bytes)maxnumberremaininghops(decrementedateachrouter)forfragmentation/reassemblytotaldatagramlength(bytes)upperlayerprotocoltodeliverpayloadtohead.lentypeofservice“type”ofdataflgsfragmentoffsetupperlayer32bitdestinationIPaddressOptions(ifany)E.g.timestamp,recordroutetaken,specifylistofrouterstovisit.howmuchoverheadwithTCP?20bytesofTCP20bytesofIP=40bytes+applayeroverhead54NetworkLayerIPFormat（ChineseVersion）55NetworkLayerTTLTimetolivemaxnumberremaininghopsdecrementedateachrouterTTL=0:discard(onlyinLANwheninitialTTL=1)Toosmalltoreachthedestinationcanbeusedtocounthopstodestinationverlength16-bitidentifierHeaderchecksumtimetolive32bitsourceIPaddresshead.lentypeofserviceflgsfragmentoffsetupperlayer32bitdestinationIPaddressOptions(ifany)56NetworkLayerInternetProtocolNumbers：2008-02-27www.iana.org/assignments/protocol-numbers0-133：SAME134RSVP-E2E-IGNORE[RFC3175]135MobilityHeader[RFC3775]136UDPLite[RFC3828]137MPLS-in-IP[RFC4023]138manetMANETProtocols[RFC-ietf-manet-iana-07.txt]139HIPHostIdentityProtocol[RFC-ietf-hip-base-10.txt]

140-252Unassigned[IANA]253Useforexperimentationandtesting[RFC3692]254Useforexperimentationandtesting[RFC3692]255Reserved[IANA]57NetworkLayerIPFragmentation&Re-assemblenetworklinkshaveMTU(max.transfersize)-largestpossiblelink-levelframe.differentlinktypes,differentMTUslargeIPdatagramdivided(“fragmented”)withinnetonedatagrambecomesseveraldatagrams“re-assembled”onlyatfinaldestinationIPheaderbitsusedtoidentify,orderrelatedfragmentsfragmentation:in:onelargedatagramout:3smallerdatagramsreassembly58NetworkLayerIPFragmentation&Re-assembleID=xoffset=0fragflag=0length=4000ID=xoffset=0fragflag=1length=1500ID=xoffset=185fragflag=1length=1500ID=xoffset=370fragflag=0length=1040OnelargedatagrambecomesseveralsmallerdatagramsExample:Ethernet4000bytedatagramMTU=1500bytes1480bytesin

datafieldoffset=1480/8Flag=1thereismorefragmentFlag=0thisisthelast fragmentOffset:bytenumberofthe1st byteofthefragment(specifiedinunitsof8-bytechunks)59NetworkLayerChapter4:NetworkLayer4.1Introduction4.2Virtualcircuitanddatagramnetworks4.3What’sinsidearouter4.4IP:InternetProtocolDatagramformatIPv4addressingICMPIPv64.5RoutingalgorithmsLinkstateDistanceVectorHierarchicalrouting4.6RoutingintheInternetRIPOSPFBGP4.7Broadcastandmulticastrouting60NetworkLayerAddressAllocationIANA：InternetAssignedNumbersAuthority(互聯(lián)網(wǎng)號碼分配機(jī)構(gòu))Domainname,IPaddress,protocolparameters,rootservermanagementICCAN：InternetCorporationforAssignedNamesandNumbersallocatesaddressesmanagesDNSassignsdomainnames,resolvesdisputesASO(AddressSupportingOrganization)Advisoryonpolicyandstructure61NetworkLayerIPaddressing:thelastword...Q:HowdoesanISPgetblockofaddresses?A:ICANN:InternetCorporationforAssigned

NamesandNumbersallocatesaddressesmanagesDNSassignsdomainnames,resolvesdisputes62NetworkLayerIPAddressingIPAddress：ClassfulAddressing(有類尋址)A，B，C，D，E--5ClassesNetworkMask(網(wǎng)絡(luò)掩碼)ClasslessAddressing(無類尋址)Subnet(子網(wǎng))

&

Supernet

(超網(wǎng))NAT(NetworkAddressTranslation)63NetworkLayerIPAddressClassesClassA:ClassB:ClassC:ClassD:MulticastClassE:ResearchpurposeNetworkHostHostHostNetworkNetworkHostHostNetworkNetworkNetworkHost8bits8bits8bits8bits64NetworkLayerClassfulAddressing65NetworkLayerIPinChina66NetworkLayerIPinChina(2005)Telcom：34.70%Netcom：21.40%CERNET：15.08%CNNIC：14.47%Unicom：3.07%Mobile：2.84%其他：8.43%67NetworkLayerChinaIPv4AllocationList(2007.1)68NetworkLayerIP

