Home Archives for May 2017

Wednesday 31 May 2017

Ethernet (IEEE 802.3)

    No comments

In this post, we will discuss IEEE 802.3 standard which is ethernet. I will not go to advanced topics like metro Ethernet or business Ethernet, it will only be the basics of Ethernet which will help you to get started with advanced topics.


A bit of history:

Ethernet was developed at Xerox PARC between 1973 and 1974. It was inspired by ALOHAnet, which Robert Metcalfe had studied as part of his PhD dissertation. It was standardised in 1980 by IEEE. While Robert Metcalfe was doing his PhD in ALOHAnet, he found certain drawbacks in ALOHA network. There was no mechanism to detect collisions in pure ALOHAnet which dropped down its efficiency to 18.4%. Then he found slotted ALOHAnet which had an efficiency of 36.8%.

He somehow wanted to improve this. In this process of research, he went on discovering a new access control method called CSMA/CD. Metcalfe also developed a more sophisticated back off algorithm. This algorithm with CSMA/CD increased the efficiency of ALOHA to 100% and that's where Ethernet was born.

Ethernet frame format:

The following diagram shows the format of the Ethernet frame:


Before we go further and discuss the fields let's see how we got the frame the way it is. Actually, the preamble is not the part of the frame. Frame, as we know, is a data link layer entity but preamble is added at the physical layer. Addressing & length is data link layer header and CRC forms the data link layer trailer. 
When the frame format was initially introduced it didn't have the preamble part. Instead, it had only 1 byte called (SFD)start frame delimiter. SFD was 10101011. Start frame delimiter tells the stations on the way that a frame is starting and you should get ready to read the data. The reason for SFD to be 10101011 is that it should not match with any part of the data.
But soon researchers found that SFD could match with data, so they introduced preamble. It is 7 bytes of a continuous sequence of 10 (i.e 101010...). With 7 bytes of 10, it was less likely to match any part of data and hence it's successful till now. Now let's define each of these fields.
  • Preamble: It is 7 bytes long, and is an alternating sequence of 10 (i.e 101010....). It is mainly used for synchronisation purpose. (This is not important: At the physical layer, we implement the concept of clocks. Whenever two parties want to communicate they should have a synchronised clock. Because of the clock, their data is not interpreted wrongly).
  • SFD: It is 1 byte long, and is 10101011. The 11 at the end denotes that SFD has ended and now the actual frame starts. It is used to denote the start of the frame.
  • Destination address: It is 48-bit MAC address of the station to which the frame has to be delivered. 
  • Source address: It is 48-bit MAC address of the station who transmits the frame. Remember the source address has to be a unicast address.
  • Length: This gives the total length of the frame. As there are 16 bits in the length field, it means the maximum length of the frame can be only 65536. The standard length of the frame (from destination address to CRC) is 64 bytes. This is derived from the formula:                                                                                L >= 2 * Tᵨ * bandwidth
  • Data: It is the content that needs to be transmitted. 


    Minimum
    Maximum
    Data
    46 bytes
    1500 bytes
    Frame
    72 bytes
    1526 bytes
  • CRC: It is called as cyclic redundancy check. It is used by the receive to identify any errors in the packet. The reason for it to be kept at the end is that by the time the entire packet passes through the data link layer CRC would have been calculated. And so we keep CRC at the end of the frame (This topic is discussed in depth in the error control topic).

Important points:

  1. The topology used in Ethernet was Bus topology but now it is star topology.
  2. Access control method used is CSMA/CD.
  3. Ethernet does not have acknowledgements. But if the user wants it, he/she can implement it at the application layer.
  4. The encoding used is Manchester. Where baud rate is 2 * bit rate.
  5. Depending on the data rate Ethernet has 3 categories. 
  • 10 Mbps is Standard ethernet.
  • 100 Mbps is Fast ethernet.
  • 1 Gbps is Gigabit ethernet.
Hope this was helpful. Leave your questions, answers & suggestions in the comment section below. And if you learnt anything from this post make sure to like us on Facebook and follow on Google+.

Thank you!

