Network Layer Technologies

The Internet Protocol (IP) is responsible for addressing and routing each data packet within a session or connection set up under the control of transport layer protocols such as TCP or UDP (see Glossary).

The heart of the Internet Protocol is the IP address, a 32-bit number that is attached to each data packet and is used by routing software in the network or Internet to establish the source and destination of each packet.

While IP addresses, which are defined at the Network layer, link the billions of devices connected to the Internet into a single virtual network, the actual transmission of data frames between devices relies on the MAC addresses of the network interface cards (NICs), rather than the logical IP addresses of each NIC’s host device. Translation between the Layer 3 IP address and the Layer 2 MAC address is achieved using Address Resolution Protocol (ARP).

IP Addressing

The 32-bit IP address is usually presented in “dot decimal” format as a series of four decimal numbers between 0 and 255, for example; This could be expanded in full binary format as:


As well as identifying a computer or other networked device, the IP address also uniquely identifies the network that the device is connected to. These two parts of the IP address are known as the host ID and the network ID.

The network ID is important because it allows a device transmitting a data packet to know what the first port of call needs to be in the route to the packet’s destination.

If a device determines that the network ID of the packet’s destination is the same as its own network ID, then the packet does not need to be externally routed, for example through the network’s gateway and out onto the Internet.

The destination device is on its own network and is said to be “local”. On the other hand, if the destination network ID is different from its own, the destination is a remote IP address and the packet will need to be routed onto the Internet or via some other network bridge to reach its destination.

The first stage in this will be to address the packet to the network’s gateway. This process uses two more 32-bit numbers, the “subnet mask” and the “default gateway”.

A device determines the network ID for a data packet destination by doing a “logical AND” operation on the packet’s destination IP address and its own subnet mask. The device determines its own network ID by doing the same operation using its own IP address and subnet mask.

Private IP Addresses

In February 1996, the Network Working Group requested industry comments on RFC 1918, which proposed three sets of so-called private IP addresses for use within networks that did not require Internet connectivity.

These private addresses were intended to conserve IP address space by enabling many organisations to reuse the same sets of addresses within their private networks. In this situation it did not matter that a computer had an IP address that was not globally unique, provided that that computer did not need to communicate via the Internet.

Subsequently, the Internet Assigned Numbers Authority (IANA) reserved addresses to for use in Automatic Private IP Addressing (APIPA). If a computer has its TCP/IP configured to obtain an IP address automatically from a DHCP server, but is unable to locate such a server, then the operating system will automatically assign a private IP address from within this range, enabling the computer to communicate within the private network.

Internet Protocol Version 6 (IPv6)

With 32 bits, a total of 232 or 4.29 billion IP addresses are possible — more than enough one would think for all the computers that the human population could possibly want to interconnect.

However, the famous statements that the world demand for computers would not exceed five machines, probably incorrectly attributed to Tom Watson Sr., chairman of IBM in 1943, or the statement of Ken Olsen, founder of Digital Equipment Corporation (DEC), to the 1977 World Future Society convention that “there is no reason for any individual to have a computer in his home”, remind us how difficult it is to predict the growth and diversity of computer applications and usage.

The industry is now working on IP version 6, which will give 128-bit IP addresses based on the thinking that a world population of 10 billion by 2020 will eventually be served by many more than one computer each. IPv6 will give a comfortable margin for future growth, with 3.4 × 1038 possible addresses — that is, 3.4 × 1027 for each of the 10 billion population, or 6.6 × 1023 per square metre of the earth’s surface.

It seems doubtful that there will ever be a need for IPv7, although, to avoid the risk of joining the short list of famously mistaken predictions of trends in computer usage, it may be as well to add the caveat “on this planet”.

Address Resolution Protocol

As noted above, each PHY layer data transmission is addressed to the (Layer 2) MAC address of the network interface card of the receiving device, rather than to its (Layer 3) IP address. In order to address a data packet, the sender first needs to find the MAC address that corresponds to the immediate destination IP address and label the data packet with this MAC address.

This is done using Address Resolution Protocol (ARP). Conceptually, the sending device broadcasts a message on the network that requests the device with a certain IP address to respond with its MAC address. The TCP/IP software operating in the destination device replies with the requested address and the packet can be addressed and passed on to the sender’s Data Link layer.

