null | Skim’s Blog

Chapter 4: Network Layer (Data Plane)

🔹 1. Network Layer Overview: Core Ideas

✅ What is the Network Layer (Data Plane)?

Responsible for routing packets from source to destination

Encapsulates transport-layer (e.g., TCP/UDP) segments to form datagrams

Includes:

Forwarding: Process of receiving packet and sending it to the right output link
Routing: Process of determining the path from source to destination
Addressing: Assigning IP addresses to hosts and routers
Packet Schedule Data Plane: Buffering, scheduling, queueing

⚠️ No reliability, flow, or congestion control — functions are primarily at transport layer

🔹 2. Router Architecture / Data Plane Components

✅ Key Parts of a Router

Function	Description
Input Ports	Handle arrival of datagrams from physical link, perform demultiplexing, lookup, queueing
Switch Fabric	Rapid transfer of packets from input port to output port, networking layer
Output Ports	Sends datagrams to physical link, performs multiplexing
Forwarding Table	Router uses this to determine which output link a packet should go to
Buffer Management	handles queueing, may cause delay or packet loss
Scheduling	decide which packet to send when — options: FCFS, Priority, Round Robin, Weighted Fair

💡 Data Plane: Execution, Forwarding, Queuing, Scheduling — Network Layer Logic 💡 Control Plane: Design — Routing Algorithms, Forwarding Table, NAT/SDN Implications

🔹 3. Network Layer Protocols & Addressing

✅ IP: Internet Protocol

most important network layer protocol

Each IP datagram has:

source IP address
destination IP address
header fields (e.g., fragment, TTL, checksum, options)

✅ IP is connectionless and stateless — best-effort, no guarantees

✅ Subnetting & CIDR

CIDR (Classless Inter-Domain Routing): Allow routing by network prefixes

Subnets:

Subnet is group of IP addresses
Same high-order bits (prefix) → common network portion
Example:

IP address 223.1.1.1/24 → subnet 223.1.1.0/24

💡 赇 prefix determines common routing; host part determines specific destinations

🔹 4. TCP/IP: A Working Example

Transport (TCP / UDP) → Network (IP) → Link (Ethernet/WiFi) → Physical (copper/radio)

Internet = layered system of packets + addressing

❗ This is the architecture of the Internet: flexible, scalable, layered protocol stacks

🔹 5. Subnets, Addressing, CIDR

✅ Subnet Example (10.0.0.0/24)

Network portion: 10.0.0.0

Host portion: 0.0.0.0 – 0.0.0.255

You can have up to 254 IP addresses in this subnet

✅ CIDR: Classless

CIDR notation: a.b.c.d/x, where x is prefix length

Example: 200.23.16.0/20

network portion = 20-bit
host portion = 12 bits
max 4096 IPs in this network

🔁 More specific route (more details) = more precise, better delegation

🔹 6. NAT: Network Address Translation

✅ NAT Overview

NAT enables all devices in a local network to share a single public IPv4 address

Uses a NAT table to map:

LAN IP, port → WAN IP, port

Often embedded in router, helps reduce address exhaustion

✅ NAT Translation Example

Before NAT	After NAT
Host A: 10.0.0.1:3345 → server: 128.119.40.186:80	NAT: 138.76.29.7:5001 → server:128.119.40.186:80
Router C: 138.76.29.7:5001 (WAN IP)	Nat table: (10.0.0.1:3345 → 138.76.29.7:5001)
Server E: 128.119.40.186:80 (WAN IP)	Router C sends to Server E using NAT IP
Host A: 10.0.0.1 → via deal with NAT	Host A receives response from Server E using NAT IP

✅ Why NAT? → IPv4 Address exhaustion (only 4.3 billion address space)

🔹 7. IPv6: The Next Addressing Format

✅ Why IPv6?