Monday 29 May 2017

RSA algorithm

    No comments

You can directly jump on to the implementation of RSA and miss the beautiful history behind the first asymmetric encryption algorithm but I would not recommend doing that. I have made it very small and simple. Hope you will like it.

A bit of history of RSA algorithm:

Ever since people began to write down events in their lives, there has been a need for cryptography. The first thing people came up with was a symmetric encryption algorithm. But there was a problem with this. Symmetric algorithms used the same key for encryption and decryption. This means both sender and receiver should have the key used in the algorithm.
Now the problem boiled down to sharing of the key. And this was the same problem which we started with. We wanted to share our data without anyone tempering it in between. If we encrypt the key using another key then we need to send the second key to the receiver with the same conditions. It forms an infinite loop.

This problem persisted until Whitfield Diffie and Martin Hellman came into the picture. Diffie in an interview himself said how he invented first asymmetric key-based cipher.


Whitfield Diffie: “I walked downstairs to get a Coke, and almost forgot about the idea. I remembered that I’d been thinking about something interesting, but couldn’t quite recall what it was. Then it came back in a real adrenaline rush of excitement. I was actually aware for the first time in my work on cryptography of having discovered something really valuable.”

 Diffie and Hellman went on discovering an algorithm that could be used to exchange keys between sender and receiver. But they could not discover the cipher that could generate public and private keys. That discovery was made by another trio of researchers: Rivest, Shamir and Adleman.

Rivest, Shamir, and Adleman were a perfect team. Rivest is a computer scientist with an exemplary ability to apply new ideas in new places. Shamir, also a computer scientist, has a lightning intellect. Adleman is a mathematician and was largely responsible for spotting the flaws within the ideas of Rivest and Shamir, and he ensured that they did not follow false leads.


Rivest and Shamir spent a year coming up with ideas, and Adleman spent a year shooting them down. In April 1977, Rivest, Shamir, and Adleman spent Passover at the house of a student and consumed liberal quantities of Manischewitz wine before returning to their respective homes sometime around midnight. Rivest was unable to sleep, so he lay on his couch with a math textbook. 
He began to mull over the question that had been nagging him all year: Is it possible to find a one-way function that can be reversed only if the receiver has some special information (This is what is RSA)? 

Suddenly, the mists around began to clear and he had a revelation. He spent the rest of the night formalising his idea, and by daybreak, he had effectively written a complete mathematical paper. Rivest had a breakthrough, but it could not have come without the help of Shamir and Adleman. The system was later dubbed RSA, for Rivest, Shamir, and Adleman.
The basic technique behind RSA was first discovered in 1973 by Clifford Cocks of CESG. But his this thing was kept secret till 1997. 

Now let's come to the RSA algorithm: 

  1. Choose two distinct prime numbers say 'p' and 'q'.
  2. Compute n = p*q.
  3. Compute ɸ(n). It is equal to "ɸ(p) * ɸ(q)" = (p-1) * (q-1).
  4. Choose an integer 'e' such that 1 and e and ɸ(n) are relatively prime. (e,n) is called public key.
  5. Find out d such that e * d = 1(modɸ(n)). (d,n) is called as the private key.
Let's take an example to understand the algorithm properly.
  1. Let p = 61 and q = 53 be two distinct prime numbers.
  2. n = 61 * 53 = 3233.
  3. ɸ(3233) = ɸ(61) * ɸ(53) = 60 * 52 = 3120.
  4. We find e = 17, because 1﹤e﹤3120. (17,3233) is the public key.
  5. Next, we compute d. (2753 * 17) % 3120 = 1. So d = 2753. (2753,3233) is private key.

For encryption and decryption: 

To get the cipher c for message m, we use the formula → c = m^e mod n.
To decipher c to get m, we use the formula → m = c^d mod n.

Example: If m = 65, and public key (17,3233) , private key (2753,3233). Perform encryption and decryption on this.
→ m = 65.
     c = (65)^17 mod 3233.
     c = 2790 is the cipher.
     To get the message back from cipher we perform the following steps.
     m = (2790)^2753 mod 3233.
     m = 65 is the original message.