In practice, the sending device keeps a record of the MAC addresses of devices it has recently communicated with, so it does not need to broadcast a request each time. This ARP table or “cache” is looked at first and a broadcast request is only made if the destination IP address is not in the table. In many cases, a computer will be sending the packet to its default gateway and will find the gateway’s MAC address from its ARP table.


Routing is the mechanism that enables a data packet to find its way to a destination, whether that is a device in the next room or on the other side of the world. A router compares the destination address of each data packet it receives with a table of addresses held in memory — the router table.

If it finds a match in the table, it forwards the packet to the address associated with that table entry, which may be the address of another network or of a “next-hop” router that will pass the packet along towards its final destination.

If the router can’t find a match, it goes through the table again looking at just the network ID part of the address (extracted using the subnet mask as described above). If a match is found, the packet is sent to the associated address or, if not, the router looks for a default next-hop address and sends the packet there.

As a final resort, if no default address is set, the router returns a “Host Unreachable” or “Network Unreachable” message to the sending IP address. When this message is received it usually means that somewhere along the line a router has failed. What happens if, or when, this elegantly simple structure breaks down?

Are there packets out there hopping forever around the Internet, passing from router to router and never finding their destination? The IP header includes a control field that prevents this from happening.

The time-to-live (TTL) field is initialised by the sender to a certain value, usually 64, and reduced by one each time the packet passes through a router. When TTL get down to zero, the packet is discarded and the sender is notified using an Internet Control Message Protocol (ICMP) “time-out” message.

Building Router Tables

The clever part of a router’s job is building its routing table. For simple networks a static table loaded from a start-up file is adequate but, more generally, Dynamic Routing enables tables to be built up by routers sending and receiving broadcast messages.

These can be either ICMP Router Solicitation and Router Advertisement messages which allow neighbouring routers to ask “Who’s there?” and respond “I’m here”, or more useful RIP (Router Information Protocol) messages, in which a router periodically broadcasts its complete router table onto the network.

Other RIP and ICMP messages allow routers to discover the shortest path to an address, to update their tables if another router spots an inefficient routing and to periodically update routes in response to network availability and traffic conditions.

A major routing challenge occurs in mesh or mobile ad-hoc networks (MANETs), where the network topology may be continuously changing. One approach to routing in MANETs, inspired by ant behaviour.

Network Address Translation

As described before, RFC 1918 defined three sets of private IP addresses for use within networks that do not require Internet connectivity. However, with the proliferation of the Internet and the growing need for computers in these previously private networks to go online, the limitation of this solution to conserving IP addresses soon became apparent.

How could a computer with a private IP address ever get a response from the Internet, when its IP address would not be recognised by any router out in the Internet as a valid destination?

Network Address Translation (NAT) provides the solution to this problem. When a computer sends a data packet to an IP address outside a private network, the gateway that connects the private network to the Internet will replace the private IP source address (, by a public IP address (e.g.

The receiving server and Internet routers will recognise this as a valid destination address and route the data packet correctly. When the originating gateway receives a returning data packet it will replace the destination address in the data packet with the original private IP address of the initiating computer.

The process of private to public IP address translation at the Internet gateway of a private network is known as Network Address Translation.

Static and Dynamic NAT

In practice, similar to routing, NAT can be either static or dynamic. In static NAT, every computer in a private network that requires Internet access has a public IP address assigned to it in a prescribed NAT table.

In dynamic NAT, a pool of public IP addresses are available and are mapped to private addresses as required. Needless to say, dynamic NAT is by far the most common, as it is automatic and requires no intervention or maintenance.

Port Address Translation

One complication arises if the private network’s gateway has only a single public IP address available to assign, or if more computers in a private network try to connect than there are IP addresses available to the gateway. This will often be the case for a small organisation with a single Internet connection to an ISP.

In this case, it would seem that only one computer within the private network would be able to connect to the Internet at a time. Port Address Translation (PAT) overcomes this limitation by mapping private IP addresses to different port numbers attached to the single public IP address.

When a computer within the private network sends a data packet to be routed to the Internet, the gateway replaces the source address with the single public IP address together with a random port number between 1024 and 65536 (Figure 1).

When a data packet is returned with this destination address and port number, the PAT table enables the gateway to route the data packet to the originating computer in the private network.