128-bit address space → 3.4×10³⁸ IPs

Simplified header (40 bytes) vs IPv4 (20+ bytes) → faster processing

No checksum → sends to router

No fragmentation → favors optimized routing at network layer

Enables scalable routing, programmable flow control (e.g., P4, SDN)

✅ Address Format in IPv6

Human-readable format: aaaa:b000:0000:0000:0000:0000:0000:0001

Compression: aaaa::1 (leading, trailing zeros can be removed)

⚠️ IPv6 not yet fully adopted — but it's coming

✅ Why is IPv6 being used?

Long time to deploy → 25 years!

IPv4 running out → NAT ends up being the only solution

Optimized packets: 40 bytes → Fast routing, less overhead

🔹 8. Packet Scheduling: Key Concepts

Scheduling	Type	Description
FCFS	First Come, First Served	Packets send in order of arrival
Priority	High → Low	Data is send to highest priority first
Round Robin	Cyclic	Each class sends one packet per cycle
Weighted Fair	Modify → Eq.	Class with higher weight gets more
Drop Policy	Identifies which datagram to drop when links are full.	ㅤ
ECN (Explicit Congestion Notification)	Marks packet — sender can adjust sending rate. Part of IPv4 and IPv6	ㅤ

🧠 Key Insight: Scheduling and buffering determine network performance.

🔹 9. Congestion, Packet Loss, and Pack Buffering

✅ Understanding the "packet loss" problem

Buffer overflow at router links → packets are dropped

Multihop steps:

Input queueing at one router
Output queueing at next hop

Both types can increase delay and cause loss

✅ Buffer Size Rule of Thumb

Use RTT × link capacity (e.g., if R = 10 Gbps (10 billion bits/sec), RTT = 0.25 sec) → buffer ≈ 2.5 Gbit

🔹 10. Buffer Management: Real Life Implications

Buffering at Router	Impact on Network
Too small → delay, loss	Too large → higher delay
Must be «just full» but no fuller	Helps TCP congestion control to work properly

💡 Fixed QoS vs Dynamic BufferingSlot Allocation helps Slow, fast, or apply adaptive buffer sizes

🔹 11. Routing & Forwarding Fundamentals

✅ The 2 Key Processes

Process	Function	Example
Forwarding	Move packet from input port to output port (one router)	Can be done by hardware (e.g., switch)
Routing	Determine path from source to destination (via network)	Done by router control-plane (e.g., OSPF, BGP, SDN controller)

❗ Forwarding ≠ Routing ❗ Forwarding is local, routing is global

🔹 12. Generalized Forwarding: Match + Action

✅ Core Idea

Use header fields to match incoming packet → then act

Can be done at any layer (Link, Network, Transport)

Match	Action
MAC Address	Forward, drop, or flood
IP Address	Forward or drop
Port	Forward, block, or change
Link Layer (e.g., Ethernet type)	Forward or drop based on protocol
Controller	Match+action → send to central control plane

🧠 Match + Action allows programmable network infrastructure — centralization + flexibility!

🔹 13. SDN: Software-Defined Networking

✅ What is SDN?

Centralized control plane

Row-based routing, flow-based forwarding

Flow tables in switches → SDN controller manages them remotely

✅ SDN Advantages

Easier control → policy across network easily enacted

Modern flexibility → programmable network

Future-oriented → matching OpenFlow, new P4, GFLOW tech

💡 SDN is the future → network programmability at scale

🔹 14. Routing Protocols: BGP, OSPF

✅ Need to know:

BGP (Border Gateway Protocol) → inter-AS (networks of different ISP)

OSPF (Open Shortest Path First) → intra-AS, uses link-state → Dijkstra

RIP (Routing Information Protocol) → distance vector, not covered

📌 BGP: coordination between ISPs, IXPs 📌 OSPF: internal medium/high-speed routing amid many devices

🔹 15. NAT: Network Address Translation (cont'd)

✅ NAT simplifies addressing

List of IP addr. inside your home → only one public address to the Internet

Example: Home has 10 devices → 1 public IP

NLRA (Network Layer Routing Architecture) is not affected by NAT

❗ NAT Issues

End-to-End Principle: NAT violates this

Contributes to network complexity

Traversability: Hard for some Internet apps (e.g., WebRTC, VoIP)

Status: Still widely used, particularly in home / ISP / mobile networks

🔹 16. Flow Tables: Match + Action Extensibility

✅ Fields in Flow Table

Match	Action
MAC, IP, TCP/UDP port	Drop, forward, change, or mark
Link-layer info (e.g., Ethernet, WiFi type)	Forward or drop
IP headers (e.g., ToS, Fragments, Flow Label)	Separate packets, send to controller
Priority	High, Medium, or Low

✅ Flow table = router logic = monetary traffic handling at scale!