Address:點(diǎn)分十進(jìn)制表示法10000000000010110000001100011111

主機(jī)的IP地址是32位二進(jìn)制代碼10000000000010110000001100011111

每隔8位插入一個(gè)空格以提高可讀性

readable!1128

11331將每8位的二進(jìn)制數(shù)轉(zhuǎn)換為十進(jìn)制數(shù)表示69NetworkLayerNumberofNetworksandHosts

ClassNetworkNumberofNetworksHostsforeachnetworkA-

27–2(125)224-2(16777216)B-214-2(16384)216

（64K）-2(65534)C-221–2(>2million)28-2(254)70NetworkLayerHowtogetNetworkID：byNetworkMaskClassBitsforNetworkIDBitsforhostIDNetworkMaskA824B1616C248IPAddress“AND”mask=>NetworkID

71NetworkLayerExample:

Address00001000000000010000010000000101Mask11111111

000000000000000000000000Result00001000000000000000000000000000Address10000010000001000110010000000101Mask1111111111111111

0000000000000000Result10000010000001000000000000000000Example1:First8bitsarenetworkIDExample2:First16bitsarenetworkID72NetworkLayerTCP/IPConfiguration73NetworkLayerIPAddressClassesExerciseAddressClassNetworkHost00462074NetworkLayerIPAddressClassesExerciseAnswersAddressClassNetworkHost004620ABCCBNonexistent004675NetworkLayerSpecialIPAddress76NetworkLayerHostAddresses02118E1172.161212NetworkHost..NetworkInterfaceE0E1RoutingTableE077NetworkLayerIPAddressing:introductionIPaddress:32-bitidentifierforhost,routerinterfaceinterface:connectionbetweenhost/routerandphysicallinkrouter’stypicallyhavemultipleinterfaceshosttypicallyhasoneinterfaceIPaddressesassociatedwitheachinterface7=1101111100000001000000010000000122311178NetworkLayerWhySubnetting?ComputerSchool

:/16Labs601：172.26.1.0-55602：172.26.2.0-55

601::/24602::/24

79NetworkLayerSubnetsIPaddress:

subnetpart(highorderbits)hostpart(loworderbits)What’sasubnet?deviceinterfaceswithsamesubnetpartofIPaddresscanphysicallyreacheachotherwithoutinterveningrouter7networkconsistingof3subnetssubnet80NetworkLayerSubnetsHowmany?781NetworkLayerSmallerSubnets

:Lab601IPAddressHowtodivideinto4Sub-Groups?

(110000000001101000000001

00000000)-172.26.1.63172.26.1.64-172.26.1.127172.26.1.128-172.26.1.191172.26.1.192-55(11000000000110100000000111111111)Whatisthenetworknumberandmaskforeachgroup?82NetworkLayereachsubnethas64

(256/4)hostsnumberofhostsis64(26)networkmaskhas32-6=26bits,originallynetworkmaskhas24bits,i.e.,/24

Now,wehavethesubnetworkmask/264/2628/2692/26111111111111111111111111

11000000255.255.255.?83NetworkLayerIPaddressing:CIDRCIDR:

ClasslessInterDomain

Routingsubnetportionofaddressofarbitrarylengthaddressformat:a.b.c.d/x,wherexis#bitsinsubnetportionofaddress1100100000010111

0001000000000000subnetparthostpart/2384NetworkLayerHowtogetIPAddressforaHost?Question?hard-codedbysystemadmininafileWintel:control-panel->network->configuration->tcp/ip->propertiesUNIX:/etc/rc.configDHCP:

DynamicHostConfigurationProtocol:dynamicallygetaddressfromasserver“plug-and-play”85NetworkLayerDHCP:DynamicHostConfigurationProtocolGoal:allowhosttodynamically

obtainitsIPaddressfromnetworkserverwhenitjoinsnetworkCanrenewitsleaseonaddressinuseAllowsreuseofaddresses(onlyholdaddresswhileconnectedan“on”Supportformobileuserswhowanttojoinnetwork(moreshortly)DHCPoverview:hostbroadcasts“DHCPdiscover”msgDHCPserverrespondswith“DHCPoffer”msghostrequestsIPaddress:“DHCPrequest”msgDHCPserversendsaddress:“DHCPack”msg86NetworkLayerDHCPclient-serverscenario7ABE