Hope this was helpful. Leave your questions, answers & suggestions in the comment section below. And make sure to like us on Facebook and follow on Google+.

Thank you!

Sunday 28 May 2017

Logical and Physical address

    1 comment

This topic is very easy but often students (and faculties as well) do get confused when they are asked about this topic. I will try my best to make it clear to you.

Physical address:

It is the address that is used to identify a host uniquely within its local network. To make it more clear let's consider the following scenario.

                          Network A                                                                            Network B

The physical address of all the host in the network is shown above. We can see that all the host in network A has different physical addresses. But two nodes in two different network can have same physical addresses. So, the physical address can only be used to find out a host uniquely inside their local network.

Logical address:

It is the address that is used to uniquely identify a host globally. It means if we pick two nodes from two different networks, then their logical address can never be same. The following diagram might give you some insight.

                              Network A                                                                   Network B

The logical address of the two nodes in network A and B are different. On the internet, the packet actually travels with the help of logical address.
Both logical and physical address are just the concepts. IP address and MAC address are the actual implementations of these concepts. The IP address is used as the logical address and MAC address is used as the physical address. 

IP address:

It is a unique string of numbers separated by full stops that identify each computer using the Internet Protocol to communicate over a network. The most common and popular representation of IP address is dotted decimal representation (IPv4) and Colon Hexa representation (IPv6).
To study in detail about IP addresses refer to IP addressing.

MAC address:

A media access control address (MAC address) of a computer is a unique identifier assigned to network interfaces for communications at the data link layer of a network segment. In simple words, MAC address is the address that is hard coded onto your NIC and it is used to communicate at the network layer. It is a 48-bit number. The 48-bit number is grouped into 6 bytes each byte separated by a colon. MAC address is divided into 3 parts as shown below:
The first two bytes is vendor ID, third-byte id date (also includes time) and the last three bytes are used for the serial number. For example 00:A0:C9:14:C8:29 is a MAC address.
This might feel weird but MAC address is also globally unique. Now the doubt you might get is, why didn't we use MAC address as our logical address?. Why were we forced to come up with IP address when we had MAC?
Well Answer to all these question lies in the drawback of MAC addresses. MAC addresses are hard to route in comparison to IP addresses. As IP addresses are divided into 2 parts, network id and host id. Using network id we can go to the required network and using host id we can go to the desired host. Where as it is very difficult to route MAC address in a network.
 How is MAC address unique?
→ Each vendor who produces these MAC has unique ID. Also, the serial number of each chip (having MAC address) is unique and also no two chips can be manufactured at the same time by the same vendor, so date is different. 
The physical address of a node in a network should always be static (constant). One reason for keeping it static is, if you do any illegal thing onto internet then you can be tracked down with the help of your physical address.
It is, therefore, illegal to change your physical address. MAC remains constant until or unless you change your NIC. This is one other reason we choose MAC address as the physical address. IP addresses keep changing as when you move in and out of the network.

There are some networks which don't use MAC address as the physical address. For example, Apple Talk is a network which randomly generates some number and uses it as the physical address.

Important points:

  • Ethernet and token ring uses MAC address as physical address
  • Data link layer deals with MAC address.
  • Network layer deals with IP address.
Hope this was helpful. Leave your questions, answers & suggestions in the comment section below. And make sure to like us on Facebook and follow on Google+.

Thank you!

Delays in computer networks

    No comments

There are following delays encountered in computer networks:
  • Transmission delay
  • Propagation delay
  • Queuing delay
  • Processing delay

Transmission delay:

It is the amount of time taken to transmit a packet onto the outgoing link.
How to find the transmission time?
⟶It's defined as (size of the data) ∕(bandwidth).


Example: If bandwidth is 1 bits per second, it means we can transmit 1-bit onto the network in 1 second. If the data size is 10 bits then the time taken to transmit 10 bits onto the network is 10 seconds.
If data is given as 1Kb then it's interpreted as 1024 bits. But if bandwidth is given as 1Kbps then it's interpreted as 1000 bits per second.