🔹 17. Middleboxes and OpenFlow

✅ Middleboxes vs Routers

Feature	Router	Middlebox
Function	Forwarding only	Handles more features
Access	Always available	Runs software only
Operations	IP, routing	May include:

Firewall

Cache

Load Balancer

✅ OpenFlow for Middleboxes

Match	Action
MAC, IP, TCP port	Forward, drop
Link-layer datagram type	Forward, drop
Caching	Encapsulate, forward
Firewall	Drop, forward, modify
Load Balancer	Forward to different servers

✅ OpenFlow is NAT, Firewall, Cache, Load Balancer in one!

🔹 18. Buffering & Large Packets: Considerations

✅ Why Fragment?

Mainly due to MTU (Maximum Transfer Unit) of the network interface

If IP datagram exceeds MTU, it is fragmented into smaller datagrams

Only reassembled at the destination → no intermediate reassembly

✅ Fragments: Identification

Header Field	Purpose
ID	Identifies fragments of the same datagram
Offset	Gives fragment offset in bytes
Flags	Indicate if fragment can be last or more fragments exist

⚠️ Fragments are expensive → reassembly inefficient

🔹 19. OpenFlow and P4: Enabling Programmable Networks

✅ OpenFlow:

Packet match → controller notification

Can forward, drop, modify, or send to controller

Integrated with SDN, Middleboxes, Firewalls, Caches

Flow table allows:

Per-packet decisions
Rate shaping for traffic
Direct link to central controller

✅ P4 (Programming Protocol-independent Data Plane)

P4 is a language for programmable networking

Allows you to program what actions the router takes

Flow tables from OpenFlow can use P4 for instance-level control

✅ Why both? Let the hardware know network rules via P4 code → OpenFlow reapplies

🔹 20. Mid-Box: A Practical Overview

Category	Example	Key Function
Firewall	IP, port filtering	Secures network from external attacks
Cache	CDN, edge server	Reduces load on origin server
Load Balancer	configures to route packets to appropriate server	ㅤ
NAT	home, cell, institutional	Replaces IP address with shared one
Content-bit filter	Video streaming	Decodes measured traffic, disposes of bad debris
Simple Trace	sleep, ping, ping6, iperf, ping	ㅤ

💡 Install iPerf + Wireshark → measure network bandwidth, simulate congestion

🔹 21. Addressing & Routing in Real Networks (Summary)

✅ Addressing & Routing Assembly

Description	Assignment
Obtain IP address via DHCP	Random/assigned
Centralized control plane in SDN	比如：Microsoft Azure, Cisco gear, Segment Routing
use CIDR to handle subnet route delegation	Not IP only, but network layer, firewall, etc talk to controller
Track number of routes in your router	Bob expects to see 2–4 entries, e.g.,: `223.1.1.0/24` accepted, `223.1.1.1` allowed, `223.1.1.2` dropped

✅ Mandatory: Address manufacturing !

🔹 22. TCP/IP Protocol Suite: Architecture & Layering

IP is the core of the network

No guarantee for delivery, timing, or ordering

Transport layer (TCP, UDP) manages reliability, flow, ordering

Network layer deals with route selection, fragmentation, packet routing

Link layer (Ethernet, WiFi, etc.) sends bit stream over physical connections

Application layer (HTTP, SMTP, DNS) uses network layer (IP) to send packets to others

🧠 IP = network layer → data plane core of Internet

🔹 23. MAC vs IP: Routing Context

Overview:

MAC address is 128-bit, used for link layer (e.g., Ethernet, WiFi)