DHCP

server

arrivingDHCPclientneedsaddressinthisnetwork87NetworkLayerDHCPclient-serverscenarioDHCPserver:arrivingclienttimeDHCPdiscoversrc:,68dest.:55,67yiaddr:transactionID:654DHCPoffersrc:,67dest:55,68yiaddrr:transactionID:654Lifetime:3600secsDHCPrequestsrc:,68dest::55,67yiaddrr:transactionID:655Lifetime:3600secsDHCPACKsrc:,67dest:55,68yiaddrr:transactionID:655Lifetime:3600secs88NetworkLayerQ:HowdoesnetworkgetsubnetpartofIPaddress?A:getsallocatedportionofitsproviderISP’saddressspaceISP'sblock11001000000101110001000000000000/20Organization011001000000101110001000000000000/23Organization111001000000101110001001000000000/23Organization211001000000101110001010000000000/23...…..….….Organization711001000000101110001111000000000/23

HowtogetIPAddressforaHost?89NetworkLayerNetworkConfiguration76/24/249990NetworkLayerNumberofNetworksandHosts

ClassNetworkNumberofNetworksHostsforeachnetworkA-

27–2(125)224-2(16777216)B-214-2(16384)216

（64K）-2(65534)C-221–2(>2million)28-2(254)91NetworkLayerSpecialIPAddress92NetworkLayer

從IP地址的主機(jī)號中“借用”若干位作為子網(wǎng)編號，主機(jī)號相應(yīng)縮短，并通過網(wǎng)絡(luò)掩碼來識別。用網(wǎng)絡(luò)掩碼劃分子網(wǎng)號網(wǎng)絡(luò)號net-id主機(jī)號host-id兩級IP地址網(wǎng)絡(luò)號net-idhost-id三級IP

地址主機(jī)號子網(wǎng)掩碼因特網(wǎng)部分本地部分因特網(wǎng)部分本地部分

111111111111111111000000

00000000子網(wǎng)-id

(IP地址)AND(子網(wǎng)掩碼)=網(wǎng)絡(luò)號（Net-id)93NetworkLayer示例：對于B類IP地址，把B類IP子網(wǎng)掩碼從/16改為：255.255.192.0/18由于將2位主機(jī)號作為子網(wǎng)ID，可以組成4個(gè)子網(wǎng)號：00～11，再加上原來的NetID：10101000.00010000.00000000.00000000，即各子網(wǎng)的實(shí)際NetID最終就成了：10101000.00010000.00000000.00000000()

10101000.00010000.01000000.00000000()

10101000.00010000.10000000.00000000()

10101000.00010000.11000000.00000000()

用網(wǎng)絡(luò)掩碼劃分子網(wǎng)號94NetworkLayer示例：對于B類IP地址，若子網(wǎng)數(shù)要求210個(gè)需利用8位主機(jī)號作為子網(wǎng)ID，可提供254個(gè)子網(wǎng)子網(wǎng)掩碼：10101000.00010000.XXXXXXXX.00000000若子網(wǎng)數(shù)要求900個(gè),需將10位主機(jī)號作為子網(wǎng)ID，可提供1022個(gè)子網(wǎng)。子網(wǎng)掩碼：921111111111111111111111111100000010101000.00010000.XXXXXXXX.XX000000用網(wǎng)絡(luò)掩碼劃分子網(wǎng)號8位子網(wǎng)號10位子網(wǎng)號95NetworkLayerNAT:NetworkAddressTranslationlocalnetwork(e.g.,homenetwork)10.0.0/24restofInternetDatagramswithsourceordestinationinthisnetworkhave10.0.0/24addressforsource,destination(asusual)All

datagrams

leavinglocalnetworkhavesamesinglesourceNATIPaddress:,differentsourceportnumbers96NetworkLayerNAT:

NetworkAddressTranslationMotivation:localnetworkusesjustoneIPaddressasfarasoutsideworldisconcerned:rangeofaddressesnotneededfromISP:justoneIPaddressforalldevicescanchangeaddressesofdevicesinlocalnetworkwithoutnotifyingoutsideworldcanchangeISPwithoutchangingaddressesofdevicesinlocalnetworkdevicesinsidelocalnetnotexplicitlyaddressable,visiblebyoutsideworld(asecurityplus).97NetworkLayerNAT:NetworkAddressTranslationImplementation:NATroutermust:

outgoingdatagrams:

replace(sourceIPaddress,port#)ofeveryoutgoingdatagramto(NATIPaddress,newport#)...remoteclients/serverswillrespondusing(NATIPaddress,newport#)asdestinationaddre