Propagation delay:

It is the amount of time taken for a packet to reach from source to destination.
How to find the propagation time?
⟶ It's defined as (distance travelled)/(velocity of the medium).
Example: If a packet size is 1kb. Bandwidth is 1kbps, distance is 2 km and the packet travels through an optical fibre. Find out the propagation delay?
⟶ As we know propagation time is (distance travelled)/(velocity of the medium), here distance is given but velocity is not given directly. But it's given that packet travels through an optical fibre. In an optical fibre, the speed of light is 2 * 10⁸ m/s.
So we propagation time = (2 * 10³/2 * 10⁸) = 10µs.

Queuing delay:

It is the amount of time a packet spends in the waiting queue.
Whenever a packet reaches a router or any node, it is not processed immediately as there are many packets arriving at the router and it's not possible to process all of them simultaneously. So some packets are stored in a queue for processing.

Processing delay:

It is the amount of time taken by the routers or any node to process a packet. Processing delay depends on the specification of the machine which is processing the packet.

Hope this was helpful. Leave your questions, answers & suggestions in the comment section below. And make sure to like us on Facebook and follow on Google+.

Thank you!

BOOTP and DHCP

    1 comment

Before we start our discussion on BOOTP and DHCP, it would be better that you read about RARP server, which will make you appreciate BOOTP and DHCP.

BOOTP (Bootstrap Protocol):

The Bootstrap Protocol (BOOTP) is a computer networking protocol used in IP networks to automatically assign an IP address to network devices from a BOOTP server. The concept is very similar to RARP but it comes with an advantage. 

 In RARP we had one RARP server per network, which lead to inconsistency in the network. BOOTP overcomes that problem by using Relay agent. Instead of using one RARP server per network, BOOTP uses a single BOOTP server and in all other networks, it places one relay agent. Something like this:

Every BOOTP server has a static mapping table, which maps MAC addresses to IP addresses. The network which has BOOTP server can send a broadcasting message on the network. BOOTP server on reading the message assigns an IP address to the node. 

 But the nodes which are on a different network cannot directly contact BOOTP server as they don't have the IP address of BOOTP server (BOOTP server is on a different network). These nodes transmit a broadcast message in their network. This message is read by the relay agent. Relay agent on behalf of the node sends a unicast message to BOOTP server asking for a new IP address (Note: This packet cannot be discarded by the router as it is unicast packet). 

 BOOTP server on seeing this request assigns a new IP address to the node and sends the IP address and the acknowledgement to relay agent. Relay agent forwards this message to the node. And that is how the node gets the IP address. 

But there is a flaw in this as well, the static mapping table. Assume we have 1000 hosts on the 4 networks shown above. But out of these 1000's hosts, only 2 are active at any given time. But since the table is static we need to have entries for all the hosts the networks. At any given time only two entries are used and rest 998 becomes overhead and simply consumes space. This problem was solved by DHCP by introducing dynamic mapping table.

DHCP(Dynamic host configuration protocol):

Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway (This definition I have copied from the Microsoft's website). 

 DHCP working is almost similar to BOOTP but it overcomes the drawback of BOOTP i.e static mapping table. DHCP server has a table which is divided into two parts one is static and another is dynamic.


The static part contains the MAC and IP addresses of those machines which don't change their IP addresses frequently and which are more likely to be online all the time. These includes the servers, workstations and some reputed organisations such as Google, Facebook, Amazon etc.


The dynamic part of the table includes those nodes which are very likely to move in and out of the network and are very frequently changing their IP addresses. For these nodes, the DHCP server has a pool of IP addresses. Whenever a node requests for an IP address the server grants the IP address for a fixed amount of time to the node (Remember to contact the DHCP server a node has to follow the same set of procedure as we did in BOOTP). This time is called lease time

Whenever lease time of the node is about to get over, the node sends a renewal request to DHCP to renew its IP address. The node trying to renew the IP address sends the renewal request at the midway of lease time. For example, if our lease time is 10 mins, it will send a renewal request at 5 mins. This is implementation dependent but most of the networks follow this strategy.