IP address is 32-bit (for IPv4), 128-bit (for IPv6) — used for network layer

MAC addresses are used internally, while IP addresses are used externally

🔹 Key Transitions

• Link layer (MAC) → Network layer (IP) • Network layer (IP) → Transport (TCP / UDP) • Transport → Application (DNS, HTTP)

✅ Network layer can store packet in buffer, queue, schedule or drop

🔹 24. Exam Checklist (Chapter 4)

Topic	Must Know?
IP address, subnetting, CIDR	✔️✔️✔️
DHCP: request, offer, ack, and their timing	✔️
NAT: translation, table, public IP vs private IP	✔️
IPv6: address format, advantages, buffer size	✔️
Generalized forwarding: match + action	✔️
OpenFlow: match fields, action, flow tables	✔️
SDN: centralized control plane, flow tables	✔️
IP fragmentation: ID, offset, flags	✔️
Scheduling: FCFS, priority, RR, WFQ	✔️
Buffer management: practical implications	✔️
Control vs. data plane	✔️
SCS: Source Routing, Quality of Service	✔️

🔹 25. Introduction to P4 (Software-Defined Networks)

✅ Key Idea: P4 = Language for the network

Complements OpenFlow → code the flow table

P4 is language for the hardware → controller manages code

Programmable datagram processing at network interface level → controls forwarding and queueing

✅ P4 is the main programming tool for SDN networks.

🔹 26. Final Notes on Chapter 4

🧠 This is the core of the network layer — buffering, addressing, routing, fragments, and flow control

💡 Key differentiator of the Internet: simple, consistent data-plane 💡 TCP uses TCP ACKs and duration-based timeouts for delivery 💡 IP handles Flow (responsible for packet management)

🧩 Move up to Chapter 5: Running Networked Applications 🔁 Build understanding of routing protocols with BGP, OSPF 🚀 Explore Internet layer with IP, NAT, IPv6 🧭 Traffic Engineering = Type of routing algorithm to maximize network efficiency

📚 Practice Tools for Chapter 4

Wireshark: Capture TCP/IP packets, analyze header fields

ipconfig, ifconfig: check current IP address, subnet, DHCP status

traceroute, tracert: see network path, witness subnets and router transitions

iperf: measure network bandwidth, simulate congestion

🧑‍🤝‍♂️ Pro Tip for Exams

Describe the network layer as:
Abstraction between transport & link
Focus on packets, not messages
Many packet fields, some buffers, some queues, some scheduling
Movement from input interface to output interface based on forwarding table
IP is 32-bit, no guarantee, newer versions are 128-bit

Suggestаш: Given these questions, craft your answer around packet flows, NAT, CIDR, and IPv6, and tools like Wireshark to validate!

✅ Summary Table – Network Layer Overview

Layer	Function	Protocol
Network Layer (Data Plane)	Forwarding, Routing, Addressing	IP, OpenFlow, P4, SDN
Transport	Reliable, ordered, flow-controlled	TCP, UDP
Application	Networks apps (HTTP, SMTP)	HTTP, SMTP, DNS, etc.
Link Layer	Data frame forwarding	Ethernet, WiFi (802.11)
Physical Layer	Wire carrying bits	Copper, Fiber, Radio

✅ Exam Must-Know Checklist (Chapter 4)

Theme	Must Know?
Buffering & Latency	✔️
NAT: Private vs Public IP	✔️
Fragmentation & Reassembly	✔️
Routers & Link-Layer Handling	✔️
SDN Implemented via OpenFlow / P4	✔️
Match + Action	✔️
CIDR & Subnetting	✔️

📌 Where to Go Next?

Chapter 5: Running Networked Applications, Go-Back-N, TCP Flow & Congestion Control

Chapter 6: Link-Layer, Ethernet, WiFi

Chapter 7: Routing Protocols (BGP, OSPF), Flows, and IP address allocation by ISP

🧠 Your understanding of the data-plane is now solid Prepare for Extended Assignments that build on real-world packet processing!

Good luck on your exams! 🔥 This chapter 4 summary covers all the key factors, design assumptions, and core concepts you need to perform well on your Networks and Security course.