With the introduction of the dynamic table, there is no wastage of memory. The mapping table contains only the active node entries. The number of entries is equal to the number of active hosts.

Advantages of DHCP:

  • Only one DHCP server is required.
  • The mapping table is dynamic and the size of the table is reduced to the number of online hosts.

If you are preparing for any competitive exams like GATE you should remember the following points.
  1. BOOTP and DHCP requests are originated from the application layer.
  2. RARP request comes from the network layer.
  3. DHCP is backwards compatible and runs at the same port number as that of BOOTP.
Hope this was helpful. Leave your questions, answers and suggestions in the comment section below. And make sure to like us on Facebook and follow on Google+.

Thank you!

Saturday 27 May 2017

How to find out whether a host is in our network or not?

    No comments

Have you ever thought why does your ISP (internet service provider) give you an IP address, subnet mask, default gateway IP address?. I am pretty sure you know why are you given an IP address but, most of the people don't know why you are given subnet mask and default gateway IP address.

Most of the time the IP address given to you is private IP address not public. That means if you search for that IP address on google you will not be able to ping it. If you google "what is my IP" you will find that it's different from the IP given by your ISP. The IP given by Google is your public IP address and the one provided by your ISP is your private IP address.


This IP address given to you by ISP is used to find the host within the local network not on the internet.
Now coming to the default gateway, it is used to give you a public identity. Whatever request you make to the Internet actually goes through your default router/gateway. On the internet, no one understands your private IP address. 

The only thing they know is your default gateway's IP address, so before moving out into the internet you change your IP address to that of default gateway's IP, and default gateway's identity becomes your identity.
We have discussed this in depth in NAT. 

Why do we use subnet mask?

Well by now you would have understood why do we need subnet mask, and Yes! you are right it is used to find out whether a host belongs to your network or not.
There are some simple series of steps followed to find out whether a host is on your network or not.
Consider the following scenario, where you have two nodes A and B.


Let's assume node A wants to send some message to node B. It checks whether node B is on its network or not. First, he performs a bitwise AND of his IP address with the subnet mask (Node A's subnet mask) and generates another IP address, let's call it P. Then he takes IP address of B and performs bitwise AND with the subnet mask (Node A's subnet mask) and generates one more IP address, let's call it Q.


As we found from the calculations that both P and Q are same. So according to node A both are on the same network. Remember this is according to A only not B. So this is how you find whether a host belongs to your network or not. 

Here is a question for you. Tell me in which scenario is this possible that, when B follows the same procedure it finds out that it is on a different network?

Hope this was helpful. Leave your questions, answers & suggestions in the comment section below. And make sure to like us on Facebook and follow on Google+.

Thank you!

ARP and RARP

    No comments

ARP (address resolution protocol) and RARP (reverse address resolution protocol) are important topics and are required in every aspect of computer networks. Let's first talk about ARP.

ARP (Address Resolution Protocol):

As the name suggest it is a protocol used to resolve an address. Given an IP address, ARP is used to get corresponding MAC address. ARP can be used in all the following situations.

  • When a host wants MAC address of another host.
  • When a host wants MAC address of a router.
  • When a router wants MAC address of another router.
There are two different cases depending on which the usage of the ARP changes.

  1. Both source and destination in the same network.
  2. Source and destination are in different network.
There are ways to find out whether a host is on our network or not?

1. Both source and destination on the same network:

In this case, the source (node A in the diagram below) finds out that the destination (node D) is on the same network and therefore need not cross the network boundary to deliver its message.


But node A has IP address D, not the MAC address. So to find out the MAC address of D, node A creates an IP packet and gives it to ARP. ARP creates an ARP packet and transmits it.


The ARP packet has the following content when it is broadcasted:
Source IP: IP address of A
Destination IP: IP address of D
Source MAC: MAC address of A
Destination MAC: LBA (255.255.255.255)

 The packet travels through the network and is seen by everyone in the network after looking at the destination MAC address. Every host in the network looks at the destination IP address and decides whether the packet is for them or not. When the packet reaches the router, router finds out that it is a limited broadcasting packet and should not be allowed on the internet. So it destroys the packet. Meanwhile, host D looks at the destination IP and finds out that the packet is for him. He also finds out that it's an ARP packet and in return, he also creates an ARP reply packet. The packet contains the MAC address of host D. The ARP reply packet is an unicast packet and so it is sent only to host A.

2. Source and destination are on a different network:


When A and D are not in the same network, then A sends and ARP broadcasting message. The content of the packet is as follows.

Source IP: IP address of A
Destination IP: IP address of nearest/default router
Source MAC: MAC address of A
Destination MAC: 255.255.255.255

 When the packet reaches the default router it finds out that the packet is for him and it's an ARP packet. The router makes an ARP unicast packet with the following content.

Source IP: IP address of router
Destination IP: IP address of A
Source MAC: MAC address of router
Destination MAC: MAC address of A

 After getting the MAC address of router node A transmits the packet to the router. Now its router's responsibility to forward the router to its intended destination. So to do so it follows the same strategy as followed by node A, and forwards it to the destination or to next router. After the packet reaches the destination, the destination makes an ARP reply packet and unicast it to node A.

Important points:

  • ARP is used to get MAC address of machine whose IP is given.
  • ARP request is broadcasted.
  • ARP reply is unicast.
  • If both source and destination are on the same network ARP packet can be directly sent to destination without involving intermediate routers.
  • If source and destination are on a different network the ARP packet needs to travel through intermediate router/s to reach the destination.

RARP (Reverse Address Resolution Protocol):

Given the definition of ARP, it's easy to find out what RARP does. Given a MAC address it's used to find out corresponding IP address. But I will tell a bit more about this which is often not taught by professors in college. 
Let's start with the question that who needs RARP?
  • A host who doesn't have secondary storage.
  • A host who has newly joined the network.
  • A host who has MAC address of other host and wants its IP address.

When RARP was introduced we didn't have DHCP or BOOTP. People used RARP servers. And every individual network had their own RARP server. RARP servers were the machines which were used to assign IP addresses to the other machines/nodes in their own network.
The server contains a mapping table, which had MAC addresses of every host on the network and their corresponding IP addresses.

                                                                Mapping table   

MAC Address
IP Address
Node A
E4:78:A8:9D:34:67
Node A
178.113.89.20
Node B
F4:78:A8:4D:39:60
Node B
178.113.89.21
.
.
.
.
.
.
.
.
Why didn't the nodes store their IP addresses with them?. It was because these kinds of machines didn't have secondary storage. Whenever the machines were turned OFF the IP address was lost and so next time when it was turned ON, it had to ask RARP server for IP address. (You would still find these kinds of machines in your colleges).

RARP servers were also used when a new node wanted to join the network. The node sends an RARP request packet to RARP server with following packet structure:

Source IP: 0.0.0.0 (Remember it's called a what is my IP?)
Destination IP: IP address of RARP server
Source MAC: MAC address of node A
Destination MAC: FF:FF:FF:FF:FF:FF (This means it's a broadcasting packet)

The packet is seen by all the nodes on the network, but only the RARP server replies to the request. It looks at the mapping table, find out the corresponding IP and sends back an RARP reply packet (which is an unicast packet). 
These IP's are given to these nodes for a fixed amount of time called as leased time. After the leased time is over the IP's are pulled back. The nodes have to make a renewal requests before the leased time gets over to retain their IP's.


There was a problem with RARP servers. Can you guess it?. Since every network had its own RARP server inconsistencies could arrive. Two different nodes of two different networks can have same IP addresses. This problem arrived because RARP servers of the networks didn't communicate with each other and no server had any information about the mapping tables of other servers. And also the mapping table was static, it means if we had 100 nodes than we needed at least 100 IP addresses. To overcome this we used BOOTP and DHCP servers.



Hope this was helpful, share your thoughts in the comment section below. Click the follow button to get latest updates.

 Thank you!

Friday 26 May 2017

Broadcasting

    No comments

In my earlier post, I explained about the limited broadcast address and directed broadcast address. Now let's see how they are implemented.

Before we go further there is one important thing we should understand i.e no matter what kind of casting we are doing it is always implemented at data link layer. Had it been implemented at network layer than all the advertisers would have directly advertised onto our computers while no one stopping them.

Implementation of Limited Broadcasting:

Limited broadcasting is used in situations where a host wants to send some data to all the hosts in his/her local network. To do that it creates a broadcast packet at its end. The structure of the packet looks something like this.



Data
Src_port
Dest_port
Src_IP
Dest_IP
Src_MAC
Dest_MAC




“Hello”
8000
8080
178.113.89.20
255.255.255.255
E4:78:A8:9D:34:67
FF:FF:FF:FF:FF:FF


This is the actual content that is transmitted inside the packet when we use LBA. But the question arises how do the nodes on the way realise that the packet is LBA or DBA? 


Whenever the packet reaches the NIC of the node, it immediately looks into the destination IP and finds out that it is 255.255.255.255 which is LBA and accepts the packet, read its content and then forwards it. When the packet reaches the default router (beyond which the internet starts), the router looks into the destination IP and it too finds out that the packet is limited broadcasted packet and is not to be forwarded. It reads the content of the packet and then destroys the packet. 


Since routers and gateways are layer 3 and layer 5 devices so they can look into the packet till network layer and find out the IP addresses but how does a switch come to know that the packet is limited broadcasting packet?


This is where the MAC addresses come into the picture. Since the switch is a layer 2 device (that means it can look only till data link layer) it can only look at the MAC address in the packet. So when a switch encounters a limited broadcasting packet it looks at the MAC address if the MAC is all F's then it understand that the packet is to be forwarded to all the ports or else it forwards it to a dedicated port.

Implementation of Directed broadcasting:


Limited broadcasting is a simple task since it involves forwarding of a packet in the same network but Directed broadcasting involves some overhead. Directed broadcasting is used when a host wants to deliver some data to all the hosts of some other network. The structure of a directed broadcasting packet is as follows:


Data
Src_port
Dest_port
Src_IP
Dest_IP
Src_MAC
MAC of default router



“Hello”
8000
8080
178.113.89.20
134.23.255.255
E4:78:A8:9D:34:67
F4:78:A8:4D:39:60
When the message is created at source the destination IP is set as DBA (All host id bits are set as 1). And destination MAC is set as the MAC address of the default router or the nearest router. If we had set the destination MAC as all 1's it would have been discarded by the router. 

So when the packet travels through the local network, all the nodes have a look at the packet. After looking at the destination IP they decide that the packet is not for them and forwards it. When the packet reaches the default router it looks at the destination MAC address and finds out that it is his address. Now there could be two possibilities 

  • The packet is actually for him and need not be forwarded.
  • The packet is a directed broadcast packet and needs to be forwarded in the network.

To overcome this dilemma it looks at the destination IP and finds out that it is a Directed broadcast address and so the packet needs to be forwarded. Now router destroys the current packet keeping safe all the essential data and creates one new packet. In this packet, it keeps everything same but the source IP, source MAC and the destination MAC changes.


In the above diagram when the packet reaches router R1, the new packet content is:

“Hello”
8000
8080
188.103.89.90
134.23.255.255
F4:78:A8:4D:39:60
A4:78:A8:4D:40:66

The source IP changes to IP address of the router(R1), source MAC changes to MAC address of the router and destination MAC changes to MAC address of the next router(R2). Destination IP remains same till it reaches the default router of the network to which the message is to be delivered.

Now when the packet reaches the router R2 it finds out that the packet is for the network of which it is the default router so the router now changes the content of the packet as if the packet is a Limited broadcasting packet. 

“Hello”
8000
8080
168.213.99.80
255.255.255.255
A4:78:A8:4D:40:66
FF:FF:FF:FF:FF:FF

So finally when the packet goes inside the targeted network it is considered as the Limited broadcasting packet and it is delivered to all the hosts in the targeted network. And since it is Limited broadcasting packet it is not forwarded by other routers.

Hope this was helpful. Leave your questions, answers & suggestions in the comment section below. And make sure to like us on Facebook and follow on Google+.
Subscribe to: Posts ( Atom )